From 942d706203e13a0f9540bb491e272432e5d89829 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 25 Jul 2024 09:18:41 +0000 Subject: [PATCH] deps: update github/codeql-action digest to 5cf07d8 --- .github/workflows/build-and-test.yml | 4 ++-- .github/workflows/scorecard-analysis.yml | 2 +- .github/workflows/static-analysis.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 10191f32e0513..a4a36509d12a8 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -35,7 +35,7 @@ jobs: - name: Checkout Repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@2d790406f505036ef40ecba973cc774a50395aac # v3 + uses: github/codeql-action/init@5cf07d8b700b67e235fbb65cbc84f69c0cf10464 # v3 with: languages: java tools: linked @@ -46,7 +46,7 @@ jobs: - name: Build all classes run: ./gradlew -Dorg.gradle.jvmargs=-Xmx1g classes - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@2d790406f505036ef40ecba973cc774a50395aac # v3 + uses: github/codeql-action/analyze@5cf07d8b700b67e235fbb65cbc84f69c0cf10464 # v3 test: needs: build runs-on: ubuntu-22.04 diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml index 7cac04325b365..656e47c0c5d57 100644 --- a/.github/workflows/scorecard-analysis.yml +++ b/.github/workflows/scorecard-analysis.yml @@ -30,6 +30,6 @@ jobs: results_format: sarif publish_results: true - name: Upload Code Scanning Results - uses: github/codeql-action/upload-sarif@2d790406f505036ef40ecba973cc774a50395aac # v3 + uses: github/codeql-action/upload-sarif@5cf07d8b700b67e235fbb65cbc84f69c0cf10464 # v3 with: sarif_file: ossf-results.sarif diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index cc3ee4f5307e7..bebfd8c43a9d5 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -49,7 +49,7 @@ jobs: - name: Check for Detekt Issues run: ./gradlew detektAll - name: Upload SARIF File - uses: github/codeql-action/upload-sarif@2d790406f505036ef40ecba973cc774a50395aac # v3 + uses: github/codeql-action/upload-sarif@5cf07d8b700b67e235fbb65cbc84f69c0cf10464 # v3 if: always() # Upload even if the previous step failed. with: sarif_file: build/reports/detekt/merged.sarif @@ -95,7 +95,7 @@ jobs: post-pr-comment: false use-caches: false - name: Upload Code Scanning Results - uses: github/codeql-action/upload-sarif@2d790406f505036ef40ecba973cc774a50395aac # v3 + uses: github/codeql-action/upload-sarif@5cf07d8b700b67e235fbb65cbc84f69c0cf10464 # v3 with: sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json reuse-tool: