From 3913b358a323c054916c21f37e68f2786ab4b02c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 17 Jan 2026 02:27:44 +0000 Subject: [PATCH 1/2] Bump gcovr from 8.4 to 8.6 Bumps [gcovr](https://github.com/gcovr/gcovr) from 8.4 to 8.6. - [Release notes](https://github.com/gcovr/gcovr/releases) - [Changelog](https://github.com/gcovr/gcovr/blob/main/CHANGELOG.rst) - [Commits](https://github.com/gcovr/gcovr/compare/8.4...8.6) --- updated-dependencies: - dependency-name: gcovr dependency-version: '8.6' dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index 5de8641..e665ad3 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -8,7 +8,7 @@ distlib==0.4.0 # via virtualenv filelock==3.20.3 # via virtualenv -gcovr==8.4 +gcovr==8.6 # via -r requirements-dev.in identify==2.6.15 # via pre-commit From 1436b7488430f8ce3e1b45d9cd3a2f408237f7d4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 22 Feb 2026 05:43:26 +0000 Subject: [PATCH 2/2] Bump github/codeql-action in the github-owned-actions group Bumps the github-owned-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 4.32.3 to 4.32.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/9e907b5e64f6b83e7804b09294d44122997950d6...89a39a4e59826350b863aa6b6252a07ad50cf83e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-owned-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/ossf-scorecard-analysis.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index eec83af..a10f987 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -77,7 +77,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3 + uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -105,6 +105,6 @@ jobs: exit 1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3 + uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/ossf-scorecard-analysis.yml b/.github/workflows/ossf-scorecard-analysis.yml index fd060b5..6c572bb 100644 --- a/.github/workflows/ossf-scorecard-analysis.yml +++ b/.github/workflows/ossf-scorecard-analysis.yml @@ -56,6 +56,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3 + uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 with: sarif_file: results.sarif