Bump github/codeql-action from 2.22.1 to 2.22.2 (#5244)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.1 to 2.22.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/d90b8d79de6dc1f58e83a1499aa58d6c93dc28de"><code>d90b8d7</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1942">#1942</a> from github/update-v2.22.2-8a2cbabd4</li> <li><a href="https://github.com/github/codeql-action/commit/175f696a4dd23393f16d5dfca4cae4a9487ef92c"><code>175f696</code></a> Update changelog for v2.22.2</li> <li><a href="https://github.com/github/codeql-action/commit/8a2cbabd433f0fe945ad5d9de2a1ab3a5d6aa208"><code>8a2cbab</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1938">#1938</a> from github/update-bundle/codeql-bundle-v2.15.0</li> <li><a href="https://github.com/github/codeql-action/commit/a5cf70c3f1f86a4b3b3eb6af4ea9ceda0707dfef"><code>a5cf70c</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.15.0</li> <li><a href="https://github.com/github/codeql-action/commit/a67b1107956aadaa0412182caa97464e4a80625b"><code>a67b110</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1937">#1937</a> from github/henrymercer/new-analysis-summary-bump</li> <li><a href="https://github.com/github/codeql-action/commit/0eb279015c378dfdbe54ab699f7e2214661ba247"><code>0eb2790</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.15.0</li> <li><a href="https://github.com/github/codeql-action/commit/275f9949446f3229e41ad317a7dbe0b2214818f2"><code>275f994</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/d5d445b7afb6d905c7fff7b528903c88e1d560ca"><code>d5d445b</code></a> Update default bundle to codeql-bundle-v2.15.0</li> <li><a href="https://github.com/github/codeql-action/commit/2a7218bdef1b7a8d0944d9b6c1b0c0961a733ef9"><code>2a7218b</code></a> Bump CLI version for new analysis summaries to v2.15.0</li> <li><a href="https://github.com/github/codeql-action/commit/78bfd293013bf03240e1595bb7273da04cddfa75"><code>78bfd29</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1935">#1935</a> from github/henrymercer/ref-sha-input-reduce-ci-load</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/fdcae64e1484d349b3366718cdfef3d404390e85...d90b8d79de6dc1f58e83a1499aa58d6c93dc28de">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.22.1&new-version=2.22.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dart-lang · Oct 12, 2023 · 14786fd · 14786fd
1 parent 32ee95e
commit 14786fd
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -33,7 +33,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@fdcae64e1484d349b3366718cdfef3d404390e85
+        uses: github/codeql-action/init@d90b8d79de6dc1f58e83a1499aa58d6c93dc28de
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -44,7 +44,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@fdcae64e1484d349b3366718cdfef3d404390e85
+        uses: github/codeql-action/autobuild@d90b8d79de6dc1f58e83a1499aa58d6c93dc28de
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -58,4 +58,4 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@fdcae64e1484d349b3366718cdfef3d404390e85
+        uses: github/codeql-action/analyze@d90b8d79de6dc1f58e83a1499aa58d6c93dc28de
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
@@ -49,6 +49,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@fdcae64e1484d349b3366718cdfef3d404390e85
+        uses: github/codeql-action/upload-sarif@d90b8d79de6dc1f58e83a1499aa58d6c93dc28de
         with:
           sarif_file: results.sarif