chore(deps): update github/codeql-action action to v2.28.1

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
github/codeql-action	action	minor	v2.1.31 -> v2.28.1
github/codeql-action	action	minor	v2.11.2 -> v2.28.1

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

github/codeql-action (github/codeql-action)

v2.28.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

This is the last planned release of the v2. To continue getting updates for the CodeQL Action, please switch to v3.

2.28.1 - 10 Jan 2025

• CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #​2677
• Update default CodeQL bundle version to 2.20.1. #​2678

See the full CHANGELOG.md for more information.

v2.28.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

This is the last planned release of the v2. To continue getting updates for the CodeQL Action, please switch to v3.

2.28.0 - 20 Dec 2024

• Bump the minimum CodeQL bundle version to 2.15.5. #​2655
• Don't fail in the unusual case that a file is on the search path. #​2660.

See the full CHANGELOG.md for more information.

v2.27.9

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.9 - 12 Dec 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v2.27.8

Compare Source

v2.27.7

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.7 - 10 Dec 2024

• We are rolling out a change in December 2024 that will extract the CodeQL bundle directly to the toolcache to improve performance. #​2631
• Update default CodeQL bundle version to 2.20.0. #​2636

See the full CHANGELOG.md for more information.

v2.27.6

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.6 - 03 Dec 2024

• Update default CodeQL bundle version to 2.19.4. #​2626

See the full CHANGELOG.md for more information.

v2.27.5

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.5 - 19 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v2.27.4

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.4 - 14 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v2.27.3

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.3 - 12 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v2.27.2

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.2 - 12 Nov 2024

• Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". #​2590

See the full CHANGELOG.md for more information.

v2.27.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.1 - 08 Nov 2024

• The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. #​2573
• Update default CodeQL bundle version to 2.19.3. #​2576

See the full CHANGELOG.md for more information.

v2.27.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.0 - 22 Oct 2024

• Bump the minimum CodeQL bundle version to 2.14.6. #​2549
• Fix an issue where the upload-sarif Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the upload-sarif Action. #​2557
• Update default CodeQL bundle version to 2.19.2. #​2552

See the full CHANGELOG.md for more information.

v2.26.13

Compare Source

v2.26.12

Compare Source

v2.26.11

Compare Source

v2.26.10

Compare Source

v2.26.9

Compare Source

v2.26.8

Compare Source

v2.26.7

Compare Source

v2.26.6

Compare Source

v2.26.5

Compare Source

v2.26.4

Compare Source

v2.26.3

Compare Source

v2.26.2

Compare Source

v2.26.1

Compare Source

v2.26.0

Compare Source

v2.25.15

Compare Source

v2.25.14

Compare Source

v2.25.13

Compare Source

v2.25.12

Compare Source

v2.25.11

Compare Source

v2.25.10

Compare Source

v2.25.9

Compare Source

v2.25.8

Compare Source

v2.25.7

Compare Source

v2.25.6

Compare Source

v2.25.5

Compare Source

v2.25.4

Compare Source

v2.25.3

Compare Source

v2.25.2

Compare Source

v2.25.1

Compare Source

v2.25.0

Compare Source

v2.24.11

Compare Source

v2.24.10

Compare Source

v2.24.9

Compare Source

v2.24.8

Compare Source

v2.24.7

Compare Source

v2.24.6

Compare Source

v2.24.5

Compare Source

v2.24.4

Compare Source

v2.24.3

Compare Source

v2.24.2

Compare Source

v2.24.1

Compare Source

v2.24.0

Compare Source

v2.23.2

Compare Source

v2.23.1

Compare Source

v2.23.0

Compare Source

v2.22.12

Compare Source

v2.22.11

Compare Source

v2.22.10

Compare Source

v2.22.9

Compare Source

v2.22.8

Compare Source

v2.22.7

Compare Source

v2.22.6

Compare Source

v2.22.5

Compare Source

v2.22.4

Compare Source

v2.22.3

Compare Source

v2.22.2

Compare Source

v2.22.1

Compare Source

v2.22.0

Compare Source

v2.21.9

Compare Source

v2.21.8

Compare Source

v2.21.7

Compare Source

v2.21.6

Compare Source

v2.21.5

Compare Source

v2.21.4

Compare Source

v2.21.3

Compare Source

v2.21.2

Compare Source

v2.21.1

Compare Source

v2.21.0

Compare Source

v2.20.4

Compare Source

v2.20.3

Compare Source

v2.20.2

Compare Source

v2.20.1

Compare Source

v2.20.0

Compare Source

v2.13.4

Compare Source

v2.3.6

Compare Source

v2.3.5

Compare Source

v2.3.4

Compare Source

v2.3.3

Compare Source

v2.3.2

Compare Source

v2.3.1

Compare Source

v2.3.0

Compare Source

v2.2.12

Compare Source

v2.2.11

Compare Source

v2.2.10

Compare Source

v2.2.9

Compare Source

v2.2.8

Compare Source

v2.2.7

Compare Source

v2.2.6

Compare Source

v2.2.5

Compare Source

v2.2.4

Compare Source

v2.2.3

Compare Source

v2.2.2

Compare Source

v2.2.1

Compare Source

v2.2.0

Compare Source

v2.1.39

Compare Source

v2.1.38

Compare Source

v2.1.37

Compare Source

CodeQL Action Changelog

2.1.37 - 14 Dec 2022

• Update default CodeQL bundle version to 2.11.6. #​1433

See the full CHANGELOG.md for more information.

v2.1.36

Compare Source

CodeQL Action Changelog

2.1.36 - 08 Dec 2022

• Update default CodeQL bundle version to 2.11.5. #​1412
• Add a step that tries to upload a SARIF file for the workflow run when that workflow run fails. This will help better surface failed code scanning workflow runs. #​1393
• Python automatic dependency installation will no longer consider dependecy code installed in venv as user-written, for projects using Poetry that specify virtualenvs.in-project = true in their poetry.toml. #​1419.

See the full CHANGELOG.md for more information.

v2.1.35

Compare Source

CodeQL Action Changelog

2.1.35 - 01 Dec 2022

No user facing changes.

See the full CHANGELOG.md for more information.

v2.1.34

Compare Source

CodeQL Action Changelog

2.1.34 - 25 Nov 2022

• Update default CodeQL bundle version to 2.11.4. #​1391
• Fixed a bug where some the init action and the analyze action would have different sets of experimental feature flags enabled. #​1384

See the full CHANGELOG.md for more information.

v2.1.33

Compare Source

CodeQL Action Changelog

2.1.33 - 16 Nov 2022

• Go is now analyzed in the same way as other compiled languages such as C/C++, C#, and Java. This completes the rollout of the feature described in CodeQL Action version 2.1.27. #​1322
• Bump the minimum CodeQL bundle version to 2.6.3. #​1358

See the full CHANGELOG.md for more information.

v2.1.32

Compare Source

CodeQL Action Changelog

2.1.32 - 14 Nov 2022

• Update default CodeQL bundle version to 2.11.3. #​1348
• Update the ML-powered additional query pack for JavaScript to version 0.4.0. #​1351

See the full CHANGELOG.md for more information.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

It has been open 120 days with no activity. Remove stale label or comment or this will be closed in 5 days

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v2.28.1). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.