github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 09:40:17 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,127 Commits 297 Branches 500 Tags
codeql-bundle-20210319
Commit Graph

1127 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Gavin
b59d204bbe Merge branch 'main' into skip-integration-tests-prs-from-forks 2020-11-20 12:18:45 +00:00
Chris Gavin
0a05e95b52 Merge pull request #312 from ericcornelissen/fix-minor-code-mistakes 
Two minor code fixes
 2020-11-20 11:48:19 +00:00
Chris Gavin
fd36bec497 Skip Runner integration tests on pull requests from forks. 2020-11-20 11:47:43 +00:00
Chris Gavin
a04d948b04 Merge branch 'main' into fix-minor-code-mistakes 2020-11-20 11:37:27 +00:00
Chris Gavin
b03b9fe641 Add a query to detect binary planting vulnerabilities. 2020-11-20 11:34:33 +00:00
Eric Cornelissen
35b050652a Run npm run build 2020-11-20 11:48:25 +01:00
Simon Engledew
31872f129b Merge pull request #308 from github/simon-engledew/fast-fail 
Abort CodeQL action if the status cannot be reported
 2020-11-20 10:45:40 +00:00
Eric Cornelissen
5416d4f3b5 Run npm run build 2020-11-20 11:35:59 +01:00
Eric Cornelissen
cf8c79ca35 Fix unused sorted value in update-release-branch 
Fix a minor issue in the update-release-branch.py script that performs a
call to `sorted` but doesn't use the output. Since `sorted` does not
operate in place, the call is currently useless. As a result, the function
`get_pr_for_commit` does not currently work as exected. I.e. it is
expected to return the "first" (i.e. lowest PR number), but actually it
returns the first in the list provided by GitHub.
 2020-11-20 11:20:45 +01:00
Eric Cornelissen
4e8634c29c Remove duplicate statement in tracer-config test 
The tracer-config.test.js file contained a duplicate of the statement:

  process.env["SEMMLE_DEPTRACE_SOCKET"] = "abc";

one line apart. This removes the second instance of this statement.
 2020-11-20 11:14:08 +01:00
Eric Cornelissen
512c07d9a3 Fix typos in Action config files 2020-11-20 11:11:17 +01:00
Eric Cornelissen
85ea24bd20 Fix typos in src 
- Rename "toolrunnner" (three 'n') to "toolrunner"
- Rename "relativeFilepaht" to "relativeFilepath"
- Fix various typos in documentation & comments
- Fix typos in logs and test names
 2020-11-20 11:00:55 +01:00
Simon Engledew
6a45994b42 Merge branch 'main' into simon-engledew/fast-fail 2020-11-20 09:21:26 +00:00
Eric Cornelissen
992a0cf8f2 Merge branch 'main' into eslint-rule/no-shadow 2020-11-19 23:41:11 +01:00
Eric Cornelissen
847f4ef293 Run npm run build 2020-11-19 23:03:45 +01:00
Eric Cornelissen
483c94b974 Fix no shadow issues in upload-lib.ts 
Rename one instance of "path"  to avoid shadowing.
 2020-11-19 22:54:48 +01:00
Eric Cornelissen
74559947b1 Fix no shadow issues in fingerprints.ts 
Rename various instances of "hash", shadowing the function with that
name.
 2020-11-19 22:54:05 +01:00
Eric Cornelissen
ffe94681e4 Fix no shadow issues in fingerprints.test.ts 
Rename shadowing "uri" argument to the more explicit "artifactURI".
 2020-11-19 22:51:29 +01:00
Eric Cornelissen
2a2910e693 Fix no shadow issues in config-utils.ts 
Rename throwaway variable "suite" to "found" when assigned from "find".

Rename local variable "path" to "newPath" as it is a modification of
the "originalPath" provided to `validateAndSanitisePath`.

Rename instances of "path" to more explicit varients "ignorePath" and
"includePath". Maybe "ignoredPath" and "includedPath" are better names?
 2020-11-19 22:50:02 +01:00
Eric Cornelissen
06e99f1523 Fix no shadow issues in config-utils.test.ts 
Rename "queries" variable in test cases to "testQueries" to avoid
shadowing it in a subsequent helper function call (4 times).

Rename "path" twice in a hlper function to "validPath" and "invalidPath"
to avoid shadowing "path". The new names are more explicit.
 2020-11-19 22:47:32 +01:00
Eric Cornelissen
98ad63b240 Fix no shadow issues in codeql.ts 
Two simple variable renames from "path" to "paths" since the types are
arrays of strings (not just one string).

One function definition inside a function moved outside that function
to avoid shadowing the "options" argument.
 2020-11-19 22:45:15 +01:00
Eric Cornelissen
b54c2aab11 Fix no shadow issues in api-client.ts 
Duplicate use of "_" placeholder argument name. This change may conflict
with #192.
 2020-11-19 22:42:13 +01:00
Eric Cornelissen
22f779c5e6 Update ESLint configuration 
Remove the "no-shadow": "off" override and replace it by enabling
"@typescript-eslint/no-shadow" in the "rules" section, following the
typescript-eslint docs:
https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/docs/rules/no-shadow.md#how-to-use
 2020-11-19 22:38:38 +01:00
Robert
aafb457527 Merge pull request #222 from github/robertbrignull/go_build_trace 
Check CODEQL_EXTRACTOR_GO_TRACE and treat Go as a traced language
 2020-11-19 18:01:53 +00:00
Robert
0b0bc35050 Merge branch 'main' into robertbrignull/go_build_trace 2020-11-19 17:20:54 +00:00
Simon Engledew
eb4226ede4 Scanning endpoint failures should not halt the scan 2020-11-19 15:49:46 +00:00
Simon Engledew
7fda765d49 Merge remote-tracking branch 'origin/main' into simon-engledew/fast-fail 2020-11-19 13:55:47 +00:00
Chris Gavin
0924fb6b26 Merge pull request #309 from github/safe-which 
Ensure unqualified program names are present on `PATH` before executing them.
 2020-11-19 13:52:57 +00:00
Simon Engledew
17d4671d60 Fail processing on a 422 as well 
Until there is a more robust versioning system it is probably safest to require endpoint compatiblity and not continue the action if there is a mismatch.
 2020-11-19 13:14:45 +00:00
Simon Engledew
f3ff4c84ba Implement review feedback 2020-11-19 12:39:57 +00:00
Chris Gavin
726cfc8441 Ensure unqualified program names are present on PATH before executing them. 2020-11-18 22:20:13 +00:00
Simon Engledew
68dedeaa57 Do not run CodeQL if code scanning is not enabled 
Put more fine grained logic around which errors we ignore and process.
Re-instate status reporting in Enterprise.
Abort the code scanning process the status endpoint reports it is not configured.
 2020-11-18 17:21:57 +00:00
Robert
dc80b016b6 Merge pull request #301 from github/robertbrignull/tools_version 
Send action ref and tool version in status reports
 2020-11-18 11:38:26 +00:00
Robert
0d960df08a Merge branch 'main' into robertbrignull/tools_version 2020-11-18 11:25:46 +00:00
Chris Gavin
10b43b815a Merge pull request #231 from github/add-multi-cause-markdown-flag 
Enable the CodeQL SARIF multi-cause markdown flag.
 2020-11-18 08:39:30 +00:00
Chris Gavin
f94e06a382 Merge main into add-multi-cause-markdown-flag. 2020-11-18 08:26:39 +00:00
Robert
577fc451dd Merge pull request #306 from github/update-v1-d4eb1e36 
Merge main into v1
 2020-11-16 12:03:04 +00:00
Robert
d4eb1e36af Merge pull request #302 from github/robertbrignull/no_tracing 
Don't use the word "trace" in log messages
 2020-11-13 15:27:37 +00:00
Robert
54c857ce0a update build command 2020-11-13 15:15:58 +00:00
Robert
3f2a7abc7b change voicing 2020-11-13 15:04:54 +00:00
Robert
e3a9a7a91c Update init/action.yml 
Co-authored-by: Sam Partington <sampart@github.com>
 2020-11-13 12:51:25 +00:00
Robert
4d8912d269 Don't use the word "trace" in log messages 2020-11-13 12:01:07 +00:00
Robert
af27146b64 Merge branch 'main' into robertbrignull/go_build_trace 2020-11-13 10:24:37 +00:00
Robert
1737b806ff check if running locally 2020-11-12 14:18:58 +00:00
Robert
80b43ca9d3 send action ref and tool version in status reports 2020-11-12 12:27:31 +00:00
Robert
acacf9bbd5 Merge pull request #299 from github/azure_pipelines 
Detect Agent.Worker.exe
 2020-11-11 10:28:25 +00:00
Robert
9a7b7cb035 Merge branch 'main' into azure_pipelines 2020-11-11 10:12:56 +00:00
Chris Gavin
fdb0d486b6 Merge pull request #298 from github/use-github-action-repository-variable 
Make use of the `GITHUB_ACTION_REPOSITORY` environment variable if it is set.
 2020-11-10 18:13:50 +00:00
Chris Gavin
241fca876b Merge branch 'main' into use-github-action-repository-variable 2020-11-10 17:55:13 +00:00
Robert
aae4713a4d detect Agent.Worker.exe 2020-11-10 16:16:58 +00:00