Skip to content

chore(ci): bump the gh-actions-packages group across 1 directory with 2 updates #8806

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore(ci): bump the gh-actions-packages group across 1 directory with 2 updates #8806

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 12, 2025
edited
Loading

Bumps the gh-actions-packages group with 2 updates in the / directory: github/codeql-action and DataDog/ensure-ci-success.

Updates github/codeql-action from 3.28.16 to 3.28.17

Release notes

Sourced from github/codeql-action's releases.

v3.28.17

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.17 - 02 May 2025

  • Update default CodeQL bundle version to 2.21.2. #2872

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.17 - 02 May 2025

  • Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

  • Update default CodeQL bundle version to 2.21.1. #2863

3.28.15 - 07 Apr 2025

  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

  • Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

  • Update default CodeQL bundle version to 2.20.5. #2772
  • Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

  • Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

  • Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

... (truncated)

Commits
  • 60168ef Merge pull request #2886 from github/update-v3.28.17-97a2bfd2a
  • 0d5a311 Update changelog for v3.28.17
  • 97a2bfd Merge pull request #2872 from github/update-bundle/codeql-bundle-v2.21.2
  • 9aba20e Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2
  • 81a9508 Merge pull request #2876 from github/henrymercer/fix-diff-informed-multiple-a...
  • 1569f4c Disable diff-informed queries in code scanning config tests
  • 62fbeb6 Merge branch 'main' into henrymercer/fix-diff-informed-multiple-analyze
  • f122d1d Address test failures from computing temporary directory too early
  • 083772a Do not fail diff informed analyses when analyze is run twice in the same job
  • 5db14d0 Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2
  • Additional commits viewable in compare view

Updates DataDog/ensure-ci-success from 2.0.0 to 2.1.1

Release notes

Sourced from DataDog/ensure-ci-success's releases.

v2.1.1

What's Changed

Full Changelog: DataDog/ensure-ci-success@v2...v2.1.1

v2.1.0

What's Changed

Full Changelog: DataDog/ensure-ci-success@v2...v2.1.0

Commits
  • 727e7fe fix: Remove duplicated job from check-run (#20)
  • 1517bce feat: only wait initial delay on first workflow attempt (#18)
  • 834f3c1 fix: handle GitHub check API pagination limit (#17)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(ci): bump the gh-actions-packages group across 1 directory with…
fe83428 
… 2 updates

Bumps the gh-actions-packages group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [DataDog/ensure-ci-success](https://github.com/datadog/ensure-ci-success).


Updates `github/codeql-action` from 3.28.16 to 3.28.17
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@28deaed...60168ef)

Updates `DataDog/ensure-ci-success` from 2.0.0 to 2.1.1
- [Release notes](https://github.com/datadog/ensure-ci-success/releases)
- [Commits](DataDog/ensure-ci-success@f40e6ff...727e7fe)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
- dependency-name: DataDog/ensure-ci-success
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions-packages
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes labels May 12, 2025
@dependabot dependabot bot requested a review from a team as a code owner May 12, 2025 18:04
@dependabot dependabot bot requested a review from ygree May 12, 2025 18:04
@dependabot dependabot bot added tag: no release notes Changes to exclude from release notes tag: dependencies Dependencies related changes comp: tooling Build & Tooling labels May 12, 2025
@pr-commenter
Copy link

pr-commenter bot commented May 12, 2025

Benchmarks

Startup

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2025-05-12T18:15:50 2025-05-12T18:23:35
git_branch master dependabot/github_actions/gh-actions-packages-fbd83c23a3
git_commit_date 1747062452 1747073067
git_commit_sha a4b7a7b fe83428
release_version 1.50.0-SNAPSHOT~a4b7a7b177 1.50.0-SNAPSHOT~fe83428325
start_time 2025-05-12T18:15:36 2025-05-12T18:23:21
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1747074614 1747074614
ci_job_id 934296436 934296436
ci_pipeline_id 64839573 64839573
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-kzdixenv-project-304-concurrent-0-2djk9o9p 6.8.0-1027-aws #29~22.04.1-Ubuntu SMP Sun Mar 30 07:45:38 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-kzdixenv-project-304-concurrent-0-2djk9o9p 6.8.0-1027-aws #29~22.04.1-Ubuntu SMP Sun Mar 30 07:45:38 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 18 unstable metrics.

Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.50.0-SNAPSHOT~fe83428325, baseline=1.50.0-SNAPSHOT~a4b7a7b177
    dateFormat X
    axisFormat %s
section baseline
no_agent (378.755 µs) : 359, 399
.   : milestone, 379,
iast (526.629 µs) : 503, 550
.   : milestone, 527,
iast_FULL (729.589 µs) : 708, 751
.   : milestone, 730,
iast_GLOBAL (575.396 µs) : 553, 598
.   : milestone, 575,
iast_HARDCODED_SECRET_DISABLED (525.079 µs) : 502, 548
.   : milestone, 525,
iast_INACTIVE (468.106 µs) : 445, 491
.   : milestone, 468,
iast_TELEMETRY_OFF (514.097 µs) : 491, 537
.   : milestone, 514,
tracing (455.692 µs) : 434, 477
.   : milestone, 456,
section candidate
no_agent (381.976 µs) : 362, 402
.   : milestone, 382,
iast (513.932 µs) : 492, 536
.   : milestone, 514,
iast_FULL (735.006 µs) : 712, 758
.   : milestone, 735,
iast_GLOBAL (567.958 µs) : 546, 590
.   : milestone, 568,
iast_HARDCODED_SECRET_DISABLED (525.173 µs) : 502, 548
.   : milestone, 525,
iast_INACTIVE (465.536 µs) : 444, 487
.   : milestone, 466,
iast_TELEMETRY_OFF (500.45 µs) : 478, 523
.   : milestone, 500,
tracing (455.353 µs) : 433, 477
.   : milestone, 455,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 378.755 µs [358.602 µs, 398.908 µs] -
iast 526.629 µs [502.955 µs, 550.303 µs] 147.873 µs (39.0%)
iast_FULL 729.589 µs [707.688 µs, 751.491 µs] 350.834 µs (92.6%)
iast_GLOBAL 575.396 µs [552.991 µs, 597.801 µs] 196.641 µs (51.9%)
iast_HARDCODED_SECRET_DISABLED 525.079 µs [501.925 µs, 548.233 µs] 146.324 µs (38.6%)
iast_INACTIVE 468.106 µs [445.326 µs, 490.887 µs] 89.351 µs (23.6%)
iast_TELEMETRY_OFF 514.097 µs [490.873 µs, 537.322 µs] 135.342 µs (35.7%)
tracing 455.692 µs [434.376 µs, 477.008 µs] 76.936 µs (20.3%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 381.976 µs [362.384 µs, 401.567 µs] -
iast 513.932 µs [491.996 µs, 535.868 µs] 131.957 µs (34.5%)
iast_FULL 735.006 µs [712.215 µs, 757.796 µs] 353.03 µs (92.4%)
iast_GLOBAL 567.958 µs [545.879 µs, 590.038 µs] 185.983 µs (48.7%)
iast_HARDCODED_SECRET_DISABLED 525.173 µs [502.176 µs, 548.171 µs] 143.198 µs (37.5%)
iast_INACTIVE 465.536 µs [444.031 µs, 487.041 µs] 83.56 µs (21.9%)
iast_TELEMETRY_OFF 500.45 µs [477.543 µs, 523.358 µs] 118.475 µs (31.0%)
tracing 455.353 µs [433.495 µs, 477.211 µs] 73.377 µs (19.2%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.50.0-SNAPSHOT~fe83428325, baseline=1.50.0-SNAPSHOT~a4b7a7b177
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.376 ms) : 1357, 1396
.   : milestone, 1376,
appsec (1.725 ms) : 1702, 1748
.   : milestone, 1725,
appsec_no_iast (1.738 ms) : 1715, 1761
.   : milestone, 1738,
code_origins (1.677 ms) : 1651, 1703
.   : milestone, 1677,
iast (1.514 ms) : 1490, 1539
.   : milestone, 1514,
profiling (1.561 ms) : 1537, 1586
.   : milestone, 1561,
tracing (1.492 ms) : 1467, 1517
.   : milestone, 1492,
section candidate
no_agent (1.377 ms) : 1357, 1398
.   : milestone, 1377,
appsec (1.751 ms) : 1728, 1774
.   : milestone, 1751,
appsec_no_iast (1.756 ms) : 1733, 1779
.   : milestone, 1756,
code_origins (1.687 ms) : 1661, 1714
.   : milestone, 1687,
iast (1.533 ms) : 1508, 1557
.   : milestone, 1533,
profiling (1.565 ms) : 1540, 1590
.   : milestone, 1565,
tracing (1.482 ms) : 1458, 1506
.   : milestone, 1482,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.376 ms [1.357 ms, 1.396 ms] -
appsec 1.725 ms [1.702 ms, 1.748 ms] 348.496 µs (25.3%)
appsec_no_iast 1.738 ms [1.715 ms, 1.761 ms] 361.667 µs (26.3%)
code_origins 1.677 ms [1.651 ms, 1.703 ms] 300.546 µs (21.8%)
iast 1.514 ms [1.49 ms, 1.539 ms] 137.83 µs (10.0%)
profiling 1.561 ms [1.537 ms, 1.586 ms] 184.874 µs (13.4%)
tracing 1.492 ms [1.467 ms, 1.517 ms] 115.281 µs (8.4%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.377 ms [1.357 ms, 1.398 ms] -
appsec 1.751 ms [1.728 ms, 1.774 ms] 373.63 µs (27.1%)
appsec_no_iast 1.756 ms [1.733 ms, 1.779 ms] 378.9 µs (27.5%)
code_origins 1.687 ms [1.661 ms, 1.714 ms] 310.063 µs (22.5%)
iast 1.533 ms [1.508 ms, 1.557 ms] 155.367 µs (11.3%)
profiling 1.565 ms [1.54 ms, 1.59 ms] 187.969 µs (13.6%)
tracing 1.482 ms [1.458 ms, 1.506 ms] 105.089 µs (7.6%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master dependabot/github_actions/gh-actions-packages-fbd83c23a3
git_commit_date 1747062452 1747073067
git_commit_sha a4b7a7b fe83428
release_version 1.50.0-SNAPSHOT~a4b7a7b177 1.50.0-SNAPSHOT~fe83428325
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1747075205 1747075205
ci_job_id 934296437 934296437
ci_pipeline_id 64839573 64839573
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-qebttdag-project-304-concurrent-1-gabixid7 6.8.0-1027-aws #29~22.04.1-Ubuntu SMP Sun Mar 30 07:45:38 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-qebttdag-project-304-concurrent-1-gabixid7 6.8.0-1027-aws #29~22.04.1-Ubuntu SMP Sun Mar 30 07:45:38 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.50.0-SNAPSHOT~fe83428325, baseline=1.50.0-SNAPSHOT~a4b7a7b177
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.749 s) : 14749000, 14749000
.   : milestone, 14749000,
appsec (14.943 s) : 14943000, 14943000
.   : milestone, 14943000,
iast (18.371 s) : 18371000, 18371000
.   : milestone, 18371000,
iast_GLOBAL (18.043 s) : 18043000, 18043000
.   : milestone, 18043000,
profiling (15.395 s) : 15395000, 15395000
.   : milestone, 15395000,
tracing (14.906 s) : 14906000, 14906000
.   : milestone, 14906000,
section candidate
no_agent (14.955 s) : 14955000, 14955000
.   : milestone, 14955000,
appsec (15.013 s) : 15013000, 15013000
.   : milestone, 15013000,
iast (18.329 s) : 18329000, 18329000
.   : milestone, 18329000,
iast_GLOBAL (18.092 s) : 18092000, 18092000
.   : milestone, 18092000,
profiling (15.669 s) : 15669000, 15669000
.   : milestone, 15669000,
tracing (15.038 s) : 15038000, 15038000
.   : milestone, 15038000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.749 s [14.749 s, 14.749 s] -
appsec 14.943 s [14.943 s, 14.943 s] 194.0 ms (1.3%)
iast 18.371 s [18.371 s, 18.371 s] 3.622 s (24.6%)
iast_GLOBAL 18.043 s [18.043 s, 18.043 s] 3.294 s (22.3%)
profiling 15.395 s [15.395 s, 15.395 s] 646.0 ms (4.4%)
tracing 14.906 s [14.906 s, 14.906 s] 157.0 ms (1.1%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.955 s [14.955 s, 14.955 s] -
appsec 15.013 s [15.013 s, 15.013 s] 58.0 ms (0.4%)
iast 18.329 s [18.329 s, 18.329 s] 3.374 s (22.6%)
iast_GLOBAL 18.092 s [18.092 s, 18.092 s] 3.137 s (21.0%)
profiling 15.669 s [15.669 s, 15.669 s] 714.0 ms (4.8%)
tracing 15.038 s [15.038 s, 15.038 s] 83.0 ms (0.6%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.50.0-SNAPSHOT~fe83428325, baseline=1.50.0-SNAPSHOT~a4b7a7b177
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.481 ms) : 1469, 1493
.   : milestone, 1481,
appsec (2.505 ms) : 2447, 2563
.   : milestone, 2505,
iast (2.288 ms) : 2217, 2360
.   : milestone, 2288,
iast_GLOBAL (2.325 ms) : 2253, 2397
.   : milestone, 2325,
profiling (2.148 ms) : 2088, 2207
.   : milestone, 2148,
tracing (2.1 ms) : 2043, 2156
.   : milestone, 2100,
section candidate
no_agent (1.479 ms) : 1468, 1491
.   : milestone, 1479,
appsec (2.5 ms) : 2443, 2558
.   : milestone, 2500,
iast (2.296 ms) : 2224, 2368
.   : milestone, 2296,
iast_GLOBAL (2.325 ms) : 2254, 2397
.   : milestone, 2325,
profiling (2.149 ms) : 2090, 2209
.   : milestone, 2149,
tracing (2.107 ms) : 2050, 2163
.   : milestone, 2107,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.481 ms [1.469 ms, 1.493 ms] -
appsec 2.505 ms [2.447 ms, 2.563 ms] 1.024 ms (69.1%)
iast 2.288 ms [2.217 ms, 2.36 ms] 807.289 µs (54.5%)
iast_GLOBAL 2.325 ms [2.253 ms, 2.397 ms] 843.764 µs (57.0%)
profiling 2.148 ms [2.088 ms, 2.207 ms] 666.487 µs (45.0%)
tracing 2.1 ms [2.043 ms, 2.156 ms] 618.503 µs (41.8%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.479 ms [1.468 ms, 1.491 ms] -
appsec 2.5 ms [2.443 ms, 2.558 ms] 1.021 ms (69.0%)
iast 2.296 ms [2.224 ms, 2.368 ms] 816.641 µs (55.2%)
iast_GLOBAL 2.325 ms [2.254 ms, 2.397 ms] 846.141 µs (57.2%)
profiling 2.149 ms [2.09 ms, 2.209 ms] 669.942 µs (45.3%)
tracing 2.107 ms [2.05 ms, 2.163 ms] 627.154 µs (42.4%)

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github May 13, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this May 13, 2025
@dependabot dependabot bot deleted the dependabot/github_actions/gh-actions-packages-fbd83c23a3 branch May 13, 2025 10:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ygree ygree Awaiting requested review from ygree ygree was automatically assigned from DataDog/apm-java

Assignees

No one assigned

Labels

comp: tooling Build & Tooling tag: dependencies Dependencies related changes tag: no release notes Changes to exclude from release notes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant