github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 17:50:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,110 Commits 297 Branches 500 Tags
v3.29.6
Commit Graph

2586 Commits

Author SHA1 Message Date
github-actions[bot]
6b1da0d33e Update default bundle to codeql-bundle-v2.20.5 2025-02-18 12:37:20 +00:00
Henry Mercer
906452d251 Merge branch 'main' into revert-2767-cklin/prefer-gtar 2025-02-18 10:47:19 +00:00
Henry Mercer
65a3aa1fbc Revert "Prefer gtar if available" 2025-02-18 10:38:41 +00:00
Chris Smowton
2be5f244ff Pass --ignore-zeros to tar when decompressing zstd-compressed tarballs 
See comment in the diff for full explanation.
 2025-02-17 17:04:36 +00:00
Chuan-kai Lin
61c77a48ff Prefer gtar if available 2025-02-14 13:34:30 -08:00
Chuan-kai Lin
4267fa66a2 getTarVersion(): add programName parameter 
This commit changes getTarVersion() so that it receives the name of the
tar program from the caller instead of using the hardcoded string "tar".
 2025-02-14 13:24:19 -08:00
Chuan-kai Lin
c4a8587f45 Add TarVersion.name field 
This refactoring commit records the name of the tar program in the new
TarVersion.name field and makes extractTarZst() use the new field
instead of the hardcoded name "tar". Code behavior remains unchanged
because currently TarVersion.name is always "tar".

This is the first step toward supporting a tar program under a different
executable name.
 2025-02-14 12:08:07 -08:00
Chuan-kai Lin
77bc2a595e Write pr-diff-range JSON file 2025-02-14 08:50:52 -08:00
Henry Mercer
3df6d20d31 Improve logs for combined SARIF debug artifact 
Don't start a "Uploading combined SARIF debug artifact" log group if we aren't going to do the upload.
 2025-02-12 16:27:40 +00:00
github-actions[bot]
52189d23af Update default bundle to codeql-bundle-v2.20.4 2025-02-04 11:22:50 +00:00
Henry Mercer
cf7c687919 Send init-post status report in absence of config 2025-02-03 19:46:23 +00:00
Ian Lynagh
5a61bf07fa Kotlin: The 2.20.3 release supports Kotlin 2.1.10. 2025-01-29 13:08:49 +00:00
Marco Gario
f98f14dd82 Unset proxy env 2025-01-29 11:04:28 +00:00
Marco Gario
7fdc1b8d67 Revert "start-proxy: Skip proxy setup if no credentials are available" 2025-01-29 09:33:23 +01:00
Marco Gario
76622e7fee Merge branch 'main' into marcogario/skip_proxy 2025-01-28 19:49:45 +00:00
Marco Gario
e2f043dee4 Remove unusued proxy_password input 2025-01-27 20:10:59 +00:00
Marco Gario
8aa028b476 Merge branch 'main' into marcogario/skip_proxy 2025-01-27 20:24:32 +01:00
Andrew Eisenberg
b494190443 Merge pull request #2726 from github/aeisenberg/reenable-artifact-upload 
Ensure artifacts are only uploaded in safe situations
 2025-01-27 11:10:46 -08:00
Andrew Eisenberg
a879704805 Clarify test fail;ure message 2025-01-27 10:51:01 -08:00
Andrew Eisenberg
62c322fad9 Add better comments around artifact upload tests 2025-01-27 10:18:03 -08:00
Marco Gario
7c2eafa990 Use ConfigureationError for exceptions 2025-01-27 10:09:07 +00:00
Andrew Eisenberg
f71067bd5f Stop using feature-flag support for determining if a feature is active 
Using the feature flag mechanism for checking if uploads are enabled was
too clunky. I'm moving the change to checking versions directly.
 2025-01-26 13:42:15 -08:00
Andrew Eisenberg
2bab9f7984 Ensure artifacts are only uploaded in safe situations 
This commit:

Turns on uploading of artifacts again but only if CLI version is
>= 2.20.3. I implemented the check using our feature flag functionality.
I was on the fence about this since it makes the PR more complex.
However, it does give us more flexibility when controlling artifact
uploads.

Also, I renamed the two workflows that were previously disabled. This
way we will not accidentally enable the old workflows for previous
versions of the action.
 2025-01-25 15:31:35 -08:00
Marco Gario
7d7758bb24 Skip proxy if no credentials 2025-01-24 21:46:40 +00:00
Marco Gario
f6d19ed42e Formatting 2025-01-24 20:27:36 +00:00
Marco Gario
ecf723239a Sanitize inputs 2025-01-24 20:20:10 +00:00
Marco Gario
51bb5eb99a Fix bug in getCredentials + tests 2025-01-24 16:39:47 +00:00
github-actions[bot]
208091da0a Update default bundle to codeql-bundle-v2.20.3 2025-01-23 22:15:14 +00:00
Angela P Wen
519de26711 Temporarily disable uploading debug artifacts 2025-01-22 10:35:38 -08:00
Henry Mercer
3505f8142a Merge branch 'main' into henrymercer/fix-extension-assumption 2025-01-22 14:52:26 +00:00
Henry Mercer
d23f49f56f Fix assumption that download URLs contain file extension 
This is not the case when downloading the bundle from a GitHub Release synced to GHES with the CodeQL Action sync tool.
 2025-01-22 13:02:45 +00:00
github-actions[bot]
aa76523503 Update default bundle to codeql-bundle-v2.20.2 2025-01-21 14:20:11 +00:00
Chuan-kai Lin
071996fbe2 getDiffRanges: better fallback for absent patch 2025-01-16 09:26:22 -08:00
Chuan-kai Lin
5889cfd499 Add analysis_is_diff_informed to status report 2025-01-16 08:50:23 -08:00
Henry Mercer
40a203a0ea Remove redundant version checks 
Remove version checks that always return true given the new minimum version of CodeQL.
 2025-01-15 18:02:25 +00:00
Henry Mercer
4de061d85d Merge branch 'main' into dependabot/npm_and_yarn/npm-006da05bd8 2025-01-15 17:30:02 +00:00
Henry Mercer
02dfacf1c1 Fix linting errors 2025-01-15 13:57:55 +00:00
Marco Gario
3b4f4d94c0 Merge pull request #2680 from github/marcogario/filter_registries 
Filter registry credentials by language
 2025-01-15 11:34:00 +01:00
Chuan-kai Lin
1efc6bb9ce Merge pull request #2679 from github/cklin/get-diff-from-api 
getPullRequestEditedDiffRanges: use GitHub API
 2025-01-14 07:10:58 -08:00
Marco Gario
31d11b19a0 Use Language type 2025-01-14 14:29:26 +00:00
Chuan-kai Lin
3548ff54b5 writeDiffRangeDataExtensionPack: escape special characters in filenames 2025-01-13 14:28:56 -08:00
Chuan-kai Lin
52315a9f7d setupDiffInformedQueryRun: log setup failure 2025-01-13 14:28:56 -08:00
Chuan-kai Lin
784896750f getDiffRanges: add unit tests 2025-01-13 14:28:56 -08:00
Chuan-kai Lin
d4c56bbb31 getDiffRanges: improve handling for missing patch 2025-01-13 14:28:56 -08:00
Chuan-kai Lin
63d1f4f8a2 getPullRequestEditedDiffRanges: check the number of changed files 2025-01-13 14:28:56 -08:00
Chuan-kai Lin
68b1b4e9eb getPullRequestEditedDiffRanges: compute diff ranges 2025-01-13 14:28:54 -08:00
Marco Gario
de0f9cf316 Support both namings for java 2025-01-13 16:15:26 +00:00
Chuan-kai Lin
68378a359a getPullRequestEditedDiffRanges: use GitHub API 2025-01-13 07:35:44 -08:00
Marco Gario
e02d65ac18 Filter registry credentials by language 2025-01-13 10:52:07 +00:00
Henry Mercer
fe593c34e6 Mark invalid external repo specifiers as configuration error 
This is a workaround — the proper fix is to better separate out user input vs the Action in `database init` so we can better attribute configuration errors.
 2025-01-10 20:41:24 +00:00