From c363dc3e4d19703466c0ff5ce6ebf1fbe5ba0869 Mon Sep 17 00:00:00 2001 From: Niels Lohmann Date: Fri, 3 Jul 2026 08:04:41 +0200 Subject: [PATCH] Bump codeql-action to v4.36.3 and group future updates (#5230) Bumps init/analyze/autobuild together (previously split across #5226, #5227, #5228, which each failed CI due to a version mismatch between the CodeQL config and the running action). Also adds a dependabot group so future codeql-action bumps land in a single PR. Signed-off-by: Niels Lohmann --- .github/dependabot.yml | 4 ++++ .github/workflows/codeql-analysis.yml | 6 +++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index d517ed984..4e80b8873 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,6 +4,10 @@ updates: directory: / schedule: interval: daily + groups: + codeql-action: + patterns: + - "github/codeql-action/*" - package-ecosystem: pip directory: /docs/mkdocs diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 436b6a47f..d8b973824 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,14 +38,14 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: languages: c-cpp # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/autobuild@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 + uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3