github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-01-03 13:10:06 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,854 Commits 297 Branches 500 Tags
0180811a94de059a9420a522e8068d61e99a1ccf
Commit Graph

23 Commits

Author SHA1 Message Date
Henry Mercer
d39065943f Add missing permissions 2025-01-24 13:21:05 +00:00
Henry Mercer
2c22b37a68 Add GitHub token to update dependencies workflow 2023-09-14 18:14:24 +01:00
Chuan-kai Lin
77a54b68d4 Remove --pr in update-dependencies.yml 2023-09-13 09:49:02 -07:00
Henry Mercer
37d8d03606 Merge pull request #1868 from github/henrymercer/improve-dependency-update 
Improve usability of update dependencies workflow
 2023-09-05 16:38:52 +01:00
Henry Mercer
e6cb4feff9 Improve usability of update dependencies workflow 2023-09-05 16:36:41 +02:00
dependabot[bot]
321d3e057d Bump the actions group with 1 update 
Bumps the actions group with 1 update: [actions/checkout](https://github.com/actions/checkout).

- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 18:00:31 +00:00
Henry Mercer
3da4cbfc79 Fix GitHub Actions email 2023-05-25 11:27:13 +01:00
Henry Mercer
cf1855ae37 Fix workflow to update dependencies 
Port over the fix from
https://github.com/github/codeql-action/pull/1544
and share code so these scripts don't get out of sync again.
 2023-02-24 20:25:21 +00:00
Henry Mercer
5da183dcc2 Bump npm to v9.2.0 
npm v9.3.0 is out, but seems to have a bug with `npm ci` on macOS
where it will complain that `node_modules/.bin` is a directory.

We specify an exact version for reproducibility of builds.
 2023-01-23 19:15:21 +00:00
Henry Mercer
718930badf Pin npm to latest v8 release to address failing PR check 
npm v9 is not compatible with Node 12, so we can't update to it yet.
 2022-11-11 11:06:50 +00:00
Henry Mercer
a2949f47b3 Update actions/checkout from v2 to v3 2022-03-30 19:46:09 +01:00
Andrew Eisenberg
76c3e91b1f Bump timeout to 45 minutes 
With a 30 minute timeout, we were getting some cancelled runs.
This should fix it.
 2022-03-11 11:45:45 -08:00
Andrew Eisenberg
628afae9d3 Add a timeout of 30 min 
For all CI jobs. Based on some eye-balling 30 minutes should be
enough time for all jobs to complete.
 2022-03-08 14:57:35 -08:00
Edoardo Pirovano
4860ed1ad4 Remove persist-credentials: false from workflow 2021-11-19 17:55:10 +00:00
Andrew Eisenberg
56c7489b94 Merge branch 'main' into aeisenberg/dependabot 2021-11-02 10:35:28 -07:00
Edoardo Pirovano
d3f5d485b3 Further fix to update dependencies workflow 2021-10-25 18:09:40 +01:00
Andrew Eisenberg
531c6ba7c8 Fix dependabot issues 2021-10-25 08:56:16 -07:00
Edoardo Pirovano
63fd41bf33 Fix syntax in a workflow 2021-10-22 17:40:41 +01:00
Edoardo Pirovano
70f007a73c Improve workflow to update dependencies 2021-10-22 10:43:31 +01:00
Henry Mercer
2632b65a56 Add ready_for_review type to pull_request trigger types 
This runs checks on reopened draft PRs to support triggering PR checks
on draft PRs that were opened by other workflows.
 2021-08-03 19:29:42 +01:00
Edoardo Pirovano
554f1b3765 Address further PR comment 2021-07-26 15:19:47 +01:00
Edoardo Pirovano
934fb86c58 Address PR comments from @robertbrignull 2021-07-26 14:47:03 +01:00
Edoardo Pirovano
e145aa414e Enable dependabot automatic updates 2021-07-26 11:14:19 +01:00