Avoid printing out a warning for a missing on.push trigger when the CodeQL Action is triggered via a workflow_call event. #2274
The tools: latest input to the init Action has been renamed to tools: linked. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #2281
Commits
b7cec75 Merge pull request #2287 from github/update-v3.25.5-4a5197247
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the github-actions-dependencies group with 2 updates: github/codeql-action and codecov/codecov-action.
Updates
github/codeql-action
from 3.25.4 to 3.25.5Changelog
Sourced from github/codeql-action's changelog.
Commits
b7cec75
Merge pull request #2287 from github/update-v3.25.5-4a51972476778fe4
Update changelog for v3.25.54a51972
Merge pull request #2280 from github/henrymercer/on-demand-ffsa8c32fd
Merge pull request #2283 from github/henrymercer/disable-fail-fastf73b0b7
Disable fail fast for non-generated workflowsc59e052
Disable fail fast in generated workflows33e416c
Comment thatlegacyApi
is false by default67f8a36
Merge branch 'main' into henrymercer/on-demand-ffs4995c49
Merge pull request #2282 from github/henrymercer/no-build-mode-tracing-improv...def4d2c
Merge pull request #2273 from github/aeisenberg/specify-versionsUpdates
codecov/codecov-action
from 4.3.1 to 4.4.0Release notes
Sourced from codecov/codecov-action's releases.
Commits
6d79887
chore(release): 4.4.0 (#1430)37364fa
build(deps-dev): bump@typescript-eslint/parser
from 7.8.0 to 7.9.0 (#1428)2791a5c
fix: remove GPG and run on spawn (#1426)b71af43
build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#1420)29f97fc
build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 (#1421)645d2a5
build(deps): bump actions/checkout from 4.1.4 to 4.1.5 (#1423)f691d46
chore: Clarify isPullRequestFromFork (#1411)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show