See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.28.1 - 10 Jan 2025
CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #2677
Update default CodeQL bundle version to 2.20.1. #2678
See the releases page for the relevant changes to the CodeQL CLI and language packs.
Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.
3.28.0 - 20 Dec 2024
Bump the minimum CodeQL bundle version to 2.15.5. #2655
Don't fail in the unusual case that a file is on the search path. #2660.
See the releases page for the relevant changes to the CodeQL CLI and language packs.
Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.
See the releases page for the relevant changes to the CodeQL CLI and language packs.
[UNRELEASED]
No user facing changes.
3.28.2 - 21 Jan 2025
No user facing changes.
3.28.1 - 10 Jan 2025
CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #2677
Update default CodeQL bundle version to 2.20.1. #2678
3.28.0 - 20 Dec 2024
Bump the minimum CodeQL bundle version to 2.15.5. #2655
Don't fail in the unusual case that a file is on the search path. #2660.
3.27.9 - 12 Dec 2024
No user facing changes.
3.27.8 - 12 Dec 2024
Fixed an issue where streaming the download and extraction of the CodeQL bundle did not respect proxy settings. #2624
3.27.7 - 10 Dec 2024
We are rolling out a change in December 2024 that will extract the CodeQL bundle directly to the toolcache to improve performance. #2631
Update default CodeQL bundle version to 2.20.0. #2636
3.27.6 - 03 Dec 2024
Update default CodeQL bundle version to 2.19.4. #2626
3.27.5 - 19 Nov 2024
No user facing changes.
3.27.4 - 14 Nov 2024
No user facing changes.
3.27.3 - 12 Nov 2024
No user facing changes.
... (truncated)
Commits
d68b2d4 Merge pull request #2708 from github/update-v3.28.2-d90e07f32
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
1 month ago
Bumps github/codeql-action from 3.25.15 to 3.28.2.
Release notes
Sourced from github/codeql-action's releases.
... (truncated)
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
d68b2d4Merge pull request #2708 from github/update-v3.28.2-d90e07f32ea23796Update changelog for v3.28.2d90e07fMerge pull request #2703 from github/dependabot/npm_and_yarn/npm-cd3f77644b7b7562bUpdate checked-in dependenciesc168638build(deps): bump the npm group with 3 updates0f1559aMerge pull request #2699 from github/cklin/diff-informed-file-fallback2d608a3Merge branch 'main' into cklin/diff-informed-file-fallback94f08f3Merge pull request #2698 from github/cklin/diff-informed-status-report071996fgetDiffRanges: better fallback for absent patch5889cfdAdd analysis_is_diff_informed to status reportDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show