chore(deps): update github/codeql-action action to v3.27.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
github/codeql-action	action	minor	v3.26.12 -> v3.27.0

---

Release Notes

github/codeql-action (github/codeql-action)

v3.27.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.0 - 22 Oct 2024

• Bump the minimum CodeQL bundle version to 2.14.6. #​2549
• Fix an issue where the upload-sarif Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the upload-sarif Action. #​2557
• Update default CodeQL bundle version to 2.19.2. #​2552

See the full CHANGELOG.md for more information.

v3.26.13

Compare Source

---

Configuration

📅 Schedule: Branch creation - "* 0-4 * * 3" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

[puLL-Merge] - github/codeql-action@v3.26.12..v3.26.13

Description

This PR introduces several changes across multiple files, primarily focusing on updating dependencies, modifying workflow configurations, and adding new features related to CodeQL and TypeScript ESLint.

Changes

Changes

1. .github/workflows/__zstd-bundle-fallback.yml and .github/workflows/__zstd-bundle.yml:

   • Removed Windows from the fallback workflow
   • Modified the order of operating systems in the main workflow
   • Added a check for the expected file extension based on the runner OS

2. lib/feature-flags.js and src/feature-flags.ts:

   • Added a new feature flag CodeqlActionPythonDefaultIsToNotExtractStdlib

3. lib/init-action.js and src/init-action.ts:

   • Implemented logic to handle the new Python standard library extraction feature flag

4. lib/setup-codeql.js and src/setup-codeql.ts:

   • Added a condition to not use Zstd bundle on Windows platform

5. lib/tools-features.js and src/tools-features.ts:

   • Added a new tools feature PythonDefaultIsToNotExtractStdlib

6. CHANGELOG.md:

   • Added an entry for version 3.26.13 with no user-facing changes

7. Various package.json files:

   • Updated dependencies, particularly TypeScript ESLint related packages

8. TypeScript ESLint related files:

   • Various updates and improvements in TypeScript ESLint packages

Possible Issues

• The removal of Windows from the Zstd bundle fallback workflow might affect Windows-specific scenarios that relied on this fallback mechanism.

Security Hotspots

No significant security hotspots were identified in this change.