Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge main into releases/v2 #1858

Merged
merged 36 commits into from
Aug 28, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
2760c3e
Update changelog and version after v2.21.4
github-actions[bot] Aug 14, 2023
96f00f2
Update checked-in dependencies
github-actions[bot] Aug 14, 2023
3ecf990
Merge pull request #1839 from github/mergeback/v2.21.4-to-main-a09933a1
henrymercer Aug 14, 2023
3f55ff1
Bump the npm group with 5 updates
dependabot[bot] Aug 14, 2023
6a54608
Update checked-in dependencies
github-actions[bot] Aug 14, 2023
4db827f
Update `@actions/cache` and remove overrides
henrymercer Aug 14, 2023
314b271
Merge pull request #1841 from github/henrymercer/remove-actions-cache…
henrymercer Aug 14, 2023
af18655
Merge branch 'main' into dependabot/npm_and_yarn/npm-4335ac1f11
henrymercer Aug 14, 2023
e683046
Merge pull request #1840 from github/dependabot/npm_and_yarn/npm-4335…
henrymercer Aug 14, 2023
d5b5e18
Lombok: Don't set env var if it's already set
igfoo Aug 18, 2023
b557ee7
npm run build
igfoo Aug 18, 2023
c34b59d
Add a changenote for the Lombok change
igfoo Aug 18, 2023
ddf2bd2
Tweak CHANGELOG.md
igfoo Aug 18, 2023
e426271
Merge pull request #1844 from github/igfoo/lombok_no_overwrite
igfoo Aug 18, 2023
37628e7
Update default bundle to codeql-bundle-v2.14.3
github-actions[bot] Aug 18, 2023
e755a05
Add changelog note
github-actions[bot] Aug 18, 2023
66572f0
Update README.md
sabrowning1 Aug 21, 2023
fbb8195
Bump the actions-setup-swift group
dependabot[bot] Aug 21, 2023
67f7ac2
Bump the npm group with 4 updates
dependabot[bot] Aug 21, 2023
02c4574
Update checked-in dependencies
github-actions[bot] Aug 21, 2023
bc08098
Merge pull request #1846 from github/dependabot/github_actions/dot-gi…
henrymercer Aug 21, 2023
14877a1
Merge pull request #1847 from github/dependabot/npm_and_yarn/npm-522a…
henrymercer Aug 21, 2023
5c8be66
Merge pull request #1 from sabrowning1/sabrowning1/update-README-links
sabrowning1 Aug 23, 2023
dfb560c
Merge branch 'github:main' into main
sabrowning1 Aug 23, 2023
9a53fd0
Merge pull request #1848 from sabrowning1/main
henrymercer Aug 23, 2023
e581348
Kotlin: CodeQL >= 2.13.4 supports 1.9.10.
igfoo Aug 24, 2023
30fe0c4
npm run build
igfoo Aug 24, 2023
ff95d14
Kotlin: Fix lint
igfoo Aug 24, 2023
070dd05
npm run build
igfoo Aug 24, 2023
862b2cf
Add a changelog entry for the Kotlin 1.9.10 support
igfoo Aug 24, 2023
7dab600
Put upper limit on the CodeQL versions for which we override the Kotl…
igfoo Aug 24, 2023
2f913c1
npm run build
igfoo Aug 24, 2023
ff9cb43
Merge pull request #1853 from github/igfoo/kot1.9.10
igfoo Aug 24, 2023
a2d14d3
Merge branch 'main' into update-bundle/codeql-bundle-v2.14.3
dbartol Aug 25, 2023
1009124
Merge pull request #1845 from github/update-bundle/codeql-bundle-v2.14.3
dbartol Aug 25, 2023
7323c2a
Update changelog for v2.21.5
github-actions[bot] Aug 28, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
2 changes: 1 addition & 1 deletion .github/actions/setup-swift/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ runs:
fi
echo "version=$VERSION" | tee -a $GITHUB_OUTPUT

- uses: swift-actions/setup-swift@65540b95f51493d65f5e59e97dcef9629ddf11bf # Please update the corresponding SHA in the CLI's CodeQL Action Integration Test.
- uses: swift-actions/setup-swift@cdcbe8e35d3801acd82d7109285e6ab22c9212c2 # Please update the corresponding SHA in the CLI's CodeQL Action Integration Test.
if: runner.os == 'Linux' && steps.get_swift_version.outputs.version != 'null'
with:
swift-version: "${{ steps.get_swift_version.outputs.version }}"
6 changes: 6 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,12 @@

See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.

## 2.21.5 - 28 Aug 2023

- Update default CodeQL bundle version to 2.14.3. [#1845](https://github.com/github/codeql-action/pull/1845)
- Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for [Project Lombok](https://projectlombok.org/) when analyzing Java. The environment variable `CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS` will now be respected if it was manually configured in the workflow. [#1844](https://github.com/github/codeql-action/pull/1844)
- Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3. [#1853](https://github.com/github/codeql-action/pull/1853)

## 2.21.4 - 14 Aug 2023

- Update default CodeQL bundle version to 2.14.2. [#1831](https://github.com/github/codeql-action/pull/1831)
Expand Down
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,9 @@ The underlying CodeQL CLI, used in this action, is licensed under the [GitHub Co

## Usage

We recommend using default setup to configure CodeQL analysis for your repository. For more information, see "[Configuring default setup for code scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-default-setup-for-code-scanning)."
We recommend using default setup to configure CodeQL analysis for your repository. For more information, see "[Configuring default setup for code scanning](https://docs.github.com/en/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning)."

You can also configure advanced setup for a repository to find security vulnerabilities in your code using a highly customizable code scanning configuration. For more information, see "[Configuring advanced setup for code scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-advanced-setup-for-code-scanning)" and "[Customizing code scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/customizing-code-scanning)."
You can also configure advanced setup for a repository to find security vulnerabilities in your code using a highly customizable code scanning configuration. For more information, see "[Configuring advanced setup for code scanning](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning)" and "[Customizing your advanced setup for code scanning](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning)."

## Troubleshooting

Expand Down
8 changes: 4 additions & 4 deletions lib/defaults.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"bundleVersion": "codeql-bundle-v2.14.2",
"cliVersion": "2.14.2",
"priorBundleVersion": "codeql-bundle-v2.14.1",
"priorCliVersion": "2.14.1"
"bundleVersion": "codeql-bundle-v2.14.3",
"cliVersion": "2.14.3",
"priorBundleVersion": "codeql-bundle-v2.14.2",
"priorCliVersion": "2.14.2"
}
15 changes: 12 additions & 3 deletions lib/init-action.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/init-action.js.map

Large diffs are not rendered by default.

Loading