diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 7e7667c1c..78f54a1a2 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -33,13 +33,13 @@ jobs: persist-credentials: false - name: Initialize CodeQL - uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 + uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} source-root: ${{ matrix.source-root }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 + uses: github/codeql-action/analyze@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0 with: category: language:${{ matrix.language }} diff --git a/.github/workflows/vulnerability-scan.yaml b/.github/workflows/vulnerability-scan.yaml index f99620440..bc73811cb 100644 --- a/.github/workflows/vulnerability-scan.yaml +++ b/.github/workflows/vulnerability-scan.yaml @@ -94,7 +94,7 @@ jobs: severity-cutoff: high - name: Upload Report - uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 + uses: github/codeql-action/upload-sarif@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0 with: category: container:${{ matrix.app }} sarif_file: ${{ steps.scan.outputs.sarif }}