chore(deps): update github/codeql-action action to v4.31.7 #439

	name: Sanity Checks

	on:
	pull_request:

	permissions:
	contents: read

	jobs:
	verify:
	name: Check whether .devcontainer.json files are updated
	runs-on: ubuntu-latest
	steps:
	- name: Check out the source code
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	with:
	fetch-depth: 0

	- name: Check changed files
	run: \|
	base="${{ github.event.pull_request.base.sha }}"
	head="${{ github.event.pull_request.head.sha }}"
	for image in images/src/*; do
	changes="$(git diff --merge-base --name-only "${base}" "${head}" -- "${image}" \| grep -Fv "${image}/README.md" \|\| true)"
	if [ -n "${changes}" ] && ! echo "${changes}" \| grep -q "${image}/.devcontainer.json"; then
	echo "::error::Changes were made to ${image}, but the corresponding .devcontainer.json was not updated"
	exit 1
	fi
	done

Provide feedback