From a3229538b7d1abd4e458aeab2807b8064aa61e07 Mon Sep 17 00:00:00 2001
From: ienaga <ienaga@tvon.jp>
Date: Fri, 31 Oct 2025 23:08:17 +0900
Subject: [PATCH 1/4] #72 update packages, update github/actions

---
 .github/workflows/codeql-analysis.yml |  2 +-
 .github/workflows/lint.yml            |  8 ++++----
 .github/workflows/publish.yml         |  4 ++--
 package.json                          |  2 +-
 template/package.json                 | 18 +++++++++---------
 5 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 7de5e93..3598a62 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -39,7 +39,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index a39614e..1a86bd8 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -14,13 +14,13 @@ jobs:
   macos-browser-test:
     runs-on: macos-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
+      - uses: actions/checkout@v5
+      - uses: actions/setup-node@v5
       - run: cd template && npm install && npx eslint ./src/**/*.js
 
   windows-browser-test:
     runs-on: windows-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
+      - uses: actions/checkout@v5
+      - uses: actions/setup-node@v5
       - run: cd template && npm install && npx eslint ./src/**/*.js
\ No newline at end of file
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index b48e939..d032f9a 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -9,8 +9,8 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
+      - uses: actions/checkout@v5
+      - uses: actions/setup-node@v5
         with:
           node-version: "22.x"
           registry-url: "https://registry.npmjs.org"
diff --git a/package.json b/package.json
index 37031be..15748a1 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@next2d/framework-template",
   "description": "Next2D Framework default JavaScript template.",
-  "version": "4.2.5",
+  "version": "4.2.6",
   "homepage": "https://next2d.app",
   "bugs": "https://github.com/Next2D/framework-template/issues/new",
   "author": "Toshiyuki Ienaga<ienaga@next2d.app>",
diff --git a/template/package.json b/template/package.json
index 1275b2e..c4dad4d 100644
--- a/template/package.json
+++ b/template/package.json
@@ -19,18 +19,18 @@
     "generate": "npx @next2d/view-generator"
   },
   "devDependencies": {
-    "@capacitor/android": "^7.4.3",
-    "@capacitor/cli": "^7.4.3",
-    "@capacitor/core": "^7.4.3",
-    "@capacitor/ios": "^7.4.3",
+    "@capacitor/android": "^7.4.4",
+    "@capacitor/cli": "^7.4.4",
+    "@capacitor/core": "^7.4.4",
+    "@capacitor/ios": "^7.4.4",
     "@eslint/eslintrc": "^3.3.1",
-    "@eslint/js": "^9.36.0",
+    "@eslint/js": "^9.38.0",
     "@next2d/vite-plugin-next2d-auto-loader": "^3.1.8",
-    "eslint": "^9.36.0",
+    "eslint": "^9.38.0",
     "globals": "^16.4.0",
-    "jsdom": "^27.0.0",
-    "vite": "^7.1.8",
-    "vitest": "^3.2.4",
+    "jsdom": "^27.1.0",
+    "vite": "^7.1.12",
+    "vitest": "^4.0.6",
     "vitest-webgl-canvas-mock": "^1.1.0"
   },
   "peerDependencies": {

From e08869637809ffcc00b52754c61f1c84e90d6564 Mon Sep 17 00:00:00 2001
From: ienaga <ienaga@tvon.jp>
Date: Sat, 1 Nov 2025 11:25:47 +0900
Subject: [PATCH 2/4] #72 update packages

---
 template/package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/template/package.json b/template/package.json
index c4dad4d..7c8e8dd 100644
--- a/template/package.json
+++ b/template/package.json
@@ -24,9 +24,9 @@
     "@capacitor/core": "^7.4.4",
     "@capacitor/ios": "^7.4.4",
     "@eslint/eslintrc": "^3.3.1",
-    "@eslint/js": "^9.38.0",
-    "@next2d/vite-plugin-next2d-auto-loader": "^3.1.8",
-    "eslint": "^9.38.0",
+    "@eslint/js": "^9.39.0",
+    "@next2d/vite-plugin-next2d-auto-loader": "^3.1.9",
+    "eslint": "^9.39.0",
     "globals": "^16.4.0",
     "jsdom": "^27.1.0",
     "vite": "^7.1.12",

From b2901c8e5cbc44b292824cdea1f405604bbfe07c Mon Sep 17 00:00:00 2001
From: ienaga <ienaga@tvon.jp>
Date: Sat, 1 Nov 2025 11:28:52 +0900
Subject: [PATCH 3/4] #72 update README.md, delete codeql-analysis.yml

---
 .github/workflows/codeql-analysis.yml | 71 ---------------------------
 README.md                             |  2 +-
 2 files changed, 1 insertion(+), 72 deletions(-)
 delete mode 100644 .github/workflows/codeql-analysis.yml

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
deleted file mode 100644
index 3598a62..0000000
--- a/.github/workflows/codeql-analysis.yml
+++ /dev/null
@@ -1,71 +0,0 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
-name: "CodeQL"
-
-on:
-  push:
-    branches: [ "main", "develop" ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ "main", "develop" ]
-  schedule:
-    - cron: '44 22 * * 5'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'javascript' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
-        # Learn more:
-        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v5
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
diff --git a/README.md b/README.md
index b5ce070..83e86a4 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 Next2D Framework JavaScript Template
 =============
 
-[![CodeQL](https://github.com/Next2D/framework-template/actions/workflows/codeql-analysis.yml/badge.svg?branch=main)](https://github.com/Next2D/framework-template/actions/workflows/codeql-analysis.yml)
+[![CodeQL](https://github.com/Next2D/framework-template/actions/workflows/github-code-scanning/codeql/badge.svg?branch=main)](https://github.com/Next2D/framework-template/actions/workflows/github-code-scanning/codeql)
 [![release](https://img.shields.io/github/v/release/Next2D/framework-template)](https://github.com/Next2D/framework-template/releases)
 [![license](https://img.shields.io/github/license/Next2D/framework-template)](https://github.com/Next2D/framework-template/blob/main/LICENSE)
 

From 8cd79b4ab92740ac3809492531ae3579e80843be Mon Sep 17 00:00:00 2001
From: ienaga <ienaga@tvon.jp>
Date: Sat, 1 Nov 2025 11:29:47 +0900
Subject: [PATCH 4/4] #72 update github/actions

---
 .github/workflows/lint.yml    | 6 ++++++
 .github/workflows/publish.yml | 3 +++
 2 files changed, 9 insertions(+)

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 1a86bd8..b6685de 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -13,6 +13,9 @@ on:
 jobs:
   macos-browser-test:
     runs-on: macos-latest
+    permissions:
+      contents: read
+      pull-requests: write
     steps:
       - uses: actions/checkout@v5
       - uses: actions/setup-node@v5
@@ -20,6 +23,9 @@ jobs:
 
   windows-browser-test:
     runs-on: windows-latest
+    permissions:
+      contents: read
+      pull-requests: write
     steps:
       - uses: actions/checkout@v5
       - uses: actions/setup-node@v5
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index d032f9a..4a2fb1d 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -8,6 +8,9 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
     steps:
       - uses: actions/checkout@v5
       - uses: actions/setup-node@v5