Bumps github/codeql-action from 1 to 2.
Changelog
Sourced from github/codeql-action's changelog.
2.1.8 - 08 Apr 2022
- Update default CodeQL bundle version to 2.8.5. #1014
- Fix error where the init action would fail due to a GitHub API request that was taking too long to complete #1025
2.1.7 - 05 Apr 2022
- A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. #1018
2.1.6 - 30 Mar 2022
Commits
2c03704Allow the version of the ML-powered pack to depend on the CLI versiondd6b592Simplify ML-powered query status report definitiona90d8bfMerge pull request #1011 from github/henrymercer/ml-powered-queries-pr-checkdc0338eUse latest major version of actions/upload-artifact57096feAdd a PR check to validate that ML-powered queries are run correctlyb0ddf36Merge pull request #1012 from github/henrymercer/update-actions-major-versions1ea2f2dMerge branch 'main' into henrymercer/update-actions-major-versions9dcc141Merge pull request #1010 from github/henrymercer/stop-running-ml-powered-quer...ea751a9Update other Actions from v2 to v3a2949f4Update actions/checkout from v2 to v3- Additional commits viewable in compare view
Dependabot compatibility score
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h2>2.1.8 - 08 Apr 2022</h2>
<ul>
<li>Update default CodeQL bundle version to 2.8.5. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1014">#1014</a></li>
<li>Fix error where the init action would fail due to a GitHub API request that was taking too long to complete <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1025">#1025</a></li>
</ul>
<h2>2.1.7 - 05 Apr 2022</h2>
<ul>
<li>A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1018">#1018</a></li>
</ul>
<h2>2.1.6 - 30 Mar 2022</h2>
<ul>
<li>[v2+ only] The CodeQL Action now runs on Node.js v16. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1000">#1000</a></li>
<li>Update default CodeQL bundle version to 2.8.4. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/990">#990</a></li>
<li>Fix a bug where an invalid <code>commit_oid</code> was being sent to code scanning when a custom checkout path was being used. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/956">#956</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/github/codeql-action/commit/2c03704a6c1a830d08e4d9bec16d5e11341fdfbd"><code>2c03704</code></a> Allow the version of the ML-powered pack to depend on the CLI version</li>
<li><a href="https://github.com/github/codeql-action/commit/dd6b592e3e5e9cb8d577f77fcbac3e0a277834f4"><code>dd6b592</code></a> Simplify ML-powered query status report definition</li>
<li><a href="https://github.com/github/codeql-action/commit/a90d8bf7113ff4d559a93e924657f47182b7ff14"><code>a90d8bf</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/github/codeql-action/issues/1011">#1011</a> from github/henrymercer/ml-powered-queries-pr-check</li>
<li><a href="https://github.com/github/codeql-action/commit/dc0338e4932696fa7e12853666bd55126f578ec7"><code>dc0338e</code></a> Use latest major version of actions/upload-artifact</li>
<li><a href="https://github.com/github/codeql-action/commit/57096fe795dd4d80156b5aca370361a411c788ac"><code>57096fe</code></a> Add a PR check to validate that ML-powered queries are run correctly</li>
<li><a href="https://github.com/github/codeql-action/commit/b0ddf36abe59aeef1e1161800244ed201a198092"><code>b0ddf36</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/github/codeql-action/issues/1012">#1012</a> from github/henrymercer/update-actions-major-versions</li>
<li><a href="https://github.com/github/codeql-action/commit/1ea2f2d7f1d93eaf4eac2be602aac0c587fd74ec"><code>1ea2f2d</code></a> Merge branch 'main' into henrymercer/update-actions-major-versions</li>
<li><a href="https://github.com/github/codeql-action/commit/9dcc141f122e30f8d48b9927b17b081acd406b1d"><code>9dcc141</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/github/codeql-action/issues/1010">#1010</a> from github/henrymercer/stop-running-ml-powered-quer...</li>
<li><a href="https://github.com/github/codeql-action/commit/ea751a9fae12fc5267ceb93f51622421afc5e87b"><code>ea751a9</code></a> Update other Actions from v2 to v3</li>
<li><a href="https://github.com/github/codeql-action/commit/a2949f47b3d667fc2d35d39f10089aa60cbd7071"><code>a2949f4</code></a> Update actions/checkout from v2 to v3</li>
<li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/v1...v2">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>