You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by gi...@apache.org on 2023/12/08 17:53:29 UTC
(commons-exec) branch dependabot/github_actions/github/codeql-action-2.22.9 created (now 5889cd4)
This is an automated email from the ASF dual-hosted git repository.
github-bot pushed a change to branch dependabot/github_actions/github/codeql-action-2.22.9
in repository https://gitbox.apache.org/repos/asf/commons-exec.git
at 5889cd4 Bump github/codeql-action from 2.22.8 to 2.22.9
This branch includes the following new commits:
new 5889cd4 Bump github/codeql-action from 2.22.8 to 2.22.9
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
(commons-exec) 01/01: Bump github/codeql-action from 2.22.8 to 2.22.9
Posted by gi...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
github-bot pushed a commit to branch dependabot/github_actions/github/codeql-action-2.22.9
in repository https://gitbox.apache.org/repos/asf/commons-exec.git
commit 5889cd494022e6d2297d7cbb70e1dd6ac0b7a402
Author: dependabot[bot] <49...@users.noreply.github.com>
AuthorDate: Fri Dec 8 17:53:25 2023 +0000
Bump github/codeql-action from 2.22.8 to 2.22.9
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.8 to 2.22.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/407ffafae6a767df3e0230c3df91b6443ae8df75...c0d1daa7f7e14667747d73a7dbbe8c074bc8bfe2)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <su...@github.com>
---
.github/workflows/codeql-analysis.yml | 6 +++---
.github/workflows/scorecards-analysis.yml | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 5ed6d2b..8721358 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -57,7 +57,7 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
+ uses: github/codeql-action/init@c0d1daa7f7e14667747d73a7dbbe8c074bc8bfe2 # v2.22.9
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -68,7 +68,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
- uses: github/codeql-action/autobuild@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
+ uses: github/codeql-action/autobuild@c0d1daa7f7e14667747d73a7dbbe8c074bc8bfe2 # v2.22.9
# âšī¸ Command-line programs to run using the OS shell.
# đ https://git.io/JvXDl
@@ -82,4 +82,4 @@ jobs:
# make release
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
+ uses: github/codeql-action/analyze@c0d1daa7f7e14667747d73a7dbbe8c074bc8bfe2 # v2.22.9
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
index 00ac705..2117301 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -64,6 +64,6 @@ jobs:
retention-days: 5
- name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # 2.22.8
+ uses: github/codeql-action/upload-sarif@c0d1daa7f7e14667747d73a7dbbe8c074bc8bfe2 # 2.22.9
with:
sarif_file: results.sarif