Closed dependabot[bot] closed 3 weeks ago
The update to the GitHub Actions workflow in security-scan.yml
involves incrementing the version of the github/codeql-action/upload-sarif
action from v3.26.0
to v3.26.2
. This minor version upgrade is expected to bring bug fixes, performance enhancements, and potentially new features that improve the security scanning process. The overall workflow structure remains intact, ensuring the continued functionality of SARIF file uploads.
File | Change Summary |
---|---|
.github/workflows/security-scan.yml |
Updated github/codeql-action/upload-sarif from v3.26.0 to v3.26.2 |
sequenceDiagram
participant User
participant GitHub Actions
participant CodeQL
User->>GitHub Actions: Trigger security scan
GitHub Actions->>CodeQL: Run security analysis
CodeQL-->>GitHub Actions: Return results
GitHub Actions->>GitHub Actions: Upload SARIF report
In the burrow deep, a change we see,
A leap tov3.26.2
, oh glee! π
Bugs are fixed, performance shines,
Security scans, oh how divine!
Hopping forth with files so neat,
A safer world beneath our feet! πβ¨
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
Superseded by #76.
Bumps github/codeql-action from 3.26.0 to 3.26.2.
Changelog
Sourced from github/codeql-action's changelog.
Commits
429e197
Merge pull request #2425 from github/update-v3.26.2-a93f8c2fd9eec338
Update changelog for v3.26.2a93f8c2
Merge pull request #2423 from github/mergeback/v3.26.1-to-main-29d86d22af1f2e8
Address incorrect CHANGELOG.md2bc3b83
Update checked-in dependenciesdd9700c
Reapply "Merge pull request #2417 from github/update-bundle/codeql-bundle-v2....ece28a8
Update changelog and version after v3.26.129d86d2
Merge pull request #2422 from github/update-v3.26.1-0d5982aa35b15b9e
Revert "Merge pull request #2417 from github/update-bundle/codeql-bundle-v2.1...18ac79e
Update changelog for v3.26.1Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show
Summary by CodeRabbit