diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 0216a19f57..15084a2c58 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -32,12 +32,12 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - name: Initialize CodeQL - uses: github/codeql-action/init@883d8588e56d1753a8a58c1c86e88976f0c23449 + uses: github/codeql-action/init@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@883d8588e56d1753a8a58c1c86e88976f0c23449 + uses: github/codeql-action/autobuild@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@883d8588e56d1753a8a58c1c86e88976f0c23449 + uses: github/codeql-action/analyze@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 diff --git a/.github/workflows/scan-images.yaml b/.github/workflows/scan-images.yaml index 3937f46f04..aaea8381a8 100644 --- a/.github/workflows/scan-images.yaml +++ b/.github/workflows/scan-images.yaml @@ -90,6 +90,6 @@ jobs: merge-multiple: true - name: Upload results to GitHub Security - uses: github/codeql-action/upload-sarif@883d8588e56d1753a8a58c1c86e88976f0c23449 # v2.14.4 + uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v2.14.4 with: sarif_file: ${{ matrix.image }}-results.sarif diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6d6f7be72f..d692fe883a 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -66,6 +66,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@883d8588e56d1753a8a58c1c86e88976f0c23449 # v2.2.4 + uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v2.2.4 with: sarif_file: results.sarif