github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-02 11:50:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,988 Commits 342 Branches 541 Tags
c3bbcab41bcb2043395df66bc418c1dce591921e
Commit Graph

2533 Commits

Author SHA1 Message Date
Chris Smowton 2be5f244ff Pass --ignore-zeros to tar when decompressing zstd-compressed tarballs 
See comment in the diff for full explanation.
 2025-02-17 17:04:36 +00:00
Chuan-kai Lin 61c77a48ff Prefer gtar if available 2025-02-14 13:34:30 -08:00
Chuan-kai Lin 4267fa66a2 getTarVersion(): add programName parameter 
This commit changes getTarVersion() so that it receives the name of the
tar program from the caller instead of using the hardcoded string "tar".
 2025-02-14 13:24:19 -08:00
Chuan-kai Lin c4a8587f45 Add TarVersion.name field 
This refactoring commit records the name of the tar program in the new
TarVersion.name field and makes extractTarZst() use the new field
instead of the hardcoded name "tar". Code behavior remains unchanged
because currently TarVersion.name is always "tar".

This is the first step toward supporting a tar program under a different
executable name.
 2025-02-14 12:08:07 -08:00
Chuan-kai Lin 77bc2a595e Write pr-diff-range JSON file 2025-02-14 08:50:52 -08:00
Henry Mercer 3df6d20d31 Improve logs for combined SARIF debug artifact 
Don't start a "Uploading combined SARIF debug artifact" log group if we aren't going to do the upload.
 2025-02-12 16:27:40 +00:00
github-actions[bot] 52189d23af Update default bundle to codeql-bundle-v2.20.4 2025-02-04 11:22:50 +00:00
Henry Mercer cf7c687919 Send init-post status report in absence of config 2025-02-03 19:46:23 +00:00
Ian Lynagh 5a61bf07fa Kotlin: The 2.20.3 release supports Kotlin 2.1.10. 2025-01-29 13:08:49 +00:00
Marco Gario f98f14dd82 Unset proxy env 2025-01-29 11:04:28 +00:00
Marco Gario 7fdc1b8d67 Revert "start-proxy: Skip proxy setup if no credentials are available" 2025-01-29 09:33:23 +01:00
Marco Gario 76622e7fee Merge branch 'main' into marcogario/skip_proxy 2025-01-28 19:49:45 +00:00
Marco Gario e2f043dee4 Remove unusued proxy_password input 2025-01-27 20:10:59 +00:00
Marco Gario 8aa028b476 Merge branch 'main' into marcogario/skip_proxy 2025-01-27 20:24:32 +01:00
Andrew Eisenberg b494190443 Merge pull request #2726 from github/aeisenberg/reenable-artifact-upload 
Ensure artifacts are only uploaded in safe situations
 2025-01-27 11:10:46 -08:00
Andrew Eisenberg a879704805 Clarify test fail;ure message 2025-01-27 10:51:01 -08:00
Andrew Eisenberg 62c322fad9 Add better comments around artifact upload tests 2025-01-27 10:18:03 -08:00
Marco Gario 7c2eafa990 Use ConfigureationError for exceptions 2025-01-27 10:09:07 +00:00
Andrew Eisenberg f71067bd5f Stop using feature-flag support for determining if a feature is active 
Using the feature flag mechanism for checking if uploads are enabled was
too clunky. I'm moving the change to checking versions directly.
 2025-01-26 13:42:15 -08:00
Andrew Eisenberg 2bab9f7984 Ensure artifacts are only uploaded in safe situations 
This commit:

Turns on uploading of artifacts again but only if CLI version is
>= 2.20.3. I implemented the check using our feature flag functionality.
I was on the fence about this since it makes the PR more complex.
However, it does give us more flexibility when controlling artifact
uploads.

Also, I renamed the two workflows that were previously disabled. This
way we will not accidentally enable the old workflows for previous
versions of the action.
 2025-01-25 15:31:35 -08:00
Marco Gario 7d7758bb24 Skip proxy if no credentials 2025-01-24 21:46:40 +00:00
Marco Gario f6d19ed42e Formatting 2025-01-24 20:27:36 +00:00
Marco Gario ecf723239a Sanitize inputs 2025-01-24 20:20:10 +00:00
Marco Gario 51bb5eb99a Fix bug in getCredentials + tests 2025-01-24 16:39:47 +00:00
github-actions[bot] 208091da0a Update default bundle to codeql-bundle-v2.20.3 2025-01-23 22:15:14 +00:00
Angela P Wen 519de26711 Temporarily disable uploading debug artifacts 2025-01-22 10:35:38 -08:00
Henry Mercer 3505f8142a Merge branch 'main' into henrymercer/fix-extension-assumption 2025-01-22 14:52:26 +00:00
Henry Mercer d23f49f56f Fix assumption that download URLs contain file extension 
This is not the case when downloading the bundle from a GitHub Release synced to GHES with the CodeQL Action sync tool.
 2025-01-22 13:02:45 +00:00
github-actions[bot] aa76523503 Update default bundle to codeql-bundle-v2.20.2 2025-01-21 14:20:11 +00:00
Chuan-kai Lin 071996fbe2 getDiffRanges: better fallback for absent patch 2025-01-16 09:26:22 -08:00
Chuan-kai Lin 5889cfd499 Add analysis_is_diff_informed to status report 2025-01-16 08:50:23 -08:00
Henry Mercer 40a203a0ea Remove redundant version checks 
Remove version checks that always return true given the new minimum version of CodeQL.
 2025-01-15 18:02:25 +00:00
Henry Mercer 4de061d85d Merge branch 'main' into dependabot/npm_and_yarn/npm-006da05bd8 2025-01-15 17:30:02 +00:00
Henry Mercer 02dfacf1c1 Fix linting errors 2025-01-15 13:57:55 +00:00
Marco Gario 3b4f4d94c0 Merge pull request #2680 from github/marcogario/filter_registries 
Filter registry credentials by language
 2025-01-15 11:34:00 +01:00
Chuan-kai Lin 1efc6bb9ce Merge pull request #2679 from github/cklin/get-diff-from-api 
getPullRequestEditedDiffRanges: use GitHub API
 2025-01-14 07:10:58 -08:00
Marco Gario 31d11b19a0 Use Language type 2025-01-14 14:29:26 +00:00
Chuan-kai Lin 3548ff54b5 writeDiffRangeDataExtensionPack: escape special characters in filenames 2025-01-13 14:28:56 -08:00
Chuan-kai Lin 52315a9f7d setupDiffInformedQueryRun: log setup failure 2025-01-13 14:28:56 -08:00
Chuan-kai Lin 784896750f getDiffRanges: add unit tests 2025-01-13 14:28:56 -08:00
Chuan-kai Lin d4c56bbb31 getDiffRanges: improve handling for missing patch 2025-01-13 14:28:56 -08:00
Chuan-kai Lin 63d1f4f8a2 getPullRequestEditedDiffRanges: check the number of changed files 2025-01-13 14:28:56 -08:00
Chuan-kai Lin 68b1b4e9eb getPullRequestEditedDiffRanges: compute diff ranges 2025-01-13 14:28:54 -08:00
Marco Gario de0f9cf316 Support both namings for java 2025-01-13 16:15:26 +00:00
Chuan-kai Lin 68378a359a getPullRequestEditedDiffRanges: use GitHub API 2025-01-13 07:35:44 -08:00
Marco Gario e02d65ac18 Filter registry credentials by language 2025-01-13 10:52:07 +00:00
Henry Mercer fe593c34e6 Mark invalid external repo specifiers as configuration error 
This is a workaround — the proper fix is to better separate out user input vs the Action in `database init` so we can better attribute configuration errors.
 2025-01-10 20:41:24 +00:00
Henry Mercer 87fc816d25 Merge pull request #2669 from github/update-supported-enterprise-server-versions 
Update supported GitHub Enterprise Server versions
 2025-01-10 19:24:40 +00:00
Angela P Wen 4df151edec Merge branch 'main' into angelapwen/deprecate-action-v2 2025-01-10 08:54:32 -08:00
Angela P Wen 8d2753b250 Add public changelog blog post link 2025-01-10 08:52:16 -08:00