github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 09:40:17 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,681 Commits 297 Branches 500 Tags
v3.28.15
Commit Graph

6681 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Eisenberg
45775bd823 Merge pull request #2854 from github/update-v3.28.15-a35ae8c38 
Merge main into releases/v3
v3.28.15 		2025-04-07 14:31:50 -07:00
Andrew Eisenberg
dd78aab407 Update CHANGELOG.md with bug fix details 2025-04-07 14:15:05 -07:00
github-actions[bot]
e40af59174 Update changelog for v3.28.15 2025-04-07 21:05:03 +00:00
Chuan-kai Lin
a35ae8c380 Merge pull request #2843 from github/cklin/diff-informed-compat 
Set checkPresence in diff-range data extension
 2025-04-07 13:29:16 -07:00
Andrew Eisenberg
bb59df6c17 Merge pull request #2842 from github/henrymercer/zip64 
Raise the file limit for debug artifacts by producing zip64 files where necessary
 2025-04-07 10:50:46 -07:00
Arthur Baars
4b508f5964 Merge pull request #2845 from github/mergeback/v3.28.14-to-main-fc7e4a0f 
Mergeback v3.28.14 refs/heads/releases/v3 into main
 2025-04-07 13:04:29 +02:00
github-actions[bot]
ca00afb5f1 Update checked-in dependencies 2025-04-07 09:33:21 +00:00
github-actions[bot]
2969c78ce0 Update changelog and version after v3.28.14 2025-04-07 09:27:28 +00:00
Arthur Baars
fc7e4a0fa0 Merge pull request #2844 from github/update-v3.28.14-362ef4ce2 
Merge main into releases/v3
v3.28.14 		2025-04-07 11:26:56 +02:00
github-actions[bot]
be0175c800 Update changelog for v3.28.14 2025-04-07 09:09:01 +00:00
Andrew Eisenberg
a8be43c24e Don't throw error for ENOENT 2025-04-04 13:42:00 -07:00
Chuan-kai Lin
94102d99b0 Set checkPresence in diff-range data extension 
This commit updates the diff-range data extension to use the new
checkPresence field being introduced in CodeQL CLI 2.21.0, so that
diff-informed analysis no longer fails when a query pack does not have
the restrictAlertsTo extensible predicate.
 2025-04-04 08:41:50 -07:00
github-actions[bot]
fd8685f16e Update checked-in dependencies 2025-04-04 13:46:53 +00:00
Henry Mercer
56feaac968 Raise file limit in debug artifacts by using zip64 2025-04-04 14:40:53 +01:00
Arthur Baars
362ef4ce20 Merge pull request #2838 from github/update-bundle/codeql-bundle-v2.21.0 
Update default bundle to 2.21.0
 2025-04-03 15:40:24 +02:00
Arthur Baars
2b85c00718 Merge branch 'main' into update-bundle/codeql-bundle-v2.21.0 2025-04-03 15:28:09 +02:00
Angela P Wen
41aa437638 Merge pull request #2841 from github/angelapwen/log-init-post-telemetry 
Add logs around status report telemetry in `init-post` step
 2025-04-03 14:51:03 +02:00
Angela P Wen
92864f48b0 Add logs around status report telemetry in init-post step 2025-04-03 14:37:27 +02:00
Fotis Koutoulakis
e13fe0dd2d Merge pull request #2833 from github/NlightNFotis/reclassify_upload_sarif_issues 
feat: further error re-classification
 2025-04-02 20:09:36 +01:00
Fotis Koutoulakis
06703ce3e5 Merge branch 'main' into NlightNFotis/reclassify_upload_sarif_issues 2025-04-02 19:06:45 +01:00
Fotis Koutoulakis (@NlightNFotis)
676a422916 review-comments: nest validateSariFileSchema into try-catch block to better discriminate error thrown 2025-04-02 19:06:31 +01:00
Fotis Koutoulakis (@NlightNFotis)
498c7f37e8 review-comments: unwrap error in upload-sarif-action and re-classify as ConfigurationError if in known error category 2025-04-02 15:20:03 +01:00
Fotis Koutoulakis (@NlightNFotis)
efd29bef22 refactor: revert getActionsStatus taking an extra argument 2025-04-02 15:13:00 +01:00
Angela P Wen
dab8a02091 Merge pull request #2836 from github/dependabot/github_actions/actions-02c935407f 
build(deps): bump the actions group with 2 updates
 2025-04-02 14:57:29 +02:00
Angela P Wen
10771737a9 Merge pull request #2840 from github/dependabot/npm_and_yarn/npm-05c8aca45e 
build(deps-dev): bump the npm group across 1 directory with 4 updates
 2025-04-02 14:56:55 +02:00
Angela P Wen
17379bcd20 Manually update PR check workflow 2025-04-02 14:43:55 +02:00
github-actions[bot]
dbb232a3d8 Update checked-in dependencies 2025-04-02 12:43:14 +00:00
dependabot[bot]
4b72bef651 build(deps-dev): bump the npm group across 1 directory with 4 updates 
Bumps the npm group with 4 updates in the / directory: [@types/semver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/semver), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [nock](https://github.com/nock/nock).


Updates `@types/semver` from 7.5.8 to 7.7.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/semver)

Updates `@typescript-eslint/eslint-plugin` from 8.28.0 to 8.29.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.29.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.28.0 to 8.29.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.29.0/packages/parser)

Updates `nock` from 14.0.1 to 14.0.2
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v14.0.1...v14.0.2)

---
updated-dependencies:
- dependency-name: "@types/semver"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-02 12:42:37 +00:00
Fotis Koutoulakis (@NlightNFotis)
b53826d56d review-comments: remove syntax-error handling for SARIF from upload-lib 2025-04-01 15:10:16 +01:00
Fotis Koutoulakis (@NlightNFotis)
55ee663d5f review-comments: refactor getActionsStatus to accept an extra parameter designating if the analysis is third-party 2025-04-01 14:58:59 +01:00
github-actions[bot]
a27e401674 Add changelog note 2025-04-01 13:51:07 +00:00
github-actions[bot]
a69f5113b7 Update default bundle to codeql-bundle-v2.21.0 2025-04-01 13:51:03 +00:00
dependabot[bot]
b6f76bd566 build(deps): bump the actions group with 2 updates 
Bumps the actions group with 2 updates: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `ruby/setup-ruby` from 1.227.0 to 1.229.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](1a615958ad...354a1ad156)

Updates `actions/create-github-app-token` from 1.11.7 to 1.12.0
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v1.11.7...v1.12.0)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: actions/create-github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-31 17:16:14 +00:00
Fotis Koutoulakis (@NlightNFotis)
01f1a1f2c9 Merge branch 'main' into NlightNFotis/reclassify_upload_sarif_issues 2025-03-31 16:29:02 +01:00
Chuan-kai Lin
efffb483ec Merge pull request #2831 from github/cklin/diff-informed-query-filtering 
Respect `exclude-from-incremental` query tag for diff-informed analysis
codeql-bundle-v2.21.0 		2025-03-31 08:00:50 -07:00
Fotis Koutoulakis (@NlightNFotis)
f21cf0bbd7 feat: reclassify InvalidSarifUploadError as a user-error when final status report is produced 2025-03-31 12:22:18 +01:00
Fotis Koutoulakis (@NlightNFotis)
72a2b1295e feat: classify some observed SARIF errors as InvalidSarifUploadError 2025-03-31 12:17:23 +01:00
Fotis Koutoulakis (@NlightNFotis)
a022653e2d feat: classify more HTTP errors as configuration errors in api-client 2025-03-31 11:54:16 +01:00
Fotis Koutoulakis (@NlightNFotis)
3c42562190 fix: update comment for test to state correct expected outcome 2025-03-31 11:51:11 +01:00
Chuan-kai Lin
e4ca874973 build: refresh js files 2025-03-28 12:30:40 -07:00
Chuan-kai Lin
e7f67e2e61 Redefine shouldPerformDiffInformedAnalysis() 
This commit renames the original shouldPerformDiffInformedAnalysis(),
which returns `PullRequestBranches | undefined`, to
getDiffInformedAnalysisBranches(). It also adds a new
shouldPerformDiffInformedAnalysis() function that returns boolean.

Separating these two functions makes it clear what the intended uses and
return values should be for each.
 2025-03-28 12:29:28 -07:00
Fotis Koutoulakis
9f45e7498b Merge pull request #2832 from github/NlightNFotis/fix_config_error_classification 
fix: change regex matching for API error to not contain regex boundaries
 2025-03-28 15:18:02 +00:00
Fotis Koutoulakis (@NlightNFotis)
73c938dbc0 fix: fix issue where wrapApiConfigurationError would fail to regex match a string due to boundary constraints on the regex 2025-03-28 14:38:06 +00:00
Fotis Koutoulakis (@NlightNFotis)
2be6da694a test: add tests for the wrapApiConfigurationError function 2025-03-28 14:37:10 +00:00
Fotis Koutoulakis (@NlightNFotis)
76f9ed9cd9 test: add tests to validate getActionsStatus' behaviour 2025-03-28 14:37:10 +00:00
Chuan-kai Lin
71ab101d38 Set default query filter for diff-informed analysis 2025-03-27 14:06:40 -07:00
Chuan-kai Lin
da967b1ade AugmentationProperties: add defaultQueryFilters 
This commit adds a defaultQueryFilters field to AugmentationProperties
and incorporates its value into the augmented Code Scanning config.
However, in this commit defaultQueryFilters is always empty, so there is
not yet any actual behavior change.
 2025-03-27 13:44:47 -07:00
Chuan-kai Lin
3c4533916b Call shouldPerformDiffInformedAnalysis() outside setupDiffInformedQueryRun() 2025-03-27 10:27:24 -07:00
Chuan-kai Lin
1994ea768e Move shouldPerformDiffInformedAnalysis() 2025-03-27 10:27:24 -07:00
Chuan-kai Lin
534bc63d5e Rename diff-filtering-utils.ts to diff-informed-analysis-utils.ts 2025-03-27 10:27:23 -07:00