Skip to content

chore(deps): update github-actions #222

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update github-actions #222

wants to merge 1 commit into from

Conversation

@ffurrer2-renovate
Copy link
Contributor

This PR contains the following updates:

Package Type Update Change
anchore/scan-action action minor v7.0.2 -> v7.1.0
github/codeql-action action minor v4.30.9 -> v4.31.0

Release Notes

anchore/scan-action (anchore/scan-action)

v7.1.0

Compare Source

New in scan-action v7.1.0

github/codeql-action (github/codeql-action)

v4.31.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.0 - 24 Oct 2025
  • Bump minimum CodeQL bundle version to 2.17.6. #​3223
  • When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #​3222

See the full CHANGELOG.md for more information.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@ffurrer2-renovate ffurrer2-renovate bot added dependencies Pull requests that update a dependency file renovate Pull requests of Renovate labels Oct 26, 2025
@ffurrer2-renovate ffurrer2-renovate bot requested a review from ffurrer2 as a code owner October 26, 2025 08:42
@ffurrer2-renovate ffurrer2-renovate bot added dependencies Pull requests that update a dependency file renovate Pull requests of Renovate labels Oct 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ffurrer2 ffurrer2 Awaiting requested review from ffurrer2 ffurrer2 is a code owner

At least 0 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file renovate Pull requests of Renovate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant