chore(studio-deps)(deps): bump the security-critical group across 1 directory with 9 updates by dependabot[bot] · Pull Request #2439 · ArcadeData/arcadedb

dependabot · 2025-08-23T11:33:37Z

Bumps the security-critical group with 9 updates in the /studio directory:

Package	From	To
bootstrap	`5.3.6`	`5.3.7`
datatables.net	`1.13.11`	`2.3.3`
datatables.net-bs5	`1.13.11`	`2.3.3`
datatables.net-buttons	`2.4.3`	`3.2.4`
datatables.net-buttons-bs5	`2.4.3`	`3.2.4`
datatables.net-responsive	`2.5.1`	`3.0.6`
datatables.net-responsive-bs5	`2.5.1`	`3.0.6`
datatables.net-select	`1.7.1`	`3.1.0`
datatables.net-select-bs5	`1.7.1`	`3.1.0`

Updates bootstrap from 5.3.6 to 5.3.7

Release notes

Sourced from bootstrap's releases.

v5.3.7

📚 Documentation

Fixed broken "View on GitHub" URLs

Corrected HTML <head> content generated by the "Download examples" button

Refined sanitizer documentation for clarity and completeness

Improved accessibility in the "On this page" table of contents and section heading anchor links

Relocated ads to the right sidebar to minimize content reflow

Added a new section on the Download page for the Intelissence extension

Clarified the "Via JavaScript" usage example for Accordion Collapse

Made internal documentation improvements to support future maintenance (no visible user impact)

Mention CDN integrity and crossorigin attributes in introduction page

Enhance floating labels placeholder usage description

Add example of showing dynamic range value with output

🎨 Sass

Consolidated multiple 'none' values in the box-shadow Sass mixin for cleaner output

🤖 JavaScript

Fixed popover and tooltip behavior with a trigger: "hover click" configuration

🤝 Contributions

Added recommended VSCode extensions and settings configuration to the repository

Commits

e0032ae Release v5.3.7 (#41509)
0f63de9 Build(deps-dev): Bump zod from 3.25.56 to 3.25.57
37f33ff Build(deps-dev): Bump the development-dependencies group with 2 updates (#41531)
03f27a2 Docs: add example of showing dynamic range value with output (#41516)
f04b980 Docs: enhance floating labels placeholder usage description (#41526)
1c00b1f Build(deps-dev): Bump the development-dependencies group with 3 updates (#41528)
590226f Build(deps-dev): Bump the development-dependencies group with 2 updates
0a9fa30 Build(deps-dev): Bump the development-dependencies group with 4 updates (#41525)
0b6c09a Build(deps-dev): Bump zod from 3.25.48 to 3.25.49 (#41513)
e6fdd27 Mentions CDN integrity and crossorigin attributes in Intro docs page (#41515)
Additional commits viewable in compare view

Updates datatables.net from 1.13.11 to 2.3.3

Commits

5045bb1 Sync tag release - 2.3.3
34075e8 1e4802ad6c2a8a9dbc615a31780ff330dcae940c Dev: Tidy up the karma include files
0e94efc 6d037fa022d0092ac023c9693dec53a4cf6eceda Dev: Fix path for unit tests
ddd61c0 1a733495886a2c3ef150cefde420df0e8e59cddf Release 2.3.3
2b70a5b 173eec7da5ef007999d002ef5c7a5a0f61825d88 Fix: When a child row is "closed" it...
c00704f 346f916ea2815907cf414f6cdbd68599f530c7dd Fix: Unable to build master after va...
964999a 57b777c4145182fa9d29c01b529e76762e1412d9 Fix: Various spelling fixes in comme...
737b74a ce91ee6dd8c457b2fdd17ae3d42b20393834cf98 Example: Improve index example perfo...
825e279 0039fc7591071aa30043ccdf15d698baee7d5f3c Outage information
cac5633 d0950f51c456bea14be3e2bdb7501f40adf08935 Fix: Improve default link colour for...
Additional commits viewable in compare view

Updates datatables.net-bs5 from 1.13.11 to 2.3.3

Commits

3e2b7ae Sync tag release - 2.3.3
cb4d40c 1e4802ad6c2a8a9dbc615a31780ff330dcae940c Dev: Tidy up the karma include files
3b74385 6d037fa022d0092ac023c9693dec53a4cf6eceda Dev: Fix path for unit tests
07d424c 1a733495886a2c3ef150cefde420df0e8e59cddf Release 2.3.3
be8fbff 173eec7da5ef007999d002ef5c7a5a0f61825d88 Fix: When a child row is "closed" it...
be6b87e 346f916ea2815907cf414f6cdbd68599f530c7dd Fix: Unable to build master after va...
2e1d7e4 57b777c4145182fa9d29c01b529e76762e1412d9 Fix: Various spelling fixes in comme...
7ecfbc7 ce91ee6dd8c457b2fdd17ae3d42b20393834cf98 Example: Improve index example perfo...
601e901 0039fc7591071aa30043ccdf15d698baee7d5f3c Outage information
b63a2ad d0950f51c456bea14be3e2bdb7501f40adf08935 Fix: Improve default link colour for...
Additional commits viewable in compare view

Updates datatables.net-buttons from 2.4.3 to 3.2.4

Release notes

Sourced from datatables.net-buttons's releases.

3.2.4

Buttons 3.2.4

3.2.3

Buttons 3.2.3

3.2.2

Buttons 3.2.2

3.2.1

Buttons 3.2.1

3.2.0

Buttons 3.2.0

3.1.2

Buttons 3.1.2

3.1.1

Buttons 3.1.1

3.1.0

Buttons 3.1.0

3.0.2

Buttons 3.0.2

3.0.1

Buttons 3.0.1

3.0.0

Buttons 3.0.0

Commits

See full diff in compare view

Updates datatables.net-buttons-bs5 from 2.4.3 to 3.2.4

Release notes

Sourced from datatables.net-buttons-bs5's releases.

3.2.4

Buttons Bootstrap5 3.2.4

3.2.3

Buttons Bootstrap5 3.2.3

3.2.2

Buttons Bootstrap5 3.2.2

3.2.1

Buttons Bootstrap5 3.2.1

3.2.0

Buttons Bootstrap5 3.2.0

3.1.2

Buttons Bootstrap5 3.1.2

3.1.1

Buttons Bootstrap5 3.1.1

3.1.0

Buttons Bootstrap5 3.1.0

3.0.2

Buttons Bootstrap5 3.0.2

3.0.1

Buttons Bootstrap5 3.0.1

3.0.0

Buttons Bootstrap5 3.0.0

Commits

See full diff in compare view

Updates datatables.net-responsive from 2.5.1 to 3.0.6

Release notes

Sourced from datatables.net-responsive's releases.

3.0.6

Responsive 3.0.6

3.0.5

Responsive 3.0.5

3.0.4

Responsive 3.0.4

3.0.3

Responsive 3.0.3

3.0.2

Responsive 3.0.2

3.0.1

Responsive 3.0.1

3.0.0

Responsive 3.0.0

Commits

See full diff in compare view

Updates datatables.net-responsive-bs5 from 2.5.1 to 3.0.6

Release notes

Sourced from datatables.net-responsive-bs5's releases.

3.0.6

Responsive Bootstrap5 3.0.6

3.0.5

Responsive Bootstrap5 3.0.5

3.0.4

Responsive Bootstrap5 3.0.4

3.0.3

Responsive Bootstrap5 3.0.3

3.0.2

Responsive Bootstrap5 3.0.2

3.0.1

Responsive Bootstrap5 3.0.1

3.0.0

Responsive Bootstrap5 3.0.0

Commits

See full diff in compare view

Updates datatables.net-select from 1.7.1 to 3.1.0

Release notes

Sourced from datatables.net-select's releases.

3.1.0

Select 3.1.0

3.0.1

Select 3.0.1

3.0.0

Select 3.0.0

2.1.0

Select 2.1.0

2.0.5

Select 2.0.5

2.0.4

Select 2.0.4

2.0.3

Select 2.0.3

2.0.2

Select 2.0.2

2.0.1

Select 2.0.1

2.0.0

Select 2.0.0

Commits

See full diff in compare view

Updates datatables.net-select-bs5 from 1.7.1 to 3.1.0

Release notes

Sourced from datatables.net-select-bs5's releases.

3.1.0

Select Bootstrap5 3.1.0

3.0.1

Select Bootstrap5 3.0.1

3.0.0

Select Bootstrap5 3.0.0

2.1.0

Select Bootstrap5 2.1.0

2.0.5

Select Bootstrap5 2.0.5

2.0.4

Select Bootstrap5 2.0.4

2.0.3

Select Bootstrap5 2.0.3

2.0.2

Select Bootstrap5 2.0.2

2.0.1

Select Bootstrap5 2.0.1

2.0.0

Select Bootstrap5 2.0.0

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…irectory with 9 updates Bumps the security-critical group with 9 updates in the /studio directory: | Package | From | To | | --- | --- | --- | | [bootstrap](https://github.com/twbs/bootstrap) | `5.3.6` | `5.3.7` | | [datatables.net](https://github.com/DataTables/Dist-DataTables) | `1.13.11` | `2.3.3` | | [datatables.net-bs5](https://github.com/DataTables/Dist-DataTables-Bootstrap5) | `1.13.11` | `2.3.3` | | [datatables.net-buttons](https://github.com/DataTables/Dist-DataTables-Buttons) | `2.4.3` | `3.2.4` | | [datatables.net-buttons-bs5](https://github.com/DataTables/Dist-DataTables-Buttons-Bootstrap5) | `2.4.3` | `3.2.4` | | [datatables.net-responsive](https://github.com/DataTables/Dist-DataTables-Responsive) | `2.5.1` | `3.0.6` | | [datatables.net-responsive-bs5](https://github.com/DataTables/Dist-DataTables-Responsive-Bootstrap5) | `2.5.1` | `3.0.6` | | [datatables.net-select](https://github.com/DataTables/Dist-DataTables-Select) | `1.7.1` | `3.1.0` | | [datatables.net-select-bs5](https://github.com/DataTables/Dist-DataTables-Select-Bootstrap5) | `1.7.1` | `3.1.0` | Updates `bootstrap` from 5.3.6 to 5.3.7 - [Release notes](https://github.com/twbs/bootstrap/releases) - [Commits](twbs/bootstrap@v5.3.6...v5.3.7) Updates `datatables.net` from 1.13.11 to 2.3.3 - [Release notes](https://github.com/DataTables/Dist-DataTables/releases) - [Commits](DataTables/Dist-DataTables@1.13.11...2.3.3) Updates `datatables.net-bs5` from 1.13.11 to 2.3.3 - [Release notes](https://github.com/DataTables/Dist-DataTables-Bootstrap5/releases) - [Commits](DataTables/Dist-DataTables-Bootstrap5@1.13.11...2.3.3) Updates `datatables.net-buttons` from 2.4.3 to 3.2.4 - [Release notes](https://github.com/DataTables/Dist-DataTables-Buttons/releases) - [Commits](https://github.com/DataTables/Dist-DataTables-Buttons/commits/3.2.4) Updates `datatables.net-buttons-bs5` from 2.4.3 to 3.2.4 - [Release notes](https://github.com/DataTables/Dist-DataTables-Buttons-Bootstrap5/releases) - [Commits](https://github.com/DataTables/Dist-DataTables-Buttons-Bootstrap5/commits/3.2.4) Updates `datatables.net-responsive` from 2.5.1 to 3.0.6 - [Release notes](https://github.com/DataTables/Dist-DataTables-Responsive/releases) - [Commits](https://github.com/DataTables/Dist-DataTables-Responsive/commits/3.0.6) Updates `datatables.net-responsive-bs5` from 2.5.1 to 3.0.6 - [Release notes](https://github.com/DataTables/Dist-DataTables-Responsive-Bootstrap5/releases) - [Commits](https://github.com/DataTables/Dist-DataTables-Responsive-Bootstrap5/commits/3.0.6) Updates `datatables.net-select` from 1.7.1 to 3.1.0 - [Release notes](https://github.com/DataTables/Dist-DataTables-Select/releases) - [Commits](https://github.com/DataTables/Dist-DataTables-Select/commits/3.1.0) Updates `datatables.net-select-bs5` from 1.7.1 to 3.1.0 - [Release notes](https://github.com/DataTables/Dist-DataTables-Select-Bootstrap5/releases) - [Commits](https://github.com/DataTables/Dist-DataTables-Select-Bootstrap5/commits/3.1.0) --- updated-dependencies: - dependency-name: bootstrap dependency-version: 5.3.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-critical - dependency-name: datatables.net dependency-version: 2.3.3 dependency-type: direct:production update-type: version-update:semver-major dependency-group: security-critical - dependency-name: datatables.net-bs5 dependency-version: 2.3.3 dependency-type: direct:production update-type: version-update:semver-major dependency-group: security-critical - dependency-name: datatables.net-buttons dependency-version: 3.2.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: security-critical - dependency-name: datatables.net-buttons-bs5 dependency-version: 3.2.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: security-critical - dependency-name: datatables.net-responsive dependency-version: 3.0.6 dependency-type: direct:production update-type: version-update:semver-major dependency-group: security-critical - dependency-name: datatables.net-responsive-bs5 dependency-version: 3.0.6 dependency-type: direct:production update-type: version-update:semver-major dependency-group: security-critical - dependency-name: datatables.net-select dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: security-critical - dependency-name: datatables.net-select-bs5 dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: security-critical ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the github-actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 6.0.2 to 6.0.3 Release notes *Sourced from [actions/checkout's releases](https://github.com/actions/checkout/releases).* > v6.0.3 > ------ > > What's Changed > -------------- > > * Update changelog by [`@ericsciple`](https://github.com/ericsciple) in [actions/checkout#2357](https://github.com/actions/checkout/pull/2357) > * fix: expand merge commit SHA regex and add SHA-256 test cases by [`@yaananth`](https://github.com/yaananth) in [actions/checkout#2414](https://github.com/actions/checkout/pull/2414) > * Fix checkout init for SHA-256 repositories by [`@yaananth`](https://github.com/yaananth) in [actions/checkout#2439](https://github.com/actions/checkout/pull/2439) > * Update changelog for v6.0.3 by [`@yaananth`](https://github.com/yaananth) in [actions/checkout#2446](https://github.com/actions/checkout/pull/2446) > > New Contributors > ---------------- > > * [`@yaananth`](https://github.com/yaananth) made their first contribution in [actions/checkout#2414](https://github.com/actions/checkout/pull/2414) > > **Full Changelog**: <actions/checkout@v6...v6.0.3> Changelog *Sourced from [actions/checkout's changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md).* > Changelog > ========= > > v6.0.3 > ------ > > * Fix checkout init for SHA-256 repositories by [`@yaananth`](https://github.com/yaananth) in [actions/checkout#2439](https://github.com/actions/checkout/pull/2439) > * fix: expand merge commit SHA regex and add SHA-256 test cases by [`@yaananth`](https://github.com/yaananth) in [actions/checkout#2414](https://github.com/actions/checkout/pull/2414) > > v6.0.2 > ------ > > * Fix tag handling: preserve annotations and explicit fetch-tags by [`@ericsciple`](https://github.com/ericsciple) in [actions/checkout#2356](https://github.com/actions/checkout/pull/2356) > > v6.0.1 > ------ > > * Add worktree support for persist-credentials includeIf by [`@ericsciple`](https://github.com/ericsciple) in [actions/checkout#2327](https://github.com/actions/checkout/pull/2327) > > v6.0.0 > ------ > > * Persist creds to a separate file by [`@ericsciple`](https://github.com/ericsciple) in [actions/checkout#2286](https://github.com/actions/checkout/pull/2286) > * Update README to include Node.js 24 support details and requirements by [`@salmanmkc`](https://github.com/salmanmkc) in [actions/checkout#2248](https://github.com/actions/checkout/pull/2248) > > v5.0.1 > ------ > > * Port v6 cleanup to v5 by [`@ericsciple`](https://github.com/ericsciple) in [actions/checkout#2301](https://github.com/actions/checkout/pull/2301) > > v5.0.0 > ------ > > * Update actions checkout to use node 24 by [`@salmanmkc`](https://github.com/salmanmkc) in [actions/checkout#2226](https://github.com/actions/checkout/pull/2226) > > v4.3.1 > ------ > > * Port v6 cleanup to v4 by [`@ericsciple`](https://github.com/ericsciple) in [actions/checkout#2305](https://github.com/actions/checkout/pull/2305) > > v4.3.0 > ------ > > * docs: update README.md by [`@motss`](https://github.com/motss) in [actions/checkout#1971](https://github.com/actions/checkout/pull/1971) > * Add internal repos for checking out multiple repositories by [`@mouismail`](https://github.com/mouismail) in [actions/checkout#1977](https://github.com/actions/checkout/pull/1977) > * Documentation update - add recommended permissions to Readme by [`@benwells`](https://github.com/benwells) in [actions/checkout#2043](https://github.com/actions/checkout/pull/2043) > * Adjust positioning of user email note and permissions heading by [`@joshmgross`](https://github.com/joshmgross) in [actions/checkout#2044](https://github.com/actions/checkout/pull/2044) > * Update README.md by [`@nebuk89`](https://github.com/nebuk89) in [actions/checkout#2194](https://github.com/actions/checkout/pull/2194) > * Update CODEOWNERS for actions by [`@TingluoHuang`](https://github.com/TingluoHuang) in [actions/checkout#2224](https://github.com/actions/checkout/pull/2224) > * Update package dependencies by [`@salmanmkc`](https://github.com/salmanmkc) in [actions/checkout#2236](https://github.com/actions/checkout/pull/2236) > > v4.2.2 > ------ > > * `url-helper.ts` now leverages well-known environment variables by [`@jww3`](https://github.com/jww3) in [actions/checkout#1941](https://github.com/actions/checkout/pull/1941) > * Expand unit test coverage for `isGhes` by [`@jww3`](https://github.com/jww3) in [actions/checkout#1946](https://github.com/actions/checkout/pull/1946) > > v4.2.1 > ------ > > * Check out other refs/\* by commit if provided, fall back to ref by [`@orhantoy`](https://github.com/orhantoy) in [actions/checkout#1924](https://github.com/actions/checkout/pull/1924) > > v4.2.0 > ------ > > * Add Ref and Commit outputs by [`@lucacome`](https://github.com/lucacome) in [actions/checkout#1180](https://github.com/actions/checkout/pull/1180) > * Dependency updates by [`@dependabot`](https://github.com/dependabot)- [actions/checkout#1777](https://github.com/actions/checkout/pull/1777), [actions/checkout#1872](https://github.com/actions/checkout/pull/1872) > > v4.1.7 > ------ > > * Bump the minor-npm-dependencies group across 1 directory with 4 updates by [`@dependabot`](https://github.com/dependabot) in [actions/checkout#1739](https://github.com/actions/checkout/pull/1739) > * Bump actions/checkout from 3 to 4 by [`@dependabot`](https://github.com/dependabot) in [actions/checkout#1697](https://github.com/actions/checkout/pull/1697) > * Check out other refs/\* by commit by [`@orhantoy`](https://github.com/orhantoy) in [actions/checkout#1774](https://github.com/actions/checkout/pull/1774) ... (truncated) Commits * [`df4cb1c`](actions/checkout@df4cb1c) Update changelog for v6.0.3 ([#2446](https://github.com/actions/checkout/issues/2446)) * [`1cce339`](actions/checkout@1cce339) Fix checkout init for SHA-256 repositories ([#2439](https://github.com/actions/checkout/issues/2439)) * [`900f221`](actions/checkout@900f221) fix: expand merge commit SHA regex and add SHA-256 test cases ([#2414](https://github.com/actions/checkout/issues/2414)) * [`0c366fd`](actions/checkout@0c366fd) Update changelog ([#2357](https://github.com/actions/checkout/issues/2357)) * See full diff in [compare view](actions/checkout@de0fac2...df4cb1c) Updates `anthropics/claude-code-action` from 1.0.133 to 1.0.140 Release notes *Sourced from [anthropics/claude-code-action's releases](https://github.com/anthropics/claude-code-action/releases).* > v1.0.140 > -------- > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.140> > > v1.0.139 > -------- > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.139> > > v1.0.138 > -------- > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.138> > > v1.0.137 > -------- > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.137> > > v1.0.136 > -------- > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.136> > > v1.0.135 > -------- > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.135> > > v1.0.134 > -------- > > What's Changed > -------------- > > * Add workload identity federation support to base-action by [`@ashwin-ant`](https://github.com/ashwin-ant) in [anthropics/claude-code-action#1378](https://github.com/anthropics/claude-code-action/pull/1378) > * chore: bump actions/setup-node from v4.4.0 to v6.4.0 (Node.js 24) by [`@ant-kurt`](https://github.com/ant-kurt) in [anthropics/claude-code-action#1377](https://github.com/anthropics/claude-code-action/pull/1377) > * ci: bump checkout and setup-bun in test workflows to Node 24 releases by [`@ant-kurt`](https://github.com/ant-kurt) in [anthropics/claude-code-action#1379](https://github.com/anthropics/claude-code-action/pull/1379) > > New Contributors > ---------------- > > * [`@ant-kurt`](https://github.com/ant-kurt) made their first contribution in [anthropics/claude-code-action#1377](https://github.com/anthropics/claude-code-action/pull/1377) > > **Full Changelog**: <anthropics/claude-code-action@v1...v1.0.134> Commits * [`fbda2eb`](anthropics/claude-code-action@fbda2eb) chore: bump Claude Code to 2.1.168 and Agent SDK to 0.3.168 * [`64de744`](anthropics/claude-code-action@64de744) chore: bump Claude Code to 2.1.167 and Agent SDK to 0.3.167 * [`4101658`](anthropics/claude-code-action@4101658) chore: bump Claude Code to 2.1.166 and Agent SDK to 0.3.166 * [`41ea764`](anthropics/claude-code-action@41ea764) chore: bump Claude Code to 2.1.165 and Agent SDK to 0.3.165 * [`0b1b620`](anthropics/claude-code-action@0b1b620) chore: bump Claude Code to 2.1.163 and Agent SDK to 0.3.163 * [`70a6e52`](anthropics/claude-code-action@70a6e52) chore: bump Claude Code to 2.1.162 and Agent SDK to 0.3.162 * [`36a69b6`](anthropics/claude-code-action@36a69b6) chore: bump Claude Code to 2.1.161 and Agent SDK to 0.3.161 * [`bfad70d`](anthropics/claude-code-action@bfad70d) ci: bump checkout and setup-bun in test workflows to Node 24 releases ([#1379](https://github.com/anthropics/claude-code-action/issues/1379)) * [`dc081a3`](anthropics/claude-code-action@dc081a3) chore: bump actions/setup-node from v4.4.0 to v6.4.0 (Node.js 24) ([#1377](https://github.com/anthropics/claude-code-action/issues/1377)) * [`420335d`](anthropics/claude-code-action@420335d) Add workload identity federation support to base-action ([#1378](https://github.com/anthropics/claude-code-action/issues/1378)) * Additional commits viewable in [compare view](anthropics/claude-code-action@787c5a0...fbda2eb) Updates `github/codeql-action` from 4.36.0 to 4.36.2 Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v4.36.2 > ------- > > * Cache CodeQL CLI version information across Actions steps. [#3943](https://github.com/github/codeql-action/pull/3943) > * Reduce requests while waiting for analysis processing by using exponential backoff when polling SARIF processing status. [#3937](https://github.com/github/codeql-action/pull/3937) > * Update default CodeQL bundle version to [2.25.6](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6). [#3948](https://github.com/github/codeql-action/pull/3948) > > v4.36.1 > ------- > > No user facing changes. Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 4.36.2 - 04 Jun 2026 > -------------------- > > * Cache CodeQL CLI version information across Actions steps. [#3943](https://github.com/github/codeql-action/pull/3943) > * Reduce requests while waiting for analysis processing by using exponential backoff when polling SARIF processing status. [#3937](https://github.com/github/codeql-action/pull/3937) > * Update default CodeQL bundle version to [2.25.6](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6). [#3948](https://github.com/github/codeql-action/pull/3948) > > 4.36.1 - 02 Jun 2026 > -------------------- > > No user facing changes. > > 4.36.0 - 22 May 2026 > -------------------- > > * *Breaking change*: Bump the minimum required CodeQL bundle version to 2.19.4. [#3894](https://github.com/github/codeql-action/pull/3894) > * Add support for SHA-256 Git object IDs. [#3893](https://github.com/github/codeql-action/pull/3893) > * Update default CodeQL bundle version to [2.25.5](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5). [#3926](https://github.com/github/codeql-action/pull/3926) > > 4.35.5 - 15 May 2026 > -------------------- > > * We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. [#3899](https://github.com/github/codeql-action/pull/3899) > * For performance and accuracy reasons, [improved incremental analysis](https://github.com/github/roadmap/issues/1158) will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. [#3791](https://github.com/github/codeql-action/pull/3791) > * If multiple inputs are provided for the GitHub-internal `analysis-kinds` input, only `code-scanning` will be enabled. The `analysis-kinds` input is experimental, for GitHub-internal use only, and may change without notice at any time. [#3892](https://github.com/github/codeql-action/pull/3892) > * Added an experimental change which, when running a Code Scanning analysis for a PR with [improved incremental analysis](https://github.com/github/roadmap/issues/1158) enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. [#3880](https://github.com/github/codeql-action/pull/3880) > > 4.35.4 - 07 May 2026 > -------------------- > > * Update default CodeQL bundle version to [2.25.4](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4). [#3881](https://github.com/github/codeql-action/pull/3881) > > 4.35.3 - 01 May 2026 > -------------------- > > * *Upcoming breaking change*: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. [#3837](https://github.com/github/codeql-action/pull/3837) > * Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. [#3850](https://github.com/github/codeql-action/pull/3850) > * Best-effort connection tests for private registries now use `GET` requests instead of `HEAD` for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. [#3853](https://github.com/github/codeql-action/pull/3853) > * Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. [#3852](https://github.com/github/codeql-action/pull/3852) > * Update default CodeQL bundle version to [2.25.3](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3). [#3865](https://github.com/github/codeql-action/pull/3865) > > 4.35.2 - 15 Apr 2026 > -------------------- > > * The undocumented TRAP cache cleanup feature that could be enabled using the `CODEQL_ACTION_CLEANUP_TRAP_CACHES` environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the `trap-caching: false` input to the `init` Action. [#3795](https://github.com/github/codeql-action/pull/3795) > * The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. [#3789](https://github.com/github/codeql-action/pull/3789) > * Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. [#3794](https://github.com/github/codeql-action/pull/3794) > * Fixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. [#3807](https://github.com/github/codeql-action/pull/3807) > * Update default CodeQL bundle version to [2.25.2](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2). [#3823](https://github.com/github/codeql-action/pull/3823) ... (truncated) Commits * [`8aad20d`](github/codeql-action@8aad20d) Merge pull request [#3949](https://github.com/github/codeql-action/issues/3949) from github/update-v4.36.2-dcb947ce1 * [`f521b08`](github/codeql-action@f521b08) Add additional changelog notes * [`8aeff0f`](github/codeql-action@8aeff0f) Update changelog for v4.36.2 * [`dcb947c`](github/codeql-action@dcb947c) Merge pull request [#3948](https://github.com/github/codeql-action/issues/3948) from github/update-bundle/codeql-bundle-v2.25.6 * [`c251bce`](github/codeql-action@c251bce) Add changelog note * [`62953c1`](github/codeql-action@62953c1) Update default bundle to codeql-bundle-v2.25.6 * [`423b570`](github/codeql-action@423b570) Merge pull request [#3946](https://github.com/github/codeql-action/issues/3946) from github/dependabot/npm\_and\_yarn/npm-minor-5d507a... * [`c35d1b1`](github/codeql-action@c35d1b1) Merge pull request [#3947](https://github.com/github/codeql-action/issues/3947) from github/dependabot/github\_actions/dot-github/wor... * [`cb1a588`](github/codeql-action@cb1a588) Merge pull request [#3937](https://github.com/github/codeql-action/issues/3937) from github/robertbrignull/waitForProcessing\_backoff * [`ba47406`](github/codeql-action@ba47406) Merge pull request [#3943](https://github.com/github/codeql-action/issues/3943) from github/henrymercer/cache-cli-version-info * Additional commits viewable in [compare view](github/codeql-action@7211b7c...8aad20d) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

dependabot Bot added dependencies Pull requests that update a dependency file frontend security labels Aug 23, 2025

robfrank merged commit 60caacb into main Aug 23, 2025
12 of 17 checks passed

dependabot Bot deleted the dependabot/npm_and_yarn/studio/main/security-critical-9f8f1bbc9a branch August 23, 2025 12:26

robfrank mentioned this pull request Aug 23, 2025

Revert "chore(studio-deps)(deps): bump the security-critical group across 1 directory with 9 updates" #2440

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(studio-deps)(deps): bump the security-critical group across 1 directory with 9 updates#2439

chore(studio-deps)(deps): bump the security-critical group across 1 directory with 9 updates#2439
robfrank merged 1 commit into
mainfrom
dependabot/npm_and_yarn/studio/main/security-critical-9f8f1bbc9a

dependabot Bot commented on behalf of github Aug 23, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dependabot Bot commented on behalf of github Aug 23, 2025

v5.3.7

📚 Documentation

🎨 Sass

🤖 JavaScript

🤝 Contributions

3.2.4

3.2.3

3.2.2

3.2.1

3.2.0

3.1.2

3.1.1

3.1.0

3.0.2

3.0.1

3.0.0

3.2.4

3.2.3

3.2.2

3.2.1

3.2.0

3.1.2

3.1.1

3.1.0

3.0.2

3.0.1

3.0.0

3.0.6

3.0.5

3.0.4

3.0.3

3.0.2

3.0.1

3.0.0

3.0.6

3.0.5

3.0.4

3.0.3

3.0.2

3.0.1

3.0.0

3.1.0

3.0.1

3.0.0

2.1.0

2.0.5

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

3.1.0

3.0.1

3.0.0

2.1.0

2.0.5

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant