Bump github/codeql-action from 3.28.16 to 3.28.18

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.16 to 3.28.18.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@28deaed...ff0a06e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Author: dependabot[bot]

.github/workflows/codeql.yml

@@ -1,89 +1,89 @@
-# Copyright (c) Microsoft Corporation.
-# Licensed under the MIT License.
-#
-# http://go.microsoft.com/fwlink/?LinkId=248929
-
-name: "CodeQL"
-
-on:
-  push:
-    branches: "main"
-    paths-ignore:
-      - '*.md'
-      - LICENSE
-      - '.azuredevops/**'
-      - '.nuget/*'
-      - build/*.cmd
-      - build/*.json
-      - build/*.props
-      - build/*.ps1
-      - build/*.targets
-  pull_request:
-    branches: "main"
-    paths-ignore:
-      - '*.md'
-      - LICENSE
-      - '.azuredevops/**'
-      - '.nuget/*'
-      - build/*.cmd
-      - build/*.json
-      - build/*.props
-      - build/*.ps1
-      - build/*.targets
-  schedule:
-    - cron: '31 2 * * 5'
-
-permissions:
-  contents: read
-
-jobs:
-  analyze:
-    name: Analyze (${{ matrix.language }})
-    runs-on: windows-latest
-    timeout-minutes: 360
-    permissions:
-      actions: read  # for github/codeql-action/init to get workflow details
-      contents: read  # for actions/checkout to fetch code
-      security-events: write  # for github/codeql-action/autobuild to send a status report
-      packages: read
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [c-cpp, csharp]
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - if: matrix.language == 'c-cpp'
-        name: 'Install Ninja'
-        run: choco install ninja
-
-      - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0
-
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
-        with:
-          languages: ${{ matrix.language }}
-          build-mode: manual
-
-      - if: matrix.language == 'c-cpp'
-        name: 'Configure CMake (C/C++)'
-        working-directory: ${{ github.workspace }}
-        run: cmake --preset=x64-Debug
-
-      - if: matrix.language == 'c-cpp'
-        name: 'Build (C/C++)'
-        working-directory: ${{ github.workspace }}
-        run: cmake --build out\build\x64-Debug
-
-      - if: matrix.language == 'csharp'
-        name: 'Build (C#)'
-        working-directory: ./MakeSpriteFont
-        run: msbuild MakeSpriteFont.csproj /p:Configuration=Debug /p:Platform=AnyCPU
-
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
-        with:
-          category: "/language:${{ matrix.language }}"
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+#
+# http://go.microsoft.com/fwlink/?LinkId=248929
+
+name: "CodeQL"
+
+on:
+  push:
+    branches: "main"
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.azuredevops/**'
+      - '.nuget/*'
+      - build/*.cmd
+      - build/*.json
+      - build/*.props
+      - build/*.ps1
+      - build/*.targets
+  pull_request:
+    branches: "main"
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.azuredevops/**'
+      - '.nuget/*'
+      - build/*.cmd
+      - build/*.json
+      - build/*.props
+      - build/*.ps1
+      - build/*.targets
+  schedule:
+    - cron: '31 2 * * 5'
+
+permissions:
+  contents: read
+
+jobs:
+  analyze:
+    name: Analyze (${{ matrix.language }})
+    runs-on: windows-latest
+    timeout-minutes: 360
+    permissions:
+      actions: read  # for github/codeql-action/init to get workflow details
+      contents: read  # for actions/checkout to fetch code
+      security-events: write  # for github/codeql-action/autobuild to send a status report
+      packages: read
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [c-cpp, csharp]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - if: matrix.language == 'c-cpp'
+        name: 'Install Ninja'
+        run: choco install ninja
+
+      - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+        with:
+          languages: ${{ matrix.language }}
+          build-mode: manual
+
+      - if: matrix.language == 'c-cpp'
+        name: 'Configure CMake (C/C++)'
+        working-directory: ${{ github.workspace }}
+        run: cmake --preset=x64-Debug
+
+      - if: matrix.language == 'c-cpp'
+        name: 'Build (C/C++)'
+        working-directory: ${{ github.workspace }}
+        run: cmake --build out\build\x64-Debug
+
+      - if: matrix.language == 'csharp'
+        name: 'Build (C#)'
+        working-directory: ./MakeSpriteFont
+        run: msbuild MakeSpriteFont.csproj /p:Configuration=Debug /p:Platform=AnyCPU
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+        with:
+          category: "/language:${{ matrix.language }}"

.github/workflows/msvc.yml

@@ -1,79 +1,79 @@
-# Copyright (c) Microsoft Corporation.
-# Licensed under the MIT License.
-#
-# http://go.microsoft.com/fwlink/?LinkId=248929
-
-name: Microsoft C++ Code Analysis
-
-on:
-  push:
-    branches: "main"
-    paths-ignore:
-      - '*.md'
-      - LICENSE
-      - '.azuredevops/**'
-      - '.nuget/*'
-      - build/*.cmd
-      - build/*.json
-      - build/*.props
-      - build/*.ps1
-      - build/*.targets
-  pull_request:
-    branches: "main"
-    paths-ignore:
-      - '*.md'
-      - LICENSE
-      - '.azuredevops/**'
-      - '.nuget/*'
-      - build/*.cmd
-      - build/*.json
-      - build/*.props
-      - build/*.ps1
-      - build/*.targets
-  schedule:
-    - cron: '25 15 * * 5'
-
-permissions:
-  contents: read
-
-jobs:
-  analyze:
-    permissions:
-      contents: read
-      security-events: write
-      actions: read
-    name: Analyze
-    runs-on: windows-latest
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0
-        with:
-          arch: amd64
-
-      - name: Configure CMake
-        working-directory: ${{ github.workspace }}
-        run: cmake -B out -DCMAKE_DISABLE_PRECOMPILE_HEADERS=ON
-
-      - name: 'Build Shaders'
-        shell: cmd
-        working-directory: ./Src/Shaders
-        run: CompileShaders.cmd
-        env:
-          CompileShadersOutput: ${{ github.workspace }}/out/Shaders/Compiled
-
-      - name: Initialize MSVC Code Analysis
-        uses: microsoft/msvc-code-analysis-action@24c285ab36952c9e9182f4b78dfafbac38a7e5ee # v0.1.1
-        id: run-analysis
-        with:
-          cmakeBuildDirectory: ./out
-          buildConfiguration: Debug
-          ruleset: NativeRecommendedRules.ruleset
-
-      # Upload SARIF file to GitHub Code Scanning Alerts
-      - name: Upload SARIF to GitHub
-        uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
-        with:
-          sarif_file: ${{ steps.run-analysis.outputs.sarif }}
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+#
+# http://go.microsoft.com/fwlink/?LinkId=248929
+
+name: Microsoft C++ Code Analysis
+
+on:
+  push:
+    branches: "main"
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.azuredevops/**'
+      - '.nuget/*'
+      - build/*.cmd
+      - build/*.json
+      - build/*.props
+      - build/*.ps1
+      - build/*.targets
+  pull_request:
+    branches: "main"
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.azuredevops/**'
+      - '.nuget/*'
+      - build/*.cmd
+      - build/*.json
+      - build/*.props
+      - build/*.ps1
+      - build/*.targets
+  schedule:
+    - cron: '25 15 * * 5'
+
+permissions:
+  contents: read
+
+jobs:
+  analyze:
+    permissions:
+      contents: read
+      security-events: write
+      actions: read
+    name: Analyze
+    runs-on: windows-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0
+        with:
+          arch: amd64
+
+      - name: Configure CMake
+        working-directory: ${{ github.workspace }}
+        run: cmake -B out -DCMAKE_DISABLE_PRECOMPILE_HEADERS=ON
+
+      - name: 'Build Shaders'
+        shell: cmd
+        working-directory: ./Src/Shaders
+        run: CompileShaders.cmd
+        env:
+          CompileShadersOutput: ${{ github.workspace }}/out/Shaders/Compiled
+
+      - name: Initialize MSVC Code Analysis
+        uses: microsoft/msvc-code-analysis-action@24c285ab36952c9e9182f4b78dfafbac38a7e5ee # v0.1.1
+        id: run-analysis
+        with:
+          cmakeBuildDirectory: ./out
+          buildConfiguration: Debug
+          ruleset: NativeRecommendedRules.ruleset
+
+      # Upload SARIF file to GitHub Code Scanning Alerts
+      - name: Upload SARIF to GitHub
+        uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
+        with:
+          sarif_file: ${{ steps.run-analysis.outputs.sarif }}