Bump github/codeql-action from 4.31.9 to 4.31.10 by dependabot[bot] · Pull Request #497 · oras-project/oras-java
⚠️ Dependabot is rebasing this PR ⚠️
Rebasing might not happen immediately, so don't worry if this takes some time.
Note: if you make any changes to this PR yourself, they will take precedence over the rebase.
Bumps github/codeql-action from 4.31.9 to 4.31.10.
Release notes
Sourced from github/codeql-action's releases.
v4.31.10
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
4.31.10 - 12 Jan 2026
- Update default CodeQL bundle version to 2.23.9. #3393
See the full CHANGELOG.md for more information.
Changelog
Sourced from github/codeql-action's changelog.
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
[UNRELEASED]
No user facing changes.
4.31.10 - 12 Jan 2026
- Update default CodeQL bundle version to 2.23.9. #3393
4.31.9 - 16 Dec 2025
No user facing changes.
4.31.8 - 11 Dec 2025
- Update default CodeQL bundle version to 2.23.8. #3354
4.31.7 - 05 Dec 2025
- Update default CodeQL bundle version to 2.23.7. #3343
4.31.6 - 01 Dec 2025
No user facing changes.
4.31.5 - 24 Nov 2025
- Update default CodeQL bundle version to 2.23.6. #3321
4.31.4 - 18 Nov 2025
No user facing changes.
4.31.3 - 13 Nov 2025
- CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see Upcoming deprecation of CodeQL Action v3.
- Update default CodeQL bundle version to 2.23.5. #3288
4.31.2 - 30 Oct 2025
No user facing changes.
4.31.1 - 30 Oct 2025
- The
add-snippetsinput has been removed from theanalyzeaction. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.4.31.0 - 24 Oct 2025
... (truncated)
Commits
cdefb33Merge pull request #3394 from github/update-v4.31.10-0fa411efdcfa77c6Update changelog for v4.31.100fa411eMerge pull request #3393 from github/update-bundle/codeql-bundle-v2.23.9c284324Add changelog note83e7d00Update default bundle to codeql-bundle-v2.23.9f6a16beMerge pull request #3391 from github/dependabot/npm_and_yarn/npm-minor-f1cdf5...c1f5f1aRebuild1805d8dBump the npm-minor group with 2 updatesb2951d2Merge pull request #3353 from github/kaspersv/bump-min-cli-v-for-overlay41448d9Merge pull request #3287 from github/henrymercer/generate-mergeback-last- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)