🌱 Bump CodeQL Action version to 3.24.10 and remove whitespace (#3972)

* 🌱 Remove whitespace Signed-off-by: Adam Harvey <33203301+adamdmharvey@users.noreply.github.com> * 🌱 Bump CodeQL Action version manually Signed-off-by: Adam Harvey <33203301+adamdmharvey@users.noreply.github.com> * 🌱 Bump CodeQL Action to v3.x series Signed-off-by: Adam Harvey <33203301+adamdmharvey@users.noreply.github.com> * chore(ci): Bump to latest CodeQL action hash/version Signed-off-by: Adam Harvey <33203301+adamdmharvey@users.noreply.github.com> --------- Signed-off-by: Adam Harvey <33203301+adamdmharvey@users.noreply.github.com>
2024-08-15 11:20:30 +03:00 · 2024-04-12 01:28:34 -04:00 · 2024-04-12 01:28:34 -04:00 · b77f248ff6
commit b77f248ff6
parent 96452d99ab
2 changed files with 4 additions and 5 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -73,8 +73,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-
-      uses: github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a # v1
+      uses: github/codeql-action/init@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
      with:
        languages: ${{ matrix.language }}
        queries: +security-extended
@ -86,7 +85,7 @@ jobs:
    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
    # If this step fails, then you should remove it and run the build manually (see below)
    - name: Autobuild
-      uses: github/codeql-action/autobuild@cdcdbb579706841c47f7063dda365e292e5cad7a # v1
+      uses: github/codeql-action/autobuild@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10

    # ℹ️ Command-line programs to run using the OS shell.
    # 📚 https://git.io/JvXDl
@ -100,4 +99,4 @@ jobs:
    #   make release

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@cdcdbb579706841c47f7063dda365e292e5cad7a # v1
+      uses: github/codeql-action/analyze@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
--- a/.github/workflows/scorecard-analysis.yml
+++ b/.github/workflows/scorecard-analysis.yml
@ -51,6 +51,6 @@ jobs:
      # Upload the results to GitHub's code scanning dashboard (optional).
      # Commenting out will disable upload of results to your repo's Code Scanning dashboard
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.16.4
+        uses: github/codeql-action/upload-sarif@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
        with:
          sarif_file: results.sarif