github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,513 Commits 297 Branches 500 Tags
codeql-bundle-20230120
Commit Graph

3513 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Angela P Wen
aa0e650c6a Surface fatal CLI errors in interpret-results and run-queries (#1407) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
codeql-bundle-20221202 		2022-12-02 14:05:21 +01:00
Henry Mercer
98b2ddc7f9 Merge branch 'main' into henrymercer/report-failed-runs 2022-12-01 18:27:32 +00:00
Henry Mercer
0d9b15ca93 Merge pull request #1392 from github/henrymercer/parse-category 
Add functionality for parsing Action inputs from a workflow file
 2022-12-01 18:26:03 +00:00
Henry Mercer
b1c26c4c53 Merge pull request #1409 from github/mergeback/v2.1.35-to-main-b2a92eb5 
Mergeback v2.1.35 refs/heads/releases/v2 into main
 2022-12-01 14:25:02 +00:00
github-actions[bot]
21044b004d Update checked-in dependencies 2022-12-01 13:51:17 +00:00
github-actions[bot]
0828b04e3a Update changelog and version after v2.1.35 2022-12-01 13:04:46 +00:00
Henry Mercer
b2a92eb56d Merge pull request #1406 from github/update-v2.1.35-9af9a11d 
Merge main into releases/v2
v2.1.35 		2022-12-01 13:02:24 +00:00
github-actions[bot]
075b74d36e Update changelog for v2.1.35 2022-12-01 12:16:44 +00:00
Angela P Wen
9af9a11da8 Stop running fallback Go autobuild if database is finalized (#1405) 2022-12-01 11:29:03 +01:00
Andrew Eisenberg
a631f4b016 Merge pull request #1400 from github/aeisenberg/fix-test-error 
Fixes spurious error messages in tests
 2022-11-30 08:04:59 -08:00
Henry Mercer
77cda4d75d Add testing environment to submit SARIF after failure PR check 2022-11-30 11:32:36 +00:00
Henry Mercer
3d90c4f911 Improve error message when failed SARIF file doesn't process as expected 2022-11-30 11:27:03 +00:00
Andrew Eisenberg
1384ce4ab3 Fixes spurious error messages in tests 
Previously, `isAnalyzingDefaultBranch` was failing because there are
some missing env vars: `GITHUB_SHA`, `GITHUB_REF`, and
`GITHUB_EVENT_PATH`. Also, `checkout_path` is missing as an input.

Rather than trying to set them to mock values, which would require
setting the paths to existing paths in the file system, I chose to stub
the entire function. I think this is fine since the point of the test
is to check the ram and threads values, not testing the
`isAnalyzingDefaultBranch` function.
 2022-11-29 10:53:11 -08:00
Henry Mercer
6c5cad784c Merge branch 'henrymercer/parse-category' into henrymercer/report-failed-runs 2022-11-29 17:04:56 +00:00
Henry Mercer
58b2ab08a8 Add unit test for typical workflow 2022-11-29 17:03:01 +00:00
Henry Mercer
e0dec83cfc Explicitly mention surrounding by try/catch in JSDoc 2022-11-29 16:29:27 +00:00
Henry Mercer
00a3c456fb Always wait for processing when uploading a failed SARIF file 2022-11-29 16:27:04 +00:00
Henry Mercer
e628ee0ae1 Push unsuccessful execution API error detection into upload library 2022-11-29 16:25:29 +00:00
Henry Mercer
605b23d10b Explicitly suggest wrapping in a try/catch block 2022-11-29 15:48:54 +00:00
Rasmus Wriedt Larsen
160613c380 Merge pull request #1402 from github/rasmuswl/new-virtualenv 
python-setup: rely on new `virtualenv` for venv creation in Ubuntu 22.04
 2022-11-29 13:56:31 +01:00
Rasmus Wriedt Larsen
caf1c5057b python-setup: Remove outdated comment 2022-11-29 13:24:10 +01:00
Rasmus Wriedt Larsen
c62445de22 python-setup: rely on new virtualenv for venv creation in Ubuntu 22.04 
Removes the hotfix from https://github.com/github/codeql-action/pull/1257
 2022-11-29 11:43:01 +01:00
Henry Mercer
7fc3c603aa Add changelog note 2022-11-25 18:18:39 +00:00
Henry Mercer
24fd4c0f4e Generate the "Submit SARIF after failure" workflow 2022-11-25 18:18:13 +00:00
Henry Mercer
d0517be03a Ensure we finish the log group when waiting for processing 2022-11-25 17:55:01 +00:00
Henry Mercer
37b4358e44 Handle API versions that reject unsuccessful executions 2022-11-25 17:55:00 +00:00
Henry Mercer
122b180b66 Add an integration test for uploading SARIF when the run fails 2022-11-25 17:54:22 +00:00
Henry Mercer
8337c2be0f Only upload failed SARIF if the run failed 2022-11-25 17:53:32 +00:00
Henry Mercer
5296a763b1 Upload failed SARIF files to Code Scanning 2022-11-25 17:52:50 +00:00
Henry Mercer
3afc2b194c Add feature flag for uploading failed SARIF 2022-11-25 17:49:03 +00:00
Henry Mercer
3cf2a1ba2e Add function for retrieving the "upload" input 2022-11-25 17:49:01 +00:00
Henry Mercer
4d4e25083a Use a matrix in testing workflow 2022-11-25 17:47:21 +00:00
Henry Mercer
9de6c31571 Log matrix input 2022-11-25 17:47:21 +00:00
Henry Mercer
44ae944a29 Add a workflow to test reporting a failed run 2022-11-25 17:47:21 +00:00
Henry Mercer
e2338066a1 Add diagnostics export command 2022-11-25 17:47:21 +00:00
Henry Mercer
8f05fcd048 Filter set of possible Action inputs to those from a particular job 
This better handles cases where customers have a monorepo and have
separate jobs for different components.
 2022-11-25 17:40:27 +00:00
Alexander Eyers-Taylor
9dac9f748a Merge pull request #1396 from github/mergeback/v2.1.34-to-main-312e093a 
Mergeback v2.1.34 refs/heads/releases/v2 into main
 2022-11-25 16:14:10 +00:00
github-actions[bot]
c6e756bb39 Update checked-in dependencies 2022-11-25 15:38:27 +00:00
github-actions[bot]
8d8b898c0f Update changelog and version after v2.1.34 2022-11-25 15:20:20 +00:00
Alexander Eyers-Taylor
312e093a18 Merge pull request #1395 from github/update-v2.1.34-7e73deda 
Merge main into releases/v2
v2.1.34 		2022-11-25 15:17:56 +00:00
github-actions[bot]
aef0440821 Update changelog for v2.1.34 2022-11-25 13:44:40 +00:00
Henry Mercer
9f2aa7ec75 Merge branch 'main' into henrymercer/parse-category 2022-11-25 09:58:27 +00:00
Henry Mercer
7e73dedacc Merge pull request #1394 from github/aeisenberg/bypass-toolcache-kotlin-swift 
Add a way to bypass the toolcache for kotlin and swift
 2022-11-25 09:30:35 +00:00
Andrew Eisenberg
102e01da36 Small refactoring of shouldBypassToolcache 2022-11-24 12:33:42 -08:00
Andrew Eisenberg
eb19ecbad1 Add API call for languages if java in input 
If a user explicitly includes java in their language inputs, always
make an api call to check for kotlin in the repo.

Also, add some suggestions from code reviews.
 2022-11-24 11:06:29 -08:00
Henry Mercer
f0a052e8b4 Merge pull request #1388 from github/henrymercer/bump-swift-version-to-5.7.1 
Run Swift tests with Swift 5.7.1 on macOS
 2022-11-24 15:37:32 +00:00
Henry Mercer
ead8da6199 Merge branch 'main' into henrymercer/bump-swift-version-to-5.7.1 2022-11-24 14:32:08 +00:00
Alexander Eyers-Taylor
c61f4c61f8 Merge pull request #1391 from github/alexet/update-2.11.4-v2 
Update default CodeQL bundle version to 2.11.4
 2022-11-24 14:23:06 +00:00
Andrew Eisenberg
ad7ca9bf21 Add some new tests and fix some comments 2022-11-23 22:18:12 -08:00
Andrew Eisenberg
f79028af27 Add the feature to bypass the toolcache for kotlin and swift 
This works by moving the logic to check for toolcache bypass out of
creating the codeql instance. The logic now _may_ perform an API request
in order to check what languages are in the repository. This check is
redundant because the same call is being made later in the action when
the actual list of languages is calculated.
 2022-11-23 15:11:20 -08:00