diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 54b85287a..55fad0572 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -83,7 +83,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize CodeQL scanning tool - uses: github/codeql-action/init@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3 + uses: github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3 with: languages: ${{matrix.language}} queries: security-and-quality @@ -99,6 +99,6 @@ jobs: - '**/*.txt' - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3 + uses: github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/osv-scanner.yaml b/.github/workflows/osv-scanner.yaml index 8a016f8a6..acfecf9d3 100644 --- a/.github/workflows/osv-scanner.yaml +++ b/.github/workflows/osv-scanner.yaml @@ -122,7 +122,7 @@ jobs: - name: Upload results to the repository's code-scanning results dashboard id: upload_artifact # yamllint disable rule:line-length - uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18 with: sarif_file: osv-results.sarif diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index 436520c23..4b7135047 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -72,6 +72,6 @@ jobs: publish_results: true - name: Upload results to code-scanning dashboard - uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3 + uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3 with: sarif_file: scorecard-results.sarif