Bump github/codeql-action from 3.28.14 to 3.28.15

[dependabot]

Bumps github/codeql-action from 3.28.14 to 3.28.15.

Release notes

Sourced from github/codeql-action's releases.

v3.28.15

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025

• Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

3.28.15 - 07 Apr 2025

• Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

Commits

• 45775bd Merge pull request #2854 from github/update-v3.28.15-a35ae8c38
• dd78aab Update CHANGELOG.md with bug fix details
• e40af59 Update changelog for v3.28.15
• a35ae8c Merge pull request #2843 from github/cklin/diff-informed-compat
• bb59df6 Merge pull request #2842 from github/henrymercer/zip64
• 4b508f5 Merge pull request #2845 from github/mergeback/v3.28.14-to-main-fc7e4a0f
• ca00afb Update checked-in dependencies
• 2969c78 Update changelog and version after v3.28.14
• a8be43c Don't throw error for ENOENT
• 94102d9 Set checkPresence in diff-range data extension
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 43e8b55.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
actions/github/codeql-action/upload-sarif	3.28.15	Unknown	Unknown
actions/github/codeql-action/analyze	3.28.15	Unknown	Unknown
actions/github/codeql-action/autobuild	3.28.15	Unknown	Unknown
actions/github/codeql-action/init	3.28.15	Unknown	Unknown
actions/github/codeql-action/analyze	3.28.15	Unknown	Unknown
actions/github/codeql-action/init	3.28.15	Unknown	Unknown
actions/github/codeql-action/upload-sarif	3.28.15	Unknown	Unknown
actions/github/codeql-action/upload-sarif	3.28.15	Unknown	Unknown

Scanned Files

• .github/workflows/codacy-analysis.yml
• .github/workflows/codeql-analysis.yml
• .github/workflows/codeql.yml
• .github/workflows/devskim.yml
• .github/workflows/pmd.yml