github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-28 18:08:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,798 Commits 344 Branches 538 Tags
4704ab18691cbc020ec00ac79ac5eb698ad192bc
Commit Graph

1102 Commits

Author SHA1 Message Date
Angela P Wen 2f0f924bb0 Return early if version is linked or default 2024-10-15 16:17:38 -07:00
Angela P Wen ded11c662c PR checks: fix formatting for nightly bundle URL and stable CLI version input 2024-10-15 15:53:14 -07:00
Henry Mercer 619f0d628b Update CodeQL versions tested in generated checks 2024-10-15 19:43:56 +01:00
Henry Mercer 5f519a326a Merge branch 'main' into henrymercer/zstd-stream 2024-10-14 13:18:51 +01:00
Andrew Eisenberg 5fb6f1257e Create publish-immutable-action workflow 2024-10-11 15:28:56 -07:00
Andrew Eisenberg ea2cd92c21 Merge pull request #2517 from github/aeisenberg/create-release 
Create a GitHub release for each action release
 2024-10-11 13:32:06 -07:00
Andrew Eisenberg 2b89f7bcf6 Create the changelog before creating the mergeback branch 2024-10-10 14:12:54 -07:00
Henry Mercer 79e826e0a2 Add PR check for streaming 2024-10-10 19:48:20 +01:00
Henry Mercer 5b6984ee4d Assert that Windows downloads gzip 2024-10-10 19:40:37 +01:00
Henry Mercer eefb943f7e Don't use Zstandard bundles on Windows 
In testing, gzip performs better than Zstandard on Windows.
 2024-10-10 19:24:32 +01:00
Andrew Eisenberg d545e9b4a6 Add a partial changelog when releasing 2024-10-09 20:51:28 -07:00
Angela P Wen dafc7dd67c PR Checks: update artifacts tests 
We are planning to make the default behavior of the `CODEQL_ACTION_ARTIFACT_V4_UPGRADE` feature flag to be true. This change updates our debug artifact PR checks so that the relevant environment variable is set to `true`, and changes the `debug-artifacts-upgrade` test to `debug-artifacts-legacy` test.
 2024-10-08 13:50:31 -07:00
Henry Mercer 01007b8429 Fix new lines in update supported GHES versions PR 2024-10-03 11:49:16 +01:00
Andrew Eisenberg 9b4db1efbf Create a GitHub release for each action release 
Must make sure this release is not marked as `latest` or else it will
interfere with the CLI bundle releases also included in this repo.
 2024-10-02 15:08:20 -07:00
Andrew Eisenberg ecac2c6d53 Exclupde eslint-plugin-import updates from dependabot 
See https://github.com/github/codeql-action/pull/2510 for reason why.
 2024-10-02 14:22:25 -07:00
Angela P Wen a196a714b8 Bump artifact dependencies if CODEQL_ACTION_ARTIFACT_V2_UPGRADE enabled (#2482) 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
Co-authored-by: Henry Mercer <henrymercer@github.com>
 2024-10-01 09:59:05 -07:00
Henry Mercer 2617ff2d3f Merge pull request #2502 from github/henrymercer/zstd-experiment 
Add a feature flag to use a bundle compressed using Zstandard when setting up the default tools
 2024-09-27 14:48:49 +01:00
Henry Mercer 6b2f7e7c28 Run PR checks using JS only 2024-09-24 17:54:33 +01:00
Henry Mercer af8e2bc4a1 Use Node script to remove CodeQL cross-platform 2024-09-24 17:43:32 +01:00
Henry Mercer fa91789e81 Run zstd checks against all operating systems 2024-09-24 17:21:26 +01:00
Henry Mercer 0abc1ec90b Capture reason if zstd fails unexpectedly 2024-09-23 22:53:13 +01:00
Henry Mercer 662c71aa9e Check telemetry in PR check to ensure .tar.zst downloaded 2024-09-23 22:39:47 +01:00
Henry Mercer b1ca017eae Add PR check for zstd bundle 2024-09-23 22:39:47 +01:00
Andrew Eisenberg 07fd497921 Merge branch 'main' into dependabot/github_actions/actions-a88a8c5a24 2024-09-23 14:16:06 -07:00
Andrew Eisenberg 6225a95822 Don't upload during cancelled jobs 2024-09-23 12:20:21 -07:00
Andrew Eisenberg 9580b7e6d5 Avoid uploading eslint sarif for dependabot PR 
Dependabot does not have `security-events: write` permission.s
 2024-09-23 12:12:10 -07:00
dependabot[bot] b436a5fca7 Bump actions/create-github-app-token in the actions group 
Bumps the actions group with 1 update: [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `actions/create-github-app-token` from 1.10.3 to 1.11.0
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4...5d869da34e18e7287c1daad50e0b8ea0f506ce69)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-23 17:57:11 +00:00
Henry Mercer 132b18f2f0 Merge pull request #2497 from github/henrymercer/rebuild-add-new-files 
CI: Check in new files when rebuilding
 2024-09-23 17:57:24 +01:00
Henry Mercer bff5ba0a53 Check in new files when rebuilding 2024-09-23 17:41:33 +01:00
Henry Mercer b78ab6c660 s/latest/linked/ 2024-09-23 16:07:27 +01:00
Henry Mercer a7b66734cc Run some tests against only latest and nightly-latest CLIs 
These features have stabilized so it isn't that helpful to test them against the full range of CLIs.  So let's speed up the PR checks and save some Actions minutes.
 2024-09-23 16:02:38 +01:00
Remco Vermeulen 7513a95cdc Use workflow token for update-release-branch.py 
This explicitly passes the workflow token and restores this to the original invocation.

The split is now App token for `git` and workflow token for everything else.
 2024-09-19 08:28:19 -07:00
Chris Smowton 3b3a4a69cf Backport workflow: try using the app token 
GITHUB_TOKEN is no longer defined; we should use either the workflow token or the app one. Here we try using the app one.
 2024-09-19 12:07:05 +01:00
Remco Vermeulen 762210d5a0 Use generated token on checkout 
The script `.github/update-release-branch.py` uses the `git` command
to push changes. Therefore we need to ensure that `git` authenticates
with a token that has the `workflows` write permision.

This change restore the GitHub token used by the script to access the
API and applies the `workflows` write permission to the token used by `git`.
 2024-09-13 09:13:54 -07:00
Andrew Eisenberg 0d0f998f28 Always upload eslint.sarif 2024-09-10 16:09:28 -07:00
Andrew Eisenberg e817992b3d Merge pull request #2469 from github/aeisenberg/upload-eslint-sarif 
Upload sarif for eslint results
 2024-09-10 15:51:24 -07:00
Andrew Eisenberg 56b8418884 Ignore suppressed alerts 2024-09-10 15:31:09 -07:00
Remco Vermeulen f824adbf9b Merge branch 'main' into rvermeulen/update-release-branch-authz 2024-09-10 11:13:04 -07:00
Andrew Eisenberg 5c9d95388f Merge branch 'main' into aeisenberg/upload-eslint-sarif 2024-09-09 14:27:48 -07:00
Andrew Eisenberg c00e2392d2 Update setup-swift version 
Allows running swift v5.10.1.
 2024-09-09 14:06:08 -07:00
Andrew Eisenberg 55c72b9aa6 Upload sarif for eslint results 2024-09-09 13:21:27 -07:00
Michael B. Gale d8b1697e9a Merge pull request #2455 from github/mbg/go/1.23 
Go: Bump Go version to 1.23 in tests
 2024-09-06 10:47:28 +01:00
Henry Mercer 90cf3d26a7 Add PR check for job run UUID 2024-09-05 15:02:02 +02:00
Henry Mercer 6240306694 Download zstd nightly bundles in PR checks 2024-08-29 17:45:09 +01:00
Michael B. Gale f3f8576a9d Go: Bump Go version to 1.23 2024-08-29 13:56:47 +01:00
Remco Vermeulen 0f99b63108 Use GitHub App for authz 2024-08-28 13:03:54 -07:00
Henry Mercer 44ecae4896 Fix matrixing of "submit SARIF after failure" check 2024-08-08 18:09:12 +01:00
Henry Mercer ecf465891a Required checks script: Ignore skipped jobs 2024-08-06 17:40:25 +01:00
Henry Mercer 8dd1773467 Merge pull request #2408 from github/henrymercer/deprecate-codeql-2.13.4 
Remove support for CodeQL 2.13.4 and earlier
 2024-08-06 13:52:10 +01:00
Henry Mercer f03da13454 Exclude push-only unit tests job from required PR checks script 2024-08-05 20:38:18 +01:00