hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-16 23:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,068 Commits 1,692 Branches 160 Tags
c19085e56e6830c190efd307c271f44851ed06df
Commit Graph

23 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
b3fff05e7d chore(actions): most workflows onto artifacts@v4 
`ruby-dataset-measure.yml` is not updated yet as it requires aid from the language team.
We can presumably disable the workflow during the brownout periods, but a fix will have to be present before the full deprecation happens
 2024-11-12 13:26:38 +01:00
Josh Soref
b58c856756 Declare permissions 
Repositories can be configured with Default access (restricted)
https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

Best practice says that workflows should declare the minimal permissions they require.
Without declaring permissions, paranoid forks fail miserably.
 2024-02-14 14:31:45 -05:00
Jami Cogswell
687ecffe71 CI: don't upload comment/ID artifact if no existing comment 2023-10-22 15:28:07 -04:00
Jami Cogswell
9263cfdf56 CI: save and upload comment id (if it exists) 2023-10-19 19:14:23 -04:00
dependabot[bot]
03771ffad2 Bump actions/checkout from 2 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-05 12:17:54 +02:00
Tony Torralba
8401793755 Run "Check framework coverage changes" workflow when models-as-data files change 2023-06-08 15:57:38 +02:00
Arthur Baars
0be625f396 Merge pull request #9954 from aibaars/fix-triggers 
CI: fix path triggers
 2022-08-02 17:00:23 +02:00
Arthur Baars
64704057cb CI: fix path triggers 2022-08-02 16:33:21 +02:00
Arthur Baars
7dc3d7d47e CI: remove unneeded PATH definitions 2022-08-01 18:17:04 +02:00
Arthur Baars
29381dc264 Use fetch-codeql in more places 2022-08-01 15:43:22 +02:00
dependabot[bot]
b78f30b58d Bump actions/setup-python from 3 to 4 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-13 19:33:33 +00:00
dependabot[bot]
c8fd94a830 Bump actions/setup-python from 2 to 3 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 3.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-28 03:32:57 +00:00
dependabot[bot]
c63a0e7010 Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-27 14:13:33 +00:00
dependabot[bot]
e1e68e96dc Bump actions/upload-artifact from 2 to 3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-27 13:17:28 +00:00
Tamás Vajk
87e1641772 Revert "Fix MaD workflows to be more resilient to missing files" 2022-03-22 09:08:56 +01:00
Tamas Vajk
1538e89bd9 Use generate-report.py from base SHA 2022-02-28 20:36:23 +01:00
Tamas Vajk
714659c706 Change cp to mv in CSV coverage PR job 2022-02-28 20:07:23 +01:00
Tamas Vajk
ebe0988d9a Let 'ql/lib' folders trigger the CSV workflow 2021-10-01 16:30:56 +02:00
Tamas Vajk
a165cde808 Compute framework coverage diff in artifacts job 2021-06-23 08:25:20 +02:00
Tamas Vajk
870e4125dc Fix framework coverage commenter to use merge commit parent instead of (old) base repo SHA 2021-06-22 13:24:26 +02:00
Tamás Vajk
c532db58fd Apply suggestions from code review 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-06-17 13:04:39 +02:00
Tamas Vajk
e61f725196 Apply code review findings 2021-06-17 13:04:39 +02:00
Tamas Vajk
4abaa7870f Add CSV coverage PR commenter 2021-06-17 13:04:39 +02:00