dependabot[bot]
c3ebbcf7cb
build(deps): bump github/codeql-action from 2.1.15 to 2.1.17
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.15 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3f62b754e2...0c670bbf04
2022-08-01 11:17:18 +00:00
dependabot[bot]
573fb26ca2
build(deps): bump github/codeql-action from 2.1.6 to 2.1.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.6 to 2.1.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28eead2408...3f62b754e2
2022-07-01 14:34:01 +03:00
Frantisek Sumsal
aa1bf7e61d
ci: bump GH Actions to Ubuntu Jammy where applicable
2022-05-21 20:23:48 +02:00
dependabot[bot]
5f994fffb9
build(deps): bump actions/checkout from 3.0.0 to 3.0.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a12a3943b4...2541b1294d
2022-05-03 05:50:11 +03:00
dependabot[bot]
a2b107c86c
build(deps): bump actions/checkout from 2.4.0 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.4.0 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ec3a7ce113...a12a3943b4
2022-04-01 21:40:52 +00:00
dependabot[bot]
a1a1e0b79f
build(deps): bump github/codeql-action from 1.1.3 to 2.1.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.3 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](75f07e7ab2...28eead2408
2022-04-01 21:39:20 +00:00
dependabot[bot]
fd4747d924
build(deps): bump github/codeql-action from 1.0.29 to 1.1.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.29 to 1.1.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](384cfc42b2...75f07e7ab2
2022-03-02 11:56:44 +00:00
dependabot[bot]
da9be066cb
build(deps): bump github/codeql-action from 1.0.27 to 1.0.29
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.27 to 1.0.29.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](cd783c8a29...384cfc42b2
2022-01-24 11:18:48 +03:00
Evgeny Vereshchagin
cd7b60a7ed
Merge pull request #22142 from evverx/libxkbcommon-dev
...
ci: get Coverity and CodeQL to analyze the "libxkbcommon" part
2022-01-18 00:15:56 +03:00
dependabot[bot]
a68b244399
build(deps): bump github/codeql-action from 1.0.26 to 1.0.27
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.26 to 1.0.27.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5f53256358...cd783c8a29
2022-01-17 09:12:55 +03:00
Evgeny Vereshchagin
992d7f341f
ci: trigger CodeQL on PRs when its dependencies change
2022-01-17 01:59:55 +00:00
dependabot[bot]
1805759ea0
build(deps): bump github/codeql-action from 1.0.25 to 1.0.26
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.25 to 1.0.26.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](546b30f35a...5f53256358
2021-12-13 13:18:55 +03:00
Frantisek Sumsal
a6319961c9
ci: run the CodeQL action also when its configuration changes
...
Just to make sure we didn't break anything.
2021-12-07 14:45:06 +01:00
Frantisek Sumsal
64f625a212
ci: sync the list of CodeQL queries with LGTM
2021-12-07 14:45:04 +01:00
dependabot[bot]
7285145dfc
build(deps): bump github/codeql-action from 1.0.24 to 1.0.25
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.24 to 1.0.25.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e095058bfa...546b30f35a
2021-12-07 02:20:53 +03:00
dependabot[bot]
68181cf8a7
build(deps): bump github/codeql-action from 1.0.23 to 1.0.24
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.23 to 1.0.24.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a627e9fa50...e095058bfa
2021-11-25 05:13:11 +03:00
dependabot[bot]
d59d6cc154
build(deps): bump github/codeql-action from 1.0.22 to 1.0.23
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.22 to 1.0.23.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5581e08a65...a627e9fa50
2021-11-18 01:17:19 +03:00
Evgeny Vereshchagin
7e7e31521a
ci: run codeql on PRs from Dependabot
...
To make sure PRs like https://github.com/systemd/systemd/pull/21409
don't break anything.
2021-11-17 10:14:33 +00:00
Evgeny Vereshchagin
510afa460a
ci: tighten codeql and labeler even more
...
by moving the read permissions to the top level and
granting additional permissions to the specific jobs.
It should help to prevent new jobs that could be added
there eventually from having write access to resources they
most likely would never need.
2021-11-14 10:51:07 +00:00
Evgeny Vereshchagin
b3a1fb795a
ci: LGPLv2+ify dependapot config and codeql action
2021-11-14 09:48:22 +00:00
Evgeny Vereshchagin
e44a47d186
ci: pin the codeql action to SHAs
...
It's a follow-up to https://github.com/systemd/systemd/pull/21316 .
Judging by https://github.com/evverx/systemd/pull/36 , Dependabot
supports their release cycle
2021-11-14 10:42:04 +00:00
dependabot[bot]
5ae4964028
build(deps): bump actions/checkout from 2 to 2.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 2.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...ec3a7ce113134d7a93b817d10a8272cb61118579 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-13 16:45:32 +03:00
Evgeny Vereshchagin
33796123bc
ci: run codeql-analysis daily
...
https://github.com/github/codeql-action
Apparently to judge from a couple of warnings I haven't seen
before it's a bit different from LGTM.
2021-11-12 15:47:15 +00:00
