github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 09:10:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,685 Commits 297 Branches 500 Tags
codeql-bundle-v2.23.2
Commit Graph

7685 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
333a673809 Update changelog for v3.30.4 2025-09-25 09:54:23 +00:00
Henry Mercer
5445d1a09c Merge branch 'main' into henrymercer/slim-pr-checks 2025-09-25 10:42:10 +01:00
Chuan-kai Lin
e4b85ab654 Merge pull request #3148 from github/cklin/just-test_file-serial 
build: use --serial in 'just test_file'
 2025-09-24 14:47:17 -07:00
Chuan-kai Lin
1e72556714 build: use --serial in 'just test_file' 
Some tests require the --serial flag to pass.
 2025-09-24 11:10:24 -07:00
Michael B. Gale
39842d8f83 Merge pull request #3146 from github/mbg/start-proxy/authenticate 
Provide `Authorization` header when downloading `update-job-proxy`
 2025-09-24 19:09:40 +01:00
Michael B. Gale
6ccec2ac14 Remove url from log messages 2025-09-24 18:54:49 +01:00
Henry Mercer
435f474d1e Merge pull request #3147 from github/dependabot/npm_and_yarn/npm-76d2ab1078 
Bump @actions/cache from 4.0.5 to 4.1.0 in the npm group
 2025-09-24 18:47:44 +01:00
Henry Mercer
a34e1cd60b Merge branch 'main' into henrymercer/slim-pr-checks 2025-09-24 19:29:32 +02:00
github-actions[bot]
f134e09015 Rebuild 2025-09-24 15:14:06 +00:00
dependabot[bot]
50a31df6ba Bump @actions/cache from 4.0.5 to 4.1.0 in the npm group 
Bumps the npm group with 1 update: [@actions/cache](https://github.com/actions/toolkit/tree/HEAD/packages/cache).


Updates `@actions/cache` from 4.0.5 to 4.1.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/cache/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/cache)

---
updated-dependencies:
- dependency-name: "@actions/cache"
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-24 15:12:49 +00:00
Henry Mercer
8e25b3435d Merge pull request #3144 from github/henrymercer/dependabot 
Update Dependabot configuration for GitHub Actions
 2025-09-24 16:09:27 +01:00
Michael B. Gale
4e820a4ca4 Apply review feedback 2025-09-24 15:50:19 +01:00
Michael B. Gale
5a9c44b3b2 Merge pull request #3145 from github/mbg/ci/skip-checks-for-dependabot 
Skip PR checks for events triggered by Dependabot
 2025-09-24 13:58:23 +01:00
Michael B. Gale
3183e6b8f9 Skip non-generated workflows for Dependabot 2025-09-24 12:49:31 +01:00
Michael B. Gale
d43f46c39c Set Authorization header for downloading update-job-proxy 2025-09-24 12:41:54 +01:00
Michael B. Gale
efcf614b5d Refactor assembling Authorization header value into its own function 2025-09-24 12:40:15 +01:00
Henry Mercer
4082f8c39f Install yq 2025-09-24 13:33:10 +02:00
Michael B. Gale
cec0b17b93 Skip PR checks for events triggered by Dependabot 2025-09-24 12:08:05 +01:00
Henry Mercer
83fdfaf3fc Merge branch 'main' into henrymercer/slim-pr-checks 2025-09-24 13:03:53 +02:00
Henry Mercer
86de17c44d Update Dependabot configuration for GitHub Actions 2025-09-24 11:54:39 +01:00
Henry Mercer
ba58de7d61 Run resolve environment test against Ubuntu only 
There isn't really anything platform-specific at the moment.
 2025-09-24 12:51:03 +02:00
Henry Mercer
8633a151d5 Remove unnecessary "test" prefix from check names 2025-09-24 12:45:10 +02:00
Henry Mercer
79bbb1744e Remove PR checks that are now duplicated 
Direct tracing is now enabled by default.
 2025-09-24 12:44:21 +02:00
Henry Mercer
67a0080933 Test all-platform bundle on all platforms 2025-09-24 12:36:35 +02:00
Henry Mercer
a8eeef9291 Merge pull request #3143 from github/dependabot/npm_and_yarn/npm-1a46694d8a 
Bump the npm group with 3 updates
 2025-09-24 11:31:35 +01:00
github-actions[bot]
f54c1c0b33 Rebuild 2025-09-24 10:14:58 +00:00
dependabot[bot]
c6674f9abd Bump the npm group with 3 updates 
Bumps the npm group with 3 updates: [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@eslint/compat` from 1.3.2 to 1.4.0
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/compat-v1.4.0/packages/compat)

Updates `@typescript-eslint/eslint-plugin` from 8.44.0 to 8.44.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.44.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.44.0 to 8.44.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.44.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@eslint/compat"
  dependency-version: 1.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.44.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.44.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-24 10:13:41 +00:00
Henry Mercer
0890b56a8a Merge pull request #3140 from github/henrymercer/dependabot-rebuild-actions 
Trigger sync back script automatically
 2025-09-24 11:11:54 +01:00
Ian Lynagh
c6e30a2b5a Merge pull request #3118 from github/update-bundle/codeql-bundle-v2.23.1 
Update default bundle to 2.23.1
 2025-09-23 14:25:40 +01:00
Henry Mercer
1b12ed7ea8 Run resolve environment PR checks cross-platform 2025-09-23 15:15:15 +02:00
Henry Mercer
d92eef9c9e Merge pull request #3138 from github/dependabot/github_actions/actions-a14fb9fd22 
Bump the actions group across 1 directory with 2 updates
 2025-09-23 14:11:12 +01:00
Henry Mercer
d34e247444 Enable Dependabot updates for other Actions in .github/actions 2025-09-23 15:00:15 +02:00
Henry Mercer
78e8dc0161 Trigger sync back script automatically 2025-09-23 14:59:56 +02:00
github-actions[bot]
a29637ac01 Rebuild 2025-09-23 12:54:09 +00:00
Henry Mercer
50fc7e9236 Fix tools: linked log message 2025-09-23 14:53:29 +02:00
dependabot[bot]
1ba789f617 Bump the actions group across 1 directory with 2 updates 
Bumps the actions group with 2 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `ruby/setup-ruby` from 1.257.0 to 1.263.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](4451173596...0481980f17)

Updates `actions/create-github-app-token` from 2.1.1 to 2.1.4
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.1.1...v2.1.4)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.263.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: actions/create-github-app-token
  dependency-version: 2.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-23 12:52:28 +00:00
Henry Mercer
944aa7df3d Merge pull request #3088 from github/dependabot/github_actions/actions-f739f361ea 
Bump the actions group with 4 updates
 2025-09-23 13:48:16 +01:00
Henry Mercer
29a4b8731d Run code scanning config tests on Linux only 2025-09-23 14:40:02 +02:00
Henry Mercer
3df807292a Only run PR checks on Ubuntu by default 2025-09-23 14:38:33 +02:00
Henry Mercer
c656a2569b Merge pull request #3094 from github/copilot/stack-pr-3088 
Sync Action version updates back to the source templates in the `pr-checks` directory
 2025-09-23 13:31:55 +01:00
Michael B. Gale
eb05da905d Specify Accept header for toolcache.downloadTool 2025-09-23 13:27:06 +01:00
github-actions[bot]
e8921f7eff Add changelog note 2025-09-23 13:27:06 +01:00
github-actions[bot]
2bbfe979c3 Update default bundle to codeql-bundle-v2.23.1 2025-09-23 13:27:06 +01:00
Kasper Svendsen
5c8c613b75 Merge pull request #3062 from github/kaspersv/bump-minimum-overlay-codeql-version 
Bump minimum CLI version for overlay analysis
 2025-09-23 13:56:54 +02:00
Michael B. Gale
7dfbfdcb01 Report overall cache usage for CodeQL dependency caches 2025-09-23 12:28:42 +01:00
Michael B. Gale
3d7d7c978e Fix comment 2025-09-23 11:56:50 +01:00
Michael B. Gale
249a3cbb5c Add telemetry for storing dependency caches 2025-09-23 11:52:46 +01:00
Michael B. Gale
11480e326c Add telemetry for restoring dependency caches 2025-09-23 11:50:15 +01:00
Kasper Svendsen
e2f4bf692b Bump minimum CLI version for overlay analysis 2025-09-23 12:08:15 +02:00
Henry Mercer
2885255647 Only sync back versions on Dependabot update PRs 2025-09-23 11:29:23 +02:00