You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+34-31Lines changed: 34 additions & 31 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,149 +4,152 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
4
4
5
5
Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.
6
6
7
-
## 2.25.13 - 19 Jul 2024
7
+
## 3.25.13 - 19 Jul 2024
8
8
9
9
- Add `codeql-version` to outputs. [#2368](https://github.com/github/codeql-action/pull/2368)
10
10
- Add a deprecation warning for customers using CodeQL version 2.13.4 and earlier. These versions of CodeQL were discontinued on 9 July 2024 alongside GitHub Enterprise Server 3.9, and will be unsupported by CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later. [#2375](https://github.com/github/codeql-action/pull/2375)
11
11
- If you are using one of these versions, please update to CodeQL CLI version 2.13.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
12
12
- Alternatively, if you want to continue using a version of the CodeQL CLI between 2.12.6 and 2.13.4, you can replace `github/codeql-action/*@v3` by `github/codeql-action/*@v3.25.13` and `github/codeql-action/*@v2` by `github/codeql-action/*@v2.25.13` in your code scanning workflow to ensure you continue using this version of the CodeQL Action.
13
13
14
-
## 2.25.12 - 12 Jul 2024
14
+
## 3.25.12 - 12 Jul 2024
15
15
16
16
- Improve the reliability and performance of analyzing code when analyzing a compiled language with the `autobuild`[build mode](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes) on GitHub Enterprise Server. This feature is already available to GitHub.com users. [#2353](https://github.com/github/codeql-action/pull/2353)
17
17
- Update default CodeQL bundle version to 2.18.0. [#2364](https://github.com/github/codeql-action/pull/2364)
18
18
19
-
## 2.25.11 - 28 Jun 2024
19
+
## 3.25.11 - 28 Jun 2024
20
20
21
21
- Avoid failing the workflow run if there is an error while uploading debug artifacts. [#2349](https://github.com/github/codeql-action/pull/2349)
22
22
- Update default CodeQL bundle version to 2.17.6. [#2352](https://github.com/github/codeql-action/pull/2352)
23
23
24
-
## 2.25.10 - 13 Jun 2024
24
+
## 3.25.10 - 13 Jun 2024
25
25
26
26
- Update default CodeQL bundle version to 2.17.5. [#2327](https://github.com/github/codeql-action/pull/2327)
27
27
28
-
## 2.25.9 - 12 Jun 2024
28
+
## 3.25.9 - 12 Jun 2024
29
29
30
30
- Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. [#2330](https://github.com/github/codeql-action/pull/2330)
31
31
- The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. [#2332](https://github.com/github/codeql-action/pull/2332)
32
32
33
-
## 2.25.8 - 04 Jun 2024
33
+
## 3.25.8 - 04 Jun 2024
34
34
35
35
- Update default CodeQL bundle version to 2.17.4. [#2321](https://github.com/github/codeql-action/pull/2321)
36
36
37
-
## 2.25.7 - 31 May 2024
37
+
## 3.25.7 - 31 May 2024
38
38
39
39
- We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. [#2306](https://github.com/github/codeql-action/pull/2306)
40
40
41
-
## 2.25.6 - 20 May 2024
41
+
## 3.25.6 - 20 May 2024
42
42
43
43
- Update default CodeQL bundle version to 2.17.3. [#2295](https://github.com/github/codeql-action/pull/2295)
44
44
45
-
## 2.25.5 - 13 May 2024
45
+
## 3.25.5 - 13 May 2024
46
46
47
47
- Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the [README.md](README.md). [#2273](https://github.com/github/codeql-action/pull/2273)
48
48
- Avoid printing out a warning for a missing `on.push` trigger when the CodeQL Action is triggered via a `workflow_call` event. [#2274](https://github.com/github/codeql-action/pull/2274)
49
49
- The `tools: latest` input to the `init` Action has been renamed to `tools: linked`. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. [#2281](https://github.com/github/codeql-action/pull/2281)
50
50
51
-
## 2.25.4 - 08 May 2024
51
+
## 3.25.4 - 08 May 2024
52
52
53
53
- Update default CodeQL bundle version to 2.17.2. [#2270](https://github.com/github/codeql-action/pull/2270)
54
54
55
-
## 2.25.3 - 25 Apr 2024
55
+
## 3.25.3 - 25 Apr 2024
56
56
57
57
- Update default CodeQL bundle version to 2.17.1. [#2247](https://github.com/github/codeql-action/pull/2247)
58
58
- Workflows running on `macos-latest` using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as `macos-12`. ARM machines with SIP disabled, including the newest `macos-latest` image, are unsupported for CLI versions before 2.15.1. [#2261](https://github.com/github/codeql-action/pull/2261)
59
59
60
-
## 2.25.2 - 22 Apr 2024
60
+
## 3.25.2 - 22 Apr 2024
61
61
62
62
No user facing changes.
63
63
64
-
## 2.25.1 - 17 Apr 2024
64
+
## 3.25.1 - 17 Apr 2024
65
65
66
66
- We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the `autobuild`[build mode](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes). [#2235](https://github.com/github/codeql-action/pull/2235)
67
67
- Fix a bug where the `init` Action would fail if `--overwrite` was specified in `CODEQL_ACTION_EXTRA_OPTIONS`. [#2245](https://github.com/github/codeql-action/pull/2245)
68
68
69
-
## 2.25.0 - 15 Apr 2024
69
+
## 3.25.0 - 15 Apr 2024
70
70
71
71
- The deprecated feature for extracting dependencies for a Python analysis has been removed. [#2224](https://github.com/github/codeql-action/pull/2224)
72
+
72
73
As a result, the following inputs and environment variables are now ignored:
74
+
73
75
- The `setup-python-dependencies` input to the `init` Action
74
76
- The `CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION` environment variable
77
+
75
78
We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.
76
79
- Automatically overwrite an existing database if found on the filesystem. [#2229](https://github.com/github/codeql-action/pull/2229)
77
80
- Bump the minimum CodeQL bundle version to 2.12.6. [#2232](https://github.com/github/codeql-action/pull/2232)
78
81
- A more relevant log message and a diagnostic are now emitted when the `file` program is not installed on a Linux runner, but is required for Go tracing to succeed. [#2234](https://github.com/github/codeql-action/pull/2234)
79
82
80
-
## 2.24.10 - 05 Apr 2024
83
+
## 3.24.10 - 05 Apr 2024
81
84
82
85
- Update default CodeQL bundle version to 2.17.0. [#2219](https://github.com/github/codeql-action/pull/2219)
83
86
- Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. [#2220](https://github.com/github/codeql-action/pull/2220)
84
87
- If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
85
88
- Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace `github/codeql-action/*@v3` by `github/codeql-action/*@v3.24.10` and `github/codeql-action/*@v2` by `github/codeql-action/*@v2.24.10` in your code scanning workflow to ensure you continue using this version of the CodeQL Action.
86
89
87
-
## 2.24.9 - 22 Mar 2024
90
+
## 3.24.9 - 22 Mar 2024
88
91
89
92
- Update default CodeQL bundle version to 2.16.5. [#2203](https://github.com/github/codeql-action/pull/2203)
90
93
91
-
## 2.24.8 - 18 Mar 2024
94
+
## 3.24.8 - 18 Mar 2024
92
95
93
96
- Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. [#2195](https://github.com/github/codeql-action/pull/2195)
94
97
95
-
## 2.24.7 - 12 Mar 2024
98
+
## 3.24.7 - 12 Mar 2024
96
99
97
100
- Update default CodeQL bundle version to 2.16.4. [#2185](https://github.com/github/codeql-action/pull/2185)
98
101
99
-
## 2.24.6 - 29 Feb 2024
102
+
## 3.24.6 - 29 Feb 2024
100
103
101
104
No user facing changes.
102
105
103
-
## 2.24.5 - 23 Feb 2024
106
+
## 3.24.5 - 23 Feb 2024
104
107
105
108
- Update default CodeQL bundle version to 2.16.3. [#2156](https://github.com/github/codeql-action/pull/2156)
106
109
107
-
## 2.24.4 - 21 Feb 2024
110
+
## 3.24.4 - 21 Feb 2024
108
111
109
112
- Fix an issue where an existing, but empty, `/sys/fs/cgroup/cpuset.cpus` file always resulted in a single-threaded run. [#2151](https://github.com/github/codeql-action/pull/2151)
110
113
111
-
## 2.24.3 - 15 Feb 2024
114
+
## 3.24.3 - 15 Feb 2024
112
115
113
116
- Fix an issue where the CodeQL Action would fail to load a configuration specified by the `config` input to the `init` Action. [#2147](https://github.com/github/codeql-action/pull/2147)
114
117
115
-
## 2.24.2 - 15 Feb 2024
118
+
## 3.24.2 - 15 Feb 2024
116
119
117
120
- Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. [#2141](https://github.com/github/codeql-action/pull/2141)
118
121
119
-
## 2.24.1 - 13 Feb 2024
122
+
## 3.24.1 - 13 Feb 2024
120
123
121
124
- Update default CodeQL bundle version to 2.16.2. [#2124](https://github.com/github/codeql-action/pull/2124)
122
125
- The CodeQL action no longer fails if it can't write to the telemetry api endpoint. [#2121](https://github.com/github/codeql-action/pull/2121)
123
126
124
-
## 2.24.0 - 02 Feb 2024
127
+
## 3.24.0 - 02 Feb 2024
125
128
126
129
- CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See [release notes for 3.23.0](#3230---08-jan-2024) for more details. [#2106](https://github.com/github/codeql-action/pull/2106)
127
130
128
-
## 2.23.2 - 26 Jan 2024
131
+
## 3.23.2 - 26 Jan 2024
129
132
130
133
- On Linux, the maximum possible value for the `--threads` option now respects the CPU count as specified in `cgroup` files to more accurately reflect the number of available cores when running in containers. [#2083](https://github.com/github/codeql-action/pull/2083)
131
134
- Update default CodeQL bundle version to 2.16.1. [#2096](https://github.com/github/codeql-action/pull/2096)
132
135
133
-
## 2.23.1 - 17 Jan 2024
136
+
## 3.23.1 - 17 Jan 2024
134
137
135
138
- Update default CodeQL bundle version to 2.16.0. [#2073](https://github.com/github/codeql-action/pull/2073)
136
139
- Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. [#2079](https://github.com/github/codeql-action/pull/2079)
137
140
138
-
## 2.23.0 - 08 Jan 2024
141
+
## 3.23.0 - 08 Jan 2024
139
142
140
143
- We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting `CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false` in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. [#2031](https://github.com/github/codeql-action/pull/2031)
141
144
- The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see [the corresponding changelog entry for CodeQL Action version 2.22.7](#2227---16-nov-2023). [#2009](https://github.com/github/codeql-action/pull/2009)
142
145
143
-
## 2.22.12 - 22 Dec 2023
146
+
## 3.22.12 - 22 Dec 2023
144
147
145
148
- Update default CodeQL bundle version to 2.15.5. [#2047](https://github.com/github/codeql-action/pull/2047)
146
149
147
-
## 2.22.11 - 13 Dec 2023
150
+
## 3.22.11 - 13 Dec 2023
148
151
149
-
No user facing changes.
152
+
-[v3+ only] The CodeQL Action now runs on Node.js v20. [#2006](https://github.com/github/codeql-action/pull/2006)
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments