diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ad94413d9..97c58f74c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -27,10 +27,10 @@ jobs: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Initialize CodeQL - uses: github/codeql-action/init@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7 + uses: github/codeql-action/init@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8 with: languages: ${{ matrix.language }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7 + uses: github/codeql-action/analyze@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8 with: category: '/language:${{matrix.language}}' diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 23e2fa6cd..414db89e7 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: 'Upload to code-scanning' - uses: github/codeql-action/upload-sarif@e296a935590eb16afc0c0108289f68c87e2a89a5 # v4.30.7 + uses: github/codeql-action/upload-sarif@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8 with: sarif_file: results.sarif diff --git a/github-actions/linting/licenses/action.yml b/github-actions/linting/licenses/action.yml index 0fb439d1b..465a67476 100644 --- a/github-actions/linting/licenses/action.yml +++ b/github-actions/linting/licenses/action.yml @@ -11,7 +11,7 @@ runs: using: composite steps: - name: Check Package Licenses - uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4.8.0 + uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1 env: # The action ref here allows us to import the config file from the same sha we rely on in the downstream usage ACTION_REF: ${{ github.action_ref || 'main' }}