build(deps): bump /codeql-action from 3.26.11 to 3.26.12 by dependabot[bot] · Pull Request #1609 · codecov/codecov-action ·

Bumps /codeql-action from 3.26.11 to 3.26.12.

Changelog

Sourced from /codeql-action's changelog.

3.26.12 - 07 Oct 2024
Upcoming breaking change: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. #2520
If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace /codeql-action/*@v3 by /codeql-action/*@v3.26.11 and /codeql-action/*@v2 by /codeql-action/*@v2.26.11 in your code scanning workflow to ensure you continue using this version of the CodeQL Action.

Commits

c36620d Merge pull request #2529 from /update-v3.26.12-c9a70ff45
570aecb Update changelog for v3.26.12
c9a70ff Merge pull request #2526 from /henrymercer/check-zstd-on-path
d65a176 Rebuild
bf2e624 Update src/tar.ts
56d1975 Merge pull request #2489 from /redsun82/rust
7cf65a5 Merge pull request #2518 from /dependabot/npm_and_yarn/npm-88156698cd
8a56dd2 Update to @actions/core 1.11.1
1532671 Update default bundle to 2.19.1 (#2519)
64871a8 Merge branch 'main' into update-bundle/codeql-bundle-v2.19.1
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [/codeql-action](https://.com//codeql-action) from 3.26.11 to 3.26.12. - [Release notes](https://.com//codeql-action/releases) - [Changelog](https://.com//codeql-action/blob/main/CHANGELOG.md) - [Commits](/codeql-action@v3.26.11...v3.26.12) --- updated-dependencies: - dependency-name: /codeql-action dependency-type: direct:production update-type: version-update:semver- ... Signed-off-by: dependabot[bot] <[email protected]>

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 93.13%. Comparing base (1f30f8b) to head (b2be38b).
Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1609      +/-   ##
==========================================
+ Coverage   91.94%   93.13%   +1.19%     
==========================================
  Files           5        5              
  Lines         335      335              
  Branches       79       78       -1     
==========================================
+ Hits          308      312       +4     
+ Misses         27       23       -4

Flag	Coverage Δ
demo	`93.13% <ø> (+1.19%)`	⬆️
macos-latest	`93.13% <ø> (+1.19%)`	⬆️
script	`93.13% <ø> (+1.19%)`	⬆️
ubuntu-latest	`93.13% <ø> (+1.19%)`	⬆️
version	`93.13% <ø> (+1.19%)`	⬆️
windows-latest	`93.13% <ø> (+1.19%)`	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

sagemathgh-38990: ⬆️ Bump codecov/codecov-action from 4 to 5 Bumps [codecov/codecov-action](https://.com/codecov/codecov- action) from 4 to 5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://.com/codecov/codecov- action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>v5 Release</h2> <p><code>v5</code> of the Codecov Action will use the <a href="https://.com/codecov/wrapper">Codecov Wrapper</a> to encapsulate the <a href="https://.com/codecov/codecov- cli">CLI</a>. This will help ensure that the Action gets updates quicker.</p> <h3>Migration Guide</h3> <p>The <code>v5</code> release also coincides with the opt-out feature for tokens for public repositories. In the <code>Global Upload Token</code> section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see <a href="https://docs.codecov.com/docs/codecov- tokens#uploading-without-a-token">how to upload without a token</a>.</p> <blockquote> <p>[!WARNING]<br /> <strong>The following arguments have been changed</strong></p> <ul> <li><code>file</code> (this has been deprecated in favor of <code>files</code>)</li> <li><code>plugin</code> (this has been deprecated in favor of <code>plugins</code>)</li> </ul> </blockquote> <p>The following arguments have been added:</p> <ul> <li><code>binary</code></li> <li><code>gcov_args</code></li> <li><code>gcov_executable</code></li> <li><code>gcov_ignore</code></li> <li><code>gcov_include</code></li> <li><code>report_type</code></li> <li><code>skip_validation</code></li> <li><code>swift_project</code></li> </ul> <p>You can see their usage in the <code>action.yml</code> <a href="https://.com/codecov/codecov- action/blob/main/action.yml">file</a>.</p> <h2>What's Changed</h2> <ul> <li>chore(deps): bump to eslint9+ and remove eslint-config-google by <a href="https://.com/thomasrockhu-codecov"><code>@thomasrockhu- codecov</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1591">codecov/codecov-action#1591</a></li> <li>build(deps-dev): bump <code>@octokit/webhooks-types</code> from 7.5.1 to 7.6.1 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1595">codecov/codecov-action#1595</a></li> <li>build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1604">codecov/codecov-action#1604</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.8.0 to 8.8.1 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1601">codecov/codecov-action#1601</a></li> <li>build(deps): bump <code>@actions/core</code> from 1.11.0 to 1.11.1 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1597">codecov/codecov-action#1597</a></li> <li>build(deps): bump /codeql-action from 3.26.9 to 3.26.11 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1596">codecov/codecov-action#1596</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.8.0 to 8.8.1 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1600">codecov/codecov-action#1600</a></li> <li>build(deps-dev): bump eslint from 9.11.1 to 9.12.0 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1598">codecov/codecov-action#1598</a></li> <li>build(deps): bump /codeql-action from 3.26.11 to 3.26.12 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1609">codecov/codecov-action#1609</a></li> <li>build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1608">codecov/codecov-action#1608</a></li> <li>build(deps): bump actions/upload-artifact from 4.4.0 to 4.4.3 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1607">codecov/codecov-action#1607</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.8.1 to 8.9.0 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1612">codecov/codecov-action#1612</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.8.1 to 8.9.0 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1611">codecov/codecov-action#1611</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.9.0 to 8.10.0 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1615">codecov/codecov-action#1615</a></li> <li>build(deps-dev): bump eslint from 9.12.0 to 9.13.0 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1618">codecov/codecov-action#1618</a></li> <li>build(deps): bump /codeql-action from 3.26.12 to 3.26.13 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1617">codecov/codecov-action#1617</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.9.0 to 8.10.0 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1614">codecov/codecov-action#1614</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.10.0 to 8.11.0 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1620">codecov/codecov-action#1620</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.10.0 to 8.11.0 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1619">codecov/codecov-action#1619</a></li> <li>build(deps-dev): bump <code>@types/jest</code> from 29.5.13 to 29.5.14 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1622">codecov/codecov-action#1622</a></li> <li>build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1625">codecov/codecov-action#1625</a></li> <li>build(deps): bump /codeql-action from 3.26.13 to 3.27.0 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1624">codecov/codecov-action#1624</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.11.0 to 8.12.1 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1626">codecov/codecov-action#1626</a></li> <li>build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.12.1 to 8.12.2 by <a href="https://.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect..com/codecov/codecov- action/pull/1629">codecov/codecov-action#1629</a></li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://.com/codecov/codecov- action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p> <blockquote> <h2>4.0.0-beta.2</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect..com/codecov/codecov- action/issues/1085">sagemath#1085</a> not adding -n if empty to do-upload command</li> </ul> <h2>4.0.0-beta.1</h2> <p><code>v4</code> represents a move from the <a href="https://.com/codecov/uploader">universal uploader</a> to the <a href="https://.com/codecov/codecov-cli">Codecov CLI</a>. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.</p> <h3>Breaking Changes</h3> <ul> <li>No current support for <code>aarch64</code> and <code>alpine</code> architectures.</li> <li>Tokenless uploading is unsuported</li> <li>Various arguments to the Action have been removed</li> </ul> <h2>3.1.4</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect..com/codecov/codecov- action/issues/967">sagemath#967</a> Fix typo in README.md</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/971">sagemath#971</a> fix: add back in working dir</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/969">sagemath#969</a> fix: CLI option names for uploader</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect..com/codecov/codecov- action/issues/970">sagemath#970</a> build(deps-dev): bump <code>@types/node</code> from 18.15.12 to 18.16.3</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/979">sagemath#979</a> build(deps-dev): bump <code>@types/node</code> from 20.1.0 to 20.1.2</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/981">sagemath#981</a> build(deps-dev): bump <code>@types/node</code> from 20.1.2 to 20.1.4</li> </ul> <h2>3.1.3</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect..com/codecov/codecov- action/issues/960">sagemath#960</a> fix: allow for aarch64 build</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect..com/codecov/codecov- action/issues/957">sagemath#957</a> build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/958">sagemath#958</a> build(deps): bump openpgp from 5.7.0 to 5.8.0</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/959">sagemath#959</a> build(deps-dev): bump <code>@types/node</code> from 18.15.10 to 18.15.12</li> </ul> <h2>3.1.2</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect..com/codecov/codecov- action/issues/718">sagemath#718</a> Update README.md</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/851">sagemath#851</a> Remove unsupported path_to_write_report argument</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/898">sagemath#898</a> codeql-analysis.yml</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/901">sagemath#901</a> Update README to contain correct information - inputs and negate feature</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/955">sagemath#955</a> fix: add in all the extra arguments for uploader</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect..com/codecov/codecov- action/issues/819">sagemath#819</a> build(deps): bump openpgp from 5.4.0 to 5.5.0</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/835">sagemath#835</a> build(deps): bump node-fetch from 3.2.4 to 3.2.10</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/840">sagemath#840</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/841">sagemath#841</a> build(deps): bump <code>@actions/core</code> from 1.9.1 to 1.10.0</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/843">sagemath#843</a> build(deps): bump <code>@actions/</code> from 5.0.3 to 5.1.1</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/869">sagemath#869</a> build(deps): bump node-fetch from 3.2.10 to 3.3.0</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/872">sagemath#872</a> build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li> <li><a href="https://redirect..com/codecov/codecov- action/issues/879">sagemath#879</a> build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="codecov/codecov-action@5c47607acb 93fed5485fdbf7232e8a31425f672a"><code>5c47607</code></a> fix: override commit and pr values for PR cases (<a href="https://redirect..com/codecov/codecov- action/issues/1657">sagemath#1657</a>)</li> <li><a href="codecov/codecov-action@3b1354a6c4 5db9f1008891f4eafc1a7e94ce1d18"><code>3b1354a</code></a> chore(release): 5.0.1 (<a href="https://redirect..com/codecov/codecov- action/issues/1656">sagemath#1656</a>)</li> <li><a href="codecov/codecov-action@2e2a9c6d58 62d22e0f8cfb59d46bc47bf8eb1fe0"><code>2e2a9c6</code></a> fix: update tokenless branch logic (<a href="https://redirect..com/codecov/codecov- action/issues/1650">sagemath#1650</a>)</li> <li><a href="codecov/codecov-action@cfc521b7a1 dcdbcf0ecf149c162c19ff9bd9568c"><code>cfc521b</code></a> Update README.md</li> <li><a href="codecov/codecov-action@06425412c8 015bc1ab2385b41c7ea204f77b91bf"><code>0642541</code></a> fix: use marketplace v5 badge (<a href="https://redirect..com/codecov/codecov- action/issues/1646">sagemath#1646</a>)</li> <li><a href="codecov/codecov-action@968872560f 81e7bdde9272853e65f2507c0eca7c"><code>9688725</code></a> Update README.md</li> <li><a href="codecov/codecov-action@2112eaec1b edbdabc7e93d5312449d0d62b07c60"><code>2112eae</code></a> chore(deps): bump wrapper to 0.0.23 (<a href="https://redirect..com/codecov/codecov- action/issues/1644">sagemath#1644</a>)</li> <li><a href="codecov/codecov-action@193421c5b3 d1aca4209c9754f224ca0d85729414"><code>193421c</code></a> fixL use the correct source (<a href="https://redirect..com/codecov/codecov- action/issues/1642">sagemath#1642</a>)</li> <li><a href="codecov/codecov-action@6018df70b0 5b191502ce08196e76e30ea3578615"><code>6018df7</code></a> fix: update container builds (<a href="https://redirect..com/codecov/codecov- action/issues/1640">sagemath#1640</a>)</li> <li><a href="codecov/codecov-action@eff1a643d6 887ee5935d4ca343e9076dc377d416"><code>eff1a64</code></a> fix: add missing vars (<a href="https://redirect..com/codecov/codecov- action/issues/1638">sagemath#1638</a>)</li> <li>Additional commits viewable in <a href="https://.com/codecov/codecov-action/compare/v4...v5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot- badges.app.com/badges/compatibility_score?dependency- name=codecov/codecov-action&package-manager=_actions&previous- version=4&new-version=5)](https://docs..com/en//managing- security-vulnerabilities/about-dependabot-security-updates#about- compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> URL: sagemath#38990 Reported by: dependabot[bot] Reviewer(s): Kwankyu Lee

dependabot bot added dependenciesPull requests that update a dependency file_actionsPull requests that update Actions codelabels Oct 14, 2024

thomasrockhu-codecov approved these changes Oct 14, 2024
View reviewed changes

thomasrockhu-codecov merged commit 5807af2 into main Oct 14, 2024
15 checks passed

thomasrockhu-codecov deleted the dependabot/_actions//codeql-action-3.26.12 branch October 14, 2024 16:46

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Conversation

3.26.12 - 07 Oct 2024

Uh oh!

Codecov Report

Uh oh!

Uh oh!

Uh oh!