🔄 synced local '.github/workflows/' with remote 'config/workflows/'

Signed-off-by: nextcloud-android-bot <[email protected]>
nextcloud · Jun 15, 2023 · b21c0c5 · b21c0c5
1 parent 6827b32
commit b21c0c5
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 7 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -15,7 +15,7 @@ permissions:
 jobs:
   analyze:
     name: Analyze
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     permissions:
       actions: read
       contents: read
@@ -26,13 +26,13 @@ jobs:
         language: [ 'java' ]
     steps:
       - name: Checkout repository
-        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
       - name: Set Swap Space
         uses: pierotofy/set-swap-space@49819abfb41bd9b44fb781159c033dba90353a7c # v1.0
         with:
           swap-size-gb: 10
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6
+        uses: github/codeql-action/init@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e # v2.20.0
         with:
           languages: ${{ matrix.language }}
       - name: Set up JDK 17
@@ -46,4 +46,4 @@ jobs:
           echo "org.gradle.jvmargs=-Xmx2g -XX:MaxMetaspaceSize=512m -XX:+HeapDumpOnOutOfMemoryError" > "$HOME/.gradle/gradle.properties"
           ./gradlew assembleDebug
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6
+        uses: github/codeql-action/analyze@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e # v2.20.0
diff --git a/.github/workflows/detectNewJavaFiles.yml b/.github/workflows/detectNewJavaFiles.yml
@@ -7,6 +7,10 @@ on:
 
 permissions: read-all
 
+concurrency:
+  group: detect-new-java-files-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
 jobs:
   detectNewJavaFiles:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml
@@ -9,10 +9,14 @@ on:
 # Declare default permissions as read only.
 permissions: read-all
 
+concurrency: 
+  group: validate-gradle-wrapper-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
 jobs:
     validation:
         name: "Validation"
         runs-on: ubuntu-latest
         steps:
-            - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+            - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
             - uses: gradle/wrapper-validation-action@8d49e559aae34d3e0eb16cde532684bc9702762b # v1.0.6
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -10,6 +10,10 @@ on:
 # Declare default permissions as read only.
 permissions: read-all
 
+concurrency: 
+  group: scorecard-supply-chain-security-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
 jobs:
   analysis:
     name: Scorecard analysis
@@ -20,7 +24,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
         with:
           persist-credentials: false
 
@@ -33,6 +37,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6
+        uses: github/codeql-action/upload-sarif@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e # v2.20.0
         with:
           sarif_file: results.sarif