github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,823 Commits 297 Branches 500 Tags
adf39dd33fc2c348e314b2fee8b62ef59bc7ba42
Commit Graph

2742 Commits

Author SHA1 Message Date
Michael B. Gale
adf39dd33f Add function for starting status report 2025-10-17 11:16:00 +01:00
Michael B. Gale
db6938a4d0 Change check to be restrictive by default 2025-10-16 15:06:19 +01:00
Michael B. Gale
c77b3fb96e Skip failed SARIF upload if analysis-kinds: code-quality 2025-10-16 14:27:17 +01:00
github-actions[bot]
61789e2fdb Rebuild 2025-10-10 15:59:22 +00:00
Henry Mercer
527f0f324a Merge pull request #3195 from github/dependabot/npm_and_yarn/npm-minor-37415c9066 
Bump the npm-minor group with 3 updates
 2025-10-10 15:22:52 +01:00
github-actions[bot]
e1257b6fda Rebuild 2025-10-10 13:47:47 +00:00
Michael B. Gale
4704ab1869 Fix swapped log levels 2025-10-10 14:42:09 +01:00
Michael B. Gale
524b9a00e8 Fix log message swap 2025-10-10 14:04:39 +01:00
Michael B. Gale
a512fe0868 Gate tools: toolcache behind FF 
Mainly to allow us to disable it, if needed.
 2025-10-10 13:49:06 +01:00
Michael B. Gale
62f0f21c3c Add AllowToolcacheInput feature 2025-10-10 13:27:50 +01:00
Paolo Tranquilli
a841c540b7 Scratch uploadSpecifiedFiles tests, make uploadPayload tests instead 2025-10-09 12:18:14 +02:00
Henry Mercer
6fd4ceb7bb Merge pull request #3189 from github/henrymercer/download-codeql-rate-limit 
Add configuration error for rate limited CodeQL download
 2025-10-08 15:11:29 +01:00
Henry Mercer
98abb870dc Add configuration error for rate limited CodeQL download 2025-10-08 14:43:54 +01:00
Michael B. Gale
bdd2cdf891 Also include language in error status report for start-proxy, if available 2025-10-08 13:13:04 +01:00
Michael B. Gale
fb148789ab Include languages in start-proxy telemetry 2025-10-08 13:01:35 +01:00
Michael B. Gale
2ff418f28a Parse language before calling getCredentials 2025-10-08 13:01:35 +01:00
Michael B. Gale
527501d15d Allow createStatusReportBase to accept a Partial<Config> 2025-10-08 13:01:35 +01:00
Paolo Tranquilli
8301b8b096 Merge pull request #3180 from github/redsun82/skip-sarif-upload 
Introduce `CODEQL_ACTION_SKIP_SARIF_UPLOAD`
 2025-10-08 12:09:54 +02:00
Nick Rolfe
7bdfa9736a Merge pull request #3184 from github/nickrolfe/go-overlay 
Overlays: allow any build mode for Go
 2025-10-08 10:48:40 +01:00
Paolo Tranquilli
1707898e5b Merge branch 'main' into redsun82/skip-sarif-upload 2025-10-08 09:34:05 +02:00
Nick Rolfe
7892cb2362 Overlays: allow any build mode for Go 
We have a check that a traced language can only run overlay analysis
with build-mode: none, but Go does not currently declare support for
BMN, even though it has a similar autobuild mode that will work for
overlay analysis.

This commit adds a hard-coded exception to that check, allowing any
build mode for Go. This is intended as a short-term solution until Go
declares BMN support. It should be safe, since we can choose not to
enable the feature flag for Go repos using traced builds.
 2025-10-07 17:45:08 +01:00
github-actions[bot]
d95a3b53f8 Rebuild 2025-10-07 16:01:48 +00:00
Paolo Tranquilli
df65651d4f Merge branch 'main' into redsun82/skip-sarif-upload 2025-10-07 17:17:13 +02:00
Paolo Tranquilli
1b09eb4ccc Address review 2025-10-07 17:17:06 +02:00
Michael B. Gale
0ba4970165 Merge branch 'main' into mbg/setup/toolcache 2025-10-07 10:09:12 +01:00
Paolo Tranquilli
5dfb610e99 Merge branch 'main' into redsun82/skip-sarif-upload 2025-10-07 10:36:12 +02:00
Henry Mercer
1491baa17e Merge branch 'main' into mbg/pr-checks/upload-sarif 2025-10-07 09:28:42 +01:00
Henry Mercer
db562a696f Merge pull request #3182 from github/dependabot/npm_and_yarn/npm-b02b6854f6 
Bump the npm group with 4 updates
 2025-10-07 09:16:58 +01:00
github-actions[bot]
6877465dc1 Rebuild 2025-10-06 17:03:52 +00:00
Paolo Tranquilli
00a6e13cbf Tweak SARIF skipping logs 2025-10-06 17:03:29 +02:00
Paolo Tranquilli
25c8db918a Revert "Specify reason for skipping SARIF upload in logs" 
This reverts commit 680b07003d.
 2025-10-06 16:59:45 +02:00
Paolo Tranquilli
680b07003d Specify reason for skipping SARIF upload in logs 2025-10-06 15:39:29 +02:00
Michael B. Gale
22aba57acf Include analysis kind in payloadSaveFile path in uploadPayload 2025-10-06 14:30:30 +01:00
Paolo Tranquilli
e0b9da7b0a Introduce CODEQL_ACTION_SKIP_SARIF_UPLOAD 
This triggers a subset of the behavior of `CODEQL_ACTION_TEST_MODE`,
specifically just skipping the SARIF upload step. This is required for
our internal testing where we want the SARIF file (via
`CODEQL_ACTION_DUMP_SARIF_DIR`) but don't want to actually upload it,
but we don't want the rest of the behaviour of `CODEQL_ACTION_TEST_MODE`
that is specific for `codeql-action` own CI checks.
 2025-10-06 14:38:32 +02:00
Michael B. Gale
726a341ed4 Restrict when tools: toolcache can be used 2025-10-06 13:16:16 +01:00
Michael B. Gale
1cc5eb6636 Use semver.compare instead of semver.lt 2025-10-06 12:58:00 +01:00
Michael B. Gale
43ce7ef399 Add isDynamicWorkflow function 2025-10-06 12:55:54 +01:00
Mario Campos
b2e22323e2 Merge remote-tracking branch 'origin/main' into mario-campos/node24 
# Conflicts:
#	lib/analyze-action-post.js
#	lib/analyze-action.js
#	lib/autobuild-action.js
#	lib/init-action-post.js
#	lib/init-action.js
#	lib/resolve-environment-action.js
#	lib/start-proxy-action-post.js
#	lib/start-proxy-action.js
#	lib/upload-lib.js
#	lib/upload-sarif-action-post.js
#	lib/upload-sarif-action.js
#	package-lock.json
#	package.json
 2025-10-03 12:59:21 -05:00
Michael B. Gale
425ef85595 Support requesting CLI from toolcache with tools: toolcache 2025-10-03 15:40:33 +01:00
Michael B. Gale
297313df79 Add getLatestToolcacheVersion with tests 2025-10-03 14:40:34 +01:00
Michael B. Gale
7fb8378d93 Re-throw exception in createStatusReportBase when in test mode 2025-10-03 11:59:36 +01:00
Mario Campos
54ae8ba5b1 Simplify PR check by reverting changes to @types/node. 2025-10-02 14:24:46 -05:00
github-actions[bot]
70836b1ec4 Rebuild 2025-10-02 13:55:07 +00:00
Henry Mercer
d899b2ed98 Merge branch 'main' into mario-campos/node24 2025-10-02 12:36:53 +01:00
Michael B. Gale
10feb5d2a2 Merge pull request #3167 from github/mbg/upload-sarif/find-then-filter 
Find, then filter, SARIF files for `upload-sarif` Action
 2025-10-02 11:51:47 +01:00
Nick Rolfe
4182ea3d4e Merge pull request #3168 from github/update-bundle/codeql-bundle-v2.23.2 
Update default bundle to 2.23.2
 2025-10-02 11:25:07 +01:00
Michael B. Gale
d573787cca Report registry types that are configured for CodeQL in start-proxy telemetry 2025-10-01 16:00:05 +01:00
Michael B. Gale
15916800df Send a basic status report in start-proxy Action if it succeeds 2025-10-01 15:55:20 +01:00
Michael B. Gale
cb5a2849ac Send status report when start-proxy fails 2025-10-01 15:52:28 +01:00
Michael B. Gale
6de1d741f6 Move error handling from startProxy to runWrapper in start-proxy action 2025-10-01 15:43:43 +01:00