Skip to content
POP - poutine on poutine

build(deps): bump github/codeql-action from 3.25.15 to 3.26.10 (#215) #98

Sign in to view logs

build(deps): bump github/codeql-action from 3.25.15 to 3.26.10 (#215)

build(deps): bump github/codeql-action from 3.25.15 to 3.26.10 (#215) #98

Workflow file for this run

.github/workflows/pop.yml at e8f1c9f
name: POP - poutine on poutine
on:
push:
branches: [ main ]
paths:
- .github/workflows/**
- action.yml
pull_request:
branches: [ main ]
paths:
- .github/workflows/**
- action.yml
- '!README.md'
- '!LICENSE'
- '!docs/**'
- '!.github/**'
permissions: {}
jobs:
pop:
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
steps:
- uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
disable-sudo: true
egress-policy: audit
allowed-endpoints: >
github.com:443
api.github.com:443
codeload.github.com:443
objects.githubusercontent.com:443
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: boostsecurityio/poutine-action@main # Dogfood the latest action
name: "Run poutine on poutine's own codebase"
id: self-test
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
with:
sarif_file: results.sarif