github
/
codeql-action
зеркало из https://github.com/github/codeql-action.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
3 742 коммитов 207 Ветки 395 Теги 208 MiB
Граф коммитов

150 Коммитов

Автор SHA1 Сообщение Дата
Angela P Wen a21bb7f968
Update `upload` input values and logic (#1598) 
- The `upload` input to the `analyze` Action now accepts the following values:
    - `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
    - `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
    - `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
    - The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

---------

Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-03-23 17:23:25 +00:00
Charis Kyriakou 94cc1dea00 Add override for code scanning analysis of default branch 2023-03-23 13:31:00 +00:00
Henry Mercer be8f7b01a2 Add types for `package.json` via `@schemastore/package` 2023-01-20 15:01:35 +00:00
Henry Mercer 10695e6a20 Fix linter errors 2023-01-18 21:00:05 +00:00
Henry Mercer 5f644f971e Upgrade TypeScript to 9.2.0 2023-01-18 20:59:57 +00:00
Andrew Eisenberg e6e3bf4923 Update src/actions-util.ts 
Co-authored-by: Angela P Wen <angelapwen@github.com>
 2023-01-17 15:53:14 -08:00
Andrew Eisenberg b625b628b7 Hide error message and stack for non-error 
Avoid printing the error message and stack when we fail to find the
commit. This will happen in several non-error states (e.g.,
when there is no repository checked out at the CWD). Move the
error message to a debug message so that it is still available
if someone really wants to see it.
 2023-01-17 15:00:24 -08:00
Henry Mercer e67ad6aaed Add telemetry for uploading failed runs 2022-12-09 10:35:19 +00:00
Henry Mercer 5296a763b1 Upload failed SARIF files to Code Scanning 2022-11-25 17:52:50 +00:00
Henry Mercer 79f8286c68 Refactoring: Separate out workflow related functionality 
No semantic changes.
 2022-11-23 19:27:01 +00:00
Marco Gario 0a76b97b28 Prefer GITHUB_REF to CODE_SCANNING_REF 
Given that the GITHUB_REF is a protected variable, we want to prefer it to
CODE_SCANNING_REF. This should prevent accidentally overwriting these values.
The logic is a bit more involved, as I think it makes sense to raise the error
about GITHUB_REF not being set, rather than mentioning CODE_SCANNING_REF if
both are not set.
 2022-11-16 10:49:49 +01:00
Henry Mercer 0dea34e91c Merge branch 'main' into henrymercer/delete-runner-part-2 2022-11-15 19:35:30 +00:00
Marco Gario 2bca6af0e5 Read CODE_SCANNING_REF 2022-11-15 15:26:47 +01:00
Henry Mercer 9df773d1a3 Remove unneeded `apiDetails` input to `getApiClient` 2022-11-14 19:55:30 +00:00
Henry Mercer 3d46406f3b Remove runner-only input to `databaseInitCluster` 2022-11-14 18:49:17 +00:00
Henry Mercer 03bb58c07d Remove note about separation in `actions-util` 
We could move everything into `util`, but in some ways it is nice having
a file dedicated to Actions related utilities.
 2022-11-14 18:46:43 +00:00
Cornelius Riemenschneider bfcbb093ac Re-export codeql testing environment variable to subsequent steps, if set. 2022-11-01 13:18:57 +01:00
Cornelius Riemenschneider 4b73c4f99e Actions status report: Send testing_environment. 
The testing environment is taken from the environment variable
CODEQL_ACTION_TESTING_ENVIRONMENT.
 2022-11-01 13:18:57 +01:00
Cornelius Riemenschneider f3a27d6945 GHES 3.1 has been deprecated end of June 2022. 
Therefore, we do not need to support the workaround for
action telemetry anymore.
 2022-10-18 14:20:52 +02:00
David Verdeguer 063e083705 Fix linting 2022-09-07 22:45:34 +02:00
David Verdeguer a03f3bd585 Build js 2022-09-07 09:45:19 +02:00
Chris Gavin 5960bffd3f
When running on a schedule, make a better guess about whether we're analyzing the default branch. 2022-08-25 10:58:16 +01:00
Edoardo Pirovano 8b45ef3845
Telemetry: Record DB creation time 2022-08-24 14:31:37 +01:00
Henry Mercer 219a937551 Require test mode to be set to use `expect-error` input 
This should be more robust than determining whether the repo is the
CodeQL Action or a fork of it.
 2022-08-17 14:49:24 +01:00
Angela P Wen 9b7fa3dd99
Add `expect-error` input to force PR check green on expected failure (#1177) 2022-08-16 16:27:14 -07:00
Angela P Wen 15608ceae3 Merge remote-tracking branch 'origin/main' into angelapwen/post-init-cleanup 2022-08-11 15:24:10 +02:00
Angela P Wen 4e121c0ef5 Address additional review comments 2022-08-11 13:58:01 +02:00
Angela P Wen 65d6ee0c51 Address review comments 2022-08-11 13:45:26 +02:00
Edoardo Pirovano 3835e64c38
Remove distrust of `GITHUB_ACTION_REF` for local actions 2022-08-10 09:39:03 +01:00
Angela P Wen 7f86ddc26d Move debug log printing back to actions util 2022-08-02 12:41:08 +02:00
Angela P Wen eeee462f05 Move debug artifact methods into separate file 2022-08-02 12:27:52 +02:00
Angela P Wen 5895ab0c0b Address more PR comments, refactoring 2022-08-02 12:18:44 +02:00
Angela P Wen 5da7870265 Refactoring per PR comments 2022-08-01 12:52:16 +02:00
Angela P Wen 8a4a573d59 Error handling for JSON parsing 2022-08-01 12:12:49 +02:00
Angela P Wen 52de49c899 Refactor helper function to util 2022-08-01 11:42:55 +02:00
Angela P Wen 2746051310 Catch case where database isn't finalized 2022-07-29 12:00:07 +02:00
Angela P Wen 1016eba538 Move logs, SARIF actions uploads to post: hooks 2022-07-29 11:29:39 +02:00
Henry Mercer c736697abf Remove toolcache decorator 
This decorator enabled us to use the functionality of the Actions
toolcache within the runner too.
Now that we've deleted the runner we no longer need it.
 2022-06-30 09:16:10 +01:00
Andrew Eisenberg 0efcf74ce0 Add typings for js-yaml 2022-06-14 07:50:47 -07:00
Henry Mercer 7c2be06006 Factor out test mode determination code 2022-04-28 19:13:22 +01:00
Andrew Eisenberg 426a3951ee Exclude pull requests from actions/runs request 
This will save time when fetcing the current run and we
don't use the pull requests for anything anyway. It is
ok to leave out.
 2022-04-07 14:02:44 -07:00
Henry Mercer a2949f47b3 Update actions/checkout from v2 to v3 2022-03-30 19:46:09 +01:00
Andrew Eisenberg 88db5e75ec Merge branch 'main' into aeisenberg/checkout-path-commitoid 2022-03-25 10:31:47 -07:00
Andrew Eisenberg d068f5372a Fix failing tests 2022-03-25 10:00:47 -07:00
Chuan-kai Lin c3010cb18a Status reporting: fix codeql_version field name 2022-03-23 11:32:03 -07:00
Tobias Speicher 0a713019c3
refactor: replace deprecated String.prototype.substr() 
.substr() is deprecated so we replace it with .slice() which works similarily but isn't deprecated
Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
 2022-03-20 17:08:43 +01:00
Chuan-kai Lin f60bb5cc38 Include CodeQL CLI and action versions in status reports 2022-03-17 10:07:29 -07:00
Chuan-kai Lin ea5898d606 Restore compatibility with GHES 3.1: address code review comments 2022-03-14 15:44:16 -07:00
Chuan-kai Lin aeefdce612 Restore compatibility with GHES 3.1 2022-03-14 08:20:27 -07:00
Chuan-kai Lin 401a76f245 Add runner OS release to status report 2022-03-03 13:06:02 -08:00