Bump github/codeql-action from 2 to 3

[dependabot[bot]]

Bumps github/codeql-action from 2 to 3.

Release notes

Sourced from github/codeql-action's releases.

CodeQL Bundle v2.16.3

Bundles CodeQL CLI v2.16.3

• (changelog, release)

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.3:

• codeql/cpp-queries (changelog, source)
• codeql/cpp-all (changelog, source)
• codeql/csharp-queries (changelog, source)
• codeql/csharp-all (changelog, source)
• codeql/go-queries (changelog, source)
• codeql/go-all (changelog, source)
• codeql/java-queries (changelog, source)
• codeql/java-all (changelog, source)
• codeql/javascript-queries (changelog, source)
• codeql/javascript-all (changelog, source)
• codeql/python-queries (changelog, source)
• codeql/python-all (changelog, source)
• codeql/ruby-queries (changelog, source)
• codeql/ruby-all (changelog, source)
• codeql/swift-queries (changelog, source)
• codeql/swift-all (changelog, source)

CodeQL Bundle v2.16.2

Bundles CodeQL CLI v2.16.2

• (changelog, release)

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.2:

• codeql/cpp-queries (changelog, source)
• codeql/cpp-all (changelog, source)
• codeql/csharp-queries (changelog, source)
• codeql/csharp-all (changelog, source)
• codeql/go-queries (changelog, source)
• codeql/go-all (changelog, source)
• codeql/java-queries (changelog, source)
• codeql/java-all (changelog, source)
• codeql/javascript-queries (changelog, source)
• codeql/javascript-all (changelog, source)
• codeql/python-queries (changelog, source)
• codeql/python-all (changelog, source)
• codeql/ruby-queries (changelog, source)
• codeql/ruby-all (changelog, source)
• codeql/swift-queries (changelog, source)
• codeql/swift-all (changelog, source)

CodeQL Bundle v2.16.1

Bundles CodeQL CLI v2.16.1

• (changelog, release)

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.1:

• codeql/cpp-queries (changelog, source)

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

3.24.4 - 21 Feb 2024

• Fix an issue where an existing, but empty, /sys/fs/cgroup/cpuset.cpus file always resulted in a single-threaded run. #2151
• Update default CodeQL bundle version to 2.16.3. #2156

3.24.3 - 15 Feb 2024

• Fix an issue where the CodeQL Action would fail to load a configuration specified by the config input to the init Action. #2147

3.24.2 - 15 Feb 2024

• Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. #2141

3.24.1 - 13 Feb 2024

• Update default CodeQL bundle version to 2.16.2. #2124
• The CodeQL action no longer fails if it can't write to the telemetry api endpoint. #2121

3.24.0 - 02 Feb 2024

• CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See release notes for 3.23.0 for more details. #2106

3.23.2 - 26 Jan 2024

• On Linux, the maximum possible value for the --threads option now respects the CPU count as specified in cgroup files to more accurately reflect the number of available cores when running in containers. #2083
• Update default CodeQL bundle version to 2.16.1. #2096

3.23.1 - 17 Jan 2024

• Update default CodeQL bundle version to 2.16.0. #2073
• Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. #2079

3.23.0 - 08 Jan 2024

• We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. #2031
• The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.22.7. #2009

3.22.12 - 22 Dec 2023

• Update default CodeQL bundle version to 2.15.5. #2047

3.22.11 - 13 Dec 2023

• [v3+ only] The CodeQL Action now runs on Node.js v20. #2006

2.22.10 - 12 Dec 2023

• Update default CodeQL bundle version to 2.15.4. #2016

2.22.9 - 07 Dec 2023

... (truncated)

Commits

• b7c408a Update changelog and version after v3.24.3
• 3796146 Merge pull request #2148 from github/update-v3.24.3-3a7796d6a
• 01d302a Update changelog for v3.24.3
• 3a7796d Merge pull request #2147 from github/henrymercer/fix-config-outside-workspace...
• 56b93f2 Add changelog note
• 381e65f Allow generated user config file to be outside the workspace
• d88d538 Add PR check for specifying configuration using the config input
• dc983b3 Merge pull request #2143 from github/mergeback/v3.24.2-to-main-ece8414c
• 66a4732 Update checked-in dependencies
• e62fb8e Update changelog and version after v3.24.2
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

Thank you for your contribution! 🌌 This checklist is meant to remind the package maintainers who will review this pull request of some common things to look for.

• [ ] Do the proposed changes actually accomplish desired goals?
• [ ] Do the proposed changes follow the STScI coding guidelines?
• [ ] Are tests added/updated as required? If so, do they follow the STScI testing guidelines?
• [ ] Are docs added/updated as required?
• [ ] Is rebase and/or squash necessary? If so, please provide the author with appropriate instructions.
• [ ] Did the CI pass? If no, are the failures related?
• [ ] Is a change log needed?
• [ ] Is a milestone set? Milestone must be set but we cannot check for it on Actions; do not let the green checkmark fool you.

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Comparison is base (8570d49) 96.80% compared to head (87aa867) 96.80%. Report is 1 commits behind head on master.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## master #379 +/- ## ======================================= Coverage 96.80% 96.80% ======================================= Files 17 17 Lines 2034 2034 ======================================= Hits 1969 1969 Misses 65 65 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.