Skip to content

Commit

Permalink
ci(action): update github/codeql-action action to v3.27.2 (#912)
Browse files Browse the repository at this point in the history
This PR contains the following updates:

| Package | Type | Update | Change | OpenSSF |
|---|---|---|---|---|
|
[github/codeql-action](https://redirect.github.com/github/codeql-action)
| action | patch | `v3.27.0` -> `v3.27.2` | [![OpenSSF
Scorecard](https://api.securityscorecards.dev/projects/github.com/github/codeql-action/badge)](https://securityscorecards.dev/viewer/?uri=github.com/github/codeql-action)
|

---

### Release Notes

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.27.2`](https://redirect.github.com/github/codeql-action/releases/tag/v3.27.2)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.1...v3.27.2)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.

##### 3.27.2 - 12 Nov 2024

- Fixed an issue where setting up the CodeQL tools would sometimes fail
with the message "Invalid value 'undefined' for header 'authorization'".
[#&#8203;2590](https://redirect.github.com/github/codeql-action/pull/2590)

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.27.2/CHANGELOG.md)
for more information.

###
[`v3.27.1`](https://redirect.github.com/github/codeql-action/releases/tag/v3.27.1)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.0...v3.27.1)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.

##### 3.27.1 - 08 Nov 2024

- The CodeQL Action now downloads bundles compressed using Zstandard on
GitHub Enterprise Server when using Linux or macOS runners. This speeds
up the installation of the CodeQL tools. This feature is already
available to GitHub.com users.
[#&#8203;2573](https://redirect.github.com/github/codeql-action/pull/2573)
- Update default CodeQL bundle version to 2.19.3.
[#&#8203;2576](https://redirect.github.com/github/codeql-action/pull/2576)

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.27.1/CHANGELOG.md)
for more information.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 5am every weekday,every
weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/kelektiv/node-cron).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS43LjEiLCJ1cGRhdGVkSW5WZXIiOiIzOS45LjUiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
  • Loading branch information
renovate[bot] authored Nov 12, 2024
1 parent e1140d1 commit d11ba30
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ jobs:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/init@9278e421667d5d90a2839487a482448c4ec7df4d # v3.27.2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -49,7 +49,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/autobuild@9278e421667d5d90a2839487a482448c4ec7df4d # v3.27.2

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -62,6 +62,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/analyze@9278e421667d5d90a2839487a482448c4ec7df4d # v3.27.2
with:
category: '/language:${{matrix.language}}'
2 changes: 1 addition & 1 deletion .github/workflows/scorecards.yml
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,6 @@ jobs:

# Upload the results to GitHub's code scanning dashboard.
- name: 'Upload to code-scanning'
uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3.27.2
with:
sarif_file: results.sarif

0 comments on commit d11ba30

Please sign in to comment.