github
diff --git a/‎README.md‎
Lines changed: 10 additions & 1 deletion b/‎README.md‎
Lines changed: 10 additions & 1 deletion
diff --git a/‎init/action.yml‎
Lines changed: 3 additions & 0 deletions b/‎init/action.yml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎lib/api-client.js.map‎
Lines changed: 1 addition & 1 deletion b/‎lib/api-client.js.map‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/config-utils.js‎
Lines changed: 9 additions & 9 deletions b/‎lib/config-utils.js‎
Lines changed: 9 additions & 9 deletions
diff --git a/‎lib/config-utils.js.map‎
Lines changed: 1 addition & 1 deletion b/‎lib/config-utils.js.map‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/config-utils.test.js‎
Lines changed: 1 addition & 0 deletions b/‎lib/config-utils.test.js‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎lib/config-utils.test.js.map‎
Lines changed: 1 addition & 1 deletion b/‎lib/config-utils.test.js.map‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/external-queries.js‎
Lines changed: 6 additions & 3 deletions b/‎lib/external-queries.js‎
Lines changed: 6 additions & 3 deletions
diff --git a/‎lib/external-queries.js.map‎
Lines changed: 1 addition & 1 deletion b/‎lib/external-queries.js.map‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/external-queries.test.js‎
Lines changed: 2 additions & 2 deletions b/‎lib/external-queries.test.js‎
Lines changed: 2 additions & 2 deletions
@@ -96,7 +96,16 @@ Use the `config-file` parameter of the `init` action to enable the configuration
     config-file: ./.github/codeql/codeql-config.yml
 ```
 
-The configuration file must be located within the local repository. For information on how to write a configuration file, see "[Using a custom configuration file](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#using-a-custom-configuration-file)."
+The configuration file can be located in a different repository. This is useful if you want to share the same configuration across multiple repositories. If the configuration file is in a private repository you can also specify an `external-repository-token` option. This should be a personal access token that has read access to any repositories containing referenced config files and queries.
+
+```yaml
+- uses: github/codeql-action/init@v1
+  with:
+    config-file: owner/repo/codeql-config.yml@branch
+    external-repository-token: ${{ secrets.EXTERNAL_REPOSITORY_TOKEN }}
+```
+
+For information on how to write a configuration file, see "[Using a custom configuration file](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#using-a-custom-configuration-file)."
 
 If you only want to customise the queries used, you can specify them in your workflow instead of creating a config file, using the `queries` property of the `init` action:
 
 
@@ -19,6 +19,9 @@ inputs:
   queries:
     description: Comma-separated list of additional queries to run. By default, this overrides the same setting in a configuration file; prefix with "+" to use both sets of queries.
     required: false
+  external-repository-token:
+    description: A token for fetching external config files and queries if they reside in a private repository.
+    required: false
   setup-python-dependencies:
     description: Try to auto-install your python dependencies
     required: true