github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-01 19:30:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,358 Commits 342 Branches 541 Tags
7c5585e5cf078a7726d40d2fbea3e00a7e109faf
Commit Graph

780 Commits

Author SHA1 Message Date
Michael B. Gale e3200e331b Merge pull request #3563 from github/mbg/private-registry/oidc 
Accept OIDC configurations in `start-proxy`
 2026-03-13 11:58:36 +00:00
Michael B. Gale ea703668e0 Avoid bundling package.json 
- `package.json` is bundled by `esbuild` because we depend on it in `actions-util.ts`
- That is so we can access the `version` property
- We now use `build.mjs` to define a constant for it instead
- We also set this constant in `ava.setup.mjs` for tests
- This reduces the size of the generated `.js` files and avoids changing them entirely in some cases
 2026-03-12 18:55:03 +00:00
Henry Mercer 1dbebad653 Merge pull request #3566 from github/dependabot/npm_and_yarn/npm-minor-aebc49e072 
Bump the npm-minor group with 2 updates
 2026-03-11 20:49:27 +00:00
github-actions[bot] 0d0df94d93 Rebuild 2026-03-11 19:51:54 +00:00
github-actions[bot] 373dec9f22 Rebuild 2026-03-11 19:51:53 +00:00
Henry Mercer d74701caa1 Drive-by cleanup: Always use --cache-cleanup 2026-03-11 19:31:03 +00:00
Henry Mercer b04e63ffdf Enablement: Move TRAP caching check after overlay 2026-03-11 19:21:17 +00:00
Henry Mercer b0f877255d Add FF for disabling TRAP caching when overlay enabled 2026-03-11 18:44:41 +00:00
Michael B. Gale 6c99ca514e Merge remote-tracking branch 'origin/main' into mbg/private-registry/oidc 2026-03-11 16:15:07 +00:00
Henry Mercer 997acaf7eb Merge pull request #3562 from github/henrymercer/skip-file-coverage-rollout 
Prepare for rolling out skipping computing file coverage information on PRs
 2026-03-11 11:33:21 +00:00
Henry Mercer 2e7e91fd63 Merge pull request #3550 from github/sam-robson/overlay-per-lang-min-bundle-version 
feat: add minimumVersion values for language overlay flags
 2026-03-11 10:28:14 +00:00
Henry Mercer a63886bff5 Refactor: Extract separate function for uploadBundledDatabase 2026-03-10 16:36:02 +00:00
Michael B. Gale 048d0ea295 Address review comments 2026-03-10 15:54:58 +00:00
Henry Mercer ee5ede79f7 Address review comments 2026-03-10 15:51:28 +00:00
Henry Mercer 55a0f2b2aa Add environment variable override 2026-03-10 15:41:40 +00:00
Henry Mercer 13c548978d Fix retries when uploading databases 2026-03-10 12:34:18 +00:00
Henry Mercer ce321daddb Merge branch 'main' into henrymercer/skip-file-coverage-rollout 2026-03-10 11:46:08 +00:00
Sam Robson 8bddab0644 Merge branch 'main' into sam-robson/overlay-per-lang-min-bundle-version 2026-03-09 20:23:29 +00:00
Michael B. Gale 0ad7d7be2f Merge pull request #3560 from github/henrymercer/ghes-3.13-cleanup 
Clean up pre GHES 3.14 code paths
 2026-03-09 18:00:31 +00:00
Henry Mercer 9e8c05933f Add ability to override via repository property 2026-03-09 17:08:13 +00:00
Henry Mercer c102a6d8cd Require tools feature flag 
And now that we have this, drop the restriction to `github` org.
 2026-03-09 17:07:10 +00:00
Sam Robson 867f2b0e0a test: verify overlay analysis is disabled for languages without per-language feature flags 2026-03-09 16:46:38 +00:00
Sam Robson e04697664c feat: add minimumVersion values for existing language-specific overlay feature flags 2026-03-09 16:45:20 +00:00
Henry Mercer ab180c9eeb Clean up pre GHES 3.14 code paths 2026-03-09 16:35:29 +00:00
Henry Mercer b35c0d37b1 Clean up repository properties feature flag 2026-03-09 16:15:04 +00:00
Sam Robson 9082319f5c Merge branch 'main' into kaspersv/move-diff-range-absolute-path-conversion 2026-03-06 15:03:13 +00:00
Sam Robson cdafc35ccb refactor: pass checkoutPath as param to writeDiffRangeDataExtensionPack 2026-03-06 10:12:08 +00:00
Sam Robson c10020e6a8 Merge remote-tracking branch 'origin/main' into kaspersv/move-diff-range-absolute-path-conversion 
* origin/main: (32 commits)
  Add changelog note
  Update default bundle to codeql-bundle-v2.24.3
  Bump tar from 7.5.7 to 7.5.10
  Rebuild
  Rebuild
  Bump actions/upload-artifact from 6 to 7 in /.github/workflows
  Bump actions/download-artifact from 7 to 8 in /.github/workflows
  Bump the npm-minor group with 2 updates
  Fix some tests that should be serial
  Update method naming and JSDoc
  Rename to `EnabledOverlayConfig`
  Address review comments
  Use `Result`s for enablement return types
  Add disabled by env var disablement reason
  Rename to `usesDefaultQueriesOnly`
  Update `NonDefaultQueries` documentation
  Refactor `getOverlayDatabaseMode` and add new disablement reason
  Address review comments
  Add JSDoc
  Sort `OverlayDisabledReason` enum
  ...
 2026-03-06 09:10:13 +00:00
github-actions[bot] 0ccdcb8c0a Rebuild 2026-03-05 19:44:36 +00:00
Sam Robson b2de4934cf refactor: pass checkoutPath as param and fix docs for relative path semantics 2026-03-05 18:09:06 +00:00
github-actions[bot] f2669dd916 Update default bundle to codeql-bundle-v2.24.3 2026-03-05 15:34:19 +00:00
github-actions[bot] 77f9a86c60 Rebuild 2026-03-05 13:19:28 +00:00
Sam Robson 1443f5865e chore: merge main into kaspersv/move-diff-range-absolute-path-conversion 2026-03-05 11:38:11 +00:00
Henry Mercer 8e17ec94b4 Merge branch 'main' into henrymercer/parallel-unit-tests 2026-03-04 13:25:01 +01:00
Michael B. Gale d1ac77f26d Merge pull request #3527 from github/mbg/start-proxy/remove-unused 
Remove unused registry types from `LANGUAGE_TO_REGISTRY_TYPE`
 2026-03-04 11:48:08 +00:00
Henry Mercer 675af55c60 Run some unit tests in parallel 2026-03-04 12:40:22 +01:00
Michael B. Gale 9bf973324f Merge pull request #3528 from github/mbg/refactor/sarif 
Refactor SARIF-related types and functions into a separate module
 2026-03-03 12:10:30 +00:00
Michael B. Gale 6d060bbaa1 Return Partial<Log> from readSarifFile 
Our previous definition had `tools` as a mandatory field, so this
also makes some changes to deal with the case where that may
be `undefined` by treating it as equivalent to `[]`.
 2026-03-03 11:34:01 +00:00
Michael B. Gale 28b449d8c7 Improve version handling in combineSarifFiles 2026-03-03 11:18:47 +00:00
Michael B. Gale 1721ce7afd Address minor review comments 2026-03-03 11:05:37 +00:00
Michael B. Gale b43d146e37 Do not alias types 2026-03-02 20:47:19 +00:00
Michael B. Gale 9a31859f78 Use @types/sarif 2026-03-02 18:04:11 +00:00
github-actions[bot] 6059d3ceb5 Rebuild 2026-03-02 11:35:32 +00:00
Michael B. Gale 8a1cd7656d Put change behind a FF 2026-03-01 15:07:47 +00:00
Michael B. Gale 40aec383a1 Move more SARIF helpers to sarif module 2026-03-01 14:22:49 +00:00
Michael B. Gale 2fce45b8e6 Add wrapper around JSON.parse to sarif module 2026-03-01 14:10:25 +00:00
Michael B. Gale d7cfd19fb8 Move SARIF types out of util.ts 2026-03-01 13:42:46 +00:00
Henry Mercer 6704d80ac6 Merge pull request #3520 from github/dependabot/npm_and_yarn/fast-xml-parser-5.4.1 
Bump fast-xml-parser from 5.3.6 to 5.4.1
 2026-02-27 13:57:12 +00:00
Henry Mercer 76348c0f12 Merge pull request #3521 from github/dependabot/npm_and_yarn/minimatch-3.1.5 
Bump minimatch from 3.1.3 to 3.1.5
 2026-02-27 13:57:06 +00:00
Henry Mercer 8ab0431fc3 Merge pull request #3514 from github/dependabot/npm_and_yarn/globals-17.3.0 
Bump globals from 16.5.0 to 17.3.0
 2026-02-27 13:28:04 +00:00