30681e79db
Separate paths with / in resolveUriToFile
2022-06-29 18:59:32 +01:00
c15604920a
Workaround PATH casing issues on Windows
2022-06-29 18:59:32 +01:00
4792297702
Fix test failures on Windows related to path separators
2022-06-29 18:59:32 +01:00
6fabde2be8
Add packs and queries from input
...
This commit adds the packs and queries from the actions input to the
config file used by the CodeQL CLI.
When the `+` is used, the actions input value is combined with the
config value and when it is not used, the input value overrides the
config value.
This commit also adds a bunch of integration tests for this feature.
In order to avoid adding too many new jobs, all of the tests are
run sequentially in a single job (matrixed across relevant operating
systems and OSes).
2022-06-28 14:07:51 -07:00
237260b693
Revert "Revert usage of --codescanning-config flag"
...
This reverts commit 43d066495c
2022-06-28 13:03:04 -07:00
41d6ac4d2a
Remove toolcache decorator
...
This decorator enabled us to use the functionality of the Actions
toolcache within the runner too.
Now that we've deleted the runner we no longer need it.
2022-06-28 18:22:09 +01:00
1616e0ef98
Simplify tests for the Lua tracer FF in analyze-action.
2022-06-28 10:29:00 +00:00
821fe9b476
Merge branch 'main' into criemen/lua-tracer-ff-2
2022-06-28 10:43:04 +02:00
2a70419420
Revert "Revert "Add capability to filter queries #1098 ""
...
This reverts commit 99d4397d88
2022-06-27 13:13:55 -07:00
ab7316e0c5
Implement unit tests for reading the Lua tracer FF in analyze-action.
2022-06-27 16:04:29 +00:00
f422a50448
Honor the Lua tracer FF for database trace-command invocations for scanned languages.
...
In theory, a scanned language will not setup the build tracer, and so
shouldn't care about lua versus legacy tracing. However, `go` is a
special case where the autobuilder runs under the build tracer, that
then gets disabled immediately again, unless a special environment
variable is used.
Therefore, we need to thread through the feature flag to this
`database trace-command` invocation. For other scanned languages,
this should be a no-op, as no tracing is ever set up.
2022-06-27 16:04:29 +00:00
ed40e306f5
Update default CodeQL version to 2.10.0
2022-06-27 09:01:12 -07:00
cae9a1f462
Run npm build
2022-06-27 16:40:40 +02:00
1653a84fbc
Allow scans with packs for languages not being scanned
...
Previously, we were being too strict about checking that a pack's
language was being scanned. It was a failure if a pack language
was specified for a language not being scanned.
2022-06-22 14:37:31 -07:00
99d4397d88
Revert "Add capability to filter queries #1098 "
...
https://github.com/github/codeql-action/pull/1098
This reverts commit 777b77840959ca9b59cbeec34d5f0540b280032c
2022-06-21 13:49:33 -07:00
99acb8dda6
Bump lua tracer version requirement.
...
The old version had a bug related to go autobuilding, so we only want to
respect the feature flag for the version that has the fix.
2022-06-20 14:05:26 +00:00
ccf5d70ab3
Update default CodeQL version to 2.9.4
2022-06-20 09:39:11 +01:00
80ecdcdf69
Merge pull request #1098 from github/aeisenberg/remove-queries
...
Add capability to filter queries
2022-06-15 17:52:46 -07:00
7c412c67ba
Merge branch 'aeisenberg/check-sarif-action' into aeisenberg/remove-queries
2022-06-16 02:42:30 +02:00
6db77eec0d
Merge remote-tracking branch 'upstream/main' into aeisenberg/remove-queries
2022-06-15 17:21:05 -07:00
97f9db4fb9
Update supported GitHub Enterprise Server versions.
2022-06-16 00:11:36 +00:00
a27dc4fee4
update security extended test for all platforms
2022-06-15 11:42:22 +01:00
a568674c69
add tests for ML powered queries 0.3.0 and CLI 2.9.3
2022-06-15 11:42:22 +01:00
f8f4c0b33e
compile the modified TypeScript to Javascript
2022-06-15 11:42:22 +01:00
06e27d3e3d
Merge branch 'aeisenberg/js-yaml-typings' into aeisenberg/remove-queries
2022-06-14 12:08:16 -07:00
40b280032c
Add capability to filter queries
...
This change adds a `query-filters` property to the codeql-config file.
This property is an array of `exclude`/`include` entries for a query
suite. These filters are appended to the generated query suite files
and used to filter queries after they are selected.
A related change is that now, all pack references are run in a single
query suite, which has the query filters appended to them.
2022-06-14 12:07:49 -07:00
0efcf74ce0
Add typings for js-yaml
2022-06-14 07:50:47 -07:00
f7c46e5cbc
Avoid use of rmdir
...
This is a deprecated method on node v16.
2022-06-13 22:40:09 +00:00
1b5ea4afdc
Merge branch 'main' into swift-support
2022-06-03 01:13:47 +01:00
b36688d5b7
Update default CodeQL to 2.9.3
2022-05-27 09:16:45 -07:00
bfe9d7da56
Add Swift as a supported language.
2022-05-27 16:29:13 +01:00
255ffd480f
Merge branch 'main' into criemen/lua-tracing-ff
2022-05-25 11:53:06 +02:00
4b775686a0
Choose the correct version to enable the Lua tracer for.
2022-05-25 07:39:11 +00:00
970e0879d9
Fix linter errors.
2022-05-16 09:40:10 +00:00
db50adab01
Add tests for the Lua feature flag.
2022-05-16 09:16:41 +00:00
9e9a8428c3
Introduce a feature-flag to enable/disable lua-based tracing.
...
This allows us to gradually roll out (or even roll back)
Lua-based tracing in case problems occur.
2022-05-16 09:16:38 +00:00
1725087693
Update default CodeQL to 2.9.2
2022-05-16 09:40:19 +01:00
54b4854fda
Bump @actions/tool-cache to 2.0.0
...
This allows us to drop our direct dependency on `@actions/http-client`.
2022-05-13 11:54:40 +01:00
533ce91971
Merge remote-tracking branch 'origin/main' into henrymercer/run-atm-on-windows
2022-05-11 19:32:14 +01:00
4e0668d05e
Fix integration tests on v1
...
The GitHub API client coerces `fake-server-url` to the Dotcom API URL,
which means commands like `util.getGitHubVersion` will call the Dotcom
API with the `fake-token`, resulting in 401s.
We therefore use the Dotcom URL instead and additionally stub
`util.getGitHubVersion` as a good practice (it's no longer necessary).
2022-05-11 15:53:57 +01:00
3c6dd303a8
Update codeql to 2.9.1
2022-05-03 15:58:57 +01:00
366e88c2c1
Fix processing errors being caught and logged as a warning rather than failing the workflow run.
2022-05-03 10:06:19 +01:00
b11fe85402
Merge branch 'main' into aeisenberg/packs-with-paths
2022-04-29 11:10:16 -07:00
922dc2b976
Use the --resolve-query-specs parameter of pack download
...
This will allow the command to resolve packs with paths.
Also, use a more concise version of `tr`.
2022-04-29 10:54:01 -07:00
395afb1dd9
Fix unit test assertion on Windows
2022-04-29 18:18:19 +01:00
06b15c22b1
Allow pack specifiers to include paths
...
Also, this cleans up our pack-related integration tests.
We are now testing with the most recent CLIs.
2022-04-28 17:14:30 -07:00
d9e30cb001
Run ML-powered queries on Windows with CodeQL CLI 2.9.0+
2022-04-28 19:18:15 +01:00
ea676e3184
Don't wait for processing in test mode
...
In test mode, we don't upload results, so there's no point waiting for
processing.
2022-04-28 19:14:14 +01:00
7c2be06006
Factor out test mode determination code
2022-04-28 19:13:22 +01:00
2bf00f719d
Merge branch 'main' into henrymercer/prompt-v1-to-v2-upgrades
2022-04-28 14:17:36 +01:00
Henry Mercer
Andrew Eisenberg
Cornelius Riemenschneider
Chuan-kai Lin
Arthur Baars
Edoardo Pirovano
GitHub
tombolton
Mathias Vorreiter Pedersen
alexet
Chris Gavin