github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-02 03:40:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,806 Commits 342 Branches 541 Tags
f31a31c052207cc13b328d6295c5b728bb49568c
Commit Graph

1385 Commits

Author SHA1 Message Date
Angela P Wen 8b12d99ee5 Fix bug where run attempt was reported as run ID (#1661) 2023-04-27 18:05:34 +00:00
Angela P Wen da583b07a7 Add workload_run_attempt to analysis upload (#1658) 
* Refactor status report upload logic

Previously we had duplicated the logic to check `GITHUB_RUN_ID`. We now call the `getWorkflowRunID()` method for the status report upload method, and move the logic for the run attempt to `getWorkflowRunAttempt()`

* Add `workflow_run_attempt` to analysis payload

* Stop allowing `undefined` run IDs and attempts

Because we already throw an error if the ID or attempt aren't numbers, we don't have to allow `undefined` values into the payload.
 2023-04-26 02:13:27 +00:00
Angela P Wen a9648ea7c6 Throw full error for CLI bundle download (#1657) 2023-04-24 07:46:45 -07:00
Henry Mercer b8cc643a23 Merge branch 'main' into cklin/codeql-cli-2.13.0 2023-04-20 11:23:25 +01:00
Henry Mercer 66f62df188 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-19 15:56:42 +01:00
Chuan-kai Lin 7867d03591 Update default CodeQL bundle version to 2.13.0 2023-04-14 15:28:21 -07:00
Henry Mercer 599f4927f2 Allow passing the workflow via an environment variable 2023-04-12 14:14:43 +01:00
Henry Mercer 8a093aa1a5 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-11 12:25:45 +01:00
Angela P Wen 98f7bbd610 Add workflow_run_attempt data to status report (#1640) 2023-04-10 20:02:23 +00:00
Henry Mercer 69371ffa95 Merge branch 'main' into henrymercer/fix-init-exception-reporting 2023-04-06 17:05:02 +01:00
Henry Mercer e5c2f32a9f Consistently wrap errors 2023-04-06 17:04:21 +01:00
Henry Mercer 555b602b2f Report exceptions to telemetry in init Action 2023-04-06 15:08:48 +01:00
Henry Mercer 7193623f40 Re-enable duplicate SARIF notification location workaround 2023-04-06 14:48:04 +01:00
Henry Mercer f7a67e4341 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-05 18:39:27 +01:00
Henry Mercer 66aeadb4c9 Merge pull request #1631 from github/henrymercer/duplicate-diagnostics-fixed-in-cli 
Skip the SARIF notification object workaround for CLIs that have fixed this bug
 2023-04-05 10:46:12 +01:00
Andrew Eisenberg 2754e10472 Move to the codeql-testing org 
Refer to the packages in codeql-testing, not in dsp-testing.
 2023-04-04 13:39:56 -07:00
Henry Mercer 3bba073180 Skip the SARIF notification object workaround for fixed CLIs 2023-04-04 18:19:05 +01:00
Alexander Eyers-Taylor 9c869ebf0d Update default CodeQL bundle version to 2.12.6 2023-04-04 16:01:04 +01:00
Henry Mercer 69aec345f1 Pass negative SARIF include diagnostics flag when feature is disabled 
In preparation for enabling this flag by default in the CLI
 2023-03-29 18:56:19 +01:00
Henry Mercer 29a4713933 Enable diagnostics functionality on GHES 2023-03-29 18:45:27 +01:00
Robin Neatherway f6e4cff38a Remove checks for triggering on specific paths 
These are no longer necessary with the new approach to selecting
alerts to show on pull requests.
 2023-03-29 11:02:16 +02:00
Henry Mercer d8fe76e161 Delete legacy tracing 2023-03-28 18:53:43 +01:00
Henry Mercer 4772c1d99f Bump minimum version to 2.8.5 2023-03-28 17:24:45 +01:00
Henry Mercer 57eca7cbb2 Use Array.isArray 2023-03-27 15:59:29 +01:00
Henry Mercer 1e7a38893c Wrap reading and writing SARIF files 2023-03-27 15:44:47 +01:00
Henry Mercer c8935d5a9d Remove duplicate locations from failed run SARIF 2023-03-24 20:30:57 +00:00
Henry Mercer ade432fd68 Remove duplicate locations from output of database interpret-results 2023-03-24 20:30:57 +00:00
Henry Mercer 6f852eeb38 Implement removing duplicate locations from a SARIF file 2023-03-24 20:30:57 +00:00
Angela P Wen a21bb7f968 Update upload input values and logic (#1598) 
- The `upload` input to the `analyze` Action now accepts the following values:
    - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

---------

Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-23 17:23:25 +00:00
Charis Kyriakou 94cc1dea00 Add override for code scanning analysis of default branch 2023-03-23 13:31:00 +00:00
Henry Mercer 066b6343ef Merge pull request #1599 from github/update-supported-enterprise-server-versions 
Update supported GitHub Enterprise Server versions.
 2023-03-22 18:26:37 +00:00
Robin Neatherway 3ca2260643 Account for versioning of ghe.com 2023-03-22 16:47:23 +00:00
GitHub 5f20b2c372 Update supported GitHub Enterprise Server versions. 2023-03-22 00:10:22 +00:00
Henry Mercer 86128131fa Merge branch 'main' into henrymercer/bundle-2.12.5 2023-03-21 12:18:07 +00:00
Henry Mercer ebbe965b43 Merge pull request #1588 from github/update-supported-enterprise-server-versions 
Update supported GitHub Enterprise Server versions.
 2023-03-21 00:04:32 +00:00
Angela P Wen 3cbd063679 Upload per-database diagnostic SARIFs on green and red runs (#1556) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-20 21:09:04 +00:00
GitHub 978bc50f9b Update supported GitHub Enterprise Server versions. 2023-03-18 00:11:16 +00:00
Henry Mercer 98a90dcce7 Update default bundle version to 2.12.5 2023-03-17 13:42:17 +00:00
Henry Mercer 65f42e3768 Inline minimum version number to avoid circular dependency 2023-03-14 21:04:34 +00:00
Henry Mercer d9ceda3823 Add debug logging for feature flag enablement 2023-03-14 20:57:55 +00:00
Henry Mercer 53f80edaf6 Merge branch 'main' into henrymercer/diagnostics-code-scanning-config 2023-03-09 18:47:43 +00:00
Henry Mercer 485cc11a24 Rename featureEnablement to features 
This is more succinct and removes a few line breaks
 2023-03-09 16:46:51 +00:00
Henry Mercer fc1366f6ec Gate config export behind a feature flag 2023-03-09 16:44:45 +00:00
Dave Bartolomeo d47d4c8047 Merge branch 'main' into dbartol/bundle-2.12.4 2023-03-09 09:45:34 -05:00
Andrew Eisenberg 0c27d0da4a Add default values to feature flags 
This changes adds default values to feature flags. These default values
will be used whenever the full set of feature flags are not available
(for example on GHES or if the flag request fails).

The goal is to enable cli config parsing on GHES without removing the
feature flag on dotcom.
 2023-03-07 16:24:55 -08:00
Henry Mercer 4b1f530308 Export configuration information for green runs 2023-03-07 21:22:43 +00:00
Henry Mercer d98eadb536 Export configuration information for red runs 2023-03-07 21:21:47 +00:00
Henry Mercer c310f094dd Fix name of qlconfig file argument 2023-03-07 08:46:58 -08:00
Henry Mercer 4366485427 Avoid passing an undefined qlconfig arg 2023-03-07 08:46:57 -08:00
Henry Mercer 8340258886 Avoid writing user-config.yaml file while running tests 2023-03-07 08:46:57 -08:00