@@ -46,18 +46,18 @@ jobs:
4646
4747 steps :
4848
49- - name : Set up JDK
50- uses : actions/setup-java@v3
49+ - name : Checkout repository
50+ uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
51+
52+ - name : Set up JDK 17
53+ uses : actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # 4.6.0
5154 with :
52- distribution : ' temurin'
5355 java-version : ' 17'
54-
55- - name : Checkout repository
56- uses : actions/checkout@v3
56+ distribution : ' temurin'
5757
5858 # Initializes the CodeQL tools for scanning.
5959 - name : Initialize CodeQL
60- uses : github/codeql-action/init@v2
60+ uses : github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # 3.28.0
6161 with :
6262 languages : ${{ matrix.language }}
6363 # If you wish to specify custom queries, you can do so here or in a config file.
7171 # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
7272 # If this step fails, then you should remove it and run the build manually (see below)
7373 - name : Autobuild
74- uses : github/codeql-action/autobuild@v2
74+ uses : github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # 3.28.0
7575
7676 # ℹ️ Command-line programs to run using the OS shell.
7777 # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
8484 # ./location_of_script_within_repo/buildscript.sh
8585
8686 - name : Perform CodeQL Analysis
87- uses : github/codeql-action/analyze@v2
87+ uses : github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # 3.28.0
8888 with :
8989 category : " /language:${{matrix.language}}"
0 commit comments