From c3455c55c1eca92492f511e20f52b4cc9ed44afd Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 1 Dec 2025 09:50:22 +0000 Subject: [PATCH 1/8] Update changelog and version after v4.31.6 --- CHANGELOG.md | 4 ++++ package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5fe221f689..e305995c25 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. +## [UNRELEASED] + +No user facing changes. + ## 4.31.6 - 01 Dec 2025 No user facing changes. diff --git a/package-lock.json b/package-lock.json index c24715d343..c7cd50c880 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "4.31.6", + "version": "4.31.7", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "4.31.6", + "version": "4.31.7", "license": "MIT", "dependencies": { "@actions/artifact": "^4.0.0", diff --git a/package.json b/package.json index 14f1e770e6..60eb70ed7e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "4.31.6", + "version": "4.31.7", "private": true, "description": "CodeQL action", "scripts": { From c1ca379fc0b6429602e9a3f43c60ac0bb355636f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 1 Dec 2025 09:55:25 +0000 Subject: [PATCH 2/8] Rebuild --- lib/analyze-action-post.js | 2 +- lib/analyze-action.js | 2 +- lib/autobuild-action.js | 2 +- lib/init-action-post.js | 2 +- lib/init-action.js | 2 +- lib/resolve-environment-action.js | 2 +- lib/setup-codeql-action.js | 2 +- lib/start-proxy-action-post.js | 2 +- lib/start-proxy-action.js | 2 +- lib/upload-lib.js | 2 +- lib/upload-sarif-action-post.js | 2 +- lib/upload-sarif-action.js | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index 2dd4d601dd..b4ee3c8d5b 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 1ee89a8320..1ba7f39e93 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 520a42f6a9..10b30f64d5 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 841e2eaabc..b6a4215af5 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action.js b/lib/init-action.js index 05ee04747a..8f5b7f8871 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 4eee8e6ca3..6e159d31a4 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 019d53e311..74b84a122f 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 95c4a1ffd5..d4e01eebae 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 271c38e7ec..e129f29d40 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -47321,7 +47321,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 5c04f54973..4f3f1fa46b 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -28924,7 +28924,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 5fb0b0d77d..05450fa648 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 09f6f8d53e..ba2c9118cf 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.6", + version: "4.31.7", private: true, description: "CodeQL action", scripts: { From 43224eb34e6efd92aee9cf38e9f97e15518511be Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Dec 2025 18:30:33 +0000 Subject: [PATCH 3/8] Bump @eslint/eslintrc from 3.3.1 to 3.3.3 in the npm-minor group Bumps the npm-minor group with 1 update: [@eslint/eslintrc](https://github.com/eslint/eslintrc). Updates `@eslint/eslintrc` from 3.3.1 to 3.3.3 - [Release notes](https://github.com/eslint/eslintrc/releases) - [Changelog](https://github.com/eslint/eslintrc/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslintrc/compare/v3.3.1...eslintrc-v3.3.3) --- updated-dependencies: - dependency-name: "@eslint/eslintrc" dependency-version: 3.3.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-minor ... Signed-off-by: dependabot[bot] --- package-lock.json | 11 ++++++----- package.json | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index c7cd50c880..8cc15a5f5c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -35,7 +35,7 @@ "devDependencies": { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", @@ -1449,10 +1449,11 @@ } }, "node_modules/@eslint/eslintrc": { - "version": "3.3.1", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.3.1.tgz", - "integrity": "sha512-gtF186CXhIl1p4pJNGZw8Yc6RlshoePRvE0X91oPGb3vZ8pM3qOS9W9NGPat9LziaBV7XrJWGylNQXkGcnM3IQ==", + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.3.3.tgz", + "integrity": "sha512-Kr+LPIUVKz2qkx1HAMH8q1q6azbqBAsXJUxBl/ODDuVPX45Z9DfwB8tPjTi6nNZ8BuM3nbJxC5zCAg5elnBUTQ==", "dev": true, + "license": "MIT", "dependencies": { "ajv": "^6.12.4", "debug": "^4.3.2", @@ -1460,7 +1461,7 @@ "globals": "^14.0.0", "ignore": "^5.2.0", "import-fresh": "^3.2.1", - "js-yaml": "^4.1.0", + "js-yaml": "^4.1.1", "minimatch": "^3.1.2", "strip-json-comments": "^3.1.1" }, diff --git a/package.json b/package.json index 60eb70ed7e..32ea9facb1 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,7 @@ "devDependencies": { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", From ce27e95f791dfda287706648ff69d9226c4526c2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 1 Dec 2025 18:32:19 +0000 Subject: [PATCH 4/8] Rebuild --- lib/analyze-action-post.js | 2 +- lib/analyze-action.js | 2 +- lib/autobuild-action.js | 2 +- lib/init-action-post.js | 2 +- lib/init-action.js | 2 +- lib/resolve-environment-action.js | 2 +- lib/setup-codeql-action.js | 2 +- lib/start-proxy-action-post.js | 2 +- lib/start-proxy-action.js | 2 +- lib/upload-lib.js | 2 +- lib/upload-sarif-action-post.js | 2 +- lib/upload-sarif-action.js | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index b4ee3c8d5b..88d0665c53 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -27677,7 +27677,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 1ba7f39e93..129b7b56fa 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -27677,7 +27677,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 10b30f64d5..7f856290fe 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -27677,7 +27677,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/init-action-post.js b/lib/init-action-post.js index b6a4215af5..88c0ecbc7b 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -27677,7 +27677,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/init-action.js b/lib/init-action.js index 8f5b7f8871..fa23150d9e 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -27677,7 +27677,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 6e159d31a4..95681d88aa 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -27677,7 +27677,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 74b84a122f..e8c5332995 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -27677,7 +27677,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index d4e01eebae..ac38fef38e 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -27677,7 +27677,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index e129f29d40..4c3262559f 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -47371,7 +47371,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 4f3f1fa46b..1fc9f8f082 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -28974,7 +28974,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 05450fa648..ab66301a4b 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -27677,7 +27677,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index ba2c9118cf..3bdcaf23e9 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -27677,7 +27677,7 @@ var require_package = __commonJS({ devDependencies: { "@ava/typescript": "6.0.0", "@eslint/compat": "^2.0.0", - "@eslint/eslintrc": "^3.3.1", + "@eslint/eslintrc": "^3.3.3", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^16.0.0", From d61a6fa793c84c98e08555552b4b9c6374665d24 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Wed, 3 Dec 2025 12:05:17 +0000 Subject: [PATCH 5/8] Update CLI config test to account for overlay db changes on PRs --- .github/workflows/codescanning-config-cli.yml | 22 ++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codescanning-config-cli.yml b/.github/workflows/codescanning-config-cli.yml index 3c97239d5d..2f4b67cc1f 100644 --- a/.github/workflows/codescanning-config-cli.yml +++ b/.github/workflows/codescanning-config-cli.yml @@ -70,13 +70,33 @@ jobs: with: version: ${{ matrix.version }} - - name: Empty file + # On PRs, overlay analysis may change the config that is passed to the CLI. + # Therefore, we have two variants of the following test, one for PRs and one for other events. + - name: Empty file (non-PR) + if: github.event_name != 'pull_request' uses: ./../action/.github/actions/check-codescanning-config with: expected-config-file-contents: "{}" languages: javascript tools: ${{ steps.prepare-test.outputs.tools-url }} + - name: Empty file (PR) + if: github.event_name == 'pull_request' + uses: ./../action/.github/actions/check-codescanning-config + with: + expected-config-file-contents: | + { + "query-filters": [ + { + "exclude": { + "tags": "exclude-from-incremental" + } + } + ] + } + languages: javascript + tools: ${{ steps.prepare-test.outputs.tools-url }} + - name: Packs from input if: success() || failure() uses: ./../action/.github/actions/check-codescanning-config From ac34c1383489d3ac7641a26c5fbbf8ec5112f4fc Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 5 Dec 2025 13:39:45 +0000 Subject: [PATCH 6/8] Update default bundle to codeql-bundle-v2.23.7 --- lib/analyze-action.js | 4 ++-- lib/autobuild-action.js | 4 ++-- lib/defaults.json | 8 ++++---- lib/init-action-post.js | 4 ++-- lib/init-action.js | 4 ++-- lib/setup-codeql-action.js | 4 ++-- lib/start-proxy-action.js | 4 ++-- lib/upload-lib.js | 4 ++-- lib/upload-sarif-action.js | 4 ++-- src/defaults.json | 8 ++++---- 10 files changed, 24 insertions(+), 24 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 129b7b56fa..95d689b058 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -88211,8 +88211,8 @@ var path4 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.6"; -var cliVersion = "2.23.6"; +var bundleVersion = "codeql-bundle-v2.23.7"; +var cliVersion = "2.23.7"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 7f856290fe..58ebe893fe 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -83701,8 +83701,8 @@ var path3 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.6"; -var cliVersion = "2.23.6"; +var bundleVersion = "codeql-bundle-v2.23.7"; +var cliVersion = "2.23.7"; // src/overlay-database-utils.ts var fs2 = __toESM(require("fs")); diff --git a/lib/defaults.json b/lib/defaults.json index 835b6a33b4..04929fab3e 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.23.6", - "cliVersion": "2.23.6", - "priorBundleVersion": "codeql-bundle-v2.23.5", - "priorCliVersion": "2.23.5" + "bundleVersion": "codeql-bundle-v2.23.7", + "cliVersion": "2.23.7", + "priorBundleVersion": "codeql-bundle-v2.23.6", + "priorCliVersion": "2.23.6" } diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 88c0ecbc7b..1dc7861144 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -123084,8 +123084,8 @@ var path4 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.6"; -var cliVersion = "2.23.6"; +var bundleVersion = "codeql-bundle-v2.23.7"; +var cliVersion = "2.23.7"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/lib/init-action.js b/lib/init-action.js index fa23150d9e..94cb71839a 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -85635,8 +85635,8 @@ var path5 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.6"; -var cliVersion = "2.23.6"; +var bundleVersion = "codeql-bundle-v2.23.7"; +var cliVersion = "2.23.7"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index e8c5332995..757a371df9 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -83589,8 +83589,8 @@ var path4 = __toESM(require("path")); var semver3 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.6"; -var cliVersion = "2.23.6"; +var bundleVersion = "codeql-bundle-v2.23.7"; +var cliVersion = "2.23.7"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 4c3262559f..7d282a3d29 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -99720,8 +99720,8 @@ function getActionsLogger() { var core7 = __toESM(require_core()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.6"; -var cliVersion = "2.23.6"; +var bundleVersion = "codeql-bundle-v2.23.7"; +var cliVersion = "2.23.7"; // src/languages.ts var KnownLanguage = /* @__PURE__ */ ((KnownLanguage2) => { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 1fc9f8f082..421bf23ebc 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -86724,8 +86724,8 @@ var path4 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.6"; -var cliVersion = "2.23.6"; +var bundleVersion = "codeql-bundle-v2.23.7"; +var cliVersion = "2.23.7"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 3bdcaf23e9..d0f6b08e23 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -86505,8 +86505,8 @@ var path4 = __toESM(require("path")); var semver3 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.6"; -var cliVersion = "2.23.6"; +var bundleVersion = "codeql-bundle-v2.23.7"; +var cliVersion = "2.23.7"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/src/defaults.json b/src/defaults.json index 835b6a33b4..04929fab3e 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.23.6", - "cliVersion": "2.23.6", - "priorBundleVersion": "codeql-bundle-v2.23.5", - "priorCliVersion": "2.23.5" + "bundleVersion": "codeql-bundle-v2.23.7", + "cliVersion": "2.23.7", + "priorBundleVersion": "codeql-bundle-v2.23.6", + "priorCliVersion": "2.23.6" } From a2c01e776e434421d4f8cba239abb06ec9713e92 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 5 Dec 2025 13:39:53 +0000 Subject: [PATCH 7/8] Add changelog note --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e305995c25..e9c101e1a5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th ## [UNRELEASED] -No user facing changes. +- Update default CodeQL bundle version to 2.23.7. [#3343](https://github.com/github/codeql-action/pull/3343) ## 4.31.6 - 01 Dec 2025 From f4ebe95061f10e93e9d301f51ed59c37fc67acde Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 5 Dec 2025 15:18:53 +0000 Subject: [PATCH 8/8] Update changelog for v4.31.7 --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e9c101e1a5..bd5fb920f6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. -## [UNRELEASED] +## 4.31.7 - 05 Dec 2025 - Update default CodeQL bundle version to 2.23.7. [#3343](https://github.com/github/codeql-action/pull/3343)