build(deps): bump github/codeql-action from 3 to 4

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/codeql.yml

@@ -20,7 +20,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
       # Override language selection by uncommenting this and choosing your languages
       # with:
       #   languages: go, javascript, csharp, python, cpp, java, ruby
@@ -28,7 +28,7 @@ jobs:
     # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
     # If this step fails, then you should remove it and run the build manually (see below).
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
+      uses: github/codeql-action/autobuild@v4
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -42,4 +42,4 @@ jobs:
     #     make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4

examples.md

@@ -24,7 +24,6 @@
 - [Node - Lerna](#node---lerna)
 - [Node - Yarn](#node---yarn)
 - [Node - Yarn 2](#node---yarn-2)
-- [Node - pnpm](#node---pnpm)
 - [OCaml/Reason - esy](#ocamlreason---esy)
 - [PHP - Composer](#php---composer)
 - [Python - pip](#python---pip)
@@ -50,7 +49,7 @@
   with:
     path: |
       ~/.bun/install/cache
-    key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lockb') }}
+    key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock') }}
 ```
 
 ### Windows
@@ -60,7 +59,7 @@
   with:
     path: |
       ~\.bun
-    key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lockb') }}
+    key: ${{ runner.os }}-bun-${{ hashFiles('**/bun.lock') }}
 ```
 
 ## C# - NuGet
@@ -410,38 +409,6 @@ The yarn 2 cache directory will depend on your config. See https://yarnpkg.com/c
       ${{ runner.os }}-yarn-
 ```
 
-### Node - pnpm
-
-```yaml
-steps:
-  - uses: actions/checkout@v4
-
-  - uses: actions/setup-node@v4
-    with:
-      node-version: 24
-
-  - uses: pnpm/action-setup@v4
-    with:
-      version: 10
-
-  - name: Get pnpm store directory
-    id: pnpm-cache
-    shell: bash
-    run: |
-      echo "dir=$(pnpm store path)" >> "$GITHUB_OUTPUT"
-
-  - uses: actions/cache@v4
-    id: cache-pnpm
-    with:
-      path: ${{ steps.pnpm-cache.outputs.dir }}
-      key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}
-      restore-keys: |
-        ${{ runner.os }}-pnpm-
-
-  - name: Install dependencies
-    run: pnpm install --frozen-lockfile
-```
-
 ## OCaml/Reason - esy
 
 Esy allows you to export built dependencies and import pre-built dependencies.