diff --git a/.github/workflows/analyze-changes.yaml b/.github/workflows/analyze-changes.yaml index 7dc19f6332f..21c6836ee6f 100644 --- a/.github/workflows/analyze-changes.yaml +++ b/.github/workflows/analyze-changes.yaml @@ -40,7 +40,7 @@ jobs: ${{ runner.os }}-gradle- - name: Initialize CodeQL - uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 + uses: github/codeql-action/init@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 with: languages: 'java' build-mode: 'manual' @@ -57,7 +57,7 @@ jobs: --build-cache --parallel --stacktrace --no-daemon --max-workers=4 - name: Perform CodeQL Analysis and upload results to GitHub Security tab - uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 + uses: github/codeql-action/analyze@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 trivy: name: Analyze changes with Trivy @@ -120,7 +120,7 @@ jobs: TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 + uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 if: always() with: sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/check-ci-pipelines.yml b/.github/workflows/check-ci-pipelines.yml index 2a72ca48fc1..670ab55a98e 100644 --- a/.github/workflows/check-ci-pipelines.yml +++ b/.github/workflows/check-ci-pipelines.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Run Ensure CI Success - uses: DataDog/ensure-ci-success@f40e6ffd8e60280d478b9b92209aaa30d3d56895 + uses: DataDog/ensure-ci-success@727e7fe39ae2e1ce7ea336ec85a7369ab0731754 with: initial-delay-seconds: "1000" max-retries: "60"