Skip to content

Merge main into releases/v3 #2490

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 37 commits into from
Sep 19, 2024
Merged

Merge main into releases/v3 #2490

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
b296f26
Refactor: upload all available debug artifacts in init-post
angelapwen Sep 11, 2024
c098b25
Only upload `upload-sarif` debug artifacts at most once
angelapwen Sep 11, 2024
4ba2440
Rebuild: add transpiled files
angelapwen Sep 11, 2024
82ce313
Remove unused helper file
angelapwen Sep 11, 2024
d4bfd40
Use `.push` rather than `.concat`
angelapwen Sep 11, 2024
cb7faf5
Refactor: move combined SARIF debug artifact logic to `debug-artifact`
angelapwen Sep 12, 2024
e771680
Rename `upload-debug-artifacts` to `combined-sarif-artifacts`
angelapwen Sep 12, 2024
bc660fc
Copy SARIF file to database location rather than move
angelapwen Sep 12, 2024
d795ead
Fix incorrect documentation about the `token` input to the Actions.
chrisgavin Sep 13, 2024
d4f57b8
Update changelog and version after v3.26.7
github-actions[bot] Sep 13, 2024
fa08c06
Update checked-in dependencies
github-actions[bot] Sep 13, 2024
e1d2bc5
Merge pull request #2479 from github/mergeback/v3.26.7-to-main-8214744c
Sep 13, 2024
51de6a8
Use RFC-style requirements.
chrisgavin Sep 13, 2024
86b04fb
Add a warning to not specify a `token` input in most cases.
chrisgavin Sep 13, 2024
c101242
Merge pull request #2477 from github/fix-incorrect-token-docs
chrisgavin Sep 13, 2024
762210d
Use generated token on checkout
rvermeulen Sep 13, 2024
fe22310
Merge pull request #2475 from github/angelapwen/refactor-debug-artifa…
angelapwen Sep 13, 2024
5618c9f
Merge pull request #2481 from rvermeulen/rvermeulen/use-correct-token…
Sep 13, 2024
d061f2c
Handle CLI errors when creating debug artifacts
henrymercer Sep 16, 2024
bbd9c4a
Update default bundle to codeql-bundle-v2.19.0
github-actions[bot] Sep 16, 2024
6cc3253
Add changelog note
github-actions[bot] Sep 16, 2024
80d7a6c
Tolerate failures in uploading debug artifacts
henrymercer Sep 16, 2024
bbd7c80
Fall back to partial database bundle if CLI command fails
henrymercer Sep 16, 2024
dd7307d
Refactoring: Simplify retrieving error message
henrymercer Sep 16, 2024
213bf36
Improve documentation
henrymercer Sep 16, 2024
642bbfc
Turn invalid helpUri attribute into a warning
rvermeulen Sep 16, 2024
782de45
Merge pull request #2486 from github/henrymercer/improve-debug-artifa…
henrymercer Sep 17, 2024
78d398e
Improve docs and method naming
henrymercer Sep 17, 2024
d0a3cf2
Improve logging for debug artifacts
henrymercer Sep 17, 2024
6e24973
Improve logging for combined SARIF debug artifact
henrymercer Sep 17, 2024
34666c1
Merge pull request #2488 from github/henrymercer/debug-artifacts-bett…
henrymercer Sep 17, 2024
a1a585f
Merge branch 'main' into rvermeulen/uri-errors-as-warnings
rvermeulen Sep 17, 2024
498c508
Rebuild JavaScript files
rvermeulen Sep 17, 2024
cb28816
Merge pull request #2487 from rvermeulen/rvermeulen/uri-errors-as-war…
rvermeulen Sep 17, 2024
e0e2d75
Merge branch 'main' into update-bundle/codeql-bundle-v2.19.0
smowton Sep 18, 2024
64431c6
Merge pull request #2483 from github/update-bundle/codeql-bundle-v2.19.0
smowton Sep 18, 2024
00b3604
Update changelog for v3.26.8
github-actions[bot] Sep 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions lib/upload-lib.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/upload-lib.js.map
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions lib/upload-lib.test.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/upload-lib.test.js.map
View file
Open in desktop

Large diffs are not rendered by default.

54 changes: 33 additions & 21 deletions src/testdata/with-invalid-uri.sarif
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,30 +8,42 @@
"name": "LGTM.com",
"organization": "Semmle",
"version": "1.24.0-SNAPSHOT",
"rules": []
"rules": [
{
"id": "js/unused-local-variable",
"shortDescription": {
"text": "Unused local variable"
},
"helpUri": "not a valid URI"
}
]
}
},
"results" : [ {
"ruleId" : "js/unused-local-variable",
"ruleIndex" : 0,
"message" : {
"text" : "Unused variable foo."
},
"locations" : [ {
"physicalLocation" : {
"artifactLocation" : {
"uri" : "not a valid URI",
"uriBaseId" : "%SRCROOT%",
"index" : 0
},
"region" : {
"startLine" : 2,
"startColumn" : 7,
"endColumn" : 10
"results": [
{
"ruleId": "js/unused-local-variable",
"ruleIndex": 0,
"message": {
"text": "Unused variable foo."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "not a valid URI",
"uriBaseId": "%SRCROOT%",
"index": 0
},
"region": {
"startLine": 2,
"startColumn": 7,
"endColumn": 10
}
}
}
}
} ]
} ],
]
}
],
"columnKind": "utf16CodeUnits",
"properties": {
"semmle.formatSpecifier": "2.1.0",
Expand Down
3 changes: 2 additions & 1 deletion src/upload-lib.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -317,9 +317,10 @@ test("accept results with invalid artifactLocation.uri value", (t) => {
const sarifFile = `${__dirname}/../src/testdata/with-invalid-uri.sarif`;
uploadLib.validateSarifFileSchema(sarifFile, mockLogger);

t.deepEqual(loggedMessages.length, 2);
t.deepEqual(loggedMessages.length, 3);
t.deepEqual(
loggedMessages[1],
"Warning: 'not a valid URI' is not a valid URI in 'instance.runs[0].tool.driver.rules[0].helpUri'.",
"Warning: 'not a valid URI' is not a valid URI in 'instance.runs[0].results[0].locations[0].physicalLocation.artifactLocation.uri'.",
);
});
Expand Down
17 changes: 13 additions & 4 deletions src/upload-lib.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -449,11 +449,20 @@ export function validateSarifFileSchema(sarifFilePath: string, logger: Logger) {
const result = new jsonschema.Validator().validate(sarif, schema);
// Filter errors related to invalid URIs in the artifactLocation field as this
// is a breaking change. See https://github.com/github/codeql-action/issues/1703
const errors = (result.errors || []).filter(
(err) => err.argument !== "uri-reference",
const warningAttributes = ["uri-reference", "uri"];
const errors = (result.errors ?? []).filter(
(err) =>
!(
err.name === "format" &&
typeof err.argument === "string" &&
warningAttributes.includes(err.argument)
),
);
const warnings = (result.errors || []).filter(
(err) => err.argument === "uri-reference",
const warnings = (result.errors ?? []).filter(
(err) =>
err.name === "format" &&
typeof err.argument === "string" &&
warningAttributes.includes(err.argument),
);

for (const warning of warnings) {
Expand Down
Loading
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy