@@ -51,13 +51,13 @@ jobs:
5151 set -e
5252 echo "exit_code=$GITLEAKS_EXIT" >> "$GITHUB_OUTPUT"
5353 exit 0
54- - uses : actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 .0.0
54+ - uses : actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 .0.0
5555 if : always()
5656 with :
5757 name : gitleaks.sarif
5858 path : gitleaks-report_sarif.json
5959 if-no-files-found : error
60- - uses : github/codeql-action/upload-sarif@74c8748a6f2dada2c01b25ae170d7858ac90f4af # v4.32.2
60+ - uses : github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
6161 continue-on-error : true
6262 with :
6363 sarif_file : gitleaks-report_sarif.json
7575 - uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
7676 - run : |
7777 echo "bandit[sarif]==1.9.3" > requirements.txt
78- - uses : actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1 .0
78+ - uses : actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2 .0
7979 with :
8080 python-version : ' 3.x'
8181 cache : ' pip'
@@ -90,13 +90,13 @@ jobs:
9090 set -e
9191 echo "exit_code=$BANDIT_EXIT" >> "$GITHUB_OUTPUT"
9292 exit 0
93- - uses : actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 .0.0
93+ - uses : actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 .0.0
9494 if : always()
9595 with :
9696 name : bandit.sarif
9797 path : bandit-report_sarif.json
9898 if-no-files-found : error
99- - uses : github/codeql-action/upload-sarif@74c8748a6f2dada2c01b25ae170d7858ac90f4af # v4.32.2
99+ - uses : github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
100100 continue-on-error : true
101101 with :
102102 sarif_file : bandit-report_sarif.json
@@ -124,13 +124,13 @@ jobs:
124124 set -e
125125 echo "exit_code=$GRYPE_EXIT" >> "$GITHUB_OUTPUT"
126126 exit 0
127- - uses : actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 .0.0
127+ - uses : actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 .0.0
128128 if : always()
129129 with :
130130 name : grype.sarif
131131 path : grype-report_sarif.json
132132 if-no-files-found : error
133- - uses : github/codeql-action/upload-sarif@74c8748a6f2dada2c01b25ae170d7858ac90f4af # v4.32.2
133+ - uses : github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
134134 continue-on-error : true
135135 with :
136136 sarif_file : grype-report_sarif.json
@@ -148,7 +148,7 @@ jobs:
148148 - uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
149149 - run : |
150150 echo "checkov==3.2.500" > requirements.txt
151- - uses : actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1 .0
151+ - uses : actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2 .0
152152 with :
153153 python-version : ' 3.x'
154154 cache : ' pip'
@@ -164,14 +164,14 @@ jobs:
164164 set -e
165165 echo "exit_code=$CHECKOV_EXIT" >> "$GITHUB_OUTPUT"
166166 exit 0
167- - uses : actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 .0.0
167+ - uses : actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 .0.0
168168 if : always()
169169 with :
170170 name : checkov.sarif
171171 path : checkov-report_sarif.json
172172 if-no-files-found : error
173173 - name : Upload SARIF file
174- uses : github/codeql-action/upload-sarif@74c8748a6f2dada2c01b25ae170d7858ac90f4af # v4.32.2
174+ uses : github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
175175 continue-on-error : true
176176 with :
177177 sarif_file : checkov-report_sarif.json
@@ -191,7 +191,7 @@ jobs:
191191 fetch-depth : 0 # Required for baseline comparison
192192 - run : |
193193 echo "semgrep==1.151.0" > requirements.txt
194- - uses : actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1 .0
194+ - uses : actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2 .0
195195 with :
196196 python-version : ' 3.x'
197197 cache : ' pip'
@@ -283,12 +283,12 @@ jobs:
283283 else . end
284284 ]
285285 ' semgrep-report_sarif.json > semgrep.sarif.tmp.json && mv semgrep.sarif.tmp.json semgrep-report_sarif.json
286- - uses : actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 .0.0
286+ - uses : actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 .0.0
287287 with :
288288 name : semgrep.sarif
289289 path : semgrep-report_sarif.json
290290 if-no-files-found : error
291- - uses : github/codeql-action/upload-sarif@74c8748a6f2dada2c01b25ae170d7858ac90f4af # v4.32.2
291+ - uses : github/codeql-action/upload-sarif@8ad4b6ec58178e8dbb44a62677274b3a5916baa9 # v4.32.2
292292 continue-on-error : true
293293 with :
294294 sarif_file : semgrep-report_sarif.json
@@ -328,7 +328,7 @@ jobs:
328328 clamdscan --version
329329 - run : |
330330 clamdscan --verbose --log=clamdscan.txt --stream --fdpass --multiscan .
331- - uses : actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 .0.0
331+ - uses : actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 .0.0
332332 if : always()
333333 with :
334334 name : clamdscan.txt
@@ -429,7 +429,7 @@ jobs:
429429 --url 'http://localhost:9000/api/issues/search?componentKeys=my-project&ps=500&p=1' \
430430 --header 'Authorization: Bearer ${{ env.SONAR_TOKEN }}' | tee sonar-issues.json | jq || exit 1
431431
432- - uses : actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5 .0.0
432+ - uses : actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 .0.0
433433 if : always()
434434 with :
435435 name : sonar-issues.json
0 commit comments