-
Notifications
You must be signed in to change notification settings - Fork 334
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump minimum CodeQL version to 2.10.5 #1907
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great.
Can you also take a look at the individual checks to see if any of them can start testing against more versions. For example, pr-checks/checks/packaging-config-inputs-js.yml
says that it works against recent CLIs, but now, I think it is available in all CLIs that are still supported.
This could happen separately.
And, only if you think it would be helpful, you could add a section in the CONTRIBUTING.md
on the different steps to take when removing support for an old CLI.
I have a separate plan for this — we are currently running too many CI jobs on each PR, which causes friction both internally when jobs fail for transient reasons and externally, because API rate limits can prevent contributors from being able to run the checks. Specifically, I'd like to start testing particularly old CLIs on a nightly basis and on the release branches instead of on
Good idea, I'll do this. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice.
Now that the 2.9.* series is deprecated, we can remove tech debt in the Action and update our testing matrix to improve our test coverage against the latest versions of CodeQL.
Merge / deployment checklist