From d6ab366f315b7ff75fe5fc2d66bc6800625ce58d Mon Sep 17 00:00:00 2001 From: Picnic-Bot Date: Wed, 28 Jun 2023 13:20:53 +0200 Subject: [PATCH] Upgrade CodeQL v2.2.11 -> v2.20.1 (#670) See: - https://github.com/github/codeql-action/blob/main/CHANGELOG.md - https://github.com/github/codeql-action/compare/v2.20.0...v2.20.1 - https://github.com/github/codeql-action/compare/v2.3.6...v2.20.0 - https://github.com/github/codeql-action/compare/v2.3.5...v2.3.6 - https://github.com/github/codeql-action/compare/v2.3.4...v2.3.5 - https://github.com/github/codeql-action/compare/v2.3.3...v2.3.4 - https://github.com/github/codeql-action/compare/v2.3.2...v2.3.3 - https://github.com/github/codeql-action/compare/v2.3.1...v2.3.2 - https://github.com/github/codeql-action/compare/v2.3.0...v2.3.1 - https://github.com/github/codeql-action/compare/v2.2.12...v2.3.0 - https://github.com/github/codeql-action/compare/v2.2.11...v2.2.12 --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/openssf-scorecard.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 66bda1395b..6d1058c43e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -32,13 +32,13 @@ jobs: distribution: temurin cache: maven - name: Initialize CodeQL - uses: github/codeql-action/init@v2.2.11 + uses: github/codeql-action/init@f6e388ebf0efc915c6c5b165b019ee61a6746a38 # v2.20.1 with: languages: ${{ matrix.language }} - name: Perform minimal build if: matrix.language == 'java' run: mvn -T1C clean install -DskipTests -Dverification.skip - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@v2.2.11 + uses: github/codeql-action/analyze@f6e388ebf0efc915c6c5b165b019ee61a6746a38 # v2.20.1 with: category: /language:${{ matrix.language }} diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml index dff3908624..1a1284d495 100644 --- a/.github/workflows/openssf-scorecard.yml +++ b/.github/workflows/openssf-scorecard.yml @@ -31,6 +31,6 @@ jobs: results_format: sarif publish_results: ${{ github.ref == 'refs/heads/master' }} - name: Update GitHub's code scanning dashboard - uses: github/codeql-action/upload-sarif@v2.2.11 + uses: github/codeql-action/upload-sarif@f6e388ebf0efc915c6c5b165b019ee61a6746a38 # v2.20.1 with: sarif_file: results.sarif