github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-10 01:34:36 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,718 Commits 291 Branches 495 Tags
a23d4d86fb7e34b453a4a0a03964471ebaf909ff
Commit Graph

159 Commits

Author SHA1 Message Date
Henry Mercer
b316baae94 Merge remote-tracking branch 'origin/main' into henrymercer/one-click-debug 2022-07-12 16:22:05 +01:00
Henry Mercer
7e94a6cbca Print diagnostic messages when debug logging enabled 
This commit prints diagnostic messages to the Actions log when debug
logging is enabled by passing `debug: true` to `codeql-action/init` or
enabling Actions step debug logging.
 2022-07-01 18:56:12 +01:00
Henry Mercer
c736697abf Remove toolcache decorator 
This decorator enabled us to use the functionality of the Actions
toolcache within the runner too.
Now that we've deleted the runner we no longer need it.
 2022-06-30 09:16:10 +01:00
Cornelius Riemenschneider
ab7316e0c5 Implement unit tests for reading the Lua tracer FF in analyze-action. 2022-06-27 16:04:29 +00:00
Cornelius Riemenschneider
f422a50448 Honor the Lua tracer FF for database trace-command invocations for scanned languages. 
In theory, a scanned language will not setup the build tracer, and so
shouldn't care about lua versus legacy tracing. However, `go` is a
special case where the autobuilder runs under the build tracer, that
then gets disabled immediately again, unless a special environment
variable is used.
Therefore, we need to thread through the feature flag to this
`database trace-command` invocation. For other scanned languages,
this should be a no-op, as no tracing is ever set up.
 2022-06-27 16:04:29 +00:00
Cornelius Riemenschneider
99acb8dda6 Bump lua tracer version requirement. 
The old version had a bug related to go autobuilding, so we only want to
respect the feature flag for the version that has the fix.
 2022-06-20 14:05:26 +00:00
Cornelius Riemenschneider
4b775686a0 Choose the correct version to enable the Lua tracer for. 2022-05-25 07:39:11 +00:00
Cornelius Riemenschneider
9e9a8428c3 Introduce a feature-flag to enable/disable lua-based tracing. 
This allows us to gradually roll out (or even roll back)
Lua-based tracing in case problems occur.
 2022-05-16 09:16:38 +00:00
Henry Mercer
54b4854fda Bump @actions/tool-cache to 2.0.0 
This allows us to drop our direct dependency on `@actions/http-client`.
 2022-05-13 11:54:40 +01:00
Henry Mercer
533ce91971 Merge remote-tracking branch 'origin/main' into henrymercer/run-atm-on-windows 2022-05-11 19:32:14 +01:00
Andrew Eisenberg
922dc2b976 Use the --resolve-query-specs parameter of pack download 
This will allow the command to resolve packs with paths.

Also, use a more concise version of `tr`.
 2022-04-29 10:54:01 -07:00
Andrew Eisenberg
06b15c22b1 Allow pack specifiers to include paths 
Also, this cleans up our pack-related integration tests.
We are now testing with the most recent CLIs.
 2022-04-28 17:14:30 -07:00
Henry Mercer
d9e30cb001 Run ML-powered queries on Windows with CodeQL CLI 2.9.0+ 2022-04-28 19:18:15 +01:00
Chuan-kai Lin
6dd9baf8be Fix status reporting error on Windows 2022-04-26 08:06:57 -07:00
Edoardo Pirovano
43d066495c Revert usage of --codescanning-config flag 2022-04-05 09:41:07 +01:00
Henry Mercer
2c03704a6c Allow the version of the ML-powered pack to depend on the CLI version 2022-03-31 14:58:29 +01:00
Edoardo Pirovano
d625a00cee Start running ATM queries again 2022-03-28 09:06:45 +01:00
Edoardo Pirovano
85cfdb24f4 Don't download packs when it isn't needed 2022-03-25 11:26:13 +00:00
Chuan-kai Lin
f60bb5cc38 Include CodeQL CLI and action versions in status reports 2022-03-17 10:07:29 -07:00
Edoardo Pirovano
527d5153ad Bump version flag for using --codescanning-config flag 2022-03-01 14:34:53 +00:00
Edoardo Pirovano
07990f07e5 Revert "Revert "Use --codescanning-config flag of CLI"" 
This reverts commit 326e5118c5.
 2022-03-01 14:33:00 +00:00
Edoardo Pirovano
326e5118c5 Revert "Use --codescanning-config flag of CLI" 
This reverts commit 0d87b8c615.
 2022-02-17 13:05:55 +00:00
Henry Mercer
db24c88f31 Merge branch 'main' into henrymercer/fix-flaky-tests 2022-02-17 10:50:19 +00:00
Edoardo Pirovano
0d87b8c615 Use --codescanning-config flag of CLI 2022-02-16 13:34:47 +00:00
Henry Mercer
13c841aa39 Bump minimum supported CodeQL version to 2.4.5 
This is the earliest CodeQL version supported by GHES.
Bumping to this version resolves some flaky tests caused by the "We
still have not reached idleness" deadlock, as this deadlock is fixed in
2.4.5.
 2022-02-16 12:46:47 +00:00
Edoardo Pirovano
14b4839253 Respect extra options in a few codeql calls 2022-01-21 13:44:52 +00:00
Edoardo Pirovano
e677af3fd0 Make name of debugging artifact and DB within it configurable 2022-01-07 15:10:26 +00:00
Henry Mercer
2159631658 Only run ML-powered queries with v2.7.5 or newer of the CLI 2022-01-06 11:58:03 +00:00
Edoardo Pirovano
705f634a1d Refuse to use broken versions in the toolcache 2021-12-09 13:43:57 +00:00
Andrew Eisenberg
a8cf6f42c2 Revert "Bump default CodeQL version to 2.7.3" 2021-12-08 10:07:10 -08:00
Andrew Eisenberg
fac22de4f9 Autobuild: Prefix invocations with CODEQL_RUNNER 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-12-07 20:50:17 -08:00
Edoardo Pirovano
5156a89668 Re-enable new style of tracing 2021-11-04 09:47:56 +00:00
Chuan-kai Lin
9a44540e25 Include custom query help in analysis results 2021-11-03 13:19:01 -07:00
Edoardo Pirovano
d362b66e03 Temporarily disable new style of tracing 2021-10-08 12:45:52 +01:00
Edoardo Pirovano
f04acbbdc3 Use CLI's own baseline LOC counting 2021-09-29 11:17:41 +01:00
Edoardo Pirovano
1f4460b9fb Make use of multi-language and indirect tracing 2021-09-22 16:12:23 +01:00
Andrew Eisenberg
40568daca8 Fix compile errors introduced by typescript 4.4.2 
4.4.2 introduces a breaking change that the variable in a catch clause
is now `unknown` type. So, we need to cast the `e`, `err`, or `error`
variables to type `Error`.
 2021-09-10 14:06:27 -07:00
Edoardo Pirovano
fd45eac830 Address PR comments from @henrymercer 2021-08-18 16:39:00 +01:00
Edoardo Pirovano
70d2efc353 Enforce a minimum version of CodeQL CLI 2021-08-18 11:48:12 +01:00
Edoardo Pirovano
fb77829455 Version flag usage of certain CLI flags 2021-08-18 09:44:49 +01:00
Edoardo Pirovano
4ba53e33d7 Cache result of codeql version 2021-08-18 09:26:33 +01:00
Edoardo Pirovano
0c4306b672 Pass --ram flag to database finalize 2021-08-12 18:12:28 +01:00
Henry Mercer
4f7bdf9d42 Re-enable diagnostics summaries in the output of the analyze action 2021-08-02 17:06:09 +01:00
Edoardo Pirovano
d9849b8ca1 Rebuild after TypeScript version bump 2021-07-27 17:59:59 +01:00
Edoardo Pirovano
a7dac5c3db Address PR comment. 2021-06-28 23:52:53 +01:00
Edoardo Pirovano
8f4c2c76ad Allow local instead of downloaded CodeQL 2021-06-28 18:11:13 +01:00
Edoardo Pirovano
85ac9fe26e Remove misleading comment. 2021-06-25 14:28:43 +01:00
Edoardo Pirovano
40852fa52a Improve error messages from CLI invocations 2021-06-24 23:38:13 +01:00
Simon Engledew
9200db3ec4 Restore original getCodeQLActionRepository behaviour 2021-06-24 17:52:48 +01:00
Chris Gavin
59560e54ac Replace custom tool download method with the one in the tool cache library. 2021-06-23 14:28:37 +01:00