Skip to content

Merge releases/v4 into releases/v3#3373

Merged
henrymercer merged 45 commits intoreleases/v3from
backport-v3.31.9-5d4e8d1ac
Dec 16, 2025
Merged

Merge releases/v4 into releases/v3#3373
henrymercer merged 45 commits intoreleases/v3from
backport-v3.31.9-5d4e8d1ac

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Dec 16, 2025

Merging 5d4e8d1 into releases/v3.

Conductor for this PR is @henrymercer.

Contains the following pull requests:

Please do the following:

  • Ensure the CHANGELOG displays the correct version and date.
  • Ensure the CHANGELOG includes all relevant, user-facing changes since the last release.
  • Check that there are not any unexpected commits being merged into the releases/v3 branch.
  • Ensure the docs team is aware of any documentation changes that need to be released.
  • Remove and re-add the "Rebuild" label to the PR to trigger just this workflow.
  • Wait for the "Rebuild" workflow to push a commit updating the distribution files.
  • Mark the PR as ready for review to trigger the full set of PR checks.
  • Approve and merge this PR. Make sure Create a merge commit is selected rather than Squash and merge or Rebase and merge.

dependabot bot and others added 30 commits December 8, 2025 17:02
@dependabot
Bump the npm-minor group with 5 updates
0ffebf7 
Bumps the npm-minor group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [node-forge](https://github.com/digitalbazaar/forge) | `1.3.2` | `1.3.3` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.48.0` | `8.48.1` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.48.0` | `8.48.1` |
| [esbuild](https://github.com/evanw/esbuild) | `0.27.0` | `0.27.1` |
| [eslint-plugin-jsdoc](https://github.com/gajus/eslint-plugin-jsdoc) | `61.4.1` | `61.5.0` |


Updates `node-forge` from 1.3.2 to 1.3.3
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](digitalbazaar/forge@v1.3.2...v1.3.3)

Updates `@typescript-eslint/eslint-plugin` from 8.48.0 to 8.48.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.48.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.48.0 to 8.48.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.48.1/packages/parser)

Updates `esbuild` from 0.27.0 to 0.27.1
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](evanw/esbuild@v0.27.0...v0.27.1)

Updates `eslint-plugin-jsdoc` from 61.4.1 to 61.5.0
- [Release notes](https://github.com/gajus/eslint-plugin-jsdoc/releases)
- [Commits](gajus/eslint-plugin-jsdoc@v61.4.1...v61.5.0)

---
updated-dependencies:
- dependency-name: node-forge
  dependency-version: 1.3.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-minor
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.48.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.48.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor
- dependency-name: esbuild
  dependency-version: 0.27.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor
- dependency-name: eslint-plugin-jsdoc
  dependency-version: 61.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@github-actions
Rebuild
b73d396
@dependabot
Bump the actions-minor group across 1 directory with 2 updates
44570be 
Bumps the actions-minor group with 2 updates in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `ruby/setup-ruby` from 1.268.0 to 1.269.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ruby/setup-ruby@8aeb6ff...d697be2)

Updates `actions/create-github-app-token` from 2.2.0 to 2.2.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](actions/create-github-app-token@v2.2.0...v2.2.1)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.269.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
- dependency-name: actions/create-github-app-token
  dependency-version: 2.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@github-actions
Rebuild
cd48547
@henrymercer
Determine CodeQL version from feature flags on GHEC-DR
7a55ffe
@henrymercer
Rename GHE_DOTCOM to GHEC_DR
1fc7d37 
This more closely reflects the published naming https://docs.github.com/en/enterprise-cloud@latest/admin/data-residency/about-github-enterprise-cloud-with-data-residency
@henrymercer
Update PR template to include GHEC-DR
da50124
@nickrolfe
Clean up JavaMinimizeDependencyJars feature flag
805b7e1
@github-actions
Update changelog and version after v4.31.8
4564f5e
@github-actions
Rebuild
65bad62
@oscarsj
Merge pull request #3356 from github/mergeback/v4.31.8-to-main-1b168cd3
4b675e4 
Mergeback v4.31.8 refs/heads/releases/v4 into main
@henrymercer
Return status report from cleanupAndUploadDatabases
8e921c3
@henrymercer
Populate database upload results telemetry
5d063dd
@henrymercer
Merge branch 'main' into dependabot/npm_and_yarn/npm-minor-38a2a793c5
2ac846d
@henrymercer
Merge pull request #3348 from github/dependabot/npm_and_yarn/npm-mino…
0264b51 
…r-38a2a793c5

Bump the npm-minor group with 5 updates
@henrymercer
Merge pull request #3349 from github/dependabot/github_actions/dot-gi…
7e0b77e 
…thub/workflows/actions-minor-dc476f2f5b

Bump the actions-minor group across 1 directory with 2 updates
@mbg
Make postProcessAndUploadSarif the default
b1dea65
@mbg
Remove AnalyzeUseNewUpload FF
009fe6b
@mbg
Merge branch 'main' into mbg/ff/make-new-upload-default
b30cb9a
@dependabot
Bump ruby/setup-ruby
a539068 
Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `ruby/setup-ruby` from 1.269.0 to 1.270.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ruby/setup-ruby@d697be2...ac793fd)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.270.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump actions/download-artifact from 6 to 7 in /.github/workflows
6dbc22c 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v6...v7)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump actions/upload-artifact from 5 to 6 in /.github/workflows
034374e 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v5...v6)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@github-actions
Rebuild
d6c1a79
@github-actions
Rebuild
7fd7db3
@mbg
Merge pull request #3309 from github/mbg/ff/make-new-upload-default
a682bbe 
Remove `AnalyzeUseNewUpload` FF and make its behaviour the default
@mbg
Merge pull request #3366 from github/dependabot/github_actions/dot-gi…
07cd437 
…thub/workflows/actions/upload-artifact-6

Bump actions/upload-artifact from 5 to 6 in /.github/workflows
@mbg
Merge pull request #3364 from github/dependabot/github_actions/dot-gi…
d0ad1da 
…thub/workflows/actions-minor-8751820eb1

Bump ruby/setup-ruby from 1.269.0 to 1.270.0 in /.github/workflows in the actions-minor group across 1 directory
@mbg
Merge branch 'main' into dependabot/github_actions/dot-github/workflo…
c2d4383 
…ws/actions/download-artifact-7
@mbg
Merge pull request #3365 from github/dependabot/github_actions/dot-gi…
b5e1a28 
…thub/workflows/actions/download-artifact-7

Bump actions/download-artifact from 6 to 7 in /.github/workflows
@henrymercer
Use full names for GitHub variants
a2ee53c
henrymercer and others added 11 commits December 16, 2025 15:41
@henrymercer
Rename isOverlayBase
19c7f96
@henrymercer
Merge branch 'main' into henrymercer/database-upload-telemetry
e962687
@nickrolfe
Extract version number to constant
d29eddb
@henrymercer
Merge pull request #3358 from github/henrymercer/database-upload-tele…
5eb7519 
…metry

Add status report for uploading databases to API
@nickrolfe
Merge pull request #3352 from github/nickrolfe/jar-min-ff-cleanup
998798e 
Clean up `JavaMinimizeDependencyJars` feature flag
@github-actions
Update changelog for v4.31.9
1dc115f
@henrymercer
Merge pull request #3371 from github/update-v4.31.9-998798e34
5d4e8d1 
Merge main into releases/v4
@github-actions
Revert "Update version and changelog for v3.31.8"
e7c7a2d 
This reverts commit 5676d1f.
@github-actions
Revert "Rebuild"
4f34645 
This reverts commit 7495131.
@github-actions
Merge remote-tracking branch 'origin/releases/v4' into backport-v3.31…
7348876 
….9-5d4e8d1ac
@github-actions
Update version and changelog for v3.31.9
d300581
@github-actions github-actions bot added the Rebuild Re-transpile JS & re-generate workflows label Dec 16, 2025
@henrymercer henrymercer added Rebuild Re-transpile JS & re-generate workflows and removed Rebuild Re-transpile JS & re-generate workflows labels Dec 16, 2025
@github-actions github-actions bot removed the Rebuild Re-transpile JS & re-generate workflows label Dec 16, 2025
@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 16, 2025

Pushed a commit to rebuild the Action. Please mark the PR as ready for review to trigger PR checks.

@henrymercer henrymercer marked this pull request as ready for review December 16, 2025 18:53
@henrymercer henrymercer requested a review from a team as a code owner December 16, 2025 18:53
Copilot AI review requested due to automatic review settings December 16, 2025 18:53
@github-actions github-actions bot added the size/L May be hard to review label Dec 16, 2025
Copilot AI reviewed Dec 16, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR merges changes from releases/v4 into releases/v3, primarily including refactoring of GitHub variant types from numeric enums to string enums, removal of deprecated feature flags, and various dependency updates.

Key Changes:

  • Refactored GitHubVariant enum from numeric values to descriptive string values with JSDoc comments
  • Removed two deprecated feature flags: AnalyzeUseNewUpload and JavaMinimizeDependencyJars
  • Added database upload telemetry tracking with new DatabaseUploadResult interface
  • Updated multiple dependencies including node-forge, esbuild, eslint-plugin-jsdoc, and various GitHub Actions

Reviewed changes

Copilot reviewed 47 out of 48 changed files in this pull request and generated no comments.

Show a summary per file
File Description
src/util.ts Refactored GitHubVariant enum from numeric to string values with documentation
src/util.test.ts Updated test helper to use new string enum values
src/setup-codeql.ts Changed condition to check specifically for GHES variant
src/init-action.ts Removed JavaMinimizeDependencyJars feature flag, replaced with direct CodeQL version check
src/feature-flags.ts Removed two deprecated feature flags and refactored variant checking
src/feature-flags.test.ts Updated tests for GHEC-DR and wrapped in loop for DRY
src/dependency-caching.ts Removed Java JAR minimization feature flag logic
src/dependency-caching.test.ts Removed tests for deleted feature flag
src/database-upload.ts Added DatabaseUploadResult interface and telemetry collection
src/database-upload.test.ts Updated test expectation for error message formatting
src/api-client.ts Updated to use new string enum value
src/api-client.test.ts Updated test descriptions and assertions
src/analyze-action.ts Removed AnalyzeUseNewUpload feature flag and simplified upload logic
pr-checks/checks/*.yml Updated ruby/setup-ruby and actions/upload-artifact versions
package.json Bumped version to 3.31.9 and updated dependencies
package-lock.json Updated lockfile with new dependency versions
CHANGELOG.md Added entry for version 3.31.9
.github/workflows/*.yml Updated actions/create-github-app-token and actions/download-artifact versions
.github/pull_request_template.md Clarified Dotcom environment description

@henrymercer henrymercer merged commit 45c3735 into releases/v3 Dec 16, 2025
240 checks passed
@henrymercer henrymercer deleted the backport-v3.31.9-5d4e8d1ac branch December 16, 2025 19:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@henrymercer henrymercer henrymercer approved these changes

Assignees

@henrymercer henrymercer

Labels

size/L May be hard to review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@henrymercer @nickrolfe @oscarsj @mbg