)]}' { "commit": "eb870b9a53397ccf8b7bf6b9b63939dda067b2df", "tree": "29a77f9e5a6a8457b6f254d5d25a6cf6c5734362", "parents": [ "82a1ca84f22dc9d405c06b6b744b5f2454df8b08" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Jan 01 03:11:27 2025 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Jan 01 03:11:27 2025 +0000" }, "message": "Bump the github-actions group with 3 updates (#2444)\n\nBumps the github-actions group with 3 updates: [actions/cache](https://github.com/actions/cache), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [github/codeql-action](https://github.com/github/codeql-action).\n\nUpdates `actions/cache` from 4.1.2 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/actions/cache/releases\"\u003eactions/cache\u0027s releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003ch2\u003e⚠️ Important Changes\u003c/h2\u003e\n\u003cp\u003eThe cache backend service has been rewritten from the ground up for improved performance and reliability. \u003ca href\u003d\"https://github.com/actions/cache\"\u003eactions/cache\u003c/a\u003e now integrates with the new cache service (v2) APIs.\u003c/p\u003e\n\u003cp\u003eThe new service will gradually roll out as of \u003cstrong\u003eFebruary 1st, 2025\u003c/strong\u003e. The legacy service will also be sunset on the same date. Changes in these release are \u003cstrong\u003efully backward compatible\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eWe are deprecating some versions of this action\u003c/strong\u003e. We recommend upgrading to version \u003ccode\u003ev4\u003c/code\u003e or \u003ccode\u003ev3\u003c/code\u003e as soon as possible before \u003cstrong\u003eFebruary 1st, 2025.\u003c/strong\u003e (Upgrade instructions below).\u003c/p\u003e\n\u003cp\u003eIf you are using pinned SHAs, please use the SHAs of versions \u003ccode\u003ev4.2.0\u003c/code\u003e or \u003ccode\u003ev3.4.0\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eIf you do not upgrade, all workflow runs using any of the deprecated \u003ca href\u003d\"https://github.com/actions/cache\"\u003eactions/cache\u003c/a\u003e will fail.\u003c/p\u003e\n\u003cp\u003eUpgrading to the recommended versions will not break your workflows.\u003c/p\u003e\n\u003cp\u003eRead more about the change \u0026amp; access the migration guide: \u003ca href\u003d\"https://github.com/actions/cache/discussions/1510\"\u003ereference to the announcement\u003c/a\u003e.\u003c/p\u003e\n\u003ch3\u003eMinor changes\u003c/h3\u003e\n\u003cp\u003eMinor and patch version updates for these dependencies:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e@​actions/core\u003c/code\u003e: \u003ccode\u003e1.11.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​actions/io\u003c/code\u003e: \u003ccode\u003e1.1.3\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e@​vercel/ncc\u003c/code\u003e: \u003ccode\u003e0.38.3\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href\u003d\"https://github.com/actions/cache/compare/v4...v4.2.0\"\u003ehttps://github.com/actions/cache/compare/v4...v4.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache\u0027s changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch3\u003e4.2.0\u003c/h3\u003e\n\u003cp\u003eTLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. \u003ca href\u003d\"https://github.com/actions/cache\"\u003eactions/cache\u003c/a\u003e now integrates with the new cache service (v2) APIs.\u003c/p\u003e\n\u003cp\u003eThe new service will gradually roll out as of \u003cstrong\u003eFebruary 1st, 2025\u003c/strong\u003e. The legacy service will also be sunset on the same date. Changes in these release are \u003cstrong\u003efully backward compatible\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eWe are deprecating some versions of this action\u003c/strong\u003e. We recommend upgrading to version \u003ccode\u003ev4\u003c/code\u003e or \u003ccode\u003ev3\u003c/code\u003e as soon as possible before \u003cstrong\u003eFebruary 1st, 2025.\u003c/strong\u003e (Upgrade instructions below).\u003c/p\u003e\n\u003cp\u003eIf you are using pinned SHAs, please use the SHAs of versions \u003ccode\u003ev4.2.0\u003c/code\u003e or \u003ccode\u003ev3.4.0\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eIf you do not upgrade, all workflow runs using any of the deprecated \u003ca href\u003d\"https://github.com/actions/cache\"\u003eactions/cache\u003c/a\u003e will fail.\u003c/p\u003e\n\u003cp\u003eUpgrading to the recommended versions will not break your workflows.\u003c/p\u003e\n\u003ch3\u003e4.1.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - \u003ca href\u003d\"https://redirect.github.com/actions/cache/pull/1474\"\u003e#1474\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSecurity fix: Bump braces from 3.0.2 to 3.0.3 - \u003ca href\u003d\"https://redirect.github.com/actions/cache/pull/1475\"\u003e#1475\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e4.1.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestore original behavior of \u003ccode\u003ecache-hit\u003c/code\u003e output - \u003ca href\u003d\"https://redirect.github.com/actions/cache/pull/1467\"\u003e#1467\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e4.1.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure \u003ccode\u003ecache-hit\u003c/code\u003e output is set when a cache is missed - \u003ca href\u003d\"https://redirect.github.com/actions/cache/pull/1404\"\u003e#1404\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate \u003ccode\u003esave-always\u003c/code\u003e input - \u003ca href\u003d\"https://redirect.github.com/actions/cache/pull/1452\"\u003e#1452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e4.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed restore \u003ccode\u003efail-on-cache-miss\u003c/code\u003e not working.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e4.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated \u003ccode\u003eisGhes\u003c/code\u003e check\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e4.0.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated minimum runner version support from node 12 -\u0026gt; node 20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.4.0\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIntegrated with the new cache service (v2) APIs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e3.3.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdates \u003ccode\u003e@​actions/cache\u003c/code\u003e to v3.2.3 to fix accidental mutated path arguments to \u003ccode\u003egetCacheVersion\u003c/code\u003e \u003ca href\u003d\"https://redirect.github.com/actions/toolkit/pull/1378\"\u003eactions/toolkit#1378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional audit fixes of npm package(s)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/cache/commit/1bd1e32a3bdc45362d1e726936510720a7c30a57\"\u003e\u003ccode\u003e1bd1e32\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/actions/cache/issues/1509\"\u003e#1509\u003c/a\u003e from actions/Link-/cache-4.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/cache/commit/882d7ced4c9b8af53ed67bfa36ee600195e62940\"\u003e\u003ccode\u003e882d7ce\u003c/code\u003e\u003c/a\u003e Add 3.4.0 release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/cache/commit/f2695d7a42dd0d7ad21976ed7ab91dbdbc3c2216\"\u003e\u003ccode\u003ef2695d7\u003c/code\u003e\u003c/a\u003e Rerun CI\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/cache/commit/f46ceeb60d3da27b7cbac269520a4b1bfb15f199\"\u003e\u003ccode\u003ef46ceeb\u003c/code\u003e\u003c/a\u003e Add licensed output\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/cache/commit/e6f5858749f178cf4a01b0d777917ba913710560\"\u003e\u003ccode\u003ee6f5858\u003c/code\u003e\u003c/a\u003e Add lodash to list of reviewed licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/cache/commit/4ae6f21c0d820c73db2589af6983e001d8c19c1d\"\u003e\u003ccode\u003e4ae6f21\u003c/code\u003e\u003c/a\u003e Add reviewed licensed packages\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/cache/commit/c16df86586baf94b0deaa873e22eb739c59e5b15\"\u003e\u003ccode\u003ec16df86\u003c/code\u003e\u003c/a\u003e Add licensed output\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/cache/commit/b109c12f3bdd6fb6a7dd42b202df645243efbd2f\"\u003e\u003ccode\u003eb109c12\u003c/code\u003e\u003c/a\u003e Upgrade \u003ccode\u003e@​actions/core\u003c/code\u003e to 1.11.1 and other deps\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/cache/commit/b7d227d702af06e6be1fa308c014252c10bbc267\"\u003e\u003ccode\u003eb7d227d\u003c/code\u003e\u003c/a\u003e Upgrade \u003ccode\u003e@​vercel/ncc\u003c/code\u003e to 0.38.3\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/cache/commit/faf639248d95d2a6c5884b8e6588e233eb3b10a0\"\u003e\u003ccode\u003efaf6392\u003c/code\u003e\u003c/a\u003e Update RELEASES.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href\u003d\"https://github.com/actions/cache/compare/6849a6489940f00c2f30c0fb92c6274307ccb58a...1bd1e32a3bdc45362d1e726936510720a7c30a57\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4.4.3 to 4.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact\u0027s releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.5.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: deprecated \u003ccode\u003eNode.js\u003c/code\u003e version in action by \u003ca href\u003d\"https://github.com/hamirmahal\"\u003e\u003ccode\u003e@​hamirmahal\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/578\"\u003eactions/upload-artifact#578\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd new \u003ccode\u003eartifact-digest\u003c/code\u003e output by \u003ca href\u003d\"https://github.com/bdehamer\"\u003e\u003ccode\u003e@​bdehamer\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/656\"\u003eactions/upload-artifact#656\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/hamirmahal\"\u003e\u003ccode\u003e@​hamirmahal\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/578\"\u003eactions/upload-artifact#578\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bdehamer\"\u003e\u003ccode\u003e@​bdehamer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/656\"\u003eactions/upload-artifact#656\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href\u003d\"https://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/6f51ac03b9356f520e9adb1b1b7802705f340c2b\"\u003e\u003ccode\u003e6f51ac0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/issues/656\"\u003e#656\u003c/a\u003e from bdehamer/bdehamer/artifact-digest\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/c40c16d999899d3642ba1597014ba7ef8ff611e7\"\u003e\u003ccode\u003ec40c16d\u003c/code\u003e\u003c/a\u003e add new artifact-digest output\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/735efb4a0a50bb1a533b000483f2d0a23effbd26\"\u003e\u003ccode\u003e735efb4\u003c/code\u003e\u003c/a\u003e bump \u003ccode\u003e@​actions/artifact\u003c/code\u003e from 2.1.11 to 2.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/184d73b71b93c222403b2e7f1ffebe4508014249\"\u003e\u003ccode\u003e184d73b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/issues/578\"\u003e#578\u003c/a\u003e from hamirmahal/fix/deprecated-nodejs-usage-in-action\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/b4a0a984a056f94abb1db07895e844b9422e1e41\"\u003e\u003ccode\u003eb4a0a98\u003c/code\u003e\u003c/a\u003e Merge branch \u0027main\u0027 into fix/deprecated-nodejs-usage-in-action\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href\u003d\"https://github.com/actions/upload-artifact/compare/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882...6f51ac03b9356f520e9adb1b1b7802705f340c2b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.27.5 to 3.28.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action\u0027s releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.28.0\u003c/h2\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href\u003d\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003cp\u003eNote that the only difference between \u003ccode\u003ev2\u003c/code\u003e and \u003ccode\u003ev3\u003c/code\u003e of the CodeQL Action is the node version they support, with \u003ccode\u003ev3\u003c/code\u003e running on node 20 while we continue to release \u003ccode\u003ev2\u003c/code\u003e to support running on node 16. For example \u003ccode\u003e3.22.11\u003c/code\u003e was the first \u003ccode\u003ev3\u003c/code\u003e release and is functionally identical to \u003ccode\u003e2.22.11\u003c/code\u003e. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.\u003c/p\u003e\n\u003ch2\u003e3.28.0 - 20 Dec 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minimum CodeQL bundle version to 2.15.5. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2655\"\u003e#2655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon\u0027t fail in the unusual case that a file is on the search path. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2660\"\u003e#2660\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee the full \u003ca href\u003d\"https://github.com/github/codeql-action/blob/v3.28.0/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for more information.\u003c/p\u003e\n\u003ch2\u003ev3.27.9\u003c/h2\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href\u003d\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003cp\u003eNote that the only difference between \u003ccode\u003ev2\u003c/code\u003e and \u003ccode\u003ev3\u003c/code\u003e of the CodeQL Action is the node version they support, with \u003ccode\u003ev3\u003c/code\u003e running on node 20 while we continue to release \u003ccode\u003ev2\u003c/code\u003e to support running on node 16. For example \u003ccode\u003e3.22.11\u003c/code\u003e was the first \u003ccode\u003ev3\u003c/code\u003e release and is functionally identical to \u003ccode\u003e2.22.11\u003c/code\u003e. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.\u003c/p\u003e\n\u003ch2\u003e3.27.9 - 12 Dec 2024\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003cp\u003eSee the full \u003ca href\u003d\"https://github.com/github/codeql-action/blob/v3.27.9/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for more information.\u003c/p\u003e\n\u003ch2\u003ev3.27.7\u003c/h2\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href\u003d\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003cp\u003eNote that the only difference between \u003ccode\u003ev2\u003c/code\u003e and \u003ccode\u003ev3\u003c/code\u003e of the CodeQL Action is the node version they support, with \u003ccode\u003ev3\u003c/code\u003e running on node 20 while we continue to release \u003ccode\u003ev2\u003c/code\u003e to support running on node 16. For example \u003ccode\u003e3.22.11\u003c/code\u003e was the first \u003ccode\u003ev3\u003c/code\u003e release and is functionally identical to \u003ccode\u003e2.22.11\u003c/code\u003e. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.\u003c/p\u003e\n\u003ch2\u003e3.27.7 - 10 Dec 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe are rolling out a change in December 2024 that will extract the CodeQL bundle directly to the toolcache to improve performance. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2631\"\u003e#2631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.20.0. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2636\"\u003e#2636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSee the full \u003ca href\u003d\"https://github.com/github/codeql-action/blob/v3.27.7/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for more information.\u003c/p\u003e\n\u003ch2\u003ev3.27.6\u003c/h2\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href\u003d\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003cp\u003eNote that the only difference between \u003ccode\u003ev2\u003c/code\u003e and \u003ccode\u003ev3\u003c/code\u003e of the CodeQL Action is the node version they support, with \u003ccode\u003ev3\u003c/code\u003e running on node 20 while we continue to release \u003ccode\u003ev2\u003c/code\u003e to support running on node 16. For example \u003ccode\u003e3.22.11\u003c/code\u003e was the first \u003ccode\u003ev3\u003c/code\u003e release and is functionally identical to \u003ccode\u003e2.22.11\u003c/code\u003e. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.\u003c/p\u003e\n\u003ch2\u003e3.27.6 - 03 Dec 2024\u003c/h2\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action\u0027s changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href\u003d\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003cp\u003eNote that the only difference between \u003ccode\u003ev2\u003c/code\u003e and \u003ccode\u003ev3\u003c/code\u003e of the CodeQL Action is the node version they support, with \u003ccode\u003ev3\u003c/code\u003e running on node 20 while we continue to release \u003ccode\u003ev2\u003c/code\u003e to support running on node 16. For example \u003ccode\u003e3.22.11\u003c/code\u003e was the first \u003ccode\u003ev3\u003c/code\u003e release and is functionally identical to \u003ccode\u003e2.22.11\u003c/code\u003e. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e3.28.0 - 20 Dec 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minimum CodeQL bundle version to 2.15.5. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2655\"\u003e#2655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon\u0027t fail in the unusual case that a file is on the search path. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2660\"\u003e#2660\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.27.9 - 12 Dec 2024\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e3.27.8 - 12 Dec 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where streaming the download and extraction of the CodeQL bundle did not respect proxy settings. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2624\"\u003e#2624\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.27.7 - 10 Dec 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe are rolling out a change in December 2024 that will extract the CodeQL bundle directly to the toolcache to improve performance. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2631\"\u003e#2631\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.20.0. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2636\"\u003e#2636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.27.6 - 03 Dec 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.19.4. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2626\"\u003e#2626\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.27.5 - 19 Nov 2024\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e3.27.4 - 14 Nov 2024\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e3.27.3 - 12 Nov 2024\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e3.27.2 - 12 Nov 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where setting up the CodeQL tools would sometimes fail with the message \u0026quot;Invalid value \u0027undefined\u0027 for header \u0027authorization\u0027\u0026quot;. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2590\"\u003e#2590\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.27.1 - 08 Nov 2024\u003c/h2\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/48ab28a6f5dbc2a99bf1e0131198dd8f1df78169\"\u003e\u003ccode\u003e48ab28a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/2662\"\u003e#2662\u003c/a\u003e from github/update-v3.28.0-d01b25e64\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/4946b765dee77596c258fee1bc1f8c5a86cb45a2\"\u003e\u003ccode\u003e4946b76\u003c/code\u003e\u003c/a\u003e Update changelog for v3.28.0\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/d01b25e645295d11d0fbb084a8c5e7546b1e508b\"\u003e\u003ccode\u003ed01b25e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/2660\"\u003e#2660\u003c/a\u003e from github/henrymercer/fix-error-file-on-path\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/7d6d36ce5f3654bed1de7eb8600c22e3a12910a4\"\u003e\u003ccode\u003e7d6d36c\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/b58f4471c8015d1581e4112c33316a6b04ace55f\"\u003e\u003ccode\u003eb58f447\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003e@actions/io\u003c/code\u003e to locate binaries\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/64cc90bcd4b0a6919309f7882f920e60de2aef1c\"\u003e\u003ccode\u003e64cc90b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/2653\"\u003e#2653\u003c/a\u003e from github/dependabot/npm_and_yarn/npm-61c837125e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/d8f8eca6c5448bea9fbfb5a16bcdc9ecc5c4305d\"\u003e\u003ccode\u003ed8f8eca\u003c/code\u003e\u003c/a\u003e Merge branch \u0027main\u0027 into dependabot/npm_and_yarn/npm-61c837125e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/562042d742d834fa44c4fd29c197a62d76568c60\"\u003e\u003ccode\u003e562042d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/2655\"\u003e#2655\u003c/a\u003e from github/aeisenberg/deprecate-2.14\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/beed6ff2e94aa8b13c7e8c50b7cb642f82855e37\"\u003e\u003ccode\u003ebeed6ff\u003c/code\u003e\u003c/a\u003e Change codeql version used in test\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/5f0a4d3e67a0f3cb983e0e664a6408ccf8866999\"\u003e\u003ccode\u003e5f0a4d3\u003c/code\u003e\u003c/a\u003e Bump the minimum supported version of CodeQL to 2.15.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href\u003d\"https://github.com/github/codeql-action/compare/f09c1c0a94de965c15400f5634aa42fac8fb8f88...48ab28a6f5dbc2a99bf1e0131198dd8f1df78169\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency\u0027s major version (unless you unignore this specific dependency\u0027s major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency\u0027s minor version (unless you unignore this specific dependency\u0027s minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\u003c/details\u003e", "tree_diff": [ { "type": "modify", "old_id": "8cda374ed343058b3d8497a260531f7c013aeb00", "old_mode": 33188, "old_path": ".github/workflows/dart.yml", "new_id": "e36e555bdc38a74a97058fbff80fc21914ac090c", "new_mode": 33188, "new_path": ".github/workflows/dart.yml" }, { "type": "modify", "old_id": "3c5c10a2b7af8ad0fbcd5af0c59dca81170fad49", "old_mode": 33188, "old_path": ".github/workflows/scorecards-analysis.yml", "new_id": "688cc34244d00a06ccaf89f7c9392525409c035e", "new_mode": 33188, "new_path": ".github/workflows/scorecards-analysis.yml" } ] }