diff options
Diffstat (limited to '.github')
-rw-r--r-- | .github/workflows/codeql-analysis.yml | 4 | ||||
-rw-r--r-- | .github/workflows/dependabot_automerge.yml | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b7ddb928dc..2087052cc7 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -82,7 +82,7 @@ jobs: output: sarif-results - name: filter-sarif - uses: advanced-security/filter-sarif@v1 + uses: advanced-security/filter-sarif@eac3ea6a5e1270952681bf7287598a6cd1a4d49d # v1.0 with: patterns: | +**/*.rb @@ -98,6 +98,6 @@ jobs: if: ${{ matrix.language == 'ruby' }} - name: Upload SARIF - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@32dc499307d133bb5085bae78498c0ac2cf762d5 # v2.2.5 with: sarif_file: sarif-results/${{ matrix.language }}.sarif diff --git a/.github/workflows/dependabot_automerge.yml b/.github/workflows/dependabot_automerge.yml index 1247f32538..4754b3c9fe 100644 --- a/.github/workflows/dependabot_automerge.yml +++ b/.github/workflows/dependabot_automerge.yml @@ -9,10 +9,10 @@ jobs: if: ${{ github.actor == 'dependabot[bot]' }} steps: - name: Dependabot metadata - uses: dependabot/fetch-metadata@v1 + uses: dependabot/fetch-metadata@4de7a6c08ce727a42e0adbbdc345f761a01240ce # v1.3.6 id: metadata - name: Wait for status checks - uses: lewagon/wait-on-check-action@v1.3.1 + uses: lewagon/wait-on-check-action@e106e5c43e8ca1edea6383a39a01c5ca495fd812 # v1.3.1 with: repo-token: ${{ secrets.MATZBOT_GITHUB_TOKEN }} ref: ${{ github.event.pull_request.head.sha || github.sha }} |