codeql-action

mirror of https://github.com/github/codeql-action.git synced 2025-12-30 19:20:08 +08:00

Author	SHA1	Message	Date
dependabot[bot]	5bd8069afb	Bump actions/checkout from 5 to 6 in /.github/workflows Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-11-24 18:01:10 +00:00
dependabot[bot]	53588c5ad2	Bump actions/setup-node from 5 to 6 in /.github/workflows Bumps [actions/setup-node](https://github.com/actions/setup-node) from 5 to 6. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-20 17:26:07 +00:00
Michael B. Gale	cec0b17b93	Skip PR checks for events triggered by Dependabot	2025-09-24 12:08:05 +01:00
Henry Mercer	944aa7df3d	Merge pull request #3088 from github/dependabot/github_actions/actions-f739f361ea Bump the actions group with 4 updates	2025-09-23 13:48:16 +01:00
Michael B. Gale	6fcf631e73	Add `concurrency` settings to PR checks	2025-09-20 14:19:07 +01:00
Paolo Tranquilli	1b8f0ffedf	Set `shell: bash` by default on all workflows	2025-09-09 12:19:45 +02:00
dependabot[bot]	1a80c9b44e	Bump the actions group with 4 updates Bumps the actions group with 4 updates: [actions/setup-go](https://github.com/actions/setup-go), [actions/github-script](https://github.com/actions/github-script), [actions/setup-node](https://github.com/actions/setup-node) and [actions/setup-python](https://github.com/actions/setup-python). Updates `actions/setup-go` from 5 to 6 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v5...v6) Updates `actions/github-script` from 7 to 8 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7...v8) Updates `actions/setup-node` from 4 to 5 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v4...v5) Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/github-script dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-node dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-08 17:54:44 +00:00
Henry Mercer	4da503e0f5	Use `npm ci` in CI	2025-08-21 18:48:23 +01:00
Henry Mercer	879c788b45	Install npm dependencies where necessary in generated workflows	2025-08-21 16:27:50 +01:00
Michael B. Gale	a592f71173	Allow inputs for `workflow_*` events, and propagate them through collections	2025-08-14 11:52:34 +01:00
Michael B. Gale	092bf71d04	Add `workflow_call` triggers to PR checks	2025-08-14 11:52:34 +01:00
Henry Mercer	9dfbcfd29f	Merge pull request #3025 from github/dependabot/github_actions/actions-b7431406fe Bump the actions group with 3 updates	2025-08-12 12:24:05 +01:00
dependabot[bot]	b1bfc45906	Bump the actions group with 3 updates Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/download-artifact](https://github.com/actions/download-artifact) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token). Updates `actions/checkout` from 4 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) Updates `actions/download-artifact` from 4 to 5 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v5) Updates `actions/create-github-app-token` from 2.0.6 to 2.1.1 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/v2.0.6...v2.1.1) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/download-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/create-github-app-token dependency-version: 2.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>	2025-08-12 02:10:43 +00:00
Paolo Tranquilli	286b9e9d74	Specify the `ruamel.yaml` version in one place only (`sync.sh`)	2025-08-11 15:38:32 +02:00
Henry Mercer	9cd802ec12	Give only read-level `security-events` permission where possible	2025-01-24 13:27:33 +00:00
Henry Mercer	bd76a92ebe	PR checks: Remove code for unsupported versions	2025-01-15 17:50:02 +00:00
Josh Soref	756aa649df	spelling: macos Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	2024-11-06 06:43:41 -05:00
Henry Mercer	619f0d628b	Update CodeQL versions tested in generated checks	2024-10-15 19:43:56 +01:00
Henry Mercer	a1404425d9	Remove 2.12.6 from tests	2024-08-05 19:28:35 +01:00
Andrew Eisenberg	79f6e84e69	Ensure string argument instead of boolean	2024-06-14 14:59:22 -07:00
Andrew Eisenberg	3f41e06a52	Merge remote-tracking branch 'upstream/main' into aeisenberg/enable-kotlin-tests	2024-06-14 13:20:03 -07:00
Angela P Wen	67d5a9a476	PR Checks: Use `tools: linked` rather than `tools: latest` Also changes the input and output in the `prepare-test` Action to use `linked`.	2024-05-31 11:49:47 +02:00
Henry Mercer	c59e05245f	Disable fail fast in generated workflows	2024-05-10 16:24:22 +01:00
Angela P Wen	ac2f82a1ff	Log warning if SIP is disabled and CLI version is < 2.15.1 (#2261 ) * PR Checks: use `macos-12` runners for CLI v. < 2.15.1 Prior to CLI v2.15.1, MacOS ARM runners were not supported by the build tracer. "macos-latest" is now an ARM runner, so we run these tests on the old CLIs on Intel runners instead. * Log a warning if SIP is disabled and CLI is < 2.15.1 * Add changenote for SIP-disabled support on old CLI versions * Set up Python 3.11 for all MacOS checks	2024-04-25 22:20:13 +00:00
Henry Mercer	2f0d0eaebd	Update PR checks	2024-04-09 12:19:26 +01:00
Angela P Wen	f421cda8e7	Run integration test PR checks nightly (#2222 ) * Run integration test PR checks nightly Scheduled for 5AM UTC. This will assist in catching bugs introduced with new runner images. * Specify generated YAML indentations For consistency with our non-autogenerated files and GitHub documentation, we should further indent items in lists (`sequence`).	2024-04-04 10:30:18 -07:00
Henry Mercer	d88d538126	Add PR check for specifying configuration using the `config` input	2024-02-15 12:07:19 +00:00

27 Commits