Bump github/codeql-action from 2 to 3

[dependabot[bot]]

Bumps github/codeql-action from 2 to 3.

Release notes

Sourced from github/codeql-action's releases.

CodeQL Bundle v2.15.4

Bundles CodeQL CLI v2.15.4

• (changelog, release)

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.15.4:

• codeql/cpp-queries (changelog, source)
• codeql/cpp-all (changelog, source)
• codeql/csharp-queries (changelog, source)
• codeql/csharp-all (changelog, source)
• codeql/go-queries (changelog, source)
• codeql/go-all (changelog, source)
• codeql/java-queries (changelog, source)
• codeql/java-all (changelog, source)
• codeql/javascript-queries (changelog, source)
• codeql/javascript-all (changelog, source)
• codeql/python-queries (changelog, source)
• codeql/python-all (changelog, source)
• codeql/ruby-queries (changelog, source)
• codeql/ruby-all (changelog, source)
• codeql/swift-queries (changelog, source)
• codeql/swift-all (changelog, source)

CodeQL Bundle

Bundles CodeQL CLI v2.15.3

• (changelog, release)

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.15.3:

• codeql/cpp-queries (changelog, source)
• codeql/cpp-all (changelog, source)
• codeql/csharp-queries (changelog, source)
• codeql/csharp-all (changelog, source)
• codeql/go-queries (changelog, source)
• codeql/go-all (changelog, source)
• codeql/java-queries (changelog, source)
• codeql/java-all (changelog, source)
• codeql/javascript-queries (changelog, source)
• codeql/javascript-all (changelog, source)
• codeql/python-queries (changelog, source)
• codeql/python-all (changelog, source)
• codeql/ruby-queries (changelog, source)
• codeql/ruby-all (changelog, source)
• codeql/swift-queries (changelog, source)
• codeql/swift-all (changelog, source)

CodeQL Bundle

Bundles CodeQL CLI v2.15.2

• (changelog, release)

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.15.2:

• codeql/cpp-queries (changelog, source)

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

Commits

• 3a9f6a8 update javascript files
• cc4fead update version in various hardcoded locations
• 183559c Merge branch 'main' into update-bundle/codeql-bundle-v2.15.4
• 5b52b36 reintroduce PR check that confirm action can be still be compiled on node16
• 5b19bef change to node20 for all actions
• f2d0c2e upgrade node type definitions
• d651fbc change to node20 for all actions
• 382a50a Merge pull request #2021 from github/mergeback/v2.22.9-to-main-c0d1daa7
• 458b422 Update checked-in dependencies
• 5e0f9db Update changelog and version after v2.22.9
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Comparison is base (feedf3b) 61.99% compared to head (f645b13) 61.99%.

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #119 +/- ## ======================================= Coverage 61.99% 61.99% ======================================= Files 162 162 Lines 3268 3268 Branches 882 882 ======================================= Hits 2026 2026 Misses 817 817 Partials 425 425 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[github-actions[bot]]

Qodana Community for JVM

501 new problems were found

Inspection name	Severity	Problems
Constant conditions	🔶 Warning	252
Unused symbol	🔶 Warning	101
Unused import directive	🔶 Warning	7
Redundant nullable return type	🔶 Warning	5
Unstable API Usage	🔶 Warning	4
Incorrect string capitalization	🔶 Warning	3
'Enum.values()' is recommended to be replaced by 'Enum.entries' since 1.9	🔶 Warning	3
Redundant qualifier name	🔶 Warning	3
Serializable object must implement 'readResolve'	🔶 Warning	2
Unresolved reference in KDoc	🔶 Warning	2
Usage of redundant or deprecated syntax or deprecated symbols	🔶 Warning	2
Useless call on collection type	🔶 Warning	2
Constructor parameter is never used as a property	🔶 Warning	1
Control flow with empty body	🔶 Warning	1
Redundant SAM constructor	🔶 Warning	1
Constant conditions	◽️ Notice	25
Function naming convention	◽️ Notice	16
Local variable naming convention	◽️ Notice	16
Class member can have 'private' visibility	◽️ Notice	9
Property naming convention	◽️ Notice	8
Might be 'const'	◽️ Notice	7
Object property naming convention	◽️ Notice	7
Private property naming convention	◽️ Notice	6
Library function call could be simplified	◽️ Notice	4
String concatenation that can be converted to string template	◽️ Notice	3
Cascade 'if' can be replaced with 'when'	◽️ Notice	2
Join declaration and assignment	◽️ Notice	2
Unnecessary type argument	◽️ Notice	2
Accessor call that can be replaced with property access syntax	◽️ Notice	2
Lambda argument inside parentheses	◽️ Notice	1
Redundant 'if' statement	◽️ Notice	1
Replace empty class body	◽️ Notice	1

💡 Qodana analysis was run in the pull request mode: only the changed files were checked

View the detailed Qodana report

To be able to view the detailed Qodana report, you can either: 1. Register at [Qodana Cloud](https://qodana.cloud/) and [configure the action](https://github.com/jetbrains/qodana-action#qodana-cloud) 2. Use [GitHub Code Scanning with Qodana](https://github.com/jetbrains/qodana-action#github-code-scanning) 3. Host [Qodana report at GitHub Pages](https://github.com/JetBrains/qodana-action/blob/3a8e25f5caad8d8b01c1435f1ef7b19fe8b039a0/README.md#github-pages) 4. Inspect and use `qodana.sarif.json` (see [the Qodana SARIF format](https://www.jetbrains.com/help/qodana/qodana-sarif-output.html#Report+structure) for details) To get `*.log` files or any other Qodana artifacts, run the action with `upload-result` option set to `true`, so that the action will upload the files as the job artifacts: ```yaml - name: 'Qodana Scan' uses: JetBrains/qodana-action@v2023.3.0 with: upload-result: true ```

Contact Qodana team

Contact us at [qodana-support@jetbrains.com](mailto:qodana-support@jetbrains.com) - Or via our issue tracker: https://jb.gg/qodana-issue - Or share your feedback: https://jb.gg/qodana-discussions