Message-ID: From: "renovate-bot (@renovate-bot)" To: "pgjdbc/pgjdbc" Date: Mon, 25 May 2026 07:51:32 +0000 Subject: [pgjdbc/pgjdbc] PR #4094: chore(deps): update github/codeql-action action to v3.36.0 List-Id: X-GitHub-Author-Id: 25180681 X-GitHub-Author-Login: renovate-bot X-GitHub-Issue: 4094 X-GitHub-Labels: dependencies X-GitHub-Repo: pgjdbc/pgjdbc X-GitHub-State: merged X-GitHub-Type: pull_request X-GitHub-Url: https://github.com/pgjdbc/pgjdbc/pull/4094 Content-Type: text/plain; charset=utf-8 This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | minor | `v3.35.3` → `v3.36.0` | --- ### Release Notes
github/codeql-action (github/codeql-action) ### [`v3.36.0`](https://redirect.github.com/github/codeql-action/releases/tag/v3.36.0) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.35.5...v3.36.0) - *Breaking change*: Bump the minimum required CodeQL bundle version to 2.19.4. [#​3894](https://redirect.github.com/github/codeql-action/pull/3894) - Add support for SHA-256 Git object IDs. [#​3893](https://redirect.github.com/github/codeql-action/pull/3893) - Update default CodeQL bundle version to [2.25.5](https://redirect.github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5). [#​3926](https://redirect.github.com/github/codeql-action/pull/3926) ### [`v3.35.5`](https://redirect.github.com/github/codeql-action/releases/tag/v3.35.5) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.35.4...v3.35.5) - We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. [#​3899](https://redirect.github.com/github/codeql-action/pull/3899) - For performance and accuracy reasons, [improved incremental analysis](https://redirect.github.com/github/roadmap/issues/1158) will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. [#​3791](https://redirect.github.com/github/codeql-action/pull/3791) - If multiple inputs are provided for the GitHub-internal `analysis-kinds` input, only `code-scanning` will be enabled. The `analysis-kinds` input is experimental, for GitHub-internal use only, and may change without notice at any time. [#​3892](https://redirect.github.com/github/codeql-action/pull/3892) - Added an experimental change which, when running a Code Scanning analysis for a PR with [improved incremental analysis](https://redirect.github.com/github/roadmap/issues/1158) enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. [#​3880](https://redirect.github.com/github/codeql-action/pull/3880) ### [`v3.35.4`](https://redirect.github.com/github/codeql-action/releases/tag/v3.35.4) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.35.3...v3.35.4) - Update default CodeQL bundle version to [2.25.4](https://redirect.github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4). [#​3881](https://redirect.github.com/github/codeql-action/pull/3881)
--- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "every 3 weeks on Monday" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/pgjdbc/pgjdbc).