Skip to content

Infra: Group github/codeql-action bumps into a single dependabot PR#3648

Merged
Fokko merged 1 commit into
apache:mainfrom
ebyhr:ebi/actions-codeql
Jul 19, 2026
Merged

Infra: Group github/codeql-action bumps into a single dependabot PR#3648
Fokko merged 1 commit into
apache:mainfrom
ebyhr:ebi/actions-codeql

Conversation

@ebyhr

@ebyhr ebyhr commented Jul 10, 2026

Copy link
Copy Markdown
Member

Rationale for this change

Thus, dependabot can update these two jobs in a single PR:

- name: Initialize CodeQL
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
languages: actions
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2

Are these changes tested?

N/A

Are there any user-facing changes?

No

@ebyhr
ebyhr force-pushed the ebi/actions-codeql branch from 1d15905 to f215677 Compare July 10, 2026 23:45
Fokko pushed a commit that referenced this pull request Jul 17, 2026
…e from 4.36.2 to 4.36.3 (#3646)

# Rationale for this change

`github/codeql-action*` require the same version.

I've opened another #3648 to improve the grouping in dependabot setting.

- Closes #3640
- Closes #3636

## Are these changes tested?

N/A

## Are there any user-facing changes?

No

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@Fokko

Fokko commented Jul 19, 2026

Copy link
Copy Markdown
Contributor

I missed this PR. I think we're running into the same issue again with #3673 and #3670

@Fokko
Fokko merged commit e19eca8 into apache:main Jul 19, 2026
17 checks passed
@Fokko

Fokko commented Jul 19, 2026

Copy link
Copy Markdown
Contributor

Thanks @ebyhr 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants