Skip to content
This repository has been archived by the owner on Aug 5, 2024. It is now read-only.

chore(deps): bump github/codeql-action from 1.0.31 to 1.0.32 #308

Merged
merged 1 commit into from
Feb 10, 2022
Merged

chore(deps): bump github/codeql-action from 1.0.31 to 1.0.32 #308

merged 1 commit into from
Feb 10, 2022

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 8, 2022

Bumps github/codeql-action from 1.0.31 to 1.0.32.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action and CodeQL Runner Changelog

[UNRELEASED]

No user facing changes.

1.0.32 - 07 Feb 2022

  • Add sarif-id as an output for the upload-sarif and analyze actions. #889
  • Add ref and sha inputs to the analyze action, which override the defaults provided by the GitHub Action context. #889
  • Update default CodeQL bundle version to 2.8.0. #911

1.0.31 - 31 Jan 2022

  • Remove experimental message when using custom CodeQL packages. #888
  • Add a better warning message stating that experimental features will be disabled if the workflow has been triggered by a pull request from a fork or the security-events: write permission is not present. #882

1.0.30 - 24 Jan 2022

  • Display a better error message when encountering a workflow that runs the codeql-action/init action multiple times. #876
  • Update default CodeQL bundle version to 2.7.6. #877

1.0.29 - 21 Jan 2022

  • The feature to wait for SARIF processing to complete after upload has been disabled by default due to a bug in its interaction with pull requests from forks.

1.0.28 - 18 Jan 2022

  • Update default CodeQL bundle version to 2.7.5. #866
  • Fix a bug where SARIF files were failing upload due to an invalid test for unique categories. #872

1.0.27 - 11 Jan 2022

  • The analyze and upload-sarif actions will now wait up to 2 minutes for processing to complete after they have uploaded the results so they can report any processing errors that occurred. This behavior can be disabled by setting the wait-for-processing action input to "false". #855

1.0.26 - 10 Dec 2021

  • Update default CodeQL bundle version to 2.7.3. #842

1.0.25 - 06 Dec 2021

No user facing changes.

1.0.24 - 23 Nov 2021

  • Update default CodeQL bundle version to 2.7.2. #827

1.0.23 - 16 Nov 2021

  • The upload-sarif action now allows multiple uploads in a single job, as long as they have different categories. #801

... (truncated)

Commits
  • 2b46439 Merge pull request #913 from github/update-v1.0.32-4eb03fb6
  • 6d8390b 1.0.32
  • 4eb03fb Merge pull request #907 from github/henrymercer/report-ml-powered-query-enabl...
  • 03c64ef Add more documentation for ML-powered JS queries status report
  • cc622a0 Merge branch 'main' into henrymercer/report-ml-powered-query-enablement
  • c95a3d8 Limit cardinality of ML-powered JS queries status report
  • f888be7 Nit: Simplify code with optional chaining
  • 16d4068 Merge pull request #911 from github/cklin/codeql-cli-2.8.0
  • aab5452 Update default CodeQL version to 2.8.0
  • 501fe7f Update getMlPoweredJsQueriesStatus doc
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump github/codeql-action from 1.0.31 to 1.0.32
30a6f19 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.31 to 1.0.32.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@1a927e9...2b46439)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Feb 8, 2022
@wallies wallies merged commit e24c093 into master Feb 10, 2022
@wallies wallies deleted the dependabot/github_actions/github/codeql-action-1.0.32 branch February 10, 2022 02:31
kapiche-bot pushed a commit that referenced this pull request Jun 19, 2022
@semantic-release-bot
chore(release): 0.5.4 [skip ci]
dc1a574 
## [0.5.4](0.5.3...0.5.4) (2022-06-19)

### Bug Fixes

* bump eslint from 8.17.0 to 8.18.0 ([#406](#406)) ([c0fb488](c0fb488))

### Other

* add github upload to allow list ([#405](#405)) ([048a103](048a103))
* **deps-dev:** bump @babel/core from 7.16.12 to 7.17.2 ([#309](#309)) ([2d7748f](2d7748f))
* **deps-dev:** bump @babel/core from 7.17.12 to 7.18.0 ([#382](#382)) ([12f6881](12f6881))
* **deps-dev:** bump @babel/core from 7.17.2 to 7.17.4 ([#314](#314)) ([0d292b4](0d292b4))
* **deps-dev:** bump @babel/core from 7.17.4 to 7.17.5 ([#317](#317)) ([3539628](3539628))
* **deps-dev:** bump @babel/core from 7.17.5 to 7.17.9 ([#348](#348)) ([bbec5df](bbec5df))
* **deps-dev:** bump @babel/core from 7.17.9 to 7.17.12 ([#376](#376)) ([8b1305e](8b1305e))
* **deps-dev:** bump @babel/core from 7.18.0 to 7.18.2 ([#387](#387)) ([fe24aba](fe24aba))
* **deps-dev:** bump @babel/core from 7.18.2 to 7.18.5 ([#402](#402)) ([ca1e249](ca1e249))
* **deps-dev:** bump @babel/eslint-parser from 7.16.5 to 7.17.0 ([#303](#303)) ([e9718a1](e9718a1))
* **deps-dev:** bump @babel/eslint-parser from 7.17.0 to 7.18.2 ([#388](#388)) ([91d56e4](91d56e4))
* **deps-dev:** bump @microsoft/eslint-formatter-sarif ([#332](#332)) ([58e15ea](58e15ea))
* **deps-dev:** bump @microsoft/eslint-formatter-sarif ([#366](#366)) ([7873a36](7873a36))
* **deps-dev:** bump babel-loader from 8.2.3 to 8.2.4 ([#340](#340)) ([f27373a](f27373a))
* **deps-dev:** bump babel-loader from 8.2.4 to 8.2.5 ([#358](#358)) ([8e2fda7](8e2fda7))
* **deps-dev:** bump eslint from 8.10.0 to 8.11.0 ([#334](#334)) ([e673e6d](e673e6d))
* **deps-dev:** bump eslint from 8.11.0 to 8.12.0 ([#342](#342)) ([d1ffd30](d1ffd30))
* **deps-dev:** bump eslint from 8.12.0 to 8.13.0 ([#350](#350)) ([4d0c0c2](4d0c0c2))
* **deps-dev:** bump eslint from 8.13.0 to 8.15.0 ([#369](#369)) ([42f1e68](42f1e68))
* **deps-dev:** bump eslint from 8.15.0 to 8.16.0 ([#383](#383)) ([4941617](4941617))
* **deps-dev:** bump eslint from 8.16.0 to 8.17.0 ([#397](#397)) ([31c6a3f](31c6a3f))
* **deps-dev:** bump eslint from 8.8.0 to 8.9.0 ([#313](#313)) ([f336c59](f336c59))
* **deps-dev:** bump eslint from 8.9.0 to 8.10.0 ([#325](#325)) ([95b1a88](95b1a88))
* **deps:** bump @rollup/plugin-babel from 5.3.0 to 5.3.1 ([#321](#321)) ([e9e9ce7](e9e9ce7))
* **deps:** bump actions/setup-node from 2.5.1 to 3 ([#324](#324)) ([badfb55](badfb55))
* **deps:** bump actions/setup-node from 3.0.0 to 3.1.0 ([#345](#345)) ([aeb73fc](aeb73fc))
* **deps:** bump actions/setup-node from 3.1.0 to 3.1.1 ([#351](#351)) ([c968d20](c968d20))
* **deps:** bump actions/setup-node from 3.1.1 to 3.2.0 ([#375](#375)) ([0e0365f](0e0365f))
* **deps:** bump actions/setup-node from 3.2.0 to 3.3.0 ([#398](#398)) ([bebf19c](bebf19c))
* **deps:** bump actions/upload-artifact from 2.3.1 to 3 ([#330](#330)) ([c691291](c691291))
* **deps:** bump actions/upload-artifact from 3.0.0 to 3.1.0 ([#384](#384)) ([83e7a2e](83e7a2e))
* **deps:** bump aquasecurity/trivy-action from 0.2.1 to 0.2.2 ([#305](#305)) ([553a15e](553a15e))
* **deps:** bump aquasecurity/trivy-action from 0.2.2 to 0.2.3 ([#352](#352)) ([b50c1f6](b50c1f6))
* **deps:** bump aquasecurity/trivy-action from 0.2.3 to 0.2.5 ([#357](#357)) ([d45f49b](d45f49b))
* **deps:** bump aquasecurity/trivy-action from 0.2.5 to 0.3.0 ([#371](#371)) ([35d5a27](35d5a27))
* **deps:** bump aquasecurity/trivy-action from 0.3.0 to 0.4.0 ([#403](#403)) ([c221a79](c221a79))
* **deps:** bump aquasecurity/trivy-action from 0.4.0 to 0.4.1 ([#408](#408)) ([aa46b27](aa46b27))
* **deps:** bump cycjimmy/semantic-release-action from 2.7.0 to 3.0.0 ([#328](#328)) ([70d4fc1](70d4fc1))
* **deps:** bump github/codeql-action ([#373](#373)) ([427789a](427789a))
* **deps:** bump github/codeql-action from 1.0.30 to 1.0.31 ([#300](#300)) ([20d3197](20d3197))
* **deps:** bump github/codeql-action from 1.0.31 to 1.0.32 ([#308](#308)) ([e24c093](e24c093))
* **deps:** bump github/codeql-action from 1.0.32 to 1.1.0 ([#311](#311)) ([41d499d](41d499d))
* **deps:** bump github/codeql-action from 1.1.0 to 1.1.2 ([#318](#318)) ([24a8dee](24a8dee))
* **deps:** bump github/codeql-action from 1.1.2 to 1.1.3 ([#323](#323)) ([41d6bfa](41d6bfa))
* **deps:** bump github/codeql-action from 1.1.3 to 1.1.4 ([#333](#333)) ([0b3ba1c](0b3ba1c))
* **deps:** bump github/codeql-action from 1.1.4 to 1.1.5 ([#337](#337)) ([dc865a2](dc865a2))
* **deps:** bump github/codeql-action from 1.1.5 to 2.1.6 ([#343](#343)) ([5483e39](5483e39))
* **deps:** bump github/codeql-action from 2.1.10 to 2.1.11 ([#377](#377)) ([91d44e8](91d44e8))
* **deps:** bump github/codeql-action from 2.1.11 to 2.1.12 ([#396](#396)) ([374ece0](374ece0))
* **deps:** bump github/codeql-action from 2.1.6 to 2.1.7 ([#346](#346)) ([5060872](5060872))
* **deps:** bump github/codeql-action from 2.1.7 to 2.1.8 ([#349](#349)) ([fad5d81](fad5d81))
* **deps:** bump github/codeql-action from 2.1.8 to 2.1.10 ([#372](#372)) ([ea43c73](ea43c73))
* **deps:** bump minimist from 1.2.5 to 1.2.6 ([#341](#341)) ([1403070](1403070))
* **deps:** bump ossf/scorecard-action from 1.0.2 to 1.0.3 ([#301](#301)) ([0c655aa](0c655aa))
* **deps:** bump ossf/scorecard-action from 1.0.3 to 1.0.4 ([#319](#319)) ([b365a49](b365a49))
* **deps:** bump ossf/scorecard-action from 1.0.4 to 1.1.0 ([#389](#389)) ([17dc9f5](17dc9f5))
* **deps:** bump ossf/scorecard-action from 1.1.0 to 1.1.1 ([#395](#395)) ([0126739](0126739))
* **deps:** bump returntocorp/semgrep-action ([#306](#306)) ([4836662](4836662))
* **deps:** bump returntocorp/semgrep-action ([#344](#344)) ([b0553c1](b0553c1))
* **deps:** bump returntocorp/semgrep-action ([#347](#347)) ([17eb0d9](17eb0d9))
* **deps:** bump returntocorp/semgrep-action ([#353](#353)) ([b333179](b333179))
* **deps:** bump returntocorp/semgrep-action ([#359](#359)) ([b601ab1](b601ab1))
* **deps:** bump returntocorp/semgrep-action ([#362](#362)) ([0ee83a6](0ee83a6))
* **deps:** bump returntocorp/semgrep-action ([#378](#378)) ([e5edc82](e5edc82))
* **deps:** bump returntocorp/semgrep-action ([#380](#380)) ([62652ce](62652ce))
* **deps:** bump returntocorp/semgrep-action ([#390](#390)) ([597fecd](597fecd))
* **deps:** bump returntocorp/semgrep-action ([#399](#399)) ([3f9d332](3f9d332))
* **deps:** bump returntocorp/semgrep-action ([#401](#401)) ([14abfb2](14abfb2))
* **deps:** bump returntocorp/semgrep-action ([#407](#407)) ([9f9ca9b](9f9ca9b))
* **deps:** bump rollup from 2.66.1 to 2.67.2 ([#310](#310)) ([10e1cd8](10e1cd8))
* **deps:** bump rollup from 2.67.2 to 2.68.0 ([#320](#320)) ([6e8cd40](6e8cd40))
* **deps:** bump rollup from 2.68.0 to 2.75.3 ([#392](#392)) ([192b731](192b731))
* **deps:** bump rollup from 2.75.3 to 2.75.5 ([#394](#394)) ([66d143f](66d143f))
* **deps:** bump rollup from 2.75.5 to 2.75.6 ([#400](#400)) ([3a9fbe7](3a9fbe7))
* **deps:** bump step-security/harden-runner from 1.3.0 to 1.4.0 ([#312](#312)) ([c068018](c068018))
* **deps:** bump step-security/harden-runner from 1.4.0 to 1.4.1 ([#339](#339)) ([63f412f](63f412f))
* **deps:** bump step-security/harden-runner from 1.4.1 to 1.4.3 ([#367](#367)) ([5f9dd6b](5f9dd6b))
* fix step harden runner ([fabd5b8](fabd5b8))
* Move Rollup dependencies to devDependencies ([#404](#404)) ([2f2a4b1](2f2a4b1))
@kapiche-bot
Copy link

🎉 This PR is included in version 0.5.4 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@wallies wallies wallies approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kapiche-bot @wallies