From dbca2e01dc47d93ba685fb2538eb195e0d476698 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 3 Dec 2024 13:54:23 +0000 Subject: [PATCH] deps: update github/codeql-action digest to aa57810 --- .github/workflows/build-and-test.yml | 4 ++-- .github/workflows/scorecard-analysis.yml | 2 +- .github/workflows/static-analysis.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index cf577723466e5..1bf071af8b97f 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -33,7 +33,7 @@ jobs: - name: Checkout Repository uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 + uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 with: languages: java - name: Setup Gradle @@ -41,7 +41,7 @@ jobs: - name: Build all classes run: ./gradlew -Dorg.gradle.jvmargs=-Xmx1g --no-build-cache classes - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 + uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 test: needs: build runs-on: ubuntu-24.04 diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml index 9ad14adc2f1c1..ace35ba4afb23 100644 --- a/.github/workflows/scorecard-analysis.yml +++ b/.github/workflows/scorecard-analysis.yml @@ -30,6 +30,6 @@ jobs: results_format: sarif publish_results: true - name: Upload Code Scanning Results - uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 + uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 with: sarif_file: ossf-results.sarif diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index e6f749e4a3a1c..749a63f62fa21 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -70,7 +70,7 @@ jobs: - name: Check for Detekt Issues run: ./gradlew detektAll - name: Upload SARIF File - uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 + uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 if: always() # Upload even if the previous step failed. with: sarif_file: build/reports/detekt/merged.sarif @@ -116,7 +116,7 @@ jobs: post-pr-comment: false use-caches: false - name: Upload Code Scanning Results - uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3 + uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 with: sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json reuse-tool: