You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CONTRIBUTING.md
+5-4
Original file line number
Diff line number
Diff line change
@@ -62,8 +62,9 @@ Here are a few things you can do that will increase the likelihood of your pull
62
62
63
63
You can start a release by triggering this workflow via [workflow dispatch](https://github.com/github/codeql-action/actions/workflows/update-release-branch.yml).
64
64
1. The workflow run will open a pull request titled "Merge main into releases/v3". Follow the steps on the checklist in the pull request. Once you've checked off all but the last two of these, approve the PR and automerge it.
65
-
1. When the "Merge main into releases/v3" pull request is merged into the `releases/v3` branch, a mergeback pull request to `main` and a backport pull request to `releases/v2` will both be automatically created. This mergeback pull request incorporates the changelog updates into `main`, tags the release using the merge commit of the "Merge main into releases/v3" pull request, and bumps the patch version of the CodeQL Action. The backport pull request will incorporate the updates into `releases/v2`.
66
-
1. Approve the mergeback and backport pull requests and automerge them.
65
+
1. When the "Merge main into releases/v3" pull request is merged into the `releases/v3` branch, a mergeback pull request to `main` will be automatically created. This mergeback pull request incorporates the changelog updates into `main`, tags the release using the merge commit of the "Merge main into releases/v3" pull request, and bumps the patch version of the CodeQL Action.
66
+
1. If a backport to an older major version is required, a pull request targeting that version's branch will also be automatically created
67
+
1. Approve the mergeback and backport pull request (if applicable) and automerge them.
67
68
68
69
Once the mergeback and backport pull request have been merged, the release is complete.
69
70
@@ -73,9 +74,9 @@ Since the `codeql-action` runs most of its testing through individual Actions wo
73
74
74
75
1. By default, this script retrieves the checks from the latest SHA on `main`, so make sure that your `main` branch is up to date.
75
76
2. Run the script. If there's a reason to, you can pass in a different SHA as a CLI argument.
76
-
3. After running, go to the [branch protection rules settings page](https://github.com/github/codeql-action/settings/branches) and validate that the rules for `main`, `v2`, and `v3` have been updated.
77
+
3. After running, go to the [branch protection rules settings page](https://github.com/github/codeql-action/settings/branches) and validate that the rules for `main`, `v3`, and any other currently supported major versions have been updated.
77
78
78
-
Note that any updates to checks need to be backported to the `releases/v2` branch, in order to maintain the same set of names for required checks.
79
+
Note that any updates to checks on `main`need to be backported to all currently supported major version branches, in order to maintain the same set of names for required checks.
79
80
80
81
## Deprecating a CodeQL version (write access required)
Copy file name to clipboardExpand all lines: README.md
+1-10
Original file line number
Diff line number
Diff line change
@@ -63,27 +63,18 @@ For compiled languages:
63
63
The following versions of the CodeQL Action are currently supported:
64
64
65
65
- v3 (latest)
66
-
- v2 (deprecated, support will end on December 5th, 2024)
67
-
68
-
The only difference between CodeQL Action v2 and v3 is the version of Node.js on which they run. CodeQL Action v3 runs on Node 20, while CodeQL Action v2 runs on Node 16.
69
-
70
-
To provide the best experience to customers using older versions of GitHub Enterprise Server, we will continue to release CodeQL Action v2 so that these customers can continue to run the latest version of CodeQL as long as their version of GitHub Enterprise Server is supported. For example CodeQL Action v3.22.11 was the first release of CodeQL Action v3 and is functionally identical to v2.22.11. This approach provides an easy way to track exactly which features are included in different versions by looking at the minor and patch version numbers.
71
-
72
-
For more information, see "[Code scanning: deprecation of CodeQL Action v2](https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/)."
73
66
74
67
## Supported versions of the CodeQL Bundle on GitHub Enterprise Server
75
68
76
69
We typically release new minor versions of the CodeQL Action and Bundle when a new minor version of GitHub Enterprise Server (GHES) is released. When a version of GHES is deprecated, the CodeQL Action and Bundle releases that shipped with it are deprecated as well.
CodeQL Action v2 has stopped receiving updates now that GHES 3.11 is deprecated.
86
-
87
78
See the full list of GHES release and deprecation dates at [GitHub Enterprise Server releases](https://docs.github.com/en/enterprise-server/admin/all-releases#releases-of-github-enterprise-server).
0 commit comments