Commit dba834a 1 parent eeacb32 commit dba834a Copy full SHA for dba834a
File tree 3 files changed +9
-9
lines changed
3 files changed +9
-9
lines changed Original file line number Diff line number Diff line change @@ -41,11 +41,11 @@ jobs:
41
41
42
42
steps :
43
43
- name : Checkout repository
44
- uses : actions/checkout@v4
44
+ uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
45
45
46
46
# Initializes the CodeQL tools for scanning.
47
47
- name : Initialize CodeQL
48
- uses : github/codeql-action/init@v3
48
+ uses : github/codeql-action/init@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
49
49
with :
50
50
languages : ${{ matrix.language }}
51
51
# If you wish to specify custom queries, you can do so here or in a config file.
55
55
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
56
56
# If this step fails, then you should remove it and run the build manually (see below)
57
57
- name : Autobuild
58
- uses : github/codeql-action/autobuild@v3
58
+ uses : github/codeql-action/autobuild@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
59
59
60
60
# ℹ️ Command-line programs to run using the OS shell.
61
61
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
68
68
# ./location_of_script_within_repo/buildscript.sh
69
69
70
70
- name : Perform CodeQL Analysis
71
- uses : github/codeql-action/analyze@v3
71
+ uses : github/codeql-action/analyze@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
72
72
with :
73
73
category : " /language:${{matrix.language}}"
Original file line number Diff line number Diff line change 17
17
runs-on : ubuntu-latest
18
18
steps :
19
19
- name : ' Checkout Repository'
20
- uses : actions/checkout@v4
20
+ uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
21
21
- name : ' Dependency Review'
22
- uses : actions/dependency-review-action@v4
22
+ uses : actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
Original file line number Diff line number Diff line change 36
36
37
37
steps :
38
38
- name : " Checkout code"
39
- uses : actions/checkout@v4
39
+ uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
40
40
with :
41
41
persist-credentials : false
42
42
@@ -63,14 +63,14 @@ jobs:
63
63
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
64
64
# format to the repository Actions tab.
65
65
- name : " Upload artifact"
66
- uses : actions/upload-artifact@v4
66
+ uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
67
67
with :
68
68
name : SARIF file
69
69
path : results.sarif
70
70
retention-days : 5
71
71
72
72
# Upload the results to GitHub's code scanning dashboard.
73
73
- name : " Upload to code-scanning"
74
- uses : github/codeql-action/upload-sarif@v3
74
+ uses : github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
75
75
with :
76
76
sarif_file : results.sarif
You can’t perform that action at this time.
0 commit comments