Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

chore(deps): bump github/codeql-action from 3.28.16 to 3.28.17

Merged
Number: #6940
Type: Pull Request
State: Merged
Author: dependabot[bot] dependabot[bot]
Association: Contributor
Comments: 3
Created: May 05, 2025 at 08:35 PM UTC
(6 months ago)
Updated: May 09, 2025 at 12:27 AM UTC
(6 months ago)
Merged: May 09, 2025 at 12:27 AM UTC
(6 months ago)
by jnsdls
Time to Close: 3 days
Labels:
Dependencies github_actions
Description:

Bumps github/codeql-action from 3.28.16 to 3.28.17.

Release notes

Sourced from github/codeql-action's releases.

v3.28.17

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.17 - 02 May 2025

  • Update default CodeQL bundle version to 2.21.2. #2872

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.17 - 02 May 2025

  • Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

  • Update default CodeQL bundle version to 2.21.1. #2863

3.28.15 - 07 Apr 2025

  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

  • Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

  • Update default CodeQL bundle version to 2.20.5. #2772
  • Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

  • Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

  • Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

... (truncated)

Commits
  • 60168ef Merge pull request #2886 from github/update-v3.28.17-97a2bfd2a
  • 0d5a311 Update changelog for v3.28.17
  • 97a2bfd Merge pull request #2872 from github/update-bundle/codeql-bundle-v2.21.2
  • 9aba20e Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2
  • 81a9508 Merge pull request #2876 from github/henrymercer/fix-diff-informed-multiple-a...
  • 1569f4c Disable diff-informed queries in code scanning config tests
  • 62fbeb6 Merge branch 'main' into henrymercer/fix-diff-informed-multiple-analyze
  • f122d1d Address test failures from computing temporary directory too early
  • 083772a Do not fail diff informed analyses when analyze is run twice in the same job
  • 5db14d0 Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

PR-Codex overview

This PR updates the version of the github/codeql-action used in the .github/workflows/codeql-analysis.yml file to the latest release, ensuring the workflow benefits from the latest features and bug fixes.

Detailed summary

  • Updated github/codeql-action/init from v3.28.16 to v3.28.17
  • Updated github/codeql-action/autobuild from v3.28.16 to v3.28.17
  • Updated github/codeql-action/analyze from v3.28.16 to v3.28.17

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Pull Request Statistics
Commits:
1
Files Changed:
1
Additions:
+3
Deletions:
-3
Package Dependencies
Package:
github/codeql-action
Ecosystem:
actions
Version Change:
3.28.16 → 3.28.17
Update Type:
Patch
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 118337
UUID: 2499744909
Node ID: PR_kwDOH5MG4s6U_xSN
Host: GitHub
Repository: thirdweb-dev/js
Merge State: Unknown