github
/
codeql-action
зеркало из https://github.com/github/codeql-action.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
4 075 коммитов 209 Ветки 395 Теги 217 MiB
Граф коммитов

279 Коммитов

Автор SHA1 Сообщение Дата
Edoardo Pirovano 04e8743013
Merge branch 'main' into dependabot/npm_and_yarn/types/node-16.4.3 2021-07-27 20:15:15 +01:00
dependabot[bot] 8536203ad8
Bump @types/node from 12.12.14 to 16.4.3 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.14 to 16.4.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 19:00:10 +00:00
dependabot[bot] 5a7f86f625
Bump query-string from 6.14.0 to 7.0.1 
Bumps [query-string](https://github.com/sindresorhus/query-string) from 6.14.0 to 7.0.1.
- [Release notes](https://github.com/sindresorhus/query-string/releases)
- [Commits](https://github.com/sindresorhus/query-string/compare/v6.14.0...v7.0.1)

---
updated-dependencies:
- dependency-name: query-string
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 19:00:01 +00:00
dependabot[bot] dbb1b44b8f
Bump @types/sinon from 7.5.2 to 10.0.2 
Bumps [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon) from 7.5.2 to 10.0.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon)

---
updated-dependencies:
- dependency-name: "@types/sinon"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 18:59:55 +00:00
dependabot[bot] 07578cd9e7
Bump @octokit/types from 5.5.0 to 6.21.1 
Bumps [@octokit/types](https://github.com/octokit/types.ts) from 5.5.0 to 6.21.1.
- [Release notes](https://github.com/octokit/types.ts/releases)
- [Commits](https://github.com/octokit/types.ts/compare/v5.5.0...v6.21.1)

---
updated-dependencies:
- dependency-name: "@octokit/types"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 18:59:49 +00:00
dependabot[bot] cec3af8bb0
Bump js-yaml from 3.13.1 to 4.1.0 
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.13.1 to 4.1.0.
- [Release notes](https://github.com/nodeca/js-yaml/releases)
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.13.1...4.1.0)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 18:59:42 +00:00
Edoardo Pirovano ddd2696b4e
Merge branch 'main' into dependabot/npm_and_yarn/eslint-plugin-github-4.1.5 2021-07-27 19:20:07 +01:00
Edoardo Pirovano 8c3255bc78
Merge branch 'main' into dependabot/npm_and_yarn/actions/exec-1.1.0 2021-07-27 19:01:17 +01:00
Edoardo Pirovano df6f81e49c
Merge branch 'main' into dependabot/npm_and_yarn/nock-13.1.1 2021-07-27 18:41:59 +01:00
Edoardo Pirovano 70f5789ed2
Merge branch 'main' into dependabot/npm_and_yarn/actions/http-client-1.0.11 2021-07-27 18:18:44 +01:00
Edoardo Pirovano 99afdfbfbd
Merge branch 'main' into dependabot/npm_and_yarn/actions/exec-1.1.0 2021-07-27 18:14:25 +01:00
dependabot[bot] 9ce2456348
Bump typescript from 3.7.5 to 4.3.5 
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.7.5 to 4.3.5.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v3.7.5...v4.3.5)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 16:52:03 +00:00
dependabot[bot] 3ab5d6d4d6
Bump @actions/exec from 1.0.1 to 1.1.0 
Bumps [@actions/exec](https://github.com/actions/toolkit/tree/HEAD/packages/exec) from 1.0.1 to 1.1.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/exec/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/@actions/core@1.1.0/packages/exec)

---
updated-dependencies:
- dependency-name: "@actions/exec"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 16:51:54 +00:00
dependabot[bot] 35f1961385
Bump nock from 12.0.3 to 13.1.1 
Bumps [nock](https://github.com/nock/nock) from 12.0.3 to 13.1.1.
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nock/nock/compare/v12.0.3...v13.1.1)

---
updated-dependencies:
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 16:51:47 +00:00
dependabot[bot] 6b0d45a5c6
Bump eslint-plugin-github from 4.1.1 to 4.1.5 
Bumps [eslint-plugin-github](https://github.com/github/eslint-plugin-github) from 4.1.1 to 4.1.5.
- [Release notes](https://github.com/github/eslint-plugin-github/releases)
- [Commits](https://github.com/github/eslint-plugin-github/compare/v4.1.1...v4.1.5)

---
updated-dependencies:
- dependency-name: eslint-plugin-github
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 16:51:39 +00:00
dependabot[bot] 4867598089
Bump @actions/http-client from 1.0.8 to 1.0.11 
Bumps [@actions/http-client](https://github.com/actions/http-client) from 1.0.8 to 1.0.11.
- [Release notes](https://github.com/actions/http-client/releases)
- [Changelog](https://github.com/actions/http-client/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/http-client/commits)

---
updated-dependencies:
- dependency-name: "@actions/http-client"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-27 16:51:17 +00:00
github-actions[bot] c4e99325d0 1.0.9 2021-07-26 23:35:55 +00:00
github-actions[bot] 63603427ef 1.0.8 2021-07-21 14:22:34 +00:00
github-actions[bot] 01b1510da2 1.0.7 2021-07-19 09:32:59 +00:00
Andrew Eisenberg ae97d8f96d Fix dependabot vulnerabilities 
This adds some forced resolutions to ensure that vulnerable versions
of packages are not installed.
 2021-07-14 14:40:10 -07:00
github-actions[bot] 92df23808d 1.0.6 2021-07-12 23:03:41 +00:00
github-actions[bot] 5c3c29fd3f 1.0.5 2021-06-28 15:23:49 +00:00
Andrew Eisenberg c5434c91d8 Merge branch 'main' into csharp-loc 2021-06-23 16:22:14 -07:00
Edoardo Pirovano 68b68732c6 Fix C# line counting and add test 2021-06-23 23:39:44 +01:00
Andrew Eisenberg c98b43187d
Merge branch 'main' into mergeback/v1.0.3-to-main-cf6e0194 2021-06-23 08:08:49 -07:00
github-actions[bot] 1496843315 1.0.4 2021-06-23 14:56:35 +00:00
Chris Gavin 476f13ea18
Upgrade Actions Tool Cache. 2021-06-23 14:28:33 +01:00
github-actions[bot] 4954c371d1 1.0.3 2021-06-17 18:01:57 +00:00
github-actions[bot] fbb9046bf6 1.0.2 2021-06-07 20:59:15 +00:00
Edoardo Pirovano 0cbd4b56d3 Add some dependencies for uploading artifacts 2021-06-02 10:32:48 +01:00
Andrew Eisenberg 539d968ad7 Use commander preAction hook for setMode 
Hooks are new to commander v8. We can use hooks to ensure that `setMode`
is called before every command is invoked.
 2021-06-01 11:17:49 -07:00
Andrew Eisenberg f0e82b7d63 1.0.1 2021-05-31 10:56:52 -07:00
Andrew Eisenberg c02d8cc7a9 Fix EOF newlines after `npm version patch` 
The removeNPMAbsolutePaths check requires no newlines at the
end of the file. This ensures that the version update mimics
the behavior.
 2021-05-31 10:37:07 -07:00
Andrew Eisenberg ea89b06c41 Add bump runner version whenever action is versioned 
Ensures that the runner version is bumped along with the action version.
 2021-05-27 12:31:58 -07:00
Andrew Eisenberg 1b3a351d6d
Merge branch 'main' into aeisenberg/changelog 2021-05-19 15:28:21 -07:00
Andrew Eisenberg 8566f9b061 Add a changelog 
Adds an empty changelog file and a reminder to update it when opening
pull requests.

Also, adds a 1.0.0 version number in the package.json, which is what
we _could_ use for version numbering.
 2021-05-19 15:19:36 -07:00
Andrew Eisenberg 98104d89d9
Merge branch 'main' into chore/--build 2021-05-19 12:44:31 -07:00
RA80533 781da98328 Remove final newline 2021-05-19 15:12:54 -04:00
Andrew Eisenberg ddcb299283 Update loc count library 
This version will count lines of code in each file serially. It still
runs all file system operations asynchronously. The only difference now
is that it will only count one file at a time. It is slower, but it
is able to count large repositories without running out of memory.
 2021-05-12 16:33:05 -07:00
Edoardo Pirovano a5506d82e4
Output environment file for Windows 2021-05-10 20:43:49 +01:00
RA80533 db6341a36c Use `--build` 2021-05-07 20:15:12 -04:00
Andrew Eisenberg 5c0a38d7e4 Update github-linguist dependency 
This version adds a larger list of auto-excluded binary files.
And allows for the passing of a list of file types to restrict
analysis to.
 2021-04-28 14:55:17 -07:00
Andrew Eisenberg b6b197e0ad
Merge branch 'main' into aeisenberg/add-github-linguist 2021-04-23 10:54:04 -07:00
Andrew Eisenberg c4a84a93d4 Add the github-linguist package 
This commit only adds a single package and all of its transitive
dependencies. The github-linguist package will be used for counting
lines of code as a baseline for databases we are analyzing.
 2021-04-22 15:59:49 -07:00
Robert 8c91ba83e2 Introduce our own toolcache implementation for use by the runnner 2021-04-22 15:31:15 +01:00
Chris Gavin f8c5dacab5
Also look for the CodeQL bundle at the custom GitHub AE endpoint. 2021-02-15 19:41:41 +00:00
Chris Gavin d182a0e3aa
Fix deduplication of bundle download sources. 2021-01-26 16:56:43 +00:00
Chris Gavin 726cfc8441
Ensure unqualified program names are present on `PATH` before executing them. 2020-11-18 22:20:13 +00:00
Chris Gavin 1220ae5bfd
Log a warning if the API version is not supported. 2020-10-30 12:20:06 +00:00
Chris Raynor 0907cd5a41
Merge branch 'main' into cbraynor/fix201 2020-10-05 10:35:27 +01:00
dependabot[bot] 4290eabf33
Bump @actions/core from 1.2.0 to 1.2.6 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.2.0 to 1.2.6.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-10-01 17:36:26 +00:00
Chris Raynor 8200c137dc
Resolve violations of import/no-extraneous-dependencies lint 
Fixes #201
 2020-09-29 15:03:21 +01:00
Chris Gavin 31c2eca167
Fix retrying uploads by using Octokit retry plugin. 2020-09-21 19:15:19 +01:00
Chris Gavin 9ed519fa12
Update to the latest version of `@actions/github`. 2020-09-18 16:06:20 +01:00
Chris Raynor c96f84308a
Regenerating node_modules 2020-09-14 10:42:37 +01:00
Chris Raynor 09b4a82c83
Removing the tslint config 2020-09-14 10:37:55 +01:00
Chris Raynor 06765f9340
Adding ESLint config and required dev dependencies 2020-09-14 10:32:24 +01:00
Robert Brignull 0bb8872e19 remove build-cli from top-level package.json 2020-08-25 11:45:01 +01:00
Robert Brignull a6e6d4b72b move dependencies needed to build CLI to separate package.json 2020-08-24 14:02:49 +01:00
Robert Brignull 5b0aafadb1 address comments 2020-08-12 17:42:47 +01:00
Robert Brignull 6d7a135fea Add a CLI interface to the upload-sarif action 2020-08-11 12:43:06 +01:00
Robert de0b59097a remove direct dependency on @actions/io 2020-08-07 18:09:45 +01:00
Robert Brignull f77ab09bf4 add sinon types 2020-07-07 18:32:18 +01:00
Robert Brignull 0086c2ecdb use @actions/github 2020-07-06 16:25:26 +01:00
Sam Partington 6afe41036b Update node modules 
https://github.com/github/codeql-action/pull/87/checks?check_run_id=811666672
 2020-06-26 16:27:11 +01:00
Sam Partington b0af5695e6 Add sinon package for mocking 2020-06-24 14:34:08 +01:00
Sam Partington 43c1bea680 Run npm install so have clear baseline 2020-06-24 14:33:14 +01:00
Robert Brignull 403832b950 Merge remote-tracking branch 'origin/main' into only-output-on-failure 2020-06-23 17:18:35 +01:00
Chris Gavin 211ad30f72
Update TSLint configuration to detect bad indentation. 2020-06-23 14:44:36 +01:00
Robert Brignull 66be268a09 run verbose 2020-06-23 14:36:40 +01:00
Alex Kalyvitis 11a9af0387 update deps again 2020-06-18 19:10:34 +02:00
Alex Kalyvitis 4c6749115a update @actions/tool-cache, install semver, nock 2020-06-18 16:31:13 +02:00
Robert Brignull ddee374101 validate sarif against schema before uploading 2020-05-22 14:19:16 +01:00
Robert Brignull 0e6df42024 add tests for config-utils 2020-05-14 16:47:42 +01:00
Robert Brignull 572c8bbc0c switch to using ava 2020-05-13 11:14:03 +01:00
Robert Brignull 0347b72305 replace jest with ava 2020-05-13 11:13:27 +01:00
Robert Brignull 256c63a715 Add and run removeNPMAbsolutePaths 2020-05-12 12:25:47 +01:00
dependabot[bot] 0cf8450c24
Bump @actions/http-client from 1.0.4 to 1.0.8 
Bumps [@actions/http-client](https://github.com/actions/http-client) from 1.0.4 to 1.0.8.
- [Release notes](https://github.com/actions/http-client/releases)
- [Changelog](https://github.com/actions/http-client/blob/master/RELEASES.md)
- [Commits](https://github.com/actions/http-client/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-04-29 18:03:56 +00:00
anaarmas 28ccc3db2d Initial commit (from f5274cbdce4ae7c9e4b937dcdf95ac70ae436d5f) 2020-04-28 17:23:37 +02:00