github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-28 10:10:17 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,454 Commits 297 Branches 500 Tags
85ac9fe26ec392c6c295d42552be61cd42bf8104
Commit Graph

667 Commits

Author SHA1 Message Date
Edoardo Pirovano
85ac9fe26e Remove misleading comment. 2021-06-25 14:28:43 +01:00
Edoardo Pirovano
40852fa52a Improve error messages from CLI invocations 2021-06-24 23:38:13 +01:00
Andrew Eisenberg
af32a29f03 Merge branch 'main' into simon-engledew/fix-runner-temp-missing 2021-06-24 13:48:45 -07:00
Arthur Baars
a1f71cfecf Add Ruby to 'isInterpretedLanguage' 2021-06-24 19:13:05 +02:00
Simon Engledew
26ade03b50 Just reverse test case 2021-06-24 18:00:10 +01:00
Simon Engledew
9200db3ec4 Restore original getCodeQLActionRepository behaviour 2021-06-24 17:52:48 +01:00
Andrew Eisenberg
c5434c91d8 Merge branch 'main' into csharp-loc 2021-06-23 16:22:14 -07:00
Edoardo Pirovano
68b68732c6 Fix C# line counting and add test 2021-06-23 23:39:44 +01:00
Chris Gavin
59560e54ac Replace custom tool download method with the one in the tool cache library. 2021-06-23 14:28:37 +01:00
Henry Mercer
1cd2cd12b4 Merge branch 'main' into hmakholm/pr/2.5.6 2021-06-22 17:12:00 +01:00
Henning Makholm
8d50a5fd90 Update CodeQL bundle to 20210622 / 2.5.6 2021-06-22 17:27:16 +02:00
Robert
00791d5d56 remove old lib file 2021-06-22 13:45:47 +01:00
Robert
146c897909 Upload CodeQL databases 2021-06-22 13:05:12 +01:00
Robert
d893508e3a Revert "Upload CodeQL databases" 2021-06-21 10:26:02 +01:00
Robert
f3cd5fa001 Add workflow input to disable uploads 2021-06-18 09:56:15 +01:00
Robert
33ac512514 Merge branch 'main' into upload-database 2021-06-18 09:50:05 +01:00
Robert
69c30da5ad Merge pull request #565 from github/robertbrignull/upload_ghes 
Only attempt to upload on dotcom
 2021-06-17 12:42:23 +01:00
Robert
b985a67b97 Only attempt to upload on dotcom 2021-06-16 17:24:26 +01:00
Robert
c989ee7b39 Provide a better error message 2021-06-16 17:00:26 +01:00
Robert
d693b3cb0d Check if on default branch before uploading database 2021-06-16 14:43:42 +01:00
Andrew Eisenberg
20aafcd90c Remove unnecessary type assertions 2021-06-10 11:15:03 -07:00
Robin Neatherway
429471162a Update cleanup to bundle 2021-06-10 17:09:58 +01:00
Robert
2a9a602a5e Upload databases from analyze action 2021-06-10 16:09:58 +01:00
Andrew Eisenberg
23cdd6bab6 Remove two log entries 
Cleans up the output logs even more. These entries don't add any more
information since everything is grouped now.
 2021-06-09 14:32:08 -07:00
Andrew Eisenberg
a2e96a4c78 Add pack download to its own log group 
Also, make the baseline count message less awkward sounding.
 2021-06-09 14:13:05 -07:00
Andrew Eisenberg
96e7de35af Use nullish conversion for packs 
Slightly simplifies the `parsePacks` function.
 2021-06-09 13:18:27 -07:00
Andrew Eisenberg
49b2220f92 Refactor codeql.ts 
Extract a `runTool` function that captures the stdout and returns it.
A small refactoring that reduces copied code.
 2021-06-09 13:17:25 -07:00
Andrew Eisenberg
82388fd94a Merge remote-tracking branch 'upstream/main' into aeisenberg/pack-run 2021-06-09 12:43:17 -07:00
Edoardo Pirovano
babcc1b793 Add --finalize-dataset to database finalize call 2021-06-09 16:52:39 +01:00
Edoardo Pirovano
06df98a513 Add new log grouping for DB cleanup 2021-06-09 16:10:22 +01:00
Edoardo Pirovano
0ea20c5b32 Add intepret-results timings to status reports 2021-06-09 10:40:15 +01:00
Andrew Eisenberg
d42f654f7a Add an integration test for packaging 
Uses two pre-existing packages to run some simple queries on a javascript
database.
 2021-06-08 12:34:07 -07:00
Andrew Eisenberg
1cc5f1d5dd Packaging: Address review comments 
1. Better malformed data guard for PackDownloadOutput
2. Fix Packs type
3. Remove TODO in init-action
 2021-06-08 10:00:22 -07:00
Edoardo Pirovano
2cc885d66e Replace analyze with run-queries and interpret-results 2021-06-08 09:25:17 +01:00
Edoardo Pirovano
c09500540c Some refactoring in fingerprint computation 2021-06-08 00:09:27 +01:00
Edoardo Pirovano
02e8dcfe9c Fix out of memory in hash computation 2021-06-07 15:12:45 +01:00
Chris Gavin
48efe6e282 Merge branch 'main' into retrying-fix 2021-06-07 07:47:18 +01:00
Chris Gavin
f8c65b775d Fix stub in tests. 2021-06-07 07:14:44 +01:00
Andrew Eisenberg
d87945e9fd Run the pack download command 2021-06-06 09:27:52 -07:00
Edoardo Pirovano
1644ade514 Add --sarif-group-rules-by-pack flag 2021-06-06 09:56:54 +01:00
Andrew Eisenberg
06687e95c8 Avoid using SemVer instances 
Use strings instead. They are easier to serialize and deserialize.
 2021-06-04 13:34:55 -07:00
Andrew Eisenberg
9b5753ab00 Fix logic for calculating if there are queries to run 
During the analyze phase.
 2021-06-04 13:23:35 -07:00
Edoardo Pirovano
ddb83a462d Cleanup CodeQL DBs and output their location for later steps 2021-06-04 18:54:15 +01:00
Andrew Eisenberg
6cee818bf3 Add better comments and error messages for pack-related changes 2021-06-04 10:18:24 -07:00
Chris Gavin
41dff7fce3 Add back retrying. 2021-06-04 15:51:51 +01:00
Andrew Eisenberg
86a804f9a7 Allow the codeql-action to run packages 
This commit adds a `packs` option to the codeql-config.yml file. Users
can specify a list of ql packs to include in the analysis.

For a single language analysis, the packs property looks like this:

```yaml
packs:
  - pack-scope/pack-name1@1.2.3
  - pack-scope/pack-name2   # no explicit version means download the latest
```

For multi-language analysis, you must key the packs block by lanaguage:

```yaml
packs:
  cpp:
    - pack-scope/pack-name1@1.2.3
    - pack-scope/pack-name2
  java:
    - pack-scope/pack-name3@1.2.3
    - pack-scope/pack-name4
```

This implementation adds a new analysis run (alongside custom and 
builtin runs). The unit tests indicate that the correct commands are
being run, but I have not actually tried this with a real CLI.

Also, convert `instanceof Array` to `Array.isArray` since that is
sightly better in some situations. See:
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/isArray#instanceof_vs_isarray
 2021-06-03 15:46:40 -07:00
Andrew Eisenberg
f60ef170b0 Cleaning up comments around env vars 
Also, move `getTemporaryDirectory` back to `actions-util`.
 2021-06-03 11:33:20 -07:00
Andrew Eisenberg
cc0733fd12 Fix Unguarded actions library use code scanning error 
Must access the env var directly in order to avoid recursive calls to 
`getRequiredEnvParam`.
 2021-06-02 11:55:32 -07:00
Andrew Eisenberg
082575fbc3 Merge branch 'main' into aeisenberg/env-vars 2021-06-02 11:40:40 -07:00
Andrew Eisenberg
2c2ebdc5c5 Remove local environment running 
This is a functionality that never worked perfectly and hasn't been
used for a while.

This allows developers to run the action on their local machine, but
the run was always flaky and never 100% mirrored what was happening on
the actions runner.
 2021-06-02 11:26:11 -07:00