Merge pull request #356 from eclipse-tractusx/dependabot/github_actio…

…ns/main/github/codeql-action-3.25.11 chore(deps): bump github/codeql-action from 2.25.2 to 3.25.11
eclipse-tractusx · Jul 11, 2024 · d61dd71 · d61dd71
2 parents 282bcb1 + bd88fd1
commit d61dd71
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 7 deletions.
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
@@ -98,5 +98,4 @@ jobs:
             mvn -B clean install --batch-mode -DskipTests
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@9ace329d8c0504a5571820cf13ab64d3f59e84fb    # v2.25.2
-
+        uses: github/codeql-action/analyze@9b7c22c3b39078582fa6d0d8f3841e944ec54582
diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml
@@ -27,7 +27,7 @@ name: "KICS"
 
 on:
   push:
-    branches: [ main ]
+    branches: [ "main" ]
     paths-ignore:
       - '**/*.md'
       - '**/*.txt'
@@ -76,7 +76,7 @@ jobs:
       # Upload findings to GitHub Advanced Security Dashboard
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
         if: always()
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@9b7c22c3b39078582fa6d0d8f3841e944ec54582
         with:
           sarif_file: kicsResults/results.sarif
 

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -74,7 +74,7 @@ jobs:
           skip-dirs: "deployment/infrastructure/data-consumer/edc-consumer,deployment/infrastructure/data-provider/edc-provider,deployment/infrastructure/data-provider/edc-provider/data-service,deployment/infrastructure/data-provider/registry"  # skip scanning external images.
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@9b7c22c3b39078582fa6d0d8f3841e944ec54582
         if: always()
         with:
           sarif_file: "trivy-results1.sarif"
@@ -112,7 +112,7 @@ jobs:
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@9b7c22c3b39078582fa6d0d8f3841e944ec54582
         with:
           sarif_file: "trivy-results-dpp-frontend.sarif"
 
@@ -158,7 +158,7 @@ jobs:
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@9b7c22c3b39078582fa6d0d8f3841e944ec54582
         with:
           sarif_file: "trivy-results-dpp-backend.sarif"