github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,628 Commits 297 Branches 500 Tags
codeql-bundle-20230304
Commit Graph

1331 Commits

Author SHA1 Message Date
Henry Mercer
fff56ee004 Add environment variable for enabling Go extraction reconcilation 
This will enable us to test this behavior in PR checks.
Also simplify and add some more detailed documentation.
 2022-08-31 13:19:16 +01:00
Henry Mercer
8dc468564f Use a more explicit name for checking Go extraction output 2022-08-31 13:19:16 +01:00
Angela P Wen
215c3cb4bb Autobuild Go in analyze step 2022-08-31 13:19:16 +01:00
Edoardo Pirovano
693b97bf50 Bump CodeQL version to 2.10.4 2022-08-31 11:49:32 +01:00
Andrew Eisenberg
0e98efa2bb Add support for downloading packs from GHES 
This change adds:

- new `registries` block allowed in code scanning config file
- new `registries-auth-tokens` input in init action
- Change the downloadPacks function so that it accepts new parameters:
    - registries block
    - api auth
- Generate a qlconfig.yml file with the registries block if one is
  supplied. Use this file when downloading packs.
- temporarily set the `GITHUB_TOKEN` and `CODEQL_REGISTRIES_AUTH` based
  on api auth

TODO:

1. integration test
2. handle pack downloads when the config is generated by the CLI
 2022-08-30 10:04:30 -07:00
Andrew Eisenberg
7294b404d8 Fix call to endGroup 
Also, rename variable and change a comment.
 2022-08-30 09:16:05 -07:00
Andrew Eisenberg
0a2b0d236c Moves calls to pack download to the init action 
This ensures all steps to gather queries happens in the init action.
This is where checking out queries in other repos happens as well.
 2022-08-26 16:04:57 -07:00
Chris Gavin
5960bffd3f When running on a schedule, make a better guess about whether we're analyzing the default branch. 2022-08-25 10:58:16 +01:00
Edoardo Pirovano
8b45ef3845 Telemetry: Record DB creation time 2022-08-24 14:31:37 +01:00
Henry Mercer
e195431677 Override CODEQL_EXTRACTOR_GO_BUILD_TRACING with on when it's true 2022-08-24 11:48:32 +01:00
Henry Mercer
ab6508ab87 Disable Lua tracing for Go on Windows 
This is currently broken in CLI versions 2.10.3 and earlier.
 2022-08-23 20:03:33 +01:00
Henry Mercer
c18ed56977 Warn about invalid value for CODEQL_EXTRACTOR_GO_BUILD_TRACING 2022-08-23 20:03:33 +01:00
Andrew Eisenberg
ac92a02de7 Merge remote-tracking branch 'upstream/main' into aeisenberg/better-error-message 2022-08-23 09:29:19 -07:00
Andrew Eisenberg
5861352d57 Better error messages for invalid queries and query filters blocks 
Handle other cases where the config is invalid.
 2022-08-23 09:25:59 -07:00
Edoardo Pirovano
1e5376ae5f TRAP Caching: Unset missing cache rather than setting to undefined 2022-08-23 15:39:05 +01:00
Henry Mercer
c72f566aae Explicitly import performance for Node 12 compatibility 2022-08-22 12:59:22 +01:00
Edoardo Pirovano
0349bb05b7 Fix TRAP cache upload timing 2022-08-17 15:49:57 +01:00
Henry Mercer
b21cab99b3 Mock expect-error input to avoid errors in Action integration tests 2022-08-17 15:02:46 +01:00
Henry Mercer
219a937551 Require test mode to be set to use expect-error input 
This should be more robust than determining whether the repo is the
CodeQL Action or a fork of it.
 2022-08-17 14:49:24 +01:00
Edoardo Pirovano
eb6f272155 Round fields in TRAP caching telemetry to integers 2022-08-17 13:30:17 +01:00
Henry Mercer
b469d5358f Tweak debug logging message 2022-08-17 12:44:53 +01:00
Henry Mercer
f47f573e6e Add a debug log message when forcing the latest tools 2022-08-17 12:33:58 +01:00
Henry Mercer
416ad3d847 Merge branch 'main' into henrymercer/bypass-toolcache-feature-flag 2022-08-17 11:39:33 +01:00
GitHub
8beb190634 Update supported GitHub Enterprise Server versions. 2022-08-17 00:13:14 +00:00
Angela P Wen
9b7fa3dd99 Add expect-error input to force PR check green on expected failure (#1177) 2022-08-16 16:27:14 -07:00
Henry Mercer
e1cd41a365 Add tests for toolcache bypassing 2022-08-16 16:19:08 +01:00
Henry Mercer
d45b0eba23 Improve readability of CodeQL bundle tests 2022-08-16 16:18:41 +01:00
Henry Mercer
96a8424f0c Don't bypass the toolcache in test mode 2022-08-16 16:18:12 +01:00
Henry Mercer
5862bae77e Bypass toolcache when feature flag enabled 2022-08-16 16:18:11 +01:00
Henry Mercer
df0c0dafc0 Add bypass toolcache feature flag 2022-08-16 16:17:41 +01:00
Edoardo Pirovano
016a5e3bae Use util.promisify instead of manually constructing promise 2022-08-16 14:42:13 +01:00
Edoardo Pirovano
b29194f0ac Address review comments from @henrymercer 2022-08-16 13:30:49 +01:00
Edoardo Pirovano
4139682b64 Add telemetry for TRAP caching 2022-08-16 11:54:31 +01:00
Edoardo Pirovano
d8adbe91f2 Fix cache key for TRAP caching 2022-08-16 10:20:17 +01:00
Andrew Eisenberg
fba13b0092 More readable error message for invalid queries block 
When someone creates an invalid `queries` entry in the codeql config
file, like this:

```
queries:
  - foo.ql
```

THe error message is confusing, looking like this:

```
  Error: Cannot use 'in' operator to search for 'uses' in ql/ql/src
  TypeError: Cannot use 'in' operator to search for 'uses' in ql/ql/src
      at loadConfig (/home/runner/work/_actions/github/codeql-action/71a8b35ff4c80fcfcd05bc1cd932fe3c08f943ca/lib/config-utils.js:577:41)
```

With this change, the error message is more comprehensible:

`queries must be an array, with each entry having a 'uses' property`
 2022-08-15 07:56:00 -07:00
Henry Mercer
af9d911fb5 Merge remote-tracking branch 'origin/main' into henrymercer/codeql-cli-2.10.3 2022-08-15 14:40:51 +01:00
Henry Mercer
1e8043f69c Update default CodeQL version to 2.10.3 2022-08-12 10:43:51 +01:00
Andrew Eisenberg
fa2bc211fd Merge branch 'aeisenberg/unrevert-query-filters' into aeisenberg/fix-config-files 2022-08-11 14:57:16 -07:00
Andrew Eisenberg
bcf47202b5 Merge remote-tracking branch 'upstream/main' into aeisenberg/unrevert-query-filters 2022-08-11 11:37:55 -07:00
Andrew Eisenberg
072cd929a3 Merge remote-tracking branch 'upstream/main' into aeisenberg/unrevert-query-filters 2022-08-11 10:00:12 -07:00
Andrew Eisenberg
d74f663ed4 Merge remote-tracking branch 'upstream/main' into aeisenberg/fix-config-files 2022-08-11 09:57:45 -07:00
Andrew Eisenberg
a09a029937 Fix failing test and address PR comments 2022-08-11 09:56:08 -07:00
Chris Gavin
07e8996e91 Merge main into local. 2022-08-11 17:11:05 +01:00
Chris Gavin
7c6fa5ce8a Remove an unneeded if. 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2022-08-11 17:10:50 +01:00
Angela P Wen
79b933c459 Remove review comments 2022-08-11 16:47:31 +02:00
Angela P Wen
cf7f893f9c Make file paths OS-agnostic 2022-08-11 16:46:56 +02:00
Angela P Wen
172eca420d Improve doesDirectoryExist test 2022-08-11 16:08:06 +02:00
Angela P Wen
fd83e55188 Remove extraneous files 2022-08-11 16:03:48 +02:00
Angela P Wen
26cafd2f92 Add unit tests for post: hook run methods 2022-08-11 16:01:37 +02:00
Angela P Wen
15608ceae3 Merge remote-tracking branch 'origin/main' into angelapwen/post-init-cleanup 2022-08-11 15:24:10 +02:00