Use version range for CodeQL action (keycloak#23377)

pedroigor · Sep 20, 2023 · 48e4e97 · 48e4e97
1 parent 59160e5
commit 48e4e97
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -46,15 +46,15 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2.21.6
+        uses: github/codeql-action/init@v2
         with:
           languages: java
 
       - name: Build Keycloak
         uses: ./.github/actions/build-keycloak
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2.21.6
+        uses: github/codeql-action/analyze@v2
         with:
           wait-for-processing: true
         env:
@@ -72,15 +72,15 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2.21.6
+        uses: github/codeql-action/init@v2
         env:
           CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"finalize":["--no-run-unnecessary-builds"]}}'
         with:
           languages: javascript
           source-root: themes/src/main/
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2.21.6
+        uses: github/codeql-action/analyze@v2
         with:
           wait-for-processing: true
         env:

diff --git a/.github/workflows/snyk-analysis.yml b/.github/workflows/snyk-analysis.yml
@@ -27,7 +27,7 @@ jobs:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
 
       - name: Upload Quarkus scanner results to GitHub
-        uses: github/codeql-action/upload-sarif@v2.21.6
+        uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: quarkus-report.sarif
           category: snyk-quarkus-report
@@ -41,7 +41,7 @@ jobs:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
 
       - name: Upload Operator scanner results to GitHub
-        uses: github/codeql-action/upload-sarif@v2.21.6
+        uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: operator-report.sarif
           category: snyk-operator-report
diff --git a/.github/workflows/trivy-analysis.yml b/.github/workflows/trivy-analysis.yml
@@ -31,6 +31,6 @@ jobs:
           timeout: 15m
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2.21.6
+        uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: trivy-results.sarif