chore(deps): bump github/codeql-action from 1 to 2 #5

2022-08-30T19:55:35Z

dependabot[bot] commented

2022-08-30 19:55:35 +00:00

(Migrated from github.com)

Bumps github/codeql-action from 1 to 2.

Changelog

Sourced from github/codeql-action's changelog.

Commits

c2c0a29 Merge pull request #1200 from github/mergeback/v2.1.20-to-main-7fee4ca0
ec88835 Merge pull request #1201 from github/henrymercer/mergeback-v1-fixes
bae5150 Remove @types/long
c72f566 Explicitly import performance for Node 12 compatibility
e590686 Update checked-in dependencies
d7319f2 Update changelog and version after v2.1.20
7fee4ca Merge pull request #1199 from github/update-v2.1.20-f0a1a35a
5259c5e Update changelog for v2.1.20
f0a1a35 Merge pull request #1197 from github/henrymercer/fix-release-when-package-con...
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2. <details> <summary>Changelog</summary> Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>. </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/c2c0a2908e95769d01b907f9930050ecb5cf050d"><code>c2c0a29</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/github/codeql-action/issues/1200">#1200</a> from github/mergeback/v2.1.20-to-main-7fee4ca0</li> <li><a href="https://github.com/github/codeql-action/commit/ec8883580f53ec73913d318a97bb21c864443af7"><code>ec88835</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/github/codeql-action/issues/1201">#1201</a> from github/henrymercer/mergeback-v1-fixes</li> <li><a href="https://github.com/github/codeql-action/commit/bae51503cfab01d8c3bb93d99391f4f7d64b6ef6"><code>bae5150</code></a> Remove <code>@types/long</code></li> <li><a href="https://github.com/github/codeql-action/commit/c72f566aae48fd2cff4fd58bb40f4fd38e1589c4"><code>c72f566</code></a> Explicitly import <code>performance</code> for Node 12 compatibility</li> <li><a href="https://github.com/github/codeql-action/commit/e590686972bd74bb428754bff985b5077477cfe3"><code>e590686</code></a> Update checked-in dependencies</li> <li><a href="https://github.com/github/codeql-action/commit/d7319f2ff47254bebe28d55644bacc58b4a4b431"><code>d7319f2</code></a> Update changelog and version after v2.1.20</li> <li><a href="https://github.com/github/codeql-action/commit/7fee4ca032ac341c12486c4c06822c5221c76533"><code>7fee4ca</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/github/codeql-action/issues/1199">#1199</a> from github/update-v2.1.20-f0a1a35a</li> <li><a href="https://github.com/github/codeql-action/commit/5259c5e5d845af4ced3d846415b3085aff2cce26"><code>5259c5e</code></a> Update changelog for v2.1.20</li> <li><a href="https://github.com/github/codeql-action/commit/f0a1a35a9fa60e0b81ec6dc073076bf986949b31"><code>f0a1a35</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/github/codeql-action/issues/1197">#1197</a> from github/henrymercer/fix-release-when-package-con...</li> <li>See full diff in <a href="https://github.com/github/codeql-action/compare/v1...v2">compare view</a></li> </ul> </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=1&new-version=2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

dependabot[bot] commented

2022-08-30 19:55:37 +00:00

(Migrated from github.com)

Dependabot tried to add @fedekunze and @khoslaventures as reviewers to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/cerc-io/laconicd/pulls/5/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the cerc-io/laconicd repository. // See: https://docs.github.com/rest/reference/pulls#request-reviewers-for-a-pull-request

Dependabot tried to add `@fedekunze` and `@khoslaventures` as reviewers to this PR, but received the following error from GitHub: ``` POST https://api.github.com/repos/cerc-io/laconicd/pulls/5/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the cerc-io/laconicd repository. // See: https://docs.github.com/rest/reference/pulls#request-reviewers-for-a-pull-request ```

dependabot[bot] commented

2022-08-30 20:01:27 +00:00

(Migrated from github.com)

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it.