Skip to content

Commit 3ab4101

Browse files
angelapwengithub-actions[bot]dependabot[bot]henrymerceraeisenberg
authored
Merge pull request #2192 from github/update-v3.24.7-5e882999f
* Update changelog and version after v3.24.6 * Update checked-in dependencies * Bump the npm group with 3 updates (#2183) * Bump the npm group with 3 updates Bumps the npm group with 3 updates: [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser), [eslint-plugin-github](https://github.com/github/eslint-plugin-github) and [nock](https://github.com/nock/nock). Updates `@typescript-eslint/parser` from 7.1.0 to 7.1.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.1.1/packages/parser) Updates `eslint-plugin-github` from 4.10.1 to 4.10.2 - [Release notes](https://github.com/github/eslint-plugin-github/releases) - [Commits](github/eslint-plugin-github@v4.10.1...v4.10.2) Updates `nock` from 13.5.3 to 13.5.4 - [Release notes](https://github.com/nock/nock/releases) - [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md) - [Commits](nock/nock@v13.5.3...v13.5.4) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: eslint-plugin-github dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: nock dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm ... Signed-off-by: dependabot[bot] <support@github.com> * Update checked-in dependencies --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Update supported GitHub Enterprise Server versions * Update `languages` help Recommend using a matrix build * Remove experimental qualifiers from build mode input * Escape named value in input description * Fail `analyze` step by passing an invalid option to `database finalize` (#2189) As the `ram: 1` trick won't work anymore with updates to the CLI. * Update default bundle to 2.16.4 (#2185) * Update default bundle to codeql-bundle-v2.16.4 * Add changelog note --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Angela P Wen <angelapwen@github.com> * Use the `--sarif-include-query-help` option when supported * Bump the npm group with 2 updates (#2190) * Bump the npm group with 2 updates Bumps the npm group with 2 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [typescript](https://github.com/Microsoft/TypeScript). Updates `@typescript-eslint/eslint-plugin` from 7.1.0 to 7.1.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.1.1/packages/eslint-plugin) Updates `typescript` from 5.3.3 to 5.4.2 - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](microsoft/TypeScript@v5.3.3...v5.4.2) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm ... Signed-off-by: dependabot[bot] <support@github.com> * Rebuild sources --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andrew Eisenberg <aeisenberg@github.com> * Update changelog for v3.24.7 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Angela P Wen <angelapwen@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Henry Mercer <henrymercer@github.com> Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
2 parents 8a470fd + a006adf commit 3ab4101

File tree

3,439 files changed

+13734
-136539
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

3,439 files changed

+13734
-136539
lines changed

.github/workflows/debug-artifacts-failure.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,9 +50,11 @@ jobs:
5050
run: ./build.sh
5151
- uses: ./../action/analyze
5252
id: analysis
53+
env:
54+
# Forces a failure in this step.
55+
CODEQL_ACTION_EXTRA_OPTIONS: '{ "database": { "finalize": ["--invalid-option"] } }'
5356
with:
5457
expect-error: true
55-
ram: 1
5658
download-and-check-artifacts:
5759
name: Download and check debug artifacts after failure in analyze
5860
needs: upload-artifacts

CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
44

55
Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.
66

7+
## 3.24.7 - 12 Mar 2024
8+
9+
- Update default CodeQL bundle version to 2.16.4. [#2185](https://github.com/github/codeql-action/pull/2185)
10+
711
## 3.24.6 - 29 Feb 2024
812

913
No user facing changes.

init/action.yml

Lines changed: 21 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -7,25 +7,33 @@ inputs:
77
required: false
88
# If not specified the Action will check in several places until it finds the CodeQL tools.
99
languages:
10-
description: |
11-
A comma-separated value of the languages to be analysed e.g. python,javascript
10+
description: >-
11+
A comma-separated list of CodeQL languages to analyze.
12+
13+
Due to the performance benefit of parallelizing builds, we recommend specifying languages to
14+
analyze using a matrix and providing `\$\{{ matrix.language }}` as this input.
15+
16+
For more information, see
17+
https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#changing-the-languages-that-are-analyzed.
1218
required: false
1319
build-mode:
1420
description: >-
15-
[Experimental, for internal testing only] The build mode that will be used to analyze the language.
16-
This input is only available in single-language analyses.
21+
The build mode that will be used to analyze the language. This input is only available when
22+
analyzing a single CodeQL language per job, for example using a matrix.
1723
1824
Available build modes will differ based on the language being analyzed. One of:
1925
20-
- none: The database will be created without building the source code.
21-
Available for all interpreted languages and some compiled languages.
22-
- autobuild: The database will be created by attempting to automatically build the source code.
23-
To use this build mode, ensure that your workflow calls the `autobuild` action
24-
between the `init` and `analyze` steps.
25-
Available for all compiled languages.
26-
- manual: The database will be created by building the source code using a manually specified
27-
build command. To use this build mode, specify manual build steps in your workflow
28-
between the `init` and `analyze` steps. Available for all compiled languages.
26+
- `none`: The database will be created without building the source code.
27+
Available for all interpreted languages and some compiled languages.
28+
- `autobuild`: The database will be created by attempting to automatically build the source
29+
code.
30+
To use this build mode, ensure that your workflow calls the `autobuild` action
31+
between the `init` and `analyze` steps.
32+
Available for all compiled languages.
33+
- `manual`: The database will be created by building the source code using a manually
34+
specified build command. To use this build mode, specify manual build steps in
35+
your workflow between the `init` and `analyze` steps. Available for all
36+
compiled languages.
2937
required: false
3038
token:
3139
description: GitHub token to use for authenticating with this instance of GitHub. To download custom packs from multiple registries, use the registries input.

lib/api-compatibility.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
{ "maximumVersion": "3.12", "minimumVersion": "3.8" }
1+
{ "maximumVersion": "3.13", "minimumVersion": "3.8" }

lib/codeql.js

Lines changed: 13 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/codeql.js.map

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/defaults.json

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
2-
"bundleVersion": "codeql-bundle-v2.16.3",
3-
"cliVersion": "2.16.3",
4-
"priorBundleVersion": "codeql-bundle-v2.16.2",
5-
"priorCliVersion": "2.16.2"
2+
"bundleVersion": "codeql-bundle-v2.16.4",
3+
"cliVersion": "2.16.4",
4+
"priorBundleVersion": "codeql-bundle-v2.16.3",
5+
"priorCliVersion": "2.16.3"
66
}

lib/trap-caching.js

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/trap-caching.js.map

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/trap-caching.test.js

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy