Skip to content

chore(deps)(deps): bump github/codeql-action from 4.36.0 to 4.36.2#395

Merged
krisarmstrong merged 1 commit into
mainfrom
dependabot/github_actions/github/codeql-action-4.36.2
Jun 17, 2026
Merged

chore(deps)(deps): bump github/codeql-action from 4.36.0 to 4.36.2#395
krisarmstrong merged 1 commit into
mainfrom
dependabot/github_actions/github/codeql-action-4.36.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 7, 2026

Copy link
Copy Markdown
Contributor

Summary

Updates github/codeql-action from 4.36.0 to 4.36.2 for the CodeQL workflow.

Linked Issue

Related to #456

Testing Evidence

GitHub Actions on this PR:
- Lint PR Title: pass
- Label PR: pass
- Changed paths: pass
- License Compliance Check: pass
- Analyze (javascript-typescript): pass
- Frontend (TypeScript): pass
- Quality Checks: pass
- i18n Validation: pass
- gosec: pass

Remaining CI jobs continue to run after the PR body refresh.

Security and Release Checklist

  • No secrets, tokens, credentials, or customer data are included.
  • Mutating routes, auth surfaces, permission checks, and output encoding were reviewed if touched.
  • Dependencies are pinned and justified if changed.
  • Documentation, screenshots, or operator notes were updated if behavior changed.

@dependabot dependabot Bot added the dependencies Dependency update. label Jun 7, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 7, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from krisarmstrong as a code owner June 7, 2026 00:25
@github-actions github-actions Bot added the ci label Jun 7, 2026
@github-actions

github-actions Bot commented Jun 7, 2026

Copy link
Copy Markdown
Contributor

License Compliance Report

All dependencies pass license compliance checks

Go Dependencies

  • Unknown: 31 package(s)
  • MIT: 26 package(s)
  • BSD-3-Clause: 16 package(s)
  • Apache-2.0: 11 package(s)
  • BSD-2-Clause: 1 package(s)

npm Dependencies

See full report in workflow artifacts

Allowed Licenses: MIT, Apache-2.0, BSD-*, ISC, CC0-1.0, MPL-2.0
Forbidden: GPL, AGPL, SSPL (strong copyleft)

@krisarmstrong krisarmstrong enabled auto-merge (squash) June 8, 2026 21:26
@github-actions github-actions Bot removed the ci label Jun 16, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github/codeql-action-4.36.2 branch from 2a09a5c to a2607c4 Compare June 16, 2026 05:23
@github-actions github-actions Bot added the ci label Jun 16, 2026
@github-actions

Copy link
Copy Markdown
Contributor

License Compliance Report

All dependencies pass license compliance checks

Go Dependencies

  • Unknown: 31 package(s)
  • MIT: 26 package(s)
  • BSD-3-Clause: 16 package(s)
  • Apache-2.0: 11 package(s)
  • BSD-2-Clause: 1 package(s)

npm Dependencies

See full report in workflow artifacts

Allowed Licenses: MIT, Apache-2.0, BSD-*, ISC, CC0-1.0, MPL-2.0
Forbidden: GPL, AGPL, SSPL (strong copyleft)

@dependabot dependabot Bot force-pushed the dependabot/github_actions/github/codeql-action-4.36.2 branch from a2607c4 to b84d5c5 Compare June 16, 2026 14:17
@github-actions

Copy link
Copy Markdown
Contributor

License Compliance Report

All dependencies pass license compliance checks

Go Dependencies

  • Unknown: 31 package(s)
  • MIT: 26 package(s)
  • BSD-3-Clause: 16 package(s)
  • Apache-2.0: 11 package(s)
  • BSD-2-Clause: 1 package(s)

npm Dependencies

See full report in workflow artifacts

Allowed Licenses: MIT, Apache-2.0, BSD-*, ISC, CC0-1.0, MPL-2.0
Forbidden: GPL, AGPL, SSPL (strong copyleft)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.0 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@7211b7c...8aad20d)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github/codeql-action-4.36.2 branch from b84d5c5 to 818aa9e Compare June 17, 2026 00:28
@github-actions

Copy link
Copy Markdown
Contributor

License Compliance Report

All dependencies pass license compliance checks

Go Dependencies

  • Unknown: 35 package(s)
  • MIT: 26 package(s)
  • BSD-3-Clause: 16 package(s)
  • Apache-2.0: 11 package(s)
  • BSD-2-Clause: 1 package(s)

npm Dependencies

See full report in workflow artifacts

Allowed Licenses: MIT, Apache-2.0, BSD-*, ISC, CC0-1.0, MPL-2.0
Forbidden: GPL, AGPL, SSPL (strong copyleft)

@krisarmstrong krisarmstrong merged commit fb37e61 into main Jun 17, 2026
34 of 36 checks passed
@krisarmstrong krisarmstrong deleted the dependabot/github_actions/github/codeql-action-4.36.2 branch June 17, 2026 00:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

ci dependencies Dependency update.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant