Merge pull request #273 from boilerplate-language/dependabot/github_actions/github/codeql-action-2.2.8

github-actions[bot] · web-flow · commit ec6d497c3f33 · 2023-03-23T09:20:21.000Z
build(deps): bump github/codeql-action from 2.2.7 to 2.2.8
diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml
@@ -69,7 +69,7 @@ jobs:
           severity: "CRITICAL,HIGH"
 
       - name: Publish trivy report to GitHub Security
-        uses: github/codeql-action/upload-sarif@168b99b3c22180941ae7dbdd5f5c9678ede476ba
+        uses: github/codeql-action/upload-sarif@67a35a08586135a9573f4327e904ecbf517a882d
         with:
           sarif_file: "trivy-results.sarif"
 
@@ -104,7 +104,7 @@ jobs:
           acs-report-enable: true
 
       - name: Publish grype report to GitHub Security
-        uses: github/codeql-action/upload-sarif@168b99b3c22180941ae7dbdd5f5c9678ede476ba
+        uses: github/codeql-action/upload-sarif@67a35a08586135a9573f4327e904ecbf517a882d
         with:
           sarif_file: ${{ steps.grype-image.outputs.sarif }}
 
@@ -126,7 +126,7 @@ jobs:
           acs-report-enable: true
 
       - name: Publish grype report to GitHub Security
-        uses: github/codeql-action/upload-sarif@168b99b3c22180941ae7dbdd5f5c9678ede476ba
+        uses: github/codeql-action/upload-sarif@67a35a08586135a9573f4327e904ecbf517a882d
         with:
           sarif_file: ${{ steps.grype-files.outputs.sarif }}
 
@@ -147,7 +147,7 @@ jobs:
           no-fail: true
 
       - name: Publish hadolint report to GitHub Security
-        uses: github/codeql-action/upload-sarif@168b99b3c22180941ae7dbdd5f5c9678ede476ba
+        uses: github/codeql-action/upload-sarif@67a35a08586135a9573f4327e904ecbf517a882d
         with:
           sarif_file: hadolint-results.sarif
           wait-for-processing: true
diff --git a/.github/workflows/python-ci.yml b/.github/workflows/python-ci.yml
@@ -84,12 +84,12 @@ jobs:
         uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@168b99b3c22180941ae7dbdd5f5c9678ede476ba
+        uses: github/codeql-action/init@67a35a08586135a9573f4327e904ecbf517a882d
         with:
           languages: ${{ matrix.language }}
 
       - name: Build automatically
-        uses: github/codeql-action/autobuild@168b99b3c22180941ae7dbdd5f5c9678ede476ba
+        uses: github/codeql-action/autobuild@67a35a08586135a9573f4327e904ecbf517a882d
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@168b99b3c22180941ae7dbdd5f5c9678ede476ba
+        uses: github/codeql-action/analyze@67a35a08586135a9573f4327e904ecbf517a882d
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -48,6 +48,6 @@ jobs:
           path: results.sarif
 
       - name: Publish Scorecard report to GitHub Security
-        uses: github/codeql-action/upload-sarif@168b99b3c22180941ae7dbdd5f5c9678ede476ba
+        uses: github/codeql-action/upload-sarif@67a35a08586135a9573f4327e904ecbf517a882d
         with:
           sarif_file: results.sarif
