github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 17:20:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,826 Commits 297 Branches 500 Tags
codeql-bundle-20210921
Commit Graph

1826 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robin Neatherway
2a20b15eca Update README.md 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-07-16 10:08:37 +01:00
Robin Neatherway
0d0f0ef80e Suggest limiting push/pull_request triggers 
Bring the template in line with the one used by the UI.
 2021-07-15 17:20:13 +01:00
Andrew Eisenberg
3c8ba71769 Merge pull request #619 from github/aeisenberg/fix-vulnerabilities 
Fix dependabot vulnerabilities
 2021-07-14 19:53:52 -07:00
Andrew Eisenberg
ae97d8f96d Fix dependabot vulnerabilities 
This adds some forced resolutions to ensure that vulnerable versions
of packages are not installed.
 2021-07-14 14:40:10 -07:00
Aditya Sharad
14deaf67e9 Merge pull request #610 from github/aibaars/refactor-checkout-path 
Replace checkoutPath variable with sourceRoot/workspacePath variables
 2021-07-14 08:14:27 -07:00
Aditya Sharad
d7dcff944e Merge branch 'main' into aibaars/refactor-checkout-path 2021-07-14 07:58:23 -07:00
Robert
4aa2d05c6b Merge pull request #612 from github/robertbrignull/databases_url 
Update databases URL
 2021-07-14 15:30:40 +01:00
Robert
d09d89f419 Merge branch 'main' into robertbrignull/databases_url 2021-07-14 15:15:50 +01:00
Arthur Baars
f94f1ed663 Rename checkoutPath to either workspacePath or sourceRoot 2021-07-14 13:39:45 +02:00
Edoardo Pirovano
1137e7db3e Merge pull request #618 from edoardopirovano/python-deps 
Install Python tools on self-hosted runners
 2021-07-13 17:56:13 +01:00
Edoardo Pirovano
cc14f298d6 Install Python tools on self-hosted runners 2021-07-13 17:24:11 +01:00
Robert
96edcdfd20 use templating for language param 2021-07-13 17:05:40 +01:00
Robert
b0b9ab80cc Update databases URL 2021-07-13 14:09:56 +01:00
Arthur Baars
3b017efdfe Merge pull request #607 from mario-campos/source-root-input 
Add a 'source-root' input to the init Action
 2021-07-13 13:26:14 +02:00
Arthur Baars
993205272b Merge branch 'main' into source-root-input 2021-07-13 13:13:27 +02:00
Andrew Eisenberg
27e3080228 Merge pull request #617 from github/mergeback/v1.0.5-to-main-500dad96 
Mergeback v1.0.5 refs/heads/v1 into main
 2021-07-12 16:16:04 -07:00
github-actions[bot]
92df23808d 1.0.6 2021-07-12 23:03:41 +00:00
github-actions[bot]
a10ed6c610 Update changelog and version after v1.0.5 2021-07-12 23:03:39 +00:00
Aditya Sharad
500dad96d7 Merge pull request #616 from github/update-v1.0.5-1c26d408 
Merge main into v1
v1.0.5 		2021-07-12 16:03:11 -07:00
github-actions[bot]
aa03f9b023 1.0.5 2021-07-12 21:54:31 +00:00
Mario Campos
a4a91a8631 Merge branch 'main' into source-root-input 2021-07-02 16:20:05 -05:00
Mario Campos
06c6845442 Add analyze step to 'source-root' input test case 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-07-02 14:50:52 -05:00
Henning Makholm
1c26d40826 Merge pull request #613 from github/hmakholm/pr/2.5.7 
Update CodeQL bundle to 20210702 / 2.5.7
 2021-07-02 15:25:27 +02:00
Mario Campos
b9217ca238 Test presence of database instead of results of analysis 
This is for PR #607, 'source-root' input test case.
 2021-07-02 08:07:06 -05:00
Henning Makholm
870e8e38d5 Update CodeQL bundle to 20210702 / 2.5.7 2021-07-02 14:32:46 +02:00
Mario Campos
2c0da4bcc7 Remove build.sh step from 'source-root' test 
As this test is using only JS, it's not necessary to compile or analyze the other languages.
 2021-07-01 18:43:10 -05:00
Mario Campos
12f1cff212 Rename CodeQL action paths in 'source-root' test to reflect repo paths 2021-07-01 18:39:37 -05:00
Mario Campos
2ca807cf16 Merge branch 'source-root-input' of github.com:mario-campos/codeql-action into source-root-input 2021-07-01 18:37:07 -05:00
Mario Campos
1c69fae407 Avoid moving repo files out of \$GITHUB_WORKSPACE in 'source-root' test 
Moving the files into ../action was causing the job to fail because it couldn't find the test directory anymore. According to @adityasharad, these 'mv's should
not be necessary. Removing these means changing the path to the actions.

I'm also removing the 'config-file' input to keep the test minimal. I think this will mean that CodeQL will use the default query suite, so I hope that this doesn't change the results.
 2021-07-01 18:34:34 -05:00
Mario Campos
67d6f7929f Delete 'packaing' from source-root test job name 
The test is not related to packaging.

Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-07-01 18:31:50 -05:00
Mario Campos
028f98f5ea Use different config file for testing 'source-root' input 
This config file 'ought to have some queries good for testing!
 2021-07-01 16:12:15 -05:00
Mario Campos
c78fb87659 Add test case for 'source-root' input to 'init' Action 2021-07-01 15:26:04 -05:00
Mario Campos
45c0f11af2 Clarify 'source-root' description to include default path 
This addresses @adityasharad's suggestions in PR #607.
 2021-07-01 12:24:36 -05:00
Aditya Sharad
c6728b6769 Merge branch 'main' into source-root-input 2021-07-01 09:36:10 -07:00
Andrew Eisenberg
fd614e5792 Merge pull request #609 from github/aeisenberg/use-default-tools 
Remove a TODO and use defautl tools option
codeql-bundle-20210702 		2021-06-30 13:56:10 -07:00
Andrew Eisenberg
0792832682 Remove a TODO and use defautl tools option 2021-06-30 12:43:20 -07:00
Mario Campos
a607042aab Recompile code after accepting suggestions from PR #607 review 2021-06-30 12:36:51 -05:00
Mario Campos
35e1b55411 Use path.resolve instead of path.join for sourceRoot 
Thanks to @aibaars, `path.resolve()` should will nicely handle more use-cases, namely absolute paths better than `path.join()`.

Co-authored-by: Arthur Baars <aibaars@github.com>
 2021-06-30 12:34:12 -05:00
Mario Campos
66df091046 Refer to $GITHUB_WORKSPACE specifically in source-root description 
Previously, I had tried to refer to '${{ github.workspace }}', but that caused a problem in Actions. Trying to avoid the issue, I changed this to "the workspace," but this gives up quite a bit of specificity.

Co-authored-by: Arthur Baars <aibaars@github.com>
 2021-06-30 12:32:07 -05:00
Andrew Eisenberg
c6b33b9ec1 Merge pull request #608 from github/aeisenberg/baseline-message 
Clarify missing LoC baseline message
 2021-06-30 09:27:04 -07:00
Andrew Eisenberg
d939c4b8d3 Update CHANGELOG 2021-06-30 09:13:29 -07:00
Andrew Eisenberg
68f742b0d4 Clarify missing LoC baseline message 2021-06-30 09:11:15 -07:00
Mario Campos
e1cd5244c8 Recompile JS files to bring JS inline with TS for PR #607 2021-06-29 16:17:28 -05:00
Mario Campos
57f584a881 Update CHANGELOG for PR #607 2021-06-29 16:14:47 -05:00
Mario Campos
a05a7f9cb1 Remove '${{ github.workspace }}' from action.yml 
It causes the action to break (or rather that context being unavailable causes it to fail), despite it being in the description field.
 2021-06-29 16:05:45 -05:00
Mario Campos
337ae83a84 Make 'source-root' init input relative to github.workspace 
In the previous commit, the default value of the input is ${{ github.workspace }}
which means that most uses of this input would probably prefix their paths with
${{ github.workspace }}, especially since actions/checkout's 'path' input
must be under ${{ github.workspace }}. Therefore, it doesn't make much sense for
this to be an absolute file path.

Instead, it's more intuitive to make this relative to the repository.
 2021-06-29 16:00:55 -05:00
Mario Campos
42babdf2c1 Add 'source-root' input to init action 
This input is exposed in the CodeQL CLI as the flag --source-root, allowing
users of the CLI to set --source-root different from --working-dir. However,
in codeql-action, these two paths are conflated and it poses problems for
users with complicated build environments, in which a source root may be
a child of the working directory.

Most users should not notice this, as the default value is
${{ github.workspace }}, as it is implied now (`path.resolve()`).
 2021-06-29 15:16:32 -05:00
Edoardo Pirovano
c357ca73e4 Merge pull request #606 from edoardopirovano/local-bundle 
Allow local instead of downloaded CodeQL
 2021-06-29 00:03:59 +01:00
Edoardo Pirovano
d9050f49a3 Merge branch 'main' into local-bundle 2021-06-28 23:53:41 +01:00
Edoardo Pirovano
a7dac5c3db Address PR comment. 2021-06-28 23:52:53 +01:00