Merge pull request #18696 from etcd-io/dependabot/github_actions/gith…

…ub/codeql-action-3.26.12 build(deps): bump github/codeql-action from 3.26.10 to 3.26.12
etcd-io · Oct 8, 2024 · f1aefa5 · f1aefa5
2 parents 17fb752 + f66637b
commit f1aefa5
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -40,7 +40,7 @@ jobs:
  uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
  # Initializes the CodeQL tools for scanning.
  - name: Initialize CodeQL
- uses: github/codeql-action/init@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+ uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
  with:
  # If you wish to specify custom queries, you can do so here or in a config file.
  # By default, queries listed here will override any specified in a config file.
@@ -50,6 +50,6 @@ jobs:
  # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
  # If this step fails, then you should remove it and run the build manually (see below)
  - name: Autobuild
- uses: github/codeql-action/autobuild@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+ uses: github/codeql-action/autobuild@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
  - name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+ uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -72,6 +72,6 @@ jobs:
  # Ref: https:/aquasecurity/trivy-action/issues/389
  TRIVY_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-db:2'
  - name: upload scan results
- uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+ uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
  with:
  sarif_file: 'trivy-results-${{ matrix.platforms }}.sarif'
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -50,6 +50,6 @@ jobs:
 
  # Upload the results to GitHub's code scanning dashboard.
  - name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
+ uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
  with:
  sarif_file: results.sarif