From f1a6c1d43aedc06f36a4fe664b055fe6ad1a0c95 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Jun 2025 18:55:30 +0000 Subject: [PATCH] Bump github/codeql-action from 3.28.16 to 3.28.19 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.16 to 3.28.19. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/28deaeda66b76a05916b6923827895f2b14ab387...fca7ace96b7d713c7035871441bd52efbe39e27e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.28.19 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 150 +++++++++++++++++------------------ .github/workflows/msvc.yml | 136 +++++++++++++++---------------- 2 files changed, 143 insertions(+), 143 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9f1f9a7..5091ea1 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,75 +1,75 @@ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# -# http://go.microsoft.com/fwlink/?LinkID=615560 - -name: "CodeQL" - -on: - push: - branches: "main" - paths-ignore: - - '*.md' - - LICENSE - - '.azuredevops/**' - - '.nuget/*' - - build/*.ps1 - pull_request: - branches: "main" - paths-ignore: - - '*.md' - - LICENSE - - '.azuredevops/**' - - '.nuget/*' - - build/*.ps1 - schedule: - - cron: '34 18 * * 6' - -permissions: - contents: read - -jobs: - analyze: - name: Analyze (C/C++) - runs-on: windows-latest - timeout-minutes: 360 - permissions: - actions: read # for github/codeql-action/init to get workflow details - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/autobuild to send a status report - packages: read - - steps: - - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - - name: Clone test repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - repository: walbourn/directxmathtest - path: Tests - ref: main - - - name: 'Install Ninja' - run: choco install ninja - - - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0 - - - name: Initialize CodeQL - uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 - with: - languages: c-cpp - build-mode: manual - - - name: 'Configure CMake' - working-directory: ./Tests/headertest - run: cmake --preset=x64-Debug - - - name: 'Build' - working-directory: ./Tests/headertest - run: cmake --build out/build/x64-Debug - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 - with: - category: "/language:c-cpp" +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +# +# http://go.microsoft.com/fwlink/?LinkID=615560 + +name: "CodeQL" + +on: + push: + branches: "main" + paths-ignore: + - '*.md' + - LICENSE + - '.azuredevops/**' + - '.nuget/*' + - build/*.ps1 + pull_request: + branches: "main" + paths-ignore: + - '*.md' + - LICENSE + - '.azuredevops/**' + - '.nuget/*' + - build/*.ps1 + schedule: + - cron: '34 18 * * 6' + +permissions: + contents: read + +jobs: + analyze: + name: Analyze (C/C++) + runs-on: windows-latest + timeout-minutes: 360 + permissions: + actions: read # for github/codeql-action/init to get workflow details + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/autobuild to send a status report + packages: read + + steps: + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Clone test repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + repository: walbourn/directxmathtest + path: Tests + ref: main + + - name: 'Install Ninja' + run: choco install ninja + + - uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756 # v1.13.0 + + - name: Initialize CodeQL + uses: github/codeql-action/init@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19 + with: + languages: c-cpp + build-mode: manual + + - name: 'Configure CMake' + working-directory: ./Tests/headertest + run: cmake --preset=x64-Debug + + - name: 'Build' + working-directory: ./Tests/headertest + run: cmake --build out/build/x64-Debug + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19 + with: + category: "/language:c-cpp" diff --git a/.github/workflows/msvc.yml b/.github/workflows/msvc.yml index eea9b26..34e4b40 100644 --- a/.github/workflows/msvc.yml +++ b/.github/workflows/msvc.yml @@ -1,68 +1,68 @@ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# -# http://go.microsoft.com/fwlink/?LinkID=615560 - -name: Microsoft C++ Code Analysis - -on: - push: - branches: "main" - paths-ignore: - - '*.md' - - LICENSE - - '.azuredevops/**' - - '.nuget/*' - - build/*.ps1 - pull_request: - branches: "main" - paths-ignore: - - '*.md' - - LICENSE - - '.azuredevops/**' - - '.nuget/*' - - build/*.ps1 - - schedule: - - cron: '34 20 * * 6' - -permissions: - contents: read - -jobs: - analyze: - permissions: - contents: read - security-events: write - actions: read - name: Analyze - runs-on: windows-latest - - steps: - - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - - name: Clone test repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - repository: walbourn/directxmathtest - path: Tests - ref: main - - - name: Configure CMake - working-directory: ./Tests/headertest - run: cmake -B out - - - name: Initialize MSVC Code Analysis - uses: microsoft/msvc-code-analysis-action@24c285ab36952c9e9182f4b78dfafbac38a7e5ee # v0.1.1 - id: run-analysis - with: - cmakeBuildDirectory: ./Tests/headertest/out - buildConfiguration: Debug - ruleset: NativeRecommendedRules.ruleset - - # Upload SARIF file to GitHub Code Scanning Alerts - - name: Upload SARIF to GitHub - uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 - with: - sarif_file: ${{ steps.run-analysis.outputs.sarif }} +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +# +# http://go.microsoft.com/fwlink/?LinkID=615560 + +name: Microsoft C++ Code Analysis + +on: + push: + branches: "main" + paths-ignore: + - '*.md' + - LICENSE + - '.azuredevops/**' + - '.nuget/*' + - build/*.ps1 + pull_request: + branches: "main" + paths-ignore: + - '*.md' + - LICENSE + - '.azuredevops/**' + - '.nuget/*' + - build/*.ps1 + + schedule: + - cron: '34 20 * * 6' + +permissions: + contents: read + +jobs: + analyze: + permissions: + contents: read + security-events: write + actions: read + name: Analyze + runs-on: windows-latest + + steps: + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + - name: Clone test repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + repository: walbourn/directxmathtest + path: Tests + ref: main + + - name: Configure CMake + working-directory: ./Tests/headertest + run: cmake -B out + + - name: Initialize MSVC Code Analysis + uses: microsoft/msvc-code-analysis-action@24c285ab36952c9e9182f4b78dfafbac38a7e5ee # v0.1.1 + id: run-analysis + with: + cmakeBuildDirectory: ./Tests/headertest/out + buildConfiguration: Debug + ruleset: NativeRecommendedRules.ruleset + + # Upload SARIF file to GitHub Code Scanning Alerts + - name: Upload SARIF to GitHub + uses: github/codeql-action/upload-sarif@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19 + with: + sarif_file: ${{ steps.run-analysis.outputs.sarif }}