diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 38b9f5765..a659b95db 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -73,7 +73,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -86,7 +86,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). - name: Autobuild if: matrix.language != 'go' - uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/autobuild@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 - name: Install MicroCloud build dependencies if: matrix.language == 'go' @@ -99,6 +99,6 @@ jobs: make build - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 21d9c4eb9..0367d48aa 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -60,7 +60,7 @@ jobs: mv trivy-modified.sarif "${SARIF_FILE}" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: sarif_file: ${{ env.SARIF_FILE }} sha: ${{ github.sha }} @@ -131,7 +131,7 @@ jobs: mv ${{ matrix.branch }}-modified.sarif ${{ matrix.branch }}.sarif - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: sarif_file: ${{ matrix.branch }}.sarif sha: ${{ steps.branch-sha.outputs.sha }}