fix(deps): update all dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
actions/checkout	action	minor	v4.1.1 -> v4.2.2
actions/dependency-review-action	action	major	v3.1.0 -> v4.5.0
actions/setup-go	action	major	v4.1.0 -> v5.2.0
github.com/golang/protobuf	require	patch	v1.5.3 -> v1.5.4
github/codeql-action	action	major	v2.22.4 -> v3.28.0
step-security/harden-runner	action	minor	v2.6.0 -> v2.10.3

---

Release Notes

actions/checkout (actions/checkout)

v4.2.2

Compare Source

• url-helper.ts now leverages well-known environment variables by @​jww3 in https://github.com/actions/checkout/pull/1941
• Expand unit test coverage for isGhes by @​jww3 in https://github.com/actions/checkout/pull/1946

v4.2.1

Compare Source

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in https://github.com/actions/checkout/pull/1924

v4.2.0

Compare Source

• Add Ref and Commit outputs by @​lucacome in https://github.com/actions/checkout/pull/1180
• Dependency updates by @​dependabot- https://github.com/actions/checkout/pull/1777, https://github.com/actions/checkout/pull/1872

v4.1.7

Compare Source

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in https://github.com/actions/checkout/pull/1739
• Bump actions/checkout from 3 to 4 by @​dependabot in https://github.com/actions/checkout/pull/1697
• Check out other refs/* by commit by @​orhantoy in https://github.com/actions/checkout/pull/1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in https://github.com/actions/checkout/pull/1776

v4.1.6

Compare Source

• Check platform to set archive extension appropriately by @​cory-miller in https://github.com/actions/checkout/pull/1732

v4.1.5

Compare Source

What's Changed

• Update NPM dependencies by @​cory-miller in https://github.com/actions/checkout/pull/1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in https://github.com/actions/checkout/pull/1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in https://github.com/actions/checkout/pull/1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in https://github.com/actions/checkout/pull/1695
• README: Suggest user.email to be 41898282+github-actions[bot]@​users.noreply.github.com by @​cory-miller in https://github.com/actions/checkout/pull/1707

Full Changelog: actions/checkout@v4.1.4...v4.1.5

v4.1.4

Compare Source

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in https://github.com/actions/checkout/pull/1692
• Add dependabot config by @​cory-miller in https://github.com/actions/checkout/pull/1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in https://github.com/actions/checkout/pull/1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in https://github.com/actions/checkout/pull/1643

v4.1.3

Compare Source

What's Changed

• Update actions/checkout version in update-main-version.yml by @​jww3 in https://github.com/actions/checkout/pull/1650
• Check git version before attempting to disable sparse-checkout by @​jww3 in https://github.com/actions/checkout/pull/1656
• Add SSH user parameter by @​cory-miller in https://github.com/actions/checkout/pull/1685

Full Changelog: actions/checkout@v4.1.2...v4.1.3

v4.1.2

Compare Source

• Fix: Disable sparse checkout whenever sparse-checkout option is not present @​dscho in https://github.com/actions/checkout/pull/1598

actions/dependency-review-action (actions/dependency-review-action)

v4.5.0

Compare Source

What's Changed

• Bump got from 14.4.2 to 14.4.3 by @​dependabot in https://github.com/actions/dependency-review-action/pull/844
• Bump nodemon from 3.1.0 to 3.1.7 by @​dependabot in https://github.com/actions/dependency-review-action/pull/847
• Bump @​vercel/ncc from 0.38.1 to 0.38.3 by @​dependabot in https://github.com/actions/dependency-review-action/pull/849
• Overriding the cross-spawn dependency to use a safe version by @​Ahmed3lmallah in https://github.com/actions/dependency-review-action/pull/850
• fix: add summary comment on failure when warn-only: true by @​ebickle in https://github.com/actions/dependency-review-action/pull/827
• Prepare for 4.5.0 release by @​Ahmed3lmallah in https://github.com/actions/dependency-review-action/pull/851

New Contributors

• @​ebickle made their first contribution in https://github.com/actions/dependency-review-action/pull/827

Full Changelog: actions/dependency-review-action@v4...v4.5.0

v4.4.0

Compare Source

What's Changed

• Fix for merge_group event bug by @​Ahmed3lmallah in https://github.com/actions/dependency-review-action/pull/846

Full Changelog: actions/dependency-review-action@v4.3.5...v4.4.0

v4.3.5

Compare Source

What's Changed

• fix: getRefs function to handle merge_group events by @​louis-bompart in https://github.com/actions/dependency-review-action/pull/766
• Create pull_request_template.md by @​jonjanego in https://github.com/actions/dependency-review-action/pull/794
• Update CONTRIBUTING.md by @​jonjanego in https://github.com/actions/dependency-review-action/pull/793
• Bump @​types/node from 20.11.28 to 20.16.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/815
• Upgrade transitive micromatch library by @​elireisman in https://github.com/actions/dependency-review-action/pull/829
• Do not list changed dependencies in summary by @​hmaurer in https://github.com/actions/dependency-review-action/pull/828
• Update stale.yaml by @​jonjanego in https://github.com/actions/dependency-review-action/pull/832
• Bump got from 14.4.1 to 14.4.2 by @​dependabot in https://github.com/actions/dependency-review-action/pull/822
• Bump eslint-plugin-jest and ts-jest by @​Ahmed3lmallah in https://github.com/actions/dependency-review-action/pull/840

New Contributors

• @​louis-bompart made their first contribution in https://github.com/actions/dependency-review-action/pull/766
• @​Ahmed3lmallah made their first contribution in https://github.com/actions/dependency-review-action/pull/840

Full Changelog: actions/dependency-review-action@v4.3.4...v4.3.5

v4.3.4

Compare Source

What's Changed

• Include all added dependencies in scorecard entries by @​elireisman in https://github.com/actions/dependency-review-action/pull/783
• Update SPDX Expression Parsing by @​febuiles in https://github.com/actions/dependency-review-action/pull/719
  • This PR is a significant refactor of SPDX expression parsing that may fix some bugs, but unfortunately there are several related known issues that remain unresolved as of this version.

Full Changelog: actions/dependency-review-action@v4.3.3...v4.3.4

v4.3.3: Notes for v4.3.3

Compare Source

What's Changed

• Allow slashes in purl package names by @​juxtin in https://github.com/actions/dependency-review-action/pull/765
• use the v3 version of the deps.dev API by @​josieang in https://github.com/actions/dependency-review-action/pull/741
• PR with suggestions - [Improvement]: Help streamline / simplify dependency review action README by @​am-stead in https://github.com/actions/dependency-review-action/pull/773
• fix show-openssf-scorecard-levels input by @​ramann in https://github.com/actions/dependency-review-action/pull/776
• Updates to the contribution guidelines by @​jonjanego in https://github.com/actions/dependency-review-action/pull/778
• Create issue templates by @​jonjanego in https://github.com/actions/dependency-review-action/pull/777
• Fix the max comment length issue by @​jhutchings1 and @​elireisman in https://github.com/actions/dependency-review-action/pull/767
• Bump project version to 4.3.3 in prep for a release by @​elireisman in https://github.com/actions/dependency-review-action/pull/781

New Contributors

• @​josieang made their first contribution in https://github.com/actions/dependency-review-action/pull/741
• @​am-stead made their first contribution in https://github.com/actions/dependency-review-action/pull/773
• @​ramann made their first contribution in https://github.com/actions/dependency-review-action/pull/776

Full Changelog: actions/dependency-review-action@v4.3.2...v4.3.3

v4.3.2

Compare Source

What's Changed

• Fix package-url parsing for allow-dependencies-licenses by @​juxtin in https://github.com/actions/dependency-review-action/pull/761

Full Changelog: actions/dependency-review-action@v4.3.1...v4.3.2

v4.3.1

Compare Source

What's Changed

This release fixes some bugs related to package-url parsing that were introduced in 4.3.0. See https://github.com/actions/dependency-review-action/pull/753.

Full Changelog: actions/dependency-review-action@V4.3.0...v4.3.1

v4.3.0

Compare Source

New Features

• The deny-packages option can now be used without a version number to exclude all versions of a package.

What's Changed

• Fix action variable name for scorecard by @​lukehinds in https://github.com/actions/dependency-review-action/pull/735
• Fix extra https:// in summary by @​jhutchings1 in https://github.com/actions/dependency-review-action/pull/748
• Bump typescript from 5.3.3 to 5.4.5 by @​dependabot in https://github.com/actions/dependency-review-action/pull/744
• Bump eslint-plugin-github from 4.10.1 to 4.10.2 by @​dependabot in https://github.com/actions/dependency-review-action/pull/737
• Show denied packages with red X by @​juxtin in https://github.com/actions/dependency-review-action/pull/750
• deny-packages configuration option can deny specified version or all packages by @​febuiles and @​bteng22 in https://github.com/actions/dependency-review-action/pull/733

New Contributors

• @​bteng22 made their first contribution in https://github.com/actions/dependency-review-action/pull/733
• @​lukehinds made their first contribution in https://github.com/actions/dependency-review-action/pull/735

Full Changelog: actions/dependency-review-action@v4.2.5...V4.3.0

v4.2.5: 4.2.5

Compare Source

What's Changed

• Fixed a bug where some configuration options in external files were not being properly picked up -- https://github.com/actions/dependency-review-action/pull/722
• Bump eslint from 8.56.0 to 8.57.0

Full Changelog: actions/dependency-review-action@v4.2.4...v4.2.5

v4.2.4

Compare Source

What's Changed

Fixed a bug in the output of OpenSSF cards for GitHub Actions.

New Contributors

• @​sporkmonger made their first contribution in https://github.com/actions/dependency-review-action/pull/721

Full Changelog: actions/dependency-review-action@v4.2.3...v4.2.4

v4.2.3: 4.2.3

Compare Source

What's Changed

• Set comment as output by @​jsoref in https://github.com/actions/dependency-review-action/pull/698
• Add support for calculating OpenSSF Scorecards by @​jhutchings1 in https://github.com/actions/dependency-review-action/pull/709
• Add outputs for the changes data by @​laughedelic in https://github.com/actions/dependency-review-action/pull/707

New Contributors

• @​jhutchings1 made their first contribution in https://github.com/actions/dependency-review-action/pull/709
• @​laughedelic made their first contribution in https://github.com/actions/dependency-review-action/pull/707

Full Changelog: actions/dependency-review-action@v4.1.3...v4.2.3

v4.1.3: 4.1.3

Compare Source

Fixes a bug in 4.1.2 that would introduce comments in every pull request, regardless of the user's configuration (see https://github.com/actions/dependency-review-action/issues/697).

Full Changelog: actions/dependency-review-action@v4.1.2...v4.1.3

v4.1.2: 4.1.2

Compare Source

What's Changed

• Expose dependency comment content by @​jsoref in https://github.com/actions/dependency-review-action/pull/696

Full Changelog: actions/dependency-review-action@v4.1.1...v4.1.2

v4.1.1: 4.1.1

Compare Source

What's Changed

• Bump undici to fix GHSA-wqq4-5wpv-mx2g
• Bump @​types/node from 20.11.17 to 20.11.19 by @​dependabot in https://github.com/actions/dependency-review-action/pull/693

Full Changelog: actions/dependency-review-action@v4.1.0...v4.1.1

v4.1.0: 4.1.0

Compare Source

What's Changed

• Add warn-only by @​tgrall in https://github.com/actions/dependency-review-action/pull/432

Added a new configuration option (warn-only, boolean) that makes the action always succeed while still displaying found vulnerabilities in the log.

• Create stale.yaml by @​jonjanego in https://github.com/actions/dependency-review-action/pull/671
• Use manual codeql config by @​juxtin in https://github.com/actions/dependency-review-action/pull/678
• Multiple dependency updates (see the changelog below for more information)

New Contributors

• @​jonjanego made their first contribution in https://github.com/actions/dependency-review-action/pull/671
• @​tgrall made their first contribution in https://github.com/actions/dependency-review-action/pull/432

Full Changelog: actions/dependency-review-action@v4...v4.1.0

v4.0.0

Compare Source

• Update action to Node 20 by @​takost in https://github.com/actions/dependency-review-action/pull/639
• Dependabot updates, see the full changelog for more details.

New Contributors

• @​takost made their first contribution in https://github.com/actions/dependency-review-action/pull/639

Full Changelog: actions/dependency-review-action@v3.1.5...v4.0.0

v3.1.5: 3.1.5

Compare Source

What's Changed

• Smaller per_page when requesting diff by @​hmaurer in https://github.com/actions/dependency-review-action/pull/649
• Update dependencies:
  • Bump @​typescript-eslint/parser from 6.10.0 to 6.13.1 by @​dependabot in https://github.com/actions/dependency-review-action/pull/630
  • Bump prettier from 3.0.3 to 3.1.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/629
  • Bump @​types/jest from 29.5.8 to 29.5.11 by @​dependabot in https://github.com/actions/dependency-review-action/pull/637
  • Bump nodemon from 3.0.1 to 3.0.2 by @​dependabot in https://github.com/actions/dependency-review-action/pull/636
  • Replace pip -> pypi in PURL examples by @​febuiles in https://github.com/actions/dependency-review-action/pull/638
  • Bump @​typescript-eslint/eslint-plugin from 6.12.0 to 6.15.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/644
  • Bump eslint from 8.53.0 to 8.56.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/640
  • Bump @​typescript-eslint/parser from 6.13.1 to 6.16.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/645
  • Bump prettier from 3.1.0 to 3.1.1 by @​dependabot in https://github.com/actions/dependency-review-action/pull/646

Full Changelog: actions/dependency-review-action@v3.1.4...v3.1.5

v3.1.4: 3.1.4

Compare Source

What's Changed

• Fixed a bug with severity filtering when using the allow_ghsas option: https://github.com/actions/dependency-review-action/pull/623.

• Updates dependencies:

  • Bump @​types/node from 16.18.61 to 16.18.62 by @​dependabot in https://github.com/actions/dependency-review-action/pull/619
    action/pull/620
  • Bump @​typescript-eslint/eslint-plugin from 6.11.0 to 6.12.0 by @​dependabot in https://github.com/actions/dependency-review-action/pull/625
  • Bump typescript from 5.2.2 to 5.3.2 by @​dependabot in https://github.com/actions/dependency-review-action/pull/624

Full Changelog: actions/dependency-review-action@v3...v3.1.4

v3.1.3: 3.1.3

Compare Source

What's Changed

• Fixes purl "version must be percent-encoded" by @​theztefan in https://github.com/actions/dependency-review-action/pull/617

Full Changelog: actions/dependency-review-action@v3...v3.1.3

v3.1.2: 3.1.2

Compare Source

What's Changed

• Fix a regression for setups using self-hosted runners behind HTTP proxies:@​febuiles in https://github.com/actions/dependency-review-action/pull/611

Full Changelog: actions/dependency-review-action@v3...v3.1.2

v3.1.1: 3.1.1

Compare Source

What's Changed

• Update a bunch of dependencies, including major version upgrades for octokit, @actions/github and typescript.

Full Changelog: actions/dependency-review-action@v3.1.0...v3.1.1

actions/setup-go (actions/setup-go)

v5.2.0

Compare Source

What's Changed

• Leveraging the raw API to retrieve the version-manifest, as it does not impose a rate limit and hence facilitates unrestricted consumption without the need for a token for Github Enterprise Servers by @​Shegox in https://github.com/actions/setup-go/pull/496

New Contributors

• @​Shegox made their first contribution in https://github.com/actions/setup-go/pull/496

Full Changelog: actions/setup-go@v5...v5.2.0

v5.1.0

Compare Source

What's Changed

• Add workflow file for publishing releases to immutable action package by @​Jcambass in https://github.com/actions/setup-go/pull/500
• Upgrade IA Publish by @​Jcambass in https://github.com/actions/setup-go/pull/502
• Add architecture to cache key by @​Zxilly in https://github.com/actions/setup-go/pull/493
  This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts.
  Note: This change may break previous cache keys as they will no longer be compatible with the new format.
• Enhance workflows and Upgrade micromatch Dependency by @​priyagupta108 in https://github.com/actions/setup-go/pull/510

Bug Fixes

• Revise isGhes logic by @​jww3 in https://github.com/actions/setup-go/pull/511

New Contributors

• @​Zxilly made their first contribution in https://github.com/actions/setup-go/pull/493
• @​Jcambass made their first contribution in https://github.com/actions/setup-go/pull/500
• @​jww3 made their first contribution in https://github.com/actions/setup-go/pull/511
• @​priyagupta108 made their first contribution in https://github.com/actions/setup-go/pull/510

Full Changelog: actions/setup-go@v5...v5.1.0

v5.0.2

Compare Source

What's Changed

Bug fixes:

• Fix versions check failure by @​HarithaVattikuti in https://github.com/actions/setup-go/pull/479

Dependency updates:

• Bump braces from 3.0.2 to 3.0.3 and undici from 5.28.3 to 5.28.4 by @​dependabot in https://github.com/actions/setup-go/pull/487

New Contributors

• @​HarithaVattikuti made their first contribution in https://github.com/actions/setup-go/pull/479

Full Changelog: actions/setup-go@v5...v5.0.2

v5.0.1

Compare Source

What's Changed

• Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by @​dependabot , @​HarithaVattikuti in https://github.com/actions/setup-go/pull/465
• Update documentation with latest V5 release notes by @​ab in https://github.com/actions/setup-go/pull/459
• Update version documentation by @​178inaba in https://github.com/actions/setup-go/pull/458
• Documentation update of actions/setup-go to v5 by @​chenrui333 in https://github.com/actions/setup-go/pull/449

New Contributors

• @​ab made their first contribution in https://github.com/actions/setup-go/pull/459

Full Changelog: actions/setup-go@v5.0.0...v5.0.1

v5.0.0

Compare Source

What's Changed

In scope of this release, we change Nodejs runtime from node16 to node20 (https://github.com/actions/setup-go/pull/421). Moreover, we update some dependencies to the latest versions (https://github.com/actions/setup-go/pull/445).

Besides, this release contains such changes as:

• Fix hosted tool cache usage on windows by @​galargh in https://github.com/actions/setup-go/pull/411
• Improve documentation regarding dependencies caching by @​artemgavrilov in https://github.com/actions/setup-go/pull/417

New Contributors

• @​galargh made their first contribution in https://github.com/actions/setup-go/pull/411
• @​artemgavrilov made their first contribution in https://github.com/actions/setup-go/pull/417
• @​chenrui333 made their first contribution in https://github.com/actions/setup-go/pull/421

Full Changelog: actions/setup-go@v4...v5.0.0

golang/protobuf (github.com/golang/protobuf)

v1.5.4

Compare Source

Notable changes

• update descriptor.proto to latest version

github/codeql-action (github/codeql-action)

v3.28.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.28.0 - 20 Dec 2024

• Bump the minimum CodeQL bundle version to 2.15.5. #​2655
• Don't fail in the unusual case that a file is on the search path. #​2660.

See the full CHANGELOG.md for more information.

v3.27.9

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.9 - 12 Dec 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.8

Compare Source

v3.27.7

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.7 - 10 Dec 2024

• We are rolling out a change in December 2024 that will extract the CodeQL bundle directly to the toolcache to improve performance. #​2631
• Update default CodeQL bundle version to 2.20.0. #​2636

See the full CHANGELOG.md for more information.

v3.27.6

Compare Source

v3.27.5

Compare Source

v3.27.4

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.4 - 14 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.3

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.3 - 12 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.2

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.2 - 12 Nov 2024

• Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". #​2590

See the full CHANGELOG.md for more information.

v3.27.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.1 - 08 Nov 2024

• The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. #​2573
• Update default CodeQL bundle version to 2.19.3. #​2576

See the full CHANGELOG.md for more information.

v3.27.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.0 - 22 Oct 2024

• Bump the minimum CodeQL bundle version to 2.14.6. #​2549
• Fix an issue where the upload-sarif Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the upload-sarif Action. #​2557
• Update default CodeQL bundle version to 2.19.2. #​2552

See the full CHANGELOG.md for more information.

v3.26.13

Compare Source

v3.26.12

Compare Source

v3.26.11

Compare Source

v3.26.10

Compare Source

v3.26.9

Compare Source

v3.26.8

Compare Source

v3.26.7

Compare Source

v3.26.6

Compare Source

v3.26.5

Compare Source

v3.26.4

Compare Source

v3.26.3

Compare Source

[v3.26.2](htt

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.