github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-23 15:50:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,662 Commits 297 Branches 500 Tags
b66e847aaf78454aea16e9ebcd3065ee0ca0015e
Commit Graph

296 Commits

Author SHA1 Message Date
Koen Vlaswinkel
e20c273295 Use supportsFeature check for merging SARIF files 2024-03-22 14:15:42 +01:00
Koen Vlaswinkel
7e30c622b0 Use subdirectory for combined SARIF file 2024-03-22 14:15:16 +01:00
Koen Vlaswinkel
ccc609bf1a Use github merge-results command when feature flag is enabled 2024-03-22 14:15:00 +01:00
Henry Mercer
c84e4c8e7b Mark some more processing errors as invalid SARIF upload requests 2024-03-20 20:55:54 +00:00
Henry Mercer
888ab31e3e Mark third-party SARIF limits errors as configuration errors 2024-02-28 19:41:43 +00:00
Henry Mercer
bd56a05133 Rename InvalidRequestError to InvalidSarifUploadError 
Nitty: make it a little clearer when this shows up in the logs what type of request we mean
 2024-02-28 19:25:30 +00:00
Angela P Wen
62712e9ff9 Throw InvalidRequestError if JSON parsing fails 2024-02-28 16:02:37 +00:00
Angela P Wen
52f2347108 Consider SyntaxErrors configuration errors 2024-02-28 15:23:11 +00:00
Angela P Wen
1a6bac42d0 Rename considerInvalidRequestConfigError to isThirdPartyUpload 
This describes what we are trying to do more accurately.
 2024-02-28 15:22:39 +00:00
Josh Soref
5a6da1d85d Treat status reports as non-critical 
Change `sendStatusReport` to `void`
 2024-02-12 13:56:10 -05:00
Angela P Wen
1515e2bb20 Refactor configuration errors (#2105) 
Refactor the existing classes of configuration errors into their own file; consolidate the place we check for configuration errors into `codeql.ts`, where the actual command invocations happen.

Also, rename the `UserError` type to `ConfigurationError` to standardize on a single term.
 2024-02-08 17:20:03 +00:00
Henry Mercer
fdea2a523d Remove result pruning for CodeQL 2.11.2 2023-11-27 12:58:49 +00:00
Henry Mercer
a7c12a5225 Address PR comments 2023-09-07 20:44:15 +01:00
Henry Mercer
583a1019cc Mark invalid SARIF errors as user errors in the upload-sarif Action 2023-09-06 18:14:30 +01:00
Henry Mercer
bcfe48982e Improve function name 2023-07-28 18:51:43 +01:00
Henry Mercer
79690d4663 Make submitting advanced analysis when default setup on a user error 2023-07-28 18:21:38 +01:00
Henry Mercer
2637069a45 Resolve dependency cycles between actions-util and workflow 2023-07-19 17:21:33 +01:00
Henry Mercer
3a960869ac Simplify definitions of environment variables 2023-07-06 17:28:37 +01:00
Angela P Wen
46a6823b81 Send new per-query alert count event reports for QA telemetry (#1741) 2023-06-30 07:53:13 -07:00
Henry Mercer
d6201b58de Improve logging messages 2023-06-16 11:18:41 +01:00
Henry Mercer
4d7934a07c Tolerate unexpected processing statuses for red SARIF uploads 2023-06-14 14:20:27 +01:00
Henry Mercer
bf419682de Remove unused CODESCANNING_EVENT_NAME environment variable 2023-05-31 15:37:11 +01:00
Andrew Eisenberg
9c5706e1a2 Avoid throwing validation error on invalid URIs 
The recent update of jsonschema inadvertently caused extra validation of
`uri-reference` formatted properties. This change ensures that these
errors are converted to warnings.

Note that we cannot revert the change to jsonschema since the old
version does not handle `uniqueItems` correctly.
 2023-05-25 10:18:12 -07:00
Andrew Eisenberg
ece3cbc8ec Update changelog 2023-05-02 13:52:28 -07:00
Angela P Wen
da583b07a7 Add workload_run_attempt to analysis upload (#1658) 
* Refactor status report upload logic

Previously we had duplicated the logic to check `GITHUB_RUN_ID`. We now call the `getWorkflowRunID()` method for the status report upload method, and move the logic for the run attempt to `getWorkflowRunAttempt()`

* Add `workflow_run_attempt` to analysis payload

* Stop allowing `undefined` run IDs and attempts

Because we already throw an error if the ID or attempt aren't numbers, we don't have to allow `undefined` values into the payload.
 2023-04-26 02:13:27 +00:00
Henry Mercer
e5c2f32a9f Consistently wrap errors 2023-04-06 17:04:21 +01:00
Henry Mercer
6f852eeb38 Implement removing duplicate locations from a SARIF file 2023-03-24 20:30:57 +00:00
Andrew Eisenberg
a2487fb969 Avoid unref-ing timer while awaiting status upload 
We had a problem where `waitForProcessing` was not completing before
the node process ends. This is because using `unref` would allow the
node process to end without having the `delay` function complete.
 2023-02-13 13:43:18 -08:00
Angela P Wen
81644f35ff Add max line length of 120 to linter (#1524) 2023-02-07 14:09:33 +00:00
Henry Mercer
5f644f971e Upgrade TypeScript to 9.2.0 2023-01-18 20:59:57 +00:00
Henry Mercer
375dacad24 Only print the full error message in debug mode 2022-12-02 14:38:40 +00:00
Henry Mercer
3d90c4f911 Improve error message when failed SARIF file doesn't process as expected 2022-11-30 11:27:03 +00:00
Henry Mercer
e628ee0ae1 Push unsuccessful execution API error detection into upload library 2022-11-29 16:25:29 +00:00
Henry Mercer
d0517be03a Ensure we finish the log group when waiting for processing 2022-11-25 17:55:01 +00:00
Henry Mercer
5296a763b1 Upload failed SARIF files to Code Scanning 2022-11-25 17:52:50 +00:00
Henry Mercer
79f8286c68 Refactoring: Separate out workflow related functionality 
No semantic changes.
 2022-11-23 19:27:01 +00:00
Henry Mercer
39fe7aa8a1 Remove dead guard for GHES 3.0 2022-11-23 13:57:07 +00:00
Henry Mercer
9df773d1a3 Remove unneeded apiDetails input to getApiClient 2022-11-14 19:55:30 +00:00
Henry Mercer
8ecbaea022 Remove support for empty analysis keys from runner 2022-11-14 18:55:31 +00:00
Henry Mercer
b498c79130 Remove concept of Actions / runner mode 2022-11-14 16:37:48 +00:00
Edoardo Pirovano
862a512899 Prune results of Ruby query from SARIF 2022-11-04 14:57:13 +00:00
David Verdeguer
a03f3bd585 Build js 2022-09-07 09:45:19 +02:00
CI
0e3ae6e68a fix: clarify upload-sarify category uniqueness error message 2022-08-05 10:59:35 -04:00
Chris Gavin
366e88c2c1 Fix processing errors being caught and logged as a warning rather than failing the workflow run. 2022-05-03 10:06:19 +01:00
Henry Mercer
7c2be06006 Factor out test mode determination code 2022-04-28 19:13:22 +01:00
Chris Gavin
9885f86fab Re-enable waiting for processing by default, using the new API semantics. 2022-03-30 12:24:59 +01:00
Andrew Eisenberg
a92e8775d8 Use the checkout_path for getting the commit oid 
This commit also adds a new integration check to verify this.

When running in test mode, payloads will not be uploaded. Instead, they
will be saved to disk so that they can be inspected later.
 2022-03-01 12:40:52 -08:00
Thomas Horstmeyer
3469c69bba Merge branch 'main' into use-better-base-sha 2022-02-02 13:52:13 +00:00
Andrew Eisenberg
36419a79c1 Avoid sending status reports in test mode 2022-02-01 10:12:35 -08:00
Thomas Horstmeyer
ec0b3ae7ff remove some debug info 2022-02-01 15:39:11 +00:00