8a093aa1a5
Merge branch 'main' into henrymercer/remove-legacy-tracing
2023-04-11 12:25:45 +01:00
d7b9dcdb85
Bump peter-evans/create-pull-request from 4.2.4 to 5.0.0 ( #1643 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4.2.4 to 5.0.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](https://github.com/peter-evans/create-pull-request/compare/38e0b6e68b4c852a5500a94740f0e535e0d7ba54...5b4a9f6a9e2af26e5f02351490b90d01eb8ec1e5 )
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-10 11:27:05 -07:00
2058418de9
Don't expect Swift baseline info on Windows
2023-04-05 20:41:23 +01:00
5da64f56c0
Set up Swift in unset environment workflow
2023-04-05 20:27:02 +01:00
322cea6439
Set up Swift in local bundle workflow
2023-04-05 19:31:20 +01:00
f7a67e4341
Merge branch 'main' into henrymercer/remove-legacy-tracing
2023-04-05 18:39:27 +01:00
66aeadb4c9
Merge pull request #1631 from github/henrymercer/duplicate-diagnostics-fixed-in-cli
...
Skip the SARIF notification object workaround for CLIs that have fixed this bug
2023-04-05 10:46:12 +01:00
2754e10472
Move to the codeql-testing org
...
Refer to the packages in codeql-testing, not in dsp-testing.
2023-04-04 13:39:56 -07:00
3bba073180
Skip the SARIF notification object workaround for fixed CLIs
2023-04-04 18:19:05 +01:00
98173be3f0
Add a comment about lib/defaults.json
2023-04-03 19:39:22 +01:00
f6091a09eb
Use tee when setting env vars to improve debugging
2023-04-03 19:34:20 +01:00
a86046f817
Explain CLI version marker files
2023-04-03 19:32:03 +01:00
33f30874a7
Format .github/actions/update-bundle/index.ts
2023-04-03 19:30:07 +01:00
1c0a788663
Add workflow to automatically update the bundle
2023-04-03 19:10:01 +01:00
e85546ccca
Move internal Actions into .github/actions
...
This is a more standard location for these custom Actions.
2023-04-03 18:29:29 +01:00
d838bacfbe
Simplify matrix
2023-03-29 15:48:13 +01:00
72d018e267
Improve serialization of Swift environment variable if expression
2023-03-29 13:15:59 +01:00
6cd5121600
Merge branch 'main' into henrymercer/remove-legacy-tracing
2023-03-29 13:03:14 +01:00
ff39eb8d6a
Disable flaky Swift autobuild checks
2023-03-28 20:40:23 +01:00
6ef37003ca
Update CodeQL releases used in PR checks
2023-03-28 20:07:09 +01:00
329c022f48
Just check the number of locations
...
Only tests the property we are looking for and avoids problems with
different cross-platform behavior.
2023-03-24 21:50:26 +00:00
097ab4665f
Speed up checks a bit by just running the standard suite
2023-03-24 20:30:57 +00:00
befd804b8b
Extend diagnostics export integration test to capture location bug
2023-03-24 19:48:36 +00:00
a21bb7f968
Update upload input values and logic ( #1598 )
...
- The `upload` input to the `analyze` Action now accepts the following values:
- `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
- `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
- `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
- The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.
---------
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2023-03-23 17:23:25 +00:00
760583e70d
Bump setup-go from v3 to v4 ( #1595 )
...
* Bump actions/setup-go from 3 to 4
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* Update autogenerated workflows
* Bump setup-go from v3 to v4
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-21 10:22:27 -07:00
3cbd063679
Upload per-database diagnostic SARIFs on green and red runs ( #1556 )
...
Co-authored-by: Henry Mercer <henry.mercer@me.com >
2023-03-20 21:09:04 +00:00
b55762b0a6
Bump actions/setup-go from 3 to 4 ( #1593 )
...
* Bump actions/setup-go from 3 to 4
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* Update autogenerated workflows
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <angelapwen@github.com >
2023-03-20 13:31:56 -07:00
91fb7b5c11
Bump peter-evans/create-pull-request from 4.2.3 to 4.2.4 ( #1594 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](https://github.com/peter-evans/create-pull-request/compare/2b011faafdcbc9ceb11414d64d0573f37c774b04...38e0b6e68b4c852a5500a94740f0e535e0d7ba54 )
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-20 11:57:08 -07:00
a2527628e8
Add a workflow_dispatch trigger
2023-03-17 13:54:10 +00:00
16b3d998b4
Ignore classic GHES version when updating supported versions
2023-03-17 13:53:24 +00:00
c208575433
Avoid uploading databases after integration tests
...
We are still getting coverage of the upload capability through the
standard codeql analysis workflow.
2023-03-14 14:55:58 -07:00
a92a14621b
Prefer core.info to console.log
2023-03-13 12:45:15 +00:00
b36480d849
Specify SARIF path via env variable
2023-03-09 19:24:49 +00:00
53f80edaf6
Merge branch 'main' into henrymercer/diagnostics-code-scanning-config
2023-03-09 18:47:43 +00:00
b31d983f22
Add PR check
2023-03-09 18:37:44 +00:00
a3cf96418e
Add security-experimental to codeql-config.yml ( #1566 )
2023-03-08 08:39:00 -08:00
6f079be771
Bump setup-swift and re-configure dependabot ( #1560 )
...
* Update `setup-swift` to v1.22.0
* Configure dependabot to scan `setup-swift` dir
* Add reminder to manually update the SHA in CLI test
* Add comment on new Dependabot directory
2023-03-06 10:32:10 +00:00
a589d4087e
Merge pull request #1527 from github/aeisenberg/qlconfig-in-cli
...
Ensure qlconfig file is created when config parsing in cli is on
2023-02-27 10:26:08 -08:00
8f19113f88
Merge branch 'main' into aeisenberg/qlconfig-in-cli
2023-02-26 18:35:21 -08:00
cf1855ae37
Fix workflow to update dependencies
...
Port over the fix from
https://github.com/github/codeql-action/pull/1544
and share code so these scripts don't get out of sync again.
2023-02-24 20:25:21 +00:00
41f1810e52
Clean the npm cache before running install
2023-02-17 09:54:53 -08:00
bbe8d375fd
Ensure qlconfig file is created when config parsing in cli is on
...
Previously, with the config parsing in the cli feature flag turned on,
the CLI was not able to download packs from other registries. This PR
adds the codeql-action changes required for this. The CLI changes will
be in a separate, internal PR.
2023-02-07 10:40:56 -08:00
d966969093
Remove $ from version number
2023-01-26 15:22:33 +00:00
824a20f6aa
Merge pull request #1507 from github/henrymercer/swift-autobuild-timeout
...
Limit Swift autobuild runtime in PR check to 10 minutes
2023-01-23 20:16:40 +00:00
fa47d5ade1
Merge pull request #1505 from github/henrymercer/more-node-12-cleanup
...
More cleanup as a result of dropping Node 12
2023-01-23 20:11:32 +00:00
5da183dcc2
Bump npm to v9.2.0
...
npm v9.3.0 is out, but seems to have a bug with `npm ci` on macOS
where it will complain that `node_modules/.bin` is a directory.
We specify an exact version for reproducibility of builds.
2023-01-23 19:15:21 +00:00
b873a18a2f
Limit Swift autobuild runtime to 10 minutes
...
There's a known issue that causes the Swift autobuilder to hang. By
setting a timeout, we'll fail earlier and we can rerun the check
earlier.
2023-01-23 19:12:27 +00:00
90bbfad4eb
Fail prepare-test early when gh release list fails
2023-01-23 18:50:59 +00:00
64580b3179
Update workflow name to reflect Windows tests
2023-01-23 13:01:27 +00:00
e05bd5a671
Use CodeQL path from init Action in Windows Python deps PR checks
2023-01-23 13:01:11 +00:00
Henry Mercer
dependabot[bot]
Henry Mercer
Andrew Eisenberg
Angela P Wen