diff --git a/.github/workflows/ossar-scan.yml b/.github/workflows/ossar-scan.yml index 324b8e41..5bdd9257 100644 --- a/.github/workflows/ossar-scan.yml +++ b/.github/workflows/ossar-scan.yml @@ -81,6 +81,6 @@ jobs: - name: Upload results to Security tab if: steps.skip_check.outputs.should_skip != 'true' - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 with: sarif_file: ${{ steps.ossar.outputs.sarifFile }} diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 1e1a4333..2fc15d28 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -102,7 +102,7 @@ jobs: - name: Initialize CodeQL if: inputs.build_codeql == true && steps.skip_check.outputs.should_skip != 'true' - uses: github/codeql-action/init@294a9d92911152fe08befb9ec03e240add280cb3 + uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 with: languages: 'cpp' @@ -226,4 +226,4 @@ jobs: - name: Perform CodeQL Analysis if: inputs.build_codeql == true && steps.skip_check.outputs.should_skip != 'true' - uses: github/codeql-action/analyze@294a9d92911152fe08befb9ec03e240add280cb3 + uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628 diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index e1137516..f673bb3f 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" if: github.ref_name == 'main' - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 with: sarif_file: results.sarif