From 421b4255ec5937b8fdbebc667f59d605f150c19b Mon Sep 17 00:00:00 2001
From: GeekMasher <geekmasher@gmail.com>
Date: Tue, 15 Apr 2025 14:51:01 +0100
Subject: [PATCH 1/2] feat(js): depricate query

---
 javascript/src/security/CWE-829/UnpinnedActionsTag.ql | 2 +-
 javascript/src/suites/javascript.qls                  | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/javascript/src/security/CWE-829/UnpinnedActionsTag.ql b/javascript/src/security/CWE-829/UnpinnedActionsTag.ql
index 20d670ec..fe351bc1 100644
--- a/javascript/src/security/CWE-829/UnpinnedActionsTag.ql
+++ b/javascript/src/security/CWE-829/UnpinnedActionsTag.ql
@@ -8,7 +8,7 @@
  * @id githubsecuritylab/actions/unpinned-tag
  * @tags actions
  *       security
- *       experimental
+ *       deprecated
  *       external/cwe/cwe-829
  */
 
diff --git a/javascript/src/suites/javascript.qls b/javascript/src/suites/javascript.qls
index 11f3627f..e5b61a73 100644
--- a/javascript/src/suites/javascript.qls
+++ b/javascript/src/suites/javascript.qls
@@ -18,6 +18,7 @@
     tags contain:
       - debugging
       - audit
+      - deprecated
 
 # Remove local testing folders
 - exclude:

From d6f9d6fb6819e6acd39b856f098e998cee4613a4 Mon Sep 17 00:00:00 2001
From: GeekMasher <geekmasher@gmail.com>
Date: Tue, 15 Apr 2025 14:51:31 +0100
Subject: [PATCH 2/2] feat(js): Update CodeQL to use new JS dataflow lib

---
 javascript/lib/codeql-pack.lock.yml | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/javascript/lib/codeql-pack.lock.yml b/javascript/lib/codeql-pack.lock.yml
index 3a11520c..6737f646 100644
--- a/javascript/lib/codeql-pack.lock.yml
+++ b/javascript/lib/codeql-pack.lock.yml
@@ -2,25 +2,25 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/dataflow:
-    version: 1.1.8
+    version: 2.0.4
   codeql/javascript-all:
-    version: 2.2.1
+    version: 2.6.0
   codeql/mad:
-    version: 1.0.14
+    version: 1.0.20
   codeql/regex:
-    version: 1.0.14
+    version: 1.0.20
   codeql/ssa:
-    version: 1.0.14
+    version: 1.0.20
   codeql/threat-models:
-    version: 1.0.14
+    version: 1.0.20
   codeql/tutorial:
-    version: 1.0.14
+    version: 1.0.20
   codeql/typetracking:
-    version: 1.0.14
+    version: 2.0.4
   codeql/util:
-    version: 2.0.1
+    version: 2.0.7
   codeql/xml:
-    version: 1.0.14
+    version: 1.0.20
   codeql/yaml:
-    version: 1.0.14
+    version: 1.0.20
 compiled: false