diff --git a/.github/workflows/check-for-conflicts.yml b/.github/workflows/check-for-conflicts.yml
deleted file mode 100644
index fe96d9ac3b..0000000000
--- a/.github/workflows/check-for-conflicts.yml
+++ /dev/null
@@ -1,31 +0,0 @@
-# Checks for any conflict markers created by git. This check is primarily intended to validate that
-# any merge conflicts in the v2 -> v1 backport PR are fixed before the PR is merged.
-name: Check for conflicts
-
-on:
- pull_request:
- branches: [main, releases/v1, releases/v2]
- # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
- # by other workflows.
- types: [opened, synchronize, reopened, ready_for_review]
-
-jobs:
- check-for-conflicts:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v3
-
- - name: Check for conflicts
- run: |
- # Use `|| true` since grep returns exit code 1 if there are no matches, and we don't want
- # this to fail the workflow.
- FILES_WITH_CONFLICTS=$(grep --extended-regexp --ignore-case --line-number --recursive \
- '^(<<<<<<<|>>>>>>>)' . || true)
- if [[ "${FILES_WITH_CONFLICTS}" ]]; then
- echo "Fail: Found merge conflict markers in the following files:"
- echo ""
- echo "${FILES_WITH_CONFLICTS}"
- exit 1
- else
- echo "Success: Found no merge conflict markers."
- fi
diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml
index b36fdb8000..a97ef1d405 100644
--- a/.github/workflows/pr-checks.yml
+++ b/.github/workflows/pr-checks.yml
@@ -1,4 +1,4 @@
-name: PR Checks (Basic Checks and Runner)
+name: PR Checks
on:
push:
@@ -10,17 +10,8 @@ on:
workflow_dispatch:
jobs:
- lint-js:
- name: Lint
- runs-on: ubuntu-latest
- timeout-minutes: 45
-
- steps:
- - uses: actions/checkout@v3
- - name: Run Lint
- run: npm run-script lint
-
check-js:
+ name: Check JS
runs-on: ubuntu-latest
timeout-minutes: 45
@@ -30,7 +21,11 @@ jobs:
node-types-version: [12.12, current]
steps:
- - uses: actions/checkout@v3
+ - name: Checkout
+ uses: actions/checkout@v3
+
+ - name: Lint
+ run: npm run-script lint
- name: Update version of @types/node
if: matrix.node-types-version != 'current'
@@ -67,21 +62,43 @@ jobs:
- name: Check node modules up to date
run: .github/workflows/script/check-node-modules.sh
- verify-pr-checks:
- name: Verify PR checks up to date
+ check-file-contents:
+ name: Check file contents
runs-on: ubuntu-latest
timeout-minutes: 45
steps:
- - uses: actions/checkout@v3
+ - name: Checkout
+ uses: actions/checkout@v3
+
+ # Checks for any conflict markers created by git. This check is primarily intended to validate that
+ # any merge conflicts in the v2 -> v1 backport PR are fixed before the PR is merged.
+ - name: Check for merge conflicts
+ run: |
+ # Use `|| true` since grep returns exit code 1 if there are no matches, and we don't want
+ # this to fail the workflow.
+ FILES_WITH_CONFLICTS=$(grep --extended-regexp --ignore-case --line-number --recursive \
+ '^(<<<<<<<|>>>>>>>)' . || true)
+ if [[ "${FILES_WITH_CONFLICTS}" ]]; then
+ echo "Fail: Found merge conflict markers in the following files:"
+ echo ""
+ echo "${FILES_WITH_CONFLICTS}"
+ exit 1
+ else
+ echo "Success: Found no merge conflict markers."
+ fi
+
- name: Set up Python
uses: actions/setup-python@v3
with:
python-version: 3.8
+
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install ruamel.yaml
+
+ # Ensure the generated PR check workflows are up to date.
- name: Verify PR checks up to date
run: .github/workflows/script/verify-pr-checks.sh
@@ -102,388 +119,3 @@ jobs:
# we won't be able to find them on Windows.
npm config set script-shell bash
npm test
-
- runner-analyze-javascript-ubuntu:
- name: Runner ubuntu JS analyze
- needs: [check-js, check-node-modules]
- timeout-minutes: 45
- runs-on: ubuntu-latest
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Build runner
- run: |
- cd runner
- npm install
- npm run build-runner
-
- - name: Run init
- run: |
- # Pass --config-file here, but not for other jobs in this workflow.
- # This means we're testing the config file parsing in the runner
- # but not slowing down all jobs unnecessarily as it doesn't add much
- # testing the parsing on different operating systems and languages.
- runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- - name: Run analyze
- run: |
- runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
- env:
- TEST_MODE: true
-
- runner-analyze-javascript-windows:
- name: Runner windows JS analyze
- needs: [check-js, check-node-modules]
- timeout-minutes: 45
- runs-on: windows-latest
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Build runner
- run: |
- cd runner
- npm install
- npm run build-runner
-
- - name: Run init
- run: |
- runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- - name: Run analyze
- run: |
- runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
- env:
- TEST_MODE: true
-
- runner-analyze-javascript-macos:
- name: Runner macos JS analyze
- needs: [check-js, check-node-modules]
- timeout-minutes: 45
- runs-on: macos-latest
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Build runner
- run: |
- cd runner
- npm install
- npm run build-runner
-
- - name: Run init
- run: |
- runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- - name: Run analyze
- run: |
- runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
- env:
- TEST_MODE: true
-
- runner-analyze-csharp-ubuntu:
- name: Runner ubuntu C# analyze
- needs: [check-js, check-node-modules]
- timeout-minutes: 45
- runs-on: ubuntu-latest
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Move codeql-action
- shell: bash
- run: |
- mkdir ../action
- mv * .github ../action/
- mv ../action/tests/multi-language-repo/{*,.github} .
- mv ../action/.github/workflows .github
-
- - name: Build runner
- run: |
- cd ../action/runner
- npm install
- npm run build-runner
-
- - name: Run init
- run: |
- ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- - name: Build code
- run: |
- . ./codeql-runner/codeql-env.sh
- $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
-
- - name: Run analyze
- run: |
- ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
- env:
- TEST_MODE: true
-
- runner-analyze-csharp-windows:
- name: Runner windows C# analyze
- needs: [check-js, check-node-modules]
- # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of
- # `windows-latest`.
- timeout-minutes: 45
- runs-on: windows-2019
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Move codeql-action
- shell: bash
- run: |
- mkdir ../action
- mv * .github ../action/
- mv ../action/tests/multi-language-repo/{*,.github} .
- mv ../action/.github/workflows .github
-
- - name: Build runner
- run: |
- cd ../action/runner
- npm install
- npm run build-runner
-
- - name: Run init
- run: |
- ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- - name: Build code
- shell: powershell
- run: |
- cat ./codeql-runner/codeql-env.sh | Invoke-Expression
- $Env:CODEQL_EXTRACTOR_CSHARP_ROOT = "" # Unset an environment variable to make sure the tracer resists this
- & $Env:CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
-
- - name: Upload tracer logs
- uses: actions/upload-artifact@v3
- with:
- name: tracer-logs
- path: ./codeql-runner/compound-build-tracer.log
-
- - name: Run analyze
- run: |
- ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
- env:
- TEST_MODE: true
-
- runner-analyze-csharp-macos:
- name: Runner macos C# analyze
- timeout-minutes: 45
- needs: [check-js, check-node-modules]
- runs-on: macos-latest
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Move codeql-action
- shell: bash
- run: |
- mkdir ../action
- mv * .github ../action/
- mv ../action/tests/multi-language-repo/{*,.github} .
- mv ../action/.github/workflows .github
-
- - name: Build runner
- run: |
- cd ../action/runner
- npm install
- npm run build-runner
-
- - name: Run init
- run: |
- ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- - name: Build code
- shell: bash
- run: |
- . ./codeql-runner/codeql-env.sh
- $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
-
- - name: Run analyze
- run: |
- ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
- env:
- TEST_MODE: true
-
- runner-analyze-csharp-autobuild-ubuntu:
- name: Runner ubuntu autobuild C# analyze
- timeout-minutes: 45
- needs: [check-js, check-node-modules]
- runs-on: ubuntu-latest
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Move codeql-action
- shell: bash
- run: |
- mkdir ../action
- mv * .github ../action/
- mv ../action/tests/multi-language-repo/{*,.github} .
- mv ../action/.github/workflows .github
-
- - name: Build runner
- run: |
- cd ../action/runner
- npm install
- npm run build-runner
-
- - name: Run init
- run: |
- ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- - name: Build code
- run: |
- ../action/runner/dist/codeql-runner-linux autobuild
-
- - name: Run analyze
- run: |
- ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
- env:
- TEST_MODE: true
-
- runner-analyze-csharp-autobuild-windows:
- timeout-minutes: 45
- name: Runner windows autobuild C# analyze
- needs: [check-js, check-node-modules]
- # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of
- # `windows-latest`.
- runs-on: windows-2019
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Move codeql-action
- shell: bash
- run: |
- mkdir ../action
- mv * .github ../action/
- mv ../action/tests/multi-language-repo/{*,.github} .
- mv ../action/.github/workflows .github
-
- - name: Build runner
- run: |
- cd ../action/runner
- npm install
- npm run build-runner
-
- - name: Run init
- run: |
- ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- - name: Build code
- shell: powershell
- run: |
- ../action/runner/dist/codeql-runner-win.exe autobuild
-
- - name: Run analyze
- run: |
- ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
- env:
- TEST_MODE: true
-
- runner-analyze-csharp-autobuild-macos:
- name: Runner macos autobuild C# analyze
- needs: [check-js, check-node-modules]
- runs-on: macos-latest
- timeout-minutes: 45
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Move codeql-action
- shell: bash
- run: |
- mkdir ../action
- mv * .github ../action/
- mv ../action/tests/multi-language-repo/{*,.github} .
- mv ../action/.github/workflows .github
-
- - name: Build runner
- run: |
- cd ../action/runner
- npm install
- npm run build-runner
-
- - name: Run init
- run: |
- ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- - name: Build code
- shell: bash
- run: |
- . codeql-runner/codeql-env.sh
- CODEQL_RUNNER="$(cat codeql-runner/codeql-env.json | jq -r '.CODEQL_RUNNER')"
- echo "$CODEQL_RUNNER"
- $CODEQL_RUNNER ../action/runner/dist/codeql-runner-macos autobuild
-
- - name: Run analyze
- run: |
- ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
- env:
- TEST_MODE: true
-
- runner-upload-sarif:
- name: Runner upload sarif
- needs: [check-js, check-node-modules]
- runs-on: ubuntu-latest
- timeout-minutes: 45
-
- if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }}
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Build runner
- run: |
- cd runner
- npm install
- npm run build-runner
-
- - name: Upload with runner
- run: |
- # Deliberately don't use TEST_MODE here. This is specifically testing
- # the compatibility with the API.
- runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- runner-extractor-ram-threads-options:
- name: Runner ubuntu extractor RAM and threads options
- needs: [check-js, check-node-modules]
- runs-on: ubuntu-latest
- timeout-minutes: 45
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Build runner
- run: |
- cd runner
- npm install
- npm run build-runner
-
- - name: Run init
- run: |
- runner/dist/codeql-runner-linux init --ram=230 --threads=1 --repository $GITHUB_REPOSITORY --languages java --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
-
- - name: Assert Results
- shell: bash
- run: |
- . ./codeql-runner/codeql-env.sh
- if [ "${CODEQL_RAM}" != "230" ]; then
- echo "CODEQL_RAM is '${CODEQL_RAM}' instead of 230"
- exit 1
- fi
- if [ "${CODEQL_EXTRACTOR_JAVA_RAM}" != "230" ]; then
- echo "CODEQL_EXTRACTOR_JAVA_RAM is '${CODEQL_EXTRACTOR_JAVA_RAM}' instead of 230"
- exit 1
- fi
- if [ "${CODEQL_THREADS}" != "1" ]; then
- echo "CODEQL_THREADS is '${CODEQL_THREADS}' instead of 1"
- exit 1
- fi
- if [ "${CODEQL_EXTRACTOR_JAVA_THREADS}" != "1" ]; then
- echo "CODEQL_EXTRACTOR_JAVA_THREADS is '${CODEQL_EXTRACTOR_JAVA_THREADS}' instead of 1"
- exit 1
- fi
diff --git a/.github/workflows/python-deps.yml b/.github/workflows/python-deps.yml
index 28efa81053..4a9ecbac0d 100644
--- a/.github/workflows/python-deps.yml
+++ b/.github/workflows/python-deps.yml
@@ -7,6 +7,17 @@ on:
# Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
# by other workflows.
types: [opened, synchronize, reopened, ready_for_review]
+ paths:
+ # Changes to this workflow.
+ - '.github/workflows/python-deps.yml'
+ # Changes to the Python package installation scripts and their tests.
+ - 'python-setup/**'
+ # Changes to the default CodeQL bundle version.
+ - '**/defaults.json'
+ schedule:
+ # Weekly on Monday.
+ - cron: '0 0 * * 1'
+ workflow_dispatch:
jobs:
test-setup-python-scripts:
diff --git a/.github/workflows/runner-checks.yml b/.github/workflows/runner-checks.yml
new file mode 100644
index 0000000000..7fd3cfde8f
--- /dev/null
+++ b/.github/workflows/runner-checks.yml
@@ -0,0 +1,393 @@
+name: CodeQL Runner Checks
+
+on:
+ push:
+ branches: [main, releases/v1, releases/v2]
+ pull_request:
+ # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
+ # by other workflows.
+ types: [opened, synchronize, reopened, ready_for_review]
+ workflow_dispatch:
+
+jobs:
+ runner-analyze-javascript-ubuntu:
+ name: Runner ubuntu JS analyze
+
+ timeout-minutes: 45
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Build runner
+ run: |
+ cd runner
+ npm install
+ npm run build-runner
+
+ - name: Run init
+ run: |
+ # Pass --config-file here, but not for other jobs in this workflow.
+ # This means we're testing the config file parsing in the runner
+ # but not slowing down all jobs unnecessarily as it doesn't add much
+ # testing the parsing on different operating systems and languages.
+ runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ - name: Run analyze
+ run: |
+ runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+ env:
+ TEST_MODE: true
+
+ runner-analyze-javascript-windows:
+ name: Runner windows JS analyze
+ timeout-minutes: 45
+ runs-on: windows-latest
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Build runner
+ run: |
+ cd runner
+ npm install
+ npm run build-runner
+
+ - name: Run init
+ run: |
+ runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ - name: Run analyze
+ run: |
+ runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+ env:
+ TEST_MODE: true
+
+ runner-analyze-javascript-macos:
+ name: Runner macos JS analyze
+ timeout-minutes: 45
+ runs-on: macos-latest
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Build runner
+ run: |
+ cd runner
+ npm install
+ npm run build-runner
+
+ - name: Run init
+ run: |
+ runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ - name: Run analyze
+ run: |
+ runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+ env:
+ TEST_MODE: true
+
+ runner-analyze-csharp-ubuntu:
+ name: Runner ubuntu C# analyze
+ timeout-minutes: 45
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Move codeql-action
+ shell: bash
+ run: |
+ mkdir ../action
+ mv * .github ../action/
+ mv ../action/tests/multi-language-repo/{*,.github} .
+ mv ../action/.github/workflows .github
+
+ - name: Build runner
+ run: |
+ cd ../action/runner
+ npm install
+ npm run build-runner
+
+ - name: Run init
+ run: |
+ ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ - name: Build code
+ run: |
+ . ./codeql-runner/codeql-env.sh
+ $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
+
+ - name: Run analyze
+ run: |
+ ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+ env:
+ TEST_MODE: true
+
+ runner-analyze-csharp-windows:
+ name: Runner windows C# analyze
+
+ # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of
+ # `windows-latest`.
+ timeout-minutes: 45
+ runs-on: windows-2019
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Move codeql-action
+ shell: bash
+ run: |
+ mkdir ../action
+ mv * .github ../action/
+ mv ../action/tests/multi-language-repo/{*,.github} .
+ mv ../action/.github/workflows .github
+
+ - name: Build runner
+ run: |
+ cd ../action/runner
+ npm install
+ npm run build-runner
+
+ - name: Run init
+ run: |
+ ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ - name: Build code
+ shell: powershell
+ run: |
+ cat ./codeql-runner/codeql-env.sh | Invoke-Expression
+ $Env:CODEQL_EXTRACTOR_CSHARP_ROOT = "" # Unset an environment variable to make sure the tracer resists this
+ & $Env:CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
+
+ - name: Upload tracer logs
+ uses: actions/upload-artifact@v3
+ with:
+ name: tracer-logs
+ path: ./codeql-runner/compound-build-tracer.log
+
+ - name: Run analyze
+ run: |
+ ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+ env:
+ TEST_MODE: true
+
+ runner-analyze-csharp-macos:
+ name: Runner macos C# analyze
+ timeout-minutes: 45
+
+ runs-on: macos-latest
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Move codeql-action
+ shell: bash
+ run: |
+ mkdir ../action
+ mv * .github ../action/
+ mv ../action/tests/multi-language-repo/{*,.github} .
+ mv ../action/.github/workflows .github
+
+ - name: Build runner
+ run: |
+ cd ../action/runner
+ npm install
+ npm run build-runner
+
+ - name: Run init
+ run: |
+ ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ - name: Build code
+ shell: bash
+ run: |
+ . ./codeql-runner/codeql-env.sh
+ $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
+
+ - name: Run analyze
+ run: |
+ ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+ env:
+ TEST_MODE: true
+
+ runner-analyze-csharp-autobuild-ubuntu:
+ name: Runner ubuntu autobuild C# analyze
+ timeout-minutes: 45
+
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Move codeql-action
+ shell: bash
+ run: |
+ mkdir ../action
+ mv * .github ../action/
+ mv ../action/tests/multi-language-repo/{*,.github} .
+ mv ../action/.github/workflows .github
+
+ - name: Build runner
+ run: |
+ cd ../action/runner
+ npm install
+ npm run build-runner
+
+ - name: Run init
+ run: |
+ ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ - name: Build code
+ run: |
+ ../action/runner/dist/codeql-runner-linux autobuild
+
+ - name: Run analyze
+ run: |
+ ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+ env:
+ TEST_MODE: true
+
+ runner-analyze-csharp-autobuild-windows:
+ timeout-minutes: 45
+ name: Runner windows autobuild C# analyze
+
+ # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of
+ # `windows-latest`.
+ runs-on: windows-2019
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Move codeql-action
+ shell: bash
+ run: |
+ mkdir ../action
+ mv * .github ../action/
+ mv ../action/tests/multi-language-repo/{*,.github} .
+ mv ../action/.github/workflows .github
+
+ - name: Build runner
+ run: |
+ cd ../action/runner
+ npm install
+ npm run build-runner
+
+ - name: Run init
+ run: |
+ ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ - name: Build code
+ shell: powershell
+ run: |
+ ../action/runner/dist/codeql-runner-win.exe autobuild
+
+ - name: Run analyze
+ run: |
+ ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+ env:
+ TEST_MODE: true
+
+ runner-analyze-csharp-autobuild-macos:
+ name: Runner macos autobuild C# analyze
+
+ runs-on: macos-latest
+ timeout-minutes: 45
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Move codeql-action
+ shell: bash
+ run: |
+ mkdir ../action
+ mv * .github ../action/
+ mv ../action/tests/multi-language-repo/{*,.github} .
+ mv ../action/.github/workflows .github
+
+ - name: Build runner
+ run: |
+ cd ../action/runner
+ npm install
+ npm run build-runner
+
+ - name: Run init
+ run: |
+ ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ - name: Build code
+ shell: bash
+ run: |
+ . codeql-runner/codeql-env.sh
+ CODEQL_RUNNER="$(cat codeql-runner/codeql-env.json | jq -r '.CODEQL_RUNNER')"
+ echo "$CODEQL_RUNNER"
+ $CODEQL_RUNNER ../action/runner/dist/codeql-runner-macos autobuild
+
+ - name: Run analyze
+ run: |
+ ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+ env:
+ TEST_MODE: true
+
+ runner-upload-sarif:
+ name: Runner upload sarif
+
+ runs-on: ubuntu-latest
+ timeout-minutes: 45
+
+ if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }}
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Build runner
+ run: |
+ cd runner
+ npm install
+ npm run build-runner
+
+ - name: Upload with runner
+ run: |
+ # Deliberately don't use TEST_MODE here. This is specifically testing
+ # the compatibility with the API.
+ runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ runner-extractor-ram-threads-options:
+ name: Runner ubuntu extractor RAM and threads options
+
+ runs-on: ubuntu-latest
+ timeout-minutes: 45
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Build runner
+ run: |
+ cd runner
+ npm install
+ npm run build-runner
+
+ - name: Run init
+ run: |
+ runner/dist/codeql-runner-linux init --ram=230 --threads=1 --repository $GITHUB_REPOSITORY --languages java --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+ - name: Assert Results
+ shell: bash
+ run: |
+ . ./codeql-runner/codeql-env.sh
+ if [ "${CODEQL_RAM}" != "230" ]; then
+ echo "CODEQL_RAM is '${CODEQL_RAM}' instead of 230"
+ exit 1
+ fi
+ if [ "${CODEQL_EXTRACTOR_JAVA_RAM}" != "230" ]; then
+ echo "CODEQL_EXTRACTOR_JAVA_RAM is '${CODEQL_EXTRACTOR_JAVA_RAM}' instead of 230"
+ exit 1
+ fi
+ if [ "${CODEQL_THREADS}" != "1" ]; then
+ echo "CODEQL_THREADS is '${CODEQL_THREADS}' instead of 1"
+ exit 1
+ fi
+ if [ "${CODEQL_EXTRACTOR_JAVA_THREADS}" != "1" ]; then
+ echo "CODEQL_EXTRACTOR_JAVA_THREADS is '${CODEQL_EXTRACTOR_JAVA_THREADS}' instead of 1"
+ exit 1
+ fi
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5cdb6838c6..cbe7777e85 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
# CodeQL Action Changelog
+## 1.1.18 - 03 Aug 2022
+
+- Update default CodeQL bundle version to 2.10.2. [#1156](https://github.com/github/codeql-action/pull/1156)
+
## 1.1.17 - 28 Jul 2022
- Update default CodeQL bundle version to 2.10.1. [#1143](https://github.com/github/codeql-action/pull/1143)
diff --git a/lib/defaults.json b/lib/defaults.json
index 2dd1a86cf7..13c30cf139 100644
--- a/lib/defaults.json
+++ b/lib/defaults.json
@@ -1,3 +1,3 @@
{
- "bundleVersion": "codeql-bundle-20220714"
+ "bundleVersion": "codeql-bundle-20220728"
}
diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json
index 2816a0b272..564128bd04 100644
--- a/node_modules/.package-lock.json
+++ b/node_modules/.package-lock.json
@@ -1,6 +1,6 @@
{
"name": "codeql",
- "version": "1.1.17",
+ "version": "1.1.18",
"lockfileVersion": 2,
"requires": true,
"packages": {
diff --git a/package-lock.json b/package-lock.json
index 4716bc7a49..8c255a1527 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
{
"name": "codeql",
- "version": "1.1.17",
+ "version": "1.1.18",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "codeql",
- "version": "1.1.17",
+ "version": "1.1.18",
"license": "MIT",
"dependencies": {
"@actions/artifact": "^1.0.0",
diff --git a/package.json b/package.json
index c496d796d8..d257eacb90 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "codeql",
- "version": "1.1.17",
+ "version": "1.1.18",
"private": true,
"description": "CodeQL action",
"scripts": {
diff --git a/src/defaults.json b/src/defaults.json
index 69211563e0..b04119e141 100644
--- a/src/defaults.json
+++ b/src/defaults.json
@@ -1,3 +1,3 @@
{
- "bundleVersion": "codeql-bundle-20220714"
+ "bundleVersion": "codeql-bundle-20220728"
}
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy