5 Releases published by 2 people

• codeql-bundle-v2.21.3 CodeQL Bundle v2.21.3

  published May 13, 2025

• v3.28.18

  published May 16, 2025

• codeql-bundle-v2.21.4 CodeQL Bundle v2.21.4

  published May 27, 2025

• v3.28.19

  published Jun 3, 2025

• codeql-bundle-v2.22.0 CodeQL Bundle v2.22.0

  published Jun 9, 2025

23 Pull requests merged by 6 people

• Bump minimum CodeQL version to 2.16.6

  #2912 merged Jun 9, 2025

• build(deps): bump the npm group with 5 updates

  #2916 merged Jun 4, 2025

• Fix backslashes being accepted by sanitizeArtifactName

  #2922 merged Jun 4, 2025

• Mergeback v3.28.19 refs/heads/releases/v3 into main

  #2919 merged Jun 3, 2025

• Merge main into releases/v3

  #2918 merged Jun 3, 2025

• Update default bundle to 2.21.4

  #2910 merged Jun 2, 2025

• Stop running CI on windows-2019

  #2913 merged Jun 2, 2025

• Update supported GitHub Enterprise Server versions

  #2911 merged May 28, 2025

• Dependabot: Remove deprecated reviewers config

  #2908 merged May 27, 2025

• build(deps): bump ruby/setup-ruby from 1.242.0 to 1.244.0 in the actions group

  #2905 merged May 27, 2025

• build(deps): bump the npm group across 1 directory with 2 updates

  #2907 merged May 27, 2025

• build(deps): bump ruby/setup-ruby from 1.230.0 to 1.242.0 in the actions group

  #2899 merged May 22, 2025

• build(deps-dev): bump @eslint/js from 9.26.0 to 9.27.0 in the npm group

  #2898 merged May 22, 2025

• Remove bundled copy of actions extractor

  #2787 merged May 22, 2025

• build(deps): bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group

  #2895 merged May 19, 2025

• Mergeback v3.28.18 refs/heads/releases/v3 into main

  #2897 merged May 16, 2025

• Merge main into releases/v3

  #2896 merged May 16, 2025

• Update default bundle to 2.21.3

  #2893 merged May 15, 2025

• Skip validating SARIF produced by CodeQL

  #2894 merged May 14, 2025

• Update supported GitHub Enterprise Server versions

  #2859 merged May 14, 2025

• Allow configuring CODEQL_THREADS with an env var

  #2891 merged May 14, 2025

• build(deps): bump the npm group across 1 directory with 4 updates

  #2892 merged May 13, 2025

• build(deps): bump the actions group with 2 updates

  #2889 merged May 13, 2025

4 Pull requests opened by 4 people

• Allow using new CodeQL languages without updating the CodeQL Action

  #2914 opened May 30, 2025

• Add new `quality-queries` input

  #2917 opened Jun 3, 2025

• build(deps-dev): bump the npm group with 2 updates

  #2924 opened Jun 9, 2025

• Update default bundle to 2.22.0

  #2925 opened Jun 9, 2025

5 Issues closed by 5 people

• [codeql-action/init] running for language `action` fails when referencing in workflow by sha rather than version.

  #2923 closed Jun 6, 2025

• https://github.com/github/codeql-action/issues/new/choose

  #2921 closed Jun 3, 2025

• Building a go library fails due to proxy errors (Default setup)

  #2909 closed May 27, 2025

• CodeQL actions v3.28.18 fail to upload Sarif file

  #2903 closed May 21, 2025

• No way to configure CODEQL_THREADS with an environment variable

  #2890 closed May 14, 2025

2 Issues opened by 2 people

• upload-sarif does not handle relative paths when trivy runs on a subfolder

  #2904 opened May 23, 2025

• CodeQL action times out after six hours

  #2902 opened May 20, 2025

3 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Fetching SPM from private repository when including CodeQL init step

  #2809 commented on May 16, 2025 • 0 new comments

• CODEQL_ACTION_CLEANUP_TRAP_CACHES is not working

  #2885 commented on May 23, 2025 • 0 new comments

• Upload-sarif action doesn't seem to respect "uriBaseId" in SARIF files

  #2215 commented on May 23, 2025 • 0 new comments