Skip to content

Merge main into releases/v2 #1360

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
henrymercer merged 22 commits into from
Nov 14, 2022
Merged

Merge main into releases/v2 #1360

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
5da50dc
Add file baseline information feature
henrymercer Oct 26, 2022
89e1893
Forward file baseline information enablement to CLI
henrymercer Oct 26, 2022
6a5e69e
Update changelog and version after v2.1.31
invalid-email-address Nov 4, 2022
31a2afe
Update checked-in dependencies
invalid-email-address Nov 4, 2022
8aff97f
Merge pull request #1346 from github/mergeback/v2.1.31-to-main-c3b6fce4
aeisenberg Nov 7, 2022
dba70ac
Bump default CodeQL version to 2.11.3
henrymercer Nov 7, 2022
b9b7d9f
Add PR check for file baseline information
henrymercer Nov 7, 2022
029ecc0
Check expected SARIF notification objects
henrymercer Nov 7, 2022
c606252
Merge pull request #1329 from github/henrymercer/file-baseline-info-e…
henrymercer Nov 7, 2022
f9948ff
Improve experience when init fails before generating a config file
henrymercer Nov 7, 2022
0e5b04a
Merge pull request #1349 from github/henrymercer/improve-focus-when-i…
henrymercer Nov 8, 2022
01c4458
use ATM pack v0.4.0 for CLI v2.11.3 and above
Nov 8, 2022
73ff862
Merge pull request #1351 from kaeluka/release-atm-v0.4.0
Nov 8, 2022
fb3fdd7
add ATM 0.4.0 to changelog
Nov 9, 2022
7c9e85e
Merge pull request #1353 from kaeluka/add-ATM-0.4.0-to-changelog
Nov 9, 2022
d6f6ef4
Force exit of process if a timeout has occurred
edoardopirovano Nov 9, 2022
006bb00
Merge pull request #1354 from github/edoardo/force-exit-on-timeout
edoardopirovano Nov 10, 2022
9452b6b
Merge branch 'main' into henrymercer/use-codeql-2.11.3
henrymercer Nov 11, 2022
76a7740
Fix Python query identifier in file baseline information PR check
henrymercer Nov 11, 2022
718930b
Pin npm to latest v8 release to address failing PR check
henrymercer Nov 11, 2022
33b10be
Merge pull request #1348 from github/henrymercer/use-codeql-2.11.3
henrymercer Nov 11, 2022
97be623
Update changelog for v2.1.32
invalid-email-address Nov 14, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# CodeQL Action Changelog

## [UNRELEASED]

No user facing changes.

## 2.1.31 - 04 Nov 2022

- The `rb/weak-cryptographic-algorithm` Ruby query has been updated to no longer report uses of hash functions such as `MD5` and `SHA1` even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. For more information, see the corresponding change in the [github/codeql repository](https://github.com/github/codeql/pull/11129). [#1344](https://github.com/github/codeql-action/pull/1344)
Expand Down
2 changes: 1 addition & 1 deletion node_modules/.package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "codeql",
"version": "2.1.31",
"version": "2.1.32",
"private": true,
"description": "CodeQL action",
"scripts": {
Expand Down