chore(deps): update github/codeql-action action to v4.32.2#444
chore(deps): update github/codeql-action action to v4.32.2#444renovate[bot] merged 1 commit intomainfrom
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
WalkthroughThis PR updates the CodeQL GitHub Action dependency from version v4.32.1 to v4.32.2 across multiple workflow files. The update affects security analysis and scanning workflows, specifically the CodeQL initialization and analysis steps, as well as the Trivy security scan results upload step. The commit SHA references are updated from Changes
Sequence DiagramThis diagram shows the interactions between components: sequenceDiagram
participant Workflow as GitHub Workflow
participant PNPM as Package Manager
participant CodeQLInit as CodeQL Init Action v4.32.2
participant CodeQLAnalyze as CodeQL Analyze Action v4.32.2
Note over Workflow,CodeQLAnalyze: CodeQL Security Scanning Pipeline
Workflow->>PNPM: pnpm install --frozen-lockfile
activate PNPM
PNPM-->>Workflow: Dependencies installed
deactivate PNPM
Workflow->>CodeQLInit: Initialize CodeQL
activate CodeQLInit
Note right of CodeQLInit: Configuration:<br/>- languages: matrix.language<br/>- build-mode: matrix.build-mode
CodeQLInit-->>Workflow: CodeQL initialized
deactivate CodeQLInit
Note over Workflow: Build/compile steps occur<br/>(excluding test files)
Workflow->>CodeQLAnalyze: Perform CodeQL Analysis
activate CodeQLAnalyze
Note right of CodeQLAnalyze: Configuration:<br/>- category: /language:matrix.language<br/>- add-snippets: true
CodeQLAnalyze-->>Workflow: Analysis complete
deactivate CodeQLAnalyze
Note over Workflow,CodeQLAnalyze: Version Update: v4.32.1 → v4.32.2
🔗 Cross-Repository Impact AnalysisEnable automatic detection of breaking changes across your dependent repositories. → Set up now Learn more about Cross-Repository AnalysisWhat It Does
How to Enable
Benefits
Note for WindsurfPlease change the default marketplace provider to the following in the windsurf settings:Marketplace Extension Gallery Service URL: https://marketplace.visualstudio.com/_apis/public/gallery Marketplace Gallery Item URL: https://marketplace.visualstudio.com/items Entelligence.ai can learn from your feedback. Simply add 👍 / 👎 emojis to teach it your preferences. More shortcuts belowEmoji Descriptions:
Interact with the Bot:
Also you can trigger various commands with the bot by doing The current supported commands are
More commands to be added soon. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #444 +/- ##
=======================================
Coverage 92.41% 92.41%
=======================================
Files 15 15
Lines 725 725
=======================================
Hits 670 670
Misses 46 46
Partials 9 9
Flags with carried forward coverage won't be shown. Click here to find out more. Continue to review full report in Codecov by Sentry.
🚀 New features to boost your workflow:
|
|
Released in v1.2.0 |
This PR contains the following updates:
v4.32.1→v4.32.2Release Notes
github/codeql-action (github/codeql-action)
v4.32.2Compare Source
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.