Automatically open PR to upgrade CodeQL CLI dependencies #215
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
data-douser
reviewed
Aug 13, 2025
jeongsoolee09
approved these changes
Aug 13, 2025
Contributor
jeongsoolee09
left a comment
jeongsoolee09
left a comment
There was a problem hiding this comment.
Looks good to me personally. I think it's okay to be merged once all conversations (one from @data-douser) are resolved.
Use the gh release list command.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What This PR Contributes
This PR adds an Actions workflow which checks for new CodeQL CLI releases, and if one exists, opens a new PR to update the QLT config and the qlpack lock files. The workflow runs nightly on a schedule, and can also be run on demand.
Once this is merged, we should automatically get PRs opened after new CodeQL CLI releases, where the PR checks help validate compatibility with the repository.
Future Works
This functionality could be incorporated directly into QLT in the future.