Skip to content

Bump the "all" group with 2 updates across multiple ecosystems #901

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 26, 2025
Merged

Bump the "all" group with 2 updates across multiple ecosystems #901

merged 1 commit into from
Sep 26, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 26, 2025

Bumps the all group with 2 updates: github/codeql-action and ruby/setup-ruby.

Updates github/codeql-action from 3.30.3 to 3.30.4

Release notes

Sourced from github/codeql-action's releases.

v3.30.4

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.4 - 25 Sep 2025

  • We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100
  • We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107
  • You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130
  • Update default CodeQL bundle version to 2.23.1. #3118

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.30.4 - 25 Sep 2025

  • We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100
  • We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107
  • You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130
  • Update default CodeQL bundle version to 2.23.1. #3118

3.30.3 - 10 Sep 2025

No user facing changes.

3.30.2 - 09 Sep 2025

  • Fixed a bug which could cause language autodetection to fail. #3084
  • Experimental: The quality-queries input that was added in 3.29.2 as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new analysis-kinds input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. #3064

3.30.1 - 05 Sep 2025

  • Update default CodeQL bundle version to 2.23.0. #3077

3.30.0 - 01 Sep 2025

  • Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. #3054

3.29.11 - 21 Aug 2025

  • Update default CodeQL bundle version to 2.22.4. #3044

3.29.10 - 18 Aug 2025

No user facing changes.

3.29.9 - 12 Aug 2025

No user facing changes.

3.29.8 - 08 Aug 2025

  • Fix an issue where the Action would autodetect unsupported languages such as HTML. #3015

3.29.7 - 07 Aug 2025

... (truncated)

Commits
  • 303c0ae Merge pull request #3149 from github/update-v3.30.4-e4b85ab65
  • 333a673 Update changelog for v3.30.4
  • e4b85ab Merge pull request #3148 from github/cklin/just-test_file-serial
  • 1e72556 build: use --serial in 'just test_file'
  • 39842d8 Merge pull request #3146 from github/mbg/start-proxy/authenticate
  • 6ccec2a Remove url from log messages
  • 435f474 Merge pull request #3147 from github/dependabot/npm_and_yarn/npm-76d2ab1078
  • f134e09 Rebuild
  • 50a31df Bump @​actions/cache from 4.0.5 to 4.1.0 in the npm group
  • 8e25b34 Merge pull request #3144 from github/henrymercer/dependabot
  • Additional commits viewable in compare view

Updates ruby/setup-ruby from 1.259.0 to 1.263.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.263.0

What's Changed

New Contributors

Full Changelog: ruby/setup-ruby@v1.262.0...v1.263.0

v1.262.0

Full Changelog: ruby/setup-ruby@v1.261.0...v1.262.0

v1.261.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.260.0...v1.261.0

v1.260.0

What's Changed

New Contributors

Full Changelog: ruby/setup-ruby@v1.259.0...v1.260.0

Commits
  • 0481980 Print lockfile contents earlier
  • cf7216d Use new releases of ruby-builder per engine-version
  • 1c58d16 Update CRuby releases on Windows
  • 1dc7956 Test on JRuby 9.4 as well as 10.0
  • b8714f7 Revert "Skip test failing on JRuby on Windows"
  • d3e13b3 Revert "feat: upgrade to node 24"
  • 4df093a Revert "chore: add setup-node for lint job"
  • See full diff in compare view

Bumps the all group with 1 update in the / directory: rubocop.

Updates rubocop from 1.80.2 to 1.81.0

Release notes

Sourced from rubocop's releases.

RuboCop v1.81.0

New features

Bug fixes

  • #14560: Fix an error for Style/NilComparison cop when using the var.==(nil) and var.===(nil) syntax. (@​viralpraxis)
  • #14535: Fix autocorrect for Style/ExplicitBlockArgument when there are two methods that share the same implementation. (@​earlopain)
  • #14527: Fix false negatives for Style/NumberedParameters and Style/ItBlockParameter when using multiline method chain with EnforcedStyle: allow_single_line. (@​koic)
  • #14522: Fix false negatives for Layout/MultilineOperationIndentation when using indented code on LHS of equality operator in modifier method definition. (@​koic)
  • #14496: Fix false negatives for Layout/EmptyLineBetweenDefs for AllowAdjacentOneLineDefs: false and DefLikeMacros that take no block. (@​earlopain)
  • #14553: Fix false positives when EnforcedStyle: allowed_in_returns and !! appears across multiple lines in return position. (@​koic)
  • #14557: Fix false positives for Style/RedundantParentheses when parentheses are used around a one-line rescue expression as a condition. (@​koic)
  • #14525: Fix false positives for Style/RedundantRegexpEscape when an escaped variable sigil follows # (e.g., /#\@foo/, /#\@@bar/, /#\$baz/). (@​koic)
  • #14529: Fix false negative in Layout/RescueEnsureAlignment with a block whose send node is split over multiple lines. (@​dvandersluis)
  • #14528: Fix Style/RedundantFormat when the format string has a variable width that isn't given as a literal value. (@​dvandersluis)
  • #14541: Fix gemspec parsing error when ParserEngine: parser_prism is configured in a base config file. (@​sudoremo)
  • #14544: Fix an incorrect autocorrect for Lint/Void when using a return value in assignment method definition. (@​koic)
  • #14543: Fix an incorrect autocorrect for Style/RedundantRegexpArgument when using escaped single quote character. (@​koic)
  • #14540: Fix an incorrect autocorrect for Style/UnlessElse when using unless with then. (@​koic)
  • #14507: Fix the built-in Ruby LSP add-on not restarting when config files (.rubocop.yml, .rubocop_todo.yml) change. (@​earlopain)
  • #14514: Fix the built-in Ruby LSP add-on not respecting .rubocop config file. (@​earlopain)
  • #14508: Fix the built-in Ruby LSP add-on getting in an irrecoverable state when the config is invalid on startup. (@​earlopain)
  • #14534: Prevent Layout/LineLength autocorrection from splitting a block if its receiver contains a heredoc. (@​dvandersluis)
  • #14497: Fix a false positive for Lint/ShadowedArgument when assigning inside a rescue block. (@​earlopain)

Changes

  • #14492: Add support for LSP positionEncoding utf-8 and utf-32. (@​tmtm)
Changelog

Sourced from rubocop's changelog.

1.81.0 (2025-09-25)

New features

  • #14512: Add Style/ArrayIntersectWithSingleElement cop. ([@​r7kamura][])
  • #10971: Support EnforcedStyleForMultiline: diff_comma in Style/TrailingCommaInArguments. ([@​akouryy][])

Bug fixes

  • #14560: Fix an error for Style/NilComparison cop when using the var.==(nil) and var.===(nil) syntax. ([@​viralpraxis][])
  • #14535: Fix autocorrect for Style/ExplicitBlockArgument when there are two methods that share the same implementation. ([@​earlopain][])
  • #14527: Fix false negatives for Style/NumberedParameters and Style/ItBlockParameter when using multiline method chain with EnforcedStyle: allow_single_line. ([@​koic][])
  • #14522: Fix false negatives for Layout/MultilineOperationIndentation when using indented code on LHS of equality operator in modifier method definition. ([@​koic][])
  • #14496: Fix false negatives for Layout/EmptyLineBetweenDefs for AllowAdjacentOneLineDefs: false and DefLikeMacros that take no block. ([@​earlopain][])
  • #14553: Fix false positives when EnforcedStyle: allowed_in_returns and !! appears across multiple lines in return position. ([@​koic][])
  • #14557: Fix false positives for Style/RedundantParentheses when parentheses are used around a one-line rescue expression as a condition. ([@​koic][])
  • #14525: Fix false positives for Style/RedundantRegexpEscape when an escaped variable sigil follows # (e.g., /#\@foo/, /#\@@bar/, /#\$baz/). ([@​koic][])
  • #14529: Fix false negative in Layout/RescueEnsureAlignment with a block whose send node is split over multiple lines. ([@​dvandersluis][])
  • #14528: Fix Style/RedundantFormat when the format string has a variable width that isn't given as a literal value. ([@​dvandersluis][])
  • #14541: Fix gemspec parsing error when ParserEngine: parser_prism is configured in a base config file. ([@​sudoremo][])
  • #14544: Fix an incorrect autocorrect for Lint/Void when using a return value in assignment method definition. ([@​koic][])
  • #14543: Fix an incorrect autocorrect for Style/RedundantRegexpArgument when using escaped single quote character. ([@​koic][])
  • #14540: Fix an incorrect autocorrect for Style/UnlessElse when using unless with then. ([@​koic][])
  • #14507: Fix the built-in Ruby LSP add-on not restarting when config files (.rubocop.yml, .rubocop_todo.yml) change. ([@​earlopain][])
  • #14514: Fix the built-in Ruby LSP add-on not respecting .rubocop config file. ([@​earlopain][])
  • #14508: Fix the built-in Ruby LSP add-on getting in an irrecoverable state when the config is invalid on startup. ([@​earlopain][])
  • #14534: Prevent Layout/LineLength autocorrection from splitting a block if its receiver contains a heredoc. ([@​dvandersluis][])
  • #14497: Fix a false positive for Lint/ShadowedArgument when assigning inside a rescue block. ([@​earlopain][])

Changes

  • #14492: Add support for LSP positionEncoding utf-8 and utf-32. ([@​tmtm][])
Commits
  • 386bf10 Cut 1.81
  • 148250d Update Changelog
  • face244 Fix an error for Style/NilComparison cop
  • d8c1d4c Fix an error for InternalAffairsOnSendWithoutOnCSend with alias_method an...
  • ec897ea Merge pull request #14551 from Earlopain/empty-line-def-macro-no-block
  • 076ba7b [Fix #14496] Fix false negatives for Layout/EmptyLineBetweenDefs with `Allo...
  • f669aaa [Fix #14557] Fix false positives for Style/RedundantParentheses
  • d0bc9e1 [Fix #14541] Fix gemspec parsing error when parser_prism is configured
  • 3a0260d [Fix #10971] Add diff_comma option to Style/TrailingCommaInArguments
  • f92d6e1 [Fix #14544] Fix an incorrect autocorrect for Lint/Void
  • Additional commits viewable in compare view

Updates json from 2.14.1 to 2.15.0

Release notes

Sourced from json's releases.

v2.15.0

What's Changed

  • JSON::Coder callback now receive a second argument to convey whether the object is a hash key.
  • Tuned the floating point number generator to not use scientific notation as aggressively.

Full Changelog: ruby/json@v2.14.1...v2.15.0

Changelog

Sourced from json's changelog.

2025-09-22 (2.15.0)

  • JSON::Coder callback now receive a second argument to convey whether the object is a hash key.
  • Tuned the floating point number generator to not use scientific notation as aggressively.
Commits
  • 4abfad0 Release 2.15.0
  • bb5db85 Merge pull request #866 from headius/jruby_rakefile_fixes
  • e809fab Merge pull request #865 from samyron/sm/swar-better-bounds-fix
  • 3d1ed18 Add macos platform for JRuby CI
  • b1cc126 Use --release flag on Java 9+
  • a2aa1cb Add JRuby build output to CLEAN and CLOBBER
  • 0a9478a implement a better fix for an out of bounds exception
  • efd67e7 Update changelog
  • 3a98832 Merge pull request #864 from byroot/as-json-key
  • 4d9068c Refactor Truffle generator type checks
  • Additional commits viewable in compare view

Updates rubocop-ast from 1.46.0 to 1.47.1

Changelog

Sourced from rubocop-ast's changelog.

1.47.1 (2025-09-21)

Bug fixes

  • #386: Fix parsing of node patterns that match against the empty string. ([@​earloapin][])

1.47.0 (2025-09-19)

New features

Commits
  • 4d22ef0 Cut 1.47.1
  • fb62fd9 Update Changelog
  • 7695bf2 Allow to match against the empty string
  • 53a64d5 Restore docs/antora.yml
  • 7a2aa5d Cut 1.47.0
  • bdce308 Update Changelog
  • 2fffb71 Add Node#any_sym_type? to match sym and dsym types
  • bddfd6e Fix build error by keeping prism below 1.5.0 for older RuboCop
  • f7e25f9 Add Node#any_str_type? to match str, dstr, and xstr types
  • 0761f8c Run codespell with bundle exec rake
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the all group with 2 updates
a45dc13 
Bumps the all group with 2 updates: [github/codeql-action](https://github.com/github/codeql-action) and [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `github/codeql-action` from 3.30.3 to 3.30.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@192325c...303c0ae)

Updates `ruby/setup-ruby` from 1.259.0 to 1.263.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ruby/setup-ruby@866b91c...0481980)
build(deps): bump the all group across 1 directory with 3 updates

Bumps the all group with 1 update in the / directory: [rubocop](https://github.com/rubocop/rubocop).


Updates `rubocop` from 1.80.2 to 1.81.0
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](rubocop/rubocop@v1.80.2...v1.81.0)

Updates `json` from 2.14.1 to 2.15.0
- [Release notes](https://github.com/ruby/json/releases)
- [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md)
- [Commits](ruby/json@v2.14.1...v2.15.0)

Updates `rubocop-ast` from 1.46.0 to 1.47.1
- [Release notes](https://github.com/rubocop/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](rubocop/rubocop-ast@v1.46.0...v1.47.1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.30.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ruby/setup-ruby
  dependency-version: 1.263.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: rubocop
  dependency-version: 1.81.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: json
  dependency-version: 2.15.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: rubocop-ast
  dependency-version: 1.47.1
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies github_actions Pull requests that update Github_actions code ruby Pull requests that update Ruby code labels Sep 26, 2025
@MikeMcQuaid MikeMcQuaid merged commit 12a12c8 into main Sep 26, 2025
14 checks passed
@MikeMcQuaid MikeMcQuaid deleted the dependabot/all-6563c4a70c branch September 26, 2025 08:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MikeMcQuaid MikeMcQuaid MikeMcQuaid approved these changes

Assignees

No one assigned

Labels

dependencies github_actions Pull requests that update Github_actions code ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MikeMcQuaid