From 10bc5afb214eb3fa11f035625e27f5747561d55f Mon Sep 17 00:00:00 2001
From: Benjamen Meyer <bm_witness@yahoo.com>
Date: Fri, 24 Nov 2023 20:48:21 -0500
Subject: [PATCH] Bug Fix: Use the right org/repo for the codeql-bundle

---
 .github/workflows/codeql.yml              | 3 ++-
 .github/workflows/scorecards-analysis.yml | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 93f69e69fe..8c2988ca8f 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -28,8 +28,9 @@ jobs:
       - name: Download benchmark bundle
         env:
            GH_TOKEN: ${{ github.token }}
+        # download the latest version
         run: |
-           gh release download -R octo-org/codeql-bundle --pattern 'codeql-bundle.tar.gz'
+           gh release download -R github/codeql-action --pattern 'codeql-bundle.tar.gz'
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
index 08880a397b..a09879717b 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -30,8 +30,9 @@ jobs:
       - name: Download benchmark bundle
         env:
            GH_TOKEN: ${{ github.token }}
+        # download the latest version
         run: |
-           gh release download -R octo-org/codeql-bundle --pattern 'codeql-bundle.tar.gz'
+           gh release download -R github/codeql-action --pattern 'codeql-bundle.tar.gz'
 
       - name: "Run analysis"
         uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 #v2.3.1