You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CONTRIBUTING.md
+21Lines changed: 21 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -78,6 +78,27 @@ Since the `codeql-action` runs most of its testing through individual Actions wo
78
78
2. Run the script. If there's a reason to, you can pass in a different SHA as a CLI argument.
79
79
3. After running, go to the [branch protection rules settings page](https://github.com/github/codeql-action/settings/branches) and validate that the rules for `main`, `v1`, and `v2` have been updated.
80
80
81
+
## Deprecating a CodeQL version (write access required)
82
+
83
+
We typically deprecate a version of CodeQL when the GitHub Enterprise Server (GHES) version that it first shipped in is deprecated.
84
+
85
+
1. Work out the next minimum version of CodeQL. This is the version that shipped in the version of GHES after the one that has just been deprecated.
86
+
1. Notify users using the old version of CodeQL about the deprecation.
87
+
- Update `CODEQL_NEXT_MINIMUM_VERSION`, `GHES_VERSION_MOST_RECENTLY_DEPRECATED`, and `GHES_MOST_RECENT_DEPRECATION_DATE` in `src/codeql.ts` to reflect the new minimum version of CodeQL and the GHES version that has just been deprecated.
88
+
- Add a changelog note announcing the deprecation.
89
+
- Example PR: https://github.com/github/codeql-action/pull/1884
90
+
1. Release the Action, or wait for the next scheduled release of the Action, then wait at least a week so users have time to see and act on the deprecation warning.
91
+
1. Remove support for the old version of CodeQL.
92
+
- Bump `CODEQL_MINIMUM_VERSION` in `src/codeql.ts` to the new minimum version of CodeQL.
93
+
- Remove any code that is only needed to support the old version of CodeQL. This is often behind a version guard, so look for instances of version numbers between the old minimum version and the new minimum version in the codebase. A good place to start is the list of version numbers in `src/codeql.ts`.
94
+
- Update the default set of CodeQL test versions in `pr-checks/sync.py`.
95
+
- Remove the old minimum version of CodeQL.
96
+
- Add the latest patch release for any new CodeQL minor version series that have shipped in GHES.
97
+
- Run the script to update the generated PR checks.
98
+
- Do the same for PR checks that aren't auto-generated.
99
+
- Add a changelog note announcing the new minimum version of CodeQL that is now required.
100
+
- Example PR: https://github.com/github/codeql-action/pull/1907
101
+
81
102
## Resources
82
103
83
104
-[How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
0 commit comments