github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-30 19:20:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
8,269 Commits 297 Branches 500 Tags
faf6d35e7bd105fae4fbfefb391972ff2cc8d73e
Commit Graph

30 Commits

Author SHA1 Message Date
Michael B. Gale
d61a6fa793 Update CLI config test to account for overlay db changes on PRs 2025-12-03 12:11:11 +00:00
dependabot[bot]
5bd8069afb Bump actions/checkout from 5 to 6 in /.github/workflows 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 18:01:10 +00:00
dependabot[bot]
53588c5ad2 Bump actions/setup-node from 5 to 6 in /.github/workflows 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 5 to 6.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-20 17:26:07 +00:00
Mario Campos
180438161e Specify Node.js v24 in actions/setup-node steps. 2025-09-30 14:11:13 -05:00
Henry Mercer
a34e1cd60b Merge branch 'main' into henrymercer/slim-pr-checks 2025-09-24 19:29:32 +02:00
Michael B. Gale
3183e6b8f9 Skip non-generated workflows for Dependabot 2025-09-24 12:49:31 +01:00
Henry Mercer
83fdfaf3fc Merge branch 'main' into henrymercer/slim-pr-checks 2025-09-24 13:03:53 +02:00
Henry Mercer
944aa7df3d Merge pull request #3088 from github/dependabot/github_actions/actions-f739f361ea 
Bump the actions group with 4 updates
 2025-09-23 13:48:16 +01:00
Henry Mercer
29a4b8731d Run code scanning config tests on Linux only 2025-09-23 14:40:02 +02:00
Michael B. Gale
54746c8dad Fix expected-config-file-contents 2025-09-22 14:56:51 +01:00
Paolo Tranquilli
1b8f0ffedf Set shell: bash by default on all workflows 2025-09-09 12:19:45 +02:00
dependabot[bot]
1a80c9b44e Bump the actions group with 4 updates 
Bumps the actions group with 4 updates: [actions/setup-go](https://github.com/actions/setup-go), [actions/github-script](https://github.com/actions/github-script), [actions/setup-node](https://github.com/actions/setup-node) and [actions/setup-python](https://github.com/actions/setup-python).


Updates `actions/setup-go` from 5 to 6
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v5...v6)

Updates `actions/github-script` from 7 to 8
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v7...v8)

Updates `actions/setup-node` from 4 to 5
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4...v5)

Updates `actions/setup-python` from 5 to 6
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/github-script
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-node
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-python
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-08 17:54:44 +00:00
Henry Mercer
4da503e0f5 Use npm ci in CI 2025-08-21 18:48:23 +01:00
Henry Mercer
f8c0d73f71 Install dependencies in code scanning config test 2025-08-21 16:19:00 +01:00
dependabot[bot]
b1bfc45906 Bump the actions group with 3 updates 
Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/download-artifact](https://github.com/actions/download-artifact) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

Updates `actions/download-artifact` from 4 to 5
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v4...v5)

Updates `actions/create-github-app-token` from 2.0.6 to 2.1.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.0.6...v2.1.1)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/download-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/create-github-app-token
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-12 02:10:43 +00:00
Henry Mercer
1569f4c145 Disable diff-informed queries in code scanning config tests 2025-05-01 12:14:34 +01:00
Henry Mercer
9cd802ec12 Give only read-level security-events permission where possible 2025-01-24 13:27:33 +00:00
Henry Mercer
d39065943f Add missing permissions 2025-01-24 13:21:05 +00:00
Angela P Wen
67d5a9a476 PR Checks: Use tools: linked rather than tools: latest 
Also changes the input and output in the `prepare-test` Action to use `linked`.
 2024-05-31 11:49:47 +02:00
Henry Mercer
f73b0b70eb Disable fail fast for non-generated workflows 2024-05-10 16:27:12 +01:00
Angela P Wen
f421cda8e7 Run integration test PR checks nightly (#2222) 
* Run integration test PR checks nightly

Scheduled for 5AM UTC. This will assist in catching bugs introduced with new runner images.

* Specify generated YAML indentations

For consistency with our non-autogenerated files and GitHub documentation, we should further indent items in lists (`sequence`).
 2024-04-04 10:30:18 -07:00
Henry Mercer
d7437a2202 Remove deprecated CODEQL_PASS_CONFIG_TO_CLI env var from PR checks 2024-01-04 16:41:50 +00:00
nickfyson
0e9a210226 update workflows to run on all release branches 2023-12-06 15:57:43 +00:00
dependabot[bot]
321d3e057d Bump the actions group with 1 update 
Bumps the actions group with 1 update: [actions/checkout](https://github.com/actions/checkout).

- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 18:00:31 +00:00
Henry Mercer
49e0fc2ba1 PR checks: Rename cached to default 2023-08-02 18:02:10 +01:00
Andrew Eisenberg
2754e10472 Move to the codeql-testing org 
Refer to the packages in codeql-testing, not in dsp-testing.
 2023-04-04 13:39:56 -07:00
Henry Mercer
e85546ccca Move internal Actions into .github/actions 
This is a more standard location for these custom Actions.
 2023-04-03 18:29:29 +01:00
Henry Mercer
e530813ab8 Remove PR checks for v1 2023-01-16 18:49:32 +00:00
Henry Mercer
5767f918ef Remove redundant fail-fast configurations 2022-10-27 15:19:07 +01:00
Andrew Eisenberg
6fabde2be8 Add packs and queries from input 
This commit adds the packs and queries from the actions input to the
config file used by the CodeQL CLI.

When the `+` is used, the actions input value is combined with the
config value and when it is not used, the input value overrides the
config value.

This commit also adds a bunch of integration tests for this feature.
In order to avoid adding too many new jobs, all of the tests are
run sequentially in a single job (matrixed across relevant operating
systems and OSes).
 2022-06-28 14:07:51 -07:00