From 04e393fcf8b83fe4c1dd1af4d2bce14f61fa2dc6 Mon Sep 17 00:00:00 2001
From: Asger F <asgerf@github.com>
Date: Tue, 2 May 2023 11:02:58 +0200
Subject: [PATCH] JS: Change note

---
 .../ql/src/change-notes/2023-05-02-github-actions-sources.md | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 ruby/ql/src/change-notes/2023-05-02-github-actions-sources.md

diff --git a/ruby/ql/src/change-notes/2023-05-02-github-actions-sources.md b/ruby/ql/src/change-notes/2023-05-02-github-actions-sources.md
new file mode 100644
index 00000000000..a9cf1339421
--- /dev/null
+++ b/ruby/ql/src/change-notes/2023-05-02-github-actions-sources.md
@@ -0,0 +1,5 @@
+---
+category: majorAnalysis
+---
+* Added taint sources from the `@actions/core` and `@actions/github` packages.
+* Added command-injection sinks from the `@actions/exec` package.