ruby.git/.github/workflows/check_sast.yml, branch master The Ruby Programming Language Exclude timeout_spec from rb/redos analysis 2026-05-29T02:30:03+00:00 Hiroshi SHIBATA hsbt@ruby-lang.org 2026-05-29T01:08:40+00:00 cf3cf02b4e74213a2fb0f0585d51431daa0f30bd The spec intentionally uses a ReDoS pattern to verify Regexp.timeout. 
The spec intentionally uses a ReDoS pattern to verify Regexp.timeout.
Fix filter-sarif version comment to match pinned ref 2026-05-29T02:30:03+00:00 Hiroshi SHIBATA hsbt@ruby-lang.org 2026-05-29T00:53:18+00:00 6a86a2d3a6ffb59a53cd34d2b5c07ba85898331f The SHA 2da736ff is tag v1.1, not v1.1.0.1.1. 
The SHA 2da736ff is tag v1.1, not v1.1.0.1.1.
Bump the github-actions group across 1 directory with 2 updates 2026-05-25T02:48:57+00:00 dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2026-05-25T02:35:36+00:00 ceb533b284cb2a6b8dace895d1a9a90f335c217b Bumps the github-actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [taiki-e/install-action](https://github.com/taiki-e/install-action). Updates `github/codeql-action` from 4.35.5 to 4.36.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/9e0d7b8d25671d64c341c19c0152d693099fb5ba...7211b7c8077ea37d8641b6271f6a365a22a5fbfa) Updates `taiki-e/install-action` from 2.79.4 to 2.79.7 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/e0eafa9a0d485c37f97c0f7beb930a58a2facbac...d9be7d8cda89035c9c843f78bd44d4f72d8403d4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.79.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 
Bumps the github-actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [taiki-e/install-action](https://github.com/taiki-e/install-action).


Updates `github/codeql-action` from 4.35.5 to 4.36.0
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/9e0d7b8d25671d64c341c19c0152d693099fb5ba...7211b7c8077ea37d8641b6271f6a365a22a5fbfa)

Updates `taiki-e/install-action` from 2.79.4 to 2.79.7
- [Release notes](https://github.com/taiki-e/install-action/releases)
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/install-action/compare/e0eafa9a0d485c37f97c0f7beb930a58a2facbac...d9be7d8cda89035c9c843f78bd44d4f72d8403d4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: taiki-e/install-action
  dependency-version: 2.79.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 Bump the github-actions group across 1 directory with 5 updates 2026-05-22T03:25:38+00:00 dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2026-05-22T02:15:06+00:00 d90401d2dabf957e9341a777788d8f60cda76177 Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.307.0` | `1.310.0` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.3` | `0.5.6` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.35.4` | `4.35.5` | | [ruby/action-slack](https://github.com/ruby/action-slack) | `3.2.2` | `4.0.0` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.78.0` | `2.79.4` | Updates `ruby/setup-ruby` from 1.307.0 to 1.310.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/6aaa311d81eba98ae12eaffbcb63296ace0efcde...afeafc3d1ab54a631816aba4c914a0081c12ff2f) Updates `zizmorcore/zizmor-action` from 0.5.3 to 0.5.6 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](https://github.com/zizmorcore/zizmor-action/compare/b1d7e1fb5de872772f31590499237e7cce841e8e...5f14fd08f7cf1cb1609c1e344975f152c7ee938d) Updates `github/codeql-action` from 4.35.4 to 4.35.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...9e0d7b8d25671d64c341c19c0152d693099fb5ba) Updates `ruby/action-slack` from 3.2.2 to 4.0.0 - [Release notes](https://github.com/ruby/action-slack/releases) - [Commits](https://github.com/ruby/action-slack/compare/54175162371f1f7c8eb94d7c8644ee2479fcd375...d260b61aa817726d5bedd22dd6cc305787fa4cdd) Updates `taiki-e/install-action` from 2.78.0 to 2.79.4 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/e1c4cd42111751368541a7cb5db3522bd1f846a4...e0eafa9a0d485c37f97c0f7beb930a58a2facbac) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.310.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.35.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: ruby/action-slack dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.79.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 
Bumps the github-actions group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.307.0` | `1.310.0` |
| [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.3` | `0.5.6` |
| [github/codeql-action](https://github.com/github/codeql-action) | `4.35.4` | `4.35.5` |
| [ruby/action-slack](https://github.com/ruby/action-slack) | `3.2.2` | `4.0.0` |
| [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.78.0` | `2.79.4` |



Updates `ruby/setup-ruby` from 1.307.0 to 1.310.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/6aaa311d81eba98ae12eaffbcb63296ace0efcde...afeafc3d1ab54a631816aba4c914a0081c12ff2f)

Updates `zizmorcore/zizmor-action` from 0.5.3 to 0.5.6
- [Release notes](https://github.com/zizmorcore/zizmor-action/releases)
- [Commits](https://github.com/zizmorcore/zizmor-action/compare/b1d7e1fb5de872772f31590499237e7cce841e8e...5f14fd08f7cf1cb1609c1e344975f152c7ee938d)

Updates `github/codeql-action` from 4.35.4 to 4.35.5
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...9e0d7b8d25671d64c341c19c0152d693099fb5ba)

Updates `ruby/action-slack` from 3.2.2 to 4.0.0
- [Release notes](https://github.com/ruby/action-slack/releases)
- [Commits](https://github.com/ruby/action-slack/compare/54175162371f1f7c8eb94d7c8644ee2479fcd375...d260b61aa817726d5bedd22dd6cc305787fa4cdd)

Updates `taiki-e/install-action` from 2.78.0 to 2.79.4
- [Release notes](https://github.com/taiki-e/install-action/releases)
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/install-action/compare/e1c4cd42111751368541a7cb5db3522bd1f846a4...e0eafa9a0d485c37f97c0f7beb930a58a2facbac)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.310.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: zizmorcore/zizmor-action
  dependency-version: 0.5.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-version: 4.35.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: ruby/action-slack
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: taiki-e/install-action
  dependency-version: 2.79.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 Bump the github-actions group across 2 directories with 5 updates 2026-05-13T03:59:24+00:00 dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2026-05-13T03:52:30+00:00 62d754ba7c6164e466410d36f99bab92e77f7272 Bumps the github-actions group with 4 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby), [github/codeql-action](https://github.com/github/codeql-action), [actions-rust-lang/setup-rust-toolchain](https://github.com/actions-rust-lang/setup-rust-toolchain) and [taiki-e/install-action](https://github.com/taiki-e/install-action). Bumps the github-actions group with 1 update in the /.github/actions/slack directory: [ruby/action-slack](https://github.com/ruby/action-slack). Updates `ruby/setup-ruby` from 1.306.0 to 1.307.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/c4e5b1316158f92e3d49443a9d58b31d25ac0f8f...6aaa311d81eba98ae12eaffbcb63296ace0efcde) Updates `github/codeql-action` from 4.35.3 to 4.35.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...68bde559dea0fdcac2102bfdf6230c5f70eb485e) Updates `actions-rust-lang/setup-rust-toolchain` from 1.16.0 to 1.16.1 - [Release notes](https://github.com/actions-rust-lang/setup-rust-toolchain/releases) - [Changelog](https://github.com/actions-rust-lang/setup-rust-toolchain/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions-rust-lang/setup-rust-toolchain/compare/2b1f5e9b395427c92ee4e3331786ca3c37afe2d7...46268bd060767258de96ed93c1251119784f2ab6) Updates `taiki-e/install-action` from 2.77.1 to 2.77.7 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/cca35edeb1d01366c2843b68fc3ca441446d73d3...3235f8901fd37ffed0052b276cec25a362fb82e9) Updates `ruby/action-slack` from 3.2.2 to 4.0.0 - [Release notes](https://github.com/ruby/action-slack/releases) - [Commits](https://github.com/ruby/action-slack/compare/54175162371f1f7c8eb94d7c8644ee2479fcd375...d260b61aa817726d5bedd22dd6cc305787fa4cdd) --- updated-dependencies: - dependency-name: actions-rust-lang/setup-rust-toolchain dependency-version: 1.16.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.35.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: ruby/action-slack dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ruby/setup-ruby dependency-version: 1.307.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.77.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 
Bumps the github-actions group with 4 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby), [github/codeql-action](https://github.com/github/codeql-action), [actions-rust-lang/setup-rust-toolchain](https://github.com/actions-rust-lang/setup-rust-toolchain) and [taiki-e/install-action](https://github.com/taiki-e/install-action).
Bumps the github-actions group with 1 update in the /.github/actions/slack directory: [ruby/action-slack](https://github.com/ruby/action-slack).


Updates `ruby/setup-ruby` from 1.306.0 to 1.307.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/c4e5b1316158f92e3d49443a9d58b31d25ac0f8f...6aaa311d81eba98ae12eaffbcb63296ace0efcde)

Updates `github/codeql-action` from 4.35.3 to 4.35.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...68bde559dea0fdcac2102bfdf6230c5f70eb485e)

Updates `actions-rust-lang/setup-rust-toolchain` from 1.16.0 to 1.16.1
- [Release notes](https://github.com/actions-rust-lang/setup-rust-toolchain/releases)
- [Changelog](https://github.com/actions-rust-lang/setup-rust-toolchain/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions-rust-lang/setup-rust-toolchain/compare/2b1f5e9b395427c92ee4e3331786ca3c37afe2d7...46268bd060767258de96ed93c1251119784f2ab6)

Updates `taiki-e/install-action` from 2.77.1 to 2.77.7
- [Release notes](https://github.com/taiki-e/install-action/releases)
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/install-action/compare/cca35edeb1d01366c2843b68fc3ca441446d73d3...3235f8901fd37ffed0052b276cec25a362fb82e9)

Updates `ruby/action-slack` from 3.2.2 to 4.0.0
- [Release notes](https://github.com/ruby/action-slack/releases)
- [Commits](https://github.com/ruby/action-slack/compare/54175162371f1f7c8eb94d7c8644ee2479fcd375...d260b61aa817726d5bedd22dd6cc305787fa4cdd)

---
updated-dependencies:
- dependency-name: actions-rust-lang/setup-rust-toolchain
  dependency-version: 1.16.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-version: 4.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: ruby/action-slack
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: ruby/setup-ruby
  dependency-version: 1.307.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: taiki-e/install-action
  dependency-version: 2.77.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 Bump the github-actions group across 1 directory with 2 updates 2026-05-04T02:31:50+00:00 dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2026-05-04T02:18:27+00:00 c859018af12638454f84bc5471d9eceb9dd281e4 Bumps the github-actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [taiki-e/install-action](https://github.com/taiki-e/install-action). Updates `github/codeql-action` from 4.35.2 to 4.35.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...e46ed2cbd01164d986452f91f178727624ae40d7) Updates `taiki-e/install-action` from 2.75.27 to 2.75.30 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/7769b73c2ec98c38dfcf2e18c83cfd4880c038c1...db5fb34fa772531a3ece57ca434f579eb334e0fb) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.75.30 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 
Bumps the github-actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [taiki-e/install-action](https://github.com/taiki-e/install-action).


Updates `github/codeql-action` from 4.35.2 to 4.35.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...e46ed2cbd01164d986452f91f178727624ae40d7)

Updates `taiki-e/install-action` from 2.75.27 to 2.75.30
- [Release notes](https://github.com/taiki-e/install-action/releases)
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/install-action/compare/7769b73c2ec98c38dfcf2e18c83cfd4880c038c1...db5fb34fa772531a3ece57ca434f579eb334e0fb)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: taiki-e/install-action
  dependency-version: 2.75.30
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 Bump the github-actions group across 1 directory with 3 updates 2026-04-16T02:24:41+00:00 dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2026-04-16T02:11:15+00:00 1732ba6f94b6166e2cd232df90194757a0ca4928 Bumps the github-actions group with 3 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby), [github/codeql-action](https://github.com/github/codeql-action) and [taiki-e/install-action](https://github.com/taiki-e/install-action). Updates `ruby/setup-ruby` from 1.301.0 to 1.302.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/4c56a21280b36d862b5fc31348f463d60bdc55d5...7372622e62b60b3cb750dcd2b9e32c247ffec26a) Updates `github/codeql-action` from 4.35.1 to 4.35.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...95e58e9a2cdfd71adc6e0353d5c52f41a045d225) Updates `taiki-e/install-action` from 2.75.13 to 2.75.15 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/eea29cff9a2b68892c0845ae3e4f45fc47ee9354...5939f3337e40968c39aa70f5ecb1417a92fb25a0) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.302.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.75.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 
Bumps the github-actions group with 3 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby), [github/codeql-action](https://github.com/github/codeql-action) and [taiki-e/install-action](https://github.com/taiki-e/install-action).


Updates `ruby/setup-ruby` from 1.301.0 to 1.302.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/4c56a21280b36d862b5fc31348f463d60bdc55d5...7372622e62b60b3cb750dcd2b9e32c247ffec26a)

Updates `github/codeql-action` from 4.35.1 to 4.35.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...95e58e9a2cdfd71adc6e0353d5c52f41a045d225)

Updates `taiki-e/install-action` from 2.75.13 to 2.75.15
- [Release notes](https://github.com/taiki-e/install-action/releases)
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/install-action/compare/eea29cff9a2b68892c0845ae3e4f45fc47ee9354...5939f3337e40968c39aa70f5ecb1417a92fb25a0)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.302.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-version: 4.35.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: taiki-e/install-action
  dependency-version: 2.75.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 Bump the github-actions group across 2 directories with 4 updates 2026-04-14T02:25:20+00:00 dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2026-04-14T02:11:29+00:00 e31f62afe3286054df887677f3f5a5baf47786f1 Bumps the github-actions group with 4 updates in the / directory: [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action), [actions-rust-lang/setup-rust-toolchain](https://github.com/actions-rust-lang/setup-rust-toolchain), [actions/cache](https://github.com/actions/cache) and [taiki-e/install-action](https://github.com/taiki-e/install-action). Bumps the github-actions group with 1 update in the /.github/actions/setup/directories directory: [actions/cache](https://github.com/actions/cache). Updates `zizmorcore/zizmor-action` from 0.5.2 to 0.5.3 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](https://github.com/zizmorcore/zizmor-action/compare/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8...b1d7e1fb5de872772f31590499237e7cce841e8e) Updates `actions-rust-lang/setup-rust-toolchain` from 1.15.4 to 1.16.0 - [Release notes](https://github.com/actions-rust-lang/setup-rust-toolchain/releases) - [Changelog](https://github.com/actions-rust-lang/setup-rust-toolchain/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions-rust-lang/setup-rust-toolchain/compare/150fca883cd4034361b621bd4e6a9d34e5143606...2b1f5e9b395427c92ee4e3331786ca3c37afe2d7) Updates `actions/cache` from 5.0.4 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/668228422ae6a00e4ad889ee87cd7109ec5666a7...27d5ce7f107fe9357f9df03efb73ab90386fccae) Updates `taiki-e/install-action` from 2.75.7 to 2.75.10 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/0abfcd587b70a713fdaa7fb502c885e2112acb15...85b24a67ef0c632dfefad70b9d5ce8fddb040754) Updates `actions/cache` from 5.0.4 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/668228422ae6a00e4ad889ee87cd7109ec5666a7...27d5ce7f107fe9357f9df03efb73ab90386fccae) --- updated-dependencies: - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions-rust-lang/setup-rust-toolchain dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.75.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 
Bumps the github-actions group with 4 updates in the / directory: [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action), [actions-rust-lang/setup-rust-toolchain](https://github.com/actions-rust-lang/setup-rust-toolchain), [actions/cache](https://github.com/actions/cache) and [taiki-e/install-action](https://github.com/taiki-e/install-action).
Bumps the github-actions group with 1 update in the /.github/actions/setup/directories directory: [actions/cache](https://github.com/actions/cache).


Updates `zizmorcore/zizmor-action` from 0.5.2 to 0.5.3
- [Release notes](https://github.com/zizmorcore/zizmor-action/releases)
- [Commits](https://github.com/zizmorcore/zizmor-action/compare/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8...b1d7e1fb5de872772f31590499237e7cce841e8e)

Updates `actions-rust-lang/setup-rust-toolchain` from 1.15.4 to 1.16.0
- [Release notes](https://github.com/actions-rust-lang/setup-rust-toolchain/releases)
- [Changelog](https://github.com/actions-rust-lang/setup-rust-toolchain/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions-rust-lang/setup-rust-toolchain/compare/150fca883cd4034361b621bd4e6a9d34e5143606...2b1f5e9b395427c92ee4e3331786ca3c37afe2d7)

Updates `actions/cache` from 5.0.4 to 5.0.5
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/668228422ae6a00e4ad889ee87cd7109ec5666a7...27d5ce7f107fe9357f9df03efb73ab90386fccae)

Updates `taiki-e/install-action` from 2.75.7 to 2.75.10
- [Release notes](https://github.com/taiki-e/install-action/releases)
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/install-action/compare/0abfcd587b70a713fdaa7fb502c885e2112acb15...85b24a67ef0c632dfefad70b9d5ce8fddb040754)

Updates `actions/cache` from 5.0.4 to 5.0.5
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/668228422ae6a00e4ad889ee87cd7109ec5666a7...27d5ce7f107fe9357f9df03efb73ab90386fccae)

---
updated-dependencies:
- dependency-name: zizmorcore/zizmor-action
  dependency-version: 0.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions-rust-lang/setup-rust-toolchain
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/cache
  dependency-version: 5.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: taiki-e/install-action
  dependency-version: 2.75.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/cache
  dependency-version: 5.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 Exclude test directories from CodeQL analysis 2026-03-31T03:45:30+00:00 Hiroshi SHIBATA hsbt@ruby-lang.org 2026-03-31T02:02:09+00:00 b2562525c3327455c2a2d4104dbe6a756a4f738a CodeQL's Ruby extractor cannot parse UTF-16 encoded fixtures, TRICK entries, and some edge-case syntax in test files, causing 84 parse error warnings. These directories (spec/, test/, sample/, benchmark/) are not relevant for security scanning. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 
CodeQL's Ruby extractor cannot parse UTF-16 encoded fixtures,
TRICK entries, and some edge-case syntax in test files, causing
84 parse error warnings. These directories (spec/, test/, sample/,
benchmark/) are not relevant for security scanning.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Bump the github-actions group across 1 directory with 5 updates 2026-03-30T02:57:36+00:00 dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2026-03-30T02:17:48+00:00 503cf433e68ad3b66917282f72b360fd2f4bd6a7 Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.295.0` | `1.299.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.34.1` | `4.35.1` | | [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.5.0` | `3.0.0` | | [lewagon/wait-on-check-action](https://github.com/lewagon/wait-on-check-action) | `1.5.0` | `1.6.0` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.69.10` | `2.70.2` | Updates `ruby/setup-ruby` from 1.295.0 to 1.299.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/319994f95fa847cf3fb3cd3dbe89f6dcde9f178f...3ff19f5e2baf30647122352b96108b1fbe250c64) Updates `github/codeql-action` from 4.34.1 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/38697555549f1db7851b81482ff19f1fa5c4fedc...c10b8064de6f491fea524254123dbe5e09572f13) Updates `dependabot/fetch-metadata` from 2.5.0 to 3.0.0 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/21025c705c08248db411dc16f3619e6b5f9ea21a...ffa630c65fa7e0ecfa0625b5ceda64399aea1b36) Updates `lewagon/wait-on-check-action` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/lewagon/wait-on-check-action/releases) - [Changelog](https://github.com/lewagon/wait-on-check-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/lewagon/wait-on-check-action/compare/74049309dfeff245fe8009a0137eacf28136cb3c...a08fbe2b86f9336198f33be6ad9c16b96f92799c) Updates `taiki-e/install-action` from 2.69.10 to 2.70.2 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/7627fb428e65e78e2ec9a24ae5c5bd5f8553f182...e9e8e031bcd90cdbe8ac6bb1d376f8596e587fbf) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.299.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: dependabot/fetch-metadata dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: lewagon/wait-on-check-action dependency-version: 1.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.70.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> 
Bumps the github-actions group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.295.0` | `1.299.0` |
| [github/codeql-action](https://github.com/github/codeql-action) | `4.34.1` | `4.35.1` |
| [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.5.0` | `3.0.0` |
| [lewagon/wait-on-check-action](https://github.com/lewagon/wait-on-check-action) | `1.5.0` | `1.6.0` |
| [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.69.10` | `2.70.2` |



Updates `ruby/setup-ruby` from 1.295.0 to 1.299.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/319994f95fa847cf3fb3cd3dbe89f6dcde9f178f...3ff19f5e2baf30647122352b96108b1fbe250c64)

Updates `github/codeql-action` from 4.34.1 to 4.35.1
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/38697555549f1db7851b81482ff19f1fa5c4fedc...c10b8064de6f491fea524254123dbe5e09572f13)

Updates `dependabot/fetch-metadata` from 2.5.0 to 3.0.0
- [Release notes](https://github.com/dependabot/fetch-metadata/releases)
- [Commits](https://github.com/dependabot/fetch-metadata/compare/21025c705c08248db411dc16f3619e6b5f9ea21a...ffa630c65fa7e0ecfa0625b5ceda64399aea1b36)

Updates `lewagon/wait-on-check-action` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/lewagon/wait-on-check-action/releases)
- [Changelog](https://github.com/lewagon/wait-on-check-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lewagon/wait-on-check-action/compare/74049309dfeff245fe8009a0137eacf28136cb3c...a08fbe2b86f9336198f33be6ad9c16b96f92799c)

Updates `taiki-e/install-action` from 2.69.10 to 2.70.2
- [Release notes](https://github.com/taiki-e/install-action/releases)
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/install-action/compare/7627fb428e65e78e2ec9a24ae5c5bd5f8553f182...e9e8e031bcd90cdbe8ac6bb1d376f8596e587fbf)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.299.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-version: 4.35.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: dependabot/fetch-metadata
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: lewagon/wait-on-check-action
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: taiki-e/install-action
  dependency-version: 2.70.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>