github
diff --git a/‎.github/dependabot.yml‎
Lines changed: 1 addition & 4 deletions b/‎.github/dependabot.yml‎
Lines changed: 1 addition & 4 deletions
diff --git a/‎.github/workflows/__build-mode-autobuild.yml‎
Lines changed: 8 additions & 5 deletions b/‎.github/workflows/__build-mode-autobuild.yml‎
Lines changed: 8 additions & 5 deletions
diff --git a/‎.github/workflows/__rubocop-multi-language.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/__rubocop-multi-language.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/update-bundle.yml‎
Lines changed: 27 additions & 1 deletion b/‎.github/workflows/update-bundle.yml‎
Lines changed: 27 additions & 1 deletion
diff --git a/‎CHANGELOG.md‎
Lines changed: 11 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 11 additions & 0 deletions
@@ -8,10 +8,7 @@ updates:
       - Rebuild
     # Ignore incompatible dependency updates
     ignore:
-      # There is a type incompatibility issue between v0.0.9 and our other dependencies.
-      - dependency-name: "@octokit/plugin-retry"
-        versions: ["~6.0.0"]
-      # This is broken due to the way configuration files have changed. 
+      # This is broken due to the way configuration files have changed.
       # This might be fixed when we move to eslint v9.
       - dependency-name: "eslint-plugin-import"
         versions: [">=2.30.0"]
 
@@ -57,6 +57,24 @@ jobs:
       - name: Update bundle
         uses: ./.github/actions/update-bundle
 
+      - name: Bump Action minor version if new CodeQL minor version series
+        id: bump-action-version
+        run: |
+          prior_cli_version=$(jq -r '.priorCliVersion' src/defaults.json)
+          cli_version=$(jq -r '.cliVersion' src/defaults.json)
+
+          prior_minor=$(echo "$prior_cli_version" | cut -d. -f2)
+          current_minor=$(echo "$cli_version" | cut -d. -f2)
+
+          if [[ "$current_minor" != "$prior_minor" ]]; then
+            echo "New CodeQL minor version series ($prior_cli_version -> $cli_version), bumping Action minor version"
+            npm version minor --no-git-tag-version
+            echo "bumped=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "Same minor version series ($prior_cli_version -> $cli_version), skipping Action version bump"
+            echo "bumped=false" >> "$GITHUB_OUTPUT"
+          fi
+
       - name: Rebuild Action
         run: npm run build
 
@@ -71,11 +89,19 @@ jobs:
       - name: Open pull request
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          ACTION_VERSION_BUMPED: ${{ steps.bump-action-version.outputs.bumped }}
         run: |
           cli_version=$(jq -r '.cliVersion' src/defaults.json)
+          action_version=$(jq -r '.version' package.json)
+
+          pr_body="This pull request updates the default CodeQL bundle, as used with \`tools: linked\` and on GHES, to $cli_version."
+          if [[ "$ACTION_VERSION_BUMPED" == "true" ]]; then
+            pr_body+=$'\n\n'"Since this is a new CodeQL minor version series, this PR also bumps the Action version to $action_version."
+          fi
+
           pr_url=$(gh pr create \
             --title "Update default bundle to $cli_version" \
-            --body "This pull request updates the default CodeQL bundle, as used with \`tools: linked\` and on GHES, to $cli_version." \
+            --body "$pr_body" \
             --assignee "$GITHUB_ACTOR" \
             --draft \
           )
 
@@ -6,6 +6,17 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
 
 No user facing changes.
 
+## 4.32.0 - 26 Jan 2026
+
+- Update default CodeQL bundle version to [2.24.0](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0). [#3425](https://github.com/github/codeql-action/pull/3425)
+
+## 4.31.11 - 23 Jan 2026
+
+- When running a Default Setup workflow with [Actions debugging enabled](https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging), the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. [#3409](https://github.com/github/codeql-action/pull/3409)
+- Improved error handling throughout the CodeQL Action. [#3415](https://github.com/github/codeql-action/pull/3415)
+- Added experimental support for automatically excluding [generated files](https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github) from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. [#3318](https://github.com/github/codeql-action/pull/3318)
+- The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. [#3403](https://github.com/github/codeql-action/pull/3403)
+
 ## 4.31.10 - 12 Jan 2026
 
 - Update default CodeQL bundle version to 2.23.9. [#3393](https://github.com/github/codeql-action/pull/3393)