github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,730 Commits 297 Branches 500 Tags
992d0116661afe47ed4260002dae42ab05ebe083
Commit Graph

2730 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aditya Sharad
992d011666 CI: Combine JS lint and JS check jobs 
Reduce the number of concurrent jobs.
This will require a branch protection rule update,
renaming `check-js` to Check JS` and removing `Lint`.
 2022-07-28 15:37:55 -07:00
Aditya Sharad
6c23d76596 Merge pull request #1152 from github/adityasharad/actions/python-deps-path-filters 
CI: Add path filters to python-deps workflow
 2022-07-28 15:19:32 -07:00
Aditya Sharad
573de8b146 Merge branch 'main' into adityasharad/actions/python-deps-path-filters 2022-07-28 14:37:56 -07:00
Aditya Sharad
fbb0a4e179 Merge pull request #1154 from github/mergeback/v2.1.17-to-main-0c670bbf 
Mergeback v2.1.17 refs/heads/releases/v2 into main
 2022-07-28 13:02:47 -07:00
github-actions[bot]
351171d4e9 Update checked-in dependencies 2022-07-28 18:39:20 +00:00
github-actions[bot]
507d4b7b31 Update changelog and version after v2.1.17 2022-07-28 17:47:32 +00:00
Aditya Sharad
0c670bbf04 Merge pull request #1153 from github/update-v2.1.17-bbc2e701 
Merge main into releases/v2
v2.1.17 		2022-07-28 10:45:57 -07:00
github-actions[bot]
0dd6a6f2b0 Update changelog for v2.1.17 2022-07-28 17:02:14 +00:00
Aditya Sharad
bf24993f0c CI: Add scheduled and manual triggers to python-deps workflow 2022-07-27 13:22:10 -07:00
Aditya Sharad
0d16d70d87 CI: Add path filters to python-deps workflow 
No need to run this workflow on all PRs, only those that
change the Python dependency installation mechanism.
 2022-07-27 13:16:40 -07:00
Aditya Sharad
bbc2e7010f Merge pull request #1149 from github/criemen/runner-autobuilders 
autobuild: Update tests for C# on macOS
codeql-bundle-20220728 		2022-07-27 13:16:12 -07:00
Aditya Sharad
caa2a0df0a Runner tests: Attempt to source the tracer env, display the binary path 2022-07-27 12:05:31 -07:00
Aditya Sharad
a2f4d66a8b Runner tests: Read CODEQL_RUNNER from the stored JSON 
This test workflow does not source the environment from the init step,
so we need to manually read in the variable.
 2022-07-25 15:33:52 -07:00
Aditya Sharad
b4ff463500 Autobuild: Remove CODEQL_RUNNER workaround 
We do not need to prefix `$CODEQL_RUNNER` here on macOS to bypass SIP,
because we assume that the `init` step exported `DYLD_INSERT_LIBRARIES`
into the environment, which activates the Actions workaround for SIP.
See https://github.com/actions/runner/pull/416.
 2022-07-25 15:02:44 -07:00
Aditya Sharad
58faf9d60c Actions: Disable the CLR tracer in C# autobuild test 
Ensure that this succeeds even if the legacy CLR tracer is not enabled.
The combination of the regular tracer and the SIP workaround within Actions
should be sufficient for this to pass.
 2022-07-25 15:02:42 -07:00
Aditya Sharad
dc1c51db28 Actions: Fix failing Runner autobuild test on macOS 
Add the missing `$CODEQL_RUNNER` prefix to the autobuild command line.
This intermediate process works around System Integrity Protection,
allowing the tracer to start the C# extractor for the dotnet builds
within the autobuild process.

The test used to pass without this because the legacy CLR tracer bypassed SIP
while dotnet 5 was used on the Actions virtual environment.
Now that the virtual environment uses dotnet 6, the CLR tracer no longer works,
and we need to explicitly work around SIP.

This test will eventually be replaced by an internal integration test for the
equivalent functionality in the CLI. For now, this change makes the test
continue to pass.
 2022-07-25 14:06:23 -07:00
Aditya Sharad
2d2dfa3424 Remove duplicate CI workflow 2022-07-25 14:01:12 -07:00
Cornelius Riemenschneider
ceec52c4bc Address review. 2022-07-21 17:03:57 +00:00
Cornelius Riemenschneider
a32664975f autobuild-action: Run autobuilders with $CODEQL_RUNNER set. 
Without this, the tracer will not be injected on MacOS, as we need the
runner to circumvent SIP.
Also add a test that tests the autobuild-action to exercise this code path.
 2022-07-21 15:51:54 +00:00
Henry Mercer
8171514c02 Merge pull request #1146 from github/dependabot/npm_and_yarn/runner/terser-5.14.2 
Bump terser from 5.7.1 to 5.14.2 in /runner
 2022-07-20 10:51:28 +01:00
dependabot[bot]
6fa0b7cb22 Bump terser from 5.7.1 to 5.14.2 in /runner 
Bumps [terser](https://github.com/terser/terser) from 5.7.1 to 5.14.2.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-20 01:49:59 +00:00
Alexander Eyers-Taylor
b8bd06e075 Merge pull request #1143 from github/alexet/codeql-2.10.1-update 
Update bundle to 2.10.1
 2022-07-19 15:38:55 +01:00
Alexander Eyers-Taylor
aa231930c1 Merge branch 'main' into alexet/codeql-2.10.1-update 2022-07-19 14:41:49 +01:00
Cornelius Riemenschneider
ba95eeb60e Merge pull request #1145 from github/criemen/fix-ff-crash 
Don't crash if we are unable to get a response from the feature-flag endpoint.
 2022-07-18 14:04:23 +02:00
Cornelius Riemenschneider
c059f95c05 Fix lint errors. 2022-07-18 11:26:03 +00:00
Cornelius Riemenschneider
75afbf4a30 Address review, add test. 2022-07-18 10:37:04 +00:00
Cornelius Riemenschneider
01fa64cb90 Don't crash if we are unable to get a response from the feature-flag endpoint. 2022-07-18 10:14:40 +00:00
Alexander Eyers-Taylor
28ccb035bb Changelog: Pick the correct PR after opening 
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2022-07-14 16:20:45 +01:00
alexet
11111290fc Update bundle to 2.10.1 2022-07-14 15:37:28 +01:00
Edoardo Pirovano
d8c9c723a5 Merge pull request #1141 from github/mergeback/v2.1.16-to-main-3e7e3b32 
Mergeback v2.1.16 refs/heads/releases/v2 into main
codeql-bundle-20220714 		2022-07-13 15:16:52 +01:00
github-actions[bot]
8d24c9e4c1 Update checked-in dependencies 2022-07-13 13:25:21 +00:00
github-actions[bot]
c8971b8e0a Update changelog and version after v2.1.16 2022-07-13 11:26:38 +00:00
Cornelius Riemenschneider
3e7e3b32d0 Merge pull request #1140 from github/update-v2.1.16-548f07e3 
Merge main into releases/v2
v2.1.16 		2022-07-13 12:55:19 +02:00
github-actions[bot]
330d552535 Update changelog for v2.1.16 2022-07-13 10:05:10 +00:00
Andrew Eisenberg
548f07e307 Merge pull request #1139 from github/aeisenberg/concat-not-push 
Use concat instead of push around `listFolders`
 2022-07-13 02:39:34 -07:00
Henry Mercer
a844fefc86 Merge branch 'main' into aeisenberg/concat-not-push 2022-07-13 10:09:16 +01:00
Andrew Eisenberg
7ce9ef9137 Use concat instead of push around listFolders 
This avoids stack overflows when using the spread operator on
directories that have many, many children.
 2022-07-12 13:23:01 -07:00
Henry Mercer
d750c6d79d Merge pull request #1138 from github/henrymercer/drop-token-check 
Update required checks: Allow authenticating via the GitHub CLI
 2022-07-12 19:57:01 +01:00
Henry Mercer
4cb248b0ec Merge branch 'main' into henrymercer/drop-token-check 2022-07-12 18:21:09 +01:00
Henry Mercer
1e7f770864 Merge pull request #1132 from github/henrymercer/one-click-debug 
Enable one-click debugging via the "Enable debug logging" option when re-running Actions jobs
 2022-07-12 18:10:16 +01:00
Henry Mercer
816b3e91bc Update failure message 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2022-07-12 17:52:15 +01:00
Henry Mercer
fbbd1dcd52 Fix extra double quote 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2022-07-12 17:44:51 +01:00
Henry Mercer
0a5dad3c83 Allow authenticating via the GitHub CLI 
We no longer run this script within Actions for security reasons, and
when running locally we can authenticate with the GitHub CLI instead
of a PAT.
 2022-07-12 17:33:24 +01:00
Henry Mercer
d61e3fdf02 Fix shellcheck errors 
Avoid trying to evaluate `github/codeql-action`.
 2022-07-12 17:31:31 +01:00
Henry Mercer
dca60ba711 Merge remote-tracking branch 'origin/main' into henrymercer/one-click-debug 2022-07-12 16:54:30 +01:00
Cornelius Riemenschneider
e1ec69721f Merge pull request #1137 from github/criemen/fix-end-tracing 
Unset tracing variables after finalizing databases.
 2022-07-12 17:49:59 +02:00
Henry Mercer
b45ac1f8f8 Cleanup: Use optional chaining in a couple of places 2022-07-12 16:30:21 +01:00
Henry Mercer
b316baae94 Merge remote-tracking branch 'origin/main' into henrymercer/one-click-debug 2022-07-12 16:22:05 +01:00
Henry Mercer
e655fb331c Use core.isDebug() instead of accessing env var 2022-07-12 16:19:13 +01:00
Henry Mercer
b3801753d4 Merge pull request #1133 from github/henrymercer/log-diagnostics-when-debug-enabled 
Print diagnostic messages when debugging mode is enabled
 2022-07-12 15:49:16 +01:00