aa296b339d240ef3bc8260afef4a65bea34cfe3a - test.git

commit	aa296b339d240ef3bc8260afef4a65bea34cfe3a	[log] [tgz]
author	dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	Thu Feb 01 03:16:36 2024 +0000
committer	GitHub <noreply@github.com>	Thu Feb 01 03:16:36 2024 +0000
tree	213a008f5c9840741b51a4bb987a2ab280af7612
parent	6700049d5de97906d033f4271f67f7599090bf4e [diff]

Bump github/codeql-action from 3.22.12 to 3.23.2 (#2180)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.22.12 to 3.23.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.23.2 - 26 Jan 2024</h2>
<ul>
<li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li>
<li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li>
</ul>
<h2>3.23.1 - 17 Jan 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li>
<li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li>
</ul>
<h2>3.23.0 - 08 Jan 2024</h2>
<ul>
<li>We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false</code> in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/2031">#2031</a></li>
<li>The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see <a href="https://github.com/github/codeql-action/blob/main/#2227---16-nov-2023">the corresponding changelog entry for CodeQL Action version 2.22.7</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2009">#2009</a></li>
</ul>
<h2>3.22.12 - 22 Dec 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2047">#2047</a></li>
</ul>
<h2>3.22.11 - 13 Dec 2023</h2>
<ul>
<li>[v3+ only] The CodeQL Action now runs on Node.js v20. <a href="https://redirect.github.com/github/codeql-action/pull/2006">#2006</a></li>
</ul>
<h2>2.22.10 - 12 Dec 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.15.4. <a href="https://redirect.github.com/github/codeql-action/pull/2016">#2016</a></li>
</ul>
<h2>2.22.9 - 07 Dec 2023</h2>
<p>No user facing changes.</p>
<h2>2.22.8 - 23 Nov 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.15.3. <a href="https://redirect.github.com/github/codeql-action/pull/2001">#2001</a></li>
</ul>
<h2>2.22.7 - 16 Nov 2023</h2>
<ul>
<li>Add a deprecation warning for customers using CodeQL version 2.11.5 and earlier. These versions of CodeQL were discontinued on 8 November 2023 alongside GitHub Enterprise Server 3.7, and will be unsupported by CodeQL Action v2.23.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/1993">#1993</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.11.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.10.5 and 2.11.5, you can replace <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.22.7</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/github/codeql-action/commit/b7bf0a3ed3ecfa44160715d7c442788f65f0f923"><code>b7bf0a3</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2099">#2099</a> from github/update-v3.23.2-61bf02577</li>
<li><a href="https://github.com/github/codeql-action/commit/33e354b34bc9d95d28ae4f055fa1faeb59e59ae5"><code>33e354b</code></a> Changelog: Add missing PR link</li>
<li><a href="https://github.com/github/codeql-action/commit/f4cfe8904c929c35f9612da0c754f121a3422d7e"><code>f4cfe89</code></a> Update changelog for v3.23.2</li>
<li><a href="https://github.com/github/codeql-action/commit/61bf02577c801b30a708abc6f2164763e4e1d0cd"><code>61bf025</code></a> Send overall job status in init-post status report (<a href="https://redirect.github.com/github/codeql-action/issues/2097">#2097</a>)</li>
<li><a href="https://github.com/github/codeql-action/commit/16150320c5db0d4942ea2bd4974fc365d6324737"><code>1615032</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2096">#2096</a> from github/update-bundle/codeql-bundle-v2.16.1</li>
<li><a href="https://github.com/github/codeql-action/commit/bd67d8d6b2096e4b46db15ed108e563c4447d608"><code>bd67d8d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2098">#2098</a> from github/henrymercer/update-internal-queries</li>
<li><a href="https://github.com/github/codeql-action/commit/a2619f68c8432b9a500ecc7aafd4816667379bed"><code>a2619f6</code></a> Internal queries: Replace deprecated predicates</li>
<li><a href="https://github.com/github/codeql-action/commit/666e2f9edfd29789e9f46f2cce092d18622dcb74"><code>666e2f9</code></a> Internal queries: Replace deprecated predicates</li>
<li><a href="https://github.com/github/codeql-action/commit/d43ae36a631248dea35da2f8da5e28687255da31"><code>d43ae36</code></a> Add changelog note</li>
<li><a href="https://github.com/github/codeql-action/commit/75af1f5948eef4f82d80db69296c55a9bc5ba26e"><code>75af1f5</code></a> Update default bundle to codeql-bundle-v2.16.1</li>
<li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/012739e5082ff0c22ca6d6ab32e07c36df03c4a4...b7bf0a3ed3ecfa44160715d7c442788f65f0f923">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.22.12&new-version=3.23.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

.github/workflows/scorecards-analysis.yml[diff]

1 file changed

tree: 213a008f5c9840741b51a4bb987a2ab280af7612

README.md

What's here?

Welcome! package:test is the standard testing library for Dart and Flutter. If you have questions about Dart testing, please see the docs for package:test. package:test_api and package:test_core are implementation details and generally not user-facing.

package:checks is a relatively new library for expressing test expectations. It's a more modern version of package:matcher and features a literate API.

Packages

Package	Description	Version
checks	A framework for checking values against expectations and building custom expectations.
test	A full featured library for writing and running Dart tests across platforms.
test_api
test_core