github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
5,860 Commits 297 Branches 500 Tags
codeql-bundle-v2.19.1
Commit Graph

2085 Commits

Author SHA1 Message Date
nickfyson
a854253aca ensure deprecation warning is only shown once per job 2024-01-19 14:55:54 +00:00
nickfyson
f72cffc780 add v2 deprecation warning 2024-01-18 20:51:16 +00:00
Angela P Wen
f65ecd09c7 Only delete SARIF in PR check if not running on a fork (#2084) 2024-01-16 16:07:58 -08:00
Alexander Eyers-Taylor
1fea7a57e7 Merge branch 'main' into update-bundle/codeql-bundle-v2.16.0 2024-01-15 15:55:29 +00:00
Angela P Wen
96531062ba Stop setting CODEQL_RUNNER environment variable if CLI already sets it (#2081) 
* Check `setsCodeqlRunnerEnvVar` is set in the CLI with `ToolsFeatures`

* Stop setting `CODEQL_RUNNER` env var when CLI does

* Add optional `features` parameter in test utils

* Test that `CODEQL_RUNNER` is not set if CLI sets it
 2024-01-12 09:41:07 -08:00
Henry Mercer
eb14aeb61d Merge pull request #2080 from github/henrymercer/fix-unconditional-warning 
Fix `paths`/`paths-ignore` warning that would appear unconditionally
 2024-01-11 12:34:53 +00:00
Henry Mercer
30597e33ea Handle empty lists as well as undefined ones 2024-01-11 12:07:18 +00:00
Henry Mercer
94e68911d7 Fix paths/paths-ignore warning that would appear unconditionally 2024-01-11 11:54:24 +00:00
Andrew Eisenberg
f5a82188bc Add a retention period of 7 days 
For debug artifacts. Ensures they don't stick around
too long since these can be large.
 2024-01-10 13:31:52 -08:00
github-actions[bot]
72e5036933 Update default bundle to codeql-bundle-v2.16.0 2024-01-08 18:58:06 +00:00
Henry Mercer
415881f4cf Remove code specific to GitHub AE 2024-01-08 13:28:39 +00:00
Henry Mercer
838a022982 Clean up running queries workflow now that the queries are determined by the CLI 2024-01-05 19:11:02 +00:00
Henry Mercer
a533ec62b3 Merge branch 'main' into henrymercer/remove-action-config-parsing 2024-01-05 16:14:49 +00:00
Rasmus Wriedt Larsen
9926570d4c Generate JS 2024-01-05 10:32:41 +01:00
Rasmus Wriedt Larsen
2e27b3c56b Create helper isPythonDependencyInstallationDisabled 2024-01-05 10:23:04 +01:00
Rasmus Wriedt Larsen
afef25e1e7 Add comment for force enabling dependency extraction 2024-01-05 10:21:34 +01:00
Henry Mercer
67be7bc713 Remove unused status report fields 2024-01-04 16:38:53 +00:00
Henry Mercer
4feb32a7ef Remove code to download packs 2024-01-04 16:29:49 +00:00
Henry Mercer
f65fc6a926 Remove parsing of queries, packs, paths, and pathsIgnore 2024-01-04 16:27:05 +00:00
Henry Mercer
f934b28e51 Populate path filters env variables using the CLI 2024-01-04 15:17:20 +00:00
Henry Mercer
b30262ccb4 Remove functionality for checking out external repos 2024-01-04 15:09:24 +00:00
Henry Mercer
b683173003 Remove unused arguments 2024-01-04 15:05:15 +00:00
Henry Mercer
f53698be43 Remove Action-config code path in runQueries 2024-01-04 14:45:16 +00:00
Henry Mercer
fa98ec0c7a Remove CliConfigFileEnabled feature flag 2024-01-04 14:39:36 +00:00
Rasmus Wriedt Larsen
ce9d281924 Merge branch 'main' into rasmuswl/no-dep-inst-default 2024-01-04 15:28:16 +01:00
Henry Mercer
216127f34a Merge pull request #1994 from github/update-supported-enterprise-server-versions 
Update supported GitHub Enterprise Server versions
 2024-01-04 13:27:56 +00:00
Henry Mercer
6ebbf452bb Merge branch 'main' into update-supported-enterprise-server-versions 2024-01-02 19:13:58 +00:00
Henry Mercer
35b10b5ff7 Merge branch 'main' into henrymercer/drop-codeql-v2.11.5 2024-01-02 18:03:32 +00:00
github-actions[bot]
fe1e55feb0 Update default bundle to codeql-bundle-v2.15.5 2023-12-19 15:27:01 +00:00
Rasmus Wriedt Larsen
dd207935b5 Merge branch 'main' into rasmuswl/no-dep-inst-default 2023-12-13 20:29:44 +01:00
Rasmus Wriedt Larsen
1e69b89bc7 build 2023-12-13 12:27:17 +01:00
Nick Fyson
1de8705f6b Merge branch 'main' into nickfyson/node-20 2023-12-12 13:01:04 +00:00
nickfyson
3a9f6a89e0 update javascript files 2023-12-07 16:00:04 +00:00
Chuan-kai Lin
183559cea8 Merge branch 'main' into update-bundle/codeql-bundle-v2.15.4 2023-12-07 06:34:56 -08:00
Chuan-kai Lin
784783de17 Update supported GitHub Enterprise Server versions 2023-12-05 13:08:58 -08:00
github-actions[bot]
1c3b8c867b Update default bundle to codeql-bundle-v2.15.4 2023-12-05 20:47:43 +00:00
Henry Mercer
cc940d75b2 Extract scanned languages using --index-traceless-dbs 2023-12-01 18:58:40 +00:00
Henry Mercer
1d367b0bec Improve error categorizations 2023-12-01 17:54:38 +00:00
Henry Mercer
fdea2a523d Remove result pruning for CodeQL 2.11.2 2023-11-27 12:58:49 +00:00
Henry Mercer
a36fc67ec3 Remove CodeQL version guards for 2.11.5 and earlier 2023-11-27 12:56:32 +00:00
Henry Mercer
d1166e6d60 Bump minimum CodeQL version to 2.11.6 2023-11-27 12:36:48 +00:00
Arthur Baars
77c1abbd83 Merge branch 'main' into update-bundle/codeql-bundle-v2.15.3 2023-11-22 10:37:42 +01:00
dependabot[bot]
80150c2141 Bump the npm group with 12 updates (#2003) 
* Bump the npm group with 12 updates

Bumps the npm group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [@octokit/types](https://github.com/octokit/types.ts) | `12.1.1` | `12.3.0` |
| [@types/uuid](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/uuid) | `9.0.6` | `9.0.7` |
| [@types/adm-zip](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/adm-zip) | `0.5.3` | `0.5.4` |
| [@types/js-yaml](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/js-yaml) | `4.0.8` | `4.0.9` |
| [@types/semver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/semver) | `7.5.4` | `7.5.5` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `6.9.1` | `6.12.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `6.9.1` | `6.12.0` |
| [eslint](https://github.com/eslint/eslint) | `8.52.0` | `8.54.0` |
| [nock](https://github.com/nock/nock) | `13.3.7` | `13.3.8` |
| [sinon](https://github.com/sinonjs/sinon) | `17.0.0` | `17.0.1` |
| [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon) | `10.0.20` | `17.0.1` |
| [typescript](https://github.com/Microsoft/TypeScript) | `5.2.2` | `5.3.2` |


Updates `@octokit/types` from 12.1.1 to 12.3.0
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](https://github.com/octokit/types.ts/compare/v12.1.1...v12.3.0)

Updates `@types/uuid` from 9.0.6 to 9.0.7
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/uuid)

Updates `@types/adm-zip` from 0.5.3 to 0.5.4
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/adm-zip)

Updates `@types/js-yaml` from 4.0.8 to 4.0.9
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/js-yaml)

Updates `@types/semver` from 7.5.4 to 7.5.5
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/semver)

Updates `@typescript-eslint/eslint-plugin` from 6.9.1 to 6.12.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.12.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 6.9.1 to 6.12.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.12.0/packages/parser)

Updates `eslint` from 8.52.0 to 8.54.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.52.0...v8.54.0)

Updates `nock` from 13.3.7 to 13.3.8
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v13.3.7...v13.3.8)

Updates `sinon` from 17.0.0 to 17.0.1
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v17.0.0...v17.0.1)

Updates `@types/sinon` from 10.0.20 to 17.0.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon)

Updates `typescript` from 5.2.2 to 5.3.2
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

---
updated-dependencies:
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@types/uuid"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/adm-zip"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/js-yaml"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/semver"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/sinon"
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update checked-in dependencies

* Rebuild

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2023-11-20 14:35:28 -08:00
github-actions[bot]
83267d5070 Update default bundle to codeql-bundle-v2.15.3 2023-11-19 10:01:00 +00:00
Andrew Eisenberg
10f05151c5 Merge pull request #1981 from github/aeisenberg/delete-analysis-after-upload 
Delete analysis after uploading
 2023-11-16 04:32:07 -08:00
github-actions[bot]
6111b7c004 Update supported GitHub Enterprise Server versions 2023-11-16 00:11:21 +00:00
Andrew Eisenberg
4e80a80354 Use delay instead of wait 
Need to also change the signature of delay to allow this to happen.
 2023-11-15 13:14:19 -08:00
Andrew Eisenberg
df9b50ee5f Address comments from review 
- Change error messages.
- Use logger instead of core
- throw Error instead of write error message
 2023-11-15 12:54:26 -08:00
Henry Mercer
779838b849 Prepare for CodeQL v2.10.* deprecation 
Warn users of CodeQL v2.11.5 and earlier that the next minor release of
the CodeQL Action will require CodeQL v2.11.6 or later.
 2023-11-15 17:52:32 +00:00
Andrew Eisenberg
04451e072f Delete analysis after uploading 
The analysis is purposefully failing. We don't want a failed analysis
sitting in the security center since this can cause some internal
checks to erroneously fail.
 2023-11-10 13:26:01 -08:00