summaryrefslogtreecommitdiff
path: root/.github/workflows/codeql-analysis.yml
AgeCommit message (Collapse)Author
2025-06-10Disabled TRAP cache of CodeQLHiroshi SHIBATA
2025-05-01Bump up the latest version of actionsHiroshi SHIBATA
2024-03-14Skip AppVeyor and GitHub if only other CI files are changedNobuyoshi Nakada
2023-11-24Place continue-on-error consistentlyTakashi Kokubun
Once it fails on "Perform CodeQL Analysis", it proceeds to subsequent steps and fails because required files are not created by previous steps. When we have a continue-on-error, all subsequent steps that rely on the step should have a continue-on-error as well.
2023-10-17Bump actions/checkout from 4.1.0 to 4.1.1dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2023-10-13Ignore the failures of CodeQLTakashi Kokubun
It randomly fails like this: https://github.com/ruby/ruby/actions/runs/6510372995/job/17683918027 and we don't want to pay for and use a larger runner for the job that only generates false positives most of the time.
2023-09-25Bump actions/checkout from 4.0.0 to 4.1.0dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/3df4ab11eba7bda6032a0b82a6bb43b11571feac...8ade135a41bc03ea155e62e844d188df1ea18608) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2023-09-15Bump actions/checkout from 3.6.0 to 4.0.0dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...3df4ab11eba7bda6032a0b82a6bb43b11571feac) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2023-08-31CodeQL: Increase memory size [ci skip]Nobuyoshi Nakada
Query evaluation ran out of Java heap frequently since CodeQL 2.14.3. Notes: Merged: https://github.com/ruby/ruby/pull/8337
2023-08-25Skip push by dependabot [ci skip]Nobuyoshi Nakada
Would be pull-requested soon.
2023-08-25Bump actions/checkout from 3.5.3 to 3.6.0dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/c85c95e3d7251135ab7dc9ce3241c5835cc595a9...f43a0e5ff2bd294095638e18286ca9a3d1956744) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2023-07-13Let `[DOC]` in PR title skip CIsNobuyoshi Nakada
Notes: Merged: https://github.com/ruby/ruby/pull/8065
2023-07-04chore: just add spaces [ci skip]卜部昌平
As seen in: https://docs.github.com/en/actions/learn-github-actions/expressions Notes: Merged: https://github.com/ruby/ruby/pull/8020
2023-07-04chore: prettier [ci skip]卜部昌平
This is just `prettier --single-quote`. Single quote is because it generated smaller diff than vice verca. Notes: Merged: https://github.com/ruby/ruby/pull/8020
2023-07-04refactor extract mkdir卜部昌平
Everyone does `mkdir build; src/autogen.sh`; why not merge them. Notes: Merged: https://github.com/ruby/ruby/pull/8020
2023-06-30refactor extract apt-get卜部昌平
Use composite action to reduce copy & paste. Notes: Merged: https://github.com/ruby/ruby/pull/7998
2023-06-12Bump actions/checkout from 3.5.2 to 3.5.3dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e5e7e5ab8b370d6c329ec480221332ada57f0ab...c85c95e3d7251135ab7dc9ce3241c5835cc595a9) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7930
2023-06-12Bump github/codeql-action from 2.3.5 to 2.13.4dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.5 to 2.13.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/0225834cc549ee0ca93cb085b92954821a145866...cdcdbb579706841c47f7063dda365e292e5cad7a) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7929
2023-05-26Bump github/codeql-action from 2.3.3 to 2.3.5dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.3 to 2.3.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/29b1f65c5e92e24fe6b6647da1eaabe529cec70f...0225834cc549ee0ca93cb085b92954821a145866) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2023-05-12Use Lrama LALR parser generator instead of Bisonv3_3_0_preview1Yuichiro Kaneko
https://bugs.ruby-lang.org/issues/19637 Co-authored-by: Nobuyoshi Nakada <nobu@ruby-lang.org> Notes: Merged: https://github.com/ruby/ruby/pull/7798 Merged-By: yui-knk <spiketeika@gmail.com>
2023-05-05Bump github/codeql-action from 2.3.2 to 2.3.3dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.2 to 2.3.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/f3feb00acb00f31a6f60280e6ace9ca31d91c76a...29b1f65c5e92e24fe6b6647da1eaabe529cec70f) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2023-05-02Bump advanced-security/filter-sarif from 1.0.0 to 1.0.1dependabot[bot]
Bumps [advanced-security/filter-sarif](https://github.com/advanced-security/filter-sarif) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/advanced-security/filter-sarif/releases) - [Commits](https://github.com/advanced-security/filter-sarif/compare/bc96d9fb9338c5b48cc440b1b4d0a350b26a20db...f3b8118a9349d88f7b1c0c488476411145b6270d) --- updated-dependencies: - dependency-name: advanced-security/filter-sarif dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2023-05-01Bump advanced-security/filter-sarifdependabot[bot]
Bumps [advanced-security/filter-sarif](https://github.com/advanced-security/filter-sarif) from eac3ea6a5e1270952681bf7287598a6cd1a4d49d to bc96d9fb9338c5b48cc440b1b4d0a350b26a20db. - [Release notes](https://github.com/advanced-security/filter-sarif/releases) - [Commits](https://github.com/advanced-security/filter-sarif/compare/eac3ea6a5e1270952681bf7287598a6cd1a4d49d...bc96d9fb9338c5b48cc440b1b4d0a350b26a20db) --- updated-dependencies: - dependency-name: advanced-security/filter-sarif dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7768
2023-04-28Bump github/codeql-action from 2.3.0 to 2.3.2dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.0 to 2.3.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/b2c19fb9a2a485599ccf4ed5d65527d94bc57226...f3feb00acb00f31a6f60280e6ace9ca31d91c76a) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2023-04-24Bump github/codeql-action from 2.2.11 to 2.3.0dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.11 to 2.3.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/d186a2a36cc67bfa1b860e6170d37fb9634742c7...b2c19fb9a2a485599ccf4ed5d65527d94bc57226) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7752
2023-04-14Bump actions/checkout from 3.5.0 to 3.5.2dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8f4b7f84864484a7bf31766abe9204da3cbe65b3...8e5e7e5ab8b370d6c329ec480221332ada57f0ab) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7714
2023-04-07Bump github/codeql-action from 2.2.10 to 2.2.11dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.10 to 2.2.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/8c8d71dde4abced210732d8486586914b97752e8...d186a2a36cc67bfa1b860e6170d37fb9634742c7) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7672
2023-04-06Bump github/codeql-action from 2.2.9 to 2.2.10dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.9 to 2.2.10. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/04df1262e6247151b5ac09cd2c303ac36ad3f62b...8c8d71dde4abced210732d8486586914b97752e8) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7668
2023-03-28Bump actions/checkout from 3.4.0 to 3.5.0dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/24cb9080177205b6e8c946b17badbe402adc938f...8f4b7f84864484a7bf31766abe9204da3cbe65b3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7595
2023-03-28Bump github/codeql-action from 2.2.8 to 2.2.9dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.8 to 2.2.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/67a35a08586135a9573f4327e904ecbf517a882d...04df1262e6247151b5ac09cd2c303ac36ad3f62b) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7600
2023-03-23Bump github/codeql-action from 2.2.7 to 2.2.8dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.7 to 2.2.8. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/168b99b3c22180941ae7dbdd5f5c9678ede476ba...67a35a08586135a9573f4327e904ecbf517a882d) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7581
2023-03-17Bump actions/cache from 3.2.6 to 3.3.1dependabot[bot]
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.6 to 3.3.1. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.2.6...88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2023-03-17Bump actions/checkout from 3.3.0 to 3.4.0dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3.3.0...24cb9080177205b6e8c946b17badbe402adc938f) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2023-03-16Bump github/codeql-action from 2.2.6 to 2.2.7dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.6 to 2.2.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/16964e90ba004cdf0cd845b866b5df21038b7723...168b99b3c22180941ae7dbdd5f5c9678ede476ba) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7539
2023-03-13Bump github/codeql-action from 2.2.5 to 2.2.6dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.5 to 2.2.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/32dc499307d133bb5085bae78498c0ac2cf762d5...16964e90ba004cdf0cd845b866b5df21038b7723) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7509
2023-02-28Also ignore dismissed CodeQL alerts at tests and URI libraryHiroshi SHIBATA
2023-02-28Ignore rb/overly-large-range on URIHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7399
2023-02-28Enable only master branch for CodeQL push triggerHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7399
2023-02-28Run CodeQL each PRs againHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7399
2023-02-27[StepSecurity] ci: Harden GitHub ActionsStepSecurity Bot
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Notes: Merged: https://github.com/ruby/ruby/pull/7390
2023-02-27Ignore test case for Kernel and IO methodsHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7387
2023-02-27Rename job and workflow namesHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7388
2023-02-27Use matrix strategies each languageHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7388
2023-02-27Merge codeql-config into codeql-analysisHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7388
2023-02-27Bump github/codeql-action from 2.2.4 to 2.2.5dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 2.2.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...32dc499307d133bb5085bae78498c0ac2cf762d5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7386
2023-02-22Bump actions/cache from 3.2.5 to 3.2.6dependabot[bot]
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.5 to 3.2.6. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/6998d139ddd3e68c71e9e398d8e40b71a2f39812...69d9d449aced6a2ede0bc19182fadc3a0a42d2b0) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7354
2023-02-16Bump actions/cache from 3.2.4 to 3.2.5dependabot[bot]
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.4 to 3.2.5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/627f0f41f6904a5b1efbaed9f96d9eb58e92e920...6998d139ddd3e68c71e9e398d8e40b71a2f39812) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7318
2023-02-16Bump github/codeql-action from 2.2.1 to 2.2.4dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.1 to 2.2.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/3ebbd71c74ef574dbc558c82f70e52732c8b44fe...17573ee1cc1b9d061760f3a006fc4aac4f944fd5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7317
2023-02-01Bump actions/cache from 3.2.2 to 3.2.4dependabot[bot]
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.2 to 3.2.4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/4723a57e26efda3a62cbde1812113b730952852d...627f0f41f6904a5b1efbaed9f96d9eb58e92e920) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7218
2023-02-01Bump github/codeql-action from 2.1.37 to 2.2.1dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.37 to 2.2.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/959cbb7472c4d4ad70cdfe6f4976053fe48ab394...3ebbd71c74ef574dbc558c82f70e52732c8b44fe) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7217
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-19 14:48:21 +0000