github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-25 16:50:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
4,113 Commits 297 Branches 500 Tags
005a0c0889d8d3644115479da17034e1d2ce5ac7
Commit Graph

4113 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Henry Mercer
005a0c0889 Enable new analysis summary unconditionally and run PR checks 2023-07-17 18:21:04 +01:00
Henry Mercer
d85a177b9b Merge pull request #1780 from github/henrymercer/remove-redundant-env-var 
Remove redundant environment variable from PR check
 2023-07-17 17:35:06 +01:00
Henry Mercer
2e8581811e Remove redundant environment variable from PR check 2023-07-17 15:42:21 +01:00
Henry Mercer
262017ad69 Merge pull request #1759 from github/update-supported-enterprise-server-versions 
Update supported GitHub Enterprise Server versions
 2023-07-17 14:13:35 +01:00
Henry Mercer
eb1ef12e40 Merge branch 'main' into update-supported-enterprise-server-versions 2023-07-17 13:35:17 +01:00
Henry Mercer
2ff6d83d07 Merge pull request #1724 from github/henrymercer/bump-minimum-codeql-version 
Bump minimum CodeQL version to 2.9.4
 2023-07-17 13:32:48 +01:00
Henry Mercer
5246291397 Merge branch 'main' into henrymercer/bump-minimum-codeql-version 2023-07-14 16:16:25 +01:00
Chuan-kai Lin
013a1d0cb2 Merge pull request #1778 from github/mergeback/v2.20.4-to-main-489225d8 
Mergeback v2.20.4 refs/heads/releases/v2 into main
 2023-07-14 07:36:36 -07:00
github-actions[bot]
aedd8c2a63 Update checked-in dependencies 2023-07-14 14:05:35 +00:00
github-actions[bot]
9a97b34d8c Update changelog and version after v2.20.4 2023-07-14 13:59:05 +00:00
Chuan-kai Lin
489225d82a Merge pull request #1777 from github/update-v2.20.4-a148c5807 
Merge main into releases/v2
v2.20.4 		2023-07-14 06:57:01 -07:00
github-actions[bot]
1b6383d6be Update changelog for v2.20.4 2023-07-14 13:16:51 +00:00
Andrew Eisenberg
a148c58075 Merge pull request #1776 from github/aeisenberg/changelog-releases 
Add link to releases page in changelog
 2023-07-13 13:51:06 -07:00
Andrew Eisenberg
50527c5dba Add link to releases page in changelog 2023-07-13 12:24:36 -07:00
Chuan-kai Lin
814b2edab6 Merge pull request #1762 from github/update-bundle/codeql-bundle-v2.14.0 
Update default bundle to 2.14.0
 2023-07-13 09:36:56 -07:00
Chuan-kai Lin
d2baed4b69 Merge branch 'main' into update-bundle/codeql-bundle-v2.14.0 2023-07-13 08:19:40 -07:00
Henry Mercer
c5526174a5 Merge pull request #1774 from github/dependabot/npm_and_yarn/npm-a34e423e98 
Bump the npm group with 21 updates
 2023-07-13 12:14:16 +01:00
Henry Mercer
c1f49580cf Fix dependency incompatibilities 2023-07-13 11:20:39 +01:00
github-actions[bot]
40a500c743 Update checked-in dependencies 2023-07-13 09:09:17 +00:00
dependabot[bot]
4fad06f438 Bump the npm group with 21 updates 
Bumps the npm group with 21 updates:

| Package | Update |
| --- | --- |
| [@actions/artifact](https://github.com/actions/toolkit/tree/HEAD/packages/artifact) | 1.1.0 to 1.1.1 |
| [@actions/io](https://github.com/actions/toolkit/tree/HEAD/packages/io) | 1.1.2 to 1.1.3 |
| [@octokit/plugin-retry](https://github.com/octokit/plugin-retry.js) | 5.0.2 to 6.0.0 |
| [@schemastore/package](https://github.com/ffflorian/schemastore-updater) | 0.0.6 to 0.0.9 |
| [@types/uuid](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/uuid) | 9.0.0 to 9.0.2 |
| [adm-zip](https://github.com/cthackers/adm-zip) | 0.5.9 to 0.5.10 |
| [del](https://github.com/sindresorhus/del) | 6.1.1 to 7.0.0 |
| [long](https://github.com/dcodeIO/long.js) | 5.2.0 to 5.2.3 |
| [@ava/typescript](https://github.com/avajs/typescript) | 4.0.0 to 4.1.0 |
| [@types/semver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/semver) | 7.3.13 to 7.5.0 |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | 5.48.2 to 6.0.0 |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | 5.56.0 to 6.0.0 |
| [ava](https://github.com/avajs/ava) | 5.1.1 to 5.3.1 |
| [eslint](https://github.com/eslint/eslint) | 8.32.0 to 8.44.0 |
| [eslint-import-resolver-typescript](https://github.com/import-js/eslint-import-resolver-typescript) | 3.5.3 to 3.5.5 |
| [eslint-plugin-github](https://github.com/github/eslint-plugin-github) | 4.6.0 to 4.8.0 |
| [micromatch](https://github.com/micromatch/micromatch) | 4.0.4 to 4.0.5 |
| [nock](https://github.com/nock/nock) | 13.1.1 to 13.3.1 |
| [removeNPMAbsolutePaths](https://github.com/juanjoDiaz/removeNPMAbsolutePaths) | 3.0.0 to 3.0.1 |
| [sinon](https://github.com/sinonjs/sinon) | 15.0.1 to 15.2.0 |
| [typescript](https://github.com/Microsoft/TypeScript) | 5.0.2 to 5.1.6 |


Updates `@actions/artifact` from 1.1.0 to 1.1.1
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/artifact/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/@actions/tool-cache@1.1.1/packages/artifact)

Updates `@actions/io` from 1.1.2 to 1.1.3
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/io/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/io)

Updates `@octokit/plugin-retry` from 5.0.2 to 6.0.0
- [Release notes](https://github.com/octokit/plugin-retry.js/releases)
- [Commits](https://github.com/octokit/plugin-retry.js/compare/v5.0.2...v6.0.0)

Updates `@schemastore/package` from 0.0.6 to 0.0.9
- [Release notes](https://github.com/ffflorian/schemastore-updater/releases)
- [Commits](https://github.com/ffflorian/schemastore-updater/commits)

Updates `@types/uuid` from 9.0.0 to 9.0.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/uuid)

Updates `adm-zip` from 0.5.9 to 0.5.10
- [Release notes](https://github.com/cthackers/adm-zip/releases)
- [Changelog](https://github.com/cthackers/adm-zip/blob/master/history.md)
- [Commits](https://github.com/cthackers/adm-zip/commits/v0.5.10)

Updates `del` from 6.1.1 to 7.0.0
- [Release notes](https://github.com/sindresorhus/del/releases)
- [Commits](https://github.com/sindresorhus/del/compare/v6.1.1...v7.0.0)

Updates `long` from 5.2.0 to 5.2.3
- [Release notes](https://github.com/dcodeIO/long.js/releases)
- [Commits](https://github.com/dcodeIO/long.js/compare/v5.2.0...v5.2.3)

Updates `@ava/typescript` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/avajs/typescript/releases)
- [Commits](https://github.com/avajs/typescript/compare/v4.0.0...v4.1.0)

Updates `@types/semver` from 7.3.13 to 7.5.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/semver)

Updates `@typescript-eslint/eslint-plugin` from 5.48.2 to 6.0.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.0.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 5.56.0 to 6.0.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.0.0/packages/parser)

Updates `ava` from 5.1.1 to 5.3.1
- [Release notes](https://github.com/avajs/ava/releases)
- [Commits](https://github.com/avajs/ava/compare/v5.1.1...v5.3.1)

Updates `eslint` from 8.32.0 to 8.44.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.32.0...v8.44.0)

Updates `eslint-import-resolver-typescript` from 3.5.3 to 3.5.5
- [Release notes](https://github.com/import-js/eslint-import-resolver-typescript/releases)
- [Changelog](https://github.com/import-js/eslint-import-resolver-typescript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/import-js/eslint-import-resolver-typescript/compare/v3.5.3...v3.5.5)

Updates `eslint-plugin-github` from 4.6.0 to 4.8.0
- [Release notes](https://github.com/github/eslint-plugin-github/releases)
- [Commits](https://github.com/github/eslint-plugin-github/compare/v4.6.0...v4.8.0)

Updates `micromatch` from 4.0.4 to 4.0.5
- [Release notes](https://github.com/micromatch/micromatch/releases)
- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/micromatch/compare/4.0.4...4.0.5)

Updates `nock` from 13.1.1 to 13.3.1
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v13.1.1...v13.3.1)

Updates `removeNPMAbsolutePaths` from 3.0.0 to 3.0.1
- [Release notes](https://github.com/juanjoDiaz/removeNPMAbsolutePaths/releases)
- [Commits](https://github.com/juanjoDiaz/removeNPMAbsolutePaths/compare/v3.0.0...v3.0.1)

Updates `sinon` from 15.0.1 to 15.2.0
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v15.0.1...v15.2.0)

Updates `typescript` from 5.0.2 to 5.1.6
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.0.2...v5.1.6)

---
updated-dependencies:
- dependency-name: "@actions/artifact"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@actions/io"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@octokit/plugin-retry"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: "@schemastore/package"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/uuid"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: adm-zip
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: del
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: long
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@ava/typescript"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@types/semver"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: ava
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: eslint-import-resolver-typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: eslint-plugin-github
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: micromatch
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: removeNPMAbsolutePaths
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-13 09:06:22 +00:00
Henry Mercer
07224254ab Merge pull request #1773 from github/henrymercer/dependabot-grouped-updates 
Group together dependency updates
 2023-07-13 10:01:14 +01:00
Rasmus Wriedt Larsen
7d35788421 Merge pull request #1772 from github/RasmusWL/fix-pipenv 
python-setup: Fix pipenv (`--keep-outdated` deprecated)
 2023-07-13 09:32:14 +02:00
Henry Mercer
36928bf506 Group together npm dependency updates 2023-07-12 18:15:29 +01:00
Rasmus Wriedt Larsen
d1a140b28e python-setup: Fix pipenv (--keep-outdated deprecated) 
Recently released pipenv removed support for `--keep-outdated` flag (see https://github.com/pypa/pipenv/blob/main/CHANGELOG.rst#pipenv-202379-2023-07-09)

Local testing showed that installation was fine without this 👍
 2023-07-12 17:09:00 +02:00
Henry Mercer
12aa0a6e01 Merge pull request #1771 from github/henrymercer/update-semver 
Bump semver
 2023-07-12 10:52:52 +01:00
Henry Mercer
4b7eb74ef5 Bump semver 2023-07-11 20:48:18 +01:00
Angela P Wen
863a05b28b Nest alertCounts object in event_report.properties (#1770) 2023-07-11 09:20:29 -07:00
Henry Mercer
d6c8719550 Merge pull request #1769 from github/henrymercer/bump-caniuse 
Update `caniuse-lite` dependency
 2023-07-11 14:25:15 +01:00
Henry Mercer
859354c7e2 Merge pull request #1768 from github/henrymercer/no-languages-user-error 
Telemetry: Mark configuration errors as user errors
 2023-07-11 13:42:55 +01:00
Henry Mercer
0fc0483240 Update caniuse-lite dependency 2023-07-11 13:17:55 +01:00
Henry Mercer
e828ed68c6 Use Error for test errors 2023-07-11 13:08:50 +01:00
Henry Mercer
6639a31758 Mark configuration errors as user errors 2023-07-11 11:05:40 +01:00
Henry Mercer
95a5fda31a Merge pull request #1765 from github/dependabot/npm_and_yarn/octokit/types-11.1.0 
Bump @octokit/types from 10.0.0 to 11.1.0
 2023-07-10 21:29:49 +01:00
github-actions[bot]
b3406fda8f Update checked-in dependencies 2023-07-10 17:46:35 +00:00
dependabot[bot]
916cfef293 Bump @octokit/types from 10.0.0 to 11.1.0 
Bumps [@octokit/types](https://github.com/octokit/types.ts) from 10.0.0 to 11.1.0.
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](https://github.com/octokit/types.ts/compare/v10.0.0...v11.1.0)

---
updated-dependencies:
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-10 17:42:54 +00:00
Henry Mercer
fed45865ba Merge branch 'main' into henrymercer/bump-minimum-codeql-version 2023-07-10 13:21:51 +01:00
Nick Rolfe
6a07b2ad43 Merge pull request #1760 from github/nickrolfe/scaling-memory 
Respect `scaling_reserved_ram` feature flag
 2023-07-10 10:25:38 +01:00
dependabot[bot]
8f80d7761c Bump tough-cookie and @azure/ms-rest-js (#1763) 
* Bump tough-cookie and @azure/ms-rest-js

Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) and [@azure/ms-rest-js](https://github.com/Azure/ms-rest-js). These dependencies needed to be updated together.

Updates `tough-cookie` from 4.0.0 to 4.1.3
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](https://github.com/salesforce/tough-cookie/compare/v4.0.0...v4.1.3)

Updates `@azure/ms-rest-js` from 2.6.2 to 2.7.0
- [Changelog](https://github.com/Azure/ms-rest-js/blob/master/Changelog.md)
- [Commits](https://github.com/Azure/ms-rest-js/commits)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
- dependency-name: "@azure/ms-rest-js"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update checked-in dependencies

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2023-07-10 01:41:51 -07:00
github-actions[bot]
49f147856e Add changelog note 2023-07-07 16:23:39 +00:00
github-actions[bot]
b8490d73e8 Update default bundle to codeql-bundle-v2.14.0 2023-07-07 16:23:27 +00:00
Nick Rolfe
ab9aa50acb Add integration test for scaling_reserved_ram feature flag 2023-07-07 17:01:34 +01:00
Nick Rolfe
28e070c442 Add changenote for scaling_reserved_ram change 2023-07-07 16:46:48 +01:00
Nick Rolfe
f232722edf Respect scaling_reserved_ram feature flag 
The amount of RAM given to the CodeQL evaluator is the machine's total
memory size, minus a reserved amount. Currently, the reserved amount is
fixed at 1 GB (or 1.5 GB on Windows). When the scaling_reserved_ram
feature flag is enabled, we also add 2% of the total memory size to the
reserved amount. This allows for the fact that the kernel will consume
more RAM (e.g. for page tables) on machines with more physical RAM.
 2023-07-07 16:46:47 +01:00
Henry Mercer
85c77f1dfc Merge pull request #1761 from github/henrymercer/remove-fetching-releases-fallback 
Simplify CodeQL setup now that the last two releases have semver bundles
codeql-bundle-v2.14.0 		2023-07-07 15:53:18 +01:00
Henry Mercer
dc0234b48c Remove redundant checks 2023-07-07 15:32:20 +01:00
Henry Mercer
a41df3ae10 Add unit test for unsupported default version feature flags 2023-07-07 15:15:57 +01:00
Henry Mercer
50f2cc19ee Remove now redundant variant property 
Previously, this was useful for discriminating between different
`CodeQLDefaultVersion` instances. However now all instances return a
tag name.
 2023-07-07 15:15:57 +01:00
Henry Mercer
bec18d1625 Remove fallback logic for mapping default CLI version to GitHub Release 
The default version feature flags will now always point to a CLI version
with a semantically versioned bundle, so we can find the GitHub
Release directly from the CLI version.
 2023-07-07 15:15:57 +01:00
Henry Mercer
395fdba990 Merge pull request #1757 from github/henrymercer/cli-deprecation-warning 
Add a deprecation warning for CodeQL CLIs < 2.9.4
 2023-07-07 14:00:45 +01:00
Henry Mercer
5499d30c79 Merge branch 'main' into henrymercer/cli-deprecation-warning 2023-07-07 13:31:06 +01:00