The GitHub Actions job "CodeQL" on ofbiz-framework.git/trunk has failed. Run started by GitHub user asfgit (triggered by asfgit).
Head commit for run: 7f8e7ca76692e836863681c0973019922ac531e9 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump moment-timezone from 0.5.48 to 0.6.0 in /themes/common-theme/webapp/common-theme/js (#892) Bumps [moment-timezone](https://github.com/moment/moment-timezone) from 0.5.48 to 0.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/moment/moment-timezone/releases";>moment-timezone's releases</a>.</em></p> <blockquote> <h2>Release 0.6.0</h2> <ul> <li>Fixed and updated TypeScript definitions. <a href="https://redirect.github.com/moment/moment-timezone/pull/1132";>#1132</a> <ul> <li>Updated types to more accurately match the code implementation.</li> <li>Added definitions for pre-built files (e.g. <code>moment-timezone-with-data.js</code>).</li> </ul> </li> </ul> <p>This release is a <strong>potential breaking change</strong> for TypeScript projects only. The types are now more accurate, but consumers might hit errors if they were relying on the more relaxed types.</p> <p>No implementation code has changed in this release.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/moment/moment-timezone/blob/develop/changelog.md";>moment-timezone's changelog</a>.</em></p> <blockquote> <h3><code>0.6.0</code> <em>2025-05-25</em></h3> <ul> <li>Fixed and updated TypeScript definitions. <a href="https://redirect.github.com/moment/moment-timezone/pull/1132";>#1132</a> <ul> <li>Updated types to more accurately match the code implementation.</li> <li>Added definitions for pre-built files (e.g. <code>moment-timezone-with-data.js</code>).</li> </ul> </li> </ul> <p>This release is a <strong>potential breaking change</strong> for TypeScript projects only. The types are now more accurate, but consumers might hit errors if they were relying on the more relaxed types.</p> <p>No implementation code has changed in this release.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/moment/moment-timezone/commit/92c6a36c9d2f28658d3f122839022aacca56a9ef";><code>92c6a36</code></a> Build moment-timezone 0.6.0</li> <li><a href="https://github.com/moment/moment-timezone/commit/d2618cf714eabfb62a65f118e249116a004e62a7";><code>d2618cf</code></a> Bump version to 0.6.0</li> <li><a href="https://github.com/moment/moment-timezone/commit/d084bec201f5673e35a44d6fb7d1d3cfb880fc04";><code>d084bec</code></a> changelog: Add missing PR links for data updates</li> <li><a href="https://github.com/moment/moment-timezone/commit/83784edd16696f6f0bb134d0975340be1c2b3570";><code>83784ed</code></a> Merge pull request <a href="https://redirect.github.com/moment/moment-timezone/issues/1132";>#1132</a> from moment/typescript-fixes</li> <li><a href="https://github.com/moment/moment-timezone/commit/f159a579427711ee2f33430c53dd1a0d75a196b2";><code>f159a57</code></a> Remove <code>any</code> type from input params definition</li> <li><a href="https://github.com/moment/moment-timezone/commit/c6d84e97e825bee5ca53c305846cf22d694143e7";><code>c6d84e9</code></a> Add type definitions for built files</li> <li><a href="https://github.com/moment/moment-timezone/commit/c1215d4c59704bc64ba145443354470c92680113";><code>c1215d4</code></a> Update type definitions to match the code implementation</li> <li><a href="https://github.com/moment/moment-timezone/commit/a2ea5b660eb4395e82d621ea87743fd7878240b2";><code>a2ea5b6</code></a> Update typing tests to include missing use cases</li> <li>See full diff in <a href="https://github.com/moment/moment-timezone/compare/0.5.48...0.6.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <supp...@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Report URL: https://github.com/apache/ofbiz-framework/actions/runs/15257596584 With regards, GitHub Actions via GitBox
