From 6730a323aef87100bb455fb3e2b8f9cb61912fbd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Oct 2023 11:33:01 +0000 Subject: [PATCH] Bump github/codeql-action from 2.20.0 to 2.22.4 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.20.0 to 2.22.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/6c089f53dd51dc3fc7e599c3cb5356453a52ca9e...49abf0ba24d0b7953cb586944e918a0b92074c80) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/score.yaml | 2 +- .github/workflows/test.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/score.yaml b/.github/workflows/score.yaml index 1c700c0..9ca0add 100644 --- a/.github/workflows/score.yaml +++ b/.github/workflows/score.yaml @@ -31,6 +31,6 @@ jobs: path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e # v2.20.0 + uses: github/codeql-action/upload-sarif@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2.22.4 with: sarif_file: results.sarif diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 0159a03..87d768a 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -176,6 +176,6 @@ jobs: severity: ${{ inputs.scan-severity }} exit-code: '1' - name: Upload Report - uses: github/codeql-action/upload-sarif@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e # v2.11.6 + uses: github/codeql-action/upload-sarif@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2.11.6 with: sarif_file: 'trivy-results.sarif' \ No newline at end of file