diff --git a/.github/workflows/blackduck.yml b/.github/workflows/blackduck.yml index b78bf09..d3b7351 100644 --- a/.github/workflows/blackduck.yml +++ b/.github/workflows/blackduck.yml @@ -26,7 +26,7 @@ jobs: - name: Checkout uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - name: Scan With Black Duck - uses: cap-java/.github/actions/scan-with-blackduck@296573b55e906f5c77a1855bcfe4285cbbc5cac4 # main + uses: cap-java/.github/actions/scan-with-blackduck@5fc795c5049bb4d49e957346df2e5d6d7c0c23b9 # main with: blackduck_token: ${{ secrets.BLACK_DUCK_TOKEN }} github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4516433..62780c5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -28,7 +28,7 @@ jobs: java-version: ${{ matrix.java-version }} maven-version: ${{ env.MAVEN_VERSION }} - name: Sonar Scan - uses: cap-java/.github/actions/scan-with-sonar@296573b55e906f5c77a1855bcfe4285cbbc5cac4 # main + uses: cap-java/.github/actions/scan-with-sonar@5fc795c5049bb4d49e957346df2e5d6d7c0c23b9 # main if: matrix.java-version == '21.0.9' with: java-version: 21 @@ -39,7 +39,7 @@ jobs: coverage-report-path: cds-feature-console/target/site/jacoco/jacoco.xml build-script: mvn verify -B -ntp - name: CodeQL Scan - uses: cap-java/.github/actions/scan-with-codeql@296573b55e906f5c77a1855bcfe4285cbbc5cac4 # main + uses: cap-java/.github/actions/scan-with-codeql@5fc795c5049bb4d49e957346df2e5d6d7c0c23b9 # main if: matrix.java-version == '21.0.9' with: java-version: 21