Skip to content

build(deps): bump github/codeql-action from 3.25.11 to 3.25.15 (#181) #90

build(deps): bump github/codeql-action from 3.25.11 to 3.25.15 (#181)

build(deps): bump github/codeql-action from 3.25.11 to 3.25.15 (#181) #90

Workflow file for this run

name: POP - poutine on poutine
on:
push:
branches: [ main ]
paths:
- .github/workflows/**
- action.yml
pull_request:
branches: [ main ]
paths:
- .github/workflows/**
- action.yml
- '!README.md'
- '!LICENSE'
- '!docs/**'
- '!.github/**'
permissions: {}
jobs:
pop:
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
steps:
- uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: audit
allowed-endpoints: >
github.com:443
api.github.com:443
codeload.github.com:443
objects.githubusercontent.com:443
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: boostsecurityio/poutine-action@main # Dogfood the latest action
name: "Run poutine on poutine's own codebase"
id: self-test
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
with:
sarif_file: results.sarif