github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,797 Commits 297 Branches 500 Tags
v2.3.1
Commit Graph

3797 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Angela P Wen
8662eabe0e Merge pull request #1659 from github/update-v2.3.1-da583b07a 
* Update changelog and version after v2.3.0

* Update checked-in dependencies

* Throw full error for CLI bundle download (#1657)

* Add `workload_run_attempt` to analysis upload (#1658)

* Refactor status report upload logic

Previously we had duplicated the logic to check `GITHUB_RUN_ID`. We now call the `getWorkflowRunID()` method for the status report upload method, and move the logic for the run attempt to `getWorkflowRunAttempt()`

* Add `workflow_run_attempt` to analysis payload

* Stop allowing `undefined` run IDs and attempts

Because we already throw an error if the ID or attempt aren't numbers, we don't have to allow `undefined` values into the payload.

* Update changelog for v2.3.1

---------

Co-authored-by: github-actions[bot] <github-actions@github.com>
Co-authored-by: Chuan-kai Lin <cklin@github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
v2.3.1 		2023-04-26 13:42:37 -07:00
github-actions[bot]
1f2f707d99 Update changelog for v2.3.1 2023-04-26 20:16:15 +00:00
Angela P Wen
da583b07a7 Add workload_run_attempt to analysis upload (#1658) 
* Refactor status report upload logic

Previously we had duplicated the logic to check `GITHUB_RUN_ID`. We now call the `getWorkflowRunID()` method for the status report upload method, and move the logic for the run attempt to `getWorkflowRunAttempt()`

* Add `workflow_run_attempt` to analysis payload

* Stop allowing `undefined` run IDs and attempts

Because we already throw an error if the ID or attempt aren't numbers, we don't have to allow `undefined` values into the payload.
 2023-04-26 02:13:27 +00:00
Angela P Wen
a9648ea7c6 Throw full error for CLI bundle download (#1657) 2023-04-24 07:46:45 -07:00
Chuan-kai Lin
c5f3f016ae Merge pull request #1656 from github/mergeback/v2.3.0-to-main-b2c19fb9 
Mergeback v2.3.0 refs/heads/releases/v2 into main
 2023-04-21 12:43:38 -07:00
github-actions[bot]
90f053271e Update checked-in dependencies 2023-04-21 19:12:19 +00:00
github-actions[bot]
0f085f964c Update changelog and version after v2.3.0 2023-04-21 19:09:10 +00:00
Chuan-kai Lin
b2c19fb9a2 Merge pull request #1655 from github/update-v2.3.0-a8affb063 
Merge main into releases/v2
v2.3.0 		2023-04-21 12:07:18 -07:00
github-actions[bot]
b203f98343 Update changelog for v2.3.0 2023-04-21 18:24:50 +00:00
Chuan-kai Lin
a8affb0639 Merge pull request #1649 from github/cklin/codeql-cli-2.13.0 
Update default CodeQL bundle version to 2.13.0
 2023-04-20 07:39:38 -07:00
Henry Mercer
b8cc643a23 Merge branch 'main' into cklin/codeql-cli-2.13.0 2023-04-20 11:23:25 +01:00
Henry Mercer
7019a9c6fd Merge pull request #1618 from github/henrymercer/remove-legacy-tracing 
Remove legacy tracing
 2023-04-20 11:22:32 +01:00
Henry Mercer
66f62df188 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-19 15:56:42 +01:00
Henry Mercer
afdf30f311 Merge pull request #1652 from github/henrymercer/fix-bundle-version 
Fix the `bundleVersion` field set by the automated bundle update PR
 2023-04-18 21:04:26 +01:00
Henry Mercer
55a2e70992 Autoformat index.ts 2023-04-18 18:59:36 +01:00
Henry Mercer
1c2f282107 Fix bundle version 
It's the whole tag, we don't want to remove the `codeql-bundle-` prefix.
 2023-04-18 18:59:09 +01:00
dependabot[bot]
9a866ed452 Bump swift-actions/setup-swift in /.github/actions/setup-swift (#1650) 
Bumps [swift-actions/setup-swift](https://github.com/swift-actions/setup-swift) from 1.22.0 to 1.23.0.
- [Release notes](https://github.com/swift-actions/setup-swift/releases)
- [Commits](da0e3e04b5...65540b95f5)

---
updated-dependencies:
- dependency-name: swift-actions/setup-swift
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
codeql-bundle-20230418 		2023-04-17 19:16:10 +00:00
Chuan-kai Lin
7867d03591 Update default CodeQL bundle version to 2.13.0 2023-04-14 15:28:21 -07:00
Chuan-kai Lin
be2b53b5c7 Merge pull request #1648 from github/cklin/update-bundle-trigger 
Fix pre-release trigger for update-bundle action
 2023-04-14 15:11:42 -07:00
Chuan-kai Lin
ae24b75fca Fix pre-release trigger for update-bundle action 
This PR switches the update-bundle release trigger from `prereleased` to `published` because the former has been documented not to work.

From https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#release:

> Note: The prereleased type will not trigger for pre-releases published from draft releases, but the published type will trigger. If you want a workflow to run when stable and pre-releases publish, subscribe to published instead of released and prereleased.
 2023-04-14 14:50:37 -07:00
Henry Mercer
dc046388f3 Merge pull request #1647 from github/mergeback/v2.2.12-to-main-7df0ce34 
Mergeback v2.2.12 refs/heads/releases/v2 into main
codeql-bundle-20230414 		2023-04-13 17:23:16 +01:00
github-actions[bot]
b4fa971e40 Update checked-in dependencies 2023-04-13 15:50:19 +00:00
github-actions[bot]
7879209bb2 Update changelog and version after v2.2.12 2023-04-13 14:03:50 +00:00
Henry Mercer
7df0ce3489 Merge pull request #1646 from github/update-v2.2.12-d944b3423 
Merge main into releases/v2
v2.2.12 		2023-04-13 15:01:19 +01:00
github-actions[bot]
fbedecac34 Update changelog for v2.2.12 2023-04-13 11:35:13 +00:00
Henry Mercer
d944b3423d Merge pull request #1619 from github/henrymercer/default-setup-workflow 
Allow workflow to be passed via an environment variable for default setup
 2023-04-13 10:17:54 +01:00
Henry Mercer
e3210d8ce3 Add changelog note 2023-04-12 19:18:17 +01:00
Henry Mercer
599f4927f2 Allow passing the workflow via an environment variable 2023-04-12 14:14:43 +01:00
Henry Mercer
ed6c4995fc Merge pull request #1645 from github/henrymercer/remove-dependencies 
Remove unused dependencies
 2023-04-11 16:27:15 +01:00
Henry Mercer
c2b5d643fd Require xml2js >=0.5.0 to address CVE-2023-0842 2023-04-11 13:33:36 +01:00
Henry Mercer
8a093aa1a5 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-11 12:25:45 +01:00
Henry Mercer
9c13316a15 Remove unused dependencies 2023-04-11 12:17:38 +01:00
Angela P Wen
98f7bbd610 Add workflow_run_attempt data to status report (#1640) 2023-04-10 20:02:23 +00:00
dependabot[bot]
d7b9dcdb85 Bump peter-evans/create-pull-request from 4.2.4 to 5.0.0 (#1643) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4.2.4 to 5.0.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](38e0b6e68b...5b4a9f6a9e)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-10 11:27:05 -07:00
Henry Mercer
988e1bc941 Merge pull request #1639 from github/mergeback/v2.2.11-to-main-d186a2a3 
Mergeback v2.2.11 refs/heads/releases/v2 into main
 2023-04-06 19:20:52 +01:00
github-actions[bot]
e12fed6a79 Update checked-in dependencies 2023-04-06 17:58:48 +00:00
github-actions[bot]
ca89579b06 Update changelog and version after v2.2.11 2023-04-06 17:31:29 +00:00
Henry Mercer
d186a2a36c Merge pull request #1638 from github/update-v2.2.11-518b24fea 
Merge main into releases/v2
v2.2.11 		2023-04-06 18:29:23 +01:00
github-actions[bot]
748f83eaab Update changelog for v2.2.11 2023-04-06 17:08:10 +00:00
Henry Mercer
518b24fea4 Merge pull request #1637 from github/henrymercer/fix-init-exception-reporting 
Report exceptions to telemetry in init Action
 2023-04-06 17:57:29 +01:00
Henry Mercer
69371ffa95 Merge branch 'main' into henrymercer/fix-init-exception-reporting 2023-04-06 17:05:02 +01:00
Henry Mercer
e5c2f32a9f Consistently wrap errors 2023-04-06 17:04:21 +01:00
Henry Mercer
c28edf06a1 Merge pull request #1636 from github/henrymercer/re-enable-duplicate-sarif-workaround 
Re-enable duplicate SARIF notification location workaround
 2023-04-06 16:45:06 +01:00
Henry Mercer
555b602b2f Report exceptions to telemetry in init Action 2023-04-06 15:08:48 +01:00
Henry Mercer
7193623f40 Re-enable duplicate SARIF notification location workaround 2023-04-06 14:48:04 +01:00
Henry Mercer
2058418de9 Don't expect Swift baseline info on Windows 2023-04-05 20:41:23 +01:00
Henry Mercer
5da64f56c0 Set up Swift in unset environment workflow 2023-04-05 20:27:02 +01:00
Henry Mercer
322cea6439 Set up Swift in local bundle workflow 2023-04-05 19:31:20 +01:00
Henry Mercer
f7a67e4341 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-05 18:39:27 +01:00
Alexander Eyers-Taylor
f32426ba96 Merge pull request #1635 from github/mergeback/v2.2.10-to-main-8c8d71dd 
Mergeback v2.2.10 refs/heads/releases/v2 into main
 2023-04-05 18:13:33 +01:00