github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-29 02:30:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
8,268 Commits 297 Branches 500 Tags
3b94cfeb152a4907ae48ea3e1fb217dfa806faee
Commit Graph

8268 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Henry Mercer
3b94cfeb15 Avoid logging each extract call 2025-12-17 11:35:26 +00:00
Henry Mercer
da77f9f638 Suppress debug logs for artifact scanner test 2025-12-17 10:25:48 +00:00
Henry Mercer
de172624a1 Slim down test debug artifacts 2025-12-17 10:25:48 +00:00
Henry Mercer
488c1f1959 Add regression test for artifact scanner 2025-12-17 10:25:48 +00:00
Henry Mercer
f2ccf3b4f1 Ensure .gz files are extracted too 2025-12-17 10:25:47 +00:00
Henry Mercer
f28848a66a Use artifact scanner in debug artifacts PR checks 2025-12-17 10:25:47 +00:00
Henry Mercer
5459b98ca0 Add simple artifact scanner for tests only 2025-12-17 10:25:46 +00:00
Henry Mercer
0c8bfeaf84 Add artifact scanner 2025-12-17 10:25:46 +00:00
Henry Mercer
5eb751966f Merge pull request #3358 from github/henrymercer/database-upload-telemetry 
Add status report for uploading databases to API
 2025-12-16 16:18:52 +00:00
Henry Mercer
e9626872ef Merge branch 'main' into henrymercer/database-upload-telemetry 2025-12-16 15:53:31 +00:00
Henry Mercer
19c7f96922 Rename isOverlayBase 2025-12-16 15:41:50 +00:00
Henry Mercer
ae5de9a20d Use getErrorMessage in log too 2025-12-16 15:41:04 +00:00
Henry Mercer
0cb86337c5 Prefer performance.now() 2025-12-16 15:38:29 +00:00
Henry Mercer
c07cc0d3a9 Merge pull request #3351 from github/henrymercer/ghec-dr-determine-tools-version-from-ffs 
Determine CodeQL version from feature flags on GHEC-DR
 2025-12-16 13:42:01 +00:00
Henry Mercer
a2ee53c0d3 Use full names for GitHub variants 2025-12-16 13:23:24 +00:00
Michael B. Gale
b5e1a28b8a Merge pull request #3365 from github/dependabot/github_actions/dot-github/workflows/actions/download-artifact-7 
Bump actions/download-artifact from 6 to 7 in /.github/workflows
 2025-12-16 12:17:14 +00:00
Michael B. Gale
c2d4383e64 Merge branch 'main' into dependabot/github_actions/dot-github/workflows/actions/download-artifact-7 2025-12-15 22:00:03 +00:00
Michael B. Gale
d0ad1da72a Merge pull request #3364 from github/dependabot/github_actions/dot-github/workflows/actions-minor-8751820eb1 
Bump ruby/setup-ruby from 1.269.0 to 1.270.0 in /.github/workflows in the actions-minor group across 1 directory
 2025-12-15 21:08:40 +00:00
Michael B. Gale
07cd437640 Merge pull request #3366 from github/dependabot/github_actions/dot-github/workflows/actions/upload-artifact-6 
Bump actions/upload-artifact from 5 to 6 in /.github/workflows
 2025-12-15 18:18:05 +00:00
Michael B. Gale
a682bbe410 Merge pull request #3309 from github/mbg/ff/make-new-upload-default 
Remove `AnalyzeUseNewUpload` FF and make its behaviour the default
 2025-12-15 17:24:57 +00:00
github-actions[bot]
7fd7db3f26 Rebuild 2025-12-15 17:20:17 +00:00
github-actions[bot]
d6c1a791b7 Rebuild 2025-12-15 17:20:02 +00:00
dependabot[bot]
034374eb3f Bump actions/upload-artifact from 5 to 6 in /.github/workflows 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:18:40 +00:00
dependabot[bot]
6dbc22c93f Bump actions/download-artifact from 6 to 7 in /.github/workflows 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:18:32 +00:00
dependabot[bot]
a539068a61 Bump ruby/setup-ruby 
Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `ruby/setup-ruby` from 1.269.0 to 1.270.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](d697be2f83...ac793fdd38)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.270.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:18:28 +00:00
Michael B. Gale
b30cb9ae2a Merge branch 'main' into mbg/ff/make-new-upload-default 2025-12-15 16:28:30 +00:00
Michael B. Gale
009fe6b0c1 Remove AnalyzeUseNewUpload FF 2025-12-15 16:27:29 +00:00
Michael B. Gale
b1dea65f65 Make postProcessAndUploadSarif the default 2025-12-15 16:27:19 +00:00
Henry Mercer
7e0b77e3a8 Merge pull request #3349 from github/dependabot/github_actions/dot-github/workflows/actions-minor-dc476f2f5b 
Bump the actions-minor group across 1 directory with 2 updates
 2025-12-15 15:38:25 +00:00
Henry Mercer
0264b51610 Merge pull request #3348 from github/dependabot/npm_and_yarn/npm-minor-38a2a793c5 
Bump the npm-minor group with 5 updates
 2025-12-15 15:37:54 +00:00
Henry Mercer
2ac846d41e Merge branch 'main' into dependabot/npm_and_yarn/npm-minor-38a2a793c5 2025-12-15 14:12:45 +00:00
Henry Mercer
5d063dd3af Populate database upload results telemetry 2025-12-15 12:55:12 +00:00
Henry Mercer
8e921c3145 Return status report from cleanupAndUploadDatabases 2025-12-15 12:55:12 +00:00
Óscar San José
4b675e451b Merge pull request #3356 from github/mergeback/v4.31.8-to-main-1b168cd3 
Mergeback v4.31.8 refs/heads/releases/v4 into main
 2025-12-12 10:48:29 +01:00
github-actions[bot]
65bad627f3 Rebuild 2025-12-12 08:52:54 +00:00
github-actions[bot]
4564f5e482 Update changelog and version after v4.31.8 2025-12-12 08:44:31 +00:00
Óscar San José
1b168cd394 Merge pull request #3355 from github/update-v4.31.8-1b0b941e1 
Merge main into releases/v4
v4.31.8 		2025-12-12 09:43:00 +01:00
github-actions[bot]
120f277b16 Update changelog for v4.31.8 2025-12-11 17:23:34 +00:00
Óscar San José
1b0b941e1f Merge pull request #3354 from github/update-bundle/codeql-bundle-v2.23.8 
Update default bundle to 2.23.8
 2025-12-11 17:25:18 +01:00
github-actions[bot]
db812c1ae6 Add changelog note 2025-12-11 15:46:24 +00:00
github-actions[bot]
2930dba17a Update default bundle to codeql-bundle-v2.23.8 2025-12-11 15:46:14 +00:00
Henry Mercer
da501245d4 Update PR template to include GHEC-DR 2025-12-10 17:41:20 +00:00
Henry Mercer
1fc7d3785d Rename GHE_DOTCOM to GHEC_DR 
This more closely reflects the published naming https://docs.github.com/en/enterprise-cloud@latest/admin/data-residency/about-github-enterprise-cloud-with-data-residency
 2025-12-10 17:41:19 +00:00
Henry Mercer
7a55ffeaf1 Determine CodeQL version from feature flags on GHEC-DR 2025-12-10 17:35:27 +00:00
Kasper Svendsen
c43362b91a Merge pull request #3340 from github/kaspersv/check-for-overlayBaseSpecifier 
Overlay: Check database metadata for overlayBaseSpecifier
codeql-bundle-v2.23.8 		2025-12-09 11:37:30 +01:00
Kasper Svendsen
002a7f25fd Overlay: log overlayBaseSpecifier at debug log-level 2025-12-09 09:44:56 +01:00
Kasper Svendsen
5b7e7fcc9c Update src/codeql.ts 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2025-12-09 09:41:33 +01:00
github-actions[bot]
cd48547da5 Rebuild 2025-12-08 17:18:17 +00:00
dependabot[bot]
44570be32d Bump the actions-minor group across 1 directory with 2 updates 
Bumps the actions-minor group with 2 updates in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `ruby/setup-ruby` from 1.268.0 to 1.269.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](8aeb6ff803...d697be2f83)

Updates `actions/create-github-app-token` from 2.2.0 to 2.2.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.2.0...v2.2.1)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.269.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
- dependency-name: actions/create-github-app-token
  dependency-version: 2.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-08 17:16:45 +00:00
github-actions[bot]
b73d396b48 Rebuild 2025-12-08 17:03:51 +00:00