hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-16 15:03:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
80,068 Commits 1,693 Branches 160 Tags
c19085e56e6830c190efd307c271f44851ed06df
Commit Graph

16 Commits

Author SHA1 Message Date
Esben Sparre Andreasen
b3fff05e7d chore(actions): most workflows onto artifacts@v4 
`ruby-dataset-measure.yml` is not updated yet as it requires aid from the language team.
We can presumably disable the workflow during the brownout periods, but a fix will have to be present before the full deprecation happens
 2024-11-12 13:26:38 +01:00
Josh Soref
b58c856756 Declare permissions 
Repositories can be configured with Default access (restricted)
https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

Best practice says that workflows should declare the minimal permissions they require.
Without declaring permissions, paranoid forks fail miserably.
 2024-02-14 14:31:45 -05:00
dependabot[bot]
03771ffad2 Bump actions/checkout from 2 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-05 12:17:54 +02:00
Arthur Baars
64704057cb CI: fix path triggers 2022-08-02 16:33:21 +02:00
Arthur Baars
2bbd2f36c9 Fix .github/workflows/query-list.yml 2022-08-01 12:56:07 +02:00
Arthur Baars
3b8eeb09bf Add fetch-codeql path to Actions triggers 2022-08-01 12:56:06 +02:00
dependabot[bot]
b78f30b58d Bump actions/setup-python from 3 to 4 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-13 19:33:33 +00:00
Rasmus Wriedt Larsen
a3c4a2c3e0 Misc: query-list should run on codeql-cli/* tags 
Since go doesn't need to be cloned with the same tag, that makes this change much easier to implement in practice 💪
 2022-06-02 11:57:39 +02:00
Aditya Sharad
4d74282175 Actions: Avoid cloning codeql-go when building query list docs 2022-05-20 12:10:21 -07:00
Henry Mercer
71d1069a0a Fix typo 2022-05-09 14:31:05 +01:00
Henry Mercer
198c96982c Add a comment to explain the unusual Action path 2022-05-09 14:30:41 +01:00
Henry Mercer
804ca3e1a7 Actions: Fetch CodeQL CLI using gh rather than third-party Action 2022-05-09 11:42:01 +01:00
dependabot[bot]
c8fd94a830 Bump actions/setup-python from 2 to 3 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 3.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-28 03:32:57 +00:00
dependabot[bot]
c63a0e7010 Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-27 14:13:33 +00:00
dependabot[bot]
e1e68e96dc Bump actions/upload-artifact from 2 to 3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-27 13:17:28 +00:00
Bas van Schaik
31495b876e Python script to generate lists of code scanning queries in CSV format (#4177) 
* Create a PowerShell script that can be used to report on the set of queries inside of a particular QL Suite.
* Translate PowerShell script into Python
* support running this script from anywhere within the CodeQL git repo
* print non-fatal error if metadata is not available
* make sure warning about missing pack is printed to stderr
* only run on pushes against main and rcs
* detect repo by checking remote, rather than first SHA
* specify full sha of dsaltares/fetch-gh-release-asset
* trigger workflow on PR that modifies paths of interest

Co-authored-by: Justin Hutchings <jhutchings1@users.noreply.github.com>
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2020-09-10 12:25:02 -07:00