github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-29 02:18:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,798 Commits 344 Branches 538 Tags
4704ab18691cbc020ec00ac79ac5eb698ad192bc
Commit Graph

20 Commits

Author SHA1 Message Date
Henry Mercer a34e1cd60b Merge branch 'main' into henrymercer/slim-pr-checks 2025-09-24 19:29:32 +02:00
Michael B. Gale cec0b17b93 Skip PR checks for events triggered by Dependabot 2025-09-24 12:08:05 +01:00
Henry Mercer 83fdfaf3fc Merge branch 'main' into henrymercer/slim-pr-checks 2025-09-24 13:03:53 +02:00
Henry Mercer 944aa7df3d Merge pull request #3088 from github/dependabot/github_actions/actions-f739f361ea 
Bump the actions group with 4 updates
 2025-09-23 13:48:16 +01:00
Henry Mercer 3df807292a Only run PR checks on Ubuntu by default 2025-09-23 14:38:33 +02:00
Michael B. Gale 6fcf631e73 Add concurrency settings to PR checks 2025-09-20 14:19:07 +01:00
Paolo Tranquilli 1b8f0ffedf Set shell: bash by default on all workflows 2025-09-09 12:19:45 +02:00
dependabot[bot] 1a80c9b44e Bump the actions group with 4 updates 
Bumps the actions group with 4 updates: [actions/setup-go](https://github.com/actions/setup-go), [actions/github-script](https://github.com/actions/github-script), [actions/setup-node](https://github.com/actions/setup-node) and [actions/setup-python](https://github.com/actions/setup-python).


Updates `actions/setup-go` from 5 to 6
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v5...v6)

Updates `actions/github-script` from 7 to 8
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v7...v8)

Updates `actions/setup-node` from 4 to 5
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4...v5)

Updates `actions/setup-python` from 5 to 6
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/github-script
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-node
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-python
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-08 17:54:44 +00:00
Michael B. Gale e75b5d3373 Fix: Include matrix.analysis-kinds in artifact names 2025-09-05 14:27:28 +01:00
Michael B. Gale 6d0bcea699 Matrix over analysis-kinds in quality-queries check 2025-09-05 12:35:53 +01:00
Michael B. Gale 434df8e95c Update checks to use analysis-kinds instead of quality-queries 2025-09-04 11:38:06 +01:00
Michael B. Gale a592f71173 Allow inputs for workflow_* events, and propagate them through collections 2025-08-14 11:52:34 +01:00
Michael B. Gale 092bf71d04 Add workflow_call triggers to PR checks 2025-08-14 11:52:34 +01:00
Henry Mercer 9dfbcfd29f Merge pull request #3025 from github/dependabot/github_actions/actions-b7431406fe 
Bump the actions group with 3 updates
 2025-08-12 12:24:05 +01:00
dependabot[bot] b1bfc45906 Bump the actions group with 3 updates 
Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/download-artifact](https://github.com/actions/download-artifact) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

Updates `actions/download-artifact` from 4 to 5
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v4...v5)

Updates `actions/create-github-app-token` from 2.0.6 to 2.1.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.0.6...v2.1.1)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/download-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/create-github-app-token
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-12 02:10:43 +00:00
Paolo Tranquilli 286b9e9d74 Specify the ruamel.yaml version in one place only (sync.sh) 2025-08-11 15:38:32 +02:00
Michael B. Gale 362ebf85da Check both SARIF files in quality-queries.yml test 2025-06-27 12:32:56 +01:00
Michael B. Gale 3a7544ea8f Check SARIF with quality results for expected configuration 2025-06-23 18:19:42 +01:00
Michael B. Gale aba8788d12 Upload both SARIF files in quality-queries check 2025-06-23 18:19:42 +01:00
Michael B. Gale 7e3bc059bb Add basic check that resulting SARIF contains quality-queries queries 2025-06-16 13:17:57 +01:00