github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 17:50:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,458 Commits 297 Branches 500 Tags
v3.28.9
Commit Graph

6458 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Eisenberg
b494190443 Merge pull request #2726 from github/aeisenberg/reenable-artifact-upload 
Ensure artifacts are only uploaded in safe situations
 2025-01-27 11:10:46 -08:00
Andrew Eisenberg
a879704805 Clarify test fail;ure message 2025-01-27 10:51:01 -08:00
Andrew Eisenberg
62c322fad9 Add better comments around artifact upload tests 2025-01-27 10:18:03 -08:00
Andrew Eisenberg
c6b286132e Merge pull request #2731 from github/dependabot/npm_and_yarn/npm-e1e9e6cd15 
build(deps-dev): bump the npm group with 4 updates
 2025-01-27 10:14:25 -08:00
Andrew Eisenberg
9ba5bca2ab Update Python version to 3.13 in workflow 2025-01-27 09:29:49 -08:00
Andrew Eisenberg
297e89a0d9 Merge pull request #2723 from github/marcogario/start-proxy_tests 
start-proxy: Fix bug when language is not provided
 2025-01-27 09:25:59 -08:00
github-actions[bot]
357e0ceaa9 Update checked-in dependencies 2025-01-27 17:21:38 +00:00
dependabot[bot]
7fdbca3ba3 build(deps-dev): bump the npm group with 4 updates 
Bumps the npm group with 4 updates: [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [nock](https://github.com/nock/nock).


Updates `@eslint/js` from 9.18.0 to 9.19.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.19.0/packages/js)

Updates `@typescript-eslint/eslint-plugin` from 8.21.0 to 8.22.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.22.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.21.0 to 8.22.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.22.0/packages/parser)

Updates `nock` from 13.5.6 to 14.0.0
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v13.5.6...v14.0.0)

---
updated-dependencies:
- dependency-name: "@eslint/js"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-27 17:20:44 +00:00
Marco Gario
7c2eafa990 Use ConfigureationError for exceptions 2025-01-27 10:09:07 +00:00
Óscar San José
faa23b6fee Switch auth for enterprises-release repo from ssh to codeql CI token 2025-01-27 10:54:47 +01:00
Andrew Eisenberg
a2c1b36bdf Iterate over each version 
Not sure why we need this now, but didn't before.
 2025-01-26 19:18:07 -08:00
Andrew Eisenberg
346d06794f Fix CLI versions 2025-01-26 19:17:29 -08:00
Andrew Eisenberg
f71067bd5f Stop using feature-flag support for determining if a feature is active 
Using the feature flag mechanism for checking if uploads are enabled was
too clunky. I'm moving the change to checking versions directly.
 2025-01-26 13:42:15 -08:00
Andrew Eisenberg
5ff24648ef Update changelog 2025-01-25 15:34:21 -08:00
Andrew Eisenberg
2bab9f7984 Ensure artifacts are only uploaded in safe situations 
This commit:

Turns on uploading of artifacts again but only if CLI version is
>= 2.20.3. I implemented the check using our feature flag functionality.
I was on the fence about this since it makes the PR more complex.
However, it does give us more flexibility when controlling artifact
uploads.

Also, I renamed the two workflows that were previously disabled. This
way we will not accidentally enable the old workflows for previous
versions of the action.
 2025-01-25 15:31:35 -08:00
Andrew Eisenberg
de4457eac2 Add actions analysis to code scannign 
Create a new job to run actions since we don't need to
matrix the runs across multiple OSes.
 2025-01-24 15:14:37 -08:00
Marco Gario
7d7758bb24 Skip proxy if no credentials 2025-01-24 21:46:40 +00:00
Marco Gario
f6d19ed42e Formatting 2025-01-24 20:27:36 +00:00
Marco Gario
ecf723239a Sanitize inputs 2025-01-24 20:20:10 +00:00
Dave Bartolomeo
e7c0c9d71b Merge pull request #2722 from github/mergeback/v3.28.5-to-main-f6091c01 
Mergeback v3.28.5 refs/heads/releases/v3 into main
 2025-01-24 11:52:47 -05:00
Marco Gario
51bb5eb99a Fix bug in getCredentials + tests 2025-01-24 16:39:47 +00:00
Henry Mercer
4b8aeabbe4 Merge branch 'main' into mergeback/v3.28.5-to-main-f6091c01 2025-01-24 16:39:07 +00:00
github-actions[bot]
336c69eec0 Update checked-in dependencies 2025-01-24 16:37:53 +00:00
github-actions[bot]
da67fa0eb5 Update changelog and version after v3.28.5 2025-01-24 16:34:16 +00:00
Dave Bartolomeo
f6091c0113 Merge pull request #2721 from github/update-v3.28.5-01f001931 
Merge main into releases/v3
v3.28.5 		2025-01-24 11:26:18 -05:00
Henry Mercer
c22d1f36ab Merge pull request #2720 from github/henrymercer/add-permissions 
Restrict workflow permissions
 2025-01-24 16:21:00 +00:00
github-actions[bot]
064af10f0d Update changelog for v3.28.5 2025-01-24 16:11:52 +00:00
Dave Bartolomeo
01f0019310 Merge pull request #2717 from github/update-bundle/codeql-bundle-v2.20.3 
Update default bundle to 2.20.3
 2025-01-24 09:53:17 -05:00
Henry Mercer
3b34c672ca Merge branch 'main' into henrymercer/add-permissions 2025-01-24 13:40:54 +00:00
Henry Mercer
9cd802ec12 Give only read-level security-events permission where possible 2025-01-24 13:27:33 +00:00
Henry Mercer
d39065943f Add missing permissions 2025-01-24 13:21:05 +00:00
Stephan Brandauer
573ad887cd Merge pull request #2718 from github/kaeluka/4779-1 
Update workflow permissions
 2025-01-24 14:16:12 +01:00
Stephan Brandauer
d7f39764f6 permissions block in query-filters.yml 2025-01-24 12:12:00 +01:00
github-actions[bot]
428975ce2c Add changelog note 2025-01-23 22:15:18 +00:00
github-actions[bot]
208091da0a Update default bundle to codeql-bundle-v2.20.3 2025-01-23 22:15:14 +00:00
Chris Smowton
7e3036b9cd Merge pull request #2716 from github/mergeback/v3.28.4-to-main-ee117c90 
Mergeback v3.28.4 refs/heads/releases/v3 into main
codeql-bundle-v2.20.3 		2025-01-23 17:09:33 +00:00
github-actions[bot]
e32a0d62d4 Update checked-in dependencies 2025-01-23 16:48:10 +00:00
github-actions[bot]
67c21e4084 Update changelog and version after v3.28.4 2025-01-23 16:44:36 +00:00
Chris Smowton
ee117c905a Merge pull request #2715 from github/update-v3.28.4-b44b19fe8 
Merge main into releases/v3
v3.28.4 		2025-01-23 16:43:44 +00:00
github-actions[bot]
377913f015 Update changelog for v3.28.4 2025-01-23 16:28:37 +00:00
Angela P Wen
b44b19fe8d Merge pull request #2714 from github/mergeback/v3.28.3-to-main-dd196fa9 
Mergeback v3.28.3 refs/heads/releases/v3 into main
 2025-01-22 11:34:36 -08:00
github-actions[bot]
d7366a1e50 Update checked-in dependencies 2025-01-22 19:16:53 +00:00
github-actions[bot]
4872b26ff9 Update changelog and version after v3.28.3 2025-01-22 19:14:27 +00:00
Angela P Wen
dd196fa9ce Merge pull request #2713 from github/update-v3.28.3-23ec3afaf 
Merge main into releases/v3
v3.28.3 		2025-01-22 11:13:29 -08:00
github-actions[bot]
23d07bb885 Update changelog for v3.28.3 2025-01-22 18:55:38 +00:00
Angela P Wen
23ec3afaf8 Merge pull request #2712 from github/angelapwen/stop-debug-artifacts 
Temporarily disable uploading debug artifacts
 2025-01-22 10:53:09 -08:00
Angela P Wen
519de26711 Temporarily disable uploading debug artifacts 2025-01-22 10:35:38 -08:00
Henry Mercer
7e4b683a3d Merge pull request #2710 from github/henrymercer/fix-extension-assumption 
Fix assumption that download URLs contain file extension
 2025-01-22 16:03:43 +00:00
Henry Mercer
3505f8142a Merge branch 'main' into henrymercer/fix-extension-assumption 2025-01-22 14:52:26 +00:00
Chris Smowton
1645dbd3bf Merge pull request #2707 from github/update-bundle/codeql-bundle-v2.20.2 
Update default bundle to 2.20.2
 2025-01-22 14:41:04 +00:00