github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,323 Commits 297 Branches 500 Tags
v3.30.0
Commit Graph

868 Commits

Author SHA1 Message Date
Michael B. Gale
872a6a41e9 Add pull-requests: write permission 2025-09-01 13:37:45 +01:00
Michael B. Gale
9389ce0cc4 Merge remote-tracking branch 'origin/main' into mbg/ci/rollback-release 2025-08-29 15:22:49 +01:00
Michael B. Gale
b06d325850 Add draft release URL to job summary 2025-08-29 13:11:27 +01:00
Michael B. Gale
43d629cdfd Use argparse in rollback_changelog.py 2025-08-29 13:06:21 +01:00
Michael B. Gale
8f01f5d429 Apply suggestions from code review 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2025-08-29 12:32:11 +01:00
Henry Mercer
68be0dc609 Merge branch 'main' into henrymercer/bundle 2025-08-29 12:08:22 +01:00
Henry Mercer
48dd624a81 Merge pull request #3059 from github/dependabot/github_actions/actions-fd207b077b 
Bump the actions group with 2 updates
 2025-08-29 10:25:13 +01:00
Michael B. Gale
c0abce94a0 Don't pin Xcode for nightly tests 2025-08-28 15:15:33 +01:00
Michael B. Gale
caeeaa1fe8 Select Xcode 16 in workflows that analyse Swift 2025-08-28 14:01:23 +01:00
Michael B. Gale
5896c12c39 Remove setup-swift steps 2025-08-28 13:56:38 +01:00
Michael B. Gale
15ed54f81f Move updated changelog into place before creating mergeback PR 2025-08-27 12:42:01 +01:00
Michael B. Gale
67e42fe257 Use PR branch as BASE_BRANCH when testing, to make sure script changes are available 2025-08-27 12:23:03 +01:00
Michael B. Gale
1e21ce3021 Ensure we check out the base branch, before creating the mergeback branch 2025-08-27 12:23:03 +01:00
Michael B. Gale
e22f34a405 Create a new tag for test runs, to make sure we have changes from a PR 2025-08-27 12:23:03 +01:00
Michael B. Gale
e1654f1296 Fix prepare_changelog.py not using changelog_file consistently 2025-08-27 12:23:03 +01:00
Michael B. Gale
4205856118 Create mergeback branch/PR 2025-08-27 12:23:03 +01:00
Michael B. Gale
c9665e6850 Add dry-run input to prepare-mergeback-branch 2025-08-27 12:23:02 +01:00
Michael B. Gale
c700209743 Add script for creating a rollback changelog 2025-08-27 12:21:26 +01:00
Michael B. Gale
41dab09adf Refactor mergeback branch prep into an action 2025-08-27 12:21:26 +01:00
Michael B. Gale
541b8e4e38 Improve comment 2025-08-27 12:21:26 +01:00
Michael B. Gale
a1212db66e Fix uses paths 2025-08-27 12:21:26 +01:00
Michael B. Gale
049a0a7bc1 Add initial rollback-release workflow 2025-08-27 12:21:26 +01:00
Michael B. Gale
bd8a3cee96 Refactor prepare job into a reusable workflow 2025-08-27 12:21:25 +01:00
dependabot[bot]
88e5287228 Bump the actions group with 2 updates 
Bumps the actions group with 2 updates: [actions/setup-java](https://github.com/actions/setup-java) and [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `actions/setup-java` from 4 to 5
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v4...v5)

Updates `ruby/setup-ruby` from 1.255.0 to 1.256.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](829114fc20...efbf473cab)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: ruby/setup-ruby
  dependency-version: 1.256.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-26 04:55:28 +00:00
Henry Mercer
4da503e0f5 Use npm ci in CI 2025-08-21 18:48:23 +01:00
Henry Mercer
36468ba4b0 Delete expected queries runs check 
This doesn't give us much net new test coverage
 2025-08-21 16:37:10 +01:00
Henry Mercer
88f7d3d640 Install dependencies in query filters tests 2025-08-21 16:28:28 +01:00
Henry Mercer
879c788b45 Install npm dependencies where necessary in generated workflows 2025-08-21 16:27:50 +01:00
Henry Mercer
f8c0d73f71 Install dependencies in code scanning config test 2025-08-21 16:19:00 +01:00
Henry Mercer
d8905c2090 Don't run linter in CI on Windows 
It isn't working, and this PR didn't break it.  Let's fix it in a separate PR.
 2025-08-21 14:02:46 +01:00
Henry Mercer
a2df83b478 Cache npm dependencies 2025-08-21 13:59:19 +01:00
Henry Mercer
3edad3eebd Combine basic jobs to reduce Actions usage 2025-08-21 13:55:22 +01:00
Henry Mercer
06f83b7cc8 Run more checks on push 2025-08-21 13:51:34 +01:00
Henry Mercer
31ee7f54d3 Install dependencies in PR checks 2025-08-21 13:49:32 +01:00
Henry Mercer
6d34e4e857 Use "Rebuild" workflow instead of "Update dependencies" 2025-08-21 13:47:21 +01:00
dependabot[bot]
624817a691 Bump ruby/setup-ruby from 1.254.0 to 1.255.0 in the actions group 
Bumps the actions group with 1 update: [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `ruby/setup-ruby` from 1.254.0 to 1.255.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](2a7b30092b...829114fc20)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.255.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-19 00:06:34 +00:00
Michael B. Gale
3119b35eed Add template option for installing Java 2025-08-15 17:58:10 +01:00
Michael B. Gale
20c329c963 Sort template files to avoid ordering-issues 2025-08-14 12:08:22 +01:00
Michael B. Gale
bd79bc6b67 Automatically add go-version input if installGo == true 2025-08-14 11:52:35 +01:00
Michael B. Gale
a592f71173 Allow inputs for workflow_* events, and propagate them through collections 2025-08-14 11:52:34 +01:00
Michael B. Gale
cf7a5d3e11 Add support for named collections of workflows 2025-08-14 11:52:34 +01:00
Michael B. Gale
092bf71d04 Add workflow_call triggers to PR checks 2025-08-14 11:52:34 +01:00
Henry Mercer
9dfbcfd29f Merge pull request #3025 from github/dependabot/github_actions/actions-b7431406fe 
Bump the actions group with 3 updates
 2025-08-12 12:24:05 +01:00
dependabot[bot]
b1bfc45906 Bump the actions group with 3 updates 
Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/download-artifact](https://github.com/actions/download-artifact) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

Updates `actions/download-artifact` from 4 to 5
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v4...v5)

Updates `actions/create-github-app-token` from 2.0.6 to 2.1.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.0.6...v2.1.1)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/download-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/create-github-app-token
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-12 02:10:43 +00:00
Paolo Tranquilli
9f966bbbf5 Merge branch 'main' into redsun82/rust-test 2025-08-11 17:01:23 +02:00
Chuan-kai Lin
821d3bd162 Merge branch 'main' into cklin/overlay-pack-check 2025-08-11 07:10:04 -07:00
Paolo Tranquilli
286b9e9d74 Specify the ruamel.yaml version in one place only (sync.sh) 2025-08-11 15:38:32 +02:00
Paolo Tranquilli
2d7401b887 Revert ruamel.yaml back to 0.17.31 
And revert back related changes
 2025-08-11 15:36:42 +02:00
Paolo Tranquilli
28f2516040 Improve Rust analysis PR check 
Also run the `rust` checks on "milestone" CLI releases, to ensure we
remain backward compatible with those versions. This was prompted by
https://github.com/github/codeql-action/pull/2960#pullrequestreview-3104730221

Running this on current `main` and then on that PR should improve our
confidence we remain backward compatible.

It also turns out a probable `ruamel.yaml` update was changing a lot of
generated workflows, so I've:
* fixed the `ruamel.yaml` version to the latest in `sync.sh`
* added `yaml.width = 120` in `sync.py` to minimize (but not entirely
  remove) the number of changes
* checked in the workflows whose formatting was changed by the new
  `ruamel.yaml` version
 2025-08-11 14:58:50 +02:00
Chuan-kai Lin
57f4ac5c1b PR checks: add overlay-init-fallback.yml 2025-08-08 09:57:45 -07:00