github
diff --git a/‎.github/workflows/post-release-mergeback.yml
+1 b/‎.github/workflows/post-release-mergeback.yml
+1
diff --git a/‎CHANGELOG.md
+4 b/‎CHANGELOG.md
+4
diff --git a/‎lib/start-proxy-action.js
-14 b/‎lib/start-proxy-action.js
-14
diff --git a/‎lib/start-proxy-action.js.map
+1-1 b/‎lib/start-proxy-action.js.map
+1-1
diff --git a/‎node_modules/.package-lock.json
+1-1 b/‎node_modules/.package-lock.json
+1-1
diff --git a/‎package-lock.json
+2-2 b/‎package-lock.json
+2-2
diff --git a/‎package.json
+1-1 b/‎package.json
+1-1
diff --git a/‎src/start-proxy-action.ts
-15 b/‎src/start-proxy-action.ts
-15
diff --git a/‎start-proxy/action.yml
-3 b/‎start-proxy/action.yml
-3
@@ -29,6 +29,7 @@ jobs:
 
     permissions:
       contents: write # needed to create tags and push commits
+      pull-requests: write
 
     steps:
       - name: Dump environment
 
@@ -4,6 +4,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
 
 ## [UNRELEASED]
 
+No user facing changes.
+
+## 3.28.6 - 27 Jan 2025
+
 - Re-enable debug artifact upload for CLI versions 2.20.3 or greater. [#2726](https://github.com/github/codeql-action/pull/2726)
 
 ## 3.28.5 - 24 Jan 2025
 
@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "3.28.6",
+  "version": "3.28.7",
   "private": true,
   "description": "CodeQL action",
   "scripts": {
 
@@ -14,7 +14,6 @@ const UPDATEJOB_PROXY = "update-job-proxy";
 const UPDATEJOB_PROXY_VERSION = "v2.0.20241023203727";
 const UPDATEJOB_PROXY_URL_PREFIX =
   "https://github.com/github/codeql-action/releases/download/codeql-bundle-v2.18.1/";
-const PROXY_USER = "proxy_user";
 const KEY_SIZE = 2048;
 const KEY_EXPIRY_YEARS = 2;
 
@@ -113,12 +112,10 @@ async function runWrapper() {
   );
 
   const ca = generateCertificateAuthority();
-  const proxyAuth = getProxyAuth();
 
   const proxyConfig: ProxyConfig = {
     all_credentials: credentials,
     ca,
-    proxy_auth: proxyAuth,
   };
 
   // Start the Proxy
@@ -187,18 +184,6 @@ async function startProxy(
   }
 }
 
-// getProxyAuth returns the authentication information for the proxy itself.
-function getProxyAuth(): BasicAuthCredentials | undefined {
-  const proxy_password = actionsUtil.getOptionalInput("proxy_password");
-  if (proxy_password) {
-    return {
-      username: PROXY_USER,
-      password: proxy_password,
-    };
-  }
-  return;
-}
-
 async function getProxyBinaryPath(): Promise<string> {
   const proxyFileName =
     process.platform === "win32" ? `${UPDATEJOB_PROXY}.exe` : UPDATEJOB_PROXY;
 
@@ -9,9 +9,6 @@ inputs:
   registries_credentials:
     description: Base64 encoded JSON configuration for the URLs and credentials of the package registries
     required: false
-  proxy_password:
-    required: false
-    description: The password of the proxy
   token:
     description: GitHub token to use for authenticating with this instance of GitHub, used to upload debug artifacts.
     default: ${{ github.token }}
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "codeql",`
`3`		`- "version": "3.28.6",`
	`3`	`+ "version": "3.28.7",`
`4`	`4`	`"private": true,`
`5`	`5`	`"description": "CodeQL action",`
`6`	`6`	`"scripts": {`