1b65777c19
Address review comments
2026-05-14 18:13:20 +01:00
aa005faaad
PR checks: Run slowest macOS checks on larger runners
2026-05-14 17:29:44 +01:00
59245fd159
Add missing permissions to access feature flags
2026-02-27 17:39:20 +01:00
389c8322d5
CI: Update CodeQL Action test to use setup-codeql
2026-02-27 17:06:16 +01:00
4406eba03e
Skip uploads in merge queue
2026-02-27 12:14:56 +00:00
4e8e79431d
Run CodeQL with linked tools for merge queue
2026-02-26 18:25:26 +00:00
f379c46d49
Address review comments
2026-02-25 15:26:48 +00:00
8105503f1a
Add merge_group trigger to required checks to prepare for merge queue
2026-02-25 15:12:37 +00:00
f7abc748a3
Remove branch filter for PR event in CodeQL workflow
2025-11-28 09:13:23 +00:00
5bd8069afb
Bump actions/checkout from 5 to 6 in /.github/workflows
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-11-24 18:01:10 +00:00
9d5565fba2
Remove macos-13 from codeql workflow
2025-11-04 21:29:25 +00:00
3183e6b8f9
Skip non-generated workflows for Dependabot
2025-09-24 12:49:31 +01:00
1069ace04e
Update .github/workflows/codeql.yml
2025-09-15 16:09:21 +01:00
bce0fa7b27
Remove build mode from matrix
2025-09-15 14:45:40 +01:00
8105843d42
Specify paths-ignore for other languages
2025-09-15 14:20:15 +01:00
61b8b636e3
Only upload a single matrix case for JS
2025-09-15 14:15:05 +01:00
73ead84d0a
Reorder strategy properties
2025-09-15 14:12:47 +01:00
793fe1783c
CI: Configure Python analysis
2025-09-15 14:10:32 +01:00
2b7d487cf8
Update .github/workflows/codeql.yml
...
Co-authored-by: Henry Mercer <henrymercer@github.com >
2025-09-12 18:20:44 +02:00
856e1e5c78
Address review
2025-09-11 17:54:00 +02:00
c778749ed4
fix codeql.yml codeql invocation on windows
2025-09-09 14:08:29 +02:00
1b8f0ffedf
Set shell: bash by default on all workflows
2025-09-09 12:19:45 +02:00
b1bfc45906
Bump the actions group with 3 updates
...
Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout ), [actions/download-artifact](https://github.com/actions/download-artifact ) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token ).
Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v5 )
Updates `actions/download-artifact` from 4 to 5
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v4...v5 )
Updates `actions/create-github-app-token` from 2.0.6 to 2.1.1
- [Release notes](https://github.com/actions/create-github-app-token/releases )
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.0.6...v2.1.1 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions
- dependency-name: actions/download-artifact
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions
- dependency-name: actions/create-github-app-token
dependency-version: 2.1.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-08-12 02:10:43 +00:00
3201e46e26
Stop running CI on windows-2019
...
There are scheduled brownouts for this runner image. Replace it with `windows-2025`, and start running on `macos-15` too.
2025-05-30 17:57:28 +01:00
eea52ddc4e
Remove ubuntu-20.04 and add ubuntu-24.04
2025-04-25 13:03:25 +01:00
50954e7f00
Use a separate config file for actions queries
2025-01-29 12:25:34 -08:00
de4457eac2
Add actions analysis to code scannign
...
Create a new job to run actions since we don't need to
matrix the runs across multiple OSes.
2025-01-24 15:14:37 -08:00
9cd802ec12
Give only read-level security-events permission where possible
2025-01-24 13:27:33 +00:00
34919cb664
Update codeql.yml workflow
2024-11-06 15:15:23 -08:00
ec1c05a15f
Specify a single category
...
We run the same queries across all the OSes so we only need a single category
2024-06-17 16:02:05 +01:00
de327e8f55
Remove macOS 11 check and add macOS 14
...
The macOS 11 runner image is deprecated on Dotcom.
2024-06-17 15:45:17 +01:00
67d5a9a476
PR Checks: Use tools: linked rather than tools: latest
...
Also changes the input and output in the `prepare-test` Action to use `linked`.
2024-05-31 11:49:47 +02:00
f73b0b70eb
Disable fail fast for non-generated workflows
2024-05-10 16:27:12 +01:00
0e9a210226
update workflows to run on all release branches
2023-12-06 15:57:43 +00:00
bad341350a
Add workflow_dispatch manual trigger ( #1952 )
2023-10-17 19:56:42 +00:00
253d9cf358
Matrix CodeQL CI job over all runner images
2023-09-18 12:56:35 +01:00
321d3e057d
Bump the actions group with 1 update
...
Bumps the actions group with 1 update: [actions/checkout](https://github.com/actions/checkout ).
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-09-04 18:00:31 +00:00
e530813ab8
Remove PR checks for v1
2023-01-16 18:49:32 +00:00
f837e8e761
Code scanning: Add step titles to workflow
2023-01-03 13:00:12 -08:00
ef21864950
Code scanning: Add scheduled trigger to workflow
...
Ensure we are regularly running code scanning using
the latest CodeQL and remain up to date with the
internal security scorecard, even if we have a period
longer than a week with no pushes to the repo.
2023-01-03 12:59:13 -08:00
a836d9571f
Set testing environment for CodeQL workflow
2022-11-16 16:40:35 +00:00
eba983fb9b
Removes deprecated set-output usage
...
For more information see
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
This change bumps a bunch of the internal actions packages. Note that
the only required version change is `actions/core` to 1.10.0. The others
are not required, but seem like a reasonable idea.
It also changes all of the workflows that use `set-output`.
2022-10-13 13:25:43 -07:00
9daf1de73c
Update references to release branches
...
Prepare for renaming `v1` -> `releases/v1` and `v2` -> `releases/v2`.
2022-04-14 17:48:46 +01:00
a2949f47b3
Update actions/checkout from v2 to v3
2022-03-30 19:46:09 +01:00
a4da970395
Run workflow also on v2 branch
2022-03-30 11:47:41 +01:00
bc33041cc2
Always run codeql (latest) job on PRs so we can make it required
2021-08-11 18:42:29 +01:00
21753283b1
Updates the permissions block to be minimal
...
And adds a permissions block to the README.
2021-08-09 13:30:16 -07:00
2632b65a56
Add ready_for_review type to pull_request trigger types
...
This runs checks on reopened draft PRs to support triggering PR checks
on draft PRs that were opened by other workflows.
2021-08-03 19:29:42 +01:00
e305db89c2
Fix the token permissions for private copies of the CodeQL Action, and for runs that are not from pull requests.
2021-04-30 13:47:54 +01:00
643bc6e3ed
Remove spurious blank line.
2021-04-22 17:26:26 +01:00
Henry Mercer
Michael B. Gale
dependabot[bot]
Paolo Tranquilli
Andrew Eisenberg
Angela P Wen
nickfyson
Aditya Sharad
Edoardo Pirovano
Chris Gavin