Skip to content

Merge main into releases/v3#2989

Merged
mbg merged 24 commits intoreleases/v3from
update-v3.29.4-37264dc0b
Jul 23, 2025
Merged

Merge main into releases/v3#2989
mbg merged 24 commits intoreleases/v3from
update-v3.29.4-37264dc0b

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Jul 23, 2025
edited by mbg
Loading

Merging 37264dc into releases/v3.

Conductor for this PR is @mbg.

Contains the following pull requests:

Please do the following:

  • Ensure the CHANGELOG displays the correct version and date.
  • Ensure the CHANGELOG includes all relevant, user-facing changes since the last release.
  • Check that there are not any unexpected commits being merged into the releases/v3 branch.
  • Ensure the docs team is aware of any documentation changes that need to be released.
  • Mark the PR as ready for review to trigger the full set of PR checks.
  • Approve and merge this PR. Make sure Create a merge commit is selected rather than Squash and merge or Rebase and merge.
  • Merge the mergeback PR that will automatically be created once this PR is merged.
  • Merge all backport PRs to older release branches, that will automatically be created once this PR is merged.

cklin and others added 24 commits July 18, 2025 07:18
@cklin
Overlay: report overlay analysis mode
19075c4
@cklin
Overlay: report overlay-base database stats
e37b293
@cklin
Add downloadOverlayBaseDatabaseFromCache tests
c3bbcab
@cklin
build: refresh js files
39b0524
@github-actions
Update changelog and version after v3.29.3
df82387
@github-actions
Update checked-in dependencies
b195e1b
@koesie10
Add changelog entry for v3.28.20 backport
a7cb1b8
@koesie10
Merge pull request #2978 from github/mergeback/v3.29.3-to-main-d6bbdef4
8e442bc 
Mergeback v3.29.3 refs/heads/releases/v3 into main
@koesie10
Merge pull request #2979 from github/koesie10/v3.28.20-changelog
b633287 
Add changelog entry for v3.28.20 backport
@cklin
Merge pull request #2975 from github/cklin/overlay-telemetry
eefe1b5 
Overlay: report telemetry
@dependabot
Bump ruby/setup-ruby from 1.245.0 to 1.247.0 in the actions group
20477a3 
Bumps the actions group with 1 update: [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `ruby/setup-ruby` from 1.245.0 to 1.247.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ruby/setup-ruby@a4effe4...4727905)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.247.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump the npm group with 5 updates
b7a5452 
Bumps the npm group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [@types/node-forge](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node-forge) | `1.3.12` | `1.3.13` |
| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.30.1` | `9.31.0` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.35.1` | `8.38.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.35.1` | `8.38.0` |
| [nock](https://github.com/nock/nock) | `14.0.5` | `14.0.6` |


Updates `@types/node-forge` from 1.3.12 to 1.3.13
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node-forge)

Updates `@eslint/js` from 9.30.1 to 9.31.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.31.0/packages/js)

Updates `@typescript-eslint/eslint-plugin` from 8.35.1 to 8.38.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.38.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.35.1 to 8.38.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.38.0/packages/parser)

Updates `nock` from 14.0.5 to 14.0.6
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](nock/nock@v14.0.5...v14.0.6)

---
updated-dependencies:
- dependency-name: "@types/node-forge"
  dependency-version: 1.3.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@eslint/js"
  dependency-version: 9.31.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.38.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.38.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: nock
  dependency-version: 14.0.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
@github-actions
Update checked-in dependencies
4749491
@koesie10
Update combining SARIF runs changelog post URL
48ce740
@mbg
Update workflow template
2b952be
@mbg
Merge pull request #2983 from github/koesie10/update-changelog-link
9e7d13d 
Update combining SARIF runs changelog post URL
@mbg
Merge pull request #2980 from github/dependabot/github_actions/action…
76bf77d 
…s-504b6cee34

Bump ruby/setup-ruby from 1.245.0 to 1.247.0 in the actions group
@mbg
Merge pull request #2981 from github/dependabot/npm_and_yarn/npm-fe13…
8f2e636 
…dfda46

Bump the npm group with 5 updates
@mbg
Treat processing error for multiple runs with the same category as co…
43afe6e 
…nfiguration error

This will result in it being reported as a user error rather than a failure
@koesie10
Disable combining runs within a single file
287d421
@mbg
Merge pull request #2987 from github/mbg/combine-sarif-error
5a2327a 
Treat processing error for multiple runs with the same category as configuration error
@koesie10
Merge remote-tracking branch 'origin/main' into koesie10/disable-comb…
5a29823 
…ine-single-file
@koesie10
Merge pull request #2988 from github/koesie10/disable-combine-single-…
37264dc 
…file

Disable combining runs within a single file
@github-actions
Update changelog for v3.29.4
b3114b8
@mbg mbg marked this pull request as ready for review July 23, 2025 13:05
Copilot AI review requested due to automatic review settings July 23, 2025 13:05
@mbg mbg requested a review from a team as a code owner July 23, 2025 13:05
Copilot AI reviewed Jul 23, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This is a merge PR bringing changes from main into the releases/v3 branch for version 3.29.4. The changes primarily focus on overlay database download telemetry enhancements, SARIF file validation improvements, and dependency updates.

  • Enhanced overlay database download functionality with telemetry tracking for size and duration
  • Improved SARIF file validation to handle single-file uploads with duplicate run categories
  • Updated dependencies and workflow configurations

Reviewed Changes

Copilot reviewed 16 out of 145 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
src/upload-lib.ts Updated changelog URL and added validation for single SARIF files with duplicate categories
src/overlay-database-utils.ts Enhanced download function to return telemetry statistics instead of boolean
src/init-action.ts Added overlay database download statistics to status reporting
src/analyze.ts Added telemetry fields for overlay database mode tracking
package.json Updated version and dependency versions
CHANGELOG.md Added entry for version 3.29.4

@mbg mbg enabled auto-merge July 23, 2025 13:13
@mbg mbg merged commit 4e828ff into releases/v3 Jul 23, 2025
277 checks passed
@mbg mbg deleted the update-v3.29.4-37264dc0b branch July 23, 2025 13:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mbg mbg mbg approved these changes

Assignees

@mbg mbg

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mbg @cklin @koesie10