Update github/codeql-action action to v3.26.8

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Pending
github/codeql-action	action	patch	v3.26.7 -> v3.26.8	v3.26.9

---

Release Notes

github/codeql-action (github/codeql-action)

v3.26.8

Compare Source

---

Configuration

📅 Schedule: Branch creation - "* 0-4 * * 3" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

[puLL-Merge] - github/[email protected]

Description

This PR updates the CodeQL Action to version 3.26.8, including changes to debug artifact handling, error messaging, and the default CodeQL bundle version. It also removes some deprecated files and refactors certain functionalities.

Changes

Changes

1. .github/workflows/update-release-branch.yml:

   • Added names to the GitHub App token and checkout steps
   • Removed the GITHUB_TOKEN environment variable from the "Update older release branch" step

2. CHANGELOG.md:

   • Added entry for version 3.26.8, updating the default CodeQL bundle version to 2.19.0

3. analyze/action.yml:

   • Updated the description for the token input to be more specific about permissions and usage

4. lib/analyze-action-post-helper.js and lib/analyze-action-post-helper.test.js:

   • These files have been removed

5. lib/analyze-action-post.js:

   • Refactored to use the new uploadCombinedSarifArtifacts function
   • Added a check for INIT_ACTION_HAS_RUN environment variable

6. lib/analyze-action.js:

   • Added export of SARIF_RESULTS_OUTPUT_DIR environment variable
   • Updated error handling to use getErrorMessage

7. lib/analyze.js, lib/autobuild-action.js, lib/codeql.js:

   • Updated error handling to use getErrorMessage

8. lib/debug-artifacts.js:

   • Significantly refactored to include new functions for handling debug artifacts
   • Removed uploadSarifDebugArtifact, uploadLogsDebugArtifact, and uploadDatabaseBundleDebugArtifact
   • Added uploadCombinedSarifArtifacts and tryUploadAllAvailableDebugArtifacts

9. lib/defaults.json:

   • Updated CodeQL bundle and CLI versions to 2.19.0

10. lib/environment.js:

    • Added SARIF_RESULTS_OUTPUT_DIR to the EnvVar enum

11. lib/init-action-post-helper.js, lib/init-action-post.js:

    • Updated to use the new tryUploadAllAvailableDebugArtifacts function

12. lib/logging.js:

    • Added withGroup function for grouping logged output

13. lib/upload-lib.js:

    • Updated SARIF validation to handle more URI-related warnings

14. lib/upload-sarif-action-post-helper.js:

    • This file has been removed

15. lib/upload-sarif-action-post.js:

    • Refactored to use the new uploadCombinedSarifArtifacts function

16. lib/util.js:

    • Updated getErrorMessage function to return only the message for Error objects

17. Various test files have been updated to reflect these changes.

Possible Issues

• The removal of certain files and refactoring of debug artifact handling might cause issues if any external scripts or workflows depend on the old structure.
• The change in error message formatting (removal of "Error: " prefix) might affect error parsing in dependent systems.

Security Hotspots

None identified. The changes appear to be mostly refactoring and improvements to existing functionality.