Merge branch 'main' into jans-casa-issue_13186

moabu · web-flow · commit 0a9198fa76cd · 2026-02-09T14:53:24.000+02:00
diff --git a/.github/workflows/scan-sonar.yml b/.github/workflows/scan-sonar.yml
@@ -178,7 +178,7 @@ jobs:
 
       - name: SonarCloud Scan for non-JVM project
         if: contains(env.CHANGED_DIR, matrix.module) && contains(env.NON_JVM_PROJECTS, matrix.module)
-        uses: SonarSource/sonarqube-scan-action@fd88b7d7ccbaefd23d8f36f73b59db7a3d246602 # v6.0.0
+        uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 # v7.0.0
         with:
           args: >
             -Dsonar.organization=${{ env.REPO_ORG }}
diff --git a/.github/workflows/security-scorecard.yml b/.github/workflows/security-scorecard.yml
@@ -52,7 +52,7 @@ jobs:
       # uploads of run results in SARIF format to the repository Actions tab.
       # https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts
       - name: "Upload artifact"
-        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
+        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
         with:
           name: SARIF file
           path: results.sarif
