diff --git a/CHANGELOG.md b/CHANGELOG.md index 45ec507e25..f43b8573ed 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th ## [UNRELEASED] - Update default CodeQL bundle version to 2.15.1. [#1953](https://github.com/github/codeql-action/pull/1953) +- Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. + - All code scanning workflows should continue to succeed regardless of the warning. + - The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. + - For more information, and to communicate with the maintaining team, please use [this issue](https://github.com/github/codeql-action/issues/1959). ## 2.22.3 - 13 Oct 2023 diff --git a/README.md b/README.md index 781f2aa192..e4fe26e359 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,15 @@ This action runs GitHub's industry-leading semantic code analysis engine, [CodeQ For a list of recent changes, see the CodeQL Action's [changelog](CHANGELOG.md). +## :loudspeaker: Node 16 deprecation, upcoming CodeQL Action v3 :loudspeaker: +Announcement for users of this Action and code scanning workflows on GitHub.com: + +- You will begin to see these warnings about Node.js 16 deprecation in your Actions logs on code scanning runs starting October 23, 2023. +- All code scanning workflows should continue to succeed regardless of the warning. +- The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. + +For more information, and to communicate with the maintaining team, please use [this issue](https://github.com/github/codeql-action/issues/1959). + ## License This project is released under the [MIT License](LICENSE). diff --git a/python-setup/tests/pipenv/python-3.8/Pipfile.lock b/python-setup/tests/pipenv/python-3.8/Pipfile.lock index 06d3fc63e7..8fc3f2c98d 100644 --- a/python-setup/tests/pipenv/python-3.8/Pipfile.lock +++ b/python-setup/tests/pipenv/python-3.8/Pipfile.lock @@ -139,12 +139,12 @@ }, "urllib3": { "hashes": [ - "sha256:7a7c7003b000adf9e7ca2a377c9688bbc54ed41b985789ed576570342a375cd2", - "sha256:b19e1a85d206b56d7df1d5e683df4a7725252a964e3993648dd0fb5a1c157564" + "sha256:c97dfde1f7bd43a71c8d2a58e369e9b2bf692d1334ea9f9cae55add7d0dd0f84", + "sha256:fdb6d215c776278489906c2f8916e6e7d4f5a9b602ccbcfdf7f016fc8da0596e" ], "index": "pypi", "markers": "python_version >= '3.7'", - "version": "==2.0.6" + "version": "==2.0.7" } }, "develop": {} diff --git a/python-setup/tests/pipenv/requests-3/Pipfile.lock b/python-setup/tests/pipenv/requests-3/Pipfile.lock index d4483f5628..0ee35b3d84 100644 --- a/python-setup/tests/pipenv/requests-3/Pipfile.lock +++ b/python-setup/tests/pipenv/requests-3/Pipfile.lock @@ -137,12 +137,12 @@ }, "urllib3": { "hashes": [ - "sha256:7a7c7003b000adf9e7ca2a377c9688bbc54ed41b985789ed576570342a375cd2", - "sha256:b19e1a85d206b56d7df1d5e683df4a7725252a964e3993648dd0fb5a1c157564" + "sha256:c97dfde1f7bd43a71c8d2a58e369e9b2bf692d1334ea9f9cae55add7d0dd0f84", + "sha256:fdb6d215c776278489906c2f8916e6e7d4f5a9b602ccbcfdf7f016fc8da0596e" ], "index": "pypi", "markers": "python_version >= '3.7'", - "version": "==2.0.6" + "version": "==2.0.7" } }, "develop": {} diff --git a/python-setup/tests/poetry/python-3.8/poetry.lock b/python-setup/tests/poetry/python-3.8/poetry.lock index 70c17430ca..bd2f771a80 100644 --- a/python-setup/tests/poetry/python-3.8/poetry.lock +++ b/python-setup/tests/poetry/python-3.8/poetry.lock @@ -59,13 +59,13 @@ use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"] [[package]] name = "urllib3" -version = "1.26.17" +version = "1.26.18" description = "HTTP library with thread-safe connection pooling, file post, and more." optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" files = [ - {file = "urllib3-1.26.17-py2.py3-none-any.whl", hash = "sha256:94a757d178c9be92ef5539b8840d48dc9cf1b2709c9d6b588232a055c524458b"}, - {file = "urllib3-1.26.17.tar.gz", hash = "sha256:24d6a242c28d29af46c3fae832c36db3bbebcc533dd1bb549172cd739c82df21"}, + {file = "urllib3-1.26.18-py2.py3-none-any.whl", hash = "sha256:34b97092d7e0a3a8cf7cd10e386f401b3737364026c45e622aa02903dffe0f07"}, + {file = "urllib3-1.26.18.tar.gz", hash = "sha256:f8ecc1bba5667413457c529ab955bf8c67b45db799d159066261719e328580a0"}, ] [package.extras] diff --git a/python-setup/tests/poetry/requests-3/poetry.lock b/python-setup/tests/poetry/requests-3/poetry.lock index 2504dc4655..13c2c71d0a 100644 --- a/python-setup/tests/poetry/requests-3/poetry.lock +++ b/python-setup/tests/poetry/requests-3/poetry.lock @@ -59,13 +59,13 @@ use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"] [[package]] name = "urllib3" -version = "1.26.17" +version = "1.26.18" description = "HTTP library with thread-safe connection pooling, file post, and more." optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" files = [ - {file = "urllib3-1.26.17-py2.py3-none-any.whl", hash = "sha256:94a757d178c9be92ef5539b8840d48dc9cf1b2709c9d6b588232a055c524458b"}, - {file = "urllib3-1.26.17.tar.gz", hash = "sha256:24d6a242c28d29af46c3fae832c36db3bbebcc533dd1bb549172cd739c82df21"}, + {file = "urllib3-1.26.18-py2.py3-none-any.whl", hash = "sha256:34b97092d7e0a3a8cf7cd10e386f401b3737364026c45e622aa02903dffe0f07"}, + {file = "urllib3-1.26.18.tar.gz", hash = "sha256:f8ecc1bba5667413457c529ab955bf8c67b45db799d159066261719e328580a0"}, ] [package.extras]