Merge releases/v4 into releases/v3

[github-actions]

Merging b20883b into releases/v3.

Conductor for this PR is @henrymercer.

Contains the following pull requests:

• Mergeback v4.31.11 refs/heads/releases/v4 into main #3418 (@mbg)
• Add installYq option to sync.py and install yq directly from GitHub release #3423 (@mbg)
• Update default bundle to 2.24.0 #3425 (@nickrolfe)
• Bump the Action minor version number on new CodeQL minor version series #3427 (@henrymercer)
• Merge main into releases/v4 #3428 (@henrymercer)

Please do the following:

• Ensure the CHANGELOG displays the correct version and date.
• Ensure the CHANGELOG includes all relevant, user-facing changes since the last release.
• Check that there are not any unexpected commits being merged into the releases/v3 branch.
• Ensure the docs team is aware of any documentation changes that need to be released.
• Remove and re-add the "Rebuild" label to the PR to trigger just this workflow.
• Wait for the "Rebuild" workflow to push a commit updating the distribution files.
• Mark the PR as ready for review to trigger the full set of PR checks.
• Approve and merge this PR. Make sure Create a merge commit is selected rather than Squash and merge or Rebase and merge.

[github-actions]

Pushed a commit to rebuild the Action. Please mark the PR as ready for review to trigger PR checks.

[Copilot]

Pull request overview

This pull request merges changes from releases/v4 into releases/v3 to backport recent improvements to the v3 release branch. The changes include updating the default CodeQL bundle to version 2.24.0, improving the yq installation process on Windows, and bumping the Action version to 3.32.0.

Changes:

• Updated default CodeQL bundle from 2.23.9 to 2.24.0
• Improved yq installation on Windows by downloading directly from GitHub releases instead of using chocolatey
• Bumped Action version to 3.32.0 (minor version bump for new CodeQL minor version series)
• Added automated logic to bump Action minor version when CodeQL minor version changes

Reviewed changes

Copilot reviewed 20 out of 21 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
CHANGELOG.md	Added entry for version 3.32.0 documenting the CodeQL bundle update
package.json	Bumped version from 3.31.11 to 3.32.0
package-lock.json	Updated version to match package.json (should be 3.32.0)
src/defaults.json	Updated CodeQL bundle and CLI versions to 2.24.0
lib/defaults.json	Mirror of src/defaults.json changes (generated)
pr-checks/sync.py	Added installYq option to download yq directly from GitHub releases
pr-checks/checks/build-mode-autobuild.yml	Replaced choco install with new installYq flag
.github/workflows/update-bundle.yml	Added logic to bump Action minor version on new CodeQL minor version series
.github/workflows/__build-mode-autobuild.yml	Generated workflow file reflecting yq installation changes
lib/*.js	Generated JavaScript files with updated version numbers and bundle versions