github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,488 Commits 297 Branches 500 Tags
v1.0.5
Commit Graph

72 Commits

Author SHA1 Message Date
Edoardo Pirovano
ef852c006a Support splitting of DB creation and query execution 2021-06-28 17:14:22 +01:00
Andrew Eisenberg
4087f37d90 Add extra integration test for packaging 
Also, update the options and inputs documentation.
 2021-06-25 10:07:51 -07:00
Andrew Eisenberg
6e577cfca3 Add new packs input to init action 
This input allows users to specify which packs to run. It works in
unison with the packs block of the config file and it is similar to
how `queries` works. They both use `+` in the same way.

Note that the `#TODO` in the pr check is still around, but the CLI
is available. I will remove the TODO in the next commit.
 2021-06-23 16:08:35 -07:00
Andrew Eisenberg
3708898bf2 Add environment variables to signal feature and version to the CLI 
This PR ensures environment variables are set before any invocation of
the CLI.  Here is a list of vars that are set:

https://github.com/github/codeql-coreql-team/issues/1124#issuecomment-852463521

This ensures the CLI knows the features and versions of the containing
actions/runner.

Additionally:

- Fix the user agent so that it more closely aligns with user agent
  spec
- Refactor environment variable initialization so that it all happens in
  one place and call.
- Move Mode, getRequiredEnvParam, setMode, getMode out of actions-util
  and into util. actions-util is meant for utils only called by the
  action, not the runner.

The `prepareLocalRunEnvironment()` method is most likely deprecated and
should be removed. I originally added it because I had a way of working
where I would run the action from my local machine to test out changes,
but this was always a little flaky. So, I no longer use this way of
working. I will probably remove it soon.
 2021-06-02 11:06:02 -07:00
Andrew Eisenberg
539d968ad7 Use commander preAction hook for setMode 
Hooks are new to commander v8. We can use hooks to ensure that `setMode`
is called before every command is invoked.
 2021-06-01 11:17:49 -07:00
Andrew Eisenberg
1a4cdd35b9 Use the version from package.json in the runner 2021-05-31 09:35:13 -07:00
Andrew Eisenberg
47588796b4 Send the version and mode with the user agent 
This commit changes the way the action determines if running in action
or runner mode. There is now an environment variable that is set at the
beginning of the process and elsewhere in the process, we can check to
see if the variable is set.
 2021-05-31 09:03:29 -07:00
Edoardo Pirovano
79c79f1be5 Add configuration option to set CodeQL DB location 2021-05-18 00:13:36 +01:00
David Verdeguer
ea18d47a2b Merge branch 'main' into daverlo/categoryInput 2021-05-10 14:54:09 +02:00
Henning Makholm
e7e64d59be fix value escaping in codeql-env.sh 2021-05-05 19:57:44 +02:00
David Verdeguer
aa53f64b85 Use the category on the runner 2021-05-03 19:58:30 +02:00
David Verdeguer
c93cbc943a Forward category input to codeql cli 2021-05-03 19:41:53 +02:00
David Verdeguer
c6e734ccc5 Add category option to runner 2021-04-29 14:59:36 +02:00
Robert
8c91ba83e2 Introduce our own toolcache implementation for use by the runnner 2021-04-22 15:31:15 +01:00
Andrew Eisenberg
c87ee1c65a [Runner] Throw error on unknown option in init command 
And explicitly document the advanced --trace-process-name and
--trace-process-level args.
 2021-04-16 12:09:26 -07:00
Josh Soref
c4fced7348 Fix spelling errors 
spelling: executable
spelling: github
spelling: javascript
spelling: latest
spelling: occurred
spelling: parameter

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2021-03-18 09:40:47 -07:00
Robert
378f30f95d call setupActionsVars in the tests too 2021-03-16 13:43:28 +00:00
Robert
d698cb3d2b Make unguarded-action-lib better at ignoring uses of toolcache 2021-03-16 13:14:17 +00:00
Chris Gavin
bb51ece0b4 When downloading the CodeQL bundle, only use the GitHub AE endpoint on GitHub AE, and check it first. 2021-03-07 11:18:54 +00:00
Robert
a2653534db set externalRepoAuth 2021-02-17 08:30:35 -08:00
Andrew Eisenberg
58defc0652 Remove --external-repository-token option from runner 
Specifying a token as a cli input leads to a potential for leaking the
token on CI logs. This commit removes the option. Instead, users
should specify a single GitHub token through `--github-auth-stdin` or
by setting the `GITHUB_TOKEN` environment variable. This token should be
created with enough privileges to access the required repository.
 2021-02-16 11:28:25 -08:00
Andrew Eisenberg
88714e3a60 Add capability to specify auth from env var or stdin 
This commit adds two new ways of specifying GitHub auth:

1. from the GITHUB_TOKEN environment variable
2. from standard input

This commit does not include any documentation changes and the
descriptions of new command line options will need to be tweaked.
 2021-02-16 11:26:39 -08:00
Robert
cb574a7d60 only insert external repos token if supplied 2021-01-19 15:42:57 +00:00
Robert
90d1a31dd4 Introduce external repository token 2021-01-12 12:07:03 +00:00
Sam Partington
c7275a75ce Don't re-retrieve GitHub version when already have it 
54e0c67332 (r45693026)
54e0c67332 (r45693030)
 2021-01-06 11:40:16 +00:00
Sam Partington
54e0c67332 Revert "Retrieve GitHubVersion when used rather than passing around" 
This reverts commit 6de1b753c2.

https://github.com/github/codeql-action/pull/323#discussion_r551960301
 2021-01-06 11:06:01 +00:00
Sam Partington
6de1b753c2 Retrieve GitHubVersion when used rather than passing around 2020-12-22 11:49:42 +00:00
Sam Partington
82a8fa443e Merge branch 'main' into split-upload-method 2020-12-22 11:23:49 +00:00
Robin Neatherway
dff118f7ad Use version information to construct payload 2020-11-30 16:45:18 +00:00
Sam Partington
ff28c8d403 Move uploading side-effect out of runAnalyze 
https://github.com/github/codeql-action/pull/323#discussion_r530978010
 2020-11-27 12:27:10 +00:00
Robert
81a21bfa1e Request meta endpoint at the start of execution 2020-11-26 17:54:46 +00:00
Sam Partington
57514f31db Split upload method into two mode-specific ones 2020-11-26 11:50:57 +00:00
Sam Partington
3ee4739b13 Make anonymous objects into variables for readability 2020-11-24 11:23:53 +00:00
Sam Partington
20567b5888 Introduce parameter object for API params that travel together 2020-11-23 14:39:01 +00:00
Eric Cornelissen
5416d4f3b5 Run npm run build 2020-11-20 11:35:59 +01:00
Robert
0d960df08a Merge branch 'main' into robertbrignull/tools_version 2020-11-18 11:25:46 +00:00
Robert
3f2a7abc7b change voicing 2020-11-13 15:04:54 +00:00
Robert
4d8912d269 Don't use the word "trace" in log messages 2020-11-13 12:01:07 +00:00
Robert
80b43ca9d3 send action ref and tool version in status reports 2020-11-12 12:27:31 +00:00
Chris Gavin
1220ae5bfd Log a warning if the API version is not supported. 2020-10-30 12:20:06 +00:00
Robert Brignull
28a5b954e7 Merge branch 'main' into robertbrignull/subdomain 2020-10-05 13:36:12 +01:00
Chris Raynor
122c9b7f24 Switching to import/order instead of sort-imports 2020-10-01 11:03:46 +01:00
Chris Raynor
228546a1e5 Resolve violations of sort-imports lint 
Resolves #206
 2020-09-29 14:43:37 +01:00
Robert Brignull
c4dc1b0438 Make URL parsing more robust 2020-09-28 18:39:56 +01:00
Michael Huynh
4666a0eed0 Resolve violations of github/array-foreach lint 
Resolves #199
 2020-09-20 17:41:27 +08:00
Robert Brignull
89dad149ed Replace all occurrences 2020-09-14 18:13:33 +01:00
Chris Raynor
a184d50a26 Running lint-fix 2020-09-14 10:44:43 +01:00
Nick Fyson
77f767cb34 add optional workflow input to specify whether snippets are added to sarif output 2020-09-10 18:26:58 +01:00
Robert Brignull
212f4484d3 Merge branch 'main' into windows_tracing 2020-09-07 17:08:59 +01:00
Robert Brignull
c68937100c Merge branch 'main' into windows_message 2020-09-07 16:01:09 +01:00