ContextualWisdomLab · seonghobae · Jun 11, 2026 · Jun 9, 2026 · Jun 10, 2026 · Jun 10, 2026
@@ -35,8 +35,8 @@ jobs:
           - python
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-      - uses: github/codeql-action/init@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
+      - uses: github/codeql-action/init@1a818fd5f97ed0ee9a823421bd5b171add01227f # v4.36.2
         with:
           languages: ${{ matrix.language }}
-      - uses: github/codeql-action/autobuild@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
-      - uses: github/codeql-action/analyze@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
+      - uses: github/codeql-action/autobuild@1a818fd5f97ed0ee9a823421bd5b171add01227f # v4.36.2
+      - uses: github/codeql-action/analyze@1a818fd5f97ed0ee9a823421bd5b171add01227f # v4.36.2
@@ -66,6 +66,6 @@ jobs:
           python3 scripts/checks/normalize_scorecard_sarif.py
           scorecard-sarif/results.sarif
           normalized-scorecard-results.sarif
-      - uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 peeled commit; SHA pinning retained as supply-chain attack mitigation.
+      - uses: github/codeql-action/upload-sarif@1a818fd5f97ed0ee9a823421bd5b171add01227f # v4.36.2 peeled commit; SHA pinning retained as supply-chain attack mitigation.
         with:
           sarif_file: normalized-scorecard-results.sarif
@@ -39,7 +39,7 @@ jobs:
           exit-code: '1'
           skip-dirs: 'services/analysis-engine/.venv'
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 peeled commit; SHA pinning retained as supply-chain attack mitigation.
+        uses: github/codeql-action/upload-sarif@1a818fd5f97ed0ee9a823421bd5b171add01227f # v4.36.2 peeled commit; SHA pinning retained as supply-chain attack mitigation.
         if: always()
         with:
           sarif_file: trivy-results.sarif