diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 73826e30f9e0..f9c7aedaaee8 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -37,7 +37,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@main + uses: github/codeql-action/init@71510779c25b2bd66d6434d3f94a74dac811e3fd # Override language selection by uncommenting this and choosing your languages with: languages: csharp @@ -59,4 +59,4 @@ jobs: dotnet build csharp /p:UseSharedCompilation=false - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@main + uses: github/codeql-action/analyze@71510779c25b2bd66d6434d3f94a74dac811e3fd diff --git a/.github/workflows/csv-coverage-metrics.yml b/.github/workflows/csv-coverage-metrics.yml index 7778221dc2f2..710e409f2113 100644 --- a/.github/workflows/csv-coverage-metrics.yml +++ b/.github/workflows/csv-coverage-metrics.yml @@ -38,7 +38,7 @@ jobs: path: metrics-java.sarif retention-days: 20 - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@main + uses: github/codeql-action/upload-sarif@71510779c25b2bd66d6434d3f94a74dac811e3fd with: sarif_file: metrics-java.sarif @@ -65,6 +65,6 @@ jobs: path: metrics-csharp.sarif retention-days: 20 - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@main + uses: github/codeql-action/upload-sarif@71510779c25b2bd66d6434d3f94a74dac811e3fd with: sarif_file: metrics-csharp.sarif diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index f5df6291b62e..e22360e9e838 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -17,7 +17,7 @@ jobs: - uses: actions/checkout@v3 - name: Find codeql id: find-codeql - uses: github/codeql-action/init@aa93aea877e5fb8841bcb1193f672abf6e9f2980 + uses: github/codeql-action/init@71510779c25b2bd66d6434d3f94a74dac811e3fd with: languages: javascript # does not matter - name: Get CodeQL version @@ -156,14 +156,14 @@ jobs: env: CONF: ./ql-for-ql-config.yml - name: Initialize CodeQL - uses: github/codeql-action/init@aa93aea877e5fb8841bcb1193f672abf6e9f2980 + uses: github/codeql-action/init@71510779c25b2bd66d6434d3f94a74dac811e3fd with: languages: ql db-location: ${{ runner.temp }}/db config-file: ./ql-for-ql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@aa93aea877e5fb8841bcb1193f672abf6e9f2980 + uses: github/codeql-action/analyze@71510779c25b2bd66d6434d3f94a74dac811e3fd with: category: "ql-for-ql" - name: Copy sarif file to CWD diff --git a/.github/workflows/ql-for-ql-dataset_measure.yml b/.github/workflows/ql-for-ql-dataset_measure.yml index a5ed2e9b2665..c5a0ef5ed48c 100644 --- a/.github/workflows/ql-for-ql-dataset_measure.yml +++ b/.github/workflows/ql-for-ql-dataset_measure.yml @@ -25,7 +25,7 @@ jobs: - name: Find codeql id: find-codeql - uses: github/codeql-action/init@aa93aea877e5fb8841bcb1193f672abf6e9f2980 + uses: github/codeql-action/init@71510779c25b2bd66d6434d3f94a74dac811e3fd with: languages: javascript # does not matter - uses: actions/cache@v3 diff --git a/.github/workflows/ql-for-ql-tests.yml b/.github/workflows/ql-for-ql-tests.yml index b016f21f2b95..e4f6fcad4f3b 100644 --- a/.github/workflows/ql-for-ql-tests.yml +++ b/.github/workflows/ql-for-ql-tests.yml @@ -22,7 +22,7 @@ jobs: - uses: actions/checkout@v3 - name: Find codeql id: find-codeql - uses: github/codeql-action/init@aa93aea877e5fb8841bcb1193f672abf6e9f2980 + uses: github/codeql-action/init@71510779c25b2bd66d6434d3f94a74dac811e3fd with: languages: javascript # does not matter - uses: actions/cache@v3