diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml index 44c5c1ec1..a1657e7fe 100644 --- a/.github/workflows/update-dependencies.yml +++ b/.github/workflows/update-dependencies.yml @@ -35,5 +35,5 @@ jobs: git config --global user.name "github-actions[bot]" git add node_modules git commit -am "Update checked-in dependencies" - git push origin "$BRANCH" + git push origin "HEAD:$BRANCH" fi diff --git a/CHANGELOG.md b/CHANGELOG.md index 463a1f14d..02aefcbea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # CodeQL Action and CodeQL Runner Changelog +## 1.0.21 - 28 Oct 2021 + +- Update default CodeQL bundle version to 2.7.0. [#795](https://github.com/github/codeql-action/pull/795) + ## 1.0.20 - 25 Oct 2021 No user facing changes. diff --git a/lib/defaults.json b/lib/defaults.json index 1ad81bce0..3c74f0e2d 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,3 +1,3 @@ { - "bundleVersion": "codeql-bundle-20211013" + "bundleVersion": "codeql-bundle-20211025" } diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index 263c93fde..dfa272e9f 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "1.0.20", + "version": "1.0.21", "lockfileVersion": 2, "requires": true, "packages": { diff --git a/package-lock.json b/package-lock.json index d78a90960..a2bd79df8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "1.0.20", + "version": "1.0.21", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "codeql", - "version": "1.0.20", + "version": "1.0.21", "license": "MIT", "dependencies": { "@actions/artifact": "^0.5.2", diff --git a/package.json b/package.json index dc16df590..a3cc5ca81 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "1.0.20", + "version": "1.0.21", "private": true, "description": "CodeQL action", "scripts": { diff --git a/runner/package-lock.json b/runner/package-lock.json index 8000c2a6d..09a034ddf 100644 --- a/runner/package-lock.json +++ b/runner/package-lock.json @@ -1,6 +1,6 @@ { "name": "codeql-runner", - "version": "1.0.20", + "version": "1.0.21", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/runner/package.json b/runner/package.json index 7ed18bb37..79a138d04 100644 --- a/runner/package.json +++ b/runner/package.json @@ -1,6 +1,6 @@ { "name": "codeql-runner", - "version": "1.0.20", + "version": "1.0.21", "private": true, "description": "CodeQL runner", "scripts": { diff --git a/src/defaults.json b/src/defaults.json index ce7dab7ca..fd7047b2e 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,3 +1,3 @@ { - "bundleVersion": "codeql-bundle-20211013" + "bundleVersion": "codeql-bundle-20211025" } diff --git a/upload-sarif/action.yml b/upload-sarif/action.yml index 21997efe3..bb9b2b8c3 100644 --- a/upload-sarif/action.yml +++ b/upload-sarif/action.yml @@ -3,7 +3,10 @@ description: 'Upload the analysis results' author: 'GitHub' inputs: sarif_file: - description: The SARIF file or directory of SARIF files to be uploaded. Each upload should contain a maximum of 1000 results, any additional results are ignored. + description: | + The SARIF file or directory of SARIF files to be uploaded to GitHub code scanning. + See https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions + for information on the maximum number of results and maximum file size supported by code scanning. required: false default: '../results' checkout_path: