From c8a044f61eb5f942396af6dc58123eef34d364c8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 28 Jan 2026 10:03:04 +0000 Subject: [PATCH 1/2] deps(frontend): bump @platejs/suggestion in /Clients Bumps [@platejs/suggestion](https://github.com/udecode/plate/tree/HEAD/packages/suggestion) from 49.0.0 to 52.0.11. - [Release notes](https://github.com/udecode/plate/releases) - [Changelog](https://github.com/udecode/plate/blob/main/packages/suggestion/CHANGELOG.md) - [Commits](https://github.com/udecode/plate/commits/@platejs/suggestion@52.0.11/packages/suggestion) --- updated-dependencies: - dependency-name: "@platejs/suggestion" dependency-version: 52.0.11 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- Clients/package-lock.json | 43 +++++++++++++-------------------------- Clients/package.json | 2 +- 2 files changed, 15 insertions(+), 30 deletions(-) diff --git a/Clients/package-lock.json b/Clients/package-lock.json index 551994cfce..f5e41c98fd 100644 --- a/Clients/package-lock.json +++ b/Clients/package-lock.json @@ -28,7 +28,7 @@ "@platejs/floating": "^50.2.5", "@platejs/link": "^52.0.11", "@platejs/list-classic": "^52.0.11", - "@platejs/suggestion": "^49.0.0", + "@platejs/suggestion": "^52.0.11", "@platejs/table": "^52.0.11", "@radix-ui/react-dialog": "^1.1.15", "@radix-ui/react-visually-hidden": "^1.2.4", @@ -3875,15 +3875,16 @@ "license": "MIT" }, "node_modules/@platejs/diff": { - "version": "49.0.0", - "resolved": "https://registry.npmjs.org/@platejs/diff/-/diff-49.0.0.tgz", - "integrity": "sha512-8I+smjLsZfTY3KuNoM77EsGqMnPXghkDwn5sTV0AaH6LWE/x2kjPcn4krl3fgt/VvE4fl3Fw0NGuRlyc881Z2A==", + "version": "52.0.11", + "resolved": "https://registry.npmjs.org/@platejs/diff/-/diff-52.0.11.tgz", + "integrity": "sha512-2oAlD1UQXOz1/MZSP7wx9SEpK/WQTufL2TZOccIBAzPtVCubtS/CNoId4+hNGT8i4qaIhlXCRaYA+Tp4vdrJjg==", "dependencies": { "diff-match-patch-ts": "^0.6.0", - "lodash": "^4.17.21" + "lodash": "^4.17.21", + "react-compiler-runtime": "^1.0.0" }, "peerDependencies": { - "platejs": ">=49.0.0", + "platejs": ">=52.0.11", "react": ">=18.0.0", "react-dom": ">=18.0.0" } @@ -4007,16 +4008,17 @@ "license": "MIT" }, "node_modules/@platejs/suggestion": { - "version": "49.0.0", - "resolved": "https://registry.npmjs.org/@platejs/suggestion/-/suggestion-49.0.0.tgz", - "integrity": "sha512-7jMJJer6BbElYE6WCi6xGlIdA6zOy+GWXlOqYfIw7pWnf+46qPR8Ta1dx+fw6iXSrwQvBIW3kmxpIpGgQ1jrIA==", + "version": "52.0.11", + "resolved": "https://registry.npmjs.org/@platejs/suggestion/-/suggestion-52.0.11.tgz", + "integrity": "sha512-fxhLP9a4DGHYet73kx/jGhFY1cz3QLdX2zPXGq51fOGrXIhRGkpbLHxoOREUoUDi5Ea0DjQyJRt8SHZulPEpzw==", "license": "MIT", "dependencies": { - "@platejs/diff": "49.0.0", - "lodash": "^4.17.21" + "@platejs/diff": "52.0.11", + "lodash": "^4.17.21", + "react-compiler-runtime": "^1.0.0" }, "peerDependencies": { - "platejs": ">=49.0.0", + "platejs": ">=52.0.11", "react": ">=18.0.0", "react-dom": ">=18.0.0" } @@ -19499,23 +19501,6 @@ "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==", "license": "ISC" }, - "node_modules/yaml": { - "version": "2.8.2", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.2.tgz", - "integrity": "sha512-mplynKqc1C2hTVYxd0PU2xQAc22TI1vShAYGksCCfxbn/dFwnHTNi1bvYsBTkhdUNtGIf5xNOg938rrSSYvS9A==", - "license": "ISC", - "optional": true, - "peer": true, - "bin": { - "yaml": "bin.mjs" - }, - "engines": { - "node": ">= 14.6" - }, - "funding": { - "url": "https://github.com/sponsors/eemeli" - } - }, "node_modules/yargs": { "version": "17.7.2", "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", diff --git a/Clients/package.json b/Clients/package.json index 498b317195..8f69f65238 100644 --- a/Clients/package.json +++ b/Clients/package.json @@ -36,7 +36,7 @@ "@platejs/floating": "^50.2.5", "@platejs/link": "^52.0.11", "@platejs/list-classic": "^52.0.11", - "@platejs/suggestion": "^49.0.0", + "@platejs/suggestion": "^52.0.11", "@platejs/table": "^52.0.11", "@radix-ui/react-dialog": "^1.1.15", "@radix-ui/react-visually-hidden": "^1.2.4", From f29268024d576db343876bb42179819a34625f4f Mon Sep 17 00:00:00 2001 From: Mohammad Khalilzadeh Date: Fri, 30 Jan 2026 11:03:56 +0330 Subject: [PATCH 2/2] Fixing the flow --- .github/workflows/codeql.yml | 42 ++++++++++++++++++++++++++++++++++++ Clients/package-lock.json | 14 +++--------- 2 files changed, 45 insertions(+), 11 deletions(-) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000000..7d03da9f8b --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,42 @@ +name: CodeQL Analysis + +on: + push: + branches: ['master', 'develop'] + pull_request: + branches: ['master', 'develop'] + schedule: + # Run weekly on Mondays at 00:00 UTC + - cron: '0 0 * * 1' + +permissions: + contents: read + security-events: write + actions: read + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + timeout-minutes: 360 + + strategy: + fail-fast: false + matrix: + language: ['javascript', 'typescript'] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v4 + with: + languages: ${{ matrix.language }} + build-mode: none + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v4 + with: + category: '/language:${{ matrix.language }}' + diff --git a/Clients/package-lock.json b/Clients/package-lock.json index d5bfcff644..7cf96420cd 100644 --- a/Clients/package-lock.json +++ b/Clients/package-lock.json @@ -9376,7 +9376,6 @@ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "license": "MIT", - "peer": true, "dependencies": { "path-key": "^3.1.0", "shebang-command": "^2.0.0", @@ -10331,8 +10330,7 @@ "version": "2.2.4", "resolved": "https://registry.npmjs.org/earcut/-/earcut-2.2.4.tgz", "integrity": "sha512-/pjZsA1b4RPHbeWZQn66SWS8nZZWLQQ23oE3Eam7aroEFGEvwKAsJfZ9ytiEMycfzXWpca4FA9QIOehf7PocBQ==", - "license": "ISC", - "peer": true + "license": "ISC" }, "node_modules/electron-to-chromium": { "version": "1.5.279", @@ -12470,8 +12468,7 @@ "version": "2.0.0", "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "license": "ISC", - "peer": true + "license": "ISC" }, "node_modules/istanbul-lib-coverage": { "version": "3.2.2", @@ -14782,7 +14779,6 @@ "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", "license": "MIT", - "peer": true, "engines": { "node": ">=8" } @@ -16497,7 +16493,6 @@ "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", "license": "MIT", - "peer": true, "dependencies": { "shebang-regex": "^3.0.0" }, @@ -16510,7 +16505,6 @@ "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", "license": "MIT", - "peer": true, "engines": { "node": ">=8" } @@ -17248,8 +17242,7 @@ "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz", "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==", "devOptional": true, - "license": "MIT", - "peer": true + "license": "MIT" }, "node_modules/text-segmentation": { "version": "1.0.3", @@ -18594,7 +18587,6 @@ "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", "license": "ISC", - "peer": true, "dependencies": { "isexe": "^2.0.0" },