René's URL Explorer Experiment


Title: Accept OIDC configurations in `start-proxy` by mbg · Pull Request #3563 · github/codeql-action · GitHub

Open Graph Title: Accept OIDC configurations in `start-proxy` by mbg · Pull Request #3563 · github/codeql-action

X Title: Accept OIDC configurations in `start-proxy` by mbg · Pull Request #3563 · github/codeql-action

Description: The Dependabot team have been working on support for OIDC-based authentication in the Dependabot authentication proxy, which we also use to support private package registries in Default Setup. This PR modifies the start-proxy action to accept such configurations and propagate them to the proxy. This will ensure that we are ready to support OIDC-based authentication when such configurations are available to us. This is not yet the case at the time of writing. However, that should not block this PR from being merged, since we just perform validation that will allow such configurations to be propagated to the proxy in the future. Notes for reviewers Best reviewed commit-by-commit. See the internal issue for more context and references. Risk assessment For internal use only. Please select the risk level of this change: Low risk: Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only. Which use cases does this change impact? Workflow types: Managed - Impacts users with dynamic workflows (Default Setup, Code Quality, ...). Products: Code Scanning - The changes impact analyses when analysis-kinds: code-scanning. Code Quality - The changes impact analyses when analysis-kinds: code-quality. Other first-party - The changes impact other first-party analyses. Environments: Dotcom - Impacts CodeQL workflows on github.com and/or GitHub Enterprise Cloud with Data Residency. GHES - Impacts CodeQL workflows on GitHub Enterprise Server. How did/will you validate this change? Test repository - This change will be tested on a test repository before merging. Unit tests - I am depending on unit test coverage (i.e. tests in .test.ts files). End-to-end tests - I am depending on PR checks (i.e. tests in pr-checks). If something goes wrong after this change is released, what are the mitigation and rollback strategies? Rollback - Change can only be disabled by rolling back the release or releasing a new version with a fix. How will you know if something goes wrong after this change is released? Telemetry - I rely on existing telemetry or have made changes to the telemetry. Dashboards - I will watch relevant dashboards for issues after the release. Consider whether this requires this change to be released at a particular time rather than as part of a regular release. Alerts - New or existing monitors will trip if something goes wrong with this change. Are there any special considerations for merging or releasing this change? No special considerations - This change can be merged at any time. Merge / deployment checklist Confirm this change is backwards compatible with existing workflows. Consider adding a changelog entry for this change. Confirm the readme and docs have been updated if necessary.

Open Graph Description: The Dependabot team have been working on support for OIDC-based authentication in the Dependabot authentication proxy, which we also use to support private package registries in Default Setup. This...

X Description: The Dependabot team have been working on support for OIDC-based authentication in the Dependabot authentication proxy, which we also use to support private package registries in Default Setup. This...

Opengraph URL: https://github.com/github/codeql-action/pull/3563

X: @github

direct link

Domain: github.com

route-pattern/:user_id/:repository/pull/:id/files(.:format)
route-controllerpull_requests
route-actionfiles
fetch-noncev2:102f8f06-69a0-86cd-d76f-39dab6e4fa91
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-idC052:1A7762:FCF330:15EFEF2:6A4CA313
html-safe-nonce8c4baed337c2a9114efa16304cf725a6f83b693ec2354c505f417ed02643fef9
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJDMDUyOjFBNzc2MjpGQ0YzMzA6MTVFRkVGMjo2QTRDQTMxMyIsInZpc2l0b3JfaWQiOiIzNDQxOTEwMDg4OTc2ODY4MTE1IiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0=
visitor-hmaca20cddb93a707d9077a32c2d8839cde280c292d28e193dbc68245fcb8828ab17
hovercard-subject-tagpull_request:3376310777
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///pull_requests/show/files
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/github/codeql-action/pull/3563/files
twitter:imagehttps://avatars.githubusercontent.com/u/278086?s=400&v=4
twitter:cardsummary_large_image
og:imagehttps://avatars.githubusercontent.com/u/278086?s=400&v=4
og:image:altThe Dependabot team have been working on support for OIDC-based authentication in the Dependabot authentication proxy, which we also use to support private package registries in Default Setup. This...
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
None3d11bb817438277de2a940854450e83a7d32b6aeb5014e9e6b00a6423900251c
turbo-cache-controlno-preview
diff-viewunified
go-importgithub.com/github/codeql-action git https://github.com/github/codeql-action.git
octolytics-dimension-user_id9919
octolytics-dimension-user_logingithub
octolytics-dimension-repository_id259445878
octolytics-dimension-repository_nwogithub/codeql-action
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id259445878
octolytics-dimension-repository_network_root_nwogithub/codeql-action
turbo-body-classeslogged-out env-production page-responsive full-width
disable-turbotrue
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
releaseae90d426644ca15e89bacceb72e51f4e9dbf85f7
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/github/codeql-action/pull/3563/files#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fcodeql-action%2Fpull%2F3563%2Ffiles
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fcodeql-action%2Fpull%2F3563%2Ffiles
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fpull_requests%2Fshow%2Ffiles&source=header-repo&source_repo=github%2Fcodeql-action
Reloadhttps://github.com/github/codeql-action/pull/3563/files
Reloadhttps://github.com/github/codeql-action/pull/3563/files
Reloadhttps://github.com/github/codeql-action/pull/3563/files
Please reload this pagehttps://github.com/github/codeql-action/pull/3563/files
github https://github.com/github
codeql-actionhttps://github.com/github/codeql-action
Notifications https://github.com/login?return_to=%2Fgithub%2Fcodeql-action
Fork 470 https://github.com/login?return_to=%2Fgithub%2Fcodeql-action
Star 1.6k https://github.com/login?return_to=%2Fgithub%2Fcodeql-action
Code https://github.com/github/codeql-action
Issues 156 https://github.com/github/codeql-action/issues
Pull requests 27 https://github.com/github/codeql-action/pulls
Actions https://github.com/github/codeql-action/actions
Models https://github.com/github/codeql-action/models
Security and quality 2 https://github.com/github/codeql-action/security
Insights https://github.com/github/codeql-action/pulse
Code https://github.com/github/codeql-action
Issues https://github.com/github/codeql-action/issues
Pull requests https://github.com/github/codeql-action/pulls
Actions https://github.com/github/codeql-action/actions
Models https://github.com/github/codeql-action/models
Security and quality https://github.com/github/codeql-action/security
Insights https://github.com/github/codeql-action/pulse
Sign up for GitHub https://github.com/signup?return_to=%2Fgithub%2Fcodeql-action%2Fissues%2Fnew%2Fchoose
terms of servicehttps://docs.github.com/terms
privacy statementhttps://docs.github.com/privacy
Sign inhttps://github.com/login?return_to=%2Fgithub%2Fcodeql-action%2Fissues%2Fnew%2Fchoose
mbghttps://github.com/mbg
mainhttps://github.com/github/codeql-action/tree/main
mbg/private-registry/oidchttps://github.com/github/codeql-action/tree/mbg/private-registry/oidc
Conversation 15 https://github.com/github/codeql-action/pull/3563
Findings https://github.com/github/codeql-action/pull/3563/findings
Commits 16 https://github.com/github/codeql-action/pull/3563/commits
Checks 246 https://github.com/github/codeql-action/pull/3563/checks
Files changed https://github.com/github/codeql-action/pull/3563/files
Please reload this pagehttps://github.com/github/codeql-action/pull/3563/files
Accept OIDC configurations in start-proxy https://github.com/github/codeql-action/pull/3563/files#top
Show all changes 16 commits https://github.com/github/codeql-action/pull/3563/files
65f7f36 Extend `isPrintable` check to all keys with string values mbg Mar 9, 2026 https://github.com/github/codeql-action/pull/3563/commits/65f7f363021bd8835a60edb52bc57ae3834241ee
01b5262 Move out auth config from `Credential` type mbg Mar 9, 2026 https://github.com/github/codeql-action/pull/3563/commits/01b52624a02913830de70af5b47c551bfdcbf13b
9e26f9e Add OIDC config types mbg Mar 9, 2026 https://github.com/github/codeql-action/pull/3563/commits/9e26f9e6e0815bd0cc442c744580027cf6968498
37eb89b Add predicates for `Auth` types mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/37eb89b1730e3e5d370e53d8791a44289eb0fa2f
7263be2 Extract `AuthConfig` from `Credential` mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/7263be20845d8e6c92f9ed98e583a7ff04a8bb24
e168f8e Move `credentialToStr` and update it mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/e168f8e52afdd676041c1cd9d980bd1d12fce21e
3d57420 Run more `start-proxy` tests in parallel mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/3d574205fca2683a3768bc7fc3dcc3be544994d9
4649e15 Fix old test mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/4649e158bca7adb7764d3d3722b3d368437b8eb4
88bd340 Add OIDC tests for `getCredentials` mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/88bd340eb043c7725b8d7274716c03ad4e1e31c6
e90d128 Add preliminary change note mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/e90d128a3cc0e828a71c885650e3750749f6fb5f
131392e Fix changelog entry mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/131392e95f3f57c42d07a010b066c38189751f90
823869d Use `isDefined` for password and token in `credentialToStr` mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/823869da103e4e712bb53ce6a73030dd7c72d8dd
c6e75ac Add JSON helper types and functions mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/c6e75ac1e8b8586725bca663e2073fa380906af2
c92efdb Type result of parsing JSON as `unknown` until narrowed mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/c92efdb98db8ffe89752939d500783b5e3796271
048d0ea Address review comments mbg Mar 10, 2026 https://github.com/github/codeql-action/pull/3563/commits/048d0ea295b6784a80010b29fd3af3ee29461dcd
6c99ca5 Merge remote-tracking branch 'origin/main' into mbg/private-registry/… mbg Mar 11, 2026 https://github.com/github/codeql-action/pull/3563/commits/6c99ca514e96bc87fb1054cd9d36a3190e80f151
Clear filters https://github.com/github/codeql-action/pull/3563/files
Please reload this pagehttps://github.com/github/codeql-action/pull/3563/files
Please reload this pagehttps://github.com/github/codeql-action/pull/3563/files
CHANGELOG.md https://github.com/github/codeql-action/pull/3563/files#diff-06572a96a58dc510037d5efa622f9bec8519bc1beab13c9f251e97e657a9d4ed
analyze-action-post.js https://github.com/github/codeql-action/pull/3563/files#diff-911c5662a35b2dddfb65aeded5d3fbb4305c867e2f8988eb1d75bee9208593ab
analyze-action.js https://github.com/github/codeql-action/pull/3563/files#diff-4926d6bcb92a4de805ceb8d280f31c24cffa2445b3a36cc658e5032a0910ed15
autobuild-action.js https://github.com/github/codeql-action/pull/3563/files#diff-850bbbd46e929f29c34c186fb38aebfc228803ab6191e6a668027042620c4f30
init-action-post.js https://github.com/github/codeql-action/pull/3563/files#diff-08750c194e36e3925a63362bbc1a7207690bd44add665b7c357e9d8b1861a4e6
init-action.js https://github.com/github/codeql-action/pull/3563/files#diff-bd9b22d62f144e71ae32a07c7c5151e30b31cd76d22303745df64c9886d81342
resolve-environment-action.js https://github.com/github/codeql-action/pull/3563/files#diff-46abfbca7ce31021720a31a005df69b4d2001e8f6211629198bd996ca1624d8b
setup-codeql-action.js https://github.com/github/codeql-action/pull/3563/files#diff-48a1e0d5f2fd249f221a7fcf67cd08518a435c0710722fa28b51fa40703e39ea
start-proxy-action-post.js https://github.com/github/codeql-action/pull/3563/files#diff-097051c7f12bb5167c369a2967376b55951a4d4d95b6f9dd4e0caf70fbd89dbf
start-proxy-action.js https://github.com/github/codeql-action/pull/3563/files#diff-9ef3265f6cc827943cc3edade4225dacb911ccb9d6891b38d0e744208d0dbe99
upload-lib.js https://github.com/github/codeql-action/pull/3563/files#diff-8ea2623264a4246323c551f1b018e163d8ea00c2fed5c4f4ead1c5b9d036cfd6
upload-sarif-action-post.js https://github.com/github/codeql-action/pull/3563/files#diff-83f37f8420ffb4c89a3f6a74854bdc504b93edd5e0f7dbd73772d8f8c1f4d11e
upload-sarif-action.js https://github.com/github/codeql-action/pull/3563/files#diff-5d3767541163ba07f1a1928ef585f505845a68d6a46a26fb68fa41e19786111b
debug-artifacts.ts https://github.com/github/codeql-action/pull/3563/files#diff-0c844a5d58c31a4eb0c3a6e7b89624e4b4b3dc214f1481c70910cb06405e8b89
fingerprints.ts https://github.com/github/codeql-action/pull/3563/files#diff-aac7ca947b5a7a03a9d04974844ab9d86d4e2245b544daf4ac9f8e8e7f866120
index.ts https://github.com/github/codeql-action/pull/3563/files#diff-bcb20dc6b5fd7e102cf1a28855c15ede5884e6b9cfe8ee117511b14081bec017
status.ts https://github.com/github/codeql-action/pull/3563/files#diff-266812f8934ad6a91afac6765ca267eec8b9591d9f96a9396ea47c9ef77e35ba
start-proxy.test.ts https://github.com/github/codeql-action/pull/3563/files#diff-01b1815e9fb7bc72e2a49034f8d40ac9a9cee8eb1bafef7192ae1c78ec8bc456
start-proxy.ts https://github.com/github/codeql-action/pull/3563/files#diff-2361fbfb0d573e13614a296f9a6689d35138bf65f3ec43543b7facd4cff4d415
types.test.ts https://github.com/github/codeql-action/pull/3563/files#diff-b76a0a08a1299b53b316659473f175af95e01286da14c1b17c42588598403b5d
types.ts https://github.com/github/codeql-action/pull/3563/files#diff-28cd91d3631eb555b15c046f30060b1fb102c354de7a3b373aae46e0d6f7d09f
util.ts https://github.com/github/codeql-action/pull/3563/files#diff-3294a832ea2276e554177e0b3007cc2d401c082912c7fbde49fa09141bf1aed1
https://github.com/github/codeql-action/blob/main/CODEOWNERS#L1
CHANGELOG.mdhttps://github.com/github/codeql-action/pull/3563/files#diff-06572a96a58dc510037d5efa622f9bec8519bc1beab13c9f251e97e657a9d4ed
View file https://github.com/github/codeql-action/blob/6c99ca514e96bc87fb1054cd9d36a3190e80f151/CHANGELOG.md
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/github/codeql-action/pull/3563/{{ revealButtonHref }}
https://github.com/github/codeql-action/pull/3563/files#diff-06572a96a58dc510037d5efa622f9bec8519bc1beab13c9f251e97e657a9d4ed
https://github.com/github/codeql-action/pull/3563/files#diff-06572a96a58dc510037d5efa622f9bec8519bc1beab13c9f251e97e657a9d4ed
https://github.com/github/codeql-action/blob/main/CODEOWNERS#L1
lib/analyze-action-post.jshttps://github.com/github/codeql-action/pull/3563/files#diff-911c5662a35b2dddfb65aeded5d3fbb4305c867e2f8988eb1d75bee9208593ab
View file https://github.com/github/codeql-action/blob/6c99ca514e96bc87fb1054cd9d36a3190e80f151/lib/analyze-action-post.js
Open in desktop https://desktop.github.com
how customized files appear on GitHubhttps://docs.github.com/github/administering-a-repository/customizing-how-changed-files-appear-on-github
Please reload this pagehttps://github.com/github/codeql-action/pull/3563/files
https://github.com/github/codeql-action/blob/main/CODEOWNERS#L1
lib/analyze-action.jshttps://github.com/github/codeql-action/pull/3563/files#diff-4926d6bcb92a4de805ceb8d280f31c24cffa2445b3a36cc658e5032a0910ed15
View file https://github.com/github/codeql-action/blob/6c99ca514e96bc87fb1054cd9d36a3190e80f151/lib/analyze-action.js
Open in desktop https://desktop.github.com
how customized files appear on GitHubhttps://docs.github.com/github/administering-a-repository/customizing-how-changed-files-appear-on-github
Please reload this pagehttps://github.com/github/codeql-action/pull/3563/files
Please reload this pagehttps://github.com/github/codeql-action/pull/3563/files
Please reload this pagehttps://github.com/github/codeql-action/pull/3563/files
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.