From 5a30830192c14f0ff2af38829993646add1332b5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 11 Oct 2025 07:01:40 +0000
Subject: [PATCH] Bump github/codeql-action from 3 to 4

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/Code-review.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/Code-review.yml b/.github/workflows/Code-review.yml
index b1c7ff2..bd6f0d3 100644
--- a/.github/workflows/Code-review.yml
+++ b/.github/workflows/Code-review.yml
@@ -16,11 +16,11 @@ jobs:
       - name: Install dependencies
         run: npm install # 安装依赖项
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3 # 初始化 CodeQL 环境
+        uses: github/codeql-action/init@v4 # 初始化 CodeQL 环境
         with:
           languages: javascript
       - name: Analyze JavaScript code with CodeQL
-        uses: github/codeql-action/analyze@v3 # 使用 CodeQL 对 JavaScript 代码进行分析
+        uses: github/codeql-action/analyze@v4 # 使用 CodeQL 对 JavaScript 代码进行分析
 
 #  这个 workflow 文件使用 `pull_request` 事件来监听新的 PR 提交，并且只有针对主分支的操作才会触发它。code-review job 使用 `actions/checkout` action 将代码库检出到 runner 中，使用 `actions/setup-node` action 安装 Node.js 运行环境和依赖包，接着通过运行 `npm run lint` 进行代码风格检查和运行 `npm test` 命令来运行测试。最后，在 Setup code review 步骤中，我们使用 `reviewdog/action-eslint` action 来进行代码审查，并将输出级别设置为 `error`。
 #