github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-20 13:58:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,535 Commits 342 Branches 538 Tags
8c69433c34fe91b0644d83e6f14bb77eb3e46812
Commit Graph

2345 Commits

Author SHA1 Message Date
Paolo Tranquilli 9856c48b1a Merge pull request #2773 from github/redsun82/rust 
Support rust analysis
 2025-02-20 18:03:30 +01:00
Paolo Tranquilli 9572e09da4 Rust: fix log string 2025-02-20 17:38:35 +01:00
Paolo Tranquilli 1a529366ac Rust: special case default setup 2025-02-20 17:38:02 +01:00
Paolo Tranquilli cfedae723e Rust: throw configuration errors if requested and not correctly enabled 2025-02-20 11:49:32 +01:00
Paolo Tranquilli 3971ed2a74 Merge branch 'main' into redsun82/rust 2025-02-20 08:13:54 +01:00
Henry Mercer 67e48c1eaf Merge branch 'main' into update-bundle/codeql-bundle-v2.20.5 2025-02-19 18:38:45 +00:00
Chuan-kai Lin dbbcbe019d Merge pull request #2765 from github/cklin/alert-diff-filtering 
Perform consistent diff-informed alert filtering in the action
 2025-02-19 10:15:01 -08:00
Paolo Tranquilli a7b17782a9 Support rust analysis 
This is supposed to enable rust analysis for the staff ship only.
 2025-02-19 15:56:52 +01:00
Chuan-kai Lin dae1626680 Filter alerts by pr-diff-range JSON file 2025-02-19 06:26:11 -08:00
github-actions[bot] 6b1da0d33e Update default bundle to codeql-bundle-v2.20.5 2025-02-18 12:37:20 +00:00
Henry Mercer 906452d251 Merge branch 'main' into revert-2767-cklin/prefer-gtar 2025-02-18 10:47:19 +00:00
Henry Mercer 65a3aa1fbc Revert "Prefer gtar if available" 2025-02-18 10:38:41 +00:00
Chris Smowton 2be5f244ff Pass --ignore-zeros to tar when decompressing zstd-compressed tarballs 
See comment in the diff for full explanation.
 2025-02-17 17:04:36 +00:00
Chuan-kai Lin 61c77a48ff Prefer gtar if available 2025-02-14 13:34:30 -08:00
Chuan-kai Lin 4267fa66a2 getTarVersion(): add programName parameter 
This commit changes getTarVersion() so that it receives the name of the
tar program from the caller instead of using the hardcoded string "tar".
 2025-02-14 13:24:19 -08:00
Chuan-kai Lin c4a8587f45 Add TarVersion.name field 
This refactoring commit records the name of the tar program in the new
TarVersion.name field and makes extractTarZst() use the new field
instead of the hardcoded name "tar". Code behavior remains unchanged
because currently TarVersion.name is always "tar".

This is the first step toward supporting a tar program under a different
executable name.
 2025-02-14 12:08:07 -08:00
Chuan-kai Lin 77bc2a595e Write pr-diff-range JSON file 2025-02-14 08:50:52 -08:00
Henry Mercer 3df6d20d31 Improve logs for combined SARIF debug artifact 
Don't start a "Uploading combined SARIF debug artifact" log group if we aren't going to do the upload.
 2025-02-12 16:27:40 +00:00
github-actions[bot] 52189d23af Update default bundle to codeql-bundle-v2.20.4 2025-02-04 11:22:50 +00:00
Henry Mercer cf7c687919 Send init-post status report in absence of config 2025-02-03 19:46:23 +00:00
Ian Lynagh 5a61bf07fa Kotlin: The 2.20.3 release supports Kotlin 2.1.10. 2025-01-29 13:08:49 +00:00
Marco Gario f98f14dd82 Unset proxy env 2025-01-29 11:04:28 +00:00
Marco Gario 7fdc1b8d67 Revert "start-proxy: Skip proxy setup if no credentials are available" 2025-01-29 09:33:23 +01:00
Marco Gario 76622e7fee Merge branch 'main' into marcogario/skip_proxy 2025-01-28 19:49:45 +00:00
Marco Gario e2f043dee4 Remove unusued proxy_password input 2025-01-27 20:10:59 +00:00
Marco Gario 8aa028b476 Merge branch 'main' into marcogario/skip_proxy 2025-01-27 20:24:32 +01:00
Andrew Eisenberg b494190443 Merge pull request #2726 from github/aeisenberg/reenable-artifact-upload 
Ensure artifacts are only uploaded in safe situations
 2025-01-27 11:10:46 -08:00
Andrew Eisenberg a879704805 Clarify test fail;ure message 2025-01-27 10:51:01 -08:00
Andrew Eisenberg 62c322fad9 Add better comments around artifact upload tests 2025-01-27 10:18:03 -08:00
Marco Gario 7c2eafa990 Use ConfigureationError for exceptions 2025-01-27 10:09:07 +00:00
Andrew Eisenberg f71067bd5f Stop using feature-flag support for determining if a feature is active 
Using the feature flag mechanism for checking if uploads are enabled was
too clunky. I'm moving the change to checking versions directly.
 2025-01-26 13:42:15 -08:00
Andrew Eisenberg 2bab9f7984 Ensure artifacts are only uploaded in safe situations 
This commit:

Turns on uploading of artifacts again but only if CLI version is
>= 2.20.3. I implemented the check using our feature flag functionality.
I was on the fence about this since it makes the PR more complex.
However, it does give us more flexibility when controlling artifact
uploads.

Also, I renamed the two workflows that were previously disabled. This
way we will not accidentally enable the old workflows for previous
versions of the action.
 2025-01-25 15:31:35 -08:00
Marco Gario 7d7758bb24 Skip proxy if no credentials 2025-01-24 21:46:40 +00:00
Marco Gario f6d19ed42e Formatting 2025-01-24 20:27:36 +00:00
Marco Gario ecf723239a Sanitize inputs 2025-01-24 20:20:10 +00:00
Marco Gario 51bb5eb99a Fix bug in getCredentials + tests 2025-01-24 16:39:47 +00:00
github-actions[bot] 208091da0a Update default bundle to codeql-bundle-v2.20.3 2025-01-23 22:15:14 +00:00
Angela P Wen 519de26711 Temporarily disable uploading debug artifacts 2025-01-22 10:35:38 -08:00
Henry Mercer 3505f8142a Merge branch 'main' into henrymercer/fix-extension-assumption 2025-01-22 14:52:26 +00:00
Henry Mercer d23f49f56f Fix assumption that download URLs contain file extension 
This is not the case when downloading the bundle from a GitHub Release synced to GHES with the CodeQL Action sync tool.
 2025-01-22 13:02:45 +00:00
github-actions[bot] aa76523503 Update default bundle to codeql-bundle-v2.20.2 2025-01-21 14:20:11 +00:00
Chuan-kai Lin 071996fbe2 getDiffRanges: better fallback for absent patch 2025-01-16 09:26:22 -08:00
Chuan-kai Lin 5889cfd499 Add analysis_is_diff_informed to status report 2025-01-16 08:50:23 -08:00
Henry Mercer 40a203a0ea Remove redundant version checks 
Remove version checks that always return true given the new minimum version of CodeQL.
 2025-01-15 18:02:25 +00:00
Henry Mercer 4de061d85d Merge branch 'main' into dependabot/npm_and_yarn/npm-006da05bd8 2025-01-15 17:30:02 +00:00
Henry Mercer 02dfacf1c1 Fix linting errors 2025-01-15 13:57:55 +00:00
Marco Gario 3b4f4d94c0 Merge pull request #2680 from github/marcogario/filter_registries 
Filter registry credentials by language
 2025-01-15 11:34:00 +01:00
Chuan-kai Lin 1efc6bb9ce Merge pull request #2679 from github/cklin/get-diff-from-api 
getPullRequestEditedDiffRanges: use GitHub API
 2025-01-14 07:10:58 -08:00
Marco Gario 31d11b19a0 Use Language type 2025-01-14 14:29:26 +00:00
Chuan-kai Lin 3548ff54b5 writeDiffRangeDataExtensionPack: escape special characters in filenames 2025-01-13 14:28:56 -08:00