Skip to content

build(deps): bump github/codeql-action from cb5810848de15b695cd9ef3b559dd178c43c7df3 to 1.0.2#16912

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github/codeql-action-a66b44a48a44d63acf71688c56aa168ac171d4cf
Closed

build(deps): bump github/codeql-action from cb5810848de15b695cd9ef3b559dd178c43c7df3 to 1.0.2#16912
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github/codeql-action-a66b44a48a44d63acf71688c56aa168ac171d4cf

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 9, 2021

Bumps github/codeql-action from cb5810848de15b695cd9ef3b559dd178c43c7df3 to 1.0.2. This release includes the previously tagged commit.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action and CodeQL Runner Changelog

[UNRELEASED]

1.0.1 - 07 Jun 2021

  • Pass the --sarif-group-rules-by-pack argument to CodeQL CLI invocations that generate SARIF. This means the SARIF rule object for each query will now be found underneath its corresponding query pack in runs[].tool.extensions. #546
  • Output the location of CodeQL databases created in the analyze step. #543

1.0.0 - 31 May 2021

  • Add this changelog file. #507
  • Improve grouping of analysis logs. Add a new log group containing a summary of metrics and diagnostics, if they were produced by CodeQL builtin queries. #515
  • Add metrics and diagnostics summaries from custom query suites to the analysis summary log group. #532
Commits
  • a66b44a Merge e68056c6d93cb9eeb6c138b6eb22821f96693928 into cbdf0df97be3a7cc448a09cf1...
  • e68056c Add pack download to its own log group
  • 96e7de3 Use nullish conversion for packs
  • 49b2220 Refactor codeql.ts
  • db01c78 Remove unneeded action input in PR check
  • 82388fd Merge remote-tracking branch 'upstream/main' into aeisenberg/pack-run
  • babcc1b Add --finalize-dataset to database finalize call
  • 06df98a Add new log grouping for DB cleanup
  • 0ea20c5 Add intepret-results timings to status reports
  • d42f654 Add an integration test for packaging
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump github/codeql-action
847f7cc 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from cb5810848de15b695cd9ef3b559dd178c43c7df3 to 1.0.2. This release includes the previously tagged commit.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@cb58108...a66b44a)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Jun 9, 2021
@phlax
Copy link
Member

phlax commented Jun 10, 2021

aggregate in #16896

@phlax phlax closed this Jun 10, 2021
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 10, 2021

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/github_actions/github/codeql-action-a66b44a48a44d63acf71688c56aa168ac171d4cf branch June 10, 2021 08:55
lizan pushed a commit that referenced this pull request Jul 14, 2021
@alichnewsky
jwt_authn: RemoteJwks to support RetryPolicy config #16319 (#16924)
b62dae2 
Commit Message: jwt_authn: RemoteJwks to support RetryPolicy config #16319 ( only for background fetches failing )
Additional Description: following up on comments and code pruned from background jwks refresh mechanism from #16912

Risk Level: Low, default number of retries set to zero. truncated exponential backoff requires explicit configuration.
Testing: Only mock-based unit tests so far.  Haven't been able to get it ( or the background jwks fetch option, for that matter )  built in [esp-v2](https://github.com/GoogleCloudPlatform/espv-2) so far.
Docs Changes:
Release Notes:
Platform Specific Features:
Fixes #16319

Signed-off-by: Anthony Lichnewsky <alichnewsky@users.noreply.github.com>
leyao-daily pushed a commit to leyao-daily/envoy that referenced this pull request Sep 30, 2021
@alichnewsky
jwt_authn: RemoteJwks to support RetryPolicy config envoyproxy#16319 (e…
187dbc1 
…nvoyproxy#16924)

Commit Message: jwt_authn: RemoteJwks to support RetryPolicy config envoyproxy#16319 ( only for background fetches failing )
Additional Description: following up on comments and code pruned from background jwks refresh mechanism from envoyproxy#16912

Risk Level: Low, default number of retries set to zero. truncated exponential backoff requires explicit configuration.
Testing: Only mock-based unit tests so far.  Haven't been able to get it ( or the background jwks fetch option, for that matter )  built in [esp-v2](https://github.com/GoogleCloudPlatform/espv-2) so far.
Docs Changes:
Release Notes:
Platform Specific Features:
Fixes envoyproxy#16319

Signed-off-by: Anthony Lichnewsky <alichnewsky@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@phlax