Sourced from github/codeql-action's releases.
v3.27.2
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
Note that the only difference between
v2
andv3
of the CodeQL Action is the node version they support, withv3
running on node 20 while we continue to releasev2
to support running on node 16. For example3.22.11
was the firstv3
release and is functionally identical to2.22.11
. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.3.27.2 - 12 Nov 2024
- Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". #2590
See the full CHANGELOG.md for more information.
Sourced from github/codeql-action's changelog.
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
Note that the only difference between
v2
andv3
of the CodeQL Action is the node version they support, withv3
running on node 20 while we continue to releasev2
to support running on node 16. For example3.22.11
was the firstv3
release and is functionally identical to2.22.11
. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.[UNRELEASED]
No user facing changes.
3.27.2 - 12 Nov 2024
- Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". #2590
3.27.1 - 08 Nov 2024
- The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. #2573
- Update default CodeQL bundle version to 2.19.3. #2576
3.27.0 - 22 Oct 2024
- Bump the minimum CodeQL bundle version to 2.14.6. #2549
- Fix an issue where the
upload-sarif
Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by theupload-sarif
Action. #2557- Update default CodeQL bundle version to 2.19.2. #2552
3.26.13 - 14 Oct 2024
No user facing changes.
3.26.12 - 07 Oct 2024
Upcoming breaking change: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. #2520
If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace
github/codeql-action/*@v3
bygithub/codeql-action/*@v3.26.11
andgithub/codeql-action/*@v2
bygithub/codeql-action/*@v2.26.11
in your code scanning workflow to ensure you continue using this version of the CodeQL Action.3.26.11 - 03 Oct 2024
Upcoming breaking change: Add support for using
actions/download-artifact@v4
to programmatically consume CodeQL Action debug artifacts.Starting November 30, 2024, GitHub.com customers will no longer be able to use
actions/download-artifact@v3
. Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set theCODEQL_ACTION_ARTIFACT_V4_UPGRADE
environment variable totrue
and bumpactions/download-artifact@v3
toactions/download-artifact@v4
in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped toactions/download-artifact@v3
toactions/download-artifact@v4
will begin failing then.This change is currently unavailable for GitHub Enterprise Server customers, as
actions/upload-artifact@v4
andactions/download-artifact@v4
are not yet compatible with GHES.Update default CodeQL bundle version to 2.19.1. #2519
3.26.10 - 30 Sep 2024
... (truncated)
9278e42
Merge pull request #2594
from github/update-v3.27.2-02167d77fd6b248d
Update changelog for v3.27.202167d7
Merge pull request #2590
from github/henrymercer/fix-empty-header4dc1519
Merge pull request #2592
from github/dependabot/npm_and_yarn/npm-f77baa08ef7deb17e
Merge branch 'main' into dependabot/npm_and_yarn/npm-f77baa08ef682c2f7
Merge branch 'main' into henrymercer/fix-empty-header965c472
Merge pull request #2591
from github/henrymercer/windows-pr-checks-gzipfe6283b
Update checked-in dependencies7f7df4b
Bump the npm group across 1 directory with 8 updates8a5e9bc
Use gzip bundles in Windows PR checks