github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-20 05:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,875 Commits 342 Branches 538 Tags
v3.26.11
Commit Graph

2126 Commits

Author SHA1 Message Date
David Verdeguer 496bf0ec11 Ignore non-string values in populateRunAutomationDetails 2021-04-20 12:53:16 +02:00
David Verdeguer bc14da99c5 Merge branch 'main' into daverlo/runAutomationDetails 2021-04-19 10:47:18 +02:00
David Verdeguer 351d36fd18 Add test for existing automationDetails 2021-04-19 09:04:58 +02:00
Andrew Eisenberg c87ee1c65a [Runner] Throw error on unknown option in init command 
And explicitly document the advanced --trace-process-name and
--trace-process-level args.
 2021-04-16 12:09:26 -07:00
David Verdeguer 0ece0d074b Fix populateRunAutomationDetails for null environments 2021-04-16 09:24:34 +02:00
David Verdeguer de611b2de3 Prevent the automationDetails to be regenerated if it already exists 2021-04-16 07:47:42 +02:00
David Verdeguer 47755f0910 Add automationdetails id to runs 2021-04-15 16:20:49 +02:00
Andrew Eisenberg 6aebd1b98a Fixes a regex for language and locale recognition 
See https://github.com/oasis-tcs/sarif-spec/pull/490
See #418

Note that this changes the sarif spec file. Unless this
change is actually merged in the sarif spec repo, the
version used by the action will be slightly different.
 2021-04-14 08:10:56 -07:00
Andrew Eisenberg 534192fa05 Use externalRepoAuth when getting a remote config 
This allows users to specify a different token for retrieving the
codeql config from a different repository.

Fixes https://github.com/github/advanced-security-field/issues/185
 2021-04-09 15:00:57 -07:00
Robert ca27066d09 fix grammar / punctuation 2021-03-31 11:05:30 +01:00
Robert 2f93805cef check push event 2021-03-30 16:53:02 +01:00
Robert d4edded3ea Add special dependabot error message 2021-03-30 14:09:06 +01:00
Henning Makholm 1d93ad95c1 Update CodeQL bundle to 20210326 2021-03-26 15:03:49 +01:00
Simon Engledew ba14abbca7 Rewrite the ref to correctly point to refs/remotes 
Fixes the rev-parse issues caused by https://github.com/github/codeql-action/pull/428
 2021-03-25 13:08:55 +00:00
Simon Engledew 9165099103 Skip doing work if it is not necessary 2021-03-22 15:50:04 +00:00
Simon Engledew 36a9516acc PR feedback 2021-03-22 15:09:33 +00:00
Simon Engledew ef92c5ac5f Count the number of parents of the current commit to check it is still a merge 
Work around a race condition in actions where sometimes GITHUB_SHA != git rev-parse head
 2021-03-22 12:05:00 +00:00
Henning Makholm d2f4021928 Update CodeQL bundle to 20210319 2021-03-20 00:30:46 +01:00
Josh Soref c4fced7348 Fix spelling errors 
spelling: executable
spelling: github
spelling: javascript
spelling: latest
spelling: occurred
spelling: parameter

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2021-03-18 09:40:47 -07:00
Andrew Eisenberg 08fae3caba Display better error message on invalid sarif 
Specifically, some third party tools do not include a `results`
block for runs when there is an error. This change adds a more
explicit error message for this situation.
 2021-03-18 09:03:42 -07:00
Andrew Eisenberg ffd96b38fb Ensure error correct error message on 403 error 2021-03-17 07:55:21 -07:00
Robert 5004a54ed3 Merge branch 'main' into robertbrignull/toolcache-query-safety 2021-03-16 15:29:47 +00:00
Robert 378f30f95d call setupActionsVars in the tests too 2021-03-16 13:43:28 +00:00
Robert d698cb3d2b Make unguarded-action-lib better at ignoring uses of toolcache 2021-03-16 13:14:17 +00:00
Robert 09024e50d4 make control flow cleaer to fix query alert 2021-03-16 12:07:00 +00:00
Chris Gavin 18f6367c46 Merge branch 'main' into check-ghae-endpoint-first-only-on-ghae 2021-03-10 12:23:15 +00:00
Henning Makholm bcca43b391 Update CodeQL bundle to 20210308 2021-03-09 17:43:35 +01:00
Chris Gavin bb51ece0b4 When downloading the CodeQL bundle, only use the GitHub AE endpoint on GitHub AE, and check it first. 2021-03-07 11:18:54 +00:00
Aditya Sharad 0ff9c449b7 Update CodeQL bundle to 20210304 / CLI 2.4.4 2021-03-04 13:05:37 -08:00
GitHub 760681b052 Update supported GitHub Enterprise Server versions. 2021-02-20 00:26:14 +00:00
Aditya Sharad fd0ad84431 Merge branch 'main' into adityasharad/ram-threshold 2021-02-17 11:29:15 -08:00
Robert a2653534db set externalRepoAuth 2021-02-17 08:30:35 -08:00
Chris Gavin 2b1c88c014 Merge branch 'main' into ghae-endpoint 2021-02-17 08:29:36 +00:00
Aditya Sharad 4c94e29f1b Increase the default amount of RAM reserved for the OS 
Mitigation for OOM errors (137/SIGKILL) seen by users when we overcommit the available memory.
For Unix, reserve 1GB.
For Windows, reserve 1.5GB, as the OS needs more memory and estimates inaccurately.
 2021-02-16 15:10:19 -08:00
Andrew Eisenberg 58defc0652 Remove --external-repository-token option from runner 
Specifying a token as a cli input leads to a potential for leaking the
token on CI logs. This commit removes the option. Instead, users
should specify a single GitHub token through `--github-auth-stdin` or
by setting the `GITHUB_TOKEN` environment variable. This token should be
created with enough privileges to access the required repository.
 2021-02-16 11:28:25 -08:00
Andrew Eisenberg 88714e3a60 Add capability to specify auth from env var or stdin 
This commit adds two new ways of specifying GitHub auth:

1. from the GITHUB_TOKEN environment variable
2. from standard input

This commit does not include any documentation changes and the
descriptions of new command line options will need to be tweaked.
 2021-02-16 11:26:39 -08:00
Chris Gavin 3c63623824 Merge branch 'main' into ghae-endpoint 2021-02-16 10:17:25 +00:00
Chris Gavin f8c5dacab5 Also look for the CodeQL bundle at the custom GitHub AE endpoint. 2021-02-15 19:41:41 +00:00
Chris Gavin 04d2b0018e Merge branch 'main' into allow-override-temp 2021-02-15 16:20:45 +00:00
Chris Gavin 7b72f1c330 Merge main into allow-override-temp. 2021-02-15 11:45:08 +00:00
Chris Gavin 6452109691 Treat empty CODEQL_ACTION_TEMP the same as it not being set. 2021-02-15 11:44:44 +00:00
Chris Gavin c9ca4ec1bd Convert GitHub variant to an enum. 2021-02-15 09:30:16 +00:00
Chris Gavin 0656b2c1ad Add detection for GitHub AE. 2021-02-13 11:06:03 +00:00
Sam Partington 10a2f1b1aa Merge branch 'main' into remove-uploadFromActions-params 2021-02-02 11:34:02 +00:00
Simon Engledew 169b9f804b Fix lint errors 2021-02-02 09:59:06 +00:00
Simon Engledew 1f07e287da Do not report warning: undefined 2021-02-01 16:32:13 +00:00
Chris Gavin ed751ece83 Allow overriding path of temporary files. 2021-02-01 15:34:13 +00:00
Simon Engledew 44ed1c6ce1 Remove pull request warnings 2021-01-29 10:42:37 +00:00
Sam Partington 19fe854945 Remove intermediate variables 2021-01-28 15:40:42 +00:00
Sam Partington c2377b2e49 Remove parameters from uploadFromActions 
Retrieve the relevant values in the method itself instead.
 2021-01-28 15:37:09 +00:00