12 Commits

Author SHA1 Message Date
Nick Alteen 26f159bd23 Update permissions 2025-02-19 14:01:25 -05:00
Nick Alteen d36a570e81 Point to main version 2025-02-19 13:58:51 -05:00
Nick Alteen 53d94eab80 Udate workflows 2025-02-19 13:52:16 -05:00
Nick Alteen c1f2042186 Merge pull request #274 from TheGuptaEmpire/first-contributor
Installed @actions/core
2024-02-22 11:52:16 -05:00
Patrick Ellis cc18bea05f Upgrade codeql actions to v2
Currently we're using v1, and there have been some important changes since then.

In particular, the latest version, v2.14.4, contains an important security patch:

> The CodeQL CLI no longer supports the `SEMMLE_JAVA_ARGS` environment variable. All previous versions of the CodeQL CLI perform command substitution on the `SEMMLE_JAVA_ARGS` value (for example, replacing `'$(echo foo)'` with `'foo'`) when starting a new Java virtual machine, which, depending on the execution environment, may have security implications. Users are advised to check their environments for possible `SEMMLE_JAVA_ARGS` misuse.

See the [codeql-action release notes](https://github.com/github/codeql-cli-binaries/releases/tag/v2.14.4) for full details.
2023-09-27 15:11:26 -04:00
SG 0ae396c32e installed @actions/core 2023-09-25 22:45:46 +05:30
Cory Miller ba7d609515 Use first-interaction in the repository 2022-10-06 14:08:49 -04:00
Tingluo Huang 07f2b50de7 Create codeql-analysis.yml 2022-03-30 13:51:26 -04:00
David Kale bd33205aa5 Revert "update licenses and added package-lock (#26)" (#27)
This reverts commit fd47e658a1.
2020-10-27 17:37:07 -04:00
Jeroen Knoops fd47e658a1 update licenses and added package-lock (#26) 2020-10-27 16:04:41 -04:00
Thomas Boop fe6b124afb swap to npm install 2020-09-09 15:07:18 -04:00
Thomas Boop d46231185f Add Licensed to verify third party dependencies 2020-09-09 12:00:05 -04:00