actions/first-interaction
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
116 Commits 1 Branch 14 Tags
cf5cf8763f4c4e9dbce08135b1c112b94472acfe
Commit Graph

4 Commits

Author SHA1 Message Date
dependabot[bot]
0972aa989b Bump actions/checkout from 4 to 5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-12 04:30:32 +00:00
Nick Alteen
53d94eab80 Udate workflows 2025-02-19 13:52:16 -05:00
Patrick Ellis
cc18bea05f Upgrade codeql actions to v2 
Currently we're using v1, and there have been some important changes since then.

In particular, the latest version, v2.14.4, contains an important security patch:

> The CodeQL CLI no longer supports the `SEMMLE_JAVA_ARGS` environment variable. All previous versions of the CodeQL CLI perform command substitution on the `SEMMLE_JAVA_ARGS` value (for example, replacing `'$(echo foo)'` with `'foo'`) when starting a new Java virtual machine, which, depending on the execution environment, may have security implications. Users are advised to check their environments for possible `SEMMLE_JAVA_ARGS` misuse.

See the [codeql-action release notes](https://github.com/github/codeql-cli-binaries/releases/tag/v2.14.4) for full details.
 2023-09-27 15:11:26 -04:00
Tingluo Huang
07f2b50de7 Create codeql-analysis.yml 2022-03-30 13:51:26 -04:00