Skip to content

Commit 453e489

Browse files
authored
build(deps): bump github/codeql-action from 3.28.0 to 3.28.1 [skip ci]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.0 to 3.28.1. Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v3.28.1 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 3.28.1 - 10 Jan 2025 > -------------------- > > * CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see [this changelog post](https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/). [#2677](https://redirect.github.com/github/codeql-action/pull/2677) > * Update default CodeQL bundle version to 2.20.1. [#2678](https://redirect.github.com/github/codeql-action/pull/2678) > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.28.1/CHANGELOG.md) for more information. Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 3.28.1 - 10 Jan 2025 > -------------------- > > * CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see [this changelog post](https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/). [#2677](https://redirect.github.com/github/codeql-action/pull/2677) > * Update default CodeQL bundle version to 2.20.1. [#2678](https://redirect.github.com/github/codeql-action/pull/2678) > > 3.28.0 - 20 Dec 2024 > -------------------- > > * Bump the minimum CodeQL bundle version to 2.15.5. [#2655](https://redirect.github.com/github/codeql-action/pull/2655) > * Don't fail in the unusual case that a file is on the search path. [#2660](https://redirect.github.com/github/codeql-action/pull/2660). > > 3.27.9 - 12 Dec 2024 > -------------------- > > No user facing changes. > > 3.27.8 - 12 Dec 2024 > -------------------- > > * Fixed an issue where streaming the download and extraction of the CodeQL bundle did not respect proxy settings. [#2624](https://redirect.github.com/github/codeql-action/pull/2624) > > 3.27.7 - 10 Dec 2024 > -------------------- > > * We are rolling out a change in December 2024 that will extract the CodeQL bundle directly to the toolcache to improve performance. [#2631](https://redirect.github.com/github/codeql-action/pull/2631) > * Update default CodeQL bundle version to 2.20.0. [#2636](https://redirect.github.com/github/codeql-action/pull/2636) > > 3.27.6 - 03 Dec 2024 > -------------------- > > * Update default CodeQL bundle version to 2.19.4. [#2626](https://redirect.github.com/github/codeql-action/pull/2626) > > 3.27.5 - 19 Nov 2024 > -------------------- > > No user facing changes. > > 3.27.4 - 14 Nov 2024 > -------------------- > > No user facing changes. > > 3.27.3 - 12 Nov 2024 > -------------------- > > No user facing changes. > > 3.27.2 - 12 Nov 2024 > -------------------- > > * Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". [#2590](https://redirect.github.com/github/codeql-action/pull/2590) ... (truncated) Commits * [`b6a472f`](github/codeql-action@b6a472f) Merge pull request [#2681](https://redirect.github.com/github/codeql-action/issues/2681) from github/update-v3.28.1-ea6acbfea * [`bb999b4`](github/codeql-action@bb999b4) Update changelog for v3.28.1 * [`ea6acbf`](github/codeql-action@ea6acbf) Merge pull request [#2677](https://redirect.github.com/github/codeql-action/issues/2677) from github/angelapwen/deprecate-action-v2 * [`4df151e`](github/codeql-action@4df151e) Merge branch 'main' into angelapwen/deprecate-action-v2 * [`a05a7eb`](github/codeql-action@a05a7eb) Fix PR number in changenote * [`8d2753b`](github/codeql-action@8d2753b) Add public changelog blog post link * [`e83e0a4`](github/codeql-action@e83e0a4) Merge pull request [#2673](https://redirect.github.com/github/codeql-action/issues/2673) from github/dependabot/npm\_and\_yarn/npm-877f465710 * [`b7ff308`](github/codeql-action@b7ff308) Merge pull request [#2678](https://redirect.github.com/github/codeql-action/issues/2678) from github/update-bundle/codeql-bundle-v2.20.1 * [`1aa16c2`](github/codeql-action@1aa16c2) Merge branch 'main' into update-bundle/codeql-bundle-v2.20.1 * [`fb65b6c`](github/codeql-action@fb65b6c) Merge pull request [#2672](https://redirect.github.com/github/codeql-action/issues/2672) from github/mbg/start-proxy/include-type-in-urls-output * Additional commits viewable in [compare view](github/codeql-action@48ab28a...b6a472f) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility\_score?dependency-name=github/codeql-action&package-manager=github\_actions&previous-version=3.28.0&new-version=3.28.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
2 parents 683e480 + c4bdb53 commit 453e489

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

.github/workflows/meterian.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ jobs:
2626
with:
2727
cli_args: "--report-sarif=report.sarif"
2828
oss: true
29-
- uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
29+
- uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
3030
if: success() || failure()
3131
with:
3232
sarif_file: report.sarif

0 commit comments

Comments
 (0)