github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-29 02:30:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
8,236 Commits 297 Branches 500 Tags
6dbc22c93f482cbf1147d544a8ced08d017e9ebc
Commit Graph

1153 Commits

Author SHA1 Message Date
dependabot[bot]
6dbc22c93f Bump actions/download-artifact from 6 to 7 in /.github/workflows 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:18:32 +00:00
dependabot[bot]
44570be32d Bump the actions-minor group across 1 directory with 2 updates 
Bumps the actions-minor group with 2 updates in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `ruby/setup-ruby` from 1.268.0 to 1.269.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](8aeb6ff803...d697be2f83)

Updates `actions/create-github-app-token` from 2.2.0 to 2.2.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.2.0...v2.2.1)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.269.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
- dependency-name: actions/create-github-app-token
  dependency-version: 2.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-08 17:16:45 +00:00
Michael B. Gale
d61a6fa793 Update CLI config test to account for overlay db changes on PRs 2025-12-03 12:11:11 +00:00
Michael B. Gale
f7abc748a3 Remove branch filter for PR event in CodeQL workflow 2025-11-28 09:13:23 +00:00
Michael B. Gale
a6909455e4 Remove push triggers from workflow collections 2025-11-26 10:27:48 +00:00
Michael B. Gale
0e52774aee Merge pull request #3326 from github/dependabot/github_actions/dot-github/workflows/actions-minor-8ee81fe642 
Bump actions/create-github-app-token from 2.1.4 to 2.2.0 in /.github/workflows in the actions-minor group across 1 directory
 2025-11-25 11:45:44 +00:00
dependabot[bot]
5bd8069afb Bump actions/checkout from 5 to 6 in /.github/workflows 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 18:01:10 +00:00
dependabot[bot]
6feac2b36a Bump actions/create-github-app-token 
Bumps the actions-minor group with 1 update in the /.github/workflows directory: [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `actions/create-github-app-token` from 2.1.4 to 2.2.0
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.1.4...v2.2.0)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-version: 2.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 17:59:04 +00:00
Michael B. Gale
de12435376 Merge pull request #3308 from github/mbg/pr-template/nov25 
Add additional options to PR template and clarify some
 2025-11-18 11:52:08 +00:00
Michael B. Gale
7bcdb4bc66 Add additional options to PR template and clarify some 2025-11-17 17:48:39 +00:00
dependabot[bot]
c418a0fc93 Bump ruby/setup-ruby 
Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `ruby/setup-ruby` from 1.267.0 to 1.268.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](d5126b9b35...8aeb6ff803)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.268.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-17 17:17:07 +00:00
Michael B. Gale
3fac49c140 Update remaining workflows 2025-11-13 19:53:24 +00:00
Michael B. Gale
38a3a7258f Enable installDotNet in all workflows that analyse C# 2025-11-13 19:48:37 +00:00
Michael B. Gale
f20e02164a Add support for adding setup-dotnet steps to sync.sh 2025-11-13 18:58:54 +00:00
Michael B. Gale
7a7cd8565c Don't push for PR event 2025-11-12 15:09:25 +00:00
Michael B. Gale
fd830db27b Trigger on PR for relevant changes 2025-11-12 15:05:11 +00:00
Michael B. Gale
a7e52b690b Perform sparse checkout 2025-11-12 15:04:21 +00:00
Michael B. Gale
71c3720f43 Run npm ci in update-supported-enterprise-server-versions.yml 2025-11-12 14:57:05 +00:00
Michael B. Gale
6dd11f73d3 Update .github/workflows/script/bundle_changelog.py 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-05 11:34:26 +00:00
Michael B. Gale
c9f82f2adf Move python script to file 2025-11-05 11:22:38 +00:00
Michael B. Gale
33684ef869 Add setup-python step to update-bundle workflow 2025-11-05 11:20:06 +00:00
Michael B. Gale
862f5666b3 Merge pull request #3275 from github/mbg/checks/filter-ccr 
Filter CCR jobs in `update-required-checks.sh`
 2025-11-05 10:15:57 +00:00
Michael B. Gale
d03fd76232 Filter CCR jobs in update-required-checks.sh 2025-11-04 22:23:12 +00:00
Michael B. Gale
9d5565fba2 Remove macos-13 from codeql workflow 2025-11-04 21:29:25 +00:00
Michael B. Gale
64db1da706 Create immutable action version on tag push 2025-10-31 16:24:23 +00:00
Henry Mercer
3b96745d2b Set up Python in mergeback workflow 2025-10-30 14:06:12 +00:00
Henry Mercer
2a3599c520 Run lightweight workflows on ubuntu-slim 2025-10-30 11:25:32 +00:00
Henry Mercer
8d50be301c Merge pull request #3245 from github/dependabot/github_actions/dot-github/workflows/actions/download-artifact-6 
Bump actions/download-artifact from 5 to 6 in /.github/workflows
 2025-10-30 10:02:36 +00:00
Henry Mercer
1af9394995 Merge pull request #3244 from github/dependabot/github_actions/dot-github/workflows/actions-minor-b11285d543 
Bump ruby/setup-ruby from 1.265.0 to 1.267.0 in /.github/workflows in the actions-minor group across 1 directory
 2025-10-28 13:28:36 +00:00
dependabot[bot]
9c39f0afb0 Bump actions/download-artifact from 5 to 6 in /.github/workflows 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-27 18:05:01 +00:00
dependabot[bot]
b5bbb5ab73 Bump ruby/setup-ruby 
Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `ruby/setup-ruby` from 1.265.0 to 1.267.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ab177d40ee...d5126b9b35)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.267.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-27 17:52:58 +00:00
dependabot[bot]
42f957bb51 Bump actions/upload-artifact from 4 to 5 in /.github/workflows 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-27 17:28:57 +00:00
Michael B. Gale
f0452d5366 Consistently use "post-processing" 2025-10-24 10:20:25 +01:00
Michael B. Gale
8ff870a6c2 Rename new input to processed-sarif-path 2025-10-22 19:12:57 +01:00
Michael B. Gale
5e37670026 Use post-process-output in PR check 2025-10-22 19:01:42 +01:00
dependabot[bot]
53588c5ad2 Bump actions/setup-node from 5 to 6 in /.github/workflows 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 5 to 6.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-20 17:26:07 +00:00
Henry Mercer
e9daf5bcd9 Comment version that is pinned 
Co-authored-by: Michael B. Gale <mbg@github.com>
 2025-10-20 17:25:01 +01:00
Henry Mercer
c13672ee32 Bump sizes a bit 2025-10-20 16:48:51 +01:00
Henry Mercer
f2f52d0d47 Add score for XL 2025-10-20 15:13:53 +01:00
Henry Mercer
08e53bec85 Update .github/sizeup.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-10-20 15:12:50 +01:00
Henry Mercer
519594fe94 Update workflow name 2025-10-20 15:12:25 +01:00
Henry Mercer
8c324fe288 Add experimental functionality for labelling PRs by their size 2025-10-20 15:10:40 +01:00
Michael B. Gale
4874f90a8d Merge branch 'main' into mbg/setup-codeql 2025-10-17 13:32:40 +01:00
Michael B. Gale
3569065d7e Install Python 3.13, except for nightly-latest 2025-10-17 12:51:50 +01:00
Michael B. Gale
80220dcd46 Use setup-codeql action in bundle-from-toolcache check 2025-10-12 14:14:07 +01:00
Henry Mercer
3c764cd93a Only create GitHub release if it doesn't already exist 2025-10-10 17:54:08 +01:00
Henry Mercer
c8765c966b Revert "Rebuild" commit rather than "Update dependencies" 2025-10-10 17:23:02 +01:00
Henry Mercer
f402506f0f Merge pull request #3196 from github/dependabot/github_actions/dot-github/workflows/actions-minor-945aab589d 
Bump ruby/setup-ruby from 1.263.0 to 1.265.0 in /.github/workflows in the actions-minor group across 1 directory
 2025-10-10 15:20:16 +01:00
dependabot[bot]
452186448a Bump github/codeql-action from 3 to 4 in /.github/workflows 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-10 13:48:11 +00:00
dependabot[bot]
eadf14bf6e Bump ruby/setup-ruby 
Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `ruby/setup-ruby` from 1.263.0 to 1.265.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](0481980f17...ab177d40ee)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.265.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-10 13:48:07 +00:00