github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-11 00:00:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,611 Commits 344 Branches 544 Tags
ea18e99ca3eaa68f7d3a135cfb571ef0c8a7e3eb
Commit Graph

9611 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Henry Mercer 1fed3e9ba8 Merge branch 'main' into dependabot/npm_and_yarn/ava/typescript-7.0.0 2026-04-30 13:10:19 +01:00
Michael B. Gale 549683cee5 Make it clearer what the expectations for isUsernamePassword are 2026-04-30 12:49:49 +01:00
Michael B. Gale 7a6ed56219 Modify FromSchema so that optional properties are actually optional 2026-04-30 11:54:21 +01:00
Michael B. Gale 91fbc51606 Improve validateSchema comment 2026-04-30 11:46:01 +01:00
Michael B. Gale 35715ef8fe Improve typing of cloneCredential 2026-04-30 11:43:54 +01:00
Michael B. Gale bac7fdaf42 Fix linter error 2026-04-30 11:26:12 +01:00
Henry Mercer 1517969c90 Merge pull request #3837 from github/update-supported-enterprise-server-versions 
Update supported GitHub Enterprise Server versions
 2026-04-30 10:16:37 +00:00
github-actions[bot] f073360456 Rebuild 2026-04-29 18:02:23 +00:00
dependabot[bot] 5145c112e7 Bump ruby/setup-ruby 
Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `ruby/setup-ruby` from 1.301.0 to 1.305.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/4c56a21280b36d862b5fc31348f463d60bdc55d5...0cb964fd540e0a24c900370abf38a33466142735)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.305.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-29 18:00:14 +00:00
dependabot[bot] 7108503ac6 Bump @ava/typescript from 6.0.0 to 7.0.0 
Bumps [@ava/typescript](https://github.com/avajs/typescript) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/avajs/typescript/releases)
- [Commits](https://github.com/avajs/typescript/compare/v6.0.0...v7.0.0)

---
updated-dependencies:
- dependency-name: "@ava/typescript"
  dependency-version: 7.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-29 17:59:33 +00:00
Henry Mercer 4fe9b1e243 Merge pull request #3856 from github/henrymercer/overlay-add-log-group 
Add log group for downloading overlay-base DB
 2026-04-29 10:51:09 +00:00
Henry Mercer 56733fb5ae Add log group for downloading overlay-base DB 2026-04-28 19:00:28 +01:00
Henry Mercer 0a636086c9 Add GHES 3.21 to supported versions table 2026-04-28 15:32:55 +01:00
Henry Mercer 97be3af35a Deprecate CodeQL versions 2.19.3 and earlier 2026-04-28 15:32:55 +01:00
github-actions[bot] de303a9db5 Update supported GitHub Enterprise Server versions 2026-04-28 15:24:46 +01:00
Michael B. Gale 7a818e6977 Log disclaimer about connection tests, with link to docs 2026-04-28 13:45:53 +01:00
Michael B. Gale 30e0f4391d Use /v3/index.json for NuGet feed check 2026-04-28 13:45:52 +01:00
Henry Mercer 7c5585e5cf Merge pull request #3852 from github/henrymercer/avoid-diagnostic-collisions 
Add random suffix when writing diagnostics to avoid filename collisions
 2026-04-28 12:04:59 +00:00
Henry Mercer 245f6828c4 Use a counter instead of Math.random for diagnostic filename suffix 2026-04-28 12:42:42 +01:00
Henry Mercer c109008fac Add changelog note 2026-04-28 11:40:03 +01:00
Henry Mercer e73c940c9b Defensively sanitize timestamp 2026-04-28 11:40:02 +01:00
Henry Mercer cdb655d6d4 Add random suffix when writing diagnostics to avoid filename collisions 2026-04-28 11:39:40 +01:00
Michael B. Gale 6153577cab Switch from HEAD to GET requests 
Not all registry implementations support `HEAD` correctly.
 2026-04-28 10:42:27 +01:00
Óscar San José 8f02cfa11d Update from main and Rebuild 2026-04-27 19:30:21 +02:00
Michael B. Gale 0ed734b61b Ignore test files 2026-04-25 18:36:22 +01:00
Michael B. Gale efdcb31f11 Accept replaces-base option 2026-04-25 18:36:22 +01:00
Michael B. Gale 4d2c7c6e10 Validate GCP OIDC configurations 2026-04-25 18:36:22 +01:00
Michael B. Gale 70b2658d23 Validate Cloudsmith OIDC configurations 2026-04-25 18:36:21 +01:00
Michael B. Gale 530fcb3bbf Group OIDC schemas into an array 2026-04-25 18:36:19 +01:00
Michael B. Gale 2acf81942b Add tests for getAuthConfig 2026-04-25 18:34:00 +01:00
Michael B. Gale d2a54a4507 Add schemas for basic credential types 2026-04-25 18:33:01 +01:00
Michael B. Gale bc4097bbe1 Simplify credential cloning in getAuthConfig 2026-04-25 18:23:11 +01:00
Michael B. Gale c8e26e209a Move getAuthConfig out of start-proxy.ts 2026-04-25 16:49:05 +01:00
Michael B. Gale 0752451507 Use schema/validation for existing OIDC config types 2026-04-25 16:49:05 +01:00
Michael B. Gale 243c274daf Add simple JSON schema / validation helpers 2026-04-25 15:35:50 +01:00
Henry Mercer 19b3a84f58 Merge pull request #3849 from github/henrymercer/simplify-diff-range-interface 
Simplify `writeDiffRangeDataExtensionPack` interface
 2026-04-23 20:29:05 +00:00
Henry Mercer 858a6149c1 Simplify writeDiffRangeDataExtensionPack interface 2026-04-23 16:47:15 +01:00
Henry Mercer c60c75576d Merge pull request #3848 from github/dependabot/npm_and_yarn/fast-xml-parser-5.7.1 
Bump fast-xml-parser from 5.5.7 to 5.7.1
 2026-04-22 23:03:27 +00:00
Henry Mercer 59aede2113 Merge pull request #3847 from github/dependabot/npm_and_yarn/uuid-14.0.0 
Bump uuid from 13.0.0 to 14.0.0
 2026-04-22 23:02:16 +00:00
github-actions[bot] 6c35f8607b Rebuild 2026-04-22 21:54:06 +00:00
github-actions[bot] c486cacf49 Rebuild 2026-04-22 21:53:49 +00:00
dependabot[bot] 365478cc5b Bump fast-xml-parser from 5.5.7 to 5.7.1 
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.5.7 to 5.7.1.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.7...v5.7.1)

---
updated-dependencies:
- dependency-name: fast-xml-parser
  dependency-version: 5.7.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-22 21:52:05 +00:00
dependabot[bot] f0e6490756 Bump uuid from 13.0.0 to 14.0.0 
Bumps [uuid](https://github.com/uuidjs/uuid) from 13.0.0 to 14.0.0.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-22 21:51:48 +00:00
Henry Mercer 860353f245 Merge pull request #3840 from github/dependabot/npm_and_yarn/npm-minor-580efa6e3b 
Bump the npm-minor group across 1 directory with 3 updates
 2026-04-22 20:59:20 +00:00
Henry Mercer 4fb8483ef0 Merge pull request #3835 from github/dependabot/npm_and_yarn/eslint-import-resolver-typescript-4.4.4 
Bump eslint-import-resolver-typescript from 3.8.7 to 4.4.4
 2026-04-22 20:33:35 +00:00
dependabot[bot] c2574efbee Bump the npm-minor group across 1 directory with 3 updates 
Bumps the npm-minor group with 3 updates in the / directory: [globals](https://github.com/sindresorhus/globals), [sinon](https://github.com/sinonjs/sinon) and [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint).


Updates `globals` from 17.4.0 to 17.5.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](https://github.com/sindresorhus/globals/compare/v17.4.0...v17.5.0)

Updates `sinon` from 21.0.3 to 21.1.2
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v21.0.3...v21.1.2)

Updates `typescript-eslint` from 8.58.1 to 8.58.2
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.2/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: globals
  dependency-version: 17.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor
- dependency-name: sinon
  dependency-version: 21.1.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor
- dependency-name: typescript-eslint
  dependency-version: 8.58.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-22 17:58:53 +00:00
Henry Mercer 4cbe7bef85 Merge pull request #3839 from github/henrymercer/workflow-run-triggers 
Escape "+"s in `on.workflow_run.workflows`
 2026-04-22 10:44:53 +00:00
Henry Mercer f6a5638305 Escape "+"s in on.workflow_run.workflows 2026-04-22 11:14:07 +01:00
Henry Mercer 1279e8d41c Mitigate caches being evicted before they can be downloaded 2026-04-22 00:04:57 +01:00
Henry Mercer af1f613989 Use type-only imports 2026-04-21 23:49:37 +01:00