github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-24 08:10:06 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,434 Commits 297 Branches 500 Tags
4f56152a481f6d23f3db3b830b30dbb8ccb3e22e
Commit Graph

266 Commits

Author SHA1 Message Date
Henry Mercer
e37d0f3e7c Use direct tracing when autobuild build mode specified 
Behind a flag, for now
 2024-04-12 17:06:35 +01:00
Rasmus Wriedt Larsen
4e8e3439dd Merge branch 'main' into RasmusWL/remove-python-dep-inst 2024-04-08 10:25:42 +02:00
Angela P Wen
7df281f2fe Gracefully continue if createStatusReportBase throws (#2225) 
Previously, we weren't catching any possible exceptions in `createStatusReportBase` and runs would fail if any of the telemetry sub-items threw exceptions. As telemetry should not block the analysis, we continue here even if the status report throws.
 2024-04-04 15:26:14 -07:00
Rasmus Wriedt Larsen
6ab7733abd build 2024-04-04 17:15:39 +02:00
Henry Mercer
2307ff547f Add languages and build_mode to init success status report 2024-02-29 12:18:19 +00:00
Henry Mercer
c0917251d4 Refactoring: Convert ActionName to enum 2024-02-29 11:29:32 +00:00
Henry Mercer
888ab31e3e Mark third-party SARIF limits errors as configuration errors 2024-02-28 19:41:43 +00:00
Angela P Wen
1a6bac42d0 Rename considerInvalidRequestConfigError to isThirdPartyUpload 
This describes what we are trying to do more accurately.
 2024-02-28 15:22:39 +00:00
Henry Mercer
60465730fb Add event name to status report 2024-02-26 19:36:37 +00:00
Henry Mercer
28b564f8c6 Add languages to the status report for all jobs 2024-02-26 19:03:28 +00:00
Josh Soref
5a6da1d85d Treat status reports as non-critical 
Change `sendStatusReport` to `void`
 2024-02-12 13:56:10 -05:00
Angela P Wen
1515e2bb20 Refactor configuration errors (#2105) 
Refactor the existing classes of configuration errors into their own file; consolidate the place we check for configuration errors into `codeql.ts`, where the actual command invocations happen.

Also, rename the `UserError` type to `ConfigurationError` to standardize on a single term.
 2024-02-08 17:20:03 +00:00
Henry Mercer
0fe34bd39a Extract language appropriately in analyze step when build mode specified 2024-02-07 13:19:29 +00:00
nickfyson
f72cffc780 add v2 deprecation warning 2024-01-18 20:51:16 +00:00
Angela P Wen
f65ecd09c7 Only delete SARIF in PR check if not running on a fork (#2084) 2024-01-16 16:07:58 -08:00
Michael B. Gale
632d58cb60 Update Go path documentation in analyze Action 2023-10-13 10:14:22 +01:00
Michael B. Gale
4eccc6dac4 Suppress Go workaround warning if autobuilder ran 2023-10-06 15:11:31 +01:00
Michael B. Gale
235bdca565 Use markdownMessage 2023-10-05 14:27:34 +01:00
Michael B. Gale
94f3e9b563 Apply suggestions from code review 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-10-05 14:27:09 +01:00
Michael B. Gale
a144bf5d7f Store diagnostics in language-specific database 2023-10-05 13:39:58 +01:00
Michael B. Gale
eb71a60380 Emit diagnostic when Go was changed after init 2023-10-05 12:52:06 +01:00
Michael B. Gale
41a13ec084 Fix comment in analyse Action 2023-10-04 19:53:23 +01:00
Michael B. Gale
604448043e Add which go output in warning 2023-10-04 19:45:08 +01:00
Michael B. Gale
4611ff9b23 Cross-check Go binary in analyze Action 2023-10-04 19:45:04 +01:00
Henry Mercer
ebbadee09e Remove ML-powered queries 2023-10-02 17:20:50 +01:00
Henry Mercer
379f89dc53 Log cgroup RAM limits 2023-09-18 13:05:29 +01:00
Henry Mercer
a7c12a5225 Address PR comments 2023-09-07 20:44:15 +01:00
Henry Mercer
7218de5369 Merge branch 'main' into henrymercer/user-errors-for-upload-sarif 2023-09-07 19:40:15 +01:00
Henry Mercer
583a1019cc Mark invalid SARIF errors as user errors in the upload-sarif Action 2023-09-06 18:14:30 +01:00
Henry Mercer
10389f671b Remove scaling reserved RAM feature flag 2023-09-05 14:30:56 +02:00
Angela P Wen
07d42ec34e Improve logging for Go autobuild when invoked in analyze step (#1862) 2023-08-31 11:39:07 +00:00
Henry Mercer
7dcb3e5276 Include runner disk info in status report 2023-08-07 16:27:56 +01:00
Henry Mercer
c6d284324b Pull out a dedicated status report file 2023-08-07 16:13:59 +01:00
Josh Soref
8ab72a0f47 Add output for analyze action output path 2023-07-25 16:03:16 -04:00
Henry Mercer
2637069a45 Resolve dependency cycles between actions-util and workflow 2023-07-19 17:21:33 +01:00
Henry Mercer
0bc4788cf7 Resolve dependency cycle between api-client and actions-util 2023-07-19 17:01:05 +01:00
Henry Mercer
004f976bef Fix dependency cycle between util and config-utils 2023-07-19 16:48:21 +01:00
Henry Mercer
9922e17dbb Move code scanning config enablement into feature flags 2023-07-19 15:57:59 +01:00
Nick Rolfe
f232722edf Respect scaling_reserved_ram feature flag 
The amount of RAM given to the CodeQL evaluator is the machine's total
memory size, minus a reserved amount. Currently, the reserved amount is
fixed at 1 GB (or 1.5 GB on Windows). When the scaling_reserved_ram
feature flag is enabled, we also add 2% of the total memory size to the
reserved amount. This allows for the fact that the kernel will consume
more RAM (e.g. for page tables) on machines with more physical RAM.
 2023-07-07 16:46:47 +01:00
Henry Mercer
3a960869ac Simplify definitions of environment variables 2023-07-06 17:28:37 +01:00
Angela P Wen
46a6823b81 Send new per-query alert count event reports for QA telemetry (#1741) 2023-06-30 07:53:13 -07:00
Rasmus Wriedt Larsen
fce87bbc67 Generate JS 2023-05-12 10:00:31 +02:00
Henry Mercer
8a093aa1a5 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-11 12:25:45 +01:00
Henry Mercer
e5c2f32a9f Consistently wrap errors 2023-04-06 17:04:21 +01:00
Henry Mercer
d8fe76e161 Delete legacy tracing 2023-03-28 18:53:43 +01:00
Henry Mercer
ade432fd68 Remove duplicate locations from output of database interpret-results 2023-03-24 20:30:57 +00:00
Angela P Wen
a21bb7f968 Update upload input values and logic (#1598) 
- The `upload` input to the `analyze` Action now accepts the following values:
    - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

---------

Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-23 17:23:25 +00:00
Angela P Wen
3cbd063679 Upload per-database diagnostic SARIFs on green and red runs (#1556) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-20 21:09:04 +00:00
Henry Mercer
ebdd5a069f Remove perf_hooks Node 12 comment 
We don't need the import for Node 12 compat, but we do need it to make
the file compile.
 2023-01-23 19:16:03 +00:00
Henry Mercer
be8f7b01a2 Add types for package.json via @schemastore/package 2023-01-20 15:01:35 +00:00