chore(deps): bump the github-actions-dependencies group across 1 directory with 3 updates

dependabot[bot] · neilime · commit b9383df8d7fe · 2025-11-14T19:11:02.000+01:00
Bumps the github-actions-dependencies group with 3 updates in the / directory: - [hoverkraft-tech/ci-github-nodejs](https://github.com/hoverkraft-tech/ci-github-nodejs) - [github/codeql-action](https://github.com/github/codeql-action). Updates `hoverkraft-tech/ci-github-nodejs` from 0.17.1 to 0.18.0 - [Release notes](https://github.com/hoverkraft-tech/ci-github-nodejs/releases) - [Commits](hoverkraft-tech/ci-github-nodejs@23af54b...32a69b7) Updates `github/codeql-action` from 4.31.2 to 4.31.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@0499de3...014f16e) --- updated-dependencies: - dependency-name: hoverkraft-tech/ci-github-nodejs dependency-version: 0.18.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-dependencies - dependency-name: github/codeql-action dependency-version: 4.31.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Emilien Escalle <emilien.escalle@escemi.com>
diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
@@ -99,7 +99,7 @@ jobs:
                 return;
               }
             }
-      - uses: hoverkraft-tech/ci-github-nodejs/actions/setup-node@23af54bc615d657aa9c13c472ae701445c1811a6 # 0.17.1
+      - uses: hoverkraft-tech/ci-github-nodejs/actions/setup-node@32a69b7b8fd5f7ab7bf656e7e88aa90ad235cf8d # 0.18.0
         if: ${{ steps.has-prettier-plugins.outputs.package-json-dir }}
         with:
           working-directory: ${{ steps.has-prettier-plugins.outputs.package-json-dir }}
@@ -129,11 +129,11 @@ jobs:
         with:
           persist-credentials: false
 
-      - uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
+      - uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
         with:
           languages: ${{ matrix.language }}
 
-      - uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
+      - uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
         with:
           category: "/language:${{matrix.language}}"
 
@@ -237,6 +237,8 @@ jobs:
       contents: read
     steps:
       - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: false
 
       # FIXME: should be updated by dependabot. See https://github.com/dependabot/dependabot-core/issues/8362
       - uses: "docker://ghcr.io/sethvargo/ratchet:0.11.4@sha256:242445a1c55430ad7477e6fcf2027c77d03f5760702537bca4cf622e7338fc81" # 0.11.3
