diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0fe4959..03f50f5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -72,7 +72,7 @@ jobs: - name: Upload GuardDog SARIF if: always() # github/codeql-action v3.28.13 - uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa + uses: github/codeql-action/upload-sarif@87557b9c84dde89fdd9b10e88954ac2f4248e463 with: sarif_file: guarddog.sarif category: guarddog @@ -114,7 +114,7 @@ jobs: - name: Upload Grype SARIF if: always() # github/codeql-action v3.28.13 - uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa + uses: github/codeql-action/upload-sarif@87557b9c84dde89fdd9b10e88954ac2f4248e463 with: sarif_file: ${{ steps.grype.outputs.sarif }} category: grype diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 259905a..459e87d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -23,13 +23,13 @@ jobs: - name: Initialize CodeQL # github/codeql-action v3.28.13 - uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa + uses: github/codeql-action/init@87557b9c84dde89fdd9b10e88954ac2f4248e463 with: languages: javascript-typescript queries: security-extended - name: Analyze # github/codeql-action v3.28.13 - uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa + uses: github/codeql-action/analyze@87557b9c84dde89fdd9b10e88954ac2f4248e463 with: category: /language:javascript-typescript diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 869f2f7..ae4cc58 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -39,6 +39,6 @@ jobs: retention-days: 5 - name: Upload to code scanning - uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa + uses: github/codeql-action/upload-sarif@87557b9c84dde89fdd9b10e88954ac2f4248e463 with: sarif_file: results.sarif