Update codeql.yml (#1451)
Give up pinning deps with commit IDs because PRs were unreviewable due to missing changelog and it sends PRs for every commit to the master/main branch of the deps, which is undesired. We only need updates for tagged releases!
This commit is contained in:
Yusuke Kuoka
GitHub
parent
ede28f5046
commit
f1caebbaf0
|
|
@ -15,12 +15,12 @@ jobs:
|
||||||
security-events: write
|
security-events: write
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
|
uses: actions/checkout@v3.0.2
|
||||||
- name: Initialize CodeQL
|
- name: Initialize CodeQL
|
||||||
uses: github/codeql-action/init@32c89b94fd7eb71067f3bf2afd2bfc85efa4a880
|
uses: github/codeql-action/init@v2.1.10
|
||||||
with:
|
with:
|
||||||
languages: go
|
languages: go
|
||||||
- name: Autobuild
|
- name: Autobuild
|
||||||
uses: github/codeql-action/autobuild@32c89b94fd7eb71067f3bf2afd2bfc85efa4a880
|
uses: github/codeql-action/autobuild@v2.1.10
|
||||||
- name: Perform CodeQL Analysis
|
- name: Perform CodeQL Analysis
|
||||||
uses: github/codeql-action/analyze@32c89b94fd7eb71067f3bf2afd2bfc85efa4a880
|
uses: github/codeql-action/analyze@v2.1.10
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue