github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 17:20:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,600 Commits 297 Branches 500 Tags
codeql-bundle-20230217
Commit Graph

3600 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Bartolomeo
4e5a06f009 Update to CoideQL bundle 20230105 (2.12.0) 2023-01-06 10:55:46 -05:00
Robert
e8f7169839 Move database bundling to inside the try-catch 2023-01-06 15:28:25 +00:00
Robert
6ce923c375 Use a stream when uploading database contents 2023-01-06 15:16:51 +00:00
Henry Mercer
b2b478264a Improve logging around authorization headers 2023-01-06 12:28:54 +00:00
Henry Mercer
5eba74a3c9 Refactor CodeQL setup 2023-01-05 19:09:34 +00:00
Henry Mercer
ff3337ee1b Merge pull request #1444 from github/henrymercer/reporting-failed-run-improvements 
Improve reporting failed runs via SARIF
codeql-bundle-20230105 		2023-01-04 10:43:15 +00:00
Aditya Sharad
484236cda4 Merge pull request #1460 from github/adityasharad/actions/code-scanning-schedule 
Code scanning: Add scheduled trigger to workflow
 2023-01-03 14:29:44 -08:00
Aditya Sharad
f837e8e761 Code scanning: Add step titles to workflow 2023-01-03 13:00:12 -08:00
Aditya Sharad
ef21864950 Code scanning: Add scheduled trigger to workflow 
Ensure we are regularly running code scanning using
the latest CodeQL and remain up to date with the
internal security scorecard, even if we have a period
longer than a week with no pushes to the repo.
 2023-01-03 12:59:13 -08:00
Henry Mercer
4789c1331c Add more tests for uploading failed SARIF 
Test results directly via return value of `testFailedSarifUpload` vs
via checking log messages.
 2022-12-22 18:48:59 +00:00
Henry Mercer
59ebabde5d Remove redundant log messages 2022-12-22 18:47:52 +00:00
Henry Mercer
3224214d91 Improve method naming 2022-12-22 18:33:06 +00:00
Henry Mercer
e09fbf5b4a Demote upload failed SARIF run info statements to debug 
We now report errors via telemetry, and this feature will shortly be
enabled by default.
 2022-12-21 11:41:36 +00:00
Henry Mercer
e9ff99b027 Improve error message when workflow file doesn't exist 2022-12-21 11:40:31 +00:00
Henry Mercer
8b9e982393 Add a better log message for reusable workflow calls 2022-12-21 11:40:31 +00:00
Henry Mercer
8d1e008ecb Check for successful completion rather than SARIF upload 
This doesn’t affect the overall behaviour, but means we can
short-circuit slightly more quickly when `analyze` is passed
`upload: false`.
 2022-12-21 11:40:31 +00:00
Henry Mercer
579411fb6c Merge pull request #1441 from github/henrymercer/remove-old-certifi-tests 
Remove tests with old certifi dependency
 2022-12-20 18:43:19 +00:00
Henry Mercer
e4818d46c4 Remove tests with old certifi dependency 2022-12-20 10:30:38 +00:00
Angela P Wen
4778dfbd93 Set up the Swift version the extractor declares (#1422) 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2022-12-19 13:08:15 -08:00
Henry Mercer
0a3f985290 Merge pull request #1437 from github/mergeback/v2.1.37-to-main-959cbb74 
Mergeback v2.1.37 refs/heads/releases/v2 into main
 2022-12-14 14:56:05 +00:00
github-actions[bot]
04f1897968 Update checked-in dependencies 2022-12-14 14:10:28 +00:00
github-actions[bot]
6ac6037211 Update changelog and version after v2.1.37 2022-12-14 14:06:24 +00:00
Henry Mercer
959cbb7472 Merge pull request #1436 from github/update-v2.1.37-d58039a1 
Merge main into releases/v2
v2.1.37 		2022-12-14 14:04:14 +00:00
github-actions[bot]
10ca836463 Update changelog for v2.1.37 2022-12-14 11:07:27 +00:00
Orhan Toy
d58039a1e3 Merge pull request #1435 from github/orhantoy/add-CODE_SCANNING_REF-tests 
Add tests for CODE_SCANNING_REF
 2022-12-13 23:10:53 +01:00
Henry Mercer
37a4496237 Merge pull request #1433 from github/henrymercer/use-codeql-2.11.6 
Bump default CodeQL version to 2.11.6
 2022-12-13 13:05:00 +00:00
Orhan Toy
b7028afcb4 Make sure env is reset between tests 2022-12-13 12:18:40 +00:00
Henry Mercer
f629dada4c Merge branch 'main' into henrymercer/use-codeql-2.11.6 2022-12-13 12:15:58 +00:00
Orhan Toy
ccee4c68ff Add tests for CODE_SCANNING_REF 2022-12-13 11:51:16 +00:00
Henry Mercer
899bf9c076 Merge pull request #1432 from github/henrymercer/init-post-telemetry 
Add telemetry for uploading failed runs
 2022-12-12 18:45:41 +00:00
Henry Mercer
dd7c3ef80e Remove debugging log statements 2022-12-12 17:59:20 +00:00
Henry Mercer
b7b875efff Reuse existing fields in post-init status report 2022-12-12 17:54:33 +00:00
Nick Fyson
53ab991fbe Merge pull request #1434 from github/nickfyson/remove-query-string 
remove use of query-string package
 2022-12-12 16:40:33 +00:00
nickfyson
54d25f56dd use .has for searchParams instead of checking for undefined 2022-12-12 16:03:07 +00:00
nickfyson
d827cf3d65 remove use of query-string package 2022-12-12 14:50:10 +00:00
Henry Mercer
9438015b82 Add changelog note 2022-12-12 13:11:03 +00:00
Henry Mercer
5aced81848 Update bundle version to codeql-bundle-20221211 2022-12-12 13:10:58 +00:00
Henry Mercer
118e294bb9 Record the stack trace if applicable 2022-12-09 10:35:28 +00:00
Henry Mercer
dc9c1c1a51 Add regression test for upload: false 2022-12-09 10:35:28 +00:00
Henry Mercer
a409f43c7a Handle non-string with inputs 2022-12-09 10:35:28 +00:00
Henry Mercer
e67ad6aaed Add telemetry for uploading failed runs 2022-12-09 10:35:19 +00:00
Chuan-kai Lin
896079047b Merge pull request #1429 from github/mergeback/v2.1.36-to-main-a669cc59 
Mergeback v2.1.36 refs/heads/releases/v2 into main
codeql-bundle-20221211 		2022-12-08 12:35:17 -08:00
github-actions[bot]
e58b8d6a61 Update checked-in dependencies 2022-12-08 20:03:08 +00:00
github-actions[bot]
01330498de Update changelog and version after v2.1.36 2022-12-08 20:00:59 +00:00
Chuan-kai Lin
a669cc5936 Merge pull request #1428 from github/update-v2.1.36-2b971a70 
Merge main into releases/v2
v2.1.36 		2022-12-08 11:58:43 -08:00
Andrew Eisenberg
6fec2ab57a Merge pull request #1427 from github/dependabot/pip/python-setup/tests/poetry/python-3.8/certifi-2022.12.7 
Bump certifi from 2021.10.8 to 2022.12.7 in /python-setup/tests/poetry/python-3.8
 2022-12-08 11:24:01 -08:00
github-actions[bot]
aab7a26877 Update changelog for v2.1.36 2022-12-08 19:22:44 +00:00
Henry Mercer
2b971a70bb Merge pull request #1426 from github/dependabot/pip/python-setup/tests/poetry/requests-3/certifi-2022.12.7 
Bump certifi from 2021.10.8 to 2022.12.7 in /python-setup/tests/poetry/requests-3
 2022-12-08 18:16:20 +00:00
dependabot[bot]
4e81e2933a Bump certifi in /python-setup/tests/poetry/python-3.8 
Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7.
- [Release notes](https://github.com/certifi/python-certifi/releases)
- [Commits](https://github.com/certifi/python-certifi/compare/2021.10.08...2022.12.07)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-08 17:36:48 +00:00
dependabot[bot]
bf944d782b Bump certifi in /python-setup/tests/poetry/requests-3 
Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7.
- [Release notes](https://github.com/certifi/python-certifi/releases)
- [Commits](https://github.com/certifi/python-certifi/compare/2021.10.08...2022.12.07)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-08 17:36:47 +00:00