Skip to content

build(deps): bump github/codeql-action from 4.31.10 to 4.31.11 #5057

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
romtsn merged 2 commits into from
Jan 26, 2026
Merged

build(deps): bump github/codeql-action from 4.31.10 to 4.31.11 #5057

romtsn merged 2 commits into from
Jan 26, 2026
+11 −6

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 26, 2026
edited
Loading

Bumps github/codeql-action from 4.31.10 to 4.31.11.

Release notes

Sourced from github/codeql-action's releases.

v4.31.11

  • When running a Default Setup workflow with Actions debugging enabled, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. #3409
  • Improved error handling throughout the CodeQL Action. #3415
  • Added experimental support for automatically excluding generated files from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. #3318
  • The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. #3403
Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.31.11 - 23 Jan 2026

  • When running a Default Setup workflow with Actions debugging enabled, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. #3409
  • Improved error handling throughout the CodeQL Action. #3415
  • Added experimental support for automatically excluding generated files from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. #3318
  • The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. #3403

4.31.10 - 12 Jan 2026

  • Update default CodeQL bundle version to 2.23.9. #3393

4.31.9 - 16 Dec 2025

No user facing changes.

4.31.8 - 11 Dec 2025

  • Update default CodeQL bundle version to 2.23.8. #3354

4.31.7 - 05 Dec 2025

  • Update default CodeQL bundle version to 2.23.7. #3343

4.31.6 - 01 Dec 2025

No user facing changes.

4.31.5 - 24 Nov 2025

  • Update default CodeQL bundle version to 2.23.6. #3321

4.31.4 - 18 Nov 2025

No user facing changes.

4.31.3 - 13 Nov 2025

  • CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see Upcoming deprecation of CodeQL Action v3.
  • Update default CodeQL bundle version to 2.23.5. #3288

4.31.2 - 30 Oct 2025

... (truncated)

Commits
  • 19b2f06 Merge pull request #3417 from github/update-v4.31.11-1601acf88
  • 03afde0 Add noteworthy changes to changelog
  • 9469107 Update changelog for v4.31.11
  • 1601acf Merge pull request #3415 from github/henrymercer/address-telemetry-gap
  • fba7872 Address review comments
  • a8dd5ab Merge pull request #3414 from github/dependabot/npm_and_yarn/lodash-4.17.23
  • 28bfb7b Omit error from start-proxy Action
  • 91f3460 Throw if in test mode
  • edebb78 Differentiate unhandled errors in telemetry
  • 529c266 Use getErrorMessage in more places
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jan 26, 2026
@dependabot dependabot bot added the github_actions Pull requests that update GitHub Actions code label Jan 26, 2026
@dependabot dependabot bot requested a review from lcian as a code owner January 26, 2026 04:25
@github-actions
Copy link
Contributor

github-actions bot commented Jan 26, 2026
edited
Loading

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

Bug Fixes 🐛

  • Establish native exception mechanisms by supervacuus in #5052

Internal Changes 🔧

Deps

  • Bump github/codeql-action from 4.31.10 to 4.31.11 by dependabot[bot] in #5057
  • Bump getsentry/craft from 2.19.0 to 2.20.0 by dependabot in #5058

Other

  • (android) Update targetSdk to API 36 (Android 16) by markushi in #5016
  • (ci) Write permission for statuses in changelog preview by supervacuus in #5053

🤖 This preview updates automatically when you update the PR.

@dependabot
build(deps): bump github/codeql-action from 4.31.10 to 4.31.11
2521fe7 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.10 to 4.31.11.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@cdefb33...19b2f06)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/github_actions/github/codeql-action-4.31.11 branch from e071423 to 2521fe7 Compare January 26, 2026 10:05
@romtsn romtsn enabled auto-merge (squash) January 26, 2026 10:10
@github-actions
Copy link
Contributor

github-actions bot commented Jan 26, 2026

Performance metrics 🚀

  Plain With Sentry Diff
Startup time 307.47 ms 355.65 ms 48.18 ms
Size 1.58 MiB 2.19 MiB 620.05 KiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
dba088c 365.46 ms 366.31 ms 0.85 ms
d15471f 315.20 ms 370.22 ms 55.02 ms
fc5ccaf 256.80 ms 322.36 ms 65.56 ms
806307f 357.85 ms 424.64 ms 66.79 ms
ee747ae 415.92 ms 470.15 ms 54.23 ms
694d587 312.37 ms 402.77 ms 90.41 ms
fcec2f2 311.35 ms 384.94 ms 73.59 ms
ee747ae 405.43 ms 485.70 ms 80.28 ms
d15471f 310.66 ms 368.19 ms 57.53 ms
abf451a 332.82 ms 403.67 ms 70.85 ms

App size

Revision Plain With Sentry Diff
dba088c 1.58 MiB 2.13 MiB 558.99 KiB
d15471f 1.58 MiB 2.13 MiB 559.54 KiB
fc5ccaf 1.58 MiB 2.13 MiB 557.54 KiB
806307f 1.58 MiB 2.10 MiB 533.42 KiB
ee747ae 1.58 MiB 2.10 MiB 530.95 KiB
694d587 1.58 MiB 2.19 MiB 620.06 KiB
fcec2f2 1.58 MiB 2.12 MiB 551.51 KiB
ee747ae 1.58 MiB 2.10 MiB 530.95 KiB
d15471f 1.58 MiB 2.13 MiB 559.54 KiB
abf451a 1.58 MiB 2.20 MiB 635.29 KiB

@romtsn romtsn merged commit 2d05bb1 into main Jan 26, 2026
61 of 62 checks passed
@romtsn romtsn deleted the dependabot/github_actions/github/codeql-action-4.31.11 branch January 26, 2026 13:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@romtsn romtsn romtsn approved these changes

@adinauer adinauer Awaiting requested review from adinauer adinauer is a code owner

@markushi markushi Awaiting requested review from markushi markushi is a code owner

@lcian lcian Awaiting requested review from lcian lcian is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@romtsn