chore(studio-deps)(deps): bump sweetalert2 from 11.26.17 to 11.26.18 in /studio in the security-critical group#3343
Merged
mergify[bot] merged 1 commit intomainfrom Feb 5, 2026
Conversation
Bumps the security-critical group in /studio with 1 update: [sweetalert2](https://github.com/sweetalert2/sweetalert2). Updates `sweetalert2` from 11.26.17 to 11.26.18 - [Release notes](https://github.com/sweetalert2/sweetalert2/releases) - [Changelog](https://github.com/sweetalert2/sweetalert2/blob/main/CHANGELOG.md) - [Commits](sweetalert2/sweetalert2@v11.26.17...v11.26.18) --- updated-dependencies: - dependency-name: sweetalert2 dependency-version: 11.26.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-critical ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
dependabot
bot
added
security
dependencies
Contributor
🧪 CI InsightsHere's what we observed from your CI run for cb52016. 🟢 All jobs passed!But CI Insights is watching 👀 |
mergify bot
added a commit
that referenced
this pull request
Feb 5, 2026
Bumps the github-actions group with 2 updates: [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `anthropics/claude-code-action` from 1.0.41 to 1.0.43 Release notes *Sourced from [anthropics/claude-code-action's releases](https://github.com/anthropics/claude-code-action/releases).* > v1.0.43 > ------- > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.43> > > v1.0.42 > ------- > > What's Changed > -------------- > > * fix: pass OpenTelemetry environment variables to Claude Code subprocess by [`@csy1204`](https://github.com/csy1204) in [anthropics/claude-code-action#886](https://redirect.github.com/anthropics/claude-code-action/pull/886) > * fix: pass GitHub token to setup-bun to avoid rate limits by [`@peloyeje`](https://github.com/peloyeje) in [anthropics/claude-code-action#861](https://redirect.github.com/anthropics/claude-code-action/pull/861) > > New Contributors > ---------------- > > * [`@csy1204`](https://github.com/csy1204) made their first contribution in [anthropics/claude-code-action#886](https://redirect.github.com/anthropics/claude-code-action/pull/886) > * [`@peloyeje`](https://github.com/peloyeje) made their first contribution in [anthropics/claude-code-action#861](https://redirect.github.com/anthropics/claude-code-action/pull/861) > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.42> Commits * [`6867bb3`](anthropics/claude-code-action@6867bb3) chore: bump Claude Code to 2.1.31 and Agent SDK to 0.2.31 * [`98af40b`](anthropics/claude-code-action@98af40b) chore: bump Claude Code to 2.1.30 and Agent SDK to 0.2.30 * [`4ce5f17`](anthropics/claude-code-action@4ce5f17) fix: pass GitHub token to setup-bun to avoid rate limits ([#861](https://redirect.github.com/anthropics/claude-code-action/issues/861)) * [`fab4258`](anthropics/claude-code-action@fab4258) fix: pass OpenTelemetry environment variables to Claude Code subprocess ([#886](https://redirect.github.com/anthropics/claude-code-action/issues/886)) * See full diff in [compare view](anthropics/claude-code-action@70e16de...6867bb3) Updates `github/codeql-action` from 4.32.0 to 4.32.1 Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v4.32.1 > ------- > > * A warning is now shown in Default Setup workflow logs if a [private package registry is configured](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries) using a GitHub Personal Access Token (PAT), but no username is configured. [#3422](https://redirect.github.com/github/codeql-action/pull/3422) > * Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. [#3421](https://redirect.github.com/github/codeql-action/pull/3421) Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 4.32.1 - 02 Feb 2026 > -------------------- > > * A warning is now shown in Default Setup workflow logs if a [private package registry is configured](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries) using a GitHub Personal Access Token (PAT), but no username is configured. [#3422](https://redirect.github.com/github/codeql-action/pull/3422) > * Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. [#3421](https://redirect.github.com/github/codeql-action/pull/3421) > > 4.32.0 - 26 Jan 2026 > -------------------- > > * Update default CodeQL bundle version to [2.24.0](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0). [#3425](https://redirect.github.com/github/codeql-action/pull/3425) > > 4.31.11 - 23 Jan 2026 > --------------------- > > * When running a Default Setup workflow with [Actions debugging enabled](https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging), the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. [#3409](https://redirect.github.com/github/codeql-action/pull/3409) > * Improved error handling throughout the CodeQL Action. [#3415](https://redirect.github.com/github/codeql-action/pull/3415) > * Added experimental support for automatically excluding [generated files](https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github) from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. [#3318](https://redirect.github.com/github/codeql-action/pull/3318) > * The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. [#3403](https://redirect.github.com/github/codeql-action/pull/3403) > > 4.31.10 - 12 Jan 2026 > --------------------- > > * Update default CodeQL bundle version to 2.23.9. [#3393](https://redirect.github.com/github/codeql-action/pull/3393) > > 4.31.9 - 16 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.8 - 11 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.8. [#3354](https://redirect.github.com/github/codeql-action/pull/3354) > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > 4.31.6 - 01 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.5 - 24 Nov 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.6. [#3321](https://redirect.github.com/github/codeql-action/pull/3321) > > 4.31.4 - 18 Nov 2025 > -------------------- ... (truncated) Commits * [`6bc82e0`](github/codeql-action@6bc82e0) Merge pull request [#3447](https://redirect.github.com/github/codeql-action/issues/3447) from github/update-v4.32.1-f52cbc830 * [`42f00f2`](github/codeql-action@42f00f2) Add a couple of change notes * [`cedee6d`](github/codeql-action@cedee6d) Update changelog for v4.32.1 * [`f52cbc8`](github/codeql-action@f52cbc8) Merge pull request [#3445](https://redirect.github.com/github/codeql-action/issues/3445) from github/dependabot/npm\_and\_yarn/fast-xml-parser-... * [`c5aaca4`](github/codeql-action@c5aaca4) Merge pull request [#3446](https://redirect.github.com/github/codeql-action/issues/3446) from github/mbg/ci/pin-node-packages * [`3e58739`](github/codeql-action@3e58739) Pin `@actions/tool-cache@3` in workflows to avoid failures with `github-script` * [`a6ccefb`](github/codeql-action@a6ccefb) Rebuild * [`0e64858`](github/codeql-action@0e64858) Bump fast-xml-parser from 5.3.3 to 5.3.4 * [`f985be5`](github/codeql-action@f985be5) Merge pull request [#3443](https://redirect.github.com/github/codeql-action/issues/3443) from github/dependabot/npm\_and\_yarn/tar-7.5.7 * [`0c8e06d`](github/codeql-action@0c8e06d) Bump tar from 7.5.6 to 7.5.7 * Additional commits viewable in [compare view](github/codeql-action@b20883b...6bc82e0) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
robfrank
approved these changes
Feb 5, 2026
dependabot
bot
deleted the
dependabot/npm_and_yarn/studio/main/security-critical-0ee21c319c
branch
Nenzyz
pushed a commit
to Nenzyz/arcadedb
that referenced
this pull request
Feb 5, 2026
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.9 to 4.31.10. Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v4.31.10 > -------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 4.31.10 - 12 Jan 2026 > --------------------- > > * Update default CodeQL bundle version to 2.23.9. [ArcadeData#3393](https://redirect.github.com/github/codeql-action/pull/3393) > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v4.31.10/CHANGELOG.md) for more information. Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 4.31.10 - 12 Jan 2026 > --------------------- > > * Update default CodeQL bundle version to 2.23.9. [ArcadeData#3393](https://redirect.github.com/github/codeql-action/pull/3393) > > 4.31.9 - 16 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.8 - 11 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.8. [ArcadeData#3354](https://redirect.github.com/github/codeql-action/pull/3354) > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [ArcadeData#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > 4.31.6 - 01 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.5 - 24 Nov 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.6. [ArcadeData#3321](https://redirect.github.com/github/codeql-action/pull/3321) > > 4.31.4 - 18 Nov 2025 > -------------------- > > No user facing changes. > > 4.31.3 - 13 Nov 2025 > -------------------- > > * CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see [Upcoming deprecation of CodeQL Action v3](https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/). > * Update default CodeQL bundle version to 2.23.5. [ArcadeData#3288](https://redirect.github.com/github/codeql-action/pull/3288) > > 4.31.2 - 30 Oct 2025 > -------------------- > > No user facing changes. > > 4.31.1 - 30 Oct 2025 > -------------------- > > * The `add-snippets` input has been removed from the `analyze` action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced. > > 4.31.0 - 24 Oct 2025 > -------------------- ... (truncated) Commits * [`cdefb33`](github/codeql-action@cdefb33) Merge pull request [ArcadeData#3394](https://redirect.github.com/github/codeql-action/issues/3394) from github/update-v4.31.10-0fa411efd * [`cfa77c6`](github/codeql-action@cfa77c6) Update changelog for v4.31.10 * [`0fa411e`](github/codeql-action@0fa411e) Merge pull request [ArcadeData#3393](https://redirect.github.com/github/codeql-action/issues/3393) from github/update-bundle/codeql-bundle-v2.23.9 * [`c284324`](github/codeql-action@c284324) Add changelog note * [`83e7d00`](github/codeql-action@83e7d00) Update default bundle to codeql-bundle-v2.23.9 * [`f6a16be`](github/codeql-action@f6a16be) Merge pull request [ArcadeData#3391](https://redirect.github.com/github/codeql-action/issues/3391) from github/dependabot/npm\_and\_yarn/npm-minor-f1cdf5... * [`c1f5f1a`](github/codeql-action@c1f5f1a) Rebuild * [`1805d8d`](github/codeql-action@1805d8d) Bump the npm-minor group with 2 updates * [`b2951d2`](github/codeql-action@b2951d2) Merge pull request [ArcadeData#3353](https://redirect.github.com/github/codeql-action/issues/3353) from github/kaspersv/bump-min-cli-v-for-overlay * [`41448d9`](github/codeql-action@41448d9) Merge pull request [ArcadeData#3287](https://redirect.github.com/github/codeql-action/issues/3287) from github/henrymercer/generate-mergeback-last * Additional commits viewable in [compare view](github/codeql-action@5d4e8d1...cdefb33) [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Nenzyz
pushed a commit
to Nenzyz/arcadedb
that referenced
this pull request
Feb 5, 2026
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.10 to 4.31.11. Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v4.31.11 > -------- > > * When running a Default Setup workflow with [Actions debugging enabled](https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging), the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. [ArcadeData#3409](https://redirect.github.com/github/codeql-action/pull/3409) > * Improved error handling throughout the CodeQL Action. [ArcadeData#3415](https://redirect.github.com/github/codeql-action/pull/3415) > * Added experimental support for automatically excluding [generated files](https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github) from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. [ArcadeData#3318](https://redirect.github.com/github/codeql-action/pull/3318) > * The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. [ArcadeData#3403](https://redirect.github.com/github/codeql-action/pull/3403) Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 4.31.11 - 23 Jan 2026 > --------------------- > > * When running a Default Setup workflow with [Actions debugging enabled](https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging), the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. [ArcadeData#3409](https://redirect.github.com/github/codeql-action/pull/3409) > * Improved error handling throughout the CodeQL Action. [ArcadeData#3415](https://redirect.github.com/github/codeql-action/pull/3415) > * Added experimental support for automatically excluding [generated files](https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github) from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. [ArcadeData#3318](https://redirect.github.com/github/codeql-action/pull/3318) > * The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. [ArcadeData#3403](https://redirect.github.com/github/codeql-action/pull/3403) > > 4.31.10 - 12 Jan 2026 > --------------------- > > * Update default CodeQL bundle version to 2.23.9. [ArcadeData#3393](https://redirect.github.com/github/codeql-action/pull/3393) > > 4.31.9 - 16 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.8 - 11 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.8. [ArcadeData#3354](https://redirect.github.com/github/codeql-action/pull/3354) > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [ArcadeData#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > 4.31.6 - 01 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.5 - 24 Nov 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.6. [ArcadeData#3321](https://redirect.github.com/github/codeql-action/pull/3321) > > 4.31.4 - 18 Nov 2025 > -------------------- > > No user facing changes. > > 4.31.3 - 13 Nov 2025 > -------------------- > > * CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see [Upcoming deprecation of CodeQL Action v3](https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/). > * Update default CodeQL bundle version to 2.23.5. [ArcadeData#3288](https://redirect.github.com/github/codeql-action/pull/3288) > > 4.31.2 - 30 Oct 2025 > -------------------- ... (truncated) Commits * [`19b2f06`](github/codeql-action@19b2f06) Merge pull request [ArcadeData#3417](https://redirect.github.com/github/codeql-action/issues/3417) from github/update-v4.31.11-1601acf88 * [`03afde0`](github/codeql-action@03afde0) Add noteworthy changes to changelog * [`9469107`](github/codeql-action@9469107) Update changelog for v4.31.11 * [`1601acf`](github/codeql-action@1601acf) Merge pull request [ArcadeData#3415](https://redirect.github.com/github/codeql-action/issues/3415) from github/henrymercer/address-telemetry-gap * [`fba7872`](github/codeql-action@fba7872) Address review comments * [`a8dd5ab`](github/codeql-action@a8dd5ab) Merge pull request [ArcadeData#3414](https://redirect.github.com/github/codeql-action/issues/3414) from github/dependabot/npm\_and\_yarn/lodash-4.17.23 * [`28bfb7b`](github/codeql-action@28bfb7b) Omit error from start-proxy Action * [`91f3460`](github/codeql-action@91f3460) Throw if in test mode * [`edebb78`](github/codeql-action@edebb78) Differentiate unhandled errors in telemetry * [`529c266`](github/codeql-action@529c266) Use `getErrorMessage` in more places * Additional commits viewable in [compare view](github/codeql-action@cdefb33...19b2f06) [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
mergify bot
added a commit
that referenced
this pull request
Feb 8, 2026
Bumps the github-actions group with 2 updates: [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `anthropics/claude-code-action` from 1.0.43 to 1.0.46 Release notes *Sourced from [anthropics/claude-code-action's releases](https://github.com/anthropics/claude-code-action/releases).* > v1.0.46 > ------- > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.46> > > v1.0.45 > ------- > > What's Changed > -------------- > > * fix: use original body from webhook payload for TOCTOU hardening by [`@ddworken`](https://github.com/ddworken) in [anthropics/claude-code-action#904](https://redirect.github.com/anthropics/claude-code-action/pull/904) > * refactor: simplify mode system by removing Mode interface and registry by [`@ashwin-ant`](https://github.com/ashwin-ant) in [anthropics/claude-code-action#899](https://redirect.github.com/anthropics/claude-code-action/pull/899) > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.45> > > v1.0.44 > ------- > > What's Changed > -------------- > > * refactor: unify action into single composite step with run.ts entrypoint by [`@ashwin-ant`](https://github.com/ashwin-ant) in [anthropics/claude-code-action#898](https://redirect.github.com/anthropics/claude-code-action/pull/898) > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.44> Commits * [`6c61301`](anthropics/claude-code-action@6c61301) chore: bump Claude Code to 2.1.37 and Agent SDK to 0.2.37 * [`db38843`](anthropics/claude-code-action@db38843) chore: bump Claude Code to 2.1.36 and Agent SDK to 0.2.36 * [`b113f49`](anthropics/claude-code-action@b113f49) chore: bump Claude Code to 2.1.33 and Agent SDK to 0.2.33 * [`7057f33`](anthropics/claude-code-action@7057f33) refactor: simplify mode system by removing Mode interface and registry ([#899](https://redirect.github.com/anthropics/claude-code-action/issues/899)) * [`f09dc9a`](anthropics/claude-code-action@f09dc9a) fix: use original body from webhook payload for TOCTOU hardening ([#904](https://redirect.github.com/anthropics/claude-code-action/issues/904)) * [`006aaf2`](anthropics/claude-code-action@006aaf2) chore: bump Claude Code to 2.1.32 and Agent SDK to 0.2.32 * [`9a3c761`](anthropics/claude-code-action@9a3c761) refactor: unify action into single composite step with run.ts entrypoint ([#898](https://redirect.github.com/anthropics/claude-code-action/issues/898)) * See full diff in [compare view](anthropics/claude-code-action@6867bb3...6c61301) Updates `github/codeql-action` from 4.32.1 to 4.32.2 Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v4.32.2 > ------- > > * Update default CodeQL bundle version to [2.24.1](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1). [#3460](https://redirect.github.com/github/codeql-action/pull/3460) Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 4.32.2 - 05 Feb 2026 > -------------------- > > * Update default CodeQL bundle version to [2.24.1](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1). [#3460](https://redirect.github.com/github/codeql-action/pull/3460) > > 4.32.1 - 02 Feb 2026 > -------------------- > > * A warning is now shown in Default Setup workflow logs if a [private package registry is configured](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries) using a GitHub Personal Access Token (PAT), but no username is configured. [#3422](https://redirect.github.com/github/codeql-action/pull/3422) > * Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. [#3421](https://redirect.github.com/github/codeql-action/pull/3421) > > 4.32.0 - 26 Jan 2026 > -------------------- > > * Update default CodeQL bundle version to [2.24.0](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0). [#3425](https://redirect.github.com/github/codeql-action/pull/3425) > > 4.31.11 - 23 Jan 2026 > --------------------- > > * When running a Default Setup workflow with [Actions debugging enabled](https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging), the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. [#3409](https://redirect.github.com/github/codeql-action/pull/3409) > * Improved error handling throughout the CodeQL Action. [#3415](https://redirect.github.com/github/codeql-action/pull/3415) > * Added experimental support for automatically excluding [generated files](https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github) from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. [#3318](https://redirect.github.com/github/codeql-action/pull/3318) > * The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. [#3403](https://redirect.github.com/github/codeql-action/pull/3403) > > 4.31.10 - 12 Jan 2026 > --------------------- > > * Update default CodeQL bundle version to 2.23.9. [#3393](https://redirect.github.com/github/codeql-action/pull/3393) > > 4.31.9 - 16 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.8 - 11 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.8. [#3354](https://redirect.github.com/github/codeql-action/pull/3354) > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > 4.31.6 - 01 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.5 - 24 Nov 2025 > -------------------- ... (truncated) Commits * [`45cbd0c`](github/codeql-action@45cbd0c) Merge pull request [#3461](https://redirect.github.com/github/codeql-action/issues/3461) from github/update-v4.32.2-7aee93297 * [`cb528be`](github/codeql-action@cb528be) Update changelog for v4.32.2 * [`7aee932`](github/codeql-action@7aee932) Merge pull request [#3460](https://redirect.github.com/github/codeql-action/issues/3460) from github/update-bundle/codeql-bundle-v2.24.1 * [`b5f028a`](github/codeql-action@b5f028a) Merge pull request [#3457](https://redirect.github.com/github/codeql-action/issues/3457) from github/dependabot/npm\_and\_yarn/npm-minor-4c1fc3... * [`9702c27`](github/codeql-action@9702c27) Merge branch 'main' into dependabot/npm\_and\_yarn/npm-minor-4c1fc3d0aa * [`c36c948`](github/codeql-action@c36c948) Add changelog note * [`3d03318`](github/codeql-action@3d03318) Update default bundle to codeql-bundle-v2.24.1 * [`77591e2`](github/codeql-action@77591e2) Merge pull request [#3459](https://redirect.github.com/github/codeql-action/issues/3459) from github/copilot/fix-github-actions-workflow-again * [`7a44a9d`](github/codeql-action@7a44a9d) Fix Rebuild Action workflow by adding --no-edit flag to git merge --continue * [`e2ac371`](github/codeql-action@e2ac371) Initial plan * Additional commits viewable in [compare view](github/codeql-action@6bc82e0...45cbd0c) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
mergify bot
added a commit
that referenced
this pull request
Feb 15, 2026
Bumps the github-actions group with 2 updates: [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `anthropics/claude-code-action` from 1.0.46 to 1.0.51 Release notes *Sourced from [anthropics/claude-code-action's releases](https://github.com/anthropics/claude-code-action/releases).* > v1.0.51 > ------- > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.51> > > v1.0.50 > ------- > > What's Changed > -------------- > > * revert: undo PR checkout fork support and unique branch naming by [`@ashwin-ant`](https://github.com/ashwin-ant) in [anthropics/claude-code-action#937](https://redirect.github.com/anthropics/claude-code-action/pull/937) > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.50> > > v1.0.49 > ------- > > What's Changed > -------------- > > * fix: replace deprecated :\* with modern \* wildcard in git permissions by [`@Dave-London`](https://github.com/Dave-London) in [anthropics/claude-code-action#929](https://redirect.github.com/anthropics/claude-code-action/pull/929) > * fix: skip CI MCP server installation when actions:read permission is missing by [`@OctavianGuzu`](https://github.com/OctavianGuzu) in [anthropics/claude-code-action#933](https://redirect.github.com/anthropics/claude-code-action/pull/933) > * Fix/PR checkout branch name conflicts by [`@kirisame-wang`](https://github.com/kirisame-wang) in [anthropics/claude-code-action#931](https://redirect.github.com/anthropics/claude-code-action/pull/931) > > New Contributors > ---------------- > > * [`@OctavianGuzu`](https://github.com/OctavianGuzu) made their first contribution in [anthropics/claude-code-action#933](https://redirect.github.com/anthropics/claude-code-action/pull/933) > * [`@kirisame-wang`](https://github.com/kirisame-wang) made their first contribution in [anthropics/claude-code-action#931](https://redirect.github.com/anthropics/claude-code-action/pull/931) > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.49> > > v1.0.48 > ------- > > What's Changed > -------------- > > * Fix PR checkout to support fork PRs by [`@Tsuesun`](https://github.com/Tsuesun) in [anthropics/claude-code-action#851](https://redirect.github.com/anthropics/claude-code-action/pull/851) > > New Contributors > ---------------- > > * [`@Tsuesun`](https://github.com/Tsuesun) made their first contribution in [anthropics/claude-code-action#851](https://redirect.github.com/anthropics/claude-code-action/pull/851) > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.48> > > v1.0.47 > ------- > > What's Changed > -------------- > > * Update claude-opus-4-5 to claude-opus-4-6 in workflow by [`@ashwin-ant`](https://github.com/ashwin-ant) in [anthropics/claude-code-action#909](https://redirect.github.com/anthropics/claude-code-action/pull/909) > * fix: skip dev dependencies in CI install step by [`@Dave-London`](https://github.com/Dave-London) in [anthropics/claude-code-action#919](https://redirect.github.com/anthropics/claude-code-action/pull/919) > > New Contributors > ---------------- > > * [`@Dave-London`](https://github.com/Dave-London) made their first contribution in [anthropics/claude-code-action#919](https://redirect.github.com/anthropics/claude-code-action/pull/919) > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.47> Commits * [`ea36d6a`](anthropics/claude-code-action@ea36d6a) chore: bump Claude Code to 2.1.42 and Agent SDK to 0.2.42 * [`c22f7c3`](anthropics/claude-code-action@c22f7c3) revert: undo PR checkout fork support and unique branch naming ([#937](https://redirect.github.com/anthropics/claude-code-action/issues/937)) * [`f669191`](anthropics/claude-code-action@f669191) fix: use unique local branch names for PR checkout to avoid conflicts ([#931](https://redirect.github.com/anthropics/claude-code-action/issues/931)) * [`8c383c5`](anthropics/claude-code-action@8c383c5) fix: skip CI MCP server installation when actions:read permission is missing ... * [`1bb0e74`](anthropics/claude-code-action@1bb0e74) fix: replace deprecated :\* with modern \* wildcard in git permissions ([#929](https://redirect.github.com/anthropics/claude-code-action/issues/929)) * [`23ed4cb`](anthropics/claude-code-action@23ed4cb) chore: bump Claude Code to 2.1.39 and Agent SDK to 0.2.39 * [`21e3fe0`](anthropics/claude-code-action@21e3fe0) Fix PR checkout to support fork PRs ([#851](https://redirect.github.com/anthropics/claude-code-action/issues/851)) * [`b433f16`](anthropics/claude-code-action@b433f16) chore: bump Claude Code to 2.1.38 and Agent SDK to 0.2.38 * [`7695f78`](anthropics/claude-code-action@7695f78) fix: skip dev dependencies in CI install step ([#919](https://redirect.github.com/anthropics/claude-code-action/issues/919)) * [`d5b01b6`](anthropics/claude-code-action@d5b01b6) Update claude-opus-4-5 to claude-opus-4-6 in workflow ([#909](https://redirect.github.com/anthropics/claude-code-action/issues/909)) * See full diff in [compare view](anthropics/claude-code-action@6c61301...ea36d6a) Updates `github/codeql-action` from 4.32.2 to 4.32.3 Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v4.32.3 > ------- > > * Added experimental support for testing connections to [private package registries](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries). This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. [#3466](https://redirect.github.com/github/codeql-action/pull/3466) Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 4.32.3 - 13 Feb 2026 > -------------------- > > * Added experimental support for testing connections to [private package registries](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries). This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. [#3466](https://redirect.github.com/github/codeql-action/pull/3466) > > 4.32.2 - 05 Feb 2026 > -------------------- > > * Update default CodeQL bundle version to [2.24.1](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1). [#3460](https://redirect.github.com/github/codeql-action/pull/3460) > > 4.32.1 - 02 Feb 2026 > -------------------- > > * A warning is now shown in Default Setup workflow logs if a [private package registry is configured](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries) using a GitHub Personal Access Token (PAT), but no username is configured. [#3422](https://redirect.github.com/github/codeql-action/pull/3422) > * Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. [#3421](https://redirect.github.com/github/codeql-action/pull/3421) > > 4.32.0 - 26 Jan 2026 > -------------------- > > * Update default CodeQL bundle version to [2.24.0](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0). [#3425](https://redirect.github.com/github/codeql-action/pull/3425) > > 4.31.11 - 23 Jan 2026 > --------------------- > > * When running a Default Setup workflow with [Actions debugging enabled](https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging), the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. [#3409](https://redirect.github.com/github/codeql-action/pull/3409) > * Improved error handling throughout the CodeQL Action. [#3415](https://redirect.github.com/github/codeql-action/pull/3415) > * Added experimental support for automatically excluding [generated files](https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github) from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. [#3318](https://redirect.github.com/github/codeql-action/pull/3318) > * The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. [#3403](https://redirect.github.com/github/codeql-action/pull/3403) > > 4.31.10 - 12 Jan 2026 > --------------------- > > * Update default CodeQL bundle version to 2.23.9. [#3393](https://redirect.github.com/github/codeql-action/pull/3393) > > 4.31.9 - 16 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.8 - 11 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.8. [#3354](https://redirect.github.com/github/codeql-action/pull/3354) > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > 4.31.6 - 01 Dec 2025 > -------------------- ... (truncated) Commits * [`9e907b5`](github/codeql-action@9e907b5) Merge pull request [#3479](https://redirect.github.com/github/codeql-action/issues/3479) from github/update-v4.32.3-4bf6fa4e2 * [`1814c9f`](github/codeql-action@1814c9f) Update changelog for v4.32.3 * [`4bf6fa4`](github/codeql-action@4bf6fa4) Merge pull request [#3478](https://redirect.github.com/github/codeql-action/issues/3478) from github/mbg/changelog/add-connection-test-entry * [`9658e23`](github/codeql-action@9658e23) Merge pull request [#3476](https://redirect.github.com/github/codeql-action/issues/3476) from github/henrymercer/retry-auth-errors * [`be75dd9`](github/codeql-action@be75dd9) Add changelog entry for [#3466](https://redirect.github.com/github/codeql-action/issues/3466) * [`05bca54`](github/codeql-action@05bca54) Apply suggestion from [`@Copilot`](https://github.com/Copilot) * [`2d6b98c`](github/codeql-action@2d6b98c) Merge pull request [#3475](https://redirect.github.com/github/codeql-action/issues/3475) from github/henrymercer/retry-auth-errors * [`876cecb`](github/codeql-action@876cecb) Avoid requesting features in CCR * [`43b46a1`](github/codeql-action@43b46a1) Retry API authentication errors since these can be transient * [`8ad4b6e`](github/codeql-action@8ad4b6e) Merge pull request [#3472](https://redirect.github.com/github/codeql-action/issues/3472) from github/dependabot/github\_actions/dot-github/wor... * Additional commits viewable in [compare view](github/codeql-action@45cbd0c...9e907b5) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
skofra0
pushed a commit
to skofra0/arcadedb
that referenced
this pull request
Feb 23, 2026
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.5 to 4.31.7. Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v4.31.7 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [ArcadeData#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v4.31.7/CHANGELOG.md) for more information. > > v4.31.6 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 4.31.6 - 01 Dec 2025 > -------------------- > > No user facing changes. > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v4.31.6/CHANGELOG.md) for more information. Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [ArcadeData#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > 4.31.6 - 01 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.5 - 24 Nov 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.6. [ArcadeData#3321](https://redirect.github.com/github/codeql-action/pull/3321) > > 4.31.4 - 18 Nov 2025 > -------------------- > > No user facing changes. > > 4.31.3 - 13 Nov 2025 > -------------------- > > * CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see [Upcoming deprecation of CodeQL Action v3](https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/). > * Update default CodeQL bundle version to 2.23.5. [ArcadeData#3288](https://redirect.github.com/github/codeql-action/pull/3288) > > 4.31.2 - 30 Oct 2025 > -------------------- > > No user facing changes. > > 4.31.1 - 30 Oct 2025 > -------------------- > > * The `add-snippets` input has been removed from the `analyze` action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced. > > 4.31.0 - 24 Oct 2025 > -------------------- > > * Bump minimum CodeQL bundle version to 2.17.6. [ArcadeData#3223](https://redirect.github.com/github/codeql-action/pull/3223) > * When SARIF files are uploaded by the `analyze` or `upload-sarif` actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the `upload-sarif` action. For `analyze`, this may affect Advanced Setup for CodeQL users who specify a value other than `always` for the `upload` input. [ArcadeData#3222](https://redirect.github.com/github/codeql-action/pull/3222) > > 4.30.9 - 17 Oct 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.3. [ArcadeData#3205](https://redirect.github.com/github/codeql-action/pull/3205) > * Experimental: A new `setup-codeql` action has been added which is similar to `init`, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. [ArcadeData#3204](https://redirect.github.com/github/codeql-action/pull/3204) > > 4.30.8 - 10 Oct 2025 > -------------------- > > No user facing changes. ... (truncated) Commits * [`cf1bb45`](github/codeql-action@cf1bb45) Merge pull request [ArcadeData#3344](https://redirect.github.com/github/codeql-action/issues/3344) from github/update-v4.31.7-f5c63fadd * [`f4ebe95`](github/codeql-action@f4ebe95) Update changelog for v4.31.7 * [`f5c63fa`](github/codeql-action@f5c63fa) Merge pull request [ArcadeData#3343](https://redirect.github.com/github/codeql-action/issues/3343) from github/update-bundle/codeql-bundle-v2.23.7 * [`a2c01e7`](github/codeql-action@a2c01e7) Add changelog note * [`ac34c13`](github/codeql-action@ac34c13) Update default bundle to codeql-bundle-v2.23.7 * [`267c467`](github/codeql-action@267c467) Merge pull request [ArcadeData#3339](https://redirect.github.com/github/codeql-action/issues/3339) from github/dependabot/npm\_and\_yarn/npm-minor-77d264... * [`aeabef7`](github/codeql-action@aeabef7) Merge branch 'main' into dependabot/npm\_and\_yarn/npm-minor-77d26487b0 * [`78357d3`](github/codeql-action@78357d3) Merge pull request [ArcadeData#3341](https://redirect.github.com/github/codeql-action/issues/3341) from github/mbg/ci/update-cs-config-cli-tests * [`d61a6fa`](github/codeql-action@d61a6fa) Update CLI config test to account for overlay db changes on PRs * [`ce27e95`](github/codeql-action@ce27e95) Rebuild * Additional commits viewable in [compare view](github/codeql-action@fdbfb4d...cf1bb45) [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
skofra0
pushed a commit
to skofra0/arcadedb
that referenced
this pull request
Feb 23, 2026
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.7 to 4.31.8. Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v4.31.8 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 4.31.8 - 11 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.8. [ArcadeData#3354](https://redirect.github.com/github/codeql-action/pull/3354) > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v4.31.8/CHANGELOG.md) for more information. Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 4.31.8 - 11 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.8. [ArcadeData#3354](https://redirect.github.com/github/codeql-action/pull/3354) > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [ArcadeData#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > 4.31.6 - 01 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.5 - 24 Nov 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.6. [ArcadeData#3321](https://redirect.github.com/github/codeql-action/pull/3321) > > 4.31.4 - 18 Nov 2025 > -------------------- > > No user facing changes. > > 4.31.3 - 13 Nov 2025 > -------------------- > > * CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see [Upcoming deprecation of CodeQL Action v3](https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/). > * Update default CodeQL bundle version to 2.23.5. [ArcadeData#3288](https://redirect.github.com/github/codeql-action/pull/3288) > > 4.31.2 - 30 Oct 2025 > -------------------- > > No user facing changes. > > 4.31.1 - 30 Oct 2025 > -------------------- > > * The `add-snippets` input has been removed from the `analyze` action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced. > > 4.31.0 - 24 Oct 2025 > -------------------- > > * Bump minimum CodeQL bundle version to 2.17.6. [ArcadeData#3223](https://redirect.github.com/github/codeql-action/pull/3223) > * When SARIF files are uploaded by the `analyze` or `upload-sarif` actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the `upload-sarif` action. For `analyze`, this may affect Advanced Setup for CodeQL users who specify a value other than `always` for the `upload` input. [ArcadeData#3222](https://redirect.github.com/github/codeql-action/pull/3222) > > 4.30.9 - 17 Oct 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.3. [ArcadeData#3205](https://redirect.github.com/github/codeql-action/pull/3205) > * Experimental: A new `setup-codeql` action has been added which is similar to `init`, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. [ArcadeData#3204](https://redirect.github.com/github/codeql-action/pull/3204) ... (truncated) Commits * [`1b168cd`](github/codeql-action@1b168cd) Merge pull request [ArcadeData#3355](https://redirect.github.com/github/codeql-action/issues/3355) from github/update-v4.31.8-1b0b941e1 * [`120f277`](github/codeql-action@120f277) Update changelog for v4.31.8 * [`1b0b941`](github/codeql-action@1b0b941) Merge pull request [ArcadeData#3354](https://redirect.github.com/github/codeql-action/issues/3354) from github/update-bundle/codeql-bundle-v2.23.8 * [`db812c1`](github/codeql-action@db812c1) Add changelog note * [`2930dba`](github/codeql-action@2930dba) Update default bundle to codeql-bundle-v2.23.8 * [`c43362b`](github/codeql-action@c43362b) Merge pull request [ArcadeData#3340](https://redirect.github.com/github/codeql-action/issues/3340) from github/kaspersv/check-for-overlayBaseSpecifier * [`002a7f2`](github/codeql-action@002a7f2) Overlay: log overlayBaseSpecifier at debug log-level * [`5b7e7fc`](github/codeql-action@5b7e7fc) Update src/codeql.ts * [`149d184`](github/codeql-action@149d184) Merge pull request [ArcadeData#3345](https://redirect.github.com/github/codeql-action/issues/3345) from github/mergeback/v4.31.7-to-main-cf1bb45a * [`97c2630`](github/codeql-action@97c2630) Rebuild * Additional commits viewable in [compare view](github/codeql-action@cf1bb45...1b168cd) [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
skofra0
pushed a commit
to skofra0/arcadedb
that referenced
this pull request
Feb 23, 2026
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.8 to 4.31.9. Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v4.31.9 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 4.31.9 - 16 Dec 2025 > -------------------- > > No user facing changes. > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v4.31.9/CHANGELOG.md) for more information. Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 4.31.9 - 16 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.8 - 11 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.8. [ArcadeData#3354](https://redirect.github.com/github/codeql-action/pull/3354) > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [ArcadeData#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > 4.31.6 - 01 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.5 - 24 Nov 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.6. [ArcadeData#3321](https://redirect.github.com/github/codeql-action/pull/3321) > > 4.31.4 - 18 Nov 2025 > -------------------- > > No user facing changes. > > 4.31.3 - 13 Nov 2025 > -------------------- > > * CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see [Upcoming deprecation of CodeQL Action v3](https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/). > * Update default CodeQL bundle version to 2.23.5. [ArcadeData#3288](https://redirect.github.com/github/codeql-action/pull/3288) > > 4.31.2 - 30 Oct 2025 > -------------------- > > No user facing changes. > > 4.31.1 - 30 Oct 2025 > -------------------- > > * The `add-snippets` input has been removed from the `analyze` action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced. > > 4.31.0 - 24 Oct 2025 > -------------------- > > * Bump minimum CodeQL bundle version to 2.17.6. [ArcadeData#3223](https://redirect.github.com/github/codeql-action/pull/3223) > * When SARIF files are uploaded by the `analyze` or `upload-sarif` actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the `upload-sarif` action. For `analyze`, this may affect Advanced Setup for CodeQL users who specify a value other than `always` for the `upload` input. [ArcadeData#3222](https://redirect.github.com/github/codeql-action/pull/3222) ... (truncated) Commits * [`5d4e8d1`](github/codeql-action@5d4e8d1) Merge pull request [ArcadeData#3371](https://redirect.github.com/github/codeql-action/issues/3371) from github/update-v4.31.9-998798e34 * [`1dc115f`](github/codeql-action@1dc115f) Update changelog for v4.31.9 * [`998798e`](github/codeql-action@998798e) Merge pull request [ArcadeData#3352](https://redirect.github.com/github/codeql-action/issues/3352) from github/nickrolfe/jar-min-ff-cleanup * [`5eb7519`](github/codeql-action@5eb7519) Merge pull request [ArcadeData#3358](https://redirect.github.com/github/codeql-action/issues/3358) from github/henrymercer/database-upload-telemetry * [`d29eddb`](github/codeql-action@d29eddb) Extract version number to constant * [`e962687`](github/codeql-action@e962687) Merge branch 'main' into henrymercer/database-upload-telemetry * [`19c7f96`](github/codeql-action@19c7f96) Rename `isOverlayBase` * [`ae5de9a`](github/codeql-action@ae5de9a) Use `getErrorMessage` in log too * [`0cb8633`](github/codeql-action@0cb8633) Prefer `performance.now()` * [`c07cc0d`](github/codeql-action@c07cc0d) Merge pull request [ArcadeData#3351](https://redirect.github.com/github/codeql-action/issues/3351) from github/henrymercer/ghec-dr-determine-tools-vers... * Additional commits viewable in [compare view](github/codeql-action@1b168cd...5d4e8d1) [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the security-critical group in /studio with 1 update: sweetalert2.
Updates
sweetalert2from 11.26.17 to 11.26.18Release notes
Sourced from sweetalert2's releases.
Changelog
Sourced from sweetalert2's changelog.
Commits
01f6d80chore(release): 11.26.18 [skip ci]11e6344fix: types in argsToParams.js (#2912)4866232chore: bump bun.lockc640b87chore: add PalsToy to sponsorsb995377chore: bump stylelint depsc4a9734chore: bump bun.lockc212154chore: rm dollauthority from sponsors49c3c10chore: bump bun.lock84317f0chore: rm dlxplugins from sponsors9ac3b97chore: rm unnecessary codeDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions