Skip to content

chore(deps): update non-major-updates#1019

Merged
Wikid82 merged 1 commit into
developmentfrom
renovate/non-major-updates
May 15, 2026
Merged

chore(deps): update non-major-updates#1019
Wikid82 merged 1 commit into
developmentfrom
renovate/non-major-updates

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 15, 2026

This PR contains the following updates:

Package Type Update Change Age Confidence
github/codeql-action (changelog) action digest 68bde559e0d7b8
github/codeql-action action patch v4.35.4v4.35.5 age confidence
knip (source) devDependencies minor ^6.13.1^6.14.0 age confidence

Release Notes

github/codeql-action (github/codeql-action)

v4.35.5

Compare Source

  • We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. #​3899
  • For performance and accuracy reasons, improved incremental analysis will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. #​3791
  • If multiple inputs are provided for the GitHub-internal analysis-kinds input, only code-scanning will be enabled. The analysis-kinds input is experimental, for GitHub-internal use only, and may change without notice at any time. #​3892
  • Added an experimental change which, when running a Code Scanning analysis for a PR with improved incremental analysis enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. #​3880
webpro-nl/knip (knip)

v6.14.0: Release 6.14.0

Compare Source

  • Resolve imports satisfied via transitive peerDeps (d654ec7)
  • Don't flag undeclared sibling workspace imports as unlisted (#​1742) (e7122a1)
  • Update github-actions reporter snapshots (2308b5a)
  • Cache syncGlob() results like defaultGlob() does (6c34287)
  • Trim redundant statSync calls in FileEntryCache (eee3b89)
  • Cache parsed .gitignore patterns across --cache runs (7ffdc2f)
  • Tighten cache module callsites (64e5072)
  • Extract shared disk-cache helper used by glob and gitignore caches (0987421)
  • Simplify CacheConsultant: replace trampoline with default arrow methods (bebe750)
  • Pin pnpm minimumReleaseAge and trustPolicy (77efb32)
  • Eliminate rescanFrontier polling in walkAndAnalyze (38d91b6)
  • Reduce findWorkspaceByFilePath per-call overhead (9149437)
  • Memoize DependencyDeputy.getDependencies (a661a21)
  • Tighten module-graph map helpers (drop double-lookup + optional chains) (c11d62f)
  • Add --duration flag for zero-overhead duration measurement (d4b59d8)
  • Cover analysis pipeline with --performance timerify (694dbf4)
  • Align --help text (6f12997)
  • Add cli arg shorthands: -p, -s, -w, -D, -f, -F, -u (f21a587)
  • Format (8db5346)
  • This one's okay (662ceaf)

Configuration

📅 Schedule: (in timezone America/New_York)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@github-advanced-security
Copy link
Copy Markdown
Contributor

github-advanced-security AI commented May 15, 2026

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 15, 2026

✅ Supply Chain Verification Results

PASSED

📦 SBOM Summary

  • Components: 1487

🔍 Vulnerability Scan

Severity Count
🔴 Critical 0
🟠 High 0
🟡 Medium 4
🟢 Low 2
Total 6

📎 Artifacts

  • SBOM (CycloneDX JSON) and Grype results available in workflow artifacts

Generated by Supply Chain Verification workflow • View Details

@codecov
Copy link
Copy Markdown

codecov Bot commented May 15, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@Wikid82 Wikid82 merged commit 60c6f42 into development May 15, 2026
38 of 39 checks passed
@Wikid82 Wikid82 deleted the renovate/non-major-updates branch May 15, 2026 16:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@github-advanced-security @Wikid82