Skip to content

Bump the github-actions-dependency group with 2 updates#341

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/master/github-actions-dependency-5e9231a1f5
Closed

Bump the github-actions-dependency group with 2 updates#341
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/master/github-actions-dependency-5e9231a1f5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Aug 5, 2025

Copy link
Copy Markdown
Contributor

Bumps the github-actions-dependency group with 2 updates: github/codeql-action and open-edge-platform/anomalib.

Updates github/codeql-action from 3.29.2 to 3.29.5

Release notes

Sourced from github/codeql-action's releases.

v3.29.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.5 - 29 Jul 2025

  • Update default CodeQL bundle version to 2.22.2. #2986

See the full CHANGELOG.md for more information.

v3.29.4

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.4 - 23 Jul 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.29.3

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.3 - 21 Jul 2025

No user facing changes.

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.29.5 - 29 Jul 2025

  • Update default CodeQL bundle version to 2.22.2. #2986

3.29.4 - 23 Jul 2025

No user facing changes.

3.29.3 - 21 Jul 2025

No user facing changes.

3.29.2 - 30 Jun 2025

  • Experimental: When the quality-queries input for the init action is provided with an argument, separate .quality.sarif files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. #2935

3.29.1 - 27 Jun 2025

  • Fix bug in PR analysis where user-provided include query filter fails to exclude non-included queries. #2938
  • Update default CodeQL bundle version to 2.22.1. #2950

3.29.0 - 11 Jun 2025

  • Update default CodeQL bundle version to 2.22.0. #2925
  • Bump minimum CodeQL bundle version to 2.16.6. #2912

3.28.21 - 28 July 2025

No user facing changes.

3.28.20 - 21 July 2025

3.28.19 - 03 Jun 2025

  • The CodeQL Action no longer includes its own copy of the extractor for the actions language, which is currently in public preview. The actions extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the actions language and you have pinned your tools: property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable actions analysis.
  • Update default CodeQL bundle version to 2.21.4. #2910

... (truncated)

Commits
  • 51f7732 Merge pull request #2997 from github/update-v3.29.5-80a09d7b0
  • 8e90243 Update changelog for v3.29.5
  • 80a09d7 Merge pull request #2996 from github/dependabot/npm_and_yarn/npm-240ab9fad0
  • 8388115 Merge pull request #2994 from github/mergeback/changelog/v3.28.21
  • 401ecaf Merge branch 'main' into mergeback/changelog/v3.28.21
  • ab5c0c5 Merge branch 'main' into dependabot/npm_and_yarn/npm-240ab9fad0
  • cd264d4 Merge pull request #2986 from github/update-bundle/codeql-bundle-v2.22.2
  • 4599055 Merge branch 'main' into update-bundle/codeql-bundle-v2.22.2
  • fd7ad51 Merge pull request #2971 from github/update-supported-enterprise-server-versions
  • ac0c9bf Merge branch 'main' into update-supported-enterprise-server-versions
  • Additional commits viewable in compare view

Updates open-edge-platform/anomalib from 90e1192dd7d420cb243a93ce17809e43f23fc36d to 78cd8b1ad7bb505a54eaa577660cd56df9647495

Changelog

Sourced from open-edge-platform/anomalib's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog.

[Unreleased]

Added

Removed

Changed

Deprecated

Fixed

[v2.1.0]

Added

Removed

Changed

... (truncated)

Commits
  • 78cd8b1 📦 build(pyproject.toml): Select files in source distribution for builds (#2869)
  • f762e41 🚀 feat(model): add automatic download of DTD dataset to DRAEM model (#2866)
  • f8f14ce chore(version): update version to 2.2.0dev (#2860)
  • 5f89bbe chore(release): update version to 2.1.0 (#2859)
  • 3412e9d fix(deploy): Fix discrepancy between lightning and standalone inferencers (#2...
  • e4aa9b2 chore(deps): pin dependencies (#2855)
  • 068181a chore(deps): update dependency zizmorcore/zizmor to v1.11.0 (#2850)
  • af32ad6 🚀 feat(model): add UniNet (#2797)
  • dfbffe2 ♻️ refactor(cli): show import error in CLI (#2856)
  • 12f2833 🚀 feat(model): Add Dinomaly Model (#2835)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the github-actions-dependency group with 2 updates
eee23b3 
Bumps the github-actions-dependency group with 2 updates: [github/codeql-action](https://github.com/github/codeql-action) and [open-edge-platform/anomalib](https://github.com/open-edge-platform/anomalib).


Updates `github/codeql-action` from 3.29.2 to 3.29.5
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@181d5ee...51f7732)

Updates `open-edge-platform/anomalib` from 90e1192dd7d420cb243a93ce17809e43f23fc36d to 78cd8b1ad7bb505a54eaa577660cd56df9647495
- [Release notes](https://github.com/open-edge-platform/anomalib/releases)
- [Changelog](https://github.com/open-edge-platform/anomalib/blob/main/CHANGELOG.md)
- [Commits](open-edge-platform/anomalib@90e1192...78cd8b1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-dependency
- dependency-name: open-edge-platform/anomalib
  dependency-version: 78cd8b1ad7bb505a54eaa577660cd56df9647495
  dependency-type: direct:production
  dependency-group: github-actions-dependency
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Aug 5, 2025
@dependabot dependabot Bot requested a review from a team as a code owner August 5, 2025 03:39
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Aug 5, 2025
@github-actions github-actions Bot added the build Related to build scripts label Aug 5, 2025
@dependabot @github

dependabot Bot commented on behalf of github Aug 5, 2025

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/github_actions/master/github-actions-dependency-5e9231a1f5 branch August 5, 2025 08:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

build Related to build scripts dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@AlexanderBarabanov