Sourced from github/codeql-action's changelog.
\n\n\nCodeQL Action Changelog
\nSee the releases page for the relevant changes to the CodeQL CLI and language packs.
\nNote that the only difference between
\nv2
andv3
of the CodeQL Action is the node version they support, withv3
running on node 20 while we continue to releasev2
to support running on node 16. For example3.22.11
was the firstv3
release and is functionally identical to2.22.11
. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.[UNRELEASED]
\nNo user facing changes.
\n3.25.6 - 20 May 2024
\n\n
\n- Update default CodeQL bundle version to 2.17.3. #2295
\n3.25.5 - 13 May 2024
\n\n
\n- Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md. #2273
\n- Avoid printing out a warning for a missing
\non.push
trigger when the CodeQL Action is triggered via aworkflow_call
event. #2274- The
\ntools: latest
input to theinit
Action has been renamed totools: linked
. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #22813.25.4 - 08 May 2024
\n\n
\n- Update default CodeQL bundle version to 2.17.2. #2270
\n3.25.3 - 25 Apr 2024
\n\n
\n- Update default CodeQL bundle version to 2.17.1. #2247
\n- Workflows running on
\nmacos-latest
using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such asmacos-12
. ARM machines with SIP disabled, including the newestmacos-latest
image, are unsupported for CLI versions before 2.15.1. #22613.25.2 - 22 Apr 2024
\nNo user facing changes.
\n3.25.1 - 17 Apr 2024
\n\n
\n- We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the
\nautobuild
build mode. #2235- Fix a bug where the
\ninit
Action would fail if--overwrite
was specified inCODEQL_ACTION_EXTRA_OPTIONS
. #22453.25.0 - 15 Apr 2024
\n\n
\n- \n
\nThe deprecated feature for extracting dependencies for a Python analysis has been removed. #2224
\nAs a result, the following inputs and environment variables are now ignored:
\n\n
\n- The
\nsetup-python-dependencies
input to theinit
Action- The
\nCODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION
environment variableWe recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.
\n- \n
\nAutomatically overwrite an existing database if found on the filesystem. #2229
\n- \n
\nBump the minimum CodeQL bundle version to 2.12.6. #2232
\n
... (truncated)
\n9fdb3e4
Merge pull request #2300 from github/update-v3.25.6-63d519c0a00792ab
Update changelog for v3.25.663d519c
Merge pull request #2295 from github/update-bundle/codeql-bundle-v2.17.30d9161c
Merge pull request #2293 from github/henrymercer/update-build-mode-autobuild-...e9e2729
Add changelog notede1ac31
Update default bundle to codeql-bundle-v2.17.3a57c67b
Merge pull request #2286 from github/koesie10/ghec-dr-db-uploadb7ef64e
Merge pull request #2294 from github/dependabot/npm_and_yarn/npm-d3285d5234e54dea2
Update checked-in dependencies3b42294
Bump the npm group across 1 directory with 4 updatesSourced from github/codeql-action's changelog.
\n\n\nCodeQL Action Changelog
\nSee the releases page for the relevant changes to the CodeQL CLI and language packs.
\nNote that the only difference between
\nv2
andv3
of the CodeQL Action is the node version they support, withv3
running on node 20 while we continue to releasev2
to support running on node 16. For example3.22.11
was the firstv3
release and is functionally identical to2.22.11
. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.[UNRELEASED]
\nNo user facing changes.
\n3.25.6 - 20 May 2024
\n\n
\n- Update default CodeQL bundle version to 2.17.3. #2295
\n3.25.5 - 13 May 2024
\n\n
\n- Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md. #2273
\n- Avoid printing out a warning for a missing
\non.push
trigger when the CodeQL Action is triggered via aworkflow_call
event. #2274- The
\ntools: latest
input to theinit
Action has been renamed totools: linked
. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #22813.25.4 - 08 May 2024
\n\n
\n- Update default CodeQL bundle version to 2.17.2. #2270
\n3.25.3 - 25 Apr 2024
\n\n
\n- Update default CodeQL bundle version to 2.17.1. #2247
\n- Workflows running on
\nmacos-latest
using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such asmacos-12
. ARM machines with SIP disabled, including the newestmacos-latest
image, are unsupported for CLI versions before 2.15.1. #22613.25.2 - 22 Apr 2024
\nNo user facing changes.
\n3.25.1 - 17 Apr 2024
\n\n
\n- We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the
\nautobuild
build mode. #2235- Fix a bug where the
\ninit
Action would fail if--overwrite
was specified inCODEQL_ACTION_EXTRA_OPTIONS
. #22453.25.0 - 15 Apr 2024
\n\n
\n- \n
\nThe deprecated feature for extracting dependencies for a Python analysis has been removed. #2224
\nAs a result, the following inputs and environment variables are now ignored:
\n\n
\n- The
\nsetup-python-dependencies
input to theinit
Action- The
\nCODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION
environment variableWe recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.
\n- \n
\nAutomatically overwrite an existing database if found on the filesystem. #2229
\n- \n
\nBump the minimum CodeQL bundle version to 2.12.6. #2232
\n
... (truncated)
\n9fdb3e4
Merge pull request #2300 from github/update-v3.25.6-63d519c0a00792ab
Update changelog for v3.25.663d519c
Merge pull request #2295 from github/update-bundle/codeql-bundle-v2.17.30d9161c
Merge pull request #2293 from github/henrymercer/update-build-mode-autobuild-...e9e2729
Add changelog notede1ac31
Update default bundle to codeql-bundle-v2.17.3a57c67b
Merge pull request #2286 from github/koesie10/ghec-dr-db-uploadb7ef64e
Merge pull request #2294 from github/dependabot/npm_and_yarn/npm-d3285d5234e54dea2
Update checked-in dependencies3b42294
Bump the npm group across 1 directory with 4 updatesSourced from github/codeql-action's releases.
\n\n\nCodeQL Bundle v2.17.3
\nBundles CodeQL CLI v2.17.3
\n\nIncludes the following CodeQL language packs from
\ngithub/codeql@codeql-cli/v2.17.3
:\n
\n- \n
codeql/cpp-queries
(changelog, source)- \n
codeql/cpp-all
(changelog, source)- \n
codeql/csharp-queries
(changelog, source)- \n
codeql/csharp-all
(changelog, source)- \n
codeql/go-queries
(changelog, source)- \n
codeql/go-all
(changelog, source)- \n
codeql/java-queries
(changelog, source)- \n
codeql/java-all
(changelog, source)- \n
codeql/javascript-queries
(changelog, source)- \n
codeql/javascript-all
(changelog, source)- \n
codeql/python-queries
(changelog, source)- \n
codeql/python-all
(changelog, source)- \n
codeql/ruby-queries
(changelog, source)- \n
codeql/ruby-all
(changelog, source)- \n
codeql/swift-queries
(changelog, source)- \n
codeql/swift-all
(changelog, source)CodeQL Bundle v2.17.2
\nBundles CodeQL CLI v2.17.2
\n\nIncludes the following CodeQL language packs from
\ngithub/codeql@codeql-cli/v2.17.2
:\n
\n- \n
codeql/cpp-queries
(changelog, source)- \n
codeql/cpp-all
(changelog, source)- \n
codeql/csharp-queries
(changelog, source)- \n
codeql/csharp-all
(changelog, source)- \n
codeql/go-queries
(changelog, source)- \n
codeql/go-all
(changelog, source)- \n
codeql/java-queries
(changelog, source)- \n
codeql/java-all
(changelog, source)- \n
codeql/javascript-queries
(changelog, source)- \n
codeql/javascript-all
(changelog, source)- \n
codeql/python-queries
(changelog, source)- \n
codeql/python-all
(changelog, source)- \n
codeql/ruby-queries
(changelog, source)- \n
codeql/ruby-all
(changelog, source)- \n
codeql/swift-queries
(changelog, source)- \n
codeql/swift-all
(changelog, source)CodeQL Bundle v2.17.1
\nBundles CodeQL CLI v2.17.1
\n\nIncludes the following CodeQL language packs from
\n\ngithub/codeql@codeql-cli/v2.17.1
:
... (truncated)
\nSourced from github/codeql-action's changelog.
\n\n\nCodeQL Action Changelog
\nSee the releases page for the relevant changes to the CodeQL CLI and language packs.
\nNote that the only difference between
\nv2
andv3
of the CodeQL Action is the node version they support, withv3
running on node 20 while we continue to releasev2
to support running on node 16. For example3.22.11
was the firstv3
release and is functionally identical to2.22.11
. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.[UNRELEASED]
\n\n
\n- Update default CodeQL bundle version to 2.17.3. #2295
\n3.25.5 - 13 May 2024
\n\n
\n- Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md. #2273
\n- Avoid printing out a warning for a missing
\non.push
trigger when the CodeQL Action is triggered via aworkflow_call
event. #2274- The
\ntools: latest
input to theinit
Action has been renamed totools: linked
. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #22813.25.4 - 08 May 2024
\n\n
\n- Update default CodeQL bundle version to 2.17.2. #2270
\n3.25.3 - 25 Apr 2024
\n\n
\n- Update default CodeQL bundle version to 2.17.1. #2247
\n- Workflows running on
\nmacos-latest
using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such asmacos-12
. ARM machines with SIP disabled, including the newestmacos-latest
image, are unsupported for CLI versions before 2.15.1. #22613.25.2 - 22 Apr 2024
\nNo user facing changes.
\n3.25.1 - 17 Apr 2024
\n\n
\n- We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the
\nautobuild
build mode. #2235- Fix a bug where the
\ninit
Action would fail if--overwrite
was specified inCODEQL_ACTION_EXTRA_OPTIONS
. #22453.25.0 - 15 Apr 2024
\n\n
\n- \n
\nThe deprecated feature for extracting dependencies for a Python analysis has been removed. #2224
\nAs a result, the following inputs and environment variables are now ignored:
\n\n
\n- The
\nsetup-python-dependencies
input to theinit
Action- The
\nCODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION
environment variableWe recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.
\n- \n
\nAutomatically overwrite an existing database if found on the filesystem. #2229
\n- \n
\nBump the minimum CodeQL bundle version to 2.12.6. #2232
\n- \n
\nA more relevant log message and a diagnostic are now emitted when the
\nfile
program is not installed on a Linux runner, but is required for Go tracing to succeed. #22343.24.10 - 05 Apr 2024
\n
... (truncated)
\nb7cec75
Merge pull request #2287 from github/update-v3.25.5-4a51972476778fe4
Update changelog for v3.25.54a51972
Merge pull request #2280 from github/henrymercer/on-demand-ffsa8c32fd
Merge pull request #2283 from github/henrymercer/disable-fail-fastf73b0b7
Disable fail fast for non-generated workflowsc59e052
Disable fail fast in generated workflows33e416c
Comment that legacyApi
is false by default67f8a36
Merge branch 'main' into henrymercer/on-demand-ffs4995c49
Merge pull request #2282 from github/henrymercer/no-build-mode-tracing-improv...def4d2c
Merge pull request #2273 from github/aeisenberg/specify-versionsSourced from github/codeql-action's releases.
\n\n\nCodeQL Bundle v2.17.3
\nBundles CodeQL CLI v2.17.3
\n\nIncludes the following CodeQL language packs from
\ngithub/codeql@codeql-cli/v2.17.3
:\n
\n- \n
codeql/cpp-queries
(changelog, source)- \n
codeql/cpp-all
(changelog, source)- \n
codeql/csharp-queries
(changelog, source)- \n
codeql/csharp-all
(changelog, source)- \n
codeql/go-queries
(changelog, source)- \n
codeql/go-all
(changelog, source)- \n
codeql/java-queries
(changelog, source)- \n
codeql/java-all
(changelog, source)- \n
codeql/javascript-queries
(changelog, source)- \n
codeql/javascript-all
(changelog, source)- \n
codeql/python-queries
(changelog, source)- \n
codeql/python-all
(changelog, source)- \n
codeql/ruby-queries
(changelog, source)- \n
codeql/ruby-all
(changelog, source)- \n
codeql/swift-queries
(changelog, source)- \n
codeql/swift-all
(changelog, source)CodeQL Bundle v2.17.2
\nBundles CodeQL CLI v2.17.2
\n\nIncludes the following CodeQL language packs from
\ngithub/codeql@codeql-cli/v2.17.2
:\n
\n- \n
codeql/cpp-queries
(changelog, source)- \n
codeql/cpp-all
(changelog, source)- \n
codeql/csharp-queries
(changelog, source)- \n
codeql/csharp-all
(changelog, source)- \n
codeql/go-queries
(changelog, source)- \n
codeql/go-all
(changelog, source)- \n
codeql/java-queries
(changelog, source)- \n
codeql/java-all
(changelog, source)- \n
codeql/javascript-queries
(changelog, source)- \n
codeql/javascript-all
(changelog, source)- \n
codeql/python-queries
(changelog, source)- \n
codeql/python-all
(changelog, source)- \n
codeql/ruby-queries
(changelog, source)- \n
codeql/ruby-all
(changelog, source)- \n
codeql/swift-queries
(changelog, source)- \n
codeql/swift-all
(changelog, source)CodeQL Bundle v2.17.1
\nBundles CodeQL CLI v2.17.1
\n\nIncludes the following CodeQL language packs from
\n\ngithub/codeql@codeql-cli/v2.17.1
:
... (truncated)
\nSourced from github/codeql-action's changelog.
\n\n\nCodeQL Action Changelog
\nSee the releases page for the relevant changes to the CodeQL CLI and language packs.
\nNote that the only difference between
\nv2
andv3
of the CodeQL Action is the node version they support, withv3
running on node 20 while we continue to releasev2
to support running on node 16. For example3.22.11
was the firstv3
release and is functionally identical to2.22.11
. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.[UNRELEASED]
\n\n
\n- Update default CodeQL bundle version to 2.17.3. #2295
\n3.25.5 - 13 May 2024
\n\n
\n- Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md. #2273
\n- Avoid printing out a warning for a missing
\non.push
trigger when the CodeQL Action is triggered via aworkflow_call
event. #2274- The
\ntools: latest
input to theinit
Action has been renamed totools: linked
. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #22813.25.4 - 08 May 2024
\n\n
\n- Update default CodeQL bundle version to 2.17.2. #2270
\n3.25.3 - 25 Apr 2024
\n\n
\n- Update default CodeQL bundle version to 2.17.1. #2247
\n- Workflows running on
\nmacos-latest
using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such asmacos-12
. ARM machines with SIP disabled, including the newestmacos-latest
image, are unsupported for CLI versions before 2.15.1. #22613.25.2 - 22 Apr 2024
\nNo user facing changes.
\n3.25.1 - 17 Apr 2024
\n\n
\n- We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the
\nautobuild
build mode. #2235- Fix a bug where the
\ninit
Action would fail if--overwrite
was specified inCODEQL_ACTION_EXTRA_OPTIONS
. #22453.25.0 - 15 Apr 2024
\n\n
\n- \n
\nThe deprecated feature for extracting dependencies for a Python analysis has been removed. #2224
\nAs a result, the following inputs and environment variables are now ignored:
\n\n
\n- The
\nsetup-python-dependencies
input to theinit
Action- The
\nCODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION
environment variableWe recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.
\n- \n
\nAutomatically overwrite an existing database if found on the filesystem. #2229
\n- \n
\nBump the minimum CodeQL bundle version to 2.12.6. #2232
\n- \n
\nA more relevant log message and a diagnostic are now emitted when the
\nfile
program is not installed on a Linux runner, but is required for Go tracing to succeed. #22343.24.10 - 05 Apr 2024
\n
... (truncated)
\nb7cec75
Merge pull request #2287 from github/update-v3.25.5-4a51972476778fe4
Update changelog for v3.25.54a51972
Merge pull request #2280 from github/henrymercer/on-demand-ffsa8c32fd
Merge pull request #2283 from github/henrymercer/disable-fail-fastf73b0b7
Disable fail fast for non-generated workflowsc59e052
Disable fail fast in generated workflows33e416c
Comment that legacyApi
is false by default67f8a36
Merge branch 'main' into henrymercer/on-demand-ffs4995c49
Merge pull request #2282 from github/henrymercer/no-build-mode-tracing-improv...def4d2c
Merge pull request #2273 from github/aeisenberg/specify-versionsSourced from actions/checkout's releases.
\n\n\nv4.1.6
\nWhat's Changed
\n\n
\n- Check platform to set archive extension appropriately by
\n@âcory-miller
in actions/checkout#1732- Update for 4.1.6 release by
\n@âcory-miller
in actions/checkout#1733Full Changelog: https://github.com/actions/checkout/compare/v4.1.5...v4.1.6
\n
Sourced from actions/checkout's changelog.
\n\n\nChangelog
\nv4.1.6
\n\n
\n- Check platform to set archive extension appropriately by
\n@âcory-miller
in actions/checkout#1732v4.1.5
\n\n
\n- Update NPM dependencies by
\n@âcory-miller
in actions/checkout#1703- Bump github/codeql-action from 2 to 3 by
\n@âdependabot
in actions/checkout#1694- Bump actions/setup-node from 1 to 4 by
\n@âdependabot
in actions/checkout#1696- Bump actions/upload-artifact from 2 to 4 by
\n@âdependabot
in actions/checkout#1695- README: Suggest
\nuser.email
to be41898282+github-actions[bot]@users.noreply.github.com
by@âcory-miller
in actions/checkout#1707v4.1.4
\n\n
\n- Disable
\nextensions.worktreeConfig
when disablingsparse-checkout
by@âjww3
in actions/checkout#1692- Add dependabot config by
\n@âcory-miller
in actions/checkout#1688- Bump the minor-actions-dependencies group with 2 updates by
\n@âdependabot
in actions/checkout#1693- Bump word-wrap from 1.2.3 to 1.2.5 by
\n@âdependabot
in actions/checkout#1643v4.1.3
\n\n
\n- Check git version before attempting to disable
\nsparse-checkout
by@âjww3
in actions/checkout#1656- Add SSH user parameter by
\n@âcory-miller
in actions/checkout#1685- Update
\nactions/checkout
version inupdate-main-version.yml
by@âjww3
in actions/checkout#1650v4.1.2
\n\n
\n- Fix: Disable sparse checkout whenever
\nsparse-checkout
option is not present@âdscho
in actions/checkout#1598v4.1.1
\n\n
\n- Correct link to GitHub Docs by
\n@âpeterbe
in actions/checkout#1511- Link to release page from what's new section by
\n@âcory-miller
in actions/checkout#1514v4.1.0
\n\nv4.0.0
\n\nv3.6.0
\n\n
\n- Fix: Mark test scripts with Bash'isms to be run via Bash
\n- Add option to fetch tags even if fetch-depth > 0
\nv3.5.3
\n\n
\n- Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
\n- Fix typos found by codespell
\n- Add support for sparse checkouts
\nv3.5.2
\n\nv3.5.1
\n
... (truncated)
\na5ac7e5
Update for 4.1.6 release (#1733)24ed1a3
Check platform for extension (#1732)Sourced from actions/checkout's releases.
\n\n\nv4.1.6
\nWhat's Changed
\n\n
\n- Check platform to set archive extension appropriately by
\n@âcory-miller
in actions/checkout#1732- Update for 4.1.6 release by
\n@âcory-miller
in actions/checkout#1733Full Changelog: https://github.com/actions/checkout/compare/v4.1.5...v4.1.6
\n
Sourced from actions/checkout's changelog.
\n\n\nChangelog
\nv4.1.6
\n\n
\n- Check platform to set archive extension appropriately by
\n@âcory-miller
in actions/checkout#1732v4.1.5
\n\n
\n- Update NPM dependencies by
\n@âcory-miller
in actions/checkout#1703- Bump github/codeql-action from 2 to 3 by
\n@âdependabot
in actions/checkout#1694- Bump actions/setup-node from 1 to 4 by
\n@âdependabot
in actions/checkout#1696- Bump actions/upload-artifact from 2 to 4 by
\n@âdependabot
in actions/checkout#1695- README: Suggest
\nuser.email
to be41898282+github-actions[bot]@users.noreply.github.com
by@âcory-miller
in actions/checkout#1707v4.1.4
\n\n
\n- Disable
\nextensions.worktreeConfig
when disablingsparse-checkout
by@âjww3
in actions/checkout#1692- Add dependabot config by
\n@âcory-miller
in actions/checkout#1688- Bump the minor-actions-dependencies group with 2 updates by
\n@âdependabot
in actions/checkout#1693- Bump word-wrap from 1.2.3 to 1.2.5 by
\n@âdependabot
in actions/checkout#1643v4.1.3
\n\n
\n- Check git version before attempting to disable
\nsparse-checkout
by@âjww3
in actions/checkout#1656- Add SSH user parameter by
\n@âcory-miller
in actions/checkout#1685- Update
\nactions/checkout
version inupdate-main-version.yml
by@âjww3
in actions/checkout#1650v4.1.2
\n\n
\n- Fix: Disable sparse checkout whenever
\nsparse-checkout
option is not present@âdscho
in actions/checkout#1598v4.1.1
\n\n
\n- Correct link to GitHub Docs by
\n@âpeterbe
in actions/checkout#1511- Link to release page from what's new section by
\n@âcory-miller
in actions/checkout#1514v4.1.0
\n\nv4.0.0
\n\nv3.6.0
\n\n
\n- Fix: Mark test scripts with Bash'isms to be run via Bash
\n- Add option to fetch tags even if fetch-depth > 0
\nv3.5.3
\n\n
\n- Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
\n- Fix typos found by codespell
\n- Add support for sparse checkouts
\nv3.5.2
\n\nv3.5.1
\n
... (truncated)
\na5ac7e5
Update for 4.1.6 release (#1733)24ed1a3
Check platform for extension (#1732)Sourced from ossf/scorecard-action's releases.
\n\n\nv2.3.3
\n\n\n[!NOTE]
\n
\nThere is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tagWhat's Changed
\n\n
\n- :seedling: Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by
\n@âspencerschrock
in ossf/scorecard-action#1366- :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by
\n@âspencerschrock
in ossf/scorecard-action#1374- :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by
\n@âspencerschrock
in ossf/scorecard-action#1377For a full changelist of what these include, see the v5.0.0-rc1 and v5.0.0-rc2 release notes.
\nDocumentation
\n\n
\n- :book: Move token discussion out of main README. by
\n@âspencerschrock
in ossf/scorecard-action#1279- :book: link to
\nossf/scorecard
workflow instead of maintaining an example by@âspencerschrock
in ossf/scorecard-action#1352- :book: update api links to new scorecard.dev site by
\n@âspencerschrock
in ossf/scorecard-action#1376Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.3.1...v2.3.3
\n
dc50aa9
:seedling: Bump docker tag for v2.3.3 release (#1368)8ff5700
:seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0....8ba5e73
update api links to new scorecard.dev site (#1376)92ddde3
Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 (#1374)6c55905
:seedling: Bump golang.org/x/net from 0.24.0 to 0.25.0 (#1373)09bb953
:seedling: Bump distroless/base in the docker-images group (#1372)1511e13
:seedling: Bump the github-actions group across 1 directory with 6 updates (#...df66cd8
:seedling: Bump the docker-images group with 2 updates (#1370)fad9a3c
:seedling: Bump distroless/base in the docker-images group (#1364)1e01a30
:seedling: Bump the github-actions group with 3 updates (#1365)Sourced from ossf/scorecard-action's releases.
\n\n\nv2.3.3
\n\n\n[!NOTE]
\n
\nThere is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tagWhat's Changed
\n\n
\n- :seedling: Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by
\n@âspencerschrock
in ossf/scorecard-action#1366- :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by
\n@âspencerschrock
in ossf/scorecard-action#1374- :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by
\n@âspencerschrock
in ossf/scorecard-action#1377For a full changelist of what these include, see the v5.0.0-rc1 and v5.0.0-rc2 release notes.
\nDocumentation
\n\n
\n- :book: Move token discussion out of main README. by
\n@âspencerschrock
in ossf/scorecard-action#1279- :book: link to
\nossf/scorecard
workflow instead of maintaining an example by@âspencerschrock
in ossf/scorecard-action#1352- :book: update api links to new scorecard.dev site by
\n@âspencerschrock
in ossf/scorecard-action#1376Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.3.1...v2.3.3
\n
dc50aa9
:seedling: Bump docker tag for v2.3.3 release (#1368)8ff5700
:seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0....8ba5e73
update api links to new scorecard.dev site (#1376)92ddde3
Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 (#1374)6c55905
:seedling: Bump golang.org/x/net from 0.24.0 to 0.25.0 (#1373)09bb953
:seedling: Bump distroless/base in the docker-images group (#1372)1511e13
:seedling: Bump the github-actions group across 1 directory with 6 updates (#...df66cd8
:seedling: Bump the docker-images group with 2 updates (#1370)fad9a3c
:seedling: Bump distroless/base in the docker-images group (#1364)1e01a30
:seedling: Bump the github-actions group with 3 updates (#1365)Sourced from actions/checkout's releases.
\n\n\nv4.1.5
\nWhat's Changed
\n\n
\n- Update NPM dependencies by
\n@âcory-miller
in actions/checkout#1703- Bump github/codeql-action from 2 to 3 by
\n@âdependabot
in actions/checkout#1694- Bump actions/setup-node from 1 to 4 by
\n@âdependabot
in actions/checkout#1696- Bump actions/upload-artifact from 2 to 4 by
\n@âdependabot
in actions/checkout#1695- README: Suggest
\nuser.email
to be41898282+github-actions[bot]@users.noreply.github.com
by@âcory-miller
in actions/checkout#1707Full Changelog: https://github.com/actions/checkout/compare/v4.1.4...v4.1.5
\n
44c2b7a
README: Suggest user.email
to be `41898282+github-actions[bot]@âusers
.norepl...8459bc0
Bump actions/upload-artifact from 2 to 4 (#1695)3f603f6
Bump actions/setup-node from 1 to 4 (#1696)fd084cd
Bump github/codeql-action from 2 to 3 (#1694)9c1e94e
Update NPM dependencies (#1703)Sourced from actions/checkout's releases.
\n\n\nv4.1.5
\nWhat's Changed
\n\n
\n- Update NPM dependencies by
\n@âcory-miller
in actions/checkout#1703- Bump github/codeql-action from 2 to 3 by
\n@âdependabot
in actions/checkout#1694- Bump actions/setup-node from 1 to 4 by
\n@âdependabot
in actions/checkout#1696- Bump actions/upload-artifact from 2 to 4 by
\n@âdependabot
in actions/checkout#1695- README: Suggest
\nuser.email
to be41898282+github-actions[bot]@users.noreply.github.com
by@âcory-miller
in actions/checkout#1707Full Changelog: https://github.com/actions/checkout/compare/v4.1.4...v4.1.5
\n
44c2b7a
README: Suggest user.email
to be `41898282+github-actions[bot]@âusers
.norepl...8459bc0
Bump actions/upload-artifact from 2 to 4 (#1695)3f603f6
Bump actions/setup-node from 1 to 4 (#1696)fd084cd
Bump github/codeql-action from 2 to 3 (#1694)9c1e94e
Update NPM dependencies (#1703)