cf1855ae37
Fix workflow to update dependencies
...
Port over the fix from
https://github.com/github/codeql-action/pull/1544
and share code so these scripts don't get out of sync again.
2023-02-24 20:25:21 +00:00
41f1810e52
Clean the npm cache before running install
2023-02-17 09:54:53 -08:00
bbe8d375fd
Ensure qlconfig file is created when config parsing in cli is on
...
Previously, with the config parsing in the cli feature flag turned on,
the CLI was not able to download packs from other registries. This PR
adds the codeql-action changes required for this. The CLI changes will
be in a separate, internal PR.
2023-02-07 10:40:56 -08:00
d966969093
Remove $ from version number
2023-01-26 15:22:33 +00:00
824a20f6aa
Merge pull request #1507 from github/henrymercer/swift-autobuild-timeout
...
Limit Swift autobuild runtime in PR check to 10 minutes
2023-01-23 20:16:40 +00:00
fa47d5ade1
Merge pull request #1505 from github/henrymercer/more-node-12-cleanup
...
More cleanup as a result of dropping Node 12
2023-01-23 20:11:32 +00:00
5da183dcc2
Bump npm to v9.2.0
...
npm v9.3.0 is out, but seems to have a bug with `npm ci` on macOS
where it will complain that `node_modules/.bin` is a directory.
We specify an exact version for reproducibility of builds.
2023-01-23 19:15:21 +00:00
b873a18a2f
Limit Swift autobuild runtime to 10 minutes
...
There's a known issue that causes the Swift autobuilder to hang. By
setting a timeout, we'll fail earlier and we can rerun the check
earlier.
2023-01-23 19:12:27 +00:00
90bbfad4eb
Fail prepare-test early when gh release list fails
2023-01-23 18:50:59 +00:00
64580b3179
Update workflow name to reflect Windows tests
2023-01-23 13:01:27 +00:00
e05bd5a671
Use CodeQL path from init Action in Windows Python deps PR checks
2023-01-23 13:01:11 +00:00
d5dcff5766
Remove Node 12 compatibility check
2023-01-18 21:07:41 +00:00
40a75182e7
Merge pull request #1483 from github/henrymercer/remove-v1-checks
...
Remove PR checks for v1
2023-01-18 19:27:56 +00:00
e530813ab8
Remove PR checks for v1
2023-01-16 18:49:32 +00:00
5fe1a9b8af
Update mergeback workflow
2023-01-16 18:41:03 +00:00
ba674fb1af
Update release workflow
2023-01-16 18:37:43 +00:00
e0b20eea50
Migrate release script to template strings
2023-01-16 18:15:29 +00:00
218d40db4c
Remove v1 only parts of release script
2023-01-16 18:09:01 +00:00
80b12d6f73
Ensure we don't unset CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN
2023-01-10 17:42:24 +00:00
620a267204
Temporarily disable Kotlin analysis in PR checks
...
Kotlin analysis is incompatible with Kotlin 1.8.0, which is now rolling
out to the Actions runner images.
While we work on a more permanent fix to our PR checks, this will
prevent us losing other
test coverage.
2023-01-10 17:31:35 +00:00
f837e8e761
Code scanning: Add step titles to workflow
2023-01-03 13:00:12 -08:00
ef21864950
Code scanning: Add scheduled trigger to workflow
...
Ensure we are regularly running code scanning using
the latest CodeQL and remain up to date with the
internal security scorecard, even if we have a period
longer than a week with no pushes to the repo.
2023-01-03 12:59:13 -08:00
e4818d46c4
Remove tests with old certifi dependency
2022-12-20 10:30:38 +00:00
4778dfbd93
Set up the Swift version the extractor declares ( #1422 )
...
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com >
2022-12-19 13:08:15 -08:00
4a5ad5af18
update-required-checks.sh: ignore check-expected-release-files
2022-12-07 14:27:32 -08:00
19f867a052
Merge branch 'main' into cklin/fix-update-required-checks-sha
2022-12-07 10:37:25 -08:00
8bebf77dbd
update-required-checks.sh: fix argument handling
2022-12-07 10:12:01 -08:00
fb74504ab5
Disable nightly-latest checks for Swift
2022-12-07 17:59:30 +00:00
1653364141
Merge pull request #1414 from github/dependabot/github_actions/peter-evans/create-pull-request-4.2.3
...
Bump peter-evans/create-pull-request from 3.4.1 to 4.2.3
2022-12-05 11:02:42 +00:00
61cc378b7f
Bump swift-actions/setup-swift from 1.19.0 to 1.20.0 ( #1415 )
...
* Bump swift-actions/setup-swift from 1.19.0 to 1.20.0
Bumps [swift-actions/setup-swift](https://github.com/swift-actions/setup-swift ) from 1.19.0 to 1.20.0.
- [Release notes](https://github.com/swift-actions/setup-swift/releases )
- [Commits](https://github.com/swift-actions/setup-swift/compare/5cdaa9161ad1f55ae39a5ea1784ef96de72f95d9...194625b58a582570f61cc707c3b558086c26b723 )
---
updated-dependencies:
- dependency-name: swift-actions/setup-swift
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* Update setup-swift SHA in non-autogenerated files
* Specify v5.7.0 instead of 5.7
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com >
2022-12-05 10:54:03 +01:00
7aa5026a55
Bump actions/setup-python from 3 to 4 ( #1416 )
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 08:20:36 +01:00
c80f00a5c9
Bump peter-evans/create-pull-request from 3.4.1 to 4.2.3
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 3.4.1 to 4.2.3.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](https://github.com/peter-evans/create-pull-request/compare/c7f493a8000b8aeb17a1332e326ba76b57cb83eb...2b011faafdcbc9ceb11414d64d0573f37c774b04 )
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-12-02 19:29:01 +00:00
794a4b543a
Switch to weekly interval for both ecosystems
2022-12-02 18:42:33 +00:00
ee6ba9c213
Reformat
2022-12-02 17:53:16 +00:00
81f99a8582
Remove outdated section for runner and perform all updates daily
2022-12-02 17:52:46 +00:00
4b18b7bc24
Update Dependabot config file
2022-12-02 11:45:26 -06:00
77cda4d75d
Add testing environment to submit SARIF after failure PR check
2022-11-30 11:32:36 +00:00
24fd4c0f4e
Generate the "Submit SARIF after failure" workflow
2022-11-25 18:18:13 +00:00
122b180b66
Add an integration test for uploading SARIF when the run fails
2022-11-25 17:54:22 +00:00
3afc2b194c
Add feature flag for uploading failed SARIF
2022-11-25 17:49:03 +00:00
4d4e25083a
Use a matrix in testing workflow
2022-11-25 17:47:21 +00:00
44ae944a29
Add a workflow to test reporting a failed run
2022-11-25 17:47:21 +00:00
909c8687d5
Test Linux against Swift 5.7
...
Currently only macOS supports 5.7.1
2022-11-23 21:21:50 +00:00
ce90479412
Test latest and nightly-latest against Swift 5.7.1
2022-11-23 20:17:20 +00:00
34d91a9ce7
Use runner.os in ML-powered queries tests too
2022-11-22 20:45:26 +00:00
c49c05b5df
Perform the check using runner.os
2022-11-22 20:41:32 +00:00
2ccaddd459
Define swift-version as a string
2022-11-22 20:33:22 +00:00
5dcca8a6e4
Pin the version of swift-actions/setup-swift@v1
2022-11-22 20:13:49 +00:00
b6e17a6616
Drop unneeded CODEQL_ENABLE_EXPERIMENTAL_FEATURES env var
2022-11-22 11:31:22 +00:00
e9e73b0cb9
Use Swift version 5.7 in PR checks
...
The version installed in the latest runner image, 5.7.1, is not yet
supported.
2022-11-22 11:30:27 +00:00
Henry Mercer
Andrew Eisenberg
Henry Mercer
Aditya Sharad
Angela P Wen
Chuan-kai Lin
dependabot[bot]
Sentinel Reviewer