diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 5c129f2..c4ff2f4 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -32,6 +32,6 @@ jobs: path: results.sarif retention-days: 30 - - uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + - uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4 with: sarif_file: results.sarif diff --git a/.github/workflows/security-scans.yml b/.github/workflows/security-scans.yml index 32ecc03..81dbbbb 100644 --- a/.github/workflows/security-scans.yml +++ b/.github/workflows/security-scans.yml @@ -35,7 +35,7 @@ jobs: exit-code: 1 format: sarif output: trivy-results.sarif - - uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + - uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4 if: always() with: sarif_file: trivy-results.sarif @@ -50,11 +50,11 @@ jobs: language: [javascript-typescript] steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + - uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4 with: languages: ${{ matrix.language }} queries: security-extended - - uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + - uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4 shellcheck: runs-on: ubuntu-latest