github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 09:10:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,348 Commits 297 Branches 500 Tags
539d968ad76f18facb8baa5636bcbee46bd76ca4
Commit Graph

1348 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Eisenberg
539d968ad7 Use commander preAction hook for setMode 
Hooks are new to commander v8. We can use hooks to ensure that `setMode`
is called before every command is invoked.
 2021-06-01 11:17:49 -07:00
Andrew Eisenberg
4b4a5ee9d1 Merge pull request #534 from github/aeisenberg/mergeback-fix 
Fix the mergeback workflow
 2021-06-01 10:35:47 -07:00
Andrew Eisenberg
f0e82b7d63 1.0.1 2021-05-31 10:56:52 -07:00
Andrew Eisenberg
c02d8cc7a9 Fix EOF newlines after npm version patch 
The removeNPMAbsolutePaths check requires no newlines at the
end of the file. This ensures that the version update mimics
the behavior.
 2021-05-31 10:37:07 -07:00
Andrew Eisenberg
a94829cc53 Manually update the CHANGELOG 
This should have happened in a mergeback PR, but the workflow to
generate this was broken.
 2021-05-31 10:11:08 -07:00
Andrew Eisenberg
7d701d23e3 Merge remote-tracking branch 'upstream/v1' into aeisenberg/mergeback-fix 2021-05-31 10:09:13 -07:00
Andrew Eisenberg
981b5cb012 Fix the mergeback workflow 
We need to tag and mergeback if the tag does _not_ already exist.
 2021-05-31 10:08:10 -07:00
Andrew Eisenberg
ca9450846f Merge pull request #516 from github/aeisenberg/user-agent 
Send version and mode to code scanning via user agent
 2021-05-31 09:49:44 -07:00
Andrew Eisenberg
1a4cdd35b9 Use the version from package.json in the runner 2021-05-31 09:35:13 -07:00
Andrew Eisenberg
4164096c0d Use the version from package.json in the runner 
Update the ql queries to account for change in how we look for runner

Previously, we guarded blocks of code to be run by the runner or the
action using if statements like this:

```js
if (mode === "actions") ...
```

We are no longer doing this. And now, the `unguarded-action-lib.ql`
query is out of date. This query checks that runner code does not
unintentionally access actions-only methods in the libraries.

With these changes, we now ensure that code scanning is happy.
 2021-05-31 09:34:41 -07:00
Andrew Eisenberg
47588796b4 Send the version and mode with the user agent 
This commit changes the way the action determines if running in action
or runner mode. There is now an environment variable that is set at the
beginning of the process and elsewhere in the process, we can check to
see if the variable is set.
 2021-05-31 09:03:29 -07:00
Andrew Eisenberg
fad7cc482d Merge pull request #438 from okyanusoz/patch-1 
Fix wording in README
 2021-05-31 09:02:45 -07:00
Andrew Eisenberg
4917d3c7e8 Merge pull request #533 from github/update-v1.0.0-ff75ec7f 
Merge main into v1
 2021-05-31 08:13:07 -07:00
Andrew Eisenberg
dd66f4484d Remove leading newline 
Minor change.
 2021-05-31 08:12:29 -07:00
github-actions[bot]
cf57db7e1f 1.0.0 2021-05-31 09:24:10 +00:00
Andrew Eisenberg
d9a17baf2f Merge branch 'main' into patch-1 2021-05-28 15:29:27 -07:00
Henry Mercer
ff75ec7f7d Merge pull request #532 from github/henrymercer/analysis-summaries-custom-queries 
Analyze: Log analysis summaries for custom queries
 2021-05-28 21:48:16 +01:00
Henry Mercer
1362396c57 Add changelog note 2021-05-28 20:19:55 +01:00
Henry Mercer
2338fe5db5 Analyze: Log analysis summaries for custom queries 2021-05-28 19:36:21 +01:00
Andrew Eisenberg
2ccefaccfe Merge pull request #510 from github/aeisenberg/update-changelog-on-release 
Add release and mergeback workflows
 2021-05-27 13:22:14 -07:00
Andrew Eisenberg
8b0110800e Merge branch 'main' into aeisenberg/update-changelog-on-release 2021-05-27 13:12:26 -07:00
Andrew Eisenberg
ea89b06c41 Add bump runner version whenever action is versioned 
Ensures that the runner version is bumped along with the action version.
 2021-05-27 12:31:58 -07:00
Arthur Baars
12b2dc68b9 Merge pull request #513 from github/aibaars-patch-1 
Add Ruby as a possible language
 2021-05-26 07:40:23 +02:00
Arthur Baars
213f5407e2 Merge branch 'main' into aibaars-patch-1 2021-05-26 07:30:01 +02:00
Aditya Sharad
f4e2dc747e Merge pull request #531 from github/adityasharad/actions/enterprise-versions-upstream-only 
Actions: Run enterprise versions workflow only on the parent repo
 2021-05-25 19:02:45 -07:00
Andrew Eisenberg
6764ac6d01 Merge pull request #527 from github/update-v1-eeaefb60 
Merge main into v1
 2021-05-25 19:00:39 -07:00
Aditya Sharad
a55e7e1f67 Actions: Run enterprise versions workflow only on the parent repo 
Don't run the cron workflow on forks, since they lack the necessary secrets.
 2021-05-25 17:48:14 -07:00
Arthur Baars
44c6b33642 Address comments 2021-05-24 11:00:02 +02:00
Arthur Baars
4f51b8c47e Check available languages 2021-05-23 21:14:07 +02:00
Andrew Eisenberg
800a951427 Add release and mergeback workflows 
This commit ensures that the changelog is updated before a release with
the correct date and version.

Also, after a release, a mergeback PR is created to ensure that the
changelog update and version bump is available in main.
 2021-05-21 11:04:38 -07:00
Arthur Baars
91700099ba Fix unit test 2021-05-21 18:45:08 +02:00
Arthur Baars
c3633dc9bd Add Ruby as a possible language 2021-05-21 18:45:08 +02:00
Andrew Eisenberg
eeaefb6054 Merge pull request #517 from github/aibaars-additional-packs 
Use --additional-packs instead of --search-path
 2021-05-21 09:31:17 -07:00
Andrew Eisenberg
c3e0f887ab Merge branch 'main' into aibaars-additional-packs 2021-05-21 09:21:54 -07:00
Arthur Baars
1ad5a6c1be Merge pull request #518 from github/aibaars-no-queries 
Ensure queries[language] objects are initialized
 2021-05-21 12:54:23 +02:00
Arthur Baars
6a14accb41 Fix tests 2021-05-21 12:41:35 +02:00
Arthur Baars
84bec4d116 Check queries in initConfig 2021-05-21 12:23:00 +02:00
Arthur Baars
9aca271fbb Remove superfluous if 2021-05-21 12:07:30 +02:00
Arthur Baars
ec011ddfdb Ensure queries[language] objects are initialized 2021-05-21 10:42:14 +02:00
Arthur Baars
69cc3550c8 Use --additional-packs instead of --search-path 2021-05-21 10:40:06 +02:00
Aditya Sharad
8fa2ef886e Merge pull request #515 from adityasharad/analyze/summary-logging 
Analyze: Improve log grouping and log the analysis summary in its own group
 2021-05-20 15:49:26 -07:00
Aditya Sharad
f84cc5e6f1 Fix trailing newline in package.json 
As produced by npm ci && npm run removeNPMAbsolutePaths.
 2021-05-20 14:12:37 -07:00
Aditya Sharad
512d4671bc Decode CodeQL stdout as UTF-8 2021-05-20 14:08:29 -07:00
Aditya Sharad
741bd73e8e Changelog: Add note for grouping of analysis logs 2021-05-20 12:32:10 -07:00
Aditya Sharad
031ec8753a Group log messages while uploading results 2021-05-20 12:32:10 -07:00
Aditya Sharad
19fe63f821 Analyze: Log the analysis summary in its own group 
Fix grouping of the analysis logs, so that custom query logs also get grouped.
Capture the stdout of codeql database analyze, which contains the analysis summary
from summary and diagnostic queries.
Log this output in its own group, along with the baseline computed in the Action.
 2021-05-20 12:32:09 -07:00
Andrew Eisenberg
6a9815718a Merge pull request #514 from github/aeisenberg/first-changelog-entry 
Add the first changelog entry
 2021-05-20 10:47:51 -07:00
Andrew Eisenberg
7ae8d165a6 Add the first changelog entry 
(Adding the changelog itself.)
 2021-05-20 09:24:30 -07:00
Andrew Eisenberg
06b386ac6c Merge pull request #507 from github/aeisenberg/changelog 
Add a changelog
 2021-05-19 15:41:37 -07:00
Andrew Eisenberg
1b3a351d6d Merge branch 'main' into aeisenberg/changelog 2021-05-19 15:28:21 -07:00