diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 9ff88ac..264af09 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -58,7 +58,7 @@ jobs: severity: 'CRITICAL,HIGH' - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: 'trivy-results.sarif' @@ -109,6 +109,6 @@ jobs: retention-days: 5 - name: Upload OSSF Scorecard scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: results.sarif