diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 7a3fb8d..aedfeca 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -48,7 +48,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout repository - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/devskim-analysis.yml b/.github/workflows/devskim-analysis.yml index 8170f14..7d6423f 100644 --- a/.github/workflows/devskim-analysis.yml +++ b/.github/workflows/devskim-analysis.yml @@ -33,7 +33,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout code - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@a8a9e06bab570db990fe7351ae9d4d444b9489ca diff --git a/.github/workflows/ossar-analysis.yml b/.github/workflows/ossar-analysis.yml index 3a28090..91e5181 100644 --- a/.github/workflows/ossar-analysis.yml +++ b/.github/workflows/ossar-analysis.yml @@ -38,7 +38,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout repository - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # Ensure a compatible version of dotnet is installed. # The [Microsoft Security Code Analysis CLI](https://aka.ms/mscadocs) is built with dotnet v3.1.201. diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index c0f235f..473a93b 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -29,7 +29,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: "Checkout code" - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f with: persist-credentials: false diff --git a/.github/workflows/shiftleft-analysis.yml b/.github/workflows/shiftleft-analysis.yml index ca7821d..5ebfd27 100644 --- a/.github/workflows/shiftleft-analysis.yml +++ b/.github/workflows/shiftleft-analysis.yml @@ -36,7 +36,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # Instructions # 1. Setup JDK, Node.js, Python etc depending on your project type # 2. Compile or build the project before invoking scan diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml index 815d25b..ad9152b 100644 --- a/.github/workflows/super-linter.yml +++ b/.github/workflows/super-linter.yml @@ -26,7 +26,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout code - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0