diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a5a2322..d3e16cf 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -46,7 +46,7 @@ jobs: uses: gradle/actions/wrapper-validation@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2 - name: Initialize CodeQL - uses: github/codeql-action/init@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1 + uses: github/codeql-action/init@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3 with: languages: ${{ matrix.language }} @@ -55,4 +55,4 @@ jobs: run: ./gradlew build -x test - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1 + uses: github/codeql-action/analyze@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3 diff --git a/.github/workflows/snyk-code-scanning.yml b/.github/workflows/snyk-code-scanning.yml index d2df2f6..415fb6a 100644 --- a/.github/workflows/snyk-code-scanning.yml +++ b/.github/workflows/snyk-code-scanning.yml @@ -32,6 +32,6 @@ jobs: args: --severity-threshold=high --sarif-file-output=snyk-gradle.sarif - name: Upload Snyk Gradle result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1 + uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3 with: sarif_file: snyk-gradle.sarif \ No newline at end of file diff --git a/.github/workflows/trivy-code-scanning.yml b/.github/workflows/trivy-code-scanning.yml index 54a50c9..e8bbff2 100644 --- a/.github/workflows/trivy-code-scanning.yml +++ b/.github/workflows/trivy-code-scanning.yml @@ -41,7 +41,7 @@ jobs: severity: 'CRITICAL,HIGH' - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1 + uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3 if: github.ref == 'refs/heads/main' with: sarif_file: 'trivy-results.sarif'