File tree 4 files changed +10
-10
lines changed
4 files changed +10
-10
lines changed Original file line number Diff line number Diff line change 4141
4242 steps :
4343 - name : Harden Runner
44- uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11 .0
44+ uses : step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12 .0
4545 with :
4646 egress-policy : audit
4747
5050
5151 # Initializes the CodeQL tools for scanning.
5252 - name : Initialize CodeQL
53- uses : github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
53+ uses : github/codeql-action/init@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
5454 with :
5555 languages : ${{ matrix.language }}
5656 # If you wish to specify custom queries, you can do so here or in a config file.
6060 # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
6161 # If this step fails, then you should remove it and run the build manually (see below)
6262 - name : Autobuild
63- uses : github/codeql-action/autobuild@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
63+ uses : github/codeql-action/autobuild@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
6464
6565 # ℹ️ Command-line programs to run using the OS shell.
6666 # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
7373 # ./location_of_script_within_repo/buildscript.sh
7474
7575 - name : Perform CodeQL Analysis
76- uses : github/codeql-action/analyze@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
76+ uses : github/codeql-action/analyze@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
7777 with :
7878 category : " /language:${{matrix.language}}"
Original file line number Diff line number Diff line change @@ -17,11 +17,11 @@ jobs:
1717 runs-on : ubuntu-latest
1818 steps :
1919 - name : Harden Runner
20- uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11 .0
20+ uses : step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12 .0
2121 with :
2222 egress-policy : audit
2323
2424 - name : ' Checkout Repository'
2525 uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2626 - name : ' Dependency Review'
27- uses : actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5 .0
27+ uses : actions/dependency-review-action@ce3cf9537a52e8119d91fd484ab5b8a807627bf8 # v4.6 .0
Original file line number Diff line number Diff line change 3131
3232 steps :
3333 - name : Harden Runner
34- uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11 .0
34+ uses : step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12 .0
3535 with :
3636 egress-policy : audit
3737
@@ -63,14 +63,14 @@ jobs:
6363 # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
6464 # format to the repository Actions tab.
6565 - name : " Upload artifact"
66- uses : actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
66+ uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
6767 with :
6868 name : SARIF file
6969 path : results.sarif
7070 retention-days : 5
7171
7272 # Upload the results to GitHub's code scanning dashboard.
7373 - name : " Upload to code-scanning"
74- uses : github/codeql-action/upload-sarif@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
74+ uses : github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
7575 with :
7676 sarif_file : results.sarif
Original file line number Diff line number Diff line change 1818 contents : write
1919 steps :
2020 - name : Harden Runner
21- uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11 .0
21+ uses : step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12 .0
2222 with :
2323 egress-policy : audit
2424
You can’t perform that action at this time.
0 commit comments