Update CodeQL Action from v3 to v4

- Update github/codeql-action/init from @v3 to @v4 - Update github/codeql-action/analyze from @v3 to @v4 Fixes #21156
2026-01-15 16:22:18 -06:00 · 2026-01-15 16:46:25 -05:00
2 changed files with 5 additions and 6 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -30,13 +30,13 @@ jobs:
      uses: actions/checkout@v4

    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
      with:
        languages: ${{ matrix.language }}
        build-mode: ${{ matrix.build-mode }}
        config-file: .github/codeql/codeql-config.yml

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
      with:
        category: "/language:${{matrix.language}}"
--- a/netbox/users/constants.py
+++ b/netbox/users/constants.py
@@ -3,10 +3,9 @@ import string
 from django.db.models import Q


-OBJECTPERMISSION_OBJECT_TYPES = (
-    (Q(public=True) & ~Q(app_label='core', model='objecttype'))
-    | Q(app_label='core', model__in=['managedfile'])
-    | Q(app_label='extras', model__in=['scriptmodule', 'taggeditem'])
+OBJECTPERMISSION_OBJECT_TYPES = Q(
+    ~Q(app_label__in=['account', 'admin', 'auth', 'contenttypes', 'sessions', 'taggit', 'users']) |
+    Q(app_label='users', model__in=['objectpermission', 'token', 'group', 'user', 'owner'])
 )

 CONSTRAINT_TOKEN_USER = '$user'