diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 67cf0498bcf10..9ddf2da2ee7dd 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -41,7 +41,7 @@ jobs: - name: Checkout Repository uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3 + uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 with: languages: java - name: Setup Gradle @@ -49,7 +49,7 @@ jobs: - name: Build all classes run: ./gradlew -Dorg.gradle.jvmargs=-Xmx1g --no-build-cache classes - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3 + uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 test: strategy: matrix: diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml index 18555cd03a52f..e4f1095a69569 100644 --- a/.github/workflows/scorecard-analysis.yml +++ b/.github/workflows/scorecard-analysis.yml @@ -30,6 +30,6 @@ jobs: results_format: sarif publish_results: true - name: Upload Code Scanning Results - uses: github/codeql-action/upload-sarif@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3 + uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 with: sarif_file: ossf-results.sarif diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index cb55c6ab5794b..5b398aa655e5b 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -70,7 +70,7 @@ jobs: - name: Check for Detekt Issues run: ./gradlew detektAll - name: Upload SARIF File - uses: github/codeql-action/upload-sarif@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3 + uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 if: always() # Upload even if the previous step failed. with: sarif_file: build/reports/detekt/merged.sarif @@ -113,7 +113,7 @@ jobs: post-pr-comment: false use-caches: false - name: Upload Code Scanning Results - uses: github/codeql-action/upload-sarif@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3 + uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3 with: sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json reuse-tool: