Merge main into releases/v4

.github/dependabot.yml

@@ -4,14 +4,15 @@ updates:
     directory: "/"
     schedule:
       interval: weekly
+    cooldown:
+      default-days: 7
+      exclude:
+        - "@actions/*"
     labels:
       - Rebuild
     # Ignore incompatible dependency updates
     ignore:
-      # There is a type incompatibility issue between v0.0.9 and our other dependencies.
-      - dependency-name: "@octokit/plugin-retry"
-        versions: ["~6.0.0"]
-      # This is broken due to the way configuration files have changed. 
+      # This is broken due to the way configuration files have changed.
       # This might be fixed when we move to eslint v9.
       - dependency-name: "eslint-plugin-import"
         versions: [">=2.30.0"]
@@ -28,6 +29,10 @@ updates:
       - "/.github/actions"
     schedule:
       interval: weekly
+    cooldown:
+      default-days: 7
+      exclude:
+        - "actions/*"
     labels:
       - Rebuild
     groups:

CHANGELOG.md

@@ -2,6 +2,11 @@
 
 See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
 
+## 4.32.1 - 02 Feb 2026
+
+- A warning is now shown in Default Setup workflow logs if a [private package registry is configured](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries) using a GitHub Personal Access Token (PAT), but no username is configured. [#3422](https://github.com/github/codeql-action/pull/3422)
+- Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. [#3421](https://github.com/github/codeql-action/pull/3421)
+
 ## 4.32.0 - 26 Jan 2026
 
 - Update default CodeQL bundle version to [2.24.0](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0). [#3425](https://github.com/github/codeql-action/pull/3425)