Approved Github Actions updated

Ed-Fi-Alliance-OSS · Feb 4, 2025 · c7e2ce0 · c7e2ce0
1 parent b8eb7e1
commit c7e2ce0
Show file tree

Hide file tree

Showing 5 changed files with 6 additions and 6 deletions.
diff --git a/.github/workflows/CodeQL Security Scan.yml b/.github/workflows/CodeQL Security Scan.yml
@@ -43,7 +43,7 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@df32e399139a3050671466d7d9b3cbacc1cfd034 # codeql-bundle-v2.15.2
+        uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169  # v3.28.0
         with:
           languages: 'csharp'
       - name: Checkout Ed-Fi-ODS-Implementation
@@ -96,4 +96,4 @@ jobs:
         run: |
              .\build.githubactions.ps1 build -Configuration ${{ env.CONFIGURATION }} -InformationalVersion ${{ env.INFORMATIONAL_VERSION}} -BuildCounter ${{ github.run_number }} -BuildIncrementer ${{env.BUILD_INCREMENTER}}  -Solution "$env:GITHUB_WORKSPACE/Ed-Fi-ODS-Implementation/Application/Ed-Fi-Ods.sln" -StandardVersion ${{ matrix.StandardVersion }}
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@df32e399139a3050671466d7d9b3cbacc1cfd034  # codeql-bundle-v2.15.2
+        uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169  # v3.28.0
diff --git a/.github/workflows/Dependencies Security Scan.yml b/.github/workflows/Dependencies Security Scan.yml
@@ -47,4 +47,4 @@ jobs:
         run: |
              .\build.githubactions.ps1 CheckoutBranch -RelativeRepoPath "."
       - name: Dependency Review ("Dependabot on PR")
-        uses: actions/dependency-review-action@11310527b429536e263dc6cc47873e608189ba21  # v3.0.1
+        uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019  # v4.5.0
diff --git a/.github/workflows/Pkg EdFi.Database.Admin.yml b/.github/workflows/Pkg EdFi.Database.Admin.yml
@@ -95,7 +95,7 @@ jobs:
           $PSVersionTable
           . $env:GITHUB_WORKSPACE/Ed-Fi-ODS-Implementation/logistics/scripts/activities/build/create-database-package.ps1 -Output NugetPackages -DatabaseType Admin -ExtensionVersion ${{ matrix.ExtensionVersion }} -StandardVersion ${{ matrix.StandardVersion }} -SQLPackage "C:\ProgramData\chocolatey\lib\sqlpackage\tools"
     - name: Use NuGet
-      uses: nuget/setup-nuget@b2bc17b761a1d88cab755a776c7922eb26eefbfa # v1
+      uses: nuget/setup-nuget@323ab0502cd38fdc493335025a96c8fdb0edc71f # v2.0.1
       with:
         nuget-version: '5.x'
     - name: Create NuGet package

diff --git a/.github/workflows/Pkg EdFi.Database.Security.yml b/.github/workflows/Pkg EdFi.Database.Security.yml
@@ -95,7 +95,7 @@ jobs:
           $PSVersionTable
           . $env:GITHUB_WORKSPACE/Ed-Fi-ODS-Implementation/logistics/scripts/activities/build/create-database-package.ps1 -Output NugetPackages -DatabaseType Security -ExtensionVersion ${{ matrix.ExtensionVersion }} -StandardVersion ${{ matrix.StandardVersion }} -SQLPackage "C:\ProgramData\chocolatey\lib\sqlpackage\tools"
     - name: Use NuGet
-      uses: nuget/setup-nuget@b2bc17b761a1d88cab755a776c7922eb26eefbfa # v1
+      uses: nuget/setup-nuget@323ab0502cd38fdc493335025a96c8fdb0edc71f # v2.0.1
       with:
         nuget-version: '5.x'
     - name: Create NuGet package

diff --git a/.github/workflows/Scorecard supply-chain security.yml b/.github/workflows/Scorecard supply-chain security.yml
@@ -61,6 +61,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@cf7e9f23492505046de9a37830c3711dd0f25bb3 # codeql-bundle-v2.16.2
+        uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 #v3.28.0
         with:
           sarif_file: scorecard.sarif