Skip to content

Commit 8e4fff0

Browse files
committed
build(deps): sync github/codeql-action pins to v4.36.3
init, autobuild and analyze were pinned to mismatched SHAs, causing CodeQL "Loaded a configuration file for version X, but running version Y" configuration errors on main and on every Dependabot bump PR. Pin all sub-actions to the same release.
1 parent b245dde commit 8e4fff0

1 file changed

Lines changed: 3 additions & 3 deletions

File tree

.github/workflows/codeql.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -38,14 +38,14 @@ jobs:
3838
uses: 'actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0' # v7.0.0
3939

4040
- name: 'Initialize CodeQL'
41-
uses: 'github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a' # v4
41+
uses: 'github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a' # v4.36.3
4242
with:
4343
languages: '${{ matrix.language }}'
4444

4545
- name: 'Autobuild'
46-
uses: 'github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e' # v4
46+
uses: 'github/codeql-action/autobuild@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a' # v4.36.3
4747

4848
- name: 'Perform CodeQL Analysis'
49-
uses: 'github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e' # v4
49+
uses: 'github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a' # v4.36.3
5050
with:
5151
category: '/language:${{ matrix.language }}'

0 commit comments

Comments
 (0)