chore(deps): bump github/codeql-action from 3.29.11 to 3.30.0 (#4741)

dependabot[bot] · web-flow · commit 1681deac99ef · 2025-09-03T22:07:25.000+02:00
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.11 to 3.30.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.30.0</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.30.0 - 01 Sep 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.30.0/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.30.0 - 01 Sep 2025</h2> <p>No user facing changes.</p> <h2>3.29.11 - 21 Aug 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.4. <a href="https://redirect.github.com/github/codeql-action/pull/3044">#3044</a></li> </ul> <h2>3.29.10 - 18 Aug 2025</h2> <p>No user facing changes.</p> <h2>3.29.9 - 12 Aug 2025</h2> <p>No user facing changes.</p> <h2>3.29.8 - 08 Aug 2025</h2> <ul> <li>Fix an issue where the Action would autodetect unsupported languages such as HTML. <a href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li> </ul> <h2>3.29.7 - 07 Aug 2025</h2> <p>This release rolls back 3.29.6 to address issues with language autodetection. It is identical to 3.29.5.</p> <h2>3.29.6 - 07 Aug 2025</h2> <ul> <li>The <code>cleanup-level</code> input to the <code>analyze</code> Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. <a href="https://redirect.github.com/github/codeql-action/pull/2999">#2999</a></li> <li>Update default CodeQL bundle version to 2.22.3. <a href="https://redirect.github.com/github/codeql-action/pull/3000">#3000</a></li> </ul> <h2>3.29.5 - 29 Jul 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.2. <a href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li> </ul> <h2>3.29.4 - 23 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.2 - 30 Jun 2025</h2>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d"><code>2d92b76</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3067">#3067</a> from github/update-v3.30.0-92eada825</li> <li><a href="https://github.com/github/codeql-action/commit/390daafd7d971cca449e6aa45656ac85ca1d29fd"><code>390daaf</code></a> Update changelog for v3.30.0</li> <li><a href="https://github.com/github/codeql-action/commit/92eada825a77b70d62c71adc29a0a9fe75c21bf5"><code>92eada8</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3033">#3033</a> from github/mbg/ci/rollback-release</li> <li><a href="https://github.com/github/codeql-action/commit/872a6a41e95ca66b6ce89dac89c1fbb97b171c89"><code>872a6a4</code></a> Add <code>pull-requests: write</code> permission</li> <li><a href="https://github.com/github/codeql-action/commit/9389ce0cc4cf11345ec3a2a7a61fc790feb44165"><code>9389ce0</code></a> Merge remote-tracking branch 'origin/main' into mbg/ci/rollback-release</li> <li><a href="https://github.com/github/codeql-action/commit/02ab253bd299d261d00cdf8a9bca38fea2697d50"><code>02ab253</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3054">#3054</a> from github/henrymercer/bundle</li> <li><a href="https://github.com/github/codeql-action/commit/b06d32585026d970f28d3f3604a67ddf4c314f9e"><code>b06d325</code></a> Add draft release URL to job summary</li> <li><a href="https://github.com/github/codeql-action/commit/43d629cdfd9a8e4ac201aeb0d9330b2eaf0f8699"><code>43d629c</code></a> Use <code>argparse</code> in <code>rollback_changelog.py</code></li> <li><a href="https://github.com/github/codeql-action/commit/8f01f5d4296c6c45c71748648c333daa34454bb2"><code>8f01f5d</code></a> Apply suggestions from code review</li> <li><a href="https://github.com/github/codeql-action/commit/3e493e72f755ad15a0ff97b25da2e232b3cb4f3f"><code>3e493e7</code></a> Remove <code>removeNPMAbsolutePaths</code></li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/3c3833e0f8c1c83d449a7478aa59c036a9165498...2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.29.11&new-version=3.30.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/actions.yml b/.github/workflows/actions.yml
@@ -51,7 +51,7 @@ jobs:
           path: results.sarif
 
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@3c3833e0f8c1c83d449a7478aa59c036a9165498 # v3.29.5
+        uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.29.5
         with:
           sarif_file: results.sarif
           category: actions-zizmor
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -39,12 +39,12 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@3c3833e0f8c1c83d449a7478aa59c036a9165498 # v3.29.5
+      uses: github/codeql-action/init@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.29.5
       with:
         languages: ${{ matrix.language }}
         build-mode: none
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@3c3833e0f8c1c83d449a7478aa59c036a9165498 # v3.29.5
+      uses: github/codeql-action/analyze@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.29.5
       with:
         category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml
@@ -48,6 +48,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@3c3833e0f8c1c83d449a7478aa59c036a9165498
+        uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d
         with:
           sarif_file: results.sarif
