Sourced from github/codeql-action's changelog.
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
Note that the only difference between
v2
andv3
of the CodeQL Action is the node version they support, withv3
running on node 20 while we continue to releasev2
to support running on node 16. For example3.22.11
was the firstv3
release and is functionally identical to2.22.11
. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.[UNRELEASED]
No user facing changes.
3.26.6 - 29 Aug 2024
- Update default CodeQL bundle version to 2.18.3. #2449
3.26.5 - 23 Aug 2024
- Fix an issue where the
csrutil
system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. #24413.26.4 - 21 Aug 2024
- Deprecation: The
add-snippets
input on theanalyze
Action is deprecated and will be removed in the first release in August 2025. #2436- Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. #2434
3.26.3 - 19 Aug 2024
- Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. #2430
3.26.2 - 14 Aug 2024
- Update default CodeQL bundle version to 2.18.2. #2417
3.26.1 - 13 Aug 2024
No user facing changes.
3.26.0 - 06 Aug 2024
- Deprecation: Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. #2403
- Bump the minimum CodeQL bundle version to 2.13.5. #2408
3.25.15 - 26 Jul 2024
- Update default CodeQL bundle version to 2.18.1. #2385
3.25.14 - 25 Jul 2024
- Experimental: add a new
start-proxy
action which starts the same HTTP proxy as used bygithub/dependabot-action
. Do not use this in production as it is part of an internal experiment and subject to change at any time. #23763.25.13 - 19 Jul 2024
... (truncated)
4dd1613
Merge pull request #2452
from github/update-v3.26.6-7233ec5e6dd9dd2d
Update changelog for v3.26.67233ec5
Merge pull request #2449
from github/update-bundle/codeql-bundle-v2.18.3a32c44d
Add changelog note2966897
Update default bundle to codeql-bundle-v2.18.3b8efe4d
Merge pull request #2435
from github/update-supported-enterprise-server-versionsab408a8
Merge branch 'main' into
update-supported-enterprise-server-versions864b979
Merge pull request #2443
from github/dbartol/config-file-telemetryd36c7aa
Merge pull request #2448
from github/dependabot/npm_and_yarn/npm-09b7c43f6bb3bf514
Update checked-in dependenciesSourced from actions/upload-artifact's releases.
v4.4.0
Notice: Breaking Changes :warning:
We will no longer include hidden files and folders by default in the
upload-artifact
action of this version. This reduces the risk that credentials are accidentally uploaded into artifacts. Customers who need to continue to upload these files can use a new option,include-hidden-files
, to continue to do so.See "Notice of upcoming deprecations and breaking changes in GitHub Actions runners" changelog and this issue for more details.
What's Changed
- Exclude hidden files by default by
@joshmgross
in actions/upload-artifact#598Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0
5076954
Merge pull request #598
from actions/joshmgross/exclude-hidden-filesd52396a
Add a warning about enabling include-hidden-files
710f362
Remove "merged" from include-hidden-files
input
description3b315f2
npm run release
again 🙂3be2180
Remove another trailing comma453e8d0
Update glob license0a398c1
npm run release
a0c40cf
Update to latest @actions/glob
and fix testsacb59e4
lint
cb6558b
Exclude hidden files by defaultSourced from slackapi/slack-github-action's releases.
Slack Send V1.27.0
What's changed
This release introduces an optional
payload-delimiter
parameter for flattening nested objects with a customized delimiter before the payload is sent to Slack Workflow Builder when using workflow webhook triggers.- name: Send a custom flattened payload uses: slackapi/slack-github-action@v1.27.0 + with: + payload-delimiter: "_" env: SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
Setting this value to an underscore (
_
) is recommended when using nested inputs within Workflow Builder to match expected input formats of Workflow Builder, but the actual value can be changed to something else! This "flattening" behavior did exist prior to this version, but used a period (.
) which is not valid for webook inputs in Workflow Builder.The resulting output of flattened objects is not always clear, but the following can hopefully serve as a quick reference as well as these specs when using
_
as the delimiter:Input:
{ "apples": "tree", "bananas": { "truthiness": true } }
Output:
{ "apples": "tree", "bananas_truthiness": "true" }
Notice that
bananas_truthiness
is also stringified in this process, as part of updating values to match the expected inputs of Workflow Builder!Changes
In addition to the changes above, the following lists all of the changes since the prior version with the complete changelog changes found here: https://github.com/slackapi/slack-github-action/compare/v1.26.0...v1.27.0
🎁 Enhancements
... (truncated)
37ebaef
Automatic compilation5d1fb07
chore(release): tag version 1.27.03bc0671
chore(deps): bump axios to 1.7.5 (#332)b452451
feat: make the payload delimiter configurable for workflow webhook
triggers (...c50e848
build(deps-dev): bump mocha from 10.5.2 to 10.7.0 (#328)e4a9c4b
build(deps): bump @slack/web-api
from 7.2.0 to 7.3.2 (#327)9a7f0fa
build(deps-dev): bump chai from 4.4.1 to 4.5.0 (#326)73b7062
build(deps-dev): bump eslint-plugin-jsdoc from 48.5.0 to 48.10.2 (#325)3d5207b
build(deps): bump https-proxy-agent from 7.0.4 to 7.0.5 (#320)4e15b6a
build(deps): bump @slack/web-api
from 7.0.4 to 7.2.0 (#323)