diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 4a48868..a8602fe 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -9,7 +9,7 @@ permissions: jobs: dependency-review: - uses: cuioss/cuioss-organization/.github/workflows/reusable-dependency-review.yml@3f9cd7e3bb36442219efdc7d0e79aea15881dc78 # v0.2.7 + uses: cuioss/cuioss-organization/.github/workflows/reusable-dependency-review.yml@d38bc3643f0d0faa34ece1c2d854cf97f9a0abd4 # v0.2.8 permissions: contents: read pull-requests: write diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index c3f1d7b..f3921c3 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -16,7 +16,7 @@ jobs: # Run on push events, OR on pull_request only if from a fork # This prevents duplicate runs: push handles internal branches, PR handles forks if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name - uses: cuioss/cuioss-organization/.github/workflows/reusable-maven-build.yml@3f9cd7e3bb36442219efdc7d0e79aea15881dc78 # v0.2.7 + uses: cuioss/cuioss-organization/.github/workflows/reusable-maven-build.yml@d38bc3643f0d0faa34ece1c2d854cf97f9a0abd4 # v0.2.8 secrets: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} OSS_SONATYPE_USERNAME: ${{ secrets.OSS_SONATYPE_USERNAME }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index cfa5361..d19baca 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -12,7 +12,7 @@ permissions: jobs: analysis: - uses: cuioss/cuioss-organization/.github/workflows/reusable-scorecards.yml@3f9cd7e3bb36442219efdc7d0e79aea15881dc78 # v0.2.7 + uses: cuioss/cuioss-organization/.github/workflows/reusable-scorecards.yml@d38bc3643f0d0faa34ece1c2d854cf97f9a0abd4 # v0.2.8 permissions: security-events: write id-token: write