A web application to visualize and manage open source project data from the Ecosyste.ms API.

github.com/github/codeql-action

Actions for running CodeQL analysis
https://github.com/github/codeql-action

Enable mapping from CLI version to bundle tag name

a76fe4f9bd1f6619d716637063ae6b182556bc2c authored over 3 years ago
Merge pull request #1462 from github/henrymercer/refactor-codeql-setup

Refactor CodeQL setup

cf1437a51414bcd7b1ce9aa9704fa8b55b2c2926 authored over 3 years ago
Rebuild

f9c9a2567cd6d9f523ff6c821a55496322b27044 authored over 3 years ago
Merge branch 'main' into dbartol/bundle-20230105

b9c859bfa1f7e8d2c033d2f76f5a1cc2308b6e25 authored over 3 years ago
Add CLI version field and prior release fields to `defaults` file (#1463)

* Add CLI version field to `defaults` file

* Add fields for prior CLI version

b4187d626bb70948c40956ceb85cc2245d924822 authored over 3 years ago
Add change note for bundle update

bfbb7ab03c233a731a5e08f992449ce5343d5b9a authored over 3 years ago
Update to CoideQL bundle 20230105 (2.12.0)

4e5a06f00986c38b1b1d2c81cf62541750641d8a authored over 3 years ago
Move database bundling to inside the try-catch

e8f7169839dc1f67e8c054ca34d570ff5bda0a4d authored over 3 years ago
Use a stream when uploading database contents

6ce923c3755eec7fa70ed17e25058e9e1adafb3f authored over 3 years ago
Improve logging around authorization headers

b2b478264a899bd1b5b8db05247aab6440c59920 authored over 3 years ago
Send the external repository token to the CLI

This commit does a few related things:

1. Bumps the minimum version for cli config parsing to 2...

4023575d648c4758455aca19f48dd7046ba2a9d4 authored over 3 years ago
Refactor CodeQL setup

5eba74a3c9d10972f85c7321b0267bda389b35be authored over 3 years ago
Ignore default version flags with invalid version numbers

a6dff04fe1f2d2de06d06d56fe4733e9aff766ac authored over 3 years ago
Support determining Dotcom CLI version from feature flags

cdb90196f28729ee7161b416c16ee8a8ab455c30 authored over 3 years ago
Merge pull request #1444 from github/henrymercer/reporting-failed-run-improvements

Improve reporting failed runs via SARIF

ff3337ee1b38c9bcf43046bde6450e50c5e88ebb authored over 3 years ago
Merge pull request #1460 from github/adityasharad/actions/code-scanning-schedule

Code scanning: Add scheduled trigger to workflow

484236cda4f99dce6f67723e95670437c888dffa authored over 3 years ago
Code scanning: Add step titles to workflow

f837e8e76159827db03e59d5fe00575955d4a3af authored over 3 years ago
Code scanning: Add scheduled trigger to workflow

Ensure we are regularly running code scanning using
the latest CodeQL and remain up to date with...

ef2186495018bf6f66382ce7f3131352273e3134 authored over 3 years ago
Add more tests for uploading failed SARIF

Test results directly via return value of `testFailedSarifUpload` vs
via checking log messages.

4789c1331cdd80a5c05b3ef94561b35f1901b3f5 authored over 3 years ago
Remove redundant log messages

59ebabde5d86f3cd084ce00fafe9b87ef558b445 authored over 3 years ago
Improve method naming

3224214d916291d5e3a5ab0d53d9446a6694eb84 authored over 3 years ago
Demote upload failed SARIF run info statements to debug

We now report errors via telemetry, and this feature will shortly be
enabled by default.

e09fbf5b4a6f500d4bf025757d6f974088c2f003 authored over 3 years ago
Improve error message when workflow file doesn't exist

e9ff99b027911743e553f6dd238cfd97cb917de2 authored over 3 years ago
Add a better log message for reusable workflow calls

8b9e982393f56e2578272c1691f7d4567ae4f923 authored over 3 years ago
Check for successful completion rather than SARIF upload

This doesn’t affect the overall behaviour, but means we can
short-circuit slightly more quickly ...

8d1e008ecbd279ff2c4290e8b4de315116dca858 authored over 3 years ago
Merge pull request #1441 from github/henrymercer/remove-old-certifi-tests

Remove tests with old certifi dependency

579411fb6c2fa885902ffeb0238873661aa2dc29 authored over 3 years ago
Remove tests with old certifi dependency

e4818d46c4134bb3877f08c3d50b829d687160fa authored over 3 years ago
Set up the Swift version the extractor declares (#1422)

Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>

4778dfbd934fe0260c063303d5113633816180f5 authored over 3 years ago
python-setup: Fix for python2

b8107301d238fd9af508eb785e8c9ba6facb0259 authored over 3 years ago
`npm run build`

4bd9723e2bf5fe42aedbf40673efb06c4f1c1cd8 authored over 3 years ago
Merge pull request #1437 from github/mergeback/v2.1.37-to-main-959cbb74

Mergeback v2.1.37 refs/heads/releases/v2 into main

0a3f985290ed05d660eccad9acadea7a461a4aa8 authored over 3 years ago
Update checked-in dependencies

04f1897968f786e7f11c3382ce5f8b72577f05d5 authored over 3 years ago
Update changelog and version after v2.1.37

6ac6037211c08083e7190377786f73a8a211286d authored over 3 years ago
Merge pull request #1436 from github/update-v2.1.37-d58039a1

Merge main into releases/v2

959cbb7472c4d4ad70cdfe6f4976053fe48ab394 authored over 3 years ago
Update changelog for v2.1.37

10ca836463902e2860cb03c23dc7a3ee659d32dc authored over 3 years ago
Merge pull request #1435 from github/orhantoy/add-CODE_SCANNING_REF-tests

Add tests for CODE_SCANNING_REF

d58039a1e3151bdd087ec4044da5183fc5d14d60 authored over 3 years ago
Merge pull request #1433 from github/henrymercer/use-codeql-2.11.6

Bump default CodeQL version to 2.11.6

37a44962378d1984d228e6ac1cb838a701a35c28 authored over 3 years ago
Make sure env is reset between tests

b7028afcb462569c0fa0516f58467b0d561b8c57 authored over 3 years ago
Merge branch 'main' into henrymercer/use-codeql-2.11.6

f629dada4c57c444f2c4fd20a2c2e1e4ab6adcfe authored over 3 years ago
Add tests for CODE_SCANNING_REF

ccee4c68ff1bd1c6bbe262703b9707d937d5846a authored over 3 years ago
Merge pull request #1432 from github/henrymercer/init-post-telemetry

Add telemetry for uploading failed runs

899bf9c076bcf8a9b657dd1b6d6a8270f89f356a authored over 3 years ago
Remove debugging log statements

dd7c3ef80e9300ee54af3196a0dd0671537ebfd4 authored over 3 years ago
Reuse existing fields in post-init status report

b7b875efff184017fd6ec63be41745ab382afac5 authored over 3 years ago
Fix prettier problem

ebf1b8f8fc422294ccb706270663f4caf877d311 authored over 3 years ago
python-setup: Fix path for tests

932b6a98b8b6f8b8e4484f1c8ef95fca7e3cdde4 authored over 3 years ago
Merge pull request #1434 from github/nickfyson/remove-query-string

remove use of query-string package

53ab991fbe93631fa81f7dc0bb53e06b78fbd325 authored over 3 years ago
use .has for searchParams instead of checking for undefined

54d25f56dd0ce689005bef9d89a74ad348320b5e authored over 3 years ago
remove use of query-string package

d827cf3d656c82237089296fdc4682370b0bc5d7 authored over 3 years ago
Add changelog note

9438015b823b466ba6fbadd70546bf6952c8e0c0 authored over 3 years ago
Update bundle version to `codeql-bundle-20221211`

5aced818483a7a9a955af23405a361e7ba66d643 authored over 3 years ago
python-setup: Handle poetry `virtualenvs.options.no-pip = true`

Fixes https://github.com/github/codeql-action/issues/1425

259993b92aca26d1fe79e27a070e5c0c7e24f2c7 authored over 3 years ago
Merge pull request #1429 from github/mergeback/v2.1.36-to-main-a669cc59

Mergeback v2.1.36 refs/heads/releases/v2 into main

896079047b4bb059ba6f150a5d87d47dde99e6e5 authored over 3 years ago
Update checked-in dependencies

e58b8d6a6137ca9f6121bbd62a1f48a0ca26fb4f authored over 3 years ago
Update changelog and version after v2.1.36

01330498de2e88e356cfcd5c73448bd46e4fd965 authored over 3 years ago
Merge pull request #1428 from github/update-v2.1.36-2b971a70

Merge main into releases/v2

a669cc5936cc5e1b6a362ec1ff9e410dc570d190 authored over 3 years ago
Merge pull request #1427 from github/dependabot/pip/python-setup/tests/poetry/python-3.8/certifi-2022.12.7

Bump certifi from 2021.10.8 to 2022.12.7 in /python-setup/tests/poetry/python-3.8

6fec2ab57ab9800b7de31bf54283bfc380de15c5 authored over 3 years ago
Update changelog for v2.1.36

aab7a26877ad9a1c82db0d9dd00ce18a8927be53 authored over 3 years ago
Record the stack trace if applicable

118e294bb984b40c0d7fdec2bcc788f999723987 authored over 3 years ago
Add regression test for `upload: false`

dc9c1c1a512d194306b7db249b8a55b176c92d60 authored over 3 years ago
Handle non-string `with` inputs

a409f43c7ab85ec48ff4074fec7639744208a58f authored over 3 years ago
Merge pull request #1426 from github/dependabot/pip/python-setup/tests/poetry/requests-3/certifi-2022.12.7

Bump certifi from 2021.10.8 to 2022.12.7 in /python-setup/tests/poetry/requests-3

2b971a70bb71cb7c7a27fac253a74bd56dd14a15 authored over 3 years ago
Add telemetry for uploading failed runs

e67ad6aaed30b5455228aba47dcb1e57fa62ad90 authored over 3 years ago
Bump certifi in /python-setup/tests/poetry/python-3.8

Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7.
- [Relea...

4e81e2933adf3140f74ef863c80a9289ea66d3fe authored over 3 years ago
Bump certifi in /python-setup/tests/poetry/requests-3

Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7.
- [Relea...

bf944d782bab2be2b7335e39e4bc27e214931a01 authored over 3 years ago
Merge pull request #1424 from github/dependabot/pip/python-setup/tests/pipenv/python-3.8/certifi-2022.12.7

Bump certifi from 2021.10.8 to 2022.12.7 in /python-setup/tests/pipenv/python-3.8

566a5e672777f8b509fa512365fd37118bf27e78 authored over 3 years ago
Merge pull request #1421 from github/cklin/fix-update-required-checks-sha

update-required-checks.sh: fix argument handling

10c89976dc22c40837591c50e0e43d2161f873e1 authored over 3 years ago
Bump certifi in /python-setup/tests/pipenv/python-3.8

Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7.
- [Relea...

8121f62c544108b9fc029af80c1305c04e50d34d authored over 3 years ago
Merge pull request #1423 from github/dependabot/pip/python-setup/tests/pipenv/requests-3/certifi-2022.12.7

Bump certifi from 2021.10.8 to 2022.12.7 in /python-setup/tests/pipenv/requests-3

104319fe986f1f3523b3489de5eeed3f4b7f9ad1 authored over 3 years ago
Bump certifi in /python-setup/tests/pipenv/requests-3

Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7.
- [Relea...

aba18b82f7b4e8934e2197dd1f1ea61adba24a39 authored over 3 years ago
update-required-checks.sh: ignore check-expected-release-files

4a5ad5af185095095ba8a89c81625ec054e3e533 authored over 3 years ago
Merge branch 'main' into cklin/fix-update-required-checks-sha

19f867a052dde035fd575967b43d10b78ff25cdc authored over 3 years ago
Merge pull request #1412 from github/cklin/codeql-cli-2.11.5

Bump default CodeQL version to 2.11.5

5e452f0d9d71133e5ca4341ac91521300bb4f957 authored over 3 years ago
update-required-checks.sh: fix argument handling

8bebf77dbdc819edebbc329f1bcdca79cafe50cb authored over 3 years ago
Disable nightly-latest checks for Swift

fb74504ab55fd3a0ed9044599cdef472e3a680e7 authored over 3 years ago
Merge branch 'main' into cklin/codeql-cli-2.11.5

c51babb6c62d45c549212ad48df55e7cc46651a3 authored over 3 years ago
Merge pull request #1420 from github/henrymercer/failed-runs-fix-action-not-found

Fix failed SARIF upload behavior when the workflow doesn't call the CodeQL Action

79166d078846890fa46ee29d5d44ce977b608654 authored over 3 years ago
Merge pull request #1419 from github/rasmuswl/poetry-no-local-venv

python-setup: Don't allow Poetry to make venv in project

44ef9d902a215aada01a0927e7714ba5cd68a2f4 authored over 3 years ago
Allow testing workflow parsing functionality from PR checks

384a214d605f6d274597c537e41532bcea7776ab authored over 3 years ago
Factor out some code in post-init tests

697ed97fa521d910d4ec988275dcf32e8cc48022 authored over 3 years ago
Downgrade log severity when we can't upload a failed SARIF file

This isn't severe enough to appear on the Actions summary.

2207a720069dd7772ce8b88069c6c683586b87de authored over 3 years ago
Make `getInputOrThrow` throw when it can't find any calls to the Action

This created unexpected behavior with a workflow calling
`codeql-action/analyze` locally.
Theref...

4623c8edb64eff81ea56f295d87ff49f4e09f971 authored over 3 years ago
Add regression test

9085295c406f82fdce4f8887620101da16c13b57 authored over 3 years ago
python-setup: Update comment with fully qualified configuration name

3b0a2f607d13fb12861c674db5d880c2cb5f9e5f authored over 3 years ago
Update CHANGELOG.md

5566638d56bf082e73162c2765aebe1645c34c79 authored over 3 years ago
python-setup: Apply suggestions from code review

27c143845593aafc0350ab04402e827bb5378ccd authored over 3 years ago
Merge pull request #1418 from github/henrymercer/remove-file-baseline-info-feature-flag

Enable file baseline export by default

1e8d3b8fcaaa4e4d3a403cad732a2e365dcaa53e authored over 3 years ago
python-setup: Don't allow Poetry to make venv in project

I mostly verified this works on my local machine, but did add a sample `poetry.toml` to the test...

7fc528c3c627dc077b0db19224132338b165f55d authored over 3 years ago
Enable file baseline export by default

This is now fully rolled out.

2cbc140ac52bfd08121b35475f6a71dd83cb2c8d authored over 3 years ago
Merge pull request #1414 from github/dependabot/github_actions/peter-evans/create-pull-request-4.2.3

Bump peter-evans/create-pull-request from 3.4.1 to 4.2.3

16533641412aa15f7397c4957a5d50d81b2d6a98 authored over 3 years ago
Bump swift-actions/setup-swift from 1.19.0 to 1.20.0 (#1415)

* Bump swift-actions/setup-swift from 1.19.0 to 1.20.0

Bumps [swift-actions/setup-swift](http...

61cc378b7fce9583dd9f272678ac4b864251510d authored over 3 years ago
Bump actions/setup-python from 3 to 4 (#1416)

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release n...

7aa5026a555046c4d9557eff00b248fa6ffb36d3 authored over 3 years ago
Bump peter-evans/create-pull-request from 3.4.1 to 4.2.3

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from...

c80f00a5c987f8fcead2b7d590a0442af3f23760 authored over 3 years ago
Merge pull request #1413 from github/update-dependabot-e0f8a3c2

Add Dependabot config file

62b14cbbadf0c1d9d5ee2534d236a31c9bbd83ac authored over 3 years ago
Switch to weekly interval for both ecosystems

794a4b543a95a8d5f2958dfea1ca39631c1ca934 authored over 3 years ago
Reformat

ee6ba9c2139dd38af8579dd21e7cba052df3823b authored over 3 years ago
Remove outdated section for runner and perform all updates daily

81f99a8582f74b1cb222adea86e482091604661f authored over 3 years ago
Update Dependabot config file

4b18b7bc2408cd3ed208ef7852b437c3a3e5c2ba authored over 3 years ago
Merge pull request #1393 from github/henrymercer/report-failed-runs

Submit SARIF for failed runs too

4acf201e5b7de54488c4ec1d4b3748145f0614da authored over 3 years ago
Bump default CodeQL version to 2.11.5

1e5919b22dbfde6942eeb2f488dbce40532fe969 authored over 3 years ago
Only print the full error message in debug mode

375dacad24f0327b1d9efc0ee195bdba86aba500 authored over 3 years ago