Skip to content

deps: Update dependencies for github #484

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

deps: Update dependencies for github #484

wants to merge 1 commit into from

Conversation

@renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Aug 18, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
github/codeql-action action minor v3.29.9 -> v3.31.3
google-github-actions/auth action patch v2.1.12 -> v2.1.13
google-github-actions/get-secretmanager-secrets action patch v2.2.4 -> v2.2.5
ossf/scorecard-action action patch v2.4.2 -> v2.4.3

Release Notes

github/codeql-action (github/codeql-action)

v3.31.3

Compare Source

v3.31.2

Compare Source

v3.31.1

Compare Source

v3.31.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.31.0 - 24 Oct 2025
  • Bump minimum CodeQL bundle version to 2.17.6. #​3223
  • When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #​3222

See the full CHANGELOG.md for more information.

v3.30.9

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.9 - 17 Oct 2025
  • Update default CodeQL bundle version to 2.23.3. #​3205
  • Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #​3204

See the full CHANGELOG.md for more information.

v3.30.8

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.8 - 10 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.30.7

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.7 - 06 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.30.6

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.6 - 02 Oct 2025

  • Update default CodeQL bundle version to 2.23.2. #​3168

See the full CHANGELOG.md for more information.

v3.30.5

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.5 - 26 Sep 2025

  • We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #​3160

See the full CHANGELOG.md for more information.

v3.30.4

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.4 - 25 Sep 2025

  • We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #​3099 and #​3100
  • We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #​3107
  • You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #​3130
  • Update default CodeQL bundle version to 2.23.1. #​3118

See the full CHANGELOG.md for more information.

v3.30.3

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.3 - 10 Sep 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.30.2

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.2 - 09 Sep 2025

  • Fixed a bug which could cause language autodetection to fail. #​3084
  • Experimental: The quality-queries input that was added in 3.29.2 as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new analysis-kinds input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. #​3064

See the full CHANGELOG.md for more information.

v3.30.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.1 - 05 Sep 2025

  • Update default CodeQL bundle version to 2.23.0. #​3077

See the full CHANGELOG.md for more information.

v3.30.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.0 - 01 Sep 2025

  • Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. #​3054

See the full CHANGELOG.md for more information.

v3.29.11

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.11 - 21 Aug 2025

  • Update default CodeQL bundle version to 2.22.4. #​3044

See the full CHANGELOG.md for more information.

v3.29.10

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.10 - 18 Aug 2025

No user facing changes.

See the full CHANGELOG.md for more information.

google-github-actions/auth (google-github-actions/auth)

v2.1.13

Compare Source

What's Changed

Full Changelog: google-github-actions/auth@v2.1.12...v2.1.13

google-github-actions/get-secretmanager-secrets (google-github-actions/get-secretmanager-secrets)

v2.2.5

Compare Source

What's Changed

Full Changelog: google-github-actions/get-secretmanager-secrets@v2.2.4...v2.2.5

ossf/scorecard-action (ossf/scorecard-action)

v2.4.3

Compare Source

What's Changed

This update bumps the Scorecard version to the v5.3.0 release. For a complete list of changes, please refer to the Scorecard v5.3.0 release notes.

Documentation

Other

New Contributors

Full Changelog: ossf/scorecard-action@v2.4.2...v2.4.3

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate-bot renovate-bot requested a review from a team as a code owner August 18, 2025 12:26
@dpebot
Copy link

dpebot commented Aug 18, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from f48c9ca to 7b48ad2 Compare August 19, 2025 00:07
@dpebot
Copy link

dpebot commented Aug 19, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 7b48ad2 to 8e585f9 Compare August 19, 2025 07:41
@dpebot
Copy link

dpebot commented Aug 19, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 8e585f9 to 7756122 Compare August 19, 2025 23:10
@dpebot
Copy link

dpebot commented Aug 19, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 7756122 to 8f5a628 Compare August 20, 2025 19:15
@dpebot
Copy link

dpebot commented Aug 20, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 8f5a628 to 49b463f Compare August 21, 2025 11:01
@dpebot
Copy link

dpebot commented Aug 21, 2025

/gcbrun

@renovate-bot renovate-bot changed the title deps: Update github/codeql-action action to v3.29.10 deps: Update github/codeql-action action to v3.29.11 Aug 21, 2025
@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 49b463f to 175f787 Compare August 21, 2025 20:31
@dpebot
Copy link

dpebot commented Aug 21, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 175f787 to fd322a0 Compare August 22, 2025 03:46
@dpebot
Copy link

dpebot commented Aug 22, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from fd322a0 to 656f176 Compare August 22, 2025 19:02
@dpebot
Copy link

dpebot commented Aug 22, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 656f176 to 2edb5eb Compare August 23, 2025 03:07
@dpebot
Copy link

dpebot commented Aug 23, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 2edb5eb to fc34b6c Compare August 23, 2025 10:28
@dpebot
Copy link

dpebot commented Aug 23, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from fc34b6c to 561842b Compare August 23, 2025 19:41
@dpebot
Copy link

dpebot commented Aug 23, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 561842b to fc73558 Compare August 24, 2025 03:31
@dpebot
Copy link

dpebot commented Aug 24, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from fc73558 to fc33faf Compare August 24, 2025 10:49
@dpebot
Copy link

dpebot commented Aug 24, 2025

/gcbrun

@dpebot
Copy link

dpebot commented Oct 7, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 957cf73 to dbf9cdc Compare October 7, 2025 17:32
@dpebot
Copy link

dpebot commented Oct 7, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from dbf9cdc to 1dde482 Compare October 8, 2025 05:49
@dpebot
Copy link

dpebot commented Oct 8, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 1dde482 to 625f412 Compare October 8, 2025 19:52
@dpebot
Copy link

dpebot commented Oct 8, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 625f412 to 501eee9 Compare October 8, 2025 22:58
@dpebot
Copy link

dpebot commented Oct 8, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 501eee9 to 9525ffa Compare October 8, 2025 23:41
@dpebot
Copy link

dpebot commented Oct 8, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 9525ffa to e317dc4 Compare October 8, 2025 23:43
@dpebot
Copy link

dpebot commented Oct 8, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from e317dc4 to 7823561 Compare October 9, 2025 07:36
@dpebot
Copy link

dpebot commented Oct 9, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 7823561 to 1ed6a31 Compare October 9, 2025 17:19
@dpebot
Copy link

dpebot commented Oct 9, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 1ed6a31 to fe75ff2 Compare October 10, 2025 19:04
@dpebot
Copy link

dpebot commented Oct 10, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from fe75ff2 to f91af43 Compare October 18, 2025 02:28
@dpebot
Copy link

dpebot commented Oct 18, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from f91af43 to a9c32eb Compare October 24, 2025 21:30
@dpebot
Copy link

dpebot commented Oct 24, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from a9c32eb to a9c85b7 Compare November 5, 2025 01:25
@dpebot
Copy link

dpebot commented Nov 5, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from a9c85b7 to 6f0a420 Compare November 5, 2025 15:47
@dpebot
Copy link

dpebot commented Nov 5, 2025

/gcbrun

@renovate-bot renovate-bot force-pushed the renovate/dependencies-for-github branch from 6f0a420 to 6dd5e49 Compare November 14, 2025 03:34
@dpebot
Copy link

dpebot commented Nov 14, 2025

/gcbrun

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@hessjcg hessjcg

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@renovate-bot @dpebot @hessjcg