microsoft
diff --git a/‎.bazelrc
Lines changed: 3 additions & 0 deletions b/‎.bazelrc
Lines changed: 3 additions & 0 deletions
diff --git a/‎.github/workflows/go-tests-other-os.yml
Lines changed: 1 addition & 0 deletions b/‎.github/workflows/go-tests-other-os.yml
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/workflows/go-tests.yml
Lines changed: 2 additions & 0 deletions b/‎.github/workflows/go-tests.yml
Lines changed: 2 additions & 0 deletions
diff --git a/‎LICENSE
Lines changed: 1 addition & 1 deletion b/‎LICENSE
Lines changed: 1 addition & 1 deletion
diff --git a/‎MODULE.bazel
Lines changed: 6 additions & 9 deletions b/‎MODULE.bazel
Lines changed: 6 additions & 9 deletions
diff --git a/‎actions/extractor/BUILD.bazel
Lines changed: 3 additions & 1 deletion b/‎actions/extractor/BUILD.bazel
Lines changed: 3 additions & 1 deletion
diff --git a/‎actions/ql/extensions/immutable-actions-list/ext/immutable_actions.yml
Lines changed: 28 additions & 0 deletions b/‎actions/ql/extensions/immutable-actions-list/ext/immutable_actions.yml
Lines changed: 28 additions & 0 deletions
diff --git a/‎actions/ql/extensions/immutable-actions-list/qlpack.yml
Lines changed: 14 additions & 0 deletions b/‎actions/ql/extensions/immutable-actions-list/qlpack.yml
Lines changed: 14 additions & 0 deletions
diff --git a/‎actions/ql/lib/CHANGELOG.md
Lines changed: 4 additions & 0 deletions b/‎actions/ql/lib/CHANGELOG.md
Lines changed: 4 additions & 0 deletions
diff --git a/‎actions/ql/lib/change-notes/released/0.4.4.md
Lines changed: 3 additions & 0 deletions b/‎actions/ql/lib/change-notes/released/0.4.4.md
Lines changed: 3 additions & 0 deletions
@@ -12,6 +12,9 @@ common --override_module=semmle_code=%workspace%/misc/bazel/semmle_code_stub
 
 build --repo_env=CC=clang --repo_env=CXX=clang++
 
+# print test output, like sembuild does.
+# Set to `errors` if this is too verbose.
+test --test_output all
 # we use transitions that break builds of `...`, so for `test` to work with that we need the following
 test --build_tests_only
 
 
@@ -3,6 +3,7 @@ on:
   pull_request:
     paths:
       - "go/**"
+      - "!go/documentation/**"
       - "!go/ql/**" # don't run other-os if only ql/ files changed
       - .github/workflows/go-tests-other-os.yml
       - .github/actions/**
 
@@ -3,6 +3,7 @@ on:
   push:
     paths:
       - "go/**"
+      - "!go/documentation/**"
       - "shared/**"
       - .github/workflows/go-tests.yml
       - .github/actions/**
@@ -13,6 +14,7 @@ on:
   pull_request:
     paths:
       - "go/**"
+      - "!go/documentation/**"      
       - "shared/**"
       - .github/workflows/go-tests.yml
       - .github/actions/**
 
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2006-2020 GitHub, Inc.
+Copyright (c) 2006-2025 GitHub, Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 
@@ -58,15 +58,12 @@ register_toolchains("@rust_toolchains//:all")
 py_deps = use_extension("//misc/bazel/3rdparty:py_deps_extension.bzl", "p")
 use_repo(
     py_deps,
-    "vendor__anyhow-1.0.44",
-    "vendor__cc-1.0.70",
-    "vendor__clap-2.33.3",
-    "vendor__regex-1.5.5",
-    "vendor__smallvec-1.6.1",
-    "vendor__string-interner-0.12.2",
-    "vendor__thiserror-1.0.29",
-    "vendor__tree-sitter-0.20.4",
-    "vendor__tree-sitter-graph-0.7.0",
+    "vendor_py__anyhow-1.0.95",
+    "vendor_py__cc-1.2.14",
+    "vendor_py__clap-4.5.30",
+    "vendor_py__regex-1.11.1",
+    "vendor_py__tree-sitter-0.20.4",
+    "vendor_py__tree-sitter-graph-0.7.0",
 )
 
 # deps for ruby+rust
 
@@ -4,7 +4,9 @@ codeql_pkg_files(
     name = "extractor",
     srcs = [
         "codeql-extractor.yml",
-    ] + glob(["tools/**"]),
+        "//:LICENSE",
+    ],
+    exes = glob(["tools/**"]),
     strip_prefix = strip_prefix.from_pkg(),
     visibility = ["//actions:__pkg__"],
 )
@@ -0,0 +1,28 @@
+extensions:
+  - addsTo:
+      pack: codeql/actions-all
+      extensible: immutableActionsDataModel
+    data:
+      - ["actions/checkout"]
+      - ["actions/cache"]
+      - ["actions/setup-node"]
+      - ["actions/upload-artifact"]
+      - ["actions/setup-python"]
+      - ["actions/download-artifact"]
+      - ["actions/github-script"]
+      - ["actions/setup-java"]
+      - ["actions/setup-go"]
+      - ["actions/upload-pages-artifact"]
+      - ["actions/deploy-pages"]
+      - ["actions/setup-dotnet"]
+      - ["actions/stale"]
+      - ["actions/labeler"]
+      - ["actions/create-github-app-token"]
+      - ["actions/configure-pages"]
+      - ["github/codeql-action/analyze"]
+      - ["github/codeql-action/autobuild"]
+      - ["github/codeql-action/init"]
+      - ["github/codeql-action/resolve-environment"]
+      - ["github/codeql-action/start-proxy"]
+      - ["github/codeql-action/upload-sarif"]
+      - ["octokit/request-action"]
@@ -0,0 +1,14 @@
+# Model pack containing the list of known immutable actions. The Immutable Actions feature is not
+# yet released, so this pack will only be used within GitHub. Once the feature is available to
+# customers, we will move the contents of this pack back into the standard library pack.
+name: codeql/immutable-actions-list
+version: 0.0.1-dev
+library: true
+warnOnImplicitThis: true
+extensionTargets:
+  # We expect to need this model pack even after GA of Actions analysis, so make it compatible with
+  # all future prereleases plus 1.x.x. We should be able to remove this back before we need to
+  # bump the major version to 2.
+  codeql/actions-all: ">=0.4.3 <2.0.0"
+dataExtensions:
+- ext/**/*.yml
@@ -1,3 +1,7 @@
+## 0.4.4
+
+No user-facing changes.
+
 ## 0.4.3
 
 ### New Features
 
@@ -0,0 +1,3 @@
+## 0.4.4
+
+No user-facing changes.
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+## 0.4.4`
	`2`	`+`
	`3`	`+No user-facing changes.`