From aded4c4db6fd5a69623cdb4d4e0f20b4af7dd48f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Jul 2026 03:13:06 +0000 Subject: [PATCH 1/2] build(deps): bump github/codeql-action/init from 4.36.2 to 4.37.0 Bumps [github/codeql-action/init](https://github.com/github/codeql-action) from 4.36.2 to 4.37.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/8aad20d150bbac5944a9f9d289da16a4b0d87c1e...99df26d4f13ea111d4ec1a7dddef6063f76b97e9) --- updated-dependencies: - dependency-name: github/codeql-action/init dependency-version: 4.37.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4d4d6351..f0d9088b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -45,7 +45,7 @@ jobs: run: npm ci - name: Initialize CodeQL - uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v3.29.5 + uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v3.29.5 with: languages: ${{ matrix.language }} queries: +security-extended,security-and-quality From 0a3633921382da3f6ae2da13d4fcb328c8d2d52e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matou=C5=A1=20Dzivjak?= Date: Sat, 11 Jul 2026 14:18:38 +0200 Subject: [PATCH 2/2] chore: fix codeql setup --- .github/dependabot.yml | 5 +++++ .github/workflows/codeql.yml | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 0c69f7ad..4c5cafb2 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -33,3 +33,8 @@ updates: schedule: interval: "daily" open-pull-requests-limit: 3 + groups: + codeql-action: + patterns: + - "github/codeql-action" + - "github/codeql-action/*" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f0d9088b..bac6649c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -45,13 +45,13 @@ jobs: run: npm ci - name: Initialize CodeQL - uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v3.29.5 + uses: github/codeql-action/init@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.30.0 with: languages: ${{ matrix.language }} queries: +security-extended,security-and-quality ram: 4096 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v3.29.5 + uses: github/codeql-action/analyze@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.30.0 with: category: "/language:${{ matrix.language }}"