development/flutter
development/flutter
1
0
Fork 0
mirror of https://github.com/flutter/flutter synced 2024-09-12 21:01:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
41322 commits 766 branches 973 tags 1.3 GiB
Commit graph

347 commits

Author SHA1 Message Date
dependabot[bot] 5a5f6e7666
Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#150456) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.5 to 6.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v6.1.0</h2>
<p>✨ Adds <code>pull-request-branch</code> as an action output.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump undici from 6.14.1 to 6.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2873">peter-evans/create-pull-request#2873</a></li>
<li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2878">peter-evans/create-pull-request#2878</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.31 to 18.19.32 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2884">peter-evans/create-pull-request#2884</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.32 to 18.19.33 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2890">peter-evans/create-pull-request#2890</a></li>
<li>build(deps-dev): bump ts-jest from 29.1.2 to 29.1.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2892">peter-evans/create-pull-request#2892</a></li>
<li>build(deps): bump undici from 6.15.0 to 6.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2891">peter-evans/create-pull-request#2891</a></li>
<li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2907">peter-evans/create-pull-request#2907</a></li>
<li>build(deps): bump undici from 6.18.0 to 6.18.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2913">peter-evans/create-pull-request#2913</a></li>
<li>build(deps-dev): bump ts-jest from 29.1.3 to 29.1.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2914">peter-evans/create-pull-request#2914</a></li>
<li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2921">peter-evans/create-pull-request#2921</a></li>
<li>build(deps): bump undici from 6.18.1 to 6.18.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2934">peter-evans/create-pull-request#2934</a></li>
<li>build(deps-dev): bump prettier from 3.2.5 to 3.3.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2936">peter-evans/create-pull-request#2936</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.33 to 18.19.34 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2935">peter-evans/create-pull-request#2935</a></li>
<li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2947">peter-evans/create-pull-request#2947</a></li>
<li>build(deps-dev): bump prettier from 3.3.0 to 3.3.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2959">peter-evans/create-pull-request#2959</a></li>
<li>build(deps-dev): bump braces from 3.0.2 to 3.0.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2962">peter-evans/create-pull-request#2962</a></li>
<li>build(deps-dev): bump ws from 8.11.0 to 8.17.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2970">peter-evans/create-pull-request#2970</a></li>
<li>build(deps-dev): bump ts-jest from 29.1.4 to 29.1.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2975">peter-evans/create-pull-request#2975</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.34 to 18.19.36 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2976">peter-evans/create-pull-request#2976</a></li>
<li>build(deps): bump undici from 6.18.2 to 6.19.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2977">peter-evans/create-pull-request#2977</a></li>
<li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2990">peter-evans/create-pull-request#2990</a></li>
<li>feat: add branch name output by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2995">peter-evans/create-pull-request#2995</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.5...v6.1.0">https://github.com/peter-evans/create-pull-request/compare/v6.0.5...v6.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c5a7806660"><code>c5a7806</code></a> feat: add branch name output (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2995">#2995</a>)</li>
<li><a href="4383ba9ef0"><code>4383ba9</code></a> build: update distribution (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2990">#2990</a>)</li>
<li><a href="36f7648874"><code>36f7648</code></a> build(deps): bump undici from 6.18.2 to 6.19.2 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2977">#2977</a>)</li>
<li><a href="5f7c1586fd"><code>5f7c158</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.34 to 18.19.36 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2976">#2976</a>)</li>
<li><a href="db1713da3a"><code>db1713d</code></a> build(deps-dev): bump ts-jest from 29.1.4 to 29.1.5 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2975">#2975</a>)</li>
<li><a href="ca98a71ccc"><code>ca98a71</code></a> build(deps-dev): bump ws from 8.11.0 to 8.17.1 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2970">#2970</a>)</li>
<li><a href="ce008085c8"><code>ce00808</code></a> build(deps-dev): bump braces from 3.0.2 to 3.0.3 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2962">#2962</a>)</li>
<li><a href="7318c0b7b6"><code>7318c0b</code></a> build(deps-dev): bump prettier from 3.3.0 to 3.3.2 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2959">#2959</a>)</li>
<li><a href="e30bbbb3c9"><code>e30bbbb</code></a> build: update distribution (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2947">#2947</a>)</li>
<li><a href="bad19b8e0b"><code>bad19b8</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.33 to 18.19.34 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2935">#2935</a>)</li>
<li>Additional commits viewable in <a href="6d6857d369...c5a7806660">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6.0.5&new-version=6.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-06-18 22:17:09 +00:00
Kate Lovett 62586dc09d
Update old wiki links (#149544) 
Part of https://github.com/flutter/flutter/issues/145009

Finishes updating links in the repo that pointed to the old wiki
 2024-06-17 17:26:08 +00:00
dependabot[bot] dd2ac7cdbe
Bump github/codeql-action from 3.25.9 to 3.25.10 (#150228) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.9 to 3.25.10.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.10 - 13 Jun 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.5. <a href="https://redirect.github.com/github/codeql-action/pull/2327">#2327</a></li>
</ul>
<h2>3.25.9 - 12 Jun 2024</h2>
<ul>
<li>Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. <a href="https://redirect.github.com/github/codeql-action/pull/2330">#2330</a></li>
<li>The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. <a href="https://redirect.github.com/github/codeql-action/pull/2332">#2332</a></li>
</ul>
<h2>3.25.8 - 04 Jun 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.4. <a href="https://redirect.github.com/github/codeql-action/pull/2321">#2321</a></li>
</ul>
<h2>3.25.7 - 31 May 2024</h2>
<ul>
<li>We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. <a href="https://redirect.github.com/github/codeql-action/pull/2306">#2306</a></li>
</ul>
<h2>3.25.6 - 20 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.3. <a href="https://redirect.github.com/github/codeql-action/pull/2295">#2295</a></li>
</ul>
<h2>3.25.5 - 13 May 2024</h2>
<ul>
<li>Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the <a href="https://github.com/github/codeql-action/blob/main/README.md">https://github.com/github/codeql-action/blob/main/README.md</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2273">#2273</a></li>
<li>Avoid printing out a warning for a missing <code>on.push</code> trigger when the CodeQL Action is triggered via a <code>workflow_call</code> event. <a href="https://redirect.github.com/github/codeql-action/pull/2274">#2274</a></li>
<li>The <code>tools: latest</code> input to the <code>init</code> Action has been renamed to <code>tools: linked</code>. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. <a href="https://redirect.github.com/github/codeql-action/pull/2281">#2281</a></li>
</ul>
<h2>3.25.4 - 08 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.2. <a href="https://redirect.github.com/github/codeql-action/pull/2270">#2270</a></li>
</ul>
<h2>3.25.3 - 25 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li>
<li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li>
</ul>
<h2>3.25.2 - 22 Apr 2024</h2>
<p>No user facing changes.</p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="23acc5c183"><code>23acc5c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2337">#2337</a> from github/update-v3.25.10-5bf6dad35</li>
<li><a href="9b72dbdc68"><code>9b72dbd</code></a> Update changelog for v3.25.10</li>
<li><a href="5bf6dad35b"><code>5bf6dad</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2329">#2329</a> from github/henrymercer/csharp-buildless-rollback-me...</li>
<li><a href="feec81c66b"><code>feec81c</code></a> Merge branch 'main' into henrymercer/csharp-buildless-rollback-mechanism</li>
<li><a href="789b5f86ef"><code>789b5f8</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2328">#2328</a> from github/henrymercer/direct-tracing-fix</li>
<li><a href="c36b5fc54f"><code>c36b5fc</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2327">#2327</a> from github/update-bundle/codeql-bundle-v2.17.5</li>
<li><a href="b3642aa04d"><code>b3642aa</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.17.5</li>
<li><a href="1fc6e20182"><code>1fc6e20</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2335">#2335</a> from github/mergeback/v3.25.9-to-main-530d4fea</li>
<li><a href="356bee4b4a"><code>356bee4</code></a> Update checked-in dependencies</li>
<li><a href="385808c715"><code>385808c</code></a> Update changelog and version after v3.25.9</li>
<li>Additional commits viewable in <a href="530d4feaa9...23acc5c183">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.9&new-version=3.25.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-06-14 00:00:14 +00:00
dependabot[bot] 3832475930
Bump actions/checkout from 4.1.6 to 4.1.7 (#150132) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.7</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/orhantoy"><code>@​orhantoy</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.6...v4.1.7">https://github.com/actions/checkout/compare/v4.1.6...v4.1.7</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="692973e3d9"><code>692973e</code></a> Prepare 4.1.7 release (<a href="https://redirect.github.com/actions/checkout/issues/1775">#1775</a>)</li>
<li><a href="6ccd57f4c5"><code>6ccd57f</code></a> Pin actions/checkout's own workflows to a known, good, stable version. (<a href="https://redirect.github.com/actions/checkout/issues/1776">#1776</a>)</li>
<li><a href="b17fe1e4d5"><code>b17fe1e</code></a> Handle hidden refs (<a href="https://redirect.github.com/actions/checkout/issues/1774">#1774</a>)</li>
<li><a href="b80ff79f17"><code>b80ff79</code></a> Bump actions/checkout from 3 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1697">#1697</a>)</li>
<li><a href="b1ec3021b8"><code>b1ec302</code></a> Bump the minor-npm-dependencies group across 1 directory with 4 updates (<a href="https://redirect.github.com/actions/checkout/issues/1739">#1739</a>)</li>
<li>See full diff in <a href="a5ac7e51b4...692973e3d9">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.6&new-version=4.1.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-06-12 21:47:14 +00:00
dependabot[bot] a8ffe530b8
Bump github/codeql-action from 3.25.8 to 3.25.9 (#150133) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.8 to 3.25.9.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.5. <a href="https://redirect.github.com/github/codeql-action/pull/2327">#2327</a></li>
</ul>
<h2>3.25.9 - 12 Jun 2024</h2>
<ul>
<li>Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. <a href="https://redirect.github.com/github/codeql-action/pull/2330">#2330</a></li>
<li>The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. <a href="https://redirect.github.com/github/codeql-action/pull/2332">#2332</a></li>
</ul>
<h2>3.25.8 - 04 Jun 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.4. <a href="https://redirect.github.com/github/codeql-action/pull/2321">#2321</a></li>
</ul>
<h2>3.25.7 - 31 May 2024</h2>
<ul>
<li>We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. <a href="https://redirect.github.com/github/codeql-action/pull/2306">#2306</a></li>
</ul>
<h2>3.25.6 - 20 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.3. <a href="https://redirect.github.com/github/codeql-action/pull/2295">#2295</a></li>
</ul>
<h2>3.25.5 - 13 May 2024</h2>
<ul>
<li>Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the <a href="https://github.com/github/codeql-action/blob/main/README.md">https://github.com/github/codeql-action/blob/main/README.md</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2273">#2273</a></li>
<li>Avoid printing out a warning for a missing <code>on.push</code> trigger when the CodeQL Action is triggered via a <code>workflow_call</code> event. <a href="https://redirect.github.com/github/codeql-action/pull/2274">#2274</a></li>
<li>The <code>tools: latest</code> input to the <code>init</code> Action has been renamed to <code>tools: linked</code>. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. <a href="https://redirect.github.com/github/codeql-action/pull/2281">#2281</a></li>
</ul>
<h2>3.25.4 - 08 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.2. <a href="https://redirect.github.com/github/codeql-action/pull/2270">#2270</a></li>
</ul>
<h2>3.25.3 - 25 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li>
<li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li>
</ul>
<h2>3.25.2 - 22 Apr 2024</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="530d4feaa9"><code>530d4fe</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2334">#2334</a> from github/update-v3.25.9-37809d1f1</li>
<li><a href="65db484585"><code>65db484</code></a> Update changelog for v3.25.9</li>
<li><a href="37809d1f16"><code>37809d1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2332">#2332</a> from github/henrymercer/cleanup-db-location</li>
<li><a href="159d9119ac"><code>159d911</code></a> Tweak changelog entries</li>
<li><a href="ed34eb9af4"><code>ed34eb9</code></a> Skip init-post cleanup on GitHub-hosted runners</li>
<li><a href="31fe7dd0a6"><code>31fe7dd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2326">#2326</a> from github/dependabot/npm_and_yarn/npm-8402b9d28a</li>
<li><a href="d8d73c0e76"><code>d8d73c0</code></a> Clean up DB cluster directory at the end of each job</li>
<li><a href="3d849e9df2"><code>3d849e9</code></a> Include underlying error in error message</li>
<li><a href="945bb878ef"><code>945bb87</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2331">#2331</a> from github/igfoo/bash</li>
<li><a href="9ee83fa7ef"><code>9ee83fa</code></a> Update checked-in dependencies</li>
<li>Additional commits viewable in <a href="2e230e8fe0...530d4feaa9">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.8&new-version=3.25.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-06-12 21:39:25 +00:00
Michael Thomsen 2d0a0237d2
Remove package:platform from issue template (#149995) 
Package is being transferred to the `dart-lang` github org: https://github.com/flutter/flutter/issues/141808
 2024-06-10 16:03:12 +00:00
dependabot[bot] cbc463a213
Bump github/codeql-action from 3.25.7 to 3.25.8 (#149691) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.7 to 3.25.8.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.8 - 04 Jun 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.4. <a href="https://redirect.github.com/github/codeql-action/pull/2321">#2321</a></li>
</ul>
<h2>3.25.7 - 31 May 2024</h2>
<ul>
<li>We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. <a href="https://redirect.github.com/github/codeql-action/pull/2306">#2306</a></li>
</ul>
<h2>3.25.6 - 20 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.3. <a href="https://redirect.github.com/github/codeql-action/pull/2295">#2295</a></li>
</ul>
<h2>3.25.5 - 13 May 2024</h2>
<ul>
<li>Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the <a href="https://github.com/github/codeql-action/blob/main/README.md">https://github.com/github/codeql-action/blob/main/README.md</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2273">#2273</a></li>
<li>Avoid printing out a warning for a missing <code>on.push</code> trigger when the CodeQL Action is triggered via a <code>workflow_call</code> event. <a href="https://redirect.github.com/github/codeql-action/pull/2274">#2274</a></li>
<li>The <code>tools: latest</code> input to the <code>init</code> Action has been renamed to <code>tools: linked</code>. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. <a href="https://redirect.github.com/github/codeql-action/pull/2281">#2281</a></li>
</ul>
<h2>3.25.4 - 08 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.2. <a href="https://redirect.github.com/github/codeql-action/pull/2270">#2270</a></li>
</ul>
<h2>3.25.3 - 25 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li>
<li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li>
</ul>
<h2>3.25.2 - 22 Apr 2024</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="2e230e8fe0"><code>2e230e8</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2323">#2323</a> from github/update-v3.25.8-18b06dd1d</li>
<li><a href="66ad891bd4"><code>66ad891</code></a> Update changelog for v3.25.8</li>
<li><a href="18b06dd1df"><code>18b06dd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2322">#2322</a> from github/dependabot/npm_and_yarn/npm-10d82c2911</li>
<li><a href="200dd0cf5b"><code>200dd0c</code></a> Update checked-in dependencies</li>
<li><a href="2bb35eab2f"><code>2bb35ea</code></a> bump the npm group with 4 updates</li>
<li><a href="9c15e42f19"><code>9c15e42</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2321">#2321</a> from github/update-bundle/codeql-bundle-v2.17.4</li>
<li><a href="98e79227df"><code>98e7922</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.17.4</li>
<li><a href="440350bade"><code>440350b</code></a> Add changelog note</li>
<li><a href="d4fcc8b7bd"><code>d4fcc8b</code></a> Update default bundle to codeql-bundle-v2.17.4</li>
<li><a href="add199be77"><code>add199b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2320">#2320</a> from github/angelapwen/use-linked-in-tests</li>
<li>Additional commits viewable in <a href="f079b84933...2e230e8fe0">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.7&new-version=3.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-06-04 22:35:54 +00:00
dependabot[bot] c8c495e0ee
Bump github/codeql-action from 3.25.6 to 3.25.7 (#149444) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.6 to 3.25.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.7 - 31 May 2024</h2>
<ul>
<li>We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. <a href="https://redirect.github.com/github/codeql-action/pull/2306">#2306</a></li>
</ul>
<h2>3.25.6 - 20 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.3. <a href="https://redirect.github.com/github/codeql-action/pull/2295">#2295</a></li>
</ul>
<h2>3.25.5 - 13 May 2024</h2>
<ul>
<li>Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the <a href="https://github.com/github/codeql-action/blob/main/README.md">https://github.com/github/codeql-action/blob/main/README.md</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2273">#2273</a></li>
<li>Avoid printing out a warning for a missing <code>on.push</code> trigger when the CodeQL Action is triggered via a <code>workflow_call</code> event. <a href="https://redirect.github.com/github/codeql-action/pull/2274">#2274</a></li>
<li>The <code>tools: latest</code> input to the <code>init</code> Action has been renamed to <code>tools: linked</code>. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. <a href="https://redirect.github.com/github/codeql-action/pull/2281">#2281</a></li>
</ul>
<h2>3.25.4 - 08 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.2. <a href="https://redirect.github.com/github/codeql-action/pull/2270">#2270</a></li>
</ul>
<h2>3.25.3 - 25 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li>
<li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li>
</ul>
<h2>3.25.2 - 22 Apr 2024</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f079b84933"><code>f079b84</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2317">#2317</a> from github/update-v3.25.7-a095bf2a1</li>
<li><a href="e1a42688db"><code>e1a4268</code></a> Update changelog for v3.25.7</li>
<li><a href="a095bf2a16"><code>a095bf2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2313">#2313</a> from github/revert-2312-update-bundle/codeql-bundle-...</li>
<li><a href="bbd4e19f51"><code>bbd4e19</code></a> Revert &quot;Update default bundle to 2.17.4&quot;</li>
<li><a href="9ab5d16a3d"><code>9ab5d16</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2312">#2312</a> from github/update-bundle/codeql-bundle-v2.17.4</li>
<li><a href="028346e1ff"><code>028346e</code></a> Add changelog note</li>
<li><a href="5fe08473f8"><code>5fe0847</code></a> Update default bundle to codeql-bundle-v2.17.4</li>
<li><a href="9550da953d"><code>9550da9</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2311">#2311</a> from github/henrymercer/pack-missing-auth-config-error</li>
<li><a href="6548a4d65c"><code>6548a4d</code></a> Add configuration error for missing auth to package registry</li>
<li><a href="7927df07e2"><code>7927df0</code></a> Bump micromatch from 4.0.5 to 4.0.7 in the npm group (<a href="https://redirect.github.com/github/codeql-action/issues/2310">#2310</a>)</li>
<li>Additional commits viewable in <a href="9fdb3e4972...f079b84933">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.6&new-version=3.25.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-31 22:38:04 +00:00
Kate Lovett 90937b02eb
Remove dynamic_layouts from issue template (#149252) 
Part of https://github.com/flutter/flutter/issues/148979

The package is being removed from flutter/packages, and so this removes it from the issue template.
 2024-05-29 17:28:03 +00:00
Kate Lovett 65abc95542
[wiki migration] Remaining pages under docs/contributing/ (#148790) 2024-05-23 15:19:04 -05:00
Kate Lovett de0fbdefe3
[wiki migration] Web team pages (#148777) 2024-05-23 14:36:47 -05:00
Kate Lovett 26e5352eec
[wiki migration] Remaining pages under docs/about/ (#148782) 
This moves the wiki pages that have a final destination under docs/about/ as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the team labels to the label bot for future PRs.

Changes to the content were only updating cross links, or links to refer to the main branch rather than master.
Remaining links to the wiki will be updated once all other pages have finished moving, they still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-22 18:41:12 +00:00
Kate Lovett 6332ff6690
[wiki migration] Tool team pages (#148779) 
This puts the wiki pages owned by the Tool team into the docs/tool directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the tool team labels to the label bot for future PRs.

Changes to the content were only updating cross links, or link to refer to the main branch rather than master.
Remaining links to the wiki will be updated once all other pages have finished moving, they still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-22 16:58:49 +00:00
Kate Lovett ca198c8585
[wiki migration] Pages under docs/postmortems/ (#148798) 
This moves the wiki pages that have a final destination under docs/postmortems/ as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the team labels to the label bot for future PRs.

Changes to the content were only updating cross links, or links to refer to the main branch rather than master.
Remaining links to the wiki will be updated once all other pages have finished moving, they still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-22 05:11:21 +00:00
Kate Lovett 1fa6f56b48
[wiki migration] Android team pages (#148585) 
This puts the wiki pages owned by the Android team into the docs/platforms/android directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the android team labels to the label bot for future PRs.

Changes to the content were only updating cross links, or link to refer to the main branch rather than master.
Remaining links to the wiki will be updated once all other pages have finished moving, they still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-21 19:20:51 +00:00
Kate Lovett 7d891907e3
[wiki migration] Infra team pages (#148718) 
This sorts the wiki pages owned by the Infra team in the docs/ directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the team-infra label to the bot for future PRs.

Image assets were checked in here: https://github.com/flutter/assets-for-api-docs/pull/246

Changes to the content were only updating links. The remaining wiki links will be updated after the rest of the pages are relocated, the original wiki links still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-21 18:17:10 +00:00
Kate Lovett fe9e485bde
[wiki migration] Release team pages (#148723) 
This sorts the wiki pages owned by the Release team in the docs/ directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the release related labels to the bot for future PRs.

Changes to the content were only updating cross links. The remaining wiki links will be updated after the rest of the pages are relocated, the original wiki links still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-21 17:30:35 +00:00
Kate Lovett 722c8d62fd
[wiki migration] Engine team pages (#148696) 
This sorts the wiki pages owned by the Engine team in the docs/ directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the engine and team-engine labels to the bot for future PRs.

Changes to the content were only updating cross links. The remaining wiki links will be updated after the rest of the pages are relocated, the original wiki links still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-20 23:40:42 +00:00
Kate Lovett bf7d67d80e
[wiki migration] Framework team pages (#148721) 
This sorts the wiki pages owned by the Framework team in the docs/ directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the framework related labels to the bot for future PRs.

Changes to the content were only updating cross links. The remaining wiki links will be updated after the rest of the pages are relocated, the original wiki links still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-20 23:40:35 +00:00
dependabot[bot] 3bb9624ca9
Bump github/codeql-action from 3.25.5 to 3.25.6 (#148715) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.5 to 3.25.6.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.6 - 20 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.3. <a href="https://redirect.github.com/github/codeql-action/pull/2295">#2295</a></li>
</ul>
<h2>3.25.5 - 13 May 2024</h2>
<ul>
<li>Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the <a href="https://github.com/github/codeql-action/blob/main/README.md">https://github.com/github/codeql-action/blob/main/README.md</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2273">#2273</a></li>
<li>Avoid printing out a warning for a missing <code>on.push</code> trigger when the CodeQL Action is triggered via a <code>workflow_call</code> event. <a href="https://redirect.github.com/github/codeql-action/pull/2274">#2274</a></li>
<li>The <code>tools: latest</code> input to the <code>init</code> Action has been renamed to <code>tools: linked</code>. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. <a href="https://redirect.github.com/github/codeql-action/pull/2281">#2281</a></li>
</ul>
<h2>3.25.4 - 08 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.2. <a href="https://redirect.github.com/github/codeql-action/pull/2270">#2270</a></li>
</ul>
<h2>3.25.3 - 25 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li>
<li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li>
</ul>
<h2>3.25.2 - 22 Apr 2024</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
<p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p>
</li>
<li>
<p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p>
</li>
<li>
<p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p>
</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9fdb3e4972"><code>9fdb3e4</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2300">#2300</a> from github/update-v3.25.6-63d519c0a</li>
<li><a href="00792ab1e0"><code>00792ab</code></a> Update changelog for v3.25.6</li>
<li><a href="63d519c0ae"><code>63d519c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2295">#2295</a> from github/update-bundle/codeql-bundle-v2.17.3</li>
<li><a href="0d9161ca1c"><code>0d9161c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2293">#2293</a> from github/henrymercer/update-build-mode-autobuild-...</li>
<li><a href="e9e27290e9"><code>e9e2729</code></a> Add changelog note</li>
<li><a href="de1ac31508"><code>de1ac31</code></a> Update default bundle to codeql-bundle-v2.17.3</li>
<li><a href="a57c67b895"><code>a57c67b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2286">#2286</a> from github/koesie10/ghec-dr-db-upload</li>
<li><a href="b7ef64ecb1"><code>b7ef64e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2294">#2294</a> from github/dependabot/npm_and_yarn/npm-d3285d5234</li>
<li><a href="e54dea297a"><code>e54dea2</code></a> Update checked-in dependencies</li>
<li><a href="3b42294f03"><code>3b42294</code></a> Bump the npm group across 1 directory with 4 updates</li>
<li>Additional commits viewable in <a href="b7cec75265...9fdb3e4972">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.5&new-version=3.25.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-20 21:54:43 +00:00
dependabot[bot] 7bd4bbed11
Bump codecov/codecov-action from 4.4.0 to 4.4.1 (#148714) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.4.0 to 4.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.4.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.8.0 to 7.9.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1427">codecov/codecov-action#1427</a></li>
<li>fix: prevent xlarge from running on forks by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1432">codecov/codecov-action#1432</a></li>
<li>build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1439">codecov/codecov-action#1439</a></li>
<li>build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1438">codecov/codecov-action#1438</a></li>
<li>fix: isPullRequestFromFork returns false for any PR by <a href="https://github.com/shahar-h"><code>@​shahar-h</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li>
<li>chore(release): 4.4.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1441">codecov/codecov-action#1441</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/shahar-h"><code>@​shahar-h</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1">https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1</a></p>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.8.0 to 7.9.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1427">codecov/codecov-action#1427</a></li>
<li>fix: prevent xlarge from running on forks by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1432">codecov/codecov-action#1432</a></li>
<li>build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1439">codecov/codecov-action#1439</a></li>
<li>build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1438">codecov/codecov-action#1438</a></li>
<li>fix: isPullRequestFromFork returns false for any PR by <a href="https://github.com/shahar-h"><code>@​shahar-h</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li>
<li>chore(release): 4.4.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1441">codecov/codecov-action#1441</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/shahar-h"><code>@​shahar-h</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1">https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="125fc84a9a"><code>125fc84</code></a> chore(release): 4.4.1 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1441">#1441</a>)</li>
<li><a href="c9dbf6a905"><code>c9dbf6a</code></a> fix: isPullRequestFromFork returns false for any PR (<a href="https://redirect.github.com/codecov/codecov-action/issues/1437">#1437</a>)</li>
<li><a href="59fc46f14a"><code>59fc46f</code></a> build(deps): bump actions/checkout from 4.1.5 to 4.1.6 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1438">#1438</a>)</li>
<li><a href="3889fddabb"><code>3889fdd</code></a> build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1439">#1439</a>)</li>
<li><a href="d42a336584"><code>d42a336</code></a> fix: prevent xlarge from running on forks (<a href="https://redirect.github.com/codecov/codecov-action/issues/1432">#1432</a>)</li>
<li><a href="fd624e50e7"><code>fd624e5</code></a> build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.8.0 to 7.9.0 (#...</li>
<li>See full diff in <a href="6d798873df...125fc84a9a">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.4.0&new-version=4.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-20 21:53:39 +00:00
Kate Lovett 49bc6bd54f
[wiki migration] Ecosystem team pages (#148589) 
This puts the wiki pages owned by the Ecosystem team into the docs/ecosystem directory as planned in [flutter.dev/go/migrate-flutter-wiki-spreadsheet](https://docs.google.com/spreadsheets/d/1x65189ZBdNiLRygpUYoU08pwvXD4M-Z157c6pm8deGI/edit?usp=sharing) 

It also adds the ecosystem team labels to the label bot for future PRs.

Changes to the content were only updating cross links. The remaining wiki links will be updated after the rest of the pages are relocated, the original wiki links still work in the meantime.

Part of https://github.com/flutter/flutter/issues/145009
 2024-05-20 17:44:39 +00:00
dependabot[bot] 54830cf143
Bump actions/checkout from 4.1.5 to 4.1.6 (#148516) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.5 to 4.1.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.6</h2>
<h2>What's Changed</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
<li>Update for 4.1.6 release by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1733">actions/checkout#1733</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.5...v4.1.6">https://github.com/actions/checkout/compare/v4.1.5...v4.1.6</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a5ac7e51b4"><code>a5ac7e5</code></a> Update for 4.1.6 release (<a href="https://redirect.github.com/actions/checkout/issues/1733">#1733</a>)</li>
<li><a href="24ed1a3528"><code>24ed1a3</code></a> Check platform for extension (<a href="https://redirect.github.com/actions/checkout/issues/1732">#1732</a>)</li>
<li>See full diff in <a href="44c2b7a8a4...a5ac7e51b4">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.5&new-version=4.1.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-16 23:13:13 +00:00
dependabot[bot] cbc51f15eb
Bump codecov/codecov-action from 4.3.1 to 4.4.0 (#148355) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.1 to 4.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore: Clarify isPullRequestFromFork by <a href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1411">codecov/codecov-action#1411</a></li>
<li>build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1423">codecov/codecov-action#1423</a></li>
<li>build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1421">codecov/codecov-action#1421</a></li>
<li>build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1420">codecov/codecov-action#1420</a></li>
<li>feat: remove GPG and run on spawn by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1426">codecov/codecov-action#1426</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.8.0 to 7.9.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1428">codecov/codecov-action#1428</a></li>
<li>chore(release): 4.4.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1430">codecov/codecov-action#1430</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.3.1...v4.4.0">https://github.com/codecov/codecov-action/compare/v4.3.1...v4.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6d798873df"><code>6d79887</code></a> chore(release): 4.4.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1430">#1430</a>)</li>
<li><a href="37364fa731"><code>37364fa</code></a> build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.8.0 to 7.9.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1428">#1428</a>)</li>
<li><a href="2791a5c4fe"><code>2791a5c</code></a> fix: remove GPG and run on spawn (<a href="https://redirect.github.com/codecov/codecov-action/issues/1426">#1426</a>)</li>
<li><a href="b71af43c1e"><code>b71af43</code></a> build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1420">#1420</a>)</li>
<li><a href="29f97fc54f"><code>29f97fc</code></a> build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1421">#1421</a>)</li>
<li><a href="645d2a5926"><code>645d2a5</code></a> build(deps): bump actions/checkout from 4.1.4 to 4.1.5 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1423">#1423</a>)</li>
<li><a href="f691d469fb"><code>f691d46</code></a> chore: Clarify isPullRequestFromFork (<a href="https://redirect.github.com/codecov/codecov-action/issues/1411">#1411</a>)</li>
<li>See full diff in <a href="5ecb98a3c6...6d798873df">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.3.1&new-version=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-14 22:35:49 +00:00
dependabot[bot] 27f683d6c3
Bump github/codeql-action from 3.25.3 to 3.25.5 (#148262) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.3 to 3.25.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.5 - 13 May 2024</h2>
<ul>
<li>Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the <a href="https://github.com/github/codeql-action/blob/main/README.md">https://github.com/github/codeql-action/blob/main/README.md</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2273">#2273</a></li>
<li>Avoid printing out a warning for a missing <code>on.push</code> trigger when the CodeQL Action is triggered via a <code>workflow_call</code> event. <a href="https://redirect.github.com/github/codeql-action/pull/2274">#2274</a></li>
<li>The <code>tools: latest</code> input to the <code>init</code> Action has been renamed to <code>tools: linked</code>. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. <a href="https://redirect.github.com/github/codeql-action/pull/2281">#2281</a></li>
</ul>
<h2>3.25.4 - 08 May 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.2. <a href="https://redirect.github.com/github/codeql-action/pull/2270">#2270</a></li>
</ul>
<h2>3.25.3 - 25 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li>
<li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li>
</ul>
<h2>3.25.2 - 22 Apr 2024</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
<p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p>
</li>
<li>
<p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p>
</li>
<li>
<p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p>
</li>
<li>
<p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p>
</li>
</ul>
<h2>3.24.10 - 05 Apr 2024</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="b7cec75265"><code>b7cec75</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2287">#2287</a> from github/update-v3.25.5-4a5197247</li>
<li><a href="6778fe4553"><code>6778fe4</code></a> Update changelog for v3.25.5</li>
<li><a href="4a51972477"><code>4a51972</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2280">#2280</a> from github/henrymercer/on-demand-ffs</li>
<li><a href="a8c32fd278"><code>a8c32fd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2283">#2283</a> from github/henrymercer/disable-fail-fast</li>
<li><a href="f73b0b70eb"><code>f73b0b7</code></a> Disable fail fast for non-generated workflows</li>
<li><a href="c59e05245f"><code>c59e052</code></a> Disable fail fast in generated workflows</li>
<li><a href="33e416c056"><code>33e416c</code></a> Comment that <code>legacyApi</code> is false by default</li>
<li><a href="67f8a36bdb"><code>67f8a36</code></a> Merge branch 'main' into henrymercer/on-demand-ffs</li>
<li><a href="4995c49010"><code>4995c49</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2282">#2282</a> from github/henrymercer/no-build-mode-tracing-improv...</li>
<li><a href="def4d2cd4e"><code>def4d2c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2273">#2273</a> from github/aeisenberg/specify-versions</li>
<li>Additional commits viewable in <a href="d39d31e687...b7cec75265">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.3&new-version=3.25.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-13 22:26:41 +00:00
dependabot[bot] c90e18c6f5
Bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#148091) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action)
from 2.3.1 to 2.3.3.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="dc50aa9510"><code>dc50aa9</code></a>
🌱 Bump docker tag for v2.3.3 release (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1368">#1368</a>)</li>
<li><a
href="8ff5700173"><code>8ff5700</code></a>
🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to
v5.0.0-rc2.0....</li>
<li><a
href="8ba5e73d11"><code>8ba5e73</code></a>
update api links to new scorecard.dev site (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1376">#1376</a>)</li>
<li><a
href="92ddde3eaf"><code>92ddde3</code></a>
Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1374">#1374</a>)</li>
<li><a
href="6c55905542"><code>6c55905</code></a>
🌱 Bump golang.org/x/net from 0.24.0 to 0.25.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1373">#1373</a>)</li>
<li><a
href="09bb953b6a"><code>09bb953</code></a>
🌱 Bump distroless/base in the docker-images group (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1372">#1372</a>)</li>
<li><a
href="1511e1305b"><code>1511e13</code></a>
🌱 Bump the github-actions group across 1 directory with 6
updates (#...</li>
<li><a
href="df66cd8fd8"><code>df66cd8</code></a>
🌱 Bump the docker-images group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1370">#1370</a>)</li>
<li><a
href="fad9a3cc53"><code>fad9a3c</code></a>
🌱 Bump distroless/base in the docker-images group (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1364">#1364</a>)</li>
<li><a
href="1e01a309c1"><code>1e01a30</code></a>
🌱 Bump the github-actions group with 3 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1365">#1365</a>)</li>
<li>Additional commits viewable in <a
href="0864cf1902...dc50aa9510">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.3.1&new-version=2.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-09 20:32:11 -07:00
Jenn Magder 5a663e6ef8
Update dependabot reviewers (#148101) 
Update dependabot reviewers.
 2024-05-09 19:59:27 -07:00
dependabot[bot] 4031041a4b
Bump actions/checkout from 4.1.4 to 4.1.5 (#147888) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.4...v4.1.5">https://github.com/actions/checkout/compare/v4.1.4...v4.1.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="44c2b7a8a4"><code>44c2b7a</code></a> README: Suggest <code>user.email</code> to be `41898282+github-actions[bot]<a href="https://github.com/users"><code>@​users</code></a>.norepl...</li>
<li><a href="8459bc0c7e"><code>8459bc0</code></a> Bump actions/upload-artifact from 2 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1695">#1695</a>)</li>
<li><a href="3f603f6d5e"><code>3f603f6</code></a> Bump actions/setup-node from 1 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1696">#1696</a>)</li>
<li><a href="fd084cde18"><code>fd084cd</code></a> Bump github/codeql-action from 2 to 3 (<a href="https://redirect.github.com/actions/checkout/issues/1694">#1694</a>)</li>
<li><a href="9c1e94e0ad"><code>9c1e94e</code></a> Update NPM dependencies (<a href="https://redirect.github.com/actions/checkout/issues/1703">#1703</a>)</li>
<li>See full diff in <a href="0ad4b8fada...44c2b7a8a4">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.4&new-version=4.1.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-06 21:45:36 +00:00
dependabot[bot] ffbeb5a39c
Bump codecov/codecov-action from 4.3.0 to 4.3.1 (#147674) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.0 to 4.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.3.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump typescript from 5.4.4 to 5.4.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1370">codecov/codecov-action#1370</a></li>
<li>fix: more verbose log message when failing to import pgp key by <a href="https://github.com/ReenigneArcher"><code>@​ReenigneArcher</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1371">codecov/codecov-action#1371</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.6.0 to 7.7.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1374">codecov/codecov-action#1374</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.6.0 to 7.7.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1375">codecov/codecov-action#1375</a></li>
<li>build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1382">codecov/codecov-action#1382</a></li>
<li>build(deps): bump github/codeql-action from 3.24.10 to 3.25.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1381">codecov/codecov-action#1381</a></li>
<li>build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1380">codecov/codecov-action#1380</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.7.0 to 7.7.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1384">codecov/codecov-action#1384</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.7.0 to 7.7.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1383">codecov/codecov-action#1383</a></li>
<li>Update README.md to point to docs about tokenless by <a href="https://github.com/rohan-at-sentry"><code>@​rohan-at-sentry</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1395">codecov/codecov-action#1395</a></li>
<li>build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1393">codecov/codecov-action#1393</a></li>
<li>build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1392">codecov/codecov-action#1392</a></li>
<li>build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1391">codecov/codecov-action#1391</a></li>
<li>style: Node Packages by <a href="https://github.com/marcobiedermann"><code>@​marcobiedermann</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1394">codecov/codecov-action#1394</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.7.1 to 7.8.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1402">codecov/codecov-action#1402</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.7.1 to 7.8.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1401">codecov/codecov-action#1401</a></li>
<li>docs: Type Annotations by <a href="https://github.com/marcobiedermann"><code>@​marcobiedermann</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1397">codecov/codecov-action#1397</a></li>
<li>docs: main branch by <a href="https://github.com/marcobiedermann"><code>@​marcobiedermann</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1396">codecov/codecov-action#1396</a></li>
<li>fix: bypass token checks for forks and OIDC by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1404">codecov/codecov-action#1404</a></li>
<li>chore(release): 4.3.1. by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1405">codecov/codecov-action#1405</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ReenigneArcher"><code>@​ReenigneArcher</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1371">codecov/codecov-action#1371</a></li>
<li><a href="https://github.com/rohan-at-sentry"><code>@​rohan-at-sentry</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1395">codecov/codecov-action#1395</a></li>
<li><a href="https://github.com/marcobiedermann"><code>@​marcobiedermann</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1394">codecov/codecov-action#1394</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.3.0...v4.3.1">https://github.com/codecov/codecov-action/compare/v4.3.0...v4.3.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="5ecb98a3c6"><code>5ecb98a</code></a> chore(release): 4.3.1. (<a href="https://redirect.github.com/codecov/codecov-action/issues/1405">#1405</a>)</li>
<li><a href="5a299d1127"><code>5a299d1</code></a> fix: bypass token checks for forks and OIDC (<a href="https://redirect.github.com/codecov/codecov-action/issues/1404">#1404</a>)</li>
<li><a href="dad251dcaf"><code>dad251d</code></a> docs: main branch (<a href="https://redirect.github.com/codecov/codecov-action/issues/1396">#1396</a>)</li>
<li><a href="e8bbe5fc01"><code>e8bbe5f</code></a> docs: Type Annotations (<a href="https://redirect.github.com/codecov/codecov-action/issues/1397">#1397</a>)</li>
<li><a href="a6fd87fc19"><code>a6fd87f</code></a> build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.7.1 to 7.8.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1401">#1401</a>)</li>
<li><a href="76c8cd6163"><code>76c8cd6</code></a> build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.7.1 to 7.8.0 (#...</li>
<li><a href="1290bddc88"><code>1290bdd</code></a> style: Node Packages (<a href="https://redirect.github.com/codecov/codecov-action/issues/1394">#1394</a>)</li>
<li><a href="951ef79006"><code>951ef79</code></a> build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1391">#1391</a>)</li>
<li><a href="bb71c1ba2f"><code>bb71c1b</code></a> build(deps): bump actions/checkout from 4.1.3 to 4.1.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1392">#1392</a>)</li>
<li><a href="acc5d43cad"><code>acc5d43</code></a> build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1393">#1393</a>)</li>
<li>Additional commits viewable in <a href="84508663e9...5ecb98a3c6">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.3.0&new-version=4.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-05-01 22:19:20 +00:00
dependabot[bot] 3488d9af80
Bump github/codeql-action from 3.25.2 to 3.25.3 (#147437) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.2 to 3.25.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.3 - 25 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li>
<li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li>
</ul>
<h2>3.25.2 - 22 Apr 2024</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
<p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p>
</li>
<li>
<p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p>
</li>
<li>
<p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p>
</li>
<li>
<p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p>
</li>
</ul>
<h2>3.24.10 - 05 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
</ul>
<h2>3.24.9 - 22 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li>
</ul>
<h2>3.24.8 - 18 Mar 2024</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="d39d31e687"><code>d39d31e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2262">#2262</a> from github/update-v3.25.3-ac2f82a1f</li>
<li><a href="a7278252c7"><code>a727825</code></a> Move changenote to most recent section</li>
<li><a href="1efa8597b1"><code>1efa859</code></a> Update changelog for v3.25.3</li>
<li><a href="ac2f82a1ff"><code>ac2f82a</code></a> Log warning if SIP is disabled and CLI version is &lt; 2.15.1 (<a href="https://redirect.github.com/github/codeql-action/issues/2261">#2261</a>)</li>
<li><a href="0ad7791640"><code>0ad7791</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2247">#2247</a> from github/update-bundle/codeql-bundle-v2.17.1</li>
<li><a href="79d9ee7f07"><code>79d9ee7</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.17.1</li>
<li><a href="dbf2b1706b"><code>dbf2b17</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2255">#2255</a> from github/mergeback/v3.25.2-to-main-8f596b4a</li>
<li><a href="ff6a3c42a5"><code>ff6a3c4</code></a> Update checked-in dependencies</li>
<li><a href="619dc0c4b8"><code>619dc0c</code></a> Update changelog and version after v3.25.2</li>
<li><a href="39e1e6509e"><code>39e1e65</code></a> Add changelog note</li>
<li>Additional commits viewable in <a href="8f596b4ae3...d39d31e687">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.2&new-version=3.25.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-26 22:26:11 +00:00
dependabot[bot] af34484cb8
Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#147388) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.4 to 6.0.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v6.0.5</h2>
<p>⚙️ Fixes an issue with proxy support for users that run self-hosted behind a proxy.</p>
<h2>What's Changed</h2>
<ul>
<li>fix: update proxy support to follow octokit change to fetch api by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2867">peter-evans/create-pull-request#2867</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.4...v6.0.5">https://github.com/peter-evans/create-pull-request/compare/v6.0.4...v6.0.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6d6857d369"><code>6d6857d</code></a> fix: update proxy support to follow octokit change to fetch api (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2867">#2867</a>)</li>
<li>See full diff in <a href="9153d834b6...6d6857d369">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6.0.4&new-version=6.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-26 04:28:21 +00:00
dependabot[bot] c22ed980d0
Bump actions/checkout from 4.1.3 to 4.1.4 (#147334) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.3 to 4.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.3...v4.1.4">https://github.com/actions/checkout/compare/v4.1.3...v4.1.4</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@​actions/io</code></a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="0ad4b8fada"><code>0ad4b8f</code></a> Prep Release v4.1.4 (<a href="https://redirect.github.com/actions/checkout/issues/1704">#1704</a>)</li>
<li><a href="43045ae669"><code>43045ae</code></a> Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> (<a href="https://redirect.github.com/actions/checkout/issues/1692">#1692</a>)</li>
<li><a href="37b082107b"><code>37b0821</code></a> Bump the minor-actions-dependencies group with 2 updates (<a href="https://redirect.github.com/actions/checkout/issues/1693">#1693</a>)</li>
<li><a href="9839dc14a0"><code>9839dc1</code></a> Add dependabot config (<a href="https://redirect.github.com/actions/checkout/issues/1688">#1688</a>)</li>
<li><a href="9b4c13b0bf"><code>9b4c13b</code></a> Bump word-wrap from 1.2.3 to 1.2.5 (<a href="https://redirect.github.com/actions/checkout/issues/1643">#1643</a>)</li>
<li>See full diff in <a href="1d96c772d1...0ad4b8fada">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.3&new-version=4.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-24 23:51:01 +00:00
dependabot[bot] c217f763e9
Bump actions/upload-artifact from 4.3.2 to 4.3.3 (#147192) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.2 to 4.3.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p>
<blockquote>
<h2>v4.3.3</h2>
<h2>What's Changed</h2>
<ul>
<li>updating <code>@actions/artifact</code> dependency to v2.1.6 by <a href="https://github.com/eggyhead"><code>@​eggyhead</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/565">actions/upload-artifact#565</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.3.2...v4.3.3">https://github.com/actions/upload-artifact/compare/v4.3.2...v4.3.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="65462800fd"><code>6546280</code></a> updating package version</li>
<li><a href="c004fb4bf6"><code>c004fb4</code></a> Merge branch 'main' into eggyhead/use-artifact-v2.1.6</li>
<li><a href="90aba496fc"><code>90aba49</code></a> updating toolkit artifact dependency to 2.1.6</li>
<li><a href="b06cde36fc"><code>b06cde3</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/563">#563</a> from actions/eggyhead/release-4.3.2</li>
<li>See full diff in <a href="1746f4ab65...65462800fd">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.3.2&new-version=4.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-23 00:23:02 +00:00
dependabot[bot] be62c7f743
Bump github/codeql-action from 3.25.1 to 3.25.2 (#147193) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.1 to 3.25.2.
<details>
<summary>Commits</summary>
<ul>
<li><a href="8f596b4ae3"><code>8f596b4</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2254">#2254</a> from github/update-v3.25.2-4909c1ffb</li>
<li><a href="de8916ec5a"><code>de8916e</code></a> Update changelog for v3.25.2</li>
<li><a href="4909c1ffb9"><code>4909c1f</code></a> Bump the npm group with 3 updates (<a href="https://redirect.github.com/github/codeql-action/issues/2253">#2253</a>)</li>
<li><a href="f45390cde1"><code>f45390c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2252">#2252</a> from github/henrymercer/failed-external-repo-config-...</li>
<li><a href="1be8c488eb"><code>1be8c48</code></a> Add configuration error for failing to clone external Git repo</li>
<li><a href="82edfe29ce"><code>82edfe2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2246">#2246</a> from github/koesie10/remove-incorrect-log</li>
<li><a href="8786e1f9a1"><code>8786e1f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2249">#2249</a> from github/mergeback/v3.25.1-to-main-c7f91257</li>
<li><a href="3c7ac61481"><code>3c7ac61</code></a> Update checked-in dependencies</li>
<li><a href="b5bd9be6da"><code>b5bd9be</code></a> Update changelog and version after v3.25.1</li>
<li><a href="5d73b1bd71"><code>5d73b1b</code></a> Remove incorrect log message</li>
<li>See full diff in <a href="c7f9125735...8f596b4ae3">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.1&new-version=3.25.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-23 00:21:05 +00:00
dependabot[bot] 24def4d417
Bump actions/checkout from 4.1.2 to 4.1.3 (#147090) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.2...v4.1.3">https://github.com/actions/checkout/compare/v4.1.2...v4.1.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1d96c772d1"><code>1d96c77</code></a> Add SSH user parameter (<a href="https://redirect.github.com/actions/checkout/issues/1685">#1685</a>)</li>
<li><a href="cd7d8d697e"><code>cd7d8d6</code></a> Check git version before attempting to disable <code>sparse-checkout</code> (<a href="https://redirect.github.com/actions/checkout/issues/1656">#1656</a>)</li>
<li><a href="8410ad0602"><code>8410ad0</code></a> Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> (<a href="https://redirect.github.com/actions/checkout/issues/1650">#1650</a>)</li>
<li>See full diff in <a href="9bb56186c3...1d96c772d1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.2&new-version=4.1.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-19 23:03:04 +00:00
dependabot[bot] 7433225a95
Bump actions/upload-artifact from 4.3.1 to 4.3.2 (#147011) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.1 to 4.3.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p>
<blockquote>
<h2>v4.3.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update release-new-action-version.yml by <a href="https://github.com/konradpabjan"><code>@​konradpabjan</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/516">actions/upload-artifact#516</a></li>
<li>Minor fix to the migration readme by <a href="https://github.com/andrewakim"><code>@​andrewakim</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/523">actions/upload-artifact#523</a></li>
<li>Update readme with v3/v2/v1 deprecation notice by <a href="https://github.com/robherley"><code>@​robherley</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/561">actions/upload-artifact#561</a></li>
<li>updating <code>@actions/artifact</code> dependency to v2.1.5 and <code>@actions/core</code> to v1.0.1 by <a href="https://github.com/eggyhead"><code>@​eggyhead</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/562">actions/upload-artifact#562</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/andrewakim"><code>@​andrewakim</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/523">actions/upload-artifact#523</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.3.1...v4.3.2">https://github.com/actions/upload-artifact/compare/v4.3.1...v4.3.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1746f4ab65"><code>1746f4a</code></a> Revert &quot;updating to release 4.3.2&quot;</li>
<li><a href="31685d04a0"><code>31685d0</code></a> updating to release 4.3.2</li>
<li><a href="18bf333cd2"><code>18bf333</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/562">#562</a> from actions/eggyhead/update-artifact-v215</li>
<li><a href="dac413befa"><code>dac413b</code></a> update package lock version</li>
<li><a href="bb3b4a3cdb"><code>bb3b4a3</code></a> updating package version</li>
<li><a href="3e3da837d2"><code>3e3da83</code></a> updating artifact and core dependencies</li>
<li><a href="e35774f165"><code>e35774f</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/561">#561</a> from actions/robherley/deprecation-notice</li>
<li><a href="e63ea677fb"><code>e63ea67</code></a> Update readme with v3/v2/v1 deprecation notice</li>
<li><a href="ef09cdac3e"><code>ef09cda</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/523">#523</a> from andrewakim/andrewakim/migration-readme-fix</li>
<li><a href="00e36f94d8"><code>00e36f9</code></a> Minor fix to the migration readme</li>
<li>Additional commits viewable in <a href="5d5d22a312...1746f4ab65">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.3.1&new-version=4.3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-18 22:33:05 +00:00
dependabot[bot] 00c21929f5
Bump github/codeql-action from 3.25.0 to 3.25.1 (#146953) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.0 to 3.25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.1 - 17 Apr 2024</h2>
<ul>
<li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li>
<li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li>
</ul>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
<p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p>
</li>
<li>
<p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p>
</li>
<li>
<p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p>
</li>
<li>
<p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p>
</li>
</ul>
<h2>3.24.10 - 05 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
</ul>
<h2>3.24.9 - 22 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li>
</ul>
<h2>3.24.8 - 18 Mar 2024</h2>
<ul>
<li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li>
</ul>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c7f9125735"><code>c7f9125</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2248">#2248</a> from github/update-v3.25.1-c4fb45143</li>
<li><a href="1c7e8b2cf2"><code>1c7e8b2</code></a> Update changelog for v3.25.1</li>
<li><a href="c4fb451437"><code>c4fb451</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2245">#2245</a> from github/henrymercer/ignore-already-specified-flags</li>
<li><a href="556b3bcfae"><code>556b3bc</code></a> Add changelog note</li>
<li><a href="ef66aeacbf"><code>ef66aea</code></a> Merge branch 'main' into henrymercer/ignore-already-specified-flags</li>
<li><a href="9b87e0a8c4"><code>9b87e0a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2241">#2241</a> from github/nickfyson/speculative-script-fix</li>
<li><a href="18111b696b"><code>18111b6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2235">#2235</a> from github/henrymercer/autobuild-with-direct-tracing</li>
<li><a href="ade98b980a"><code>ade98b9</code></a> Ensure <code>--overwrite</code> flag is only passed once</li>
<li><a href="8566d50a79"><code>8566d50</code></a> Add regression test for double <code>--overwrite</code></li>
<li><a href="453a95695a"><code>453a956</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2243">#2243</a> from github/dependabot/npm_and_yarn/npm-9b31496ffc</li>
<li>Additional commits viewable in <a href="df5a14dc28...c7f9125735">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.0&new-version=3.25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-17 22:38:15 +00:00
dependabot[bot] 86cf97300f
Bump peter-evans/create-pull-request from 6.0.3 to 6.0.4 (#146954) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.3 to 6.0.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v6.0.4</h2>
<p>⚡ Improves performance in some cases for very large git repositories.</p>
<h2>What's Changed</h2>
<ul>
<li>perf: limit the fetch depth of pr branch by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2857">peter-evans/create-pull-request#2857</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.3...v6.0.4">https://github.com/peter-evans/create-pull-request/compare/v6.0.3...v6.0.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9153d834b6"><code>9153d83</code></a> perf: limit the fetch depth of pr branch (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2857">#2857</a>)</li>
<li>See full diff in <a href="c55203cfde...9153d834b6">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6.0.3&new-version=6.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-17 22:34:47 +00:00
Pierre-Louis 4a65a76279
Reland: Update link branches to main (#146882) 
Reland https://github.com/flutter/flutter/pull/146558, reverted in https://github.com/flutter/flutter/pull/146880 due to an outdated test result

## Original description

- Update CS and googlesource.com link branches
- Update GitHub /blob/ and /tree/ links

Tested links manually and fixes a few broken or deprecated links

Added a test that validates that `master` isn't used, except for specified repos.

Part of https://github.com/flutter/flutter/issues/121564
 2024-04-17 13:16:33 +00:00
Pierre-Louis 33a9643b5d
Revert "Update link branches to main" (#146880) 
Reverts flutter/flutter#146558

Causes failure
 2024-04-17 13:25:18 +02:00
Pierre-Louis 072b8874a0
Update link branches to main (#146558) 
- Update CS and googlesource.com link branches
- Update GitHub /blob/ and /tree/ links

Tested links manually and fixes a few broken or deprecated links

Added a test that validates that `master` isn't used, except for
specified repos.

Part of https://github.com/flutter/flutter/issues/121564

## Pre-launch Checklist

- [x] I read the [Contributor Guide] and followed the process outlined
there for submitting PRs.
- [x] I read the [Tree Hygiene] wiki page, which explains my
responsibilities.
- [x] I read and followed the [Flutter Style Guide], including [Features
we expect every widget to implement].
- [x] I signed the [CLA].
- [x] I listed at least one issue that this PR fixes in the description
above.
- [x] I updated/added relevant documentation (doc comments with `///`).
- [x] I added new tests to check the change I am making, or this PR is
[test-exempt].
- [x] I followed the [breaking change policy] and added [Data Driven
Fixes] where supported.
- [x] All existing and new tests are passing.

If you need help, consider asking for advice on the #hackers-new channel
on [Discord].

<!-- Links -->
[Contributor Guide]:
https://github.com/flutter/flutter/wiki/Tree-hygiene#overview
[Tree Hygiene]: https://github.com/flutter/flutter/wiki/Tree-hygiene
[test-exempt]:
https://github.com/flutter/flutter/wiki/Tree-hygiene#tests
[Flutter Style Guide]:
https://github.com/flutter/flutter/wiki/Style-guide-for-Flutter-repo
[Features we expect every widget to implement]:
https://github.com/flutter/flutter/wiki/Style-guide-for-Flutter-repo#features-we-expect-every-widget-to-implement
[CLA]: https://cla.developers.google.com/
[flutter/tests]: https://github.com/flutter/tests
[breaking change policy]:
https://github.com/flutter/flutter/wiki/Tree-hygiene#handling-breaking-changes
[Discord]: https://github.com/flutter/flutter/wiki/Chat
[Data Driven Fixes]:
https://github.com/flutter/flutter/wiki/Data-driven-Fixes
 2024-04-17 09:44:23 +02:00
dependabot[bot] 38dcca9081
Bump github/codeql-action from 3.24.10 to 3.25.0 (#146784) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.10 to 3.25.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.25.0 - 15 Apr 2024</h2>
<ul>
<li>
<p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p>
<p>As a result, the following inputs and environment variables are now ignored:</p>
<ul>
<li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li>
<li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li>
</ul>
<p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p>
</li>
<li>
<p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p>
</li>
<li>
<p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p>
</li>
<li>
<p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p>
</li>
</ul>
<h2>3.24.10 - 05 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
</ul>
<h2>3.24.9 - 22 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li>
</ul>
<h2>3.24.8 - 18 Mar 2024</h2>
<ul>
<li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li>
</ul>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="df5a14dc28"><code>df5a14d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2238">#2238</a> from github/update-v3.25.0-2b2cee522</li>
<li><a href="3f70eaa4d3"><code>3f70eaa</code></a> Update changelog for v3.25.0</li>
<li><a href="2b2cee5229"><code>2b2cee5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2234">#2234</a> from github/mbg/clearer-file-command-failure</li>
<li><a href="4fcf7a216c"><code>4fcf7a2</code></a> Add changelog entry</li>
<li><a href="d30d1cabb4"><code>d30d1ca</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2237">#2237</a> from github/henrymercer/more-configuration-errors</li>
<li><a href="55585360a3"><code>5558536</code></a> Add configuration error for unsupported build mode</li>
<li><a href="fa75c144b4"><code>fa75c14</code></a> Capture rate limit and ref not existing config errors</li>
<li><a href="5a599c68cf"><code>5a599c6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2236">#2236</a> from github/henrymercer/feature-flags-with-tool-feat...</li>
<li><a href="829376a618"><code>829376a</code></a> Allow feature flags to specify tool feature requirements</li>
<li><a href="efc474680f"><code>efc4746</code></a> Downgrade log levels for some messages to debug</li>
<li>Additional commits viewable in <a href="4355270be1...df5a14dc28">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.10&new-version=3.25.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-15 22:26:15 +00:00
dependabot[bot] c845a78838
Bump peter-evans/create-pull-request from 6.0.2 to 6.0.3 (#146702) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.2 to 6.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v6.0.3</h2>
<p>⚡ Improves performance of the <code>push-to-fork</code> feature.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.23 to 18.19.25 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2826">peter-evans/create-pull-request#2826</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.25 to 18.19.26 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2831">peter-evans/create-pull-request#2831</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.26 to 18.19.28 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2836">peter-evans/create-pull-request#2836</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.28 to 18.19.31 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2842">peter-evans/create-pull-request#2842</a></li>
<li>fix: drop unnecessary fetch with unshallow on push-to-fork by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2849">peter-evans/create-pull-request#2849</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.2...v6.0.3">https://github.com/peter-evans/create-pull-request/compare/v6.0.2...v6.0.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c55203cfde"><code>c55203c</code></a> fix: drop unnecessary fetch with unshallow on push-to-fork (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2849">#2849</a>)</li>
<li><a href="6ce4eca6b6"><code>6ce4eca</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.28 to 18.19.31 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2842">#2842</a>)</li>
<li><a href="36ef0ed92f"><code>36ef0ed</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.26 to 18.19.28 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2836">#2836</a>)</li>
<li><a href="8500972a13"><code>8500972</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.25 to 18.19.26 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2831">#2831</a>)</li>
<li><a href="bda5ade93c"><code>bda5ade</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.23 to 18.19.25 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2826">#2826</a>)</li>
<li>See full diff in <a href="70a41aba78...c55203cfde">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6.0.2&new-version=6.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-12 22:07:55 +00:00
dependabot[bot] 237d88510f
Bump codecov/codecov-action from 4.2.0 to 4.3.0 (#146528) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.2.0 to 4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: automatically detect if using GitHub enterprise by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1356">codecov/codecov-action#1356</a></li>
<li>build(deps-dev): bump typescript from 5.4.3 to 5.4.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1355">codecov/codecov-action#1355</a></li>
<li>build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1360">codecov/codecov-action#1360</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.5.0 to 7.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1364">codecov/codecov-action#1364</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.5.0 to 7.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1363">codecov/codecov-action#1363</a></li>
<li>feat: add network params by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1365">codecov/codecov-action#1365</a></li>
<li>build(deps): bump undici from 5.28.3 to 5.28.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1361">codecov/codecov-action#1361</a></li>
<li>chore(release): v4.3.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1366">codecov/codecov-action#1366</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.2.0...v4.3.0">https://github.com/codecov/codecov-action/compare/v4.2.0...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="84508663e9"><code>8450866</code></a> chore(release): v4.3.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1366">#1366</a>)</li>
<li><a href="e8419092e9"><code>e841909</code></a> build(deps): bump undici from 5.28.3 to 5.28.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1361">#1361</a>)</li>
<li><a href="363a65ad48"><code>363a65a</code></a> feat: add network params (<a href="https://redirect.github.com/codecov/codecov-action/issues/1365">#1365</a>)</li>
<li><a href="640b86a455"><code>640b86a</code></a> build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 7.5.0 to 7.6.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1363">#1363</a>)</li>
<li><a href="375c033fbe"><code>375c033</code></a> build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> from 7.5.0 to 7.6.0 (#...</li>
<li><a href="d701256d7a"><code>d701256</code></a> build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1360">#1360</a>)</li>
<li><a href="0bb547ab49"><code>0bb547a</code></a> build(deps-dev): bump typescript from 5.4.3 to 5.4.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1355">#1355</a>)</li>
<li><a href="55e8381a3e"><code>55e8381</code></a> fix: automatically detect if using GitHub enterprise (<a href="https://redirect.github.com/codecov/codecov-action/issues/1356">#1356</a>)</li>
<li>See full diff in <a href="7afa10ed9b...84508663e9">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.2.0&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-09 21:43:18 +00:00
dependabot[bot] 86c8565050
Bump github/codeql-action from 3.24.9 to 3.24.10 (#146368) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.9 to 3.24.10.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.24.10 - 05 Apr 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
</ul>
<h2>3.24.9 - 22 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li>
</ul>
<h2>3.24.8 - 18 Mar 2024</h2>
<ul>
<li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li>
</ul>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
<h2>3.24.4 - 21 Feb 2024</h2>
<ul>
<li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li>
</ul>
<h2>3.24.3 - 15 Feb 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li>
</ul>
<h2>3.24.2 - 15 Feb 2024</h2>
<ul>
<li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li>
</ul>
<h2>3.24.1 - 13 Feb 2024</h2>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="4355270be1"><code>4355270</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2226">#2226</a> from github/update-v3.24.10-7df281f2f</li>
<li><a href="3f041c51a5"><code>3f041c5</code></a> Update changelog for v3.24.10</li>
<li><a href="7df281f2fe"><code>7df281f</code></a> Gracefully continue if <code>createStatusReportBase</code> throws (<a href="https://redirect.github.com/github/codeql-action/issues/2225">#2225</a>)</li>
<li><a href="f421cda8e7"><code>f421cda</code></a> Run integration test PR checks nightly (<a href="https://redirect.github.com/github/codeql-action/issues/2222">#2222</a>)</li>
<li><a href="5f535debfe"><code>5f535de</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2221">#2221</a> from github/nickfyson/upload-logging</li>
<li><a href="278465cdfb"><code>278465c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2219">#2219</a> from github/update-bundle/codeql-bundle-v2.17.0</li>
<li><a href="65e69c8a4b"><code>65e69c8</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.17.0</li>
<li><a href="c037115ddf"><code>c037115</code></a> clarify logging in response to pr review comments</li>
<li><a href="d3c32a84cb"><code>d3c32a8</code></a> fix test to respect updated logging behaviour</li>
<li><a href="26540626a5"><code>2654062</code></a> Merge branch 'main' into nickfyson/upload-logging</li>
<li>Additional commits viewable in <a href="1b1aada464...4355270be1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.9&new-version=3.24.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-05 22:14:07 +00:00
dependabot[bot] 7330045768
Bump codecov/codecov-action from 4.1.1 to 4.2.0 (#146310) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.1 to 4.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): update deps by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1351">codecov/codecov-action#1351</a></li>
<li>feat: allow for authentication via OIDC token by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1330">codecov/codecov-action#1330</a></li>
<li>fix: use_oidc shoudl be required false by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1353">codecov/codecov-action#1353</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.1.1...v4.2.0">https://github.com/codecov/codecov-action/compare/v4.1.1...v4.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="7afa10ed9b"><code>7afa10e</code></a> fix: use_oidc shoudl be required false (<a href="https://redirect.github.com/codecov/codecov-action/issues/1353">#1353</a>)</li>
<li><a href="d820d60619"><code>d820d60</code></a> feat: allow for authentication via OIDC token (<a href="https://redirect.github.com/codecov/codecov-action/issues/1330">#1330</a>)</li>
<li><a href="3a20752bdd"><code>3a20752</code></a> chore(deps): update deps (<a href="https://redirect.github.com/codecov/codecov-action/issues/1351">#1351</a>)</li>
<li>See full diff in <a href="c16abc29c9...7afa10ed9b">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.1.1&new-version=4.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-04-04 22:47:10 +00:00
dependabot[bot] d2a193804b
Bump codecov/codecov-action from 4.1.0 to 4.1.1 (#145787) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.0 to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p>
<blockquote>
<h2>v4.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1315">codecov/codecov-action#1315</a></li>
<li>build(deps-dev): bump typescript from 5.3.3 to 5.4.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1319">codecov/codecov-action#1319</a></li>
<li>Removed mention of Mercurial by <a href="https://github.com/drazisil-codecov"><code>@​drazisil-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1325">codecov/codecov-action#1325</a></li>
<li>build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1332">codecov/codecov-action#1332</a></li>
<li>build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1331">codecov/codecov-action#1331</a></li>
<li>fix: force version by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1329">codecov/codecov-action#1329</a></li>
<li>build(deps-dev): bump typescript from 5.4.2 to 5.4.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1334">codecov/codecov-action#1334</a></li>
<li>build(deps): bump undici from 5.28.2 to 5.28.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1338">codecov/codecov-action#1338</a></li>
<li>build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1341">codecov/codecov-action#1341</a></li>
<li>fix: typo in disable_safe_directory by <a href="https://github.com/mkroening"><code>@​mkroening</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1343">codecov/codecov-action#1343</a></li>
<li>chore(release): 4.1.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1344">codecov/codecov-action#1344</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mkroening"><code>@​mkroening</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1343">codecov/codecov-action#1343</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.1.0...v4.1.1">https://github.com/codecov/codecov-action/compare/v4.1.0...v4.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p>
<blockquote>
<h2>4.0.0-beta.2</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/1085">#1085</a> not adding -n if empty to do-upload command</li>
</ul>
<h2>4.0.0-beta.1</h2>
<p><code>v4</code> represents a move from the <a href="https://github.com/codecov/uploader">universal uploader</a> to the <a href="https://github.com/codecov/codecov-cli">Codecov CLI</a>. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.</p>
<h3>Breaking Changes</h3>
<ul>
<li>No current support for <code>aarch64</code> and <code>alpine</code> architectures.</li>
<li>Tokenless uploading is unsuported</li>
<li>Various arguments to the Action have been removed</li>
</ul>
<h2>3.1.4</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a> Fix typo in README.md</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a> fix: add back in working dir</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a> fix: CLI option names for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to 18.16.3</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a> build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to 20.1.2</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a> build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to 20.1.4</li>
</ul>
<h2>3.1.3</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a> fix: allow for aarch64 build</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a> build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a> build(deps): bump openpgp from 5.7.0 to 5.8.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to 18.15.12</li>
</ul>
<h2>3.1.2</h2>
<h3>Fixes</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/718">#718</a> Update README.md</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/851">#851</a> Remove unsupported path_to_write_report argument</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/898">#898</a> codeql-analysis.yml</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/901">#901</a> Update README to contain correct information - inputs and negate feature</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/955">#955</a> fix: add in all the extra arguments for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/819">#819</a> build(deps): bump openpgp from 5.4.0 to 5.5.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/835">#835</a> build(deps): bump node-fetch from 3.2.4 to 3.2.10</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/840">#840</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/841">#841</a> build(deps): bump <code>@​actions/core</code> from 1.9.1 to 1.10.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/843">#843</a> build(deps): bump <code>@​actions/github</code> from 5.0.3 to 5.1.1</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/869">#869</a> build(deps): bump node-fetch from 3.2.10 to 3.3.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/872">#872</a> build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li>
<li><a href="https://redirect.github.com/codecov/codecov-action/issues/879">#879</a> build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c16abc29c9"><code>c16abc2</code></a> chore(release): 4.1.1 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1344">#1344</a>)</li>
<li><a href="3e33441c19"><code>3e33441</code></a> fix: typo in disable_safe_directory (<a href="https://redirect.github.com/codecov/codecov-action/issues/1343">#1343</a>)</li>
<li><a href="85aacc9654"><code>85aacc9</code></a> build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1341">#1341</a>)</li>
<li><a href="4ea9be0fa3"><code>4ea9be0</code></a> build(deps): bump undici from 5.28.2 to 5.28.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1338">#1338</a>)</li>
<li><a href="164fadeaa7"><code>164fade</code></a> build(deps-dev): bump typescript from 5.4.2 to 5.4.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1334">#1334</a>)</li>
<li><a href="4621ecce09"><code>4621ecc</code></a> fix: force version (<a href="https://redirect.github.com/codecov/codecov-action/issues/1329">#1329</a>)</li>
<li><a href="251ba34669"><code>251ba34</code></a> build(deps): bump actions/checkout from 4.1.1 to 4.1.2 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1331">#1331</a>)</li>
<li><a href="5a593a5341"><code>5a593a5</code></a> build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1332">#1332</a>)</li>
<li><a href="a15c0e43ca"><code>a15c0e4</code></a> Removed mention of Mercurial (<a href="https://redirect.github.com/codecov/codecov-action/issues/1325">#1325</a>)</li>
<li><a href="8be6ba5782"><code>8be6ba5</code></a> build(deps-dev): bump typescript from 5.3.3 to 5.4.2 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1319">#1319</a>)</li>
<li>Additional commits viewable in <a href="54bcd8715e...c16abc29c9">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.1.0&new-version=4.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-26 22:16:06 +00:00
dependabot[bot] 5b6a121dc5
Bump github/codeql-action from 3.24.8 to 3.24.9 (#145627) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.8 to 3.24.9.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.24.9 - 22 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li>
</ul>
<h2>3.24.8 - 18 Mar 2024</h2>
<ul>
<li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li>
</ul>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
<h2>3.24.4 - 21 Feb 2024</h2>
<ul>
<li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li>
</ul>
<h2>3.24.3 - 15 Feb 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li>
</ul>
<h2>3.24.2 - 15 Feb 2024</h2>
<ul>
<li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li>
</ul>
<h2>3.24.1 - 13 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li>
<li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li>
</ul>
<h2>3.24.0 - 02 Feb 2024</h2>
<ul>
<li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1b1aada464"><code>1b1aada</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2208">#2208</a> from github/update-v3.24.9-09d4101d2</li>
<li><a href="6505708f95"><code>6505708</code></a> Update changelog for v3.24.9</li>
<li><a href="09d4101d2b"><code>09d4101</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2203">#2203</a> from github/update-bundle/codeql-bundle-v2.16.5</li>
<li><a href="a3ab02e645"><code>a3ab02e</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.16.5</li>
<li><a href="9cf4574790"><code>9cf4574</code></a> Add changelog note</li>
<li><a href="964f5e7811"><code>964f5e7</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2207">#2207</a> from github/henrymercer/more-processing-error-catego...</li>
<li><a href="9c0c35b370"><code>9c0c35b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2206">#2206</a> from github/henrymercer/improved-autobuild-error-wit...</li>
<li><a href="c84e4c8e7b"><code>c84e4c8</code></a> Mark some more processing errors as invalid SARIF upload requests</li>
<li><a href="4aca720110"><code>4aca720</code></a> Improve error message when using build modes and autobuild fails</li>
<li><a href="7f375aeb76"><code>7f375ae</code></a> Wrap configuration errors for all CLI commands</li>
<li>Additional commits viewable in <a href="05963f47d8...1b1aada464">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.8&new-version=3.24.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-23 01:25:27 +00:00
dependabot[bot] ed2c7eda89
Bump github/codeql-action from 3.24.7 to 3.24.8 (#145358) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.7 to 3.24.8.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.24.8 - 18 Mar 2024</h2>
<ul>
<li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li>
</ul>
<h2>3.24.7 - 12 Mar 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li>
</ul>
<h2>3.24.6 - 29 Feb 2024</h2>
<p>No user facing changes.</p>
<h2>3.24.5 - 23 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li>
</ul>
<h2>3.24.4 - 21 Feb 2024</h2>
<ul>
<li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li>
</ul>
<h2>3.24.3 - 15 Feb 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li>
</ul>
<h2>3.24.2 - 15 Feb 2024</h2>
<ul>
<li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li>
</ul>
<h2>3.24.1 - 13 Feb 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li>
<li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li>
</ul>
<h2>3.24.0 - 02 Feb 2024</h2>
<ul>
<li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li>
</ul>
<h2>3.23.2 - 26 Jan 2024</h2>
<ul>
<li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="05963f47d8"><code>05963f4</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2200">#2200</a> from github/update-v3.24.8-1ecc2779e</li>
<li><a href="2b9b521560"><code>2b9b521</code></a> Update changelog for v3.24.8</li>
<li><a href="1ecc2779e9"><code>1ecc277</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2198">#2198</a> from github/henrymercer/improve-tracking-autobuild-e...</li>
<li><a href="e28ae3a84c"><code>e28ae3a</code></a> Add config error for Swift build failures</li>
<li><a href="bddfc7c6d5"><code>bddfc7c</code></a> Add config error for Gradle build failures</li>
<li><a href="3edd1bf725"><code>3edd1bf</code></a> Truncate autobuild errors to 10 lines</li>
<li><a href="88a0b7abb3"><code>88a0b7a</code></a> Mark Maven build failures as configuration errors</li>
<li><a href="88b28eb70d"><code>88b28eb</code></a> Surface autobuild errors from stderr stream</li>
<li><a href="f055b5e672"><code>f055b5e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2197">#2197</a> from github/henrymercer/log-job-status</li>
<li><a href="0d680ab61c"><code>0d680ab</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2196">#2196</a> from github/henrymercer/update-packs-input-description</li>
<li>Additional commits viewable in <a href="3ab4101902...05963f47d8">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.24.7&new-version=3.24.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-18 22:24:06 +00:00
dependabot[bot] 5b006bf50c
Bump actions/checkout from 4.1.1 to 4.1.2 (#145032) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.2</h2>
<p>We are investigating the following issue with this release and have rolled-back the <code>v4</code> tag to point to <code>v4.1.1</code></p>
<ul>
<li><code>sparse-checkout</code> is not available on git versions prior to 2.27.0 (see <a href="https://redirect.github.com/actions/checkout/issues/1651">actions/checkout#1651</a>)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
<li>Bump tough-cookie from 4.0.0 to 4.1.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1406">actions/checkout#1406</a></li>
<li>Bump <code>@​babel/traverse</code> from 7.20.5 to 7.24.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1642">actions/checkout#1642</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jww3"><code>@​jww3</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1616">actions/checkout#1616</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.1...v4.1.2">https://github.com/actions/checkout/compare/v4.1.1...v4.1.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@​actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1045">Implement branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942">Add GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix status badge</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1002">Replace datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap pipeline commands for submoduleForeach in quotes</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1029">Update <code>@​actions/io</code> to 1.1.2</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9bb56186c3"><code>9bb5618</code></a> Prep for release of  v4.1.2  (<a href="https://redirect.github.com/actions/checkout/issues/1649">#1649</a>)</li>
<li><a href="8eb1f6a495"><code>8eb1f6a</code></a> Bump <code>@​babel/traverse</code> from 7.20.5 to 7.24.0 (<a href="https://redirect.github.com/actions/checkout/issues/1642">#1642</a>)</li>
<li><a href="556e4c3cb0"><code>556e4c3</code></a> Bump tough-cookie from 4.0.0 to 4.1.3 (<a href="https://redirect.github.com/actions/checkout/issues/1406">#1406</a>)</li>
<li><a href="b32f140b0c"><code>b32f140</code></a> Warn on attempts to publish <code>test-ubuntu-git</code> from non-main branch. (<a href="https://redirect.github.com/actions/checkout/issues/1623">#1623</a>)</li>
<li><a href="2650dbd060"><code>2650dbd</code></a> Give <code>test-ubuntu-git</code> its own <code>README</code> (<a href="https://redirect.github.com/actions/checkout/issues/1620">#1620</a>)</li>
<li><a href="aadec89964"><code>aadec89</code></a> Explicitly disable sparse checkout unless asked for (<a href="https://redirect.github.com/actions/checkout/issues/1598">#1598</a>)</li>
<li><a href="df0bcddf6d"><code>df0bcdd</code></a> Refine workflow for generating <code>test-ubuntu-git</code> (<a href="https://redirect.github.com/actions/checkout/issues/1617">#1617</a>)</li>
<li><a href="473055ba18"><code>473055b</code></a> Create <code>test-ubuntu-git</code> Docker Container for Proxy Tests (<a href="https://redirect.github.com/actions/checkout/issues/1616">#1616</a>)</li>
<li>See full diff in <a href="b4ffde65f4...9bb56186c3">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.1&new-version=4.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-03-12 22:35:56 +00:00