diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 0e4dfccd..d3ba0e39 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -35,10 +35,10 @@ jobs: build-mode: none steps: - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - - uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4 + - uses: github/codeql-action/init@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} queries: security-and-quality - - uses: github/codeql-action/autobuild@fe4161a26a8629af62121b670040955b330f9af2 # v4 - - uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4 + - uses: github/codeql-action/autobuild@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4 + - uses: github/codeql-action/analyze@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4 diff --git a/.github/workflows/semgrep-pro.yml b/.github/workflows/semgrep-pro.yml index 9757db35..47f14467 100644 --- a/.github/workflows/semgrep-pro.yml +++ b/.github/workflows/semgrep-pro.yml @@ -30,7 +30,7 @@ jobs: - run: semgrep ci --sarif-output=semgrep.sarif env: SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} - - uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4 + - uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4 if: always() with: sarif_file: semgrep.sarif diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 273bb3f5..c9c1cf37 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -30,7 +30,7 @@ jobs: - run: semgrep ci --sarif-output=semgrep.sarif env: SEMGREP_RULES: p/default p/owasp-top-ten p/cwe-top-25 p/gitleaks p/r2c-security-audit - - uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4 + - uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4 if: always() with: sarif_file: semgrep.sarif