declare new environment verification option in action.yml
new environment verification flag
new environment verification flag
migrate everything to ESM-only
upgrade module to ESM
ci: this doesn't change the functionality of the core action, but it does change how releases are made in the future.
Trying to make semantic-release push a new release
this should ideally get published as v5
this should ideally get published as v5
core: Support Windows, now that CodeClimate has released a Windows binary of the reporter – see codeclimate.com/changelog/7dd79ee1cf1af7141b2bd18b
core: Support Windows, now that CodeClimate has released a Windows binary of the reporter
ci: semantic-release and its process is fundamentally broken when the repo moved from master to main for its main branch. This is an attempt to try to unfuck the git log/ref notes
declare new environment verification option in action.yml
new environment verification flag
new environment verification flag
migrate everything to ESM-only
upgrade module to ESM
ci: this doesn't change the functionality of the core action, but it does change how releases are made in the future.
Trying to make semantic-release push a new release
this should ideally get published as v5
this should ideally get published as v5
core: Support Windows, now that CodeClimate has released a Windows binary of the reporter – see codeclimate.com/changelog/7dd79ee1cf1af7141b2bd18b
core: Support Windows, now that CodeClimate has released a Windows binary of the reporter
ci: semantic-release and its process is fundamentally broken when the repo moved from master to main for its main branch. This is an attempt to try to unfuck the git log/ref notes
In #241, @br3ndonland💰 added a Docker label linking the container image to this repository for GHCR to display it nicely. This is preparatory work for a big performance-focused refactoring he's working on in #230.
🙏 Special Thanks to @pradyunsg💰 for promptly unblocking this release to Marketplace as GitHub started asking for yet another developer agreement signature from the organization admins.
See the releases page for the relevant changes to the CodeQL CLI and language packs.
Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.
[UNRELEASED]
No user facing changes.
3.25.10 - 13 Jun 2024
Update default CodeQL bundle version to 2.17.5. #2327
3.25.9 - 12 Jun 2024
Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. #2330
The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. #2332
3.25.8 - 04 Jun 2024
Update default CodeQL bundle version to 2.17.4. #2321
3.25.7 - 31 May 2024
We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. #2306
3.25.6 - 20 May 2024
Update default CodeQL bundle version to 2.17.3. #2295
Avoid printing out a warning for a missing on.push trigger when the CodeQL Action is triggered via a workflow_call event. #2274
The tools: latest input to the init Action has been renamed to tools: linked. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #2281
3.25.4 - 08 May 2024
Update default CodeQL bundle version to 2.17.2. #2270
3.25.3 - 25 Apr 2024
Update default CodeQL bundle version to 2.17.1. #2247
Workflows running on macos-latest using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as macos-12. ARM machines with SIP disabled, including the newest macos-latest image, are unsupported for CLI versions before 2.15.1. #2261
3.25.2 - 22 Apr 2024
No user facing changes.
... (truncated)
Commits
23acc5c Merge pull request #2337 from github/update-v3.25.10-5bf6dad35
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the github-action-updates group with 4 updates: actions/checkout, paambaati/codeclimate-action, pypa/gh-action-pypi-publish and github/codeql-action.
Updates
actions/checkoutfrom 4.1.6 to 4.1.7Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
692973ePrepare 4.1.7 release (#1775)6ccd57fPin actions/checkout's own workflows to a known, good, stable version. (#1776)b17fe1eHandle hidden refs (#1774)b80ff79Bump actions/checkout from 3 to 4 (#1697)b1ec302Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1739)Updates
paambaati/codeclimate-actionfrom 6.0.0 to 8.0.0Release notes
Sourced from paambaati/codeclimate-action's releases.
... (truncated)
Changelog
Sourced from paambaati/codeclimate-action's changelog.
... (truncated)
Commits
7c100bdfeat: build for releaseUpdates
pypa/gh-action-pypi-publishfrom 1.8.14 to 1.9.0Release notes
Sourced from pypa/gh-action-pypi-publish's releases.
Commits
ec4db0bMerge PR #243 into unstable/v1e790844oidc-exchange: link to status dashboard87b624f💅Update homepage @ Dockerfile to GH Marketplaceda2f9bbMerge pull request #241 from br3ndonland/ghcr-labelabbea2dAdd Docker label for GHCR2734d07build(deps): bump requests from 2.31.0 to 2.32.0 in /requirements (#240)a54b9b8---699cd61⇪📦 Bump the runtime dep lockfile8414fc2[pre-commit.ci] pre-commit autoupdate (#225)67a07ebDisable the progress bar when runningtwine uploadUpdates
github/codeql-actionfrom 3.25.8 to 3.25.10Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
23acc5cMerge pull request #2337 from github/update-v3.25.10-5bf6dad359b72dbdUpdate changelog for v3.25.105bf6dadMerge pull request #2329 from github/henrymercer/csharp-buildless-rollback-me...feec81cMerge branch 'main' into henrymercer/csharp-buildless-rollback-mechanism789b5f8Merge pull request #2328 from github/henrymercer/direct-tracing-fixc36b5fcMerge pull request #2327 from github/update-bundle/codeql-bundle-v2.17.5b3642aaMerge branch 'main' into update-bundle/codeql-bundle-v2.17.51fc6e20Merge pull request #2335 from github/mergeback/v3.25.9-to-main-530d4fea356bee4Update checked-in dependencies385808cUpdate changelog and version after v3.25.9Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show