github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-01-02 12:40:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,683 Commits 297 Branches 500 Tags
b45ac1f8f87be3357be62cd4ba90c9eb350b459b
Commit Graph

954 Commits

Author SHA1 Message Date
Henry Mercer
b45ac1f8f8 Cleanup: Use optional chaining in a couple of places 2022-07-12 16:30:21 +01:00
Henry Mercer
b316baae94 Merge remote-tracking branch 'origin/main' into henrymercer/one-click-debug 2022-07-12 16:22:05 +01:00
Henry Mercer
e655fb331c Use core.isDebug() instead of accessing env var 2022-07-12 16:19:13 +01:00
Henry Mercer
fc926423a5 Merge remote-tracking branch 'origin/main' into henrymercer/run-unit-tests-on-windows 2022-07-11 17:57:19 +01:00
Henry Mercer
7e94a6cbca Print diagnostic messages when debug logging enabled 
This commit prints diagnostic messages to the Actions log when debug
logging is enabled by passing `debug: true` to `codeql-action/init` or
enabling Actions step debug logging.
 2022-07-01 18:56:12 +01:00
Henry Mercer
53850d88bb Enable one-click debugging via the "Enable debug logging" rerun option 2022-07-01 17:56:57 +01:00
Henry Mercer
c736697abf Remove toolcache decorator 
This decorator enabled us to use the functionality of the Actions
toolcache within the runner too.
Now that we've deleted the runner we no longer need it.
 2022-06-30 09:16:10 +01:00
Arthur Baars
53bc5e6c78 Merge remote-tracking branch 'origin/main' into aibaars/python-setup-no-pycache 2022-06-30 09:10:41 +02:00
Henry Mercer
130a51dbc6 Handle Windows absolute paths in resolveUriToFile 2022-06-29 18:59:33 +01:00
Henry Mercer
c2fd5d10f6 Don't make temporary directories symlinks 
`toolcache.extractTar` currently falls over when `ACTIONS_TEMP` contains
a symlink, and the runner no longer exists, so it's unlikely our
customers would be running with temporary directories that contain
symlinks.
 2022-06-29 18:59:33 +01:00
Henry Mercer
30681e79db Separate paths with / in resolveUriToFile 2022-06-29 18:59:32 +01:00
Henry Mercer
c15604920a Workaround PATH casing issues on Windows 2022-06-29 18:59:32 +01:00
Henry Mercer
4792297702 Fix test failures on Windows related to path separators 2022-06-29 18:59:32 +01:00
Henry Mercer
41d6ac4d2a Remove toolcache decorator 
This decorator enabled us to use the functionality of the Actions
toolcache within the runner too.
Now that we've deleted the runner we no longer need it.
 2022-06-28 18:22:09 +01:00
Cornelius Riemenschneider
1616e0ef98 Simplify tests for the Lua tracer FF in analyze-action. 2022-06-28 10:29:00 +00:00
Cornelius Riemenschneider
821fe9b476 Merge branch 'main' into criemen/lua-tracer-ff-2 2022-06-28 10:43:04 +02:00
Cornelius Riemenschneider
ab7316e0c5 Implement unit tests for reading the Lua tracer FF in analyze-action. 2022-06-27 16:04:29 +00:00
Cornelius Riemenschneider
f422a50448 Honor the Lua tracer FF for database trace-command invocations for scanned languages. 
In theory, a scanned language will not setup the build tracer, and so
shouldn't care about lua versus legacy tracing. However, `go` is a
special case where the autobuilder runs under the build tracer, that
then gets disabled immediately again, unless a special environment
variable is used.
Therefore, we need to thread through the feature flag to this
`database trace-command` invocation. For other scanned languages,
this should be a no-op, as no tracing is ever set up.
 2022-06-27 16:04:29 +00:00
Chuan-kai Lin
ed40e306f5 Update default CodeQL version to 2.10.0 2022-06-27 09:01:12 -07:00
Arthur Baars
11a46b8856 Python-Setup: run auto_install_packages.py with -B flag 
This avoids creating a __pycache__ folder in the _actions folder, which
may cause file ownership problems on self-hosted runners
when run in a docker container.
 2022-06-27 16:39:19 +02:00
Arthur Baars
95673cf9a2 Revert "Python-Setup: set PYTHONDONTWRITEBYTECODE=1" 
This reverts commit 3ff1fd9192.
 2022-06-27 16:34:35 +02:00
Arthur Baars
3ff1fd9192 Python-Setup: set PYTHONDONTWRITEBYTECODE=1 2022-06-27 16:34:25 +02:00
Andrew Eisenberg
1653a84fbc Allow scans with packs for languages not being scanned 
Previously, we were being too strict about checking that a pack's
language was being scanned. It was a failure if a pack language
was specified for a language not being scanned.
 2022-06-22 14:37:31 -07:00
Andrew Eisenberg
99d4397d88 Revert "Add capability to filter queries #1098" 
https://github.com/github/codeql-action/pull/1098
This reverts commit 777b778409.
This reverts commit 59ca9b59cb.
This reverts commit eec34d5f05.
This reverts commit 40b280032c.
 2022-06-21 13:49:33 -07:00
Cornelius Riemenschneider
99acb8dda6 Bump lua tracer version requirement. 
The old version had a bug related to go autobuilding, so we only want to
respect the feature flag for the version that has the fix.
 2022-06-20 14:05:26 +00:00
Edoardo Pirovano
ccf5d70ab3 Update default CodeQL version to 2.9.4 2022-06-20 09:39:11 +01:00
Andrew Eisenberg
7c412c67ba Merge branch 'aeisenberg/check-sarif-action' into aeisenberg/remove-queries 2022-06-16 02:42:30 +02:00
Andrew Eisenberg
6db77eec0d Merge remote-tracking branch 'upstream/main' into aeisenberg/remove-queries 2022-06-15 17:21:05 -07:00
GitHub
97f9db4fb9 Update supported GitHub Enterprise Server versions. 2022-06-16 00:11:36 +00:00
Andrew Eisenberg
59ca9b59cb Extract query-filters test into a composite action 
Removes duplicated yaml.

Also add some better typings.
 2022-06-15 16:32:33 -07:00
tombolton
a27dc4fee4 update security extended test for all platforms 2022-06-15 11:42:22 +01:00
tombolton
a568674c69 add tests for ML powered queries 0.3.0 and CLI 2.9.3 2022-06-15 11:42:22 +01:00
tombolton
79d8e4a43d fix lint errors 2022-06-15 11:42:22 +01:00
tombolton
0ece1d1000 add ml query pack 0.3.0 2022-06-15 11:42:22 +01:00
Andrew Eisenberg
06e27d3e3d Merge branch 'aeisenberg/js-yaml-typings' into aeisenberg/remove-queries 2022-06-14 12:08:16 -07:00
Andrew Eisenberg
40b280032c Add capability to filter queries 
This change adds a `query-filters` property to the codeql-config file.

This property is an array of `exclude`/`include` entries for a query
suite. These filters are appended to the generated query suite files
and used to filter queries after they are selected.

A related change is that now, all pack references are run in a single
query suite, which has the query filters appended to them.
 2022-06-14 12:07:49 -07:00
Andrew Eisenberg
0efcf74ce0 Add typings for js-yaml 2022-06-14 07:50:47 -07:00
Andrew Eisenberg
f7c46e5cbc Avoid use of rmdir 
This is a deprecated method on node v16.
 2022-06-13 22:40:09 +00:00
Mathias Vorreiter Pedersen
1b5ea4afdc Merge branch 'main' into swift-support 2022-06-03 01:13:47 +01:00
Mathias Vorreiter Pedersen
16c620dea4 Make the linter happy. 2022-05-31 13:55:23 +01:00
Chuan-kai Lin
b36688d5b7 Update default CodeQL to 2.9.3 2022-05-27 09:16:45 -07:00
Mathias Vorreiter Pedersen
bfe9d7da56 Add Swift as a supported language. 2022-05-27 16:29:13 +01:00
Cornelius Riemenschneider
255ffd480f Merge branch 'main' into criemen/lua-tracing-ff 2022-05-25 11:53:06 +02:00
Cornelius Riemenschneider
4b775686a0 Choose the correct version to enable the Lua tracer for. 2022-05-25 07:39:11 +00:00
Cornelius Riemenschneider
970e0879d9 Fix linter errors. 2022-05-16 09:40:10 +00:00
Cornelius Riemenschneider
db50adab01 Add tests for the Lua feature flag. 2022-05-16 09:16:41 +00:00
Cornelius Riemenschneider
9e9a8428c3 Introduce a feature-flag to enable/disable lua-based tracing. 
This allows us to gradually roll out (or even roll back)
Lua-based tracing in case problems occur.
 2022-05-16 09:16:38 +00:00
Edoardo Pirovano
1725087693 Update default CodeQL to 2.9.2 2022-05-16 09:40:19 +01:00
Henry Mercer
54b4854fda Bump @actions/tool-cache to 2.0.0 
This allows us to drop our direct dependency on `@actions/http-client`.
 2022-05-13 11:54:40 +01:00
Henry Mercer
533ce91971 Merge remote-tracking branch 'origin/main' into henrymercer/run-atm-on-windows 2022-05-11 19:32:14 +01:00