Skip to content

chore(deps): update github/codeql-action action to v4.35.5#994

Merged
AndyScherzinger merged 1 commit into
mainfrom
renovate/github-codeql-action-4.x
May 16, 2026
Merged

chore(deps): update github/codeql-action action to v4.35.5#994
AndyScherzinger merged 1 commit into
mainfrom
renovate/github-codeql-action-4.x

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 16, 2026

This PR contains the following updates:

Package Type Update Change
github/codeql-action action patch v4.35.4v4.35.5

Release Notes

github/codeql-action (github/codeql-action)

v4.35.5

Compare Source

  • We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. #​3899
  • For performance and accuracy reasons, improved incremental analysis will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. #​3791
  • If multiple inputs are provided for the GitHub-internal analysis-kinds input, only code-scanning will be enabled. The analysis-kinds input is experimental, for GitHub-internal use only, and may change without notice at any time. #​3892
  • Added an experimental change which, when running a Code Scanning analysis for a PR with improved incremental analysis enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. #​3880

Configuration

📅 Schedule: (in timezone Europe/Berlin)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate
chore(deps): update github/codeql-action action to v4.35.5
e6c5383 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate Bot added 3. to review Waiting for reviews dependencies Pull requests that update a dependency file labels May 16, 2026
@AndyScherzinger AndyScherzinger enabled auto-merge May 16, 2026 04:07
@AndyScherzinger AndyScherzinger merged commit 24c8538 into main May 16, 2026
11 of 12 checks passed
@AndyScherzinger AndyScherzinger deleted the renovate/github-codeql-action-4.x branch May 16, 2026 04:09
@codacy-production
Copy link
Copy Markdown

codacy-production Bot commented May 16, 2026

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 16, 2026

SpotBugs

CategoryBaseNew
Bad practice66
Correctness2424
Dodgy code1313
Internationalization22
Malicious code vulnerability1111
Multithreaded correctness44
Performance44
Security55
Total6969

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

3. to review Waiting for reviews dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@AndyScherzinger