From b2046034f112cdfb01f1389218c56be3cdb510e8 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Mon, 20 Apr 2026 11:01:57 +0000
Subject: [PATCH] Update UnpinnedActionsTag query metadata scope

Agent-Logs-Url: https://github.com/github/codeql/sessions/5425ff86-b998-4c7b-9447-52c8ae74a7a2

Co-authored-by: oscarsj <1410188+oscarsj@users.noreply.github.com>
---
 actions/ql/src/Security/CWE-829/UnpinnedActionsTag.ql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.ql b/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.ql
index d70d9a530a0..7b5e5a117cb 100644
--- a/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.ql
+++ b/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.ql
@@ -1,5 +1,5 @@
 /**
- * @name Unpinned tag for a non-immutable Action in workflow
+ * @name Unpinned tag for a non-immutable Action in workflow or composite action
  * @description Using a tag for a non-immutable Action that is not pinned to a commit can lead to executing an untrusted Action through a supply chain attack.
  * @kind problem
  * @security-severity 5.0