github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-26 09:10:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
5,928 Commits 297 Branches 500 Tags
v3.26.13
Commit Graph

5928 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
yoff
f779452ac5 Merge pull request #2539 from github/update-v3.26.13-0c3e00641 
Merge main into releases/v3
v3.26.13 		2024-10-14 13:05:26 +02:00
yoff
532932479b Update CHANGELOG.md 2024-10-14 12:44:04 +02:00
github-actions[bot]
007ba25648 Update changelog for v3.26.13 2024-10-11 15:20:22 +00:00
yoff
0c3e006416 Merge pull request #2536 from yoff/python/ff-std-lib-extraction 
Python: Handle new default for standard library extraction
 2024-10-11 15:35:21 +02:00
Henry Mercer
38469af228 Merge pull request #2537 from github/henrymercer/no-zstd-windows 
Don't use Zstandard bundles on Windows
 2024-10-10 19:53:35 +01:00
Henry Mercer
5b6984ee4d Assert that Windows downloads gzip 2024-10-10 19:40:37 +01:00
Henry Mercer
eefb943f7e Don't use Zstandard bundles on Windows 
In testing, gzip performs better than Zstandard on Windows.
 2024-10-10 19:24:32 +01:00
Rasmus Lerchedahl Petersen
201e02efe2 rebuild the action 2024-10-09 22:24:40 +02:00
Rasmus Lerchedahl Petersen
ce5f900bfc formatting 2024-10-09 17:14:00 +02:00
Rasmus Lerchedahl Petersen
65dd816de1 remove unused import 2024-10-09 17:14:00 +02:00
Rasmus Lerchedahl Petersen
502028f6bc Python: absolute basics 
probably still need to route some values around
 2024-10-09 17:14:00 +02:00
Angela P Wen
9d1e406cd6 Merge pull request #2535 from github/angelapwen/update-artifacts-tests 
PR Checks: update artifacts tests
 2024-10-08 14:42:47 -07:00
Angela P Wen
dafc7dd67c PR Checks: update artifacts tests 
We are planning to make the default behavior of the `CODEQL_ACTION_ARTIFACT_V4_UPGRADE` feature flag to be true. This change updates our debug artifact PR checks so that the relevant environment variable is set to `true`, and changes the `debug-artifacts-upgrade` test to `debug-artifacts-legacy` test.
 2024-10-08 13:50:31 -07:00
Henry Mercer
f31ce56e77 Merge pull request #2534 from github/dependabot/npm_and_yarn/npm-817911fdd4 
Bump the npm group across 1 directory with 4 updates
 2024-10-08 17:58:21 +01:00
github-actions[bot]
422a2796f6 Update checked-in dependencies 2024-10-08 14:51:10 +00:00
dependabot[bot]
47dd08d5fa Bump the npm group across 1 directory with 4 updates 
Bumps the npm group with 4 updates in the / directory: [@octokit/types](https://github.com/octokit/types.ts), [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@octokit/types` from 13.6.0 to 13.6.1
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](https://github.com/octokit/types.ts/compare/v13.6.0...v13.6.1)

Updates `@eslint/js` from 9.11.1 to 9.12.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/commits/v9.12.0/packages/js)

Updates `@typescript-eslint/eslint-plugin` from 8.8.0 to 8.8.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.8.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.8.0 to 8.8.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.8.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@eslint/js"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-08 14:50:04 +00:00
Angela P Wen
572cc5268d Mergeback v3.26.12 refs/heads/releases/v3 into main (#2530) 
* Update changelog for v3.26.12

* Update changelog and version after v3.26.12

* Update checked-in dependencies

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
 2024-10-07 10:17:37 -07:00
github-actions[bot]
690a986f16 Update checked-in dependencies 2024-10-07 17:01:58 +00:00
github-actions[bot]
c0098c850a Update changelog and version after v3.26.12 2024-10-07 17:00:44 +00:00
Angela P Wen
c36620d31a Merge pull request #2529 from github/update-v3.26.12-c9a70ff45 
Merge main into releases/v3
v3.26.12 		2024-10-07 09:59:22 -07:00
github-actions[bot]
570aecb95f Update changelog for v3.26.12 2024-10-07 16:35:36 +00:00
Henry Mercer
c9a70ff45f Merge pull request #2526 from github/henrymercer/check-zstd-on-path 
Check zstd is on the path in addition to tar version
 2024-10-07 17:14:34 +01:00
github-actions[bot]
d65a17605a Rebuild 2024-10-07 09:28:04 +00:00
Henry Mercer
bf2e624d0b Update src/tar.ts 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2024-10-07 10:25:25 +01:00
Paolo Tranquilli
56d197570a Merge pull request #2489 from github/redsun82/rust 
Add basic Rust support for internal testing
 2024-10-07 09:39:54 +02:00
Andrew Eisenberg
7cf65a5b2e Merge pull request #2518 from github/dependabot/npm_and_yarn/npm-88156698cd 
Bump the npm group with 3 updates
 2024-10-04 15:35:27 -07:00
Andrew Eisenberg
8a56dd2e53 Update to @actions/core 1.11.1 2024-10-04 15:21:50 -07:00
Angela P Wen
1532671351 Update default bundle to 2.19.1 (#2519) 
* Update default bundle to codeql-bundle-v2.19.1

* Add changelog note

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
 2024-10-04 13:45:22 -07:00
Angela P Wen
64871a860c Merge branch 'main' into update-bundle/codeql-bundle-v2.19.1 2024-10-04 13:32:24 -07:00
Henry Mercer
057e1ecd3d Check zstd is on the path in addition to tar version 2024-10-04 19:20:21 +01:00
Andrew Eisenberg
46d955c51a Merge pull request #2415 from aeisenberg/aeisenberg/update-readme-1 
Update README with detailed information
 2024-10-04 10:21:25 -07:00
Henry Mercer
215ff9cf2e Merge pull request #2525 from github/henrymercer/fix-changelog-section 
Fix changelog note section
 2024-10-04 18:15:51 +01:00
Henry Mercer
6c8758fcd6 Fix changelog note section 
This went into the wrong place due to a semantic merge conflict
 2024-10-04 15:42:56 +01:00
Henry Mercer
76aafb9ddb Merge pull request #2520 from github/update-supported-enterprise-server-versions 
Update supported GitHub Enterprise Server versions
 2024-10-04 15:41:33 +01:00
Andrew Eisenberg
bed2a47f20 Update autobuild/action.yml 2024-10-03 18:32:01 -07:00
Andrew Eisenberg
3b143d4ee5 Update readme 2024-10-03 15:06:40 -07:00
Andrew Eisenberg
c768f67a10 Clean up README 
Restructured the change to the README. Instead of directly including the
descriptions of the language inputs, added links to the inputs for each
action.
 2024-10-03 13:52:33 -07:00
Andrew Eisenberg
873c91c4f7 Update README with detailed information 
Update `README.md` to include detailed information about inputs, workflow permissions, build modes, and actions.

* **Inputs**: Add a section on inputs, including the `config` option, `languages`, `queries`, `packs`, `db-location`, `ram`, `threads`, and `source-root`.
* **Workflow Permissions**: Add a section on workflow permissions required for the actions.
* **Build Modes**: Add a section explaining the different build modes available for the actions (`none`, `autobuild`, `manual`).
* **Actions**: Add a section describing the different actions (`init`, `autobuild`, `analyze`, `upload-sarif`, `resolve-environment`, `start-proxy`) and how to use them, with links to the relevant documentation on GitHub.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/github/codeql-action?shareId=XXXX-XXXX-XXXX-XXXX).
 2024-10-03 13:42:25 -07:00
Chuan-kai Lin
8b33300963 Merge pull request #2521 from github/cklin/run-git-command 
Misc cleanups on git command invocation
 2024-10-03 13:40:45 -07:00
Angela P Wen
15649f638c Mergeback v3.26.11 refs/heads/releases/v3 into main (#2523) 
* Update changelog for v3.26.11

* Update changelog and version after v3.26.11

* Update checked-in dependencies

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com>
 2024-10-03 13:18:38 -07:00
github-actions[bot]
a83506b7c8 Update checked-in dependencies 2024-10-03 20:02:50 +00:00
github-actions[bot]
495ca588a4 Update changelog and version after v3.26.11 2024-10-03 20:01:45 +00:00
Angela P Wen
6db8d6351f Merge pull request #2522 from github/update-v3.26.11-8aba5f2c4 
Merge main into releases/v3
v3.26.11 		2024-10-03 13:00:22 -07:00
github-actions[bot]
389647f398 Update changelog for v3.26.11 2024-10-03 19:41:19 +00:00
Chuan-kai Lin
d64cca4b60 Rename determineMergeBaseCommitOid() 
The name suggests that the function computes the merge base, which for
Git means specifically the best common ancestors between multiple
commits or branches (see `git merge-base`).

But what the function actually does is to calculate the HEAD commit of
the PR base branch, as derived from the PR merge commit that the action
analyzes. So even though the function has to do with "merge" and "base",
using the term "merge base" is still misleading at best.

This commit renames the function to determineBaseBranchHeadCommitOid(),
which more clearly indicates what the function does.
 2024-10-03 08:43:36 -07:00
Chuan-kai Lin
955d00143d Extract runGitCommand() 2024-10-03 08:29:52 -07:00
Henry Mercer
01007b8429 Fix new lines in update supported GHES versions PR 2024-10-03 11:49:16 +01:00
Henry Mercer
15f615c384 Add a deprecation warning for CodeQL <=2.14.5 2024-10-03 11:46:49 +01:00
github-actions[bot]
35de01e395 Update supported GitHub Enterprise Server versions 2024-10-03 00:14:22 +00:00
Angela P Wen
868284ba01 Merge branch 'main' into update-bundle/codeql-bundle-v2.19.1 2024-10-02 17:00:15 -07:00