File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 3131 # starts. If you do not check out your code, Copilot will do this for you.
3232 steps :
3333 - name : Checkout code
34- uses : actions/checkout@v4
34+ uses : actions/checkout@v5
3535 with :
3636 submodules : true
3737
Original file line number Diff line number Diff line change 2222 ./scripts/create-coverage.py report --markdown > $GITHUB_STEP_SUMMARY
2323
2424 - name : " Upload Coverage Report"
25- uses : actions/upload-artifact@v4
25+ uses : actions/upload-artifact@v5
2626 with :
2727 name : coverage-report
2828 path : coverage.csv
Original file line number Diff line number Diff line change 1818
1919 steps :
2020 - uses : actions/checkout@v5
21- - uses : actions/labeler@v5
21+ - uses : actions/labeler@v6
2222 with :
2323 repo-token : " ${{ secrets.GITHUB_TOKEN }}"
2424
Original file line number Diff line number Diff line change 5757 submodules : true
5858
5959 - name : " Set up Rust"
60- uses : dtolnay/rust-toolchain@nightly
60+ uses : dtolnay/rust-toolchain@0c3131df9e5407c0c36352032d04af846dbe0fb7 # nightly
61+ if : ${{ matrix.os != 'windows-latest' }}
6162
6263 - name : " Build Extractor (Linux/macOS)"
6364 if : ${{ matrix.os != 'windows-latest' }}
7374 run : .\scripts\create-extractor-pack.ps1
7475
7576 - name : " Upload bundle artifact"
76- uses : actions/upload-artifact@v4
77+ uses : actions/upload-artifact@v5
7778 with :
7879 name : " extractor-bundle-${{ matrix.os }}"
7980 path : " ./extractor-pack"
9192 submodules : true
9293
9394 - name : " Download all artifacts"
94- uses : actions/download-artifact@v4
95+ uses : actions/download-artifact@v6
9596 with :
9697 path : " ./extractor-pack"
9798 merge-multiple : true
Original file line number Diff line number Diff line change 2323 uses : actions/checkout@v5
2424
2525 - name : " Patch Release Me"
26- uses : 42ByteLabs/patch-release-me@1a840ec5f538188590b75b19e1c300c7d036bcc8 # 0.6.2
26+ uses : 42ByteLabs/patch-release-me@840ec9cfe2170a5704f77ba721bddeb4eb52317a # 0.6.3
2727 with :
2828 mode : ${{ github.event.inputs.bump }}
2929
Original file line number Diff line number Diff line change 2020
2121 - name : Get Token
2222 id : get_workflow_token
23- uses : actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1
23+ uses : actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
2424 with :
2525 app-id : ${{ secrets.CODEQL_FIELD_BOT_ID }}
2626 private-key : ${{ secrets.CODEQL_FIELD_BOT_KEY }}
Original file line number Diff line number Diff line change @@ -51,11 +51,14 @@ jobs:
5151 - name: Initialize and Analyze IaC
5252 id: codeql_iac
5353 uses: advanced-security/codeql-extractor-iac@v0.5.1
54-
55- - name: Upload SARIF file
54+ # Uncomment if you want to show the tool name as CodeQL instead of CodeQL-IaC (NOTE: this may conflict with Default Setup)
55+ #with:
56+ # rewrite-sarif-tool-name: false
57+
58+ - name: "Upload SARIF file"
5659 uses: github/codeql-action/upload-sarif@v3
5760 with:
58- sarif_file: ${{ steps.codeql_iac.outputs.sarif }}
61+ sarif_file: ${{ steps.codeql_iac.outputs.sarif-results }}
5962` ` `
6063
6164# # CodeQL CLI
You can’t perform that action at this time.
0 commit comments