mirror of
https://github.com/ossf/scorecard.git
synced 2024-08-15 11:20:30 +03:00
🌱 Bump CodeQL Action version to 3.24.10 and remove whitespace (#3972)
* 🌱 Remove whitespace Signed-off-by: Adam Harvey <33203301+adamdmharvey@users.noreply.github.com> * 🌱 Bump CodeQL Action version manually Signed-off-by: Adam Harvey <33203301+adamdmharvey@users.noreply.github.com> * 🌱 Bump CodeQL Action to v3.x series Signed-off-by: Adam Harvey <33203301+adamdmharvey@users.noreply.github.com> * chore(ci): Bump to latest CodeQL action hash/version Signed-off-by: Adam Harvey <33203301+adamdmharvey@users.noreply.github.com> --------- Signed-off-by: Adam Harvey <33203301+adamdmharvey@users.noreply.github.com>
This commit is contained in:
parent
96452d99ab
commit
b77f248ff6
7
.github/workflows/codeql-analysis.yml
vendored
7
.github/workflows/codeql-analysis.yml
vendored
@ -73,8 +73,7 @@ jobs:
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
|
||||
uses: github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a # v1
|
||||
uses: github/codeql-action/init@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
queries: +security-extended
|
||||
@ -86,7 +85,7 @@ jobs:
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
||||
# If this step fails, then you should remove it and run the build manually (see below)
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@cdcdbb579706841c47f7063dda365e292e5cad7a # v1
|
||||
uses: github/codeql-action/autobuild@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
|
||||
|
||||
# ℹ️ Command-line programs to run using the OS shell.
|
||||
# 📚 https://git.io/JvXDl
|
||||
@ -100,4 +99,4 @@ jobs:
|
||||
# make release
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@cdcdbb579706841c47f7063dda365e292e5cad7a # v1
|
||||
uses: github/codeql-action/analyze@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
|
||||
|
2
.github/workflows/scorecard-analysis.yml
vendored
2
.github/workflows/scorecard-analysis.yml
vendored
@ -51,6 +51,6 @@ jobs:
|
||||
# Upload the results to GitHub's code scanning dashboard (optional).
|
||||
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.16.4
|
||||
uses: github/codeql-action/upload-sarif@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
Loading…
Reference in New Issue
Block a user