github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 17:20:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,826 Commits 297 Branches 500 Tags
codeql-bundle-20210921
Commit Graph

129 Commits

Author SHA1 Message Date
Edoardo Pirovano
30a243e57a Merge branch 'main' into dependabot/npm_and_yarn/octokit/plugin-retry-3.0.9 2021-07-27 23:53:25 +01:00
Edoardo Pirovano
70bbe2df84 Merge branch 'main' into dependabot/npm_and_yarn/types/long-4.0.1 2021-07-27 23:40:50 +01:00
dependabot[bot]
3ba511a8f1 Bump sinon from 9.0.2 to 11.1.2 
Bumps [sinon](https://github.com/sinonjs/sinon) from 9.0.2 to 11.1.2.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sinonjs/sinon/commits)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 22:23:24 +00:00
dependabot[bot]
5f6ba88b4b Bump jsonschema from 1.2.6 to 1.4.0 
Bumps [jsonschema](https://github.com/tdegrunt/jsonschema) from 1.2.6 to 1.4.0.
- [Release notes](https://github.com/tdegrunt/jsonschema/releases)
- [Commits](https://github.com/tdegrunt/jsonschema/compare/v1.2.6...v1.4.0)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 22:23:07 +00:00
dependabot[bot]
50cb464f4a Bump @octokit/plugin-retry from 3.0.3 to 3.0.9 
Bumps [@octokit/plugin-retry](https://github.com/octokit/plugin-retry.js) from 3.0.3 to 3.0.9.
- [Release notes](https://github.com/octokit/plugin-retry.js/releases)
- [Commits](https://github.com/octokit/plugin-retry.js/compare/v3.0.3...v3.0.9)

---
updated-dependencies:
- dependency-name: "@octokit/plugin-retry"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 22:22:56 +00:00
dependabot[bot]
6e37ee3fe2 Bump @types/long from 4.0.0 to 4.0.1 
Bumps [@types/long](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/long) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/long)

---
updated-dependencies:
- dependency-name: "@types/long"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 22:22:48 +00:00
dependabot[bot]
6ca0c46132 Bump @actions/artifact from 0.5.1 to 0.5.2 
Bumps [@actions/artifact](https://github.com/actions/toolkit/tree/HEAD/packages/artifact) from 0.5.1 to 0.5.2.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/artifact/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/artifact)

---
updated-dependencies:
- dependency-name: "@actions/artifact"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 22:22:24 +00:00
Edoardo Pirovano
6520447123 Merge branch 'main' into dependabot/npm_and_yarn/octokit/types-6.21.1 2021-07-27 22:45:39 +01:00
Edoardo Pirovano
5643f45615 Merge branch 'main' into dependabot/npm_and_yarn/query-string-7.0.1 2021-07-27 22:31:33 +01:00
Edoardo Pirovano
fb65207e91 Merge branch 'main' into dependabot/npm_and_yarn/query-string-7.0.1 2021-07-27 21:46:54 +01:00
Edoardo Pirovano
fde64716e1 Merge branch 'main' into dependabot/npm_and_yarn/js-yaml-4.1.0 2021-07-27 20:33:28 +01:00
Edoardo Pirovano
04e8743013 Merge branch 'main' into dependabot/npm_and_yarn/types/node-16.4.3 2021-07-27 20:15:15 +01:00
dependabot[bot]
8536203ad8 Bump @types/node from 12.12.14 to 16.4.3 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.14 to 16.4.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 19:00:10 +00:00
dependabot[bot]
5a7f86f625 Bump query-string from 6.14.0 to 7.0.1 
Bumps [query-string](https://github.com/sindresorhus/query-string) from 6.14.0 to 7.0.1.
- [Release notes](https://github.com/sindresorhus/query-string/releases)
- [Commits](https://github.com/sindresorhus/query-string/compare/v6.14.0...v7.0.1)

---
updated-dependencies:
- dependency-name: query-string
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 19:00:01 +00:00
dependabot[bot]
dbb1b44b8f Bump @types/sinon from 7.5.2 to 10.0.2 
Bumps [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon) from 7.5.2 to 10.0.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon)

---
updated-dependencies:
- dependency-name: "@types/sinon"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 18:59:55 +00:00
dependabot[bot]
07578cd9e7 Bump @octokit/types from 5.5.0 to 6.21.1 
Bumps [@octokit/types](https://github.com/octokit/types.ts) from 5.5.0 to 6.21.1.
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](https://github.com/octokit/types.ts/compare/v5.5.0...v6.21.1)

---
updated-dependencies:
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 18:59:49 +00:00
dependabot[bot]
cec3af8bb0 Bump js-yaml from 3.13.1 to 4.1.0 
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.13.1 to 4.1.0.
- [Release notes](https://github.com/nodeca/js-yaml/releases)
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.13.1...4.1.0)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 18:59:42 +00:00
Edoardo Pirovano
ddd2696b4e Merge branch 'main' into dependabot/npm_and_yarn/eslint-plugin-github-4.1.5 2021-07-27 19:20:07 +01:00
Edoardo Pirovano
8c3255bc78 Merge branch 'main' into dependabot/npm_and_yarn/actions/exec-1.1.0 2021-07-27 19:01:17 +01:00
Edoardo Pirovano
df6f81e49c Merge branch 'main' into dependabot/npm_and_yarn/nock-13.1.1 2021-07-27 18:41:59 +01:00
Edoardo Pirovano
70f5789ed2 Merge branch 'main' into dependabot/npm_and_yarn/actions/http-client-1.0.11 2021-07-27 18:18:44 +01:00
Edoardo Pirovano
99afdfbfbd Merge branch 'main' into dependabot/npm_and_yarn/actions/exec-1.1.0 2021-07-27 18:14:25 +01:00
dependabot[bot]
9ce2456348 Bump typescript from 3.7.5 to 4.3.5 
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.7.5 to 4.3.5.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v3.7.5...v4.3.5)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 16:52:03 +00:00
dependabot[bot]
3ab5d6d4d6 Bump @actions/exec from 1.0.1 to 1.1.0 
Bumps [@actions/exec](https://github.com/actions/toolkit/tree/HEAD/packages/exec) from 1.0.1 to 1.1.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/exec/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/@actions/core@1.1.0/packages/exec)

---
updated-dependencies:
- dependency-name: "@actions/exec"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 16:51:54 +00:00
dependabot[bot]
35f1961385 Bump nock from 12.0.3 to 13.1.1 
Bumps [nock](https://github.com/nock/nock) from 12.0.3 to 13.1.1.
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v12.0.3...v13.1.1)

---
updated-dependencies:
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 16:51:47 +00:00
dependabot[bot]
6b0d45a5c6 Bump eslint-plugin-github from 4.1.1 to 4.1.5 
Bumps [eslint-plugin-github](https://github.com/github/eslint-plugin-github) from 4.1.1 to 4.1.5.
- [Release notes](https://github.com/github/eslint-plugin-github/releases)
- [Commits](https://github.com/github/eslint-plugin-github/compare/v4.1.1...v4.1.5)

---
updated-dependencies:
- dependency-name: eslint-plugin-github
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 16:51:39 +00:00
dependabot[bot]
4867598089 Bump @actions/http-client from 1.0.8 to 1.0.11 
Bumps [@actions/http-client](https://github.com/actions/http-client) from 1.0.8 to 1.0.11.
- [Release notes](https://github.com/actions/http-client/releases)
- [Changelog](https://github.com/actions/http-client/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/http-client/commits)

---
updated-dependencies:
- dependency-name: "@actions/http-client"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 16:51:17 +00:00
github-actions[bot]
fb19072237 Update checked-in dependencies 2021-07-27 08:53:06 +00:00
github-actions[bot]
c4e99325d0 1.0.9 2021-07-26 23:35:55 +00:00
Edoardo Pirovano
934fb86c58 Address PR comments from @robertbrignull 2021-07-26 14:47:03 +01:00
github-actions[bot]
63603427ef 1.0.8 2021-07-21 14:22:34 +00:00
github-actions[bot]
01b1510da2 1.0.7 2021-07-19 09:32:59 +00:00
Andrew Eisenberg
ae97d8f96d Fix dependabot vulnerabilities 
This adds some forced resolutions to ensure that vulnerable versions
of packages are not installed.
 2021-07-14 14:40:10 -07:00
github-actions[bot]
92df23808d 1.0.6 2021-07-12 23:03:41 +00:00
github-actions[bot]
5c3c29fd3f 1.0.5 2021-06-28 15:23:49 +00:00
Andrew Eisenberg
c5434c91d8 Merge branch 'main' into csharp-loc 2021-06-23 16:22:14 -07:00
Edoardo Pirovano
68b68732c6 Fix C# line counting and add test 2021-06-23 23:39:44 +01:00
Andrew Eisenberg
c98b43187d Merge branch 'main' into mergeback/v1.0.3-to-main-cf6e0194 2021-06-23 08:08:49 -07:00
github-actions[bot]
1496843315 1.0.4 2021-06-23 14:56:35 +00:00
Chris Gavin
476f13ea18 Upgrade Actions Tool Cache. 2021-06-23 14:28:33 +01:00
github-actions[bot]
4954c371d1 1.0.3 2021-06-17 18:01:57 +00:00
github-actions[bot]
fbb9046bf6 1.0.2 2021-06-07 20:59:15 +00:00
Edoardo Pirovano
0cbd4b56d3 Add some dependencies for uploading artifacts 2021-06-02 10:32:48 +01:00
Andrew Eisenberg
539d968ad7 Use commander preAction hook for setMode 
Hooks are new to commander v8. We can use hooks to ensure that `setMode`
is called before every command is invoked.
 2021-06-01 11:17:49 -07:00
Andrew Eisenberg
f0e82b7d63 1.0.1 2021-05-31 10:56:52 -07:00
Andrew Eisenberg
8566f9b061 Add a changelog 
Adds an empty changelog file and a reminder to update it when opening
pull requests.

Also, adds a 1.0.0 version number in the package.json, which is what
we _could_ use for version numbering.
 2021-05-19 15:19:36 -07:00
Andrew Eisenberg
ddcb299283 Update loc count library 
This version will count lines of code in each file serially. It still
runs all file system operations asynchronously. The only difference now
is that it will only count one file at a time. It is slower, but it
is able to count large repositories without running out of memory.
 2021-05-12 16:33:05 -07:00
Andrew Eisenberg
489dbb0e02 Fix security vulnerabilities 
Ran `npm audit fix`.

Even though this fixes a "high" severity vulnerability, all affected
packages are dev packages only.
 2021-05-10 10:14:48 -07:00
Andrew Eisenberg
5c0a38d7e4 Update github-linguist dependency 
This version adds a larger list of auto-excluded binary files.
And allows for the passing of a list of file types to restrict
analysis to.
 2021-04-28 14:55:17 -07:00
Andrew Eisenberg
b6b197e0ad Merge branch 'main' into aeisenberg/add-github-linguist 2021-04-23 10:54:04 -07:00