search

jenkins-infra / jenkins-security-scan

GitHub Workflow and Action for the Jenkins Security Scan
MIT License
1 stars 6 forks source link

Update CodeQL to 2.12.2 #14

Closed daniel-beck closed 1 year ago

daniel-beck commented 1 year ago

Adapt to https://github.com/jenkins-infra/jenkins-codeql/pull/25

yaroslavafenkin commented 1 year ago

I'm thinking if we should also specify version for codeql/java-queries:AlertSuppression.ql codeql/java-queries:AlertSuppressionAnnotations.ql in https://github.com/jenkins-infra/jenkins-security-scan/blob/main/.github/workflows/jenkins-security-scan.yaml#L66 I don't remember the syntax exactly, maybe codeql/java-queries@0.5.2:AlertSuppression.ql? I'm unsure which version it would use if not specified explicitly.

daniel-beck commented 1 year ago

I'm unsure which version it would use if not specified explicitly.

Hopefully the one downloaded a few lines up :)

yaroslavafenkin commented 1 year ago

Hopefully the one downloaded a few lines up :)

Oh, that would actually make sense! 🙈