github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,628 Commits 297 Branches 500 Tags
codeql-bundle-20220623
Commit Graph

913 Commits

Author SHA1 Message Date
Andrew Eisenberg
99d4397d88 Revert "Add capability to filter queries #1098" 
https://github.com/github/codeql-action/pull/1098
This reverts commit 777b778409.
This reverts commit 59ca9b59cb.
This reverts commit eec34d5f05.
This reverts commit 40b280032c.
 2022-06-21 13:49:33 -07:00
Cornelius Riemenschneider
99acb8dda6 Bump lua tracer version requirement. 
The old version had a bug related to go autobuilding, so we only want to
respect the feature flag for the version that has the fix.
 2022-06-20 14:05:26 +00:00
Edoardo Pirovano
ccf5d70ab3 Update default CodeQL version to 2.9.4 2022-06-20 09:39:11 +01:00
Andrew Eisenberg
80ecdcdf69 Merge pull request #1098 from github/aeisenberg/remove-queries 
Add capability to filter queries
 2022-06-15 17:52:46 -07:00
Andrew Eisenberg
7c412c67ba Merge branch 'aeisenberg/check-sarif-action' into aeisenberg/remove-queries 2022-06-16 02:42:30 +02:00
Andrew Eisenberg
6db77eec0d Merge remote-tracking branch 'upstream/main' into aeisenberg/remove-queries 2022-06-15 17:21:05 -07:00
GitHub
97f9db4fb9 Update supported GitHub Enterprise Server versions. 2022-06-16 00:11:36 +00:00
tombolton
a27dc4fee4 update security extended test for all platforms 2022-06-15 11:42:22 +01:00
tombolton
a568674c69 add tests for ML powered queries 0.3.0 and CLI 2.9.3 2022-06-15 11:42:22 +01:00
tombolton
f8f4c0b33e compile the modified TypeScript to Javascript 2022-06-15 11:42:22 +01:00
Andrew Eisenberg
06e27d3e3d Merge branch 'aeisenberg/js-yaml-typings' into aeisenberg/remove-queries 2022-06-14 12:08:16 -07:00
Andrew Eisenberg
40b280032c Add capability to filter queries 
This change adds a `query-filters` property to the codeql-config file.

This property is an array of `exclude`/`include` entries for a query
suite. These filters are appended to the generated query suite files
and used to filter queries after they are selected.

A related change is that now, all pack references are run in a single
query suite, which has the query filters appended to them.
 2022-06-14 12:07:49 -07:00
Andrew Eisenberg
0efcf74ce0 Add typings for js-yaml 2022-06-14 07:50:47 -07:00
Andrew Eisenberg
f7c46e5cbc Avoid use of rmdir 
This is a deprecated method on node v16.
 2022-06-13 22:40:09 +00:00
Mathias Vorreiter Pedersen
1b5ea4afdc Merge branch 'main' into swift-support 2022-06-03 01:13:47 +01:00
Chuan-kai Lin
b36688d5b7 Update default CodeQL to 2.9.3 2022-05-27 09:16:45 -07:00
Mathias Vorreiter Pedersen
bfe9d7da56 Add Swift as a supported language. 2022-05-27 16:29:13 +01:00
Cornelius Riemenschneider
255ffd480f Merge branch 'main' into criemen/lua-tracing-ff 2022-05-25 11:53:06 +02:00
Cornelius Riemenschneider
4b775686a0 Choose the correct version to enable the Lua tracer for. 2022-05-25 07:39:11 +00:00
Cornelius Riemenschneider
970e0879d9 Fix linter errors. 2022-05-16 09:40:10 +00:00
Cornelius Riemenschneider
db50adab01 Add tests for the Lua feature flag. 2022-05-16 09:16:41 +00:00
Cornelius Riemenschneider
9e9a8428c3 Introduce a feature-flag to enable/disable lua-based tracing. 
This allows us to gradually roll out (or even roll back)
Lua-based tracing in case problems occur.
 2022-05-16 09:16:38 +00:00
Edoardo Pirovano
1725087693 Update default CodeQL to 2.9.2 2022-05-16 09:40:19 +01:00
Henry Mercer
54b4854fda Bump @actions/tool-cache to 2.0.0 
This allows us to drop our direct dependency on `@actions/http-client`.
 2022-05-13 11:54:40 +01:00
Henry Mercer
533ce91971 Merge remote-tracking branch 'origin/main' into henrymercer/run-atm-on-windows 2022-05-11 19:32:14 +01:00
Henry Mercer
4e0668d05e Fix integration tests on v1 
The GitHub API client coerces `fake-server-url` to the Dotcom API URL,
which means commands like `util.getGitHubVersion` will call the Dotcom
API with the `fake-token`, resulting in 401s.

We therefore use the Dotcom URL instead and additionally stub
`util.getGitHubVersion` as a good practice (it's no longer necessary).
 2022-05-11 15:53:57 +01:00
alexet
3c6dd303a8 Update codeql to 2.9.1 2022-05-03 15:58:57 +01:00
Chris Gavin
366e88c2c1 Fix processing errors being caught and logged as a warning rather than failing the workflow run. 2022-05-03 10:06:19 +01:00
Andrew Eisenberg
b11fe85402 Merge branch 'main' into aeisenberg/packs-with-paths 2022-04-29 11:10:16 -07:00
Andrew Eisenberg
922dc2b976 Use the --resolve-query-specs parameter of pack download 
This will allow the command to resolve packs with paths.

Also, use a more concise version of `tr`.
 2022-04-29 10:54:01 -07:00
Henry Mercer
395afb1dd9 Fix unit test assertion on Windows 2022-04-29 18:18:19 +01:00
Andrew Eisenberg
06b15c22b1 Allow pack specifiers to include paths 
Also, this cleans up our pack-related integration tests.
We are now testing with the most recent CLIs.
 2022-04-28 17:14:30 -07:00
Henry Mercer
d9e30cb001 Run ML-powered queries on Windows with CodeQL CLI 2.9.0+ 2022-04-28 19:18:15 +01:00
Henry Mercer
ea676e3184 Don't wait for processing in test mode 
In test mode, we don't upload results, so there's no point waiting for
processing.
 2022-04-28 19:14:14 +01:00
Henry Mercer
7c2be06006 Factor out test mode determination code 2022-04-28 19:13:22 +01:00
Henry Mercer
2bf00f719d Merge branch 'main' into henrymercer/prompt-v1-to-v2-upgrades 2022-04-28 14:17:36 +01:00
Henry Mercer
02083c307e Add a comment to explain why we show the upgrade message on GHES 3.4 2022-04-28 14:16:32 +01:00
Henry Mercer
35ef6a2db3 Move formatGitHubVersion into util.test.ts 2022-04-28 14:16:32 +01:00
Henry Mercer
5227afabbe Tweak wording of message 2022-04-28 14:16:32 +01:00
Henry Mercer
0256599547 Prompt customers to upgrade from v1 to v2 2022-04-27 16:11:24 +01:00
Chuan-kai Lin
6dd9baf8be Fix status reporting error on Windows 2022-04-26 08:06:57 -07:00
Henning Makholm
23b7196b6b Bump default CodeQL version to 2.9.0 2022-04-21 23:12:38 +02:00
Chris Gavin
e7869d541b Merge main into wait-for-processing-2. 2022-04-14 08:49:44 +01:00
Chuan-kai Lin
b0c570ef83 autobuild: add working-directory input 2022-04-08 13:37:42 -07:00
Andrew Eisenberg
426a3951ee Exclude pull requests from actions/runs request 
This will save time when fetcing the current run and we
don't use the pull requests for anything anyway. It is
ok to leave out.
 2022-04-07 14:02:44 -07:00
Edoardo Pirovano
5d3e1a701c Update default CodeQL version to 2.8.5 2022-04-07 13:41:02 +01:00
Edoardo Pirovano
43d066495c Revert usage of --codescanning-config flag 2022-04-05 09:41:07 +01:00
Henry Mercer
e26813cf98 Run version ~0.2.0 of the ML-powered query pack for v2.8.4+ of the CLI 2022-03-31 14:58:41 +01:00
Henry Mercer
2c03704a6c Allow the version of the ML-powered pack to depend on the CLI version 2022-03-31 14:58:29 +01:00
Henry Mercer
dd6b592e3e Simplify ML-powered query status report definition 
We now limit the cardinality of the ML-powered JS queries status report
field server-side. With no need for a limit on the cardinality of the
status report client-side, we can simplify how we produce it.
 2022-03-31 14:55:32 +01:00