jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-03 06:04:16 -05:00
Code Issues Projects Releases Wiki Activity

Check that actions specify hashes instead of allowlist (#24042)

Browse Source 
* Check that actions specify hashes instead of allowlist

* Fixes for unhashed version

* Update actions-workflows.js
This commit is contained in:
Kevin Heis
2022-01-04 09:43:40 -08:00
committed by GitHub
parent d5c3731634
commit 55ee70e06b
3 changed files with 7 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/codeql.yml vendored
View File

@@ -31,8 +31,8 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- uses: github/codeql-action/init@v1
- uses: github/codeql-action/init@5f532563584d71fdef14ee64d17bafb34f751ce5
with:
languages: javascript # comma separated list of values from {go, python, javascript, java, cpp, csharp} (not YET ruby, sorry!)
- uses: github/codeql-action/analyze@v1
- uses: github/codeql-action/analyze@5f532563584d71fdef14ee64d17bafb34f751ce5
continue-on-error: true