Update scorecard.yml with full version comment on Upload to code-scan… (#160)

rsned · web-flow · commit 16367f2bbb6a · 2025-04-21T07:43:38.000-07:00
…ning

The version comment only listed the high level version so the latest
dependabot update didn't change the minor and point release portions of
it.
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -73,6 +73,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3
+        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
         with:
           sarif_file: results.sarif
