Skip to content

Commit 30240b5

Browse files
committed
ci: bump codeql-action to v4.37.0 and group future bumps
init/analyze must stay on the same codeql-action version or analyze rejects init's config; group them in dependabot.yml so bumps land together atomically instead of drifting across separate PRs.
1 parent ee4081b commit 30240b5

2 files changed

Lines changed: 9 additions & 2 deletions

File tree

.github/dependabot.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,5 +60,12 @@ updates:
6060
- "dependencies"
6161
- "no-release-notes"
6262
- "no-review"
63+
groups:
64+
# init and analyze must stay on the same codeql-action version, or analyze
65+
# rejects init's config with "Loaded a configuration file for version X,
66+
# but running version Y" (see PR #638, #651/#652).
67+
codeql-action:
68+
patterns:
69+
- "github/codeql-action*"
6370
cooldown:
6471
default-days: 2

.github/workflows/codecheck.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -76,7 +76,7 @@ jobs:
7676

7777
# Initializes the CodeQL tools for scanning.
7878
- name: Initialize CodeQL
79-
uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3
79+
uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0
8080
with:
8181
languages: ${{ matrix.language }}
8282
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -85,4 +85,4 @@ jobs:
8585
# queries: ./path/to/local/query, your-org/your-repo/queries@main
8686
- run: ./gradlew -x test assembleReleaseJar
8787
- name: Perform CodeQL Analysis
88-
uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3
88+
uses: github/codeql-action/analyze@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0

0 commit comments

Comments
 (0)