From 20b377dd9204e7aca784a0e320f5295675f4faf0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 22:14:10 +0000 Subject: [PATCH] chore(deps): update github/codeql-action digest to 8a93837 --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/semgrep.yml | 2 +- .github/workflows/snyk.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 95a6f4b..66c0d1d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -36,7 +36,7 @@ jobs: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/init@8a93837afdf1873301a68d777844b43e98cd4313 # v3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -50,7 +50,7 @@ jobs: echo ' make release' exit 1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/analyze@8a93837afdf1873301a68d777844b43e98cd4313 # v3 with: category: "/language:${{matrix.language}}" # we don't want to upload security vulns for code that is not merged yet diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 62ddbdb..7d5ac5e 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -35,7 +35,7 @@ jobs: # generate the SARIF file to upload to the GitHub Advanced Security Dashboard - run: semgrep ci --sarif > semgrep.sarif - name: Upload SARIF file for GitHub Advanced Security Dashboard - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/upload-sarif@8a93837afdf1873301a68d777844b43e98cd4313 # v3 with: sarif_file: semgrep.sarif # we don't want to upload security vulns for code that is not merged yet diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index c99c03a..cf46335 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -45,12 +45,12 @@ jobs: - name: display json output run: cat snyk-os.sarif - name: Upload snyk code result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/upload-sarif@8a93837afdf1873301a68d777844b43e98cd4313 # v3 with: sarif_file: snyk-code.sarif - name: display json output run: cat snyk-code.sarif - name: Upload snyk open source result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/upload-sarif@8a93837afdf1873301a68d777844b43e98cd4313 # v3 with: sarif_file: snyk-os.sarif