github.com/github/codeql-action
Actions for running CodeQL analysis
https://github.com/github/codeql-action
a76fe4f9bd1f6619d716637063ae6b182556bc2c authored over 3 years ago
Refactor CodeQL setup
cf1437a51414bcd7b1ce9aa9704fa8b55b2c2926 authored over 3 years agof9c9a2567cd6d9f523ff6c821a55496322b27044 authored over 3 years ago
b9c859bfa1f7e8d2c033d2f76f5a1cc2308b6e25 authored over 3 years ago
* Add CLI version field to `defaults` file
* Add fields for prior CLI version
b4187d626bb70948c40956ceb85cc2245d924822 authored over 3 years agobfbb7ab03c233a731a5e08f992449ce5343d5b9a authored over 3 years ago
4e5a06f00986c38b1b1d2c81cf62541750641d8a authored over 3 years ago
e8f7169839dc1f67e8c054ca34d570ff5bda0a4d authored over 3 years ago
6ce923c3755eec7fa70ed17e25058e9e1adafb3f authored over 3 years ago
b2b478264a899bd1b5b8db05247aab6440c59920 authored over 3 years ago
This commit does a few related things:
1. Bumps the minimum version for cli config parsing to 2...
4023575d648c4758455aca19f48dd7046ba2a9d4 authored over 3 years ago5eba74a3c9d10972f85c7321b0267bda389b35be authored over 3 years ago
a6dff04fe1f2d2de06d06d56fe4733e9aff766ac authored over 3 years ago
cdb90196f28729ee7161b416c16ee8a8ab455c30 authored over 3 years ago
Improve reporting failed runs via SARIF
ff3337ee1b38c9bcf43046bde6450e50c5e88ebb authored over 3 years agoCode scanning: Add scheduled trigger to workflow
484236cda4f99dce6f67723e95670437c888dffa authored over 3 years agof837e8e76159827db03e59d5fe00575955d4a3af authored over 3 years ago
Ensure we are regularly running code scanning using
the latest CodeQL and remain up to date with...
Test results directly via return value of `testFailedSarifUpload` vs
via checking log messages.
59ebabde5d86f3cd084ce00fafe9b87ef558b445 authored over 3 years ago
3224214d916291d5e3a5ab0d53d9446a6694eb84 authored over 3 years ago
We now report errors via telemetry, and this feature will shortly be
enabled by default.
e9ff99b027911743e553f6dd238cfd97cb917de2 authored over 3 years ago
8b9e982393f56e2578272c1691f7d4567ae4f923 authored over 3 years ago
This doesn’t affect the overall behaviour, but means we can
short-circuit slightly more quickly ...
Remove tests with old certifi dependency
579411fb6c2fa885902ffeb0238873661aa2dc29 authored over 3 years agoe4818d46c4134bb3877f08c3d50b829d687160fa authored over 3 years ago
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
4778dfbd934fe0260c063303d5113633816180f5 authored over 3 years agob8107301d238fd9af508eb785e8c9ba6facb0259 authored over 3 years ago
4bd9723e2bf5fe42aedbf40673efb06c4f1c1cd8 authored over 3 years ago
Mergeback v2.1.37 refs/heads/releases/v2 into main
0a3f985290ed05d660eccad9acadea7a461a4aa8 authored over 3 years ago04f1897968f786e7f11c3382ce5f8b72577f05d5 authored over 3 years ago
6ac6037211c08083e7190377786f73a8a211286d authored over 3 years ago
Merge main into releases/v2
959cbb7472c4d4ad70cdfe6f4976053fe48ab394 authored over 3 years ago10ca836463902e2860cb03c23dc7a3ee659d32dc authored over 3 years ago
Add tests for CODE_SCANNING_REF
d58039a1e3151bdd087ec4044da5183fc5d14d60 authored over 3 years agoBump default CodeQL version to 2.11.6
37a44962378d1984d228e6ac1cb838a701a35c28 authored over 3 years agob7028afcb462569c0fa0516f58467b0d561b8c57 authored over 3 years ago
f629dada4c57c444f2c4fd20a2c2e1e4ab6adcfe authored over 3 years ago
ccee4c68ff1bd1c6bbe262703b9707d937d5846a authored over 3 years ago
Add telemetry for uploading failed runs
899bf9c076bcf8a9b657dd1b6d6a8270f89f356a authored over 3 years agodd7c3ef80e9300ee54af3196a0dd0671537ebfd4 authored over 3 years ago
b7b875efff184017fd6ec63be41745ab382afac5 authored over 3 years ago
ebf1b8f8fc422294ccb706270663f4caf877d311 authored over 3 years ago
932b6a98b8b6f8b8e4484f1c8ef95fca7e3cdde4 authored over 3 years ago
remove use of query-string package
53ab991fbe93631fa81f7dc0bb53e06b78fbd325 authored over 3 years ago54d25f56dd0ce689005bef9d89a74ad348320b5e authored over 3 years ago
d827cf3d656c82237089296fdc4682370b0bc5d7 authored over 3 years ago
9438015b823b466ba6fbadd70546bf6952c8e0c0 authored over 3 years ago
5aced818483a7a9a955af23405a361e7ba66d643 authored over 3 years ago
Fixes https://github.com/github/codeql-action/issues/1425
259993b92aca26d1fe79e27a070e5c0c7e24f2c7 authored over 3 years agoMergeback v2.1.36 refs/heads/releases/v2 into main
896079047b4bb059ba6f150a5d87d47dde99e6e5 authored over 3 years agoe58b8d6a6137ca9f6121bbd62a1f48a0ca26fb4f authored over 3 years ago
01330498de2e88e356cfcd5c73448bd46e4fd965 authored over 3 years ago
Merge main into releases/v2
a669cc5936cc5e1b6a362ec1ff9e410dc570d190 authored over 3 years agoBump certifi from 2021.10.8 to 2022.12.7 in /python-setup/tests/poetry/python-3.8
6fec2ab57ab9800b7de31bf54283bfc380de15c5 authored over 3 years agoaab7a26877ad9a1c82db0d9dd00ce18a8927be53 authored over 3 years ago
118e294bb984b40c0d7fdec2bcc788f999723987 authored over 3 years ago
dc9c1c1a512d194306b7db249b8a55b176c92d60 authored over 3 years ago
a409f43c7ab85ec48ff4074fec7639744208a58f authored over 3 years ago
Bump certifi from 2021.10.8 to 2022.12.7 in /python-setup/tests/poetry/requests-3
2b971a70bb71cb7c7a27fac253a74bd56dd14a15 authored over 3 years agoe67ad6aaed30b5455228aba47dcb1e57fa62ad90 authored over 3 years ago
Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7.
- [Relea...
Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7.
- [Relea...
Bump certifi from 2021.10.8 to 2022.12.7 in /python-setup/tests/pipenv/python-3.8
566a5e672777f8b509fa512365fd37118bf27e78 authored over 3 years agoupdate-required-checks.sh: fix argument handling
10c89976dc22c40837591c50e0e43d2161f873e1 authored over 3 years ago
Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7.
- [Relea...
Bump certifi from 2021.10.8 to 2022.12.7 in /python-setup/tests/pipenv/requests-3
104319fe986f1f3523b3489de5eeed3f4b7f9ad1 authored over 3 years ago
Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.12.7.
- [Relea...
4a5ad5af185095095ba8a89c81625ec054e3e533 authored over 3 years ago
19f867a052dde035fd575967b43d10b78ff25cdc authored over 3 years ago
Bump default CodeQL version to 2.11.5
5e452f0d9d71133e5ca4341ac91521300bb4f957 authored over 3 years ago8bebf77dbdc819edebbc329f1bcdca79cafe50cb authored over 3 years ago
fb74504ab55fd3a0ed9044599cdef472e3a680e7 authored over 3 years ago
c51babb6c62d45c549212ad48df55e7cc46651a3 authored over 3 years ago
Fix failed SARIF upload behavior when the workflow doesn't call the CodeQL Action
79166d078846890fa46ee29d5d44ce977b608654 authored over 3 years agopython-setup: Don't allow Poetry to make venv in project
44ef9d902a215aada01a0927e7714ba5cd68a2f4 authored over 3 years ago384a214d605f6d274597c537e41532bcea7776ab authored over 3 years ago
697ed97fa521d910d4ec988275dcf32e8cc48022 authored over 3 years ago
This isn't severe enough to appear on the Actions summary.
2207a720069dd7772ce8b88069c6c683586b87de authored over 3 years ago
This created unexpected behavior with a workflow calling
`codeql-action/analyze` locally.
Theref...
9085295c406f82fdce4f8887620101da16c13b57 authored over 3 years ago
3b0a2f607d13fb12861c674db5d880c2cb5f9e5f authored over 3 years ago
5566638d56bf082e73162c2765aebe1645c34c79 authored over 3 years ago
27c143845593aafc0350ab04402e827bb5378ccd authored over 3 years ago
Enable file baseline export by default
1e8d3b8fcaaa4e4d3a403cad732a2e365dcaa53e authored over 3 years agoI mostly verified this works on my local machine, but did add a sample `poetry.toml` to the test...
7fc528c3c627dc077b0db19224132338b165f55d authored over 3 years agoThis is now fully rolled out.
2cbc140ac52bfd08121b35475f6a71dd83cb2c8d authored over 3 years agoBump peter-evans/create-pull-request from 3.4.1 to 4.2.3
16533641412aa15f7397c4957a5d50d81b2d6a98 authored over 3 years ago* Bump swift-actions/setup-swift from 1.19.0 to 1.20.0
Bumps [swift-actions/setup-swift](http...
61cc378b7fce9583dd9f272678ac4b864251510d authored over 3 years ago
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release n...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from...
c80f00a5c987f8fcead2b7d590a0442af3f23760 authored over 3 years agoAdd Dependabot config file
62b14cbbadf0c1d9d5ee2534d236a31c9bbd83ac authored over 3 years ago794a4b543a95a8d5f2958dfea1ca39631c1ca934 authored over 3 years ago
ee6ba9c2139dd38af8579dd21e7cba052df3823b authored over 3 years ago
81f99a8582f74b1cb222adea86e482091604661f authored over 3 years ago
4b18b7bc2408cd3ed208ef7852b437c3a3e5c2ba authored over 3 years ago
Submit SARIF for failed runs too
4acf201e5b7de54488c4ec1d4b3748145f0614da authored over 3 years ago1e5919b22dbfde6942eeb2f488dbce40532fe969 authored over 3 years ago
375dacad24f0327b1d9efc0ee195bdba86aba500 authored over 3 years ago