Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
443: Bump github/codeql-action from 1 to 2 r=jonasbb a=dependabot[bot] Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h2>2.1.9 - 27 Apr 2022</h2> <ul> <li>Add <code>working-directory</code> input to the <code>autobuild</code> action. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1024">#1024</a></li> <li>The <code>analyze</code> and <code>upload-sarif</code> actions will now wait up to 2 minutes for processing to complete after they have uploaded the results so they can report any processing errors that occurred. This behavior can be disabled by setting the <code>wait-for-processing</code> action input to <code>"false"</code>. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1007">#1007</a></li> <li>Update default CodeQL bundle version to 2.9.0.</li> <li>Fix a bug where <a href="https://github-redirect.dependabot.com/github/codeql-action/issues/1041">status reporting fails on Windows</a>. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1042">#1042</a></li> </ul> <h2>2.1.8 - 08 Apr 2022</h2> <ul> <li>Update default CodeQL bundle version to 2.8.5. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1014">#1014</a></li> <li>Fix error where the init action would fail due to a GitHub API request that was taking too long to complete <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1025">#1025</a></li> </ul> <h2>2.1.7 - 05 Apr 2022</h2> <ul> <li>A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1018">#1018</a></li> </ul> <h2>2.1.6 - 30 Mar 2022</h2> <ul> <li>[v2+ only] The CodeQL Action now runs on Node.js v16. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1000">#1000</a></li> <li>Update default CodeQL bundle version to 2.8.4. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/990">#990</a></li> <li>Fix a bug where an invalid <code>commit_oid</code> was being sent to code scanning when a custom checkout path was being used. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/956">#956</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/3962f1bd85916dd70cf44f7dd36946a72763eef4"><code>3962f1b</code></a> Bump glob from 7.1.7 to 8.0.1</li> <li><a href="https://github.com/github/codeql-action/commit/9daf1de73ca769b18a8abc0ddfdfff845708cb1c"><code>9daf1de</code></a> Update references to release branches</li> <li><a href="https://github.com/github/codeql-action/commit/bce749b10f3bd8b6b463c7753915deeac5158bba"><code>bce749b</code></a> Improve consistency of variable references in Bash</li> <li><a href="https://github.com/github/codeql-action/commit/fce4a01cd713caf52887d7ef8fd4e262d9e4aaa3"><code>fce4a01</code></a> Update the major version tag within the release process</li> <li><a href="https://github.com/github/codeql-action/commit/bac9320f4fb6ba590f3722eb9b477576e59d42bd"><code>bac9320</code></a> Update description of "Tag release and merge back" workflow</li> <li><a href="https://github.com/github/codeql-action/commit/b3bf557359f79e6aa98c484e8a9ad6a782fe3a8a"><code>b3bf557</code></a> Merge branch 'main' into henrymercer/handle-merge-conflicts-in-releases</li> <li><a href="https://github.com/github/codeql-action/commit/f6312f1322bd54138163c559cc89e298d4b5e543"><code>f6312f1</code></a> Commit any conflicts during v1 backport to simplify release process</li> <li>See full diff in <a href="https://github.com/github/codeql-action/compare/v1...v2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information
