search

brave / omaha

Omaha for brave-browser
Apache License 2.0
20 stars 19 forks source link

Update github/codeql-action action to v3.26.2 #101

Closed renovate[bot] closed 2 months ago

renovate[bot] commented 2 months ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change Pending
github/codeql-action action patch v3.26.0 -> v3.26.2 v3.26.4 (+1)

Release Notes

github/codeql-action (github/codeql-action) ### [`v3.26.2`](https://togithub.com/github/codeql-action/compare/v3.26.1...v3.26.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.26.1...v3.26.2) ### [`v3.26.1`](https://togithub.com/github/codeql-action/compare/v3.26.0...v3.26.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.26.0...v3.26.1)

Configuration

📅 Schedule: Branch creation - " 0-4 * 3" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.

github-actions[bot] commented 2 months ago

[puLL-Merge] - github/codeql-action@v3.26.0..v3.26.2

Here's a description of the changes in this pull request:

Description

This PR updates several dependencies, modifies the CodeQL action implementation, and makes some improvements to error handling and diagnostics. The main changes include:

  1. Updating dependencies, including adm-zip, @typescript-eslint packages, and @eslint/js.
  2. Modifying the CodeQL setup process to include more detailed download and extraction timing information.
  3. Improving error handling and adding new error types.
  4. Enhancing the diagnostics system to support more detailed reporting.
  5. Updating the default CodeQL bundle version to 2.18.2.
  6. Adding support for packs and registries in status reports.
  7. Improving the handling of temporary folders in zip operations.
Changes ### Changes 1. `package.json`: - Updated version to 3.26.2 - Updated several dependencies 2. `src/codeql.ts`: - Modified `setupCodeQL` function to use `toolsDownloadStatusReport` instead of `toolsDownloadDurationMs` - Updated error handling and diagnostic reporting 3. `src/init-action.ts`: - Added support for packs and registries in status reports - Improved logging of CodeQL download telemetry 4. `src/setup-codeql.ts`: - Added `ToolsDownloadStatusReport` interface for more detailed download information - Updated `downloadCodeQL` function to return more detailed status information 5. `src/diagnostics.ts`: - Modified to support writing diagnostics for non-language-specific cases 6. `src/config-utils.ts`: - Added `parseRegistriesWithoutCredentials` function 7. `src/defaults.json`: - Updated CodeQL bundle and CLI versions to 2.18.2 8. Various test files: - Updated to reflect changes in the main code

Possible Issues

The changes to the CodeQL setup process and error handling may potentially introduce new edge cases or change existing behavior in unexpected ways. Thorough testing should be done to ensure compatibility with different environments and scenarios.

Security Hotspots

There are no significant security hotspots introduced by this change. However, the modifications to error handling and diagnostics should be reviewed to ensure they don't inadvertently expose sensitive information.