fix(deps): update all dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change	Age	Confidence
actions/checkout	action	patch	v6.0.1 → v6.0.2
actions/upload-artifact	action	major	v6.0.0 → v7.0.0
certifi	dependencies	minor	2026.1.4 → 2026.2.25
fastapi (changelog)	dependencies	minor	^0.128.0 → ^0.135.0
github/codeql-action	action	minor	v4.31.9 → v4.32.6
ortelius/workflow-toolkit	action	digest	a111f83 → 7fc4bdd
oxsecurity/megalinter	action	minor	v9.3.0 → v9.4.0
peter-evans/create-pull-request	action	minor	v8.0.0 → v8.1.0
public.ecr.aws/amazonlinux/amazonlinux	final	patch	2023.10.20260105.0 → 2023.10.20260302.1
sqlalchemy (changelog)	dependencies	patch	2.0.45 → 2.0.48
starlette (changelog)	dependencies	minor	^0.50.0 → ^0.52.0
step-security/harden-runner	action	minor	v2.14.0 → v2.15.1
uvicorn (changelog)	dependencies	minor	^0.40.0 → ^0.41.0

---

Release Notes

actions/checkout (actions/checkout)

v6.0.2

Compare Source

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in #​2356

actions/upload-artifact (actions/upload-artifact)

v7.0.0

Compare Source

v7 What's new

Direct Uploads

Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

• Add proxy integration test by @​Link- in #​754
• Upgrade the module to ESM and bump dependencies by @​danwkennedy in #​762
• Support direct file uploads by @​danwkennedy in #​764

New Contributors

• @​Link- made their first contribution in #​754

Full Changelog: actions/upload-artifact@v6...v7.0.0

certifi/python-certifi (certifi)

v2026.2.25

Compare Source

fastapi/fastapi (fastapi)

v0.135.1

Compare Source

Fixes

• 🐛 Fix, avoid yield from a TaskGroup, only as an async context manager, closed in the request async exit stack. PR #​15038 by @​tiangolo.

Docs

• ✏️ Fix typo in docs/en/docs/_llm-test.md. PR #​15007 by @​adityagiri3600.
• 📝 Update Skill, optimize context, trim and refactor into references. PR #​15031 by @​tiangolo.

Internal

• 👥 Update FastAPI People - Experts. PR #​15037 by @​tiangolo.
• 👥 Update FastAPI People - Contributors and Translators. PR #​15029 by @​tiangolo.
• 👥 Update FastAPI GitHub topic repositories. PR #​15036 by @​tiangolo.

v0.135.0

Compare Source

Features

• ✨ Add support for Server Sent Events. PR #​15030 by @​tiangolo.
  • New docs: Server-Sent Events (SSE).

v0.134.0

Compare Source

Features

• ✨ Add support for streaming JSON Lines and binary data with yield. PR #​15022 by @​tiangolo.
  • This also upgrades Starlette from >=0.40.0 to >=0.46.0, as it's needed to properly unrwap and re-raise exceptions from exception groups.
  • New docs: Stream JSON Lines.
  • And new docs: Stream Data.

Docs

• 📝 Update Library Agent Skill with streaming responses. PR #​15024 by @​tiangolo.
• 📝 Update docs for responses and new stream with yield. PR #​15023 by @​tiangolo.
• 📝 Add await in StreamingResponse code example to allow cancellation. PR #​14681 by @​casperdcl.
• 📝 Rename docs_src/websockets to docs_src/websockets_ to avoid import errors. PR #​14979 by @​YuriiMotov.

Internal

• 🔨 Run tests with pytest-xdist and pytest-cov. PR #​14992 by @​YuriiMotov.

v0.133.1

Compare Source

Features

• 🔧 Add FastAPI Agent Skill. PR #​14982 by @​tiangolo.
  • Read more about it in Library Agent Skills.

Internal

• ✅ Fix all tests are skipped on Windows. PR #​14994 by @​YuriiMotov.

v0.133.0

Compare Source

v0.132.1

Compare Source

Refactors

• ♻️ Refactor logic to handle OpenAPI and Swagger UI escaping data. PR #​14986 by @​tiangolo.

Internal

• 👥 Update FastAPI People - Experts. PR #​14972 by @​tiangolo.
• 👷 Allow skipping benchmark job in test workflow. PR #​14974 by @​YuriiMotov.

v0.132.0

Compare Source

Breaking Changes

• 🔒️ Add strict_content_type checking for JSON requests. PR #​14978 by @​tiangolo.
  • Now FastAPI checks, by default, that JSON requests have a Content-Type header with a valid JSON value, like application/json, and rejects requests that don't.
  • If the clients for your app don't send a valid Content-Type header you can disable this with strict_content_type=False.
  • Check the new docs: Strict Content-Type Checking.

Internal

• ⬆ Bump flask from 3.1.2 to 3.1.3. PR #​14949 by @​dependabot[bot].
• ⬆ Update all dependencies to use griffelib instead of griffe. PR #​14973 by @​svlandeg.
• 🔨 Fix FastAPI People workflow. PR #​14951 by @​YuriiMotov.
• 👷 Do not run codspeed with coverage as it's not tracked. PR #​14966 by @​tiangolo.
• 👷 Do not include benchmark tests in coverage to speed up coverage processing. PR #​14965 by @​tiangolo.

v0.131.0

Compare Source

Breaking Changes

• 🗑️ Deprecate ORJSONResponse and UJSONResponse. PR #​14964 by @​tiangolo.

v0.130.0

Compare Source

Features

• ✨ Serialize JSON response with Pydantic (in Rust), when there's a Pydantic return type or response model. PR #​14962 by @​tiangolo.
  • This results in 2x (or more) performance increase for JSON responses.
  • New docs: Custom Response - JSON Performance.

v0.129.2

Compare Source

Internal

• ⬆️ Upgrade pytest. PR #​14959 by @​tiangolo.
• 👷 Fix CI, do not attempt to publish fastapi-slim. PR #​14958 by @​tiangolo.
• ➖ Drop support for fastapi-slim, no more versions will be released, use only "fastapi[standard]" or fastapi. PR #​14957 by @​tiangolo.
• 🔧 Update pyproject.toml, remove unneeded lines. PR #​14956 by @​tiangolo.

v0.129.1

Compare Source

Fixes

• ♻️ Fix JSON Schema for bytes, use "contentMediaType": "application/octet-stream" instead of "format": "binary". PR #​14953 by @​tiangolo.

Docs

• 🔨 Add Kapa.ai widget (AI chatbot). PR #​14938 by @​tiangolo.
• 🔥 Remove Python 3.9 specific files, no longer needed after updating translations. PR #​14931 by @​tiangolo.
• 📝 Update docs for JWT to prevent timing attacks. PR #​14908 by @​tiangolo.

Translations

• ✏️ Fix several typos in ru translations. PR #​14934 by @​argoarsiks.
• 🌐 Update translations for ko (update-all and add-missing). PR #​14923 by @​YuriiMotov.
• 🌐 Update translations for uk (add-missing). PR #​14922 by @​YuriiMotov.
• 🌐 Update translations for zh-hant (update-all and add-missing). PR #​14921 by @​YuriiMotov.
• 🌐 Update translations for fr (update-all and add-missing). PR #​14920 by @​YuriiMotov.
• 🌐 Update translations for de (update-all) . PR #​14910 by @​YuriiMotov.
• 🌐 Update translations for ja (update-all). PR #​14916 by @​YuriiMotov.
• 🌐 Update translations for pt (update-all). PR #​14912 by @​YuriiMotov.
• 🌐 Update translations for es (update-all and add-missing). PR #​14911 by @​YuriiMotov.
• 🌐 Update translations for zh (update-all). PR #​14917 by @​YuriiMotov.
• 🌐 Update translations for uk (update-all). PR #​14914 by @​YuriiMotov.
• 🌐 Update translations for tr (update-all). PR #​14913 by @​YuriiMotov.
• 🌐 Update translations for ru (update-outdated). PR #​14909 by @​YuriiMotov.

Internal

• 👷 Always run tests on push to master branch and when run by scheduler. PR #​14940 by @​YuriiMotov.
• 🎨 Upgrade typing syntax for Python 3.10. PR #​14932 by @​tiangolo.
• ⬆ Bump cryptography from 46.0.4 to 46.0.5. PR #​14892 by @​dependabot[bot].
• ⬆ Bump pillow from 12.1.0 to 12.1.1. PR #​14899 by @​dependabot[bot].

v0.129.0

Compare Source

Breaking Changes

• ➖ Drop support for Python 3.9. PR #​14897 by @​tiangolo.

Refactors

• 🎨 Update internal types for Python 3.10. PR #​14898 by @​tiangolo.

Docs

• 📝 Update highlights in webhooks docs. PR #​14905 by @​tiangolo.
• 📝 Update source examples and docs from Python 3.9 to 3.10. PR #​14900 by @​tiangolo.

Internal

• 🔨 Update docs.py scripts to migrate Python 3.9 to Python 3.10. PR #​14906 by @​tiangolo.

v0.128.8

Compare Source

Docs

• 📝 Fix grammar in docs/en/docs/tutorial/first-steps.md. PR #​14708 by @​SanjanaS10.

Internal

• 🔨 Tweak PDM hook script. PR #​14895 by @​tiangolo.
• ♻️ Update build setup for fastapi-slim, deprecate it, and make it only depend on fastapi. PR #​14894 by @​tiangolo.

v0.128.7

Compare Source

Features

• ✨ Show a clear error on attempt to include router into itself. PR #​14258 by @​JavierSanchezCastro.
• ✨ Replace dict by Mapping on HTTPException.headers. PR #​12997 by @​rijenkii.

Refactors

• ♻️ Simplify reading files in memory, do it sequentially instead of (fake) parallel. PR #​14884 by @​tiangolo.

Docs

• 📝 Use dfn tag for definitions instead of abbr in docs. PR #​14744 by @​YuriiMotov.

Internal

• ✅ Tweak comment in test to reference PR. PR #​14885 by @​tiangolo.
• 🔧 Update LLM-prompt for abbr and dfn tags. PR #​14747 by @​YuriiMotov.
• ✅ Test order for the submitted byte Files. PR #​14828 by @​valentinDruzhinin.
• 🔧 Configure test workflow to run tests with inline-snapshot=review. PR #​14876 by @​YuriiMotov.

v0.128.6

Compare Source

Fixes

• 🐛 Fix on_startup and on_shutdown parameters of APIRouter. PR #​14873 by @​YuriiMotov.

Translations

• 🌐 Update translations for zh (update-outdated). PR #​14843 by @​tiangolo.

Internal

• ✅ Fix parameterized tests with snapshots. PR #​14875 by @​YuriiMotov.

v0.128.5

Compare Source

Refactors

• ♻️ Refactor and simplify Pydantic v2 (and v1) compatibility internal utils. PR #​14862 by @​tiangolo.

Internal

• ✅ Add inline snapshot tests for OpenAPI before changes from Pydantic v2. PR #​14864 by @​tiangolo.

v0.128.4

Compare Source

Refactors

• ♻️ Refactor internals, simplify Pydantic v2/v1 utils, create_model_field, better types for lenient_issubclass. PR #​14860 by @​tiangolo.
• ♻️ Simplify internals, remove Pydantic v1 only logic, no longer needed. PR #​14857 by @​tiangolo.
• ♻️ Refactor internals, cleanup unneeded Pydantic v1 specific logic. PR #​14856 by @​tiangolo.

Translations

• 🌐 Update translations for fr (outdated pages). PR #​14839 by @​YuriiMotov.
• 🌐 Update translations for tr (outdated and missing). PR #​14838 by @​YuriiMotov.

Internal

• ⬆️ Upgrade development dependencies. PR #​14854 by @​tiangolo.

v0.128.3

Compare Source

Refactors

• ♻️ Re-implement on_event in FastAPI for compatibility with the next Starlette, while keeping backwards compatibility. PR #​14851 by @​tiangolo.

Upgrades

• ⬆️ Upgrade Starlette supported version range to starlette>=0.40.0,<1.0.0. PR #​14853 by @​tiangolo.

Translations

• 🌐 Update translations for ru (update-outdated). PR #​14834 by @​tiangolo.

Internal

• 👷 Run tests with Starlette from git. PR #​14849 by @​tiangolo.
• 👷 Run tests with lower bound uv sync, upgrade fastapi[all] minimum dependencies: ujson >=5.8.0, orjson >=3.9.3. PR #​14846 by @​tiangolo.

v0.128.2

Compare Source

Features

• ✨ Add support for PEP695 TypeAliasType. PR #​13920 by @​cstruct.
• ✨ Allow Response type hint as dependency annotation. PR #​14794 by @​jonathan-fulton.

Fixes

• 🐛 Fix using Json[list[str]] type (issue #​10997). PR #​14616 by @​mkanetsuna.

Docs

• 📝 Update docs for translations. PR #​14830 by @​tiangolo.
• 📝 Fix duplicate word in advanced-dependencies.md. PR #​14815 by @​Rayyan-Oumlil.

Translations

• 🌐 Enable Traditional Chinese translations. PR #​14842 by @​tiangolo.
• 🌐 Enable French docs translations. PR #​14841 by @​tiangolo.
• 🌐 Update translations for fr (translate-page). PR #​14837 by @​tiangolo.
• 🌐 Update translations for de (update-outdated). PR #​14836 by @​tiangolo.
• 🌐 Update translations for pt (update-outdated). PR #​14833 by @​tiangolo.
• 🌐 Update translations for ko (update-outdated). PR #​14835 by @​tiangolo.
• 🌐 Update translations for es (update-outdated). PR #​14832 by @​tiangolo.
• 🌐 Update translations for tr (update-outdated). PR #​14831 by @​tiangolo.
• 🌐 Update translations for tr (add-missing). PR #​14790 by @​tiangolo.
• 🌐 Update translations for fr (update-outdated). PR #​14826 by @​tiangolo.
• 🌐 Update translations for zh-hant (update-outdated). PR #​14825 by @​tiangolo.
• 🌐 Update translations for uk (update-outdated). PR #​14822 by @​tiangolo.
• 🔨 Update docs and translations scripts, enable Turkish. PR #​14824 by @​tiangolo.

Internal

• 🔨 Add max pages to translate to configs. PR #​14840 by @​tiangolo.

v0.128.1

Compare Source

Features

• ✨ Add viewport meta tag to improve Swagger UI on mobile devices. PR #​14777 by @​Joab0.
• 🚸 Improve error message for invalid query parameter type annotations. PR #​14479 by @​retwish.

Fixes

• 🐛 Update ValidationError schema to include input and ctx. PR #​14791 by @​jonathan-fulton.
• 🐛 Fix TYPE_CHECKING annotations for Python 3.14 (PEP 649). PR #​14789 by @​mgu.
• 🐛 Strip whitespaces from Authorization header credentials. PR #​14786 by @​WaveTheory1.
• 🐛 Fix OpenAPI duplication of anyOf refs for app-level responses with specified content and model as Union. PR #​14463 by @​DJMcoder.

Refactors

• 🎨 Tweak types for mypy. PR #​14816 by @​tiangolo.
• 🏷️ Re-export IncEx type from Pydantic instead of duplicating it. PR #​14641 by @​mvanderlee.
• 💡 Update comment for Pydantic internals. PR #​14814 by @​tiangolo.

Docs

• 📝 Update docs for contributing translations, simplify title. PR #​14817 by @​tiangolo.
• 📝 Fix typing issue in docs_src/app_testing/app_b code example. PR #​14573 by @​timakaa.
• 📝 Fix example of license identifier in documentation. PR #​14492 by @​johnson-earls.
• 📝 Add banner to translated pages. PR #​14809 by @​YuriiMotov.
• 📝 Add links to related sections of docs to docstrings. PR #​14776 by @​YuriiMotov.
• 📝 Update embedded code examples to Python 3.10 syntax. PR #​14758 by @​YuriiMotov.
• 📝 Fix dependency installation command in docs/en/docs/contributing.md. PR #​14757 by @​YuriiMotov.
• 📝 Use return type annotation instead of response_model when possible. PR #​14753 by @​YuriiMotov.
• 📝 Use WSGIMiddleware from a2wsgi instead of deprecated fastapi.middleware.wsgi.WSGIMiddleware. PR #​14756 by @​YuriiMotov.
• 📝 Fix minor typos in release notes. PR #​14780 by @​whyvineet.
• 🐛 Fix copy button in custom.js. PR #​14722 by @​fcharrier.
• 📝 Add contribution instructions about LLM generated code and comments and automated tools for PRs. PR #​14706 by @​tiangolo.
• 📝 Update docs for management tasks. PR #​14705 by @​tiangolo.
• 📝 Update docs about managing translations. PR #​14704 by @​tiangolo.
• 📝 Update docs for contributing with translations. PR #​14701 by @​tiangolo.
• 📝 Specify language code for code block. PR #​14656 by @​YuriiMotov.

Translations

• 🌐 Improve LLM prompt of uk documentation. PR #​14795 by @​roli2py.
• 🌐 Update translations for ja (update-outdated). PR #​14588 by @​tiangolo.
• 🌐 Update translations for uk (update outdated, found by fixer tool). PR #​14739 by @​YuriiMotov.
• 🌐 Update translations for tr (update-outdated). PR #​14745 by @​tiangolo.
• 🌐 Update llm-prompt.md for Korean language. PR #​14763 by @​seuthootDev.
• 🌐 Update translations for ko (update outdated, found by fixer tool). PR #​14738 by @​YuriiMotov.
• 🌐 Update translations for de (update-outdated). PR #​14690 by @​tiangolo.
• 🌐 Update LLM prompt for Russian translations. PR #​14733 by @​YuriiMotov.
• 🌐 Update translations for ru (update-outdated). PR #​14693 by @​tiangolo.
• 🌐 Update translations for pt (update-outdated). PR #​14724 by @​tiangolo.
• 🌐 Update Korean LLM prompt. PR #​14740 by @​hard-coders.
• 🌐 Improve LLM prompt for Turkish translations. PR #​14728 by @​Kadermiyanyedi.
• 🌐 Update portuguese llm-prompt.md. PR #​14702 by @​ceb10n.
• 🌐 Update LLM prompt instructions file for French. PR #​14618 by @​tiangolo.
• 🌐 Update translations for ko (add-missing). PR #​14699 by @​tiangolo.
• 🌐 Update translations for ko (update-outdated). PR #​14589 by @​tiangolo.
• 🌐 Update translations for uk (update-outdated). PR #​14587 by @​tiangolo.
• 🌐 Update translations for es (update-outdated). PR #​14686 by @​tiangolo.
• 🔧 Add LLM prompt file for Turkish, generated from the existing translations. PR #​14547 by @​tiangolo.
• 🔧 Add LLM prompt file for Traditional Chinese, generated from the existing translations. PR #​14550 by @​tiangolo.
• 🔧 Add LLM prompt file for Simplified Chinese, generated from the existing translations. PR #​14549 by @​tiangolo.

Internal

• ⬇️ Downgrade LLM translations model to GPT-5 to reduce mistakes. PR #​14823 by @​tiangolo.
• 🐛 Fix translation script commit in place. PR #​14818 by @​tiangolo.
• 🔨 Update translation script to retry if LLM-response doesn't pass validation with Translation Fixer tool. PR #​14749 by @​YuriiMotov.
• 👷 Run tests only on relevant code changes (not on docs). PR #​14813 by @​tiangolo.
• 👷 Run mypy by pre-commit. PR #​14806 by @​YuriiMotov.
• ⬆ Bump ruff from 0.14.3 to 0.14.14. PR #​14798 by @​dependabot[bot].
• ⬆ Bump pyasn1 from 0.6.1 to 0.6.2. PR #​14804 by @​dependabot[bot].
• ⬆ Bump sqlmodel from 0.0.27 to 0.0.31. PR #​14802 by @​dependabot[bot].
• ⬆ Bump mkdocs-macros-plugin from 1.4.1 to 1.5.0. PR #​14801 by @​dependabot[bot].
• ⬆ Bump gitpython from 3.1.45 to 3.1.46. PR #​14800 by @​dependabot[bot].
• ⬆ Bump typer from 0.16.0 to 0.21.1. PR #​14799 by @​dependabot[bot].
• 👥 Update FastAPI GitHub topic repositories. PR #​14803 by @​tiangolo.
• 👥 Update FastAPI People - Contributors and Translators. PR #​14796 by @​tiangolo.
• 🔧 Ensure that an edit to uv.lock gets the internal label. PR #​14759 by @​svlandeg.
• 🔧 Update sponsors: remove Requestly. PR #​14735 by @​tiangolo.
• 🔧 Update sponsors, LambdaTest changes to TestMu AI. PR #​14734 by @​tiangolo.
• ⬆ Bump actions/cache from 4 to 5. PR #​14511 by @​dependabot[bot].
• ⬆ Bump actions/upload-artifact from 5 to 6. PR #​14525 by @​dependabot[bot].
• ⬆ Bump actions/download-artifact from 6 to 7. PR #​14526 by @​dependabot[bot].
• 👷 Tweak CI input names. PR #​14688 by @​tiangolo.
• 🔨 Refactor translation script to allow committing in place. PR #​14687 by @​tiangolo.
• 🐛 Fix translation script path. PR #​14685 by @​tiangolo.
• ✅ Enable tests in CI for scripts. PR #​14684 by @​tiangolo.
• 🔧 Add pre-commit local script to fix language translations. PR #​14683 by @​tiangolo.
• ⬆️ Migrate to uv. PR #​14676 by @​DoctorJohn.
• 🔨 Add LLM translations tool fixer. PR #​14652 by @​YuriiMotov.
• 👥 Update FastAPI People - Sponsors. PR #​14626 by @​tiangolo.
• 👥 Update FastAPI GitHub topic repositories. PR #​14630 by @​tiangolo.
• 👥 Update FastAPI People - Contributors and Translators. PR #​14625 by @​tiangolo.
• 🌐 Update translation prompts. PR #​14619 by @​tiangolo.
• 🔨 Update LLM translation script to guide reviewers to change the prompt. PR #​14614 by @​tiangolo.
• 👷 Do not run translations on cron while finishing updating existing languages. PR #​14613 by @​tiangolo.
• 🔥 Remove test variants for Pydantic v1 in test_request_params. PR #​14612 by @​tiangolo.
• 🔥 Remove Pydantic v1 specific test variants. PR #​14611 by @​tiangolo.

github/codeql-action (github/codeql-action)

v4.32.6

Compare Source

• Update default CodeQL bundle version to 2.24.3. #​3548

v4.32.5

Compare Source

• Repositories owned by an organization can now set up the github-codeql-disable-overlay custom repository property to disable improved incremental analysis for CodeQL. First, create a custom repository property with the name github-codeql-disable-overlay and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to true to disable improved incremental analysis. For more information, see Managing custom properties for repositories in your organization. This feature is not yet available on GitHub Enterprise Server. #​3507
• Added an experimental change so that when improved incremental analysis fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. #​3487
• The minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. #​3515
• Reduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. #​3516
• Added an experimental change which lowers the minimum disk space requirement for improved incremental analysis, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. #​3498
• Added an experimental change which allows the start-proxy action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. #​3512
• The previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. #​3503, #​3504

v4.32.4

Compare Source

• Update default CodeQL bundle version to 2.24.2. #​3493
• Added an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when private package registries are configured. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. #​3473
• When the CodeQL Action is run with debugging enabled in Default Setup and private package registries are configured, the "Setup proxy for registries" step will output additional diagnostic information that can be used for troubleshooting. #​3486
• Added a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. #​3485
• Added a setting which enables GitHub-managed workflows, such as Default Setup, to use a nightly CodeQL CLI release instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. #​3484

v4.32.3

Compare Source

• Added experimental support for testing connections to private package registries. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. #​3466

v4.32.2

Compare Source

v4.32.1

Compare Source

• A warning is now shown in Default Setup workflow logs if a private package registry is configured using a GitHub Personal Access Token (PAT), but no username is configured. #​3422
• Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. #​3421

v4.32.0

Compare Source

• Update default CodeQL bundle version to 2.24.0. #​3425

v4.31.11

Compare Source

• When running a Default Setup workflow with Actions debugging enabled, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. #​3409
• Improved error handling throughout the CodeQL Action. #​3415
• Added experimental support for automatically excluding [generated files](h

---

Configuration

📅 Schedule: Branch creation - "every 1 hours every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.