File tree Expand file tree Collapse file tree 4 files changed +10
-10
lines changed Expand file tree Collapse file tree 4 files changed +10
-10
lines changed Original file line number Diff line number Diff line change 41
41
42
42
steps :
43
43
- name : Harden Runner
44
- uses : step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
44
+ uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
45
45
with :
46
46
egress-policy : audit
47
47
50
50
51
51
# Initializes the CodeQL tools for scanning.
52
52
- name : Initialize CodeQL
53
- uses : github/codeql-action/init@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
53
+ uses : github/codeql-action/init@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
54
54
with :
55
55
languages : ${{ matrix.language }}
56
56
# If you wish to specify custom queries, you can do so here or in a config file.
60
60
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
61
61
# If this step fails, then you should remove it and run the build manually (see below)
62
62
- name : Autobuild
63
- uses : github/codeql-action/autobuild@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
63
+ uses : github/codeql-action/autobuild@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
64
64
65
65
# ℹ️ Command-line programs to run using the OS shell.
66
66
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
73
73
# ./location_of_script_within_repo/buildscript.sh
74
74
75
75
- name : Perform CodeQL Analysis
76
- uses : github/codeql-action/analyze@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
76
+ uses : github/codeql-action/analyze@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
77
77
with :
78
78
category : " /language:${{matrix.language}}"
Original file line number Diff line number Diff line change 17
17
runs-on : ubuntu-latest
18
18
steps :
19
19
- name : Harden Runner
20
- uses : step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
20
+ uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
21
21
with :
22
22
egress-policy : audit
23
23
Original file line number Diff line number Diff line change 31
31
32
32
steps :
33
33
- name : Harden Runner
34
- uses : step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
34
+ uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
35
35
with :
36
36
egress-policy : audit
37
37
41
41
persist-credentials : false
42
42
43
43
- name : " Run analysis"
44
- uses : ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
44
+ uses : ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
45
45
with :
46
46
results_file : results.sarif
47
47
results_format : sarif
@@ -63,14 +63,14 @@ jobs:
63
63
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
64
64
# format to the repository Actions tab.
65
65
- name : " Upload artifact"
66
- uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
66
+ uses : actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
67
67
with :
68
68
name : SARIF file
69
69
path : results.sarif
70
70
retention-days : 5
71
71
72
72
# Upload the results to GitHub's code scanning dashboard.
73
73
- name : " Upload to code-scanning"
74
- uses : github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
74
+ uses : github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
75
75
with :
76
76
sarif_file : results.sarif
Original file line number Diff line number Diff line change 18
18
contents : write
19
19
steps :
20
20
- name : Harden Runner
21
- uses : step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
21
+ uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
22
22
with :
23
23
egress-policy : audit
24
24
You can’t perform that action at this time.
0 commit comments