github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,960 Commits 297 Branches 500 Tags
codeql-bundle-20211122
Commit Graph

1960 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Eisenberg
b4914d76a2 Add a CODEOWNERS file 2021-06-17 10:19:01 -07:00
Robert
69c30da5ad Merge pull request #565 from github/robertbrignull/upload_ghes 
Only attempt to upload on dotcom
 2021-06-17 12:42:23 +01:00
Robert
6fc1280a3c Merge pull request #564 from github/robertbrignull/workflow_event_error 
Provide a better error message
 2021-06-17 09:36:47 +01:00
Andrew Eisenberg
efea9238bc Fix custom version of CLI to use for package testing 
This can be removed when 2.5.6 is released.
 2021-06-16 14:56:52 -07:00
Andrew Eisenberg
d16268b273 Fix update-release-branch-fix.py 
This change ensures that the the script can handle
commits with no committer in them. This will happen
for some commits that are auto-generated during
PRs.
 2021-06-16 10:38:18 -07:00
Robert
b985a67b97 Only attempt to upload on dotcom 2021-06-16 17:24:26 +01:00
Robert
c989ee7b39 Provide a better error message 2021-06-16 17:00:26 +01:00
Robert
366b68eda0 Merge pull request #563 from github/robertbrignull/check_default_branch 
Check if on default branch before uploading database
 2021-06-16 15:11:45 +01:00
Robert
d693b3cb0d Check if on default branch before uploading database 2021-06-16 14:43:42 +01:00
Andrew Eisenberg
e284efba72 Merge pull request #545 from github/aeisenberg/pack-run 
Allow the codeql-action to run packages
 2021-06-10 11:24:56 -07:00
Andrew Eisenberg
20aafcd90c Remove unnecessary type assertions 2021-06-10 11:15:03 -07:00
Robin Neatherway
429471162a Update cleanup to bundle 2021-06-10 17:09:58 +01:00
Robert
2a9a602a5e Upload databases from analyze action 2021-06-10 16:09:58 +01:00
Andrew Eisenberg
6a1c0700c3 Avoid running mergeback workflow on PR 
This was causing the workflow to run and create tags after merging
main into a branch.
 2021-06-09 14:38:09 -07:00
Andrew Eisenberg
23cdd6bab6 Remove two log entries 
Cleans up the output logs even more. These entries don't add any more
information since everything is grouped now.
 2021-06-09 14:32:08 -07:00
Andrew Eisenberg
a2e96a4c78 Add pack download to its own log group 
Also, make the baseline count message less awkward sounding.
 2021-06-09 14:13:05 -07:00
Andrew Eisenberg
96e7de35af Use nullish conversion for packs 
Slightly simplifies the `parsePacks` function.
 2021-06-09 13:18:27 -07:00
Andrew Eisenberg
49b2220f92 Refactor codeql.ts 
Extract a `runTool` function that captures the stdout and returns it.
A small refactoring that reduces copied code.
 2021-06-09 13:17:25 -07:00
Andrew Eisenberg
db01c78de0 Remove unneeded action input in PR check 2021-06-09 13:10:57 -07:00
Andrew Eisenberg
82388fd94a Merge remote-tracking branch 'upstream/main' into aeisenberg/pack-run 2021-06-09 12:43:17 -07:00
Edoardo Pirovano
babcc1b793 Add --finalize-dataset to database finalize call 2021-06-09 16:52:39 +01:00
Edoardo Pirovano
06df98a513 Add new log grouping for DB cleanup 2021-06-09 16:10:22 +01:00
Edoardo Pirovano
0ea20c5b32 Add intepret-results timings to status reports 2021-06-09 10:40:15 +01:00
Andrew Eisenberg
d42f654f7a Add an integration test for packaging 
Uses two pre-existing packages to run some simple queries on a javascript
database.
 2021-06-08 12:34:07 -07:00
Andrew Eisenberg
1cc5f1d5dd Packaging: Address review comments 
1. Better malformed data guard for PackDownloadOutput
2. Fix Packs type
3. Remove TODO in init-action
 2021-06-08 10:00:22 -07:00
Edoardo Pirovano
2cc885d66e Replace analyze with run-queries and interpret-results 2021-06-08 09:25:17 +01:00
Edoardo Pirovano
c09500540c Some refactoring in fingerprint computation 2021-06-08 00:09:27 +01:00
Andrew Eisenberg
9c13fefc68 Merge pull request #554 from github/mergeback/v1.0.1-to-main-ece2addc 
Mergeback v1.0.1 refs/heads/v1 into main
 2021-06-07 14:14:54 -07:00
Andrew Eisenberg
a69f472ee9 Merge branch 'main' into mergeback/v1.0.1-to-main-ece2addc 2021-06-07 14:01:04 -07:00
github-actions[bot]
fbb9046bf6 1.0.2 2021-06-07 20:59:15 +00:00
github-actions[bot]
9e6b46a9e6 Update changelog and version after v1.0.1 2021-06-07 20:59:13 +00:00
Andrew Eisenberg
ece2addcff Merge pull request #553 from github/aeisenberg/no-quotes 
Remove quotes around `$DRAFT` argument
v1.0.1 		2021-06-07 13:54:37 -07:00
Andrew Eisenberg
74764ac0eb Remove quotes around $DRAFT argument 
gh will complain if there is an empty `""`, which is the case if
`$DRAFT` is unset.
 2021-06-07 13:53:47 -07:00
Chris Gavin
675843d09a Merge pull request #549 from github/update-v1.0.1-242fd828 
Merge main into v1
 2021-06-07 16:26:37 +01:00
Chris Gavin
511fe43abe Empty commit to trigger CI. 2021-06-07 16:14:10 +01:00
Edoardo Pirovano
02e8dcfe9c Fix out of memory in hash computation 2021-06-07 15:12:45 +01:00
github-actions[bot]
68d7c5f620 1.0.1 2021-06-07 09:30:01 +00:00
Chris Gavin
242fd828aa Merge pull request #547 from github/retrying-fix 
Add back retrying.
 2021-06-07 08:04:21 +01:00
Chris Gavin
48efe6e282 Merge branch 'main' into retrying-fix 2021-06-07 07:47:18 +01:00
Chris Gavin
f8c65b775d Fix stub in tests. 2021-06-07 07:14:44 +01:00
Andrew Eisenberg
d87945e9fd Run the pack download command 2021-06-06 09:27:52 -07:00
Edoardo Pirovano
1644ade514 Add --sarif-group-rules-by-pack flag 2021-06-06 09:56:54 +01:00
Andrew Eisenberg
06687e95c8 Avoid using SemVer instances 
Use strings instead. They are easier to serialize and deserialize.
 2021-06-04 13:34:55 -07:00
Andrew Eisenberg
9b5753ab00 Fix logic for calculating if there are queries to run 
During the analyze phase.
 2021-06-04 13:23:35 -07:00
Edoardo Pirovano
ddb83a462d Cleanup CodeQL DBs and output their location for later steps 2021-06-04 18:54:15 +01:00
Andrew Eisenberg
6cee818bf3 Add better comments and error messages for pack-related changes 2021-06-04 10:18:24 -07:00
Chris Gavin
41dff7fce3 Add back retrying. 2021-06-04 15:51:51 +01:00
Andrew Eisenberg
86a804f9a7 Allow the codeql-action to run packages 
This commit adds a `packs` option to the codeql-config.yml file. Users
can specify a list of ql packs to include in the analysis.

For a single language analysis, the packs property looks like this:

```yaml
packs:
  - pack-scope/pack-name1@1.2.3
  - pack-scope/pack-name2   # no explicit version means download the latest
```

For multi-language analysis, you must key the packs block by lanaguage:

```yaml
packs:
  cpp:
    - pack-scope/pack-name1@1.2.3
    - pack-scope/pack-name2
  java:
    - pack-scope/pack-name3@1.2.3
    - pack-scope/pack-name4
```

This implementation adds a new analysis run (alongside custom and 
builtin runs). The unit tests indicate that the correct commands are
being run, but I have not actually tried this with a real CLI.

Also, convert `instanceof Array` to `Array.isArray` since that is
sightly better in some situations. See:
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/isArray#instanceof_vs_isarray
 2021-06-03 15:46:40 -07:00
Andrew Eisenberg
cbdf0df97b Merge pull request #539 from github/aeisenberg/env-vars 
Add environment variables to signal feature and version to the CLI
 2021-06-03 15:35:17 -07:00
Andrew Eisenberg
f60ef170b0 Cleaning up comments around env vars 
Also, move `getTemporaryDirectory` back to `actions-util`.
 2021-06-03 11:33:20 -07:00