build(deps): bump github/codeql-action from 2.1.36 to 2.1.37 (#5811)

This commit is contained in:
dependabot[bot] 2022-12-20 05:53:52 -08:00 committed by GitHub
parent 1d55217ea8
commit 611a2f0769
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 5 deletions

View file

@ -30,12 +30,12 @@ jobs:
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
- name: Initialize CodeQL
uses: github/codeql-action/init@a669cc5936cc5e1b6a362ec1ff9e410dc570d190
uses: github/codeql-action/init@959cbb7472c4d4ad70cdfe6f4976053fe48ab394
with:
languages: ${{ matrix.language }}
- name: Autobuild
uses: github/codeql-action/autobuild@a669cc5936cc5e1b6a362ec1ff9e410dc570d190
uses: github/codeql-action/autobuild@959cbb7472c4d4ad70cdfe6f4976053fe48ab394
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@a669cc5936cc5e1b6a362ec1ff9e410dc570d190
uses: github/codeql-action/analyze@959cbb7472c4d4ad70cdfe6f4976053fe48ab394

View file

@ -51,6 +51,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@a669cc5936cc5e1b6a362ec1ff9e410dc570d190
uses: github/codeql-action/upload-sarif@959cbb7472c4d4ad70cdfe6f4976053fe48ab394
with:
sarif_file: results.sarif

View file

@ -29,6 +29,6 @@ jobs:
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@a669cc5936cc5e1b6a362ec1ff9e410dc570d190 # v2.1.36
uses: github/codeql-action/upload-sarif@959cbb7472c4d4ad70cdfe6f4976053fe48ab394 # v2.1.37
with:
sarif_file: 'trivy-results.sarif'