diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index 2f943ff..f4b8a93 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -37,6 +37,6 @@ jobs: with: should-scan-archives: true - name: Upload DevSkim scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: sarif_file: devskim-results.sarif diff --git a/.github/workflows/msdo.yml b/.github/workflows/msdo.yml index d9aeb5e..f04433d 100644 --- a/.github/workflows/msdo.yml +++ b/.github/workflows/msdo.yml @@ -34,6 +34,6 @@ jobs: id: scan uses: microsoft/security-devops-action@08976cb623803b1b36d7112d4ff9f59eae704de0 # v1.12.0 - name: Upload MSDO scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: sarif_file: ${{ steps.scan.outputs.sarifFile }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 7f45cb6..2fd7d93 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -37,6 +37,6 @@ jobs: results_format: sarif publish_results: true - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: sarif_file: scorecards-results.sarif