From ede539dbadc855ce176faf3f54bf8ec470872041 Mon Sep 17 00:00:00 2001 From: Teodor Calin Date: Tue, 7 Jul 2026 23:21:55 +0300 Subject: [PATCH] =?UTF-8?q?ci:=20float=20codeql-action=20on=20@v4=20?= =?UTF-8?q?=E2=80=94=20SHA=20pin=20skews=20against=20the=20runner's=20Code?= =?UTF-8?q?QL=20bundle?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The scheduled security workflow has been failing intermittently since 2026-07-03 with 'Loaded a configuration file for version 4.36.2, but running version 4.36.3' — the pinned action downloads a config that the runner's newer preinstalled bundle rejects. Sibling repos (common, trustedagents) float on @v4 and don't skew. Co-Authored-By: Claude Fable 5 --- .github/workflows/security.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 804782d..805609f 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -34,7 +34,7 @@ jobs: cache: true - name: Initialize CodeQL - uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/init@v4 with: languages: go queries: security-and-quality @@ -45,7 +45,7 @@ jobs: run: go build ./... - name: Analyze - uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/analyze@v4 with: category: /language:go