diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8bb6f65..e9a2cbf 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -39,6 +39,6 @@ jobs: path: results.sarif retention-days: 5 - - uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 + - uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 with: sarif_file: results.sarif diff --git a/action.yml b/action.yml index 8d04b9f..a73126b 100644 --- a/action.yml +++ b/action.yml @@ -198,7 +198,7 @@ runs: --output "${{ inputs.report-output }}/badge.svg" - id: upload-sarif - uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 + uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 if: ${{ always() }} with: # Directory upload — every *.sarif inside ships to Code Scanning under