From 42e6eceeece1627fcfb47d71d4b0d3ad5d695f79 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 May 2024 03:06:44 +0000 Subject: [PATCH] Bump github/codeql-action from 1.0.26 to 3.25.3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.26 to 3.25.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](https://github.com/github/codeql-action/compare/v1.0.26...v3.25.3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-v4.yml | 4 ++-- .github/workflows/scorecards.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-v4.yml b/.github/workflows/codeql-v4.yml index 6006ff48f31..1f1517a9453 100644 --- a/.github/workflows/codeql-v4.yml +++ b/.github/workflows/codeql-v4.yml @@ -38,7 +38,7 @@ jobs: java-version: '17' # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3.25.3 with: languages: java queries: security-and-quality @@ -51,6 +51,6 @@ jobs: cache-disabled: true arguments: -x javadoc -x test build -PskipOpenTypesFVT - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3.25.3 with: ram: 4096 diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 574bdef53bb..3e566e36342 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -62,6 +62,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # tag=v1.0.26 + uses: github/codeql-action/upload-sarif@ceaec5c11a131e0d282ff3b6f095917d234caace # tag=v2.25.3 with: sarif_file: results.sarif