github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 09:10:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
5,909 Commits 297 Branches 500 Tags
v3.26.12
Commit Graph

5909 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Angela P Wen
c36620d31a Merge pull request #2529 from github/update-v3.26.12-c9a70ff45 
Merge main into releases/v3
v3.26.12 		2024-10-07 09:59:22 -07:00
github-actions[bot]
570aecb95f Update changelog for v3.26.12 2024-10-07 16:35:36 +00:00
Henry Mercer
c9a70ff45f Merge pull request #2526 from github/henrymercer/check-zstd-on-path 
Check zstd is on the path in addition to tar version
 2024-10-07 17:14:34 +01:00
github-actions[bot]
d65a17605a Rebuild 2024-10-07 09:28:04 +00:00
Henry Mercer
bf2e624d0b Update src/tar.ts 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2024-10-07 10:25:25 +01:00
Paolo Tranquilli
56d197570a Merge pull request #2489 from github/redsun82/rust 
Add basic Rust support for internal testing
 2024-10-07 09:39:54 +02:00
Andrew Eisenberg
7cf65a5b2e Merge pull request #2518 from github/dependabot/npm_and_yarn/npm-88156698cd 
Bump the npm group with 3 updates
 2024-10-04 15:35:27 -07:00
Andrew Eisenberg
8a56dd2e53 Update to @actions/core 1.11.1 2024-10-04 15:21:50 -07:00
Angela P Wen
1532671351 Update default bundle to 2.19.1 (#2519) 
* Update default bundle to codeql-bundle-v2.19.1

* Add changelog note

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
 2024-10-04 13:45:22 -07:00
Angela P Wen
64871a860c Merge branch 'main' into update-bundle/codeql-bundle-v2.19.1 2024-10-04 13:32:24 -07:00
Henry Mercer
057e1ecd3d Check zstd is on the path in addition to tar version 2024-10-04 19:20:21 +01:00
Andrew Eisenberg
46d955c51a Merge pull request #2415 from aeisenberg/aeisenberg/update-readme-1 
Update README with detailed information
 2024-10-04 10:21:25 -07:00
Henry Mercer
215ff9cf2e Merge pull request #2525 from github/henrymercer/fix-changelog-section 
Fix changelog note section
 2024-10-04 18:15:51 +01:00
Henry Mercer
6c8758fcd6 Fix changelog note section 
This went into the wrong place due to a semantic merge conflict
 2024-10-04 15:42:56 +01:00
Henry Mercer
76aafb9ddb Merge pull request #2520 from github/update-supported-enterprise-server-versions 
Update supported GitHub Enterprise Server versions
 2024-10-04 15:41:33 +01:00
Andrew Eisenberg
bed2a47f20 Update autobuild/action.yml 2024-10-03 18:32:01 -07:00
Andrew Eisenberg
3b143d4ee5 Update readme 2024-10-03 15:06:40 -07:00
Andrew Eisenberg
c768f67a10 Clean up README 
Restructured the change to the README. Instead of directly including the
descriptions of the language inputs, added links to the inputs for each
action.
 2024-10-03 13:52:33 -07:00
Andrew Eisenberg
873c91c4f7 Update README with detailed information 
Update `README.md` to include detailed information about inputs, workflow permissions, build modes, and actions.

* **Inputs**: Add a section on inputs, including the `config` option, `languages`, `queries`, `packs`, `db-location`, `ram`, `threads`, and `source-root`.
* **Workflow Permissions**: Add a section on workflow permissions required for the actions.
* **Build Modes**: Add a section explaining the different build modes available for the actions (`none`, `autobuild`, `manual`).
* **Actions**: Add a section describing the different actions (`init`, `autobuild`, `analyze`, `upload-sarif`, `resolve-environment`, `start-proxy`) and how to use them, with links to the relevant documentation on GitHub.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/github/codeql-action?shareId=XXXX-XXXX-XXXX-XXXX).
 2024-10-03 13:42:25 -07:00
Chuan-kai Lin
8b33300963 Merge pull request #2521 from github/cklin/run-git-command 
Misc cleanups on git command invocation
 2024-10-03 13:40:45 -07:00
Angela P Wen
15649f638c Mergeback v3.26.11 refs/heads/releases/v3 into main (#2523) 
* Update changelog for v3.26.11

* Update changelog and version after v3.26.11

* Update checked-in dependencies

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
 2024-10-03 13:18:38 -07:00
github-actions[bot]
a83506b7c8 Update checked-in dependencies 2024-10-03 20:02:50 +00:00
github-actions[bot]
495ca588a4 Update changelog and version after v3.26.11 2024-10-03 20:01:45 +00:00
Angela P Wen
6db8d6351f Merge pull request #2522 from github/update-v3.26.11-8aba5f2c4 
Merge main into releases/v3
v3.26.11 		2024-10-03 13:00:22 -07:00
github-actions[bot]
389647f398 Update changelog for v3.26.11 2024-10-03 19:41:19 +00:00
Chuan-kai Lin
d64cca4b60 Rename determineMergeBaseCommitOid() 
The name suggests that the function computes the merge base, which for
Git means specifically the best common ancestors between multiple
commits or branches (see `git merge-base`).

But what the function actually does is to calculate the HEAD commit of
the PR base branch, as derived from the PR merge commit that the action
analyzes. So even though the function has to do with "merge" and "base",
using the term "merge base" is still misleading at best.

This commit renames the function to determineBaseBranchHeadCommitOid(),
which more clearly indicates what the function does.
 2024-10-03 08:43:36 -07:00
Chuan-kai Lin
955d00143d Extract runGitCommand() 2024-10-03 08:29:52 -07:00
Henry Mercer
01007b8429 Fix new lines in update supported GHES versions PR 2024-10-03 11:49:16 +01:00
Henry Mercer
15f615c384 Add a deprecation warning for CodeQL <=2.14.5 2024-10-03 11:46:49 +01:00
github-actions[bot]
35de01e395 Update supported GitHub Enterprise Server versions 2024-10-03 00:14:22 +00:00
Angela P Wen
868284ba01 Merge branch 'main' into update-bundle/codeql-bundle-v2.19.1 2024-10-02 17:00:15 -07:00
github-actions[bot]
4beccf73ad Add changelog note 2024-10-02 23:58:17 +00:00
github-actions[bot]
08bec82e80 Update default bundle to codeql-bundle-v2.19.1 2024-10-02 23:58:14 +00:00
github-actions[bot]
f0c7f1d0c0 Update checked-in dependencies 2024-10-02 22:13:21 +00:00
dependabot[bot]
a66a5fe0e4 Bump the npm group with 3 updates 
Bumps the npm group with 3 updates: [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@actions/core` from 1.10.1 to 1.11.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Updates `@typescript-eslint/eslint-plugin` from 8.7.0 to 8.8.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.8.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.7.0 to 8.8.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.8.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-02 22:12:04 +00:00
Andrew Eisenberg
8aba5f2c42 Merge pull request #2516 from github/aeisenberg/dependabot-exclude 
Exclupde `eslint-plugin-import` updates from dependabot
 2024-10-02 15:10:17 -07:00
Andrew Eisenberg
ecac2c6d53 Exclupde eslint-plugin-import updates from dependabot 
See https://github.com/github/codeql-action/pull/2510 for reason why.
 2024-10-02 14:22:25 -07:00
Henry Mercer
e85017e674 Merge pull request #2514 from github/henrymercer/zstd-better-failure-logging 
Capture stderr from extracting Zstandard bundles
 2024-10-02 22:14:53 +01:00
Angela P Wen
a60db1d7ff Add notice for dependency upgrade timeline (#2513) 2024-10-02 17:35:52 +00:00
Henry Mercer
28db28fc03 Improve clean up if extraction fails 2024-10-02 15:45:55 +01:00
Henry Mercer
3da852e107 Capture stderr from extracting .tar.zst 2024-10-02 15:32:34 +01:00
Andrew Eisenberg
c4d433c562 Merge pull request #2510 from github/dependabot/npm_and_yarn/npm-13baf58ce8 
Bump the npm group with 3 updates
 2024-10-01 19:31:40 -07:00
Andrew Eisenberg
2f6cf481fd Undo eslint-plugin-import bump 
This package must stay at 2.29.1 until a version of the
package is released that supports eslint v9.
 2024-10-01 19:18:59 -07:00
Angela P Wen
3c13be0632 Add breaking change label to changenote (#2512) 2024-10-01 15:30:15 -07:00
Angela P Wen
a196a714b8 Bump artifact dependencies if CODEQL_ACTION_ARTIFACT_V2_UPGRADE enabled (#2482) 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2024-10-01 09:59:05 -07:00
Henry Mercer
1aa7f6f05d Refactor: Pull out generic tool invocation functionality 2024-10-01 14:39:04 +01:00
github-actions[bot]
931cd264c2 Update checked-in dependencies 2024-09-30 17:13:32 +00:00
dependabot[bot]
3fe5410805 Bump the npm group with 3 updates 
Bumps the npm group with 3 updates: [@octokit/types](https://github.com/octokit/types.ts), [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) and [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import).


Updates `@octokit/types` from 13.5.0 to 13.6.0
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](https://github.com/octokit/types.ts/compare/v13.5.0...v13.6.0)

Updates `@eslint/js` from 9.11.0 to 9.11.1
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.11.1/packages/js)

Updates `eslint-plugin-import` from 2.29.1 to 2.30.0
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases)
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md)
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.29.1...v2.30.0)

---
updated-dependencies:
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@eslint/js"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-30 17:12:23 +00:00
Henry Mercer
cf5b0a9041 Merge pull request #2508 from github/mergeback/v3.26.10-to-main-e2b3eafc 
Mergeback v3.26.10 refs/heads/releases/v3 into main
codeql-bundle-v2.19.1 		2024-09-30 14:31:45 +01:00
github-actions[bot]
5f2a79b975 Update checked-in dependencies 2024-09-30 13:06:38 +00:00