[ci][skip-ci](deps): Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions group

[dependabot]

Bumps the github-actions group with 1 update: github/codeql-action.

Updates github/codeql-action from 3.29.4 to 3.29.5

Release notes

Sourced from github/codeql-action's releases.

v3.29.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.5 - 29 Jul 2025

• Update default CodeQL bundle version to 2.22.2. #2986

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.29.5 - 29 Jul 2025

• Update default CodeQL bundle version to 2.22.2. #2986

3.29.4 - 23 Jul 2025

No user facing changes.

3.29.3 - 21 Jul 2025

No user facing changes.

3.29.2 - 30 Jun 2025

• Experimental: When the quality-queries input for the init action is provided with an argument, separate .quality.sarif files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. #2935

3.29.1 - 27 Jun 2025

• Fix bug in PR analysis where user-provided include query filter fails to exclude non-included queries. #2938
• Update default CodeQL bundle version to 2.22.1. #2950

3.29.0 - 11 Jun 2025

• Update default CodeQL bundle version to 2.22.0. #2925
• Bump minimum CodeQL bundle version to 2.16.6. #2912

3.28.21 - 28 July 2025

No user facing changes.

3.28.20 - 21 July 2025

• Remove support for combining SARIF files from a single upload for GHES 3.18, see the changelog post. #2959

3.28.19 - 03 Jun 2025

• The CodeQL Action no longer includes its own copy of the extractor for the actions language, which is currently in public preview. The actions extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the actions language and you have pinned your tools: property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable actions analysis.
• Update default CodeQL bundle version to 2.21.4. #2910

... (truncated)

Commits

• 51f7732 Merge pull request #2997 from github/update-v3.29.5-80a09d7b0
• 8e90243 Update changelog for v3.29.5
• 80a09d7 Merge pull request #2996 from github/dependabot/npm_and_yarn/npm-240ab9fad0
• 8388115 Merge pull request #2994 from github/mergeback/changelog/v3.28.21
• 401ecaf Merge branch 'main' into mergeback/changelog/v3.28.21
• ab5c0c5 Merge branch 'main' into dependabot/npm_and_yarn/npm-240ab9fad0
• cd264d4 Merge pull request #2986 from github/update-bundle/codeql-bundle-v2.22.2
• 4599055 Merge branch 'main' into update-bundle/codeql-bundle-v2.22.2
• fd7ad51 Merge pull request #2971 from github/update-supported-enterprise-server-versions
• ac0c9bf Merge branch 'main' into update-supported-enterprise-server-versions
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependabot, dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[Nick2bad4u]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

[github-actions]

Summary of Pull Request

Title:

[ci]skip-ci: Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions group

---

Purpose of the PR:

This pull request updates the dependency github/codeql-action from version 3.29.4 to the latest version 3.29.5 using Dependabot.

---

Key Changes in v3.29.5:

1. Default CodeQL Bundle Version Update:
   • The default CodeQL bundle has been upgraded to version 2.22.2 (see PR #2986).
2. No other notable user-facing changes in this specific update.

---

Why This Update Matters:

• Ensures the project is using the latest stable version of github/codeql-action.
• Keeps security analysis workflows up-to-date with

[codecov]

Bundle Report

Bundle size has no change ✅

[github-actions]

Summary of Pull Request:

This pull request, created by Dependabot, updates the GitHub Action github/codeql-action from version 3.29.4 to 3.29.5 within the github-actions dependency group for this repository. The update primarily includes updating the default CodeQL bundle version to 2.22.2, as noted in the changelog. This is a routine minor version bump with no breaking changes or significant user-facing updates reported.

Key Details:

• Dependency: github/codeql-action
• Current Version: 3.29.4
• New Version: 3.29.5
• Release Notes Highlights:
  • Updates the default CodeQL bundle to version 2.22.2.
  • No reported user-facing functionality changes for this release.
• Changelog Reference: Details about the update can be found in the [CodeQL action changelog](https://github

[github-actions]

Summary of the Pull Request:

Title:

[ci]skip-ci: Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions group

Key Points:

1. Version Update:

   • This pull request updates the github/codeql-action GitHub Action from version 3.29.4 to 3.29.5.

2. Changes in the New Version:

   • The primary update in version 3.29.5 is the upgrade of the default CodeQL bundle to version 2.22.2.
   • Standard housekeeping changes such as updated release notes and changelogs.

3. Reason for the Update:

   • Regular dependency maintenance to ensure you are using the latest features and improvements from the CodeQL Action project.

4. Impact of Changes:

   • No significant, user-facing changes are introduced in this update.

[github-actions]

Summary of the Pull Request

Title: [ci]skip-ci: Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions group

Purpose:
This PR automatically updates the github/codeql-action version from 3.29.4 to 3.29.5. This is a routine dependency update managed by Dependabot, ensuring the project uses the latest version of this GitHub Action for CodeQL analysis.

---

Key Changes in Version 3.29.5

1. CodeQL Bundle Update:

   • The default CodeQL bundle version has been updated to 2.22.2. This brings the latest enhancements and bug fixes from the CodeQL team.
   • Reference: CodeQL Action Release #2986.

2. No Breaking or User-Facing Changes:

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 59.82%. Comparing base (f57a90f) to head (1bb796d).
⚠️ Report is 18 commits behind head on main.

❌ Your project status has failed because the head coverage (65.12%) is below the target coverage (90.00%). You can increase the head coverage or adjust the target coverage.

Flag	Coverage Δ
electron	60.62% <ø> (ø)
frontend	57.62% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

@@           Coverage Diff           @@
##             main      #42   +/-   ##
=======================================
  Coverage   59.82%   59.82%           
=======================================
  Files         162      162           
  Lines       11356    11356           
  Branches     1338     1338           
=======================================
  Hits         6794     6794           
  Misses       4479     4479           
  Partials       83       83           

Components	Coverage Δ
🎯 Monitoring Core Engine	57.52% <ø> (ø)
🗄️ Database Layer	45.82% <ø> (ø)
🎼 Uptime Orchestrator	94.68% <ø> (ø)
🌐 Site Management Domain	79.68% <ø> (ø)
⚙️ Configuration Management	88.65% <ø> (ø)
🔗 IPC Communication Layer	43.02% <ø> (ø)
🔧 Backend Services	44.13% <ø> (ø)
📢 Notification System	95.89% <ø> (ø)
🪟 Window Management	18.02% <ø> (ø)
📦 Frontend State Stores	97.14% <ø> (ø)
🪝 Business Logic Hooks	32.91% <ø> (ø)
🧩 Core UI Components	10.25% <ø> (ø)
🔧 Common UI Components	47.79% <ø> (ø)
🎨 Theme System	81.86% <ø> (ø)
🔌 Frontend Services	75.71% <ø> (ø)
🛠️ Backend Utilities	65.12% <ø> (ø)
🧰 Frontend Utilities	97.33% <ø> (ø)
📝 Type Definitions	∅ <ø> (∅)
🔧 Constants & Configuration	100.00% <ø> (ø)
🔗 Integration Layer	93.70% <ø> (ø)

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f57a90f...1bb796d. Read the comment docs.

[github-actions]

Summary of the Pull Request:

Title:

[ci][skip-ci](deps): Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions group

---

Key Details:

• Purpose: This is an automated dependency update generated by Dependabot to upgrade the github/codeql-action GitHub Action from version 3.29.4 to 3.29.5. Dependency updates are essential to ensure compatibility, improved functionality, and security enhancements. This update is specific to the github-actions workflows in the project.

• Release Notes Highlights:

  • The primary change in v3.29.5 is an update to the default CodeQL bundle version, now set to 2.22.2 (ref: #2986).
  • Other recent versions (e

[github-actions]

This pull request updates the github/codeql-action dependency used in your GitHub Actions workflow from version 3.29.4 to 3.29.5.

Summary of Changes:

• Main Update: The default CodeQL bundle version is updated to 2.22.2.
• No user-facing changes are introduced in this release beyond the bundle update.
• Refer to the changelog for detailed context.

Context:

The CodeQL Action is responsible for performing code scanning and security analysis of your GitHub repository. The update aligns the action with the latest CodeQL improvements and ensures compatibility with the updated bundle.

Dependabot Details:

• Dependabot automatically created this pull request and will resolve conflicts, if any, unless you modify the PR manually.
• You have the option to merge it directly, trigger a rebase, or squash and merge, based

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

Summary of GitHub Pull Request:

Title:

[ci][skip-ci](deps): Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions group

Description:

This pull request upgrades the github/codeql-action dependency from version 3.29.4 to 3.29.5. The CodeQL Action is used to run code analysis as part of GitHub Actions workflows.

---

Key Updates in v3.29.5:

• Updated Default CodeQL Bundle:
  The default CodeQL bundle version is updated to 2.22.2.
  (PR #2986)

---

Relevant Details:

• Impact:
  No breaking changes or user-facing modifications are mentioned in this update. The primary improvement is the update to the Code

[github-actions]

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	44		0	0	0.93s
⚠️ COPYPASTE	jscpd	yes		117	no	13.1s
✅ HTML	djlint	1		0	0	0.95s
✅ HTML	htmlhint	1		0	0	0.27s
⚠️ JAVASCRIPT	prettier	14		14	0	3.62s
✅ JSON	jsonlint	21		0	0	3.4s
✅ JSON	npm-package-json-lint	yes		no	no	0.57s
⚠️ JSON	prettier	21		19	0	5.2s
⚠️ JSON	v8r	21		1	0	33.27s
✅ MARKDOWN	markdownlint	68		0	0	28.61s
⚠️ MARKDOWN	markdown-link-check	68		6	0	494.36s
✅ MARKDOWN	markdown-table-formatter	63		0	0	14.53s
⚠️ POWERSHELL	powershell	9		7	0	13.43s
✅ POWERSHELL	powershell_formatter	9		0	0	8.51s
⚠️ REPOLINTER	repolinter	yes		3	no	1.46s
✅ REPOSITORY	checkov	yes		no	no	59.2s
⚠️ REPOSITORY	devskim	yes		1	1	10.66s
✅ REPOSITORY	dustilock	yes		no	no	10.84s
⚠️ REPOSITORY	gitleaks	yes		1	1	2.05s
✅ REPOSITORY	git_diff	yes		no	no	0.2s
⚠️ REPOSITORY	grype	yes		no	7	51.74s
✅ REPOSITORY	kics	yes		no	no	6.69s
⚠️ REPOSITORY	secretlint	yes		2	no	22.41s
✅ REPOSITORY	syft	yes		no	no	15.54s
⚠️ REPOSITORY	trivy	yes		1	2	9.38s
✅ REPOSITORY	trivy-sbom	yes		no	no	4.79s
✅ REPOSITORY	trufflehog	yes		no	no	12.64s
⚠️ SPELL	cspell	196		496	0	500.45s
⚠️ SPELL	lychee	146		1	0	31.37s
✅ XML	xmllint	1		0	0	0.08s
⚠️ YAML	prettier	55		55	0	15.36s
✅ YAML	v8r	55		0	0	107.35s
✅ YAML	yamllint	55		0	0	9.22s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

• Click here to request the new flavor