development/flutter
development/flutter
1
0
Fork 0
mirror of https://github.com/flutter/flutter synced 2024-10-02 14:34:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
41012 commits 769 branches 973 tags 1.7 GiB
Commit graph

338 commits

Author SHA1 Message Date
Kate Lovett 65abc95542
[wiki migration] Remaining pages under docs/contributing/ (#148790) 2024-05-23 15:19:04 -05:00
Kate Lovett de0fbdefe3
[wiki migration] Web team pages (#148777) 2024-05-23 14:36:47 -05:00
Kate Lovett 26e5352eec
[wiki migration] Remaining pages under docs/about/ (#148782) 
This moves the wiki pages that have a final destination under docs/about/ as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the team labels to the label bot for future PRs.

Changes to the content were only updating cross links, or links to refer to the main branch rather than master.
Remaining links to the wiki will be updated once all other pages have finished moving, they still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-22 18:41:12 +00:00
Kate Lovett 6332ff6690
[wiki migration] Tool team pages (#148779) 
This puts the wiki pages owned by the Tool team into the docs/tool directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the tool team labels to the label bot for future PRs.

Changes to the content were only updating cross links, or link to refer to the main branch rather than master.
Remaining links to the wiki will be updated once all other pages have finished moving, they still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-22 16:58:49 +00:00
Kate Lovett ca198c8585
[wiki migration] Pages under docs/postmortems/ (#148798) 
This moves the wiki pages that have a final destination under docs/postmortems/ as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the team labels to the label bot for future PRs.

Changes to the content were only updating cross links, or links to refer to the main branch rather than master.
Remaining links to the wiki will be updated once all other pages have finished moving, they still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-22 05:11:21 +00:00
Kate Lovett 1fa6f56b48
[wiki migration] Android team pages (#148585) 
This puts the wiki pages owned by the Android team into the docs/platforms/android directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the android team labels to the label bot for future PRs.

Changes to the content were only updating cross links, or link to refer to the main branch rather than master.
Remaining links to the wiki will be updated once all other pages have finished moving, they still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-21 19:20:51 +00:00
Kate Lovett 7d891907e3
[wiki migration] Infra team pages (#148718) 
This sorts the wiki pages owned by the Infra team in the docs/ directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the team-infra label to the bot for future PRs.

Image assets were checked in here: https://github.com/flutter/assets-for-api-docs/pull/246

Changes to the content were only updating links. The remaining wiki links will be updated after the rest of the pages are relocated, the original wiki links still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-21 18:17:10 +00:00
Kate Lovett fe9e485bde
[wiki migration] Release team pages (#148723) 
This sorts the wiki pages owned by the Release team in the docs/ directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the release related labels to the bot for future PRs.

Changes to the content were only updating cross links. The remaining wiki links will be updated after the rest of the pages are relocated, the original wiki links still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-21 17:30:35 +00:00
Kate Lovett 722c8d62fd
[wiki migration] Engine team pages (#148696) 
This sorts the wiki pages owned by the Engine team in the docs/ directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the engine and team-engine labels to the bot for future PRs.

Changes to the content were only updating cross links. The remaining wiki links will be updated after the rest of the pages are relocated, the original wiki links still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-20 23:40:42 +00:00
Kate Lovett bf7d67d80e
[wiki migration] Framework team pages (#148721) 
This sorts the wiki pages owned by the Framework team in the docs/ directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the framework related labels to the bot for future PRs.

Changes to the content were only updating cross links. The remaining wiki links will be updated after the rest of the pages are relocated, the original wiki links still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-20 23:40:35 +00:00
dependabot[bot] 3bb9624ca9
Bump github/codeql-action from 3.25.5 to 3.25.6 (#148715) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.5 to 3.25.6.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.6 - 20 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.3. <a href="https://redirect.github.com/github/codeql-action/pull/2295">#2295</a></li>
</ul>
<h2>3.25.5 - 13 May 2024</h2>
<ul>
<li>Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the <a href="https://github.com/github/codeql-action/blob/main/README.md">https://github.com/github/codeql-action/blob/main/README.md</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2273">#2273</a></li>
<li>Avoid printing out a warning for a missing <code>on.push</code> trigger when the CodeQL Action is triggered via a <code>workflow_call</code> event. <a href="https://redirect.github.com/github/codeql-action/pull/2274">#2274</a></li>
<li>The <code>tools: latest</code> input to the <code>init</code> Action has been renamed to <code>tools: linked</code>. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. <a href="https://redirect.github.com/github/codeql-action/pull/2281">#2281</a></li>
</ul>
<h2>3.25.4 - 08 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.2. <a href="https://redirect.github.com/github/codeql-action/pull/2270">#2270</a></li>
</ul>
<h2>3.25.3 - 25 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li>
<li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li>
</ul>
<h2>3.25.2 - 22 Apr 2024</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
<p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p>
</li>
<li>
<p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p>
</li>
<li>
<p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p>
</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9fdb3e4972"><code>9fdb3e4</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2300">#2300</a> from github/update-v3.25.6-63d519c0a</li>
<li><a href="00792ab1e0"><code>00792ab</code></a> Update changelog for v3.25.6</li>
<li><a href="63d519c0ae"><code>63d519c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2295">#2295</a> from github/update-bundle/codeql-bundle-v2.17.3</li>
<li><a href="0d9161ca1c"><code>0d9161c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2293">#2293</a> from github/henrymercer/update-build-mode-autobuild-...</li>
<li><a href="e9e27290e9"><code>e9e2729</code></a> Add changelog note</li>
<li><a href="de1ac31508"><code>de1ac31</code></a> Update default bundle to codeql-bundle-v2.17.3</li>
<li><a href="a57c67b895"><code>a57c67b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2286">#2286</a> from github/koesie10/ghec-dr-db-upload</li>
<li><a href="b7ef64ecb1"><code>b7ef64e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2294">#2294</a> from github/dependabot/npm_and_yarn/npm-d3285d5234</li>
<li><a href="e54dea297a"><code>e54dea2</code></a> Update checked-in dependencies</li>
<li><a href="3b42294f03"><code>3b42294</code></a> Bump the npm group across 1 directory with 4 updates</li>
<li>Additional commits viewable in <a href="b7cec75265...9fdb3e4972">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.5&new-version=3.25.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-20 21:54:43 +00:00
dependabot[bot] 7bd4bbed11
Bump codecov/codecov-action from 4.4.0 to 4.4.1 (#148714) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.4.0 to 4.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.4.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.8.0 to 7.9.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1427">codecov/codecov-action#1427</a></li>
<li>fix: prevent xlarge from running on forks by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1432">codecov/codecov-action#1432</a></li>
<li>build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1439">codecov/codecov-action#1439</a></li>
<li>build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1438">codecov/codecov-action#1438</a></li>
<li>fix: isPullRequestFromFork returns false for any PR by <a href="https://github.com/shahar-h"><code>@​shahar-h</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li>
<li>chore(release): 4.4.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1441">codecov/codecov-action#1441</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/shahar-h"><code>@​shahar-h</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1">https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1</a></p>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.8.0 to 7.9.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1427">codecov/codecov-action#1427</a></li>
<li>fix: prevent xlarge from running on forks by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1432">codecov/codecov-action#1432</a></li>
<li>build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1439">codecov/codecov-action#1439</a></li>
<li>build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1438">codecov/codecov-action#1438</a></li>
<li>fix: isPullRequestFromFork returns false for any PR by <a href="https://github.com/shahar-h"><code>@​shahar-h</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li>
<li>chore(release): 4.4.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1441">codecov/codecov-action#1441</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/shahar-h"><code>@​shahar-h</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1">https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="125fc84a9a"><code>125fc84</code></a> chore(release): 4.4.1 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1441">#1441</a>)</li>
<li><a href="c9dbf6a905"><code>c9dbf6a</code></a> fix: isPullRequestFromFork returns false for any PR (<a href="https://redirect.github.com/codecov/codecov-action/issues/1437">#1437</a>)</li>
<li><a href="59fc46f14a"><code>59fc46f</code></a> build(deps): bump actions/checkout from 4.1.5 to 4.1.6 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1438">#1438</a>)</li>
<li><a href="3889fddabb"><code>3889fdd</code></a> build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1439">#1439</a>)</li>
<li><a href="d42a336584"><code>d42a336</code></a> fix: prevent xlarge from running on forks (<a href="https://redirect.github.com/codecov/codecov-action/issues/1432">#1432</a>)</li>
<li><a href="fd624e50e7"><code>fd624e5</code></a> build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.8.0 to 7.9.0 (#...</li>
<li>See full diff in <a href="6d798873df...125fc84a9a">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.4.0&new-version=4.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-20 21:53:39 +00:00
Kate Lovett 49bc6bd54f
[wiki migration] Ecosystem team pages (#148589) 
This puts the wiki pages owned by the Ecosystem team into the docs/ecosystem directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the ecosystem team labels to the label bot for future PRs.

Changes to the content were only updating cross links. The remaining wiki links will be updated after the rest of the pages are relocated, the original wiki links still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-20 17:44:39 +00:00
dependabot[bot] 54830cf143
Bump actions/checkout from 4.1.5 to 4.1.6 (#148516) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.5 to 4.1.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.6</h2>
<h2>What's Changed</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
<li>Update for 4.1.6 release by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1733">actions/checkout#1733</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.5...v4.1.6">https://github.com/actions/checkout/compare/v4.1.5...v4.1.6</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a5ac7e51b4"><code>a5ac7e5</code></a> Update for 4.1.6 release (<a href="https://redirect.github.com/actions/checkout/issues/1733">#1733</a>)</li>
<li><a href="24ed1a3528"><code>24ed1a3</code></a> Check platform for extension (<a href="https://redirect.github.com/actions/checkout/issues/1732">#1732</a>)</li>
<li>See full diff in <a href="44c2b7a8a4...a5ac7e51b4">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.5&new-version=4.1.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-16 23:13:13 +00:00
dependabot[bot] cbc51f15eb
Bump codecov/codecov-action from 4.3.1 to 4.4.0 (#148355) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.1 to 4.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore: Clarify isPullRequestFromFork by <a href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1411">codecov/codecov-action#1411</a></li>
<li>build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1423">codecov/codecov-action#1423</a></li>
<li>build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1421">codecov/codecov-action#1421</a></li>
<li>build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1420">codecov/codecov-action#1420</a></li>
<li>feat: remove GPG and run on spawn by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1426">codecov/codecov-action#1426</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.8.0 to 7.9.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1428">codecov/codecov-action#1428</a></li>
<li>chore(release): 4.4.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1430">codecov/codecov-action#1430</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.3.1...v4.4.0">https://github.com/codecov/codecov-action/compare/v4.3.1...v4.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6d798873df"><code>6d79887</code></a> chore(release): 4.4.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1430">#1430</a>)</li>
<li><a href="37364fa731"><code>37364fa</code></a> build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.8.0 to 7.9.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1428">#1428</a>)</li>
<li><a href="2791a5c4fe"><code>2791a5c</code></a> fix: remove GPG and run on spawn (<a href="https://redirect.github.com/codecov/codecov-action/issues/1426">#1426</a>)</li>
<li><a href="b71af43c1e"><code>b71af43</code></a> build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1420">#1420</a>)</li>
<li><a href="29f97fc54f"><code>29f97fc</code></a> build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1421">#1421</a>)</li>
<li><a href="645d2a5926"><code>645d2a5</code></a> build(deps): bump actions/checkout from 4.1.4 to 4.1.5 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1423">#1423</a>)</li>
<li><a href="f691d469fb"><code>f691d46</code></a> chore: Clarify isPullRequestFromFork (<a href="https://redirect.github.com/codecov/codecov-action/issues/1411">#1411</a>)</li>
<li>See full diff in <a href="5ecb98a3c6...6d798873df">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.3.1&new-version=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-14 22:35:49 +00:00
dependabot[bot] 27f683d6c3
Bump github/codeql-action from 3.25.3 to 3.25.5 (#148262) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.3 to 3.25.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.5 - 13 May 2024</h2>
<ul>
<li>Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the <a href="https://github.com/github/codeql-action/blob/main/README.md">https://github.com/github/codeql-action/blob/main/README.md</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2273">#2273</a></li>
<li>Avoid printing out a warning for a missing <code>on.push</code> trigger when the CodeQL Action is triggered via a <code>workflow_call</code> event. <a href="https://redirect.github.com/github/codeql-action/pull/2274">#2274</a></li>
<li>The <code>tools: latest</code> input to the <code>init</code> Action has been renamed to <code>tools: linked</code>. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. <a href="https://redirect.github.com/github/codeql-action/pull/2281">#2281</a></li>
</ul>
<h2>3.25.4 - 08 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.2. <a href="https://redirect.github.com/github/codeql-action/pull/2270">#2270</a></li>
</ul>
<h2>3.25.3 - 25 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li>
<li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li>
</ul>
<h2>3.25.2 - 22 Apr 2024</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
<p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p>
</li>
<li>
<p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p>
</li>
<li>
<p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p>
</li>
<li>
<p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p>
</li>
</ul>
<h2>3.24.10 - 05 Apr 2024</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="b7cec75265"><code>b7cec75</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2287">#2287</a> from github/update-v3.25.5-4a5197247</li>
<li><a href="6778fe4553"><code>6778fe4</code></a> Update changelog for v3.25.5</li>
<li><a href="4a51972477"><code>4a51972</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2280">#2280</a> from github/henrymercer/on-demand-ffs</li>
<li><a href="a8c32fd278"><code>a8c32fd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2283">#2283</a> from github/henrymercer/disable-fail-fast</li>
<li><a href="f73b0b70eb"><code>f73b0b7</code></a> Disable fail fast for non-generated workflows</li>
<li><a href="c59e05245f"><code>c59e052</code></a> Disable fail fast in generated workflows</li>
<li><a href="33e416c056"><code>33e416c</code></a> Comment that <code>legacyApi</code> is false by default</li>
<li><a href="67f8a36bdb"><code>67f8a36</code></a> Merge branch 'main' into henrymercer/on-demand-ffs</li>
<li><a href="4995c49010"><code>4995c49</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2282">#2282</a> from github/henrymercer/no-build-mode-tracing-improv...</li>
<li><a href="def4d2cd4e"><code>def4d2c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2273">#2273</a> from github/aeisenberg/specify-versions</li>
<li>Additional commits viewable in <a href="d39d31e687...b7cec75265">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.3&new-version=3.25.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-13 22:26:41 +00:00
dependabot[bot] c90e18c6f5
Bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#148091) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action)
from 2.3.1 to 2.3.3.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="dc50aa9510"><code>dc50aa9</code></a>
🌱 Bump docker tag for v2.3.3 release (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1368">#1368</a>)</li>
<li><a
href="8ff5700173"><code>8ff5700</code></a>
🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to
v5.0.0-rc2.0....</li>
<li><a
href="8ba5e73d11"><code>8ba5e73</code></a>
update api links to new scorecard.dev site (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1376">#1376</a>)</li>
<li><a
href="92ddde3eaf"><code>92ddde3</code></a>
Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1374">#1374</a>)</li>
<li><a
href="6c55905542"><code>6c55905</code></a>
🌱 Bump golang.org/x/net from 0.24.0 to 0.25.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1373">#1373</a>)</li>
<li><a
href="09bb953b6a"><code>09bb953</code></a>
🌱 Bump distroless/base in the docker-images group (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1372">#1372</a>)</li>
<li><a
href="1511e1305b"><code>1511e13</code></a>
🌱 Bump the github-actions group across 1 directory with 6
updates (#...</li>
<li><a
href="df66cd8fd8"><code>df66cd8</code></a>
🌱 Bump the docker-images group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1370">#1370</a>)</li>
<li><a
href="fad9a3cc53"><code>fad9a3c</code></a>
🌱 Bump distroless/base in the docker-images group (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1364">#1364</a>)</li>
<li><a
href="1e01a309c1"><code>1e01a30</code></a>
🌱 Bump the github-actions group with 3 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1365">#1365</a>)</li>
<li>Additional commits viewable in <a
href="0864cf1902...dc50aa9510">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.3.1&new-version=2.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-09 20:32:11 -07:00
Jenn Magder 5a663e6ef8
Update dependabot reviewers (#148101) 
Update dependabot reviewers.
 2024-05-09 19:59:27 -07:00
dependabot[bot] 4031041a4b
Bump actions/checkout from 4.1.4 to 4.1.5 (#147888) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.4...v4.1.5">https://github.com/actions/checkout/compare/v4.1.4...v4.1.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="44c2b7a8a4"><code>44c2b7a</code></a> README: Suggest <code>user.email</code> to be `41898282+github-actions[bot]<a href="https://github.com/users"><code>@​users</code></a>.norepl...</li>
<li><a href="8459bc0c7e"><code>8459bc0</code></a> Bump actions/upload-artifact from 2 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1695">#1695</a>)</li>
<li><a href="3f603f6d5e"><code>3f603f6</code></a> Bump actions/setup-node from 1 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1696">#1696</a>)</li>
<li><a href="fd084cde18"><code>fd084cd</code></a> Bump github/codeql-action from 2 to 3 (<a href="https://redirect.github.com/actions/checkout/issues/1694">#1694</a>)</li>
<li><a href="9c1e94e0ad"><code>9c1e94e</code></a> Update NPM dependencies (<a href="https://redirect.github.com/actions/checkout/issues/1703">#1703</a>)</li>
<li>See full diff in <a href="0ad4b8fada...44c2b7a8a4">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.4&new-version=4.1.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-06 21:45:36 +00:00
dependabot[bot] ffbeb5a39c
Bump codecov/codecov-action from 4.3.0 to 4.3.1 (#147674) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.0 to 4.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.3.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump typescript from 5.4.4 to 5.4.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1370">codecov/codecov-action#1370</a></li>
<li>fix: more verbose log message when failing to import pgp key by <a href="https://github.com/ReenigneArcher"><code>@​ReenigneArcher</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1371">codecov/codecov-action#1371</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.6.0 to 7.7.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1374">codecov/codecov-action#1374</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.6.0 to 7.7.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1375">codecov/codecov-action#1375</a></li>
<li>build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1382">codecov/codecov-action#1382</a></li>
<li>build(deps): bump github/codeql-action from 3.24.10 to 3.25.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1381">codecov/codecov-action#1381</a></li>
<li>build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1380">codecov/codecov-action#1380</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.7.0 to 7.7.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1384">codecov/codecov-action#1384</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.7.0 to 7.7.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1383">codecov/codecov-action#1383</a></li>
<li>Update README.md to point to docs about tokenless by <a href="https://github.com/rohan-at-sentry"><code>@​rohan-at-sentry</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1395">codecov/codecov-action#1395</a></li>
<li>build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1393">codecov/codecov-action#1393</a></li>
<li>build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1392">codecov/codecov-action#1392</a></li>
<li>build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1391">codecov/codecov-action#1391</a></li>
<li>style: Node Packages by <a href="https://github.com/marcobiedermann"><code>@​marcobiedermann</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1394">codecov/codecov-action#1394</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.7.1 to 7.8.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1402">codecov/codecov-action#1402</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.7.1 to 7.8.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1401">codecov/codecov-action#1401</a></li>
<li>docs: Type Annotations by <a href="https://github.com/marcobiedermann"><code>@​marcobiedermann</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1397">codecov/codecov-action#1397</a></li>
<li>docs: main branch by <a href="https://github.com/marcobiedermann"><code>@​marcobiedermann</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1396">codecov/codecov-action#1396</a></li>
<li>fix: bypass token checks for forks and OIDC by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1404">codecov/codecov-action#1404</a></li>
<li>chore(release): 4.3.1. by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1405">codecov/codecov-action#1405</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ReenigneArcher"><code>@​ReenigneArcher</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1371">codecov/codecov-action#1371</a></li>
<li><a href="https://github.com/rohan-at-sentry"><code>@​rohan-at-sentry</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1395">codecov/codecov-action#1395</a></li>
<li><a href="https://github.com/marcobiedermann"><code>@​marcobiedermann</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1394">codecov/codecov-action#1394</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.3.0...v4.3.1">https://github.com/codecov/codecov-action/compare/v4.3.0...v4.3.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="5ecb98a3c6"><code>5ecb98a</code></a> chore(release): 4.3.1. (<a href="https://redirect.github.com/codecov/codecov-action/issues/1405">#1405</a>)</li>
<li><a href="5a299d1127"><code>5a299d1</code></a> fix: bypass token checks for forks and OIDC (<a href="https://redirect.github.com/codecov/codecov-action/issues/1404">#1404</a>)</li>
<li><a href="dad251dcaf"><code>dad251d</code></a> docs: main branch (<a href="https://redirect.github.com/codecov/codecov-action/issues/1396">#1396</a>)</li>
<li><a href="e8bbe5fc01"><code>e8bbe5f</code></a> docs: Type Annotations (<a href="https://redirect.github.com/codecov/codecov-action/issues/1397">#1397</a>)</li>
<li><a href="a6fd87fc19"><code>a6fd87f</code></a> build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.7.1 to 7.8.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1401">#1401</a>)</li>
<li><a href="76c8cd6163"><code>76c8cd6</code></a> build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.7.1 to 7.8.0 (#...</li>
<li><a href="1290bddc88"><code>1290bdd</code></a> style: Node Packages (<a href="https://redirect.github.com/codecov/codecov-action/issues/1394">#1394</a>)</li>
<li><a href="951ef79006"><code>951ef79</code></a> build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1391">#1391</a>)</li>
<li><a href="bb71c1ba2f"><code>bb71c1b</code></a> build(deps): bump actions/checkout from 4.1.3 to 4.1.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1392">#1392</a>)</li>
<li><a href="acc5d43cad"><code>acc5d43</code></a> build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1393">#1393</a>)</li>
<li>Additional commits viewable in <a href="84508663e9...5ecb98a3c6">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.3.0&new-version=4.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-01 22:19:20 +00:00
dependabot[bot] 3488d9af80
Bump github/codeql-action from 3.25.2 to 3.25.3 (#147437) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.2 to 3.25.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.3 - 25 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li>
<li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li>
</ul>
<h2>3.25.2 - 22 Apr 2024</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
<p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p>
</li>
<li>
<p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p>
</li>
<li>
<p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p>
</li>
<li>
<p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p>
</li>
</ul>
<h2>3.24.10 - 05 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
</ul>
<h2>3.24.9 - 22 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li>
</ul>
<h2>3.24.8 - 18 Mar 2024</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="d39d31e687"><code>d39d31e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2262">#2262</a> from github/update-v3.25.3-ac2f82a1f</li>
<li><a href="a7278252c7"><code>a727825</code></a> Move changenote to most recent section</li>
<li><a href="1efa8597b1"><code>1efa859</code></a> Update changelog for v3.25.3</li>
<li><a href="ac2f82a1ff"><code>ac2f82a</code></a> Log warning if SIP is disabled and CLI version is &lt; 2.15.1 (<a href="https://redirect.github.com/github/codeql-action/issues/2261">#2261</a>)</li>
<li><a href="0ad7791640"><code>0ad7791</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2247">#2247</a> from github/update-bundle/codeql-bundle-v2.17.1</li>
<li><a href="79d9ee7f07"><code>79d9ee7</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.17.1</li>
<li><a href="dbf2b1706b"><code>dbf2b17</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2255">#2255</a> from github/mergeback/v3.25.2-to-main-8f596b4a</li>
<li><a href="ff6a3c42a5"><code>ff6a3c4</code></a> Update checked-in dependencies</li>
<li><a href="619dc0c4b8"><code>619dc0c</code></a> Update changelog and version after v3.25.2</li>
<li><a href="39e1e6509e"><code>39e1e65</code></a> Add changelog note</li>
<li>Additional commits viewable in <a href="8f596b4ae3...d39d31e687">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.2&new-version=3.25.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-26 22:26:11 +00:00
dependabot[bot] af34484cb8
Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#147388) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.4 to 6.0.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v6.0.5</h2>
<p>⚙️ Fixes an issue with proxy support for users that run self-hosted behind a proxy.</p>
<h2>What's Changed</h2>
<ul>
<li>fix: update proxy support to follow octokit change to fetch api by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2867">peter-evans/create-pull-request#2867</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.4...v6.0.5">https://github.com/peter-evans/create-pull-request/compare/v6.0.4...v6.0.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6d6857d369"><code>6d6857d</code></a> fix: update proxy support to follow octokit change to fetch api (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2867">#2867</a>)</li>
<li>See full diff in <a href="9153d834b6...6d6857d369">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6.0.4&new-version=6.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-26 04:28:21 +00:00
dependabot[bot] c22ed980d0
Bump actions/checkout from 4.1.3 to 4.1.4 (#147334) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.3 to 4.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.3...v4.1.4">https://github.com/actions/checkout/compare/v4.1.3...v4.1.4</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@​actions/io</code></a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="0ad4b8fada"><code>0ad4b8f</code></a> Prep Release v4.1.4 (<a href="https://redirect.github.com/actions/checkout/issues/1704">#1704</a>)</li>
<li><a href="43045ae669"><code>43045ae</code></a> Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> (<a href="https://redirect.github.com/actions/checkout/issues/1692">#1692</a>)</li>
<li><a href="37b082107b"><code>37b0821</code></a> Bump the minor-actions-dependencies group with 2 updates (<a href="https://redirect.github.com/actions/checkout/issues/1693">#1693</a>)</li>
<li><a href="9839dc14a0"><code>9839dc1</code></a> Add dependabot config (<a href="https://redirect.github.com/actions/checkout/issues/1688">#1688</a>)</li>
<li><a href="9b4c13b0bf"><code>9b4c13b</code></a> Bump word-wrap from 1.2.3 to 1.2.5 (<a href="https://redirect.github.com/actions/checkout/issues/1643">#1643</a>)</li>
<li>See full diff in <a href="1d96c772d1...0ad4b8fada">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.3&new-version=4.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-24 23:51:01 +00:00
dependabot[bot] c217f763e9
Bump actions/upload-artifact from 4.3.2 to 4.3.3 (#147192) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.2 to 4.3.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p>
<blockquote>
<h2>v4.3.3</h2>
<h2>What's Changed</h2>
<ul>
<li>updating <code>@actions/artifact</code> dependency to v2.1.6 by <a href="https://github.com/eggyhead"><code>@​eggyhead</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/565">actions/upload-artifact#565</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.3.2...v4.3.3">https://github.com/actions/upload-artifact/compare/v4.3.2...v4.3.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="65462800fd"><code>6546280</code></a> updating package version</li>
<li><a href="c004fb4bf6"><code>c004fb4</code></a> Merge branch 'main' into eggyhead/use-artifact-v2.1.6</li>
<li><a href="90aba496fc"><code>90aba49</code></a> updating toolkit artifact dependency to 2.1.6</li>
<li><a href="b06cde36fc"><code>b06cde3</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/563">#563</a> from actions/eggyhead/release-4.3.2</li>
<li>See full diff in <a href="1746f4ab65...65462800fd">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.3.2&new-version=4.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-23 00:23:02 +00:00
dependabot[bot] be62c7f743
Bump github/codeql-action from 3.25.1 to 3.25.2 (#147193) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.1 to 3.25.2.
<details>
<summary>Commits</summary>
<ul>
<li><a href="8f596b4ae3"><code>8f596b4</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2254">#2254</a> from github/update-v3.25.2-4909c1ffb</li>
<li><a href="de8916ec5a"><code>de8916e</code></a> Update changelog for v3.25.2</li>
<li><a href="4909c1ffb9"><code>4909c1f</code></a> Bump the npm group with 3 updates (<a href="https://redirect.github.com/github/codeql-action/issues/2253">#2253</a>)</li>
<li><a href="f45390cde1"><code>f45390c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2252">#2252</a> from github/henrymercer/failed-external-repo-config-...</li>
<li><a href="1be8c488eb"><code>1be8c48</code></a> Add configuration error for failing to clone external Git repo</li>
<li><a href="82edfe29ce"><code>82edfe2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2246">#2246</a> from github/koesie10/remove-incorrect-log</li>
<li><a href="8786e1f9a1"><code>8786e1f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2249">#2249</a> from github/mergeback/v3.25.1-to-main-c7f91257</li>
<li><a href="3c7ac61481"><code>3c7ac61</code></a> Update checked-in dependencies</li>
<li><a href="b5bd9be6da"><code>b5bd9be</code></a> Update changelog and version after v3.25.1</li>
<li><a href="5d73b1bd71"><code>5d73b1b</code></a> Remove incorrect log message</li>
<li>See full diff in <a href="c7f9125735...8f596b4ae3">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.1&new-version=3.25.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-23 00:21:05 +00:00
dependabot[bot] 24def4d417
Bump actions/checkout from 4.1.2 to 4.1.3 (#147090) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.2...v4.1.3">https://github.com/actions/checkout/compare/v4.1.2...v4.1.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1d96c772d1"><code>1d96c77</code></a> Add SSH user parameter (<a href="https://redirect.github.com/actions/checkout/issues/1685">#1685</a>)</li>
<li><a href="cd7d8d697e"><code>cd7d8d6</code></a> Check git version before attempting to disable <code>sparse-checkout</code> (<a href="https://redirect.github.com/actions/checkout/issues/1656">#1656</a>)</li>
<li><a href="8410ad0602"><code>8410ad0</code></a> Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> (<a href="https://redirect.github.com/actions/checkout/issues/1650">#1650</a>)</li>
<li>See full diff in <a href="9bb56186c3...1d96c772d1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.2&new-version=4.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-19 23:03:04 +00:00
dependabot[bot] 7433225a95
Bump actions/upload-artifact from 4.3.1 to 4.3.2 (#147011) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.1 to 4.3.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p>
<blockquote>
<h2>v4.3.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update release-new-action-version.yml by <a href="https://github.com/konradpabjan"><code>@​konradpabjan</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/516">actions/upload-artifact#516</a></li>
<li>Minor fix to the migration readme by <a href="https://github.com/andrewakim"><code>@​andrewakim</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/523">actions/upload-artifact#523</a></li>
<li>Update readme with v3/v2/v1 deprecation notice by <a href="https://github.com/robherley"><code>@​robherley</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/561">actions/upload-artifact#561</a></li>
<li>updating <code>@actions/artifact</code> dependency to v2.1.5 and <code>@actions/core</code> to v1.0.1 by <a href="https://github.com/eggyhead"><code>@​eggyhead</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/562">actions/upload-artifact#562</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/andrewakim"><code>@​andrewakim</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/523">actions/upload-artifact#523</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.3.1...v4.3.2">https://github.com/actions/upload-artifact/compare/v4.3.1...v4.3.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1746f4ab65"><code>1746f4a</code></a> Revert &quot;updating to release 4.3.2&quot;</li>
<li><a href="31685d04a0"><code>31685d0</code></a> updating to release 4.3.2</li>
<li><a href="18bf333cd2"><code>18bf333</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/562">#562</a> from actions/eggyhead/update-artifact-v215</li>
<li><a href="dac413befa"><code>dac413b</code></a> update package lock version</li>
<li><a href="bb3b4a3cdb"><code>bb3b4a3</code></a> updating package version</li>
<li><a href="3e3da837d2"><code>3e3da83</code></a> updating artifact and core dependencies</li>
<li><a href="e35774f165"><code>e35774f</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/561">#561</a> from actions/robherley/deprecation-notice</li>
<li><a href="e63ea677fb"><code>e63ea67</code></a> Update readme with v3/v2/v1 deprecation notice</li>
<li><a href="ef09cdac3e"><code>ef09cda</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/523">#523</a> from andrewakim/andrewakim/migration-readme-fix</li>
<li><a href="00e36f94d8"><code>00e36f9</code></a> Minor fix to the migration readme</li>
<li>Additional commits viewable in <a href="5d5d22a312...1746f4ab65">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.3.1&new-version=4.3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-18 22:33:05 +00:00
dependabot[bot] 00c21929f5
Bump github/codeql-action from 3.25.0 to 3.25.1 (#146953) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.0 to 3.25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
<p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p>
</li>
<li>
<p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p>
</li>
<li>
<p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p>
</li>
<li>
<p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p>
</li>
</ul>
<h2>3.24.10 - 05 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
</ul>
<h2>3.24.9 - 22 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li>
</ul>
<h2>3.24.8 - 18 Mar 2024</h2>
<ul>
<li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li>
</ul>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c7f9125735"><code>c7f9125</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2248">#2248</a> from github/update-v3.25.1-c4fb45143</li>
<li><a href="1c7e8b2cf2"><code>1c7e8b2</code></a> Update changelog for v3.25.1</li>
<li><a href="c4fb451437"><code>c4fb451</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2245">#2245</a> from github/henrymercer/ignore-already-specified-flags</li>
<li><a href="556b3bcfae"><code>556b3bc</code></a> Add changelog note</li>
<li><a href="ef66aeacbf"><code>ef66aea</code></a> Merge branch 'main' into henrymercer/ignore-already-specified-flags</li>
<li><a href="9b87e0a8c4"><code>9b87e0a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2241">#2241</a> from github/nickfyson/speculative-script-fix</li>
<li><a href="18111b696b"><code>18111b6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2235">#2235</a> from github/henrymercer/autobuild-with-direct-tracing</li>
<li><a href="ade98b980a"><code>ade98b9</code></a> Ensure <code>--overwrite</code> flag is only passed once</li>
<li><a href="8566d50a79"><code>8566d50</code></a> Add regression test for double <code>--overwrite</code></li>
<li><a href="453a95695a"><code>453a956</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2243">#2243</a> from github/dependabot/npm_and_yarn/npm-9b31496ffc</li>
<li>Additional commits viewable in <a href="df5a14dc28...c7f9125735">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.0&new-version=3.25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-17 22:38:15 +00:00
dependabot[bot] 86cf97300f
Bump peter-evans/create-pull-request from 6.0.3 to 6.0.4 (#146954) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.3 to 6.0.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v6.0.4</h2>
<p>⚡ Improves performance in some cases for very large git repositories.</p>
<h2>What's Changed</h2>
<ul>
<li>perf: limit the fetch depth of pr branch by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2857">peter-evans/create-pull-request#2857</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.3...v6.0.4">https://github.com/peter-evans/create-pull-request/compare/v6.0.3...v6.0.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9153d834b6"><code>9153d83</code></a> perf: limit the fetch depth of pr branch (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2857">#2857</a>)</li>
<li>See full diff in <a href="c55203cfde...9153d834b6">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6.0.3&new-version=6.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-17 22:34:47 +00:00
Pierre-Louis 4a65a76279
Reland: Update link branches to main (#146882) 
Reland https://github.com/flutter/flutter/pull/146558, reverted in https://github.com/flutter/flutter/pull/146880 due to an outdated test result

## Original description

- Update CS and googlesource.com link branches
- Update GitHub /blob/ and /tree/ links

Tested links manually and fixes a few broken or deprecated links

Added a test that validates that `master` isn't used, except for specified repos.

Part of https://github.com/flutter/flutter/issues/121564
 2024-04-17 13:16:33 +00:00
Pierre-Louis 33a9643b5d
Revert "Update link branches to main" (#146880) 
Reverts flutter/flutter#146558

Causes failure
 2024-04-17 13:25:18 +02:00
Pierre-Louis 072b8874a0
Update link branches to main (#146558) 
- Update CS and googlesource.com link branches
- Update GitHub /blob/ and /tree/ links

Tested links manually and fixes a few broken or deprecated links

Added a test that validates that `master` isn't used, except for
specified repos.

Part of https://github.com/flutter/flutter/issues/121564

## Pre-launch Checklist

- [x] I read the [Contributor Guide] and followed the process outlined
there for submitting PRs.
- [x] I read the [Tree Hygiene] wiki page, which explains my
responsibilities.
- [x] I read and followed the [Flutter Style Guide], including [Features
we expect every widget to implement].
- [x] I signed the [CLA].
- [x] I listed at least one issue that this PR fixes in the description
above.
- [x] I updated/added relevant documentation (doc comments with `///`).
- [x] I added new tests to check the change I am making, or this PR is
[test-exempt].
- [x] I followed the [breaking change policy] and added [Data Driven
Fixes] where supported.
- [x] All existing and new tests are passing.

If you need help, consider asking for advice on the #hackers-new channel
on [Discord].

<!-- Links -->
[Contributor Guide]:
https://github.com/flutter/flutter/wiki/Tree-hygiene#overview
[Tree Hygiene]: https://github.com/flutter/flutter/wiki/Tree-hygiene
[test-exempt]:
https://github.com/flutter/flutter/wiki/Tree-hygiene#tests
[Flutter Style Guide]:
https://github.com/flutter/flutter/wiki/Style-guide-for-Flutter-repo
[Features we expect every widget to implement]:
https://github.com/flutter/flutter/wiki/Style-guide-for-Flutter-repo#features-we-expect-every-widget-to-implement
[CLA]: https://cla.developers.google.com/
[flutter/tests]: https://github.com/flutter/tests
[breaking change policy]:
https://github.com/flutter/flutter/wiki/Tree-hygiene#handling-breaking-changes
[Discord]: https://github.com/flutter/flutter/wiki/Chat
[Data Driven Fixes]:
https://github.com/flutter/flutter/wiki/Data-driven-Fixes
 2024-04-17 09:44:23 +02:00
dependabot[bot] 38dcca9081
Bump github/codeql-action from 3.24.10 to 3.25.0 (#146784) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.10 to 3.25.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
<p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p>
</li>
<li>
<p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p>
</li>
<li>
<p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p>
</li>
<li>
<p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p>
</li>
</ul>
<h2>3.24.10 - 05 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
</ul>
<h2>3.24.9 - 22 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li>
</ul>
<h2>3.24.8 - 18 Mar 2024</h2>
<ul>
<li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li>
</ul>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="df5a14dc28"><code>df5a14d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2238">#2238</a> from github/update-v3.25.0-2b2cee522</li>
<li><a href="3f70eaa4d3"><code>3f70eaa</code></a> Update changelog for v3.25.0</li>
<li><a href="2b2cee5229"><code>2b2cee5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2234">#2234</a> from github/mbg/clearer-file-command-failure</li>
<li><a href="4fcf7a216c"><code>4fcf7a2</code></a> Add changelog entry</li>
<li><a href="d30d1cabb4"><code>d30d1ca</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2237">#2237</a> from github/henrymercer/more-configuration-errors</li>
<li><a href="55585360a3"><code>5558536</code></a> Add configuration error for unsupported build mode</li>
<li><a href="fa75c144b4"><code>fa75c14</code></a> Capture rate limit and ref not existing config errors</li>
<li><a href="5a599c68cf"><code>5a599c6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2236">#2236</a> from github/henrymercer/feature-flags-with-tool-feat...</li>
<li><a href="829376a618"><code>829376a</code></a> Allow feature flags to specify tool feature requirements</li>
<li><a href="efc474680f"><code>efc4746</code></a> Downgrade log levels for some messages to debug</li>
<li>Additional commits viewable in <a href="4355270be1...df5a14dc28">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.10&new-version=3.25.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-15 22:26:15 +00:00
dependabot[bot] c845a78838
Bump peter-evans/create-pull-request from 6.0.2 to 6.0.3 (#146702) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.2 to 6.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v6.0.3</h2>
<p>⚡ Improves performance of the <code>push-to-fork</code> feature.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.23 to 18.19.25 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2826">peter-evans/create-pull-request#2826</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.25 to 18.19.26 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2831">peter-evans/create-pull-request#2831</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.26 to 18.19.28 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2836">peter-evans/create-pull-request#2836</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.28 to 18.19.31 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2842">peter-evans/create-pull-request#2842</a></li>
<li>fix: drop unnecessary fetch with unshallow on push-to-fork by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2849">peter-evans/create-pull-request#2849</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.2...v6.0.3">https://github.com/peter-evans/create-pull-request/compare/v6.0.2...v6.0.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c55203cfde"><code>c55203c</code></a> fix: drop unnecessary fetch with unshallow on push-to-fork (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2849">#2849</a>)</li>
<li><a href="6ce4eca6b6"><code>6ce4eca</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.28 to 18.19.31 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2842">#2842</a>)</li>
<li><a href="36ef0ed92f"><code>36ef0ed</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.26 to 18.19.28 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2836">#2836</a>)</li>
<li><a href="8500972a13"><code>8500972</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.25 to 18.19.26 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2831">#2831</a>)</li>
<li><a href="bda5ade93c"><code>bda5ade</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.23 to 18.19.25 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2826">#2826</a>)</li>
<li>See full diff in <a href="70a41aba78...c55203cfde">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6.0.2&new-version=6.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-12 22:07:55 +00:00
dependabot[bot] 237d88510f
Bump codecov/codecov-action from 4.2.0 to 4.3.0 (#146528) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.2.0 to 4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: automatically detect if using GitHub enterprise by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1356">codecov/codecov-action#1356</a></li>
<li>build(deps-dev): bump typescript from 5.4.3 to 5.4.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1355">codecov/codecov-action#1355</a></li>
<li>build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1360">codecov/codecov-action#1360</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.5.0 to 7.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1364">codecov/codecov-action#1364</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.5.0 to 7.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1363">codecov/codecov-action#1363</a></li>
<li>feat: add network params by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1365">codecov/codecov-action#1365</a></li>
<li>build(deps): bump undici from 5.28.3 to 5.28.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1361">codecov/codecov-action#1361</a></li>
<li>chore(release): v4.3.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1366">codecov/codecov-action#1366</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.2.0...v4.3.0">https://github.com/codecov/codecov-action/compare/v4.2.0...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="84508663e9"><code>8450866</code></a> chore(release): v4.3.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1366">#1366</a>)</li>
<li><a href="e8419092e9"><code>e841909</code></a> build(deps): bump undici from 5.28.3 to 5.28.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1361">#1361</a>)</li>
<li><a href="363a65ad48"><code>363a65a</code></a> feat: add network params (<a href="https://redirect.github.com/codecov/codecov-action/issues/1365">#1365</a>)</li>
<li><a href="640b86a455"><code>640b86a</code></a> build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.5.0 to 7.6.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1363">#1363</a>)</li>
<li><a href="375c033fbe"><code>375c033</code></a> build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.5.0 to 7.6.0 (#...</li>
<li><a href="d701256d7a"><code>d701256</code></a> build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1360">#1360</a>)</li>
<li><a href="0bb547ab49"><code>0bb547a</code></a> build(deps-dev): bump typescript from 5.4.3 to 5.4.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1355">#1355</a>)</li>
<li><a href="55e8381a3e"><code>55e8381</code></a> fix: automatically detect if using GitHub enterprise (<a href="https://redirect.github.com/codecov/codecov-action/issues/1356">#1356</a>)</li>
<li>See full diff in <a href="7afa10ed9b...84508663e9">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.2.0&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-09 21:43:18 +00:00
dependabot[bot] 86c8565050
Bump github/codeql-action from 3.24.9 to 3.24.10 (#146368) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.9 to 3.24.10.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.24.10 - 05 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
</ul>
<h2>3.24.9 - 22 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li>
</ul>
<h2>3.24.8 - 18 Mar 2024</h2>
<ul>
<li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li>
</ul>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
<h2>3.24.4 - 21 Feb 2024</h2>
<ul>
<li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li>
</ul>
<h2>3.24.3 - 15 Feb 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li>
</ul>
<h2>3.24.2 - 15 Feb 2024</h2>
<ul>
<li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li>
</ul>
<h2>3.24.1 - 13 Feb 2024</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="4355270be1"><code>4355270</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2226">#2226</a> from github/update-v3.24.10-7df281f2f</li>
<li><a href="3f041c51a5"><code>3f041c5</code></a> Update changelog for v3.24.10</li>
<li><a href="7df281f2fe"><code>7df281f</code></a> Gracefully continue if <code>createStatusReportBase</code> throws (<a href="https://redirect.github.com/github/codeql-action/issues/2225">#2225</a>)</li>
<li><a href="f421cda8e7"><code>f421cda</code></a> Run integration test PR checks nightly (<a href="https://redirect.github.com/github/codeql-action/issues/2222">#2222</a>)</li>
<li><a href="5f535debfe"><code>5f535de</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2221">#2221</a> from github/nickfyson/upload-logging</li>
<li><a href="278465cdfb"><code>278465c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2219">#2219</a> from github/update-bundle/codeql-bundle-v2.17.0</li>
<li><a href="65e69c8a4b"><code>65e69c8</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.17.0</li>
<li><a href="c037115ddf"><code>c037115</code></a> clarify logging in response to pr review comments</li>
<li><a href="d3c32a84cb"><code>d3c32a8</code></a> fix test to respect updated logging behaviour</li>
<li><a href="26540626a5"><code>2654062</code></a> Merge branch 'main' into nickfyson/upload-logging</li>
<li>Additional commits viewable in <a href="1b1aada464...4355270be1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.9&new-version=3.24.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-05 22:14:07 +00:00
dependabot[bot] 7330045768
Bump codecov/codecov-action from 4.1.1 to 4.2.0 (#146310) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.1 to 4.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): update deps by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1351">codecov/codecov-action#1351</a></li>
<li>feat: allow for authentication via OIDC token by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1330">codecov/codecov-action#1330</a></li>
<li>fix: use_oidc shoudl be required false by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1353">codecov/codecov-action#1353</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.1.1...v4.2.0">https://github.com/codecov/codecov-action/compare/v4.1.1...v4.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="7afa10ed9b"><code>7afa10e</code></a> fix: use_oidc shoudl be required false (<a href="https://redirect.github.com/codecov/codecov-action/issues/1353">#1353</a>)</li>
<li><a href="d820d60619"><code>d820d60</code></a> feat: allow for authentication via OIDC token (<a href="https://redirect.github.com/codecov/codecov-action/issues/1330">#1330</a>)</li>
<li><a href="3a20752bdd"><code>3a20752</code></a> chore(deps): update deps (<a href="https://redirect.github.com/codecov/codecov-action/issues/1351">#1351</a>)</li>
<li>See full diff in <a href="c16abc29c9...7afa10ed9b">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.1.1&new-version=4.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-04 22:47:10 +00:00
dependabot[bot] d2a193804b
Bump codecov/codecov-action from 4.1.0 to 4.1.1 (#145787) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.0 to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1315">codecov/codecov-action#1315</a></li>
<li>build(deps-dev): bump typescript from 5.3.3 to 5.4.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1319">codecov/codecov-action#1319</a></li>
<li>Removed mention of Mercurial by <a href="https://github.com/drazisil-codecov"><code>@​drazisil-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1325">codecov/codecov-action#1325</a></li>
<li>build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1332">codecov/codecov-action#1332</a></li>
<li>build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1331">codecov/codecov-action#1331</a></li>
<li>fix: force version by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1329">codecov/codecov-action#1329</a></li>
<li>build(deps-dev): bump typescript from 5.4.2 to 5.4.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1334">codecov/codecov-action#1334</a></li>
<li>build(deps): bump undici from 5.28.2 to 5.28.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1338">codecov/codecov-action#1338</a></li>
<li>build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1341">codecov/codecov-action#1341</a></li>
<li>fix: typo in disable_safe_directory by <a href="https://github.com/mkroening"><code>@​mkroening</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1343">codecov/codecov-action#1343</a></li>
<li>chore(release): 4.1.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1344">codecov/codecov-action#1344</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mkroening"><code>@​mkroening</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1343">codecov/codecov-action#1343</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.1.0...v4.1.1">https://github.com/codecov/codecov-action/compare/v4.1.0...v4.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p>
<blockquote>
<h2>4.0.0-beta.2</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/1085">#1085</a> not adding -n if empty to do-upload command</li>
</ul>
<h2>4.0.0-beta.1</h2>
<p><code>v4</code> represents a move from the <a href="https://github.com/codecov/uploader">universal uploader</a> to the <a href="https://github.com/codecov/codecov-cli">Codecov CLI</a>. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.</p>
<h3>Breaking Changes</h3>
<ul>
<li>No current support for <code>aarch64</code> and <code>alpine</code> architectures.</li>
<li>Tokenless uploading is unsuported</li>
<li>Various arguments to the Action have been removed</li>
</ul>
<h2>3.1.4</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a> Fix typo in README.md</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a> fix: add back in working dir</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a> fix: CLI option names for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to 18.16.3</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a> build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to 20.1.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a> build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to 20.1.4</li>
</ul>
<h2>3.1.3</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a> fix: allow for aarch64 build</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a> build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a> build(deps): bump openpgp from 5.7.0 to 5.8.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to 18.15.12</li>
</ul>
<h2>3.1.2</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/718">#718</a> Update README.md</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/851">#851</a> Remove unsupported path_to_write_report argument</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/898">#898</a> codeql-analysis.yml</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/901">#901</a> Update README to contain correct information - inputs and negate feature</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/955">#955</a> fix: add in all the extra arguments for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/819">#819</a> build(deps): bump openpgp from 5.4.0 to 5.5.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/835">#835</a> build(deps): bump node-fetch from 3.2.4 to 3.2.10</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/840">#840</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/841">#841</a> build(deps): bump <code>@​actions/core</code> from 1.9.1 to 1.10.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/843">#843</a> build(deps): bump <code>@​actions/github</code> from 5.0.3 to 5.1.1</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/869">#869</a> build(deps): bump node-fetch from 3.2.10 to 3.3.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/872">#872</a> build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/879">#879</a> build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c16abc29c9"><code>c16abc2</code></a> chore(release): 4.1.1 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1344">#1344</a>)</li>
<li><a href="3e33441c19"><code>3e33441</code></a> fix: typo in disable_safe_directory (<a href="https://redirect.github.com/codecov/codecov-action/issues/1343">#1343</a>)</li>
<li><a href="85aacc9654"><code>85aacc9</code></a> build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1341">#1341</a>)</li>
<li><a href="4ea9be0fa3"><code>4ea9be0</code></a> build(deps): bump undici from 5.28.2 to 5.28.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1338">#1338</a>)</li>
<li><a href="164fadeaa7"><code>164fade</code></a> build(deps-dev): bump typescript from 5.4.2 to 5.4.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1334">#1334</a>)</li>
<li><a href="4621ecce09"><code>4621ecc</code></a> fix: force version (<a href="https://redirect.github.com/codecov/codecov-action/issues/1329">#1329</a>)</li>
<li><a href="251ba34669"><code>251ba34</code></a> build(deps): bump actions/checkout from 4.1.1 to 4.1.2 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1331">#1331</a>)</li>
<li><a href="5a593a5341"><code>5a593a5</code></a> build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1332">#1332</a>)</li>
<li><a href="a15c0e43ca"><code>a15c0e4</code></a> Removed mention of Mercurial (<a href="https://redirect.github.com/codecov/codecov-action/issues/1325">#1325</a>)</li>
<li><a href="8be6ba5782"><code>8be6ba5</code></a> build(deps-dev): bump typescript from 5.3.3 to 5.4.2 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1319">#1319</a>)</li>
<li>Additional commits viewable in <a href="54bcd8715e...c16abc29c9">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.1.0&new-version=4.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-26 22:16:06 +00:00
dependabot[bot] 5b6a121dc5
Bump github/codeql-action from 3.24.8 to 3.24.9 (#145627) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.8 to 3.24.9.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.24.9 - 22 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li>
</ul>
<h2>3.24.8 - 18 Mar 2024</h2>
<ul>
<li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li>
</ul>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
<h2>3.24.4 - 21 Feb 2024</h2>
<ul>
<li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li>
</ul>
<h2>3.24.3 - 15 Feb 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li>
</ul>
<h2>3.24.2 - 15 Feb 2024</h2>
<ul>
<li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li>
</ul>
<h2>3.24.1 - 13 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li>
<li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li>
</ul>
<h2>3.24.0 - 02 Feb 2024</h2>
<ul>
<li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1b1aada464"><code>1b1aada</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2208">#2208</a> from github/update-v3.24.9-09d4101d2</li>
<li><a href="6505708f95"><code>6505708</code></a> Update changelog for v3.24.9</li>
<li><a href="09d4101d2b"><code>09d4101</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2203">#2203</a> from github/update-bundle/codeql-bundle-v2.16.5</li>
<li><a href="a3ab02e645"><code>a3ab02e</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.16.5</li>
<li><a href="9cf4574790"><code>9cf4574</code></a> Add changelog note</li>
<li><a href="964f5e7811"><code>964f5e7</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2207">#2207</a> from github/henrymercer/more-processing-error-catego...</li>
<li><a href="9c0c35b370"><code>9c0c35b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2206">#2206</a> from github/henrymercer/improved-autobuild-error-wit...</li>
<li><a href="c84e4c8e7b"><code>c84e4c8</code></a> Mark some more processing errors as invalid SARIF upload requests</li>
<li><a href="4aca720110"><code>4aca720</code></a> Improve error message when using build modes and autobuild fails</li>
<li><a href="7f375aeb76"><code>7f375ae</code></a> Wrap configuration errors for all CLI commands</li>
<li>Additional commits viewable in <a href="05963f47d8...1b1aada464">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.8&new-version=3.24.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-23 01:25:27 +00:00
dependabot[bot] ed2c7eda89
Bump github/codeql-action from 3.24.7 to 3.24.8 (#145358) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.7 to 3.24.8.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.24.8 - 18 Mar 2024</h2>
<ul>
<li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li>
</ul>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
<h2>3.24.4 - 21 Feb 2024</h2>
<ul>
<li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li>
</ul>
<h2>3.24.3 - 15 Feb 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li>
</ul>
<h2>3.24.2 - 15 Feb 2024</h2>
<ul>
<li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li>
</ul>
<h2>3.24.1 - 13 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li>
<li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li>
</ul>
<h2>3.24.0 - 02 Feb 2024</h2>
<ul>
<li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li>
</ul>
<h2>3.23.2 - 26 Jan 2024</h2>
<ul>
<li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="05963f47d8"><code>05963f4</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2200">#2200</a> from github/update-v3.24.8-1ecc2779e</li>
<li><a href="2b9b521560"><code>2b9b521</code></a> Update changelog for v3.24.8</li>
<li><a href="1ecc2779e9"><code>1ecc277</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2198">#2198</a> from github/henrymercer/improve-tracking-autobuild-e...</li>
<li><a href="e28ae3a84c"><code>e28ae3a</code></a> Add config error for Swift build failures</li>
<li><a href="bddfc7c6d5"><code>bddfc7c</code></a> Add config error for Gradle build failures</li>
<li><a href="3edd1bf725"><code>3edd1bf</code></a> Truncate autobuild errors to 10 lines</li>
<li><a href="88a0b7abb3"><code>88a0b7a</code></a> Mark Maven build failures as configuration errors</li>
<li><a href="88b28eb70d"><code>88b28eb</code></a> Surface autobuild errors from stderr stream</li>
<li><a href="f055b5e672"><code>f055b5e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2197">#2197</a> from github/henrymercer/log-job-status</li>
<li><a href="0d680ab61c"><code>0d680ab</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2196">#2196</a> from github/henrymercer/update-packs-input-description</li>
<li>Additional commits viewable in <a href="3ab4101902...05963f47d8">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.7&new-version=3.24.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-18 22:24:06 +00:00
dependabot[bot] 5b006bf50c
Bump actions/checkout from 4.1.1 to 4.1.2 (#145032) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.2</h2>
<p>We are investigating the following issue with this release and have rolled-back the <code>v4</code> tag to point to <code>v4.1.1</code></p>
<ul>
<li><code>sparse-checkout</code> is not available on git versions prior to 2.27.0 (see <a href="https://redirect.github.com/actions/checkout/issues/1651">actions/checkout#1651</a>)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
<li>Bump tough-cookie from 4.0.0 to 4.1.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1406">actions/checkout#1406</a></li>
<li>Bump <code>@​babel/traverse</code> from 7.20.5 to 7.24.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1642">actions/checkout#1642</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jww3"><code>@​jww3</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1616">actions/checkout#1616</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.1...v4.1.2">https://github.com/actions/checkout/compare/v4.1.1...v4.1.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@​actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1045">Implement branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942">Add GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix status badge</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1002">Replace datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap pipeline commands for submoduleForeach in quotes</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1029">Update <code>@​actions/io</code> to 1.1.2</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9bb56186c3"><code>9bb5618</code></a> Prep for release of  v4.1.2  (<a href="https://redirect.github.com/actions/checkout/issues/1649">#1649</a>)</li>
<li><a href="8eb1f6a495"><code>8eb1f6a</code></a> Bump <code>@​babel/traverse</code> from 7.20.5 to 7.24.0 (<a href="https://redirect.github.com/actions/checkout/issues/1642">#1642</a>)</li>
<li><a href="556e4c3cb0"><code>556e4c3</code></a> Bump tough-cookie from 4.0.0 to 4.1.3 (<a href="https://redirect.github.com/actions/checkout/issues/1406">#1406</a>)</li>
<li><a href="b32f140b0c"><code>b32f140</code></a> Warn on attempts to publish <code>test-ubuntu-git</code> from non-main branch. (<a href="https://redirect.github.com/actions/checkout/issues/1623">#1623</a>)</li>
<li><a href="2650dbd060"><code>2650dbd</code></a> Give <code>test-ubuntu-git</code> its own <code>README</code> (<a href="https://redirect.github.com/actions/checkout/issues/1620">#1620</a>)</li>
<li><a href="aadec89964"><code>aadec89</code></a> Explicitly disable sparse checkout unless asked for (<a href="https://redirect.github.com/actions/checkout/issues/1598">#1598</a>)</li>
<li><a href="df0bcddf6d"><code>df0bcdd</code></a> Refine workflow for generating <code>test-ubuntu-git</code> (<a href="https://redirect.github.com/actions/checkout/issues/1617">#1617</a>)</li>
<li><a href="473055ba18"><code>473055b</code></a> Create <code>test-ubuntu-git</code> Docker Container for Proxy Tests (<a href="https://redirect.github.com/actions/checkout/issues/1616">#1616</a>)</li>
<li>See full diff in <a href="b4ffde65f4...9bb56186c3">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.1&new-version=4.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-12 22:35:56 +00:00
dependabot[bot] 72fa1c3043
Bump peter-evans/create-pull-request from 6.0.1 to 6.0.2 (#145034) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.1 to 6.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v6.0.2</h2>
<p>⚡ Improves performance in some cases where the action rebases changes on to the specified <code>base</code>.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump eslint-plugin-github from 4.10.1 to 4.10.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2797">peter-evans/create-pull-request#2797</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.18 to 18.19.21 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2798">peter-evans/create-pull-request#2798</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.21 to 18.19.23 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2811">peter-evans/create-pull-request#2811</a></li>
<li>perf: shallow fetch the actual base when rebasing from working base by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2816">peter-evans/create-pull-request#2816</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/webmonarch"><code>@​webmonarch</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2816">peter-evans/create-pull-request#2816</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.1...v6.0.2">https://github.com/peter-evans/create-pull-request/compare/v6.0.1...v6.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="70a41aba78"><code>70a41ab</code></a> perf: shallow fetch the actual base when rebasing from working base (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2816">#2816</a>)</li>
<li><a href="57a101480a"><code>57a1014</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.21 to 18.19.23 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2811">#2811</a>)</li>
<li><a href="b3a2c5d525"><code>b3a2c5d</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.18 to 18.19.21 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2798">#2798</a>)</li>
<li><a href="02c7da59e8"><code>02c7da5</code></a> build(deps-dev): bump eslint-plugin-github from 4.10.1 to 4.10.2 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2797">#2797</a>)</li>
<li><a href="bac6da8071"><code>bac6da8</code></a> docs: update description of delete-branch</li>
<li>See full diff in <a href="a4f52f8033...70a41aba78">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6.0.1&new-version=6.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-12 22:34:31 +00:00
dependabot[bot] b686ddad53
Bump github/codeql-action from 3.24.6 to 3.24.7 (#145033) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.6 to 3.24.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
<h2>3.24.4 - 21 Feb 2024</h2>
<ul>
<li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li>
</ul>
<h2>3.24.3 - 15 Feb 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li>
</ul>
<h2>3.24.2 - 15 Feb 2024</h2>
<ul>
<li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li>
</ul>
<h2>3.24.1 - 13 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li>
<li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li>
</ul>
<h2>3.24.0 - 02 Feb 2024</h2>
<ul>
<li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li>
</ul>
<h2>3.23.2 - 26 Jan 2024</h2>
<ul>
<li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li>
<li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li>
</ul>
<h2>3.23.1 - 17 Jan 2024</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="3ab4101902"><code>3ab4101</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2192">#2192</a> from github/update-v3.24.7-5e882999f</li>
<li><a href="a006adfa77"><code>a006adf</code></a> Update changelog for v3.24.7</li>
<li><a href="5e882999f1"><code>5e88299</code></a> Bump the npm group with 2 updates (<a href="https://redirect.github.com/github/codeql-action/issues/2190">#2190</a>)</li>
<li><a href="69e120d747"><code>69e120d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2191">#2191</a> from github/henrymercer/use-include-query-help-flag</li>
<li><a href="5ec06c71f0"><code>5ec06c7</code></a> Use the <code>--sarif-include-query-help</code> option when supported</li>
<li><a href="caf377935a"><code>caf3779</code></a> Update default bundle to 2.16.4 (<a href="https://redirect.github.com/github/codeql-action/issues/2185">#2185</a>)</li>
<li><a href="532ca5486e"><code>532ca54</code></a> Fail <code>analyze</code> step by passing an invalid option to <code>database finalize</code> (<a href="https://redirect.github.com/github/codeql-action/issues/2189">#2189</a>)</li>
<li><a href="2fa207a8b7"><code>2fa207a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2188">#2188</a> from github/henrymercer/prepare-build-mode-help</li>
<li><a href="24c3eda0e3"><code>24c3eda</code></a> Escape named value in input description</li>
<li><a href="27a6cd0a11"><code>27a6cd0</code></a> Remove experimental qualifiers from build mode input</li>
<li>Additional commits viewable in <a href="8a470fddaf...3ab4101902">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.6&new-version=3.24.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-12 22:29:28 +00:00
dependabot[bot] bbb005296c
Bump codecov/codecov-action from 4.0.2 to 4.1.0 (#144174) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.2 to 4.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: set safe directory by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1304">codecov/codecov-action#1304</a></li>
<li>build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1306">codecov/codecov-action#1306</a></li>
<li>build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1305">codecov/codecov-action#1305</a></li>
<li>chore(release): v4.1.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1307">codecov/codecov-action#1307</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.0.2...v4.1.0">https://github.com/codecov/codecov-action/compare/v4.0.2...v4.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="54bcd8715e"><code>54bcd87</code></a> chore(release): v4.1.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1307">#1307</a>)</li>
<li><a href="8ba77ef8d7"><code>8ba77ef</code></a> build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1305">#1305</a>)</li>
<li><a href="c60aa801e3"><code>c60aa80</code></a> build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1306">#1306</a>)</li>
<li><a href="2fc4847d3f"><code>2fc4847</code></a> fix: set safe directory (<a href="https://redirect.github.com/codecov/codecov-action/issues/1304">#1304</a>)</li>
<li>See full diff in <a href="0cfda1dd0a...54bcd8715e">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.0.2&new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-05 23:55:05 +00:00
Xilai Zhang 09b7a1c7c8
[github actions] rewrite cherry pick template (#144065) 
Context: @godofredoc pointed out that the fields in the PR template could be simplified and redesigned. Synced with @itsjustkevin and Kevin come up with [changes in this doc](https://docs.google.com/document/d/1Slppqq32toSwwxUyYTX1t6dGUQpyi0xEWxw4niGWspc/edit?resourcekey=0-v6U_9XVsMFSx0Fvx1rANhg&tab=t.0) which would improve the cherry pick template.

Github only supports a limited number of formatting options. This PR uses some workarounds and makes the following changes:
1. use divider to replace text area since Github markdown doesn't support text area
2. remove \<pre\> tags so texts can wrap around
3. use headings over bold
4. use task lists to identify the starting points of user answers

An example cherry pick template would [look like this](https://github.com/flutter/flutter/pull/143785) after the change.
 2024-03-02 00:49:14 +00:00
dependabot[bot] fe56a35602
Bump github/codeql-action from 3.24.5 to 3.24.6 (#144424) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.5 to 3.24.6.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.24.6 - 29 Feb 2024</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
<h2>3.24.4 - 21 Feb 2024</h2>
<ul>
<li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li>
</ul>
<h2>3.24.3 - 15 Feb 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li>
</ul>
<h2>3.24.2 - 15 Feb 2024</h2>
<ul>
<li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li>
</ul>
<h2>3.24.1 - 13 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li>
<li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li>
</ul>
<h2>3.24.0 - 02 Feb 2024</h2>
<ul>
<li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li>
</ul>
<h2>3.23.2 - 26 Jan 2024</h2>
<ul>
<li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li>
<li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li>
</ul>
<h2>3.23.1 - 17 Jan 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li>
<li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li>
</ul>
<h2>3.23.0 - 08 Jan 2024</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="8a470fddaf"><code>8a470fd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2176">#2176</a> from github/update-v3.24.6-158d0780d</li>
<li><a href="d59eafb69b"><code>d59eafb</code></a> Update changelog for v3.24.6</li>
<li><a href="158d0780dc"><code>158d078</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2175">#2175</a> from github/henrymercer/fix-languages-init-success</li>
<li><a href="2307ff547f"><code>2307ff5</code></a> Add <code>languages</code> and <code>build_mode</code> to <code>init</code> <code>success</code> status report</li>
<li><a href="ccd3f02545"><code>ccd3f02</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2173">#2173</a> from github/henrymercer/mark-third-party-limits-erro...</li>
<li><a href="c0917251d4"><code>c091725</code></a> Refactoring: Convert <code>ActionName</code> to enum</li>
<li><a href="e12a8cc5eb"><code>e12a8cc</code></a> Use <code>isFirstPartyAnalysis</code> for a stronger check</li>
<li><a href="888ab31e3e"><code>888ab31</code></a> Mark third-party SARIF limits errors as configuration errors</li>
<li><a href="bd56a05133"><code>bd56a05</code></a> Rename <code>InvalidRequestError</code> to <code>InvalidSarifUploadError</code></li>
<li><a href="7bde9061b4"><code>7bde906</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2172">#2172</a> from github/henrymercer/fix-readme-typos</li>
<li>Additional commits viewable in <a href="47b3d888fe...8a470fddaf">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.5&new-version=3.24.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-02-29 23:28:52 +00:00
dependabot[bot] 3095c116b6
Bump peter-evans/create-pull-request from 6.0.0 to 6.0.1 (#144344) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.0 to 6.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v6.0.1</h2>
<p>⚙️ Fixes <a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2790">an issue</a> where updating a pull request leads to the error <code>Cannot read properties of undefined (reading 'number')</code>. This was likely caused by GitHub fixing a long standing bug with an API endpoint, resulting in a breaking change.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​types/jest</code> from 29.5.11 to 29.5.12 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2730">peter-evans/create-pull-request#2730</a></li>
<li>build(deps-dev): bump prettier from 3.2.4 to 3.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2731">peter-evans/create-pull-request#2731</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.10 to 18.19.14 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2732">peter-evans/create-pull-request#2732</a></li>
<li>build(deps): bump peter-evans/slash-command-dispatch from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2748">peter-evans/create-pull-request#2748</a></li>
<li>build(deps): bump peter-evans/create-pull-request from 5 to 6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2747">peter-evans/create-pull-request#2747</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.14 to 18.19.15 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2759">peter-evans/create-pull-request#2759</a></li>
<li>build(deps-dev): bump eslint-plugin-jest from 27.6.3 to 27.9.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2769">peter-evans/create-pull-request#2769</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.15 to 18.19.17 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2768">peter-evans/create-pull-request#2768</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.17 to 18.19.18 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2780">peter-evans/create-pull-request#2780</a></li>
<li>build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2781">peter-evans/create-pull-request#2781</a></li>
<li>fix: list pulls using the correct head format by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2792">peter-evans/create-pull-request#2792</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.0...v6.0.1">https://github.com/peter-evans/create-pull-request/compare/v6.0.0...v6.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a4f52f8033"><code>a4f52f8</code></a> fix: list pulls using the correct head format (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2792">#2792</a>)</li>
<li><a href="853c071bcf"><code>853c071</code></a> build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2781">#2781</a>)</li>
<li><a href="d2c126edc7"><code>d2c126e</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.17 to 18.19.18 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2780">#2780</a>)</li>
<li><a href="43d39c6836"><code>43d39c6</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.15 to 18.19.17 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2768">#2768</a>)</li>
<li><a href="5a9d206da2"><code>5a9d206</code></a> build(deps-dev): bump eslint-plugin-jest from 27.6.3 to 27.9.0 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2769">#2769</a>)</li>
<li><a href="e0743ed96c"><code>e0743ed</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.14 to 18.19.15 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2759">#2759</a>)</li>
<li><a href="e1529cb8ab"><code>e1529cb</code></a> build(deps): bump peter-evans/create-pull-request from 5 to 6 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2747">#2747</a>)</li>
<li><a href="aad52e87e7"><code>aad52e8</code></a> build(deps): bump peter-evans/slash-command-dispatch from 3 to 4 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2748">#2748</a>)</li>
<li><a href="a64ebdd734"><code>a64ebdd</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.10 to 18.19.14 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2732">#2732</a>)</li>
<li><a href="51b40aff5f"><code>51b40af</code></a> build(deps-dev): bump prettier from 3.2.4 to 3.2.5 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2731">#2731</a>)</li>
<li>Additional commits viewable in <a href="b1ddad2c99...a4f52f8033">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6.0.0&new-version=6.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-02-28 22:01:45 +00:00
dependabot[bot] b1203fbcdc
Bump github/codeql-action from 3.24.4 to 3.24.5 (#144059) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.4 to 3.24.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
<h2>3.24.4 - 21 Feb 2024</h2>
<ul>
<li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li>
</ul>
<h2>3.24.3 - 15 Feb 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li>
</ul>
<h2>3.24.2 - 15 Feb 2024</h2>
<ul>
<li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li>
</ul>
<h2>3.24.1 - 13 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li>
<li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li>
</ul>
<h2>3.24.0 - 02 Feb 2024</h2>
<ul>
<li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li>
</ul>
<h2>3.23.2 - 26 Jan 2024</h2>
<ul>
<li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li>
<li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li>
</ul>
<h2>3.23.1 - 17 Jan 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li>
<li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li>
</ul>
<h2>3.23.0 - 08 Jan 2024</h2>
<ul>
<li>We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false</code> in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/2031">#2031</a></li>
<li>The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see <a href="https://github.com/github/codeql-action/blob/main/#2227---16-nov-2023">the corresponding changelog entry for CodeQL Action version 2.22.7</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2009">#2009</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="47b3d888fe"><code>47b3d88</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2162">#2162</a> from github/update-v3.24.5-a74dcdb05</li>
<li><a href="28c290059f"><code>28c2900</code></a> Update changelog for v3.24.5</li>
<li><a href="a74dcdb056"><code>a74dcdb</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2160">#2160</a> from github/henrymercer/deptrace-with-build-mode</li>
<li><a href="aeb89ef79a"><code>aeb89ef</code></a> Enable C++ deptrace when using autobuild build mode</li>
<li><a href="2896599ec9"><code>2896599</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2060">#2060</a> from github/mbg/go/1.22</li>
<li><a href="e3a86ed8b6"><code>e3a86ed</code></a> Add comment justifying why we set <code>cache: false</code></li>
<li><a href="5d55901fc8"><code>5d55901</code></a> Use Go 1.22 in workflows</li>
<li><a href="908a88334d"><code>908a883</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2158">#2158</a> from github/mergeback/v3.24.4-to-main-e2e140ad</li>
<li><a href="9bce06dffb"><code>9bce06d</code></a> Merge branch 'main' into mergeback/v3.24.4-to-main-e2e140ad</li>
<li><a href="c9f3eed85d"><code>c9f3eed</code></a> Update checked-in dependencies</li>
<li>Additional commits viewable in <a href="e2e140ad14...47b3d888fe">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.4&new-version=3.24.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-02-23 22:12:53 +00:00
dependabot[bot] 5b3c216816
Bump codecov/codecov-action from 4.0.1 to 4.0.2 (#144060) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.1 to 4.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1251">codecov/codecov-action#1251</a></li>
<li>build(deps-dev): bump <code>@​types/jest</code> from 29.5.11 to 29.5.12 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1257">codecov/codecov-action#1257</a></li>
<li>build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1266">codecov/codecov-action#1266</a></li>
<li>Escape pipes in table of arguments by <a href="https://github.com/jwodder"><code>@​jwodder</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1265">codecov/codecov-action#1265</a></li>
<li>Add link to docs on Dependabot secrets by <a href="https://github.com/ianlewis"><code>@​ianlewis</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1260">codecov/codecov-action#1260</a></li>
<li>fix: working-directory input for all stages by <a href="https://github.com/Bo98"><code>@​Bo98</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1272">codecov/codecov-action#1272</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 6.20.0 to 6.21.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1271">codecov/codecov-action#1271</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 6.20.0 to 6.21.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1269">codecov/codecov-action#1269</a></li>
<li>build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1298">codecov/codecov-action#1298</a></li>
<li>Use updated syntax for GitHub Markdown notes by <a href="https://github.com/jamacku"><code>@​jamacku</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1300">codecov/codecov-action#1300</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 6.21.0 to 7.0.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1290">codecov/codecov-action#1290</a></li>
<li>build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1286">codecov/codecov-action#1286</a></li>
<li>chore(release): bump to 4.0.2 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1302">codecov/codecov-action#1302</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jwodder"><code>@​jwodder</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1265">codecov/codecov-action#1265</a></li>
<li><a href="https://github.com/ianlewis"><code>@​ianlewis</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1260">codecov/codecov-action#1260</a></li>
<li><a href="https://github.com/Bo98"><code>@​Bo98</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1272">codecov/codecov-action#1272</a></li>
<li><a href="https://github.com/jamacku"><code>@​jamacku</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1300">codecov/codecov-action#1300</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.0.1...v4.0.2">https://github.com/codecov/codecov-action/compare/v4.0.1...v4.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="0cfda1dd0a"><code>0cfda1d</code></a> chore(release): bump to 4.0.2 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1302">#1302</a>)</li>
<li><a href="7d3a55eb5e"><code>7d3a55e</code></a> build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1286">#1286</a>)</li>
<li><a href="fe84a0b3c0"><code>fe84a0b</code></a> build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 6.21.0 to 7.0.0 (...</li>
<li><a href="e12c9402c4"><code>e12c940</code></a> Use updated syntax for GitHub Markdown notes (<a href="https://redirect.github.com/codecov/codecov-action/issues/1300">#1300</a>)</li>
<li><a href="ef7f8a5d3c"><code>ef7f8a5</code></a> build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1298">#1298</a>)</li>
<li><a href="b8a1d6a424"><code>b8a1d6a</code></a> build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 6.20.0 to 6.21.0 ...</li>
<li><a href="6ef7ea4c74"><code>6ef7ea4</code></a> build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 6.20.0 to 6.21.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1271">#1271</a>)</li>
<li><a href="f62c5eebfe"><code>f62c5ee</code></a> fix: working-directory input for all stages (<a href="https://redirect.github.com/codecov/codecov-action/issues/1272">#1272</a>)</li>
<li><a href="fdbfa4b889"><code>fdbfa4b</code></a> Add link to docs on Dependabot secrets (<a href="https://redirect.github.com/codecov/codecov-action/issues/1260">#1260</a>)</li>
<li><a href="9855cf7bd1"><code>9855cf7</code></a> Escape pipes in table of arguments (<a href="https://redirect.github.com/codecov/codecov-action/issues/1265">#1265</a>)</li>
<li>Additional commits viewable in <a href="e0b68c6749...0cfda1dd0a">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.0.1&new-version=4.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-02-23 22:05:47 +00:00
dependabot[bot] b476e9674e
Bump github/codeql-action from 3.24.3 to 3.24.4 (#143971) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.3 to 3.24.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.24.4 - 21 Feb 2024</h2>
<ul>
<li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
<h2>3.24.3 - 15 Feb 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li>
</ul>
<h2>3.24.2 - 15 Feb 2024</h2>
<ul>
<li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li>
</ul>
<h2>3.24.1 - 13 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li>
<li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li>
</ul>
<h2>3.24.0 - 02 Feb 2024</h2>
<ul>
<li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li>
</ul>
<h2>3.23.2 - 26 Jan 2024</h2>
<ul>
<li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li>
<li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li>
</ul>
<h2>3.23.1 - 17 Jan 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li>
<li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li>
</ul>
<h2>3.23.0 - 08 Jan 2024</h2>
<ul>
<li>We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false</code> in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/2031">#2031</a></li>
<li>The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see <a href="https://github.com/github/codeql-action/blob/main/#2227---16-nov-2023">the corresponding changelog entry for CodeQL Action version 2.22.7</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2009">#2009</a></li>
</ul>
<h2>3.22.12 - 22 Dec 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2047">#2047</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="e2e140ad14"><code>e2e140a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2157">#2157</a> from github/update-v3.24.4-982d9346a</li>
<li><a href="5b1ae298f9"><code>5b1ae29</code></a> Update changelog for v3.24.4</li>
<li><a href="982d9346ad"><code>982d934</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2111">#2111</a> from github/nickfyson/first-or-third-party</li>
<li><a href="ebda17e859"><code>ebda17e</code></a> respond to review comments</li>
<li><a href="cca1ddefc0"><code>cca1dde</code></a> Merge branch 'main' into nickfyson/first-or-third-party</li>
<li><a href="f32f0bf8e4"><code>f32f0bf</code></a> ensure only the upload-sarif action can submit a status report with first_par...</li>
<li><a href="bf8c75ee37"><code>bf8c75e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2153">#2153</a> from github/aeisenberg/add-permissions-doc</li>
<li><a href="36c51ac2b5"><code>36c51ac</code></a> Capitalize Code Scanning</li>
<li><a href="a7dc229496"><code>a7dc229</code></a> add first_party_analysis boolean to all status reports</li>
<li><a href="592977e6ae"><code>592977e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2151">#2151</a> from angelapwen/fix-cpu-group-bug</li>
<li>Additional commits viewable in <a href="379614612a...e2e140ad14">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.3&new-version=3.24.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-02-22 22:31:40 +00:00