From 51e341eaad39e193f6c58a6331580dec7772b87b Mon Sep 17 00:00:00 2001 From: GeekMasher Date: Thu, 17 Apr 2025 09:49:36 +0100 Subject: [PATCH 1/3] feat(ci): Add Automatic weekly CodeQL Pack Updating Job --- .github/workflows/update-deps.yml | 47 +++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 .github/workflows/update-deps.yml diff --git a/.github/workflows/update-deps.yml b/.github/workflows/update-deps.yml new file mode 100644 index 00000000..712538ef --- /dev/null +++ b/.github/workflows/update-deps.yml @@ -0,0 +1,47 @@ +name: Update CodeQL + +on: + schedule: + # Every Monday at 14:00 UTC + - cron: "0 14 * * 1" + workflow_dispatch: + +jobs: + queries: + runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + + concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}-${{ matrix.language }} + cancel-in-progress: true + + steps: + - name: "Checkout" + uses: actions/checkout@v4 + + - name: Setup CodeQL + uses: ./.github/actions/install-codeql + + - name: "Update CodeQL Pack Dependencies" + run: | + set -e + echo "Find all directoring with a qlpack.yml file" + for dir in $(find . -name qlpack.yml -exec dirname {} \;); do + echo "Updating dependencies in $dir" + codeql pack upgrade "$dir" + done + + - name: Create Pull Request + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 + with: + token: ${{ github.token }} + title: "Chore: Update CodeQL Pack Dependencies" + commit-message: "[chore]: Update CodeQL Pack Dependencies" + body: | + This is an automatically created chore to update the CodeQL pack dependencies for all languages. + branch: "chore/update-codeql-pack-dependencies" + labels: "version" + delete-branch: true From 3c270a59b8bda49a316d931137151b80ed93a4ea Mon Sep 17 00:00:00 2001 From: Mathew Payne <2772944+GeekMasher@users.noreply.github.com> Date: Thu, 17 Apr 2025 10:12:37 +0100 Subject: [PATCH 2/3] Update .github/workflows/update-deps.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/update-deps.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-deps.yml b/.github/workflows/update-deps.yml index 712538ef..536dd5cf 100644 --- a/.github/workflows/update-deps.yml +++ b/.github/workflows/update-deps.yml @@ -28,7 +28,7 @@ jobs: - name: "Update CodeQL Pack Dependencies" run: | set -e - echo "Find all directoring with a qlpack.yml file" + echo "Find all directories with a qlpack.yml file" for dir in $(find . -name qlpack.yml -exec dirname {} \;); do echo "Updating dependencies in $dir" codeql pack upgrade "$dir" From f02c300238271caeb70dc887682867bee670ac39 Mon Sep 17 00:00:00 2001 From: Mathew Payne <2772944+GeekMasher@users.noreply.github.com> Date: Thu, 17 Apr 2025 10:12:44 +0100 Subject: [PATCH 3/3] Update .github/workflows/update-deps.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/update-deps.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-deps.yml b/.github/workflows/update-deps.yml index 536dd5cf..d1de7250 100644 --- a/.github/workflows/update-deps.yml +++ b/.github/workflows/update-deps.yml @@ -15,7 +15,7 @@ jobs: packages: write concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}-${{ matrix.language }} + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true steps: