diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index b31a4f0..8b41fa3 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -9,7 +9,7 @@ permissions: jobs: dependency-review: - uses: cuioss/cuioss-organization/.github/workflows/reusable-dependency-review.yml@71e589e53342c823c05a28bf7977675bc7dfcbb1 # v0.3.2 + uses: cuioss/cuioss-organization/.github/workflows/reusable-dependency-review.yml@d511175c0f6923f9de14c1c15830f2127b41e154 # v0.3.3 permissions: contents: read pull-requests: write diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index aa04a2c..465f233 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -16,7 +16,7 @@ jobs: # Run on push events, OR on pull_request only if from a fork # This prevents duplicate runs: push handles internal branches, PR handles forks if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name - uses: cuioss/cuioss-organization/.github/workflows/reusable-maven-build.yml@71e589e53342c823c05a28bf7977675bc7dfcbb1 # v0.3.2 + uses: cuioss/cuioss-organization/.github/workflows/reusable-maven-build.yml@d511175c0f6923f9de14c1c15830f2127b41e154 # v0.3.3 secrets: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} OSS_SONATYPE_USERNAME: ${{ secrets.OSS_SONATYPE_USERNAME }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index cb57462..1971ebe 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -12,7 +12,7 @@ permissions: jobs: analysis: - uses: cuioss/cuioss-organization/.github/workflows/reusable-scorecards.yml@71e589e53342c823c05a28bf7977675bc7dfcbb1 # v0.3.2 + uses: cuioss/cuioss-organization/.github/workflows/reusable-scorecards.yml@d511175c0f6923f9de14c1c15830f2127b41e154 # v0.3.3 permissions: security-events: write id-token: write