A web application to visualize and manage open source project data from the Ecosyste.ms API.

github.com/github/codeql-action

Actions for running CodeQL analysis
https://github.com/github/codeql-action

Merge pull request #3197 from github/dependabot/github_actions/dot-github/workflows/github/codeql-action-4

Bump github/codeql-action from 3 to 4 in /.github/workflows

f5e53f947672aba2238515474c2b7b9f248ac5bc authored 9 months ago
Merge pull request #3193 from github/mbg/ff/tools-toolcache

Gate `tools: toolcache` behind FF

4e90a42a3e28a8bde9c8c11ba90d243ea352e61c authored 9 months ago
Rebuild

413a4a4df19c643ceab05ebad65b0d90532c778a authored 9 months ago
Bump github/codeql-action from 3 to 4 in /.github/workflows

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release no...

452186448a7a7dd9f635cd74bf6a5df3bac6a795 authored 9 months ago
Bump ruby/setup-ruby

Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-rub...

eadf14bf6efa3061e98bdfbfd3487878f08af99c authored 9 months ago
Rebuild

e1257b6fda873a6eba14d2dab41d637243c40d97 authored 9 months ago
Bump the npm-minor group with 3 updates

Bumps the npm-minor group with 3 updates: [semver](https://github.com/npm/node-semver), [@typesc...

b516b1d4bc3e0a5d8c81118bc70f5e79005da643 authored 9 months ago
Merge pull request #3194 from github/henrymercer-patch-1

Dependabot: Only group minor and patch updates

168b2dee167f8933b7c69533f4b5041621272ad3 authored 9 months ago
Fix swapped log levels

4704ab18691cbc020ec00ac79ac5eb698ad192bc authored 9 months ago
Dependabot: Only group minor and patch updates

Major updates are likely to include breaking changes and are worth reviewing individually.

e74435a1dab914f38f7e92c09c5413bcf21cda7f authored 9 months ago
Add tests for scenarios where the feature is unavailable

dc2ced8385fe206c30e6accdd2d900759080cadf authored 9 months ago
Add test macro for fallback tests

5c752c85dd2b8139dd3f3a8be1c0a35ffb4b82c4 authored 9 months ago
Fix log message swap

524b9a00e8f3b89d9e8a0803bd0a3646261829ea authored 9 months ago
Gate `tools: toolcache` behind FF

Mainly to allow us to disable it, if needed.

a512fe0868dad020a7936ebc957e18cb421aaba9 authored 9 months ago
Add `AllowToolcacheInput` feature

62f0f21c3cf729521f1b7c6610048be4eb0cbea9 authored 9 months ago
Merge pull request #3185 from github/redsun82/skip-sarif-upload-tests

Add unit tests for `uploadPayload`

a8440d08d582b9a7a5ea0fd15076e0d71666c6ed authored 9 months ago
Address review

610c7c68e37196cc9fa91a01b93112e77c0a82b8 authored 9 months ago
Simplify `uploadPayload` tests

ff2fc66cc18ceec24743397252b8fc50b0708654 authored 9 months ago
Scratch `uploadSpecifiedFiles` tests, make `uploadPayload` tests instead

a841c540b73bac7685691a2f930006ba52db3645 authored 9 months ago
Merge branch 'main' into redsun82/skip-sarif-upload-tests

aeb12f6eaaa7419b7170f27dc3e2b5710203ff2d authored 9 months ago
Merge pull request #3189 from github/henrymercer/download-codeql-rate-limit

Add configuration error for rate limited CodeQL download

6fd4ceb7bbb8ec2746fd4d3a64b77787dffd9afc authored 9 months ago
Merge pull request #3188 from github/mbg/telemetry/partial-config

Allow `Partial<Config>` for `createStatusReportBase`

196a3e577b477ffb129cb35c7ed3ba72e6e2dbe7 authored 9 months ago
Add configuration error for rate limited CodeQL download

98abb870dcd6421594724ae220643e13baf90298 authored 9 months ago
Also include `language` in error status report for `start-proxy`, if available

bdd2cdf891a0a89c6680bd54c9ba63c80e440f75 authored 9 months ago
Include `languages` in `start-proxy` telemetry

fb148789ab863424b005147b4b018fe5691e5ccc authored 9 months ago
Parse `language` before calling `getCredentials`

2ff418f28a66dd71cd80701e95ec26db12875f15 authored 9 months ago
Allow `createStatusReportBase` to accept a `Partial<Config>`

527501d15daa18cf28340a6052d3e4b378b78fe1 authored 9 months ago
Address copilot review

621809b2392b9cfd88a6dcb318a8447b9508d080 authored 9 months ago
Merge pull request #3180 from github/redsun82/skip-sarif-upload

Introduce `CODEQL_ACTION_SKIP_SARIF_UPLOAD`

8301b8b09677d050f498ac210b2b91a37ba1e617 authored 9 months ago
Merge pull request #3184 from github/nickrolfe/go-overlay

Overlays: allow any build mode for Go

7bdfa9736a4fe3c61af28749b7fc8fb5d2077471 authored 9 months ago
Merge branch 'main' into redsun82/skip-sarif-upload

1707898e5b0b0827d4ba7542b8dd45d5a324a3e2 authored 9 months ago
Tweak comment

d05f2255a087b7661ba811697734d364a4001eae authored 9 months ago
Merge pull request #3186 from github/mergeback/v4.30.7-to-main-e296a935

Mergeback v4.30.7 refs/heads/releases/v4 into main

8a6b62bc2dc4eb1fbb471c60b48b640bbdac8575 authored 9 months ago
Rebuild

d95a3b53f835a6da022a62f657318fb1174ccf09 authored 9 months ago
Merge remote-tracking branch 'origin/main' into mergeback/v4.30.7-to-main-e296a935

257e42ce3d3dd49e81ff1cf4dd3899eebf430070 authored 9 months ago
Fix test after rebase

a57997f2d225266d6c3e3a9a2dc598b9e0db048a authored 9 months ago
Update changelog and version after v4.30.7

074940162c06b3f860d5f16878dffaf19c4e3d1a authored 9 months ago
Merge pull request #3183 from github/update-v4.30.7-55283843c

Merge main into releases/v4

e296a935590eb16afc0c0108289f68c87e2a89a5 authored 9 months ago
Merge branch 'main' into redsun82/skip-sarif-upload

df65651d4fc519aad1c7f3a3896332d583dd2b48 authored 9 months ago
Address review

1b09eb4cccffa2e41a48a47920632069b9896201 authored 9 months ago
Overlays: allow any build mode for Go

We have a check that a traced language can only run overlay analysis
with build-mode: none, but ...

7892cb23624826b766a794f0b556f535be85ce12 authored 9 months ago
Add unit tests for uploadSpecifiedFiles

4489a63a9d3dd91540663e818372716c94e09163 authored 9 months ago
Merge pull request #3175 from github/mbg/setup/toolcache

Support requesting latest version from toolcache with `tools: toolcache`

2f11c17b09609f544685db8f691ba3176174beb4 authored 9 months ago
Merge branch 'main' into mbg/setup/toolcache

0ba49701659ead4e12e2a37a34dabc6ac4c649b1 authored 9 months ago
Merge pull request #3176 from github/mbg/pr-template/tests

Add more questions to the PR template

5431b6a3081561c1ab4e44746c6f890274fea287 authored 9 months ago
Merge branch 'main' into mbg/pr-template/tests

7f5db167b61b0a5bbe9ffc46fa0a23db4bef3107 authored 9 months ago
Merge pull request #3181 from github/mbg/pr-checks/upload-sarif

Add more end-to-end tests for `upload-sarif`

239d7b286f1cc525f01e99e2f7039bcfe5cf3919 authored 9 months ago
Remove unneeded comment

86b2ad66467bec6e0e45071af0ff547052830425 authored 9 months ago
Merge branch 'main' into redsun82/skip-sarif-upload

5dfb610e99a2a32c96ddfb6d59cc868b6ccb1cad authored 9 months ago
Merge branch 'main' into mbg/pr-checks/upload-sarif

1491baa17e40eca8c8c130a9abb58ace69031a4b authored 9 months ago
Merge pull request #3182 from github/dependabot/npm_and_yarn/npm-b02b6854f6

Bump the npm group with 4 updates

db562a696f2a1bb90068db2521f09e9087748be9 authored 9 months ago
Update changelog for v4.30.7

93c16735fa0c27d771c77818dac729edc5a9cd19 authored 9 months ago
Merge pull request #3169 from github/mario-campos/node24

[v4] Upgrade Node.js runtime from v20 to v24

55283843ca9b4d67ebda238e93f97913b6d527ca authored 9 months ago
Rebuild

6877465dc11a53252c0a744b3aa89611fd96f555 authored 9 months ago
Bump the npm group with 4 updates

Bumps the npm group with 4 updates: [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/pack...

ff23a55f4d15e7dc85b3c07d33dd1bdf88fe8fad authored 9 months ago
Hoist CHANGELOG note back to "UNRELEASED" section.

b66db86c847a6b3b82d6036b8ef090a869d23fcd authored 9 months ago
Tweak SARIF skipping logs

00a6e13cbfc3c235afc298030cf9b1728b498130 authored 9 months ago
Revert "Specify reason for skipping SARIF upload in logs"

This reverts commit 680b07003d39978a705d23d22a2efc5f62a0e924.

25c8db918a216a2a632b6646e28c958333175433 authored 9 months ago
Adjust step names to be clearer

dabf6fc57806f7dec50430fd9193732fbdd276c5 authored 9 months ago
Fix: Update `payload.json` path in `with-checkout-path` test

14c5d77032ee3effd4fd42710395800466c8d7cb authored 9 months ago
Add explicit `category` values

380e002752dd3ae10c718f81ac27a53db40a2769 authored 9 months ago
Specify reason for skipping SARIF upload in logs

680b07003d39978a705d23d22a2efc5f62a0e924 authored 9 months ago
Include analysis kind in `payloadSaveFile` path in `uploadPayload`

22aba57acf39c63a1b4963298698fb3f7a991e17 authored 9 months ago
Clarify comment about SKIP_SARIF_UPLOAD setting

11e40344144d49f1ba9441e1c8cbbe2e0d526142 authored 9 months ago
Update src/util.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

882667e383f6770feee4a7f18c5cedadec673c35 authored 9 months ago
Cover more cases in `upload-sarif` check

6f964b7776696bb9ff2cebad990817c49ecf449f authored 9 months ago
Run `upload-sarif` check for all `analysis-kinds` values

6bdf5d3d00fd477b954432761e4dcd9d3cf02b72 authored 9 months ago
Rename `upload-quality-sarif.yml` workflow

9b3ade946d34bbaaada8d43f8f902886b7e9c020 authored 9 months ago
Introduce `CODEQL_ACTION_SKIP_SARIF_UPLOAD`

This triggers a subset of the behavior of `CODEQL_ACTION_TEST_MODE`,
specifically just skipping ...

e0b9da7b0a10d6ed880ead85f0d223ed1e631bc8 authored 9 months ago
Restrict when `tools: toolcache` can be used

726a341ed4837e1dce785aac864b13904ee3fea8 authored 9 months ago
Use `semver.compare` instead of `semver.lt`

1cc5eb663691cdc33687fa343c35ef7b22d1e723 authored 9 months ago
Add `isDynamicWorkflow` function

43ce7ef39920f9ecce40b7b9aecf0224e866e584 authored 9 months ago
Remove `toolcache` option description from `action.yml`

4d0c164f60f6d3a2e757c80c66857d687506d062 authored 9 months ago
Merge remote-tracking branch 'origin/main' into mario-campos/node24

# Conflicts:
# lib/analyze-action-post.js
# lib/analyze-action.js
# lib/autobuild-action.js
# li...

b2e22323e27f51736ac514773cfc66b169432101 authored 9 months ago
Add more questions to the PR template

dd9e24a8a4b011052881abacca601159aee4b649 authored 9 months ago
Add basic PR check for `tools: toolcache`

13a3a6890f9c7464d5a7e0afe6df24f317d8a4b0 authored 9 months ago
Accept `toolcache` as `version` value for `prepare-test`

7d468c931cabb064c8d5c0eeed3f5c30af4e6e89 authored 9 months ago
Support requesting CLI from toolcache with `tools: toolcache`

425ef8559525de0beae442f8231cc3d3425cef08 authored 9 months ago
Add `getLatestToolcacheVersion` with tests

297313df79f4bcbd08eb529220f6b82f3c2fdeb8 authored 9 months ago
Merge pull request #3174 from github/mbg/fix/start-proxy-matrix

Make `matrix` available to `start-proxy` action

065c6cfb7809de8db2167a953b5b622491cda914 authored 9 months ago
Re-throw exception in `createStatusReportBase` when in test mode

7fb8378d93a9c48917835b918be8813792a0dd26 authored 9 months ago
Revert changes to build.mjs

dddf033776a9a0e008719a5c64a93dcac144838f authored 9 months ago
Simplify PR check by reverting changes to `@types/node`.

54ae8ba5b132f38656616b37ff939c55700d519b authored 9 months ago
Make `matrix` available to `start-proxy` action

65e9e640eee8bd9544d635018b785e3902144ccd authored 9 months ago
Merge pull request #3173 from github/mergeback/v3.30.6-to-main-64d10c13

Mergeback v3.30.6 refs/heads/releases/v3 into main

21a7ba37dd3a3acab11343f27c466aae7dfef4c7 authored 9 months ago
Rebuild

70836b1ec4ecbd0baa6b1e69566c54c946fc2729 authored 9 months ago
Update changelog and version after v3.30.6

205744e04feff7038d2f6efa0a56ccf2311ae33b authored 9 months ago
Merge pull request #3172 from github/update-v3.30.6-10feb5d2a

Merge main into releases/v3

64d10c13136e1c5bce3e5fbde8d4906eeaafc885 authored 9 months ago
Update changelog for v3.30.6

909610e8a847f0bd00aec15db1ca9e69b006b832 authored 9 months ago
Merge branch 'main' into mario-campos/node24

d899b2ed980c62df378da794dbbd1244edadd953 authored 9 months ago
Merge pull request #3167 from github/mbg/upload-sarif/find-then-filter

Find, then filter, SARIF files for `upload-sarif` Action

10feb5d2a2535fc4a649a440d3cc1605adc4b401 authored 9 months ago
Merge pull request #3168 from github/update-bundle/codeql-bundle-v2.23.2

Update default bundle to 2.23.2

4182ea3d4e571a0ef1fe400e2be7dac377d0bfab authored 9 months ago
Merge pull request #3171 from github/mbg/start-proxy/telemetry

Add basic telemetry for `start-proxy` Action

34afe5b7b14d3606c13bf651daa19ddd8a0f7266 authored 9 months ago
Merge branch 'main' into update-bundle/codeql-bundle-v2.23.2

096fe67f97e494ef06346b2edba7862069e6f879 authored 9 months ago
Merge pull request #3170 from github/mbg/start-proxy/remove-update-workflow

Remove `update-proxy-release` workflow

b4964014adc5c667e691999fa475b29d2634750c authored 9 months ago
Report registry types that are configured for CodeQL in `start-proxy` telemetry

d573787cca00bdd533d895012a2af0dad5f2e66a authored 9 months ago
Send a basic status report in `start-proxy` Action if it succeeds

15916800df051ff24b89c0f961260e8bea28d85f authored 9 months ago
Send status report when `start-proxy` fails

cb5a2849ac05d53b82c70a5feb2a56a85feb20d4 authored 9 months ago
Move error handling from `startProxy` to `runWrapper` in `start-proxy` action

6de1d741f6ea1cf4fd0de9d169cd35eac87a8c6f authored 9 months ago
Add `StartProxy` to `ActionName` enum

a506145f31f2bfa5ae818b8bb73fb42921acce73 authored 9 months ago