Sourced from github/codeql-action's changelog.
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
Note that the only difference between
v2
andv3
of the CodeQL Action is the node version they support, withv3
running on node 20 while we continue to releasev2
to support running on node 16. For example3.22.11
was the firstv3
release and is functionally identical to2.22.11
. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.[UNRELEASED]
No user facing changes.
3.25.1 - 17 Apr 2024
- We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the
autobuild
build mode. #2235- Fix a bug where the
init
Action would fail if--overwrite
was specified inCODEQL_ACTION_EXTRA_OPTIONS
. #22453.25.0 - 15 Apr 2024
The deprecated feature for extracting dependencies for a Python analysis has been removed. #2224
As a result, the following inputs and environment variables are now ignored:
- The
setup-python-dependencies
input to theinit
Action- The
CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION
environment variableWe recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.
Automatically overwrite an existing database if found on the filesystem. #2229
Bump the minimum CodeQL bundle version to 2.12.6. #2232
A more relevant log message and a diagnostic are now emitted when the
file
program is not installed on a Linux runner, but is required for Go tracing to succeed. #22343.24.10 - 05 Apr 2024
- Update default CodeQL bundle version to 2.17.0. #2219
- Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. #2220
- If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
- Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace
github/codeql-action/*@v3
bygithub/codeql-action/*@v3.24.10
andgithub/codeql-action/*@v2
bygithub/codeql-action/*@v2.24.10
in your code scanning workflow to ensure you continue using this version of the CodeQL Action.3.24.9 - 22 Mar 2024
- Update default CodeQL bundle version to 2.16.5. #2203
3.24.8 - 18 Mar 2024
- Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. #2195
3.24.7 - 12 Mar 2024
- Update default CodeQL bundle version to 2.16.4. #2185
3.24.6 - 29 Feb 2024
... (truncated)
c7f9125
Merge pull request #2248 from github/update-v3.25.1-c4fb451431c7e8b2
Update changelog for v3.25.1c4fb451
Merge pull request #2245 from github/henrymercer/ignore-already-specified-flags556b3bc
Add changelog noteef66aea
Merge branch 'main' into henrymercer/ignore-already-specified-flags9b87e0a
Merge pull request #2241 from github/nickfyson/speculative-script-fix18111b6
Merge pull request #2235 from github/henrymercer/autobuild-with-direct-tracingade98b9
Ensure --overwrite
flag is only passed once8566d50
Add regression test for double --overwrite
453a956
Merge pull request #2243 from github/dependabot/npm_and_yarn/npm-9b31496ffc