File tree Expand file tree Collapse file tree 4 files changed +5
-5
lines changed Expand file tree Collapse file tree 4 files changed +5
-5
lines changed Original file line number Diff line number Diff line change @@ -29,11 +29,11 @@ jobs:
29
29
sudo apt-get update
30
30
sudo apt-get install -y libze1 libze-dev
31
31
- name : Initialize CodeQL
32
- uses : github/codeql-action/init@45775bd8235c68ba998cffa5171334d58593da47 # v3
32
+ uses : github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3
33
33
with :
34
34
languages : ' go'
35
35
36
36
- name : Perform CodeQL Analysis
37
- uses : github/codeql-action/analyze@45775bd8235c68ba998cffa5171334d58593da47 # v3
37
+ uses : github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3
38
38
with :
39
39
category : " /language:go"
Original file line number Diff line number Diff line change @@ -113,7 +113,7 @@ jobs:
113
113
echo "image_sha=$(docker inspect --format='{{index .RepoDigests 0}}' ${{ inputs.registry }}/${{ matrix.image }}:${{ inputs.image_tag }})" >> $GITHUB_OUTPUT
114
114
- name : Install cosign
115
115
if : ${{ inputs.image_tag != 'devel' }}
116
- uses : sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # v3.8.1
116
+ uses : sigstore/cosign-installer@3454372f43399081ed03b604cb2d021dabca52bb # v3.8.2
117
117
- name : Keyless image sign
118
118
if : ${{ inputs.image_tag != 'devel' }}
119
119
run : |
Original file line number Diff line number Diff line change 26
26
results_format : sarif
27
27
publish_results : true
28
28
- name : " Upload results to security"
29
- uses : github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3
29
+ uses : github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3
30
30
with :
31
31
sarif_file : results.sarif
Original file line number Diff line number Diff line change 31
31
format : sarif
32
32
output : trivy-report.sarif
33
33
- name : Upload sarif report to GitHub Security tab
34
- uses : github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3
34
+ uses : github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3
35
35
with :
36
36
sarif_file : trivy-report.sarif
You can’t perform that action at this time.
0 commit comments