github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 09:10:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,620 Commits 297 Branches 500 Tags
v3.30.4
Commit Graph

7620 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ian Lynagh
303c0aef88 Merge pull request #3149 from github/update-v3.30.4-e4b85ab65 
Merge main into releases/v3
v3.30.4 		2025-09-25 11:18:49 +01:00
github-actions[bot]
333a673809 Update changelog for v3.30.4 2025-09-25 09:54:23 +00:00
Chuan-kai Lin
e4b85ab654 Merge pull request #3148 from github/cklin/just-test_file-serial 
build: use --serial in 'just test_file'
 2025-09-24 14:47:17 -07:00
Chuan-kai Lin
1e72556714 build: use --serial in 'just test_file' 
Some tests require the --serial flag to pass.
 2025-09-24 11:10:24 -07:00
Michael B. Gale
39842d8f83 Merge pull request #3146 from github/mbg/start-proxy/authenticate 
Provide `Authorization` header when downloading `update-job-proxy`
 2025-09-24 19:09:40 +01:00
Michael B. Gale
6ccec2ac14 Remove url from log messages 2025-09-24 18:54:49 +01:00
Henry Mercer
435f474d1e Merge pull request #3147 from github/dependabot/npm_and_yarn/npm-76d2ab1078 
Bump @actions/cache from 4.0.5 to 4.1.0 in the npm group
 2025-09-24 18:47:44 +01:00
github-actions[bot]
f134e09015 Rebuild 2025-09-24 15:14:06 +00:00
dependabot[bot]
50a31df6ba Bump @actions/cache from 4.0.5 to 4.1.0 in the npm group 
Bumps the npm group with 1 update: [@actions/cache](https://github.com/actions/toolkit/tree/HEAD/packages/cache).


Updates `@actions/cache` from 4.0.5 to 4.1.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/cache/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/cache)

---
updated-dependencies:
- dependency-name: "@actions/cache"
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-24 15:12:49 +00:00
Henry Mercer
8e25b3435d Merge pull request #3144 from github/henrymercer/dependabot 
Update Dependabot configuration for GitHub Actions
 2025-09-24 16:09:27 +01:00
Michael B. Gale
4e820a4ca4 Apply review feedback 2025-09-24 15:50:19 +01:00
Michael B. Gale
5a9c44b3b2 Merge pull request #3145 from github/mbg/ci/skip-checks-for-dependabot 
Skip PR checks for events triggered by Dependabot
 2025-09-24 13:58:23 +01:00
Michael B. Gale
3183e6b8f9 Skip non-generated workflows for Dependabot 2025-09-24 12:49:31 +01:00
Michael B. Gale
d43f46c39c Set Authorization header for downloading update-job-proxy 2025-09-24 12:41:54 +01:00
Michael B. Gale
efcf614b5d Refactor assembling Authorization header value into its own function 2025-09-24 12:40:15 +01:00
Michael B. Gale
cec0b17b93 Skip PR checks for events triggered by Dependabot 2025-09-24 12:08:05 +01:00
Henry Mercer
86de17c44d Update Dependabot configuration for GitHub Actions 2025-09-24 11:54:39 +01:00
Henry Mercer
a8eeef9291 Merge pull request #3143 from github/dependabot/npm_and_yarn/npm-1a46694d8a 
Bump the npm group with 3 updates
 2025-09-24 11:31:35 +01:00
github-actions[bot]
f54c1c0b33 Rebuild 2025-09-24 10:14:58 +00:00
dependabot[bot]
c6674f9abd Bump the npm group with 3 updates 
Bumps the npm group with 3 updates: [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@eslint/compat` from 1.3.2 to 1.4.0
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/compat-v1.4.0/packages/compat)

Updates `@typescript-eslint/eslint-plugin` from 8.44.0 to 8.44.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.44.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.44.0 to 8.44.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.44.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@eslint/compat"
  dependency-version: 1.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.44.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.44.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-24 10:13:41 +00:00
Henry Mercer
0890b56a8a Merge pull request #3140 from github/henrymercer/dependabot-rebuild-actions 
Trigger sync back script automatically
 2025-09-24 11:11:54 +01:00
Ian Lynagh
c6e30a2b5a Merge pull request #3118 from github/update-bundle/codeql-bundle-v2.23.1 
Update default bundle to 2.23.1
 2025-09-23 14:25:40 +01:00
Henry Mercer
d92eef9c9e Merge pull request #3138 from github/dependabot/github_actions/actions-a14fb9fd22 
Bump the actions group across 1 directory with 2 updates
 2025-09-23 14:11:12 +01:00
Henry Mercer
d34e247444 Enable Dependabot updates for other Actions in .github/actions 2025-09-23 15:00:15 +02:00
Henry Mercer
78e8dc0161 Trigger sync back script automatically 2025-09-23 14:59:56 +02:00
github-actions[bot]
a29637ac01 Rebuild 2025-09-23 12:54:09 +00:00
dependabot[bot]
1ba789f617 Bump the actions group across 1 directory with 2 updates 
Bumps the actions group with 2 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `ruby/setup-ruby` from 1.257.0 to 1.263.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](4451173596...0481980f17)

Updates `actions/create-github-app-token` from 2.1.1 to 2.1.4
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.1.1...v2.1.4)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.263.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: actions/create-github-app-token
  dependency-version: 2.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-23 12:52:28 +00:00
Henry Mercer
944aa7df3d Merge pull request #3088 from github/dependabot/github_actions/actions-f739f361ea 
Bump the actions group with 4 updates
 2025-09-23 13:48:16 +01:00
Henry Mercer
c656a2569b Merge pull request #3094 from github/copilot/stack-pr-3088 
Sync Action version updates back to the source templates in the `pr-checks` directory
 2025-09-23 13:31:55 +01:00
Michael B. Gale
eb05da905d Specify Accept header for toolcache.downloadTool 2025-09-23 13:27:06 +01:00
github-actions[bot]
e8921f7eff Add changelog note 2025-09-23 13:27:06 +01:00
github-actions[bot]
2bbfe979c3 Update default bundle to codeql-bundle-v2.23.1 2025-09-23 13:27:06 +01:00
Kasper Svendsen
5c8c613b75 Merge pull request #3062 from github/kaspersv/bump-minimum-overlay-codeql-version 
Bump minimum CLI version for overlay analysis
 2025-09-23 13:56:54 +02:00
Kasper Svendsen
e2f4bf692b Bump minimum CLI version for overlay analysis 2025-09-23 12:08:15 +02:00
Henry Mercer
2885255647 Only sync back versions on Dependabot update PRs 2025-09-23 11:29:23 +02:00
Michael B. Gale
665891b4f2 Merge pull request #3126 from github/mbg/add/properties-api 
Add support for the repository properties API
 2025-09-23 10:17:52 +01:00
Michael B. Gale
5a4aa83242 Always log when combining queries is disabled in the repo properties 2025-09-23 09:49:29 +01:00
Michael B. Gale
54bbe822cc Always log when queries are configured in the repository properties 2025-09-23 09:44:52 +01:00
Michael B. Gale
4178e15b0a Only disable loadPropertiesFromApi on GHES 2025-09-23 09:41:53 +01:00
Michael B. Gale
7f44048739 Merge pull request #3133 from github/dependabot/npm_and_yarn/npm-4684794bae 
Bump the npm group with 5 updates
 2025-09-23 09:34:15 +01:00
Michael B. Gale
205b6ba838 Rebuild 2025-09-23 09:29:04 +01:00
Michael B. Gale
0a75581cde Check that we are on dotcom 2025-09-23 09:22:07 +01:00
Michael B. Gale
7f73f8c235 Add unit tests for properties module 2025-09-23 09:16:28 +01:00
Michael B. Gale
07920e84f8 Fix using keys instead of values 
Also add `logger.debug` call with keys from API response
 2025-09-23 09:12:16 +01:00
Michael B. Gale
40262b1861 Add getRepositoryProperties to api-client, for easier mocking 2025-09-23 09:11:10 +01:00
Michael B. Gale
b4f966a31a Add FF to control whether to fetch repository properties 2025-09-22 20:26:56 +01:00
github-actions[bot]
8a84c17a9d Rebuild 2025-09-22 17:08:30 +00:00
dependabot[bot]
3837f2e205 Bump the npm group with 5 updates 
Bumps the npm group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.35.0` | `9.36.0` |
| [@octokit/types](https://github.com/octokit/types.ts) | `14.1.0` | `15.0.0` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.43.0` | `8.44.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.43.0` | `8.44.0` |
| [esbuild](https://github.com/evanw/esbuild) | `0.25.9` | `0.25.10` |


Updates `@eslint/js` from 9.35.0 to 9.36.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.36.0/packages/js)

Updates `@octokit/types` from 14.1.0 to 15.0.0
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](https://github.com/octokit/types.ts/compare/v14.1.0...v15.0.0)

Updates `@typescript-eslint/eslint-plugin` from 8.43.0 to 8.44.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.44.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.43.0 to 8.44.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.44.0/packages/parser)

Updates `esbuild` from 0.25.9 to 0.25.10
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.25.9...v0.25.10)

---
updated-dependencies:
- dependency-name: "@eslint/js"
  dependency-version: 9.36.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@octokit/types"
  dependency-version: 15.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.44.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.44.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: esbuild
  dependency-version: 0.25.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-22 17:07:06 +00:00
Michael B. Gale
05310c6f55 Ignore repository property query config if CQ-only analysis 2025-09-22 16:32:28 +01:00
Michael B. Gale
889d482c54 Add logging to combineQueries 2025-09-22 16:32:26 +01:00