Skip to content

Actions: Add examples qlpack #21177

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hvitved merged 1 commit into from
Jan 16, 2026
Merged

Actions: Add examples qlpack #21177

hvitved merged 1 commit into from
Jan 16, 2026
+23 −0

Conversation

@hvitved
Copy link
Contributor

@hvitved hvitved commented Jan 16, 2026
edited
Loading

#21169 follow-up: The check now assumes that an examples folder exists, so instead of special-casing actions in the check, I thought it was easier to simply add an examples folder.

@github-actions github-actions bot added the Actions Analysis of GitHub Actions label Jan 16, 2026
@hvitved hvitved added the no-change-note-required This PR does not need a change note label Jan 16, 2026
@hvitved hvitved marked this pull request as ready for review January 16, 2026 09:12
@hvitved hvitved requested a review from a team as a code owner January 16, 2026 09:12
Copilot AI review requested due to automatic review settings January 16, 2026 09:12
Copilot AI reviewed Jan 16, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds an examples qlpack for the Actions language to align with the structure expected by CI checks that compile queries from both src and examples directories for all languages.

Changes:

  • Added actions/ql/examples/qlpack.yml defining the examples pack with appropriate dependencies
  • Added an example query uses_pinned_sha.ql demonstrating how to find GitHub Actions steps that use pinned SHA versions

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
actions/ql/examples/qlpack.yml Defines the codeql/actions-examples pack with dependency on codeql/actions-all
actions/ql/examples/snippets/uses_pinned_sha.ql Example query finding uses steps with pinned SHA versions

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

owen-mc
owen-mc reviewed Jan 16, 2026
View reviewed changes
Copy link
Contributor

@owen-mc owen-mc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see the other <lang>/ql/examples folders also have a file called qlpack.yml.lock. Is that needed here too?

@hvitved hvitved force-pushed the actions/example-dir branch from 3e39471 to 3cdca25 Compare January 16, 2026 11:49
@hvitved
Copy link
Contributor Author

hvitved commented Jan 16, 2026

I see the other <lang>/ql/examples folders also have a file called qlpack.yml.lock. Is that needed here too?

OK, I have generated one using codeql pack install.

owen-mc
owen-mc approved these changes Jan 16, 2026
View reviewed changes
Copy link
Contributor

@owen-mc owen-mc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like a reasonable approach to fixing the failing CI. I don't know anything about qlpacks but this seems to match all the other languages.

Where did you come up with the example query, btw?

@hvitved
Copy link
Contributor Author

hvitved commented Jan 16, 2026

Where did you come up with the example query, btw?

More or less randomly, by looking at the existing UnpinnedActionsTag.ql query.

@hvitved hvitved merged commit 7c95fef into github:main Jan 16, 2026
14 checks passed
@hvitved hvitved deleted the actions/example-dir branch January 16, 2026 12:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@owen-mc owen-mc owen-mc approved these changes

Assignees

No one assigned

Labels

Actions Analysis of GitHub Actions no-change-note-required This PR does not need a change note

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hvitved @owen-mc