diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml index 05c5f6a5..5c972e41 100644 --- a/.github/workflows/code-qualitiy.yml +++ b/.github/workflows/code-qualitiy.yml @@ -40,7 +40,7 @@ jobs: uses: JetBrains/qodana-action@a8363b702c2d2d49a77620bcd10541686df21307 # v2023.3.0 with: args: "--fail-threshold,0" - - uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2 + - uses: github/codeql-action/upload-sarif@b374143c1149a9115d881581d29b8390bbcbb59c # v3 with: sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json reproducilbilty: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 42819759..1edcaf1e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -51,7 +51,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2 + uses: github/codeql-action/init@b374143c1149a9115d881581d29b8390bbcbb59c # v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -63,6 +63,6 @@ jobs: - name: build packages run: mvn -B clean package - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2 + uses: github/codeql-action/analyze@b374143c1149a9115d881581d29b8390bbcbb59c # v3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index faa1cc67..9a320642 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@305f6546310b9203e892c28c1484e82977f4f63d # v2.22.10 + uses: github/codeql-action/upload-sarif@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11 with: sarif_file: results.sarif