diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1a6919b..181f090 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -26,9 +26,9 @@ jobs: - # Initializes the CodeQL tools for scanning. name: Initialize CodeQL - uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 + uses: github/codeql-action/init@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: languages: ${{ matrix.language }} - name: Analyze ${{ matrix.language }} - uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 + uses: github/codeql-action/analyze@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 diff --git a/.github/workflows/scanner.yml b/.github/workflows/scanner.yml index 3a0fa42..602cffe 100644 --- a/.github/workflows/scanner.yml +++ b/.github/workflows/scanner.yml @@ -38,7 +38,7 @@ jobs: cache: true - name: Vulnerability scan by trivy - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1 + uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # v0.34.2 with: scan-type: repo format: sarif @@ -49,7 +49,7 @@ jobs: exit-code: 0 - name: Upload trivy findings to code scanning dashboard - uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 + uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: category: trivy sarif_file: trivy-code-report.sarif @@ -69,7 +69,7 @@ jobs: output-file: govulnscan-report.sarif - name: Upload govulnscan findings to code scanning dashboard - uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 + uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: category: govulnscan sarif_file: govulnscan-report.sarif