Skip to content

chore(deps): bump github/codeql-action from 4.36.3 to 4.37.0 in /.github/workflows#7526

Merged
alxkm merged 1 commit into
masterfrom
dependabot/github_actions/dot-github/workflows/github/codeql-action-4.37.0
Jul 15, 2026
Merged

chore(deps): bump github/codeql-action from 4.36.3 to 4.37.0 in /.github/workflows#7526
alxkm merged 1 commit into
masterfrom
dependabot/github_actions/dot-github/workflows/github/codeql-action-4.37.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor

Bumps github/codeql-action from 4.36.3 to 4.37.0.

Release notes

Sourced from github/codeql-action's releases.

v4.37.0

  • Update default CodeQL bundle version to 2.26.0. #3995
  • In addition to the existing input format, the config-file input for the codeql-action/init step will soon support a new [owner/]repo[@ref][:path] format. All components except the repository name are optional. If omitted, owner defaults to the same owner as the repository the analysis is running for, ref to main, and path to .github/codeql-action.yaml. Support for this format ships in this version of the CodeQL Action, but will only be enabled over the coming weeks. #3973
Changelog

Sourced from github/codeql-action's changelog.

4.37.0 - 08 Jul 2026

  • Update default CodeQL bundle version to 2.26.0. #3995
  • In addition to the existing input format, the config-file input for the codeql-action/init step will soon support a new [owner/]repo[@ref][:path] format. All components except the repository name are optional. If omitted, owner defaults to the same owner as the repository the analysis is running for, ref to main, and path to .github/codeql-action.yaml. Support for this format ships in this version of the CodeQL Action, but will only be enabled over the coming weeks. #3973
Commits
  • 99df26d Merge pull request #3996 from github/update-v4.37.0-c7c896d71
  • 31c2707 Add changenote for #3973
  • 72df218 Update changelog for v4.37.0
  • c7c896d Merge pull request #3995 from github/update-bundle/codeql-bundle-v2.26.0
  • 3f34ff0 Add changelog note
  • 43bec09 Update default bundle to codeql-bundle-v2.26.0
  • f58f0d1 Merge pull request #3973 from github/mbg/repo-props/config-file-shorthands
  • 7dc37cb Merge remote-tracking branch 'origin/main' into mbg/repo-props/config-file-sh...
  • 8e22350 Thread ActionState to initConfig
  • 69c9e8c Mark some status-report imports as type-only to avoid circular dependencies
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.3 to 4.37.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v4.36.3...v4.37.0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 15, 2026
@dependabot dependabot Bot requested a review from DenizAltunkapan as a code owner July 15, 2026 21:43
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 15, 2026
@dependabot dependabot Bot requested review from alxkm and yanglbme as code owners July 15, 2026 21:43
@dependabot dependabot Bot added the github_actions Pull requests that update GitHub Actions code label Jul 15, 2026
@codecov-commenter

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 80.24%. Comparing base (0125123) to head (fdc3a2a).

Additional details and impacted files
@@            Coverage Diff            @@
##             master    #7526   +/-   ##
=========================================
  Coverage     80.24%   80.24%           
- Complexity     7356     7357    +1     
=========================================
  Files           810      810           
  Lines         23787    23787           
  Branches       4678     4678           
=========================================
  Hits          19089    19089           
  Misses         3940     3940           
  Partials        758      758           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@alxkm alxkm merged commit e45b6ac into master Jul 15, 2026
9 checks passed
@alxkm alxkm deleted the dependabot/github_actions/dot-github/workflows/github/codeql-action-4.37.0 branch July 15, 2026 21:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants