From c9f1b1181606c5778598820c1a7e20628d0e88b6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 6 Mar 2023 22:24:58 +0000 Subject: [PATCH] Update github/codeql-action digest to 6ef6e50 --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/devskim-analysis.yml | 2 +- .github/workflows/ossar-analysis.yml | 2 +- .github/workflows/scorecards-analysis.yml | 2 +- .github/workflows/shiftleft-analysis.yml | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 00330cc..714434b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -52,7 +52,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@a589d4087ea22a0a48fc153d1b461886e262e0f2 + uses: github/codeql-action/init@6ef6e50882c658c80f46b3453f468c5315f3fb00 with: languages: ${{ matrix.language }} queries: +security-and-quality @@ -64,7 +64,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@a589d4087ea22a0a48fc153d1b461886e262e0f2 + uses: github/codeql-action/autobuild@6ef6e50882c658c80f46b3453f468c5315f3fb00 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -78,4 +78,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@a589d4087ea22a0a48fc153d1b461886e262e0f2 + uses: github/codeql-action/analyze@6ef6e50882c658c80f46b3453f468c5315f3fb00 diff --git a/.github/workflows/devskim-analysis.yml b/.github/workflows/devskim-analysis.yml index e4cef67..a7f1d8a 100644 --- a/.github/workflows/devskim-analysis.yml +++ b/.github/workflows/devskim-analysis.yml @@ -39,6 +39,6 @@ jobs: uses: microsoft/DevSkim-Action@a8a9e06bab570db990fe7351ae9d4d444b9489ca - name: Upload DevSkim scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@a589d4087ea22a0a48fc153d1b461886e262e0f2 + uses: github/codeql-action/upload-sarif@6ef6e50882c658c80f46b3453f468c5315f3fb00 with: sarif_file: devskim-results.sarif diff --git a/.github/workflows/ossar-analysis.yml b/.github/workflows/ossar-analysis.yml index dae7b5c..ff290ec 100644 --- a/.github/workflows/ossar-analysis.yml +++ b/.github/workflows/ossar-analysis.yml @@ -57,6 +57,6 @@ jobs: # Upload results to the Security tab - name: Upload OSSAR results - uses: github/codeql-action/upload-sarif@a589d4087ea22a0a48fc153d1b461886e262e0f2 + uses: github/codeql-action/upload-sarif@6ef6e50882c658c80f46b3453f468c5315f3fb00 with: sarif_file: ${{ steps.ossar.outputs.sarifFile }} diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 441a001..75ed9c9 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -57,6 +57,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@a589d4087ea22a0a48fc153d1b461886e262e0f2 + uses: github/codeql-action/upload-sarif@6ef6e50882c658c80f46b3453f468c5315f3fb00 with: sarif_file: results.sarif diff --git a/.github/workflows/shiftleft-analysis.yml b/.github/workflows/shiftleft-analysis.yml index 7300ddb..9c9d0a9 100644 --- a/.github/workflows/shiftleft-analysis.yml +++ b/.github/workflows/shiftleft-analysis.yml @@ -55,6 +55,6 @@ jobs: # type: python - name: Upload report - uses: github/codeql-action/upload-sarif@a589d4087ea22a0a48fc153d1b461886e262e0f2 + uses: github/codeql-action/upload-sarif@6ef6e50882c658c80f46b3453f468c5315f3fb00 with: sarif_file: reports