chore(deps): update github/codeql-action digest to 3de706a (#1099)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Author: renovate[bot]

.github/workflows/semgrep.yml

@@ -36,7 +36,7 @@ jobs:
       - name: Run Semgrep
         run: semgrep scan --sarif --output=semgrep.sarif --config=p/auto --config=p/dockerfile --config=p/typescript --config=p/javascript --metrics=off --verbose
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
-        uses: github/codeql-action/upload-sarif@b1e4dc3db58c9601794e22a9f6d28d45461b9dbf # CodeQL Bundle v2.16.1
+        uses: github/codeql-action/upload-sarif@3de706a4a34b7e2fe37e4a10aecbdd3ec5dc0664 # CodeQL Bundle v2.16.1
         with:
           sarif_file: semgrep.sarif
         if: always()