Merge pull request #3927 from fluxcd/dependabot/github_actions/github/codeql-action-2.3.5

build(deps): bump github/codeql-action from 2.3.3 to 2.3.5
2 years ago · 96ed1e1372
parent 2903b4910c 860682e476
commit 96ed1e1372
2 changed files with 5 additions and 5 deletions
--- a/.github/workflows/ossf.yaml
+++ b/.github/workflows/ossf.yaml
@ -34,6 +34,6 @@ jobs:
          path: results.sarif
          retention-days: 5
      - name: Upload SARIF results
-        uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3
+        uses: github/codeql-action/upload-sarif@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5
        with:
          sarif_file: results.sarif
--- a/.github/workflows/scan.yaml
+++ b/.github/workflows/scan.yaml
@ -53,7 +53,7 @@ jobs:
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
      - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3
+        uses: github/codeql-action/upload-sarif@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5
        with:
          sarif_file: snyk.sarif

@ -73,10 +73,10 @@ jobs:
            **/go.sum
            **/go.mod
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3
+        uses: github/codeql-action/init@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5
        with:
          languages: go
      - name: Autobuild
-        uses: github/codeql-action/autobuild@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3
+        uses: github/codeql-action/autobuild@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5
      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3
+        uses: github/codeql-action/analyze@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5