From 7e3f1cecaa76b2ba5eb6df96fd4a7dd5ee4ba591 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 28 Feb 2023 10:13:49 +0000 Subject: [PATCH] Bump github/codeql-action from 2.2.4 to 2.2.5 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 2.2.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...32dc499307d133bb5085bae78498c0ac2cf762d5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/analyze.yml | 8 ++++---- CHANGELOG.md | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/analyze.yml b/.github/workflows/analyze.yml index 84fa539..07c4c21 100644 --- a/.github/workflows/analyze.yml +++ b/.github/workflows/analyze.yml @@ -63,16 +63,16 @@ jobs: fetch-depth: 2 - name: Initialize CodeQL - uses: github/codeql-action/init@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/init@32dc499307d133bb5085bae78498c0ac2cf762d5 # v2.2.5 with: languages: 'java' queries: 'security-and-quality' - name: Autobuild - uses: github/codeql-action/autobuild@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/autobuild@32dc499307d133bb5085bae78498c0ac2cf762d5 # v2.2.5 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/analyze@32dc499307d133bb5085bae78498c0ac2cf762d5 # v2.2.5 # See https://www.jetbrains.com/help/qodana/github.html#Usage codana: @@ -92,6 +92,6 @@ jobs: QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }} - name: Upload result - uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/upload-sarif@32dc499307d133bb5085bae78498c0ac2cf762d5 # v2.2.5 with: sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json diff --git a/CHANGELOG.md b/CHANGELOG.md index 1a83e3d..c8099cc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,7 +18,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - Comment GitHub actions with version (#287). - Bump actions/cache from 3.2.2 to 3.2.6 (#284, #294, #301, #305). - Bump actions/setup-java from 3.9.0 to 3.10.0 (#299). -- Bump github/codeql-action from 2.1.37 to 2.2.4 (#286, #290, #291, #295, #300, #302) +- Bump github/codeql-action from 2.1.37 to 2.2.5 (#286, #290, #291, #295, #300, #302, #307) - Bump cyclonedx-maven-plugin from 2.7.4 to 2.7.5 (#304) - Bump strata-basics from 2.12.17 to 2.12.20 (#285, #288, #289) - Bump parent from 3.0.0 to 3.0.1 (#306).