development/flutter
development/flutter
1
0
Fork 0
mirror of https://github.com/flutter/flutter synced 2024-10-12 19:23:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
36853 commits 770 branches 974 tags 1.7 GiB
Commit graph

126 commits

Author SHA1 Message Date
dependabot[bot] 04ad1da1ae
Bump github/codeql-action from 2.21.5 to 2.21.6 (#134692) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.5 to 2.21.6.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.21.6 - 13 Sep 2023</h2>
<ul>
<li>Better error message when there is a failure to determine the merge base of the code to analysis. <a href="https://redirect.github.com/github/codeql-action/pull/1860">#1860</a></li>
<li>Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/1866">#1866</a></li>
<li>Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/1867">#1867</a></li>
<li>Update default CodeQL bundle version to 2.14.4. <a href="https://redirect.github.com/github/codeql-action/pull/1873">#1873</a></li>
</ul>
<h2>2.21.5 - 28 Aug 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.14.3. <a href="https://redirect.github.com/github/codeql-action/pull/1845">#1845</a></li>
<li>Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for <a href="https://projectlombok.org/">Project Lombok</a> when analyzing Java. The environment variable <code>CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS</code> will now be respected if it was manually configured in the workflow. <a href="https://redirect.github.com/github/codeql-action/pull/1844">#1844</a></li>
<li>Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3. <a href="https://redirect.github.com/github/codeql-action/pull/1853">#1853</a></li>
</ul>
<h2>2.21.4 - 14 Aug 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.14.2. <a href="https://redirect.github.com/github/codeql-action/pull/1831">#1831</a></li>
<li>Log a warning if the amount of available disk space runs low during a code scanning run. <a href="https://redirect.github.com/github/codeql-action/pull/1825">#1825</a></li>
<li>When downloading CodeQL bundle version 2.13.4 and later, cache these bundles in the Actions tool cache using a simpler version number. <a href="https://redirect.github.com/github/codeql-action/pull/1832">#1832</a></li>
<li>Fix an issue that first appeared in CodeQL Action v2.21.2 that prevented CodeQL invocations from being logged. <a href="https://redirect.github.com/github/codeql-action/pull/1833">#1833</a></li>
<li>We are rolling out a feature in August 2023 that will improve the quality of file coverage information. <a href="https://redirect.github.com/github/codeql-action/pull/1835">#1835</a></li>
</ul>
<h2>2.21.3 - 08 Aug 2023</h2>
<ul>
<li>We are rolling out a feature in August 2023 that will improve multi-threaded performance on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1817">#1817</a></li>
<li>We are rolling out a feature in August 2023 that adds beta support for <a href="https://projectlombok.org/">Project Lombok</a> when analyzing Java. <a href="https://redirect.github.com/github/codeql-action/pull/1809">#1809</a></li>
<li>Reduce disk space usage when downloading the CodeQL bundle. <a href="https://redirect.github.com/github/codeql-action/pull/1820">#1820</a></li>
</ul>
<h2>2.21.2 - 28 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.14.1. <a href="https://redirect.github.com/github/codeql-action/pull/1797">#1797</a></li>
<li>Avoid duplicating the analysis summary within the logs. <a href="https://redirect.github.com/github/codeql-action/pull/1811">#1811</a></li>
</ul>
<h2>2.21.1 - 26 Jul 2023</h2>
<ul>
<li>Improve the handling of fatal errors from the CodeQL CLI. <a href="https://redirect.github.com/github/codeql-action/pull/1795">#1795</a></li>
<li>Add the <code>sarif-output</code> output to the analyze action that contains the path to the directory of the generated SARIF. <a href="https://redirect.github.com/github/codeql-action/pull/1799">#1799</a></li>
</ul>
<h2>2.21.0 - 19 Jul 2023</h2>
<ul>
<li>CodeQL Action now requires CodeQL CLI 2.9.4 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/1724">#1724</a></li>
</ul>
<h2>2.20.4 - 14 Jul 2023</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="701f152f28"><code>701f152</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1875">#1875</a> from github/update-v2.21.6-6a6a82470</li>
<li><a href="1b6299040a"><code>1b62990</code></a> Fix misplaced changelog entry</li>
<li><a href="5462f69153"><code>5462f69</code></a> Update changelog for v2.21.6</li>
<li><a href="6a6a824702"><code>6a6a824</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1873">#1873</a> from github/update-bundle/codeql-bundle-v2.14.4</li>
<li><a href="88c7a5c4cc"><code>88c7a5c</code></a> Add changelog note</li>
<li><a href="da65035498"><code>da65035</code></a> Update default bundle to codeql-bundle-v2.14.4</li>
<li><a href="43750fe4fc"><code>43750fe</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1872">#1872</a> from github/henrymercer/user-errors-for-upload-sarif</li>
<li><a href="a7c12a5225"><code>a7c12a5</code></a> Address PR comments</li>
<li><a href="7218de5369"><code>7218de5</code></a> Merge branch 'main' into henrymercer/user-errors-for-upload-sarif</li>
<li><a href="4764dce02f"><code>4764dce</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1866">#1866</a> from github/henrymercer/enable-scaling-reserved-ram-...</li>
<li>Additional commits viewable in <a href="00e563ead9...701f152f28">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.21.5&new-version=2.21.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-09-13 22:28:23 +00:00
dependabot[bot] cf1968aa66
Bump actions/upload-artifact from 3.1.2 to 3.1.3 (#134173) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p>
<blockquote>
<h2>v3.1.3</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(github): remove trailing whitespaces by <a href="https://github.com/ljmf00"><code>@​ljmf00</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/313">actions/upload-artifact#313</a></li>
<li>Bump <code>@​actions/artifact</code> version to v1.1.2 by <a href="https://github.com/bethanyj28"><code>@​bethanyj28</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/436">actions/upload-artifact#436</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v3...v3.1.3">https://github.com/actions/upload-artifact/compare/v3...v3.1.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a8a3f3ad30"><code>a8a3f3a</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/436">#436</a> from bethanyj28/main</li>
<li><a href="7b48769c03"><code>7b48769</code></a> update dependency cache</li>
<li><a href="66630398df"><code>6663039</code></a> update dist/index.js</li>
<li><a href="55e76b779d"><code>55e76b7</code></a> bump <code>@​actions/artifact</code> version</li>
<li><a href="65d862660a"><code>65d8626</code></a> chore(github): remove trailing whitespaces (<a href="https://redirect.github.com/actions/upload-artifact/issues/313">#313</a>)</li>
<li>See full diff in <a href="0b7f8abb15...a8a3f3ad30">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=3.1.2&new-version=3.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-09-06 22:18:54 +00:00
dependabot[bot] c046627482
Bump github/codeql-action from 2.21.4 to 2.21.5 (#133504) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.4 to 2.21.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.21.5 - 28 Aug 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.14.3. <a href="https://redirect.github.com/github/codeql-action/pull/1845">#1845</a></li>
<li>Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for <a href="https://projectlombok.org/">Project Lombok</a> when analyzing Java. The environment variable <code>CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS</code> will now be respected if it was manually configured in the workflow. <a href="https://redirect.github.com/github/codeql-action/pull/1844">#1844</a></li>
<li>Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3. <a href="https://redirect.github.com/github/codeql-action/pull/1853">#1853</a></li>
</ul>
<h2>2.21.4 - 14 Aug 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.14.2. <a href="https://redirect.github.com/github/codeql-action/pull/1831">#1831</a></li>
<li>Log a warning if the amount of available disk space runs low during a code scanning run. <a href="https://redirect.github.com/github/codeql-action/pull/1825">#1825</a></li>
<li>When downloading CodeQL bundle version 2.13.4 and later, cache these bundles in the Actions tool cache using a simpler version number. <a href="https://redirect.github.com/github/codeql-action/pull/1832">#1832</a></li>
<li>Fix an issue that first appeared in CodeQL Action v2.21.2 that prevented CodeQL invocations from being logged. <a href="https://redirect.github.com/github/codeql-action/pull/1833">#1833</a></li>
<li>We are rolling out a feature in August 2023 that will improve the quality of file coverage information. <a href="https://redirect.github.com/github/codeql-action/pull/1835">#1835</a></li>
</ul>
<h2>2.21.3 - 08 Aug 2023</h2>
<ul>
<li>We are rolling out a feature in August 2023 that will improve multi-threaded performance on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1817">#1817</a></li>
<li>We are rolling out a feature in August 2023 that adds beta support for <a href="https://projectlombok.org/">Project Lombok</a> when analyzing Java. <a href="https://redirect.github.com/github/codeql-action/pull/1809">#1809</a></li>
<li>Reduce disk space usage when downloading the CodeQL bundle. <a href="https://redirect.github.com/github/codeql-action/pull/1820">#1820</a></li>
</ul>
<h2>2.21.2 - 28 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.14.1. <a href="https://redirect.github.com/github/codeql-action/pull/1797">#1797</a></li>
<li>Avoid duplicating the analysis summary within the logs. <a href="https://redirect.github.com/github/codeql-action/pull/1811">#1811</a></li>
</ul>
<h2>2.21.1 - 26 Jul 2023</h2>
<ul>
<li>Improve the handling of fatal errors from the CodeQL CLI. <a href="https://redirect.github.com/github/codeql-action/pull/1795">#1795</a></li>
<li>Add the <code>sarif-output</code> output to the analyze action that contains the path to the directory of the generated SARIF. <a href="https://redirect.github.com/github/codeql-action/pull/1799">#1799</a></li>
</ul>
<h2>2.21.0 - 19 Jul 2023</h2>
<ul>
<li>CodeQL Action now requires CodeQL CLI 2.9.4 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/1724">#1724</a></li>
</ul>
<h2>2.20.4 - 14 Jul 2023</h2>
<ul>
<li>This is the last release of the Action that supports CodeQL CLI versions 2.8.5 to 2.9.3. These versions of the CodeQL CLI were deprecated on June 20, 2023 alongside GitHub Enterprise Server 3.5 and will not be supported by the next release of the CodeQL Action (2.21.0).
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.9.4 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.8.5 and 2.9.3, you can replace 'github/codeql-action/<em><a href="https://github.com/v2"><code>@​v2</code></a>' by 'github/codeql-action/</em><a href="https://github.com/v2"><code>@​v2</code></a>.20.4' in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
<li>We are rolling out a feature in July 2023 that will slightly reduce the default amount of RAM used for query execution, in proportion to the runner's total memory. This will help to avoid out-of-memory failures on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1760">#1760</a></li>
<li>Update default CodeQL bundle version to 2.14.0. <a href="https://redirect.github.com/github/codeql-action/pull/1762">#1762</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="00e563ead9"><code>00e563e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1858">#1858</a> from github/update-v2.21.5-100912429</li>
<li><a href="7323c2ac6b"><code>7323c2a</code></a> Update changelog for v2.21.5</li>
<li><a href="100912429f"><code>1009124</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1845">#1845</a> from github/update-bundle/codeql-bundle-v2.14.3</li>
<li><a href="a2d14d32b8"><code>a2d14d3</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.14.3</li>
<li><a href="ff9cb435df"><code>ff9cb43</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1853">#1853</a> from github/igfoo/kot1.9.10</li>
<li><a href="2f913c1249"><code>2f913c1</code></a> npm run build</li>
<li><a href="7dab60079b"><code>7dab600</code></a> Put upper limit on the CodeQL versions for which we override the Kotlin limit</li>
<li><a href="862b2cf102"><code>862b2cf</code></a> Add a changelog entry for the Kotlin 1.9.10 support</li>
<li><a href="070dd05edd"><code>070dd05</code></a> npm run build</li>
<li><a href="ff95d147d6"><code>ff95d14</code></a> Kotlin: Fix lint</li>
<li>Additional commits viewable in <a href="a09933a12a...00e563ead9">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.21.4&new-version=2.21.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-08-28 21:59:11 +00:00
dependabot[bot] d387f551a7
Bump actions/checkout from 3.5.3 to 3.6.0 (#133281) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v3.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Mark test scripts with Bash'isms to be run via Bash by <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1377">actions/checkout#1377</a></li>
<li>Add option to fetch tags even if fetch-depth &gt; 0 by <a href="https://github.com/RobertWieczoreck"><code>@​RobertWieczoreck</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/579">actions/checkout#579</a></li>
<li>Release 3.6.0 by <a href="https://github.com/luketomlinson"><code>@​luketomlinson</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1437">actions/checkout#1437</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/RobertWieczoreck"><code>@​RobertWieczoreck</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/579">actions/checkout#579</a></li>
<li><a href="https://github.com/luketomlinson"><code>@​luketomlinson</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1437">actions/checkout#1437</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3.5.3...v3.6.0">https://github.com/actions/checkout/compare/v3.5.3...v3.6.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v3.6.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@​actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1045">Implement branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942">Add GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix status badge</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1002">Replace datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap pipeline commands for submoduleForeach in quotes</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1029">Update <code>@​actions/io</code> to 1.1.2</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading version to 3.2.0</a></li>
</ul>
<h2>v3.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/939">Use <code>@​actions/core</code> <code>saveState</code> and <code>getState</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/922">Add <code>github-server-url</code> input</a></li>
</ul>
<h2>v3.0.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/770">Add input <code>set-safe-directory</code></a></li>
</ul>
<h2>v3.0.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/762">Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/744">Bumped various npm package versions</a></li>
</ul>
<h2>v3.0.0</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f43a0e5ff2"><code>f43a0e5</code></a> Release 3.6.0 (<a href="https://redirect.github.com/actions/checkout/issues/1437">#1437</a>)</li>
<li><a href="7739b9ba2e"><code>7739b9b</code></a> Add option to fetch tags even if fetch-depth &gt; 0 (<a href="https://redirect.github.com/actions/checkout/issues/579">#579</a>)</li>
<li><a href="96f53100ba"><code>96f5310</code></a> Mark test scripts with Bash'isms to be run via Bash (<a href="https://redirect.github.com/actions/checkout/issues/1377">#1377</a>)</li>
<li>See full diff in <a href="c85c95e3d7...f43a0e5ff2">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.5.3&new-version=3.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-08-24 22:25:25 +00:00
dependabot[bot] 99dd6b4972
Bump github/codeql-action from 2.21.3 to 2.21.4 (#132525) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.3 to 2.21.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.21.4 - 14 Aug 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.14.2. <a href="https://redirect.github.com/github/codeql-action/pull/1831">#1831</a></li>
<li>Log a warning if the amount of available disk space runs low during a code scanning run. <a href="https://redirect.github.com/github/codeql-action/pull/1825">#1825</a></li>
<li>When downloading CodeQL bundle version 2.13.4 and later, cache these bundles in the Actions tool cache using a simpler version number. <a href="https://redirect.github.com/github/codeql-action/pull/1832">#1832</a></li>
<li>Fix an issue that first appeared in CodeQL Action v2.21.2 that prevented CodeQL invocations from being logged. <a href="https://redirect.github.com/github/codeql-action/pull/1833">#1833</a></li>
<li>We are rolling out a feature in August 2023 that will improve the quality of file coverage information. <a href="https://redirect.github.com/github/codeql-action/pull/1835">#1835</a></li>
</ul>
<h2>2.21.3 - 08 Aug 2023</h2>
<ul>
<li>We are rolling out a feature in August 2023 that will improve multi-threaded performance on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1817">#1817</a></li>
<li>We are rolling out a feature in August 2023 that adds beta support for <a href="https://projectlombok.org/">Project Lombok</a> when analyzing Java. <a href="https://redirect.github.com/github/codeql-action/pull/1809">#1809</a></li>
<li>Reduce disk space usage when downloading the CodeQL bundle. <a href="https://redirect.github.com/github/codeql-action/pull/1820">#1820</a></li>
</ul>
<h2>2.21.2 - 28 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.14.1. <a href="https://redirect.github.com/github/codeql-action/pull/1797">#1797</a></li>
<li>Avoid duplicating the analysis summary within the logs. <a href="https://redirect.github.com/github/codeql-action/pull/1811">#1811</a></li>
</ul>
<h2>2.21.1 - 26 Jul 2023</h2>
<ul>
<li>Improve the handling of fatal errors from the CodeQL CLI. <a href="https://redirect.github.com/github/codeql-action/pull/1795">#1795</a></li>
<li>Add the <code>sarif-output</code> output to the analyze action that contains the path to the directory of the generated SARIF. <a href="https://redirect.github.com/github/codeql-action/pull/1799">#1799</a></li>
</ul>
<h2>2.21.0 - 19 Jul 2023</h2>
<ul>
<li>CodeQL Action now requires CodeQL CLI 2.9.4 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/1724">#1724</a></li>
</ul>
<h2>2.20.4 - 14 Jul 2023</h2>
<ul>
<li>This is the last release of the Action that supports CodeQL CLI versions 2.8.5 to 2.9.3. These versions of the CodeQL CLI were deprecated on June 20, 2023 alongside GitHub Enterprise Server 3.5 and will not be supported by the next release of the CodeQL Action (2.21.0).
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.9.4 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.8.5 and 2.9.3, you can replace 'github/codeql-action/<em><a href="https://github.com/v2"><code>@​v2</code></a>' by 'github/codeql-action/</em><a href="https://github.com/v2"><code>@​v2</code></a>.20.4' in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
<li>We are rolling out a feature in July 2023 that will slightly reduce the default amount of RAM used for query execution, in proportion to the runner's total memory. This will help to avoid out-of-memory failures on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1760">#1760</a></li>
<li>Update default CodeQL bundle version to 2.14.0. <a href="https://redirect.github.com/github/codeql-action/pull/1762">#1762</a></li>
</ul>
<h2>2.20.3 - 06 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/1743">#1743</a></li>
</ul>
<h2>2.20.2 - 03 Jul 2023</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a09933a12a"><code>a09933a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1838">#1838</a> from github/update-v2.21.4-492a68c32</li>
<li><a href="37116fb629"><code>37116fb</code></a> Fix positioning of bundle update changelog note</li>
<li><a href="c613917766"><code>c613917</code></a> Update changelog for v2.21.4</li>
<li><a href="492a68c323"><code>492a68c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1836">#1836</a> from github/henrymercer/analysis-summary-v2-ff</li>
<li><a href="ac49314877"><code>ac49314</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1834">#1834</a> from github/henrymercer/analysis-summary-v2-ff</li>
<li><a href="ac35d7a02d"><code>ac35d7a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1835">#1835</a> from github/henrymercer/language-baseline-config</li>
<li><a href="d03c744ad6"><code>d03c744</code></a> Don't pass <code>--no-</code> flag as it doesn't exist yet</li>
<li><a href="a0407a8c60"><code>a0407a8</code></a> Add changelog note for rollout</li>
<li><a href="8a7b2e9c9b"><code>8a7b2e9</code></a> Enable language specific baselines via feature flag</li>
<li><a href="9a510d9b07"><code>9a510d9</code></a> Rename new analysis summary feature flag</li>
<li>Additional commits viewable in <a href="5b6282e01c...a09933a12a">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.21.3&new-version=2.21.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-08-14 23:04:10 +00:00
dependabot[bot] 9b261a7700
Bump github/codeql-action from 2.21.2 to 2.21.3 (#132165) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.2 to 2.21.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.21.3 - 08 Aug 2023</h2>
<ul>
<li>We are rolling out a feature in August 2023 that will improve multi-threaded performance on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1817">#1817</a></li>
<li>We are rolling out a feature in August 2023 that adds beta support for <a href="https://projectlombok.org/">Project Lombok</a> when analyzing Java. <a href="https://redirect.github.com/github/codeql-action/pull/1809">#1809</a></li>
<li>Reduce disk space usage when downloading the CodeQL bundle. <a href="https://redirect.github.com/github/codeql-action/pull/1820">#1820</a></li>
</ul>
<h2>2.21.2 - 28 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.14.1. <a href="https://redirect.github.com/github/codeql-action/pull/1797">#1797</a></li>
<li>Avoid duplicating the analysis summary within the logs. <a href="https://redirect.github.com/github/codeql-action/pull/1811">#1811</a></li>
</ul>
<h2>2.21.1 - 26 Jul 2023</h2>
<ul>
<li>Improve the handling of fatal errors from the CodeQL CLI. <a href="https://redirect.github.com/github/codeql-action/pull/1795">#1795</a></li>
<li>Add the <code>sarif-output</code> output to the analyze action that contains the path to the directory of the generated SARIF. <a href="https://redirect.github.com/github/codeql-action/pull/1799">#1799</a></li>
</ul>
<h2>2.21.0 - 19 Jul 2023</h2>
<ul>
<li>CodeQL Action now requires CodeQL CLI 2.9.4 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/1724">#1724</a></li>
</ul>
<h2>2.20.4 - 14 Jul 2023</h2>
<ul>
<li>This is the last release of the Action that supports CodeQL CLI versions 2.8.5 to 2.9.3. These versions of the CodeQL CLI were deprecated on June 20, 2023 alongside GitHub Enterprise Server 3.5 and will not be supported by the next release of the CodeQL Action (2.21.0).
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.9.4 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.8.5 and 2.9.3, you can replace 'github/codeql-action/<em><a href="https://github.com/v2"><code>@​v2</code></a>' by 'github/codeql-action/</em><a href="https://github.com/v2"><code>@​v2</code></a>.20.4' in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
<li>We are rolling out a feature in July 2023 that will slightly reduce the default amount of RAM used for query execution, in proportion to the runner's total memory. This will help to avoid out-of-memory failures on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1760">#1760</a></li>
<li>Update default CodeQL bundle version to 2.14.0. <a href="https://redirect.github.com/github/codeql-action/pull/1762">#1762</a></li>
</ul>
<h2>2.20.3 - 06 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/1743">#1743</a></li>
</ul>
<h2>2.20.2 - 03 Jul 2023</h2>
<p>No user facing changes.</p>
<h2>2.20.1 - 21 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.4. <a href="https://redirect.github.com/github/codeql-action/pull/1721">#1721</a></li>
<li>Experimental: add a new <code>resolve-environment</code> action which attempts to infer a configuration for the build environment that is required to build a given project. Do not use this in production as it is part of an internal experiment and subject to change at any time.</li>
</ul>
<h2>2.20.0 - 13 Jun 2023</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="5b6282e01c"><code>5b6282e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1829">#1829</a> from github/update-v2.21.3-f9a7c6738</li>
<li><a href="f0f7a35b85"><code>f0f7a35</code></a> Add changenote for Lombok rollout</li>
<li><a href="dda4ed3db4"><code>dda4ed3</code></a> Update changelog for v2.21.3</li>
<li><a href="f9a7c6738f"><code>f9a7c67</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1827">#1827</a> from github/dependabot/npm_and_yarn/npm-5103036bd1</li>
<li><a href="31b9dd18d4"><code>31b9dd1</code></a> Update checked-in dependencies</li>
<li><a href="7e2f56aae3"><code>7e2f56a</code></a> Bump the npm group with 3 updates</li>
<li><a href="878ae4a749"><code>878ae4a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1823">#1823</a> from github/henrymercer/setup-swift-more-consistent</li>
<li><a href="63602c0f72"><code>63602c0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1824">#1824</a> from github/henrymercer/cli-notifications-fix</li>
<li><a href="66dc883276"><code>66dc883</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1826">#1826</a> from github/henrymercer/increase-reserved-scaling-fa...</li>
<li><a href="2203178090"><code>2203178</code></a> Increase scaling factor for reserved RAM to 5%</li>
<li>Additional commits viewable in <a href="0ba4244466...5b6282e01c">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.21.2&new-version=2.21.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-08-08 23:24:14 +00:00
dependabot[bot] dc4ab0f5df
Bump google/mirror-branch-action from 1.0 to 2.0 (#126600) 
Bumps [google/mirror-branch-action](https://github.com/google/mirror-branch-action) from 1.0 to 2.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="30c52ee21f"><code>30c52ee</code></a> Update dependencies.</li>
<li><a href="4544d8a090"><code>4544d8a</code></a> Update deprecated action environment</li>
<li><a href="884625cd18"><code>884625c</code></a> Bump node-fetch from 2.6.0 to 2.6.1</li>
<li><a href="d9fb13d47a"><code>d9fb13d</code></a> Bump <code>@​actions/core</code> from 1.2.4 to 1.2.6</li>
<li><a href="4083f5d474"><code>4083f5d</code></a> Unify placeholders in README.md</li>
<li><a href="394f8d4604"><code>394f8d4</code></a> Bump lodash from 4.17.15 to 4.17.19 (<a href="https://redirect.github.com/google/mirror-branch-action/issues/3">#3</a>)</li>
<li><a href="5d7016e8e9"><code>5d7016e</code></a> The sample <code>uses:</code> line should reference <a href="https://github.com/v1"><code>@​v1</code></a>.0 (<a href="https://redirect.github.com/google/mirror-branch-action/issues/1">#1</a>)</li>
<li>See full diff in <a href="c6b07e441a...30c52ee21f">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google/mirror-branch-action&package-manager=github_actions&previous-version=1.0&new-version=2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
 2023-08-02 07:40:14 +00:00
dependabot[bot] e8ebbfa2a8
Bump dessant/lock-threads from 4.0.0 to 4.0.1 (#128741) 
Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 4.0.0 to 4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/dessant/lock-threads/releases">dessant/lock-threads's releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<p>Learn more about this release from the <a href="https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md#changelog">changelog</a>.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md">dessant/lock-threads's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file. See <a href="https://github.com/conventional-changelog/standard-version">standard-version</a> for commit guidelines.</p>
<h3><a href="https://github.com/dessant/lock-threads/compare/v4.0.0...v4.0.1">4.0.1</a> (2023-06-12)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>retry and throttle GitHub API requests (<a href="1618e91da6">1618e91</a>), closes <a href="https://redirect.github.com/dessant/lock-threads/issues/35">#35</a></li>
</ul>
<h2><a href="https://github.com/dessant/lock-threads/compare/v3.0.0...v4.0.0">4.0.0</a> (2022-12-04)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>the action now requires Node.js 16</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>update dependencies (<a href="38e9185581">38e9185</a>)</li>
<li>update docs (<a href="32986e2696">32986e2</a>)</li>
</ul>
<h2><a href="https://github.com/dessant/lock-threads/compare/v2.1.2...v3.0.0">3.0.0</a> (2021-09-27)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>
<p>input parameter names have changed</p>
<p>Rename the following input parameters when upgrading from v2 to v3:</p>
<ul>
<li><code>issue-lock-inactive-days</code> --&gt; <code>issue-inactive-days</code></li>
<li><code>issue-exclude-created-before</code> --&gt; <code>exclude-issue-created-before</code></li>
<li><code>issue-exclude-labels</code> --&gt; <code>exclude-any-issue-labels</code></li>
<li><code>issue-lock-labels</code> --&gt; <code>add-issue-labels</code></li>
<li><code>issue-lock-comment</code> --&gt; <code>issue-comment</code></li>
<li><code>pr-lock-inactive-days</code> --&gt; <code>pr-inactive-days</code></li>
<li><code>pr-exclude-created-before</code> --&gt; <code>exclude-pr-created-before</code></li>
<li><code>pr-exclude-labels</code> --&gt; <code>exclude-any-pr-labels</code></li>
<li><code>pr-lock-labels</code> --&gt; <code>add-pr-labels</code></li>
<li><code>pr-lock-comment</code> --&gt; <code>pr-comment</code></li>
</ul>
</li>
</ul>
<h3>Features</h3>
<ul>
<li>add new filtering and labeling options, update input parameter names (<a href="26fd836f96">26fd836</a>)</li>
<li>allow manual triggering (<a href="a0c7da3065">a0c7da3</a>)</li>
</ul>
<h3><a href="https://github.com/dessant/lock-threads/compare/v2.1.1...v2.1.2">2.1.2</a> (2021-08-17)</h3>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="be8aa5be94"><code>be8aa5b</code></a> chore(release): 4.0.1</li>
<li><a href="52f040d195"><code>52f040d</code></a> chore: update package</li>
<li><a href="1618e91da6"><code>1618e91</code></a> fix: retry and throttle GitHub API requests</li>
<li><a href="bec0993a56"><code>bec0993</code></a> chore: remove graduated preview header</li>
<li><a href="20ec7bbb28"><code>20ec7bb</code></a> chore: update dependencies</li>
<li><a href="b1f967d833"><code>b1f967d</code></a> chore: rename default branch</li>
<li>See full diff in <a href="c1b35aecc5...be8aa5be94">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dessant/lock-threads&package-manager=github_actions&previous-version=4.0.0&new-version=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
 2023-08-02 07:29:08 +00:00
dependabot[bot] 9c184d475b
Bump codecov/codecov-action from 3.1.3 to 3.1.4 (#126885) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.3 to 3.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>3.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to 18.16.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/970">codecov/codecov-action#970</a></li>
<li>Fix typo in README.md by <a href="https://github.com/hisaac"><code>@​hisaac</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/967">codecov/codecov-action#967</a></li>
<li>fix: add back in working dir by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/971">codecov/codecov-action#971</a></li>
<li>fix: CLI option names for uploader by <a href="https://github.com/kleisauke"><code>@​kleisauke</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/969">codecov/codecov-action#969</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.16.3 to 20.1.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/975">codecov/codecov-action#975</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to 20.1.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/979">codecov/codecov-action#979</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to 20.1.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/981">codecov/codecov-action#981</a></li>
<li>release: 3.1.4 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/983">codecov/codecov-action#983</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/hisaac"><code>@​hisaac</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/967">codecov/codecov-action#967</a></li>
<li><a href="https://github.com/kleisauke"><code>@​kleisauke</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/969">codecov/codecov-action#969</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4">https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p>
<blockquote>
<h2>3.1.4</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a> Fix typo in README.md</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a> fix: add back in working dir</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a> fix: CLI option names for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to 18.16.3</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a> build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to 20.1.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a> build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to 20.1.4</li>
</ul>
<h2>3.1.3</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a> fix: allow for aarch64 build</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a> build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a> build(deps): bump openpgp from 5.7.0 to 5.8.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to 18.15.12</li>
</ul>
<h2>3.1.2</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/718">#718</a> Update README.md</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/851">#851</a> Remove unsupported path_to_write_report argument</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/898">#898</a> codeql-analysis.yml</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/901">#901</a> Update README to contain correct information - inputs and negate feature</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/955">#955</a> fix: add in all the extra arguments for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/819">#819</a> build(deps): bump openpgp from 5.4.0 to 5.5.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/835">#835</a> build(deps): bump node-fetch from 3.2.4 to 3.2.10</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/840">#840</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/841">#841</a> build(deps): bump <code>@​actions/core</code> from 1.9.1 to 1.10.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/843">#843</a> build(deps): bump <code>@​actions/github</code> from 5.0.3 to 5.1.1</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/869">#869</a> build(deps): bump node-fetch from 3.2.10 to 3.3.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/872">#872</a> build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/879">#879</a> build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/889">#889</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/895">#895</a> build(deps): bump json5 from 2.2.1 to 2.2.3</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/896">#896</a> build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/900">#900</a> build(deps-dev): bump <code>@​vercel/ncc</code> from 0.34.0 to 0.36.1</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/905">#905</a> build(deps-dev): bump typescript from 4.7.4 to 4.9.5</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/911">#911</a> build(deps-dev): bump <code>@​types/node</code> from 16.11.40 to 18.13.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/922">#922</a> build(deps-dev): bump <code>@​types/node</code> from 18.13.0 to 18.14.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/924">#924</a> build(deps): bump openpgp from 5.5.0 to 5.7.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/927">#927</a> build(deps-dev): bump <code>@​types/node</code> from 18.14.0 to 18.14.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/933">#933</a> build(deps-dev): bump <code>@​types/node</code> from 18.14.2 to 18.14.6</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/937">#937</a> build(deps-dev): bump <code>@​types/node</code> from 18.14.6 to 18.15.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/938">#938</a> build(deps): bump node-fetch from 3.3.0 to 3.3.1</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/945">#945</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.0 to 18.15.5</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="eaaf4bedf3"><code>eaaf4be</code></a> release: 3.1.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/983">#983</a>)</li>
<li><a href="c2ab9ab2e1"><code>c2ab9ab</code></a> build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to 20.1.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a>)</li>
<li><a href="49c20db375"><code>49c20db</code></a> build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to 20.1.2 (<a href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a>)</li>
<li><a href="cf8e3e4262"><code>cf8e3e4</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.16.3 to 20.1.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/975">#975</a>)</li>
<li><a href="1c34415a06"><code>1c34415</code></a> fix: CLI option names for uploader (<a href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a>)</li>
<li><a href="b4dfea724f"><code>b4dfea7</code></a> fix: add back in working dir (<a href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a>)</li>
<li><a href="5bf250470e"><code>5bf2504</code></a> Fix typo in README.md (<a href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a>)</li>
<li><a href="1dd0ce34be"><code>1dd0ce3</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to 18.16.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a>)</li>
<li>See full diff in <a href="894ff025c7...eaaf4bedf3">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=3.1.3&new-version=3.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
 2023-08-02 06:57:35 +00:00
dependabot[bot] 0693d14bb2
Bump github/codeql-action from 2.21.0 to 2.21.2 (#131512) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.0 to 2.21.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.21.2 - 28 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.14.1. <a href="https://redirect.github.com/github/codeql-action/pull/1797">#1797</a></li>
<li>Avoid duplicating the analysis summary within the logs. <a href="https://redirect.github.com/github/codeql-action/pull/1811">#1811</a></li>
</ul>
<h2>2.21.1 - 26 Jul 2023</h2>
<ul>
<li>Improve the handling of fatal errors from the CodeQL CLI. <a href="https://redirect.github.com/github/codeql-action/pull/1795">#1795</a></li>
<li>Add the <code>sarif-output</code> output to the analyze action that contains the path to the directory of the generated SARIF. <a href="https://redirect.github.com/github/codeql-action/pull/1799">#1799</a></li>
</ul>
<h2>2.21.0 - 19 Jul 2023</h2>
<ul>
<li>CodeQL Action now requires CodeQL CLI 2.9.4 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/1724">#1724</a></li>
</ul>
<h2>2.20.4 - 14 Jul 2023</h2>
<ul>
<li>This is the last release of the Action that supports CodeQL CLI versions 2.8.5 to 2.9.3. These versions of the CodeQL CLI were deprecated on June 20, 2023 alongside GitHub Enterprise Server 3.5 and will not be supported by the next release of the CodeQL Action (2.21.0).
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.9.4 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.8.5 and 2.9.3, you can replace 'github/codeql-action/<em><a href="https://github.com/v2"><code>@​v2</code></a>' by 'github/codeql-action/</em><a href="https://github.com/v2"><code>@​v2</code></a>.20.4' in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
<li>We are rolling out a feature in July 2023 that will slightly reduce the default amount of RAM used for query execution, in proportion to the runner's total memory. This will help to avoid out-of-memory failures on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1760">#1760</a></li>
<li>Update default CodeQL bundle version to 2.14.0. <a href="https://redirect.github.com/github/codeql-action/pull/1762">#1762</a></li>
</ul>
<h2>2.20.3 - 06 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/1743">#1743</a></li>
</ul>
<h2>2.20.2 - 03 Jul 2023</h2>
<p>No user facing changes.</p>
<h2>2.20.1 - 21 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.4. <a href="https://redirect.github.com/github/codeql-action/pull/1721">#1721</a></li>
<li>Experimental: add a new <code>resolve-environment</code> action which attempts to infer a configuration for the build environment that is required to build a given project. Do not use this in production as it is part of an internal experiment and subject to change at any time.</li>
</ul>
<h2>2.20.0 - 13 Jun 2023</h2>
<ul>
<li>Bump the version of the Action to 2.20.0. This ensures that users who received a Dependabot upgrade to <a href="cdcdbb5797"><code>cdcdbb5</code></a>, which was mistakenly marked as Action version 2.13.4, continue to receive updates to the CodeQL Action. Full details in <a href="https://redirect.github.com/github/codeql-action/pull/1729">#1729</a></li>
</ul>
<h2>2.3.6 - 01 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.3. <a href="https://redirect.github.com/github/codeql-action/pull/1698">#1698</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="0ba4244466"><code>0ba4244</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1813">#1813</a> from github/update-v2.21.2-10c6bfee1</li>
<li><a href="a9a416c8f4"><code>a9a416c</code></a> Update changelog for v2.21.2</li>
<li><a href="10c6bfee12"><code>10c6bfe</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1811">#1811</a> from github/henrymercer/print-summary-once</li>
<li><a href="feea86eed3"><code>feea86e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1810">#1810</a> from github/henrymercer/ci/use-platform-specific-bun...</li>
<li><a href="2e6f8c08c1"><code>2e6f8c0</code></a> Add changelog note</li>
<li><a href="8342844ea7"><code>8342844</code></a> Only print the analysis summary once</li>
<li><a href="679aac1b20"><code>679aac1</code></a> Use platform specific bundles in PR checks</li>
<li><a href="de6681ceb7"><code>de6681c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1797">#1797</a> from github/update-bundle/codeql-bundle-v2.14.1</li>
<li><a href="f6fe5c5c70"><code>f6fe5c5</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.14.1</li>
<li><a href="62762170e1"><code>6276217</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1808">#1808</a> from github/mergeback/v2.21.1-to-main-6ca1aa8c</li>
<li>Additional commits viewable in <a href="1813ca74c3...0ba4244466">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.21.0&new-version=2.21.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-07-29 01:17:50 +00:00
dependabot[bot] 910e87eb73
Bump github/codeql-action from 2.20.4 to 2.21.0 (#130941) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.20.4 to 2.21.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.21.0 - 19 Jul 2023</h2>
<ul>
<li>CodeQL Action now requires CodeQL CLI 2.9.4 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/1724">#1724</a></li>
</ul>
<h2>2.20.4 - 14 Jul 2023</h2>
<ul>
<li>This is the last release of the Action that supports CodeQL CLI versions 2.8.5 to 2.9.3. These versions of the CodeQL CLI were deprecated on June 20, 2023 alongside GitHub Enterprise Server 3.5 and will not be supported by the next release of the CodeQL Action (2.21.0).
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.9.4 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.8.5 and 2.9.3, you can replace 'github/codeql-action/<em><a href="https://github.com/v2"><code>@​v2</code></a>' by 'github/codeql-action/</em><a href="https://github.com/v2"><code>@​v2</code></a>.20.4' in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
<li>We are rolling out a feature in July 2023 that will slightly reduce the default amount of RAM used for query execution, in proportion to the runner's total memory. This will help to avoid out-of-memory failures on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1760">#1760</a></li>
<li>Update default CodeQL bundle version to 2.14.0. <a href="https://redirect.github.com/github/codeql-action/pull/1762">#1762</a></li>
</ul>
<h2>2.20.3 - 06 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/1743">#1743</a></li>
</ul>
<h2>2.20.2 - 03 Jul 2023</h2>
<p>No user facing changes.</p>
<h2>2.20.1 - 21 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.4. <a href="https://redirect.github.com/github/codeql-action/pull/1721">#1721</a></li>
<li>Experimental: add a new <code>resolve-environment</code> action which attempts to infer a configuration for the build environment that is required to build a given project. Do not use this in production as it is part of an internal experiment and subject to change at any time.</li>
</ul>
<h2>2.20.0 - 13 Jun 2023</h2>
<ul>
<li>Bump the version of the Action to 2.20.0. This ensures that users who received a Dependabot upgrade to <a href="cdcdbb5797"><code>cdcdbb5</code></a>, which was mistakenly marked as Action version 2.13.4, continue to receive updates to the CodeQL Action. Full details in <a href="https://redirect.github.com/github/codeql-action/pull/1729">#1729</a></li>
</ul>
<h2>2.3.6 - 01 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.3. <a href="https://redirect.github.com/github/codeql-action/pull/1698">#1698</a></li>
</ul>
<h2>2.3.5 - 25 May 2023</h2>
<ul>
<li>Allow invalid URIs to be used as values to <code>artifactLocation.uri</code> properties. This reverses a change from <a href="https://redirect.github.com/github/codeql-action/pull/1668">#1668</a> that inadvertently led to stricter validation of some URI values. <a href="https://redirect.github.com/github/codeql-action/pull/1705">#1705</a></li>
<li>Gracefully handle invalid URIs when fingerprinting. <a href="https://redirect.github.com/github/codeql-action/pull/1694">#1694</a></li>
</ul>
<h2>2.3.4 - 24 May 2023</h2>
<ul>
<li>Updated the SARIF 2.1.0 JSON schema file to the latest from <a href="123e95847b/Schemata/sarif-schema-2.1.0.json">oasis-tcs/sarif-spec</a>. <a href="https://redirect.github.com/github/codeql-action/pull/1668">#1668</a></li>
<li>We are rolling out a feature in May 2023 that will disable Python dependency installation for new users of the CodeQL Action. This improves the speed of analysis while having only a very minor impact on results. <a href="https://redirect.github.com/github/codeql-action/pull/1676">#1676</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1813ca74c3"><code>1813ca7</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1791">#1791</a> from github/update-v2.21.0-6ae46f7a9</li>
<li><a href="6843540876"><code>6843540</code></a> Update changelog for v2.21.0</li>
<li><a href="6ae46f7a92"><code>6ae46f7</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1790">#1790</a> from github/henrymercer/aborted-user-error</li>
<li><a href="0cae69e062"><code>0cae69e</code></a> Report user errors in the abort stage appropriately</li>
<li><a href="d2ed0a05b6"><code>d2ed0a0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1786">#1786</a> from github/dependabot/npm_and_yarn/npm-0a410f26d2</li>
<li><a href="651d09131a"><code>651d091</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1788">#1788</a> from github/henrymercer/fix-feature-flag-usage</li>
<li><a href="e0f0892f83"><code>e0f0892</code></a> Add tests for new analysis summary feature flag</li>
<li><a href="27d3b2f857"><code>27d3b2f</code></a> Fix scaling reserved RAM feature flag naming</li>
<li><a href="da4e0a06c0"><code>da4e0a0</code></a> Fix CodeQL version checks</li>
<li><a href="e266801e21"><code>e266801</code></a> Update checked-in dependencies</li>
<li>Additional commits viewable in <a href="489225d82a...1813ca74c3">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.20.4&new-version=2.21.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-07-19 22:51:25 +00:00
Casey Hillers ab14a5c356
[labeler] Mark sync-labels as empty (#130642) 
https://github.com/flutter/flutter/issues/128440

Recommendation from https://github.com/actions/labeler/issues/112#issuecomment-1136485391
 2023-07-18 18:19:23 +00:00
dependabot[bot] 7064b4e935
Bump github/codeql-action from 2.2.9 to 2.20.4 (#130618) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.9 to 2.20.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p>
<blockquote>
<h2>CodeQL Bundle</h2>
<p>Bundles CodeQL CLI v2.14.0</p>
<ul>
<li>(<a href="https://github.com/github/codeql-cli-binaries/blob/HEAD/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql-cli-binaries/releases/tag/v2.14.0">release</a>)</li>
</ul>
<p>Includes the following CodeQL language packs from <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0"><code>github/codeql@codeql-cli/v2.14.0</code></a>:</p>
<ul>
<li><code>codeql/cpp-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/cpp/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/cpp/ql/src">source</a>)</li>
<li><code>codeql/cpp-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/cpp/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/cpp/ql/lib">source</a>)</li>
<li><code>codeql/csharp-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/csharp/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/csharp/ql/src">source</a>)</li>
<li><code>codeql/csharp-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/csharp/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/csharp/ql/lib">source</a>)</li>
<li><code>codeql/go-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/go/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/go/ql/src">source</a>)</li>
<li><code>codeql/go-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/go/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/go/ql/lib">source</a>)</li>
<li><code>codeql/java-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/java/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/java/ql/src">source</a>)</li>
<li><code>codeql/java-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/java/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/java/ql/lib">source</a>)</li>
<li><code>codeql/javascript-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/javascript/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/javascript/ql/src">source</a>)</li>
<li><code>codeql/javascript-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/javascript/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/javascript/ql/lib">source</a>)</li>
<li><code>codeql/python-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/python/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/python/ql/src">source</a>)</li>
<li><code>codeql/python-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/python/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/python/ql/lib">source</a>)</li>
<li><code>codeql/ruby-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/ruby/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/ruby/ql/src">source</a>)</li>
<li><code>codeql/ruby-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/ruby/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/ruby/ql/lib">source</a>)</li>
<li><code>codeql/swift-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/swift/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/swift/ql/src">source</a>)</li>
<li><code>codeql/swift-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/swift/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.14.0/swift/ql/lib">source</a>)</li>
</ul>
<h2>CodeQL Bundle</h2>
<p>Bundles CodeQL CLI v2.13.5</p>
<ul>
<li>(<a href="https://github.com/github/codeql-cli-binaries/blob/HEAD/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql-cli-binaries/releases/tag/v2.13.5">release</a>)</li>
</ul>
<p>Includes the following CodeQL language packs from <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5"><code>github/codeql@codeql-cli/v2.13.5</code></a>:</p>
<ul>
<li><code>codeql/cpp-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/cpp/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/cpp/ql/src">source</a>)</li>
<li><code>codeql/cpp-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/cpp/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/cpp/ql/lib">source</a>)</li>
<li><code>codeql/csharp-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/csharp/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/csharp/ql/src">source</a>)</li>
<li><code>codeql/csharp-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/csharp/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/csharp/ql/lib">source</a>)</li>
<li><code>codeql/go-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/go/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/go/ql/src">source</a>)</li>
<li><code>codeql/go-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/go/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/go/ql/lib">source</a>)</li>
<li><code>codeql/java-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/java/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/java/ql/src">source</a>)</li>
<li><code>codeql/java-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/java/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/java/ql/lib">source</a>)</li>
<li><code>codeql/javascript-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/javascript/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/javascript/ql/src">source</a>)</li>
<li><code>codeql/javascript-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/javascript/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/javascript/ql/lib">source</a>)</li>
<li><code>codeql/python-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/python/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/python/ql/src">source</a>)</li>
<li><code>codeql/python-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/python/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/python/ql/lib">source</a>)</li>
<li><code>codeql/ruby-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/ruby/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/ruby/ql/src">source</a>)</li>
<li><code>codeql/ruby-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/ruby/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/ruby/ql/lib">source</a>)</li>
<li><code>codeql/swift-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/swift/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/swift/ql/src">source</a>)</li>
<li><code>codeql/swift-all</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/swift/ql/lib/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.5/swift/ql/lib">source</a>)</li>
</ul>
<h2>CodeQL Bundle</h2>
<p>Bundles CodeQL CLI v2.13.4</p>
<ul>
<li>(<a href="https://github.com/github/codeql-cli-binaries/blob/HEAD/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql-cli-binaries/releases/tag/v2.13.4">release</a>)</li>
</ul>
<p>Includes the following CodeQL language packs from <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4"><code>github/codeql@codeql-cli/v2.13.4</code></a>:</p>
<ul>
<li><code>codeql/cpp-queries</code> (<a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/cpp/ql/src/CHANGELOG.md">changelog</a>, <a href="https://github.com/github/codeql/tree/codeql-cli/v2.13.4/cpp/ql/src">source</a>)</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<h2>2.20.4 - 14 Jul 2023</h2>
<ul>
<li>This is the last release of the Action that supports CodeQL CLI versions 2.8.5 to 2.9.3. These versions of the CodeQL CLI were deprecated on June 20, 2023 alongside GitHub Enterprise Server 3.5 and will not be supported by the next release of the CodeQL Action (2.21.0).
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.9.4 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.8.5 and 2.9.3, you can replace 'github/codeql-action/<em><a href="https://github.com/v2"><code>@​v2</code></a>' by 'github/codeql-action/</em><a href="https://github.com/v2"><code>@​v2</code></a>.20.4' in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
<li>We are rolling out a feature in July 2023 that will slightly reduce the default amount of RAM used for query execution, in proportion to the runner's total memory. This will help to avoid out-of-memory failures on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1760">#1760</a></li>
<li>Update default CodeQL bundle version to 2.14.0. <a href="https://redirect.github.com/github/codeql-action/pull/1762">#1762</a></li>
</ul>
<h2>2.20.3 - 06 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/1743">#1743</a></li>
</ul>
<h2>2.20.2 - 03 Jul 2023</h2>
<p>No user facing changes.</p>
<h2>2.20.1 - 21 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.4. <a href="https://redirect.github.com/github/codeql-action/pull/1721">#1721</a></li>
<li>Experimental: add a new <code>resolve-environment</code> action which attempts to infer a configuration for the build environment that is required to build a given project. Do not use this in production as it is part of an internal experiment and subject to change at any time.</li>
</ul>
<h2>2.20.0 - 13 Jun 2023</h2>
<ul>
<li>Bump the version of the Action to 2.20.0. This ensures that users who received a Dependabot upgrade to <a href="cdcdbb5797"><code>cdcdbb5</code></a>, which was mistakenly marked as Action version 2.13.4, continue to receive updates to the CodeQL Action. Full details in <a href="https://redirect.github.com/github/codeql-action/pull/1729">#1729</a></li>
</ul>
<h2>2.3.6 - 01 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.3. <a href="https://redirect.github.com/github/codeql-action/pull/1698">#1698</a></li>
</ul>
<h2>2.3.5 - 25 May 2023</h2>
<ul>
<li>Allow invalid URIs to be used as values to <code>artifactLocation.uri</code> properties. This reverses a change from <a href="https://redirect.github.com/github/codeql-action/pull/1668">#1668</a> that inadvertently led to stricter validation of some URI values. <a href="https://redirect.github.com/github/codeql-action/pull/1705">#1705</a></li>
<li>Gracefully handle invalid URIs when fingerprinting. <a href="https://redirect.github.com/github/codeql-action/pull/1694">#1694</a></li>
</ul>
<h2>2.3.4 - 24 May 2023</h2>
<ul>
<li>Updated the SARIF 2.1.0 JSON schema file to the latest from <a href="123e95847b/Schemata/sarif-schema-2.1.0.json">oasis-tcs/sarif-spec</a>. <a href="https://redirect.github.com/github/codeql-action/pull/1668">#1668</a></li>
<li>We are rolling out a feature in May 2023 that will disable Python dependency installation for new users of the CodeQL Action. This improves the speed of analysis while having only a very minor impact on results. <a href="https://redirect.github.com/github/codeql-action/pull/1676">#1676</a></li>
<li>We are improving the way that <a href="https://github.com/github/codeql-action/releases">CodeQL bundles</a> are tagged to make it possible to easily identify bundles by their CodeQL semantic version. <a href="https://redirect.github.com/github/codeql-action/pull/1682">#1682</a>
<ul>
<li>As of CodeQL CLI 2.13.4, CodeQL bundles will be tagged using semantic versions, for example <code>codeql-bundle-v2.13.4</code>, instead of timestamps, like <code>codeql-bundle-20230615</code>.</li>
<li>This change does not affect the majority of workflows, and we will not be changing tags for existing bundle releases.</li>
<li>Some workflows with custom logic that depends on the specific format of the CodeQL bundle tag may need to be updated. For example, if your workflow matches CodeQL bundle tag names against a <code>codeql-bundle-yyyymmdd</code> pattern, you should update it to also recognize <code>codeql-bundle-vx.y.z</code> tags.</li>
</ul>
</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="489225d82a"><code>489225d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1777">#1777</a> from github/update-v2.20.4-a148c5807</li>
<li><a href="1b6383d6be"><code>1b6383d</code></a> Update changelog for v2.20.4</li>
<li><a href="a148c58075"><code>a148c58</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1776">#1776</a> from github/aeisenberg/changelog-releases</li>
<li><a href="50527c5dba"><code>50527c5</code></a> Add link to releases page in changelog</li>
<li><a href="814b2edab6"><code>814b2ed</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1762">#1762</a> from github/update-bundle/codeql-bundle-v2.14.0</li>
<li><a href="d2baed4b69"><code>d2baed4</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.14.0</li>
<li><a href="c5526174a5"><code>c552617</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1774">#1774</a> from github/dependabot/npm_and_yarn/npm-a34e423e98</li>
<li><a href="c1f49580cf"><code>c1f4958</code></a> Fix dependency incompatibilities</li>
<li><a href="40a500c743"><code>40a500c</code></a> Update checked-in dependencies</li>
<li><a href="4fad06f438"><code>4fad06f</code></a> Bump the npm group with 21 updates</li>
<li>Additional commits viewable in <a href="04df1262e6...489225d82a">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.2.9&new-version=2.20.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-07-14 23:00:50 +00:00
dependabot[bot] 6865bb4c9b
Bump actions/labeler from 4.2.0 to 4.3.0 (#130291) 
Bumps [actions/labeler](https://github.com/actions/labeler) from 4.2.0 to 4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/labeler/releases">actions/labeler's releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<p>In scope of this release, the ability to specify pull request number(s) was added by <a href="https://github.com/credfeto"><code>@​credfeto</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/349">actions/labeler#349</a>.</p>
<p>Support for reading from the configuration file presented on the runner was added by <a href="https://github.com/lrstanley"><code>@​lrstanley</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/394">actions/labeler#394</a>. It allows you to use a configuration file generated during workflow run or uploaded from a separate repository.</p>
<p>Please refer to the <a href="https://github.com/actions/labeler#inputs">action documentation</a> for more information.</p>
<p>This release also includes the following changes:</p>
<ul>
<li>Improved Error message for missing config file by <a href="https://github.com/Gornoka"><code>@​Gornoka</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/475">actions/labeler#475</a></li>
<li>Early exit when no files are changed by <a href="https://github.com/nathanhammond"><code>@​nathanhammond</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/456">actions/labeler#456</a></li>
<li>Add examples to match all repo files by <a href="https://github.com/MaksimZhukov"><code>@​MaksimZhukov</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/600">actions/labeler#600</a></li>
<li>Fix a typo in the example about using the action outputs by <a href="https://github.com/MaksimZhukov"><code>@​MaksimZhukov</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/606">actions/labeler#606</a></li>
<li>Bump eslint from 8.43.0 to 8.44.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/601">actions/labeler#601</a></li>
<li>Bump <code>@​typescript-eslint/parser</code> from 5.60.1 to 5.61.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/602">actions/labeler#602</a></li>
<li>Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.60.1 to 5.61.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/604">actions/labeler#604</a></li>
<li>Bump tough-cookie from 4.1.2 to 4.1.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/609">actions/labeler#609</a></li>
<li>Bump <code>@​octokit/plugin-retry</code> from 5.0.4 to 5.0.5 by <a href="https://github.com/MaksimZhukov"><code>@​MaksimZhukov</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/610">actions/labeler#610</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/credfeto"><code>@​credfeto</code></a> made their first contribution in <a href="https://redirect.github.com/actions/labeler/pull/349">actions/labeler#349</a></li>
<li><a href="https://github.com/lrstanley"><code>@​lrstanley</code></a> made their first contribution in <a href="https://redirect.github.com/actions/labeler/pull/394">actions/labeler#394</a></li>
<li><a href="https://github.com/nathanhammond"><code>@​nathanhammond</code></a> made their first contribution in <a href="https://redirect.github.com/actions/labeler/pull/456">actions/labeler#456</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/labeler/compare/v4...v4.3.0">https://github.com/actions/labeler/compare/v4...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="ac9175f8a1"><code>ac9175f</code></a> Bump <code>@​octokit/plugin-retry</code> from 5.0.4 to 5.0.5 (<a href="https://redirect.github.com/actions/labeler/issues/610">#610</a>)</li>
<li><a href="7542ec79bb"><code>7542ec7</code></a> Bump tough-cookie from 4.1.2 to 4.1.3 (<a href="https://redirect.github.com/actions/labeler/issues/609">#609</a>)</li>
<li><a href="be13bbd1b7"><code>be13bbd</code></a> Early exit when no files are changed. (<a href="https://redirect.github.com/actions/labeler/issues/456">#456</a>)</li>
<li><a href="994304c5d5"><code>994304c</code></a> feat(config): support reading from local file if it exists (<a href="https://redirect.github.com/actions/labeler/issues/394">#394</a>)</li>
<li><a href="327d35fdca"><code>327d35f</code></a> Added ability to pass in an optional PR number as a parameter (<a href="https://redirect.github.com/actions/labeler/issues/349">#349</a>)</li>
<li><a href="65f306b6dd"><code>65f306b</code></a> Fix a typo in the example about using the action outputs (<a href="https://redirect.github.com/actions/labeler/issues/606">#606</a>)</li>
<li><a href="b669025b7c"><code>b669025</code></a> Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.60.1 to 5.61.0 (<a href="https://redirect.github.com/actions/labeler/issues/604">#604</a>)</li>
<li><a href="52979ba0af"><code>52979ba</code></a> Bump <code>@​typescript-eslint/parser</code> from 5.60.1 to 5.61.0 (<a href="https://redirect.github.com/actions/labeler/issues/602">#602</a>)</li>
<li><a href="5bea1458bb"><code>5bea145</code></a> Bump eslint from 8.43.0 to 8.44.0 (<a href="https://redirect.github.com/actions/labeler/issues/601">#601</a>)</li>
<li><a href="a212485147"><code>a212485</code></a> Add examples to match all repo files (<a href="https://redirect.github.com/actions/labeler/issues/600">#600</a>)</li>
<li>Additional commits viewable in <a href="0967ca812e...ac9175f8a1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/labeler&package-manager=github_actions&previous-version=4.2.0&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-07-10 23:23:12 +00:00
godofredoc 732429e35b
Revert no-response to fork. (#129775) 
The core action is not scaling well for the # of Prs and bugs of the flutter project.

Bug: https://github.com/flutter/flutter/issues/129771
 2023-06-30 04:20:09 +00:00
dependabot[bot] 15513f2c73
Bump actions/labeler from 4.1.0 to 4.2.0 (#129797) 
Bumps [actions/labeler](https://github.com/actions/labeler) from 4.1.0 to 4.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/labeler/releases">actions/labeler's releases</a>.</em></p>
<blockquote>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<p>In the scope of this release, the following outputs were added by <a href="https://github.com/danielsht86"><code>@​danielsht86</code></a> in <a href="https://redirect.github.com/actions/labeler/issues/60">#60</a>:</p>
<ul>
<li><code>new-labels</code> - a comma-separated string that contains all newly added labels.</li>
<li><code>all-labels</code> - a comma-separated string that contains all labels currently assigned to the PR.</li>
</ul>
<p>For detailed information, please refer to our <a href="0967ca812e (outputs)">updated documentation</a>.</p>
<p>The issue of encountering an <code>HttpError: Server Error</code> when adding more than 50 labels has been successfully resolved by <a href="https://github.com/markmssd"><code>@​markmssd</code></a> in <a href="https://redirect.github.com/actions/labeler/issues/497">#497</a>. However, it's important to note that the GitHub API imposes a limit of 100 labels. To ensure smooth operation, a warning message that will alert you if the number of labels exceeds this limit was implemented. From this point forward, if more than 100 labels are specified, only the first 100 will be assigned.</p>
<p>The error handling for the <code>Resource not accessible by integration</code> error was added by <a href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a href="https://redirect.github.com/actions/labeler/issues/405">#405</a>. Now, if the workflow is misconfigured, the labeler provides a clear warning and guidance for correction.</p>
<p>This release also includes the following changes:</p>
<ul>
<li>Warn about the limitations of GitHub tokens by <a href="https://github.com/dfandrich"><code>@​dfandrich</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/491">actions/labeler#491</a></li>
<li>Improve readme by <a href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/589">actions/labeler#589</a></li>
<li>Bump eslint-plugin-jest from 27.2.1 to 27.2.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/591">actions/labeler#591</a></li>
<li>Bump eslint from 8.42.0 to 8.43.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/592">actions/labeler#592</a></li>
<li>Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.60.0 to 5.60.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/598">actions/labeler#598</a></li>
<li>Bump <code>@​typescript-eslint/parser</code> from 5.60.0 to 5.60.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/597">actions/labeler#597</a></li>
<li>Bump <code>@​octokit/plugin-retry</code> from 5.0.2 to 5.0.4 by <a href="https://github.com/MaksimZhukov"><code>@​MaksimZhukov</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/599">actions/labeler#599</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/dfandrich"><code>@​dfandrich</code></a> made their first contribution in <a href="https://redirect.github.com/actions/labeler/pull/491">actions/labeler#491</a></li>
<li><a href="https://github.com/markmssd"><code>@​markmssd</code></a> made their first contribution in <a href="https://redirect.github.com/actions/labeler/pull/497">actions/labeler#497</a></li>
<li><a href="https://github.com/danielsht86"><code>@​danielsht86</code></a> made their first contribution in <a href="https://redirect.github.com/actions/labeler/pull/60">actions/labeler#60</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/labeler/compare/v4...v4.2.0">https://github.com/actions/labeler/compare/v4...v4.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="0967ca812e"><code>0967ca8</code></a> Added output (<a href="https://redirect.github.com/actions/labeler/issues/60">#60</a>)</li>
<li><a href="375538a703"><code>375538a</code></a> Bump <code>@​octokit/plugin-retry</code> from 5.0.2 to 5.0.4 (<a href="https://redirect.github.com/actions/labeler/issues/599">#599</a>)</li>
<li><a href="8d17e8ac4c"><code>8d17e8a</code></a> Bump <code>@​typescript-eslint/parser</code> from 5.60.0 to 5.60.1 (<a href="https://redirect.github.com/actions/labeler/issues/597">#597</a>)</li>
<li><a href="9d45a7438f"><code>9d45a74</code></a> Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.60.0 to 5.60.1 (<a href="https://redirect.github.com/actions/labeler/issues/598">#598</a>)</li>
<li><a href="130636aba5"><code>130636a</code></a> Bump eslint from 8.42.0 to 8.43.0 (<a href="https://redirect.github.com/actions/labeler/issues/592">#592</a>)</li>
<li><a href="54aeabf7b5"><code>54aeabf</code></a> Bump <code>@​typescript-eslint/parser</code> from 5.59.11 to 5.60.0 (<a href="https://redirect.github.com/actions/labeler/issues/593">#593</a>)</li>
<li><a href="899595ff01"><code>899595f</code></a> Bump eslint-plugin-jest from 27.2.1 to 27.2.2 (<a href="https://redirect.github.com/actions/labeler/issues/591">#591</a>)</li>
<li><a href="8056174ee0"><code>8056174</code></a> Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.59.11 to 5.60.0 (<a href="https://redirect.github.com/actions/labeler/issues/594">#594</a>)</li>
<li><a href="7a202e6428"><code>7a202e6</code></a> fix: Limit number of labels added to 100 (<a href="https://redirect.github.com/actions/labeler/issues/497">#497</a>)</li>
<li><a href="b5ff161cf0"><code>b5ff161</code></a> Explain misconfigured workflow (<a href="https://redirect.github.com/actions/labeler/issues/405">#405</a>)</li>
<li>Additional commits viewable in <a href="9fcb2c2f55...0967ca812e">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/labeler&package-manager=github_actions&previous-version=4.1.0&new-version=4.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-06-29 23:19:39 +00:00
Ricardo Amador 264526db87
Revert "Update labeler.yml to v5.0.0-beta.1" (#129673) 
Reverts flutter/flutter#129617
 2023-06-27 22:05:28 +00:00
Casey Hillers b359e9072f
Update labeler.yml to v5.0.0-beta.1 (#129617) 
https://github.com/flutter/flutter/issues/128440
 2023-06-27 17:52:04 +00:00
godofredoc 9f1809b578
Fix syntax error in no-response (#129588) 
The comma needs to be enclosed in the quotes.


## Pre-launch Checklist

- [X] I read the [Contributor Guide] and followed the process outlined
there for submitting PRs.
- [X] I read the [Tree Hygiene] wiki page, which explains my
responsibilities.
- [X] I read and followed the [Flutter Style Guide], including [Features
we expect every widget to implement].
- [X] I signed the [CLA].
- [X] I listed at least one issue that this PR fixes in the description
above.
- [X] I updated/added relevant documentation (doc comments with `///`).
- [X] I added new tests to check the change I am making, or this PR is
[test-exempt].
- [X] All existing and new tests are passing.

If you need help, consider asking for advice on the #hackers-new channel
on [Discord].

<!-- Links -->
[Contributor Guide]:
https://github.com/flutter/flutter/wiki/Tree-hygiene#overview
[Tree Hygiene]: https://github.com/flutter/flutter/wiki/Tree-hygiene
[test-exempt]:
https://github.com/flutter/flutter/wiki/Tree-hygiene#tests
[Flutter Style Guide]:
https://github.com/flutter/flutter/wiki/Style-guide-for-Flutter-repo
[Features we expect every widget to implement]:
https://github.com/flutter/flutter/wiki/Style-guide-for-Flutter-repo#features-we-expect-every-widget-to-implement
[CLA]: https://cla.developers.google.com/
[flutter/tests]: https://github.com/flutter/tests
[breaking change policy]:
https://github.com/flutter/flutter/wiki/Tree-hygiene#handling-breaking-changes
[Discord]: https://github.com/flutter/flutter/wiki/Chat
 2023-06-26 16:22:55 -07:00
dependabot[bot] 96a2c05358
Bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#129453) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's releases</a>.</em></p>
<blockquote>
<h2>v2.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>🌱 Bump github.com/ossf/scorecard/v4 from v4.10.5 to v4.11.0 by <a href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1192">ossf/scorecard-action#1192</a></li>
</ul>
<h2>Scorecard Result Viewer</h2>
<p>Thanks to contributions from <a href="https://github.com/cynthia-sg"><code>@​cynthia-sg</code></a> and <a href="https://github.com/tegioz"><code>@​tegioz</code></a> at <a href="https://github.com/cncf/clomonitor">CLOMonitor</a>, there is a new Scorecard Result visualization page at <code>https://securityscorecards.dev/viewer/?uri=&lt;project-url&gt;</code>.</p>
<ul>
<li><a href="https://redirect.github.com/ossf/scorecard-webapp/pull/406">ossf/scorecard-webapp#406</a></li>
<li><a href="https://redirect.github.com/ossf/scorecard-webapp/pull/422">ossf/scorecard-webapp#422</a></li>
</ul>
<p>As an example, you can see our own score visualized <a href="https://securityscorecards.dev/viewer/?uri=github.com/ossf/scorecard">here</a>
Checkout our <a href="08b4669551/README.md (scorecard-badge)">README</a> to learn how to link your README badge to the new visualization page.</p>
<h2>Publishing Results</h2>
<p>This release contains two fixes which will improve the user experience when <code>publish_results</code> is <code>true</code></p>
<ul>
<li>Runs that fail our <a href="08b4669551/README.md (workflow-restrictions)">workflow restrictions</a> will fail with a 400 response indicating the problem, instead of a vague 500 status. (<a href="https://redirect.github.com/ossf/scorecard-action/pull/1156">ossf/scorecard-action#1156</a>, resolved <a href="https://redirect.github.com/ossf/scorecard-action/issues/1150">ossf/scorecard-action#1150</a>)</li>
<li>Scorecard action will retry when signing results and submitting them to our web API. This should help with flakiness from connection failures. (<a href="https://redirect.github.com/ossf/scorecard-action/pull/1191">ossf/scorecard-action#1191</a>)</li>
</ul>
<h2>Docs</h2>
<ul>
<li>📖 Update README to accept fine-grained tokens by <a href="https://github.com/pnacht"><code>@​pnacht</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1175">ossf/scorecard-action#1175</a></li>
<li>📖 Update installation instructions to match current GitHub UI  by <a href="https://github.com/joycebrum"><code>@​joycebrum</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1153">ossf/scorecard-action#1153</a></li>
<li>📖 Document the GitHub action workflow restrictions when publishing results. by <a href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a> in</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> made their first contribution in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1140">ossf/scorecard-action#1140</a></li>
<li><a href="https://github.com/pnacht"><code>@​pnacht</code></a> made their first contribution in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1175">ossf/scorecard-action#1175</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/ossf/scorecard-action/compare/v2.1.3...v2.2.0">https://github.com/ossf/scorecard-action/compare/v2.1.3...v2.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="08b4669551"><code>08b4669</code></a> 🌱 Bump docker tag to for v2.2.0 release. (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1194">#1194</a>)</li>
<li><a href="3c7470f58c"><code>3c7470f</code></a> 📖 Update README badge link to use new uri param. (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1185">#1185</a>)</li>
<li><a href="a164dbc12a"><code>a164dbc</code></a> 🌱 Bump github.com/ossf/scorecard/v4 from v4.10.5 to v4.11.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1192">#1192</a>)</li>
<li><a href="597960e1d9"><code>597960e</code></a> 📖 Update README to accept fine-grained tokens (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1175">#1175</a>)</li>
<li><a href="8808ed28c3"><code>8808ed2</code></a> 🌱 Retry external network calls when publishing results (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1191">#1191</a>)</li>
<li><a href="0eed6cb5da"><code>0eed6cb</code></a> 🌱 Bump golang.org/x/net from 0.10.0 to 0.11.0</li>
<li><a href="6c6335c126"><code>6c6335c</code></a> 🌱 Bump github/codeql-action from 2.3.6 to 2.20.0</li>
<li><a href="7f1baf380a"><code>7f1baf3</code></a> 📖 Switch recommended badge link to the new viewer. (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1176">#1176</a>)</li>
<li><a href="df98bbc13d"><code>df98bbc</code></a> 🌱 Bump actions/checkout from 3.5.2 to 3.5.3</li>
<li><a href="75886d414a"><code>75886d4</code></a> 🌱 Bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1172">#1172</a>)</li>
<li>Additional commits viewable in <a href="80e868c13c...08b4669551">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.3&new-version=2.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-06-26 18:42:13 +00:00
godofredoc bac0589539
Process only specific labels. (#129475) 
To avoid trying to process all the open bugs in flutter/flutter.
 2023-06-26 16:02:07 +00:00
godofredoc 0f006ea0dd
Fix issues with no response bot. (#129470) 
This is also increasing the number of items to be evaluated on each iteration.
 2023-06-24 04:03:59 +00:00
godofredoc 11f1ae6f83
Add r: timeout label to bugs/pr closed by no response bot. (#129408) 
Adds r: timeout to bugs closed by inactivity.

Bug: https://github.com/flutter/flutter/issues/104962
 2023-06-23 16:27:51 +00:00
godofredoc 3f90620ad0
Update no response to use core action. (#129405) 
This is to use a maintained version of the no-response action.

Bug: https://github.com/flutter/flutter/issues/127450
 2023-06-23 04:17:16 +00:00
dependabot[bot] e39ed8e86a
Bump actions/checkout from 3.5.2 to 3.5.3 (#128625) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v3.5.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix: Checkout Issue in self hosted runner due to faulty submodule check-ins by <a href="https://github.com/megamanics"><code>@​megamanics</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1196">actions/checkout#1196</a></li>
<li>Fix typos found by codespell by <a href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1287">actions/checkout#1287</a></li>
<li>Add support for sparse checkouts by <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1369">actions/checkout#1369</a></li>
<li>Release v3.5.3 by <a href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1376">actions/checkout#1376</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/megamanics"><code>@​megamanics</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1196">actions/checkout#1196</a></li>
<li><a href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1287">actions/checkout#1287</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3...v3.5.3">https://github.com/actions/checkout/compare/v3...v3.5.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v3.5.3</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@​actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1045">Implement branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942">Add GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix status badge</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1002">Replace datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap pipeline commands for submoduleForeach in quotes</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1029">Update <code>@​actions/io</code> to 1.1.2</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading version to 3.2.0</a></li>
</ul>
<h2>v3.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/939">Use <code>@​actions/core</code> <code>saveState</code> and <code>getState</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/922">Add <code>github-server-url</code> input</a></li>
</ul>
<h2>v3.0.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/770">Add input <code>set-safe-directory</code></a></li>
</ul>
<h2>v3.0.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/762">Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/744">Bumped various npm package versions</a></li>
</ul>
<h2>v3.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/689">Update to node 16</a></li>
</ul>
<h2>v2.3.1</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c85c95e3d7"><code>c85c95e</code></a> Release v3.5.3 (<a href="https://redirect.github.com/actions/checkout/issues/1376">#1376</a>)</li>
<li><a href="d106d4669b"><code>d106d46</code></a> Add support for sparse checkouts (<a href="https://redirect.github.com/actions/checkout/issues/1369">#1369</a>)</li>
<li><a href="f095bcc56b"><code>f095bcc</code></a> Fix typos found by codespell (<a href="https://redirect.github.com/actions/checkout/issues/1287">#1287</a>)</li>
<li><a href="47fbe2df0a"><code>47fbe2d</code></a> Fix: Checkout fail in self-hosted runners when faulty submodule are checked-i...</li>
<li>See full diff in <a href="8e5e7e5ab8...c85c95e3d7">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.5.2&new-version=3.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-06-10 18:15:04 +00:00
Casey Hillers 6e254a3f9f
[labeler] Set sync labels to false to stop removing labels (#128446) 
https://github.com/flutter/flutter/issues/128440

The current version of the action has a bug where the sync-labels default value is not read correctly. Explicitly setting to see if that stops the removals.
 2023-06-08 15:44:37 +00:00
dependabot[bot] c792a1721c
Bump actions/labeler from 4.0.4 to 4.1.0 (#128290) 
Bumps [actions/labeler](https://github.com/actions/labeler) from 4.0.4 to 4.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/labeler/releases">actions/labeler's releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<h2>What's Changed</h2>
<p>In scope of this release, the <code>dot</code> input was added by <a href="https://github.com/kachkaev"><code>@​kachkaev</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/316">actions/labeler#316</a>. It allows patterns to match paths starting with a period. This input is set to <code>false</code> by default.</p>
<h3>Usage</h3>
<pre lang="yml"><code>name: &quot;Pull Request Labeler&quot;
on:
- pull_request_target
<p>jobs:
triage:
permissions:
contents: read
pull-requests: write
runs-on: ubuntu-latest
steps:
- uses: actions/labeler@v4
with:
dot: true
</code></pre></p>
<p>This release also includes the following changes:</p>
<ul>
<li>Simplify globbing examples in README by <a href="https://github.com/Youssef1313"><code>@​Youssef1313</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/451">actions/labeler#451</a></li>
<li>Bump <code>@​typescript-eslint/parser</code> from 5.59.7 to 5.59.8 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/577">actions/labeler#577</a></li>
<li>Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.59.7 to 5.59.8 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/labeler/pull/578">actions/labeler#578</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Youssef1313"><code>@​Youssef1313</code></a> made their first contribution in <a href="https://redirect.github.com/actions/labeler/pull/451">actions/labeler#451</a></li>
<li><a href="https://github.com/kachkaev"><code>@​kachkaev</code></a> made their first contribution in <a href="https://redirect.github.com/actions/labeler/pull/316">actions/labeler#316</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/labeler/compare/v4...v4.1.0">https://github.com/actions/labeler/compare/v4...v4.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9fcb2c2f55"><code>9fcb2c2</code></a> Merge pull request <a href="https://redirect.github.com/actions/labeler/issues/578">#578</a> from actions/dependabot/npm_and_yarn/typescript-eslin...</li>
<li><a href="0d06c50435"><code>0d06c50</code></a> Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.59.7 to 5.59.8</li>
<li><a href="1d399c3ab6"><code>1d399c3</code></a> Merge pull request <a href="https://redirect.github.com/actions/labeler/issues/577">#577</a> from actions/dependabot/npm_and_yarn/typescript-eslin...</li>
<li><a href="82a4f6fc25"><code>82a4f6f</code></a> Merge pull request <a href="https://redirect.github.com/actions/labeler/issues/316">#316</a> from kachkaev/dot-option</li>
<li><a href="d40596e5db"><code>d40596e</code></a> micromatch → minimatch</li>
<li><a href="3cbc54c641"><code>3cbc54c</code></a> Merge pull request <a href="https://redirect.github.com/actions/labeler/issues/451">#451</a> from Youssef1313/patch-1</li>
<li><a href="639ba81ab1"><code>639ba81</code></a> Rebuild</li>
<li><a href="71d2484daa"><code>71d2484</code></a> Address review comment</li>
<li><a href="59d3310a72"><code>59d3310</code></a> Rebuild</li>
<li><a href="a78a6c7eb7"><code>a78a6c7</code></a> Update README.md</li>
<li>Additional commits viewable in <a href="0776a67936...9fcb2c2f55">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/labeler&package-manager=github_actions&previous-version=4.0.4&new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-06-05 22:59:09 +00:00
dependabot[bot] 4d1c6a4346
Bump actions/labeler from 2713f7303c96cb1e69627957ec16eea0fd7f94a4 to 0776a679364a9a16110aac8d0f40f5e11009e327 (#127533) 
Bumps [actions/labeler](https://github.com/actions/labeler) from 2713f7303c96cb1e69627957ec16eea0fd7f94a4 to 0776a679364a9a16110aac8d0f40f5e11009e327.
<details>
<summary>Commits</summary>
<ul>
<li><a href="0776a67936"><code>0776a67</code></a> Merge pull request <a href="https://redirect.github.com/actions/labeler/issues/571">#571</a> from akv-platform/remove-implicit-dependencies</li>
<li><a href="08382d15cb"><code>08382d1</code></a> Move eslint-plugin-node to dev dependencies</li>
<li><a href="d1dd326ccc"><code>d1dd326</code></a> Install eslint-plugin-node</li>
<li><a href="91076827ed"><code>9107682</code></a> Update configuration files</li>
<li>See full diff in <a href="2713f7303c...0776a67936">compare view</a></li>
</ul>
</details>
<br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-05-24 22:36:58 +00:00
dependabot[bot] 23fe4fca59
Bump actions/labeler from 6b107e7a7ee5e054e0bcce60de5181d21e2f00fb to 2713f7303c96cb1e69627957ec16eea0fd7f94a4 (#127438) 
Bumps [actions/labeler](https://github.com/actions/labeler) from 6b107e7a7ee5e054e0bcce60de5181d21e2f00fb to 2713f7303c96cb1e69627957ec16eea0fd7f94a4.
<details>
<summary>Commits</summary>
<ul>
<li><a href="2713f7303c"><code>2713f73</code></a> Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.59.6 to 5.59.7 (<a href="https://redirect.github.com/actions/labeler/issues/572">#572</a>)</li>
<li><a href="a4eda65d3d"><code>a4eda65</code></a> Bump <code>@​typescript-eslint/parser</code> from 5.59.6 to 5.59.7 (<a href="https://redirect.github.com/actions/labeler/issues/573">#573</a>)</li>
<li><a href="5c4deb8a24"><code>5c4deb8</code></a> Revert &quot;fix: correct reading of sync-labels input. (<a href="https://redirect.github.com/actions/labeler/issues/480">#480</a>)&quot; (<a href="https://redirect.github.com/actions/labeler/issues/564">#564</a>)</li>
<li><a href="61662e8f41"><code>61662e8</code></a> Bump eslint from 8.40.0 to 8.41.0 (<a href="https://redirect.github.com/actions/labeler/issues/569">#569</a>)</li>
<li>See full diff in <a href="6b107e7a7e...2713f7303c">compare view</a></li>
</ul>
</details>
<br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-05-23 23:26:05 +00:00
dependabot[bot] a3a0ef0393
Bump actions/labeler from 9471598e3b7ff22b2fa181bd79addf94cb3e0847 to 6b107e7a7ee5e054e0bcce60de5181d21e2f00fb (#127056) 
Bumps [actions/labeler](https://github.com/actions/labeler) from 9471598e3b7ff22b2fa181bd79addf94cb3e0847 to 6b107e7a7ee5e054e0bcce60de5181d21e2f00fb.
<details>
<summary>Commits</summary>
<ul>
<li><a href="6b107e7a7e"><code>6b107e7</code></a> Bump <code>@​typescript-eslint/parser</code> from 5.59.5 to 5.59.6 (<a href="https://redirect.github.com/actions/labeler/issues/565">#565</a>)</li>
<li><a href="d93c73a681"><code>d93c73a</code></a> Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.59.5 to 5.59.6 (<a href="https://redirect.github.com/actions/labeler/issues/566">#566</a>)</li>
<li><a href="b6f708799c"><code>b6f7087</code></a> Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.59.2 to 5.59.5 (<a href="https://redirect.github.com/actions/labeler/issues/559">#559</a>)</li>
<li><a href="2d89bd5059"><code>2d89bd5</code></a> Bump <code>@​typescript-eslint/parser</code> from 5.59.2 to 5.59.5 (<a href="https://redirect.github.com/actions/labeler/issues/560">#560</a>)</li>
<li><a href="581d1100aa"><code>581d110</code></a> Bump eslint from 8.39.0 to 8.40.0 (<a href="https://redirect.github.com/actions/labeler/issues/558">#558</a>)</li>
<li><a href="8bb4872750"><code>8bb4872</code></a> Bump eslint from 8.38.0 to 8.39.0 (<a href="https://redirect.github.com/actions/labeler/issues/543">#543</a>)</li>
<li><a href="9c4ae1e112"><code>9c4ae1e</code></a> Bump <code>@​typescript-eslint/eslint-plugin</code> from 5.58.0 to 5.59.2 (<a href="https://redirect.github.com/actions/labeler/issues/553">#553</a>)</li>
<li><a href="228fdad71d"><code>228fdad</code></a> Bump prettier from 2.8.7 to 2.8.8 (<a href="https://redirect.github.com/actions/labeler/issues/544">#544</a>)</li>
<li><a href="377691d3d6"><code>377691d</code></a> Bump <code>@​typescript-eslint/parser</code> from 5.58.0 to 5.59.2 (<a href="https://redirect.github.com/actions/labeler/issues/554">#554</a>)</li>
<li>See full diff in <a href="9471598e3b...6b107e7a7e">compare view</a></li>
</ul>
</details>
<br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-05-17 22:57:48 +00:00
Casey Hillers bf88f6053f
[github] Add labeler action (#126012) 
Part of https://github.com/flutter/flutter/issues/126002

Migrate the [Cocoon logic for labelling](https://cs.opensource.google/flutter/cocoon/+/main:app_dart/lib/src/request_handlers/github/webhook_subscription.dart;l=352) directly into the repo under test
 2023-05-09 18:23:43 +00:00
dependabot[bot] a6ea22c285
Bump codecov/codecov-action from 3.1.2 to 3.1.3 (#125253) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.2 to 3.1.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>3.1.3</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/957">codecov/codecov-action#957</a></li>
<li>build(deps): bump openpgp from 5.7.0 to 5.8.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/958">codecov/codecov-action#958</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to 18.15.12 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/959">codecov/codecov-action#959</a></li>
<li>fix: allow for aarch64 build by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/960">codecov/codecov-action#960</a></li>
<li>chore(release): bump to 3.1.3 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/961">codecov/codecov-action#961</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v3.1.2...v3.1.3">https://github.com/codecov/codecov-action/compare/v3.1.2...v3.1.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p>
<blockquote>
<h2>3.1.3</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a> fix: allow for aarch64 build</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a> build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a> build(deps): bump openpgp from 5.7.0 to 5.8.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to 18.15.12</li>
</ul>
<h2>3.1.2</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/718">#718</a> Update README.md</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/851">#851</a> Remove unsupported path_to_write_report argument</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/898">#898</a> codeql-analysis.yml</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/901">#901</a> Update README to contain correct information - inputs and negate feature</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/955">#955</a> fix: add in all the extra arguments for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/819">#819</a> build(deps): bump openpgp from 5.4.0 to 5.5.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/835">#835</a> build(deps): bump node-fetch from 3.2.4 to 3.2.10</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/840">#840</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/841">#841</a> build(deps): bump <code>@​actions/core</code> from 1.9.1 to 1.10.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/843">#843</a> build(deps): bump <code>@​actions/github</code> from 5.0.3 to 5.1.1</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/869">#869</a> build(deps): bump node-fetch from 3.2.10 to 3.3.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/872">#872</a> build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/879">#879</a> build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/889">#889</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/895">#895</a> build(deps): bump json5 from 2.2.1 to 2.2.3</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/896">#896</a> build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/900">#900</a> build(deps-dev): bump <code>@​vercel/ncc</code> from 0.34.0 to 0.36.1</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/905">#905</a> build(deps-dev): bump typescript from 4.7.4 to 4.9.5</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/911">#911</a> build(deps-dev): bump <code>@​types/node</code> from 16.11.40 to 18.13.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/922">#922</a> build(deps-dev): bump <code>@​types/node</code> from 18.13.0 to 18.14.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/924">#924</a> build(deps): bump openpgp from 5.5.0 to 5.7.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/927">#927</a> build(deps-dev): bump <code>@​types/node</code> from 18.14.0 to 18.14.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/933">#933</a> build(deps-dev): bump <code>@​types/node</code> from 18.14.2 to 18.14.6</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/937">#937</a> build(deps-dev): bump <code>@​types/node</code> from 18.14.6 to 18.15.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/938">#938</a> build(deps): bump node-fetch from 3.3.0 to 3.3.1</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/945">#945</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.0 to 18.15.5</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/946">#946</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.5 to 18.15.6</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/947">#947</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.6 to 18.15.10</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/951">#951</a> build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3</li>
</ul>
<h2>3.1.1</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/661">#661</a> Update deprecation warning</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/593">#593</a> Create codeql-analysis.yml</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/712">#712</a> README: fix typo</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/725">#725</a> fix: Remove a blank row</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/726">#726</a> Update README.md with correct badge version</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="894ff025c7"><code>894ff02</code></a> chore(release): bump to 3.1.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/961">#961</a>)</li>
<li><a href="f539f977d5"><code>f539f97</code></a> fix: allow for aarch64 build (<a href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a>)</li>
<li><a href="6757614f24"><code>6757614</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to 18.15.12 (<a href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a>)</li>
<li><a href="cdee249da5"><code>cdee249</code></a> build(deps): bump openpgp from 5.7.0 to 5.8.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a>)</li>
<li><a href="ce548e935a"><code>ce548e9</code></a> build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a>)</li>
<li>See full diff in <a href="40a12dcee2...894ff025c7">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=3.1.2&new-version=3.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2023-04-20 22:41:49 +00:00
godofredoc 8bbe71787a
Remove token permissions for coverage. (#124909) 
The coverage build does not require write access to checks.
 2023-04-17 17:31:30 +00:00
dependabot[bot] afdb2fac05
Bump actions/checkout from 3.5.1 to 3.5.2 (#124822) 
Bump actions/checkout from 3.5.1 to 3.5.2
 2023-04-13 23:45:05 +00:00
dependabot[bot] b95b86f820
Bump actions/checkout from 3.5.0 to 3.5.1 (#124731) 
Bump actions/checkout from 3.5.0 to 3.5.1
 2023-04-12 23:39:38 +00:00
dependabot[bot] 6e654d3605
Bump codecov/codecov-action from 3.1.1 to 3.1.2 (#124633) 
Bump codecov/codecov-action from 3.1.1 to 3.1.2
 2023-04-11 23:20:14 +00:00
dependabot[bot] 1a4f7584d9
Bump ossf/scorecard-action from 2.1.2 to 2.1.3 (#123725) 
Bump ossf/scorecard-action from 2.1.2 to 2.1.3
 2023-03-29 23:03:46 +00:00
dependabot[bot] d6287cc417
Bump github/codeql-action from 2.2.8 to 2.2.9 (#123564) 
Bump github/codeql-action from 2.2.8 to 2.2.9
 2023-03-27 22:49:35 +00:00
dependabot[bot] 4831dd99ef
Bump actions/checkout from 3.4.0 to 3.5.0 (#123431) 
Bump actions/checkout from 3.4.0 to 3.5.0
 2023-03-24 23:17:14 +00:00
dependabot[bot] 789982896a
Bump github/codeql-action from 2.2.7 to 2.2.8 (#123359) 
Bump github/codeql-action from 2.2.7 to 2.2.8
 2023-03-23 23:09:05 +00:00
dependabot[bot] 267e8896c5
Bump actions/checkout from 3.3.0 to 3.4.0 (#122764) 
Bump actions/checkout from 3.3.0 to 3.4.0
 2023-03-15 23:10:36 +00:00
dependabot[bot] 502cff69ba
Bump github/codeql-action from 2.2.6 to 2.2.7 (#122763) 
Bump github/codeql-action from 2.2.6 to 2.2.7
 2023-03-15 23:07:38 +00:00
dependabot[bot] f9ad42a32d
Bump github/codeql-action from 2.2.5 to 2.2.6 (#122431) 
Bump github/codeql-action from 2.2.5 to 2.2.6
 2023-03-11 03:32:04 +00:00
dependabot[bot] b891465e5c
Bump github/codeql-action from 2.1.39 to 2.2.5 (#121429) 
Bump github/codeql-action from 2.1.39 to 2.2.5
 2023-03-01 01:27:48 +00:00
dependabot[bot] 2b3ca0dc46
Bump github/codeql-action from 2.1.38 to 2.1.39 (#118735) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.38 to 2.1.39.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](515828d974...a34ca99b46)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-18 22:10:55 +00:00
dependabot[bot] 13a8dce22d
Bump github/codeql-action from 2.1.37 to 2.1.38 (#118482) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.37 to 2.1.38.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](959cbb7472...515828d974)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-13 22:07:50 +00:00
dependabot[bot] aabf146f32
Bump github/codeql-action from 2.1.35 to 2.1.37 (#117104) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.35 to 2.1.37.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](b2a92eb56d...959cbb7472)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-11 16:55:18 +00:00
dependabot[bot] 2e0849e9dc
Bump actions/checkout from 3.1.0 to 3.3.0 (#118052) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](93ea575cb5...ac59398561)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-11 16:53:50 +00:00
dependabot[bot] 33c71beee4
Bump actions/upload-artifact from 3.1.1 to 3.1.2 (#118116) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](83fd05a356...0b7f8abb15)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-11 16:53:49 +00:00
dependabot[bot] abd5217f48
Bump ossf/scorecard-action from 2.1.1 to 2.1.2 (#117554) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](15c10fcf1c...e38b1902ae)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-22 23:22:08 +00:00