Update github/codeql-action digest to f0ac9bf

.github/workflows/snyk-security.yml

@@ -94,7 +94,7 @@ jobs:
 
         # Push the Snyk Code results into GitHub Code Scanning tab
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@ef36b69c6d7c22bd9d0183f534d82d47639dc745
+        uses: github/codeql-action/upload-sarif@f0ac9bfbe331b3cc7be1482df79cca2865cb79b6
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_SECRET_TOKEN }}
         with:

.github/workflows/sonarqube.yml

@@ -176,14 +176,14 @@ jobs:
 
       - name: Initialize CodeQL
         if: matrix.tool == 'codeql'
-        uses: github/codeql-action/init@ef36b69c6d7c22bd9d0183f534d82d47639dc745 # Pin to v3 or similar
+        uses: github/codeql-action/init@f0ac9bfbe331b3cc7be1482df79cca2865cb79b6 # Pin to v3 or similar
         with:
           languages: python
           # Add queries if needed: queries: +security-extended,etc.
 
       - name: Perform CodeQL Analysis
         if: matrix.tool == 'codeql'
-        uses: github/codeql-action/analyze@ef36b69c6d7c22bd9d0183f534d82d47639dc745 # Pin to v3 or similar
+        uses: github/codeql-action/analyze@f0ac9bfbe331b3cc7be1482df79cca2865cb79b6 # Pin to v3 or similar
         with:
           # Output path is handled by the action, will be in 'codeql_results/python.sarif' typically
           # Let's use the default and find it later