OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2026-01-15 12:15:26 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity
44,922 Commits 30 Branches 683 Tags
92f4c47aea9e656d1da92ef461c0a288150a59df
Commit Graph

7 Commits

Author SHA1 Message Date
dependabot[bot]
92f4c47aea meta: bump actions/checkout from 4.2.2 to 5.0.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](11bd71901b...08c6903cd8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/59725
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
 2025-09-04 11:25:33 +00:00
dependabot[bot]
e13d15d614 meta: bump github/codeql-action from 3.28.18 to 3.29.2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.18 to 3.29.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](ff0a06e83c...181d5eefc2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58922
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
 2025-07-04 12:33:28 +00:00
dependabot[bot]
ff8c4091d5 meta: bump github/codeql-action from 3.28.16 to 3.28.18 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.16 to 3.28.18.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](28deaeda66...ff0a06e83c)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58552
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
 2025-06-07 09:07:04 +00:00
dependabot[bot]
3067874ba1 meta: bump github/codeql-action from 3.28.11 to 3.28.16 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.11 to 3.28.16.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3.28.11...28deaeda66b76a05916b6923827895f2b14ab387)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/58112
Reviewed-By: Michaël Zasso <targos@protonmail.com>
 2025-05-25 18:23:52 +00:00
Rich Trott
067a779f17 tools: enable CodeQL config file 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: https://github.com/nodejs/node/pull/57978#issuecomment-2829182983
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: https://github.com/nodejs/node/pull/58036
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2025-04-28 13:34:47 +00:00
Rich Trott
1b5b12c3e6 tools: ignore test directory in CodeQL scans 
Scanning the test directory results in many false positives about
hard-coded credentials. We want the code scan for
user-exectuable code and possibly our tools, but not generally
for tests. Ignore the test directory in CodeQL scans. A long list
of false positives makes it harder to interpret the result of CodeQL
runs.

PR-URL: https://github.com/nodejs/node/pull/57978
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
 2025-04-24 18:52:25 +00:00
Rafael Gonzaga
78fd82b77b tools: add codeql nightly 
Refs: https://github.com/nodejs/node/pull/57535
PR-URL: https://github.com/nodejs/node/pull/57788
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
 2025-04-14 17:22:32 +00:00