Bump github/codeql-action from 2.22.5 to 2.22.8 (#1058)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.5 to 2.22.8.
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>No user facing changes.</p>
<h2>2.22.8 - 23 Nov 2023</h2>
<li>Update default CodeQL bundle version to 2.15.3. <a href="https://redirect.github.com/github/codeql-action/pull/2001">#2001</a></li>
<h2>2.22.7 - 16 Nov 2023</h2>
<li>Add a deprecation warning for customers using CodeQL version 2.11.5 and earlier. These versions of CodeQL were discontinued on 8 November 2023 alongside GitHub Enterprise Server 3.7, and will be unsupported by CodeQL Action v2.23.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/1993">#1993</a>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.11.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.10.5 and 2.11.5, you can replace <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.22.7</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
<h2>2.22.6 - 14 Nov 2023</h2>
<li>Customers running Python analysis on macOS using version 2.14.6 or earlier of the CodeQL CLI should upgrade to CodeQL CLI version 2.15.0 or later. If you do not wish to upgrade the CodeQL CLI, ensure that you are using Python version 3.11 or earlier, as CodeQL version 2.14.6 and earlier do not support Python 3.12. You can achieve this by adding a <a href="https://github.com/actions/setup-python"><code>setup-python</code></a> step to your code scanning workflow before the step that invokes <code>github/codeql-action/init</code>.</li>
<li>Update default CodeQL bundle version to 2.15.2. <a href="https://redirect.github.com/github/codeql-action/pull/1978">#1978</a></li>
<h2>2.22.5 - 27 Oct 2023</h2>
<p>No user facing changes.</p>
<h2>2.22.4 - 20 Oct 2023</h2>
<li>Update default CodeQL bundle version to 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/1953">#1953</a></li>
<li>Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023.
<li>All code scanning workflows should continue to succeed regardless of the warning.</li>
<li>The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20.</li>
<li>For more information, and to communicate with the maintaining team, please use <a href="https://redirect.github.com/github/codeql-action/issues/1959">this issue</a>.</li>
<h2>2.22.3 - 13 Oct 2023</h2>
<li>Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. <a href="https://redirect.github.com/github/codeql-action/pull/1945">#1945</a></li>
<h2>2.22.2 - 12 Oct 2023</h2>
<li>Update default CodeQL bundle version to 2.15.0. <a href="https://redirect.github.com/github/codeql-action/pull/1938">#1938</a></li>
<li>Improve the log output when an error occurs in an invocation of the CodeQL CLI. <a href="https://redirect.github.com/github/codeql-action/pull/1927">#1927</a></li>
<h2>2.22.1 - 09 Oct 2023</h2>
<li>Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. <a href="https://redirect.github.com/github/codeql-action/pull/1928">#1928</a></li>
<h2>2.22.0 - 06 Oct 2023</h2>
<p>... (truncated)</p>
<li><a href="https://github.com/github/codeql-action/commit/407ffafae6a767df3e0230c3df91b6443ae8df75"><code>407ffaf</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2007">#2007</a> from github/update-v2.22.8-192ad9bd5</li>
<li><a href="https://github.com/github/codeql-action/commit/4af462f4ba4cb64404dcb0bb40591f4e097bf284"><code>4af462f</code></a> Update changelog for v2.22.8</li>
<li><a href="https://github.com/github/codeql-action/commit/192ad9bd5f0f28e050b84a9790c483b45e47edc1"><code>192ad9b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2001">#2001</a> from github/update-bundle/codeql-bundle-v2.15.3</li>
<li><a href="https://github.com/github/codeql-action/commit/77c1abbd8342b1b08e8f32b11dff8f461376ffc0"><code>77c1abb</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.15.3</li>
<li><a href="https://github.com/github/codeql-action/commit/9f150ba795bcdde5bcd148bb808cc028dc662bd8"><code>9f150ba</code></a> Bump the actions group with 1 update (<a href="https://redirect.github.com/github/codeql-action/issues/2004">#2004</a>)</li>
<li><a href="https://github.com/github/codeql-action/commit/e75de4cd731576ebcc78b21a71f82fed992732c5"><code>e75de4c</code></a> Bump typescript from 5.2.2 to 5.3.2 (<a href="https://redirect.github.com/github/codeql-action/issues/2002">#2002</a>)</li>
<li><a href="https://github.com/github/codeql-action/commit/80150c2141a5386c7765c47e92d82633a5c47c03"><code>80150c2</code></a> Bump the npm group with 12 updates (<a href="https://redirect.github.com/github/codeql-action/issues/2003">#2003</a>)</li>
<li><a href="https://github.com/github/codeql-action/commit/4d999a4f2774d0e772147170353094a40ace7359"><code>4d999a4</code></a> Add changelog note</li>
<li><a href="https://github.com/github/codeql-action/commit/83267d5070f0935ee677209ba5e088375ed323a6"><code>83267d5</code></a> Update default bundle to codeql-bundle-v2.15.3</li>
<li><a href="https://github.com/github/codeql-action/commit/4b6aa0b07da05d6e43d0e5f9c8596a6532ce1c85"><code>4b6aa0b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1997">#1997</a> from github/mergeback/v2.22.7-to-main-66b90a5d</li>
<li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/74483a38d39275f33fcff5f35b679b5ca4a26a99...407ffafae6a767df3e0230c3df91b6443ae8df75">compare view</a></li>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.22.5&new-version=2.22.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.


<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

1 file changed
tree: 94ce4c9174d6dd6b1687dbbafa402f6766da9953
  1. .github/
  2. android/
  3. fonts/
  4. ios/
  5. lib/
  6. linux/
  7. logs/
  8. macos/
  9. test/
  10. test_benchmarks/
  11. test_driver/
  12. test_goldens/
  13. tool/
  14. web/
  15. windows/
  16. .firebaserc
  17. .gitignore
  18. .metadata
  19. analysis_options.yaml
  20. CHANGELOG.md
  21. deferred_components_loading_units.yaml
  22. firebase.json
  23. l10n.yaml
  25. pubspec.lock
  26. pubspec.yaml
  27. README.md
  28. screenshots.md

Flutter Gallery

Flutter Gallery is a resource to help developers evaluate and use Flutter. It is a collection of Material Design & Cupertino widgets, behaviors, and vignettes implemented with Flutter. We often get asked how one can see Flutter in action, and this gallery demonstrates what Flutter provides and how it behaves in the wild.

Flutter Gallery


  • Showcase for material, cupertino, and other widgets
  • Adaptive layout for mobile and desktop
  • State restoration support
  • Settings to text scaling, text direction, locale, theme, and more...
  • Demo for animations
  • Foldable support and demo for dual_screen
  • Deferred loading
  • CI/CD
  • ...and much more!

Supported Platforms

Flutter Gallery has been built to support multiple platforms. These include:


One can run the gallery locally for any of these platforms. For desktop platforms, please see the Flutter docs for the latest requirements.

cd gallery/
flutter pub get
flutter run

Flutter master channel

The Flutter Gallery targets Flutter‘s master channel. As such, it can take advantage of new SDK features that haven’t landed in the stable channel.

If you'd like to run the Flutter Gallery, you may have to switch to the master channel first:

flutter channel master
flutter upgrade

When you're done, use this command to return to the safety of the stable channel:

flutter channel stable
flutter upgrade


If this is the first time building the Flutter Gallery, the localized code will not be present in the project directory. However, after running the application for the first time, a synthetic package will be generated containing the app's localizations through importing package:flutter_gen/gen_l10n/.

flutter pub get
flutter pub run grinder l10n

See separate README for more details.

flutter pub get
flutter pub run grinder update-code-segments

See separate README for more details.

  1. Convert your animation to a .gif file. Ideally, use a background color of 0xFF030303 to ensure the animation blends into the background of the app.

  2. Add your new .gif file to the assets directory under assets/splash_effects. Ensure the name follows the format splash_effect_$num.gif. The number should be the next number after the current largest number in the repository.

  3. Update the map _effectDurations in splash.dart to include the number of the new .gif as well as its estimated duration. The duration is used to determine how long to display the splash animation at launch.


must be a flutter-hackers member

A set of GitHub workflows are available to help with releasing the Flutter Gallery, one per releasing platform.

  1. For Android, download the relevant Firebase configuration file (e.g. google-services.json).

  2. Bump the pubspec.yaml version number. This can be in a PR making a change or a separate PR. Use semantic versioning to determine which part to increment. The version number after the + should also be incremented. For example 1.2.3+010203 with a patch should become 1.2.4+010204.

  3. Run GitHub workflow.

  • Deploy to web: Deploys a web build to the Firebase-hosted staging or production site.

  • Deploy to Play Store: Uses Fastlane to create a beta (freely available on the Play Store) or promote an existing beta to production (Play Store).

    Note Once an .aab is created with a particular version number, it can't be replaced. The pubspec version number must be incremented again.

  • Draft GitHub release: Drafts a GitHub release, including packaged builds for Android, macOS, Linux, and Windows. Release notes can be automatically generated. The release draft is private until published. Upon being published, the specified version tag will be created.

  • Publish on Windows Store: Releasing to the Windows Store.

    Note This repository is not currently set up to publish new versions of the current Windows Store listing. Requires running msstore init within the repository and setting repository/environment secrets . See the instructions in the documentation for more information.

If the above GitHub workflows aren't functional (#759), releasing can be done semi-manually. Since this requires obtaining environment secrets, this can only be done by a Googler. See go/flutter-gallery-manual-deployment.


The gallery has its own set of unit, golden, and integration tests.

In addition, Flutter itself uses the gallery in tests. To enable breaking changes, the gallery version is pinned in two places: