Skip to content

Infra: Group github/codeql-action bumps into a single dependabot PR#3648

Open
ebyhr wants to merge 1 commit into
apache:mainfrom
ebyhr:ebi/actions-codeql
Open

Infra: Group github/codeql-action bumps into a single dependabot PR#3648
ebyhr wants to merge 1 commit into
apache:mainfrom
ebyhr:ebi/actions-codeql

Conversation

@ebyhr

@ebyhr ebyhr commented Jul 10, 2026

Copy link
Copy Markdown
Member

Rationale for this change

Thus, dependabot can update these two jobs in a single PR:

- name: Initialize CodeQL
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
languages: actions
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2

Are these changes tested?

N/A

Are there any user-facing changes?

No

@ebyhr
ebyhr force-pushed the ebi/actions-codeql branch from 1d15905 to f215677 Compare July 10, 2026 23:45
Fokko pushed a commit that referenced this pull request Jul 17, 2026
…e from 4.36.2 to 4.36.3 (#3646)

# Rationale for this change

`github/codeql-action*` require the same version.

I've opened another #3648 to improve the grouping in dependabot setting.

- Closes #3640
- Closes #3636

## Are these changes tested?

N/A

## Are there any user-facing changes?

No

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant