diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 0957fa90df23c..32d6ad644ac3b 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -41,7 +41,7 @@ jobs: - name: Checkout Repository uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 + uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3 with: languages: java - name: Setup Gradle @@ -49,7 +49,7 @@ jobs: - name: Build all classes run: ./gradlew -Dorg.gradle.jvmargs=-Xmx1g --no-build-cache classes - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 + uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3 test: strategy: matrix: diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml index e4f1095a69569..9c8c50c9f231b 100644 --- a/.github/workflows/scorecard-analysis.yml +++ b/.github/workflows/scorecard-analysis.yml @@ -30,6 +30,6 @@ jobs: results_format: sarif publish_results: true - name: Upload Code Scanning Results - uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3 with: sarif_file: ossf-results.sarif diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index 7f514f17735ca..8ecbaf340271b 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -70,7 +70,7 @@ jobs: - name: Check for Detekt Issues run: ./gradlew detektAll - name: Upload SARIF File - uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3 if: always() # Upload even if the previous step failed. with: sarif_file: build/reports/detekt/merged.sarif @@ -113,7 +113,7 @@ jobs: post-pr-comment: false use-caches: false - name: Upload Code Scanning Results - uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3 with: sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json reuse-tool: