github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-13 11:09:35 +08:00
Code Issues Packages Projects Releases Wiki Activity
5,173 Commits 292 Branches 498 Tags
cbe29f55dfa1639adc138158ac3806c568a0d2b5
Commit Graph

357 Commits

Author SHA1 Message Date
Henry Mercer
cbe29f55df Run autobuild script via direct tracing when feature enabled 2024-04-12 17:07:08 +01:00
Henry Mercer
8f057a3d8e Apply network timeout fix to extraction with direct tracing 2024-04-12 17:07:08 +01:00
Henry Mercer
3d49faaabb Use extraction via build mode in autobuild Action when available 2024-04-12 17:07:08 +01:00
Henry Mercer
e37d0f3e7c Use direct tracing when autobuild build mode specified 
Behind a flag, for now
 2024-04-12 17:06:35 +01:00
Henry Mercer
1a60a91726 Remove support for CodeQL v2.12.5 and earlier 2024-04-09 12:29:14 +01:00
Henry Mercer
8f1e24411b Bump minimum CodeQL Bundle version to 2.12.6 2024-04-09 12:19:20 +01:00
Andrew Eisenberg
4a666f8539 Add the overwrite flag when init-ing databases 
This ensures that if there is a database already in the filesystem, we
can gracefully handle creating a new one. This sometimes happens when
a user is on a self-hosted runner and neglects to clean state across
runs.
 2024-04-05 15:02:18 -07:00
Henry Mercer
dcf00b3fd4 Account for varying major version number in error message 2024-04-03 15:50:23 +01:00
Henry Mercer
f06c933b16 Update soon to be deprecated CodeQL version 2024-04-03 15:44:00 +01:00
Henry Mercer
eda4878a3d Only pass --new-analysis-summary if it is not default behavior 2024-04-03 15:39:22 +01:00
Koen Vlaswinkel
70aa50b057 Use runTool for mergeResults 2024-03-25 10:13:21 +01:00
Koen Vlaswinkel
6ac57535de Use options object instead of boolean for mergeResults 2024-03-25 10:13:15 +01:00
Koen Vlaswinkel
ccc609bf1a Use github merge-results command when feature flag is enabled 2024-03-22 14:15:00 +01:00
Henry Mercer
7f375aeb76 Wrap configuration errors for all CLI commands 2024-03-19 13:45:33 +00:00
Henry Mercer
8da95d81a8 Refactoring: Add getExtractionVerbosityArguments wrapper 2024-03-13 18:27:21 +00:00
Henry Mercer
070b05147a Bump verbosity of database finalize in debug mode 2024-03-13 18:22:37 +00:00
Henry Mercer
649f3e87e1 Bump verbosity when running autobuild script directly in debug mode 2024-03-13 17:58:45 +00:00
Henry Mercer
362c407426 Bump verbosity on trace-command when in debug mode 2024-03-13 17:58:30 +00:00
dependabot[bot]
5e882999f1 Bump the npm group with 2 updates (#2190) 
* Bump the npm group with 2 updates

Bumps the npm group with 2 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [typescript](https://github.com/Microsoft/TypeScript).


Updates `@typescript-eslint/eslint-plugin` from 7.1.0 to 7.1.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.1.1/packages/eslint-plugin)

Updates `typescript` from 5.3.3 to 5.4.2
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.3.3...v5.4.2)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>

* Rebuild sources

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2024-03-12 07:27:21 -07:00
Henry Mercer
5ec06c71f0 Use the --sarif-include-query-help option when supported 2024-03-11 18:32:52 +00:00
Nick Rolfe
f00392ec30 Deprecate fine-grained parallelism feature-flag 2024-02-14 17:21:01 +00:00
Angela P Wen
7b30fefa68 Add common CLI configuration error categories (#2130) 
Co-authored-by: Henry Mercer <henry@henrymercer.name>
 2024-02-14 13:57:38 +00:00
Angela P Wen
1515e2bb20 Refactor configuration errors (#2105) 
Refactor the existing classes of configuration errors into their own file; consolidate the place we check for configuration errors into `codeql.ts`, where the actual command invocations happen.

Also, rename the `UserError` type to `ConfigurationError` to standardize on a single term.
 2024-02-08 17:20:03 +00:00
Henry Mercer
0fe34bd39a Extract language appropriately in analyze step when build mode specified 2024-02-07 13:19:29 +00:00
Henry Mercer
d982a14465 Pass build mode to database init when set 2024-01-31 14:55:09 +00:00
Henry Mercer
55c1fd5777 Introduce codeql.supportsFeature 
This is a slightly simpler API
 2024-01-30 21:53:24 +00:00
Henry Mercer
838a022982 Clean up running queries workflow now that the queries are determined by the CLI 2024-01-05 19:11:02 +00:00
Henry Mercer
fa98ec0c7a Remove CliConfigFileEnabled feature flag 2024-01-04 14:39:36 +00:00
Henry Mercer
35b10b5ff7 Merge branch 'main' into henrymercer/drop-codeql-v2.11.5 2024-01-02 18:03:32 +00:00
nickfyson
3a9f6a89e0 update javascript files 2023-12-07 16:00:04 +00:00
Henry Mercer
cc940d75b2 Extract scanned languages using --index-traceless-dbs 2023-12-01 18:58:40 +00:00
Henry Mercer
1d367b0bec Improve error categorizations 2023-12-01 17:54:38 +00:00
Henry Mercer
a36fc67ec3 Remove CodeQL version guards for 2.11.5 and earlier 2023-11-27 12:56:32 +00:00
Henry Mercer
d1166e6d60 Bump minimum CodeQL version to 2.11.6 2023-11-27 12:36:48 +00:00
dependabot[bot]
80150c2141 Bump the npm group with 12 updates (#2003) 
* Bump the npm group with 12 updates

Bumps the npm group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [@octokit/types](https://github.com/octokit/types.ts) | `12.1.1` | `12.3.0` |
| [@types/uuid](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/uuid) | `9.0.6` | `9.0.7` |
| [@types/adm-zip](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/adm-zip) | `0.5.3` | `0.5.4` |
| [@types/js-yaml](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/js-yaml) | `4.0.8` | `4.0.9` |
| [@types/semver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/semver) | `7.5.4` | `7.5.5` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `6.9.1` | `6.12.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `6.9.1` | `6.12.0` |
| [eslint](https://github.com/eslint/eslint) | `8.52.0` | `8.54.0` |
| [nock](https://github.com/nock/nock) | `13.3.7` | `13.3.8` |
| [sinon](https://github.com/sinonjs/sinon) | `17.0.0` | `17.0.1` |
| [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon) | `10.0.20` | `17.0.1` |
| [typescript](https://github.com/Microsoft/TypeScript) | `5.2.2` | `5.3.2` |


Updates `@octokit/types` from 12.1.1 to 12.3.0
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](https://github.com/octokit/types.ts/compare/v12.1.1...v12.3.0)

Updates `@types/uuid` from 9.0.6 to 9.0.7
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/uuid)

Updates `@types/adm-zip` from 0.5.3 to 0.5.4
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/adm-zip)

Updates `@types/js-yaml` from 4.0.8 to 4.0.9
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/js-yaml)

Updates `@types/semver` from 7.5.4 to 7.5.5
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/semver)

Updates `@typescript-eslint/eslint-plugin` from 6.9.1 to 6.12.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.12.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 6.9.1 to 6.12.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.12.0/packages/parser)

Updates `eslint` from 8.52.0 to 8.54.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.52.0...v8.54.0)

Updates `nock` from 13.3.7 to 13.3.8
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v13.3.7...v13.3.8)

Updates `sinon` from 17.0.0 to 17.0.1
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v17.0.0...v17.0.1)

Updates `@types/sinon` from 10.0.20 to 17.0.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon)

Updates `typescript` from 5.2.2 to 5.3.2
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

---
updated-dependencies:
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@types/uuid"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/adm-zip"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/js-yaml"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/semver"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/sinon"
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update checked-in dependencies

* Rebuild

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2023-11-20 14:35:28 -08:00
Henry Mercer
779838b849 Prepare for CodeQL v2.10.* deprecation 
Warn users of CodeQL v2.11.5 and earlier that the next minor release of
the CodeQL Action will require CodeQL v2.11.6 or later.
 2023-11-15 17:52:32 +00:00
Henry Mercer
e8e83c3a56 Merge branch 'main' into henrymercer/enable-features-on-ghes 2023-10-26 19:47:56 +01:00
Nick Rolfe
06d8f4f7f8 Rename feature flag for evaluator fine-grained parallelism 2023-10-26 11:45:37 +01:00
Henry Mercer
25a3829e6e Fix comment 2023-10-26 11:09:28 +01:00
Henry Mercer
d2b37ba145 Remove feature flag for uploading failed SARIF 2023-10-25 19:51:19 +01:00
Henry Mercer
c8e99083da Remove feature flag for sub-language file coverage information 2023-10-25 19:51:19 +01:00
Henry Mercer
2cbabeaa72 Remove feature flag for analysis summary v2 2023-10-25 19:51:18 +01:00
Henry Mercer
5950d13564 Enable sub-language file coverage in interpret-results too 2023-10-12 11:57:23 +01:00
Henry Mercer
8295705640 Reduce duplication in the logs when errors occur in CLI commands 2023-10-06 15:53:22 +01:00
Henry Mercer
0ac7669167 Fix using resolve-environment Action with language aliases 
This impacted default setup configurations that analyzed Go alongside at
least one of the following languages:
- C/C++
- Java/Kotlin
- JavaScript/TypeScript
 2023-10-05 14:54:24 +01:00
Michael B. Gale
49b94f1a2d Remove unused properties from VersionOutput 2023-10-04 15:51:26 +01:00
Michael B. Gale
bb67eddd77 Wrap JSON parsing in try/catch 2023-10-04 15:49:25 +01:00
Michael B. Gale
e827ad5b71 Move makeVersionOutput to testing-utils.js 2023-10-04 15:49:04 +01:00
Michael B. Gale
74b46628c3 Support features key in version JSON output 2023-10-04 11:28:28 +01:00
Henry Mercer
ebbadee09e Remove ML-powered queries 2023-10-02 17:20:50 +01:00