Skip to content

Commit

Permalink
Add changelog entry
Browse files Browse the repository at this point in the history
  • Loading branch information
angelapwen committed Jun 13, 2023
1 parent 4c85185 commit c382ba7
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,12 @@

## [UNRELEASED]

No user facing changes.
- Bump the version of the Action to 2.20.0. This ensures that users who received a Dependabot upgrade to [`cdcdbb5`](https://github.com/github/codeql-action/commit/cdcdbb579706841c47f7063dda365e292e5cad7a), which was mistakenly marked as Action version 2.13.4, continue to receive updates to the CodeQL Action. [#1729](https://github.com/github/codeql-action/pull/1729)
- The CodeQL Action repository contains a series of tags `v*` corresponding to versions of the CodeQL Action, as is typical. However it also contains a series of tags `codeql-bundle-*` that correspond to versions of the CodeQL Bundle, an artifact that contains the CodeQL CLI and the standard CodeQL libraries.
- As of version 2.13.4 of the CodeQL CLI, we changed the format of the CodeQL Bundle tag from a date, for example `codeql-bundle-20230613`, to a semantic version, for example `codeql-bundle-v2.13.4`.
- This inadvertently sent out Dependabot upgrades that upgraded users from `v2.3.6` to `codeql-bundle-v2.13.4`.
- To ensure that users who merged this Dependabot upgrade continue to receive updates to the CodeQL Action, we are bumping the Action version to make it greater than 2.13.4.
- To help avoid confusion between the version numbers of the CodeQL Action and the CodeQL CLI, we are introducing some separation and bumping the Action to 2.20.0.

## 2.3.6 - 01 Jun 2023

Expand Down

0 comments on commit c382ba7

Please sign in to comment.