Merge main into releases/v4 #3213
Merged
+88,397
−153
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Mergeback v4.30.8 refs/heads/releases/v4 into main
Skip failed SARIF upload if Code Quality is the only analysis kind
Install Python 3.13 to fix failing PR checks with older CLI versions
…uring the first call
Add `setup-codeql` action
Update default bundle to 2.23.3
Make analysis kinds available for `starting` status report
henrymercer
approved these changes
Oct 17, 2025
There was a problem hiding this comment.
Pull Request Overview
This is a release-PR merging main into the releases/v4 branch, consolidating several pull requests for version 4.30.9. The main changes include a CodeQL bundle version update and the introduction of an experimental setup-codeql action.
- Update default CodeQL bundle version from 2.23.2 to 2.23.3
- Add experimental
setup-codeqlaction that installs CodeQL CLI without initializing databases - Refactor analysis kinds handling to improve code organization and prevent conflicts between actions
Reviewed Changes
Copilot reviewed 49 out of 51 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| CHANGELOG.md | Documents the 4.30.9 release with CodeQL bundle update and new experimental setup-codeql action |
| package.json | Version bump from 4.30.8 to 4.30.9 |
| src/defaults.json | Updates CodeQL bundle and CLI versions to 2.23.3 |
| setup-codeql/action.yml | Defines the new experimental setup-codeql action with inputs and outputs |
| src/setup-codeql-action.ts | Implements the main logic for the setup-codeql action |
| src/analyses.ts | Adds getAnalysisKinds function to centralize analysis kinds parsing with caching |
| src/init-action.ts | Refactors to use centralized analysis kinds handling and adds conflict detection |
| pr-checks/sync.py | Adds Python installation support to workflow generation |
| Multiple lib/*.js files | Generated JavaScript code reflecting the TypeScript changes |
| Multiple workflow files | Generated workflows with Python installation steps |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merging 70205d3 into
releases/v4.Conductor for this PR is @henrymercer.
Contains the following pull requests:
setup-codeqlaction #3204 (@mbg)startingstatus report #3211 (@mbg)Please do the following:
releases/v4branch.Create a merge commitis selected rather thanSquash and mergeorRebase and merge.