3535 retention-days : 5
3636 - name : " Upload to code-scanning"
3737 if : github.event_name != 'pull_request'
38- uses : github/codeql-action/upload-sarif@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9
38+ uses : github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
3939 with :
4040 sarif_file : results.sarif
4141 dependency-review :
@@ -65,13 +65,13 @@ jobs:
6565 fetch-depth : 0
6666 fetch-tags : true
6767 - name : Initialize CodeQL
68- uses : github/codeql-action/init@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9
68+ uses : github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
6969 with :
7070 languages : ${{ matrix.language }}
7171 - name : Autobuild
72- uses : github/codeql-action/autobuild@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9
72+ uses : github/codeql-action/autobuild@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
7373 - name : Perform CodeQL Analysis
74- uses : github/codeql-action/analyze@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9
74+ uses : github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
7575 with :
7676 category : " /language:${{matrix.language}}"
7777
9797 cp govuln.sarif govuln2.sarif
9898 fi
9999name : Upload result to GitHub Code Scanning
100- uses : github/codeql-action/upload-sarif@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9
100+ uses : github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
101101 with :
102102 sarif_file : govuln2.sarif
103103 gosec :
@@ -119,6 +119,6 @@ jobs:
119119 args : ' -no-fail -exclude=G504 -fmt sarif -out results.sarif ./...'
120120 - name : Upload SARIF file
121121 if : github.event_name != 'pull_request'
122- uses : github/codeql-action/upload-sarif@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9
122+ uses : github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
123123 with :
124124 sarif_file : results.sarif
0 commit comments