)]}'
{
  "commit": "c654be5f146773e3e4c0ef6f12cbde2cc2c11162",
  "tree": "b7145956080e0965ca96871a31144de6fd341f39",
  "parents": [
    "6922aea52cf1908f9e26b5d6bbe40f7de774f921"
  ],
  "author": {
    "name": "dependabot[bot]",
    "email": "49699333+dependabot[bot]@users.noreply.github.com",
    "time": "Wed Feb 07 02:04:03 2024 -0800"
  },
  "committer": {
    "name": "Copybara-Service",
    "email": "copybara-worker@google.com",
    "time": "Wed Feb 07 02:10:01 2024 -0800"
  },
  "message": "Bump the github-actions group with 4 updates\n\nBumps the github-actions group with 4 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [bazelbuild/continuous-integration](https://github.com/bazelbuild/continuous-integration), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [github/codeql-action](https://github.com/github/codeql-action).\n\nUpdates `step-security/harden-runner` from 2.6.1 to 2.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner\u0027s releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.7.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cp\u003eRelease 2.7.0 by \u003ca href\u003d\"https://github.com/varunsh-coder\"\u003e\u003ccode\u003e@​varunsh-coder\u003c/code\u003e\u003c/a\u003e and \u003ca href\u003d\"https://github.com/h0x0er\"\u003e\u003ccode\u003e@​h0x0er\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/step-security/harden-runner/pull/376\"\u003estep-security/harden-runner#376\u003c/a\u003e\nThis release:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eUpdates the node runtime to node20\u003c/li\u003e\n\u003cli\u003eAdds capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href\u003d\"https://github.com/step-security/harden-runner/compare/v2...v2.7.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.7.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/step-security/harden-runner/commit/63c24ba6bd7ba022e95695ff85de572c04a18142\"\u003e\u003ccode\u003e63c24ba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/step-security/harden-runner/issues/376\"\u003e#376\u003c/a\u003e from step-security/rc-7\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/step-security/harden-runner/commit/95691d3d1cfc1f403f673ccbe70465d7c4254108\"\u003e\u003ccode\u003e95691d3\u003c/code\u003e\u003c/a\u003e Update dist\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/step-security/harden-runner/commit/6339621ce7eb126e03da0cdd1e373bf4a86aa351\"\u003e\u003ccode\u003e6339621\u003c/code\u003e\u003c/a\u003e Update to node20\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/step-security/harden-runner/commit/4a63cdab7412f310777ba8aba65aafca4c1dd47f\"\u003e\u003ccode\u003e4a63cda\u003c/code\u003e\u003c/a\u003e Add tls-inspection capability (\u003ca href\u003d\"https://redirect.github.com/step-security/harden-runner/issues/368\"\u003e#368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/step-security/harden-runner/commit/dece11172ed6b762b5421b294513d628edad7f7d\"\u003e\u003ccode\u003edece111\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/step-security/harden-runner/issues/372\"\u003e#372\u003c/a\u003e from step-security/readme-update\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/step-security/harden-runner/commit/1952f970702453e198ed55b40944bf4ffc0ad992\"\u003e\u003ccode\u003e1952f97\u003c/code\u003e\u003c/a\u003e Updates\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/step-security/harden-runner/commit/32f00ffb1b198fae962ae378ca876e01f367043f\"\u003e\u003ccode\u003e32f00ff\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/step-security/harden-runner/commit/ea8b747819ff6d82907eb4018229f1a75c174697\"\u003e\u003ccode\u003eea8b747\u003c/code\u003e\u003c/a\u003e Publish test results (\u003ca href\u003d\"https://redirect.github.com/step-security/harden-runner/issues/363\"\u003e#363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/step-security/harden-runner/commit/c0db65e1f64025718795419be8dbbf8c4050160f\"\u003e\u003ccode\u003ec0db65e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/step-security/harden-runner/issues/359\"\u003e#359\u003c/a\u003e from step-security/dependabot/github_actions/actions/...\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/step-security/harden-runner/commit/4151c053ff9c3daff63c12b5175c94870ec73b53\"\u003e\u003ccode\u003e4151c05\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/step-security/harden-runner/issues/361\"\u003e#361\u003c/a\u003e from step-security/dependabot/github_actions/step-sec...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href\u003d\"https://github.com/step-security/harden-runner/compare/eb238b55efaa70779f274895e782ed17c84f2895...63c24ba6bd7ba022e95695ff85de572c04a18142\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bazelbuild/continuous-integration` from d646a2d9a98e699bdba517276cf0e16cfff0c62c to 9817b29fbb4b1fda32afb83b29574ec2d491feeb\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/blob/master/docs/release-playbook.md\"\u003ebazelbuild/continuous-integration\u0027s changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eBazel Release Playbook\u003c/h1\u003e\n\u003cp\u003eThis is the guide to conducting a Bazel release. This is especially relevant for\nrelease managers, but will be of interest to anyone who is curious about the\nrelease process.\u003c/p\u003e\n\u003ch2\u003ePreface\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003eFor future reference and release managers - the release manager playbook should\nbe treated like an IKEA manual. That means: Do not try to be smart, optimize /\nskip / reorder steps, otherwise chaos will ensue. Just follow it and the end\nresult will be.. well, a usable piece of furniture, or a Bazel release\n(depending on the manual).\u003c/p\u003e\n\u003cp\u003eLike aviation and workplace safety regulations, the playbook is written in the\ntears and blood of broken Bazelisks, pipelines, releases and Git branches.\nAssume that every step is exactly there for a reason, even if it might not be\nobvious. If you follow them to the letter, they are not error prone. Errors\nhave only happened in the past, when a release manager thought it\u0027s ok to\nfollow them by spirit instead. ;)\u003c/p\u003e\n\u003cp\u003e-- \u003ca href\u003d\"https://github.com/philwo\"\u003e\u003ccode\u003e@​philwo\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch2\u003eOne-time setup\u003c/h2\u003e\n\u003cp\u003eThese steps only have to be performed once, ever.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMake sure you are a member of the Bazel \u003ca href\u003d\"https://github.com/orgs/bazelbuild/teams/release-managers/members\"\u003eRelease Managers\u003c/a\u003e team on GitHub.\u003c/li\u003e\n\u003cli\u003eMake sure you are a member of the Bazel \u003ca href\u003d\"https://buildkite.com/organizations/bazel-trusted/teams/release-managers/members\"\u003erelease-managers\u003c/a\u003e\ngroup on BuildKite.  If that link does not work for you, ask one of the Buildkite org admins to add you to\nthe group.\u003c/li\u003e\n\u003cli\u003eSet up github ssh key if you haven\u0027t already.\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/\"\u003ehttps://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eGenerate a new identifier for Google\u0027s internal Git mirror: \u003ca href\u003d\"https://bazel.googlesource.com/new-password\"\u003ehttps://bazel.googlesource.com/new-password\u003c/a\u003e (and paste the code in your shell).\u003c/li\u003e\n\u003cli\u003eLog in to the Gerrit UI to create an account: \u003ca href\u003d\"[]\n\u003c/ul\u003e\n\u003ch2\u003ePreparing a new release\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/bazel/milestones/new\"\u003eCreate a release blockers milestone\u003c/a\u003e named \u0026quot;X.Y.Z release blockers\u0026quot; (case-sensitive), where we keep track of issues that must be resolved before the release goes out.\n\u003cul\u003e\n\u003cli\u003eSet the (tentative) release date.\u003c/li\u003e\n\u003cli\u003eAdd this description: \u003ccode\u003eIssues that need to be resolved before the X.Y.Z release.\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRefer to \u003ca href\u003d\"https://github.com/bazelbuild/bazel/milestone/38\"\u003ethis example\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/bazel/issues/new?assignees\u003d\u0026amp;labels\u003drelease%2Cteam-OSS%2CP1%2Ctype%3A+process\u0026amp;template\u003drelease.md\u0026amp;title\u003dRelease+X.Y+-+%24MONTH+%24YEAR\"\u003eCreate a release tracking issue\u003c/a\u003e to keep the community updated about the progress of the release. \u003ca href\u003d\"https://redirect.github.com/bazelbuild/bazel/issues/16159\"\u003eSee example\u003c/a\u003e. Pin this issue.\u003c/li\u003e\n\u003cli\u003eCreate the branch for the release. The branch should always be named \u003ccode\u003erelease-X.Y.Z\u003c/code\u003e (the \u003ccode\u003e.Z\u003c/code\u003e part is important). Cherry-pick PRs will be sent against this branch.\n\u003cul\u003e\n\u003cli\u003eThe actual creation of the branch can be done via the GitHub UI or via the command line. For minor and patch releases, create the branch from the previous release tag, if possible. How we choose the base commit of the branch depends on the type of the release:\u003c/li\u003e\n\u003cli\u003eFor patch releases (\u003ccode\u003eX.Y.Z\u003c/code\u003e where \u003ccode\u003eZ\u0026gt;0\u003c/code\u003e), the base commit should simply be \u003ccode\u003eX.Y.(Z-1)\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eFor minor releases (\u003ccode\u003eX.Y.0\u003c/code\u003e where \u003ccode\u003eY\u0026gt;0\u003c/code\u003e), the base commit should typically be \u003ccode\u003eX.(Y-1).\u0026lt;current max Z\u0026gt;\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eFor major releases (\u003ccode\u003eX.0.0\u003c/code\u003e), the base commit is some \u0026quot;healthy\u0026quot; commit on the main branch.\n\u003cul\u003e\n\u003cli\u003eThis means that there\u0027s an extra step involved in preparing the release -- \u0026quot;cutting\u0026quot; the release branch, so to speak. For this, check the \u003ca href\u003d\"https://buildkite.com/bazel/bazel-with-downstream-projects-bazel\"\u003eBazel@HEAD+Downstream pipeline\u003c/a\u003e. The branch cut should happen on a green commit there; if the pipeline is persistently red, work with the Green Team to resolve it first and delay the branch cut as needed.\u003c/li\u003e\n\u003cli\u003eA first release candidate should immediately be created after the release branch is created. See \u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/blob/master/docs/#create-a-release-candidate\"\u003ecreate a release candidate\u003c/a\u003e below.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/commit/9817b29fbb4b1fda32afb83b29574ec2d491feeb\"\u003e\u003ccode\u003e9817b29\u003c/code\u003e\u003c/a\u003e Avoid broken pipe issue during Linux image creation\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/commit/e260ecac883f1420f0d55152f57b6527e020d98b\"\u003e\u003ccode\u003ee260eca\u003c/code\u003e\u003c/a\u003e Add bazel version in the BCR presubmit job label (\u003ca href\u003d\"https://redirect.github.com/bazelbuild/continuous-integration/issues/1864\"\u003e#1864\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/commit/1616315b3d1f3f37b435f79d0327a1aed2f7977f\"\u003e\u003ccode\u003e1616315\u003c/code\u003e\u003c/a\u003e Remove non-hermetic build tools (\u003ca href\u003d\"https://redirect.github.com/bazelbuild/continuous-integration/issues/1862\"\u003e#1862\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/commit/e2b6b06c39bba496a44b4aa0de4ce8225f138f7e\"\u003e\u003ccode\u003ee2b6b06\u003c/code\u003e\u003c/a\u003e Disable rules_jsonnet in Downstream CI (\u003ca href\u003d\"https://redirect.github.com/bazelbuild/continuous-integration/issues/1863\"\u003e#1863\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/commit/3358b926c188162cbc8ab477d4882c87a1471222\"\u003e\u003ccode\u003e3358b92\u003c/code\u003e\u003c/a\u003e Disable rules_cc and Flogger in Downstream CI (\u003ca href\u003d\"https://redirect.github.com/bazelbuild/continuous-integration/issues/1861\"\u003e#1861\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/commit/e1ca35d0980ef1fc0e83cdc8e01a7483868fd22a\"\u003e\u003ccode\u003ee1ca35d\u003c/code\u003e\u003c/a\u003e Read script from HEAD when --script is set (\u003ca href\u003d\"https://redirect.github.com/bazelbuild/continuous-integration/issues/1860\"\u003e#1860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/commit/9667e8d14136922a5f3e9184832ca3c1567c2acb\"\u003e\u003ccode\u003e9667e8d\u003c/code\u003e\u003c/a\u003e Update release comms (\u003ca href\u003d\"https://redirect.github.com/bazelbuild/continuous-integration/issues/1859\"\u003e#1859\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/commit/b15a6ec9d0f103d440f6d4db48cc71097dc7d967\"\u003e\u003ccode\u003eb15a6ec\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Duplicate task configs to test all supported Bazel LTS releases (\u003ca href\u003d\"https://redirect.github.com/bazelbuild/continuous-integration/issues/1858\"\u003e#1858\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/commit/b4d5bc4c506313f228a297a5bf6fe30be6fba558\"\u003e\u003ccode\u003eb4d5bc4\u003c/code\u003e\u003c/a\u003e Duplicate task configs to test all supported Bazel LTS releases (\u003ca href\u003d\"https://redirect.github.com/bazelbuild/continuous-integration/issues/1858\"\u003e#1858\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/commit/83e4a7f2d37759434dbd219b08104a79fd8ec291\"\u003e\u003ccode\u003e83e4a7f\u003c/code\u003e\u003c/a\u003e Prevent running bazel-diff from updating Bazel lockfile\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href\u003d\"https://github.com/bazelbuild/continuous-integration/compare/d646a2d9a98e699bdba517276cf0e16cfff0c62c...9817b29fbb4b1fda32afb83b29574ec2d491feeb\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4.0.0 to 4.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact\u0027s releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReorganize upload code in prep for merge logic \u0026amp; add more tests by \u003ca href\u003d\"https://github.com/robherley\"\u003e\u003ccode\u003e@​robherley\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/504\"\u003eactions/upload-artifact#504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd sub-action to merge artifacts by \u003ca href\u003d\"https://github.com/robherley\"\u003e\u003ccode\u003e@​robherley\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/505\"\u003eactions/upload-artifact#505\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href\u003d\"https://github.com/actions/upload-artifact/compare/v4...v4.3.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v4...v4.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAbility to overwrite an Artifact by \u003ca href\u003d\"https://github.com/robherley\"\u003e\u003ccode\u003e@​robherley\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/501\"\u003eactions/upload-artifact#501\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href\u003d\"https://github.com/actions/upload-artifact/compare/v4...v4.2.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v4...v4.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd migrations docs by \u003ca href\u003d\"https://github.com/robherley\"\u003e\u003ccode\u003e@​robherley\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/482\"\u003eactions/upload-artifact#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href\u003d\"https://github.com/samuelwine\"\u003e\u003ccode\u003e@​samuelwine\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/492\"\u003eactions/upload-artifact#492\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport artifact-url output by \u003ca href\u003d\"https://github.com/konradpabjan\"\u003e\u003ccode\u003e@​konradpabjan\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/496\"\u003eactions/upload-artifact#496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate readme to reflect new 500 artifact per job limit by \u003ca href\u003d\"https://github.com/robherley\"\u003e\u003ccode\u003e@​robherley\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/497\"\u003eactions/upload-artifact#497\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/samuelwine\"\u003e\u003ccode\u003e@​samuelwine\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/492\"\u003eactions/upload-artifact#492\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href\u003d\"https://github.com/actions/upload-artifact/compare/v4...v4.1.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v4...v4.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/26f96dfa697d77e81fd5907df203aa23a56210a8\"\u003e\u003ccode\u003e26f96df\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/issues/505\"\u003e#505\u003c/a\u003e from actions/robherley/merge-artifacts\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/530ed2c9b8e7b46db7acf98b7e543836a040586e\"\u003e\u003ccode\u003e530ed2c\u003c/code\u003e\u003c/a\u003e use correct artifact name in test\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/53ef6987b3562a24090358abb83a07f2c2bfec26\"\u003e\u003ccode\u003e53ef698\u003c/code\u003e\u003c/a\u003e add additional integration test for merge all behavior\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/90b0f8eed8fd7a9e62025ff26858a0f618d12b53\"\u003e\u003ccode\u003e90b0f8e\u003c/code\u003e\u003c/a\u003e add workflow to test merging\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/199a58f54fa418c391917374e9d11f5a5e618ae9\"\u003e\u003ccode\u003e199a58f\u003c/code\u003e\u003c/a\u003e more docs\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/3f353f9d9ee7e6a8313bfb227f44aa283e6832c9\"\u003e\u003ccode\u003e3f353f9\u003c/code\u003e\u003c/a\u003e ncc\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/997fffa3558d08f16f0c12036708e1ce7c0a7430\"\u003e\u003ccode\u003e997fffa\u003c/code\u003e\u003c/a\u003e add merge artifact sub-action\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/52899c8c02604e1c6c9ea56b52ead4671321bd05\"\u003e\u003ccode\u003e52899c8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/issues/504\"\u003e#504\u003c/a\u003e from actions/robherley/reorganize\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/da58a3f7b2ea3d2db018d82fe856b2d4b297de35\"\u003e\u003ccode\u003eda58a3f\u003c/code\u003e\u003c/a\u003e ncc\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/1f64adb8530b493d492e8084db08a55f3856e94e\"\u003e\u003ccode\u003e1f64adb\u003c/code\u003e\u003c/a\u003e fix import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href\u003d\"https://github.com/actions/upload-artifact/compare/c7d193f32edcb7bfad88892161225aeda64e9392...26f96dfa697d77e81fd5907df203aa23a56210a8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.22.12 to 3.23.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action\u0027s changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href\u003d\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003cp\u003eNote that the only difference between \u003ccode\u003ev2\u003c/code\u003e and \u003ccode\u003ev3\u003c/code\u003e of the CodeQL Action is the node version they support, with \u003ccode\u003ev3\u003c/code\u003e running on node 20 while we continue to release \u003ccode\u003ev2\u003c/code\u003e to support running on node 16. For example \u003ccode\u003e3.22.11\u003c/code\u003e was the first \u003ccode\u003ev3\u003c/code\u003e release and is functionally identical to \u003ccode\u003e2.22.11\u003c/code\u003e. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e3.23.2 - 26 Jan 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOn Linux, the maximum possible value for the \u003ccode\u003e--threads\u003c/code\u003e option now respects the CPU count as specified in \u003ccode\u003ecgroup\u003c/code\u003e files to more accurately reflect the number of available cores when running in containers. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2083\"\u003e#2083\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.16.1. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2096\"\u003e#2096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.23.1 - 17 Jan 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.16.0. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2073\"\u003e#2073\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2079\"\u003e#2079\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.23.0 - 08 Jan 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting \u003ccode\u003eCODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION\u003dfalse\u003c/code\u003e in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2031\"\u003e#2031\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see \u003ca href\u003d\"https://github.com/github/codeql-action/blob/main/#2227---16-nov-2023\"\u003ethe corresponding changelog entry for CodeQL Action version 2.22.7\u003c/a\u003e. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2009\"\u003e#2009\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.22.12 - 22 Dec 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.15.5. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2047\"\u003e#2047\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.22.11 - 13 Dec 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v3+ only] The CodeQL Action now runs on Node.js v20. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2006\"\u003e#2006\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.22.10 - 12 Dec 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.15.4. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2016\"\u003e#2016\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.22.9 - 07 Dec 2023\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e2.22.8 - 23 Nov 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.15.3. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/2001\"\u003e#2001\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.22.7 - 16 Nov 2023\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a deprecation warning for customers using CodeQL version 2.11.5 and earlier. These versions of CodeQL were discontinued on 8 November 2023 alongside GitHub Enterprise Server 3.7, and will be unsupported by CodeQL Action v2.23.0 and later. \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/pull/1993\"\u003e#1993\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eIf you are using one of these versions, please update to CodeQL CLI version 2.11.6 or later. For instance, if you have specified a custom version of the CLI using the \u0027tools\u0027 input to the \u0027init\u0027 Action, you can remove this input to use the default version.\u003c/li\u003e\n\u003cli\u003eAlternatively, if you want to continue using a version of the CodeQL CLI between 2.10.5 and 2.11.5, you can replace \u003ccode\u003egithub/codeql-action/*@v2\u003c/code\u003e by \u003ccode\u003egithub/codeql-action/*@v2.22.7\u003c/code\u003e in your code scanning workflow to ensure you continue using this version of the CodeQL Action.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/b7bf0a3ed3ecfa44160715d7c442788f65f0f923\"\u003e\u003ccode\u003eb7bf0a3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/2099\"\u003e#2099\u003c/a\u003e from github/update-v3.23.2-61bf02577\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/33e354b34bc9d95d28ae4f055fa1faeb59e59ae5\"\u003e\u003ccode\u003e33e354b\u003c/code\u003e\u003c/a\u003e Changelog: Add missing PR link\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/f4cfe8904c929c35f9612da0c754f121a3422d7e\"\u003e\u003ccode\u003ef4cfe89\u003c/code\u003e\u003c/a\u003e Update changelog for v3.23.2\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/61bf02577c801b30a708abc6f2164763e4e1d0cd\"\u003e\u003ccode\u003e61bf025\u003c/code\u003e\u003c/a\u003e Send overall job status in init-post status report (\u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/2097\"\u003e#2097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/16150320c5db0d4942ea2bd4974fc365d6324737\"\u003e\u003ccode\u003e1615032\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/2096\"\u003e#2096\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.16.1\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/bd67d8d6b2096e4b46db15ed108e563c4447d608\"\u003e\u003ccode\u003ebd67d8d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/github/codeql-action/issues/2098\"\u003e#2098\u003c/a\u003e from github/henrymercer/update-internal-queries\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/a2619f68c8432b9a500ecc7aafd4816667379bed\"\u003e\u003ccode\u003ea2619f6\u003c/code\u003e\u003c/a\u003e Internal queries: Replace deprecated predicates\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/666e2f9edfd29789e9f46f2cce092d18622dcb74\"\u003e\u003ccode\u003e666e2f9\u003c/code\u003e\u003c/a\u003e Internal queries: Replace deprecated predicates\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/d43ae36a631248dea35da2f8da5e28687255da31\"\u003e\u003ccode\u003ed43ae36\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/github/codeql-action/commit/75af1f5948eef4f82d80db69296c55a9bc5ba26e\"\u003e\u003ccode\u003e75af1f5\u003c/code\u003e\u003c/a\u003e Update default bundle to codeql-bundle-v2.16.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href\u003d\"https://github.com/github/codeql-action/compare/012739e5082ff0c22ca6d6ab32e07c36df03c4a4...b7bf0a3ed3ecfa44160715d7c442788f65f0f923\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency\u0027s major version (unless you unignore this specific dependency\u0027s major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency\u0027s minor version (unless you unignore this specific dependency\u0027s minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\u003c/details\u003e\n\nCloses #21168.\n\nPiperOrigin-RevId: 604910257\nChange-Id: Ie6c8c18a6f4b8756b1f599894437e88a2d00f2ab\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "e445bc72c95f074e9d9274bc74f6240a355a9ee6",
      "old_mode": 33188,
      "old_path": ".github/workflows/cherry-picker.yml",
      "new_id": "135cdab3a528b8e10d9c152941681618fe904cd5",
      "new_mode": 33188,
      "new_path": ".github/workflows/cherry-picker.yml"
    },
    {
      "type": "modify",
      "old_id": "cec00e8feaf8bbbf3f0598fb9cc797a9091b012c",
      "old_mode": 33188,
      "old_path": ".github/workflows/labeler.yml",
      "new_id": "6409e7a6d6d2934b72414dcd5a9e181ff3bf0a42",
      "new_mode": 33188,
      "new_path": ".github/workflows/labeler.yml"
    },
    {
      "type": "modify",
      "old_id": "9c445ffb7097d1ed2472ce4f4299af7312795edd",
      "old_mode": 33188,
      "old_path": ".github/workflows/release-helper.yml",
      "new_id": "01c9a2ccbed944827d0b045c4bd8320f2c5dfccd",
      "new_mode": 33188,
      "new_path": ".github/workflows/release-helper.yml"
    },
    {
      "type": "modify",
      "old_id": "c340c6f14f704e011b7d04025c3eda6468509c78",
      "old_mode": 33188,
      "old_path": ".github/workflows/remove-labels.yml",
      "new_id": "3088806f10a79d2ad530b4656e5f188523a4f616",
      "new_mode": 33188,
      "new_path": ".github/workflows/remove-labels.yml"
    },
    {
      "type": "modify",
      "old_id": "dbcd9c73e0314def0f2bb3efb1e3beefc2ff3497",
      "old_mode": 33188,
      "old_path": ".github/workflows/scorecard.yml",
      "new_id": "241089b73439a10100460cb1817d22d5023de0e3",
      "new_mode": 33188,
      "new_path": ".github/workflows/scorecard.yml"
    },
    {
      "type": "modify",
      "old_id": "fb5063fa3e2924156cc9845d8c156780e0bc0021",
      "old_mode": 33188,
      "old_path": ".github/workflows/stale.yml",
      "new_id": "8f8ddfb2ae6adb9d0a42262439e9b081d90a13e2",
      "new_mode": 33188,
      "new_path": ".github/workflows/stale.yml"
    }
  ]
}