From aed4f29a8ff90a7371e98b57cea95f09e7d10bfb Mon Sep 17 00:00:00 2001 From: Jacob Logan Date: Wed, 29 May 2024 10:26:41 -0700 Subject: [PATCH 1/3] pin code-ql actions to latest v2 --- .github/workflows/codeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1e6b77f7fd2..d3268cf107e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -26,12 +26,12 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@162eb1e32abe518e88bd229ebc8784a533ceaa51 # v2.25.6 with: languages: ${{ matrix.language }} config-file: ./.github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@162eb1e32abe518e88bd229ebc8784a533ceaa51 # v2.25.6 with: category: '/language:${{matrix.language}}' From 701a1d4f9ed691d8152feb342e42214c44fef98f Mon Sep 17 00:00:00 2001 From: jacoblogan Date: Wed, 29 May 2024 10:42:40 -0700 Subject: [PATCH 2/3] Update .github/workflows/codeql.yml Co-authored-by: Scott Rees <6165315+reesscot@users.noreply.github.com> --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d3268cf107e..fa821a79efe 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -32,6 +32,6 @@ jobs: config-file: ./.github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@162eb1e32abe518e88bd229ebc8784a533ceaa51 # v2.25.6 + uses: github/codeql-action/analyze@162eb1e32abe518e88bd229ebc8784a533ceaa51 with: category: '/language:${{matrix.language}}' From 59b1820d9de2afbeeb056246dbfa4bad5ef5e233 Mon Sep 17 00:00:00 2001 From: jacoblogan Date: Wed, 29 May 2024 10:42:50 -0700 Subject: [PATCH 3/3] Update .github/workflows/codeql.yml Co-authored-by: Scott Rees <6165315+reesscot@users.noreply.github.com> --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fa821a79efe..69ffd837f3c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -26,7 +26,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@162eb1e32abe518e88bd229ebc8784a533ceaa51 # v2.25.6 + uses: github/codeql-action/init@162eb1e32abe518e88bd229ebc8784a533ceaa51 with: languages: ${{ matrix.language }} config-file: ./.github/codeql/codeql-config.yml