Skip to content

Commit 99bbc8f

Browse files
Bump github/codeql-action from 4.34.1 to 4.35.0 (#1035)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.34.1 to 4.35.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.35.0</h2> <ul> <li>Reduced the minimum Git version required for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> from 2.38.0 to 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/b8bb9f28b8d3f992092362369c57161b755dea45"><code>b8bb9f2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3776">#3776</a> from github/update-v4.35.0-0078ad667</li> <li><a href="https://github.com/github/codeql-action/commit/e9cf68bb3391a754f18e75e148d9fdb5bbb0c10e"><code>e9cf68b</code></a> Update changelog for v4.35.0</li> <li><a href="https://github.com/github/codeql-action/commit/0078ad667ef874aae3f7656634dc3654ce6ffb9a"><code>0078ad6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3773">#3773</a> from github/update-bundle/codeql-bundle-v2.25.1</li> <li><a href="https://github.com/github/codeql-action/commit/fa7a15b90916827b125d32ba043c0a19186d1aba"><code>fa7a15b</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/8c29faa7ab94eb85932a883fde8695e54444d731"><code>8c29faa</code></a> Update default bundle to codeql-bundle-v2.25.1</li> <li><a href="https://github.com/github/codeql-action/commit/f94817b9f0deeb3871261446912ae8f854d1b675"><code>f94817b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3772">#3772</a> from github/dependabot/npm_and_yarn/yaml-2.8.3</li> <li><a href="https://github.com/github/codeql-action/commit/dd060970a5fbc3345f99976ce49ec5c082062205"><code>dd06097</code></a> Bump yaml from 2.8.2 to 2.8.3</li> <li><a href="https://github.com/github/codeql-action/commit/5cc552f43e3a9ff0174c3f5ff48a65f65932165c"><code>5cc552f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3768">#3768</a> from github/dependabot/npm_and_yarn/npm-minor-3536e7...</li> <li><a href="https://github.com/github/codeql-action/commit/6b1a9f21316cab28a783572d1a21f9c64440e119"><code>6b1a9f2</code></a> Merge branch 'main' into dependabot/npm_and_yarn/npm-minor-3536e7c6f0</li> <li><a href="https://github.com/github/codeql-action/commit/9d3ec5727af849d875626d89231bc989ed1aa11d"><code>9d3ec57</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3770">#3770</a> from github/dependabot/github_actions/dot-github/wor...</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/v4.34.1...v4.35.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.34.1&new-version=4.35.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent ecf3b83 commit 99bbc8f

2 files changed

Lines changed: 4 additions & 4 deletions

File tree

.github/workflows/codeql-analysis.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ jobs:
6060

6161
# Initializes the CodeQL tools for scanning.
6262
- name: Initialize CodeQL
63-
uses: github/codeql-action/init@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
63+
uses: github/codeql-action/init@b8bb9f28b8d3f992092362369c57161b755dea45 # v4.35.0
6464
with:
6565
languages: ${{ matrix.language }}
6666
debug: true
@@ -72,7 +72,7 @@ jobs:
7272
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
7373
# If this step fails, then you should remove it and run the build manually (see below)
7474
- name: Autobuild
75-
uses: github/codeql-action/autobuild@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
75+
uses: github/codeql-action/autobuild@b8bb9f28b8d3f992092362369c57161b755dea45 # v4.35.0
7676

7777
# ℹ️ Command-line programs to run using the OS shell.
7878
# 📚 https://git.io/JvXDl
@@ -86,4 +86,4 @@ jobs:
8686
# make release
8787

8888
- name: Perform CodeQL Analysis
89-
uses: github/codeql-action/analyze@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
89+
uses: github/codeql-action/analyze@b8bb9f28b8d3f992092362369c57161b755dea45 # v4.35.0

.github/workflows/scorecard.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,6 @@ jobs:
103103
# Upload the results to GitHub's code scanning dashboard.
104104
- name: "Upload to code-scanning"
105105
if: ${{ !env.ACT }}
106-
uses: github/codeql-action/upload-sarif@05b1a5d28f8763fd11e77388fe57846f1ba8e766 # v2.16.2
106+
uses: github/codeql-action/upload-sarif@0078ad667ef874aae3f7656634dc3654ce6ffb9a # v2.16.2
107107
with:
108108
sarif_file: results.sarif

0 commit comments

Comments
 (0)