Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

chore(deps): bump github/codeql-action from 3.28.9 to 3.28.10 #4582

Merged
merged 2 commits into from
Feb 25, 2025
Merged

chore(deps): bump github/codeql-action from 3.28.9 to 3.28.10 #4582

merged 2 commits into from
Feb 25, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 24, 2025

Bumps github/codeql-action from 3.28.9 to 3.28.10.

Release notes

Sourced from github/codeql-action's releases.

v3.28.10

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.10 - 21 Feb 2025

  • Update default CodeQL bundle version to 2.20.5. #2772
  • Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.10 - 21 Feb 2025

  • Update default CodeQL bundle version to 2.20.5. #2772
  • Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

  • Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

  • Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

3.28.6 - 27 Jan 2025

  • Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

3.28.5 - 24 Jan 2025

  • Update default CodeQL bundle version to 2.20.3. #2717

3.28.4 - 23 Jan 2025

No user facing changes.

3.28.3 - 22 Jan 2025

  • Update default CodeQL bundle version to 2.20.2. #2707
  • Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the CodeQL Action sync tool and the Actions runner did not have Zstandard installed. #2710
  • Uploading debug artifacts for CodeQL analysis is temporarily disabled. #2712

3.28.2 - 21 Jan 2025

No user facing changes.

3.28.1 - 10 Jan 2025

  • CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #2677

... (truncated)

Commits
  • b56ba49 Merge pull request #2778 from github/update-v3.28.10-9856c48b1
  • 60c9c77 Update changelog for v3.28.10
  • 9856c48 Merge pull request #2773 from github/redsun82/rust
  • 9572e09 Rust: fix log string
  • 1a52936 Rust: special case default setup
  • cf7e909 Merge pull request #2772 from github/update-bundle/codeql-bundle-v2.20.5
  • b7006aa Merge branch 'main' into update-bundle/codeql-bundle-v2.20.5
  • cfedae7 Rust: throw configuration errors if requested and not correctly enabled
  • 3971ed2 Merge branch 'main' into redsun82/rust
  • d38c6e6 Merge pull request #2775 from github/angelapwen/bump-octokit
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump github/codeql-action from 3.28.9 to 3.28.10
16714ad 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.9 to 3.28.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@9e8d078...b56ba49)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 24, 2025
@dependabot dependabot bot requested a review from antonis as a code owner February 24, 2025 07:43
@dependabot dependabot bot added the github_actions Pull requests that update GitHub Actions code label Feb 24, 2025
@antonis
Copy link
Collaborator

antonis commented Feb 24, 2025
edited
Loading

The failed Sample Application Expo / Build android production no-frameworks (pull_request) check seems to be related to the uploadSentryNativeSymbolsForRelease task that fails due to missing credentials.

> Task :app:assembleRelease
> Task :app:uploadSentryNativeSymbolsForRelease FAILED
  INFO    2025-02-24 09:51:46.849573325 +00:00 Loaded file referenced by SENTRY_PROPERTIES (/home/runner/work/sentry-react-native/sentry-react-native/samples/expo/android/sentry.properties)
error: API request failed
Caused by:
    sentry reported an error: Invalid token header. No credentials provided. (http status: 401)
Add --log-level=[info|debug] or export SENTRY_LOG_LEVEL=[info|debug] to see more output.
Please attach the full debug log to all bug reports.
> Task :app:sentryCollectSourcesRelease
> Task :app:sentryBundleSourcesRelease FAILED
  INFO    2025-02-24 09:51:47.055486418 +00:00 Loaded file referenced by SENTRY_PROPERTIES (/home/runner/work/sentry-react-native/sentry-react-native/samples/expo/android/sentry.properties)
error: API request failed
Caused by:
    sentry reported an error: Invalid token header. No credentials provided. (http status: 401)
Add --log-level=[info|debug] or export SENTRY_LOG_LEVEL=[info|debug] to see more output.
Please attach the full debug log to all bug reports.
FAILURE: Build completed with 2 failures.
1: Task failed with an exception.

This should be related with the new SAGP tasks introduced with #4440

Note that this test succeeds on main head were credentials are accessible and it is the first time that a dependabot PR encounters this task. The previous run was successful without SAGP changes.

Edit: This should be fixed with #4583

@antonis antonis mentioned this pull request Feb 24, 2025
Merged
10 tasks
@github-actions GitHub Actions
Copy link
Contributor

iOS (legacy) Performance metrics 🚀

  Plain With Sentry Diff
Startup time 1218.27 ms 1218.21 ms -0.05 ms
Size 2.63 MiB 3.75 MiB 1.12 MiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
8e80789+dirty 1228.04 ms 1237.20 ms 9.16 ms
c2a4e9b+dirty 1240.10 ms 1239.22 ms -0.88 ms
5fe8312+dirty 1222.06 ms 1220.56 ms -1.51 ms
d361d38+dirty 1246.04 ms 1267.12 ms 21.08 ms
a18210a+dirty 1237.15 ms 1224.85 ms -12.29 ms
1faf8e3+dirty 1214.87 ms 1222.83 ms 7.97 ms
cdf2bdf+dirty 1230.10 ms 1238.08 ms 7.98 ms
77680ec+dirty 1231.81 ms 1238.35 ms 6.54 ms
b95b8af+dirty 1221.39 ms 1228.52 ms 7.13 ms
86d6d2c+dirty 1267.55 ms 1286.21 ms 18.66 ms

App size

Revision Plain With Sentry Diff
8e80789+dirty 2.36 MiB 3.10 MiB 759.43 KiB
c2a4e9b+dirty 2.36 MiB 3.08 MiB 734.00 KiB
5fe8312+dirty 2.63 MiB 3.70 MiB 1.06 MiB
d361d38+dirty 2.36 MiB 2.85 MiB 499.84 KiB
a18210a+dirty 2.63 MiB 3.70 MiB 1.06 MiB
1faf8e3+dirty 2.36 MiB 3.08 MiB 736.75 KiB
cdf2bdf+dirty 2.36 MiB 3.12 MiB 779.40 KiB
77680ec+dirty 2.36 MiB 3.10 MiB 753.42 KiB
b95b8af+dirty 2.36 MiB 3.14 MiB 793.32 KiB
86d6d2c+dirty 2.36 MiB 2.82 MiB 462.82 KiB

@github-actions GitHub Actions
Copy link
Contributor

iOS (new) Performance metrics 🚀

  Plain With Sentry Diff
Startup time 1217.16 ms 1223.52 ms 6.36 ms
Size 3.19 MiB 4.32 MiB 1.13 MiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
9cab16b+dirty 1236.10 ms 1247.16 ms 11.06 ms
416f465+dirty 1232.48 ms 1233.26 ms 0.78 ms
4a6664f+dirty 1218.77 ms 1221.07 ms 2.30 ms
cdf2bdf+dirty 1237.04 ms 1237.86 ms 0.82 ms
c81e67f+dirty 1219.29 ms 1217.89 ms -1.40 ms
9c48b2c+dirty 1253.39 ms 1256.30 ms 2.91 ms
575f9da+dirty 1272.00 ms 1284.38 ms 12.38 ms
15c80ab+dirty 1248.41 ms 1251.24 ms 2.83 ms
9dabcce+dirty 1247.71 ms 1239.18 ms -8.53 ms
8ae23a7+dirty 1233.67 ms 1229.52 ms -4.15 ms

App size

Revision Plain With Sentry Diff
9cab16b+dirty 2.92 MiB 3.64 MiB 743.06 KiB
416f465+dirty 2.92 MiB 3.67 MiB 772.44 KiB
4a6664f+dirty 2.92 MiB 3.60 MiB 702.09 KiB
cdf2bdf+dirty 2.92 MiB 3.69 MiB 790.57 KiB
c81e67f+dirty 3.19 MiB 4.32 MiB 1.13 MiB
9c48b2c+dirty 2.92 MiB 3.41 MiB 499.97 KiB
575f9da+dirty 2.92 MiB 3.43 MiB 524.26 KiB
15c80ab+dirty 2.92 MiB 3.39 MiB 481.56 KiB
9dabcce+dirty 2.92 MiB 3.67 MiB 770.02 KiB
8ae23a7+dirty 2.92 MiB 3.66 MiB 757.67 KiB

antonis
antonis approved these changes Feb 25, 2025
View reviewed changes
Copy link
Collaborator

@antonis antonis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM and the CI is 🟢 after merging #4583 🎉

@github-actions GitHub Actions
Copy link
Contributor

Android (legacy) Performance metrics 🚀

  Plain With Sentry Diff
Startup time 416.27 ms 433.17 ms 16.90 ms
Size 17.75 MiB 20.12 MiB 2.37 MiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
1c65324 426.37 ms 460.36 ms 33.99 ms
ae7b03d 428.82 ms 412.33 ms -16.49 ms
9433f35 347.64 ms 356.22 ms 8.58 ms
b95b8af 454.05 ms 454.53 ms 0.48 ms
63ed251 457.74 ms 441.54 ms -16.20 ms
5852d77 415.81 ms 421.02 ms 5.21 ms
5bb8d5f 431.21 ms 459.40 ms 28.19 ms
b1e8712 462.11 ms 465.71 ms 3.60 ms
5f03ae9 444.88 ms 448.89 ms 4.01 ms
e1ea4a8 506.82 ms 510.48 ms 3.66 ms

App size

Revision Plain With Sentry Diff
1c65324 17.73 MiB 19.95 MiB 2.21 MiB
ae7b03d 17.75 MiB 20.11 MiB 2.37 MiB
9433f35 17.73 MiB 19.81 MiB 2.08 MiB
b95b8af 17.73 MiB 20.11 MiB 2.37 MiB
63ed251 17.74 MiB 20.08 MiB 2.34 MiB
5852d77 17.75 MiB 20.11 MiB 2.36 MiB
5bb8d5f 17.73 MiB 19.93 MiB 2.20 MiB
b1e8712 17.73 MiB 19.75 MiB 2.02 MiB
5f03ae9 17.75 MiB 20.11 MiB 2.36 MiB
e1ea4a8 17.74 MiB 20.08 MiB 2.34 MiB

@antonis antonis merged commit 5e5c392 into main Feb 25, 2025
70 checks passed
@antonis antonis deleted the dependabot/github_actions/github/codeql-action-3.28.10 branch February 25, 2025 15:52
@github-actions GitHub Actions
Copy link
Contributor

Android (new) Performance metrics 🚀

  Plain With Sentry Diff
Startup time 432.71 ms 448.16 ms 15.45 ms
Size 7.15 MiB 8.39 MiB 1.23 MiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
c991c90+dirty 270.25 ms 290.85 ms 20.60 ms
0677344+dirty 288.40 ms 391.44 ms 103.04 ms
e99226d+dirty 413.20 ms 460.37 ms 47.17 ms
80b2ce3+dirty 271.29 ms 316.47 ms 45.18 ms
8ab11b6+dirty 391.36 ms 417.86 ms 26.50 ms
8de2810+dirty 368.43 ms 412.20 ms 43.77 ms
946a600+dirty 397.17 ms 439.35 ms 42.17 ms
c398f67+dirty 315.08 ms 345.60 ms 30.52 ms
5bb8d5f+dirty 356.71 ms 389.65 ms 32.94 ms
e5bc97b+dirty 409.10 ms 471.61 ms 62.51 ms

App size

Revision Plain With Sentry Diff
c991c90+dirty 7.15 MiB 8.38 MiB 1.22 MiB
0677344+dirty 7.15 MiB 8.07 MiB 949.80 KiB
e99226d+dirty 7.15 MiB 8.38 MiB 1.23 MiB
80b2ce3+dirty 7.15 MiB 8.04 MiB 911.02 KiB
8ab11b6+dirty 7.15 MiB 8.37 MiB 1.22 MiB
8de2810+dirty 7.15 MiB 8.35 MiB 1.20 MiB
946a600+dirty 7.15 MiB 8.37 MiB 1.22 MiB
c398f67+dirty 7.15 MiB 8.21 MiB 1.07 MiB
5bb8d5f+dirty 7.15 MiB 8.21 MiB 1.06 MiB
e5bc97b+dirty 7.15 MiB 8.35 MiB 1.20 MiB

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@antonis antonis antonis approved these changes

@krystofwoldrich krystofwoldrich Awaiting requested review from krystofwoldrich krystofwoldrich is a code owner

@lucas-zimerman lucas-zimerman Awaiting requested review from lucas-zimerman lucas-zimerman is a code owner

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@antonis