github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-26 16:58:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,739 Commits 341 Branches 538 Tags
173a94ca3f87f2a4aa454c2f4165dd5b375edeb5
Commit Graph

121 Commits

Author SHA1 Message Date
Henry Mercer ade432fd68 Remove duplicate locations from output of database interpret-results 2023-03-24 20:30:57 +00:00
Angela P Wen a21bb7f968 Update upload input values and logic (#1598) 
- The `upload` input to the `analyze` Action now accepts the following values:
    - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

---------

Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-23 17:23:25 +00:00
Angela P Wen 3cbd063679 Upload per-database diagnostic SARIFs on green and red runs (#1556) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-20 21:09:04 +00:00
Henry Mercer ebdd5a069f Remove perf_hooks Node 12 comment 
We don't need the import for Node 12 compat, but we do need it to make
the file compile.
 2023-01-23 19:16:03 +00:00
Henry Mercer be8f7b01a2 Add types for package.json via @schemastore/package 2023-01-20 15:01:35 +00:00
Henry Mercer 1b508953b4 Remove checkActionVersion 
This is no longer needed now that we only release v2
 2023-01-20 15:01:35 +00:00
Henry Mercer 5f644f971e Upgrade TypeScript to 9.2.0 2023-01-18 20:59:57 +00:00
Henry Mercer 8d1e008ecb Check for successful completion rather than SARIF upload 
This doesn’t affect the overall behaviour, but means we can
short-circuit slightly more quickly when `analyze` is passed
`upload: false`.
 2022-12-21 11:40:31 +00:00
Henry Mercer e0ff272230 Merge branch 'main' into henrymercer/report-failed-runs 2022-12-02 14:31:22 +00:00
Angela P Wen aa0e650c6a Surface fatal CLI errors in interpret-results and run-queries (#1407) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-12-02 14:05:21 +01:00
Henry Mercer 98b2ddc7f9 Merge branch 'main' into henrymercer/report-failed-runs 2022-12-01 18:27:32 +00:00
Angela P Wen 9af9a11da8 Stop running fallback Go autobuild if database is finalized (#1405) 2022-12-01 11:29:03 +01:00
Henry Mercer 8337c2be0f Only upload failed SARIF if the run failed 2022-11-25 17:53:32 +00:00
Henry Mercer 5296a763b1 Upload failed SARIF files to Code Scanning 2022-11-25 17:52:50 +00:00
Henry Mercer 39fe7aa8a1 Remove dead guard for GHES 3.0 2022-11-23 13:57:07 +00:00
Andrew Eisenberg c29fca48a1 Cache feature flags on disk 
This will allow feature flags to be shared across steps in the same job,
avoiding an error we saw earlier where the init action had the flag
enabled, but the analyze step had it disabled.

This uses the runner's temp folder to cache the flags file, which will
stick around until the job completes.
 2022-11-21 11:14:38 -08:00
Henry Mercer 0dea34e91c Merge branch 'main' into henrymercer/delete-runner-part-2 2022-11-15 19:35:30 +00:00
Angela P Wen 5883c13406 Deprecate Go extraction reconciliation feature flag and CODEQL_EXTRACTOR_GO_BUILD_TRACING for custom builds (#1322) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-11-14 13:54:35 -08:00
Henry Mercer 9df773d1a3 Remove unneeded apiDetails input to getApiClient 2022-11-14 19:55:30 +00:00
Henry Mercer b498c79130 Remove concept of Actions / runner mode 2022-11-14 16:37:48 +00:00
Edoardo Pirovano d6f6ef4b0b Force exit of process if a timeout has occurred 2022-11-09 17:28:15 +00:00
Andrew Eisenberg 701cea34ba More renaming 2022-10-11 10:39:40 -07:00
Andrew Eisenberg 1a17c59fb0 More renaming 
Avoid usage of "Feature Flag" unless we are talking specifically about
the response from github features api. Otherwise, use terms like
"Toggleable features".

Note both "toggleable" and "togglable" appear to be valid spellings of
the word. I chose the first for no good reason.
 2022-10-07 11:33:32 -07:00
Andrew Eisenberg b27aed78f5 Extract GitHubFeatureFlags to a separate class 
Internal refactoring so that `GitHubFeatureFlags` is
private only. The public facing class is `Features`.
 2022-10-06 18:00:40 -07:00
Andrew Eisenberg e37b0d6470 Add the CliConfigFileEnabled feature flag 
Also, wire it up to the `useCodeScanningConfigInCli` function.
 2022-09-27 07:58:31 -07:00
Henry Mercer 0d2fa3c636 Support autobuilding multiple languages in autobuild Action 2022-09-12 17:35:32 +01:00
Henry Mercer fc2f344141 Reuse getApiDetails code 2022-09-02 19:59:18 +01:00
Henry Mercer cf5d465980 Trace Go when Go extraction reconciliation is enabled 2022-09-01 14:42:59 +01:00
Henry Mercer fe1bd9ac76 Improve clarity of logging 2022-09-01 12:56:03 +01:00
Henry Mercer 8e0846caf0 Check TRAP directory exists first 2022-08-31 13:22:39 +01:00
Henry Mercer 955290300a Fix language inclusion test 
`in` checks the indices of an array, not the values.
 2022-08-31 13:20:41 +01:00
Henry Mercer 14d7039828 Add logging for determining whether to run the Go autobuilder 2022-08-31 13:20:02 +01:00
Henry Mercer b42a495e8a Fix TRAP directory location 2022-08-31 13:19:16 +01:00
Henry Mercer e466e75875 Simplify doesGoExtractionOutputExist implementation 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2022-08-31 13:19:16 +01:00
Henry Mercer fff56ee004 Add environment variable for enabling Go extraction reconcilation 
This will enable us to test this behavior in PR checks.
Also simplify and add some more detailed documentation.
 2022-08-31 13:19:16 +01:00
Henry Mercer 8dc468564f Use a more explicit name for checking Go extraction output 2022-08-31 13:19:16 +01:00
Angela P Wen 215c3cb4bb Autobuild Go in analyze step 2022-08-31 13:19:16 +01:00
Edoardo Pirovano 8b45ef3845 Telemetry: Record DB creation time 2022-08-24 14:31:37 +01:00
Henry Mercer c72f566aae Explicitly import performance for Node 12 compatibility 2022-08-22 12:59:22 +01:00
Edoardo Pirovano 0349bb05b7 Fix TRAP cache upload timing 2022-08-17 15:49:57 +01:00
Henry Mercer 219a937551 Require test mode to be set to use expect-error input 
This should be more robust than determining whether the repo is the
CodeQL Action or a fork of it.
 2022-08-17 14:49:24 +01:00
Edoardo Pirovano eb6f272155 Round fields in TRAP caching telemetry to integers 2022-08-17 13:30:17 +01:00
Angela P Wen 9b7fa3dd99 Add expect-error input to force PR check green on expected failure (#1177) 2022-08-16 16:27:14 -07:00
Edoardo Pirovano b29194f0ac Address review comments from @henrymercer 2022-08-16 13:30:49 +01:00
Edoardo Pirovano 4139682b64 Add telemetry for TRAP caching 2022-08-16 11:54:31 +01:00
Chris Gavin 07e8996e91 Merge main into local. 2022-08-11 17:11:05 +01:00
Chris Gavin bbdc9efa94 Use the API URL from the environment if it is present. 2022-08-11 08:38:11 +01:00
Angela P Wen 3c4f458a1a Re-declare codeql var 2022-08-10 15:08:35 +02:00
Angela P Wen 90676d9cb9 Merge remote-tracking branch 'origin/main' into angelapwen/post-init-cleanup 2022-08-10 15:08:04 +02:00
Edoardo Pirovano 8f867dcb21 Introduce TRAP caching 2022-08-05 17:48:05 +01:00