github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-20 05:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,491 Commits 342 Branches 538 Tags
codeql-bundle-v2.20.5
Commit Graph

6491 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Eisenberg ca9450846f Merge pull request #516 from github/aeisenberg/user-agent 
Send version and mode to code scanning via user agent
 2021-05-31 09:49:44 -07:00
Andrew Eisenberg 1a4cdd35b9 Use the version from package.json in the runner 2021-05-31 09:35:13 -07:00
Andrew Eisenberg 4164096c0d Use the version from package.json in the runner 
Update the ql queries to account for change in how we look for runner

Previously, we guarded blocks of code to be run by the runner or the
action using if statements like this:

```js
if (mode === "actions") ...
```

We are no longer doing this. And now, the `unguarded-action-lib.ql`
query is out of date. This query checks that runner code does not
unintentionally access actions-only methods in the libraries.

With these changes, we now ensure that code scanning is happy.
 2021-05-31 09:34:41 -07:00
Andrew Eisenberg 47588796b4 Send the version and mode with the user agent 
This commit changes the way the action determines if running in action
or runner mode. There is now an environment variable that is set at the
beginning of the process and elsewhere in the process, we can check to
see if the variable is set.
 2021-05-31 09:03:29 -07:00
Andrew Eisenberg fad7cc482d Merge pull request #438 from okyanusoz/patch-1 
Fix wording in README
 2021-05-31 09:02:45 -07:00
Andrew Eisenberg 4917d3c7e8 Merge pull request #533 from github/update-v1.0.0-ff75ec7f 
Merge main into v1
 2021-05-31 08:13:07 -07:00
Andrew Eisenberg dd66f4484d Remove leading newline 
Minor change.
 2021-05-31 08:12:29 -07:00
github-actions[bot] cf57db7e1f 1.0.0 2021-05-31 09:24:10 +00:00
Andrew Eisenberg d9a17baf2f Merge branch 'main' into patch-1 2021-05-28 15:29:27 -07:00
Henry Mercer ff75ec7f7d Merge pull request #532 from github/henrymercer/analysis-summaries-custom-queries 
Analyze: Log analysis summaries for custom queries
 2021-05-28 21:48:16 +01:00
Henry Mercer 1362396c57 Add changelog note 2021-05-28 20:19:55 +01:00
Henry Mercer 2338fe5db5 Analyze: Log analysis summaries for custom queries 2021-05-28 19:36:21 +01:00
Andrew Eisenberg 2ccefaccfe Merge pull request #510 from github/aeisenberg/update-changelog-on-release 
Add release and mergeback workflows
 2021-05-27 13:22:14 -07:00
Andrew Eisenberg 8b0110800e Merge branch 'main' into aeisenberg/update-changelog-on-release 2021-05-27 13:12:26 -07:00
Andrew Eisenberg ea89b06c41 Add bump runner version whenever action is versioned 
Ensures that the runner version is bumped along with the action version.
 2021-05-27 12:31:58 -07:00
Arthur Baars 12b2dc68b9 Merge pull request #513 from github/aibaars-patch-1 
Add Ruby as a possible language
 2021-05-26 07:40:23 +02:00
Arthur Baars 213f5407e2 Merge branch 'main' into aibaars-patch-1 2021-05-26 07:30:01 +02:00
Aditya Sharad f4e2dc747e Merge pull request #531 from github/adityasharad/actions/enterprise-versions-upstream-only 
Actions: Run enterprise versions workflow only on the parent repo
 2021-05-25 19:02:45 -07:00
Andrew Eisenberg 6764ac6d01 Merge pull request #527 from github/update-v1-eeaefb60 
Merge main into v1
 2021-05-25 19:00:39 -07:00
Aditya Sharad a55e7e1f67 Actions: Run enterprise versions workflow only on the parent repo 
Don't run the cron workflow on forks, since they lack the necessary secrets.
 2021-05-25 17:48:14 -07:00
Arthur Baars 44c6b33642 Address comments 2021-05-24 11:00:02 +02:00
Arthur Baars 4f51b8c47e Check available languages 2021-05-23 21:14:07 +02:00
Andrew Eisenberg 800a951427 Add release and mergeback workflows 
This commit ensures that the changelog is updated before a release with
the correct date and version.

Also, after a release, a mergeback PR is created to ensure that the
changelog update and version bump is available in main.
 2021-05-21 11:04:38 -07:00
Arthur Baars 91700099ba Fix unit test 2021-05-21 18:45:08 +02:00
Arthur Baars c3633dc9bd Add Ruby as a possible language 2021-05-21 18:45:08 +02:00
Andrew Eisenberg eeaefb6054 Merge pull request #517 from github/aibaars-additional-packs 
Use --additional-packs instead of --search-path
 2021-05-21 09:31:17 -07:00
Andrew Eisenberg c3e0f887ab Merge branch 'main' into aibaars-additional-packs 2021-05-21 09:21:54 -07:00
Arthur Baars 1ad5a6c1be Merge pull request #518 from github/aibaars-no-queries 
Ensure queries[language] objects are initialized
 2021-05-21 12:54:23 +02:00
Arthur Baars 6a14accb41 Fix tests 2021-05-21 12:41:35 +02:00
Arthur Baars 84bec4d116 Check queries in initConfig 2021-05-21 12:23:00 +02:00
Arthur Baars 9aca271fbb Remove superfluous if 2021-05-21 12:07:30 +02:00
Arthur Baars ec011ddfdb Ensure queries[language] objects are initialized 2021-05-21 10:42:14 +02:00
Arthur Baars 69cc3550c8 Use --additional-packs instead of --search-path 2021-05-21 10:40:06 +02:00
Aditya Sharad 8fa2ef886e Merge pull request #515 from adityasharad/analyze/summary-logging 
Analyze: Improve log grouping and log the analysis summary in its own group
 2021-05-20 15:49:26 -07:00
Aditya Sharad f84cc5e6f1 Fix trailing newline in package.json 
As produced by npm ci && npm run removeNPMAbsolutePaths.
 2021-05-20 14:12:37 -07:00
Aditya Sharad 512d4671bc Decode CodeQL stdout as UTF-8 2021-05-20 14:08:29 -07:00
Aditya Sharad 741bd73e8e Changelog: Add note for grouping of analysis logs 2021-05-20 12:32:10 -07:00
Aditya Sharad 031ec8753a Group log messages while uploading results 2021-05-20 12:32:10 -07:00
Aditya Sharad 19fe63f821 Analyze: Log the analysis summary in its own group 
Fix grouping of the analysis logs, so that custom query logs also get grouped.
Capture the stdout of codeql database analyze, which contains the analysis summary
from summary and diagnostic queries.
Log this output in its own group, along with the baseline computed in the Action.
 2021-05-20 12:32:09 -07:00
Andrew Eisenberg 6a9815718a Merge pull request #514 from github/aeisenberg/first-changelog-entry 
Add the first changelog entry
 2021-05-20 10:47:51 -07:00
Andrew Eisenberg 7ae8d165a6 Add the first changelog entry 
(Adding the changelog itself.)
 2021-05-20 09:24:30 -07:00
Andrew Eisenberg 06b386ac6c Merge pull request #507 from github/aeisenberg/changelog 
Add a changelog
 2021-05-19 15:41:37 -07:00
Andrew Eisenberg 1b3a351d6d Merge branch 'main' into aeisenberg/changelog 2021-05-19 15:28:21 -07:00
Andrew Eisenberg 1564a6d863 Fix typo in changelog 
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2021-05-19 15:28:15 -07:00
Andrew Eisenberg 8566f9b061 Add a changelog 
Adds an empty changelog file and a reminder to update it when opening
pull requests.

Also, adds a 1.0.0 version number in the package.json, which is what
we _could_ use for version numbering.
 2021-05-19 15:19:36 -07:00
Andrew Eisenberg bc39b2101e Merge pull request #487 from RA80533/chore/--build 
Use `--build`
 2021-05-19 13:41:01 -07:00
Andrew Eisenberg 98104d89d9 Merge branch 'main' into chore/--build 2021-05-19 12:44:31 -07:00
RA80533 781da98328 Remove final newline 2021-05-19 15:12:54 -04:00
Henning Makholm 88f6e15932 Merge pull request #508 from github/update-v1-79c79f1b 
Merge main into v1
 2021-05-19 15:11:11 +02:00
Edoardo Pirovano 79c79f1be5 Add configuration option to set CodeQL DB location 2021-05-18 00:13:36 +01:00