diff --git a/.github/workflows/security-codacy.yml b/.github/workflows/security-codacy.yml index d6ac104..d7ce3da 100644 --- a/.github/workflows/security-codacy.yml +++ b/.github/workflows/security-codacy.yml @@ -46,6 +46,6 @@ jobs: gh-code-scanning-compat: true - name: Upload results to code-scanning - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@0daab03d71ff584ef619d027a3fd9146679c5d84 # v3.35.3 with: sarif_file: codacy.sarif diff --git a/.github/workflows/security-codeql.yml b/.github/workflows/security-codeql.yml index 2721390..109cdc0 100644 --- a/.github/workflows/security-codeql.yml +++ b/.github/workflows/security-codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/init@0daab03d71ff584ef619d027a3fd9146679c5d84 # v3.35.3 with: languages: ${{ matrix.language }} @@ -58,6 +58,6 @@ jobs: queries: ${{ inputs.queries }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/analyze@0daab03d71ff584ef619d027a3fd9146679c5d84 # v3.35.3 with: category: /language:${{matrix.language}} diff --git a/.github/workflows/security-ossf-scorecard.yml b/.github/workflows/security-ossf-scorecard.yml index ca14c9b..77549bf 100644 --- a/.github/workflows/security-ossf-scorecard.yml +++ b/.github/workflows/security-ossf-scorecard.yml @@ -82,6 +82,6 @@ jobs: retention-days: 5 - name: Upload results to code-scanning - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@0daab03d71ff584ef619d027a3fd9146679c5d84 # v3.35.3 with: sarif_file: ossf-scorecard.sarif