Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: github/codeql-action
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.1.30
Choose a base ref
...
head repository: github/codeql-action
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.1.31
Choose a head ref
  • 15 commits
  • 12 files changed
  • 5 contributors

Commits on Nov 2, 2022

  1. Update changelog and version after v2.1.30

    github-actions[bot] committed Nov 2, 2022
    Copy the full SHA
    60c8cda View commit details

  2. Update checked-in dependencies

    github-actions[bot] committed Nov 2, 2022
    Copy the full SHA
    81a1ec0 View commit details

  3. Merge pull request #1342 from github/mergeback/v2.1.30-to-main-18fe527f 

    Mergeback v2.1.30 refs/heads/releases/v2 into main
    @henrymercer
    henrymercer authored Nov 2, 2022
    Copy the full SHA
    7151077 View commit details

Commits on Nov 4, 2022

  1. Prune results of Ruby query from SARIF

    @edoardopirovano
    edoardopirovano committed Nov 4, 2022
    Copy the full SHA
    862a512 View commit details

  2. Merge pull request #1344 from github/edoardo/prune-ruby 

    Prune results of Ruby query from SARIF
    @edoardopirovano
    edoardopirovano authored Nov 4, 2022
    Copy the full SHA
    a8cabaf View commit details

  3. Update changelog for v2.1.31

    github-actions[bot] committed Nov 4, 2022
    Copy the full SHA
    e260194 View commit details

  4. Update CHANGELOG.md 

    Add message about `rb/weak-cryptographic-algorithm`.
    @aeisenberg
    aeisenberg authored Nov 4, 2022
    Copy the full SHA
    29a5553 View commit details

  5. Update CHANGELOG.md 

    Add link to codeql PR.
    @aeisenberg
    aeisenberg authored Nov 4, 2022
    Copy the full SHA
    8aa42f1 View commit details

  6. Merge pull request #1345 from github/update-v2.1.31-a8cabafa 

    Merge main into releases/v2
    @aeisenberg
    aeisenberg authored Nov 4, 2022
    Copy the full SHA
    c3b6fce View commit details

  7. Revert "Update version and changelog for v1.1.30" 

    This reverts commit 8428fd9.
    github-actions[bot] committed Nov 4, 2022
    Copy the full SHA
    69423c9 View commit details

  8. Revert "Update checked-in dependencies" 

    This reverts commit bdbba7a.
    github-actions[bot] committed Nov 4, 2022
    Copy the full SHA
    9acbd2a View commit details

  9. Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.31… 

    …-c3b6fce4
    github-actions[bot] committed Nov 4, 2022
    Copy the full SHA
    b1b2d85 View commit details

  10. Update version and changelog for v1.1.31

    github-actions[bot] committed Nov 4, 2022
    Copy the full SHA
    6132391 View commit details

  11. Update checked-in dependencies

    github-actions[bot] committed Nov 4, 2022
    Copy the full SHA
    1cebd8a View commit details

  12. Merge pull request #1347 from github/update-v1.1.31-c3b6fce4 

    Merge releases/v2 into releases/v1
    @aeisenberg
    aeisenberg authored Nov 4, 2022
    Copy the full SHA
    9e288b0 View commit details
Showing with 324 additions and 23 deletions.
  1. +4 −0 CHANGELOG.md
  2. +36 −1 lib/upload-lib.js
  3. +1 −1 lib/upload-lib.js.map
  4. +100 −0 lib/upload-lib.test.js
  5. +1 −1 lib/upload-lib.test.js.map
  6. +1 −1 lib/util.js.map
  7. +1 −1 node_modules/.package-lock.json
  8. +2 −2 package-lock.json
  9. +1 −1 package.json
  10. +115 −3 src/upload-lib.test.ts
  11. +44 −1 src/upload-lib.ts
  12. +18 −11 src/util.ts
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# CodeQL Action Changelog

## 1.1.31 - 04 Nov 2022

- The `rb/weak-cryptographic-algorithm` Ruby query has been updated to no longer report uses of hash functions such as `MD5` and `SHA1` even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. For more information, see the corresponding change in the [github/codeql repository](https://github.com/github/codeql/pull/11129). [#1344](https://github.com/github/codeql-action/pull/1344)

## 1.1.30 - 02 Nov 2022

- Improve the error message when using CodeQL bundle version 2.7.2 and earlier in a workflow that runs on a runner image such as `ubuntu-22.04` that uses glibc version 2.34 and later. [#1334](https://github.com/github/codeql-action/pull/1334)
37 changes: 36 additions & 1 deletion lib/upload-lib.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading