This is an automated email from the ASF dual-hosted git repository.
aherbert pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-geometry.git
The following commit(s) were added to refs/heads/master by this push:
new 672c7a4c Update CodeQL action v2 to v3 (use explicit version hashes)
672c7a4c is described below
commit 672c7a4c8432b4caac17956963e8f1ea1a691377
Author: Alex Herbert <aherb...@apache.org>
AuthorDate: Fri Mar 28 13:37:21 2025 +0000
Update CodeQL action v2 to v3 (use explicit version hashes)
---
.github/workflows/codeql-analysis.yml | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/.github/workflows/codeql-analysis.yml
b/.github/workflows/codeql-analysis.yml
index 43b48d97..89483e12 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -5,7 +5,7 @@
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
@@ -45,10 +45,10 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
with:
persist-credentials: false
- - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+ - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
@@ -57,7 +57,7 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@v2
+ uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841
# 3.28.13
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a
config file.
@@ -68,7 +68,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually
(see below)
- name: Autobuild
- uses: github/codeql-action/autobuild@v2
+ uses:
github/codeql-action/autobuild@1b549b9259bda1cb5ddde3b41741a82a2d15a841 #
3.28.13
# âšī¸ Command-line programs to run using the OS shell.
# đ https://git.io/JvXDl
@@ -82,4 +82,4 @@ jobs:
# make release
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v2
+ uses:
github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 #
3.28.13
