github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,857 Commits 297 Branches 500 Tags
codeql-bundle-20230515
Commit Graph

107 Commits

Author SHA1 Message Date
Henry Mercer
2058418de9 Don't expect Swift baseline info on Windows 2023-04-05 20:41:23 +01:00
Henry Mercer
5da64f56c0 Set up Swift in unset environment workflow 2023-04-05 20:27:02 +01:00
Henry Mercer
322cea6439 Set up Swift in local bundle workflow 2023-04-05 19:31:20 +01:00
Henry Mercer
f7a67e4341 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-05 18:39:27 +01:00
Henry Mercer
66aeadb4c9 Merge pull request #1631 from github/henrymercer/duplicate-diagnostics-fixed-in-cli 
Skip the SARIF notification object workaround for CLIs that have fixed this bug
 2023-04-05 10:46:12 +01:00
Andrew Eisenberg
2754e10472 Move to the codeql-testing org 
Refer to the packages in codeql-testing, not in dsp-testing.
 2023-04-04 13:39:56 -07:00
Henry Mercer
3bba073180 Skip the SARIF notification object workaround for fixed CLIs 2023-04-04 18:19:05 +01:00
Henry Mercer
e85546ccca Move internal Actions into .github/actions 
This is a more standard location for these custom Actions.
 2023-04-03 18:29:29 +01:00
Henry Mercer
6cd5121600 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-03-29 13:03:14 +01:00
Henry Mercer
ff39eb8d6a Disable flaky Swift autobuild checks 2023-03-28 20:40:23 +01:00
Henry Mercer
6ef37003ca Update CodeQL releases used in PR checks 2023-03-28 20:07:09 +01:00
Henry Mercer
329c022f48 Just check the number of locations 
Only tests the property we are looking for and avoids problems with
different cross-platform behavior.
 2023-03-24 21:50:26 +00:00
Henry Mercer
097ab4665f Speed up checks a bit by just running the standard suite 2023-03-24 20:30:57 +00:00
Henry Mercer
befd804b8b Extend diagnostics export integration test to capture location bug 2023-03-24 19:48:36 +00:00
Angela P Wen
a21bb7f968 Update upload input values and logic (#1598) 
- The `upload` input to the `analyze` Action now accepts the following values:
    - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

---------

Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-23 17:23:25 +00:00
Angela P Wen
3cbd063679 Upload per-database diagnostic SARIFs on green and red runs (#1556) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-20 21:09:04 +00:00
Andrew Eisenberg
c208575433 Avoid uploading databases after integration tests 
We are still getting coverage of the upload capability through the
standard codeql analysis workflow.
 2023-03-14 14:55:58 -07:00
Henry Mercer
a92a14621b Prefer core.info to console.log 2023-03-13 12:45:15 +00:00
Henry Mercer
b36480d849 Specify SARIF path via env variable 2023-03-09 19:24:49 +00:00
Henry Mercer
b31d983f22 Add PR check 2023-03-09 18:37:44 +00:00
Andrew Eisenberg
bbe8d375fd Ensure qlconfig file is created when config parsing in cli is on 
Previously, with the config parsing in the cli feature flag turned on,
the CLI was not able to download packs from other registries. This PR
adds the codeql-action changes required for this. The CLI changes will
be in a separate, internal PR.
 2023-02-07 10:40:56 -08:00
Henry Mercer
b873a18a2f Limit Swift autobuild runtime to 10 minutes 
There's a known issue that causes the Swift autobuilder to hang.  By
setting a timeout, we'll fail earlier and we can rerun the check
earlier.
 2023-01-23 19:12:27 +00:00
Henry Mercer
80b12d6f73 Ensure we don't unset CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN 2023-01-10 17:42:24 +00:00
Angela P Wen
4778dfbd93 Set up the Swift version the extractor declares (#1422) 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2022-12-19 13:08:15 -08:00
Chuan-kai Lin
fb74504ab5 Disable nightly-latest checks for Swift 2022-12-07 17:59:30 +00:00
dependabot[bot]
61cc378b7f Bump swift-actions/setup-swift from 1.19.0 to 1.20.0 (#1415) 
* Bump swift-actions/setup-swift from 1.19.0 to 1.20.0

Bumps [swift-actions/setup-swift](https://github.com/swift-actions/setup-swift) from 1.19.0 to 1.20.0.
- [Release notes](https://github.com/swift-actions/setup-swift/releases)
- [Commits](5cdaa9161a...194625b58a)

---
updated-dependencies:
- dependency-name: swift-actions/setup-swift
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update setup-swift SHA in non-autogenerated files

* Specify v5.7.0 instead of 5.7

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
 2022-12-05 10:54:03 +01:00
Henry Mercer
77cda4d75d Add testing environment to submit SARIF after failure PR check 2022-11-30 11:32:36 +00:00
Henry Mercer
24fd4c0f4e Generate the "Submit SARIF after failure" workflow 2022-11-25 18:18:13 +00:00
Henry Mercer
909c8687d5 Test Linux against Swift 5.7 
Currently only macOS supports 5.7.1
 2022-11-23 21:21:50 +00:00
Henry Mercer
ce90479412 Test latest and nightly-latest against Swift 5.7.1 2022-11-23 20:17:20 +00:00
Henry Mercer
34d91a9ce7 Use runner.os in ML-powered queries tests too 2022-11-22 20:45:26 +00:00
Henry Mercer
c49c05b5df Perform the check using runner.os 2022-11-22 20:41:32 +00:00
Henry Mercer
2ccaddd459 Define swift-version as a string 2022-11-22 20:33:22 +00:00
Henry Mercer
5dcca8a6e4 Pin the version of swift-actions/setup-swift@v1 2022-11-22 20:13:49 +00:00
Henry Mercer
b6e17a6616 Drop unneeded CODEQL_ENABLE_EXPERIMENTAL_FEATURES env var 2022-11-22 11:31:22 +00:00
Henry Mercer
e9e73b0cb9 Use Swift version 5.7 in PR checks 
The version installed in the latest runner image, 5.7.1, is not yet
supported.
 2022-11-22 11:30:27 +00:00
Angela P Wen
bab5a146ac Add Ruby and Swift language autodetect tests (#1369) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-11-22 11:03:25 +00:00
Henry Mercer
a190d3876a Rename TEST_MODE to specific variable for CodeQL Action 
This allows us to set it automatically in the workflow generator,
simplifying things and reducing the scope for error.
 2022-11-16 16:40:30 +00:00
Henry Mercer
d48707ce53 Merge branch 'henrymercer/delete-runner-part-2' into henrymercer/require-cli-2.6.3 2022-11-15 20:58:01 +00:00
Henry Mercer
07b9db6a46 Explicitly set up Go 1.13.1 in checks running on old runner images 2022-11-15 20:53:57 +00:00
Henry Mercer
88b5c1e51f Set environment variable to enable Swift 2022-11-15 13:53:00 +00:00
Henry Mercer
3ef8b89353 Merge branch 'main' into henrymercer/update-query-id-prefixes 2022-11-15 13:46:12 +00:00
Henry Mercer
1e2f8f035d Merge branch 'main' into henrymercer/require-cli-2.6.3 2022-11-14 22:25:31 +00:00
Henry Mercer
31c87302e7 Add Swift file baseline info to expected list 
Also update query ID prefixes for C# and Ruby
 2022-11-14 22:23:16 +00:00
Angela P Wen
5883c13406 Deprecate Go extraction reconciliation feature flag and CODEQL_EXTRACTOR_GO_BUILD_TRACING for custom builds (#1322) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-11-14 13:54:35 -08:00
Angela P Wen
0eacdb53ad Support Swift for private beta (#1350) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-11-14 10:29:05 -08:00
Henry Mercer
0c3e493df0 Update first version of CLI compatible with Windows 2022 
It is 2.8.2, not 2.7.3.
 2022-11-11 19:08:55 +00:00
Henry Mercer
1fd76310fd Update CLI versions in non-generated checks 2022-11-11 19:08:33 +00:00
Henry Mercer
76a77405c1 Fix Python query identifier in file baseline information PR check 2022-11-11 10:12:39 +00:00
Henry Mercer
029ecc09e7 Check expected SARIF notification objects 2022-11-07 16:37:57 +00:00