87a391363e
* Upgrade GitHub actions & pin to commit hash The only exception is `google/oss-fuzz` which does not seem to have releases or Git tags, so pinning might not make sense there. Also adds `actions/setup-java` to the `codeql-analysis` workflow to explicitly specify the JDK version to use (and to use the caching of that action) instead of relying on the default JDK of the runner image. * Enable Dependabot for GitHub actions --------- Co-authored-by: Éamonn McManus <emcmanus@google.com> |
||
---|---|---|
.. | ||
ISSUE_TEMPLATE | ||
workflows | ||
dependabot.yml | ||
pull_request_template.md |