ci(deps): bump github/codeql-action from 4.36.0 to 4.36.2 in the actions-all group#84
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Bumps the actions-all group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 4.36.0 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@7211b7c...8aad20d) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all ... Signed-off-by: dependabot[bot] <support@github.com>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
PythonWoods-Dev
added a commit
that referenced
this pull request
Jun 9, 2026
GHA (PR #84, #85): - actions/checkout SHA → v6.0.3 (df4cb1c) - github/codeql-action → 4.36.2 (8aad20d) npm (PR #83, #86, #87): - react 19.2.6 → 19.2.7 - react-dom 19.2.6 → 19.2.7 - @types/react 19.2.15 → 19.2.17 - typescript-eslint 8.59.4 → 8.61.0 - @types/node 25.9.1 → 25.9.2 Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com>
Contributor
|
Superseded by commit 92d2173 on |
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
dependabot
Bot
deleted the
dependabot/github_actions/actions-all-0321e4ed66
branch
PythonWoods-Dev
added a commit
that referenced
this pull request
Jun 9, 2026
GHA (PR #84, #85): - actions/checkout SHA → v6.0.3 (df4cb1c) - github/codeql-action → 4.36.2 (8aad20d) npm (PR #83, #86, #87): - react 19.2.6 → 19.2.7 - react-dom 19.2.6 → 19.2.7 - @types/react 19.2.15 → 19.2.17 - typescript-eslint 8.59.4 → 8.61.0 - @types/node 25.9.1 → 25.9.2 Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com>
PythonWoods-Dev
added a commit
that referenced
this pull request
Jun 9, 2026
* ci/docs: enforce fail-closed PR build and document required checks Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> * docs(changelog): record fail-closed build gate updates Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> * blog: publish 'Auditing the Auditors' case study and register new tags Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> * fix(blog): remove duplicate architecture tag from tags.yml Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> * blog: polish 'Auditing the Auditors' — link issues/PR, rename section to The Agent Incident Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> * release: bump version to 0.10.4 Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> * fix(deps): bump GHA actions and npm packages GHA (PR #84, #85): - actions/checkout SHA → v6.0.3 (df4cb1c) - github/codeql-action → 4.36.2 (8aad20d) npm (PR #83, #86, #87): - react 19.2.6 → 19.2.7 - react-dom 19.2.6 → 19.2.7 - @types/react 19.2.15 → 19.2.17 - typescript-eslint 8.59.4 → 8.61.0 - @types/node 25.9.1 → 25.9.2 Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> * style(readme): add zenzic/doc wordmark, center all badges - New SVG wordmark: zenzic-wordmark-doc.svg + dark variant (teal #0d9488/#2dd4bf accent, matching zenzic-action pattern) - README.md + README.it.md: replace nav logo with new wordmark, restructure badges into <p align="center"> HTML block - Drop markdown-syntax badge lines and bare H1 heading; add markdownlint-disable MD033 MD041 MD060 Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> * fix(brand): align doc wordmark color to official palette Replace teal (#0d9488/#2dd4bf) with sky (#38bdf8/#7dd3fc), the second brand color used in the icon grid. Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> * fix(ci): resolve NPM audit critical and quality gate Z109 - package-lock.json: npm audit fix — shell-quote critical (GHSA-w7jw-789q-3m8p) - .zenzic.toml: suppress Z109 on architecture.mdx (EN+IT) github.com/google/re2 is a valid upstream repo; failure is a transient CI network connection error (6/10 suppression cap) - README.md + README.it.md: score badge updated 96 → 94 (2 new suppressions) Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> * docs(contributing): add SSH signing setup instructions Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com> --------- Signed-off-by: PythonWoods-Dev <gianluca.catalano@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the actions-all group with 1 update: github/codeql-action.
Updates
github/codeql-actionfrom 4.36.0 to 4.36.2Release notes
Sourced from github/codeql-action's releases.
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
8aad20dMerge pull request #3949 from github/update-v4.36.2-dcb947ce1f521b08Add additional changelog notes8aeff0fUpdate changelog for v4.36.2dcb947cMerge pull request #3948 from github/update-bundle/codeql-bundle-v2.25.6c251bceAdd changelog note62953c1Update default bundle to codeql-bundle-v2.25.6423b570Merge pull request #3946 from github/dependabot/npm_and_yarn/npm-minor-5d507a...c35d1b1Merge pull request #3947 from github/dependabot/github_actions/dot-github/wor...cb1a588Merge pull request #3937 from github/robertbrignull/waitForProcessing_backoffba47406Merge pull request #3943 from github/henrymercer/cache-cli-version-infoDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions