github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 17:20:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,373 Commits 297 Branches 500 Tags
v1.0.1
Commit Graph

37 Commits

Author SHA1 Message Date
Edoardo Pirovano
0cbd4b56d3 Add some dependencies for uploading artifacts 2021-06-02 10:32:48 +01:00
Andrew Eisenberg
539d968ad7 Use commander preAction hook for setMode 
Hooks are new to commander v8. We can use hooks to ensure that `setMode`
is called before every command is invoked.
 2021-06-01 11:17:49 -07:00
Andrew Eisenberg
f0e82b7d63 1.0.1 2021-05-31 10:56:52 -07:00
Andrew Eisenberg
8566f9b061 Add a changelog 
Adds an empty changelog file and a reminder to update it when opening
pull requests.

Also, adds a 1.0.0 version number in the package.json, which is what
we _could_ use for version numbering.
 2021-05-19 15:19:36 -07:00
Andrew Eisenberg
ddcb299283 Update loc count library 
This version will count lines of code in each file serially. It still
runs all file system operations asynchronously. The only difference now
is that it will only count one file at a time. It is slower, but it
is able to count large repositories without running out of memory.
 2021-05-12 16:33:05 -07:00
Andrew Eisenberg
489dbb0e02 Fix security vulnerabilities 
Ran `npm audit fix`.

Even though this fixes a "high" severity vulnerability, all affected
packages are dev packages only.
 2021-05-10 10:14:48 -07:00
Andrew Eisenberg
5c0a38d7e4 Update github-linguist dependency 
This version adds a larger list of auto-excluded binary files.
And allows for the passing of a list of file types to restrict
analysis to.
 2021-04-28 14:55:17 -07:00
Andrew Eisenberg
b6b197e0ad Merge branch 'main' into aeisenberg/add-github-linguist 2021-04-23 10:54:04 -07:00
Andrew Eisenberg
c4a84a93d4 Add the github-linguist package 
This commit only adds a single package and all of its transitive
dependencies. The github-linguist package will be used for counting
lines of code as a baseline for databases we are analyzing.
 2021-04-22 15:59:49 -07:00
Robert
8c91ba83e2 Introduce our own toolcache implementation for use by the runnner 2021-04-22 15:31:15 +01:00
dependabot[bot]
d0b1259bbe Bump y18n from 4.0.0 to 4.0.1 
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-31 22:46:11 +00:00
Chris Gavin
f8c5dacab5 Also look for the CodeQL bundle at the custom GitHub AE endpoint. 2021-02-15 19:41:41 +00:00
Chris Gavin
d182a0e3aa Fix deduplication of bundle download sources. 2021-01-26 16:56:43 +00:00
dependabot[bot]
46c74bba1d Bump ini from 1.3.5 to 1.3.8 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-12-12 17:32:00 +00:00
Chris Gavin
726cfc8441 Ensure unqualified program names are present on PATH before executing them. 2020-11-18 22:20:13 +00:00
Chris Raynor
0907cd5a41 Merge branch 'main' into cbraynor/fix201 2020-10-05 10:35:27 +01:00
dependabot[bot]
4290eabf33 Bump @actions/core from 1.2.0 to 1.2.6 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.2.0 to 1.2.6.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-10-01 17:36:26 +00:00
Chris Raynor
8200c137dc Resolve violations of import/no-extraneous-dependencies lint 
Fixes #201
 2020-09-29 15:03:21 +01:00
Chris Gavin
31c2eca167 Fix retrying uploads by using Octokit retry plugin. 2020-09-21 19:15:19 +01:00
Chris Gavin
9ed519fa12 Update to the latest version of @actions/github. 2020-09-18 16:06:20 +01:00
Chris Raynor
09b4a82c83 Removing the tslint config 2020-09-14 10:37:55 +01:00
Chris Raynor
06765f9340 Adding ESLint config and required dev dependencies 2020-09-14 10:32:24 +01:00
dependabot[bot]
0b64878cfe Bump node-fetch from 2.6.0 to 2.6.1 
Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/bitinn/node-fetch/releases)
- [Changelog](https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/bitinn/node-fetch/compare/v2.6.0...v2.6.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-09-12 20:20:25 +00:00
Robert Brignull
a6e6d4b72b move dependencies needed to build CLI to separate package.json 2020-08-24 14:02:49 +01:00
Robert Brignull
34b372292b commit node_modules and generated files 2020-08-11 12:43:27 +01:00
Robert
de0b59097a remove direct dependency on @actions/io 2020-08-07 18:09:45 +01:00
Robert
6f42543a85 update lodash 2020-07-24 16:50:31 +01:00
Robert Brignull
f77ab09bf4 add sinon types 2020-07-07 18:32:18 +01:00
Robert Brignull
0086c2ecdb use @actions/github 2020-07-06 16:25:26 +01:00
Sam Partington
b0af5695e6 Add sinon package for mocking 2020-06-24 14:34:08 +01:00
Chris Gavin
211ad30f72 Update TSLint configuration to detect bad indentation. 2020-06-23 14:44:36 +01:00
Alex Kalyvitis
4c6749115a update @actions/tool-cache, install semver, nock 2020-06-18 16:31:13 +02:00
Robert Brignull
ddee374101 validate sarif against schema before uploading 2020-05-22 14:19:16 +01:00
Robert Brignull
0347b72305 replace jest with ava 2020-05-13 11:13:27 +01:00
Robert Brignull
256c63a715 Add and run removeNPMAbsolutePaths 2020-05-12 12:25:47 +01:00
dependabot[bot]
0cf8450c24 Bump @actions/http-client from 1.0.4 to 1.0.8 
Bumps [@actions/http-client](https://github.com/actions/http-client) from 1.0.4 to 1.0.8.
- [Release notes](https://github.com/actions/http-client/releases)
- [Changelog](https://github.com/actions/http-client/blob/master/RELEASES.md)
- [Commits](https://github.com/actions/http-client/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-04-29 18:03:56 +00:00
anaarmas
28ccc3db2d Initial commit (from f5274cbdce4ae7c9e4b937dcdf95ac70ae436d5f) 2020-04-28 17:23:37 +02:00