From a6e3e76b9ee87e62f07c971ef5ea3e5f76b37edd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 20 Nov 2024 17:47:06 +0000 Subject: [PATCH] chore(deps): update github/codeql-action digest to f09c1c0 --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/semgrep.yml | 2 +- .github/workflows/snyk.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 95a6f4b..e5222bf 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -36,7 +36,7 @@ jobs: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -50,7 +50,7 @@ jobs: echo ' make release' exit 1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 with: category: "/language:${{matrix.language}}" # we don't want to upload security vulns for code that is not merged yet diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 62ddbdb..9260c8e 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -35,7 +35,7 @@ jobs: # generate the SARIF file to upload to the GitHub Advanced Security Dashboard - run: semgrep ci --sarif > semgrep.sarif - name: Upload SARIF file for GitHub Advanced Security Dashboard - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 with: sarif_file: semgrep.sarif # we don't want to upload security vulns for code that is not merged yet diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index c99c03a..f3b1cbb 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -45,12 +45,12 @@ jobs: - name: display json output run: cat snyk-os.sarif - name: Upload snyk code result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 with: sarif_file: snyk-code.sarif - name: display json output run: cat snyk-code.sarif - name: Upload snyk open source result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 with: sarif_file: snyk-os.sarif