codeql-action

mirror of https://github.com/github/codeql-action.git synced 2026-05-02 11:50:08 +00:00

Author	SHA1	Message	Date
Henry Mercer	d8905c2090	Don't run linter in CI on Windows It isn't working, and this PR didn't break it. Let's fix it in a separate PR.	2025-08-21 14:02:46 +01:00
Henry Mercer	a2df83b478	Cache npm dependencies	2025-08-21 13:59:19 +01:00
Henry Mercer	3edad3eebd	Combine basic jobs to reduce Actions usage	2025-08-21 13:55:22 +01:00
Henry Mercer	06f83b7cc8	Run more checks on `push`	2025-08-21 13:51:34 +01:00
Henry Mercer	31ee7f54d3	Install dependencies in PR checks	2025-08-21 13:49:32 +01:00
Henry Mercer	6d34e4e857	Use "Rebuild" workflow instead of "Update dependencies"	2025-08-21 13:47:21 +01:00
dependabot[bot]	624817a691	Bump ruby/setup-ruby from 1.254.0 to 1.255.0 in the actions group Bumps the actions group with 1 update: [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `ruby/setup-ruby` from 1.254.0 to 1.255.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/2a7b30092b0caf9c046252510f9273b4875f3db9...829114fc20da43a41d27359103ec7a63020954d4) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.255.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>	2025-08-19 00:06:34 +00:00
Michael B. Gale	3119b35eed	Add template option for installing Java	2025-08-15 17:58:10 +01:00
Michael B. Gale	20c329c963	Sort template files to avoid ordering-issues	2025-08-14 12:08:22 +01:00
Michael B. Gale	bd79bc6b67	Automatically add `go-version` input if `installGo == true`	2025-08-14 11:52:35 +01:00
Michael B. Gale	a592f71173	Allow inputs for `workflow_*` events, and propagate them through collections	2025-08-14 11:52:34 +01:00
Michael B. Gale	cf7a5d3e11	Add support for named collections of workflows	2025-08-14 11:52:34 +01:00
Michael B. Gale	092bf71d04	Add `workflow_call` triggers to PR checks	2025-08-14 11:52:34 +01:00
Henry Mercer	9dfbcfd29f	Merge pull request #3025 from github/dependabot/github_actions/actions-b7431406fe Bump the actions group with 3 updates	2025-08-12 12:24:05 +01:00
dependabot[bot]	b1bfc45906	Bump the actions group with 3 updates Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/download-artifact](https://github.com/actions/download-artifact) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token). Updates `actions/checkout` from 4 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) Updates `actions/download-artifact` from 4 to 5 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v5) Updates `actions/create-github-app-token` from 2.0.6 to 2.1.1 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/v2.0.6...v2.1.1) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/download-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/create-github-app-token dependency-version: 2.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>	2025-08-12 02:10:43 +00:00
Paolo Tranquilli	9f966bbbf5	Merge branch 'main' into redsun82/rust-test	2025-08-11 17:01:23 +02:00
Chuan-kai Lin	821d3bd162	Merge branch 'main' into cklin/overlay-pack-check	2025-08-11 07:10:04 -07:00
Paolo Tranquilli	286b9e9d74	Specify the `ruamel.yaml` version in one place only (`sync.sh`)	2025-08-11 15:38:32 +02:00
Paolo Tranquilli	2d7401b887	Revert `ruamel.yaml` back to 0.17.31 And revert back related changes	2025-08-11 15:36:42 +02:00
Paolo Tranquilli	28f2516040	Improve Rust analysis PR check Also run the `rust` checks on "milestone" CLI releases, to ensure we remain backward compatible with those versions. This was prompted by https://github.com/github/codeql-action/pull/2960#pullrequestreview-3104730221 Running this on current `main` and then on that PR should improve our confidence we remain backward compatible. It also turns out a probable `ruamel.yaml` update was changing a lot of generated workflows, so I've: * fixed the `ruamel.yaml` version to the latest in `sync.sh` * added `yaml.width = 120` in `sync.py` to minimize (but not entirely remove) the number of changes * checked in the workflows whose formatting was changed by the new `ruamel.yaml` version	2025-08-11 14:58:50 +02:00
Chuan-kai Lin	57f4ac5c1b	PR checks: add overlay-init-fallback.yml	2025-08-08 09:57:45 -07:00
Henry Mercer	84973f707e	Clean up toolcache PR checks	2025-08-08 11:48:29 +01:00
Henry Mercer	01992a9420	Clean up Zstd bundle PR checks	2025-08-08 11:45:43 +01:00
Henry Mercer	bd62bf449c	Finish in-progress merges	2025-08-07 18:21:57 +01:00
Henry Mercer	2afb4e6f3c	Avoid specifying branch unnecessarily	2025-08-07 17:51:55 +01:00
Henry Mercer	1fd38a4712	Improve logging	2025-08-07 17:50:25 +01:00
Henry Mercer	bf301d1b77	Finish merge if in progress	2025-08-07 17:46:04 +01:00
Henry Mercer	2ee230f7c4	Update .github/workflows/rebuild.yml	2025-08-07 17:34:44 +01:00
Henry Mercer	3425bf931d	Use updated output API	2025-08-07 17:21:48 +01:00
Henry Mercer	ddc8e21357	Allow running rebuild workflow on workflow dispatch	2025-08-07 16:52:41 +01:00
dependabot[bot]	69ccd54e34	Bump ruby/setup-ruby from 1.253.0 to 1.254.0 in the actions group Bumps the actions group with 1 update: [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `ruby/setup-ruby` from 1.253.0 to 1.254.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/bb6434c747fa7022e12fa1cae2a0951fcffcff26...2a7b30092b0caf9c046252510f9273b4875f3db9) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.254.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>	2025-08-04 23:16:04 +00:00
Michael B. Gale	45f48a349a	Merge branch 'main' into dependabot/github_actions/actions-010b5c0fb1	2025-07-29 18:09:37 +01:00
Michael B. Gale	ac0c9bfe1e	Merge branch 'main' into update-supported-enterprise-server-versions	2025-07-29 17:31:16 +01:00
Chuan-kai Lin	88d99b3033	Stop testing stable-v2.16.6	2025-07-29 09:14:16 -07:00
dependabot[bot]	d8be08468e	Bump ruby/setup-ruby from 1.247.0 to 1.253.0 in the actions group Bumps the actions group with 1 update: [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `ruby/setup-ruby` from 1.247.0 to 1.253.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/472790540115ce5bd69d399a020189a8c87d641f...bb6434c747fa7022e12fa1cae2a0951fcffcff26) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.253.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>	2025-07-28 19:59:14 +00:00
dependabot[bot]	20477a3fe1	Bump ruby/setup-ruby from 1.245.0 to 1.247.0 in the actions group Bumps the actions group with 1 update: [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `ruby/setup-ruby` from 1.245.0 to 1.247.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/a4effe49ee8ee5b8b5091268c473a4628afb5651...472790540115ce5bd69d399a020189a8c87d641f) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.247.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>	2025-07-21 18:34:27 +00:00
Michael B. Gale	aa72ddaead	Merge branch 'main' into mbg/interpret-cq-results	2025-06-27 13:45:51 +01:00
Michael B. Gale	362ebf85da	Check both SARIF files in `quality-queries.yml` test	2025-06-27 12:32:56 +01:00
Michael B. Gale	3e95091e3b	Add test workflow for `upload-sarif` with quality results	2025-06-27 12:11:12 +01:00
Michael B. Gale	2e3b93fe41	Remove push trigger that was used for testing	2025-06-24 11:34:13 +01:00
Michael B. Gale	bbfc5bef5b	Replace inline expressions with environment variables	2025-06-24 11:30:24 +01:00
Michael B. Gale	3a7544ea8f	Check SARIF with quality results for expected configuration	2025-06-23 18:19:42 +01:00
Michael B. Gale	aba8788d12	Upload both SARIF files in `quality-queries` check	2025-06-23 18:19:42 +01:00
Michael B. Gale	6e22e41a25	Add reminder to mark PR as ready for review to trigger CI	2025-06-23 17:57:53 +01:00
Michael B. Gale	0cec254fa1	Use `--dry-run` for non-`workflow_dispatch` events	2025-06-23 17:57:52 +01:00
Michael B. Gale	6a3692d673	Construct target branch name in `checks` step	2025-06-23 17:57:52 +01:00
Michael B. Gale	9ee60a6e32	Run on Ubuntu	2025-06-23 17:57:52 +01:00
Michael B. Gale	cce0287569	Check that the release exists	2025-06-23 17:57:52 +01:00
Michael B. Gale	e044b152ab	Check that the release tag has the expected format	2025-06-23 17:57:51 +01:00
Michael B. Gale	46cafbca67	Add missing `v` to regex	2025-06-23 12:56:13 +01:00

... 2 3 4 5 6 ...

989 Commits