chore(deps): bump the gh-actions-packages group across 4 directories with 3 updates

[dependabot]

Bumps the gh-actions-packages group with 2 updates in the / directory: github/codeql-action and DataDog/junit-upload-github-action.
Bumps the gh-actions-packages group with 1 update in the /.github/actions/coverage directory: DataDog/coverage-upload-github-action.
Bumps the gh-actions-packages group with 1 update in the /.github/actions/push_to_test_optimization directory: DataDog/junit-upload-github-action.
Bumps the gh-actions-packages group with 2 updates in the /.github/workflows directory: github/codeql-action and DataDog/junit-upload-github-action.

Updates github/codeql-action from 4.32.6 to 4.35.1

Release notes

Sourced from github/codeql-action's releases.

v4.35.1

• Fix incorrect minimum required Git version for improved incremental analysis: it should have been 2.36.0, not 2.11.0. #3781

v4.35.0

• Reduced the minimum Git version required for improved incremental analysis from 2.38.0 to 2.11.0. #3767
• Update default CodeQL bundle version to 2.25.1. #3773

v4.34.1

• Downgrade default CodeQL bundle version to 2.24.3 due to issues with a small percentage of Actions and JavaScript analyses. #3762

v4.34.0

• Added an experimental change which disables TRAP caching when improved incremental analysis is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. #3569
• We are rolling out improved incremental analysis to C/C++ analyses that use build mode none. We expect this rollout to be complete by the end of April 2026. #3584
• Update default CodeQL bundle version to 2.25.0. #3585

v4.33.0

• Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. #3562

  To opt out of this change:

  • Repositories owned by an organization: Create a custom repository property with the name github-codeql-file-coverage-on-prs and the type "True/false", then set this property to true in the repository's settings. For more information, see Managing custom properties for repositories in your organization. Alternatively, if you are using an advanced setup workflow, you can set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.
  • User-owned repositories using default setup: Switch to an advanced setup workflow and set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.
  • User-owned repositories using advanced setup: Set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.

• Fixed a bug which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. #3557

• The CodeQL Action now loads custom repository properties on GitHub Enterprise Server, enabling the customization of features such as github-codeql-disable-overlay that was previously only available on GitHub.com. #3559

• Once private package registries can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. #3563

• Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". #3564

• A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. #3570

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

• The undocumented TRAP cache cleanup feature that could be enabled using the CODEQL_ACTION_CLEANUP_TRAP_CACHES environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the trap-caching: false input to the init Action. #3795
• The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. #3789
• Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. #3794

4.35.1 - 27 Mar 2026

• Fix incorrect minimum required Git version for improved incremental analysis: it should have been 2.36.0, not 2.11.0. #3781

4.35.0 - 27 Mar 2026

• Reduced the minimum Git version required for improved incremental analysis from 2.38.0 to 2.11.0. #3767
• Update default CodeQL bundle version to 2.25.1. #3773

4.34.1 - 20 Mar 2026

• Downgrade default CodeQL bundle version to 2.24.3 due to issues with a small percentage of Actions and JavaScript analyses. #3762

4.34.0 - 20 Mar 2026

• Added an experimental change which disables TRAP caching when improved incremental analysis is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. #3569
• We are rolling out improved incremental analysis to C/C++ analyses that use build mode none. We expect this rollout to be complete by the end of April 2026. #3584
• Update default CodeQL bundle version to 2.25.0. #3585

4.33.0 - 16 Mar 2026

• Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. #3562

  To opt out of this change:

  • Repositories owned by an organization: Create a custom repository property with the name github-codeql-file-coverage-on-prs and the type "True/false", then set this property to true in the repository's settings. For more information, see Managing custom properties for repositories in your organization. Alternatively, if you are using an advanced setup workflow, you can set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.
  • User-owned repositories using default setup: Switch to an advanced setup workflow and set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.
  • User-owned repositories using advanced setup: Set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.

• Fixed a bug which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. #3557

• The CodeQL Action now loads custom repository properties on GitHub Enterprise Server, enabling the customization of features such as github-codeql-disable-overlay that was previously only available on GitHub.com. #3559

• Once private package registries can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. #3563

• Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". #3564

• A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. #3570

4.32.6 - 05 Mar 2026

• Update default CodeQL bundle version to 2.24.3. #3548

4.32.5 - 02 Mar 2026

• Repositories owned by an organization can now set up the github-codeql-disable-overlay custom repository property to disable improved incremental analysis for CodeQL. First, create a custom repository property with the name github-codeql-disable-overlay and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to true to disable improved incremental analysis. For more information, see Managing custom properties for repositories in your organization. This feature is not yet available on GitHub Enterprise Server. #3507

... (truncated)

Commits

• c10b806 Merge pull request #3782 from github/update-v4.35.1-d6d1743b8
• c5ffd06 Update changelog for v4.35.1
• d6d1743 Merge pull request #3781 from github/henrymercer/update-git-minimum-version
• 65d2efa Add changelog note
• 2437b20 Update minimum git version for overlay to 2.36.0
• ea5f719 Merge pull request #3775 from github/dependabot/npm_and_yarn/node-forge-1.4.0
• 45ceeea Merge pull request #3777 from github/mergeback/v4.35.0-to-main-b8bb9f28
• 24448c9 Rebuild
• 7c51060 Update changelog and version after v4.35.0
• b8bb9f2 Merge pull request #3776 from github/update-v4.35.0-0078ad667
• Additional commits viewable in compare view

Updates DataDog/junit-upload-github-action from 2.2.0 to 3.0.0

Release notes

Sourced from DataDog/junit-upload-github-action's releases.

v3.0.0

What's Changed

• chore: disable automated dependency updater config [incident-51602] by @​moezein0 in DataDog/junit-upload-github-action#45
• ci: use github action that installs datadog-ci binary by @​calvinbayer in DataDog/junit-upload-github-action#52

⚠️ Breaking Changes

1. Platform Requirements

IMPORTANT: This action now uses pre-built binaries. Supported platforms:

• ✅ linux-x64
• ✅ linux-arm64
• ✅ darwin-x64 (macOS Intel)
• ✅ darwin-arm64 (macOS Apple Silicon)
• ✅ win-x64 (Windows)

❌ Unsupported platforms (that worked in v2.x with npm):

• linux-arm (32-bit ARM)
• Other architectures where Node.js runs but datadog-ci binaries aren't built

If your workflows run on unsupported platforms, they will fail. Stick with v2.x, install datadog-ci directly, or request binary support from datadog-ci releases.

2. Removed node-version Input

The node-version parameter has been removed since Node.js is no longer required. If you're passing this parameter, you can safely remove it.

Before:

- uses: DataDog/junit-upload-github-action@v2
  with:
    node-version: "20"

After:

- uses: DataDog/junit-upload-github-action@v3
  # node-version removed

3. Default Version Changed

The default datadog-ci-version changed from "latest" to "v5".

Migration:

• If you want absolute latest: explicitly set datadog-ci-version: "latest" (deprecated, will show warning)
• Recommended: use datadog-ci-version: "v5" (latest v5.x) or pin to specific version like "v5.11.0"

🔄 Backwards Compatibility

To ease migration, legacy npm semver syntax still works but shows deprecation warnings:

• "latest" → "v5" ⚠️
• "^5.0.0" → "v5" ⚠️
• "~5.10.0" → "v5" ⚠️

... (truncated)

Commits

• 24449d0 ci: use github action that installs datadog-ci binary (#52)
• b8b8fb2 chore: disable automated dependency updater config [incident-51602] (#45)
• See full diff in compare view

Updates DataDog/junit-upload-github-action from 2.2.0 to 3.0.0

Release notes

Sourced from DataDog/junit-upload-github-action's releases.

v3.0.0

What's Changed

• chore: disable automated dependency updater config [incident-51602] by @​moezein0 in DataDog/junit-upload-github-action#45
• ci: use github action that installs datadog-ci binary by @​calvinbayer in DataDog/junit-upload-github-action#52

⚠️ Breaking Changes

1. Platform Requirements

IMPORTANT: This action now uses pre-built binaries. Supported platforms:

• ✅ linux-x64
• ✅ linux-arm64
• ✅ darwin-x64 (macOS Intel)
• ✅ darwin-arm64 (macOS Apple Silicon)
• ✅ win-x64 (Windows)

❌ Unsupported platforms (that worked in v2.x with npm):

• linux-arm (32-bit ARM)
• Other architectures where Node.js runs but datadog-ci binaries aren't built

If your workflows run on unsupported platforms, they will fail. Stick with v2.x, install datadog-ci directly, or request binary support from datadog-ci releases.

2. Removed node-version Input

The node-version parameter has been removed since Node.js is no longer required. If you're passing this parameter, you can safely remove it.

Before:

- uses: DataDog/junit-upload-github-action@v2
  with:
    node-version: "20"

After:

- uses: DataDog/junit-upload-github-action@v3
  # node-version removed

3. Default Version Changed

The default datadog-ci-version changed from "latest" to "v5".

Migration:

• If you want absolute latest: explicitly set datadog-ci-version: "latest" (deprecated, will show warning)
• Recommended: use datadog-ci-version: "v5" (latest v5.x) or pin to specific version like "v5.11.0"

🔄 Backwards Compatibility

To ease migration, legacy npm semver syntax still works but shows deprecation warnings:

• "latest" → "v5" ⚠️
• "^5.0.0" → "v5" ⚠️
• "~5.10.0" → "v5" ⚠️

... (truncated)

Commits

• 24449d0 ci: use github action that installs datadog-ci binary (#52)
• b8b8fb2 chore: disable automated dependency updater config [incident-51602] (#45)
• See full diff in compare view

Updates github/codeql-action from 4.32.6 to 4.35.1

Release notes

Sourced from github/codeql-action's releases.

v4.35.1

• Fix incorrect minimum required Git version for improved incremental analysis: it should have been 2.36.0, not 2.11.0. #3781

v4.35.0

• Reduced the minimum Git version required for improved incremental analysis from 2.38.0 to 2.11.0. #3767
• Update default CodeQL bundle version to 2.25.1. #3773

v4.34.1

• Downgrade default CodeQL bundle version to 2.24.3 due to issues with a small percentage of Actions and JavaScript analyses. #3762

v4.34.0

• Added an experimental change which disables TRAP caching when improved incremental analysis is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. #3569
• We are rolling out improved incremental analysis to C/C++ analyses that use build mode none. We expect this rollout to be complete by the end of April 2026. #3584
• Update default CodeQL bundle version to 2.25.0. #3585

v4.33.0

• Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. #3562

  To opt out of this change:

  • Repositories owned by an organization: Create a custom repository property with the name github-codeql-file-coverage-on-prs and the type "True/false", then set this property to true in the repository's settings. For more information, see Managing custom properties for repositories in your organization. Alternatively, if you are using an advanced setup workflow, you can set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.
  • User-owned repositories using default setup: Switch to an advanced setup workflow and set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.
  • User-owned repositories using advanced setup: Set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.

• Fixed a bug which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. #3557

• The CodeQL Action now loads custom repository properties on GitHub Enterprise Server, enabling the customization of features such as github-codeql-disable-overlay that was previously only available on GitHub.com. #3559

• Once private package registries can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. #3563

• Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". #3564

• A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. #3570

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

• The undocumented TRAP cache cleanup feature that could be enabled using the CODEQL_ACTION_CLEANUP_TRAP_CACHES environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the trap-caching: false input to the init Action. #3795
• The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. #3789
• Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. #3794

4.35.1 - 27 Mar 2026

• Fix incorrect minimum required Git version for improved incremental analysis: it should have been 2.36.0, not 2.11.0. #3781

4.35.0 - 27 Mar 2026

• Reduced the minimum Git version required for improved incremental analysis from 2.38.0 to 2.11.0. #3767
• Update default CodeQL bundle version to 2.25.1. #3773

4.34.1 - 20 Mar 2026

• Downgrade default CodeQL bundle version to 2.24.3 due to issues with a small percentage of Actions and JavaScript analyses. #3762

4.34.0 - 20 Mar 2026

• Added an experimental change which disables TRAP caching when improved incremental analysis is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. #3569
• We are rolling out improved incremental analysis to C/C++ analyses that use build mode none. We expect this rollout to be complete by the end of April 2026. #3584
• Update default CodeQL bundle version to 2.25.0. #3585

4.33.0 - 16 Mar 2026

• Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. #3562

  To opt out of this change:

  • Repositories owned by an organization: Create a custom repository property with the name github-codeql-file-coverage-on-prs and the type "True/false", then set this property to true in the repository's settings. For more information, see Managing custom properties for repositories in your organization. Alternatively, if you are using an advanced setup workflow, you can set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.
  • User-owned repositories using default setup: Switch to an advanced setup workflow and set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.
  • User-owned repositories using advanced setup: Set the CODEQL_ACTION_FILE_COVERAGE_ON_PRS environment variable to true in your workflow.

• Fixed a bug which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. #3557

• The CodeQL Action now loads custom repository properties on GitHub Enterprise Server, enabling the customization of features such as github-codeql-disable-overlay that was previously only available on GitHub.com. #3559

• Once private package registries can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. #3563

• Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". #3564

• A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. #3570

4.32.6 - 05 Mar 2026

• Update default CodeQL bundle version to 2.24.3. #3548

4.32.5 - 02 Mar 2026

• Repositories owned by an organization can now set up the github-codeql-disable-overlay custom repository property to disable improved incremental analysis for CodeQL. First, create a custom repository property with the name github-codeql-disable-overlay and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to true to disable improved incremental analysis. For more information, see Managing custom properties for repositories in your organization. This feature is not yet available on GitHub Enterprise Server. #3507

... (truncated)

Commits

• c10b806 Merge pull request #3782 from github/update-v4.35.1-d6d1743b8
• c5ffd06 Update changelog for v4.35.1
• d6d1743 Merge pull request #3781 from github/henrymercer/update-git-minimum-version
• 65d2efa Add changelog note
• 2437b20 Update minimum git version for overlay to 2.36.0
• ea5f719 Merge pull request #3775 from github/dependabot/npm_and_yarn/node-forge-1.4.0
• 45ceeea Merge pull request #3777 from github/mergeback/v4.35.0-to-main-b8bb9f28
• 24448c9 Rebuild
• 7c51060 Update changelog and version after v4.35.0
• b8bb9f2 Merge pull request #3776 from github/update-v4.35.0-0078ad667
• Additional commits viewable in compare view

Updates DataDog/junit-upload-github-action from 2.2.0 to 3.0.0

Release notes

Sourced from DataDog/junit-upload-github-action's releases.

v3.0.0

What's Changed

• chore: disable automated dependency updater config [incident-51602] by @​moezein0 in DataDog/junit-upload-github-action#45
• ci: use github action that installs datadog-ci binary by @​calvinbayer in DataDog/junit-upload-github-action#52

⚠️ Breaking Changes

1. Platform Requirements

IMPORTANT: This action now uses pre-built binaries. Supported platforms:

• ✅ linux-x64
• ✅ linux-arm64
• ✅ darwin-x64 (macOS Intel)
• ✅ darwin-arm64 (macOS Apple Silicon)
• ✅ win-x64 (Windows)

❌ Unsupported platforms (that worked in v2.x with npm):

• linux-arm (32-bit ARM)
• Other architectures where Node.js runs but datadog-ci binaries aren't built

If your workflows run on unsupported platforms, they will fail. Stick with v2.x, install datadog-ci directly, or request binary support from datadog-ci releases.

2. Removed node-version Input

The node-version parameter has been removed since Node.js is no longer required. If you're passing this parameter, you can safely remove it.

Before:

- uses: DataDog/junit-upload-github-action@v2
  with:
    node-version: "20"

After:

- uses: DataDog/junit-upload-github-action@v3
  # node-version removed

3. Default Version Changed

The default datadog-ci-version changed from "latest" to "v5".

Migration:

• If you want absolute latest: explicitly set datadog-ci-version: "latest" (deprecated, will show warning)
• Recommended: use datadog-ci-version: "v5" (latest v5.x) or pin to specific version like "v5.11.0"

🔄 Backwards Compatibility

To ease migration, legacy npm semver syntax still works but shows deprecation warnings:

• "latest" → "v5" ⚠️
• "^5.0.0" → "v5" ⚠️
• "~5.10.0" → "v5" ⚠️

... (truncated)

Commits

• 24449d0 ci: use github action that installs datadog-ci binary (#52)
• b8b8fb2 chore: disable automated dependency updater config [incident-51602] (#45)
• See full diff in compare view

Updates DataDog/coverage-upload-github-action from 1.0.1 to 1.0.2

Release notes

Sourced from DataDog/coverage-upload-github-action's releases.

v1.0.2

What's Changed

• chore: disable automated dependency updaters [incident-51602] by @​moezein0 in DataDog/coverage-upload-github-action#14
• Update install-datadog-ci-github-action to v1.0.2 by @​CarlosNietoP in DataDog/coverage-upload-github-action#18

New Contributors

• @​moezein0 made their first contribution in DataDog/coverage-upload-github-action#14

Full Changelog: DataDog/coverage-upload-github-action@v1...v1.0.2

Commits

• f80c0e6 Merge pull request #18 from DataDog/carlos.nietopetinal/update-install-datado...
• 3f85a7c Update install-datadog-ci-github-action to v1.0.2
• bb2636f Merge pull request #14 from DataDog/chore/disable-dependency-updaters-inciden...
• d249adc Update dependabot.yaml.disabled
• e577f11 Update dependabot.yaml.disabled
• edaacae Update and rename dependabot.yaml to dependabot.yaml.disabled
• 10f5712 Update dependabot.yaml
• 92eae8e Update dependabot.yaml
• d8fd924 chore: disable automated dependency updater config [incident-51602]
• 3546dc7 chore: disable automated dependency updater config [incident-51602]
• Additional commits viewable in compare view

Updates DataDog/junit-upload-github-action from 2.2.0 to 3.0.0

Release notes

Sourced from DataDog/junit-upload-github-action's releases.

v3.0.0

What's Changed

• chore: disable automated dependency updater config [incident-51602] by @​moezein0 in DataDog/junit-upload-github-action#45
• ci: use github action that installs datadog-ci binary by @​calvinbayer in DataDog/junit-upload-github-action#52

⚠️ Breaking Changes

1. Platform Requirements

IMPORTANT: This action now uses pre-built binaries. Supported platforms:

• ✅ linux-x64
• ✅ linux-arm64
• ✅ darwin-x64 (macOS Intel)
• ✅ darwin-arm64 (macOS Apple Silicon)
• ✅ win-x64 (Windows)

❌ Unsupported platforms (that worked in v2.x with npm):

• linux-arm (32-bit ARM)
• Other architectures where Node.js runs but datadog-ci binaries aren't built

If your workflows run on unsupported platforms, they will fail. Stick with v2.x, install datadog-ci directly, or request binary support from datadog-ci releases.

2. Removed node-version Input

The node-version parameter has been removed since Node.js is no longer required. If you're passing this parameter, you can safely remove it.

Before:

- uses: DataDog/junit-upload-github-action@v2
  with:
    node-version: "20"

After:

- uses: DataDog/junit-upload-github-action@v3
  # node-version removed

3. Default Version Changed

The default datadog-ci-version changed from "latest" to "v5".

Migration:

• If you want absolute latest: explicitly set datadog-ci-version: "latest" (deprecated, will show warning)
• Recommended: use datadog-ci-version: "v5" (latest v5.x) or pin to specific version like "v5.11.0"

🔄 Backwards Compatibility

To ease migration, legacy npm semver syntax still works but shows deprecation warnings:

• "latest" → "v5" ⚠️
• "^5.0.0" → "v5" ⚠️
• "~5.10.0" → "v5" ⚠️

... (truncated)

Commits

• 24449d0 ci: use github action that installs datadog-ci binary (#52)
• b8b8fb2 chore: disable automated dependency updater config [incident-51602] (#45)
• See full diff in compare view

Updates DataDog/junit-upload-github-action from 2.2.0 to 3.0.0

Release notes

Sourced from DataDog/junit-upload-github-action's releases.

v3.0.0

What's Changed

• chore: disable automated dependency updater config [incident-51602] by @​moezein0 in DataDog/junit-upload-github-action#45
• ci: use github action that installs datadog-ci binary by @​calvinbayer in DataDog/junit-upload-github-action#52

⚠️ Breaking Changes

1. Platform Requirements

IMPORTANT: This action now uses pre-built binaries. Supported platforms:

• ✅ linux-x64
• ✅ linux-arm64
• ✅ darwin-x64 (macOS Intel)
• ✅ darwin-arm64 (macOS Apple Silicon)
• ✅ win-x64 (Windows)

❌ Unsupported platforms (that worked in v2.x with npm):

• linux-arm (32-bit ARM)
• Other architectures where Node.js runs but datadog-ci binaries aren't built

If your workflows run on unsupported platforms, they will fail. Stick with v2.x, install datadog-ci directly, or request binary support from datadog-ci releases.

2. Removed node-version Input

The node-version parameter has been removed since Node.js is no longer required. If you're passing this parameter, you can safely remove it.

Before:

- uses: DataDog/junit-upload-github-action@v2
  with:
    node-version: "20"

After:

- uses: DataDog/junit-upload-github-action@v3
  # node-version removed

3. Default Version Changed

The default datadog-ci-version changed from "latest" to "v5".

Migration:

• If you want absolute latest: explicitly set datadog-ci-version: "latest" (deprecated, will show warning)
• Recommended: use datadog-ci-version: "v5" (latest v5.x) or pin to specific version like "v5.11.0"

🔄 Backwards Compatibility

To ease migration, legacy npm semver syntax still works but shows deprecation warnings:

• "latest" → "v5" ⚠️
• "^5.0.0" → "v5" ⚠️
• "~5.10.0" → "v5" ⚠️

... (truncated)

Commits

• 24449d0 ci: use github action that installs datadog-ci binary (#52)
• b8b8fb2 chore: disable automated dependency updater config [incident-51602] (#45)
• See full diff in compare view

Updates DataDog/junit-upload-github-action from 2.2.0 to 3.0.0

Release notes

Sourced from DataDog/junit-upload-github-action's releases.

v3.0.0

What's Changed

• chore: disable automated dependency updater config [incident-51602] by @​moezein0 in DataDog/junit-upload-github-action#45
• ci: use github action that installs datadog-ci binary by @​calvinbayer in DataDog/junit-upload-github-action#52

⚠️ Breaking Changes

1. Platform Requirements

IMPORTANT: This action now uses pre-built binaries. Supported platforms:

• ✅ linux-x64
• ✅ linux-arm64
• ✅ darwin-x64 (macOS Intel)
• ✅ darwin-arm64 (macOS Apple Silicon)
• ✅ win-x64 (Windows)

❌ Unsupported platforms (that worked in v2.x with npm):

• linux-arm (32-bit ARM)
• Other architectures where Node.js runs but datadog-ci binaries aren't built

If your workflows run on unsupported platforms, they will fail. Stick with v2.x, install datadog-ci directly, or request binary support from datadog-ci releases.

2. Removed node-version Input

The node-version parameter has been removed since Node.js is no longer required. If you're passing this parameter, you can safely remove it.

Before:

- uses: DataDog/junit-upload-github-action@v2
  with:
    node-version: "20"

After:

- uses: DataDog/junit-upload-github-action@v3
  # node-version removed

3. Default Version Changed

The default datadog-ci-version changed from "latest" to "v5".

Migration:

• If you want absolute latest: explicitly set datadog-ci-version: "latest" (deprecated, will show warning)
• Recommended: use datadog-ci-version: "v5" (latest v5.x) or pin to specific version like "v5.11.0"

🔄 Backwards Compatibility

To ease migration, legacy npm semver syntax still works but shows deprecation warnings:

• "latest" → "v5" ⚠️
• "^5.0.0" → "v5" ⚠️
• "~5.10.0" → "v5" ⚠️

... (truncated)

Commits

• 24449d0 ci: use github action that installs datadog-ci binary (#52)
• b8b8fb2 chore: disable automated dependency updater config [incident-51602] (#45)
• See full diff in compare view

Updates github/codeql-action from 4.32.6 to 4.35.1

Release notes

Sourced from github/codeql-action's releases.

v4.35.1

• Fix incorrect minimum required Git version for improved incremental analysis: it should have been 2.36.0, not 2.11.0. #3781

v4.35.0

• Reduced the minimum Git version required for improved incremental analysis from 2.38.0 to 2.11.0. #3767
• Update default CodeQL bundle version to 2.25.1. #3773

v4.34.1

• Downgrade default CodeQL bundle version to 2.24.3 due to issues with a small percentage of Actions and JavaScript analyses. #3762

v4.34.0

• Added an experimental change which disables TRAP caching when improved incremental analysis is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. #3569
• We are rolling out improved incremental analysis to C/C++ analyses that use build mode none. We expect this rollout to be complete by the end of April 2026. #3584
• Update default CodeQL bundle version to 2.25.0. #3585

v4.33.0

• Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. #3562

  To opt out of this change:

  • Repositories owned by an organization: Create a custom repository property with the name github-codeql-file-coverage-on-prs and the type "True/false", then set this property to true in the repository's settings. For more information, see Managing custom properties for repositories in your organization. Alternatively, i...

    Description has been truncated

[github-actions]

Overall package size

Self size: 5.47 MB
Deduped: 6.32 MB
No deduping: 6.32 MB

Dependency sizes

| name | version | self size | total size | |------|---------|-----------|------------| | import-in-the-middle | 3.0.1 | 82.56 kB | 817.39 kB | | dc-polyfill | 0.1.10 | 26.73 kB | 26.73 kB |

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

[datadog-prod-us1-6]

✅ Tests

🎉 All green!

❄️ No new flaky tests detected
🧪 All tests passed

🎯 Code Coverage (details)
• Patch Coverage: 100.00%
• Overall Coverage: 68.69% (-0.01%)

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: ff969e7 | Docs | Datadog PR Page | Was this helpful? React with 👍/👎 or give us feedback!}

[pr-commenter]

Benchmarks

Benchmark execution time: 2026-04-08 01:17:44

Comparing candidate commit ff969e7 in PR branch dependabot/github_actions/gh-actions-packages-c84c189c46 with baseline commit 9a3cd3b in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 228 metrics, 32 unstable metrics.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 74.25%. Comparing base (9a3cd3b) to head (ff969e7).

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #7939   +/-   ##
=======================================
  Coverage   74.25%   74.25%           
=======================================
  Files         769      769           
  Lines       36068    36068           
=======================================
  Hits        26782    26782           
  Misses       9286     9286           

Flag	Coverage Δ
aiguard-macos	39.44% <ø> (-0.10%)	⬇️
aiguard-ubuntu	39.56% <ø> (-0.10%)	⬇️
aiguard-windows	39.23% <ø> (-0.10%)	⬇️
apm-capabilities-tracing-macos	49.56% <ø> (ø)
apm-capabilities-tracing-ubuntu	49.47% <ø> (ø)
apm-capabilities-tracing-windows	49.01% <ø> (-0.33%)	⬇️
apm-integrations-child-process	38.77% <ø> (-0.10%)	⬇️
apm-integrations-couchbase-18	37.52% <ø> (-0.10%)	⬇️
apm-integrations-couchbase-eol	38.04% <ø> (-0.07%)	⬇️
apm-integrations-oracledb	37.87% <ø> (-0.10%)	⬇️
appsec-express	55.38% <ø> (-0.09%)	⬇️
appsec-fastify	51.71% <ø> (-0.07%)	⬇️
appsec-graphql	51.87% <ø> (-0.08%)	⬇️
appsec-kafka	44.49% <ø> (-0.08%)	⬇️
appsec-ldapjs	44.11% <ø> (-0.08%)	⬇️
appsec-lodash	43.71% <ø> (-0.08%)	⬇️
appsec-macos	58.09% <ø> (-0.07%)	⬇️
appsec-mongodb-core	48.89% <ø> (-0.08%)	⬇️
appsec-mongoose	49.55% <ø> (-0.08%)	⬇️
appsec-mysql	51.08% <ø> (-0.07%)	⬇️
appsec-node-serialize	43.29% <ø> (-0.08%)	⬇️
appsec-passport	47.76% <ø> (-0.09%)	⬇️
appsec-postgres	50.70% <ø> (-0.07%)	⬇️
appsec-sourcing	42.54% <ø> (-0.08%)	⬇️
appsec-stripe	44.73% <ø> (-0.09%)	⬇️
appsec-template	43.45% <ø> (-0.08%)	⬇️
appsec-ubuntu	58.18% <ø> (-0.07%)	⬇️
appsec-windows	57.89% <ø> (-0.07%)	⬇️
instrumentations-instrumentation-bluebird	32.33% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-body-parser	40.63% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-child_process	38.07% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-cookie-parser	34.36% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-express	34.67% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-express-mongo-sanitize	34.49% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-express-session	40.27% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-fs	32.01% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-generic-pool	29.41% <ø> (ø)
instrumentations-instrumentation-http	39.99% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-knex	32.39% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-mongoose	33.51% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-multer	40.38% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-mysql2	38.40% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-passport	44.16% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-passport-http	43.84% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-passport-local	44.37% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-pg	37.84% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-promise	32.26% <ø> (-0.11%)	⬇️
instrumentations-instrumentation-promise-js	32.26% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-q	32.31% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-url	32.23% <ø> (-0.11%)	⬇️
instrumentations-instrumentation-when	32.28% <ø> (-0.11%)	⬇️
llmobs-ai	41.37% <ø> (-0.10%)	⬇️
llmobs-anthropic	40.84% <ø> (-0.09%)	⬇️
llmobs-bedrock	39.32% <ø> (-0.08%)	⬇️
llmobs-google-genai	40.00% <ø> (+0.04%)	⬆️
llmobs-langchain	39.45% <ø> (+0.03%)	⬆️
llmobs-openai	44.12% <ø> (-0.09%)	⬇️
llmobs-vertex-ai	40.13% <ø> (-0.09%)	⬇️
platform-core	31.47% <ø> (ø)
platform-esbuild	34.42% <ø> (ø)
platform-instrumentations-misc	34.11% <ø> (ø)
platform-shimmer	37.56% <ø> (ø)
platform-unit-guardrails	32.89% <ø> (ø)
platform-webpack	19.86% <ø> (ø)
plugins-azure-durable-functions	25.74% <ø> (ø)
plugins-azure-event-hubs	25.90% <ø> (ø)
plugins-azure-service-bus	25.26% <ø> (ø)
plugins-bullmq	43.60% <ø> (-0.10%)	⬇️
plugins-cassandra	38.02% <ø> (-0.10%)	⬇️
plugins-cookie	26.96% <ø> (ø)
plugins-cookie-parser	26.75% <ø> (ø)
plugins-crypto	26.73% <ø> (ø)
plugins-dd-trace-api	38.43% <ø> (-0.10%)	⬇️
plugins-express-mongo-sanitize	26.89% <ø> (ø)
plugins-express-session	26.70% <ø> (ø)
plugins-fastify	42.36% <ø> (-0.09%)	⬇️
plugins-fetch	38.54% <ø> (-0.07%)	⬇️
plugins-fs	38.75% <ø> (-0.10%)	⬇️
plugins-generic-pool	25.94% <ø> (ø)
plugins-google-cloud-pubsub	45.68% <ø> (-0.06%)	⬇️
plugins-grpc	41.01% <ø> (-0.09%)	⬇️
plugins-handlebars	26.94% <ø> (ø)
plugins-hapi	40.41% <ø> (+0.04%)	⬆️
plugins-hono	40.61% <ø> (-0.10%)	⬇️
plugins-ioredis	38.60% <ø> (-0.10%)	⬇️
plugins-knex	26.57% <ø> (ø)
plugins-langgraph	37.99% <ø> (-0.10%)	⬇️
plugins-ldapjs	24.43% <ø> (ø)
plugins-light-my-request	26.30% <ø> (ø)
plugins-limitd-client	32.61% <ø> (-0.10%)	⬇️
plugins-lodash	26.03% <ø> (ø)
plugins-mariadb	39.61% <ø> (-0.10%)	⬇️
plugins-memcached	38.34% <ø> (-0.10%)	⬇️
plugins-microgateway-core	39.34% <ø> (-0.10%)	⬇️
plugins-moleculer	40.63% <ø> (-0.09%)	⬇️
plugins-mongodb	39.27% <ø> (-0.10%)	⬇️
plugins-mongodb-core	39.12% <ø> (-0.10%)	⬇️
plugins-mongoose	39.04% <ø> (+0.02%)	⬆️
plugins-multer	26.70% <ø> (ø)
plugins-mysql	39.45% <ø> (-0.10%)	⬇️
plugins-mysql2	39.41% <ø> (-0.10%)	⬇️
plugins-node-serialize	27.00% <ø> (ø)
plugins-opensearch	37.88% <ø> (+0.04%)	⬆️
plugins-passport-http	26.76% <ø> (ø)
plugins-postgres	35.54% <ø> (-0.11%)	⬇️
plugins-process	26.73% <ø> (ø)
plugins-pug	26.96% <ø> (ø)
plugins-redis	39.03% <ø> (-0.11%)	⬇️
plugins-router	43.22% <ø> (-0.24%)	⬇️
plugins-sequelize	25.55% <ø> (ø)
plugins-test-and-upstream-amqp10	38.62% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-amqplib	44.37% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-apollo	39.24% <ø> (-0.09%)	⬇️
plugins-test-and-upstream-avsc	38.69% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-bunyan	33.94% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-connect	40.93% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-graphql	40.28% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-koa	40.52% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-protobufjs	38.92% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-rhea	44.40% <ø> (-0.07%)	⬇️
plugins-undici	39.36% <ø> (-0.09%)	⬇️
plugins-url	26.73% <ø> (ø)
plugins-valkey	38.31% <ø> (-0.10%)	⬇️
plugins-vm	26.73% <ø> (ø)
plugins-winston	34.26% <ø> (-0.10%)	⬇️
plugins-ws	42.12% <ø> (-0.10%)	⬇️
profiling-macos	40.65% <ø> (-0.10%)	⬇️
profiling-ubuntu	40.78% <ø> (-0.10%)	⬇️
profiling-windows	42.30% <ø> (-0.10%)	⬇️
serverless-azure-functions-client	25.62% <ø> (ø)
serverless-azure-functions-eventhubs	25.62% <ø> (ø)
serverless-azure-functions-servicebus	25.62% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.