DeveloperMetrics / DevOpsMetrics

A project to extract and process high performing DevOps metrics (DORA) from GitHub and Azure DevOps
MIT License
250 stars 46 forks source link

Bump github/codeql-action from 2 to 3 #1019

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 7 months ago

Bumps github/codeql-action from 2 to 3.

Release notes

Sourced from github/codeql-action's releases.

CodeQL Bundle v2.16.6

Bundles CodeQL CLI v2.16.6

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.6:

CodeQL Bundle v2.16.5

Bundles CodeQL CLI v2.16.5

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.5:

CodeQL Bundle v2.16.4

Bundles CodeQL CLI v2.16.4

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.4:

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

3.24.9 - 22 Mar 2024

  • Update default CodeQL bundle version to 2.16.5. #2203

3.24.8 - 18 Mar 2024

  • Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. #2195

3.24.7 - 12 Mar 2024

  • Update default CodeQL bundle version to 2.16.4. #2185

3.24.6 - 29 Feb 2024

No user facing changes.

3.24.5 - 23 Feb 2024

  • Update default CodeQL bundle version to 2.16.3. #2156

3.24.4 - 21 Feb 2024

  • Fix an issue where an existing, but empty, /sys/fs/cgroup/cpuset.cpus file always resulted in a single-threaded run. #2151

3.24.3 - 15 Feb 2024

  • Fix an issue where the CodeQL Action would fail to load a configuration specified by the config input to the init Action. #2147

3.24.2 - 15 Feb 2024

  • Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. #2141

3.24.1 - 13 Feb 2024

  • Update default CodeQL bundle version to 2.16.2. #2124
  • The CodeQL action no longer fails if it can't write to the telemetry api endpoint. #2121

3.24.0 - 02 Feb 2024

  • CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See release notes for 3.23.0 for more details. #2106

3.23.2 - 26 Jan 2024

  • On Linux, the maximum possible value for the --threads option now respects the CPU count as specified in cgroup files to more accurately reflect the number of available cores when running in containers. #2083
  • Update default CodeQL bundle version to 2.16.1. #2096

3.23.1 - 17 Jan 2024

  • Update default CodeQL bundle version to 2.16.0. #2073
  • Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. #2079

... (truncated)

Commits
  • 4b2a786 Update changelog and version after v3.24.8
  • 05963f4 Merge pull request #2200 from github/update-v3.24.8-1ecc2779e
  • 2b9b521 Update changelog for v3.24.8
  • 1ecc277 Merge pull request #2198 from github/henrymercer/improve-tracking-autobuild-e...
  • e28ae3a Add config error for Swift build failures
  • bddfc7c Add config error for Gradle build failures
  • 3edd1bf Truncate autobuild errors to 10 lines
  • 88a0b7a Mark Maven build failures as configuration errors
  • 88b28eb Surface autobuild errors from stderr stream
  • f055b5e Merge pull request #2197 from github/henrymercer/log-job-status
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 6 months ago

Looks like github/codeql-action is up-to-date now, so this is no longer needed.