github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-23 14:28:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,625 Commits 374 Branches 549 Tags
668218ca2d994438bc55f2b1ddccb3dcc4054d04
Commit Graph

7625 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot] 668218ca2d Update changelog and version after v3.30.5 2025-09-25 11:14:12 +00:00
Michael B. Gale c5ce5e5d1c Don't dry-run rollback-release workflow on release branches 2025-09-25 12:12:42 +01:00
Henry Mercer 79dc6cc78c Merge pull request #3150 from github/mergeback/v3.30.4-to-main-303c0aef 
Mergeback v3.30.4 refs/heads/releases/v3 into main
 2025-09-25 12:08:26 +01:00
github-actions[bot] 4d32274da6 Rebuild 2025-09-25 10:50:17 +00:00
github-actions[bot] 0a3e31778d Update changelog and version after v3.30.4 2025-09-25 10:19:26 +00:00
Ian Lynagh 303c0aef88 Merge pull request #3149 from github/update-v3.30.4-e4b85ab65 
Merge main into releases/v3
v3.30.4 		2025-09-25 11:18:49 +01:00
github-actions[bot] 333a673809 Update changelog for v3.30.4 2025-09-25 09:54:23 +00:00
Chuan-kai Lin e4b85ab654 Merge pull request #3148 from github/cklin/just-test_file-serial 
build: use --serial in 'just test_file'
 2025-09-24 14:47:17 -07:00
Chuan-kai Lin 1e72556714 build: use --serial in 'just test_file' 
Some tests require the --serial flag to pass.
 2025-09-24 11:10:24 -07:00
Michael B. Gale 39842d8f83 Merge pull request #3146 from github/mbg/start-proxy/authenticate 
Provide `Authorization` header when downloading `update-job-proxy`
 2025-09-24 19:09:40 +01:00
Michael B. Gale 6ccec2ac14 Remove url from log messages 2025-09-24 18:54:49 +01:00
Henry Mercer 435f474d1e Merge pull request #3147 from github/dependabot/npm_and_yarn/npm-76d2ab1078 
Bump @actions/cache from 4.0.5 to 4.1.0 in the npm group
 2025-09-24 18:47:44 +01:00
github-actions[bot] f134e09015 Rebuild 2025-09-24 15:14:06 +00:00
dependabot[bot] 50a31df6ba Bump @actions/cache from 4.0.5 to 4.1.0 in the npm group 
Bumps the npm group with 1 update: [@actions/cache](https://github.com/actions/toolkit/tree/HEAD/packages/cache).


Updates `@actions/cache` from 4.0.5 to 4.1.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/cache/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/cache)

---
updated-dependencies:
- dependency-name: "@actions/cache"
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-24 15:12:49 +00:00
Henry Mercer 8e25b3435d Merge pull request #3144 from github/henrymercer/dependabot 
Update Dependabot configuration for GitHub Actions
 2025-09-24 16:09:27 +01:00
Michael B. Gale 4e820a4ca4 Apply review feedback 2025-09-24 15:50:19 +01:00
Michael B. Gale 5a9c44b3b2 Merge pull request #3145 from github/mbg/ci/skip-checks-for-dependabot 
Skip PR checks for events triggered by Dependabot
 2025-09-24 13:58:23 +01:00
Michael B. Gale 3183e6b8f9 Skip non-generated workflows for Dependabot 2025-09-24 12:49:31 +01:00
Michael B. Gale d43f46c39c Set Authorization header for downloading update-job-proxy 2025-09-24 12:41:54 +01:00
Michael B. Gale efcf614b5d Refactor assembling Authorization header value into its own function 2025-09-24 12:40:15 +01:00
Michael B. Gale cec0b17b93 Skip PR checks for events triggered by Dependabot 2025-09-24 12:08:05 +01:00
Henry Mercer 86de17c44d Update Dependabot configuration for GitHub Actions 2025-09-24 11:54:39 +01:00
Henry Mercer a8eeef9291 Merge pull request #3143 from github/dependabot/npm_and_yarn/npm-1a46694d8a 
Bump the npm group with 3 updates
 2025-09-24 11:31:35 +01:00
github-actions[bot] f54c1c0b33 Rebuild 2025-09-24 10:14:58 +00:00
dependabot[bot] c6674f9abd Bump the npm group with 3 updates 
Bumps the npm group with 3 updates: [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@eslint/compat` from 1.3.2 to 1.4.0
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/compat-v1.4.0/packages/compat)

Updates `@typescript-eslint/eslint-plugin` from 8.44.0 to 8.44.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.44.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.44.0 to 8.44.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.44.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@eslint/compat"
  dependency-version: 1.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.44.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.44.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-24 10:13:41 +00:00
Henry Mercer 0890b56a8a Merge pull request #3140 from github/henrymercer/dependabot-rebuild-actions 
Trigger sync back script automatically
 2025-09-24 11:11:54 +01:00
Ian Lynagh c6e30a2b5a Merge pull request #3118 from github/update-bundle/codeql-bundle-v2.23.1 
Update default bundle to 2.23.1
 2025-09-23 14:25:40 +01:00
Henry Mercer d92eef9c9e Merge pull request #3138 from github/dependabot/github_actions/actions-a14fb9fd22 
Bump the actions group across 1 directory with 2 updates
 2025-09-23 14:11:12 +01:00
Henry Mercer d34e247444 Enable Dependabot updates for other Actions in .github/actions 2025-09-23 15:00:15 +02:00
Henry Mercer 78e8dc0161 Trigger sync back script automatically 2025-09-23 14:59:56 +02:00
github-actions[bot] a29637ac01 Rebuild 2025-09-23 12:54:09 +00:00
dependabot[bot] 1ba789f617 Bump the actions group across 1 directory with 2 updates 
Bumps the actions group with 2 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `ruby/setup-ruby` from 1.257.0 to 1.263.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/44511735964dcb71245e7e55f72539531f7bc0eb...0481980f17b760ef6bca5e8c55809102a0af1e5a)

Updates `actions/create-github-app-token` from 2.1.1 to 2.1.4
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.1.1...v2.1.4)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.263.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: actions/create-github-app-token
  dependency-version: 2.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-23 12:52:28 +00:00
Henry Mercer 944aa7df3d Merge pull request #3088 from github/dependabot/github_actions/actions-f739f361ea 
Bump the actions group with 4 updates
 2025-09-23 13:48:16 +01:00
Henry Mercer c656a2569b Merge pull request #3094 from github/copilot/stack-pr-3088 
Sync Action version updates back to the source templates in the `pr-checks` directory
 2025-09-23 13:31:55 +01:00
Michael B. Gale eb05da905d Specify Accept header for toolcache.downloadTool 2025-09-23 13:27:06 +01:00
github-actions[bot] e8921f7eff Add changelog note 2025-09-23 13:27:06 +01:00
github-actions[bot] 2bbfe979c3 Update default bundle to codeql-bundle-v2.23.1 2025-09-23 13:27:06 +01:00
Kasper Svendsen 5c8c613b75 Merge pull request #3062 from github/kaspersv/bump-minimum-overlay-codeql-version 
Bump minimum CLI version for overlay analysis
 2025-09-23 13:56:54 +02:00
Kasper Svendsen e2f4bf692b Bump minimum CLI version for overlay analysis 2025-09-23 12:08:15 +02:00
Henry Mercer 2885255647 Only sync back versions on Dependabot update PRs 2025-09-23 11:29:23 +02:00
Michael B. Gale 665891b4f2 Merge pull request #3126 from github/mbg/add/properties-api 
Add support for the repository properties API
 2025-09-23 10:17:52 +01:00
Michael B. Gale 5a4aa83242 Always log when combining queries is disabled in the repo properties 2025-09-23 09:49:29 +01:00
Michael B. Gale 54bbe822cc Always log when queries are configured in the repository properties 2025-09-23 09:44:52 +01:00
Michael B. Gale 4178e15b0a Only disable loadPropertiesFromApi on GHES 2025-09-23 09:41:53 +01:00
Michael B. Gale 7f44048739 Merge pull request #3133 from github/dependabot/npm_and_yarn/npm-4684794bae 
Bump the npm group with 5 updates
 2025-09-23 09:34:15 +01:00
Michael B. Gale 205b6ba838 Rebuild 2025-09-23 09:29:04 +01:00
Michael B. Gale 0a75581cde Check that we are on dotcom 2025-09-23 09:22:07 +01:00
Michael B. Gale 7f73f8c235 Add unit tests for properties module 2025-09-23 09:16:28 +01:00
Michael B. Gale 07920e84f8 Fix using keys instead of values 
Also add `logger.debug` call with keys from API response
 2025-09-23 09:12:16 +01:00
Michael B. Gale 40262b1861 Add getRepositoryProperties to api-client, for easier mocking 2025-09-23 09:11:10 +01:00