From 9e237b13b3aa4a1efe00b5953890b68679cd3c77 Mon Sep 17 00:00:00 2001
From: Bob Callaway <bobcallaway@users.noreply.github.com>
Date: Mon, 24 Jan 2022 10:56:53 -0500
Subject: [PATCH] update version comments since dependabot doesn't do it (#617)
Signed-off-by: Bob Callaway <bob.callaway@gmail.com>
---
.github/workflows/build.yml | 2 +-
.github/workflows/codeql-analysis.yml | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index aed0637..de8c054 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -52,7 +52,7 @@ jobs:
version: v0.9.3
- name: Set up Cloud SDK
- uses: google-github-actions/auth@7a360a247cce1245c1d13bc63d8b2ac927d201c8 #v0.4.4
+ uses: google-github-actions/auth@7a360a247cce1245c1d13bc63d8b2ac927d201c8 #v0.5.0
with:
workload_identity_provider: 'projects/498091336538/locations/global/workloadIdentityPools/githubactions/providers/sigstore-rekor'
service_account: 'github-actions-rekor@projectsigstore.iam.gserviceaccount.com'
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index c502fab..6193742 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -39,12 +39,12 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@384cfc42b2131df01c009d3d2eed7b78d8e8556e #v1.0.28
+ uses: github/codeql-action/init@384cfc42b2131df01c009d3d2eed7b78d8e8556e #v1.0.29
with:
languages: ${{ matrix.language }}
- name: Autobuild
- uses: github/codeql-action/autobuild@384cfc42b2131df01c009d3d2eed7b78d8e8556e #v1.0.28
+ uses: github/codeql-action/autobuild@384cfc42b2131df01c009d3d2eed7b78d8e8556e #v1.0.29
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@384cfc42b2131df01c009d3d2eed7b78d8e8556e #v1.0.28
+ uses: github/codeql-action/analyze@384cfc42b2131df01c009d3d2eed7b78d8e8556e #v1.0.29
--
GitLab