github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-22 07:10:23 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,697 Commits 295 Branches 500 Tags
a21bb7f968fa17c120cf60e6f0ec444462b718a2
Commit Graph

17 Commits

Author SHA1 Message Date
Angela P Wen
a21bb7f968 Update upload input values and logic (#1598) 
- The `upload` input to the `analyze` Action now accepts the following values:
    - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

---------

Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-23 17:23:25 +00:00
Henry Mercer
5f644f971e Upgrade TypeScript to 9.2.0 2023-01-18 20:59:57 +00:00
Henry Mercer
e9ff99b027 Improve error message when workflow file doesn't exist 2022-12-21 11:40:31 +00:00
Henry Mercer
8b9e982393 Add a better log message for reusable workflow calls 2022-12-21 11:40:31 +00:00
Henry Mercer
a409f43c7a Handle non-string with inputs 2022-12-09 10:35:28 +00:00
Henry Mercer
384a214d60 Allow testing workflow parsing functionality from PR checks 2022-12-06 18:37:25 +00:00
Henry Mercer
4623c8edb6 Make getInputOrThrow throw when it can't find any calls to the Action 
This created unexpected behavior with a workflow calling
`codeql-action/analyze` locally.
Therefore, be more conservative with parsing inputs from workflows and
refuse to parse jobs that don't call the specified Action exactly once.
 2022-12-06 18:13:47 +00:00
Henry Mercer
e0dec83cfc Explicitly mention surrounding by try/catch in JSDoc 2022-11-29 16:29:27 +00:00
Henry Mercer
00a3c456fb Always wait for processing when uploading a failed SARIF file 2022-11-29 16:27:04 +00:00
Henry Mercer
5296a763b1 Upload failed SARIF files to Code Scanning 2022-11-25 17:52:50 +00:00
Henry Mercer
3cf2a1ba2e Add function for retrieving the "upload" input 2022-11-25 17:49:01 +00:00
Henry Mercer
8f05fcd048 Filter set of possible Action inputs to those from a particular job 
This better handles cases where customers have a monorepo and have
separate jobs for different components.
 2022-11-25 17:40:27 +00:00
Henry Mercer
bff0be7364 Generalize getCategoryInputOrThrow to arbitrary inputs 2022-11-23 19:27:03 +00:00
Henry Mercer
daf4614f68 Substitute matrix variables into category input 
This is a common case, so we should handle it.
 2022-11-23 19:27:03 +00:00
Henry Mercer
e2d523ca5e Add function to read the analysis category from a workflow 2022-11-23 19:27:03 +00:00
Henry Mercer
996d04b1e5 Fix a type error affecting later versions of TypeScript 2022-11-23 19:27:03 +00:00
Henry Mercer
79f8286c68 Refactoring: Separate out workflow related functionality 
No semantic changes.
 2022-11-23 19:27:01 +00:00