[PR #200] [CLOSED] build(deps): Bump github/codeql-action from 3.28.13 to 3.28.14 #203

New issue

Closed

opened 2026-02-26 18:33:45 +03:00 by kerem · 0 comments

kerem commented

2026-02-26 18:33:45 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/decke/smtprelay/pull/200
Author: @dependabot[bot]
Created: 4/7/2025
Status: ❌ Closed

Base: master ← Head: dependabot/github_actions/github/codeql-action-3.28.14

📝 Commits (1)

f455eb1 build(deps): Bump github/codeql-action from 3.28.13 to 3.28.14

📊 Changes

2 files changed (+4 additions, -4 deletions)

View changed files

📝 .github/workflows/codeql-analysis.yml (+3 -3)
📝 .github/workflows/scorecards.yml (+1 -1)

📄 Description

Bumps github/codeql-action from 3.28.13 to 3.28.14.

Release notes

Sourced from github/codeql-action's releases.

v3.28.14

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

Update default CodeQL bundle version to 2.21.0. #2838

See the full CHANGELOG.md for more information.

Commits

fc7e4a0 Merge pull request #2844 from github/update-v3.28.14-362ef4ce2
be0175c Update changelog for v3.28.14
362ef4c Merge pull request #2838 from github/update-bundle/codeql-bundle-v2.21.0
2b85c00 Merge branch 'main' into update-bundle/codeql-bundle-v2.21.0
41aa437 Merge pull request #2841 from github/angelapwen/log-init-post-telemetry
92864f4 Add logs around status report telemetry in init-post step
e13fe0d Merge pull request #2833 from github/NlightNFotis/reclassify_upload_sarif_issues
06703ce Merge branch 'main' into NlightNFotis/reclassify_upload_sarif_issues
676a422 review-comments: nest validateSariFileSchema into try-catch block to better d...
498c7f3 review-comments: unwrap error in upload-sarif-action and re-classify as Confi...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/decke/smtprelay/pull/200 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 4/7/2025 **Status:** ❌ Closed **Base:** `master` ← **Head:** `dependabot/github_actions/github/codeql-action-3.28.14` --- ### 📝 Commits (1) - [`f455eb1`](https://github.com/decke/smtprelay/commit/f455eb1ada50afeee7103e172843ccc8ecf7f729) build(deps): Bump github/codeql-action from 3.28.13 to 3.28.14 ### 📊 Changes **2 files changed** (+4 additions, -4 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/codeql-analysis.yml` (+3 -3) 📝 `.github/workflows/scorecards.yml` (+1 -1) </details> ### 📄 Description Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.13 to 3.28.14. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.14</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.14/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2"><code>fc7e4a0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2844">#2844</a> from github/update-v3.28.14-362ef4ce2</li> <li><a href="https://github.com/github/codeql-action/commit/be0175c800fe14dd962aaa2c97f55371f6f95b35"><code>be0175c</code></a> Update changelog for v3.28.14</li> <li><a href="https://github.com/github/codeql-action/commit/362ef4ce205154842cd1d34794abd82bb8f12cd5"><code>362ef4c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2838">#2838</a> from github/update-bundle/codeql-bundle-v2.21.0</li> <li><a href="https://github.com/github/codeql-action/commit/2b85c00718b8a4d8e9928961ea3cf0437450e643"><code>2b85c00</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.21.0</li> <li><a href="https://github.com/github/codeql-action/commit/41aa4376380d34f89f93b8f2f92bb9d3b5723154"><code>41aa437</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2841">#2841</a> from github/angelapwen/log-init-post-telemetry</li> <li><a href="https://github.com/github/codeql-action/commit/92864f48b0dea860caaa9bba99727700e0b4fd3d"><code>92864f4</code></a> Add logs around status report telemetry in <code>init-post</code> step</li> <li><a href="https://github.com/github/codeql-action/commit/e13fe0dd2d51f2b63b05fee9b9cda14b2050f678"><code>e13fe0d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2833">#2833</a> from github/NlightNFotis/reclassify_upload_sarif_issues</li> <li><a href="https://github.com/github/codeql-action/commit/06703ce3e5d16d2ba1159d8ef76d0bc95d3bed97"><code>06703ce</code></a> Merge branch 'main' into NlightNFotis/reclassify_upload_sarif_issues</li> <li><a href="https://github.com/github/codeql-action/commit/676a422916fb4b124d13126326cd03f440e112d6"><code>676a422</code></a> review-comments: nest validateSariFileSchema into try-catch block to better d...</li> <li><a href="https://github.com/github/codeql-action/commit/498c7f37e85d2d0fe6bac32a3c71708870a27bee"><code>498c7f3</code></a> review-comments: unwrap error in upload-sarif-action and re-classify as Confi...</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/1b549b9259bda1cb5ddde3b41741a82a2d15a841...fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.13&new-version=3.28.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>