codeql-action
codeql-action copied to clipboard
github
Actions for running CodeQL analysis
This will cause the credentials extracted from the proxy configurations to subsequently be masked in the Actions log, reducing the probability of accidental leakage. ### Merge / deployment checklist -...
### Merge / deployment checklist - [ ] Confirm this change is backwards compatible with existing workflows. - [ ] Confirm the [readme](https://github.com/github/codeql-action/blob/main/README.md) has been updated if necessary. - [...
This PR updates the list of supported GitHub Enterprise Server versions, either because a new version is about to be feature frozen, or because an old release has been deprecated....
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot] avatar"){kind=avatar}
This PR adds a new `quality-queries` input to the `init` action. Fundamentally, this behaves the same as the `queries` input and propagates a list of queries to the CLI. The...
Bumps the npm group with 2 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser). Updates `@typescript-eslint/eslint-plugin` from 8.33.1 to 8.34.0 Release notes Sourced from @typescript-eslint/eslint-plugin's releases. v8.34.0 8.34.0 (2025-06-09) 🚀 Features type-utils: deprecated getSourceFileOfNode...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
This PR revives #779, adding a few new features: - Correctly handle language aliases (these didn't exist at the time) - Determine whether or not a language is traced by...
_Originally posted by @rofreytag in [#2215](https://github.com/github/codeql-action/issues/2215#issuecomment-2901199211)_ I run into an issue when using trivy config scan on a subfolder. The reported issues appear in the security tab, but the folder/path...
From https://github.com/github/codeql-action/issues/2030#issuecomment-2844971762 `CODEQL_ACTION_CLEANUP_TRAP_CACHES` is not working now. CodeQL generate 300M+ cache each CI build. We always have trouble with the amount of limit by this problem. * Repository: https://github.com/ruby/ruby *...
We're trying to configure CodeQL for our TypeScript monorepo. For TypeScript, it times out after six hours. We have just over a million lines of TypeScript in a private repo....
Not sure what causes this. But our Xcode build job just gets stuck at SPM trying to fetch a framework from a private repository when having the CodeQL initialisation step...
