* Update changelog and version after v2.1.26
* Update checked-in dependencies
* Don't check for Go logs on failure (#1279)
* Update supported GitHub Enterprise Server versions. (#1275)
Co-authored-by: GitHub <noreply@github.com>
* TRAP Caching: Add timeouts to upload/download operations
* Add logging statements declaring state of the cli_config_file_enabled
It's possible to determine this otherwise, but this makes it easier to
spot.
* Avoid using single value as array
The user config parser in the CLI doesn't yet support it.
* Extract logging statements to separate function
* Correctly report CodeQL version when using cache (#1259)
* Correctly report CodeQL version when using cache
* Add JS generated files
* Add test for return value of `setupCodeQL`
* Fill in missing return value comment
* Convert "Invalid source root" errors to UserErrors
* Add changelog note for Go extraction reconciliation (#1286)
* Add changelog note for Go extraction reconciliation
* Update CHANGELOG.md
Co-authored-by: Henry Mercer <henrymercer@github.com>
* Update CHANGELOG.md
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
* Tweaks from PR review
Co-authored-by: Henry Mercer <henrymercer@github.com>
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
* Update changelog for v2.1.27
Co-authored-by: github-actions[bot] <github-actions@github.com>
Co-authored-by: Chuan-kai Lin <cklin@github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: GitHub <noreply@github.com>
Co-authored-by: Edoardo Pirovano <edoardo.pirovano@gmail.com>
Co-authored-by: Edoardo Pirovano <6748066+edoardopirovano@users.noreply.github.com>
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
Co-authored-by: Henry Mercer <henrymercer@github.com>
`toolcache.extractTar` currently falls over when `ACTIONS_TEMP` contains
a symlink, and the runner no longer exists, so it's unlikely our
customers would be running with temporary directories that contain
symlinks.
This commit adds the packs and queries from the actions input to the
config file used by the CodeQL CLI.
When the `+` is used, the actions input value is combined with the
config value and when it is not used, the input value overrides the
config value.
This commit also adds a bunch of integration tests for this feature.
In order to avoid adding too many new jobs, all of the tests are
run sequentially in a single job (matrixed across relevant operating
systems and OSes).
This change adds a `query-filters` property to the codeql-config file.
This property is an array of `exclude`/`include` entries for a query
suite. These filters are appended to the generated query suite files
and used to filter queries after they are selected.
A related change is that now, all pack references are run in a single
query suite, which has the query filters appended to them.
We now limit the cardinality of the ML-powered JS queries status report
field server-side. With no need for a limit on the cardinality of the
status report client-side, we can simplify how we produce it.
This commit adds a `UserError` class that should be thrown when the
cause of an error is fundamentally from user configuration.
When sending status reports, avoid sending a `failure` for `UserError`s.
This will prevent our diagnostics from pinging us for errors outside of
our control.
Some platforms that ingest this status report charge based on the
cardinality of the fields, so here we restrict the version strings we
support to a fixed set.
Turboscan only allows a single combination of tool name and automation
details id for testing category uniqueness.
Previously, the check in the action was not entirely correct since it
only looked at the _category_ and not the combination of the category
and the tool name.
It's even more precise now since it is looking at the actual, computed
value of the automation details id, rather than an inputted value of
the category.
This change also includes a refactoring where the action is now avoiding
multiple parsing/stringifying of the sarif files. Instead, sarif is
parsed once at the start of the process and stringified once, after
sarif processing is completely finished.
