Skip to content

Merge main into releases/v2 #1634

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 29 commits into from
Apr 5, 2023
Merged

Merge main into releases/v2 #1634

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
32daed7
Update changelog and version after v2.2.9
invalid-email-address Mar 27, 2023
2deae45
Update checked-in dependencies
invalid-email-address Mar 27, 2023
1e7a388
Wrap reading and writing SARIF files
henrymercer Mar 27, 2023
57eca7c
Use `Array.isArray`
henrymercer Mar 27, 2023
b0e191e
Merge pull request #1609 from github/mergeback/v2.2.9-to-main-04df1262
henrymercer Mar 27, 2023
bc0ed6a
Merge pull request #1610 from github/henrymercer/diagnostics-workarou…
henrymercer Mar 27, 2023
0af0653
Use new location for external queries
aeisenberg Mar 27, 2023
f9c159f
Merge pull request #1613 from github/aeisenberg/codeql-testing
aeisenberg Mar 28, 2023
ff39eb8
Disable flaky Swift autobuild checks
henrymercer Mar 28, 2023
fff3a80
Merge pull request #1620 from github/henrymercer/disable-flaky-check
henrymercer Mar 28, 2023
f6e4cff
Remove checks for triggering on specific paths
rneatherway Mar 29, 2023
dc81ae3
Merge pull request #1625 from github/rneatherway/rm-old-checks
rneatherway Mar 29, 2023
29a4713
Enable diagnostics functionality on GHES
henrymercer Mar 29, 2023
69aec34
Pass negative SARIF include diagnostics flag when feature is disabled
henrymercer Mar 29, 2023
bb28e7e
Merge pull request #1626 from github/henrymercer/diagnostics-ghes
henrymercer Mar 30, 2023
e85546c
Move internal Actions into `.github/actions`
henrymercer Mar 31, 2023
1c0a788
Add workflow to automatically update the bundle
henrymercer Mar 31, 2023
33f3087
Format `.github/actions/update-bundle/index.ts`
henrymercer Apr 3, 2023
a86046f
Explain CLI version marker files
henrymercer Apr 3, 2023
f6091a0
Use `tee` when setting env vars to improve debugging
henrymercer Apr 3, 2023
98173be
Add a comment about `lib/defaults.json`
henrymercer Apr 3, 2023
f0a422f
Merge pull request #1630 from github/henrymercer/automate-bundle-upgrade
henrymercer Apr 3, 2023
9c869eb
Update default CodeQL bundle version to 2.12.6
alexet Apr 3, 2023
ae0109a
Merge pull request #1629 from github/alexet/update-2.12.6-2
alexet Apr 4, 2023
3bba073
Skip the SARIF notification object workaround for fixed CLIs
henrymercer Apr 4, 2023
2754e10
Move to the codeql-testing org
aeisenberg Apr 4, 2023
fa7cce4
Merge pull request #1632 from github/aeisenberg/codeql-testing-org
aeisenberg Apr 4, 2023
66aeadb
Merge pull request #1631 from github/henrymercer/duplicate-diagnostic…
henrymercer Apr 5, 2023
d53297e
Update changelog for v2.2.10
invalid-email-address Apr 5, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions .github/workflows/__init-with-registries.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/__packaging-codescanning-config-inputs-js.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/__packaging-config-inputs-js.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/__packaging-inputs-js.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/__split-workflow.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

18 changes: 9 additions & 9 deletions .github/workflows/codescanning-config-cli.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,10 +64,10 @@ jobs:
with:
expected-config-file-contents: |
{
"packs": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ]
"packs": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2" ]
}
languages: javascript
packs: dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2
packs: codeql-testing/codeql-pack1@1.0.0, codeql-testing/codeql-pack2
tools: ${{ steps.prepare-test.outputs.tools-url }}

- name: Packs from input with +
Expand All @@ -76,10 +76,10 @@ jobs:
with:
expected-config-file-contents: |
{
"packs": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ]
"packs": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2" ]
}
languages: javascript
packs: + dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2
packs: + codeql-testing/codeql-pack1@1.0.0, codeql-testing/codeql-pack2
tools: ${{ steps.prepare-test.outputs.tools-url }}

- name: Queries from input
Expand Down Expand Up @@ -113,11 +113,11 @@ jobs:
expected-config-file-contents: |
{
"queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" }],
"packs": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ]
"packs": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2" ]
}
languages: javascript
queries: + ./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql
packs: + dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2
packs: + codeql-testing/codeql-pack1@1.0.0, codeql-testing/codeql-pack2
tools: ${{ steps.prepare-test.outputs.tools-url }}

- name: Queries and packs from config
Expand All @@ -128,7 +128,7 @@ jobs:
{
"queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/foo2/show_ifs.ql" }],
"packs": {
"javascript": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ]
"javascript": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2" ]
}
}
languages: javascript
Expand Down Expand Up @@ -161,7 +161,7 @@ jobs:
{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" }
],
"packs": {
"javascript": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2", "codeql/javascript-queries" ]
"javascript": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2", "codeql/javascript-queries" ]
}
}
languages: javascript
Expand All @@ -177,7 +177,7 @@ jobs:
expected-config-file-contents: |
{
"packs": {
"javascript": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ],
"javascript": ["codeql-testing/codeql-pack1@1.0.0", "codeql-testing/codeql-pack2" ],
"ruby": ["codeql/ruby-queries"]
},
"queries": [
Expand Down
4 changes: 2 additions & 2 deletions lib/codeql.test.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/codeql.test.js.map
View file
Open in desktop

Large diffs are not rendered by default.

10 changes: 5 additions & 5 deletions lib/config-utils.test.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/config-utils.test.js.map
View file
Open in desktop

Large diffs are not rendered by default.

8 changes: 6 additions & 2 deletions pr-checks/checks/init-with-registries.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@ versions: [
"nightly-latest",
]

permissions:
contents: read
packages: read

steps:
- name: Init with registries
uses: ./../action/init
Expand All @@ -27,8 +31,8 @@ steps:
- name: Verify packages installed
shell: bash
run: |
PRIVATE_PACK="$HOME/.codeql/packages/dsp-testing/private-pack"
CODEQL_PACK1="$HOME/.codeql/packages/dsp-testing/codeql-pack1"
PRIVATE_PACK="$HOME/.codeql/packages/codeql-testing/private-pack"
CODEQL_PACK1="$HOME/.codeql/packages/codeql-testing/codeql-pack1"

if [[ -d $PRIVATE_PACK ]]
then
Expand Down
2 changes: 1 addition & 1 deletion pr-checks/checks/packaging-codescanning-config-inputs-js.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ steps:
- uses: ./../action/init
with:
config-file: ".github/codeql/codeql-config-packaging3.yml"
packs: +dsp-testing/codeql-pack1@1.0.0
packs: +codeql-testing/codeql-pack1@1.0.0
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code
Expand Down
2 changes: 1 addition & 1 deletion pr-checks/checks/packaging-config-inputs-js.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ steps:
- uses: ./../action/init
with:
config-file: ".github/codeql/codeql-config-packaging3.yml"
packs: +dsp-testing/codeql-pack1@1.0.0
packs: +codeql-testing/codeql-pack1@1.0.0
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code
Expand Down
2 changes: 1 addition & 1 deletion pr-checks/checks/packaging-inputs-js.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ steps:
with:
config-file: ".github/codeql/codeql-config-packaging2.yml"
languages: javascript
packs: dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2, dsp-testing/codeql-pack3:other-query.ql
packs: codeql-testing/codeql-pack1@1.0.0, codeql-testing/codeql-pack2, codeql-testing/codeql-pack3:other-query.ql
tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code
shell: bash
Expand Down
2 changes: 1 addition & 1 deletion pr-checks/checks/split-workflow.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ steps:
- uses: ./../action/init
with:
config-file: ".github/codeql/codeql-config-packaging3.yml"
packs: +dsp-testing/codeql-pack1@1.0.0
packs: +codeql-testing/codeql-pack1@1.0.0
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Build code
Expand Down
4 changes: 3 additions & 1 deletion pr-checks/sync.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,8 +107,10 @@ def writeHeader(checkStream):
'name': checkSpecification['name'],
'timeout-minutes': 45,
'runs-on': '${{ matrix.os }}',
'steps': steps
'steps': steps,
}
if 'permissions' in checkSpecification:
checkJob['permissions'] = checkSpecification['permissions']

for key in ["env", "container", "services"]:
if key in checkSpecification:
Expand Down
4 changes: 2 additions & 2 deletions src/codeql.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -554,13 +554,13 @@ test("bundle URL from another repo is cached as 0.0.0-bundleVersion", async (t)
tagName: "codeql-bundle-20230203",
});
mockDownloadApi({
repo: "dsp-testing/codeql-cli-nightlies",
repo: "codeql-testing/codeql-cli-nightlies",
platformSpecific: false,
tagName: "codeql-bundle-20230203",
});

const result = await codeql.setupCodeQL(
"https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-20230203/codeql-bundle.tar.gz",
"https://github.com/codeql-testing/codeql-cli-nightlies/releases/download/codeql-bundle-20230203/codeql-bundle.tar.gz",
sampleApiDetails,
tmpDir,
util.GitHubVariant.DOTCOM,
Expand Down
10 changes: 5 additions & 5 deletions src/config-utils.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2307,7 +2307,7 @@ test("downloadPacks-with-registries", async (t) => {
{
// no slash
url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"],
packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token",
},
{
Expand Down Expand Up @@ -2397,7 +2397,7 @@ test("downloadPacks-with-registries fails on 2.10.3", async (t) => {
const registriesInput = yaml.dump([
{
url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"],
packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token",
},
{
Expand Down Expand Up @@ -2439,7 +2439,7 @@ test("downloadPacks-with-registries fails with invalid registries block", async
const registriesInput = yaml.dump([
{
// missing url property
packages: ["codeql/*", "dsp-testing/*"],
packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token",
},
{
Expand Down Expand Up @@ -2478,7 +2478,7 @@ test("no generateRegistries when CLI is too old", async (t) => {
{
// no slash
url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"],
packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token",
},
]);
Expand Down Expand Up @@ -2527,7 +2527,7 @@ test("generateRegistries prefers original CODEQL_REGISTRIES_AUTH", async (t) =>
const registriesInput = yaml.dump([
{
url: "http://ghcr.io",
packages: ["codeql/*", "dsp-testing/*"],
packages: ["codeql/*", "codeql-testing/*"],
token: "not-a-token",
},
]);
Expand Down
6 changes: 3 additions & 3 deletions tests/multi-language-repo/.github/codeql/codeql-config-packaging.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@ name: Pack testing in the CodeQL Action
disable-default-queries: true
packs:
javascript:
- dsp-testing/codeql-pack1@1.0.0
- dsp-testing/codeql-pack2
- dsp-testing/codeql-pack3:other-query.ql
- codeql-testing/codeql-pack1@1.0.0
- codeql-testing/codeql-pack2
- codeql-testing/codeql-pack3:other-query.ql

paths-ignore:
- tests
Expand Down
4 changes: 2 additions & 2 deletions tests/multi-language-repo/.github/codeql/codeql-config-packaging3.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ name: Pack testing in the CodeQL Action
disable-default-queries: true
packs:
javascript:
- dsp-testing/codeql-pack2
- dsp-testing/codeql-pack3:other-query.ql
- codeql-testing/codeql-pack2
- codeql-testing/codeql-pack3:other-query.ql
paths-ignore:
- tests
- lib
2 changes: 1 addition & 1 deletion tests/multi-language-repo/.github/codeql/codeql-config-query-filters2.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ disable-default-queries: true
packs:
javascript:
- codeql/javascript-queries
- dsp-testing/codeql-pack1@1.0.0
- codeql-testing/codeql-pack1@1.0.0

query-filters:
# This should run js/path-injection and js/zipslip
Expand Down
2 changes: 1 addition & 1 deletion tests/multi-language-repo/.github/codeql/codeql-config-query-filters3.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ queries:
packs:
javascript:
- codeql/javascript-queries
- dsp-testing/codeql-pack1@1.0.0
- codeql-testing/codeql-pack1@1.0.0

query-filters:
# This should run js/path-injection and js/zipslip
Expand Down
4 changes: 2 additions & 2 deletions tests/multi-language-repo/.github/codeql/codeql-config-registries.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@ name: Pack testing in the CodeQL Action
disable-default-queries: true
packs:
javascript:
- dsp-testing/private-pack
- dsp-testing/codeql-pack1
- codeql-testing/private-pack
- codeql-testing/codeql-pack1
4 changes: 2 additions & 2 deletions tests/multi-language-repo/.github/codeql/multi-language-packs-config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
packs:
javascript:
- dsp-testing/codeql-pack1@1.0.0
- dsp-testing/codeql-pack2
- codeql-testing/codeql-pack1@1.0.0
- codeql-testing/codeql-pack2
ruby:
- codeql/ruby-queries

Expand Down
4 changes: 2 additions & 2 deletions tests/multi-language-repo/.github/codeql/queries-and-packs-config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
packs:
javascript:
- dsp-testing/codeql-pack1@1.0.0
- dsp-testing/codeql-pack2
- codeql-testing/codeql-pack1@1.0.0
- codeql-testing/codeql-pack2

queries:
- uses: ./codeql-qlpacks/complex-javascript-qlpack/foo2/show_ifs.ql
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy