)]}'
{
  "commit": "5d1c8bd07c4d77959b6a0434ed8e947213fcddf3",
  "tree": "83e172935304b5c1fe07a8d59123379c85e41ac5",
  "parents": [
    "1ba4b68f6cd36f09d7a640136ac149a2aa5d6aef"
  ],
  "author": {
    "name": "dependabot[bot]",
    "email": "49699333+dependabot[bot]@users.noreply.github.com",
    "time": "Mon Jun 01 06:48:22 2026 +0000"
  },
  "committer": {
    "name": "GitHub",
    "email": "noreply@github.com",
    "time": "Mon Jun 01 06:48:22 2026 +0000"
  },
  "message": "Bump the github-actions group with 3 updates (#2659)\n\nBumps the github-actions group with 3 updates: [actions/stale](https://github.com/actions/stale), [actions/labeler](https://github.com/actions/labeler) and [github/codeql-action](https://github.com/github/codeql-action).\n\nUpdates `actions/stale` from 10.2.0 to 10.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/actions/stale/releases\"\u003eactions/stale\u0027s releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev10.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003ch3\u003eBug Fix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhancement: ignore stale labeling events by \u003ca href\u003d\"https://github.com/shamoon\"\u003e\u003ccode\u003e@​shamoon\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/stale/pull/1311\"\u003eactions/stale#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency Updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​octokit/plugin-retry\u003c/code\u003e, \u003ca href\u003d\"https://github.com/typescript-eslint\"\u003e\u003ccode\u003e@​typescript-eslint\u003c/code\u003e\u003c/a\u003e) by \u003ca href\u003d\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/stale/pull/1335\"\u003eactions/stale#1335\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/shamoon\"\u003e\u003ccode\u003e@​shamoon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href\u003d\"https://redirect.github.com/actions/stale/pull/1311\"\u003eactions/stale#1311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href\u003d\"https://github.com/actions/stale/compare/v10...v10.3.0\"\u003ehttps://github.com/actions/stale/compare/v10...v10.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/stale/commit/eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899\"\u003e\u003ccode\u003eeb5cf3a\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies and bump version to 10.3.0 (\u003ca href\u003d\"https://redirect.github.com/actions/stale/issues/1335\"\u003e#1335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/stale/commit/db5d06a4c82d5e94513c09c406638111df61f63e\"\u003e\u003ccode\u003edb5d06a\u003c/code\u003e\u003c/a\u003e Enhancement: ignore stale labeling events (\u003ca href\u003d\"https://redirect.github.com/actions/stale/issues/1311\"\u003e#1311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href\u003d\"https://github.com/actions/stale/compare/b5d41d4e1d5dceea10e7104786b73624c18a190f...eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/labeler` from 6.0.1 to 6.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/actions/labeler/releases\"\u003eactions/labeler\u0027s releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.0\u003c/h2\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by \u003ca href\u003d\"https://github.com/bluca\"\u003e\u003ccode\u003e@​bluca\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/labeler/pull/923\"\u003eactions/labeler#923\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove Labeler Action documentation and permission error handling by \u003ca href\u003d\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/labeler/pull/897\"\u003eactions/labeler#897\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePreserve manually added labels during workflow runs and refine label synchronization logic by \u003ca href\u003d\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/labeler/pull/917\"\u003eactions/labeler#917\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependency Updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v6 by \u003ca href\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/labeler/pull/877\"\u003eactions/labeler#877\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade minimatch from 10.0.1 to 10.2.3 by \u003ca href\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/labeler/pull/926\"\u003eactions/labeler#926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​actions/github\u003c/code\u003e, js-yaml, minimatch, \u003ca href\u003d\"https://github.com/typescript-eslint\"\u003e\u003ccode\u003e@​typescript-eslint\u003c/code\u003e\u003c/a\u003e) by \u003ca href\u003d\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/labeler/pull/934\"\u003eactions/labeler#934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href\u003d\"https://redirect.github.com/actions/labeler/pull/897\"\u003eactions/labeler#897\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bluca\"\u003e\u003ccode\u003e@​bluca\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href\u003d\"https://redirect.github.com/actions/labeler/pull/923\"\u003eactions/labeler#923\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href\u003d\"https://redirect.github.com/actions/labeler/pull/934\"\u003eactions/labeler#934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href\u003d\"https://github.com/actions/labeler/compare/v6...v6.1.0\"\u003ehttps://github.com/actions/labeler/compare/v6...v6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/labeler/commit/f27b608878404679385c85cfa523b85ccb86e213\"\u003e\u003ccode\u003ef27b608\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​actions/github\u003c/code\u003e, js-yaml, minimat...\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/labeler/commit/c5dadc2a45784a4b6adfcd20fea3465da3a5f904\"\u003e\u003ccode\u003ec5dadc2\u003c/code\u003e\u003c/a\u003e Add \u0027changed-files-labels-limit\u0027 and \u0027max-files-changed\u0027 configs to allow cap...\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/labeler/commit/e52e4fb63ed5cd0e07abaad9826b2a893ccb921f\"\u003e\u003ccode\u003ee52e4fb\u003c/code\u003e\u003c/a\u003e Bump minimatch from 10.0.1 to 10.2.3 (\u003ca href\u003d\"https://redirect.github.com/actions/labeler/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/labeler/commit/77a4082b841706ac431479b7e2bb11216ffef250\"\u003e\u003ccode\u003e77a4082\u003c/code\u003e\u003c/a\u003e Fix: Preserve manually added labels during workflow run and refine label sync...\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/labeler/commit/25abb3cad4f14b7ac27968a495c37798860a5a1a\"\u003e\u003ccode\u003e25abb3c\u003c/code\u003e\u003c/a\u003e Improve Labeler Action Documentation and Error Handling for Permissions (\u003ca href\u003d\"https://redirect.github.com/actions/labeler/issues/897\"\u003e#897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/labeler/commit/395c8cfdb1e1e691cc4bad0dd315820af8eb67fd\"\u003e\u003ccode\u003e395c8cf\u003c/code\u003e\u003c/a\u003e Bump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href\u003d\"https://github.com/actions/labeler/compare/634933edcd8ababfe52f92936142cc22ac488b1b...f27b608878404679385c85cfa523b85ccb86e213\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.2 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action\u0027s releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href\u003d\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href\u003d\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href\u003d\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href\u003d\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href\u003d\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action\u0027s changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href\u003d\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href\u003d\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href\u003d\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href\u003d\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href\u003d\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href\u003d\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href\u003d\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href\u003d\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href\u003d\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href\u003d\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003e\u003ccode\u003e7211b7c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/3927\"\u003e#3927\u003c/a\u003e from github/update-v4.36.0-ebc2d9e2b\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/7740f2fb21add1d46278215acea47540db22f022\"\u003e\u003ccode\u003e7740f2f\u003c/code\u003e\u003c/a\u003e Update changelog for v4.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/ebc2d9e2bc247eec51bee8d4df806c4030eb0761\"\u003e\u003ccode\u003eebc2d9e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/3926\"\u003e#3926\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/d1f74b777c95c777bf4f42ce4b250bc916e745c7\"\u003e\u003ccode\u003ed1f74b7\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/2dc40cec39bdc63d3561d74fa6100cebb0418ff4\"\u003e\u003ccode\u003e2dc40ce\u003c/code\u003e\u003c/a\u003e Update default bundle to codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/84498526a009a99c875e83ef4821a8ba52de7c22\"\u003e\u003ccode\u003e8449852\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/3910\"\u003e#3910\u003c/a\u003e from github/henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/72ac23c6d16b29fbe801e87e3439941558c53094\"\u003e\u003ccode\u003e72ac23c\u003c/code\u003e\u003c/a\u003e Update excluded required check list\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/c5297a28a2c3e6a8062041b58858bd7117cebe37\"\u003e\u003ccode\u003ec5297a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/3919\"\u003e#3919\u003c/a\u003e from github/henrymercer/workflow-concurrency\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/8ffeae7d05bc1b914a009d197e64e4f5c9e14503\"\u003e\u003ccode\u003e8ffeae7\u003c/code\u003e\u003c/a\u003e CI: Automatically cancel non-generated workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/f3f52bf568dc44a1069faafa538caa6b1fec40c9\"\u003e\u003ccode\u003ef3f52bf\u003c/code\u003e\u003c/a\u003e Revert \u003ccode\u003egetErrorMessage\u003c/code\u003e import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href\u003d\"https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency\u0027s major version (unless you unignore this specific dependency\u0027s major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency\u0027s minor version (unless you unignore this specific dependency\u0027s minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\u003c/details\u003e",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "e4fa63f7a575a1ea64afa918e29981990bd93588",
      "old_mode": 33188,
      "old_path": ".github/workflows/no-response.yml",
      "new_id": "4b8e14be75b46659a733f6532712c292eb52ac26",
      "new_mode": 33188,
      "new_path": ".github/workflows/no-response.yml"
    },
    {
      "type": "modify",
      "old_id": "3115ed45480da3be7488759a018d295c9507ed7c",
      "old_mode": 33188,
      "old_path": ".github/workflows/pull_request_label.yaml",
      "new_id": "016e28223405ab6dadf7eac70104aff94de3f158",
      "new_mode": 33188,
      "new_path": ".github/workflows/pull_request_label.yaml"
    },
    {
      "type": "modify",
      "old_id": "273473f394a8149d2f57f433ff23a985d9102cdd",
      "old_mode": 33188,
      "old_path": ".github/workflows/scorecards-analysis.yml",
      "new_id": "febe3a633fc70f461be95395407af67f91460b76",
      "new_mode": 33188,
      "new_path": ".github/workflows/scorecards-analysis.yml"
    }
  ]
}