codeql-action
codeql-action copied to clipboard
github
Actions for running CodeQL analysis
In https://github.com/github/codeql-action/pull/2741, we added this logic due to an issue with the CLI. The CLI has since been fixed and I think it is cleaner to remove this workaround. I...
I'm targeting a project that is more interested in leading-edge distros than most (https://github.com/a5ehren/gamemode/tree/master) and have restricted the minimum Meson version to 1.3.1 in order to clean out a bunch...
This repo currently includes an .swf (Adobe Flash) file thanks to one of the NPM packages that is pulled into the node_modules tree: **node-forge**. Located at: node_modules/node-forge/flash At our company,...
This is useful for testing new versions of the proxy before release. ### Merge / deployment checklist - [ ] Confirm this change is backwards compatible with existing workflows. -...
Evaluation gets stuck with CodeQL Bundle v2.21.0 when using security-and-quality queries https://github.com/sasobadovinac/FreeCAD/actions/runs/14549227291/job/40818435379 CodeQL Bundle v2.20.7 was working fine https://github.com/sasobadovinac/FreeCAD/actions/runs/14281995311/job/40032617394 Testing CodeQL Bundle v2.21.1 is also not working https://github.com/sasobadovinac/FreeCAD/actions/runs/14615985688/job/41004230514 Testing by...
Hi! I recently started using CodeQL for checking my GitHub Actions via the [Default Setu](https://docs.github.com/en/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#requirements-for-using-default-setup)p. I also use Dependabot for version management. I noticed on my Dependabot PRs that I...
I figured it would be useful to avoid duplicating this across different extractors that e.g. set `SSL_CERT_FILE` for relevant sub-processes. That's currently done by the C# extractor and looks like...
## Description This PR adds a module for checking basic system requirements, as listed in https://codeql.github.com/docs/codeql-overview/system-requirements/. ### Merge / deployment checklist - [ ] Confirm this change is backwards compatible...
Hello! I'm reporting what I believe to be a bug in GitHub's SARIF consumption. This bug is probably happening somewhere deeper in GitHub's SARIF consumption machinery but `upload-sarif` is the...
* [Bundle action using esbuild](https://github.com/github/codeql-action/commit/3dc118c13c28b2804932fce08b479e77e5007079) -- the main change - fixes #2542 * deleted `lib` and `node_modules` * changed `*/action.yml` to use local minified bundled files * minified+bundled: `*/*action.js` +...
