github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
4,144 Commits 297 Branches 500 Tags
codeql-bundle-v2.14.1
Commit Graph

1509 Commits

Author SHA1 Message Date
Henry Mercer
2bf10dc4b9 Extract semantic CLI version from URL when requesting specific tools 2023-05-16 14:47:32 +01:00
Henry Mercer
e422b64793 Use resolve extractor when finding autobuild scripts 2023-05-16 11:18:16 +01:00
Rasmus Wriedt Larsen
e1cca2565c Generate JS 2023-05-15 12:05:50 +02:00
Rasmus Wriedt Larsen
fce87bbc67 Generate JS 2023-05-12 10:00:31 +02:00
Rasmus Wriedt Larsen
cbc79bf64b Merge branch 'main' into rasmuswl/python-disable-dependency-installation 2023-05-12 09:55:57 +02:00
Shaikhul Islam
903cb278c5 recompile src 2023-05-11 14:16:34 +00:00
Rasmus Wriedt Larsen
0ccdbf8cd5 Feature flag to disable python dependency installation 2023-05-11 12:14:04 +02:00
Shaikhul Islam
c26fc558ba revert MissingPushHook checks changes 2023-05-10 20:37:56 +00:00
Shaikhul Islam
699855c048 fix linter issue 2023-05-09 15:05:36 +00:00
Shaikhul Islam
edb138ff88 remove consts MismatchedBranches and MissingPushHook 2023-05-09 14:39:49 +00:00
Andrew Eisenberg
11fba50273 Merge pull request #1668 from github/aeisenberg/update-sarif-schema 2023-05-05 09:14:24 -07:00
Dave Bartolomeo
33461954a5 Merge branch 'main' into update-bundle/codeql-bundle-20230428 2023-05-03 19:02:27 -04:00
Andrew Eisenberg
ece3cbc8ec Update changelog 2023-05-02 13:52:28 -07:00
github-actions[bot]
234badad23 Update default bundle to codeql-bundle-20230428 2023-05-01 03:46:50 +00:00
Andrew Eisenberg
824d18c689 Merge remote-tracking branch 'upstream/main' into issue-1589-config-param 2023-04-28 11:34:52 -07:00
Angela P Wen
8b12d99ee5 Fix bug where run attempt was reported as run ID (#1661) 2023-04-27 18:05:34 +00:00
Angela P Wen
da583b07a7 Add workload_run_attempt to analysis upload (#1658) 
* Refactor status report upload logic

Previously we had duplicated the logic to check `GITHUB_RUN_ID`. We now call the `getWorkflowRunID()` method for the status report upload method, and move the logic for the run attempt to `getWorkflowRunAttempt()`

* Add `workflow_run_attempt` to analysis payload

* Stop allowing `undefined` run IDs and attempts

Because we already throw an error if the ID or attempt aren't numbers, we don't have to allow `undefined` values into the payload.
 2023-04-26 02:13:27 +00:00
Angela P Wen
a9648ea7c6 Throw full error for CLI bundle download (#1657) 2023-04-24 07:46:45 -07:00
Henry Mercer
b8cc643a23 Merge branch 'main' into cklin/codeql-cli-2.13.0 2023-04-20 11:23:25 +01:00
Henry Mercer
66f62df188 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-19 15:56:42 +01:00
tgrall
47cec7ab01 add test with config file and input together 2023-04-18 06:01:33 +02:00
tgrall
7b876ae4f4 remove space from json string 2023-04-18 05:46:51 +02:00
tgrall
f398a65921 fix after review from @henrymercer 2023-04-18 05:43:21 +02:00
Chuan-kai Lin
7867d03591 Update default CodeQL bundle version to 2.13.0 2023-04-14 15:28:21 -07:00
Henry Mercer
599f4927f2 Allow passing the workflow via an environment variable 2023-04-12 14:14:43 +01:00
Henry Mercer
8a093aa1a5 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-11 12:25:45 +01:00
Angela P Wen
98f7bbd610 Add workflow_run_attempt data to status report (#1640) 2023-04-10 20:02:23 +00:00
tgrall
b4e6f81a72 resolve comments from @henrymercer 2023-04-10 07:56:09 +02:00
Tugdual Grall
18f13455eb Merge branch 'main' into issue-1589-config-param 2023-04-10 07:33:09 +02:00
Henry Mercer
69371ffa95 Merge branch 'main' into henrymercer/fix-init-exception-reporting 2023-04-06 17:05:02 +01:00
Henry Mercer
e5c2f32a9f Consistently wrap errors 2023-04-06 17:04:21 +01:00
Henry Mercer
555b602b2f Report exceptions to telemetry in init Action 2023-04-06 15:08:48 +01:00
Henry Mercer
7193623f40 Re-enable duplicate SARIF notification location workaround 2023-04-06 14:48:04 +01:00
Henry Mercer
f7a67e4341 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-05 18:39:27 +01:00
Henry Mercer
66aeadb4c9 Merge pull request #1631 from github/henrymercer/duplicate-diagnostics-fixed-in-cli 
Skip the SARIF notification object workaround for CLIs that have fixed this bug
 2023-04-05 10:46:12 +01:00
Andrew Eisenberg
2754e10472 Move to the codeql-testing org 
Refer to the packages in codeql-testing, not in dsp-testing.
 2023-04-04 13:39:56 -07:00
Henry Mercer
3bba073180 Skip the SARIF notification object workaround for fixed CLIs 2023-04-04 18:19:05 +01:00
Alexander Eyers-Taylor
9c869ebf0d Update default CodeQL bundle version to 2.12.6 2023-04-04 16:01:04 +01:00
tgrall
fe4a785361 rename new parameter from configuration to config 2023-04-01 07:13:01 +02:00
Henry Mercer
69aec345f1 Pass negative SARIF include diagnostics flag when feature is disabled 
In preparation for enabling this flag by default in the CLI
 2023-03-29 18:56:19 +01:00
Henry Mercer
29a4713933 Enable diagnostics functionality on GHES 2023-03-29 18:45:27 +01:00
Robin Neatherway
f6e4cff38a Remove checks for triggering on specific paths 
These are no longer necessary with the new approach to selecting
alerts to show on pull requests.
 2023-03-29 11:02:16 +02:00
Henry Mercer
d8fe76e161 Delete legacy tracing 2023-03-28 18:53:43 +01:00
Henry Mercer
4772c1d99f Bump minimum version to 2.8.5 2023-03-28 17:24:45 +01:00
Henry Mercer
57eca7cbb2 Use Array.isArray 2023-03-27 15:59:29 +01:00
Henry Mercer
1e7a38893c Wrap reading and writing SARIF files 2023-03-27 15:44:47 +01:00
Henry Mercer
c8935d5a9d Remove duplicate locations from failed run SARIF 2023-03-24 20:30:57 +00:00
Henry Mercer
ade432fd68 Remove duplicate locations from output of database interpret-results 2023-03-24 20:30:57 +00:00
Henry Mercer
6f852eeb38 Implement removing duplicate locations from a SARIF file 2023-03-24 20:30:57 +00:00
Angela P Wen
a21bb7f968 Update upload input values and logic (#1598) 
- The `upload` input to the `analyze` Action now accepts the following values:
    - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

---------

Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-23 17:23:25 +00:00