github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-24 08:10:06 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,071 Commits 297 Branches 500 Tags
51126e5cd1376eaa6db89c5855e32919029fe2bc
Commit Graph

2071 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Eisenberg
51126e5cd1 Include better error message 
When users call init multiple times.
 2022-01-20 10:28:11 -08:00
Edoardo Pirovano
c0b507e521 Merge pull request #875 from github/mergeback/v1.0.28-to-main-8a4b243f 
Mergeback v1.0.28 refs/heads/v1 into main
codeql-bundle-20220120 		2022-01-18 22:21:27 +00:00
github-actions[bot]
d563b098d7 Update checked-in dependencies 2022-01-18 21:54:31 +00:00
github-actions[bot]
fca047627b 1.0.29 2022-01-18 21:35:32 +00:00
github-actions[bot]
28fe8e7028 Update changelog and version after v1.0.28 2022-01-18 21:35:30 +00:00
Andrew Eisenberg
8a4b243fbf Merge pull request #874 from github/update-v1.0.28-b31df3ff 
Merge main into v1
v1.0.28 		2022-01-18 13:33:47 -08:00
Andrew Eisenberg
19970ae6b5 Update changelog 
Add an entry and move an entry.
 2022-01-18 12:44:43 -08:00
github-actions[bot]
ec1b16574e 1.0.28 2022-01-18 19:13:38 +00:00
Henning Makholm
b31df3ff95 Merge pull request #866 from github/hmakholm/pr/2.7.5 
Bump CodeQL version to 2.7.5
 2022-01-17 19:45:58 +01:00
Henning Makholm
776db51d2e Merge remote-tracking branch 'origin/main' into hmakholm/pr/2.7.5 2022-01-17 18:27:39 +01:00
Andrew Eisenberg
b886234637 Merge pull request #872 from github/aeisenberg/category-with-tool 
Change category uniqueness test
 2022-01-17 09:19:39 -08:00
Henning Makholm
9913c9bfa5 Merge remote-tracking branch 'origin/main' into hmakholm/pr/2.7.5 2022-01-17 18:06:10 +01:00
Andrew Eisenberg
8de62beb50 Merge branch 'main' into aeisenberg/category-with-tool 2022-01-17 09:00:14 -08:00
Andrew Eisenberg
b6fbccaba1 Merge pull request #873 from github/nickrolfe/ruby 
Update warning about interpreted languages to mention Ruby
 2022-01-14 09:05:50 -08:00
Nick Rolfe
df0c306daf Update warning about interpreted languages to mention Ruby 2022-01-14 11:57:29 +00:00
Andrew Eisenberg
ab1f709732 Allow duplicate categories in the same validation step 
A single SARIF file should be allowed to have duplicated
categories.
 2022-01-13 10:35:03 -08:00
Andrew Eisenberg
8454e21c9c Change category uniqueness test 
Turboscan only allows a single combination of tool name and automation
details id for testing category uniqueness.

Previously, the check in the action was not entirely correct since it
only looked at the _category_ and not the combination of the category
and the tool name.

It's even more precise now since it is looking at the actual, computed
value of the automation details id, rather than an inputted value of
the category.

This change also includes a refactoring where the action is now avoiding
multiple parsing/stringifying of the sarif files. Instead, sarif is
parsed once at the start of the process and stringified once, after
sarif processing is completely finished.
 2022-01-12 15:26:34 -08:00
Henning Makholm
d85c3e58ec Bump CodeQL version to 2.7.5 2022-01-12 19:36:20 +01:00
Edoardo Pirovano
cbabe47a0b Merge pull request #871 from github/mergeback/v1.0.27-to-main-cd783c8a 
Mergeback v1.0.27 refs/heads/v1 into main
codeql-bundle-20220112 		2022-01-11 22:22:02 +00:00
github-actions[bot]
f8a48f464d Update checked-in dependencies 2022-01-11 21:57:25 +00:00
github-actions[bot]
f6f23f8671 1.0.28 2022-01-11 21:43:35 +00:00
github-actions[bot]
c2a7379048 Update changelog and version after v1.0.27 2022-01-11 21:43:33 +00:00
Edoardo Pirovano
cd783c8a29 Merge pull request #870 from github/update-v1.0.27-faa9ba73 
Merge main into v1
v1.0.27 		2022-01-11 21:42:44 +00:00
github-actions[bot]
300c8b6dcb 1.0.27 2022-01-11 20:35:30 +00:00
Edoardo Pirovano
faa9ba7363 Merge pull request #869 from github/edoardo/windows-11-error 
Refuse to run on Windows 11
 2022-01-11 20:34:11 +00:00
Edoardo Pirovano
d2a0fc83dc Refuse to run on Windows 11 2022-01-11 18:34:33 +00:00
Edoardo Pirovano
71112ab35d Merge pull request #868 from edoardopirovano/debug-artifact-name 
Make name of debugging artifact and DB within it configurable
 2022-01-07 17:54:41 +00:00
Edoardo Pirovano
e677af3fd0 Make name of debugging artifact and DB within it configurable 2022-01-07 15:10:26 +00:00
Henry Mercer
848e5140d4 Merge pull request #857 from github/henrymercer/ml-powered-queries 
Add support for running ML-powered queries for JS `security-extended` behind `ml_powered_queries` feature flag
 2022-01-06 17:55:06 +00:00
Henry Mercer
e7fe6da378 Allow patch version of ML-powered queries pack to be bumped 2022-01-06 11:58:03 +00:00
Henry Mercer
2159631658 Only run ML-powered queries with v2.7.5 or newer of the CLI 2022-01-06 11:58:03 +00:00
Henry Mercer
9de1702400 Document use of redundant feature flag API call 2022-01-06 11:58:02 +00:00
Henry Mercer
efded22908 Bump the version of the ATM query pack to 0.0.2 2022-01-06 11:57:33 +00:00
Henry Mercer
5602bd50bf Test loading of ML-powered queries 2022-01-06 11:57:33 +00:00
Henry Mercer
2f4be8e34b Run ML-powered queries for JS security-extended behind feature flag 2022-01-06 11:57:33 +00:00
Edoardo Pirovano
9763bdd6ec Merge pull request #860 from edoardopirovano/always-upload-db 
Always upload DB when in debug mode
codeql-bundle-20220104 		2022-01-04 18:25:33 +00:00
Edoardo Pirovano
00d4d60204 Always upload DB when in debug mode 2022-01-04 16:49:31 +00:00
Edoardo Pirovano
e5d84de18b Merge pull request #861 from github/remove-debug-output 
Remove debugging output
 2022-01-02 10:05:46 +00:00
Edoardo Pirovano
ea1acc573a Merge branch 'main' into remove-debug-output 2022-01-02 09:41:49 +00:00
Edoardo Pirovano
79ea6d6a7c Merge pull request #862 from github/aeisenberg/fix-python-tests 
Force virtualenv version
 2022-01-02 09:41:38 +00:00
Andrew Eisenberg
3e50d096f8 Force virtualenv version 
Force the virtualenv version to be 20.11 or less.
The 20.12 version is failing for python 2 right now.
 2022-01-01 19:13:10 -08:00
Edoardo Pirovano
cca1cfdacf Remove debugging output 2021-12-31 16:32:08 +00:00
Edoardo Pirovano
cdea582765 Merge pull request #859 from github/update-supported-enterprise-server-versions 
Update supported GitHub Enterprise Server versions.
 2021-12-29 09:39:28 +00:00
GitHub
3e59dee9e2 Update supported GitHub Enterprise Server versions. 2021-12-29 00:07:19 +00:00
Henry Mercer
249c7ffce1 Merge pull request #856 from github/henrymercer/feature-flagging 
Feature flagging via the GitHub API
 2021-12-16 16:18:46 +00:00
Henry Mercer
254816c2d2 Stub feature flag API endpoint in tests 2021-12-16 13:39:18 +00:00
Henry Mercer
6d62c245ec Represent feature flags using an enum 
Replaces the previous string literal type
 2021-12-16 13:38:34 +00:00
Henry Mercer
5e87034b3b Explicitly pass repository to feature flags constructor 
As suggested in review: The `GITHUB_REPOSITORY` environment variable is
only available on Actions. Passing it in explicitly avoids potentially
crashing if this code is called from the runner.
 2021-12-15 17:03:43 +00:00
Henry Mercer
621e0794ac Throw an error if the feature flag API request errors 2021-12-15 16:34:26 +00:00
Henry Mercer
d6499fad61 Use new feature flag architecture when uploading databases 2021-12-15 13:17:05 +00:00