A web application to visualize and manage open source project data from the Ecosyste.ms API.

github.com/github/codeql-action

Actions for running CodeQL analysis
https://github.com/github/codeql-action

Add category input

40fb1f3f00ca7fe35a78a2cce6f09f9900fbb1b1 authored about 5 years ago
Merge pull request #459 from github/aeisenberg/add-linguist-data

Add baseline metrics for lines of code

03f029c2a15a75961a2724371dcbbab4bd33ce47 authored about 5 years ago
Merge pull request #461 from github/update-v1-7c5b1287

Merge main into v1

83b730ea827708d0d85ff00705628e78922d9547 authored about 5 years ago
Merge pull request #460 from github/dependabot/npm_and_yarn/runner/ssri-6.0.2

Bump ssri from 6.0.1 to 6.0.2 in /runner

7c5b1287d58d3ebecc383466cbb89cd7237526e2 authored about 5 years ago
Bump ssri from 6.0.1 to 6.0.2 in /runner

Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2.
- [Release notes](https://github....

e2d70d6a0b08051d6c9545484e559009a781f8a5 authored about 5 years ago
Merge pull request #458 from github/aeisenberg/add-github-linguist

Add the github-linguist package

e266dfb63e46d1c717e9d13e880c7169ca82def8 authored about 5 years ago
Merge branch 'main' into aeisenberg/add-github-linguist

b6b197e0ad7dcf52f5232c20f6e61fd331a9e141 authored about 5 years ago
Merge pull request #456 from github/robertbrignull/toolcache-interface

Introduce our own toolcache implementation for use by the runnner

ba64dfb95930f3daf493c5ef9e77ee105135a921 authored about 5 years ago
fix typo

27bf3a208dfdd22e8822c5f7634e2004c24a32b0 authored about 5 years ago
make query more robust

8207018b75d3c166a2f8e59a36eb91bb8c18a6bd authored about 5 years ago
use safeWhich

ce467e7e36259c7a5874cdc6176123d24d49f441 authored about 5 years ago
Add the github-linguist package

This commit only adds a single package and all of its transitive
dependencies. The github-lingui...

c4a84a93d43771697bf9ca924c07a769b6205496 authored about 5 years ago
Remove spurious blank line.

643bc6e3ed4023c8aa385aa042c1e251eb4e49be authored about 5 years ago
Restrict Actions token permissions in CodeQL workflow.

7e85b5d66ae0cf5c6cf731a496c9041c47111b50 authored about 5 years ago
Introduce our own toolcache implementation for use by the runnner

8c91ba83e25edce4fa576e797296d24c567b9b15 authored about 5 years ago
Merge pull request #455 from github/update-v1-896b4ff1

Merge main into v1

429ece1037ff31112651b25dd9434e84408d67a7 authored about 5 years ago
Merge pull request #454 from github/hmakholm/pr/2.5.2

update bundle to 20210421 (CLI 2.5.2)

896b4ff18195fa0d4e2adc7729b2ffab1d5dc61e authored about 5 years ago
Merge remote-tracking branch 'origin/main' into hmakholm/pr/2.5.2

cb4c96ba60767604b5f6b25c20691fc2b6b6ad0d authored about 5 years ago
update bundle to 20210421 (CLI 2.5.2)

46517cfb47263af67e971f28d1e370e81b591353 authored about 5 years ago
Merge pull request #453 from github/update-v1-1fa35632

Merge main into v1

75dbb28e2fb2c13281cc2e031cc6fc44fbcd0b9e authored about 5 years ago
Merge pull request #452 from github/daverlo/category

Ignore non-string values in populateRunAutomationDetails

1fa35632f23437356985bfd3104919477b0128ec authored about 5 years ago
Ignore non-string values in populateRunAutomationDetails

496bf0ec113ae59592ef3cd28e4e88556f3aa5b8 authored about 5 years ago
Merge pull request #449 from github/update-v1-8bd2b351

Merge main into v1

9db4c5714ed41829f23ce6363a8d9c62fe08fd31 authored about 5 years ago
Merge pull request #446 from github/daverlo/runAutomationDetails

Add automationdetails id to runs

8bd2b3516b0b8122ac06f60fabd59f7d1c527422 authored about 5 years ago
Merge branch 'main' into daverlo/runAutomationDetails

bc14da99c52c82b7756b53a334a0fb673e6b586d authored about 5 years ago
Add test for existing automationDetails

351d36fd18578fcb535ee638d9ff70b2a0c97c6b authored about 5 years ago
Add baseline metrics for lines of code

This commit uses a third party library to estimate the lines of code in
a database that is to be...

998f47218308f9803f08ffa0f13894a1087f9d20 authored about 5 years ago
[Runner] Throw error on unknown option in init command

And explicitly document the advanced --trace-process-name and
--trace-process-level args.

c87ee1c65a14c5ae49009c7050963e6eda801fb8 authored about 5 years ago
Fix populateRunAutomationDetails for null environments

0ece0d074bb5b9c902d275e1929f231c6dcf7f36 authored about 5 years ago
Prevent the automationDetails to be regenerated if it already exists

de611b2de33c6b32091a39a24e4a8f8b69875031 authored about 5 years ago
Add automationdetails id to runs

47755f0910accb57d316c598e744b742e86a7a00 authored about 5 years ago
Merge pull request #441 from adityasharad/tests/matrix-tools-latest

PR checks: Run integration tests against both `tools: null` and `tools: latest`

0c2281fb0674b1b3cfbcc7edd9ef8ce7c1533422 authored about 5 years ago
Merge branch 'main' into tests/matrix-tools-latest

fcf08636136d691ca2b87170615bd3ada812217f authored about 5 years ago
Code scanning: Compare the default and latest CodeQL tools bundles

Create a prerequisite job that runs the init step twice, with `tools: null` and `tools: latest`....

8a00ebe607a1b9acd9576c70c9b789f4ca6a9ebe authored about 5 years ago
Code scanning: Compare the default and latest CodeQL tools bundles

Create a prerequisite job that runs the init step twice, with `tools: null` and `tools: latest`....

64b50fa2a6301f4801faa50d0636e138210f5e3c authored about 5 years ago
Use externalRepoAuth when getting a remote config

This allows users to specify a different token for retrieving the
codeql config from a different...

af641b2d26f16a88f3d72e4cd453d87ed1137209 authored about 5 years ago
Use externalRepoAuth when getting a remote config

This allows users to specify a different token for retrieving the
codeql config from a different...

534192fa052211fd2ec49a2801563800687bd2eb authored about 5 years ago
PR checks: Compare the default and latest CodeQL tools bundles

Create a prerequisite job that runs the init step twice, with `tools: null` and `tools: latest`....

51b1d7d81f882fef7a53cd961b292fe0addf62fb authored about 5 years ago
PR checks: Compare the default and latest CodeQL tools bundles

Create a prerequisite job that runs the init step twice, with `tools: null` and `tools: latest`....

6b4df91bd26fb11eefd044e891a26935ab0485a1 authored about 5 years ago
Fixes a regex for language and locale recognition

See https://github.com/oasis-tcs/sarif-spec/pull/490
See #418

Note that this changes the sarif ...

6aebd1b98acb749c5ed1719c9c965678c44ee194 authored about 5 years ago
PR checks: Run integration tests against both `tools: null` and `tools: latest`

Always test against both the default and latest CodeQL bundle.

This improves test coverage shor...

757ff9962fcfa3bb8e282e019490646edde535f2 authored about 5 years ago
PR checks: Run integration tests against both `tools: null` and `tools: latest`

Always test against both the default and latest CodeQL bundle.

This improves test coverage shor...

f9a19da7bf433d625a6766a0afbca7d853cb4015 authored about 5 years ago
Merge pull request #439 from github/update-v1-7f9fb10a

Merge main into v1

ed446be54b13a749bc037473d9b74a629b843832 authored about 5 years ago
Fix wording in README

8a1d7c290f29d65d0ce3362ced5ec80b970f88f8 authored about 5 years ago
Merge pull request #437 from github/dependabot/npm_and_yarn/runner/y18n-4.0.1

Bump y18n from 4.0.0 to 4.0.1 in /runner

7f9fb10a743fec70b6960fc8fdb0e948c144ccfe authored about 5 years ago
Merge branch 'main' into dependabot/npm_and_yarn/runner/y18n-4.0.1

2f9f143d7354d9cafe1efc98c39c2a5ef21bb3f4 authored about 5 years ago
Merge pull request #436 from github/dependabot/npm_and_yarn/y18n-4.0.1

Bump y18n from 4.0.0 to 4.0.1

356d7a06379c02e43dff66b4402120154ad2b092 authored about 5 years ago
Add external git repositories to search path for custom queries

578f9fc99ea77cb621e5bf8884a45a97f318c74d authored about 5 years ago
update node modules

def266fc62edefc74a3397fdb29d5f31f6dc7a76 authored about 5 years ago
Bump y18n from 4.0.0 to 4.0.1 in /runner

Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://githu...

5c715f3945e07cd3fb66648c0e34b7a31ca07d2d authored about 5 years ago
Bump y18n from 4.0.0 to 4.0.1

Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://githu...

d0b1259bbea95ec38d534ef8d74e63e46f7d0c6b authored over 5 years ago
Merge pull request #435 from github/robertbrignull/dependabot_error

Add special error message case for dependabot

8f0d3f75419faf555a671507384859e27fcbd042 authored over 5 years ago
fix grammar / punctuation

ca27066d0902402d7391910430f6c106e3f71f15 authored over 5 years ago
check push event

2f93805cef20cf8eb67f06678187557cf5bf5555 authored over 5 years ago
Add special dependabot error message

d4edded3ea6e1565d81f88c2a35b4e407c0e93a6 authored over 5 years ago
Merge pull request #434 from github/update-v1-bf8daada

Merge main into v1

f8f120e93b69f60254fcbaf9659a10429c0a9529 authored over 5 years ago
Merge pull request #433 from github/hmakholm/pr/2.5.0

Update CodeQL bundle to 20210326

bf8daada4078c4ce2ccb427b85f964ea13399437 authored over 5 years ago
Revert "Temporarily use the latest version for testing"

This reverts commit d8216decae791a8c407980649d66810abc14e9f9.

996a90bf48f9fb515238305b4466fa4830fb700e authored over 5 years ago
Update CodeQL bundle to 20210326

1d93ad95c139ebedd00606d06130cd385795b92e authored over 5 years ago
Merge pull request #432 from github/simon-engledew/fix-ref-check

Fix rev-parse errors

bb012c407093079748e2a9fefbaf2f3df57253ca authored over 5 years ago
Rewrite the ref to correctly point to refs/remotes

Fixes the rev-parse issues caused by https://github.com/github/codeql-action/pull/428

ba14abbca7731c7911f0fdc07842a033694fe7d8 authored over 5 years ago
Merge pull request #428 from github/simon-engledew/detect-merge

Fix race condition with actions/checkout@v1

972dc3e3f940563d62a9164a5435ac35e40a09c7 authored over 5 years ago
Skip doing work if it is not necessary

916509910329e92e7c236a7bc4f93adf2c7e1b35 authored over 5 years ago
PR feedback

36a9516acc7409ae81f74fb88a5b060a3c25cc2d authored over 5 years ago
Merge pull request #429 from github/update-v1-5d467d01

Merge main into v1

687b7b73f7538d45dda648139eec88b4d82b486f authored over 5 years ago
Count the number of parents of the current commit to check it is still a merge

Work around a race condition in actions where sometimes GITHUB_SHA != git rev-parse head

ef92c5ac5f78846179016d7f57ab7fc2587b7f42 authored over 5 years ago
Merge pull request #427 from github/hmakholm/pr/2.4.6

5d467d014bf485e07b22b913213f84250c8c4a1b authored over 5 years ago
Revert "Temporarily use the latest version for testing"

This reverts commit e70007508276222791aefef8c4963df738df804a.

f8e31274f41a4dc87dd4e0f90ba16d9d4cfdf573 authored over 5 years ago
Update CodeQL bundle to 20210319

d2f4021928711954b7e618bed98c5fb609865a18 authored over 5 years ago
Display better error message on invalid sarif

Specifically, some third party tools do not include a `results`
block for runs when there is an ...

08fae3caba3c5da6e3c0eafc8d04630e57a005fc authored over 5 years ago
Ensure error correct error message on 403 error

ffd96b38fb2e2f90b49fd5eb4413cbadad138480 authored over 5 years ago
Merge pull request #423 from github/robertbrignull/toolcache-query-safety

Make unguarded-action-lib better at ignoring uses of toolcache

0f834639e4d5b844bcf0d8a5abebd37646f08aef authored over 5 years ago
Merge branch 'main' into robertbrignull/toolcache-query-safety

5004a54ed386e4f5b0365b0a6ca21ad22daf36f8 authored over 5 years ago
Merge pull request #422 from github/robertbrignull/getActionsCodeQLActionRepository

Make control flow cleaer to fix unguarded-action-lib alert

8373707722c5ecd45ae3ddabb8b0e7afaf21ef66 authored over 5 years ago
call setupActionsVars in the tests too

378f30f95d6916fbc5cb11336c3ae9a8e5354550 authored over 5 years ago
Make unguarded-action-lib better at ignoring uses of toolcache

d698cb3d2b3c3092336f63dd584d58fb5a793e58 authored over 5 years ago
make control flow cleaer to fix query alert

09024e50d4d70ffcac27c2b73b0e5bb0811d6e2e authored over 5 years ago
Merge pull request #417 from github/dependabot/npm_and_yarn/runner/elliptic-6.5.4

Bump elliptic from 6.5.3 to 6.5.4 in /runner

daff33213e600a1f83f54762a08f8d24c075ebd2 authored over 5 years ago
Merge branch 'main' into dependabot/npm_and_yarn/runner/elliptic-6.5.4

4c3c9b0d41bd50a02d66d9b5ce099f5d7d6551c4 authored over 5 years ago
Merge pull request #419 from github/update-v1-cfec2bbc

Merge main into v1

0ed969c530f06052046486a0fc066f168017ac87 authored over 5 years ago
Bump elliptic from 6.5.3 to 6.5.4 in /runner

Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.3 to 6.5.4.
- [Release notes](htt...

4df078eec56062b13ee0f3c7f57ef2c56a80c475 authored over 5 years ago
Merge pull request #409 from github/check-ghae-endpoint-first-only-on-ghae

When downloading the CodeQL bundle, only use the GitHub AE endpoint on GitHub AE, and check it f...

cfec2bbc35f12252507dd0de0e172c08b65e8c13 authored over 5 years ago
Merge branch 'main' into check-ghae-endpoint-first-only-on-ghae

18f6367c466320697bf48a35cf978506bfaacc7f authored over 5 years ago
Merge pull request #415 from github/update-v1-2fcc4eb0

Merge main into v1

df9359871ea0400ce97cddea1e9fedfb7963446d authored over 5 years ago
Merge pull request #414 from github/hmakholm/pr/2.4.5

Update CodeQL bundle to 20210308

2fcc4eb0303d2988a72a9bc039ad744556bf34f6 authored over 5 years ago
Revert "Temporarily use the latest version for testing"

This reverts commit c78d81fa3eaa03f534996fb8a40162e4a6ecf8cf.

27ed6ac80499b8849825344ebc58ad671a0ed296 authored over 5 years ago
Update CodeQL bundle to 20210308

bcca43b3918c6e39eb2b9556c7ad21ac32eada5e authored over 5 years ago
Merge pull request #413 from github/update-v1-6ddfab14

Merge main into v1

5c4e11807def07f3da608f190ec94bd6c0581499 authored over 5 years ago
Merge pull request #412 from github/fix-pip-url

Fix the Pip download URL.

6ddfab14f6aba904be98af67c97d34bafeafb357 authored over 5 years ago
Fix the Pip download URL.

039625a3cec2be7206c26b0611885468d631ee6a authored over 5 years ago
Merge pull request #408 from github/adityasharad/bundle/20210304

Update CodeQL bundle to 20210304 / CLI 2.4.4

ce6b93eb0a12049135a3f988d5e44876953a010f authored over 5 years ago
Merge pull request #410 from github/update-v1-bde489c6

Merge main into v1

145b51c2705d019b1322b4fd6fcd0ee37f132769 authored over 5 years ago
When downloading the CodeQL bundle, only use the GitHub AE endpoint on GitHub AE, and check it first.

bb51ece0b4fd20e770abbe9aba109a96e9277a7e authored over 5 years ago
Revert "Temporarily use the latest version for testing"

This reverts commit 2f4f48f7671e6ef5d1e2e3aa0e65a25c32b6f222.

fb01860db60f2e065c1489b45986b3daba63aa8a authored over 5 years ago
Temporarily use the latest version for testing

2f4f48f7671e6ef5d1e2e3aa0e65a25c32b6f222 authored over 5 years ago
Update CodeQL bundle to 20210304 / CLI 2.4.4

0ff9c449b778153c4abd05c8499e00bcf7a456eb authored over 5 years ago
Merge pull request #406 from github/simon-engledew/go-module

Check if this mitigates the go 1.16 issue

bde489c632294cab75a68da470db1d409bdddc8a authored over 5 years ago
Check if this mitigates the go 1.16 issue

324d987bc6338fa165267be39fa07aa8c76f0ffe authored over 5 years ago
Merge pull request #405 from github/update-v1-964ae012

Merge main into v1

e40d00393db46d7379c6e2aef19204292f8ad792 authored over 5 years ago
Fix spelling errors

spelling: executable
spelling: github
spelling: javascript
spelling: latest
spelling: occurred
s...

c4fced73480115530f80f2dfb12951e4d0849bc1 authored over 5 years ago