projectcapsule · oliverbaehler · Dec 5, 2024 · Dec 4, 2024
diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
@@ -31,7 +31,7 @@ jobs:
         with:
           args:  '-no-fail -fmt sarif -out gosec.sarif ./...'
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@c4fb451437765abf5018c6fbf22cce1a7da1e5cc
+        uses: github/codeql-action/upload-sarif@3096afedf9873361b2b2f65e1445b13272c83eb8
         with:
           sarif_file: gosec.sarif
 
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -37,6 +37,6 @@ jobs:
           path: results.sarif
           retention-days: 5
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@c4fb451437765abf5018c6fbf22cce1a7da1e5cc # v2.13.4
+        uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4
         with:
           sarif_file: results.sarif