diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index de918fcec..b388fad14 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -83,7 +83,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize CodeQL scanning tool - uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3 + uses: github/codeql-action/init@fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2 # v3 with: languages: ${{matrix.language}} queries: security-and-quality @@ -99,6 +99,6 @@ jobs: - '**/*.txt' - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3 + uses: github/codeql-action/analyze@fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2 # v3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/osv-scanner.yaml b/.github/workflows/osv-scanner.yaml index 766f47e3f..0fd3dd978 100644 --- a/.github/workflows/osv-scanner.yaml +++ b/.github/workflows/osv-scanner.yaml @@ -122,7 +122,7 @@ jobs: - name: Upload results to the repository's code-scanning results dashboard id: upload_artifact # yamllint disable rule:line-length - uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13 + uses: github/codeql-action/upload-sarif@fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2 # v3.28.14 with: sarif_file: osv-results.sarif diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index 5c73955c9..259539d2b 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -72,6 +72,6 @@ jobs: publish_results: true - name: Upload results to code-scanning dashboard - uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3 + uses: github/codeql-action/upload-sarif@fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2 # v3 with: sarif_file: scorecard-results.sarif