github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-01-01 12:10:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into henrymercer/fix-log-message

Browse Source
This commit is contained in:
Henry Mercer
2025-09-25 13:06:54 +01:00
committed by GitHub
parent 50fc7e9236 5235174f0e
commit b1d32cf356
129 changed files with 1489 additions and 732 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/setup-codeql.ts
View File

@@ -566,21 +566,17 @@ export const downloadCodeQL = async function (
const headers: OutgoingHttpHeaders = {
accept: "application/octet-stream",
};
// We only want to provide an authorization header if we are downloading
// from the same GitHub instance the Action is running on.
// This avoids leaking Enterprise tokens to dotcom.
// We also don't want to send an authorization header if there's already a token provided in the URL.
let authorization: string | undefined = undefined;
// We don't want to send an authorization header if there's already a token provided in the URL.
if (searchParams.has("token")) {
logger.debug("CodeQL tools URL contains an authorization token.");
} else if (
codeqlURL.startsWith(`${apiDetails.url}/`) ||
(apiDetails.apiURL && codeqlURL.startsWith(`${apiDetails.apiURL}/`))
) {
logger.debug("Providing an authorization token to download CodeQL tools.");
authorization = `token ${apiDetails.auth}`;
} else {
logger.debug("Downloading CodeQL tools without an authorization token.");
authorization = api.getAuthorizationHeaderFor(
logger,
apiDetails,
codeqlURL,
);
}
const toolcacheInfo = getToolcacheDestinationInfo(