Open dependabot[bot] opened 9 months ago
Upgraded codeql-analysis.yml
Configuration
The configuration file which dictates how the CodeQL analysis is performed has been modified to work more efficiently.
Version Upgrade for the init
Action in CodeQL
The initial setup action for CodeQL, which prepares your project for analysis, was upgraded from version 2 to 3. This might introduce new features or performance improvements.
Version Upgrade for the autobuild
Action in CodeQL
The action in CodeQL responsible for automatically building your code so it can be analyzed, was updated from version 2 to 3. The new version could potentially build the project more reliably or faster.
Version Upgrade for the analyze
Action in CodeQL
The action responsible for doing the actual analysis of the built code has been updated from version 2 to 3. This should lead to an in-depth and more accurate security analysis of the codebase.
Bumps github/codeql-action from 2 to 3.
Release notes
Sourced from github/codeql-action's releases.
... (truncated)
Changelog
Sourced from github/codeql-action's changelog.
Commits
3a9f6a8
update javascript filescc4fead
update version in various hardcoded locations183559c
Merge branch 'main' into update-bundle/codeql-bundle-v2.15.45b52b36
reintroduce PR check that confirm action can be still be compiled on node165b19bef
change to node20 for all actionsf2d0c2e
upgrade node type definitionsd651fbc
change to node20 for all actions382a50a
Merge pull request #2021 from github/mergeback/v2.22.9-to-main-c0d1daa7458b422
Update checked-in dependencies5e0f9db
Update changelog and version after v2.22.9You can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show