github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,854 Commits 297 Branches 500 Tags
codeql-bundle-20211005
Commit Graph

717 Commits

Author SHA1 Message Date
Edoardo Pirovano
40852fa52a Improve error messages from CLI invocations 2021-06-24 23:38:13 +01:00
Andrew Eisenberg
af32a29f03 Merge branch 'main' into simon-engledew/fix-runner-temp-missing 2021-06-24 13:48:45 -07:00
Arthur Baars
a1f71cfecf Add Ruby to 'isInterpretedLanguage' 2021-06-24 19:13:05 +02:00
Simon Engledew
26ade03b50 Just reverse test case 2021-06-24 18:00:10 +01:00
Simon Engledew
9200db3ec4 Restore original getCodeQLActionRepository behaviour 2021-06-24 17:52:48 +01:00
Andrew Eisenberg
c5434c91d8 Merge branch 'main' into csharp-loc 2021-06-23 16:22:14 -07:00
Andrew Eisenberg
6e577cfca3 Add new packs input to init action 
This input allows users to specify which packs to run. It works in
unison with the packs block of the config file and it is similar to
how `queries` works. They both use `+` in the same way.

Note that the `#TODO` in the pr check is still around, but the CLI
is available. I will remove the TODO in the next commit.
 2021-06-23 16:08:35 -07:00
Edoardo Pirovano
68b68732c6 Fix C# line counting and add test 2021-06-23 23:39:44 +01:00
Chris Gavin
59560e54ac Replace custom tool download method with the one in the tool cache library. 2021-06-23 14:28:37 +01:00
Henry Mercer
1cd2cd12b4 Merge branch 'main' into hmakholm/pr/2.5.6 2021-06-22 17:12:00 +01:00
Henning Makholm
8d50a5fd90 Update CodeQL bundle to 20210622 / 2.5.6 2021-06-22 17:27:16 +02:00
Robert
00791d5d56 remove old lib file 2021-06-22 13:45:47 +01:00
Robert
146c897909 Upload CodeQL databases 2021-06-22 13:05:12 +01:00
Robert
d893508e3a Revert "Upload CodeQL databases" 2021-06-21 10:26:02 +01:00
Robert
f3cd5fa001 Add workflow input to disable uploads 2021-06-18 09:56:15 +01:00
Robert
33ac512514 Merge branch 'main' into upload-database 2021-06-18 09:50:05 +01:00
Robert
69c30da5ad Merge pull request #565 from github/robertbrignull/upload_ghes 
Only attempt to upload on dotcom
 2021-06-17 12:42:23 +01:00
Robert
b985a67b97 Only attempt to upload on dotcom 2021-06-16 17:24:26 +01:00
Robert
c989ee7b39 Provide a better error message 2021-06-16 17:00:26 +01:00
Robert
d693b3cb0d Check if on default branch before uploading database 2021-06-16 14:43:42 +01:00
Andrew Eisenberg
20aafcd90c Remove unnecessary type assertions 2021-06-10 11:15:03 -07:00
Robin Neatherway
429471162a Update cleanup to bundle 2021-06-10 17:09:58 +01:00
Robert
2a9a602a5e Upload databases from analyze action 2021-06-10 16:09:58 +01:00
Andrew Eisenberg
23cdd6bab6 Remove two log entries 
Cleans up the output logs even more. These entries don't add any more
information since everything is grouped now.
 2021-06-09 14:32:08 -07:00
Andrew Eisenberg
a2e96a4c78 Add pack download to its own log group 
Also, make the baseline count message less awkward sounding.
 2021-06-09 14:13:05 -07:00
Andrew Eisenberg
96e7de35af Use nullish conversion for packs 
Slightly simplifies the `parsePacks` function.
 2021-06-09 13:18:27 -07:00
Andrew Eisenberg
49b2220f92 Refactor codeql.ts 
Extract a `runTool` function that captures the stdout and returns it.
A small refactoring that reduces copied code.
 2021-06-09 13:17:25 -07:00
Andrew Eisenberg
82388fd94a Merge remote-tracking branch 'upstream/main' into aeisenberg/pack-run 2021-06-09 12:43:17 -07:00
Edoardo Pirovano
babcc1b793 Add --finalize-dataset to database finalize call 2021-06-09 16:52:39 +01:00
Edoardo Pirovano
06df98a513 Add new log grouping for DB cleanup 2021-06-09 16:10:22 +01:00
Edoardo Pirovano
0ea20c5b32 Add intepret-results timings to status reports 2021-06-09 10:40:15 +01:00
Andrew Eisenberg
d42f654f7a Add an integration test for packaging 
Uses two pre-existing packages to run some simple queries on a javascript
database.
 2021-06-08 12:34:07 -07:00
Andrew Eisenberg
1cc5f1d5dd Packaging: Address review comments 
1. Better malformed data guard for PackDownloadOutput
2. Fix Packs type
3. Remove TODO in init-action
 2021-06-08 10:00:22 -07:00
Edoardo Pirovano
2cc885d66e Replace analyze with run-queries and interpret-results 2021-06-08 09:25:17 +01:00
Edoardo Pirovano
c09500540c Some refactoring in fingerprint computation 2021-06-08 00:09:27 +01:00
Edoardo Pirovano
02e8dcfe9c Fix out of memory in hash computation 2021-06-07 15:12:45 +01:00
Chris Gavin
48efe6e282 Merge branch 'main' into retrying-fix 2021-06-07 07:47:18 +01:00
Chris Gavin
f8c65b775d Fix stub in tests. 2021-06-07 07:14:44 +01:00
Andrew Eisenberg
d87945e9fd Run the pack download command 2021-06-06 09:27:52 -07:00
Edoardo Pirovano
1644ade514 Add --sarif-group-rules-by-pack flag 2021-06-06 09:56:54 +01:00
Andrew Eisenberg
06687e95c8 Avoid using SemVer instances 
Use strings instead. They are easier to serialize and deserialize.
 2021-06-04 13:34:55 -07:00
Andrew Eisenberg
9b5753ab00 Fix logic for calculating if there are queries to run 
During the analyze phase.
 2021-06-04 13:23:35 -07:00
Edoardo Pirovano
ddb83a462d Cleanup CodeQL DBs and output their location for later steps 2021-06-04 18:54:15 +01:00
Andrew Eisenberg
6cee818bf3 Add better comments and error messages for pack-related changes 2021-06-04 10:18:24 -07:00
Chris Gavin
41dff7fce3 Add back retrying. 2021-06-04 15:51:51 +01:00
Andrew Eisenberg
86a804f9a7 Allow the codeql-action to run packages 
This commit adds a `packs` option to the codeql-config.yml file. Users
can specify a list of ql packs to include in the analysis.

For a single language analysis, the packs property looks like this:

```yaml
packs:
  - pack-scope/pack-name1@1.2.3
  - pack-scope/pack-name2   # no explicit version means download the latest
```

For multi-language analysis, you must key the packs block by lanaguage:

```yaml
packs:
  cpp:
    - pack-scope/pack-name1@1.2.3
    - pack-scope/pack-name2
  java:
    - pack-scope/pack-name3@1.2.3
    - pack-scope/pack-name4
```

This implementation adds a new analysis run (alongside custom and 
builtin runs). The unit tests indicate that the correct commands are
being run, but I have not actually tried this with a real CLI.

Also, convert `instanceof Array` to `Array.isArray` since that is
sightly better in some situations. See:
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/isArray#instanceof_vs_isarray
 2021-06-03 15:46:40 -07:00
Andrew Eisenberg
f60ef170b0 Cleaning up comments around env vars 
Also, move `getTemporaryDirectory` back to `actions-util`.
 2021-06-03 11:33:20 -07:00
Andrew Eisenberg
cc0733fd12 Fix Unguarded actions library use code scanning error 
Must access the env var directly in order to avoid recursive calls to 
`getRequiredEnvParam`.
 2021-06-02 11:55:32 -07:00
Andrew Eisenberg
082575fbc3 Merge branch 'main' into aeisenberg/env-vars 2021-06-02 11:40:40 -07:00
Andrew Eisenberg
2c2ebdc5c5 Remove local environment running 
This is a functionality that never worked perfectly and hasn't been
used for a while.

This allows developers to run the action on their local machine, but
the run was always flaky and never 100% mirrored what was happening on
the actions runner.
 2021-06-02 11:26:11 -07:00