Skip to content

Commit c09a886

Browse files
dependabot[bot]dependabot[bot]
authored
ci(deps): bump the all-github-actions group with 2 updates (#5054)
Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 654683e commit c09a886

File tree

2 files changed

+6
-6
lines changed

2 files changed

+6
-6
lines changed

.github/workflows/ossf.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,6 @@ jobs:
4444

4545
# required for Code scanning alerts
4646
- name: "Upload SARIF results to code scanning"
47-
uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
47+
uses: github/codeql-action/upload-sarif@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19
4848
with:
4949
sarif_file: results.sarif

.github/workflows/scan.yaml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -56,15 +56,15 @@ jobs:
5656
- name: Checkout code
5757
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
5858
- name: Run Trivy vulnerability scanner in repo mode
59-
uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5 # v0.30.0
59+
uses: aquasecurity/trivy-action@76071ef0d7ec797419534a183b498b4d6366cf37 # v0.31.0
6060
with:
6161
scan-type: fs
6262
scanners: vuln
6363
ignore-unfixed: true
6464
format: sarif
6565
output: trivy-results.sarif
6666
- name: Upload Trivy scan results to GitHub Security tab
67-
uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
67+
uses: github/codeql-action/upload-sarif@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19
6868
with:
6969
sarif_file: trivy-results.sarif
7070

@@ -77,10 +77,10 @@ jobs:
7777
- name: Checkout repository
7878
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
7979
- name: Initialize CodeQL
80-
uses: github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
80+
uses: github/codeql-action/init@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19
8181
with:
8282
languages: go
8383
- name: Autobuild
84-
uses: github/codeql-action/autobuild@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
84+
uses: github/codeql-action/autobuild@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19
8585
- name: Perform CodeQL Analysis
86-
uses: github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
86+
uses: github/codeql-action/analyze@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19

0 commit comments

Comments
 (0)