github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 17:20:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,494 Commits 297 Branches 500 Tags
codeql-bundle-v2.23.1
Commit Graph

2616 Commits

Author SHA1 Message Date
github-actions[bot]
668f0f00da Rebuild 2025-09-15 17:18:08 +00:00
Nick Rolfe
4014b75309 Only enable JAVA dependency minimisation when caching is enabled 2025-09-15 15:11:28 +01:00
Paolo Tranquilli
f92cc3a0e7 Merge pull request #3065 from github/redsun82/update-brace-expansion 
Use brace-expansion >2.0.1
 2025-09-12 16:06:42 +02:00
Nick Rolfe
185266a022 Merge pull request #3107 from github/nickrolfe/minimize-jars 
Add feature flag to roll out JAR minimization in the Java extractor
 2025-09-12 13:09:42 +01:00
Paolo Tranquilli
a1244387b0 Merge branch 'main' into redsun82/update-brace-expansion 2025-09-12 13:44:46 +02:00
Michael B. Gale
dc9a47dceb Merge pull request #3110 from github/mbg/proxy/fetch-from-release 
Fetch proxy binaries from `defaults.json` release
 2025-09-12 12:38:15 +01:00
Nick Rolfe
0abf548bb3 Add feature flag to roll out JAR minimization in the Java extractor 2025-09-12 12:09:34 +01:00
Michael B. Gale
e2636d2e4f Change "current release" to "linked release" 2025-09-12 11:15:03 +01:00
Henry Mercer
df1fe23118 Merge pull request #3083 from github/henrymercer/resolve-languages-default-queries 
Resolve supported languages using CodeQL CLI
 2025-09-12 10:12:15 +01:00
Chuan-kai Lin
5c30ae46c1 Stop saving config in initConfig() 2025-09-11 12:31:29 -07:00
Michael B. Gale
9df23425dc Search release pointed at by defaults.json for registry proxy artifact 2025-09-11 18:56:19 +01:00
Chuan-kai Lin
4e2e64a92a init-action: save updated config 
This commit updates the init action to save the config again at the end
of run(), so that config updates in run() are correctly propagated to
the analyze action.
 2025-09-11 08:07:50 -07:00
Michael B. Gale
ffcbb4c0c1 Move UPDATEJOB_PROXY constants to start-proxy.ts 2025-09-11 15:34:29 +01:00
Michael B. Gale
1479235f5d Merge pull request #3100 from github/mbg/config-version 
Store and check action version in `Config`
 2025-09-11 11:56:05 +01:00
Michael B. Gale
0d058cdc59 Merge pull request #3099 from github/mbg/validate-action-version-in-workflow 
Validate workflow to check that all `codeql-action` versions are the same
 2025-09-11 11:53:14 +01:00
github-actions[bot]
25c32186df Rebuild 2025-09-10 17:35:23 +00:00
Michael B. Gale
e49458befe Fix runInterpretResultsFor using the wrong AnalysisConfig for category fix 2025-09-10 16:14:19 +01:00
Kasper Svendsen
f374a62c8b Merge pull request #3098 from github/kaspersv/increase-overlay-base-size-limit 
Overlay: Increase size limit for cached overlay base database
 2025-09-10 15:01:08 +02:00
Michael B. Gale
754f2e184f Simplify step.uses condition 2025-09-10 13:35:39 +01:00
Michael B. Gale
4f56152a48 Store and check action version in Config 2025-09-10 13:33:17 +01:00
Michael B. Gale
bb98ff4838 Validate workflow to check that all codeql-action versions are the same 2025-09-10 13:02:28 +01:00
Kasper Svendsen
8a84a62542 Overlay: Increase size limit for cached overlay base database 2025-09-10 12:30:56 +02:00
Paolo Tranquilli
4c534612bf Tweak sarif dump log 2025-09-10 07:52:59 +02:00
Paolo Tranquilli
dae3742b0a Dump soon to be uploaded SARIF on request 
This introduces a new internal environment variable flag
(`CODEQL_ACTION_SARIF_DUMP_DIR`) that, when set to `true`, causes the
SARIF file that will be uploaded to be dumped to the specified
directory. The filename will be `upload.sarif` or `upload.quality.sarif`
depending on the upload target.
 2025-09-10 07:46:05 +02:00
copilot-swe-agent[bot]
2a4630c7f1 Remove --intra-layer-parallelism flag from CodeQL CLI commands 
Co-authored-by: henrymercer <14129055+henrymercer@users.noreply.github.com>
 2025-09-09 16:53:28 +00:00
github-actions[bot]
6c261ed0c7 Rebuild 2025-09-09 10:36:55 +00:00
github-actions[bot]
23419de6bd Rebuild 2025-09-08 17:18:08 +00:00
Michael B. Gale
0a56aada02 Merge pull request #3064 from github/mbg/cq/allow-cq-only-analysis 
Allow Code Quality only analysis
 2025-09-08 16:13:19 +01:00
Chuan-kai Lin
1c6bc389a1 Merge pull request #3080 from github/cklin/overlay-db-automation-id 
Overlay: add automation ID to cache key
 2025-09-08 06:33:55 -07:00
Paolo Tranquilli
d42097d387 Build 2025-09-08 14:05:29 +02:00
Michael B. Gale
e045f5eeb4 Fix hasActionsWorkflows throwing if workflows folder doesn't exist 2025-09-05 21:11:33 +01:00
Chuan-kai Lin
0e42ed405c build: refresh js files 2025-09-05 11:38:15 -07:00
Henry Mercer
d981505040 Add log for supported languages 2025-09-05 16:56:15 +01:00
Henry Mercer
f8fb310547 Resolve supported languages using CodeQL CLI 2025-09-05 16:17:32 +01:00
github-actions[bot]
6f2d6bb779 Rebuild 2025-09-05 11:59:47 +00:00
Michael B. Gale
918e792ec9 Throw an error if query customisations are enabled for a code-quality-only analysis 2025-09-05 12:44:30 +01:00
Michael B. Gale
5d822f13cd Rename getDbAnalysisKind and getDbAnalysisConfig 2025-09-05 12:39:34 +01:00
Chuan-kai Lin
4c82ae2356 Overlay: add automation ID to cache key 
This commit adds automation ID to the overlay-base database cache key so
that we properly distinguish different analyses in the same repo for the
same language.

Since I am changing the cache key format, I also moved the CodeQL bundle
version to the end of the cache restore key, in case we want to remove
it from the restore key sometime in the future.

Note that I chose to leave CACHE_VERSION unchanged because the old and
the new cache keys are sufficiently different that there should be no
risk of confusion.
 2025-09-04 14:13:15 -07:00
Michael B. Gale
2d2f57ed3a Merge pull request #3079 from github/mbg/proxy/accept-git-source 
Accept `git_source` registry configurations for Go
 2025-09-04 16:57:42 +01:00
Arthur Baars
5b8860ac11 Merge branch 'main' into update-bundle/codeql-bundle-v2.23.0 2025-09-04 16:57:04 +02:00
Michael B. Gale
8fe8b24202 Add git_source as supported registry type for Go 2025-09-04 14:06:50 +01:00
Michael B. Gale
6242bcbf1b Allow multiple registry types in LANGUAGE_TO_REGISTRY_TYPE 2025-09-04 13:54:49 +01:00
Michael B. Gale
38f1a70179 Add runInterpretResultsFor to de-duplicate code for interpret-results 2025-09-04 12:25:50 +01:00
Michael B. Gale
d08e9a2e04 Make conditions for interpret-results more robust 2025-09-04 12:14:12 +01:00
Michael B. Gale
ae2df70629 Make code that builds the list of queries for run-queries more robust in the event of future changes 2025-09-04 12:03:24 +01:00
Michael B. Gale
f4fca70590 Do not mutate originalUserInput 2025-09-04 11:56:48 +01:00
Michael B. Gale
51d74ac81c Remove default arguments from uploadSpecifiedFiles and validateUniqueCategory 2025-09-04 11:44:36 +01:00
Michael B. Gale
3ee9287c7a Update condition and comment for CQ-only config 2025-09-04 11:44:34 +01:00
Michael B. Gale
7baedbc3b8 Check if Code Scanning is enabled before uploading Code Scanning SARIF 2025-09-04 11:43:54 +01:00
Michael B. Gale
86275f6e9a Fix addSarifExtension and add tests 2025-09-04 11:43:54 +01:00