From 7e630198ab92f1873e71a1186c105fe638c1fc15 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 14 Oct 2024 21:19:22 +0000 Subject: [PATCH] chore(deps): update github/codeql-action digest to f779452 --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/semgrep.yml | 2 +- .github/workflows/snyk.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 95a6f4b..82d5a48 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -36,7 +36,7 @@ jobs: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -50,7 +50,7 @@ jobs: echo ' make release' exit 1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3 with: category: "/language:${{matrix.language}}" # we don't want to upload security vulns for code that is not merged yet diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 62ddbdb..8b1edb8 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -35,7 +35,7 @@ jobs: # generate the SARIF file to upload to the GitHub Advanced Security Dashboard - run: semgrep ci --sarif > semgrep.sarif - name: Upload SARIF file for GitHub Advanced Security Dashboard - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3 with: sarif_file: semgrep.sarif # we don't want to upload security vulns for code that is not merged yet diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index c99c03a..81acaeb 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -45,12 +45,12 @@ jobs: - name: display json output run: cat snyk-os.sarif - name: Upload snyk code result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3 with: sarif_file: snyk-code.sarif - name: display json output run: cat snyk-code.sarif - name: Upload snyk open source result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3 with: sarif_file: snyk-os.sarif