Skip to content

ci: float codeql-action on @v4 — SHA pin skews against the runner's CodeQL bundle#93

Merged
TeoSlayer merged 1 commit into
mainfrom
fix/codeql-pin-skew
Jul 7, 2026
Merged

ci: float codeql-action on @v4 — SHA pin skews against the runner's CodeQL bundle#93
TeoSlayer merged 1 commit into
mainfrom
fix/codeql-pin-skew

Conversation

@TeoSlayer

Copy link
Copy Markdown
Contributor

The scheduled security workflow has been failing intermittently since
2026-07-03 with 'Loaded a configuration file for version 4.36.2, but
running version 4.36.3' — the pinned action downloads a config that the
runner's newer preinstalled bundle rejects. Sibling repos (common,
trustedagents) float on @v4 and don't skew.

Co-Authored-By: Claude Fable 5 noreply@anthropic.com

…odeQL bundle

The scheduled security workflow has been failing intermittently since
2026-07-03 with 'Loaded a configuration file for version 4.36.2, but
running version 4.36.3' — the pinned action downloads a config that the
runner's newer preinstalled bundle rejects. Sibling repos (common,
trustedagents) float on @v4 and don't skew.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@codecov

codecov Bot commented Jul 7, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@TeoSlayer TeoSlayer merged commit 486d1ec into main Jul 7, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants