Skip to content

Bump github/codeql-action from 3.28.11 to 3.28.14#9050

Merged
coreycb merged 1 commit into
mainfrom
dependabot/github_actions/github/codeql-action-3.28.14
Apr 7, 2025
Merged

Bump github/codeql-action from 3.28.11 to 3.28.14#9050
coreycb merged 1 commit into
mainfrom
dependabot/github_actions/github/codeql-action-3.28.14

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 7, 2025

Copy link
Copy Markdown
Contributor

Bumps github/codeql-action from 3.28.11 to 3.28.14.

Release notes

Sourced from github/codeql-action's releases.

v3.28.14

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #2838

See the full CHANGELOG.md for more information.

v3.28.13

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.12

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.12 - 19 Mar 2025

  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #2810

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

  • Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

  • Update default CodeQL bundle version to 2.20.5. #2772
  • Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

  • Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

  • Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

3.28.6 - 27 Jan 2025

  • Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

3.28.5 - 24 Jan 2025

  • Update default CodeQL bundle version to 2.20.3. #2717

... (truncated)

Commits
  • fc7e4a0 Merge pull request #2844 from github/update-v3.28.14-362ef4ce2
  • be0175c Update changelog for v3.28.14
  • 362ef4c Merge pull request #2838 from github/update-bundle/codeql-bundle-v2.21.0
  • 2b85c00 Merge branch 'main' into update-bundle/codeql-bundle-v2.21.0
  • 41aa437 Merge pull request #2841 from github/angelapwen/log-init-post-telemetry
  • 92864f4 Add logs around status report telemetry in init-post step
  • e13fe0d Merge pull request #2833 from github/NlightNFotis/reclassify_upload_sarif_issues
  • 06703ce Merge branch 'main' into NlightNFotis/reclassify_upload_sarif_issues
  • 676a422 review-comments: nest validateSariFileSchema into try-catch block to better d...
  • 498c7f3 review-comments: unwrap error in upload-sarif-action and re-classify as Confi...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github/codeql-action from 3.28.11 to 3.28.14
9a53ec9 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.11 to 3.28.14.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@6bb031a...fc7e4a0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies type: github actions Pull requests that update GitHub Actions code labels Apr 7, 2025
@dependabot dependabot Bot requested review from coreycb and dandarnell as code owners April 7, 2025 14:55
@dependabot dependabot Bot mentioned this pull request Apr 7, 2025
Closed
@coreycb coreycb merged commit bfa4d41 into main Apr 7, 2025
@coreycb coreycb deleted the dependabot/github_actions/github/codeql-action-3.28.14 branch April 7, 2025 16:01
@thunderbird-botmobile

thunderbird-botmobile Bot commented Apr 7, 2025

Copy link
Copy Markdown
Contributor

Thanks for your contribution! Your pull request has been merged and will be part of Thunderbird 11. We appreciate the time and effort you put into improving Thunderbird. If you haven’t already, you’re welcome to join our Matrix chat for contributors. It’s where we discuss development and help each other out. https://matrix.to/#/#tb-android-dev:mozilla.org
Hope to see you there! 🚀📱🐦

@thunderbird-botmobile thunderbird-botmobile Bot added this to the Thunderbird 11 milestone Apr 7, 2025
coreycb added a commit that referenced this pull request May 3, 2025
@coreycb
Merge pull request #9050 from thunderbird/dependabot/github_actions/g…
d97a825 
…ithub/codeql-action-3.28.14

Bump github/codeql-action from 3.28.11 to 3.28.14
@coreycb coreycb modified the milestones: Thunderbird 11, Thunderbird 10 May 3, 2025
@kewisch kewisch added type: dependency Project dependencies and removed dependencies labels May 15, 2025
@wmontwe wmontwe added dependencies type: dependency Project dependencies and removed type: dependency Project dependencies dependencies labels Sep 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coreycb coreycb coreycb approved these changes

@dandarnell dandarnell Awaiting requested review from dandarnell

Assignees

@coreycb coreycb

Labels

type: dependency Project dependencies type: github actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

Thunderbird 10

Development

Successfully merging this pull request may close these issues.

3 participants

@coreycb @kewisch @wmontwe