From 6e162a0930800b47a9211fd1ad0bb93aec5d6221 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 23 Jan 2026 13:53:17 +0000 Subject: [PATCH 1/8] Update changelog and version after v4.31.11 --- CHANGELOG.md | 4 ++++ package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3369fc4cc6..dd0029b637 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. +## [UNRELEASED] + +No user facing changes. + ## 4.31.11 - 23 Jan 2026 - When running a Default Setup workflow with [Actions debugging enabled](https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging), the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. [#3409](https://github.com/github/codeql-action/pull/3409) diff --git a/package-lock.json b/package-lock.json index bd0a3d3a6e..a4792f7fdf 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "4.31.11", + "version": "4.31.12", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "4.31.11", + "version": "4.31.12", "license": "MIT", "dependencies": { "@actions/artifact": "^5.0.2", diff --git a/package.json b/package.json index 24d23fe3d9..b09ef89db9 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "4.31.11", + "version": "4.31.12", "private": true, "description": "CodeQL action", "scripts": { From 7381f9750d1cf0a353c0fa189ef786f4b2b41c22 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 23 Jan 2026 14:48:27 +0000 Subject: [PATCH 2/8] Rebuild --- lib/analyze-action-post.js | 2 +- lib/analyze-action.js | 2 +- lib/autobuild-action.js | 2 +- lib/init-action-post.js | 2 +- lib/init-action.js | 2 +- lib/resolve-environment-action.js | 2 +- lib/setup-codeql-action.js | 2 +- lib/start-proxy-action-post.js | 2 +- lib/start-proxy-action.js | 2 +- lib/upload-lib.js | 2 +- lib/upload-sarif-action-post.js | 2 +- lib/upload-sarif-action.js | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index beab5657dc..d0e16267ca 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -26678,7 +26678,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/analyze-action.js b/lib/analyze-action.js index f2f71755f2..126b0f7ec9 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -26678,7 +26678,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index bf18e8f556..2e37724d49 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -26678,7 +26678,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 3d35e98242..272e6ee6f1 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -26678,7 +26678,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action.js b/lib/init-action.js index 34a3a1086f..8dfb854c64 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -26678,7 +26678,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 239f35bcdb..0f6546ca92 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -26678,7 +26678,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 6af67bc086..914aad87da 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -26678,7 +26678,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 87fd6605d7..6d42e77685 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -26678,7 +26678,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 16809bda36..39350b8091 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -45284,7 +45284,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 480b83cd56..a59f2e93f4 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -27975,7 +27975,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index ba1e4ac450..c7e1156f3e 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -26678,7 +26678,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 6bd0faaded..1855fc99c4 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -26678,7 +26678,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.11", + version: "4.31.12", private: true, description: "CodeQL action", scripts: { From efea9cca026eff7fe5311a32572d0b8eda9bfdd5 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Sat, 24 Jan 2026 13:43:15 +0000 Subject: [PATCH 3/8] Add `installYq` option to `sync.py` and cache downloads --- .github/workflows/__build-mode-autobuild.yml | 17 ++++++++++----- pr-checks/checks/build-mode-autobuild.yml | 6 +----- pr-checks/sync.py | 22 ++++++++++++++++++++ 3 files changed, 35 insertions(+), 10 deletions(-) diff --git a/.github/workflows/__build-mode-autobuild.yml b/.github/workflows/__build-mode-autobuild.yml index 39ec213811..09fa8aee58 100644 --- a/.github/workflows/__build-mode-autobuild.yml +++ b/.github/workflows/__build-mode-autobuild.yml @@ -76,6 +76,18 @@ jobs: with: java-version: ${{ inputs.java-version || '17' }} distribution: temurin + - name: Restore choco cache + if: runner.os == 'Windows' + uses: actions/cache@v5 + with: + key: windows-choco-cache + path: ${{ runner.temp }}/windows-choco-cache + - name: Install yq + if: runner.os == 'Windows' + shell: pwsh + env: + CACHE_DIR: ${{ runner.temp }}/windows-choco-cache + run: choco install yq -y --stoponfirstfailure --cache-location=${env:CACHE_DIR} - name: Set up Java test repo configuration run: | mv * .github ../action/tests/multi-language-repo/ @@ -90,11 +102,6 @@ jobs: languages: java tools: ${{ steps.prepare-test.outputs.tools-url }} - - name: Install yq - if: runner.os == 'Windows' - run: | - choco install yq -y - - name: Validate database build mode run: | metadata_path="$RUNNER_TEMP/customDbLocation/java/codeql-database.yml" diff --git a/pr-checks/checks/build-mode-autobuild.yml b/pr-checks/checks/build-mode-autobuild.yml index 26b8626f22..8a51926faa 100644 --- a/pr-checks/checks/build-mode-autobuild.yml +++ b/pr-checks/checks/build-mode-autobuild.yml @@ -3,6 +3,7 @@ description: "An end-to-end integration test of a Java repository built using 'b operatingSystems: ["ubuntu", "windows"] versions: ["linked", "nightly-latest"] installJava: "true" +installYq: "true" steps: - name: Set up Java test repo configuration run: | @@ -18,11 +19,6 @@ steps: languages: java tools: ${{ steps.prepare-test.outputs.tools-url }} - - name: Install yq - if: runner.os == 'Windows' - run: | - choco install yq -y - - name: Validate database build mode run: | metadata_path="$RUNNER_TEMP/customDbLocation/java/codeql-database.yml" diff --git a/pr-checks/sync.py b/pr-checks/sync.py index 9d1296a549..fbaca470d5 100755 --- a/pr-checks/sync.py +++ b/pr-checks/sync.py @@ -223,6 +223,28 @@ def writeHeader(checkStream): } }) + installYq = is_truthy(checkSpecification.get('installYq', '')) + + if installYq: + steps.append({ + 'name': "Restore choco cache", + 'if': "runner.os == 'Windows'", + 'uses': 'actions/cache@v5', + 'with': { + 'key': 'windows-choco-cache', + 'path': '${{ runner.temp }}/windows-choco-cache' + } + }) + steps.append({ + 'name': 'Install yq', + 'if': "runner.os == 'Windows'", + 'shell': 'pwsh', + 'env': { + 'CACHE_DIR': '${{ runner.temp }}/windows-choco-cache' + }, + 'run': 'choco install yq -y --stoponfirstfailure --cache-location=${env:CACHE_DIR}', + }) + # If container initialisation steps are present in the check specification, # make sure to execute them first. if 'container' in checkSpecification and 'container-init-steps' in checkSpecification: From 605d404db0cf675582be6ebf20124de53bf13043 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Sat, 24 Jan 2026 14:09:33 +0000 Subject: [PATCH 4/8] Install `yq` directly from GitHub release --- .github/workflows/__build-mode-autobuild.yml | 13 ++++--------- pr-checks/sync.py | 19 ++++++------------- 2 files changed, 10 insertions(+), 22 deletions(-) diff --git a/.github/workflows/__build-mode-autobuild.yml b/.github/workflows/__build-mode-autobuild.yml index 09fa8aee58..4347905ed3 100644 --- a/.github/workflows/__build-mode-autobuild.yml +++ b/.github/workflows/__build-mode-autobuild.yml @@ -76,18 +76,13 @@ jobs: with: java-version: ${{ inputs.java-version || '17' }} distribution: temurin - - name: Restore choco cache - if: runner.os == 'Windows' - uses: actions/cache@v5 - with: - key: windows-choco-cache - path: ${{ runner.temp }}/windows-choco-cache - name: Install yq if: runner.os == 'Windows' - shell: pwsh env: - CACHE_DIR: ${{ runner.temp }}/windows-choco-cache - run: choco install yq -y --stoponfirstfailure --cache-location=${env:CACHE_DIR} + YQ_PATH: ${{ runner.temp }}/yq + run: |- + gh release download --repo mikefarah/yq --pattern "yq_windows_amd64.exe" v4.50.1 -O "$YQ_PATH/yq.exe" + echo "$YQ_PATH" >> "$GITHUB_PATH" - name: Set up Java test repo configuration run: | mv * .github ../action/tests/multi-language-repo/ diff --git a/pr-checks/sync.py b/pr-checks/sync.py index fbaca470d5..71f86ef521 100755 --- a/pr-checks/sync.py +++ b/pr-checks/sync.py @@ -1,7 +1,7 @@ #!/usr/bin/env python import ruamel.yaml -from ruamel.yaml.scalarstring import SingleQuotedScalarString +from ruamel.yaml.scalarstring import SingleQuotedScalarString, LiteralScalarString import pathlib import os @@ -226,23 +226,16 @@ def writeHeader(checkStream): installYq = is_truthy(checkSpecification.get('installYq', '')) if installYq: - steps.append({ - 'name': "Restore choco cache", - 'if': "runner.os == 'Windows'", - 'uses': 'actions/cache@v5', - 'with': { - 'key': 'windows-choco-cache', - 'path': '${{ runner.temp }}/windows-choco-cache' - } - }) steps.append({ 'name': 'Install yq', 'if': "runner.os == 'Windows'", - 'shell': 'pwsh', 'env': { - 'CACHE_DIR': '${{ runner.temp }}/windows-choco-cache' + 'YQ_PATH': '${{ runner.temp }}/yq' }, - 'run': 'choco install yq -y --stoponfirstfailure --cache-location=${env:CACHE_DIR}', + 'run': LiteralScalarString( + 'gh release download --repo mikefarah/yq --pattern "yq_windows_amd64.exe" v4.50.1 -O "$YQ_PATH/yq.exe"\n' + 'echo "$YQ_PATH" >> "$GITHUB_PATH"' + ), }) # If container initialisation steps are present in the check specification, From 3657da1eac4b11c83691b98b74175187b905100a Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 26 Jan 2026 10:59:43 +0000 Subject: [PATCH 5/8] Move `yq` version into env var and add comment --- .github/workflows/__build-mode-autobuild.yml | 3 ++- pr-checks/sync.py | 8 ++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/__build-mode-autobuild.yml b/.github/workflows/__build-mode-autobuild.yml index 4347905ed3..749def27ec 100644 --- a/.github/workflows/__build-mode-autobuild.yml +++ b/.github/workflows/__build-mode-autobuild.yml @@ -80,8 +80,9 @@ jobs: if: runner.os == 'Windows' env: YQ_PATH: ${{ runner.temp }}/yq + YQ_VERSION: v4.50.1 run: |- - gh release download --repo mikefarah/yq --pattern "yq_windows_amd64.exe" v4.50.1 -O "$YQ_PATH/yq.exe" + gh release download --repo mikefarah/yq --pattern "yq_windows_amd64.exe" "$YQ_VERSION" -O "$YQ_PATH/yq.exe" echo "$YQ_PATH" >> "$GITHUB_PATH" - name: Set up Java test repo configuration run: | diff --git a/pr-checks/sync.py b/pr-checks/sync.py index 71f86ef521..77696b91fd 100755 --- a/pr-checks/sync.py +++ b/pr-checks/sync.py @@ -230,10 +230,14 @@ def writeHeader(checkStream): 'name': 'Install yq', 'if': "runner.os == 'Windows'", 'env': { - 'YQ_PATH': '${{ runner.temp }}/yq' + 'YQ_PATH': '${{ runner.temp }}/yq', + # This is essentially an arbitrary version of `yq`, which happened to be the one that + # `choco` fetched when we moved away from using that here. + # See https://github.com/github/codeql-action/pull/3423 + 'YQ_VERSION': 'v4.50.1' }, 'run': LiteralScalarString( - 'gh release download --repo mikefarah/yq --pattern "yq_windows_amd64.exe" v4.50.1 -O "$YQ_PATH/yq.exe"\n' + 'gh release download --repo mikefarah/yq --pattern "yq_windows_amd64.exe" "$YQ_VERSION" -O "$YQ_PATH/yq.exe"\n' 'echo "$YQ_PATH" >> "$GITHUB_PATH"' ), }) From c62c214723e7c0cdfb907bede6988df3a0640c7e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 26 Jan 2026 12:16:14 +0000 Subject: [PATCH 6/8] Update default bundle to codeql-bundle-v2.24.0 --- lib/analyze-action.js | 4 ++-- lib/autobuild-action.js | 4 ++-- lib/defaults.json | 8 ++++---- lib/init-action-post.js | 4 ++-- lib/init-action.js | 4 ++-- lib/setup-codeql-action.js | 4 ++-- lib/start-proxy-action.js | 4 ++-- lib/upload-lib.js | 4 ++-- lib/upload-sarif-action.js | 4 ++-- src/defaults.json | 8 ++++---- 10 files changed, 24 insertions(+), 24 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 126b0f7ec9..c0e72696bd 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -90695,8 +90695,8 @@ var path5 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.9"; -var cliVersion = "2.23.9"; +var bundleVersion = "codeql-bundle-v2.24.0"; +var cliVersion = "2.24.0"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 2e37724d49..60ce9439b0 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -87198,8 +87198,8 @@ var path3 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.9"; -var cliVersion = "2.23.9"; +var bundleVersion = "codeql-bundle-v2.24.0"; +var cliVersion = "2.24.0"; // src/overlay-database-utils.ts var fs2 = __toESM(require("fs")); diff --git a/lib/defaults.json b/lib/defaults.json index 8c5ef57bf1..916c098591 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.23.9", - "cliVersion": "2.23.9", - "priorBundleVersion": "codeql-bundle-v2.23.8", - "priorCliVersion": "2.23.8" + "bundleVersion": "codeql-bundle-v2.24.0", + "cliVersion": "2.24.0", + "priorBundleVersion": "codeql-bundle-v2.23.9", + "priorCliVersion": "2.23.9" } diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 272e6ee6f1..6ed8113abf 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -127658,8 +127658,8 @@ var path4 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.9"; -var cliVersion = "2.23.9"; +var bundleVersion = "codeql-bundle-v2.24.0"; +var cliVersion = "2.24.0"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/lib/init-action.js b/lib/init-action.js index 8dfb854c64..1cf78215a0 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -88149,8 +88149,8 @@ var path6 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.9"; -var cliVersion = "2.23.9"; +var bundleVersion = "codeql-bundle-v2.24.0"; +var cliVersion = "2.24.0"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 914aad87da..e3f31944ca 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -87072,8 +87072,8 @@ var path4 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.9"; -var cliVersion = "2.23.9"; +var bundleVersion = "codeql-bundle-v2.24.0"; +var cliVersion = "2.24.0"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 39350b8091..27045eb9b3 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -103963,8 +103963,8 @@ function getActionsLogger() { var core7 = __toESM(require_core()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.9"; -var cliVersion = "2.23.9"; +var bundleVersion = "codeql-bundle-v2.24.0"; +var cliVersion = "2.24.0"; // src/languages.ts var KnownLanguage = /* @__PURE__ */ ((KnownLanguage2) => { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index a59f2e93f4..d8bb3e5db2 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -90225,8 +90225,8 @@ var path4 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.9"; -var cliVersion = "2.23.9"; +var bundleVersion = "codeql-bundle-v2.24.0"; +var cliVersion = "2.24.0"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 1855fc99c4..4edc2ce813 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -89992,8 +89992,8 @@ var path4 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.23.9"; -var cliVersion = "2.23.9"; +var bundleVersion = "codeql-bundle-v2.24.0"; +var cliVersion = "2.24.0"; // src/overlay-database-utils.ts var fs3 = __toESM(require("fs")); diff --git a/src/defaults.json b/src/defaults.json index 8c5ef57bf1..916c098591 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.23.9", - "cliVersion": "2.23.9", - "priorBundleVersion": "codeql-bundle-v2.23.8", - "priorCliVersion": "2.23.8" + "bundleVersion": "codeql-bundle-v2.24.0", + "cliVersion": "2.24.0", + "priorBundleVersion": "codeql-bundle-v2.23.9", + "priorCliVersion": "2.23.9" } From 975286947045be7e8b204a16b36b1b04b9feef86 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 26 Jan 2026 12:16:22 +0000 Subject: [PATCH 7/8] Add changelog note --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index dd0029b637..f83b28424e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th ## [UNRELEASED] -No user facing changes. +- Update default CodeQL bundle version to [2.24.0](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0). [#3425](https://github.com/github/codeql-action/pull/3425) ## 4.31.11 - 23 Jan 2026 From 78fa31643b07f342ed55dd456846dca0c4d793e0 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 26 Jan 2026 14:48:46 +0000 Subject: [PATCH 8/8] Update changelog for v4.31.12 --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f83b28424e..1d7ad76d38 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. -## [UNRELEASED] +## 4.31.12 - 26 Jan 2026 - Update default CodeQL bundle version to [2.24.0](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0). [#3425](https://github.com/github/codeql-action/pull/3425)