Skip to content

Commit ca86f48

Browse files
build(deps): Bump github/codeql-action from 3.28.13 to 3.28.14 (#1250)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.13 to 3.28.14. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.14</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.14/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2"><code>fc7e4a0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2844">#2844</a> from github/update-v3.28.14-362ef4ce2</li> <li><a href="https://github.com/github/codeql-action/commit/be0175c800fe14dd962aaa2c97f55371f6f95b35"><code>be0175c</code></a> Update changelog for v3.28.14</li> <li><a href="https://github.com/github/codeql-action/commit/362ef4ce205154842cd1d34794abd82bb8f12cd5"><code>362ef4c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2838">#2838</a> from github/update-bundle/codeql-bundle-v2.21.0</li> <li><a href="https://github.com/github/codeql-action/commit/2b85c00718b8a4d8e9928961ea3cf0437450e643"><code>2b85c00</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.21.0</li> <li><a href="https://github.com/github/codeql-action/commit/41aa4376380d34f89f93b8f2f92bb9d3b5723154"><code>41aa437</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2841">#2841</a> from github/angelapwen/log-init-post-telemetry</li> <li><a href="https://github.com/github/codeql-action/commit/92864f48b0dea860caaa9bba99727700e0b4fd3d"><code>92864f4</code></a> Add logs around status report telemetry in <code>init-post</code> step</li> <li><a href="https://github.com/github/codeql-action/commit/e13fe0dd2d51f2b63b05fee9b9cda14b2050f678"><code>e13fe0d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2833">#2833</a> from github/NlightNFotis/reclassify_upload_sarif_issues</li> <li><a href="https://github.com/github/codeql-action/commit/06703ce3e5d16d2ba1159d8ef76d0bc95d3bed97"><code>06703ce</code></a> Merge branch 'main' into NlightNFotis/reclassify_upload_sarif_issues</li> <li><a href="https://github.com/github/codeql-action/commit/676a422916fb4b124d13126326cd03f440e112d6"><code>676a422</code></a> review-comments: nest validateSariFileSchema into try-catch block to better d...</li> <li><a href="https://github.com/github/codeql-action/commit/498c7f37e85d2d0fe6bac32a3c71708870a27bee"><code>498c7f3</code></a> review-comments: unwrap error in upload-sarif-action and re-classify as Confi...</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/1b549b9259bda1cb5ddde3b41741a82a2d15a841...fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.13&new-version=3.28.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 092870c commit ca86f48

2 files changed

Lines changed: 3 additions & 3 deletions

File tree

.github/workflows/codeql.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -49,8 +49,8 @@ jobs:
4949
go-version: ${{ matrix.go-version }}
5050
check-latest: true
5151
- name: Initialize CodeQL
52-
uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
52+
uses: github/codeql-action/init@fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2 # v3.28.14
5353
with:
5454
languages: go
5555
- name: Perform CodeQL Analysis
56-
uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
56+
uses: github/codeql-action/analyze@fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2 # v3.28.14

.github/workflows/scorecard.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,6 @@ jobs:
6161
retention-days: 5
6262

6363
- name: "Upload to code-scanning"
64-
uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
64+
uses: github/codeql-action/upload-sarif@fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2 # v3.28.14
6565
with:
6666
sarif_file: results.sarif

0 commit comments

Comments
 (0)