Update codeql.yml (#1451)

Give up pinning deps with commit IDs because PRs were unreviewable due to missing changelog and it sends PRs for every commit to the master/main branch of the deps, which is undesired. We only need updates for tagged releases!
2022-05-16 08:59:29 +09:00 · 2022-05-16 08:59:29 +09:00 · f1caebbaf0
parent ede28f5046
commit f1caebbaf0
1 changed files with 4 additions and 4 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -15,12 +15,12 @@ jobs:
      security-events: write
    steps:
      - name: Checkout repository
-        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+        uses: actions/checkout@v3.0.2
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@32c89b94fd7eb71067f3bf2afd2bfc85efa4a880
+        uses: github/codeql-action/init@v2.1.10
        with:
          languages: go
      - name: Autobuild
-        uses: github/codeql-action/autobuild@32c89b94fd7eb71067f3bf2afd2bfc85efa4a880
+        uses: github/codeql-action/autobuild@v2.1.10
      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@32c89b94fd7eb71067f3bf2afd2bfc85efa4a880
+        uses: github/codeql-action/analyze@v2.1.10