github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,748 Commits 297 Branches 500 Tags
v2.2.11
Commit Graph

1399 Commits

Author SHA1 Message Date
Henry Mercer
e09fbf5b4a Demote upload failed SARIF run info statements to debug 
We now report errors via telemetry, and this feature will shortly be
enabled by default.
 2022-12-21 11:41:36 +00:00
Henry Mercer
e9ff99b027 Improve error message when workflow file doesn't exist 2022-12-21 11:40:31 +00:00
Henry Mercer
8b9e982393 Add a better log message for reusable workflow calls 2022-12-21 11:40:31 +00:00
Henry Mercer
8d1e008ecb Check for successful completion rather than SARIF upload 
This doesn’t affect the overall behaviour, but means we can
short-circuit slightly more quickly when `analyze` is passed
`upload: false`.
 2022-12-21 11:40:31 +00:00
Orhan Toy
d58039a1e3 Merge pull request #1435 from github/orhantoy/add-CODE_SCANNING_REF-tests 
Add tests for CODE_SCANNING_REF
 2022-12-13 23:10:53 +01:00
Orhan Toy
b7028afcb4 Make sure env is reset between tests 2022-12-13 12:18:40 +00:00
Henry Mercer
f629dada4c Merge branch 'main' into henrymercer/use-codeql-2.11.6 2022-12-13 12:15:58 +00:00
Orhan Toy
ccee4c68ff Add tests for CODE_SCANNING_REF 2022-12-13 11:51:16 +00:00
Henry Mercer
899bf9c076 Merge pull request #1432 from github/henrymercer/init-post-telemetry 
Add telemetry for uploading failed runs
 2022-12-12 18:45:41 +00:00
Henry Mercer
dd7c3ef80e Remove debugging log statements 2022-12-12 17:59:20 +00:00
Henry Mercer
b7b875efff Reuse existing fields in post-init status report 2022-12-12 17:54:33 +00:00
nickfyson
54d25f56dd use .has for searchParams instead of checking for undefined 2022-12-12 16:03:07 +00:00
nickfyson
d827cf3d65 remove use of query-string package 2022-12-12 14:50:10 +00:00
Henry Mercer
5aced81848 Update bundle version to codeql-bundle-20221211 2022-12-12 13:10:58 +00:00
Henry Mercer
118e294bb9 Record the stack trace if applicable 2022-12-09 10:35:28 +00:00
Henry Mercer
dc9c1c1a51 Add regression test for upload: false 2022-12-09 10:35:28 +00:00
Henry Mercer
a409f43c7a Handle non-string with inputs 2022-12-09 10:35:28 +00:00
Henry Mercer
e67ad6aaed Add telemetry for uploading failed runs 2022-12-09 10:35:19 +00:00
Chuan-kai Lin
c51babb6c6 Merge branch 'main' into cklin/codeql-cli-2.11.5 2022-12-07 08:33:58 -08:00
Henry Mercer
79166d0788 Merge pull request #1420 from github/henrymercer/failed-runs-fix-action-not-found 
Fix failed SARIF upload behavior when the workflow doesn't call the CodeQL Action
 2022-12-07 08:48:11 +00:00
Henry Mercer
384a214d60 Allow testing workflow parsing functionality from PR checks 2022-12-06 18:37:25 +00:00
Henry Mercer
697ed97fa5 Factor out some code in post-init tests 2022-12-06 18:23:55 +00:00
Henry Mercer
2207a72006 Downgrade log severity when we can't upload a failed SARIF file 
This isn't severe enough to appear on the Actions summary.
 2022-12-06 18:18:07 +00:00
Henry Mercer
4623c8edb6 Make getInputOrThrow throw when it can't find any calls to the Action 
This created unexpected behavior with a workflow calling
`codeql-action/analyze` locally.
Therefore, be more conservative with parsing inputs from workflows and
refuse to parse jobs that don't call the specified Action exactly once.
 2022-12-06 18:13:47 +00:00
Henry Mercer
9085295c40 Add regression test 2022-12-06 17:59:14 +00:00
Henry Mercer
2cbc140ac5 Enable file baseline export by default 
This is now fully rolled out.
 2022-12-05 14:10:06 +00:00
Chuan-kai Lin
1e5919b22d Bump default CodeQL version to 2.11.5 2022-12-02 07:38:17 -08:00
Henry Mercer
375dacad24 Only print the full error message in debug mode 2022-12-02 14:38:40 +00:00
Henry Mercer
e0ff272230 Merge branch 'main' into henrymercer/report-failed-runs 2022-12-02 14:31:22 +00:00
Angela P Wen
aa0e650c6a Surface fatal CLI errors in interpret-results and run-queries (#1407) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-12-02 14:05:21 +01:00
Henry Mercer
98b2ddc7f9 Merge branch 'main' into henrymercer/report-failed-runs 2022-12-01 18:27:32 +00:00
Henry Mercer
0d9b15ca93 Merge pull request #1392 from github/henrymercer/parse-category 
Add functionality for parsing Action inputs from a workflow file
 2022-12-01 18:26:03 +00:00
Angela P Wen
9af9a11da8 Stop running fallback Go autobuild if database is finalized (#1405) 2022-12-01 11:29:03 +01:00
Henry Mercer
3d90c4f911 Improve error message when failed SARIF file doesn't process as expected 2022-11-30 11:27:03 +00:00
Andrew Eisenberg
1384ce4ab3 Fixes spurious error messages in tests 
Previously, `isAnalyzingDefaultBranch` was failing because there are
some missing env vars: `GITHUB_SHA`, `GITHUB_REF`, and
`GITHUB_EVENT_PATH`. Also, `checkout_path` is missing as an input.

Rather than trying to set them to mock values, which would require
setting the paths to existing paths in the file system, I chose to stub
the entire function. I think this is fine since the point of the test
is to check the ram and threads values, not testing the
`isAnalyzingDefaultBranch` function.
 2022-11-29 10:53:11 -08:00
Henry Mercer
58b2ab08a8 Add unit test for typical workflow 2022-11-29 17:03:01 +00:00
Henry Mercer
e0dec83cfc Explicitly mention surrounding by try/catch in JSDoc 2022-11-29 16:29:27 +00:00
Henry Mercer
00a3c456fb Always wait for processing when uploading a failed SARIF file 2022-11-29 16:27:04 +00:00
Henry Mercer
e628ee0ae1 Push unsuccessful execution API error detection into upload library 2022-11-29 16:25:29 +00:00
Henry Mercer
605b23d10b Explicitly suggest wrapping in a try/catch block 2022-11-29 15:48:54 +00:00
Henry Mercer
d0517be03a Ensure we finish the log group when waiting for processing 2022-11-25 17:55:01 +00:00
Henry Mercer
37b4358e44 Handle API versions that reject unsuccessful executions 2022-11-25 17:55:00 +00:00
Henry Mercer
122b180b66 Add an integration test for uploading SARIF when the run fails 2022-11-25 17:54:22 +00:00
Henry Mercer
8337c2be0f Only upload failed SARIF if the run failed 2022-11-25 17:53:32 +00:00
Henry Mercer
5296a763b1 Upload failed SARIF files to Code Scanning 2022-11-25 17:52:50 +00:00
Henry Mercer
3afc2b194c Add feature flag for uploading failed SARIF 2022-11-25 17:49:03 +00:00
Henry Mercer
3cf2a1ba2e Add function for retrieving the "upload" input 2022-11-25 17:49:01 +00:00
Henry Mercer
9de6c31571 Log matrix input 2022-11-25 17:47:21 +00:00
Henry Mercer
e2338066a1 Add diagnostics export command 2022-11-25 17:47:21 +00:00
Henry Mercer
8f05fcd048 Filter set of possible Action inputs to those from a particular job 
This better handles cases where customers have a monorepo and have
separate jobs for different components.
 2022-11-25 17:40:27 +00:00