mirror of
https://github.com/github/codeql-action.git
synced 2026-05-07 22:30:44 +00:00
Merge pull request #2036 from github/backport-v2.22.11-b374143c1
Merge releases/v3 into releases/v2
This commit is contained in:
Nick Fyson
GitHub
@@ -255,10 +255,13 @@ def main():
|
||||
print(f'No commits to merge from {source_branch} to {target_branch}.')
|
||||
return
|
||||
|
||||
# define distinct prefix in order to support specific pr checks on backports
|
||||
branch_prefix = 'update' if is_primary_release else 'backport'
|
||||
|
||||
# The branch name is based off of the name of branch being merged into
|
||||
# and the SHA of the branch being merged from. Thus if the branch already
|
||||
# exists we can assume we don't need to recreate it.
|
||||
new_branch_name = f'update-v{version}-{source_branch_short_sha}'
|
||||
new_branch_name = f'{branch_prefix}-v{version}-{source_branch_short_sha}'
|
||||
print(f'Branch name is {new_branch_name}.')
|
||||
|
||||
# Check if the branch already exists. If so we can abort as this script
|
||||
|
||||
@@ -39,11 +39,11 @@ jobs:
|
||||
uses: ./.github/actions/prepare-test
|
||||
with:
|
||||
version: latest
|
||||
- uses: actions/setup-go@v4
|
||||
- uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: ^1.13.1
|
||||
- name: Setup Python on MacOS
|
||||
uses: actions/setup-python@v4
|
||||
uses: actions/setup-python@v5
|
||||
if: |
|
||||
matrix.os == 'macos-latest' && (
|
||||
matrix.version == 'stable-20220908' ||
|
||||
|
||||
@@ -46,11 +46,11 @@ jobs:
|
||||
uses: ./.github/actions/prepare-test
|
||||
with:
|
||||
version: ${{ matrix.version }}
|
||||
- uses: actions/setup-go@v4
|
||||
- uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: ^1.13.1
|
||||
- name: Setup Python on MacOS
|
||||
uses: actions/setup-python@v4
|
||||
uses: actions/setup-python@v5
|
||||
if: |
|
||||
matrix.os == 'macos-latest' && (
|
||||
matrix.version == 'stable-20220908' ||
|
||||
|
||||
@@ -45,7 +45,7 @@ jobs:
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v4
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: 3.11
|
||||
|
||||
@@ -70,7 +70,7 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Setup Python on MacOS
|
||||
uses: actions/setup-python@v4
|
||||
uses: actions/setup-python@v5
|
||||
if: |
|
||||
matrix.os == 'macos-latest' && (
|
||||
matrix.version == 'stable-20220908' ||
|
||||
@@ -88,3 +88,44 @@ jobs:
|
||||
# we won't be able to find them on Windows.
|
||||
npm config set script-shell bash
|
||||
npm test
|
||||
|
||||
check-node-version:
|
||||
if: ${{ github.event.pull_request }}
|
||||
name: Check Action Node versions
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 45
|
||||
env:
|
||||
BASE_REF: ${{ github.base_ref }}
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- id: head-version
|
||||
name: Verify all Actions use the same Node version
|
||||
run: |
|
||||
NODE_VERSION=$(find . -name "action.yml" -exec yq -e '.runs.using' {} \; | grep node | sort | uniq)
|
||||
echo "NODE_VERSION: ${NODE_VERSION}"
|
||||
if [[ $(echo "$NODE_VERSION" | wc -l) -gt 1 ]]; then
|
||||
echo "::error::More than one node version used in 'action.yml' files."
|
||||
exit 1
|
||||
fi
|
||||
echo "node_version=${NODE_VERSION}" >> $GITHUB_OUTPUT
|
||||
|
||||
- id: checkout-base
|
||||
name: 'Backport: Check out base ref'
|
||||
if: ${{ startsWith(github.head_ref, 'backport-') }}
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
ref: ${{ env.BASE_REF }}
|
||||
|
||||
- name: 'Backport: Verify Node versions unchanged'
|
||||
if: steps.checkout-base.outcome == 'success'
|
||||
env:
|
||||
HEAD_VERSION: ${{ steps.head-version.outputs.node_version }}
|
||||
run: |
|
||||
BASE_VERSION=$(find . -name "action.yml" -exec yq -e '.runs.using' {} \; | grep node | sort | uniq)
|
||||
echo "HEAD_VERSION: ${HEAD_VERSION}"
|
||||
echo "BASE_VERSION: ${BASE_VERSION}"
|
||||
if [[ "$BASE_VERSION" != "$HEAD_VERSION" ]]; then
|
||||
echo "::error::Cannot change the Node version of an Action in a backport PR."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
@@ -37,7 +37,7 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Setup Python on MacOS
|
||||
uses: actions/setup-python@v4
|
||||
uses: actions/setup-python@v5
|
||||
if: |
|
||||
matrix.os == 'macos-latest' && (
|
||||
matrix.version == 'stable-20220908' ||
|
||||
@@ -151,7 +151,7 @@ jobs:
|
||||
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- uses: actions/setup-python@v4
|
||||
- uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: ${{ matrix.python_version }}
|
||||
|
||||
|
||||
@@ -18,7 +18,7 @@ jobs:
|
||||
runs-on: windows-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/setup-python@v4
|
||||
- uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
|
||||
@@ -31,7 +31,7 @@ jobs:
|
||||
npm run build
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v4
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: 3.11
|
||||
|
||||
|
||||
@@ -14,7 +14,7 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Setup Python
|
||||
uses: actions/setup-python@v4
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: "3.7"
|
||||
- name: Checkout CodeQL Action
|
||||
|
||||
@@ -2,6 +2,10 @@
|
||||
|
||||
See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
|
||||
|
||||
## 2.22.11 - 13 Dec 2023
|
||||
|
||||
No user facing changes.
|
||||
|
||||
## 2.22.10 - 12 Dec 2023
|
||||
|
||||
- Update default CodeQL bundle version to 2.15.4. [#2016](https://github.com/github/codeql-action/pull/2016)
|
||||
|
||||
+1
-1
@@ -84,6 +84,6 @@ outputs:
|
||||
sarif-id:
|
||||
description: The ID of the uploaded SARIF file.
|
||||
runs:
|
||||
using: "node16"
|
||||
using: node16
|
||||
main: "../lib/analyze-action.js"
|
||||
post: "../lib/analyze-action-post.js"
|
||||
|
||||
@@ -13,5 +13,5 @@ inputs:
|
||||
$GITHUB_WORKSPACE as its working directory.
|
||||
required: false
|
||||
runs:
|
||||
using: 'node16'
|
||||
using: node16
|
||||
main: '../lib/autobuild-action.js'
|
||||
|
||||
+1
-1
@@ -109,6 +109,6 @@ outputs:
|
||||
codeql-path:
|
||||
description: The path of the CodeQL binary used for analysis
|
||||
runs:
|
||||
using: 'node16'
|
||||
using: node16
|
||||
main: '../lib/init-action.js'
|
||||
post: '../lib/init-action-post.js'
|
||||
|
||||
Generated
+3
-3
@@ -51,11 +51,11 @@ async function determineAutobuildLanguages(config, logger) {
|
||||
* For example, consider a user with the following workflow file:
|
||||
*
|
||||
* ```yml
|
||||
* - uses: github/codeql-action/init@v2
|
||||
* - uses: github/codeql-action/init@v3
|
||||
* with:
|
||||
* languages: go, java
|
||||
* - uses: github/codeql-action/autobuild@v2
|
||||
* - uses: github/codeql-action/analyze@v2
|
||||
* - uses: github/codeql-action/autobuild@v3
|
||||
* - uses: github/codeql-action/analyze@v3
|
||||
* ```
|
||||
*
|
||||
* - With Go extraction disabled, we will run the Java autobuilder in the
|
||||
|
||||
Generated
+12
-12
@@ -92,14 +92,14 @@ const workflow = __importStar(require("./workflow"));
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
category: "my-category",
|
||||
},
|
||||
@@ -115,14 +115,14 @@ const workflow = __importStar(require("./workflow"));
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
category: "my-category",
|
||||
},
|
||||
@@ -141,14 +141,14 @@ const workflow = __importStar(require("./workflow"));
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
category: "my-category",
|
||||
},
|
||||
@@ -194,14 +194,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
category: "my-category",
|
||||
upload: uploadInput,
|
||||
@@ -225,14 +225,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
category: "/language:${{ matrix.language }}",
|
||||
},
|
||||
@@ -251,14 +251,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
upload: "${{ matrix.language != 'csharp' }}",
|
||||
},
|
||||
|
||||
Generated
+29
-29
@@ -214,9 +214,9 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes
|
||||
},
|
||||
},
|
||||
steps: [
|
||||
{ uses: "actions/checkout@v2" },
|
||||
{ uses: "github/codeql-action/init@v2" },
|
||||
{ uses: "github/codeql-action/analyze@v2" },
|
||||
{ uses: "actions/checkout@v3" },
|
||||
{ uses: "github/codeql-action/init@v3" },
|
||||
{ uses: "github/codeql-action/analyze@v3" },
|
||||
],
|
||||
},
|
||||
},
|
||||
@@ -306,11 +306,11 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes
|
||||
test:
|
||||
steps:
|
||||
- run: "git checkout HEAD^2"
|
||||
|
||||
|
||||
test2:
|
||||
steps:
|
||||
- run: "git checkout HEAD^2"
|
||||
|
||||
|
||||
test3:
|
||||
steps: []
|
||||
`), await (0, codeql_1.getCodeQLForTesting)());
|
||||
@@ -330,11 +330,11 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes
|
||||
test:
|
||||
steps:
|
||||
- run: "git checkout HEAD^2"
|
||||
|
||||
|
||||
test2:
|
||||
steps:
|
||||
- run: "git checkout HEAD^2"
|
||||
|
||||
|
||||
test3:
|
||||
steps: []
|
||||
`), await (0, codeql_1.getCodeQLForTesting)());
|
||||
@@ -380,9 +380,9 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes
|
||||
analysis:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: some-category
|
||||
`), "analysis", {}), "some-category");
|
||||
@@ -394,9 +394,9 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes
|
||||
analysis:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
`), "analysis", {}), undefined);
|
||||
});
|
||||
(0, ava_1.default)("getCategoryInputOrThrow returns category for workflow with multiple jobs", (t) => {
|
||||
@@ -406,19 +406,19 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes
|
||||
foo:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- runs: ./build foo
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: foo-category
|
||||
bar:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- runs: ./build bar
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: bar-category
|
||||
`), "bar", {}), "bar-category");
|
||||
@@ -433,11 +433,11 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes
|
||||
matrix:
|
||||
language: [javascript, python]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
with:
|
||||
language: \${{ matrix.language }}
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: "/language:\${{ matrix.language }}"
|
||||
`), "analysis", { language: "javascript" }), "/language:javascript");
|
||||
@@ -448,9 +448,9 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes
|
||||
jobs:
|
||||
analysis:
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: "\${{ github.workflow }}"
|
||||
`), "analysis", {}), {
|
||||
@@ -465,12 +465,12 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes
|
||||
analysis:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: some-category
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: another-category
|
||||
`), "analysis", {}), {
|
||||
|
||||
+1
-1
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "codeql",
|
||||
"version": "2.22.10",
|
||||
"version": "2.22.11",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
|
||||
Generated
+2
-2
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"name": "codeql",
|
||||
"version": "2.22.10",
|
||||
"version": "2.22.11",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "codeql",
|
||||
"version": "2.22.10",
|
||||
"version": "2.22.11",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/artifact": "^1.1.2",
|
||||
|
||||
+1
-1
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "codeql",
|
||||
"version": "2.22.10",
|
||||
"version": "2.22.11",
|
||||
"private": true,
|
||||
"description": "CodeQL action",
|
||||
"scripts": {
|
||||
|
||||
@@ -19,5 +19,5 @@ outputs:
|
||||
environment:
|
||||
description: The inferred build environment configuration.
|
||||
runs:
|
||||
using: 'node16'
|
||||
using: node16
|
||||
main: '../lib/resolve-environment-action.js'
|
||||
|
||||
+3
-3
@@ -38,11 +38,11 @@ export async function determineAutobuildLanguages(
|
||||
* For example, consider a user with the following workflow file:
|
||||
*
|
||||
* ```yml
|
||||
* - uses: github/codeql-action/init@v2
|
||||
* - uses: github/codeql-action/init@v3
|
||||
* with:
|
||||
* languages: go, java
|
||||
* - uses: github/codeql-action/autobuild@v2
|
||||
* - uses: github/codeql-action/analyze@v2
|
||||
* - uses: github/codeql-action/autobuild@v3
|
||||
* - uses: github/codeql-action/analyze@v3
|
||||
* ```
|
||||
*
|
||||
* - With Go extraction disabled, we will run the Java autobuilder in the
|
||||
|
||||
@@ -91,14 +91,14 @@ test("uploads failed SARIF run with `diagnostics export` if feature flag is off"
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
category: "my-category",
|
||||
},
|
||||
@@ -115,14 +115,14 @@ test("uploads failed SARIF run with `diagnostics export` if the database doesn't
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
category: "my-category",
|
||||
},
|
||||
@@ -142,14 +142,14 @@ test("uploads failed SARIF run with database export-diagnostics if the database
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
category: "my-category",
|
||||
},
|
||||
@@ -199,14 +199,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
category: "my-category",
|
||||
upload: uploadInput,
|
||||
@@ -234,14 +234,14 @@ test("uploading failed SARIF run succeeds when workflow uses an input with a mat
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
category: "/language:${{ matrix.language }}",
|
||||
},
|
||||
@@ -261,14 +261,14 @@ test("uploading failed SARIF run fails when workflow uses a complex upload input
|
||||
},
|
||||
{
|
||||
name: "Initialize CodeQL",
|
||||
uses: "github/codeql-action/init@v2",
|
||||
uses: "github/codeql-action/init@v3",
|
||||
with: {
|
||||
languages: "javascript",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "Perform CodeQL Analysis",
|
||||
uses: "github/codeql-action/analyze@v2",
|
||||
uses: "github/codeql-action/analyze@v3",
|
||||
with: {
|
||||
upload: "${{ matrix.language != 'csharp' }}",
|
||||
},
|
||||
|
||||
+29
-29
@@ -396,9 +396,9 @@ async function testLanguageAliases(
|
||||
},
|
||||
},
|
||||
steps: [
|
||||
{ uses: "actions/checkout@v2" },
|
||||
{ uses: "github/codeql-action/init@v2" },
|
||||
{ uses: "github/codeql-action/analyze@v2" },
|
||||
{ uses: "actions/checkout@v3" },
|
||||
{ uses: "github/codeql-action/init@v3" },
|
||||
{ uses: "github/codeql-action/analyze@v3" },
|
||||
],
|
||||
},
|
||||
},
|
||||
@@ -516,11 +516,11 @@ test("getWorkflowErrors() should only report the current job's CheckoutWrongHead
|
||||
test:
|
||||
steps:
|
||||
- run: "git checkout HEAD^2"
|
||||
|
||||
|
||||
test2:
|
||||
steps:
|
||||
- run: "git checkout HEAD^2"
|
||||
|
||||
|
||||
test3:
|
||||
steps: []
|
||||
`) as Workflow,
|
||||
@@ -546,11 +546,11 @@ test("getWorkflowErrors() should not report a different job's CheckoutWrongHead"
|
||||
test:
|
||||
steps:
|
||||
- run: "git checkout HEAD^2"
|
||||
|
||||
|
||||
test2:
|
||||
steps:
|
||||
- run: "git checkout HEAD^2"
|
||||
|
||||
|
||||
test3:
|
||||
steps: []
|
||||
`) as Workflow,
|
||||
@@ -652,9 +652,9 @@ test("getCategoryInputOrThrow returns category for simple workflow with category
|
||||
analysis:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: some-category
|
||||
`) as Workflow,
|
||||
@@ -674,9 +674,9 @@ test("getCategoryInputOrThrow returns undefined for simple workflow without cate
|
||||
analysis:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
`) as Workflow,
|
||||
"analysis",
|
||||
{},
|
||||
@@ -694,19 +694,19 @@ test("getCategoryInputOrThrow returns category for workflow with multiple jobs",
|
||||
foo:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- runs: ./build foo
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: foo-category
|
||||
bar:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- runs: ./build bar
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: bar-category
|
||||
`) as Workflow,
|
||||
@@ -729,11 +729,11 @@ test("getCategoryInputOrThrow finds category for workflow with language matrix",
|
||||
matrix:
|
||||
language: [javascript, python]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
with:
|
||||
language: \${{ matrix.language }}
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: "/language:\${{ matrix.language }}"
|
||||
`) as Workflow,
|
||||
@@ -753,9 +753,9 @@ test("getCategoryInputOrThrow throws error for workflow with dynamic category",
|
||||
jobs:
|
||||
analysis:
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: "\${{ github.workflow }}"
|
||||
`) as Workflow,
|
||||
@@ -780,12 +780,12 @@ test("getCategoryInputOrThrow throws error for workflow with multiple calls to a
|
||||
analysis:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v2
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: actions/checkout@v3
|
||||
- uses: github/codeql-action/init@v3
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: some-category
|
||||
- uses: github/codeql-action/analyze@v2
|
||||
- uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: another-category
|
||||
`) as Workflow,
|
||||
|
||||
@@ -34,5 +34,5 @@ outputs:
|
||||
sarif-id:
|
||||
description: The ID of the uploaded SARIF file.
|
||||
runs:
|
||||
using: 'node16'
|
||||
using: node16
|
||||
main: '../lib/upload-sarif-action.js'
|
||||
|
||||
Reference in New Issue
Block a user