From 67c21e4084d5e020fbc969b839d42911b87fb8b5 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 23 Jan 2025 16:44:36 +0000 Subject: [PATCH 1/6] Update changelog and version after v3.28.4 --- CHANGELOG.md | 4 ++++ package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c880f45809..ff83141513 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. +## [UNRELEASED] + +No user facing changes. + ## 3.28.4 - 23 Jan 2025 No user facing changes. diff --git a/package-lock.json b/package-lock.json index 145d4c1e83..e4b0c119d5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "3.28.4", + "version": "3.28.5", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "3.28.4", + "version": "3.28.5", "license": "MIT", "dependencies": { "@actions/artifact": "^2.1.9", diff --git a/package.json b/package.json index 331e189a3b..77400ece0c 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "3.28.4", + "version": "3.28.5", "private": true, "description": "CodeQL action", "scripts": { From e32a0d62d44ac06377953bfaf3ffd43618be076a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 23 Jan 2025 16:48:10 +0000 Subject: [PATCH 2/6] Update checked-in dependencies --- node_modules/.package-lock.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index f9d944f3e6..06f2758975 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "3.28.4", + "version": "3.28.5", "lockfileVersion": 3, "requires": true, "packages": { From 208091da0a1069394981cdf5e7a91a8ee3f10709 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 23 Jan 2025 22:15:14 +0000 Subject: [PATCH 3/6] Update default bundle to codeql-bundle-v2.20.3 --- lib/defaults.json | 8 ++++---- src/defaults.json | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/lib/defaults.json b/lib/defaults.json index 851fee2175..68e0d49497 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.20.2", - "cliVersion": "2.20.2", - "priorBundleVersion": "codeql-bundle-v2.20.1", - "priorCliVersion": "2.20.1" + "bundleVersion": "codeql-bundle-v2.20.3", + "cliVersion": "2.20.3", + "priorBundleVersion": "codeql-bundle-v2.20.2", + "priorCliVersion": "2.20.2" } diff --git a/src/defaults.json b/src/defaults.json index 8645754788..642bf93f0e 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.20.2", - "cliVersion": "2.20.2", - "priorBundleVersion": "codeql-bundle-v2.20.1", - "priorCliVersion": "2.20.1" + "bundleVersion": "codeql-bundle-v2.20.3", + "cliVersion": "2.20.3", + "priorBundleVersion": "codeql-bundle-v2.20.2", + "priorCliVersion": "2.20.2" } From 428975ce2cf327a0e919004c63e734eddd0e6255 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 23 Jan 2025 22:15:18 +0000 Subject: [PATCH 4/6] Add changelog note --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ff83141513..17e6153c4a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th ## [UNRELEASED] -No user facing changes. +- Update default CodeQL bundle version to 2.20.3. [#2717](https://github.com/github/codeql-action/pull/2717) ## 3.28.4 - 23 Jan 2025 From d7f39764f685cbe3764f763469a0d72383d7b9c8 Mon Sep 17 00:00:00 2001 From: Stephan Brandauer Date: Fri, 24 Jan 2025 12:12:00 +0100 Subject: [PATCH 5/6] permissions block in query-filters.yml --- .github/workflows/query-filters.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/query-filters.yml b/.github/workflows/query-filters.yml index c5a838716c..7bba1d6d4e 100644 --- a/.github/workflows/query-filters.yml +++ b/.github/workflows/query-filters.yml @@ -20,6 +20,8 @@ jobs: name: Query Filters Tests timeout-minutes: 45 runs-on: ubuntu-latest + permissions: + contents: read # This permission is needed to allow the GitHub Actions workflow to read the contents of the repository. steps: - name: Check out repository uses: actions/checkout@v4 From 064af10f0de41995b41632364b4bfb00a34df047 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 24 Jan 2025 16:11:52 +0000 Subject: [PATCH 6/6] Update changelog for v3.28.5 --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 17e6153c4a..7e5ebdb6c7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. -## [UNRELEASED] +## 3.28.5 - 24 Jan 2025 - Update default CodeQL bundle version to 2.20.3. [#2717](https://github.com/github/codeql-action/pull/2717)