File tree Expand file tree Collapse file tree 4 files changed +6
-6
lines changed Expand file tree Collapse file tree 4 files changed +6
-6
lines changed Original file line number Diff line number Diff line change 57
57
58
58
# Initializes the CodeQL tools for scanning.
59
59
- name : Initialize CodeQL
60
- uses : github/codeql-action/init@f3feb00acb00f31a6f60280e6ace9ca31d91c76a # v2.3.2
60
+ uses : github/codeql-action/init@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6
61
61
with :
62
62
languages : ${{ matrix.language }}
63
63
# If you wish to specify custom queries, you can do so here or in a config file.
67
67
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
68
68
# If this step fails, then you should remove it and run the build manually (see below)
69
69
- name : Autobuild
70
- uses : github/codeql-action/autobuild@f3feb00acb00f31a6f60280e6ace9ca31d91c76a # v2.3.2
70
+ uses : github/codeql-action/autobuild@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6
71
71
72
72
# ℹ️ Command-line programs to run using the OS shell.
73
73
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
80
80
# ./location_of_script_within_repo/buildscript.sh
81
81
82
82
- name : Perform CodeQL Analysis
83
- uses : github/codeql-action/analyze@f3feb00acb00f31a6f60280e6ace9ca31d91c76a # v2.3.2
83
+ uses : github/codeql-action/analyze@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6
84
84
with :
85
85
category : " /language:${{matrix.language}}"
Original file line number Diff line number Diff line change 27
27
- name : ' Checkout Repository'
28
28
uses : actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
29
29
- name : ' Dependency Review'
30
- uses : actions/dependency-review-action@f46c48ed6d4f1227fb2d9ea62bf6bcbed315589e # v3.0.4
30
+ uses : actions/dependency-review-action@1360a344ccb0ab6e9475edef90ad2f46bf8003b1 # v3.0.6
Original file line number Diff line number Diff line change 13
13
runs-on : ubuntu-latest
14
14
steps :
15
15
- name : Harden Runner
16
- uses : step-security/harden-runner@6b3083af2869dc3314a0257a42f4af696cc79ba3 # v2.3.1
16
+ uses : step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 # v2.4.0
17
17
with :
18
18
egress-policy : audit # TODO: change to 'egress-policy: block' after couple of runs
19
19
Original file line number Diff line number Diff line change 61
61
62
62
# Upload the results to GitHub's code scanning dashboard.
63
63
- name : " Upload to code-scanning"
64
- uses : github/codeql-action/upload-sarif@f3feb00acb00f31a6f60280e6ace9ca31d91c76a # v2.3.2
64
+ uses : github/codeql-action/upload-sarif@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6
65
65
with :
66
66
sarif_file : results.sarif
You can’t perform that action at this time.
0 commit comments