chore: fix dependabot alerts (#1576)

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

.github/workflows/scorecards.yml

@@ -30,7 +30,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v1.1.1
+        uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v1.1.1
         with:
           results_file: results.sarif
           results_format: sarif
@@ -57,6 +57,6 @@ jobs:
       
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v2.20.0 # v1.0.26
+        uses: github/codeql-action/upload-sarif@v2.20.2 # v1.0.26
         with:
           sarif_file: results.sarif