diff --git a/.github/workflows/action-security.yml b/.github/workflows/action-security.yml index 049d633..9dea68e 100644 --- a/.github/workflows/action-security.yml +++ b/.github/workflows/action-security.yml @@ -117,14 +117,14 @@ jobs: - name: Upload Trivy results if: steps.verify-sarif.outputs.has_trivy == 'true' - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: sarif_file: 'trivy-results.sarif' category: 'trivy' - name: Upload Gitleaks results if: steps.verify-sarif.outputs.has_gitleaks == 'true' - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: sarif_file: 'gitleaks-report.sarif' category: 'gitleaks' diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index aef07be..1b71b5c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -37,15 +37,15 @@ jobs: uses: actions/checkout@71cf2267d89c5cb81562390fa70a37fa40b1305e # v6-beta - name: Initialize CodeQL - uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/init@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: languages: ${{ matrix.language }} queries: security-and-quality - name: Autobuild - uses: github/codeql-action/autobuild@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/autobuild@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/analyze@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: category: '/language:${{matrix.language}}' diff --git a/.github/workflows/pr-lint.yml b/.github/workflows/pr-lint.yml index 0e599a3..6b12d05 100644 --- a/.github/workflows/pr-lint.yml +++ b/.github/workflows/pr-lint.yml @@ -104,7 +104,7 @@ jobs: - name: Upload SARIF Report if: always() && hashFiles('megalinter-reports/sarif/*.sarif') - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: sarif_file: megalinter-reports/sarif category: megalinter diff --git a/.github/workflows/test-actions.yml b/.github/workflows/test-actions.yml index d2cb323..9d95aa4 100644 --- a/.github/workflows/test-actions.yml +++ b/.github/workflows/test-actions.yml @@ -73,7 +73,7 @@ jobs: if: always() - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 if: always() && hashFiles('_tests/reports/test-results.sarif') != '' with: sarif_file: _tests/reports/test-results.sarif diff --git a/ansible-lint-fix/action.yml b/ansible-lint-fix/action.yml index 642cd76..f022af4 100644 --- a/ansible-lint-fix/action.yml +++ b/ansible-lint-fix/action.yml @@ -130,6 +130,6 @@ runs: - name: Upload SARIF Report if: steps.check-files.outputs.files_found == 'true' - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: sarif_file: ansible-lint.sarif diff --git a/biome-lint/action.yml b/biome-lint/action.yml index 388b187..09b20f9 100644 --- a/biome-lint/action.yml +++ b/biome-lint/action.yml @@ -331,7 +331,7 @@ runs: - name: Upload SARIF Report if: inputs.mode == 'check' && always() - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: sarif_file: biome-report.sarif diff --git a/codeql-analysis/action.yml b/codeql-analysis/action.yml index a45a14e..6150707 100644 --- a/codeql-analysis/action.yml +++ b/codeql-analysis/action.yml @@ -186,7 +186,7 @@ runs: echo "Using build mode: $build_mode" - name: Initialize CodeQL - uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/init@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: languages: ${{ inputs.language }} queries: ${{ inputs.queries }} @@ -199,12 +199,12 @@ runs: threads: ${{ inputs.threads }} - name: Autobuild - uses: github/codeql-action/autobuild@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/autobuild@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 if: ${{ steps.set-build-mode.outputs.build-mode == 'autobuild' }} - name: Perform CodeQL Analysis id: analysis - uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/analyze@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: category: ${{ steps.set-category.outputs.category }} upload: ${{ inputs.upload-results }} diff --git a/csharp-lint-check/action.yml b/csharp-lint-check/action.yml index 56ed777..30748bf 100644 --- a/csharp-lint-check/action.yml +++ b/csharp-lint-check/action.yml @@ -206,6 +206,6 @@ runs: fi - name: Upload SARIF Report - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: sarif_file: dotnet-format.sarif diff --git a/eslint-lint/action.yml b/eslint-lint/action.yml index d215cfd..edc8ec4 100644 --- a/eslint-lint/action.yml +++ b/eslint-lint/action.yml @@ -457,7 +457,7 @@ runs: - name: Upload SARIF Report if: inputs.mode == 'check' && inputs.report-format == 'sarif' && always() - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: sarif_file: ${{ inputs.working-directory }}/eslint-results.sarif diff --git a/go-lint/action.yml b/go-lint/action.yml index 84bf3d4..a741e66 100644 --- a/go-lint/action.yml +++ b/go-lint/action.yml @@ -414,7 +414,7 @@ runs: - name: Upload Lint Results if: always() && inputs.report-format == 'sarif' - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: sarif_file: ${{ inputs.working-directory }}/reports/golangci-lint.sarif category: golangci-lint diff --git a/python-lint-fix/action.yml b/python-lint-fix/action.yml index f5032c1..20507ff 100644 --- a/python-lint-fix/action.yml +++ b/python-lint-fix/action.yml @@ -370,7 +370,7 @@ runs: - name: Upload SARIF Report if: steps.check-files.outputs.result == 'found' - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: sarif_file: ${{ inputs.working-directory }}/reports/flake8.sarif category: 'python-lint' diff --git a/terraform-lint-fix/action.yml b/terraform-lint-fix/action.yml index 3ed78d2..35ab269 100644 --- a/terraform-lint-fix/action.yml +++ b/terraform-lint-fix/action.yml @@ -256,7 +256,7 @@ runs: - name: Upload SARIF Report if: steps.check-files.outputs.found == 'true' && inputs.format == 'sarif' - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4 with: sarif_file: ${{ env.VALIDATED_WORKING_DIR }}/reports/tflint.sarif category: terraform-lint