github.com/github/codeql-action
Actions for running CodeQL analysis
https://github.com/github/codeql-action
Put change behind a FF
db33d20bf4d9e52bf28614819f7d60f5cb9c9256 authored 4 months ago
db33d20bf4d9e52bf28614819f7d60f5cb9c9256 authored 4 months ago
Address Copilot's review comments
3c911485edc62ce14114209c4c9ec282d1ae570d authored 4 months ago
3c911485edc62ce14114209c4c9ec282d1ae570d authored 4 months ago
Reduce log levels for registry connection checks
1ec5b701fc83558619454257069725df30f64d38 authored 4 months ago
1ec5b701fc83558619454257069725df30f64d38 authored 4 months ago
Skip overlay memory check for CodeQL 2.24.3 and later
29765a3c714fbd74ca09547b64a3c3e608aecfa2 authored 4 months ago
29765a3c714fbd74ca09547b64a3c3e608aecfa2 authored 4 months ago
Bump globals from 16.5.0 to 17.3.0
Bumps [globals](https://github.com/sindresorhus/globals) from 16.5.0 to 17.3.0.
- [Release notes...
Bump eslint-plugin-jsdoc from 62.5.0 to 62.6.0 in the npm-minor group
Bumps the npm-minor group with 1 update: [eslint-plugin-jsdoc](https://github.com/gajus/eslint-p...
b2beb8544107df85db5fa187ae6d2afba4da7e81 authored 4 months ago
Use `getDefaultCliVersion` for `start-proxy`
f657c4e1eb6ec1f5ef99e9cbeb6c01e33d7476e6 authored 4 months ago
f657c4e1eb6ec1f5ef99e9cbeb6c01e33d7476e6 authored 4 months ago
Address review comments
f379c46d494968670a749cca71cb0c36a738167e authored 4 months ago
f379c46d494968670a749cca71cb0c36a738167e authored 4 months ago
Add `merge_group` trigger to required checks to prepare for merge queue
8105503f1aaa53bc6ca23bf3aff5b97e8f02c840 authored 4 months ago
8105503f1aaa53bc6ca23bf3aff5b97e8f02c840 authored 4 months ago
Merge branch 'main' into henrymercer/overlay-repo-property
056b0912cf54ce980659e88c78b05246af39551c authored 4 months ago
056b0912cf54ce980659e88c78b05246af39551c authored 4 months ago
Record overlay disablement reason
445a2a9bb2e867a25d86d1ec52fd7704f2a9a668 authored 4 months ago
445a2a9bb2e867a25d86d1ec52fd7704f2a9a668 authored 4 months ago
Add disabled reason
182427800cea6d68aaa9c2e4b4e732f005ae5d8b authored 4 months ago
182427800cea6d68aaa9c2e4b4e732f005ae5d8b authored 4 months ago
Merge pull request #3509 from github/dependabot/npm_and_yarn/multi-871638c4a1
Bump minimatch
c0fc915677567258ee3c194d03ffe7ae3dc8d741 authored 4 months ago
Merge pull request #3504 from github/mbg/ff/remove-ImprovedProxyCertificates
Remove FF gate for improved CA generation
18898a6dd37b777bb310ba761c7ca7019ce02926 authored 4 months ago
Add diagnostic when overlay disabled by repo property
70db156dcb3b4e4b3cd25cb65cb0a925c14298be authored 4 months ago
70db156dcb3b4e4b3cd25cb65cb0a925c14298be authored 4 months ago
Reorganize properties file
9c61a2ddf4eb51d1b093e7ca3bd1ffdc29ec0a5f authored 4 months ago
9c61a2ddf4eb51d1b093e7ca3bd1ffdc29ec0a5f authored 4 months ago
Rebuild
123b3011faa9ffce4bf411a5a954f1485254b50e authored 4 months ago
123b3011faa9ffce4bf411a5a954f1485254b50e authored 4 months ago
Bump minimatch
Bumps and [minimatch](https://github.com/isaacs/minimatch). These dependencies needed to be upd...
0aafb58a10b2dbc56c1d060e0e0a0219d52d0f9c authored 4 months ago
Add `hasMessage` to `RecordingLogger`
de068211121acb6e991bff88992cc1f93cc54b65 authored 4 months ago
de068211121acb6e991bff88992cc1f93cc54b65 authored 4 months ago
Replace `getRecordingLogger` implementation with `RecordingLogger`
ddafddb826304a070cd70ecb827cb3c43ea12991 authored 4 months ago
ddafddb826304a070cd70ecb827cb3c43ea12991 authored 4 months ago
Merge pull request #3506 from github/henrymercer/result-better-inference
Improve type inference of `Result<T, E>`
16adc4e6724ac45e5514b2814142af61054bcd2a authored 4 months ago
Improve validation and address review comments
2808ca726e92c8bc3686e482111659b11062787d authored 4 months ago
2808ca726e92c8bc3686e482111659b11062787d authored 4 months ago
Update JSDoc
Co-authored-by: Michael B. Gale <mbg@github.com>
2a607fea25af475c1da15fbb12d33701cdf05d16 authored 4 months ago
Add repository property for disabling overlay
ed39a1ea5c90d48ecdf2a7da24e1c8f2a946cfe4 authored 4 months ago
ed39a1ea5c90d48ecdf2a7da24e1c8f2a946cfe4 authored 4 months ago
Add support for boolean repository properties
7ea93ee2e19ad7dc528f1dde2a4f9bead6d4fa86 authored 4 months ago
7ea93ee2e19ad7dc528f1dde2a4f9bead6d4fa86 authored 4 months ago
Update names in tests
e51b6a9a520cc75c12cc3a2eaef8363f6845b5be authored 4 months ago
e51b6a9a520cc75c12cc3a2eaef8363f6845b5be authored 4 months ago
Improve type inference of `Result<T, E>`
160d27baf00e1b1f48bd189d637609258cad98c8 authored 4 months ago
160d27baf00e1b1f48bd189d637609258cad98c8 authored 4 months ago
Merge pull request #3503 from github/mbg/ff/make-connection-checks-default
Remove FF gate for connection checks
28737ec792fa19d1d04dc0dc299f1de0559a9635 authored 4 months ago
Merge pull request #3487 from github/henrymercer/overlay-status
Cache first failure building an overlay base DB to avoid repeated failures
e5f9d3b55e1c81400ef93d2ba718ff35cb40d876 authored 4 months ago
Change skipped reason message
56d1ccc87a4a2034c5daeec44601f197fbaf4bda authored 4 months ago
56d1ccc87a4a2034c5daeec44601f197fbaf4bda authored 4 months ago
Improve error message
dc00a6f08ff8032331b0e9e5111494d3e94ff596 authored 4 months ago
dc00a6f08ff8032331b0e9e5111494d3e94ff596 authored 4 months ago
Change order of checks in `tryUploadSarifIfRunFailed`
e9ce32d8078f95509668f449a64c013fd9a4b329 authored 4 months ago
e9ce32d8078f95509668f449a64c013fd9a4b329 authored 4 months ago
Rename secondary `run` to `uploadFailureInfo`
0f3e6325802cb6fbe08b3ecb70454a8b213107d7 authored 4 months ago
0f3e6325802cb6fbe08b3ecb70454a8b213107d7 authored 4 months ago
Merge pull request #3497 from github/henrymercer/eslint-v9
Update eslint to v9
ab56c02e0c3d1840d1ae828a3d08e0cbd388430a authored 4 months ago
Move SARIF types out of `util.ts`
d7cfd19fb824f2778a05b6a0eb35b042a1ec0d92 authored 4 months ago
d7cfd19fb824f2778a05b6a0eb35b042a1ec0d92 authored 4 months ago
Add `assertNotLogged` test helper
740f177889f9fe24f044b23292517f6b513b30b6 authored 4 months ago
740f177889f9fe24f044b23292517f6b513b30b6 authored 4 months ago
Remove FF gate for improved CA generation
83c236af2b01f1aaa4139eaedf7b363e7c9fa0e2 authored 4 months ago
83c236af2b01f1aaa4139eaedf7b363e7c9fa0e2 authored 4 months ago
Remove FF gate for connection checks
25bde03dfb4cd87f885c4e5bddd3c22809556249 authored 4 months ago
25bde03dfb4cd87f885c4e5bddd3c22809556249 authored 4 months ago
Merge pull request #3502 from github/mbg/remove-ccr
Remove all CCR-specific code and tests
c4dca28336f8ca0256dc5f40ed447a3220c07fec authored 4 months ago
Update PR template
1aad2787ecd6618cc21fb84a65cb67f63e3fe68e authored 4 months ago
1aad2787ecd6618cc21fb84a65cb67f63e3fe68e authored 4 months ago
Remove CCR e2e check
b6cf67a711d815b24a1056f84b23cf5694cc482a authored 4 months ago
b6cf67a711d815b24a1056f84b23cf5694cc482a authored 4 months ago
Remove `isCCR`
f59338d600d972a96e80ba9b7edb4340c0c25151 authored 4 months ago
f59338d600d972a96e80ba9b7edb4340c0c25151 authored 4 months ago
Merge branch 'main' into henrymercer/eslint-v9
2a07b6e3c7cb3841166441d98d5ac37f3077db18 authored 4 months ago
2a07b6e3c7cb3841166441d98d5ac37f3077db18 authored 4 months ago
Enable `tseslint` strict rules
fba33f686abb9319a34cc9ab182b26e8141e0111 authored 4 months ago
fba33f686abb9319a34cc9ab182b26e8141e0111 authored 4 months ago
Explicitly include eslint recommended rules
48094d2b6edffce97dc68cdb944eb00d20d5757c authored 4 months ago
48094d2b6edffce97dc68cdb944eb00d20d5757c authored 4 months ago
Merge pull request #3501 from github/mbg/ci/dont-label-merged
cb4e075f119f8bccbc942d49655b2cd4dc6e615a authored 4 months ago
cb4e075f119f8bccbc942d49655b2cd4dc6e615a authored 4 months ago
Merge pull request #3498 from github/henrymercer/overlay-resource-checks-v2
Add feature flag for more lenient overlay resource checks
1847416575e0067411e0b8f9965b0ff0bf51f5b3 authored 4 months ago
Don't run `label-pr-size` once a PR has been merged
11dd746d7067c13b451e3d83c769c933f0d4a52b authored 4 months ago
11dd746d7067c13b451e3d83c769c933f0d4a52b authored 4 months ago
Merge pull request #3500 from github/mbg/fixup/version-pinning
Minor improvements to "Keeping the CodeQL Action up to date" section
a754a57c217e908c249c8e54a503b2c84076ba6f authored 4 months ago
Slight wording change
466da5ec2d49919beacdfc0757d272ad655675a8 authored 4 months ago
466da5ec2d49919beacdfc0757d272ad655675a8 authored 4 months ago
Highlight that this for advanced setups
0a9b98b511420bea4ec565faa20f261ccc00247a authored 4 months ago
0a9b98b511420bea4ec565faa20f261ccc00247a authored 4 months ago
`v3` => `v4`
bce7dc4616e20ab1756093d4b2da5902a12d1617 authored 4 months ago
bce7dc4616e20ab1756093d4b2da5902a12d1617 authored 4 months ago
Remove extra blank line
b13ab62bc03a2947966938e043f11aec94d77a25 authored 4 months ago
b13ab62bc03a2947966938e043f11aec94d77a25 authored 4 months ago
Merge pull request #3499 from github/sam-robson/document-version-pinning-risk
docs: guidance on keeping the CodeQL Action up to date
4ea06e96f5e27254d0ea8ff1b6bf2051ece134f0 authored 4 months ago
Merge branch 'main' into sam-robson/document-version-pinning-risk
c9223eb0a07fe135163e43e7a968376291183335 authored 4 months ago
c9223eb0a07fe135163e43e7a968376291183335 authored 4 months ago
docs: risks of pinning
f0767c48a17201c9fd01413ddb53f16a130ceffd authored 4 months ago
f0767c48a17201c9fd01413ddb53f16a130ceffd authored 4 months ago
Add feature flag for more lenient overlay resource checks
4e71011f44008d000d0161875917f0d1af7c5d1c authored 4 months ago
4e71011f44008d000d0161875917f0d1af7c5d1c authored 4 months ago
Merge pull request #3489 from github/dependabot/npm_and_yarn/npm-minor-37a5b5ae66
Bump the npm-minor group with 6 updates
710e2945787622b429f8982cacb154faa182de18 authored 4 months ago
Use `import-x/no-cycle`
b948539dd414a78351f4c66400dc24f0749a0029 authored 4 months ago
b948539dd414a78351f4c66400dc24f0749a0029 authored 4 months ago
Update eslint to v9
c54531587d1ef0d48b47b29d2ebf63a7797f8445 authored 4 months ago
c54531587d1ef0d48b47b29d2ebf63a7797f8445 authored 4 months ago
Merge pull request #3477 from github/mbg/features/offline-features
559d85d1fac3e95c0b9e9b98f606913d00118cef authored 4 months ago
559d85d1fac3e95c0b9e9b98f606913d00118cef authored 4 months ago
Merge pull request #3495 from github/mergeback/v4.32.4-to-main-89a39a4e
8e010557a91163417dcec3a1fe6be23d5dc82951 authored 4 months ago
8e010557a91163417dcec3a1fe6be23d5dc82951 authored 4 months ago
Rebuild
37d6d1ca2765ecc5a77956e07b7d720f01c17127 authored 4 months ago
37d6d1ca2765ecc5a77956e07b7d720f01c17127 authored 4 months ago
Update changelog and version after v4.32.4
68b53dc641ba9c8117912f0f998d3f82843f0c47 authored 4 months ago
68b53dc641ba9c8117912f0f998d3f82843f0c47 authored 4 months ago
Merge pull request #3494 from github/update-v4.32.4-39ba80c47
89a39a4e59826350b863aa6b6252a07ad50cf83e authored 4 months ago
89a39a4e59826350b863aa6b6252a07ad50cf83e authored 4 months ago
Apply remaining review suggestions
e5d84c885c00d506f7816d26a298534dbbffac6d authored 4 months ago
e5d84c885c00d506f7816d26a298534dbbffac6d authored 4 months ago
Apply suggestions from code review
Co-authored-by: Henry Mercer <henrymercer@github.com>
Co-authored-by: Copilot <175728472+Copilot...
Fix typo
314172e5a1e1691ba4ad232b3d0230ceaf3d9239 authored 4 months ago
314172e5a1e1691ba4ad232b3d0230ceaf3d9239 authored 4 months ago
Add changelog entries
cdda72d36b93310932b0afe1784acd0209d190dd authored 4 months ago
cdda72d36b93310932b0afe1784acd0209d190dd authored 4 months ago
Update changelog for v4.32.4
cfda84cc5509282e2adc1570c3cf29c3167ae87f authored 4 months ago
cfda84cc5509282e2adc1570c3cf29c3167ae87f authored 4 months ago
Merge pull request #3493 from github/update-bundle/codeql-bundle-v2.24.2
Update default bundle to 2.24.2
39ba80c47550c834104c0f222b502461ac312c29 authored 4 months ago
Add changelog note
00150dad957fc9c1cba52bdab82e458ae5c09fe5 authored 4 months ago
00150dad957fc9c1cba52bdab82e458ae5c09fe5 authored 4 months ago
Update default bundle to codeql-bundle-v2.24.2
d97dce6561ae3dd4e4db9bfa95479f7572bd7566 authored 4 months ago
d97dce6561ae3dd4e4db9bfa95479f7572bd7566 authored 4 months ago
Merge pull request #3492 from github/henrymercer/new-repository-properties-ff
Use new feature flag for repository properties
50fdbb9ec845c41d6d3509d794e3a28af7032c59 authored 4 months ago
Use new feature flag for repository properties
f7905e8415fc90be677b6f086a172c5be5e7ca9e authored 4 months ago
f7905e8415fc90be677b6f086a172c5be5e7ca9e authored 4 months ago
Address review comments
4191f521100a285e8d14661f933719966aab38a7 authored 4 months ago
4191f521100a285e8d14661f933719966aab38a7 authored 4 months ago
Rebuild
79a913656cda5dad733b80eac9fd9a1cd17c9b31 authored 4 months ago
79a913656cda5dad733b80eac9fd9a1cd17c9b31 authored 4 months ago
Bump the npm-minor group with 6 updates
Bumps the npm-minor group with 6 updates:
| Package | From | To |
| --- | --- | --- |
| [semver...
Merge pull request #3488 from github/dependabot/npm_and_yarn/fast-xml-parser-5.3.6
Bump fast-xml-parser from 5.3.4 to 5.3.6
5e7a52feb2a3dfb87f88be2af33b9e2275f48de6 authored 4 months ago
Rebuild
76cf404c992326558083fc47ce459ca1289de2d6 authored 4 months ago
76cf404c992326558083fc47ce459ca1289de2d6 authored 4 months ago
Bump fast-xml-parser from 5.3.4 to 5.3.6
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.3.4 to 5....
7407d383869b86c2dbd8eca2d3fe2a04eb4e00b9 authored 4 months ago
Merge pull request #3486 from github/mbg/start-proxy/java-env-checks
Log information about the runner which may affect the private registry proxy
015d8c7cbcbb8e7252a7dccfe81a90aa176260b2 authored 4 months ago
Fix typos in comments
09bd46dda582965e35f7cf2e7eada380cb45939b authored 4 months ago
09bd46dda582965e35f7cf2e7eada380cb45939b authored 4 months ago
Merge remote-tracking branch 'origin/main' into mbg/features/offline-features
b927a69f96a3c1513e9f6d70a4123a3bbbc6541d authored 4 months ago
b927a69f96a3c1513e9f6d70a4123a3bbbc6541d authored 4 months ago
Fix `checkExpectedLogMessages` not asserting anything on success
61f7dd3d0d55de2f01a8ea232b075f8b0b197cfc authored 4 months ago
61f7dd3d0d55de2f01a8ea232b075f8b0b197cfc authored 4 months ago
Merge branch 'main' into mbg/start-proxy/java-env-checks
64300e453b47923d8f7a5d044701902da460d7e4 authored 4 months ago
64300e453b47923d8f7a5d044701902da460d7e4 authored 4 months ago
Merge pull request #3474 from github/mbg/risk-assessment-analysis
Add `csra` analysis kind
b1b1e44da9bac3c3c733dd0dbecc16d3c7889499 authored 4 months ago
Run `java` to show computed settings
906dd890a5cf0fed404a01b12f05f061d0aeee77 authored 4 months ago
906dd890a5cf0fed404a01b12f05f061d0aeee77 authored 4 months ago
Add more interesting Java properties
46473e05b78bc08f91aee555a8e756363f9aa46b authored 4 months ago
46473e05b78bc08f91aee555a8e756363f9aa46b authored 4 months ago
Move interesting JRE properties out of `checkJdkSettings`
32ab108bfdce3eafbb3f99a538f818a9fe771c25 authored 4 months ago
32ab108bfdce3eafbb3f99a538f818a9fe771c25 authored 4 months ago
Replace most occurrences of `CSRA`
2abec3f0c3b57cdee3b490438103ad0f11d92731 authored 4 months ago
2abec3f0c3b57cdee3b490438103ad0f11d92731 authored 4 months ago
Reword error message
6d55dfff02c014a46c6a6b89f3864c3a1524c822 authored 4 months ago
6d55dfff02c014a46c6a6b89f3864c3a1524c822 authored 4 months ago
Add JSDoc comments to `upload-lib` types
5c96b6e3dbe481bd5819a1255f27f72c825a21a5 authored 4 months ago
5c96b6e3dbe481bd5819a1255f27f72c825a21a5 authored 4 months ago
Consistently use "\n" to split lines, then trim extra characters if needed
971592501c5c51a7e536d2955df50783b51b913a authored 4 months ago
971592501c5c51a7e536d2955df50783b51b913a authored 4 months ago
Fixup: add missing `.env`
44a4bea3674f38a004857716e2354fa85f99ed7e authored 4 months ago
44a4bea3674f38a004857716e2354fa85f99ed7e authored 4 months ago
Only run when debugging or test mode is enabled
11c6c18818b35b709193c85f83d1183538f7414c authored 4 months ago
11c6c18818b35b709193c85f83d1183538f7414c authored 4 months ago
Check whether `value` is a URL in `checkEnvVar` and clear credentials
Note also that we run this after `getCredentials` which already instructs Actions to mask creden...
99fcc7b2a12a3895509ff680d8b72d80b2e210ab authored 4 months ago
Add tests for shouldSkipOverlayAnalysis
657f337cd131beb52bba73c81aa7c4f0b1efc45a authored 4 months ago
657f337cd131beb52bba73c81aa7c4f0b1efc45a authored 4 months ago
Extract status file path helper
fa56ea8dc0e9590e8ba620c2767e29b4a31de4bd authored 4 months ago
fa56ea8dc0e9590e8ba620c2767e29b4a31de4bd authored 4 months ago
Avoid mutating languages array in overlay status functions
Use [...languages].sort() instead of languages.sort() to avoid
mutating the caller's array as a ...