From a1642fb968ee8ba6edd65113bd68e3f396500dae Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Wed, 25 Sep 2024 01:17:46 +0000 Subject: [PATCH] chore(deps): update workflows --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/publish-to-pypi.yaml | 2 +- .github/workflows/scorecards.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index c5fb6945f32..909678055e0 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -43,7 +43,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/autobuild@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 diff --git a/.github/workflows/publish-to-pypi.yaml b/.github/workflows/publish-to-pypi.yaml index 67ca3c5523e..5ec3d905462 100644 --- a/.github/workflows/publish-to-pypi.yaml +++ b/.github/workflows/publish-to-pypi.yaml @@ -44,7 +44,7 @@ jobs: build --sdist --wheel --outdir dist/ . - name: Publish distribution to PyPI - uses: pypa/gh-action-pypi-publish@0ab0b79471669eb3a4d647e625009c62f9f3b241 # v1.10.1 + uses: pypa/gh-action-pypi-publish@897895f1e160c830e369f9779632ebc134688e1b # v1.10.2 with: password: ${{ secrets.PYPI_API_TOKEN }} packages_dir: dist/ diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index a6c0a902d9c..459d2b6dab0 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -50,6 +50,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@2fe1a3da42c8b4f96ced91264bda7407d8c65539 # v2.26.7 + uses: github/codeql-action/upload-sarif@d97ba04b39135f37e9d60c84a6995bb18b7ac328 # v2.26.9 with: sarif_file: results.sarif