From 1bac334738b1776172c91f41868e1a53b73b1ef2 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Fri, 8 Mar 2024 17:19:26 +0000 Subject: [PATCH 1/3] Update `languages` help Recommend using a matrix build --- init/action.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/init/action.yml b/init/action.yml index c7aa29f0ce..773ef1b879 100644 --- a/init/action.yml +++ b/init/action.yml @@ -8,7 +8,13 @@ inputs: # If not specified the Action will check in several places until it finds the CodeQL tools. languages: description: | - A comma-separated value of the languages to be analysed e.g. python,javascript + A comma-separated list of CodeQL languages to analyze. + + Due to the performance benefit of parallelizing builds, we recommend specifying languages to + analyze using a matrix and providing `${{ matrix.language }}` as this input. + + For more information, see + https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#changing-the-languages-that-are-analyzed. required: false build-mode: description: >- From 27a6cd0a11fefc3a0b7fd2ff3edf69b58f9301b2 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Fri, 8 Mar 2024 17:23:16 +0000 Subject: [PATCH 2/3] Remove experimental qualifiers from build mode input --- init/action.yml | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/init/action.yml b/init/action.yml index 773ef1b879..4305d2cfc2 100644 --- a/init/action.yml +++ b/init/action.yml @@ -18,20 +18,22 @@ inputs: required: false build-mode: description: >- - [Experimental, for internal testing only] The build mode that will be used to analyze the language. - This input is only available in single-language analyses. + The build mode that will be used to analyze the language. This input is only available when + analyzing a single CodeQL language per job, for example using a matrix. Available build modes will differ based on the language being analyzed. One of: - - none: The database will be created without building the source code. - Available for all interpreted languages and some compiled languages. - - autobuild: The database will be created by attempting to automatically build the source code. - To use this build mode, ensure that your workflow calls the `autobuild` action - between the `init` and `analyze` steps. - Available for all compiled languages. - - manual: The database will be created by building the source code using a manually specified - build command. To use this build mode, specify manual build steps in your workflow - between the `init` and `analyze` steps. Available for all compiled languages. + - `none`: The database will be created without building the source code. + Available for all interpreted languages and some compiled languages. + - `autobuild`: The database will be created by attempting to automatically build the source + code. + To use this build mode, ensure that your workflow calls the `autobuild` action + between the `init` and `analyze` steps. + Available for all compiled languages. + - `manual`: The database will be created by building the source code using a manually + specified build command. To use this build mode, specify manual build steps in + your workflow between the `init` and `analyze` steps. Available for all + compiled languages. required: false token: description: GitHub token to use for authenticating with this instance of GitHub. To download custom packs from multiple registries, use the registries input. From 24c3eda0e32fb3558b504ad9f9c523fc6b68b363 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Fri, 8 Mar 2024 17:35:02 +0000 Subject: [PATCH 3/3] Escape named value in input description --- init/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/init/action.yml b/init/action.yml index 4305d2cfc2..1b6c8c547d 100644 --- a/init/action.yml +++ b/init/action.yml @@ -7,11 +7,11 @@ inputs: required: false # If not specified the Action will check in several places until it finds the CodeQL tools. languages: - description: | + description: >- A comma-separated list of CodeQL languages to analyze. Due to the performance benefit of parallelizing builds, we recommend specifying languages to - analyze using a matrix and providing `${{ matrix.language }}` as this input. + analyze using a matrix and providing `\$\{{ matrix.language }}` as this input. For more information, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#changing-the-languages-that-are-analyzed. pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy