From b2860fd45ecfbd264e05f2635864289910575e34 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 1 Feb 2022 02:08:09 +0000 Subject: [PATCH 1/2] Bump github/codeql-action from 1.0.30 to 1.0.31 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.30 to 1.0.31. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/8b37404d562d866ad6a65d0ecb4fa5131e047ca4...1a927e9307bc11970b2c679922ebc4d03a5bd980) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/scorecard_action.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2ba0406af..0414cb6f4 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,12 +39,12 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@8b37404d562d866ad6a65d0ecb4fa5131e047ca4 # v1.0.30 + uses: github/codeql-action/init@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.30 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@8b37404d562d866ad6a65d0ecb4fa5131e047ca4 # v1.0.30 + uses: github/codeql-action/autobuild@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.30 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8b37404d562d866ad6a65d0ecb4fa5131e047ca4 # v1.0.30 + uses: github/codeql-action/analyze@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.30 diff --git a/.github/workflows/scorecard_action.yml b/.github/workflows/scorecard_action.yml index 8a11bb00b..7b7e76cc7 100644 --- a/.github/workflows/scorecard_action.yml +++ b/.github/workflows/scorecard_action.yml @@ -52,6 +52,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@8b37404d562d866ad6a65d0ecb4fa5131e047ca4 # v1.0.30 + uses: github/codeql-action/upload-sarif@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.30 with: sarif_file: results.sarif From e8eca250e7b1a495fa39da48b702621d0a2299b9 Mon Sep 17 00:00:00 2001 From: Bob Callaway Date: Wed, 2 Feb 2022 19:22:30 -0500 Subject: [PATCH 2/2] update version Signed-off-by: Bob Callaway --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/scorecard_action.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0414cb6f4..3adb53cfe 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,12 +39,12 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.30 + uses: github/codeql-action/init@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.31 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.30 + uses: github/codeql-action/autobuild@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.31 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.30 + uses: github/codeql-action/analyze@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.31 diff --git a/.github/workflows/scorecard_action.yml b/.github/workflows/scorecard_action.yml index 7b7e76cc7..b00357edd 100644 --- a/.github/workflows/scorecard_action.yml +++ b/.github/workflows/scorecard_action.yml @@ -52,6 +52,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.30 + uses: github/codeql-action/upload-sarif@1a927e9307bc11970b2c679922ebc4d03a5bd980 # v1.0.31 with: sarif_file: results.sarif