github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-25 16:50:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,669 Commits 297 Branches 500 Tags
v2.2.7
Commit Graph

3669 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Henry Mercer
168b99b3c2 Merge pull request #1581 from github/update-v2.2.7-433fe88bf 
Merge main into releases/v2
v2.2.7 		2023-03-15 11:42:20 +00:00
github-actions[bot]
bc7318da91 Update changelog for v2.2.7 2023-03-15 10:39:32 +00:00
Andrew Eisenberg
433fe88bf3 Merge pull request #1579 from github/aeisenberg/no-upload-database 
Avoid uploading databases after integration tests
 2023-03-14 15:39:16 -07:00
Andrew Eisenberg
c208575433 Avoid uploading databases after integration tests 
We are still getting coverage of the upload capability through the
standard codeql analysis workflow.
 2023-03-14 14:55:58 -07:00
Henry Mercer
b8ea587211 Merge pull request #1578 from github/henrymercer/fix-circular-dependency 
Fix a circular dependency that led a minimum version to be `undefined`
 2023-03-14 21:31:47 +00:00
Henry Mercer
65f42e3768 Inline minimum version number to avoid circular dependency 2023-03-14 21:04:34 +00:00
Henry Mercer
d9ceda3823 Add debug logging for feature flag enablement 2023-03-14 20:57:55 +00:00
dependabot[bot]
19f00dc212 Bump @ava/typescript from 3.0.1 to 4.0.0 (#1576) 
* Bump @ava/typescript from 3.0.1 to 4.0.0

Bumps [@ava/typescript](https://github.com/avajs/typescript) from 3.0.1 to 4.0.0.
- [Release notes](https://github.com/avajs/typescript/releases)
- [Commits](https://github.com/avajs/typescript/compare/v3.0.1...v4.0.0)

---
updated-dependencies:
- dependency-name: "@ava/typescript"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update checked-in dependencies

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions@github.com>
 2023-03-13 14:10:40 -07:00
Henry Mercer
ec298233c1 Merge pull request #1565 from github/henrymercer/diagnostics-code-scanning-config 
Export configuration information to SARIF
 2023-03-13 16:44:23 +00:00
Henry Mercer
a92a14621b Prefer core.info to console.log 2023-03-13 12:45:15 +00:00
Dave Bartolomeo
204eadab9d Merge pull request #1571 from github/mergeback/v2.2.6-to-main-16964e90 
Mergeback v2.2.6 refs/heads/releases/v2 into main
 2023-03-12 10:03:48 -04:00
github-actions[bot]
0e50a19ce3 Update checked-in dependencies 2023-03-12 13:39:54 +00:00
github-actions[bot]
4775eab92e Update changelog and version after v2.2.6 2023-03-10 18:11:39 +00:00
Dave Bartolomeo
16964e90ba Merge pull request #1570 from github/update-v2.2.6-e12a2ecd4 
Merge main into releases/v2
v2.2.6 		2023-03-10 13:08:52 -05:00
github-actions[bot]
74cbab4958 Update changelog for v2.2.6 2023-03-10 15:48:11 +00:00
Henry Mercer
b36480d849 Specify SARIF path via env variable 2023-03-09 19:24:49 +00:00
Henry Mercer
53f80edaf6 Merge branch 'main' into henrymercer/diagnostics-code-scanning-config 2023-03-09 18:47:43 +00:00
Henry Mercer
b31d983f22 Add PR check 2023-03-09 18:37:44 +00:00
Henry Mercer
485cc11a24 Rename featureEnablement to features 
This is more succinct and removes a few line breaks
 2023-03-09 16:46:51 +00:00
Henry Mercer
fc1366f6ec Gate config export behind a feature flag 2023-03-09 16:44:45 +00:00
Dave Bartolomeo
e12a2ecd45 Merge pull request #1561 from github/dbartol/bundle-2.12.4 
Update bundle to 2.12.4
 2023-03-09 10:22:39 -05:00
Dave Bartolomeo
d47d4c8047 Merge branch 'main' into dbartol/bundle-2.12.4 2023-03-09 09:45:34 -05:00
Andrew Eisenberg
f13b180fb8 Merge pull request #1567 from github/aeisenberg/config-parsing-ghes 
Add default values to feature flags
 2023-03-08 09:44:44 -08:00
Angela P Wen
a3cf96418e Add security-experimental to codeql-config.yml (#1566) 2023-03-08 08:39:00 -08:00
Andrew Eisenberg
0c27d0da4a Add default values to feature flags 
This changes adds default values to feature flags. These default values
will be used whenever the full set of feature flags are not available
(for example on GHES or if the flag request fails).

The goal is to enable cli config parsing on GHES without removing the
feature flag on dotcom.
 2023-03-07 16:24:55 -08:00
Henry Mercer
4b1f530308 Export configuration information for green runs 2023-03-07 21:22:43 +00:00
Henry Mercer
d98eadb536 Export configuration information for red runs 2023-03-07 21:21:47 +00:00
Andrew Eisenberg
e4b846c482 Merge pull request #1564 from github/aeisenberg/qlconfig-file 
Fix --qlconfig-file option
 2023-03-07 13:15:20 -08:00
Henry Mercer
c310f094dd Fix name of qlconfig file argument 2023-03-07 08:46:58 -08:00
Henry Mercer
4366485427 Avoid passing an undefined qlconfig arg 2023-03-07 08:46:57 -08:00
Henry Mercer
8340258886 Avoid writing user-config.yaml file while running tests 2023-03-07 08:46:57 -08:00
Henry Mercer
6ef6e50882 Merge pull request #1563 from github/dependabot/npm_and_yarn/glob-9.2.1 
Bump glob from 8.0.1 to 9.2.1
 2023-03-06 17:02:10 +00:00
Henry Mercer
eb40427b00 Fix name of qlconfig file argument 2023-03-06 10:48:14 +00:00
github-actions[bot]
7806af3040 Update checked-in dependencies 2023-03-06 10:44:50 +00:00
dependabot[bot]
abf1cea835 Bump glob from 8.0.1 to 9.2.1 
Bumps [glob](https://github.com/isaacs/node-glob) from 8.0.1 to 9.2.1.
- [Release notes](https://github.com/isaacs/node-glob/releases)
- [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md)
- [Commits](https://github.com/isaacs/node-glob/compare/v8.0.1...v9.2.1)

---
updated-dependencies:
- dependency-name: glob
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-06 10:36:27 +00:00
Henry Mercer
e5ade42937 Merge branch 'main' into dbartol/bundle-2.12.4 2023-03-06 10:33:06 +00:00
Angela P Wen
6f079be771 Bump setup-swift and re-configure dependabot (#1560) 
* Update `setup-swift` to v1.22.0

* Configure dependabot to scan `setup-swift` dir

* Add reminder to manually update the SHA in CLI test

* Add comment on new Dependabot directory
 2023-03-06 10:32:10 +00:00
Henry Mercer
100bd7bbef Avoid passing an undefined qlconfig arg 2023-03-06 10:26:34 +00:00
Henry Mercer
a6d3a44519 Avoid writing user-config.yaml file while running tests 2023-03-06 10:23:28 +00:00
Dave Bartolomeo
5e4af3a25d Update bundle to 2.12.4 2023-03-05 20:52:06 -05:00
Dave Bartolomeo
e812e63bb6 Update bundle to 2.12.4 2023-03-05 20:50:59 -05:00
Andrew Eisenberg
a589d4087e Merge pull request #1527 from github/aeisenberg/qlconfig-in-cli 
Ensure qlconfig file is created when config parsing in cli is on
codeql-bundle-20230304 		2023-02-27 10:26:08 -08:00
Andrew Eisenberg
98d24e5629 Address comments from PR 2023-02-27 09:59:16 -08:00
Henry Mercer
903be79953 Merge pull request #1548 from github/mergeback/v2.2.5-to-main-32dc4993 
Mergeback v2.2.5 refs/heads/releases/v2 into main
 2023-02-27 11:02:00 +00:00
github-actions[bot]
18ff14b615 Update checked-in dependencies 2023-02-27 09:35:51 +00:00
Henry Mercer
36a249f5ae Merge branch 'main' into mergeback/v2.2.5-to-main-32dc4993 2023-02-27 09:33:05 +00:00
Henry Mercer
041757fc59 Merge pull request #1549 from github/henrymercer/fix-update-dependencies 
Fix workflow to update dependencies
 2023-02-27 09:11:46 +00:00
Andrew Eisenberg
8f19113f88 Merge branch 'main' into aeisenberg/qlconfig-in-cli 2023-02-26 18:35:21 -08:00
Henry Mercer
cf1855ae37 Fix workflow to update dependencies 
Port over the fix from
https://github.com/github/codeql-action/pull/1544
and share code so these scripts don't get out of sync again.
 2023-02-24 20:25:21 +00:00
github-actions[bot]
652709d1b9 Update changelog and version after v2.2.5 2023-02-24 19:28:26 +00:00