github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-27 01:08:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8d31b533a271fcac59e4170c0f978ec15302d4e1
codeql-action/pr-checks/readme.md
T
copilot-swe-agent[bot] 8d31b533a2 Add sync-back automation for Dependabot action version updates 
Co-authored-by: henrymercer <14129055+henrymercer@users.noreply.github.com>
2025-09-10 09:39:16 +00:00

1.2 KiB
Raw Blame History

PR Checks

This folder contains the workflow generator that must be run in order to create the workflows used by the CodeQL Action CI. Workflows must be recreated after any change to one of the files in this directory.

Updating workflows

  1. Install https://github.com/casey/just by whichever way you prefer.
  2. Run just update-pr-checks in your terminal.

If you don't want to intall just

Manually run each step in the justfile.

Sync-back automation

When Dependabot updates action versions in the generated workflow files (.github/workflows/__*.yml), the sync-back automation ensures those changes are properly reflected in the source templates.

Running sync-back manually

To sync action versions from generated workflows back to source templates:

# Dry run to see what would be changed
./pr-checks/sync-back.sh --dry-run --verbose

# Actually apply the changes
./pr-checks/sync-back.sh

The sync-back script (sync-back.py) automatically updates:

  • Hardcoded action versions in pr-checks/sync.py
  • Action version references in template files in pr-checks/checks/
  • Action version references in regular workflow files

This ensures that the verify-pr-checks.sh test always passes after Dependabot PRs.

Reference in New Issue View Git Blame Copy Permalink