github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-16 20:39:23 +08:00
Code Issues Packages Projects Releases Wiki Activity
4,783 Commits 299 Branches 498 Tags
f934b28e516f91cadc98aadafac7abcfe07dfcad
Commit Graph

93 Commits

Author SHA1 Message Date
Henry Mercer
f934b28e51 Populate path filters env variables using the CLI 2024-01-04 15:17:20 +00:00
Henry Mercer
b683173003 Remove unused arguments 2024-01-04 15:05:15 +00:00
Henry Mercer
fa98ec0c7a Remove CliConfigFileEnabled feature flag 2024-01-04 14:39:36 +00:00
Andrew Eisenberg
669c61022c Add a feature flag to turn this off for newer versions of codeql 2023-10-06 14:17:01 -07:00
Andrew Eisenberg
d0916526cd Add a fix for python 3.12 
The python extractor does not yet support 3.12. Check for this and
instead make sure we run python 3.11. Only need to check on windows
since we are extremely unlikely to be running 3.12 on linux or macos.
 2023-10-06 13:05:18 -07:00
Henry Mercer
1d5eed8d40 Remove deprecated functionality 2023-09-27 16:16:13 +01:00
Henry Mercer
5658fd1df2 Fix dependency cycle between trap-caching and init 2023-07-19 17:30:33 +01:00
Henry Mercer
9922e17dbb Move code scanning config enablement into feature flags 2023-07-19 15:57:59 +01:00
Henry Mercer
c1f49580cf Fix dependency incompatibilities 2023-07-13 11:20:39 +01:00
Andrew Eisenberg
824d18c689 Merge remote-tracking branch 'upstream/main' into issue-1589-config-param 2023-04-28 11:34:52 -07:00
tgrall
b4e6f81a72 resolve comments from @henrymercer 2023-04-10 07:56:09 +02:00
tgrall
fe4a785361 rename new parameter from configuration to config 2023-04-01 07:13:01 +02:00
Henry Mercer
d8fe76e161 Delete legacy tracing 2023-03-28 18:53:43 +01:00
Tugdual Grall
ee44252240 - Add new configuration Parameter 
- Write test to check it is read from configuration
- Update documentation
 2023-03-18 13:40:54 +00:00
Henry Mercer
485cc11a24 Rename featureEnablement to features 
This is more succinct and removes a few line breaks
 2023-03-09 16:46:51 +00:00
Andrew Eisenberg
3c81243bb1 Apply suggestions from code review 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-02-09 12:25:33 -08:00
Andrew Eisenberg
e2f72f11e4 Merge remote-tracking branch 'upstream/main' into aeisenberg/qlconfig-in-cli 2023-02-09 09:47:43 -08:00
Henry Mercer
db534af2ae Remove feature flags for bypassing the toolcache 
- We can now use the default bundle version feature flags to remediate a
bad bundle update.
- Controlled switchover ensures that a repo consistently gets the same
bundle version, so we no longer have alert churn concerns with Kotlin
and Swift.
 2023-02-08 15:20:51 +00:00
Andrew Eisenberg
bbe8d375fd Ensure qlconfig file is created when config parsing in cli is on 
Previously, with the config parsing in the cli feature flag turned on,
the CLI was not able to download packs from other registries. This PR
adds the codeql-action changes required for this. The CLI changes will
be in a separate, internal PR.
 2023-02-07 10:40:56 -08:00
Angela P Wen
24ca6b0400 Send tools telemetry to init status report (#1497) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-01-25 11:09:18 -08:00
Henry Mercer
ba93815e25 Merge branch 'main' into henrymercer/upgrade-typescript 2023-01-19 16:15:51 +00:00
Henry Mercer
5f644f971e Upgrade TypeScript to 9.2.0 2023-01-18 20:59:57 +00:00
Henry Mercer
c3be36f5cb Use new default version to set up CodeQL 2023-01-11 19:06:50 +00:00
Henry Mercer
5eba74a3c9 Refactor CodeQL setup 2023-01-05 19:09:34 +00:00
Andrew Eisenberg
f79028af27 Add the feature to bypass the toolcache for kotlin and swift 
This works by moving the logic to check for toolcache bypass out of
creating the codeql instance. The logic now _may_ perform an API request
in order to check what languages are in the repository. This check is
redundant because the same call is being made later in the action when
the actual list of languages is calculated.
 2022-11-23 15:11:20 -08:00
Henry Mercer
0dea34e91c Merge branch 'main' into henrymercer/delete-runner-part-2 2022-11-15 19:35:30 +00:00
Angela P Wen
5883c13406 Deprecate Go extraction reconciliation feature flag and CODEQL_EXTRACTOR_GO_BUILD_TRACING for custom builds (#1322) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-11-14 13:54:35 -08:00
Henry Mercer
3d46406f3b Remove runner-only input to databaseInitCluster 2022-11-14 18:49:17 +00:00
Andrew Eisenberg
701cea34ba More renaming 2022-10-11 10:39:40 -07:00
Andrew Eisenberg
9e044c5432 Convert "Invalid source root" errors to UserErrors 2022-10-06 09:28:29 -07:00
Andrew Eisenberg
7e086b240c Merge remote-tracking branch 'upstream/main' into aeisenberg/ghes-pack-download 2022-09-06 10:22:00 -07:00
Andrew Eisenberg
e9b47b1898 Change to using a single input 2022-09-01 16:07:26 -07:00
Henry Mercer
cf5d465980 Trace Go when Go extraction reconciliation is enabled 2022-09-01 14:42:59 +01:00
Henry Mercer
e195431677 Override CODEQL_EXTRACTOR_GO_BUILD_TRACING with on when it's true 2022-08-24 11:48:32 +01:00
Henry Mercer
5862bae77e Bypass toolcache when feature flag enabled 2022-08-16 16:18:11 +01:00
Edoardo Pirovano
6df93613d7 Address review comments from @henrymercer 2022-08-09 18:37:22 +01:00
Edoardo Pirovano
8f867dcb21 Introduce TRAP caching 2022-08-05 17:48:05 +01:00
Henry Mercer
c736697abf Remove toolcache decorator 
This decorator enabled us to use the functionality of the Actions
toolcache within the runner too.
Now that we've deleted the runner we no longer need it.
 2022-06-30 09:16:10 +01:00
Arthur Baars
cae9a1f462 Run npm build 2022-06-27 16:40:40 +02:00
Cornelius Riemenschneider
9e9a8428c3 Introduce a feature-flag to enable/disable lua-based tracing. 
This allows us to gradually roll out (or even roll back)
Lua-based tracing in case problems occur.
 2022-05-16 09:16:38 +00:00
Edoardo Pirovano
07990f07e5 Revert "Revert "Use --codescanning-config flag of CLI"" 
This reverts commit 326e5118c5.
 2022-03-01 14:33:00 +00:00
Andrew Eisenberg
3d93bb2ac9 Add UserError 
This commit adds a `UserError` class that should be thrown when the
cause of an error is fundamentally from user configuration.

When sending status reports, avoid sending a `failure` for `UserError`s.
This will prevent our diagnostics from pinging us for errors outside of
our control.
 2022-02-17 11:47:31 -08:00
Edoardo Pirovano
326e5118c5 Revert "Use --codescanning-config flag of CLI" 
This reverts commit 0d87b8c615.
 2022-02-17 13:05:55 +00:00
Edoardo Pirovano
0d87b8c615 Use --codescanning-config flag of CLI 2022-02-16 13:34:47 +00:00
Andrew Eisenberg
51126e5cd1 Include better error message 
When users call init multiple times.
 2022-01-20 10:28:11 -08:00
Edoardo Pirovano
e677af3fd0 Make name of debugging artifact and DB within it configurable 2022-01-07 15:10:26 +00:00
Henry Mercer
2f4be8e34b Run ML-powered queries for JS security-extended behind feature flag 2022-01-06 11:57:33 +00:00
Edoardo Pirovano
bc31f604d3 Add an option to upload some debugging artifacts 2021-11-01 16:12:50 +00:00
Edoardo Pirovano
1f4460b9fb Make use of multi-language and indirect tracing 2021-09-22 16:12:23 +01:00
Andrew Eisenberg
40568daca8 Fix compile errors introduced by typescript 4.4.2 
4.4.2 introduces a breaking change that the variable in a catch clause
is now `unknown` type. So, we need to cast the `e`, `err`, or `error`
variables to type `Error`.
 2021-09-10 14:06:27 -07:00