Merge pull request #268 from vmware-tanzu/dependabot/github_actions/release-1.12/github/codeql-action-3.25.5

🌱[release-1.12]: Bump github/codeql-action from 3.25.4 to 3.25.5

Author: flawedmatrix

.github/workflows/trivy-scan.yml

@@ -33,6 +33,6 @@ jobs:
         output: 'trivy-results.sarif'
         ignore-unfixed: true
         severity: 'HIGH,CRITICAL'
-    - uses: github/codeql-action/upload-sarif@ccf74c947955fd1cf117aef6a0e4e66191ef6f61 # v3.25.4
+    - uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5
       with:
         sarif_file: 'trivy-results.sarif'