docs: retire hand-maintained CodeQL version table, point to GitHub Releases#178
Merged
Merged
Conversation
…leases The "Supported CodeQL versions" table in CONTRIBUTING.md was hand-maintained and went stale across the last two CLI bumps in a row (PR #173 and #177 both skipped the "update the table" checklist item). Meanwhile publish.yml's summary job already generates an equivalent, strictly better table on every release: it's per-src/lib, links every cell to the exact upstream and downstream source, and flags drift with a checkmark/mismatch column - so it can never go stale the way a hand-typed table can. - CONTRIBUTING.md: replace the stale table with a pointer to the latest GitHub Release (and .codeqlversion directly for just the CLI version). Keep the heading (README.md links to its anchor), the pinning-rationale WARNING box, and the cpp/csharp upstream-queries-pack explanation - none of that is version-specific or stale. - update-codeql-version.yml: drop the now-obsolete "Update the Supported CodeQL versions table in CONTRIBUTING.md" checklist bullet from both generated PR-body branches (with/without release_bump). Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates contributor documentation and automation to remove a stale, hand-maintained “Supported CodeQL versions” table and instead direct maintainers to the auto-generated, always-current version matrix produced during releases.
Changes:
- Replaced the manual CodeQL CLI/library version table in
CONTRIBUTING.mdwith guidance pointing to the latest GitHub Release (auto-generated table) and.codeqlversion. - Updated the “Updating the pinned CodeQL CLI/library version” checklist in
CONTRIBUTING.mdto remove the obsolete “update the table” step. - Removed the same obsolete checklist bullet from the PR body text generated by
.github/workflows/update-codeql-version.yml.
Show a summary per file
| File | Description |
|---|---|
| CONTRIBUTING.md | Removes the hand-maintained versions table and points readers to release-generated, lockfile-derived version tables and .codeqlversion. |
| .github/workflows/update-codeql-version.yml | Drops the outdated “update Supported CodeQL versions table” checklist item from generated PR descriptions. |
Review details
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 2/2 changed files
- Comments generated: 0
- Review effort level: Low
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
PR #177's Copilot review flagged that the "Supported CodeQL versions" table in
CONTRIBUTING.mdis stale (still showedv2.21.1even thoughmainis on2.23.9). Checking history: this table's "update it" checklist item has now been skipped on two consecutive CLI-bump PRs in a row (#173 and #177) - a recurring gap, not a one-off miss.Meanwhile,
publish.yml'ssummaryjob already generates a strictly better, always-current equivalent on every release: a per-src/libtable that links every cell to the exact upstream (github/codeqlat the CLI tag) and downstream (this repo's lock file) source, with a ✅/mismatch status column. It's regenerated from the real lock files every release, so it can't go stale the way a hand-typed table can.What changed
CONTRIBUTING.md: replaced the stale per-language table + hardcoded CLI version line with a pointer to the latest GitHub Release (and.codeqlversiondirectly, for just the pinned CLI version). Kept:## Supported CodeQL versionsheading itself (README.md links to its anchor).[!WARNING]box explaining whycodeql/*deps are pinned to exact versions - still accurate, version-independent context.codeql/<language>-queriesdependency - also version-independent..github/workflows/update-codeql-version.yml: dropped the now-obsolete- [ ] Update the "Supported CodeQL versions" table in CONTRIBUTING.md.checklist bullet from both generated PR-body branches (with and withoutrelease_bump), since there's nothing left to update..github/workflows/update-release.ymlandREADME.mdfor the same reference - neither needs a change (the workflow has no such bullet, and the README's anchor link still resolves fine since the heading is preserved).Testing
Docs-only change; no CI-relevant code touched. Proofread the rendered markdown and verified every cross-reference (
#supported-codeql-versions,#cutting-a-release,[latest-release],[codeql-repo]) resolves correctly.Co-authored-by: Copilot App 223556219+Copilot@users.noreply.github.com