github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-19 05:49:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,394 Commits 294 Branches 500 Tags
96e7de35af4d54c495db23fd2a1e70d295d03225
Commit Graph

108 Commits

Author SHA1 Message Date
Andrew Eisenberg
96e7de35af Use nullish conversion for packs 
Slightly simplifies the `parsePacks` function.
 2021-06-09 13:18:27 -07:00
Andrew Eisenberg
1cc5f1d5dd Packaging: Address review comments 
1. Better malformed data guard for PackDownloadOutput
2. Fix Packs type
3. Remove TODO in init-action
 2021-06-08 10:00:22 -07:00
Andrew Eisenberg
06687e95c8 Avoid using SemVer instances 
Use strings instead. They are easier to serialize and deserialize.
 2021-06-04 13:34:55 -07:00
Andrew Eisenberg
9b5753ab00 Fix logic for calculating if there are queries to run 
During the analyze phase.
 2021-06-04 13:23:35 -07:00
Andrew Eisenberg
6cee818bf3 Add better comments and error messages for pack-related changes 2021-06-04 10:18:24 -07:00
Andrew Eisenberg
86a804f9a7 Allow the codeql-action to run packages 
This commit adds a `packs` option to the codeql-config.yml file. Users
can specify a list of ql packs to include in the analysis.

For a single language analysis, the packs property looks like this:

```yaml
packs:
  - pack-scope/pack-name1@1.2.3
  - pack-scope/pack-name2   # no explicit version means download the latest
```

For multi-language analysis, you must key the packs block by lanaguage:

```yaml
packs:
  cpp:
    - pack-scope/pack-name1@1.2.3
    - pack-scope/pack-name2
  java:
    - pack-scope/pack-name3@1.2.3
    - pack-scope/pack-name4
```

This implementation adds a new analysis run (alongside custom and 
builtin runs). The unit tests indicate that the correct commands are
being run, but I have not actually tried this with a real CLI.

Also, convert `instanceof Array` to `Array.isArray` since that is
sightly better in some situations. See:
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/isArray#instanceof_vs_isarray
 2021-06-03 15:46:40 -07:00
Andrew Eisenberg
2c2ebdc5c5 Remove local environment running 
This is a functionality that never worked perfectly and hasn't been
used for a while.

This allows developers to run the action on their local machine, but
the run was always flaky and never 100% mirrored what was happening on
the actions runner.
 2021-06-02 11:26:11 -07:00
Arthur Baars
4f51b8c47e Check available languages 2021-05-23 21:14:07 +02:00
Arthur Baars
84bec4d116 Check queries in initConfig 2021-05-21 12:23:00 +02:00
Arthur Baars
9aca271fbb Remove superfluous if 2021-05-21 12:07:30 +02:00
Arthur Baars
ec011ddfdb Ensure queries[language] objects are initialized 2021-05-21 10:42:14 +02:00
Edoardo Pirovano
79c79f1be5 Add configuration option to set CodeQL DB location 2021-05-18 00:13:36 +01:00
Edoardo Pirovano
578f9fc99e Add external git repositories to search path for custom queries 2021-04-21 17:40:56 +01:00
Andrew Eisenberg
534192fa05 Use externalRepoAuth when getting a remote config 
This allows users to specify a different token for retrieving the
codeql config from a different repository.

Fixes https://github.com/github/advanced-security-field/issues/185
 2021-04-09 15:00:57 -07:00
Robert
90d1a31dd4 Introduce external repository token 2021-01-12 12:07:03 +00:00
Robin Neatherway
dff118f7ad Use version information to construct payload 2020-11-30 16:45:18 +00:00
Robert
81a21bfa1e Request meta endpoint at the start of execution 2020-11-26 17:54:46 +00:00
Sam Partington
20567b5888 Introduce parameter object for API params that travel together 2020-11-23 14:39:01 +00:00
Eric Cornelissen
6aaf0483f0 Merge branch 'main' into fix-typos 2020-11-20 14:32:12 +01:00
Eric Cornelissen
5416d4f3b5 Run npm run build 2020-11-20 11:35:59 +01:00
Eric Cornelissen
847f4ef293 Run npm run build 2020-11-19 23:03:45 +01:00
Chris Gavin
865b4bd832 Pass a logger in to getApiClient() rather than constructing one there. 2020-11-02 08:53:25 +00:00
Chris Gavin
1220ae5bfd Log a warning if the API version is not supported. 2020-10-30 12:20:06 +00:00
Chris Raynor
122c9b7f24 Switching to import/order instead of sort-imports 2020-10-01 11:03:46 +01:00
Chris Raynor
228546a1e5 Resolve violations of sort-imports lint 
Resolves #206
 2020-09-29 14:43:37 +01:00
Michael Huynh
c68c97e2bd Resolve violations of no-useless-escape lint 
Resolves #205
 2020-09-28 10:55:58 +08:00
Chris Gavin
bba73b6d4e Merge main into update-actions-github. 2020-09-21 15:25:08 +01:00
Michael Huynh
4666a0eed0 Resolve violations of github/array-foreach lint 
Resolves #199
 2020-09-20 17:41:27 +08:00
Chris Gavin
9ed519fa12 Update to the latest version of @actions/github. 2020-09-18 16:06:20 +01:00
Robert Brignull
1dc1029baf Merge branch 'main' into split_builtin_custom_queries 2020-09-18 09:52:44 +01:00
Chris Raynor
a184d50a26 Running lint-fix 2020-09-14 10:44:43 +01:00
Robert Brignull
0539269665 split up builtin and custom queries 2020-09-10 18:17:03 +01:00
Sam Partington
d677f16692 Merge branch 'main' into allow-additive-queries-in-workflow 2020-09-08 10:00:16 +01:00
Robert Brignull
8a821a9c35 Add logger to checkoutExternalRepository 2020-09-01 13:53:59 +01:00
Sam Partington
82000c26c8 Allow "additive" queries in workflow by prefixing with "+" 
See discussion on https://github.com/github/code-scanning/issues/1446
 2020-08-28 16:45:57 +01:00
Robert Brignull
80e2c4fe4a improve error message when config is not found 2020-08-28 09:43:25 +01:00
Robert Brignull
39b361ed69 Remove dependence of GITHUB_REPOSITORY env var 2020-08-27 11:06:14 +01:00
Robert Brignull
217483dfd6 Convert rest of the actions 2020-08-26 16:20:36 +01:00
Sam Partington
ab4e7216d3 Don't refer to config file in contexts where it's not relevant 
https://github.com/github/codeql-action/pull/127#discussion_r476366221
 2020-08-25 14:19:16 +01:00
Sam Partington
bdfd48264f Merge branch 'main' into query-overriding 2020-08-25 10:39:53 +01:00
Sam Partington
129713f1a0 Handle errors in workflow queries correctly 2020-08-25 10:17:54 +01:00
Sam Partington
7f19f9198a Refactor common code to function and add missing test 2020-08-24 15:53:24 +01:00
Sam Partington
c6f02973ac Prevent queries in workflow overriding default queries 
https://github.com/github/codeql-action/pull/127#pullrequestreview-463207781
 2020-08-24 14:42:05 +01:00
Robert Brignull
0e8b30af75 Merge branch 'main' into add_env_to_config 2020-08-21 10:32:58 +01:00
Robert Brignull
038c4ebdf7 add CodeQL cmd to config 2020-08-19 15:57:13 +01:00
Robert Brignull
360e77a083 remove direct accesses to RUNNER_TEMP 2020-08-19 15:25:27 +01:00
Robert Brignull
9c29fe283d add tempDir and toolCacheDir to config 2020-08-19 15:11:49 +01:00
Robert Brignull
00eee2b7ee Merge branch 'main' into language_parsing 2020-08-17 13:21:02 +01:00
Robert Brignull
34b372292b commit node_modules and generated files 2020-08-11 12:43:27 +01:00
Robert Brignull
591359cae6 introduce languages.ts 2020-08-10 16:03:09 +01:00