search

eclipse-cbi / org.eclipse.cbi

CBI Maven plugins and Webservices
https://eclipse-cbi.github.io/org.eclipse.cbi/
Eclipse Public License 2.0
1 stars 10 forks source link

build(deps): bump github/codeql-action from 2 to 3 #536

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps github/codeql-action from 2 to 3.

Release notes

Sourced from github/codeql-action's releases.

CodeQL Bundle v2.18.3

Bundles CodeQL CLI v2.18.3

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.18.3:

CodeQL Bundle v2.18.2

Bundles CodeQL CLI v2.18.2

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.18.2:

CodeQL Bundle v2.18.1

Bundles CodeQL CLI v2.18.1

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.18.1:

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

3.26.6 - 29 Aug 2024

  • Update default CodeQL bundle version to 2.18.3. #2449

3.26.5 - 23 Aug 2024

  • Fix an issue where the csrutil system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. #2441

3.26.4 - 21 Aug 2024

  • Deprecation: The add-snippets input on the analyze Action is deprecated and will be removed in the first release in August 2025. #2436
  • Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. #2434

3.26.3 - 19 Aug 2024

  • Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. #2430

3.26.2 - 14 Aug 2024

  • Update default CodeQL bundle version to 2.18.2. #2417

3.26.1 - 13 Aug 2024

No user facing changes.

3.26.0 - 06 Aug 2024

  • Deprecation: Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. #2403
  • Bump the minimum CodeQL bundle version to 2.13.5. #2408

3.25.15 - 26 Jul 2024

  • Update default CodeQL bundle version to 2.18.1. #2385

3.25.14 - 25 Jul 2024

  • Experimental: add a new start-proxy action which starts the same HTTP proxy as used by github/dependabot-action. Do not use this in production as it is part of an internal experiment and subject to change at any time. #2376

3.25.13 - 19 Jul 2024

  • Add codeql-version to outputs. #2368
  • Add a deprecation warning for customers using CodeQL version 2.13.4 and earlier. These versions of CodeQL were discontinued on 9 July 2024 alongside GitHub Enterprise Server 3.9, and will be unsupported by CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later. #2375
    • If you are using one of these versions, please update to CodeQL CLI version 2.13.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
    • Alternatively, if you want to continue using a version of the CodeQL CLI between 2.12.6 and 2.13.4, you can replace github/codeql-action/*@v3 by github/codeql-action/*@v3.25.13 and github/codeql-action/*@v2 by github/codeql-action/*@v2.25.13 in your code scanning workflow to ensure you continue using this version of the CodeQL Action.

3.25.12 - 12 Jul 2024

  • Improve the reliability and performance of analyzing code when analyzing a compiled language with the autobuild build mode on GitHub Enterprise Server. This feature is already available to GitHub.com users. #2353
  • Update default CodeQL bundle version to 2.18.0. #2364

... (truncated)

Commits
  • 903fb34 Update map file
  • 5033d85 Merge remote-tracking branch 'origin/main' into dbartol/config-file-telemetry
  • e885d9d Send config file path to telemetry status report
  • 7e27807 Only run check SIP enablement once in init step (#2441)
  • fd5fa13 Merge pull request #2438 from github/mergeback/v3.26.4-to-main-f0f3afee
  • 6f10eb0 Update checked-in dependencies
  • b15a247 Update changelog and version after v3.26.4
  • f0f3afe Merge main into releases/v3 (#2437)
  • e354359 Update changelog for v3.26.4
  • ae01f80 Merge pull request #2436 from rvermeulen/rvermeulen/deprecate-add-snippets
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
github-actions[bot] commented 2 months ago

License review requests:

After all reviews have concluded, re-run the license-vetting check from the Github Actions web-interface to update its status.

Workflow run (with attached summary files): https://github.com/eclipse-cbi/org.eclipse.cbi/actions/runs/10666046350