Chore [deps:github-actions]: Bump actions/dependency-review-action from 4.3.4 to 4.3.5 #1522

Workflow file for this run

.github/workflows/code-scanning.yml at fa369ef

	name: "Code Scanning"

	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main
	schedule:
	- cron: '35 8 * * 1-5'

	permissions:
	contents: read

	jobs:
	dependency-review:
	name: Dependency Review
	runs-on: ubuntu-latest
	if: github.event_name == 'pull_request'
	steps:
	- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
	with:
	disable-sudo: true
	egress-policy: block
	allowed-endpoints: >
	api.github.com:443
	github.com:443
	- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
	with:
	show-progress: 'false'
	persist-credentials: 'false'
	- uses: actions/dependency-review-action@a6993e2c61fd5dc440b409aa1d6904921c5e1894 # v4.3.5

	codeql:
	name: CodeQL
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read
	security-events: write
	steps:
	- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
	with:
	disable-sudo: true
	egress-policy: block
	allowed-endpoints: >
	api.github.com:443
	github.com:443
	objects.githubusercontent.com:443
	proxy.golang.org:443
	storage.googleapis.com:443
	sum.golang.org:443
	- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
	with:
	show-progress: 'false'
	persist-credentials: 'false'
	- name: Initialize CodeQL
	uses: github/codeql-action/init@8e0b1c74b1d5a0077b04d064c76ee714d3da7637 # v2.14.6
	with:
	languages: go
	queries: security-extended,security-and-quality
	- name: Autobuild
	uses: github/codeql-action/autobuild@8e0b1c74b1d5a0077b04d064c76ee714d3da7637 # v2.14.6
	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@8e0b1c74b1d5a0077b04d064c76ee714d3da7637 # v2.14.6
	with:
	category: "/language:go"

	gha-workflow-security:
	name: GHA Workflow Security
	runs-on: ubuntu-latest
	if: github.event_name == 'pull_request'
	permissions:
	contents: read
	steps:
	- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
	with:
	disable-sudo: true
	egress-policy: block
	allowed-endpoints: >
	api.github.com:443
	github.com:443
	- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
	with:
	show-progress: 'false'
	persist-credentials: 'false'
	- name: Ensure GitHub action versions are pinned to SHAs
	uses: zgosalvez/github-actions-ensure-sha-pinned-actions@40ba2d51b6b6d8695f2b6bd74e785172d4f8d00f # v3.0.14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Chore [deps:github-actions]: Bump actions/dependency-review-action from 4.3.4 to 4.3.5 #1522

Workflow file

Chore [deps:github-actions]: Bump actions/dependency-review-action from 4.3.4 to 4.3.5 #1522

Jobs

Run details

Workflow file for this run