github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,880 Commits 297 Branches 500 Tags
codeql-bundle-20230524
Commit Graph

3880 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Eisenberg
b1b3d00b62 Add link to changenote for custom config 
Also, use a better link in the readme.
 2023-05-01 11:06:31 -07:00
Andrew Eisenberg
d2f6dfd52d Merge pull request #1665 from github/aeisenberg/config-param 
Add new configuration Parameter
 2023-05-01 10:26:31 -07:00
Andrew Eisenberg
cba5616040 Update CHANGELOG.md 2023-05-01 09:21:50 -07:00
github-actions[bot]
40c95932fe Add changelog note 2023-05-01 03:46:54 +00:00
github-actions[bot]
234badad23 Update default bundle to codeql-bundle-20230428 2023-05-01 03:46:50 +00:00
Andrew Eisenberg
824d18c689 Merge remote-tracking branch 'upstream/main' into issue-1589-config-param 2023-04-28 11:34:52 -07:00
Angela P Wen
f31a31c052 Merge pull request #1663 from github/mergeback/v2.3.2-to-main-f3feb00a 
Mergeback v2.3.2 refs/heads/releases/v2 into main
codeql-bundle-20230428 		2023-04-27 14:00:39 -07:00
github-actions[bot]
e3395de200 Update checked-in dependencies 2023-04-27 18:52:55 +00:00
github-actions[bot]
1cccbfcedc Update changelog and version after v2.3.2 2023-04-27 18:51:28 +00:00
Angela P Wen
f3feb00acb Merge pull request #1662 from github/update-v2.3.2-8b12d99ee 
Merge main into releases/v2
v2.3.2 		2023-04-27 11:49:50 -07:00
github-actions[bot]
1c9e206df3 Update changelog for v2.3.2 2023-04-27 18:18:58 +00:00
Angela P Wen
8b12d99ee5 Fix bug where run attempt was reported as run ID (#1661) 2023-04-27 18:05:34 +00:00
Angela P Wen
dcf71cf79b Merge pull request #1660 from github/mergeback/v2.3.1-to-main-8662eabe 
Mergeback v2.3.1 refs/heads/releases/v2 into main
 2023-04-26 14:15:40 -07:00
github-actions[bot]
194450bdd6 Update checked-in dependencies 2023-04-26 20:48:31 +00:00
github-actions[bot]
e78ef455a8 Update changelog and version after v2.3.1 2023-04-26 20:44:18 +00:00
Angela P Wen
8662eabe0e Merge pull request #1659 from github/update-v2.3.1-da583b07a 
* Update changelog and version after v2.3.0

* Update checked-in dependencies

* Throw full error for CLI bundle download (#1657)

* Add `workload_run_attempt` to analysis upload (#1658)

* Refactor status report upload logic

Previously we had duplicated the logic to check `GITHUB_RUN_ID`. We now call the `getWorkflowRunID()` method for the status report upload method, and move the logic for the run attempt to `getWorkflowRunAttempt()`

* Add `workflow_run_attempt` to analysis payload

* Stop allowing `undefined` run IDs and attempts

Because we already throw an error if the ID or attempt aren't numbers, we don't have to allow `undefined` values into the payload.

* Update changelog for v2.3.1

---------

Co-authored-by: github-actions[bot] <github-actions@github.com>
Co-authored-by: Chuan-kai Lin <cklin@github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
v2.3.1 		2023-04-26 13:42:37 -07:00
github-actions[bot]
1f2f707d99 Update changelog for v2.3.1 2023-04-26 20:16:15 +00:00
Angela P Wen
da583b07a7 Add workload_run_attempt to analysis upload (#1658) 
* Refactor status report upload logic

Previously we had duplicated the logic to check `GITHUB_RUN_ID`. We now call the `getWorkflowRunID()` method for the status report upload method, and move the logic for the run attempt to `getWorkflowRunAttempt()`

* Add `workflow_run_attempt` to analysis payload

* Stop allowing `undefined` run IDs and attempts

Because we already throw an error if the ID or attempt aren't numbers, we don't have to allow `undefined` values into the payload.
 2023-04-26 02:13:27 +00:00
Angela P Wen
a9648ea7c6 Throw full error for CLI bundle download (#1657) 2023-04-24 07:46:45 -07:00
Chuan-kai Lin
c5f3f016ae Merge pull request #1656 from github/mergeback/v2.3.0-to-main-b2c19fb9 
Mergeback v2.3.0 refs/heads/releases/v2 into main
 2023-04-21 12:43:38 -07:00
github-actions[bot]
90f053271e Update checked-in dependencies 2023-04-21 19:12:19 +00:00
github-actions[bot]
0f085f964c Update changelog and version after v2.3.0 2023-04-21 19:09:10 +00:00
Chuan-kai Lin
b2c19fb9a2 Merge pull request #1655 from github/update-v2.3.0-a8affb063 
Merge main into releases/v2
v2.3.0 		2023-04-21 12:07:18 -07:00
github-actions[bot]
b203f98343 Update changelog for v2.3.0 2023-04-21 18:24:50 +00:00
Chuan-kai Lin
a8affb0639 Merge pull request #1649 from github/cklin/codeql-cli-2.13.0 
Update default CodeQL bundle version to 2.13.0
 2023-04-20 07:39:38 -07:00
Henry Mercer
b8cc643a23 Merge branch 'main' into cklin/codeql-cli-2.13.0 2023-04-20 11:23:25 +01:00
Henry Mercer
7019a9c6fd Merge pull request #1618 from github/henrymercer/remove-legacy-tracing 
Remove legacy tracing
 2023-04-20 11:22:32 +01:00
Henry Mercer
66f62df188 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-19 15:56:42 +01:00
Henry Mercer
afdf30f311 Merge pull request #1652 from github/henrymercer/fix-bundle-version 
Fix the `bundleVersion` field set by the automated bundle update PR
 2023-04-18 21:04:26 +01:00
Henry Mercer
55a2e70992 Autoformat index.ts 2023-04-18 18:59:36 +01:00
Henry Mercer
1c2f282107 Fix bundle version 
It's the whole tag, we don't want to remove the `codeql-bundle-` prefix.
 2023-04-18 18:59:09 +01:00
tgrall
47cec7ab01 add test with config file and input together 2023-04-18 06:01:33 +02:00
tgrall
7b876ae4f4 remove space from json string 2023-04-18 05:46:51 +02:00
tgrall
f398a65921 fix after review from @henrymercer 2023-04-18 05:43:21 +02:00
dependabot[bot]
9a866ed452 Bump swift-actions/setup-swift in /.github/actions/setup-swift (#1650) 
Bumps [swift-actions/setup-swift](https://github.com/swift-actions/setup-swift) from 1.22.0 to 1.23.0.
- [Release notes](https://github.com/swift-actions/setup-swift/releases)
- [Commits](da0e3e04b5...65540b95f5)

---
updated-dependencies:
- dependency-name: swift-actions/setup-swift
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
codeql-bundle-20230418 		2023-04-17 19:16:10 +00:00
Chuan-kai Lin
7867d03591 Update default CodeQL bundle version to 2.13.0 2023-04-14 15:28:21 -07:00
Chuan-kai Lin
be2b53b5c7 Merge pull request #1648 from github/cklin/update-bundle-trigger 
Fix pre-release trigger for update-bundle action
 2023-04-14 15:11:42 -07:00
Chuan-kai Lin
ae24b75fca Fix pre-release trigger for update-bundle action 
This PR switches the update-bundle release trigger from `prereleased` to `published` because the former has been documented not to work.

From https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#release:

> Note: The prereleased type will not trigger for pre-releases published from draft releases, but the published type will trigger. If you want a workflow to run when stable and pre-releases publish, subscribe to published instead of released and prereleased.
 2023-04-14 14:50:37 -07:00
Henry Mercer
dc046388f3 Merge pull request #1647 from github/mergeback/v2.2.12-to-main-7df0ce34 
Mergeback v2.2.12 refs/heads/releases/v2 into main
codeql-bundle-20230414 		2023-04-13 17:23:16 +01:00
github-actions[bot]
b4fa971e40 Update checked-in dependencies 2023-04-13 15:50:19 +00:00
github-actions[bot]
7879209bb2 Update changelog and version after v2.2.12 2023-04-13 14:03:50 +00:00
Henry Mercer
7df0ce3489 Merge pull request #1646 from github/update-v2.2.12-d944b3423 
Merge main into releases/v2
v2.2.12 		2023-04-13 15:01:19 +01:00
github-actions[bot]
fbedecac34 Update changelog for v2.2.12 2023-04-13 11:35:13 +00:00
Henry Mercer
d944b3423d Merge pull request #1619 from github/henrymercer/default-setup-workflow 
Allow workflow to be passed via an environment variable for default setup
 2023-04-13 10:17:54 +01:00
Henry Mercer
e3210d8ce3 Add changelog note 2023-04-12 19:18:17 +01:00
Henry Mercer
599f4927f2 Allow passing the workflow via an environment variable 2023-04-12 14:14:43 +01:00
Henry Mercer
ed6c4995fc Merge pull request #1645 from github/henrymercer/remove-dependencies 
Remove unused dependencies
 2023-04-11 16:27:15 +01:00
Henry Mercer
c2b5d643fd Require xml2js >=0.5.0 to address CVE-2023-0842 2023-04-11 13:33:36 +01:00
Henry Mercer
8a093aa1a5 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-11 12:25:45 +01:00
Henry Mercer
9c13316a15 Remove unused dependencies 2023-04-11 12:17:38 +01:00