Skip to content

[pull] main from github:main#6

Merged
pull[bot] merged 509 commits intoStemmlerSisters:mainfrom
github:main
Sep 16, 2025
Merged

[pull] main from github:main#6
pull[bot] merged 509 commits intoStemmlerSisters:mainfrom
github:main

Conversation

@pull
Copy link
Copy Markdown

@pull pull bot commented Sep 16, 2025
edited
Loading

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

henrymercer and others added 30 commits August 21, 2025 13:38
@henrymercer
Bundle Actions using esbuild
fee3663
@henrymercer
Compile sources to separate directory for tests
67d4718
@henrymercer
Remove node_modules directory
8b7a4ec
@henrymercer
Check in compiled files
88d8b86
@henrymercer
Use "Rebuild" workflow instead of "Update dependencies"
6d34e4e
@smowton
Merge pull request #3052 from github/update-v3.29.11-14148a433
3c3833e 
Merge main into releases/v3
@github-actions
Update changelog and version after v3.29.11
88e0162
@henrymercer
Install dependencies in PR checks
31ee7f5
@henrymercer
Run more checks on push
06f83b7
@henrymercer
Combine basic jobs to reduce Actions usage
3edad3e
@henrymercer
Cache npm dependencies
a2df83b
@github-actions
Update checked-in dependencies
951c17c
@henrymercer
Don't run linter in CI on Windows
d8905c2 
It isn't working, and this PR didn't break it.  Let's fix it in a separate PR.
@smowton
Merge pull request #3053 from github/mergeback/v3.29.11-to-main-3c3833e0
5b49155 
Mergeback v3.29.11 refs/heads/releases/v3 into main
@henrymercer
Merge branch 'main' into henrymercer/bundle
f04e228
@henrymercer
Copy defaults.json to lib
3e725de
@mbg
Refactor check whether CQ is enabled
d6621b9 
This will make it easier to replace in the future
@mbg
Add analyses field with comma-separated list of analysis kinds to s…
c208f33 
…tatus reports
@henrymercer
Install dependencies in code scanning config test
f8c0d73
@henrymercer
Install npm dependencies where necessary in generated workflows
879c788
@henrymercer
Install dependencies in query filters tests
88f7d3d
@henrymercer
Delete expected queries runs check
36468ba 
This doesn't give us much net new test coverage
@henrymercer @github-advanced-security
Remove unused import in build script
786d3aa 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@henrymercer
Use npm ci in CI
4da503e
@mbg
Change analyses to analysis_kinds
d062f2b
@henrymercer
Transpile separately in both build and test steps
8a3bfe6 
This means we avoid doing a type checking pass twice
@henrymercer
Implement clean and copy as custom plugins
e274fb8
@henrymercer
Specify esbuild target
ca5a69b
@henrymercer @github-advanced-security
Avoid automatic semicolon insertion
d7c1640 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@dependabot
Bump the actions group with 2 updates
88e5287 
Bumps the actions group with 2 updates: [actions/setup-java](https://github.com/actions/setup-java) and [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `actions/setup-java` from 4 to 5
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@v4...v5)

Updates `ruby/setup-ruby` from 1.255.0 to 1.256.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ruby/setup-ruby@829114f...efbf473)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: ruby/setup-ruby
  dependency-version: 1.256.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <[email protected]>
cklin and others added 26 commits September 11, 2025 12:31
@cklin
Stop saving config in initConfig()
5c30ae4
@cklin
Merge pull request #3109 from github/cklin/init-save-updated-config
0d33fd9 
init-action: save updated config
@henrymercer
Merge pull request #3083 from github/henrymercer/resolve-languages-de…
df1fe23 
…fault-queries

 Resolve supported languages using CodeQL CLI
@mbg
Change "current release" to "linked release"
e2636d2
@nickrolfe
Add feature flag to roll out JAR minimization in the Java extractor
0abf548
@nickrolfe
Add changelog entry for Java dependency minimization rollout
3ca9525
@mbg
Merge pull request #3110 from github/mbg/proxy/fetch-from-release
dc9a47d 
Fetch proxy binaries from `defaults.json` release
@redsun82
Merge branch 'main' into redsun82/update-brace-expansion
a124438
@nickrolfe
Merge pull request #3107 from github/nickrolfe/minimize-jars
185266a 
Add feature flag to roll out JAR minimization in the Java extractor
@redsun82
Merge pull request #3065 from github/redsun82/update-brace-expansion
f92cc3a 
Use brace-expansion >2.0.1
@redsun82 @henrymercer
Update .github/workflows/codeql.yml
2b7d487 
Co-authored-by: Henry Mercer <[email protected]>
@redsun82
Merge pull request #3091 from github/redsun82/fix-windows-ci
aa90e97 
Set `shell: bash` by default on all workflows
@henrymercer
CI: Configure Python analysis
793fe17
@henrymercer
Reorder strategy properties
73ead84
@henrymercer
Only upload a single matrix case for JS
61b8b63
@henrymercer
Specify paths-ignore for other languages
8105843
@henrymercer
Remove build mode from matrix
bce0fa7
@nickrolfe
Only enable JAVA dependency minimisation when caching is enabled
4014b75
@henrymercer
Update .github/workflows/codeql.yml
1069ace
@henrymercer
Merge pull request #3112 from github/henrymercer/scan-python
77c3d25 
CI: Configure Python analysis
@henrymercer
Run PR checks over CodeQL v2.22 release series
86f23c3
@henrymercer
Merge pull request #3114 from github/henrymercer/pr-checks-codeql-2.22
8279538 
Run PR checks over CodeQL v2.22 release series
@mbg
Merge pull request #3113 from github/nickrolfe/minimize-jars-followup
9e5383b 
Only enable Java dependency minimisation when caching is enabled
@dependabot
Bump uuid from 12.0.0 to 13.0.0 in the npm group
0b263ec 
Bumps the npm group with 1 update: [uuid](https://github.com/uuidjs/uuid).


Updates `uuid` from 12.0.0 to 13.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v12.0.0...v13.0.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-version: 13.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <[email protected]>
@github-actions
Rebuild
668f0f0
@henrymercer
Merge pull request #3115 from github/dependabot/npm_and_yarn/npm-75b7…
573acd9 
…851ed5

Bump uuid from 12.0.0 to 13.0.0 in the npm group
@pull pull bot locked and limited conversation to collaborators Sep 16, 2025
@pull pull bot added the ⤵️ pull label Sep 16, 2025
@pull pull bot merged commit 573acd9 into StemmlerSisters:main Sep 16, 2025
1 check failed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

⤵️ pull do-not-merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

10 participants

@henrymercer @smowton @mbg @redsun82 @esbena @aibaars @cklin @kaspersv @nickrolfe