ci(deps): bump the github-actions group with 2 updates

[dependabot]

Bumps the github-actions group with 2 updates: github/codeql-action and peaceiris/actions-gh-pages.

Updates github/codeql-action from 4.35.4 to 4.35.5

Release notes

Sourced from github/codeql-action's releases.

v4.35.5

• We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. #3899
• For performance and accuracy reasons, improved incremental analysis will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. #3791
• If multiple inputs are provided for the GitHub-internal analysis-kinds input, only code-scanning will be enabled. The analysis-kinds input is experimental, for GitHub-internal use only, and may change without notice at any time. #3892
• Added an experimental change which, when running a Code Scanning analysis for a PR with improved incremental analysis enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. #3880

Changelog

Sourced from github/codeql-action's changelog.

4.35.5 - 15 May 2026

• We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. #3899
• For performance and accuracy reasons, improved incremental analysis will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. #3791
• If multiple inputs are provided for the GitHub-internal analysis-kinds input, only code-scanning will be enabled. The analysis-kinds input is experimental, for GitHub-internal use only, and may change without notice at any time. #3892
• Added an experimental change which, when running a Code Scanning analysis for a PR with improved incremental analysis enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. #3880

Commits

• 9e0d7b8 Merge pull request #3905 from github/update-v4.35.5-d4b485515
• 6d7d599 Add changelog entry for #3899
• 51f7e38 Update changelog for v4.35.5
• d4b4855 Merge pull request #3899 from github/mbg/esbuild/split
• 127de81 Merge remote-tracking branch 'origin/main' into mbg/esbuild/split
• 7fde13f Use src + basename in header to avoid issues on Windows
• dfa61e7 Improve pattern matching and error handling
• 52aafec Import and call runWrapper normally in analyze tests
• 0d08c01 Auto-generate shared bundle
• 14085a6 Auto-generate entry points
• Additional commits viewable in compare view

Updates peaceiris/actions-gh-pages from 4.0.0 to 4.1.0

Release notes

Sourced from peaceiris/actions-gh-pages's releases.

actions-github-pages v4.1.0

See CHANGELOG.md for more details.

What's Changed

• Actions examples: update to modern versions of actions by @​clintonsteiner in peaceiris/actions-gh-pages#1117
• chore: update Node runtime and dependencies by @​peaceiris in peaceiris/actions-gh-pages#1147
• ci: harden GitHub Actions workflows by @​peaceiris in peaceiris/actions-gh-pages#1156

New Contributors

• @​clintonsteiner made their first contribution in peaceiris/actions-gh-pages#1117

Full Changelog: peaceiris/actions-gh-pages@v4.0.0...v4.1.0

Changelog

Sourced from peaceiris/actions-gh-pages's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

4.1.0 (2026-05-12)

chore

• add .codex/ (94ae2d2)
• add hasInstallScript true (494ec9b)
• update Node runtime and dependencies (#1147) (954f6bf), closes #1147

ci

• change automerge to false (4b09552)
• harden GitHub Actions workflows (#1156) (aa0466c), closes #1156

docs

• add repository guidelines (a1f94b5)
• bump to v4 from v3 (a16b61f)
• fix note style (0b7567f)
• update versions of actions (#1117) (aa83d0c), closes #1117

4.0.0 (2024-04-08)

build

• node 20.11.1 (5049354)

chore

• bump node16 to node20 (#1067) (4eb285e), closes #1067
• downgrade engines.npm to 8.0.0 (87231bc)

ci

• pin node-version to 18 (#981) (65ebf11), closes #981

docs

• add Release Strategy (67f80d9)
• fix link to Nuxt github-pages (#980) (88b4d2a), closes #980
• remove braces in if conditions (#920) (0fbd122), closes #920

... (truncated)

Commits

• 84c30a8 chore(release): 4.1.0
• 6fa0f50 chore(release): Add build assets
• 3b7506a chore(deps): update dependency trim-newlines to v5 (#1158)
• aa0466c ci: harden GitHub Actions workflows (#1156)
• 31835fb chore(deps): update actions/labeler action to v6 (#1153)
• f4f1bc4 chore(deps): update peaceiris/actions-mdbook action to v2 (#1161)
• a5e4979 chore(deps): update dependency ubuntu to v24 (#1159)
• 6cc3bac chore(deps): update github/codeql-action action to v4 (#1160)
• 0d6e9f4 chore(deps): update actions/setup-node action to v6 (#1154)
• d70c101 chore(deps): update actions/upload-artifact action to v7 (#1155)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[cloudflare-workers-and-pages]

Deploying john-bampton with    Cloudflare Pages

Latest commit:	3bb4465
Status:	⚡️  Build in progress...

View logs

[deepsource-io]

DeepSource Code Review

We reviewed changes in 7ec30af...3bb4465 on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade

Security   Reliability   Complexity   Hygiene

Code Review Summary

Analyzer	Status	Updated (UTC)	Details
Secrets		May 26, 2026 4:51p.m.	Review ↗
Python		May 26, 2026 4:51p.m.	Review ↗
JavaScript		May 26, 2026 4:51p.m.	Review ↗

---

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.