Skip to content

Update patch dependencies#970

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-patch
Open

Update patch dependencies#970
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-patch

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 15, 2026
edited
Loading

This PR contains the following updates:

Package Type Update Change
astral-sh/ruff-pre-commit repository patch v0.15.12v0.15.13
github/codeql-action action patch v4.35.4v4.35.5
step-security/harden-runner action patch v2.19.2v2.19.3

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

Release Notes

astral-sh/ruff-pre-commit (astral-sh/ruff-pre-commit)

v0.15.13

Compare Source

github/codeql-action (github/codeql-action)

v4.35.5

Compare Source

  • We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. #​3899
  • For performance and accuracy reasons, improved incremental analysis will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. #​3791
  • If multiple inputs are provided for the GitHub-internal analysis-kinds input, only code-scanning will be enabled. The analysis-kinds input is experimental, for GitHub-internal use only, and may change without notice at any time. #​3892
  • Added an experimental change which, when running a Code Scanning analysis for a PR with improved incremental analysis enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. #​3880
step-security/harden-runner (step-security/harden-runner)

v2.19.3

Compare Source

What's Changed

Full Changelog: step-security/harden-runner@v2.19.2...v2.19.3

Configuration

📅 Schedule: (in timezone America/Chicago)

  • Branch creation
    • "after 5pm every weekday,before 8am every weekday,every weekend"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added dependencies Pull requests that update a dependency file renovate labels May 15, 2026
@renovate renovate Bot force-pushed the renovate/all-patch branch from 2e9fe5f to f3ed5db Compare May 15, 2026 13:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tomwillis608 tomwillis608 tomwillis608 approved these changes

@renovate-approve renovate-approve[bot] renovate-approve[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file renovate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tomwillis608