Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update github/codeql-action action to v3.25.4 #79

Merged
merged 1 commit into from
May 15, 2024
Merged

Update github/codeql-action action to v3.25.4 #79

merged 1 commit into from
May 15, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 15, 2024

Mend Renovate

This PR contains the following updates:

Package Type Update Change Pending
github/codeql-action action patch v3.25.3 -> v3.25.4 v3.25.5

Release Notes

github/codeql-action (github/codeql-action)

v3.25.4

Compare Source

Configuration

📅 Schedule: Branch creation - "* 0-4 * * 3" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@github-actions GitHub Actions
Copy link

[puLL-Merge] - github/codeql-action@v3.25.3..v3.25.4

Here is my review of the pull request:

Description

This PR updates the CodeQL bundle version to 2.17.2. It also adds deprecation warnings when combining multiple SARIF files with the same run category, which will be removed in the future on GHES 3.18 and on dotcom on June 4, 2025. Several dependency versions were updated as well.

Changes

Changes

  • .github/update-release-branch.py:
    • Add function to replace version in package.json directly rather than using npm version to avoid merge conflicts
  • CHANGELOG.md:
    • Add entry for 3.25.4 release updating CodeQL bundle to 2.17.2
  • src/defaults.json:
    • Update CodeQL bundle and CLI versions to 2.17.2
  • src/feature-flags.ts:
    • Rename CliSarifMerge feature flag to CombineSarifFilesDeprecationWarning
  • src/upload-lib.ts:
    • Add shouldShowCombineSarifFilesDeprecationWarning function to determine if deprecation warning for combining SARIF files should be shown
    • Update combineSarifFilesUsingCLI to show deprecation warnings when appropriate based on runs uniqueness and GitHub version
    • Always use combineSarifFilesUsingCLI rather than using feature flag
  • src/upload-lib.test.ts:
    • Add tests for shouldShowCombineSarifFilesDeprecationWarning
  • package.json, package-lock.json:
    • Bump version to 3.25.4
    • Update @typescript-eslint/* dependencies
  • src/util.ts:
    • Add additional fields to SarifRun interface

Security Hotspots

None. The changes do not appear to introduce any new security risks.

@renovate renovate bot force-pushed the renovate/github-codeql-action-3.x branch from dca2b12 to 41c331a Compare May 15, 2024 07:05
@renovate renovate bot merged commit edb65f8 into master May 15, 2024
7 checks passed
@renovate renovate bot deleted the renovate/github-codeql-action-3.x branch May 15, 2024 18:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@renovate-approve renovate-approve[bot] renovate-approve approved these changes

Assignees
No one assigned
Labels
dependencies puLL-Merge renovate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants