dependabot[bot]
08e9a4365f
build(deps): bump github/codeql-action in the github-actions group
...
Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 3.28.18 to 3.28.19
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ff0a06e83c...fca7ace96b
2025-06-06 08:33:23 +00:00
dependabot[bot]
e271c89ee9
build(deps): bump github/codeql-action from 3.28.17 to 3.28.18
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.17 to 3.28.18.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](60168efe1c...ff0a06e83c
2025-05-16 14:46:52 +00:00
dependabot[bot]
cab19e06cb
build(deps): bump github/codeql-action from 3.28.16 to 3.28.17
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.16 to 3.28.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28deaeda66...60168efe1c
2025-05-05 18:33:47 +00:00
dependabot[bot]
04a873bf4d
build(deps): bump github/codeql-action from 3.28.15 to 3.28.16
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.15 to 3.28.16.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](45775bd823...28deaeda66
2025-04-28 19:54:39 +00:00
dependabot[bot]
c5a0be7e75
build(deps): bump github/codeql-action from 3.28.14 to 3.28.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.14 to 3.28.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](fc7e4a0fa0...45775bd823
2025-04-09 12:31:21 -07:00
dependabot[bot]
694f4b3040
build(deps): bump github/codeql-action from 3.28.13 to 3.28.14
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.13 to 3.28.14.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b549b9259...fc7e4a0fa0
2025-04-07 16:30:18 +00:00
dependabot[bot]
f547db6517
build(deps): bump github/codeql-action from 3.28.11 to 3.28.13
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.11 to 3.28.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](6bb031afdd...1b549b9259
2025-03-24 19:04:10 +00:00
dependabot[bot]
2cb7aab67b
build(deps): bump github/codeql-action from 3.28.10 to 3.28.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.10 to 3.28.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b56ba49b26...6bb031afdd
2025-03-10 18:29:49 +00:00
dependabot[bot]
ffa9193e15
build(deps): bump github/codeql-action from 3.28.9 to 3.28.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.9 to 3.28.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](9e8d0789d4...b56ba49b26
2025-02-24 18:45:16 +00:00
dependabot[bot]
5ca3073a7e
build(deps): bump github/codeql-action from 3.28.8 to 3.28.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.8 to 3.28.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](dd746615b3...9e8d0789d4
2025-02-09 00:11:50 +00:00
dependabot[bot]
e15377c2d0
build(deps): bump github/codeql-action from 3.28.5 to 3.28.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.5 to 3.28.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f6091c0113...dd746615b3
2025-02-03 18:43:02 +00:00
dependabot[bot]
2ced12a3c1
build(deps): bump github/codeql-action from 3.28.1 to 3.28.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.1 to 3.28.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b6a472f63d...f6091c0113
2025-01-27 18:14:41 +00:00
dependabot[bot]
dab2d238b0
build(deps): bump github/codeql-action from 3.28.0 to 3.28.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.0 to 3.28.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](48ab28a6f5...b6a472f63d
2025-01-13 18:31:06 +00:00
dependabot[bot]
f640007df9
build(deps): bump github/codeql-action from 3.27.9 to 3.28.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.9 to 3.28.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](df409f7d92...48ab28a6f5
2024-12-21 16:56:54 +00:00
Patrick Linnane
4d52f24886
workflows: fix mis-pinned codeql-action hashes
...
Signed-off-by: Patrick Linnane <patrick@linnane.io>
2024-12-13 21:00:47 -08:00
Patrick Linnane
56e41319f2
workflows: use full version numbers
...
Signed-off-by: Patrick Linnane <patrick@linnane.io>
2024-12-12 21:26:46 -08:00
Michka Popoff
2f73ca19b6
ci: move to ubuntu latest
...
Add coverage test using ubuntu 24.04
Not changing the default build CI version for core yet.
2024-11-03 22:55:30 +01:00
Carlo Cabrera
2ec174ffb7
workflows: fix artipacked warning
...
Fixes https://github.com/Homebrew/brew/security/code-scanning/32
Fixes https://github.com/Homebrew/brew/security/code-scanning/33
Fixes https://github.com/Homebrew/brew/security/code-scanning/42
2024-10-30 22:29:01 +08:00
dependabot[bot]
9ccd3e1de1
build(deps): bump actions/checkout from 4.2.1 to 4.2.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](eef61447b9...11bd71901b
2024-10-23 18:19:06 +00:00
dependabot[bot]
5e94280d87
build(deps): bump github/codeql-action from 3.26.13 to 3.27.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.13 to 3.27.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f779452ac5...662472033e
2024-10-22 17:08:33 +00:00
dependabot[bot]
832356bafa
build(deps): bump github/codeql-action from 3.26.12 to 3.26.13
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.12 to 3.26.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c36620d31a...f779452ac5
2024-10-14 19:19:37 +00:00
Ruoyu Zhong
403a99ad8f
Merge pull request #18526 from Homebrew/dependabot/github_actions/github/codeql-action-3.26.12
...
build(deps): bump github/codeql-action from 3.26.11 to 3.26.12
2024-10-08 02:58:28 +08:00
dependabot[bot]
5ac829ac62
build(deps): bump github/codeql-action from 3.26.11 to 3.26.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.11 to 3.26.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](6db8d6351f...c36620d31a
2024-10-07 18:20:35 +00:00
dependabot[bot]
b212bb496b
build(deps): bump actions/checkout from 4.2.0 to 4.2.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...eef61447b9
2024-10-07 18:20:29 +00:00
dependabot[bot]
9fd0d9e720
build(deps): bump github/codeql-action from 3.26.10 to 3.26.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.10 to 3.26.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e2b3eafc8d...6db8d6351f
2024-10-04 13:59:37 +00:00
dependabot[bot]
547a0ce54c
build(deps): bump github/codeql-action from 3.26.9 to 3.26.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.9 to 3.26.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](461ef6c76d...e2b3eafc8d
2024-09-30 18:46:10 +00:00
dependabot[bot]
2ba8f93bbe
build(deps): bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
2024-09-25 18:11:59 +00:00
dependabot[bot]
788c6ba5c7
build(deps): bump github/codeql-action from 3.26.8 to 3.26.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.8 to 3.26.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](294a9d9291...461ef6c76d
2024-09-24 18:01:39 +00:00
Carlo Cabrera
40567115a3
workflows: use set -xeuo pipefail globally
...
This makes it easier to avoid subtle shell script bugs.
2024-09-22 19:56:20 +08:00
dependabot[bot]
823c6bf581
build(deps): bump github/codeql-action from 3.26.7 to 3.26.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.7 to 3.26.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8214744c54...294a9d9291
2024-09-19 15:44:48 +00:00
dependabot[bot]
bd8d718889
build(deps): bump github/codeql-action from 3.26.6 to 3.26.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.6 to 3.26.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4dd16135b6...8214744c54
2024-09-13 14:59:18 +00:00
dependabot[bot]
c66e5023d3
build(deps): bump github/codeql-action from 3.26.5 to 3.26.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.5 to 3.26.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2c779ab0d0...4dd16135b6
2024-08-29 18:11:07 +00:00
dependabot[bot]
46d8228db8
build(deps): bump github/codeql-action from 3.26.4 to 3.26.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.4 to 3.26.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f0f3afee80...2c779ab0d0
2024-08-25 14:54:25 +00:00
dependabot[bot]
2a94fee6b9
build(deps): bump github/codeql-action from 3.26.3 to 3.26.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.3 to 3.26.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](883d8588e5...f0f3afee80
2024-08-22 17:46:50 +00:00
dependabot[bot]
fa9d204b30
build(deps): bump github/codeql-action from 3.26.2 to 3.26.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.2 to 3.26.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](429e197704...883d8588e5
2024-08-19 18:24:14 +00:00
dependabot[bot]
10249bd4e1
build(deps): bump github/codeql-action from 3.26.0 to 3.26.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.0 to 3.26.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](eb055d739a...429e197704
2024-08-14 18:05:36 +00:00
dependabot[bot]
a6328c5062
build(deps): bump github/codeql-action from 3.25.15 to 3.26.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.15 to 3.26.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](afb54ba388...eb055d739a
2024-08-06 18:38:21 +00:00
dependabot[bot]
0cdf1132b1
build(deps): bump github/codeql-action from 3.25.14 to 3.25.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.14 to 3.25.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5cf07d8b70...afb54ba388
2024-07-26 15:15:32 +00:00
dependabot[bot]
e115290ea8
build(deps): bump github/codeql-action from 3.25.13 to 3.25.14
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.13 to 3.25.14.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2d790406f5...5cf07d8b70
2024-07-25 16:23:53 +00:00
dependabot[bot]
63fcd1d2d6
build(deps): bump github/codeql-action from 3.25.12 to 3.25.13
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.12 to 3.25.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4fa2a79536...2d790406f5
2024-07-19 18:47:33 +00:00
dependabot[bot]
95310d8c65
build(deps): bump github/codeql-action
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 319cdb9fa619417d07cc37a964f0502bfbc5e8a9 to 4fa2a7953630fd2f3fb380f21be14ede0169dd4f.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](319cdb9fa6...4fa2a79536
2024-07-13 21:17:29 +00:00
Thierry Moisan
e2e9565984
workflows: pin actions
2024-07-13 10:50:43 -04:00
Issy Long
ab7b3e2909
ci/codeql: Fix inconsistent indentation
2024-01-19 22:39:03 +00:00
Issy Long
906a3dcf74
ci/codeql: Put the ignored paths directly into the workflow
...
https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-configuration-details-using-the-config-input
2024-01-19 22:30:54 +00:00
dependabot[bot]
18f63869be
build(deps): bump github/codeql-action from 2 to 3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 18:23:57 +00:00
dependabot[bot]
39d07d2159
build(deps): bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-04 18:22:16 +00:00
Shaun Jackman
0de4282511
CI: Use ubuntu-22.04 rather than ubuntu-latest (ubuntu-20.04)
...
Use ubuntu-22.04 for the CI tests rather than ubuntu-latest,
which is currently ubuntu-20.04.
2022-09-06 14:16:16 +01:00
Issy Long
6dd6758824
workflows/codeql: Improve branch triggers and remove fail-fast
...
Co-authored-by: Mike McQuaid <mike@mikemcquaid.com>
2022-04-18 15:17:17 +01:00
Issy Long
0016baa1cd
workflows/codeql: Don't run on schedule, and no need for a matrix
...
- These were the defaults generated when I clicked the "enable Code
Scanning" button on GitHub, but...
- Since we only have Ruby in this repo, we don't need a matrix, we can
just specify `languages: ruby`.
- And this repo gets enough usage that the schedule is not very useful -
who would look at the scheduled run vs. it running every day on PRs?
2022-04-15 17:36:18 +01:00
Issy Long
266daffbd1
workflows: Add Code Scanning
...
- https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning
- I just joined the Code Scanning team at work and I figured I'd test out the actual product in the real world by seeing what things it points out for Homebrew, a reasonably large Ruby project.
- This adds a config file to exclude `Library/Homebrew/vendor` as we can't fix problems within gems. :-)
2022-04-15 15:24:49 +01:00
