github.com/github/codeql-action
Actions for running CodeQL analysis
https://github.com/github/codeql-action
aac66ec793240cfdd3037a81faa5b4d823045bc2 authored 9 months ago
91a63dc72c2c4c97e141018269495a7b62608d09 authored 9 months ago
d25fa60a90ddfe309a83dd8606d2f3e0e5de15a7 authored 9 months ago
Co-authored-by: Henry Mercer <henrymercer@github.com>
3adb1ff7b88abf82e97c2c42d9ac29a62769ba63 authored 9 months agod4b5380db47e283a94c5a85c4c6cf1f677d2530e authored 9 months ago
9a0b46abff129d5f6ef420d856e068b5f82e17ac authored 9 months ago
b8c496644d9494d63f2c26ae9085a48c728cee5a authored 9 months ago
ad086e4d90cd2469a6059514596e520d7232895c authored 9 months ago
47b5ac77ee7ed44880c47b745aa52a0e8ec7c1d7 authored 9 months ago
b5caf1196ec4d8558bd0de2e3ea0c8fc30abd208 authored 9 months ago
Copied from #2006.
d4bbcb74ca9400cb92146ef4ea5e441eafd2edce authored 9 months ago180438161ed057dbe254fbe4b9e065448fbe1c40 authored 9 months ago
Add telemetry for dependency caching
80cb6b56b93de3e779c7d476d9100d06fb87c877 authored 9 months agod44c8b3e185a4cc2068b99d018ce6a237caabd85 authored 9 months ago
Add tests for `upload-sarif`
36adfa7b0f5334b69b6ccdc55e94eefc75cd3279 authored 9 months ago97159624c37c670e79265faed8b4deedf323aa33 authored 9 months ago
93711d3d89e7f15ed51f7c4e80ac48d21fd66470 authored 9 months ago
Since `fixCategory` is now part of `AnalysisConfig`, we don't have to remember to do it at the c...
056fb86575b67fab2ce40184bf81847e34fa17f3 authored 9 months ago63d1b25e974e149ae85c4e6b10d3004b7b17a2d8 authored 9 months ago
717d581574abb1db67faeacd9d1c8ea63dbf3830 authored 9 months ago
04175316333cf39f5c6a365fb82e5d33ab2d2718 authored 9 months ago
13ae3d432806d8c6203882a815962b8302e96c54 authored 9 months ago
fe0376ed1f08e19edee56b6f1dc6fc3cf2eb6b9f authored 9 months ago
Update vulnerable dependency brace-expansion
f0a08a4bf5e88a33ee3316a867fc8f9cc17bcaee authored 9 months agoCo-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
73fbfb0bbfdd42819e32878ba8bf878614028339 authored 9 months ago5fd2cfe1eff886f8e9f600900eb0a9511ceda7d1 authored 9 months ago
Note that this also fixes the format of the `sarif-ids` outputs to match what is documented
9f452fad0f9ce6172a69b8e024ac62b9bf057c0e authored 9 months ago5fc9e66105b444f1ef097d1a09900e4d0d0b5270 authored 9 months ago
e6768a18cfc29d32ff022a343647f9ffaca511c1 authored 9 months ago
I got ahead of myself; v4 hasn't been tagged yet.
d7ada03e0280f776b82f810731bcbec65691d7b4 authored 9 months ago30445af89f63da37c830d906b47c90c6e94e8d3c authored 9 months ago
This requires creating a new major-version (v4) of codeql-action.
7434149006143a4d75b82a2f411ef15b03ccc2d7 authored 9 months agoMergeback v3.30.5 refs/heads/releases/v3 into main
6a87ebe42bbd3423c818b3d15ce9803ba45bd522 authored 9 months agob66e847aaf78454aea16e9ebcd3065ee0ca0015e authored 9 months ago
1733a23b20f51f5ea8d0a3f3a9738e59b8cda4c5 authored 9 months ago
Merge main into releases/v3
3599b3baa15b485a2e49ef411a7a4bb2452e7f93 authored 9 months ago2ca0085e584affd600efbd3930bc90e48dbacb46 authored 9 months ago
Hotfix `upload-sarif` not uploading non-`.sarif` files
0a67bd46a0f456ddad9e4b732137f519280275db authored 9 months ago8e34f2f3bf0f3f0b192913b0e0f234372329699b authored 9 months ago
0b7fc5664842c1a6bb23c4ef64b85438afcb76c5 authored 9 months ago
2f0649510ecb09d22208f598e44d5765e0a6d800 authored 9 months ago
f19a3e769f415c441901bf1ffabaa94f65215284 authored 9 months ago
2adc894410deceb53c0abc0883f9c32f1e809cdd authored 9 months ago
5b3f0ded910bd2f8ff610cf0bf8d2b657fe657ab authored 9 months ago
31bfb99f0d18cdaf5bda03699c3acaa8401c5a26 authored 9 months ago
6e0b0872fa9da5b0a5442ecfcfecebb8e3fa79c5 authored 9 months ago
Don't run `npm install` when in an Actions workflow
94a9b7a1101a1320dcadcbda5e7fd9a1e6abaaca authored 9 months agoed577678982fff91b9ccd2f8bfd78a20744c6a49 authored 9 months ago
2ff902e1f1619b6569d7d000985300490f3f3962 authored 9 months ago
a0ae9ba2026911d58db9df06e6b074d8ef6c24c9 authored 9 months ago
b27a8ef21f72b5c541232d50400874a3f0a374b9 authored 9 months ago
Fix `tools: linked` log message
65925679a36e83b45b5f1673869dabf891669742 authored 9 months agoAdd script to check whether `npm i` needs to be run
fa64a7dee67e389b18445aa15d26426512d9ab97 authored 9 months agoAdd `npm run ava` command, update instructions, and exclude files from VSCode search
853decd26bc355ef4af8ad6ff5e467f26dcb626b authored 9 months agoImprove `pr-checks` workflow
8fca38155efc7cedd2aa4a1d530b251b6b3ec91d authored 9 months agoand add it to the `build` command
455038c8a7196eb98da2e14af7ee12f16afb042b authored 9 months ago4e65cda8c2d89fa176f6f3cbd94dbcd238bd7ec7 authored 9 months ago
b4db1860cd5c764a128deefd38d53e7521cd0417 authored 9 months ago
b1d32cf35661fef9e7d87cdb9569b97d4b2dda48 authored 9 months ago
9cf3a96f631b621a1c5c6182316dad71c651eb70 authored 9 months ago
6a72568b19e19de80199f03a61072469476cfac7 authored 9 months ago
Only run PR checks on Ubuntu by default
5235174f0e1f00ada1335f41e2f56875b9dfae92 authored 9 months agoDon't dry-run `rollback-release` workflow on release branches
f3bf6463e1f409859fb6ac65bafbf498ac2d49f7 authored 9 months ago48be21c31e49b7f7e9eff3faeb80181955f64cbb authored 9 months ago
77a92597617510db41350515489014b0b8067d26 authored 9 months ago
e2e1db3e4e0d1c9bd8d7fdac3ea940623f37c41f authored 9 months ago
a645d167d6cc46378b74f2e63dda29f94dd7c2b5 authored 9 months ago
c5ce5e5d1c11324097adc5a2c65c9d8cf97755be authored 9 months ago
Mergeback v3.30.4 refs/heads/releases/v3 into main
79dc6cc78cbc088daba1a0f49c687f8cc5e9fd68 authored 9 months ago4d32274da69afda36c1c37b0343e38fa77cb0ece authored 9 months ago
0a3e31778d645861be7b47588d40429f308bcf3b authored 9 months ago
Merge main into releases/v3
303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9 authored 9 months ago333a6738095d79d08551002eec9df209a4c120d7 authored 9 months ago
5445d1a09cee829ca740536a3bddbb074869de1f authored 9 months ago
build: use --serial in 'just test_file'
e4b85ab654a244f420e4d9a9ca6305cf2d3fdc90 authored 9 months agoc4b73722ba8ba8ec348bbde3983582e97cd353ff authored 9 months ago
Some tests require the --serial flag to pass.
1e725567143ebc7888f891e70a71aab18d8d126c authored 9 months agoProvide `Authorization` header when downloading `update-job-proxy`
39842d8f8308005b922ecce0850ce570fabaa903 authored 9 months ago6ccec2ac145855dc9503368583b43c58419687af authored 9 months ago
Bump @actions/cache from 4.0.5 to 4.1.0 in the npm group
435f474d1e244a9d1d002fc65d29f961ff2da3b5 authored 9 months agoa34e1cd60b147c80ef61f330ea5852806db0a69f authored 9 months ago
f134e09015e4a98da6c6918634d096f45d8a50e3 authored 9 months ago
Bumps the npm group with 1 update: [@actions/cache](https://github.com/actions/toolkit/tree/HEAD...
50a31df6baea8e050bfa318999ff195f93878cfc authored 9 months agoUpdate Dependabot configuration for GitHub Actions
8e25b3435df01d49a07539e85807b9467349247f authored 9 months ago4e820a4ca43a039f7a611deeaee1e484f9abd9f2 authored 9 months ago
Skip PR checks for events triggered by Dependabot
5a9c44b3b2caaa6b9532d4463f1b4deb03fe66d6 authored 9 months ago3183e6b8f9f9369721c45c67f1e70bce07e6b96c authored 9 months ago
d43f46c39ce20fce7bfa131dd6a604a1ca4009eb authored 9 months ago
efcf614b5d8a11ca5489349120abc6d31c9e16a4 authored 9 months ago
4082f8c39f733490d46a4f6effa3e7caa9d565c2 authored 9 months ago
cec0b17b931a0d2976715952f40ae08890f2fa5b authored 9 months ago
83fdfaf3fcf3be899d262f767bcff94d6f77f223 authored 9 months ago
86de17c44dbfa3a3dc49064b207eb1e9e22036e3 authored 9 months ago
There isn't really anything platform-specific at the moment.
ba58de7d6180a03bc7550e8149bbc9746327c10e authored 9 months ago8633a151d578ff89ce2a5cc58e0c2c2dfdfc172c authored 9 months ago
Direct tracing is now enabled by default.
79bbb1744e64f7d47524ad3ea64f8cdda0087b5c authored 9 months ago67a00809333bd1a0e6f33b9185ba2b6dee33600e authored 9 months ago
Bump the npm group with 3 updates
a8eeef929125972632fb1ae82db2010057b27ee6 authored 9 months agof54c1c0b3338f53d976746c9d4fe60264dd89fd4 authored 9 months ago
Bumps the npm group with 3 updates: [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD...
c6674f9abda66198b5c68f06c35c6ed3be7ba60c authored 9 months ago