diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 19c97d5..005b9dc 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -44,7 +44,7 @@ jobs: cache-dependency-path: git-proxy-java-dashboard/frontend/package-lock.json - name: Initialize CodeQL - uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # ratchet:github/codeql-action/init@v4 + uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # ratchet:github/codeql-action/init@v4 with: languages: ${{ matrix.language }} @@ -53,6 +53,6 @@ jobs: run: ./gradlew build -x test -x e2eTest --no-build-cache - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # ratchet:github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # ratchet:github/codeql-action/analyze@v4 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/cve.yml b/.github/workflows/cve.yml index 0956649..eabb2cb 100644 --- a/.github/workflows/cve.yml +++ b/.github/workflows/cve.yml @@ -32,7 +32,7 @@ jobs: - name: Upload SARIF report if: ${{ always() }} - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # ratchet:github/codeql-action/upload-sarif@v4 + uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # ratchet:github/codeql-action/upload-sarif@v4 with: sarif_file: ${{ steps.scan.outputs.sarif }} @@ -66,7 +66,7 @@ jobs: - name: Upload SARIF report if: ${{ always() }} - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # ratchet:github/codeql-action/upload-sarif@v4 + uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # ratchet:github/codeql-action/upload-sarif@v4 with: sarif_file: ${{ steps.scan.outputs.sarif }}