github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 09:40:17 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,643 Commits 297 Branches 500 Tags
codeql-bundle-v2.21.0
Commit Graph

6643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marco Gario
ecf723239a Sanitize inputs 2025-01-24 20:20:10 +00:00
Dave Bartolomeo
e7c0c9d71b Merge pull request #2722 from github/mergeback/v3.28.5-to-main-f6091c01 
Mergeback v3.28.5 refs/heads/releases/v3 into main
 2025-01-24 11:52:47 -05:00
Marco Gario
51bb5eb99a Fix bug in getCredentials + tests 2025-01-24 16:39:47 +00:00
Henry Mercer
4b8aeabbe4 Merge branch 'main' into mergeback/v3.28.5-to-main-f6091c01 2025-01-24 16:39:07 +00:00
github-actions[bot]
336c69eec0 Update checked-in dependencies 2025-01-24 16:37:53 +00:00
github-actions[bot]
da67fa0eb5 Update changelog and version after v3.28.5 2025-01-24 16:34:16 +00:00
Dave Bartolomeo
f6091c0113 Merge pull request #2721 from github/update-v3.28.5-01f001931 
Merge main into releases/v3
v3.28.5 		2025-01-24 11:26:18 -05:00
Henry Mercer
c22d1f36ab Merge pull request #2720 from github/henrymercer/add-permissions 
Restrict workflow permissions
 2025-01-24 16:21:00 +00:00
github-actions[bot]
064af10f0d Update changelog for v3.28.5 2025-01-24 16:11:52 +00:00
Dave Bartolomeo
01f0019310 Merge pull request #2717 from github/update-bundle/codeql-bundle-v2.20.3 
Update default bundle to 2.20.3
 2025-01-24 09:53:17 -05:00
Henry Mercer
3b34c672ca Merge branch 'main' into henrymercer/add-permissions 2025-01-24 13:40:54 +00:00
Henry Mercer
9cd802ec12 Give only read-level security-events permission where possible 2025-01-24 13:27:33 +00:00
Henry Mercer
d39065943f Add missing permissions 2025-01-24 13:21:05 +00:00
Stephan Brandauer
573ad887cd Merge pull request #2718 from github/kaeluka/4779-1 
Update workflow permissions
 2025-01-24 14:16:12 +01:00
Stephan Brandauer
d7f39764f6 permissions block in query-filters.yml 2025-01-24 12:12:00 +01:00
github-actions[bot]
428975ce2c Add changelog note 2025-01-23 22:15:18 +00:00
github-actions[bot]
208091da0a Update default bundle to codeql-bundle-v2.20.3 2025-01-23 22:15:14 +00:00
Chris Smowton
7e3036b9cd Merge pull request #2716 from github/mergeback/v3.28.4-to-main-ee117c90 
Mergeback v3.28.4 refs/heads/releases/v3 into main
codeql-bundle-v2.20.3 		2025-01-23 17:09:33 +00:00
github-actions[bot]
e32a0d62d4 Update checked-in dependencies 2025-01-23 16:48:10 +00:00
github-actions[bot]
67c21e4084 Update changelog and version after v3.28.4 2025-01-23 16:44:36 +00:00
Chris Smowton
ee117c905a Merge pull request #2715 from github/update-v3.28.4-b44b19fe8 
Merge main into releases/v3
v3.28.4 		2025-01-23 16:43:44 +00:00
github-actions[bot]
377913f015 Update changelog for v3.28.4 2025-01-23 16:28:37 +00:00
Angela P Wen
b44b19fe8d Merge pull request #2714 from github/mergeback/v3.28.3-to-main-dd196fa9 
Mergeback v3.28.3 refs/heads/releases/v3 into main
 2025-01-22 11:34:36 -08:00
github-actions[bot]
d7366a1e50 Update checked-in dependencies 2025-01-22 19:16:53 +00:00
github-actions[bot]
4872b26ff9 Update changelog and version after v3.28.3 2025-01-22 19:14:27 +00:00
Angela P Wen
dd196fa9ce Merge pull request #2713 from github/update-v3.28.3-23ec3afaf 
Merge main into releases/v3
v3.28.3 		2025-01-22 11:13:29 -08:00
github-actions[bot]
23d07bb885 Update changelog for v3.28.3 2025-01-22 18:55:38 +00:00
Angela P Wen
23ec3afaf8 Merge pull request #2712 from github/angelapwen/stop-debug-artifacts 
Temporarily disable uploading debug artifacts
 2025-01-22 10:53:09 -08:00
Angela P Wen
519de26711 Temporarily disable uploading debug artifacts 2025-01-22 10:35:38 -08:00
Henry Mercer
7e4b683a3d Merge pull request #2710 from github/henrymercer/fix-extension-assumption 
Fix assumption that download URLs contain file extension
 2025-01-22 16:03:43 +00:00
Henry Mercer
3505f8142a Merge branch 'main' into henrymercer/fix-extension-assumption 2025-01-22 14:52:26 +00:00
Chris Smowton
1645dbd3bf Merge pull request #2707 from github/update-bundle/codeql-bundle-v2.20.2 
Update default bundle to 2.20.2
 2025-01-22 14:41:04 +00:00
Chris Smowton
4b7c237f3d Merge branch 'main' into update-bundle/codeql-bundle-v2.20.2 2025-01-22 14:27:19 +00:00
Henry Mercer
924ef8f189 Merge pull request #2711 from github/dependabot/npm_and_yarn/npm_and_yarn-2c579f9325 
build(deps): bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group
 2025-01-22 13:35:07 +00:00
github-actions[bot]
140c5ea762 Update checked-in dependencies 2025-01-22 13:22:06 +00:00
dependabot[bot]
c34eb63970 build(deps): bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group 
Bumps the npm_and_yarn group with 1 update: [undici](https://github.com/nodejs/undici).


Updates `undici` from 5.28.4 to 5.28.5
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.28.4...v5.28.5)

---
updated-dependencies:
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-22 13:20:50 +00:00
Henry Mercer
07d32980ce Tweak wording of changelog entry 2025-01-22 13:14:30 +00:00
Henry Mercer
20bbc8f5b5 Add changelog note 2025-01-22 13:02:46 +00:00
Henry Mercer
d23f49f56f Fix assumption that download URLs contain file extension 
This is not the case when downloading the bundle from a GitHub Release synced to GHES with the CodeQL Action sync tool.
 2025-01-22 13:02:45 +00:00
Marco Gario
f89b8a7d52 Merge pull request #2709 from github/mergeback/v3.28.2-to-main-d68b2d4e 
Mergeback v3.28.2 refs/heads/releases/v3 into main
 2025-01-21 18:20:37 +01:00
github-actions[bot]
86400836d1 Update checked-in dependencies 2025-01-21 17:07:17 +00:00
github-actions[bot]
6fee807c9b Update changelog and version after v3.28.2 2025-01-21 17:05:34 +00:00
Marco Gario
d68b2d4edb Merge pull request #2708 from github/update-v3.28.2-d90e07f32 
Merge main into releases/v3
v3.28.2 		2025-01-21 18:04:25 +01:00
github-actions[bot]
ea23796445 Update changelog for v3.28.2 2025-01-21 15:58:08 +00:00
github-actions[bot]
a0c2b7d296 Add changelog note 2025-01-21 14:20:16 +00:00
github-actions[bot]
aa76523503 Update default bundle to codeql-bundle-v2.20.2 2025-01-21 14:20:11 +00:00
Andrew Eisenberg
d90e07f32e Merge pull request #2703 from github/dependabot/npm_and_yarn/npm-cd3f77644b 
build(deps): bump the npm group with 3 updates
codeql-bundle-v2.20.2 		2025-01-20 11:06:11 -08:00
github-actions[bot]
7b7562b176 Update checked-in dependencies 2025-01-20 17:43:54 +00:00
dependabot[bot]
c16863838b build(deps): bump the npm group with 3 updates 
Bumps the npm group with 3 updates: [@actions/tool-cache](https://github.com/actions/toolkit/tree/HEAD/packages/tool-cache), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@actions/tool-cache` from 2.0.1 to 2.0.2
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/tool-cache/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/tool-cache)

Updates `@typescript-eslint/eslint-plugin` from 8.20.0 to 8.21.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.21.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.20.0 to 8.21.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.21.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@actions/tool-cache"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-20 17:42:26 +00:00
Owen Mansel-Chan
0d043c929c Update to rc2 2025-01-17 09:20:52 +00:00