github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-27 01:08:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,319 Commits 341 Branches 538 Tags
efbc56d117307284dd7d90801bc3d76c5e79162c
Commit Graph

8319 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
copilot-swe-agent[bot] 89753aa84b Add git version check for overlay analysis enablement 
Overlay analysis depends on `getFileOidsUnderPath`, which uses
`git ls-files --format` option that requires Git 2.38.0+. This
change adds a check for the git version before enabling overlay
analysis.

Co-authored-by: henrymercer <14129055+henrymercer@users.noreply.github.com>
 2025-12-16 16:22:23 +00:00
Henry Mercer 5eb751966f Merge pull request #3358 from github/henrymercer/database-upload-telemetry 
Add status report for uploading databases to API
 2025-12-16 16:18:52 +00:00
Nick Rolfe d29eddb39b Extract version number to constant 2025-12-16 16:17:52 +00:00
copilot-swe-agent[bot] aff7998c4a Initial plan 2025-12-16 16:09:09 +00:00
Henry Mercer e9626872ef Merge branch 'main' into henrymercer/database-upload-telemetry 2025-12-16 15:53:31 +00:00
Henry Mercer 19c7f96922 Rename isOverlayBase 2025-12-16 15:41:50 +00:00
Henry Mercer ae5de9a20d Use getErrorMessage in log too 2025-12-16 15:41:04 +00:00
Henry Mercer 0cb86337c5 Prefer performance.now() 2025-12-16 15:38:29 +00:00
Henry Mercer c07cc0d3a9 Merge pull request #3351 from github/henrymercer/ghec-dr-determine-tools-version-from-ffs 
Determine CodeQL version from feature flags on GHEC-DR
 2025-12-16 13:42:01 +00:00
Henry Mercer 7a5748cf0d Remove changelog note 2025-12-16 13:41:13 +00:00
copilot-swe-agent[bot] db75d46248 Bump @actions/* npm packages to latest versions 
Co-authored-by: henrymercer <14129055+henrymercer@users.noreply.github.com>
 2025-12-16 13:34:51 +00:00
copilot-swe-agent[bot] a0fc644617 Initial plan 2025-12-16 13:29:18 +00:00
Henry Mercer a2ee53c0d3 Use full names for GitHub variants 2025-12-16 13:23:24 +00:00
Michael B. Gale b5e1a28b8a Merge pull request #3365 from github/dependabot/github_actions/dot-github/workflows/actions/download-artifact-7 
Bump actions/download-artifact from 6 to 7 in /.github/workflows
 2025-12-16 12:17:14 +00:00
Michael B. Gale c2d4383e64 Merge branch 'main' into dependabot/github_actions/dot-github/workflows/actions/download-artifact-7 2025-12-15 22:00:03 +00:00
Michael B. Gale d0ad1da72a Merge pull request #3364 from github/dependabot/github_actions/dot-github/workflows/actions-minor-8751820eb1 
Bump ruby/setup-ruby from 1.269.0 to 1.270.0 in /.github/workflows in the actions-minor group across 1 directory
 2025-12-15 21:08:40 +00:00
Michael B. Gale 07cd437640 Merge pull request #3366 from github/dependabot/github_actions/dot-github/workflows/actions/upload-artifact-6 
Bump actions/upload-artifact from 5 to 6 in /.github/workflows
 2025-12-15 18:18:05 +00:00
Michael B. Gale a682bbe410 Merge pull request #3309 from github/mbg/ff/make-new-upload-default 
Remove `AnalyzeUseNewUpload` FF and make its behaviour the default
 2025-12-15 17:24:57 +00:00
github-actions[bot] 7fd7db3f26 Rebuild 2025-12-15 17:20:17 +00:00
github-actions[bot] d6c1a791b7 Rebuild 2025-12-15 17:20:02 +00:00
dependabot[bot] 034374eb3f Bump actions/upload-artifact from 5 to 6 in /.github/workflows 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:18:40 +00:00
dependabot[bot] 6dbc22c93f Bump actions/download-artifact from 6 to 7 in /.github/workflows 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:18:32 +00:00
dependabot[bot] a539068a61 Bump ruby/setup-ruby 
Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby).


Updates `ruby/setup-ruby` from 1.269.0 to 1.270.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/d697be2f83c6234b20877c3b5eac7a7f342f0d0c...ac793fdd38cc468a4dd57246fa9d0e868aba9085)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.270.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:18:28 +00:00
github-actions[bot] e1058e4d74 Rebuild 2025-12-15 17:03:33 +00:00
dependabot[bot] d4f39b0766 Bump the npm-minor group with 3 updates 
Bumps the npm-minor group with 3 updates: [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@eslint/js` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/commits/v9.39.2/packages/js)

Updates `@typescript-eslint/eslint-plugin` from 8.48.1 to 8.49.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.49.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.48.1 to 8.49.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.49.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@eslint/js"
  dependency-version: 9.39.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.49.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.49.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 17:01:55 +00:00
Michael B. Gale b30cb9ae2a Merge branch 'main' into mbg/ff/make-new-upload-default 2025-12-15 16:28:30 +00:00
Michael B. Gale 009fe6b0c1 Remove AnalyzeUseNewUpload FF 2025-12-15 16:27:29 +00:00
Michael B. Gale b1dea65f65 Make postProcessAndUploadSarif the default 2025-12-15 16:27:19 +00:00
Henry Mercer 7e0b77e3a8 Merge pull request #3349 from github/dependabot/github_actions/dot-github/workflows/actions-minor-dc476f2f5b 
Bump the actions-minor group across 1 directory with 2 updates
 2025-12-15 15:38:25 +00:00
Henry Mercer 0264b51610 Merge pull request #3348 from github/dependabot/npm_and_yarn/npm-minor-38a2a793c5 
Bump the npm-minor group with 5 updates
 2025-12-15 15:37:54 +00:00
Henry Mercer 2ac846d41e Merge branch 'main' into dependabot/npm_and_yarn/npm-minor-38a2a793c5 2025-12-15 14:12:45 +00:00
Henry Mercer 5d063dd3af Populate database upload results telemetry 2025-12-15 12:55:12 +00:00
Henry Mercer 8e921c3145 Return status report from cleanupAndUploadDatabases 2025-12-15 12:55:12 +00:00
Óscar San José 4b675e451b Merge pull request #3356 from github/mergeback/v4.31.8-to-main-1b168cd3 
Mergeback v4.31.8 refs/heads/releases/v4 into main
 2025-12-12 10:48:29 +01:00
github-actions[bot] 65bad627f3 Rebuild 2025-12-12 08:52:54 +00:00
github-actions[bot] 4564f5e482 Update changelog and version after v4.31.8 2025-12-12 08:44:31 +00:00
Óscar San José 1b168cd394 Merge pull request #3355 from github/update-v4.31.8-1b0b941e1 
Merge main into releases/v4
v4.31.8 		2025-12-12 09:43:00 +01:00
github-actions[bot] 120f277b16 Update changelog for v4.31.8 2025-12-11 17:23:34 +00:00
Óscar San José 1b0b941e1f Merge pull request #3354 from github/update-bundle/codeql-bundle-v2.23.8 
Update default bundle to 2.23.8
 2025-12-11 17:25:18 +01:00
github-actions[bot] db812c1ae6 Add changelog note 2025-12-11 15:46:24 +00:00
github-actions[bot] 2930dba17a Update default bundle to codeql-bundle-v2.23.8 2025-12-11 15:46:14 +00:00
Nick Rolfe 805b7e1790 Clean up JavaMinimizeDependencyJars feature flag 2025-12-11 10:46:56 +00:00
Henry Mercer da501245d4 Update PR template to include GHEC-DR 2025-12-10 17:41:20 +00:00
Henry Mercer 1fc7d3785d Rename GHE_DOTCOM to GHEC_DR 
This more closely reflects the published naming https://docs.github.com/en/enterprise-cloud@latest/admin/data-residency/about-github-enterprise-cloud-with-data-residency
 2025-12-10 17:41:19 +00:00
Henry Mercer 7a55ffeaf1 Determine CodeQL version from feature flags on GHEC-DR 2025-12-10 17:35:27 +00:00
Kasper Svendsen c43362b91a Merge pull request #3340 from github/kaspersv/check-for-overlayBaseSpecifier 
Overlay: Check database metadata for overlayBaseSpecifier
codeql-bundle-v2.23.8 		2025-12-09 11:37:30 +01:00
Kasper Svendsen 002a7f25fd Overlay: log overlayBaseSpecifier at debug log-level 2025-12-09 09:44:56 +01:00
Kasper Svendsen 5b7e7fcc9c Update src/codeql.ts 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2025-12-09 09:41:33 +01:00
github-actions[bot] cd48547da5 Rebuild 2025-12-08 17:18:17 +00:00
dependabot[bot] 44570be32d Bump the actions-minor group across 1 directory with 2 updates 
Bumps the actions-minor group with 2 updates in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `ruby/setup-ruby` from 1.268.0 to 1.269.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/8aeb6ff8030dd539317f8e1769a044873b56ea71...d697be2f83c6234b20877c3b5eac7a7f342f0d0c)

Updates `actions/create-github-app-token` from 2.2.0 to 2.2.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2.2.0...v2.2.1)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.269.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor
- dependency-name: actions/create-github-app-token
  dependency-version: 2.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-08 17:16:45 +00:00