diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2cc3319..f79a2b5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -66,13 +66,13 @@ jobs: - name: Initialize CodeQL if: ${{ github.event_name != 'workflow_dispatch' || inputs.profile == 'all' || inputs.profile == matrix.category }} - uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4 with: languages: ${{ matrix.language }} config-file: ${{ matrix.config_file }} - name: Analyze if: ${{ github.event_name != 'workflow_dispatch' || inputs.profile == 'all' || inputs.profile == matrix.category }} - uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4 with: category: "/codeql/${{ matrix.category }}" diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml index c4817f3..08b1312 100644 --- a/.github/workflows/secret-scan.yml +++ b/.github/workflows/secret-scan.yml @@ -46,7 +46,7 @@ jobs: echo "head=$head" >> "$GITHUB_OUTPUT" - name: Scan with TruffleHog - uses: trufflesecurity/trufflehog@v3.95.6 + uses: trufflesecurity/trufflehog@v3.95.8 with: path: ./ base: ${{ steps.scan-range.outputs.base }}