github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,334 Commits 297 Branches 500 Tags
bd76a92ebec472fb11c72904310da276b5d8649e
Commit Graph

52 Commits

Author SHA1 Message Date
Henry Mercer
bd76a92ebe PR checks: Remove code for unsupported versions 2025-01-15 17:50:02 +00:00
Josh Soref
756aa649df spelling: macos 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2024-11-06 06:43:41 -05:00
Henry Mercer
619f0d628b Update CodeQL versions tested in generated checks 2024-10-15 19:43:56 +01:00
Henry Mercer
a1404425d9 Remove 2.12.6 from tests 2024-08-05 19:28:35 +01:00
Andrew Eisenberg
79f6e84e69 Ensure string argument instead of boolean 2024-06-14 14:59:22 -07:00
Andrew Eisenberg
3f41e06a52 Merge remote-tracking branch 'upstream/main' into aeisenberg/enable-kotlin-tests 2024-06-14 13:20:03 -07:00
Henry Mercer
12243c759f Disable database upload in test mode 2024-06-11 19:07:13 +01:00
Angela P Wen
67d5a9a476 PR Checks: Use tools: linked rather than tools: latest 
Also changes the input and output in the `prepare-test` Action to use `linked`.
 2024-05-31 11:49:47 +02:00
Henry Mercer
c59e05245f Disable fail fast in generated workflows 2024-05-10 16:24:22 +01:00
Angela P Wen
ac2f82a1ff Log warning if SIP is disabled and CLI version is < 2.15.1 (#2261) 
* PR Checks: use `macos-12` runners for CLI v. < 2.15.1

Prior to CLI v2.15.1, MacOS ARM runners were not supported by the build tracer. "macos-latest" is now an ARM runner, so we run these tests on the old CLIs on Intel runners instead.

* Log a warning if SIP is disabled and CLI is < 2.15.1

* Add changenote for SIP-disabled support on old CLI versions

* Set up Python 3.11 for all MacOS checks
 2024-04-25 22:20:13 +00:00
Henry Mercer
2f0d0eaebd Update PR checks 2024-04-09 12:19:26 +01:00
Angela P Wen
f421cda8e7 Run integration test PR checks nightly (#2222) 
* Run integration test PR checks nightly

Scheduled for 5AM UTC. This will assist in catching bugs introduced with new runner images.

* Specify generated YAML indentations

For consistency with our non-autogenerated files and GitHub documentation, we should further indent items in lists (`sequence`).
 2024-04-04 10:30:18 -07:00
Andrew Eisenberg
72f5fb9a00 Merge branch 'main' into aeisenberg/enable-kotlin-tests 2024-04-01 11:27:17 -07:00
Henry Mercer
35b10b5ff7 Merge branch 'main' into henrymercer/drop-codeql-v2.11.5 2024-01-02 18:03:32 +00:00
dependabot[bot]
596b173a4e Bump the actions group with 2 updates (#2056) 
* Bump the actions group with 2 updates

Bumps the actions group with 2 updates: [actions/setup-python](https://github.com/actions/setup-python) and [actions/setup-go](https://github.com/actions/setup-go).


Updates `actions/setup-python` from 4 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4...v5)

Updates `actions/setup-go` from 4 to 5
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump `setup-python` and `setup-go` to v5

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
 2023-12-27 17:12:00 -08:00
nickfyson
0e9a210226 update workflows to run on all release branches 2023-12-06 15:57:43 +00:00
Henry Mercer
649145214e Update PR checks 
Stop testing `stable-20220908` bundle as this is no longer supported.
 2023-11-27 12:41:44 +00:00
Andrew Eisenberg
7c60ff7ad6 Use setup-python@v4 2023-11-02 07:49:59 -07:00
Andrew Eisenberg
9ef69a2c7a Be more precise about when to use python 3.11 
Only run use 3.11 on versions of of the CLI that we know don't support
3.12.
 2023-11-01 18:10:09 -07:00
Andrew Eisenberg
bd4005aa6a Force python 3.11 for macos 
3.12 does not work.
 2023-11-01 16:01:27 -07:00
Andrew Eisenberg
fcf7c47f2f Explicitly setup a kotlin version 
Change the `prepare-test` action to conditionally setup kotlin.
 2023-10-13 15:25:37 -07:00
Andrew Eisenberg
7feb9a04fd Re-enable kotlin tests 
Reverts https://github.com/github/codeql-action/pull/1473
 2023-10-10 16:08:54 -07:00
dependabot[bot]
321d3e057d Bump the actions group with 1 update 
Bumps the actions group with 1 update: [actions/checkout](https://github.com/actions/checkout).

- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 18:00:31 +00:00
Angela P Wen
1f63aba653 PR Checks: Test codeql-bundle.tar.gz (#1822) 2023-08-03 15:38:21 +00:00
Henry Mercer
49e0fc2ba1 PR checks: Rename cached to default 2023-08-02 18:02:10 +01:00
Henry Mercer
9f45792756 Update autogenerated notice to refer to specific ruamel.yaml version 2023-06-12 13:28:11 +01:00
Angela P Wen
cdcdbb5797 PR checks: stop setting experimental Swift var for new CLI versions (#1718) 
Now that `latest` and `cached` are both 2.13.3, which is the version in which we GA'ed Swift, we should stop setting this experimental variable when we test these CLI versions so we can test the case where the variable is unset.
 2023-06-06 08:49:09 -07:00
Henry Mercer
1023a086ae Merge pull request #1694 from jsoref/fixes 
Fix running tests on forks, and handle invalid URIs when fingerprinting
 2023-05-25 15:41:27 +01:00
Josh Soref
dba4f66682 Grant security-events: write permissions 2023-05-24 18:14:01 -04:00
Josh Soref
8f9b20ba50 Clarify how to update workflows 2023-05-24 18:14:01 -04:00
Angela P Wen
8c923c00a3 Fix Swift PR Checks on nightly-latest CLI (#1696) 2023-05-24 17:59:40 +01:00
Henry Mercer
f7a67e4341 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-05 18:39:27 +01:00
Henry Mercer
e85546ccca Move internal Actions into .github/actions 
This is a more standard location for these custom Actions.
 2023-04-03 18:29:29 +01:00
Henry Mercer
72d018e267 Improve serialization of Swift environment variable if expression 2023-03-29 13:15:59 +01:00
Henry Mercer
6ef37003ca Update CodeQL releases used in PR checks 2023-03-28 20:07:09 +01:00
Angela P Wen
a21bb7f968 Update upload input values and logic (#1598) 
- The `upload` input to the `analyze` Action now accepts the following values:
    - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

---------

Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-23 17:23:25 +00:00
Andrew Eisenberg
c208575433 Avoid uploading databases after integration tests 
We are still getting coverage of the upload capability through the
standard codeql analysis workflow.
 2023-03-14 14:55:58 -07:00
Henry Mercer
e530813ab8 Remove PR checks for v1 2023-01-16 18:49:32 +00:00
Henry Mercer
620a267204 Temporarily disable Kotlin analysis in PR checks 
Kotlin analysis is incompatible with Kotlin 1.8.0, which is now rolling
out to the Actions runner images.

While we work on a more permanent fix to our PR checks, this will
prevent us losing other
test coverage.
 2023-01-10 17:31:35 +00:00
Henry Mercer
7cdf75141e Remove redundant INTERNAL_CODEQL_ACTION_DEBUG_LOC variable 2022-11-16 16:40:35 +00:00
Henry Mercer
a190d3876a Rename TEST_MODE to specific variable for CodeQL Action 
This allows us to set it automatically in the workflow generator,
simplifying things and reducing the scope for error.
 2022-11-16 16:40:30 +00:00
Henry Mercer
96a8424f0c Don't bypass the toolcache in test mode 2022-08-16 16:18:12 +01:00
Henry Mercer
9daf1de73c Update references to release branches 
Prepare for renaming `v1` -> `releases/v1` and `v2` -> `releases/v2`.
 2022-04-14 17:48:46 +01:00
Henry Mercer
a2949f47b3 Update actions/checkout from v2 to v3 2022-03-30 19:46:09 +01:00
Henry Mercer
e769c2dd6e Run all PR checks on v2 branch 2022-03-30 15:59:09 +01:00
Andrew Eisenberg
76c3e91b1f Bump timeout to 45 minutes 
With a 30 minute timeout, we were getting some cancelled runs.
This should fix it.
 2022-03-11 11:45:45 -08:00
Andrew Eisenberg
628afae9d3 Add a timeout of 30 min 
For all CI jobs. Based on some eye-balling 30 minutes should be
enough time for all jobs to complete.
 2022-03-08 14:57:35 -08:00
Edoardo Pirovano
8ec6a84629 Expand PR checks to cover windows-2022 2022-02-28 15:39:34 +00:00
Andrew Eisenberg
b2af0740e4 Remove security-events: write from tests 
This is not necessary.
 2022-02-01 19:17:15 -08:00
Andrew Eisenberg
e9aa2c6f62 Add a permissions block for generated workflows 
Ensure that all workflows are able to write security events.
 2022-01-31 16:11:00 -08:00