From 95666636d4107dca28d09376a30df81cf56c388a Mon Sep 17 00:00:00 2001
From: github-actions <github-actions@github.com>
Date: Tue, 9 Jun 2026 14:28:17 +0000
Subject: [PATCH 1/2] 2.1.0

---
 package.json                            |  2 +-
 packages/codeql-action/CHANGELOG.md     | 11 ++++++++++-
 packages/codeql-action/package.json     |  2 +-
 packages/language-detector/CHANGELOG.md | 11 ++++++++++-
 packages/language-detector/package.json |  2 +-
 packages/semgrep-action/CHANGELOG.md    | 11 ++++++++++-
 packages/semgrep-action/package.json    |  2 +-
 7 files changed, 34 insertions(+), 7 deletions(-)

diff --git a/package.json b/package.json
index f8e8bc0..821f0b2 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@metamask/action-security-code-scanner",
-  "version": "2.0.6",
+  "version": "2.1.0",
   "private": true,
   "description": "Security Code Scanner",
   "repository": {
diff --git a/packages/codeql-action/CHANGELOG.md b/packages/codeql-action/CHANGELOG.md
index 88d5229..ebe5a35 100644
--- a/packages/codeql-action/CHANGELOG.md
+++ b/packages/codeql-action/CHANGELOG.md
@@ -7,6 +7,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [2.1.0]
+
+### Uncategorized
+
+- Update publish-release workflow and CodeQL action versions
+- Update actions/checkout to latest commit for consistency across workflows
+- Update GitHub Actions to use latest versions of dependencies
+
 ## [2.0.6]
 
 ### Uncategorized
@@ -41,7 +49,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Added multi language support
 - Updated CodeQL action to v4
 
-[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.6...HEAD
+[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.1.0...HEAD
+[2.1.0]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.6...v2.1.0
 [2.0.6]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.5...v2.0.6
 [2.0.5]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.3...v2.0.5
 [2.0.3]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.1...v2.0.3
diff --git a/packages/codeql-action/package.json b/packages/codeql-action/package.json
index 32c96d3..9a4a0be 100644
--- a/packages/codeql-action/package.json
+++ b/packages/codeql-action/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@metamask/codeql-action",
-  "version": "2.0.6",
+  "version": "2.1.0",
   "private": true,
   "description": "Custom CodeQL analysis action",
   "keywords": [],
diff --git a/packages/language-detector/CHANGELOG.md b/packages/language-detector/CHANGELOG.md
index 26b6e18..560f5e3 100644
--- a/packages/language-detector/CHANGELOG.md
+++ b/packages/language-detector/CHANGELOG.md
@@ -7,6 +7,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [2.1.0]
+
+### Uncategorized
+
+- Update Node.js version to 24 in language-detector action and checkout action version in build-lint-test workflow for consistency
+- Update Node.js version in .nvmrc and enable Corepack in actions using node
+- Update GitHub Actions to use latest versions of dependencies
+
 ## [2.0.4]
 
 ### Changed
@@ -42,7 +50,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Added support for autodetecting languages using Github API
 
-[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.4...HEAD
+[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.1.0...HEAD
+[2.1.0]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.4...v2.1.0
 [2.0.4]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.3...v2.0.4
 [2.0.3]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.2...v2.0.3
 [2.0.2]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.1...v2.0.2
diff --git a/packages/language-detector/package.json b/packages/language-detector/package.json
index 3c96fb5..58a0871 100644
--- a/packages/language-detector/package.json
+++ b/packages/language-detector/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@metamask/language-detector",
-  "version": "2.0.4",
+  "version": "2.1.0",
   "description": "Language detection and matrix generation for code scanning",
   "type": "module",
   "main": "src/index.js",
diff --git a/packages/semgrep-action/CHANGELOG.md b/packages/semgrep-action/CHANGELOG.md
index 022da45..788fafe 100644
--- a/packages/semgrep-action/CHANGELOG.md
+++ b/packages/semgrep-action/CHANGELOG.md
@@ -7,6 +7,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [2.1.0]
+
+### Uncategorized
+
+- Update CodeQL action version in Semgrep workflow for consistency
+- Update actions/checkout to latest commit for consistency across workflows
+- Update GitHub Actions to use latest versions of dependencies
+
 ## [2.0.6]
 
 ### Uncategorized
@@ -39,7 +47,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Migrated action from its separate repository to the monorepo
 
-[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.6...HEAD
+[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.1.0...HEAD
+[2.1.0]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.6...v2.1.0
 [2.0.6]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.5...v2.0.6
 [2.0.5]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.2...v2.0.5
 [2.0.2]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.1...v2.0.2
diff --git a/packages/semgrep-action/package.json b/packages/semgrep-action/package.json
index 946e2ef..386ee7f 100644
--- a/packages/semgrep-action/package.json
+++ b/packages/semgrep-action/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@metamask/semgrep-action",
-  "version": "2.0.6",
+  "version": "2.1.0",
   "private": true,
   "description": "Semgrep-based security scanning action",
   "keywords": [

From 57f97fe6da36792659b18c6b362c3a0852792514 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82?= <michal.ogrodniczak@consensys.net>
Date: Tue, 9 Jun 2026 15:43:17 +0100
Subject: [PATCH 2/2] update changelog

---
 CHANGELOG.md                            | 14 +++++++++++++-
 packages/codeql-action/CHANGELOG.md     |  2 +-
 packages/language-detector/CHANGELOG.md |  2 +-
 packages/semgrep-action/CHANGELOG.md    |  4 ++--
 4 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a199284..c6489ee 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [2.1.0]
+
+### Added
+
+- feat: added github actions static analysis using zizmor
+
+### Fixed
+
+- fix: pined github actions versions to sha's
+- fix: fixed zizmor findings
+
 ## [2.0.5]
 
 ### Added
@@ -72,7 +83,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Initial release of this action ([#29](https://github.com/MetaMask/action-security-code-scanner/pull/29))
 
-[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.5...HEAD
+[Unreleased]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.1.0...HEAD
+[2.1.0]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.5...v2.1.0
 [2.0.5]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.4...v2.0.5
 [2.0.4]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.3...v2.0.4
 [2.0.3]: https://github.com/MetaMask/action-security-code-scanner/compare/v2.0.2...v2.0.3
diff --git a/packages/codeql-action/CHANGELOG.md b/packages/codeql-action/CHANGELOG.md
index ebe5a35..1166bed 100644
--- a/packages/codeql-action/CHANGELOG.md
+++ b/packages/codeql-action/CHANGELOG.md
@@ -17,7 +17,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [2.0.6]
 
-### Uncategorized
+### Changed
 
 - fix(codeql): prevent shell injection in debug steps and build command
 
diff --git a/packages/language-detector/CHANGELOG.md b/packages/language-detector/CHANGELOG.md
index 560f5e3..ac70740 100644
--- a/packages/language-detector/CHANGELOG.md
+++ b/packages/language-detector/CHANGELOG.md
@@ -9,7 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [2.1.0]
 
-### Uncategorized
+### Changed
 
 - Update Node.js version to 24 in language-detector action and checkout action version in build-lint-test workflow for consistency
 - Update Node.js version in .nvmrc and enable Corepack in actions using node
diff --git a/packages/semgrep-action/CHANGELOG.md b/packages/semgrep-action/CHANGELOG.md
index 788fafe..0ca5774 100644
--- a/packages/semgrep-action/CHANGELOG.md
+++ b/packages/semgrep-action/CHANGELOG.md
@@ -9,7 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [2.1.0]
 
-### Uncategorized
+### Changed
 
 - Update CodeQL action version in Semgrep workflow for consistency
 - Update actions/checkout to latest commit for consistency across workflows
@@ -17,7 +17,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [2.0.6]
 
-### Uncategorized
+### Changed
 
 - fix(semgrep): prevent shell injection by using environment variable for paths_ignored