Skip to content

fix(deps): update all dependencies #191

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(deps): update all dependencies #191

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 25, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
actions/dependency-review-action action minor v4.7.3 -> v4.8.1 age adoption passing confidence
github/codeql-action action major v3.30.3 -> v4.30.8 age adoption passing confidence
go (source) toolchain patch 1.25.1 -> 1.25.2 age adoption passing confidence
golang.org/x/mod require minor v0.28.0 -> v0.29.0 age adoption passing confidence
golang.org/x/tools require minor v0.37.0 -> v0.38.0 age adoption passing confidence
typescript (source) devDependencies patch 5.9.2 -> 5.9.3 age adoption passing confidence

Release Notes

actions/dependency-review-action (actions/dependency-review-action)

v4.8.1: Dependency Review Action v4.8.1

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v4...v4.8.1

v4.8.0

Compare Source

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v4...v4.8.0

v4.7.4

Compare Source

github/codeql-action (github/codeql-action)

v4.30.8

Compare Source

v4.30.7

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.7 - 06 Oct 2025
  • [v4+ only] The CodeQL Action now runs on Node.js v24. #​3169

See the full CHANGELOG.md for more information.

v3.30.8

Compare Source

v3.30.7

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.7 - 06 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.30.6

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.6 - 02 Oct 2025

  • Update default CodeQL bundle version to 2.23.2. #​3168

See the full CHANGELOG.md for more information.

v3.30.5

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.5 - 26 Sep 2025

  • We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #​3160

See the full CHANGELOG.md for more information.

v3.30.4

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.4 - 25 Sep 2025
  • We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #​3099 and #​3100
  • We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #​3107
  • You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #​3130
  • Update default CodeQL bundle version to 2.23.1. #​3118

See the full CHANGELOG.md for more information.

golang/go (go)

v1.25.2

microsoft/TypeScript (typescript)

v5.9.3

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot changed the title chore(deps): update github/codeql-action action to v3.30.4 chore(deps): update all dependencies Sep 26, 2025
@socket-security Socket Security
Copy link

socket-security bot commented Sep 29, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addedgolang/​golang.org/​x/​tools@​v0.38.075100100100100
Updatednpm/​typescript@​5.9.2 ⏵ 5.9.310010090 +110090
Addedgolang/​golang.org/​x/​mod@​v0.29.096100100100100

View full report

@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 5675f0f to c6b1a22 Compare October 2, 2025 19:23
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from bd1c5ec to 6c7d8cb Compare October 8, 2025 18:29
@renovate renovate bot changed the title chore(deps): update all dependencies fix(deps): update all dependencies Oct 8, 2025
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Oct 9, 2025

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 1 additional dependency was updated

Details:

Package Change
golang.org/x/sys v0.36.0 -> v0.37.0

@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 2af6ead to bb6479a Compare October 10, 2025 17:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants