Merge branch 'main' into aeisenberg/update-changelog-on-release

.gitattributes

@@ -1 +1,8 @@
 lib/*.js linguist-generated=true
+
+# Reduce incidence of needless merge conflicts on CHANGELOG.md
+# The man page at
+# https://mirrors.edge.kernel.org/pub/software/scm/git/docs/gitattributes.html
+# suggests that this might interleave lines arbitrarily, but empirically
+# it keeps added chunks contiguous
+CHANGELOG.md                merge=union

.github/workflows/update-supported-enterprise-server-versions.yml

@@ -7,6 +7,7 @@ on:
 jobs:
   update-supported-enterprise-server-versions:
     runs-on: ubuntu-latest
+    if: ${{ github.repository == 'github/codeql-action' }}
 
     steps:
       - name: Setup Python

CHANGELOG.md

@@ -1,3 +1,6 @@
 # CodeQL Action and CodeQL Runner Changelog
 
 ## [UNRELEASED]
+
+- Add this changelog file. [#507](https://github.com/github/codeql-action/pull/507)
+- Improve grouping of analysis logs. Add a new log group containing a summary of metrics and diagnostics, if they were produced by CodeQL builtin queries. [#515](https://github.com/github/codeql-action/pull/515)

README.md

@@ -2,6 +2,8 @@
 
 This action runs GitHub's industry-leading static analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of [queries](https://github.com/github/codeql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code.
 
+For a list of recent changes, see the CodeQL Action's [changelog](CHANGELOG.md).
+
 ## License
 
 This project is released under the [MIT License](LICENSE).