Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: github/codeql-action
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v3.25.11
Choose a base ref
...
head repository: github/codeql-action
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v3.25.12
Choose a head ref
8 contributors

Commits on Jun 26, 2024

  1. Enable direct tracing the autobuild build mode by default

    @henrymercer
    henrymercer committed Jun 26, 2024

    Verified

    This commit was signed with the committer’s verified signature.
    crazy-max CrazyMax
    GPG key ID: ADE44D8C9D44FBE4
    Verified
    Learn about vigilant mode
    Copy the full SHA
    a52b209 View commit details

  2. Remove tests that require us to have at least one feature with a `too… 

    …lsVersion`

If no features have a `toolsVersion` property, we'll never hit those code paths, so it isn't that important to test them.
Having a synthetic feature is an option but might create user confusion.
    @henrymercer
    henrymercer committed Jun 26, 2024
    Copy the full SHA
    8a9ecdf View commit details

  3. Add changelog note

    @henrymercer
    henrymercer committed Jun 26, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    bef80a1 View commit details

Commits on Jun 27, 2024

  1. Better handling for required workflows 

    Return the workflow path from the run rather than trying to fetch the workflow
information when the workflow information is missing or refers to a required workflow.
    @marcogario
    marcogario committed Jun 27, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    37b6ead View commit details

Commits on Jun 28, 2024

  1. Update changelog and version after v3.25.11

    @github-actions
    github-actions[bot] committed Jun 28, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    7bb9277 View commit details

  2. Update checked-in dependencies

    @github-actions
    github-actions[bot] committed Jun 28, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    80ab1ac View commit details

  3. Merge pull request #2358 from github/mergeback/v3.25.11-to-main-b611370b 

    Mergeback v3.25.11 refs/heads/releases/v3 into main
    @aibaars
    aibaars authored Jun 28, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    79e9a50 View commit details

Commits on Jul 1, 2024

  1. Update src/api-client.ts 

    Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
    @marcogario @aeisenberg
    marcogario and aeisenberg authored Jul 1, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    0ff1bdb View commit details

  2. Merge branch 'main' into marcogario/require_workflows_path

    @marcogario
    marcogario authored Jul 1, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    dbfc2b6 View commit details

  3. fix lint

    @marcogario
    marcogario committed Jul 1, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    ddd849e View commit details

  4. Remove redundant layer from upload files functions

    @henrymercer
    henrymercer committed Jul 1, 2024
    Copy the full SHA
    6c2a71c View commit details

  5. Avoid reloading features when uploading SARIF

    @henrymercer
    henrymercer committed Jul 1, 2024
    Copy the full SHA
    9679491 View commit details

  6. Bump ESLint parser to version that supports TypeScript 5.5.2

    @henrymercer
    henrymercer committed Jul 1, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    bfdafbc View commit details

  7. Update caniuse-lite

    @henrymercer
    henrymercer committed Jul 1, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    249d690 View commit details

  8. Merge pull request #2356 from github/marcogario/require_workflows_path 

    Better handling for required workflows
    @marcogario
    marcogario authored Jul 1, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    ee4ad8b View commit details

  9. Bump the npm group with 2 updates 

    Bumps the npm group with 2 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@typescript-eslint/eslint-plugin` from 7.13.1 to 7.15.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.15.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.13.1 to 7.15.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.15.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Jul 1, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    4b9726b View commit details

  10. Update checked-in dependencies

    @github-actions
    github-actions[bot] committed Jul 1, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    44f8d40 View commit details

Commits on Jul 2, 2024

  1. Propagate configuration errors from running queries

    @henrymercer
    henrymercer committed Jul 2, 2024
    Copy the full SHA
    7e6aa4d View commit details

  2. Tidy up telemetry call

    @henrymercer
    henrymercer committed Jul 2, 2024
    Copy the full SHA
    8dba596 View commit details

  3. Recognize internal fatal errors too

    @henrymercer
    henrymercer committed Jul 2, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    01bde73 View commit details

  4. Merge pull request #2362 from github/dependabot/npm_and_yarn/npm-4141… 

    …86ae6d

Bump the npm group with 2 updates
    @NlightNFotis
    NlightNFotis authored Jul 2, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    7adf9ac View commit details

  5. Merge branch 'main' into henrymercer/simplify-actions-only

    @henrymercer
    henrymercer committed Jul 2, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    2d3d0ca View commit details

Commits on Jul 8, 2024

  1. Merge pull request #2363 from github/henrymercer/better-error-handling 

    Improve error handling
    @henrymercer
    henrymercer authored Jul 8, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    064a406 View commit details

  2. Keep analysis_name field consistent

    @henrymercer
    henrymercer committed Jul 8, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    a0041ad View commit details

  3. Merge branch 'main' into henrymercer/simplify-actions-only

    @henrymercer
    henrymercer committed Jul 8, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    a98055b View commit details

  4. Merge branch 'main' into henrymercer/enable-direct-tracing

    @henrymercer
    henrymercer committed Jul 8, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    0669d18 View commit details

  5. Update default bundle to codeql-bundle-v2.18.0

    @github-actions
    github-actions[bot] committed Jul 8, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    0a4755e View commit details

  6. Add changelog note

    @github-actions
    github-actions[bot] committed Jul 8, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    6478fc9 View commit details

  7. Merge pull request #2361 from github/henrymercer/simplify-actions-only 

    Refactoring: Simplify upload SARIF flow and reuse loaded flags
    @henrymercer
    henrymercer authored Jul 8, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    6e04d51 View commit details

  8. Bump the npm group with 3 updates 

    Bumps the npm group with 3 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [typescript](https://github.com/Microsoft/TypeScript).


Updates `@typescript-eslint/eslint-plugin` from 7.15.0 to 7.16.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.16.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.15.0 to 7.16.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.16.0/packages/parser)

Updates `typescript` from 5.5.2 to 5.5.3
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.5.2...v5.5.3)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Jul 8, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    f48d880 View commit details

  9. Update checked-in dependencies

    @github-actions
    github-actions[bot] committed Jul 8, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    0b65015 View commit details

Commits on Jul 9, 2024

  1. Merge branch 'main' into henrymercer/enable-direct-tracing

    @henrymercer
    henrymercer committed Jul 9, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    264cbe2 View commit details

Commits on Jul 10, 2024

  1. Fix bad auto merge in changelog

    @henrymercer
    henrymercer committed Jul 10, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    026682f View commit details

  2. Fix PR number in changelog

    @henrymercer
    henrymercer committed Jul 10, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    243e392 View commit details

  3. Merge pull request #2353 from github/henrymercer/enable-direct-tracing 

     Enable direct tracing the autobuild build mode by default
    @henrymercer
    henrymercer authored Jul 10, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    be825d5 View commit details

Commits on Jul 11, 2024

  1. Merge branch 'main' into update-bundle/codeql-bundle-v2.18.0

    @angelapwen
    angelapwen authored Jul 11, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    1c60bf1 View commit details

  2. Merge pull request #2364 from github/update-bundle/codeql-bundle-v2.18.0 

    Update default bundle to 2.18.0
    @angelapwen
    angelapwen authored Jul 11, 2024
    Copy the full SHA
    9ab7277 View commit details

Commits on Jul 12, 2024

  1. Merge pull request #2365 from github/dependabot/npm_and_yarn/npm-88aa… 

    …c57241

Bump the npm group with 3 updates
    @angelapwen
    angelapwen authored Jul 12, 2024
    Copy the full SHA
    947b18f View commit details

  2. Update changelog for v3.25.12

    @github-actions
    github-actions[bot] committed Jul 12, 2024
    Copy the full SHA
    dec6fb7 View commit details

  3. Merge pull request #2369 from github/update-v3.25.12-947b18fb7 

    Merge main into releases/v3
    @angelapwen
    angelapwen authored Jul 12, 2024
    Copy the full SHA
    4fa2a79 View commit details
Showing 1,308 changed files with 4,396 additions and 5,401 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -4,6 +4,11 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th

Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

## 3.25.12 - 12 Jul 2024

- Improve the reliability and performance of analyzing code when analyzing a compiled language with the `autobuild` [build mode](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes) on GitHub Enterprise Server. This feature is already available to GitHub.com users. [#2353](https://github.com/github/codeql-action/pull/2353)
- Update default CodeQL bundle version to 2.18.0. [#2364](https://github.com/github/codeql-action/pull/2364)

## 3.25.11 - 28 Jun 2024

- Avoid failing the workflow run if there is an error while uploading debug artifacts. [#2349](https://github.com/github/codeql-action/pull/2349)
20 changes: 8 additions & 12 deletions lib/analyze-action.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Oops, something went wrong.