hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #19182 from github/post-release-prep/codeql-cli-2.21.0

Browse Source 
Post-release preparation for codeql-cli-2.21.0
This commit is contained in:
Arthur Baars
2025-04-01 15:12:29 +02:00
committed by GitHub
parent 2419ccf511 10205cb990
commit 0e23b86bf5
203 changed files with 562 additions and 309 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
actions/ql/lib/CHANGELOG.md
View File

@@ -1,3 +1,10 @@
## 0.4.6
### Bug Fixes
* The query `actions/code-injection/medium` now produces alerts for injection
vulnerabilities on `pull_request` events.
## 0.4.5
No user-facing changes.

9
actions/ql/lib/change-notes/2025-03-20-code-injection-pr.md → actions/ql/lib/change-notes/released/0.4.6.md
View File

@@ -1,5 +1,6 @@
---
category: fix
---
## 0.4.6
### Bug Fixes
* The query `actions/code-injection/medium` now produces alerts for injection
vulnerabilities on `pull_request` events.
vulnerabilities on `pull_request` events.

2
actions/ql/lib/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.4.5
lastReleaseVersion: 0.4.6

2
actions/ql/lib/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/actions-all
version: 0.4.6-dev
version: 0.4.7-dev
library: true
warnOnImplicitThis: true
dependencies:

15
actions/ql/src/CHANGELOG.md
View File

@@ -1,3 +1,11 @@
## 0.5.3
### Bug Fixes
* Fixed typos in the query and alert titles for the queries
`actions/envpath-injection/critical`, `actions/envpath-injection/medium`,
`actions/envvar-injection/critical`, and `actions/envvar-injection/medium`.
## 0.5.2
No user-facing changes.
@@ -7,9 +15,10 @@ No user-facing changes.
### Bug Fixes
* The `actions/unversioned-immutable-action` query will no longer report any alerts, since the
Immutable Actions feature is not yet available for customer use. The query remains in the
default Code Scanning suites for use internal to GitHub. Once the Immutable Actions feature is
available, the query will be updated to report alerts again.
Immutable Actions feature is not yet available for customer use. The query has also been moved
to the experimental folder and will not be used in code scanning unless it is explicitly added
to a code scanning configuration. Once the Immutable Actions feature is available, the query will
be updated to report alerts again.
## 0.5.0

9
actions/ql/src/change-notes/2025-03-13-environment-query-names.md → actions/ql/src/change-notes/released/0.5.3.md
View File

@@ -1,6 +1,7 @@
---
category: fix
---
## 0.5.3
### Bug Fixes
* Fixed typos in the query and alert titles for the queries
`actions/envpath-injection/critical`, `actions/envpath-injection/medium`,
`actions/envvar-injection/critical`, and `actions/envvar-injection/medium`.
`actions/envvar-injection/critical`, and `actions/envvar-injection/medium`.

2
actions/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.5.2
lastReleaseVersion: 0.5.3

2
actions/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/actions-queries
version: 0.5.3-dev
version: 0.5.4-dev
library: false
warnOnImplicitThis: true
groups: [actions, queries]