Skip to content

Commit

Permalink
Bump github/codeql-action from 2.22.6 to 2.22.8 (#1311)
Browse files Browse the repository at this point in the history
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.6 to 2.22.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@689fdc5...407ffaf)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
dependabot[bot] authored Nov 24, 2023
1 parent cf0d4a4 commit d7c21cd
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 5 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/checks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,12 @@ jobs:
- name: Checkout repository
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
- name: Initialize CodeQL
uses: github/codeql-action/init@689fdc5193eeb735ecb2e52e819e3382876f93f4 # v2.22.6
uses: github/codeql-action/init@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
with:
config-file: ./.github/codeql.yml
languages: javascript
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@689fdc5193eeb735ecb2e52e819e3382876f93f4 # v2.22.6
uses: github/codeql-action/analyze@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
format:
name: Formatting
runs-on: ubuntu-22.04
Expand Down Expand Up @@ -169,7 +169,7 @@ jobs:
with:
args: . --sarif --output njsscan-results.sarif || true
- name: Upload njsscan report to GitHub
uses: github/codeql-action/upload-sarif@689fdc5193eeb735ecb2e52e819e3382876f93f4 # v2.22.6
uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
if: ${{ failure() || success() }}
with:
sarif_file: njsscan-results.sarif
Expand Down Expand Up @@ -607,7 +607,7 @@ jobs:
scan-ref: .
template: "@/contrib/sarif.tpl"
- name: Upload Trivy report to GitHub
uses: github/codeql-action/upload-sarif@689fdc5193eeb735ecb2e52e819e3382876f93f4 # v2.22.6
uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
if: ${{ failure() || success() }}
with:
sarif_file: trivy-results.sarif
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/semgrep.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
- name: Upload Semgrep report to GitHub
uses: github/codeql-action/upload-sarif@689fdc5193eeb735ecb2e52e819e3382876f93f4 # v2.22.6
uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
if: ${{ failure() || success() }}
with:
sarif_file: semgrep.sarif

0 comments on commit d7c21cd

Please sign in to comment.