github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 01:30:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
5,928 Commits 297 Branches 500 Tags
v3.26.13
Commit Graph

681 Commits

Author SHA1 Message Date
Henry Mercer
5b6984ee4d Assert that Windows downloads gzip 2024-10-10 19:40:37 +01:00
Henry Mercer
eefb943f7e Don't use Zstandard bundles on Windows 
In testing, gzip performs better than Zstandard on Windows.
 2024-10-10 19:24:32 +01:00
Angela P Wen
dafc7dd67c PR Checks: update artifacts tests 
We are planning to make the default behavior of the `CODEQL_ACTION_ARTIFACT_V4_UPGRADE` feature flag to be true. This change updates our debug artifact PR checks so that the relevant environment variable is set to `true`, and changes the `debug-artifacts-upgrade` test to `debug-artifacts-legacy` test.
 2024-10-08 13:50:31 -07:00
Henry Mercer
01007b8429 Fix new lines in update supported GHES versions PR 2024-10-03 11:49:16 +01:00
Angela P Wen
a196a714b8 Bump artifact dependencies if CODEQL_ACTION_ARTIFACT_V2_UPGRADE enabled (#2482) 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2024-10-01 09:59:05 -07:00
Henry Mercer
2617ff2d3f Merge pull request #2502 from github/henrymercer/zstd-experiment 
Add a feature flag to use a bundle compressed using Zstandard when setting up the default tools
 2024-09-27 14:48:49 +01:00
Henry Mercer
6b2f7e7c28 Run PR checks using JS only 2024-09-24 17:54:33 +01:00
Henry Mercer
af8e2bc4a1 Use Node script to remove CodeQL cross-platform 2024-09-24 17:43:32 +01:00
Henry Mercer
fa91789e81 Run zstd checks against all operating systems 2024-09-24 17:21:26 +01:00
Henry Mercer
0abc1ec90b Capture reason if zstd fails unexpectedly 2024-09-23 22:53:13 +01:00
Henry Mercer
662c71aa9e Check telemetry in PR check to ensure .tar.zst downloaded 2024-09-23 22:39:47 +01:00
Henry Mercer
b1ca017eae Add PR check for zstd bundle 2024-09-23 22:39:47 +01:00
Andrew Eisenberg
07fd497921 Merge branch 'main' into dependabot/github_actions/actions-a88a8c5a24 2024-09-23 14:16:06 -07:00
Andrew Eisenberg
6225a95822 Don't upload during cancelled jobs 2024-09-23 12:20:21 -07:00
Andrew Eisenberg
9580b7e6d5 Avoid uploading eslint sarif for dependabot PR 
Dependabot does not have `security-events: write` permission.s
 2024-09-23 12:12:10 -07:00
dependabot[bot]
b436a5fca7 Bump actions/create-github-app-token in the actions group 
Bumps the actions group with 1 update: [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `actions/create-github-app-token` from 1.10.3 to 1.11.0
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](31c86eb3b3...5d869da34e)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-23 17:57:11 +00:00
Henry Mercer
132b18f2f0 Merge pull request #2497 from github/henrymercer/rebuild-add-new-files 
CI: Check in new files when rebuilding
 2024-09-23 17:57:24 +01:00
Henry Mercer
bff5ba0a53 Check in new files when rebuilding 2024-09-23 17:41:33 +01:00
Henry Mercer
b78ab6c660 s/latest/linked/ 2024-09-23 16:07:27 +01:00
Henry Mercer
a7b66734cc Run some tests against only latest and nightly-latest CLIs 
These features have stabilized so it isn't that helpful to test them against the full range of CLIs.  So let's speed up the PR checks and save some Actions minutes.
 2024-09-23 16:02:38 +01:00
Remco Vermeulen
7513a95cdc Use workflow token for update-release-branch.py 
This explicitly passes the workflow token and restores this to the original invocation.

The split is now App token for `git` and workflow token for everything else.
 2024-09-19 08:28:19 -07:00
Chris Smowton
3b3a4a69cf Backport workflow: try using the app token 
GITHUB_TOKEN is no longer defined; we should use either the workflow token or the app one. Here we try using the app one.
 2024-09-19 12:07:05 +01:00
Remco Vermeulen
762210d5a0 Use generated token on checkout 
The script `.github/update-release-branch.py` uses the `git` command
to push changes. Therefore we need to ensure that `git` authenticates
with a token that has the `workflows` write permision.

This change restore the GitHub token used by the script to access the
API and applies the `workflows` write permission to the token used by `git`.
 2024-09-13 09:13:54 -07:00
Andrew Eisenberg
0d0f998f28 Always upload eslint.sarif 2024-09-10 16:09:28 -07:00
Andrew Eisenberg
e817992b3d Merge pull request #2469 from github/aeisenberg/upload-eslint-sarif 
Upload sarif for eslint results
 2024-09-10 15:51:24 -07:00
Andrew Eisenberg
56b8418884 Ignore suppressed alerts 2024-09-10 15:31:09 -07:00
Remco Vermeulen
f824adbf9b Merge branch 'main' into rvermeulen/update-release-branch-authz 2024-09-10 11:13:04 -07:00
Andrew Eisenberg
55c72b9aa6 Upload sarif for eslint results 2024-09-09 13:21:27 -07:00
Michael B. Gale
d8b1697e9a Merge pull request #2455 from github/mbg/go/1.23 
Go: Bump Go version to 1.23 in tests
 2024-09-06 10:47:28 +01:00
Henry Mercer
90cf3d26a7 Add PR check for job run UUID 2024-09-05 15:02:02 +02:00
Henry Mercer
6240306694 Download zstd nightly bundles in PR checks 2024-08-29 17:45:09 +01:00
Michael B. Gale
f3f8576a9d Go: Bump Go version to 1.23 2024-08-29 13:56:47 +01:00
Remco Vermeulen
0f99b63108 Use GitHub App for authz 2024-08-28 13:03:54 -07:00
Henry Mercer
44ecae4896 Fix matrixing of "submit SARIF after failure" check 2024-08-08 18:09:12 +01:00
Henry Mercer
ecf465891a Required checks script: Ignore skipped jobs 2024-08-06 17:40:25 +01:00
Henry Mercer
8dd1773467 Merge pull request #2408 from github/henrymercer/deprecate-codeql-2.13.4 
Remove support for CodeQL 2.13.4 and earlier
 2024-08-06 13:52:10 +01:00
Henry Mercer
f03da13454 Exclude push-only unit tests job from required PR checks script 2024-08-05 20:38:18 +01:00
Henry Mercer
136f5a589b Add CodeQL v2.17.6 to default test versions 2024-08-05 19:28:35 +01:00
Henry Mercer
a1404425d9 Remove 2.12.6 from tests 2024-08-05 19:28:35 +01:00
Angela P Wen
9c646c24a4 Add warning and update PR checks for Swift on Linux (#2399) 
* PR checks: Only run Swift build command on MacOS
* PR checks: update to only test Swift on MacOS
* Log warning if workflow is running Swift on Ubuntu
---------

Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2024-08-02 16:27:45 +02:00
Henry Mercer
42c6f6c925 Remove redundant PR check 
This is no longer necessary now that this feature is enabled by default.
 2024-07-31 10:56:00 +01:00
Henry Mercer
38a02917b0 Check compiled code on each push 
A common mistake is forgetting to compile the code.
Ideally, this wouldn't be necessary, but in the meantime, this change gives a visible indication on the commit when the code hasn't been recompiled.
 2024-07-30 18:48:16 +01:00
Angela P Wen
462c756cab Switch debug-artifacts job back to ubuntu 
Now that CLI v2.17.4+ are available, we can switch this job back to `ubuntu`. As a result, we can also bring back testing on the older CLI versions (which did not work on MacOS).
CLI v.2.16.6 has a known failure on Linux so we exclude it from this workflow.

This change is orthogonal to the PR check generator change as the check doesn't use the generator.
 2024-06-24 14:44:39 +02:00
Angela P Wen
495201e69c PR check generator: add excludeOsAndVersionCombination 2024-06-24 13:33:24 +02:00
Henry Mercer
691e81dcdf Merge branch 'main' into henrymercer/swift-autobuild-check-with-build-mode 2024-06-18 10:26:31 +01:00
Henry Mercer
0d598e718d Merge pull request #2346 from github/aeisenberg/fix-workflow 
Fix workflow
 2024-06-18 10:26:18 +01:00
Henry Mercer
208abc5a9a Merge branch 'main' into henrymercer/swift-autobuild-check-with-build-mode 2024-06-18 10:10:31 +01:00
Henry Mercer
5b39968121 Merge pull request #2343 from github/henrymercer/remove-macos-11 
Remove macOS 11 check and add macOS 14
 2024-06-18 10:10:15 +01:00
Andrew Eisenberg
b7574c1c6a Fix workflow 2024-06-17 14:02:59 -07:00
Andrew Eisenberg
35619fbef6 Merge pull request #1939 from github/aeisenberg/enable-kotlin-tests 
Re-enable kotlin tests
 2024-06-17 13:48:06 -07:00