This is an automated email from the ASF dual-hosted git repository.
vy pushed a commit to branch gha/v0
in repository https://gitbox.apache.org/repos/asf/logging-parent.git
The following commit(s) were added to refs/heads/gha/v0 by this push:
new 1cd6c2f Add `ref` and `repository` inputs to
`codeql-analysis-reusable.yaml`
1cd6c2f is described below
commit 1cd6c2fed72ebdae905759459f3c5f4d61bcc8a2
Author: Volkan Yazıcı <[email protected]>
AuthorDate: Thu Apr 16 12:12:02 2026 +0200
Add `ref` and `repository` inputs to `codeql-analysis-reusable.yaml`
---
.github/workflows/codeql-analysis-reusable.yaml | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/.github/workflows/codeql-analysis-reusable.yaml
b/.github/workflows/codeql-analysis-reusable.yaml
index e10f4dd..593e43db 100644
--- a/.github/workflows/codeql-analysis-reusable.yaml
+++ b/.github/workflows/codeql-analysis-reusable.yaml
@@ -30,6 +30,15 @@ on:
description: Language used in the repository
default: java
type: string
+ ref:
+ description: The branch, tag, or SHA to checkout
+ # When running on `pull_request_target` use the PR branch, not the
target branch
+ default: ${{ github.event_name == 'pull_request_target' &&
github.head_ref || github.ref }}
+ type: string
+ repository:
+ description: GitHub repository name with owner
+ default: ${{ github.repository }}
+ type: string
# Explicitly drop all permissions inherited from the caller for security.
# Reference:
https://docs.github.com/en/actions/sharing-automations/reusing-workflows#access-and-permissions
@@ -48,6 +57,9 @@ jobs:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #
6.0.2
+ with:
+ repository: ${{ inputs.repository }}
+ ref: ${{ inputs.ref }}
- name: Initialize CodeQL
uses:
github/codeql-action/init@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # 3.29.0
