github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 01:00:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,431 Commits 297 Branches 500 Tags
codeql-bundle-20220401
Commit Graph

2431 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Edoardo Pirovano
d76304cd8e Merge pull request #880 from github/mergeback/v1.0.29-to-main-384cfc42 
Mergeback v1.0.29 refs/heads/v1 into main
 2022-01-21 11:53:08 +00:00
github-actions[bot]
57c4e974c2 Update checked-in dependencies 2022-01-21 11:23:59 +00:00
github-actions[bot]
c2fb041dc1 1.0.30 2022-01-21 11:12:16 +00:00
github-actions[bot]
ac9d34fbc6 Update changelog and version after v1.0.29 2022-01-21 11:12:14 +00:00
Edoardo Pirovano
384cfc42b2 Merge pull request #879 from github/update-v1.0.29-67c0353a 
Merge main into v1
v1.0.29 		2022-01-21 11:11:07 +00:00
github-actions[bot]
5a1e31dc6a 1.0.29 2022-01-21 10:47:33 +00:00
Edoardo Pirovano
67c0353a8c Merge pull request #878 from github/revert-wait-for-processing 
Revert "Start waiting for processing by default."
 2022-01-21 10:45:30 +00:00
Chris Gavin
7ec25e02e3 Add a changelog note. 2022-01-21 10:26:18 +00:00
Chris Gavin
713eacdf6c Revert "Start waiting for processing by default." 
This reverts commit b661ef1697.
 2022-01-21 10:25:57 +00:00
Andrew Eisenberg
c8290d07f0 Update changelog 
Add a line item for using a better error message.

Also, add a link for an entry that didn't have one before.
 2022-01-20 10:31:43 -08:00
Andrew Eisenberg
51126e5cd1 Include better error message 
When users call init multiple times.
 2022-01-20 10:28:11 -08:00
Edoardo Pirovano
c0b507e521 Merge pull request #875 from github/mergeback/v1.0.28-to-main-8a4b243f 
Mergeback v1.0.28 refs/heads/v1 into main
codeql-bundle-20220120 		2022-01-18 22:21:27 +00:00
github-actions[bot]
d563b098d7 Update checked-in dependencies 2022-01-18 21:54:31 +00:00
github-actions[bot]
fca047627b 1.0.29 2022-01-18 21:35:32 +00:00
github-actions[bot]
28fe8e7028 Update changelog and version after v1.0.28 2022-01-18 21:35:30 +00:00
Andrew Eisenberg
8a4b243fbf Merge pull request #874 from github/update-v1.0.28-b31df3ff 
Merge main into v1
v1.0.28 		2022-01-18 13:33:47 -08:00
Andrew Eisenberg
19970ae6b5 Update changelog 
Add an entry and move an entry.
 2022-01-18 12:44:43 -08:00
github-actions[bot]
ec1b16574e 1.0.28 2022-01-18 19:13:38 +00:00
Henning Makholm
b31df3ff95 Merge pull request #866 from github/hmakholm/pr/2.7.5 
Bump CodeQL version to 2.7.5
 2022-01-17 19:45:58 +01:00
Henning Makholm
776db51d2e Merge remote-tracking branch 'origin/main' into hmakholm/pr/2.7.5 2022-01-17 18:27:39 +01:00
Andrew Eisenberg
b886234637 Merge pull request #872 from github/aeisenberg/category-with-tool 
Change category uniqueness test
 2022-01-17 09:19:39 -08:00
Henning Makholm
9913c9bfa5 Merge remote-tracking branch 'origin/main' into hmakholm/pr/2.7.5 2022-01-17 18:06:10 +01:00
Andrew Eisenberg
8de62beb50 Merge branch 'main' into aeisenberg/category-with-tool 2022-01-17 09:00:14 -08:00
Andrew Eisenberg
b6fbccaba1 Merge pull request #873 from github/nickrolfe/ruby 
Update warning about interpreted languages to mention Ruby
 2022-01-14 09:05:50 -08:00
Nick Rolfe
df0c306daf Update warning about interpreted languages to mention Ruby 2022-01-14 11:57:29 +00:00
Andrew Eisenberg
ab1f709732 Allow duplicate categories in the same validation step 
A single SARIF file should be allowed to have duplicated
categories.
 2022-01-13 10:35:03 -08:00
Andrew Eisenberg
8454e21c9c Change category uniqueness test 
Turboscan only allows a single combination of tool name and automation
details id for testing category uniqueness.

Previously, the check in the action was not entirely correct since it
only looked at the _category_ and not the combination of the category
and the tool name.

It's even more precise now since it is looking at the actual, computed
value of the automation details id, rather than an inputted value of
the category.

This change also includes a refactoring where the action is now avoiding
multiple parsing/stringifying of the sarif files. Instead, sarif is
parsed once at the start of the process and stringified once, after
sarif processing is completely finished.
 2022-01-12 15:26:34 -08:00
Henning Makholm
d85c3e58ec Bump CodeQL version to 2.7.5 2022-01-12 19:36:20 +01:00
Edoardo Pirovano
cbabe47a0b Merge pull request #871 from github/mergeback/v1.0.27-to-main-cd783c8a 
Mergeback v1.0.27 refs/heads/v1 into main
codeql-bundle-20220112 		2022-01-11 22:22:02 +00:00
github-actions[bot]
f8a48f464d Update checked-in dependencies 2022-01-11 21:57:25 +00:00
github-actions[bot]
f6f23f8671 1.0.28 2022-01-11 21:43:35 +00:00
github-actions[bot]
c2a7379048 Update changelog and version after v1.0.27 2022-01-11 21:43:33 +00:00
Edoardo Pirovano
cd783c8a29 Merge pull request #870 from github/update-v1.0.27-faa9ba73 
Merge main into v1
v1.0.27 		2022-01-11 21:42:44 +00:00
github-actions[bot]
300c8b6dcb 1.0.27 2022-01-11 20:35:30 +00:00
Edoardo Pirovano
faa9ba7363 Merge pull request #869 from github/edoardo/windows-11-error 
Refuse to run on Windows 11
 2022-01-11 20:34:11 +00:00
Edoardo Pirovano
d2a0fc83dc Refuse to run on Windows 11 2022-01-11 18:34:33 +00:00
Edoardo Pirovano
71112ab35d Merge pull request #868 from edoardopirovano/debug-artifact-name 
Make name of debugging artifact and DB within it configurable
 2022-01-07 17:54:41 +00:00
Edoardo Pirovano
e677af3fd0 Make name of debugging artifact and DB within it configurable 2022-01-07 15:10:26 +00:00
Henry Mercer
848e5140d4 Merge pull request #857 from github/henrymercer/ml-powered-queries 
Add support for running ML-powered queries for JS `security-extended` behind `ml_powered_queries` feature flag
 2022-01-06 17:55:06 +00:00
Henry Mercer
e7fe6da378 Allow patch version of ML-powered queries pack to be bumped 2022-01-06 11:58:03 +00:00
Henry Mercer
2159631658 Only run ML-powered queries with v2.7.5 or newer of the CLI 2022-01-06 11:58:03 +00:00
Henry Mercer
9de1702400 Document use of redundant feature flag API call 2022-01-06 11:58:02 +00:00
Henry Mercer
efded22908 Bump the version of the ATM query pack to 0.0.2 2022-01-06 11:57:33 +00:00
Henry Mercer
5602bd50bf Test loading of ML-powered queries 2022-01-06 11:57:33 +00:00
Henry Mercer
2f4be8e34b Run ML-powered queries for JS security-extended behind feature flag 2022-01-06 11:57:33 +00:00
Edoardo Pirovano
9763bdd6ec Merge pull request #860 from edoardopirovano/always-upload-db 
Always upload DB when in debug mode
codeql-bundle-20220104 		2022-01-04 18:25:33 +00:00
Edoardo Pirovano
00d4d60204 Always upload DB when in debug mode 2022-01-04 16:49:31 +00:00
Edoardo Pirovano
e5d84de18b Merge pull request #861 from github/remove-debug-output 
Remove debugging output
 2022-01-02 10:05:46 +00:00
Edoardo Pirovano
ea1acc573a Merge branch 'main' into remove-debug-output 2022-01-02 09:41:49 +00:00
Edoardo Pirovano
79ea6d6a7c Merge pull request #862 from github/aeisenberg/fix-python-tests 
Force virtualenv version
 2022-01-02 09:41:38 +00:00