mirror of
https://github.com/pi-hole/FTL.git
synced 2026-07-08 10:33:49 +01:00
Pin github actions to SHA
Signed-off-by: yubiuser <github@yubiuser.dev>
This commit is contained in:
@@ -58,7 +58,7 @@ jobs:
|
||||
# your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0
|
||||
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
@@ -85,7 +85,7 @@ jobs:
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v3
|
||||
uses: github/codeql-action/init@96f518a34f7a870018057716cc4d7a5c014bd61c #v3.29.10
|
||||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
build-mode: ${{ matrix.build-mode }}
|
||||
@@ -108,14 +108,14 @@ jobs:
|
||||
./build.sh
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v3
|
||||
uses: github/codeql-action/analyze@96f518a34f7a870018057716cc4d7a5c014bd61c #v3.29.10
|
||||
with:
|
||||
category: "/language:${{matrix.language}}"
|
||||
upload: failure-only # upload only in case of failure, otherwise upload later after filtering
|
||||
output: codeql-results
|
||||
|
||||
- name: Filter SARIF
|
||||
uses: advanced-security/filter-sarif@v1
|
||||
uses: advanced-security/filter-sarif@bc96d9fb9338c5b48cc440b1b4d0a350b26a20db #v1.0.0
|
||||
with:
|
||||
# filter out third-party dependencies
|
||||
patterns: |
|
||||
@@ -134,13 +134,13 @@ jobs:
|
||||
output: codeql-results/cpp.sarif
|
||||
|
||||
- name: Upload SARIF
|
||||
uses: github/codeql-action/upload-sarif@v3
|
||||
uses: github/codeql-action/upload-sarif@96f518a34f7a870018057716cc4d7a5c014bd61c #v3.29.10
|
||||
with:
|
||||
sarif_file: codeql-results/cpp.sarif
|
||||
|
||||
- name: Upload CodeQL results as an artifact
|
||||
if: success() || failure()
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2
|
||||
with:
|
||||
name: codeql-results
|
||||
path: codeql-results
|
||||
|
||||
Reference in New Issue
Block a user