hyriver / py3dep

A part of HyRiver software stack for getting topography data within the US through 3D Elevation Program (3DEP)
https://docs.hyriver.io
Other
42 stars 7 forks source link

BOT: [skip ci] Bump github/codeql-action from 1 to 2 #49

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps github/codeql-action from 1 to 2.

Changelog

Sourced from github/codeql-action's changelog.

2.1.8 - 08 Apr 2022

  • Update default CodeQL bundle version to 2.8.5. #1014
  • Fix error where the init action would fail due to a GitHub API request that was taking too long to complete #1025

2.1.7 - 05 Apr 2022

  • A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. #1018

2.1.6 - 30 Mar 2022

  • [v2+ only] The CodeQL Action now runs on Node.js v16. #1000
  • Update default CodeQL bundle version to 2.8.4. #990
  • Fix a bug where an invalid commit_oid was being sent to code scanning when a custom checkout path was being used. #956
Commits
  • 2c03704 Allow the version of the ML-powered pack to depend on the CLI version
  • dd6b592 Simplify ML-powered query status report definition
  • a90d8bf Merge pull request #1011 from github/henrymercer/ml-powered-queries-pr-check
  • dc0338e Use latest major version of actions/upload-artifact
  • 57096fe Add a PR check to validate that ML-powered queries are run correctly
  • b0ddf36 Merge pull request #1012 from github/henrymercer/update-actions-major-versions
  • 1ea2f2d Merge branch 'main' into henrymercer/update-actions-major-versions
  • 9dcc141 Merge pull request #1010 from github/henrymercer/stop-running-ml-powered-quer...
  • ea751a9 Update other Actions from v2 to v3
  • a2949f4 Update actions/checkout from v2 to v3
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
sonarcloud[bot] commented 2 years ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information