github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-03 02:02:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,157 Commits 334 Branches 535 Tags
v4.34.1
Commit Graph

632 Commits

Author SHA1 Message Date
Henry Mercer
51a1d6917f Downgrade default bundle to codeql-bundle-v2.24.3 2026-03-20 16:45:20 +00:00
github-actions[bot]
89f0c86efa Rebuild 2026-03-20 12:03:59 +00:00
Idriss Riouak
39191bd27f Merge branch 'main' into idrissrio/cpp/overlay 2026-03-19 15:42:47 +01:00
idrissrio
ab3b6fd199 Feature flag: address copilot comment 
Wire C/C++ overlay feature flags into overlay mapping
 2026-03-19 14:11:00 +01:00
idrissrio
ce4a1feb6a Feature flag: update generated lib after build 2026-03-19 14:10:57 +01:00
github-actions[bot]
0bc1b6f632 Update default bundle to codeql-bundle-v2.25.0 2026-03-19 12:01:20 +00:00
Henry Mercer
60a0dce0ad Merge branch 'main' into henrymercer/overlay-no-trap-caching 
# Conflicts:
#	lib/start-proxy-action.js
 2026-03-18 16:35:51 +00:00
Henry Mercer
7da6361ba5 Merge pull request #3580 from github/dependabot/npm_and_yarn/fast-xml-parser-5.5.6 
Bump fast-xml-parser from 5.4.1 to 5.5.6
 2026-03-18 11:50:18 +00:00
Sam Robson
5e54629286 Merge branch 'main' into kaspersv/move-diff-range-absolute-path-conversion 
* main: (112 commits)
  Rebuild
  Update changelog and version after v4.33.0
  Add changelog entry for #3570
  Bump minor version
  Update changelog for v4.32.7
  Only emit one message with accumulated property names
  Remove `cache-dependency-path` options as well
  Remove `package-lock.json` that's no longer needed
  Add step (in root directory) to install dependencies
  Add explicit cache dependency paths in `pr-checks.yml`
  Fix linter errors in `sync-back.test.ts`
  Fix linter errors in `sync-back.ts`
  Rename `sync_back` to `sync-back`
  Fix linter errors in `sync.ts`
  Add eslint configuration for `pr-checks`
  Add minimal `Step` type
  Add `workspaces` to root `package.json`
  Avoid bundling `package.json`
  Move `ava` config out of `package.json`
  Emit warning for unrecognised repo properties with our common prefix
  ...

# Conflicts:
#	lib/init-action-post.js
 2026-03-18 10:47:46 +00:00
github-actions[bot]
f254006ed7 Rebuild 2026-03-18 01:38:11 +00:00
github-actions[bot]
a0e3ed6555 Rebuild 2026-03-16 09:08:32 +00:00
Michael B. Gale
95be291f41 Bump minor version 2026-03-16 08:38:13 +00:00
Michael B. Gale
e3200e331b Merge pull request #3563 from github/mbg/private-registry/oidc 
Accept OIDC configurations in `start-proxy`
 2026-03-13 11:58:36 +00:00
Michael B. Gale
ea703668e0 Avoid bundling package.json 
- `package.json` is bundled by `esbuild` because we depend on it in `actions-util.ts`
- That is so we can access the `version` property
- We now use `build.mjs` to define a constant for it instead
- We also set this constant in `ava.setup.mjs` for tests
- This reduces the size of the generated `.js` files and avoids changing them entirely in some cases
 2026-03-12 18:55:03 +00:00
Henry Mercer
1dbebad653 Merge pull request #3566 from github/dependabot/npm_and_yarn/npm-minor-aebc49e072 
Bump the npm-minor group with 2 updates
 2026-03-11 20:49:27 +00:00
github-actions[bot]
0d0df94d93 Rebuild 2026-03-11 19:51:54 +00:00
github-actions[bot]
373dec9f22 Rebuild 2026-03-11 19:51:53 +00:00
Henry Mercer
d74701caa1 Drive-by cleanup: Always use --cache-cleanup 2026-03-11 19:31:03 +00:00
Henry Mercer
b04e63ffdf Enablement: Move TRAP caching check after overlay 2026-03-11 19:21:17 +00:00
Henry Mercer
b0f877255d Add FF for disabling TRAP caching when overlay enabled 2026-03-11 18:44:41 +00:00
Michael B. Gale
6c99ca514e Merge remote-tracking branch 'origin/main' into mbg/private-registry/oidc 2026-03-11 16:15:07 +00:00
Henry Mercer
997acaf7eb Merge pull request #3562 from github/henrymercer/skip-file-coverage-rollout 
Prepare for rolling out skipping computing file coverage information on PRs
 2026-03-11 11:33:21 +00:00
Henry Mercer
2e7e91fd63 Merge pull request #3550 from github/sam-robson/overlay-per-lang-min-bundle-version 
feat: add minimumVersion values for language overlay flags
 2026-03-11 10:28:14 +00:00
Michael B. Gale
048d0ea295 Address review comments 2026-03-10 15:54:58 +00:00
Henry Mercer
55a0f2b2aa Add environment variable override 2026-03-10 15:41:40 +00:00
Henry Mercer
13c548978d Fix retries when uploading databases 2026-03-10 12:34:18 +00:00
Henry Mercer
ce321daddb Merge branch 'main' into henrymercer/skip-file-coverage-rollout 2026-03-10 11:46:08 +00:00
Sam Robson
8bddab0644 Merge branch 'main' into sam-robson/overlay-per-lang-min-bundle-version 2026-03-09 20:23:29 +00:00
Michael B. Gale
0ad7d7be2f Merge pull request #3560 from github/henrymercer/ghes-3.13-cleanup 
Clean up pre GHES 3.14 code paths
 2026-03-09 18:00:31 +00:00
Henry Mercer
9e8c05933f Add ability to override via repository property 2026-03-09 17:08:13 +00:00
Henry Mercer
c102a6d8cd Require tools feature flag 
And now that we have this, drop the restriction to `github` org.
 2026-03-09 17:07:10 +00:00
Sam Robson
867f2b0e0a test: verify overlay analysis is disabled for languages without per-language feature flags 2026-03-09 16:46:38 +00:00
Sam Robson
e04697664c feat: add minimumVersion values for existing language-specific overlay feature flags 2026-03-09 16:45:20 +00:00
Henry Mercer
ab180c9eeb Clean up pre GHES 3.14 code paths 2026-03-09 16:35:29 +00:00
Henry Mercer
b35c0d37b1 Clean up repository properties feature flag 2026-03-09 16:15:04 +00:00
Sam Robson
9082319f5c Merge branch 'main' into kaspersv/move-diff-range-absolute-path-conversion 2026-03-06 15:03:13 +00:00
Sam Robson
c10020e6a8 Merge remote-tracking branch 'origin/main' into kaspersv/move-diff-range-absolute-path-conversion 
* origin/main: (32 commits)
  Add changelog note
  Update default bundle to codeql-bundle-v2.24.3
  Bump tar from 7.5.7 to 7.5.10
  Rebuild
  Rebuild
  Bump actions/upload-artifact from 6 to 7 in /.github/workflows
  Bump actions/download-artifact from 7 to 8 in /.github/workflows
  Bump the npm-minor group with 2 updates
  Fix some tests that should be serial
  Update method naming and JSDoc
  Rename to `EnabledOverlayConfig`
  Address review comments
  Use `Result`s for enablement return types
  Add disabled by env var disablement reason
  Rename to `usesDefaultQueriesOnly`
  Update `NonDefaultQueries` documentation
  Refactor `getOverlayDatabaseMode` and add new disablement reason
  Address review comments
  Add JSDoc
  Sort `OverlayDisabledReason` enum
  ...
 2026-03-06 09:10:13 +00:00
github-actions[bot]
0ccdcb8c0a Rebuild 2026-03-05 19:44:36 +00:00
github-actions[bot]
f2669dd916 Update default bundle to codeql-bundle-v2.24.3 2026-03-05 15:34:19 +00:00
github-actions[bot]
77f9a86c60 Rebuild 2026-03-05 13:19:28 +00:00
Sam Robson
1443f5865e chore: merge main into kaspersv/move-diff-range-absolute-path-conversion 2026-03-05 11:38:11 +00:00
Henry Mercer
8e17ec94b4 Merge branch 'main' into henrymercer/parallel-unit-tests 2026-03-04 13:25:01 +01:00
Michael B. Gale
d1ac77f26d Merge pull request #3527 from github/mbg/start-proxy/remove-unused 
Remove unused registry types from `LANGUAGE_TO_REGISTRY_TYPE`
 2026-03-04 11:48:08 +00:00
Henry Mercer
675af55c60 Run some unit tests in parallel 2026-03-04 12:40:22 +01:00
Michael B. Gale
9bf973324f Merge pull request #3528 from github/mbg/refactor/sarif 
Refactor SARIF-related types and functions into a separate module
 2026-03-03 12:10:30 +00:00
Michael B. Gale
6d060bbaa1 Return Partial<Log> from readSarifFile 
Our previous definition had `tools` as a mandatory field, so this
also makes some changes to deal with the case where that may
be `undefined` by treating it as equivalent to `[]`.
 2026-03-03 11:34:01 +00:00
Michael B. Gale
28b449d8c7 Improve version handling in combineSarifFiles 2026-03-03 11:18:47 +00:00
Michael B. Gale
1721ce7afd Address minor review comments 2026-03-03 11:05:37 +00:00
Michael B. Gale
b43d146e37 Do not alias types 2026-03-02 20:47:19 +00:00
Michael B. Gale
9a31859f78 Use @types/sarif 2026-03-02 18:04:11 +00:00