diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 672097a..d23a6c0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -28,8 +28,8 @@ jobs: WORKFLOW=$(echo "$WORKFLOW" | cut -d '@' -f 1 | cut -d '/' -f 3-5) go run ./cmd/ghasum verify -cache /home/runner/work/_actions -no-evict -offline "$WORKFLOW:$JOB" - name: Initialize CodeQL - uses: github/codeql-action/init@v3.26.0 + uses: github/codeql-action/init@v3.26.7 with: languages: go - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@v3.26.0 + uses: github/codeql-action/analyze@v3.26.7 diff --git a/.github/workflows/gha.sum b/.github/workflows/gha.sum index 9503ff1..e0a0c7c 100755 --- a/.github/workflows/gha.sum +++ b/.github/workflows/gha.sum @@ -2,7 +2,7 @@ version 1 actions/checkout@v4.1.6 ElHY2zwea4F7aiO5kTGiEJU1+/P21We7sgBd/ov69Dg= actions/setup-go@v5.0.2 n9tqUfB4OKK5aiUOExrVooiAI2s7Wcih+7CYiJHr920= -github/codeql-action@v3.26.0 rNb1rMgbW3WotjQLynAtYu16v0Fvlkv2KcGTvJeNde0= +github/codeql-action@v3.26.7 CyKIM/hsqtMpMDphedhh08SHWg5JWBATPXKH9NCaofU= ncipollo/release-action@v1.14.0 +JAIlT/RB99JgfxlDrAcAdBnaKX4y8hyFWnHc4j7tfM= stefanzweifel/git-auto-commit-action@v5.0.0 t2VeG9180CmZ5/cmxvkFkN6iWoWsOjlaJ2V8rp1HDqY= tibdex/github-app-token@v2.1.0 ZNSBo6XSE0yxs8IkHEkVtUC9MkEeXTclXpMLl6zAmCs= diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 39906f5..89e2d3d 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -33,7 +33,7 @@ jobs: env: SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} - name: Upload Semgrep report to GitHub - uses: github/codeql-action/upload-sarif@v3.26.0 + uses: github/codeql-action/upload-sarif@v3.26.7 if: ${{ failure() || success() }} with: sarif_file: semgrep.sarif