chore(deps): update github/codeql-action action to v3.27.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
github/codeql-action	action	minor	v3.26.12 -> v3.27.0

---

Release Notes

github/codeql-action (github/codeql-action)

v3.27.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.0 - 22 Oct 2024

• Bump the minimum CodeQL bundle version to 2.14.6. #​2549
• Fix an issue where the upload-sarif Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the upload-sarif Action. #​2557
• Update default CodeQL bundle version to 2.19.2. #​2552

See the full CHANGELOG.md for more information.

v3.26.13

Compare Source

---

Configuration

📅 Schedule: Branch creation - "* 0-4 * * 3" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

[puLL-Merge] - github/[email protected]

Description

This PR introduces several changes to the CodeQL action, including updates to the zstd bundle functionality, artifact handling, Python standard library extraction, and various dependency updates.

Changes

Changes

1. .github/workflows/__zstd-bundle-fallback.yml:

   • Removed Windows from the list of operating systems for the zstd bundle fallback workflow.

2. .github/workflows/__zstd-bundle.yml:

   • Modified the zstd bundle check to use .tar.gz for Windows and .tar.zst for other operating systems.
   • Reordered the operating systems list.

3. .github/workflows/debug-artifacts-failure.yml, .github/workflows/debug-artifacts.yml:

   • Updated to use actions/download-artifact@v4.
   • Added CODEQL_ACTION_ARTIFACT_V4_UPGRADE: true environment variable.

4. .github/workflows/debug-artifacts-upgrade.yml renamed to debug-artifacts-legacy.yml:

   • Changed to use actions/download-artifact@v3.
   • Set CODEQL_ACTION_ARTIFACT_V4_UPGRADE: false.

5. CHANGELOG.md:

   • Added entry for version 3.26.13 with no user-facing changes.

6. lib/feature-flags.js, src/feature-flags.ts:

   • Added new feature flag CodeqlActionPythonDefaultIsToNotExtractStdlib.

7. lib/init-action.js, src/init-action.ts:

   • Added logic to handle the new Python standard library extraction feature flag.

8. lib/setup-codeql.js, src/setup-codeql.ts:

   • Modified useZstdBundle function to not use zstd on Windows.

9. lib/tools-features.js, src/tools-features.ts:

   • Added new tools feature PythonDefaultIsToNotExtractStdlib.

10. Various package.json and node_modules updates:

    • Updated several dependencies, including TypeScript-related packages and ESLint plugins.

Possible Issues

• The change in zstd bundle behavior for Windows might affect performance or functionality for Windows users.
• The new Python standard library extraction feature flag might change the behavior of Python analysis for some users.

Security Hotspots

None identified. The changes appear to be focused on performance improvements and feature additions without introducing obvious security risks.