ci(deps): bump github/codeql-action from 4.35.5 to 4.36.0 · complytime/org-infra@53467d8

Triggered via pull request May 22, 2026 14:49

dependabot[bot]

opened #275

dependabot/github_actions/github/codeql-action-4.36.0

Status Startup failure

Total duration –

Artifacts –

ci_security.yml

on: pull_request

OSV-Scanner / ... / osv-scan

OSV-Scanner / Trivy Image Scan

OSV-Scanner / Trivy Source Scan

OpenSSF Scorecards / OpenSSF Scorecards

Annotations

1 error

Invalid workflow file: .github/workflows/ci_security.yml#L19

The workflow is not valid. .github/workflows/ci_security.yml (Line: 19, Col: 3): Error calling workflow 'complytime/org-infra/.github/workflows/reusable_vuln_scan.yml@cfd981e757253218aefb37c91969c32827e5c4b1'. The nested job 'trivy_image' is requesting 'packages: write, id-token: write', but is only allowed 'packages: none, id-token: none'.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci(deps): bump github/codeql-action from 4.35.5 to 4.36.0 #586

Summary

ci(deps): bump github/codeql-action from 4.35.5 to 4.36.0 #586

Uh oh!

ci_security.yml

Annotations