github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 17:20:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,560 Commits 297 Branches 500 Tags
codeql-bundle-20230203
Commit Graph

3560 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Henry Mercer
620a267204 Temporarily disable Kotlin analysis in PR checks 
Kotlin analysis is incompatible with Kotlin 1.8.0, which is now rolling
out to the Actions runner images.

While we work on a more permanent fix to our PR checks, this will
prevent us losing other
test coverage.
 2023-01-10 17:31:35 +00:00
Dave Bartolomeo
bac4fe1a38 Merge branch 'main' into dbartol/bundle-20230105 2023-01-10 09:31:07 -05:00
Robert
166d98c19e Merge pull request #1465 from github/robertbrignull/upload_database_stream 
Use a stream when uploading database contents
 2023-01-09 12:37:54 +00:00
Robert
a9337bc304 Close stream after use 2023-01-09 11:00:43 +00:00
Andrew Eisenberg
4023575d64 Send the external repository token to the CLI 
This commit does a few related things:

1. Bumps the minimum version for cli config parsing to 2.10.6
2. Ensures that if cli config parsing is enabled, then remove repos
   are _not_ downloaded by the action. It happens in the CLI.
3. Passes the `--external-repository-token-stdin` option to the CLI
   and passes the appropriate token via stdin if cli config parsing is
   enabled.
 2023-01-06 14:46:28 -08:00
Henry Mercer
cf1437a514 Merge pull request #1462 from github/henrymercer/refactor-codeql-setup 
Refactor CodeQL setup
 2023-01-06 17:36:02 +00:00
Dave Bartolomeo
f9c9a2567c Rebuild 2023-01-06 12:32:23 -05:00
Dave Bartolomeo
b9c859bfa1 Merge branch 'main' into dbartol/bundle-20230105 2023-01-06 11:56:06 -05:00
Angela P Wen
b4187d626b Add CLI version field and prior release fields to defaults file (#1463) 
* Add CLI version field to `defaults` file

* Add fields for prior CLI version
 2023-01-06 08:24:28 -08:00
Dave Bartolomeo
bfbb7ab03c Add change note for bundle update 2023-01-06 11:00:35 -05:00
Dave Bartolomeo
4e5a06f009 Update to CoideQL bundle 20230105 (2.12.0) 2023-01-06 10:55:46 -05:00
Robert
e8f7169839 Move database bundling to inside the try-catch 2023-01-06 15:28:25 +00:00
Robert
6ce923c375 Use a stream when uploading database contents 2023-01-06 15:16:51 +00:00
Henry Mercer
b2b478264a Improve logging around authorization headers 2023-01-06 12:28:54 +00:00
Henry Mercer
5eba74a3c9 Refactor CodeQL setup 2023-01-05 19:09:34 +00:00
Henry Mercer
ff3337ee1b Merge pull request #1444 from github/henrymercer/reporting-failed-run-improvements 
Improve reporting failed runs via SARIF
codeql-bundle-20230105 		2023-01-04 10:43:15 +00:00
Aditya Sharad
484236cda4 Merge pull request #1460 from github/adityasharad/actions/code-scanning-schedule 
Code scanning: Add scheduled trigger to workflow
 2023-01-03 14:29:44 -08:00
Aditya Sharad
f837e8e761 Code scanning: Add step titles to workflow 2023-01-03 13:00:12 -08:00
Aditya Sharad
ef21864950 Code scanning: Add scheduled trigger to workflow 
Ensure we are regularly running code scanning using
the latest CodeQL and remain up to date with the
internal security scorecard, even if we have a period
longer than a week with no pushes to the repo.
 2023-01-03 12:59:13 -08:00
Henry Mercer
4789c1331c Add more tests for uploading failed SARIF 
Test results directly via return value of `testFailedSarifUpload` vs
via checking log messages.
 2022-12-22 18:48:59 +00:00
Henry Mercer
59ebabde5d Remove redundant log messages 2022-12-22 18:47:52 +00:00
Henry Mercer
3224214d91 Improve method naming 2022-12-22 18:33:06 +00:00
Henry Mercer
e09fbf5b4a Demote upload failed SARIF run info statements to debug 
We now report errors via telemetry, and this feature will shortly be
enabled by default.
 2022-12-21 11:41:36 +00:00
Henry Mercer
e9ff99b027 Improve error message when workflow file doesn't exist 2022-12-21 11:40:31 +00:00
Henry Mercer
8b9e982393 Add a better log message for reusable workflow calls 2022-12-21 11:40:31 +00:00
Henry Mercer
8d1e008ecb Check for successful completion rather than SARIF upload 
This doesn’t affect the overall behaviour, but means we can
short-circuit slightly more quickly when `analyze` is passed
`upload: false`.
 2022-12-21 11:40:31 +00:00
Henry Mercer
579411fb6c Merge pull request #1441 from github/henrymercer/remove-old-certifi-tests 
Remove tests with old certifi dependency
 2022-12-20 18:43:19 +00:00
Henry Mercer
e4818d46c4 Remove tests with old certifi dependency 2022-12-20 10:30:38 +00:00
Angela P Wen
4778dfbd93 Set up the Swift version the extractor declares (#1422) 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2022-12-19 13:08:15 -08:00
Henry Mercer
0a3f985290 Merge pull request #1437 from github/mergeback/v2.1.37-to-main-959cbb74 
Mergeback v2.1.37 refs/heads/releases/v2 into main
 2022-12-14 14:56:05 +00:00
github-actions[bot]
04f1897968 Update checked-in dependencies 2022-12-14 14:10:28 +00:00
github-actions[bot]
6ac6037211 Update changelog and version after v2.1.37 2022-12-14 14:06:24 +00:00
Henry Mercer
959cbb7472 Merge pull request #1436 from github/update-v2.1.37-d58039a1 
Merge main into releases/v2
v2.1.37 		2022-12-14 14:04:14 +00:00
github-actions[bot]
10ca836463 Update changelog for v2.1.37 2022-12-14 11:07:27 +00:00
Orhan Toy
d58039a1e3 Merge pull request #1435 from github/orhantoy/add-CODE_SCANNING_REF-tests 
Add tests for CODE_SCANNING_REF
 2022-12-13 23:10:53 +01:00
Henry Mercer
37a4496237 Merge pull request #1433 from github/henrymercer/use-codeql-2.11.6 
Bump default CodeQL version to 2.11.6
 2022-12-13 13:05:00 +00:00
Orhan Toy
b7028afcb4 Make sure env is reset between tests 2022-12-13 12:18:40 +00:00
Henry Mercer
f629dada4c Merge branch 'main' into henrymercer/use-codeql-2.11.6 2022-12-13 12:15:58 +00:00
Orhan Toy
ccee4c68ff Add tests for CODE_SCANNING_REF 2022-12-13 11:51:16 +00:00
Henry Mercer
899bf9c076 Merge pull request #1432 from github/henrymercer/init-post-telemetry 
Add telemetry for uploading failed runs
 2022-12-12 18:45:41 +00:00
Henry Mercer
dd7c3ef80e Remove debugging log statements 2022-12-12 17:59:20 +00:00
Henry Mercer
b7b875efff Reuse existing fields in post-init status report 2022-12-12 17:54:33 +00:00
Nick Fyson
53ab991fbe Merge pull request #1434 from github/nickfyson/remove-query-string 
remove use of query-string package
 2022-12-12 16:40:33 +00:00
nickfyson
54d25f56dd use .has for searchParams instead of checking for undefined 2022-12-12 16:03:07 +00:00
nickfyson
d827cf3d65 remove use of query-string package 2022-12-12 14:50:10 +00:00
Henry Mercer
9438015b82 Add changelog note 2022-12-12 13:11:03 +00:00
Henry Mercer
5aced81848 Update bundle version to codeql-bundle-20221211 2022-12-12 13:10:58 +00:00
Henry Mercer
118e294bb9 Record the stack trace if applicable 2022-12-09 10:35:28 +00:00
Henry Mercer
dc9c1c1a51 Add regression test for upload: false 2022-12-09 10:35:28 +00:00
Henry Mercer
a409f43c7a Handle non-string with inputs 2022-12-09 10:35:28 +00:00