From 426f79882cc69ba7692b240012045f213d59e838 Mon Sep 17 00:00:00 2001
From: Alexander Holstrup <117829001+aholstrup1@users.noreply.github.com>
Date: Mon, 26 Aug 2024 11:28:15 +0200
Subject: [PATCH 1/2] Update build depth calculation (#1176)

Update build depth calculation to use Get-ProjectsToBuild as this is
also how we calculate build depth in the CICD workflow.

Fixes #1175
---
 Actions/CheckForUpdates/CheckForUpdates.ps1 | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/Actions/CheckForUpdates/CheckForUpdates.ps1 b/Actions/CheckForUpdates/CheckForUpdates.ps1
index 35d86526..3a945400 100644
--- a/Actions/CheckForUpdates/CheckForUpdates.ps1
+++ b/Actions/CheckForUpdates/CheckForUpdates.ps1
@@ -120,10 +120,9 @@ $removeFiles = @()
 # Every build job might spin up multiple jobs in parallel to build the projects without unresolved deependencies
 $depth = 1
 if ($repoSettings.useProjectDependencies -and $projects.Count -gt 1) {
-    $buildAlso = @{}
-    $projectDependencies = @{}
-    $projectsOrder = AnalyzeProjectDependencies -baseFolder $baseFolder -projects $projects -buildAlso ([ref]$buildAlso) -projectDependencies ([ref]$projectDependencies)
-    $depth = $projectsOrder.Count
+    Import-Module (Join-Path -Path $PSScriptRoot -ChildPath "..\DetermineProjectsToBuild\DetermineProjectsToBuild.psm1" -Resolve) -DisableNameChecking
+    $allProjects, $projectsToBuild, $projectDependencies, $buildOrder = Get-ProjectsToBuild -baseFolder $baseFolder -buildAllProjects $true -maxBuildDepth 100
+    $depth = $buildOrder.Count
     Write-Host "Calculated dependency depth to be $depth"
 }
 

From 0f201abda816daa52bd8d75e5f4ca57f2c5fe79b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 26 Aug 2024 14:01:28 +0200
Subject: [PATCH 2/2] Bump github/codeql-action from 3.26.2 to 3.26.5 in
 /.github/workflows (#1179)

Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.26.2 to 3.26.5.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.26.5 - 23 Aug 2024</h2>
<ul>
<li>Fix an issue where the <code>csrutil</code> system call used for
telemetry would fail on MacOS ARM machines with System Integrity
Protection disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2441">#2441</a></li>
</ul>
<h2>3.26.4 - 21 Aug 2024</h2>
<ul>
<li><em>Deprecation:</em> The <code>add-snippets</code> input on the
<code>analyze</code> Action is deprecated and will be removed in the
first release in August 2025. <a
href="https://redirect.github.com/github/codeql-action/pull/2436">#2436</a></li>
<li>Fix an issue where the disk usage system call used for telemetry
would fail on MacOS ARM machines with System Integrity Protection
disabled, and then surface a warning. The system call is now disabled
for these machines. <a
href="https://redirect.github.com/github/codeql-action/pull/2434">#2434</a></li>
</ul>
<h2>3.26.3 - 19 Aug 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action could not write diagnostic
messages on Windows. This issue did not impact analysis quality. <a
href="https://redirect.github.com/github/codeql-action/pull/2430">#2430</a></li>
</ul>
<h2>3.26.2 - 14 Aug 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.18.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2417">#2417</a></li>
</ul>
<h2>3.26.1 - 13 Aug 2024</h2>
<p>No user facing changes.</p>
<h2>3.26.0 - 06 Aug 2024</h2>
<ul>
<li><em>Deprecation:</em> Swift analysis on Ubuntu runner images is no
longer supported. Please migrate to a macOS runner if this affects you.
<a
href="https://redirect.github.com/github/codeql-action/pull/2403">#2403</a></li>
<li>Bump the minimum CodeQL bundle version to 2.13.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2408">#2408</a></li>
</ul>
<h2>3.25.15 - 26 Jul 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.18.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2385">#2385</a></li>
</ul>
<h2>3.25.14 - 25 Jul 2024</h2>
<ul>
<li>Experimental: add a new <code>start-proxy</code> action which starts
the same HTTP proxy as used by <a
href="https://github.com/github/dependabot-action"><code>github/dependabot-action</code></a>.
Do not use this in production as it is part of an internal experiment
and subject to change at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2376">#2376</a></li>
</ul>
<h2>3.25.13 - 19 Jul 2024</h2>
<ul>
<li>Add <code>codeql-version</code> to outputs. <a
href="https://redirect.github.com/github/codeql-action/pull/2368">#2368</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.13.4
and earlier. These versions of CodeQL were discontinued on 9 July 2024
alongside GitHub Enterprise Server 3.9, and will be unsupported by
CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later.
<a
href="https://redirect.github.com/github/codeql-action/pull/2375">#2375</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI
version 2.13.5 or later. For instance, if you have specified a custom
version of the CLI using the 'tools' input to the 'init' Action, you can
remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL
CLI between 2.12.6 and 2.13.4, you can replace
<code>github/codeql-action/*@v3</code> by
<code>github/codeql-action/*@v3.25.13</code> and
<code>github/codeql-action/*@v2</code> by
<code>github/codeql-action/*@v2.25.13</code> in your code scanning
workflow to ensure you continue using this version of the CodeQL
Action.</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/2c779ab0d087cd7fe7b826087247c2c81f27bfa6"><code>2c779ab</code></a>
Merge main into releases/v3 (<a
href="https://redirect.github.com/github/codeql-action/issues/2444">#2444</a>)</li>
<li><a
href="https://github.com/github/codeql-action/commit/68cd1f9de38ff4e35783f9048745ce4b37ec0c39"><code>68cd1f9</code></a>
Update changelog for v3.26.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/7e27807413d1c22e8a745f73376d16e782d861da"><code>7e27807</code></a>
Only run check SIP enablement once in <code>init</code> step (<a
href="https://redirect.github.com/github/codeql-action/issues/2441">#2441</a>)</li>
<li><a
href="https://github.com/github/codeql-action/commit/fd5fa130e2c632f29b237077157766ea2ef07a13"><code>fd5fa13</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2438">#2438</a>
from github/mergeback/v3.26.4-to-main-f0f3afee</li>
<li><a
href="https://github.com/github/codeql-action/commit/6f10eb0e3661ecb831d8e08b7bcd16e6906defe7"><code>6f10eb0</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/b15a247a6c32d431df076de50ee09b67dbef9644"><code>b15a247</code></a>
Update changelog and version after v3.26.4</li>
<li><a
href="https://github.com/github/codeql-action/commit/f0f3afee809481da311ca3a6ff1ff51d81dbeb24"><code>f0f3afe</code></a>
Merge main into releases/v3 (<a
href="https://redirect.github.com/github/codeql-action/issues/2437">#2437</a>)</li>
<li><a
href="https://github.com/github/codeql-action/commit/e3543591a523b40efe5604333b75986a211c9d50"><code>e354359</code></a>
Update changelog for v3.26.4</li>
<li><a
href="https://github.com/github/codeql-action/commit/ae01f807ca7dae87a61d9c5e36c06676ade69b1b"><code>ae01f80</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2436">#2436</a>
from rvermeulen/rvermeulen/deprecate-add-snippets</li>
<li><a
href="https://github.com/github/codeql-action/commit/72bc3f7f619fdbada5d8d589b47c52c32f9ad097"><code>72bc3f7</code></a>
Address incorrect changelog location</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/429e1977040da7a23b6822b13c129cd1ba93dbb2...2c779ab0d087cd7fe7b826087247c2c81f27bfa6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.26.2&new-version=3.26.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/powershell.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/powershell.yaml b/.github/workflows/powershell.yaml
index 04885b05..78662d2b 100644
--- a/.github/workflows/powershell.yaml
+++ b/.github/workflows/powershell.yaml
@@ -31,6 +31,6 @@ jobs:
 
       # Upload the SARIF file generated in the previous step
       - name: Upload SARIF results file
-        uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2
+        uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5
         with:
           sarif_file: results.sarif