github
/
codeql-action
зеркало из https://github.com/github/codeql-action.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
5 217 коммитов 209 Ветки 395 Теги 217 MiB
Граф коммитов

107 Коммитов

Автор SHA1 Сообщение Дата
Henry Mercer e37d0f3e7c Use direct tracing when autobuild build mode specified 
Behind a flag, for now
 2024-04-12 17:06:35 +01:00
Rasmus Wriedt Larsen 6ab7733abd
build 2024-04-04 17:15:39 +02:00
Henry Mercer eb991df649 Only warn about path filters for CLIs that don't warn 2024-02-22 21:07:29 +00:00
Angela P Wen 1515e2bb20
Refactor configuration errors (#2105) 
Refactor the existing classes of configuration errors into their own file; consolidate the place we check for configuration errors into `codeql.ts`, where the actual command invocations happen.

Also, rename the `UserError` type to `ConfigurationError` to standardize on a single term.
 2024-02-08 17:20:03 +00:00
Henry Mercer 55c1fd5777 Introduce `codeql.supportsFeature` 
This is a slightly simpler API
 2024-01-30 21:53:24 +00:00
Henry Mercer ec42edcaab Refactoring: Create interface for config initialization 
This eliminates argument order mistakes, and also lets us add new inputs
without having to update every test.
 2024-01-30 18:59:59 +00:00
Angela P Wen 96531062ba
Stop setting `CODEQL_RUNNER` environment variable if CLI already sets it (#2081) 
* Check `setsCodeqlRunnerEnvVar` is set in the CLI with `ToolsFeatures`

* Stop setting `CODEQL_RUNNER` env var when CLI does

* Add optional `features` parameter in test utils

* Test that `CODEQL_RUNNER` is not set if CLI sets it
 2024-01-12 09:41:07 -08:00
Henry Mercer 30597e33ea Handle empty lists as well as undefined ones 2024-01-11 12:07:18 +00:00
Henry Mercer 94e68911d7 Fix `paths`/`paths-ignore` warning that would appear unconditionally 2024-01-11 11:54:24 +00:00
Henry Mercer f65fc6a926 Remove parsing of `queries`, `packs`, `paths`, and `pathsIgnore` 2024-01-04 16:27:05 +00:00
Henry Mercer f934b28e51 Populate path filters env variables using the CLI 2024-01-04 15:17:20 +00:00
Henry Mercer b683173003 Remove unused arguments 2024-01-04 15:05:15 +00:00
Henry Mercer fa98ec0c7a Remove CliConfigFileEnabled feature flag 2024-01-04 14:39:36 +00:00
dependabot[bot] 80150c2141
Bump the npm group with 12 updates (#2003) 
* Bump the npm group with 12 updates

Bumps the npm group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [@octokit/types](https://github.com/octokit/types.ts) | `12.1.1` | `12.3.0` |
| [@types/uuid](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/uuid) | `9.0.6` | `9.0.7` |
| [@types/adm-zip](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/adm-zip) | `0.5.3` | `0.5.4` |
| [@types/js-yaml](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/js-yaml) | `4.0.8` | `4.0.9` |
| [@types/semver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/semver) | `7.5.4` | `7.5.5` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `6.9.1` | `6.12.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `6.9.1` | `6.12.0` |
| [eslint](https://github.com/eslint/eslint) | `8.52.0` | `8.54.0` |
| [nock](https://github.com/nock/nock) | `13.3.7` | `13.3.8` |
| [sinon](https://github.com/sinonjs/sinon) | `17.0.0` | `17.0.1` |
| [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon) | `10.0.20` | `17.0.1` |
| [typescript](https://github.com/Microsoft/TypeScript) | `5.2.2` | `5.3.2` |


Updates `@octokit/types` from 12.1.1 to 12.3.0
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](https://github.com/octokit/types.ts/compare/v12.1.1...v12.3.0)

Updates `@types/uuid` from 9.0.6 to 9.0.7
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/uuid)

Updates `@types/adm-zip` from 0.5.3 to 0.5.4
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/adm-zip)

Updates `@types/js-yaml` from 4.0.8 to 4.0.9
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/js-yaml)

Updates `@types/semver` from 7.5.4 to 7.5.5
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/semver)

Updates `@typescript-eslint/eslint-plugin` from 6.9.1 to 6.12.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.12.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 6.9.1 to 6.12.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.12.0/packages/parser)

Updates `eslint` from 8.52.0 to 8.54.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.52.0...v8.54.0)

Updates `nock` from 13.3.7 to 13.3.8
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v13.3.7...v13.3.8)

Updates `sinon` from 17.0.0 to 17.0.1
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v17.0.0...v17.0.1)

Updates `@types/sinon` from 10.0.20 to 17.0.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon)

Updates `typescript` from 5.2.2 to 5.3.2
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

---
updated-dependencies:
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@types/uuid"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/adm-zip"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/js-yaml"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/semver"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/sinon"
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update checked-in dependencies

* Rebuild

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2023-11-20 14:35:28 -08:00
Andrew Eisenberg 669c61022c Add a feature flag to turn this off for newer versions of codeql 2023-10-06 14:17:01 -07:00
Andrew Eisenberg d0916526cd Add a fix for python 3.12 
The python extractor does not yet support 3.12. Check for this and
instead make sure we run python 3.11. Only need to check on windows
since we are extremely unlikely to be running 3.12 on linux or macos.
 2023-10-06 13:05:18 -07:00
Henry Mercer 1d5eed8d40 Remove deprecated functionality 2023-09-27 16:16:13 +01:00
Henry Mercer 5658fd1df2 Fix dependency cycle between trap-caching and init 2023-07-19 17:30:33 +01:00
Henry Mercer 9922e17dbb Move code scanning config enablement into feature flags 2023-07-19 15:57:59 +01:00
Henry Mercer c1f49580cf Fix dependency incompatibilities 2023-07-13 11:20:39 +01:00
Andrew Eisenberg 824d18c689 Merge remote-tracking branch 'upstream/main' into issue-1589-config-param 2023-04-28 11:34:52 -07:00
tgrall b4e6f81a72 resolve comments from @henrymercer 2023-04-10 07:56:09 +02:00
tgrall fe4a785361 rename new parameter from configuration to config 2023-04-01 07:13:01 +02:00
Henry Mercer d8fe76e161 Delete legacy tracing 2023-03-28 18:53:43 +01:00
Tugdual Grall ee44252240 - Add new configuration Parameter 
- Write test to check it is read from configuration
- Update documentation
 2023-03-18 13:40:54 +00:00
Henry Mercer 485cc11a24 Rename `featureEnablement` to `features` 
This is more succinct and removes a few line breaks
 2023-03-09 16:46:51 +00:00
Andrew Eisenberg 3c81243bb1 Apply suggestions from code review 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-02-09 12:25:33 -08:00
Andrew Eisenberg e2f72f11e4 Merge remote-tracking branch 'upstream/main' into aeisenberg/qlconfig-in-cli 2023-02-09 09:47:43 -08:00
Henry Mercer db534af2ae Remove feature flags for bypassing the toolcache 
- We can now use the default bundle version feature flags to remediate a
bad bundle update.
- Controlled switchover ensures that a repo consistently gets the same
bundle version, so we no longer have alert churn concerns with Kotlin
and Swift.
 2023-02-08 15:20:51 +00:00
Andrew Eisenberg bbe8d375fd Ensure qlconfig file is created when config parsing in cli is on 
Previously, with the config parsing in the cli feature flag turned on,
the CLI was not able to download packs from other registries. This PR
adds the codeql-action changes required for this. The CLI changes will
be in a separate, internal PR.
 2023-02-07 10:40:56 -08:00
Angela P Wen 24ca6b0400
Send tools telemetry to `init` status report (#1497) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-01-25 11:09:18 -08:00
Henry Mercer ba93815e25 Merge branch 'main' into henrymercer/upgrade-typescript 2023-01-19 16:15:51 +00:00
Henry Mercer 5f644f971e Upgrade TypeScript to 9.2.0 2023-01-18 20:59:57 +00:00
Henry Mercer c3be36f5cb Use new default version to set up CodeQL 2023-01-11 19:06:50 +00:00
Henry Mercer 5eba74a3c9 Refactor CodeQL setup 2023-01-05 19:09:34 +00:00
Andrew Eisenberg f79028af27 Add the feature to bypass the toolcache for kotlin and swift 
This works by moving the logic to check for toolcache bypass out of
creating the codeql instance. The logic now _may_ perform an API request
in order to check what languages are in the repository. This check is
redundant because the same call is being made later in the action when
the actual list of languages is calculated.
 2022-11-23 15:11:20 -08:00
Henry Mercer 0dea34e91c Merge branch 'main' into henrymercer/delete-runner-part-2 2022-11-15 19:35:30 +00:00
Angela P Wen 5883c13406
Deprecate Go extraction reconciliation feature flag and `CODEQL_EXTRACTOR_GO_BUILD_TRACING` for custom builds (#1322) 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2022-11-14 13:54:35 -08:00
Henry Mercer 3d46406f3b Remove runner-only input to `databaseInitCluster` 2022-11-14 18:49:17 +00:00
Andrew Eisenberg 701cea34ba More renaming 2022-10-11 10:39:40 -07:00
Andrew Eisenberg 919e4caca1 Merge remote-tracking branch 'upstream/main' into aeisenberg/ff-refactoring 2022-10-07 14:14:09 -07:00
Andrew Eisenberg 1a17c59fb0 More renaming 
Avoid usage of "Feature Flag" unless we are talking specifically about
the response from github features api. Otherwise, use terms like
"Toggleable features".

Note both "toggleable" and "togglable" appear to be valid spellings of
the word. I chose the first for no good reason.
 2022-10-07 11:33:32 -07:00
Andrew Eisenberg 9e044c5432 Convert "Invalid source root" errors to UserErrors 2022-10-06 09:28:29 -07:00
Andrew Eisenberg 7e086b240c Merge remote-tracking branch 'upstream/main' into aeisenberg/ghes-pack-download 2022-09-06 10:22:00 -07:00
Andrew Eisenberg e9b47b1898 Change to using a single input 2022-09-01 16:07:26 -07:00
Henry Mercer cf5d465980 Trace Go when Go extraction reconciliation is enabled 2022-09-01 14:42:59 +01:00
Henry Mercer e195431677 Override `CODEQL_EXTRACTOR_GO_BUILD_TRACING` with `on` when it's `true` 2022-08-24 11:48:32 +01:00
Henry Mercer 5862bae77e Bypass toolcache when feature flag enabled 2022-08-16 16:18:11 +01:00
Edoardo Pirovano 6df93613d7
Address review comments from @henrymercer 2022-08-09 18:37:22 +01:00
Edoardo Pirovano 8f867dcb21
Introduce TRAP caching 2022-08-05 17:48:05 +01:00