[Dependencies]: Bump github/codeql-action from 3.25.6 to 3.25.7 (#465)

Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.25.6 to 3.25.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h2>3.25.7 - 31 May 2024</h2>
<ul>
<li>We are rolling out a feature in May/June 2024 that will reduce the
Actions cache usage of the Action by keeping only the newest TRAP cache
for each language. <a
href="https://redirect.github.com/github/codeql-action/pull/2306">#2306</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/f079b8493333aace61c81488f8bd40919487bd9f"><code>f079b84</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2317">#2317</a>
from github/update-v3.25.7-a095bf2a1</li>
<li><a
href="https://github.com/github/codeql-action/commit/e1a42688dbe6ce54cc33e2b6b65fc02abdb09762"><code>e1a4268</code></a>
Update changelog for v3.25.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/a095bf2a16b83cb3b52e6adba696c70f41e82864"><code>a095bf2</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2313">#2313</a>
from github/revert-2312-update-bundle/codeql-bundle-...</li>
<li><a
href="https://github.com/github/codeql-action/commit/bbd4e19f51d83bb98b025b83b255e44eaa1a1e7f"><code>bbd4e19</code></a>
Revert &quot;Update default bundle to 2.17.4&quot;</li>
<li><a
href="https://github.com/github/codeql-action/commit/9ab5d16a3df4885b74bb18ab349bcc6c253ee3e0"><code>9ab5d16</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2312">#2312</a>
from github/update-bundle/codeql-bundle-v2.17.4</li>
<li><a
href="https://github.com/github/codeql-action/commit/028346e1ff2c03a735c6527b84f0a3179f2092b0"><code>028346e</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/5fe08473f8b98c47563f401bed5134a59ce06dee"><code>5fe0847</code></a>
Update default bundle to codeql-bundle-v2.17.4</li>
<li><a
href="https://github.com/github/codeql-action/commit/9550da953dd3b29aedf76cd635101e48eae5eebd"><code>9550da9</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2311">#2311</a>
from github/henrymercer/pack-missing-auth-config-error</li>
<li><a
href="https://github.com/github/codeql-action/commit/6548a4d65ce2414afca98f8368cabfff0541ba18"><code>6548a4d</code></a>
Add configuration error for missing auth to package registry</li>
<li><a
href="https://github.com/github/codeql-action/commit/7927df07e268eafe499c344cd19f8bf82f4f19f7"><code>7927df0</code></a>
Bump micromatch from 4.0.5 to 4.0.7 in the npm group (<a
href="https://redirect.github.com/github/codeql-action/issues/2310">#2310</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/v3.25.6...v3.25.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.6&new-version=3.25.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

.github/workflows/oss-scorecared.yml

@@ -73,6 +73,6 @@ jobs:
 
       # required for Code scanning alerts
       - name: "Upload SARIF results to code scanning"
-        uses: github/codeql-action/[email protected].6
+        uses: github/codeql-action/[email protected].7
         with:
           sarif_file: results.sarif