github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
5,246 Commits 297 Branches 500 Tags
41857bab356c91c1decab862427445155c08ca39
Commit Graph

40 Commits

Author SHA1 Message Date
Angela P Wen
ac2f82a1ff Log warning if SIP is disabled and CLI version is < 2.15.1 (#2261) 
* PR Checks: use `macos-12` runners for CLI v. < 2.15.1

Prior to CLI v2.15.1, MacOS ARM runners were not supported by the build tracer. "macos-latest" is now an ARM runner, so we run these tests on the old CLIs on Intel runners instead.

* Log a warning if SIP is disabled and CLI is < 2.15.1

* Add changenote for SIP-disabled support on old CLI versions

* Set up Python 3.11 for all MacOS checks
 2024-04-25 22:20:13 +00:00
Henry Mercer
2f0d0eaebd Update PR checks 2024-04-09 12:19:26 +01:00
Angela P Wen
f421cda8e7 Run integration test PR checks nightly (#2222) 
* Run integration test PR checks nightly

Scheduled for 5AM UTC. This will assist in catching bugs introduced with new runner images.

* Specify generated YAML indentations

For consistency with our non-autogenerated files and GitHub documentation, we should further indent items in lists (`sequence`).
 2024-04-04 10:30:18 -07:00
Henry Mercer
35b10b5ff7 Merge branch 'main' into henrymercer/drop-codeql-v2.11.5 2024-01-02 18:03:32 +00:00
dependabot[bot]
596b173a4e Bump the actions group with 2 updates (#2056) 
* Bump the actions group with 2 updates

Bumps the actions group with 2 updates: [actions/setup-python](https://github.com/actions/setup-python) and [actions/setup-go](https://github.com/actions/setup-go).


Updates `actions/setup-python` from 4 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4...v5)

Updates `actions/setup-go` from 4 to 5
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump `setup-python` and `setup-go` to v5

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
 2023-12-27 17:12:00 -08:00
nickfyson
0e9a210226 update workflows to run on all release branches 2023-12-06 15:57:43 +00:00
Henry Mercer
649145214e Update PR checks 
Stop testing `stable-20220908` bundle as this is no longer supported.
 2023-11-27 12:41:44 +00:00
Andrew Eisenberg
7c60ff7ad6 Use setup-python@v4 2023-11-02 07:49:59 -07:00
Andrew Eisenberg
9ef69a2c7a Be more precise about when to use python 3.11 
Only run use 3.11 on versions of of the CLI that we know don't support
3.12.
 2023-11-01 18:10:09 -07:00
Andrew Eisenberg
bd4005aa6a Force python 3.11 for macos 
3.12 does not work.
 2023-11-01 16:01:27 -07:00
dependabot[bot]
321d3e057d Bump the actions group with 1 update 
Bumps the actions group with 1 update: [actions/checkout](https://github.com/actions/checkout).

- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 18:00:31 +00:00
Angela P Wen
1f63aba653 PR Checks: Test codeql-bundle.tar.gz (#1822) 2023-08-03 15:38:21 +00:00
Henry Mercer
49e0fc2ba1 PR checks: Rename cached to default 2023-08-02 18:02:10 +01:00
Henry Mercer
9f45792756 Update autogenerated notice to refer to specific ruamel.yaml version 2023-06-12 13:28:11 +01:00
Angela P Wen
cdcdbb5797 PR checks: stop setting experimental Swift var for new CLI versions (#1718) 
Now that `latest` and `cached` are both 2.13.3, which is the version in which we GA'ed Swift, we should stop setting this experimental variable when we test these CLI versions so we can test the case where the variable is unset.
 2023-06-06 08:49:09 -07:00
Henry Mercer
1023a086ae Merge pull request #1694 from jsoref/fixes 
Fix running tests on forks, and handle invalid URIs when fingerprinting
 2023-05-25 15:41:27 +01:00
Josh Soref
dba4f66682 Grant security-events: write permissions 2023-05-24 18:14:01 -04:00
Josh Soref
8f9b20ba50 Clarify how to update workflows 2023-05-24 18:14:01 -04:00
Angela P Wen
8c923c00a3 Fix Swift PR Checks on nightly-latest CLI (#1696) 2023-05-24 17:59:40 +01:00
Henry Mercer
f7a67e4341 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-05 18:39:27 +01:00
Henry Mercer
e85546ccca Move internal Actions into .github/actions 
This is a more standard location for these custom Actions.
 2023-04-03 18:29:29 +01:00
Henry Mercer
72d018e267 Improve serialization of Swift environment variable if expression 2023-03-29 13:15:59 +01:00
Henry Mercer
6ef37003ca Update CodeQL releases used in PR checks 2023-03-28 20:07:09 +01:00
Angela P Wen
a21bb7f968 Update upload input values and logic (#1598) 
- The `upload` input to the `analyze` Action now accepts the following values:
    - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

---------

Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-23 17:23:25 +00:00
Andrew Eisenberg
c208575433 Avoid uploading databases after integration tests 
We are still getting coverage of the upload capability through the
standard codeql analysis workflow.
 2023-03-14 14:55:58 -07:00
Henry Mercer
e530813ab8 Remove PR checks for v1 2023-01-16 18:49:32 +00:00
Henry Mercer
620a267204 Temporarily disable Kotlin analysis in PR checks 
Kotlin analysis is incompatible with Kotlin 1.8.0, which is now rolling
out to the Actions runner images.

While we work on a more permanent fix to our PR checks, this will
prevent us losing other
test coverage.
 2023-01-10 17:31:35 +00:00
Henry Mercer
7cdf75141e Remove redundant INTERNAL_CODEQL_ACTION_DEBUG_LOC variable 2022-11-16 16:40:35 +00:00
Henry Mercer
a190d3876a Rename TEST_MODE to specific variable for CodeQL Action 
This allows us to set it automatically in the workflow generator,
simplifying things and reducing the scope for error.
 2022-11-16 16:40:30 +00:00
Henry Mercer
96a8424f0c Don't bypass the toolcache in test mode 2022-08-16 16:18:12 +01:00
Henry Mercer
9daf1de73c Update references to release branches 
Prepare for renaming `v1` -> `releases/v1` and `v2` -> `releases/v2`.
 2022-04-14 17:48:46 +01:00
Henry Mercer
a2949f47b3 Update actions/checkout from v2 to v3 2022-03-30 19:46:09 +01:00
Henry Mercer
e769c2dd6e Run all PR checks on v2 branch 2022-03-30 15:59:09 +01:00
Andrew Eisenberg
76c3e91b1f Bump timeout to 45 minutes 
With a 30 minute timeout, we were getting some cancelled runs.
This should fix it.
 2022-03-11 11:45:45 -08:00
Andrew Eisenberg
628afae9d3 Add a timeout of 30 min 
For all CI jobs. Based on some eye-balling 30 minutes should be
enough time for all jobs to complete.
 2022-03-08 14:57:35 -08:00
Edoardo Pirovano
8ec6a84629 Expand PR checks to cover windows-2022 2022-02-28 15:39:34 +00:00
Andrew Eisenberg
b2af0740e4 Remove security-events: write from tests 
This is not necessary.
 2022-02-01 19:17:15 -08:00
Andrew Eisenberg
e9aa2c6f62 Add a permissions block for generated workflows 
Ensure that all workflows are able to write security events.
 2022-01-31 16:11:00 -08:00
Edoardo Pirovano
f04acbbdc3 Use CLI's own baseline LOC counting 2021-09-29 11:17:41 +01:00
Edoardo Pirovano
444316b6c6 Refactor PR checks 2021-09-08 13:59:52 +01:00