STACKITGit/cli - Git hosting by STACKIT

Author	SHA1	Message	Date
dependabot[bot]	13d9ab631d	chore(deps): bump actions/checkout from 5 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-12-01 16:24:05 +01:00
dependabot[bot]	af0905efeb	chore(deps): bump github/codeql-action from 3 to 4 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-08 14:03:20 +00:00
dependabot[bot]	4f37579efa	chore(deps): bump actions/setup-go from 5 to 6 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-04 14:48:13 +00:00
dependabot[bot]	6710bbc2be	chore(deps): bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-08-14 15:35:09 +00:00
dependabot[bot]	fe8884f351	chore(deps): bump advanced-security/filter-sarif from 1.0.0 to 1.0.1 Bumps [advanced-security/filter-sarif](https://github.com/advanced-security/filter-sarif) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/advanced-security/filter-sarif/releases) - [Commits](`bc96d9fb93...f3b8118a93`) --- updated-dependencies: - dependency-name: advanced-security/filter-sarif dependency-version: 1.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-07-14 17:30:21 +00:00
Kynan Ware	030bf8a68f	Improve CodeQL workflow with SARIF filtering Adds SARIF filtering for Go analysis to exclude third-party code from results and updates the workflow to upload filtered SARIF files. This enhances the accuracy of security reports by ignoring irrelevant files.	2025-07-11 13:39:20 -06:00
Kynan Ware	50e4a4ad15	Fix step order for CodeQL workflow	2025-06-17 08:41:14 -06:00
Andy Feller	c7b1afd293	Fixes #11126 These changes will cause GitHub Advanced Security to ignore the auto-generated content around 3rd party dependencies used by `cli/cli` from static code analysis and secret scanning. For more information: - https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning - https://docs.github.com/en/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/excluding-folders-and-files-from-secret-scanning	2025-06-16 13:36:37 -04:00
William Martin	928a326cee	Add workflow to check `help wanted` labelling (#11105 ) Co-authored-by: Kynan Ware <47394200+BagToad@users.noreply.github.com> Co-authored-by: Babak K. Shandiz <babakks@github.com> Co-authored-by: Andy Feller <andyfeller@github.com>	2025-06-16 17:09:04 +02:00
William Martin	200c95e5b2	Rely on go.mod go version in all workflows (#8911 )	2024-04-02 13:22:31 +00:00
Naoya Yasuda	5d79a95a32	Upgrade to Go 1.22 (#8836 )	2024-04-02 14:34:59 +02:00
dependabot[bot]	1df8e833c7	build(deps): bump github/codeql-action from 2 to 3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-14 14:24:28 +00:00
dependabot[bot]	f9df89da0f	build(deps): bump actions/checkout from 3 to 4 (#7937 ) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-05 04:06:24 +02:00
dependabot[bot]	2ef6d83939	Bump github/codeql-action from 1 to 2 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v1...v2) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-04-25 14:24:46 +00:00
neilnaveen	07e0e52edd	Fixed permission for workflow (#5279 ) https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions Co-authored-by: Mislav Marohnić <mislav@github.com>	2022-03-14 14:18:21 +01:00
dependabot[bot]	0cce0e1543	Bump actions/checkout from 2 to 3 Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-03-02 14:29:49 +00:00
Mislav Marohnić	dabaa5ad7d	CodeQL-Dependabot compatibility Configure the CodeQL workflow to avoid running for pushes on all pull requests because that causes problems with Dependabot PRs. https://github.com/cli/cli/pull/4475/checks?check_run_id=3857074760	2021-10-11 11:27:54 +02:00
Robin Neatherway	6ebafb55ae	Extend query suite with quality queries	2021-08-19 15:05:28 +01:00
Robin Neatherway	3ab01661e4	Add on: pull_request trigger to CodeQL workflow From February 2021, in order to provide feedback on pull requests, Code Scanning workflows must be configured with both `push` and `pull_request` triggers. This is because Code Scanning compares the results from a pull request against the results for the base branch to tell you only what has changed between the two. Early in the beta period we supported displaying results on pull requests for workflows with only `push` triggers, but have discontinued support as this proved to be less robust. See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#scanning-pull-requests for more information on how best to configure your Code Scanning workflows.	2021-01-13 11:09:00 +00:00
Mislav Marohnić	c62c00761e	Tweak CodeQL workflow	2020-05-06 10:16:08 +02:00
Justin Hutchings	e0071329f5	Remove strategy, remove autobuild	2020-05-05 13:45:06 -07:00
Justin Hutchings	0a86be0ba7	Rename .github/workflows/workflows/codeql.yml to .github/workflows/codeql.yml	2020-05-04 17:49:39 -07:00

22 commits