From 20413ad9a7d276572b89899583da22fb579f73cc Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 12 Nov 2024 13:52:01 -0800
Subject: [PATCH] chore(deps): update github/codeql-action action to v3.27.3
(#11656)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[github/codeql-action](https://redirect.github.com/github/codeql-action)
| action | patch | `v3.27.2` -> `v3.27.3` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
---
### Release Notes
github/codeql-action (github/codeql-action)
###
[`v3.27.3`](https://redirect.github.com/github/codeql-action/releases/tag/v3.27.3)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.2...v3.27.3)
##### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.
##### 3.27.3 - 12 Nov 2024
No user facing changes.
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.27.3/CHANGELOG.md)
for more information.
---
### Configuration
📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Bogdan Drutu
---
.github/workflows/codeql-analysis.yml | 6 +++---
.github/workflows/scorecard.yml | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index d2c1b6367b1..65a7a9125f8 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -30,12 +30,12 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@9278e421667d5d90a2839487a482448c4ec7df4d # v3.27.2
+ uses: github/codeql-action/init@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
with:
languages: go
- name: Autobuild
- uses: github/codeql-action/autobuild@9278e421667d5d90a2839487a482448c4ec7df4d # v3.27.2
+ uses: github/codeql-action/autobuild@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@9278e421667d5d90a2839487a482448c4ec7df4d # v3.27.2
+ uses: github/codeql-action/analyze@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index c627ef15714..92248a8b093 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -64,6 +64,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3.27.2
+ uses: github/codeql-action/upload-sarif@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
with:
sarif_file: results.sarif