Bump github/codeql-action from 2.2.7 to 2.2.8

[dependabot]

Bumps github/codeql-action from 2.2.7 to 2.2.8.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

[UNRELEASED]

No user facing changes.

2.2.8 - 22 Mar 2023

• Update default CodeQL bundle version to 2.12.5. #1585
• Customers post-processing the SARIF output of the analyze Action before uploading it to Code Scanning will benefit from an improved debugging experience. #1598
  • The CodeQL Action will now upload a SARIF file with debugging information to Code Scanning on failed runs for customers using upload: false. Previously, this was only available for customers using the default value of the upload input.
  • The upload input to the analyze Action now accepts the following values:
    • always is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    • failure-only is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    • never avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    • The legacy true and false options will be interpreted as always and failure-only respectively.

2.2.7 - 15 Mar 2023

No user facing changes.

2.2.6 - 10 Mar 2023

• Update default CodeQL bundle version to 2.12.4. #1561

2.2.5 - 24 Feb 2023

• Update default CodeQL bundle version to 2.12.3. #1543

2.2.4 - 10 Feb 2023

No user facing changes.

2.2.3 - 08 Feb 2023

• Update default CodeQL bundle version to 2.12.2. #1518

2.2.2 - 06 Feb 2023

• Fix an issue where customers using the CodeQL Action with the CodeQL Action sync tool would not be able to obtain the CodeQL tools. #1517

2.2.1 - 27 Jan 2023

No user facing changes.

2.2.0 - 26 Jan 2023

• Improve stability when choosing the default version of CodeQL to use in code scanning workflow runs on Actions on GitHub.com. #1475
  • This change addresses customer reports of code scanning alerts on GitHub.com being closed and reopened during the rollout of new versions of CodeQL in the GitHub Actions runner images.
  • No change is required for the majority of workflows, including:

... (truncated)

Commits

• 67a35a0 Merge pull request #1601 from github/update-v2.2.8-066b6343e
• 57571ab Update changelog for v2.2.8
• 066b634 Merge pull request #1599 from github/update-supported-enterprise-server-versions
• aefd989 Merge pull request #1597 from github/rneatherway/ghe-dotcom
• 3ca2260 Account for versioning of ghe.com
• 5f20b2c Update supported GitHub Enterprise Server versions.
• 760583e Bump setup-go from v3 to v4 (#1595)
• 0ef7eda Merge pull request #1585 from github/henrymercer/bundle-2.12.5
• 8612813 Merge branch 'main' into henrymercer/bundle-2.12.5
• ebbe965 Merge pull request #1588 from github/update-supported-enterprise-server-versions
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Patch coverage: 100.00% and no project coverage change.

Comparison is base (d81684e) 81.31% compared to head (29f3053) 81.31%.

Additional details and impacted files

@@            Coverage Diff            @@
##               main    #2624   +/-   ##
=========================================
  Coverage     81.31%   81.31%           
- Complexity     4187     4189    +2     
=========================================
  Files           336      336           
  Lines         15485    15487    +2     
  Branches       2020     2020           
=========================================
+ Hits          12591    12593    +2     
  Misses         2101     2101           
  Partials        793      793           

Impacted Files	Coverage Δ
sentry/src/main/java/io/sentry/SentryTracer.java	93.35% <ø> (ø)
sentry/src/main/java/io/sentry/Span.java	89.55% <ø> (ø)
...main/java/io/sentry/protocol/MeasurementValue.java	94.23% <ø> (ø)
sentry/src/main/java/io/sentry/NoOpSpan.java	25.00% <100.00%> (+2.41%)	⬆️
...entry/src/main/java/io/sentry/NoOpTransaction.java	24.44% <100.00%> (+1.71%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

[github-actions]

	Fails
🚫	Please consider adding a changelog entry for the next release.

Instructions and example for changelog

Please add an entry to CHANGELOG.md to the "Unreleased" section. Make sure the entry includes this PR's number.

Example:

## Unreleased

- Bump github/codeql-action from 2.2.7 to 2.2.8 ([#2624](https://github.com/getsentry/sentry-java/pull/2624))

If none of the above apply, you can opt out of this check by adding #skip-changelog to the PR description.

Generated by 🚫 dangerJS against b82f53a

[github-actions]

Performance metrics 🚀

	Plain	With Sentry	Diff
Startup time	253.06 ms	288.36 ms	35.30 ms
Size	1.73 MiB	2.26 MiB	551.46 KiB

Baseline results on branch: main

Startup times

Revision	Plain	With Sentry	Diff
d81684e	235.73 ms	328.76 ms	93.03 ms
17ab223	427.65 ms	484.31 ms	56.65 ms

App size

Revision	Plain	With Sentry	Diff
d81684e	1.73 MiB	2.26 MiB	547.78 KiB
17ab223	1.73 MiB	2.34 MiB	626.85 KiB