From bdf8f701c9a87bd7d0917449bda35176a68ef049 Mon Sep 17 00:00:00 2001 From: Patel230 Date: Tue, 9 Jun 2026 03:19:00 +0530 Subject: [PATCH] ci: update codeql sarif upload action --- .github/workflows/scorecard.yml | 2 +- .github/workflows/security.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index c9e7d9d3f..b58802a31 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -37,6 +37,6 @@ jobs: retention-days: 5 - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 with: sarif_file: scorecard-results.sarif diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 58a2b3a0d..bca751068 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -26,7 +26,7 @@ jobs: args: '-fmt sarif -out gosec-results.sarif -exclude-dir=.gomodcache -exclude-dir=.gocache -exclude-dir=.gosrccache -exclude-dir=vendor -no-fail ./...' - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 with: sarif_file: gosec-results.sarif @@ -101,6 +101,6 @@ jobs: output: 'trivy-results.sarif' - name: Upload Trivy scan results - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 with: sarif_file: 'trivy-results.sarif'