GHA: update dependencies

- github/codeql-action to 4.31.3
- google/boringssl to v0.20251110.0
- ruff to 0.14.5

Closes #19442
Closes #19455

diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt
index 8cb1d11d0af5bc1e45c9b96b6d5c5a41cf7f8955..874e710997fed3d3fd1b401eb282a948229a7958 100644 (file)
--- a/.github/scripts/requirements.txt
+++ b/.github/scripts/requirements.txt
@@ -6,4 +6,4 @@ cmakelang==0.6.13
 codespell==2.4.1
 pytype==2024.10.11
 reuse==6.2.0
-ruff==0.14.2
+ruff==0.14.5

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index d464562ab25306d54f0af50a2d2fc9d4fe696563..87a041563c82f583b3b22f8a0be33cd20041f32c 100644 (file)
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -50,13 +50,13 @@ jobs:
           persist-credentials: false
 
       - name: 'initialize'
-        uses: github/codeql-action/init@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
+        uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
         with:
           languages: actions, python
           queries: security-extended
 
       - name: 'perform analysis'
-        uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
+        uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
 
   c:
     if: ${{ github.repository_owner == 'curl' || github.event_name != 'schedule' }}
@@ -87,7 +87,7 @@ jobs:
           persist-credentials: false
 
       - name: 'initialize'
-        uses: github/codeql-action/init@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
+        uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
         with:
           languages: cpp
           build-mode: manual
@@ -133,4 +133,4 @@ jobs:
           fi
 
       - name: 'perform analysis'
-        uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7
+        uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3

diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml
index 2979e9d7d16c1df31a01147e411b3704de87020d..007f34612732ce93a3bde4e4302ac7859aa715cb 100644 (file)
--- a/.github/workflows/http3-linux.yml
+++ b/.github/workflows/http3-linux.yml
@@ -45,7 +45,7 @@ env:
   # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
   AWSLC_VERSION: 1.63.0
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
-  BORINGSSL_VERSION: 0.20251002.0
+  BORINGSSL_VERSION: 0.20251110.0
   # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
   GNUTLS_VERSION: 3.8.10
   # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index 4cea194c765e17f88983614b9d2ff81721270b11..55f005993d2ee61f0e1396d8d07b8c806067b1cc 100644 (file)
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -48,7 +48,7 @@ env:
   # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
   AWSLC_VERSION: 1.63.0
   # renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
-  BORINGSSL_VERSION: 0.20251002.0
+  BORINGSSL_VERSION: 0.20251110.0
   # handled in renovate.json
   OPENSSL_VERSION: 3.6.0
   # renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com