501fe7ff12
Update getMlPoweredJsQueriesStatus doc
2022-02-04 17:16:25 +00:00
ad40e4a8f8
Merge branch 'main' into henrymercer/report-ml-powered-query-enablement
2022-02-04 16:38:18 +00:00
537b2f873a
Add "multiple" report for ML-powered JS query enablement
...
When multiple ML-powered JS packs are in scope (an unsupported
scenario), the status report is "multiple".
2022-02-04 16:37:26 +00:00
9f32fc9b9d
Only add ML-powered queries pack if the user didn't manually request it
2022-02-04 16:34:17 +00:00
9b14aa7c84
Merge branch 'main' into use-better-base-sha
2022-02-04 12:04:41 +00:00
1cddec9558
Add ML-powered queries enablement to init status report
...
We report this information in the `init` status report rather than the
`analyze` status report so we can gather data about timeouts.
2022-02-03 16:29:28 +00:00
a005206838
Convert status report comments to documentation
2022-02-03 11:52:49 +00:00
6a6a3203dd
Merge branch 'main' into dependabot/npm_and_yarn/ava/typescript-3.0.1
2022-02-02 17:24:20 +00:00
3469c69bba
Merge branch 'main' into use-better-base-sha
2022-02-02 13:52:13 +00:00
d57c2761c9
Fix typo in error message
2022-02-02 13:51:48 +01:00
e9aa623c5d
Merge branch 'main' into dependabot/npm_and_yarn/ava/typescript-3.0.1
2022-02-01 18:57:02 +00:00
ce89f1b611
Upgrade Ava to v4
2022-02-01 18:56:42 +00:00
13f97c81fe
Merge branch 'aeisenberg/permissions' into add-ref-input
2022-02-01 10:31:14 -08:00
36419a79c1
Avoid sending status reports in test mode
2022-02-01 10:12:35 -08:00
ec0b3ae7ff
remove some debug info
2022-02-01 15:39:11 +00:00
e836f97769
Detect merge base as base_sha for upload
2022-02-01 15:38:43 +00:00
1bfa9ace60
Adds integration test and fixes linting
2022-01-31 20:06:18 -05:00
1eaaf07b91
Adds check on inputs and compiled files
2022-01-31 20:06:17 -05:00
980fd4ed38
Adds ref and SHA as inputs, and sarif-id as output
2022-01-31 20:06:17 -05:00
5f30e2466f
Merge branch 'rneatherway/content-type' of github.com:github/codeql-action into rneatherway/content-type
2022-01-25 17:17:21 +00:00
486633d442
Try string literal key
2022-01-25 16:33:09 +00:00
d6360c9075
Merge branch 'main' into rneatherway/content-type
2022-01-25 15:21:13 +00:00
e13c8bbfb7
Merge branch 'main' into rneatherway/remove-old-upload-path
2022-01-25 12:36:23 +00:00
1f7dab4ba2
Merge branch 'main' into aeisenberg/remove-experiemental-message
2022-01-24 13:30:45 -08:00
f8c38c1af3
Update changelog
2022-01-24 09:54:17 -08:00
10249d1591
Update tests to remove feature flag
2022-01-24 17:53:09 +00:00
e6bcd71529
Remove experimental warning message for custom packs
2022-01-24 09:40:46 -08:00
806fc12eb2
Reword changelog entry and add back test
2022-01-24 09:25:52 -08:00
ba352d365b
Merge branch 'main' into aeisenberg/better-error
2022-01-24 08:56:14 -08:00
751af2a9e3
Set contentType for database uploads
2022-01-24 15:54:46 +00:00
1a686e7d76
Remove old upload path
...
The `useUploadDomain` approach is now fully enabled
2022-01-24 15:47:08 +00:00
3b4e4d44dc
Update default CodeQL version to 2.7.6
2022-01-24 09:45:48 +00:00
f18151cc59
Update error message and remove feature flag preloading
...
Discussion here https://github.com/github/codeql-action/pull/882#discussion_r789924177
shows that properly handling preloading feature flag errors is complex
and the benefit we get from it does not offset the complexity.
2022-01-21 11:20:48 -08:00
752ae5743f
Ensure loadApiError is caught
...
And add a better error message.
By using `void` instead of `await`, any error thrown is not caught
by surrounding try-catch blocks.
I could continue to use `void` and explicitly handle any thrown errors
by using `.catch`, but most likely the time savings is minimal and
this makes the code more complex.
2022-01-21 10:04:08 -08:00
5e69ce82f8
Merge branch 'main' into aeisenberg/multi-init
2022-01-21 08:04:13 -08:00
14b4839253
Respect extra options in a few codeql calls
2022-01-21 13:44:52 +00:00
51126e5cd1
Include better error message
...
When users call init multiple times.
2022-01-20 10:28:11 -08:00
776db51d2e
Merge remote-tracking branch 'origin/main' into hmakholm/pr/2.7.5
2022-01-17 18:27:39 +01:00
9913c9bfa5
Merge remote-tracking branch 'origin/main' into hmakholm/pr/2.7.5
2022-01-17 18:06:10 +01:00
8de62beb50
Merge branch 'main' into aeisenberg/category-with-tool
2022-01-17 09:00:14 -08:00
df0c306daf
Update warning about interpreted languages to mention Ruby
2022-01-14 11:57:29 +00:00
ab1f709732
Allow duplicate categories in the same validation step
...
A single SARIF file should be allowed to have duplicated
categories.
2022-01-13 10:35:03 -08:00
8454e21c9c
Change category uniqueness test
...
Turboscan only allows a single combination of tool name and automation
details id for testing category uniqueness.
Previously, the check in the action was not entirely correct since it
only looked at the _category_ and not the combination of the category
and the tool name.
It's even more precise now since it is looking at the actual, computed
value of the automation details id, rather than an inputted value of
the category.
This change also includes a refactoring where the action is now avoiding
multiple parsing/stringifying of the sarif files. Instead, sarif is
parsed once at the start of the process and stringified once, after
sarif processing is completely finished.
2022-01-12 15:26:34 -08:00
d85c3e58ec
Bump CodeQL version to 2.7.5
2022-01-12 19:36:20 +01:00
d2a0fc83dc
Refuse to run on Windows 11
2022-01-11 18:34:33 +00:00
e677af3fd0
Make name of debugging artifact and DB within it configurable
2022-01-07 15:10:26 +00:00
e7fe6da378
Allow patch version of ML-powered queries pack to be bumped
2022-01-06 11:58:03 +00:00
2159631658
Only run ML-powered queries with v2.7.5 or newer of the CLI
2022-01-06 11:58:03 +00:00
9de1702400
Document use of redundant feature flag API call
2022-01-06 11:58:02 +00:00
efded22908
Bump the version of the ATM query pack to 0.0.2
2022-01-06 11:57:33 +00:00
Henry Mercer
Thomas Horstmeyer
Arthur Baars
Andrew Eisenberg
Alex Croteau
Robin Neatherway
Edoardo Pirovano
Henning Makholm
Nick Rolfe