summaryrefslogtreecommitdiff
path: root/.github/workflows/codeql-analysis.yml
AgeCommit message (Collapse)Author
2023-03-17Bump actions/checkout from 3.3.0 to 3.4.0dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3.3.0...24cb9080177205b6e8c946b17badbe402adc938f) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2023-03-16Bump github/codeql-action from 2.2.6 to 2.2.7dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.6 to 2.2.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/16964e90ba004cdf0cd845b866b5df21038b7723...168b99b3c22180941ae7dbdd5f5c9678ede476ba) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7539
2023-03-13Bump github/codeql-action from 2.2.5 to 2.2.6dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.5 to 2.2.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/32dc499307d133bb5085bae78498c0ac2cf762d5...16964e90ba004cdf0cd845b866b5df21038b7723) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7509
2023-02-28Also ignore dismissed CodeQL alerts at tests and URI libraryHiroshi SHIBATA
2023-02-28Ignore rb/overly-large-range on URIHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7399
2023-02-28Enable only master branch for CodeQL push triggerHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7399
2023-02-28Run CodeQL each PRs againHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7399
2023-02-27[StepSecurity] ci: Harden GitHub ActionsStepSecurity Bot
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Notes: Merged: https://github.com/ruby/ruby/pull/7390
2023-02-27Ignore test case for Kernel and IO methodsHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7387
2023-02-27Rename job and workflow namesHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7388
2023-02-27Use matrix strategies each languageHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7388
2023-02-27Merge codeql-config into codeql-analysisHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/7388
2023-02-27Bump github/codeql-action from 2.2.4 to 2.2.5dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 2.2.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...32dc499307d133bb5085bae78498c0ac2cf762d5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7386
2023-02-22Bump actions/cache from 3.2.5 to 3.2.6dependabot[bot]
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.5 to 3.2.6. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/6998d139ddd3e68c71e9e398d8e40b71a2f39812...69d9d449aced6a2ede0bc19182fadc3a0a42d2b0) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7354
2023-02-16Bump actions/cache from 3.2.4 to 3.2.5dependabot[bot]
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.4 to 3.2.5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/627f0f41f6904a5b1efbaed9f96d9eb58e92e920...6998d139ddd3e68c71e9e398d8e40b71a2f39812) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7318
2023-02-16Bump github/codeql-action from 2.2.1 to 2.2.4dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.1 to 2.2.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/3ebbd71c74ef574dbc558c82f70e52732c8b44fe...17573ee1cc1b9d061760f3a006fc4aac4f944fd5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7317
2023-02-01Bump actions/cache from 3.2.2 to 3.2.4dependabot[bot]
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.2 to 3.2.4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/4723a57e26efda3a62cbde1812113b730952852d...627f0f41f6904a5b1efbaed9f96d9eb58e92e920) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7218
2023-02-01Bump github/codeql-action from 2.1.37 to 2.2.1dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.37 to 2.2.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/959cbb7472c4d4ad70cdfe6f4976053fe48ab394...3ebbd71c74ef574dbc558c82f70e52732c8b44fe) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7217
2023-02-01Bump actions/checkout from 3.2.0 to 3.3.0dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/755da8c3cf115ac066823e79a1e1788f8940201b...ac593985615ec2ede58e132d2e21d2b1cbd6127c) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7215
2023-01-03Bump actions/cache from 3.2.0 to 3.2.2dependabot[bot]
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.0 to 3.2.2. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/c17f4bf4666a8001b1a45c09eb7a485c41aa64c3...4723a57e26efda3a62cbde1812113b730952852d) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7049
2022-12-23Bump actions/checkout from 3.1.0 to 3.2.0dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8...755da8c3cf115ac066823e79a1e1788f8940201b) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7003
2022-12-23Bump actions/cache from 3.0.11 to 3.2.0dependabot[bot]
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.0. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7...c17f4bf4666a8001b1a45c09eb7a485c41aa64c3) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7000
2022-12-23Bump github/codeql-action from 2.1.35 to 2.1.37dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.35 to 2.1.37. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/b2a92eb56d8cb930006a1c6ed86b0782dd8a4297...959cbb7472c4d4ad70cdfe6f4976053fe48ab394) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/7001
2022-12-20Ignore man directories entirely [ci skip]Nobuyoshi Nakada
2022-12-05Bump github/codeql-action from 2.1.33 to 2.1.35dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.33 to 2.1.35. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2.1.33...b2a92eb56d8cb930006a1c6ed86b0782dd8a4297) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/6860
2022-11-30Enable to dispatch Code scanning [ci skip]Nobuyoshi Nakada
2022-11-28[StepSecurity] ci: Harden GitHub ActionsStepSecurity Bot
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Notes: Merged: https://github.com/ruby/ruby/pull/6811
2022-11-25[StepSecurity] ci: Harden GitHub ActionsStepSecurity Bot
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Notes: Merged: https://github.com/ruby/ruby/pull/6810
2022-11-03Run only daily schedule because CodeQL provides a lot of false-positive ↵Hiroshi SHIBATA
results for Ruby code
2022-10-18Ignore manual files only commits [ci skip]Nobuyoshi Nakada
2022-10-16Do not run CodeQL on dependabot PRsTakashi Kokubun
2022-08-22Ignore `.document` only commits [ci skip]Nobuyoshi Nakada
2022-06-19Skip CIs if the head commit message contains '[DOC]'Nobuyoshi Nakada
2022-05-02Bump github/codeql-action from 1 to 2dependabot[bot]
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v1...v2) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/5868
2022-03-24Bump actions/checkout from 2 to 3dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/5704
2022-03-24Bump actions/cache from 2 to 3dependabot[bot]
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3. - [Release notes](https://github.com/actions/cache/releases) - [Commits](https://github.com/actions/cache/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Notes: Merged: https://github.com/ruby/ruby/pull/5705
2021-12-18Skip tests on pull requests labeled as DocumentationNobuyoshi Nakada
Notes: Merged: https://github.com/ruby/ruby/pull/5293
2021-12-16[DOC] Skip tests if only documents change [ci skip]Nobuyoshi Nakada
Run only checks for source code. Currently, our CIs do almost nothing about the documents.
2021-12-02Cache downloaded filesNobuyoshi Nakada
Cache downloaded external libraries/gems, which are expected not changed so frequently. Also sometimes downloading from zlib returns the current time as the date header in unexpected format, and checksums mismatch at that time. Notes: Merged: https://github.com/ruby/ruby/pull/5201 Merged-By: nobu <nobu@ruby-lang.org>
2021-11-21Throttle pull-requests only [ci skip]Nobuyoshi Nakada
2021-11-18Throttle GitHub Actions [ci skip]Nobuyoshi Nakada
As GitHub Actions are choking a lot lately, throttle the checks down to the latest commit only per branches.
2021-10-29Skip CodeQL if only document files changed [ci skip]Nobuyoshi Nakada
2021-10-14Disable install-doc at CodeQLNobuyoshi Nakada
2021-10-14Set GNUMAKEFLAGS at CodeQLNobuyoshi Nakada
2021-08-02Use codeql-config.yml for codeql-action/initHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/4702
2021-08-02Removed unnecessary configuration for the latest version of actions/checkoutHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/4702
2021-07-01Remove gdbm/dbm related code from CIJeremy Evans
The related extensions have been removed. Notes: Merged: https://github.com/ruby/ruby/pull/4619
2021-03-08Removed HEAD^2 checkout to suppress a CodeQL annotation [ci skip]Nobuyoshi Nakada
2020-08-01Remove obsolete rubygems fileNobuyoshi Nakada
Fixes a weird error in CodeQL autobuild.
2020-07-03Ignore conftest.c under the ext directories for CodeQL analysisHiroshi SHIBATA
Notes: Merged: https://github.com/ruby/ruby/pull/3280
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-14 22:15:35 +0000