diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 3fe4aaae..c367d0a0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -31,15 +31,15 @@ jobs: uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 - name: Initialize CodeQL - uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + uses: github/codeql-action/init@7188fc363630916deb702c7fdcf4e481b751f97a # v4 with: languages: ${{ matrix.language }} queries: +security-and-quality - name: Autobuild - uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + uses: github/codeql-action/autobuild@7188fc363630916deb702c7fdcf4e481b751f97a # v4 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + uses: github/codeql-action/analyze@7188fc363630916deb702c7fdcf4e481b751f97a # v4 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 925ee853..3086c24c 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -40,6 +40,6 @@ jobs: version: 'v0.71.2' - name: ⬆️ Upload Trivy results if: ${{ github.event_name != 'pull_request' }} - uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + uses: github/codeql-action/upload-sarif@7188fc363630916deb702c7fdcf4e481b751f97a # v4 with: sarif_file: 'trivy-results.sarif'