From 7ae5f3122a1b85a035ca043143b5bffecd1f0b69 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Feb 2026 19:51:04 +0100
Subject: [PATCH] ci(deps): bump the all-actions group with 2 updates (#819)
Bumps the all-actions group with 2 updates:
[vegardit/fast-apt-mirror.sh](https://github.com/vegardit/fast-apt-mirror.sh)
and [github/codeql-action](https://github.com/github/codeql-action).
Updates `vegardit/fast-apt-mirror.sh` from 1.4.1 to 1.4.2
Release notes
Sourced from vegardit/fast-apt-mirror.sh's
releases.
1.4.2
What's Changed
Fixed
- prevent Ubuntu ARM switching to non-ubuntu-ports mirrors
- prevent invalid fastest mirror selection with ignore-sync-state
- avoid pipefail/ERR-trap corrupting fastest mirror detection
- Option --exclude-current not working reliably and support ARM
- Multiple /etc/*-release files can cause wrong distro detection #12
Full Changelog: https://github.com/vegardit/fast-apt-mirror.sh/compare/1.4.1...1.4.2
Commits
29a5ef3
fix(find): prevent Ubuntu ARM switching to non-ubuntu-ports mirrorsf3f6ac8
fix(find): keep Ubuntu ARM mirror candidates on ubuntu-ports77bc0f4
fix(find): harden sync baseline and fallback to reachable mirrorse4cfe62
fix(find): use InRelease for Ubuntu ARM healthchecks85bc4a4
fix(action): simplify fast-apt-mirror.sh setup61f5fd9
fix(find): avoid pipefail/ERR-trap corrupting fastest mirror
detection7ee8df3
fix: dedup mirror URLs3b80ead
fix: refine mirror health checks and exclude 404 mirrors3982422
fix: prevent invalid fastest mirror selection with
ignore-sync-state4c4ae91
ci(deps): bump actions/checkout from 4 to 6- Additional commits viewable in compare
view
Updates `github/codeql-action` from 4.31.11 to 4.32.2
Release notes
Sourced from github/codeql-action's
releases.
v4.32.2
v4.32.1
- A warning is now shown in Default Setup workflow logs if a private
package registry is configured using a GitHub Personal Access Token
(PAT), but no username is configured. #3422
- Fixed a bug which caused the CodeQL Action to fail when repository
properties cannot successfully be retrieved. #3421
v4.32.0
Changelog
Sourced from github/codeql-action's
changelog.
CodeQL Action Changelog
See the releases
page for the relevant changes to the CodeQL CLI and language
packs.
[UNRELEASED]
No user facing changes.
4.32.2 - 05 Feb 2026
4.32.1 - 02 Feb 2026
- A warning is now shown in Default Setup workflow logs if a private
package registry is configured using a GitHub Personal Access Token
(PAT), but no username is configured. #3422
- Fixed a bug which caused the CodeQL Action to fail when repository
properties cannot successfully be retrieved. #3421
4.32.0 - 26 Jan 2026
4.31.11 - 23 Jan 2026
- When running a Default Setup workflow with Actions
debugging enabled, the CodeQL Action will now use more unique names
when uploading logs from the Dependabot authentication proxy as workflow
artifacts. This ensures that the artifact names do not clash between
multiple jobs in a build matrix. #3409
- Improved error handling throughout the CodeQL Action. #3415
- Added experimental support for automatically excluding generated
files from the analysis. This feature is not currently enabled for
any analysis. In the future, it may be enabled by default for some
GitHub-managed analyses. #3318
- The changelog extracts that are included with releases of the CodeQL
Action are now shorter to avoid duplicated information from appearing in
Dependabot PRs. #3403
4.31.10 - 12 Jan 2026
- Update default CodeQL bundle version to 2.23.9. #3393
4.31.9 - 16 Dec 2025
No user facing changes.
4.31.8 - 11 Dec 2025
- Update default CodeQL bundle version to 2.23.8. #3354
4.31.7 - 05 Dec 2025
- Update default CodeQL bundle version to 2.23.7. #3343
4.31.6 - 01 Dec 2025
No user facing changes.
4.31.5 - 24 Nov 2025
... (truncated)
Commits
45cbd0c
Merge pull request #3461
from github/update-v4.32.2-7aee93297cb528be
Update changelog for v4.32.27aee932
Merge pull request #3460
from github/update-bundle/codeql-bundle-v2.24.1b5f028a
Merge pull request #3457
from github/dependabot/npm_and_yarn/npm-minor-4c1fc3...9702c27
Merge branch 'main' into
dependabot/npm_and_yarn/npm-minor-4c1fc3d0aac36c948
Add changelog note3d03318
Update default bundle to codeql-bundle-v2.24.177591e2
Merge pull request #3459
from github/copilot/fix-github-actions-workflow-again7a44a9d
Fix Rebuild Action workflow by adding --no-edit flag to git merge
--continuee2ac371
Initial plan- Additional commits viewable in compare
view
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore ` will
remove the ignore condition of the specified dependency and ignore
conditions
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
.github/workflows/build.yml | 4 ++--
.github/workflows/codeql-analysis.yml | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index b9573ad..6f143b6 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -103,7 +103,7 @@ jobs:
- name: Configure Fast APT Mirror
- uses: vegardit/fast-apt-mirror.sh@e5288ed7a13da650050035a7d47c2aa17779bbb3 # v1.4.1
+ uses: vegardit/fast-apt-mirror.sh@29a5ef3401107220fc3c32a0c659b6a1211f9e0f # v1.4.2
- name: Git Checkout
@@ -388,7 +388,7 @@ jobs:
- name: Configure Fast APT Mirror
- uses: vegardit/fast-apt-mirror.sh@e5288ed7a13da650050035a7d47c2aa17779bbb3 # v1.4.1
+ uses: vegardit/fast-apt-mirror.sh@29a5ef3401107220fc3c32a0c659b6a1211f9e0f # v1.4.2
- name: Git Checkout
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index a40b858..685604a 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -92,7 +92,7 @@ jobs:
- name: Initialize CodeQL
- uses: github/codeql-action/init@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.0.0
+ uses: github/codeql-action/init@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.0.0
# https://github.com/github/codeql-action/blob/main/init/action.yml
with:
languages: actions,python
@@ -102,5 +102,5 @@ jobs:
queries: security-and-quality
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.0.0
+ uses: github/codeql-action/analyze@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.0.0
# https://github.com/github/codeql-action