Bump the github-actions group with 2 updates Closes https://github.com/dart-lang/sdk/pull/61435 GitOrigin-RevId: d91dde9e9f8c583c973eab38dec7c3bfad1a157e Change-Id: Ib1f9fef201526c9d82f290b66f9ad25edad70e7b Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/448001 Reviewed-by: Alexander Thomas <athom@google.com>

commit: 7431020f3a72021fc6ca868472d7638a145cef57 [log] [tgz]
author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Wed Sep 03 03:40:57 2025 -0700
committer: Alexander Thomas <athom@google.com> Wed Sep 03 03:40:57 2025 -0700
tree: efd2f1b095a7bdeb2cf60f89f886a37873231666
parent: 6d0ff956980e0f75af629cd7d327e1ae7a7c9c1a [diff]
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
index d5b1e34..a838068 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml

@@ -24,7 +24,7 @@
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
         with:
           persist-credentials: false
 
@@ -52,6 +52,6 @@
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@51f77329afa6477de8c49fc9c7046c15b9a4e79d
+        uses: github/codeql-action/upload-sarif@3c3833e0f8c1c83d449a7478aa59c036a9165498
         with:
           sarif_file: results.sarif

diff --git a/.github/workflows/third-party-deps-scan.yml b/.github/workflows/third-party-deps-scan.yml
index fcd1a4f..756870d 100644
--- a/.github/workflows/third-party-deps-scan.yml
+++ b/.github/workflows/third-party-deps-scan.yml

@@ -22,7 +22,7 @@
       contents: read
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
         with:
           persist-credentials: false
       - name: "Set up python"
commit	7431020f3a72021fc6ca868472d7638a145cef57	[log] [tgz]
author	dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	Wed Sep 03 03:40:57 2025 -0700
committer	Alexander Thomas <athom@google.com>	Wed Sep 03 03:40:57 2025 -0700
tree	efd2f1b095a7bdeb2cf60f89f886a37873231666
parent	6d0ff956980e0f75af629cd7d327e1ae7a7c9c1a [diff]