Bump actions/upload-artifact from 3 to 4

dependabot[bot] · web-flow · commit 4be0bcf4b02b · 2025-01-10T07:19:10.000Z
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -131,7 +131,7 @@ jobs:
       - name: Add copyright/licence notice.
         run: |
           cd-license-files
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: spdx
           path: ./spdx-tmp
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -59,7 +59,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
+        uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3.2.1
         with:
           name: SARIF file
           path: results.sarif
