robojerk/codeql-action

Merge branch 'main' into dbartol/bundle-pr-description

Browse source
This commit is contained in:
Henry Mercer 2024-05-20 16:56:47 +01:00 committed by GitHub
commit 2c0b69bd1f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
16 changed files with 45 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

16
.github/workflows/__multi-language-autodetect.yml generated vendored
View file

@ -28,36 +28,20 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
include: include:
- os: ubuntu-latest
version: stable-20230403
- os: macos-12 - os: macos-12
version: stable-20230403 version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: macos-12 - os: macos-12
version: stable-v2.13.5 version: stable-v2.13.5
- os: ubuntu-latest
version: stable-v2.14.6
- os: macos-12 - os: macos-12
version: stable-v2.14.6 version: stable-v2.14.6
- os: ubuntu-latest
version: stable-v2.15.5
- os: macos-latest - os: macos-latest
version: stable-v2.15.5 version: stable-v2.15.5
- os: ubuntu-latest
version: stable-v2.16.6
- os: macos-latest - os: macos-latest
version: stable-v2.16.6 version: stable-v2.16.6
- os: ubuntu-latest
version: default
- os: macos-latest - os: macos-latest
version: default version: default
- os: ubuntu-latest
version: latest
- os: macos-latest - os: macos-latest
version: latest version: latest
- os: ubuntu-latest
version: nightly-latest
- os: macos-latest - os: macos-latest
version: nightly-latest version: nightly-latest
name: Multi-language repository name: Multi-language repository

16
.github/workflows/__scaling-reserved-ram.yml generated vendored
View file

@ -28,36 +28,20 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
include: include:
- os: ubuntu-latest
version: stable-20230403
- os: macos-12 - os: macos-12
version: stable-20230403 version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: macos-12 - os: macos-12
version: stable-v2.13.5 version: stable-v2.13.5
- os: ubuntu-latest
version: stable-v2.14.6
- os: macos-12 - os: macos-12
version: stable-v2.14.6 version: stable-v2.14.6
- os: ubuntu-latest
version: stable-v2.15.5
- os: macos-latest - os: macos-latest
version: stable-v2.15.5 version: stable-v2.15.5
- os: ubuntu-latest
version: stable-v2.16.6
- os: macos-latest - os: macos-latest
version: stable-v2.16.6 version: stable-v2.16.6
- os: ubuntu-latest
version: default
- os: macos-latest - os: macos-latest
version: default version: default
- os: ubuntu-latest
version: latest
- os: macos-latest - os: macos-latest
version: latest version: latest
- os: ubuntu-latest
version: nightly-latest
- os: macos-latest - os: macos-latest
version: nightly-latest version: nightly-latest
name: Scaling reserved RAM name: Scaling reserved RAM

6
.github/workflows/__swift-custom-build.yml generated vendored
View file

@ -28,16 +28,10 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
include: include:
- os: ubuntu-latest
version: latest
- os: macos-latest - os: macos-latest
version: latest version: latest
- os: ubuntu-latest
version: default
- os: macos-latest - os: macos-latest
version: default version: default
- os: ubuntu-latest
version: nightly-latest
- os: macos-latest - os: macos-latest
version: nightly-latest version: nightly-latest
name: Swift analysis using a custom build command name: Swift analysis using a custom build command

21
.github/workflows/__unset-environment.yml generated vendored
View file

@ -28,21 +28,17 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
include: include:
- os: ubuntu-latest - os: macos-12
version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: ubuntu-latest
version: stable-v2.14.6 version: stable-v2.14.6
- os: ubuntu-latest - os: macos-latest
version: stable-v2.15.5 version: stable-v2.15.5
- os: ubuntu-latest - os: macos-latest
version: stable-v2.16.6 version: stable-v2.16.6
- os: ubuntu-latest - os: macos-latest
version: default
- os: ubuntu-latest
version: latest version: latest
- os: ubuntu-latest - os: macos-latest
version: default
- os: macos-latest
version: nightly-latest version: nightly-latest
name: Test unsetting environment variables name: Test unsetting environment variables
permissions: permissions:
@ -79,6 +75,9 @@ jobs:
- uses: ./../action/.github/actions/setup-swift - uses: ./../action/.github/actions/setup-swift
with: with:
codeql-path: ${{ steps.init.outputs.codeql-path }} codeql-path: ${{ steps.init.outputs.codeql-path }}
- uses: actions/setup-go@v5
with:
go-version: '>=1.21.0'
- name: Build code - name: Build code
shell: bash shell: bash
# Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a

11
.github/workflows/debug-artifacts.yml vendored
View file

@ -25,9 +25,10 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
version: version:
- stable-20230403 # TODO: Once CLI v2.17.4 is available and the platform is switched back to ubuntu,
- stable-v2.13.5 # stable-20230403, stable-v2.13.5, and stable-v2.14.6 can be added back to this matrix,
- stable-v2.14.6 # and the VERSIONS variable in the bash script below.
# Prior to CLI v2.15.1, ARM runners were not supported by the build tracer.
- stable-v2.15.5 - stable-v2.15.5
- stable-v2.16.6 - stable-v2.16.6
- default - default
@ -37,7 +38,7 @@ jobs:
env: env:
CODEQL_ACTION_TEST_MODE: true CODEQL_ACTION_TEST_MODE: true
timeout-minutes: 45 timeout-minutes: 45
runs-on: ubuntu-latest runs-on: macos-latest # TODO: Switch back to ubuntu for `nightly-latest` and `latest` once CLI v2.17.4 is available.
steps: steps:
- name: Check out repository - name: Check out repository
uses: actions/checkout@v4 uses: actions/checkout@v4
@ -75,7 +76,7 @@ jobs:
- name: Check expected artifacts exist - name: Check expected artifacts exist
shell: bash shell: bash
run: | run: |
VERSIONS="stable-20230403 stable-v2.13.5 stable-v2.14.6 stable-v2.15.5 stable-v2.16.6 default latest nightly-latest" VERSIONS="stable-v2.15.5 stable-v2.16.6 default latest nightly-latest"
LANGUAGES="cpp csharp go java javascript python" LANGUAGES="cpp csharp go java javascript python"
for version in $VERSIONS; do for version in $VERSIONS; do
pushd "./my-debug-artifacts-${version//./}" pushd "./my-debug-artifacts-${version//./}"

4
CHANGELOG.md
View file

@ -8,6 +8,10 @@ Note that the only difference between `v2` and `v3` of the CodeQL Action is the
No user facing changes. No user facing changes.
## 3.25.6 - 20 May 2024
- Update default CodeQL bundle version to 2.17.3. [#2295](https://github.com/github/codeql-action/pull/2295)
## 3.25.5 - 13 May 2024 ## 3.25.5 - 13 May 2024
- Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the [README.md](README.md). [#2273](https://github.com/github/codeql-action/pull/2273) - Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the [README.md](README.md). [#2273](https://github.com/github/codeql-action/pull/2273)

5
init/action.yml
View file

@ -36,10 +36,7 @@ inputs:
- `none`: The database will be created without building the source code. - `none`: The database will be created without building the source code.
Available for all interpreted languages and some compiled languages. Available for all interpreted languages and some compiled languages.
- `autobuild`: The database will be created by attempting to automatically build the source - `autobuild`: The database will be created by attempting to automatically build the source
code. code. Available for all compiled languages.
To use this build mode, ensure that your workflow calls the `autobuild` action
between the `init` and `analyze` steps.
Available for all compiled languages.
- `manual`: The database will be created by building the source code using a manually - `manual`: The database will be created by building the source code using a manually
specified build command. To use this build mode, specify manual build steps in specified build command. To use this build mode, specify manual build steps in
your workflow between the `init` and `analyze` steps. Available for all your workflow between the `init` and `analyze` steps. Available for all

8
lib/defaults.json
View file

@ -1,6 +1,6 @@
{ {
"bundleVersion": "codeql-bundle-v2.17.2", "bundleVersion": "codeql-bundle-v2.17.3",
"cliVersion": "2.17.2", "cliVersion": "2.17.3",
"priorBundleVersion": "codeql-bundle-v2.17.1", "priorBundleVersion": "codeql-bundle-v2.17.2",
"priorCliVersion": "2.17.1" "priorCliVersion": "2.17.2"
} }

2
node_modules/.package-lock.json generated vendored
View file

@ -1,6 +1,6 @@
{ {
"name": "codeql", "name": "codeql",
"version": "3.25.6", "version": "3.25.7",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {

4
package-lock.json generated
View file

@ -1,12 +1,12 @@
{ {
"name": "codeql", "name": "codeql",
"version": "3.25.6", "version": "3.25.7",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "codeql", "name": "codeql",
"version": "3.25.6", "version": "3.25.7",
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"@actions/artifact": "^1.1.2", "@actions/artifact": "^1.1.2",

2
package.json
View file

@ -1,6 +1,6 @@
{ {
"name": "codeql", "name": "codeql",
"version": "3.25.6", "version": "3.25.7",
"private": true, "private": true,
"description": "CodeQL action", "description": "CodeQL action",
"scripts": { "scripts": {

3
pr-checks/checks/multi-language-autodetect.yml
View file

@ -1,6 +1,7 @@
name: "Multi-language repository" name: "Multi-language repository"
description: "An end-to-end integration test of a multi-language repository using automatic language detection" description: "An end-to-end integration test of a multi-language repository using automatic language detection"
operatingSystems: ["ubuntu", "macos"] # TODO: Add ubuntu back for `nightly-latest` and `latest` once CLI v2.17.4 is available.
operatingSystems: ["macos"]
steps: steps:
- uses: actions/setup-go@v5 - uses: actions/setup-go@v5
with: with:

3
pr-checks/checks/scaling-reserved-ram.yml
View file

@ -1,6 +1,7 @@
name: "Scaling reserved RAM" name: "Scaling reserved RAM"
description: "An end-to-end integration test of a multi-language repository with the scaling_reserved_ram feature flag enabled" description: "An end-to-end integration test of a multi-language repository with the scaling_reserved_ram feature flag enabled"
operatingSystems: ["ubuntu", "macos"] # TODO: Add ubuntu back for `nightly-latest` and `latest` once CLI v2.17.4 is available.
operatingSystems: ["macos"]
env: env:
CODEQL_ACTION_SCALING_RESERVED_RAM: true CODEQL_ACTION_SCALING_RESERVED_RAM: true
steps: steps:

3
pr-checks/checks/swift-custom-build.yml
View file

@ -1,7 +1,8 @@
name: "Swift analysis using a custom build command" name: "Swift analysis using a custom build command"
description: "Tests creation of a Swift database using custom build" description: "Tests creation of a Swift database using custom build"
versions: ["latest", "default", "nightly-latest"] versions: ["latest", "default", "nightly-latest"]
operatingSystems: ["ubuntu", "macos"] # TODO: Add ubuntu back for `nightly-latest` and `latest` once CLI v2.17.4 is available.
operatingSystems: ["macos"]
env: env:
DOTNET_GENERATE_ASPNET_CERTIFICATE: "false" DOTNET_GENERATE_ASPNET_CERTIFICATE: "false"
steps: steps:

7
pr-checks/checks/unset-environment.yml
View file

@ -1,6 +1,8 @@
name: "Test unsetting environment variables" name: "Test unsetting environment variables"
description: "An end-to-end integration test that unsets some environment variables" description: "An end-to-end integration test that unsets some environment variables"
operatingSystems: ["ubuntu"] # TODO: Switch back to all versions once CLI v2.17.4 is available and running on ubuntu again.
versions: ["stable-v2.14.6", "stable-v2.15.5", "stable-v2.16.6", "latest", "default", "nightly-latest"]
operatingSystems: ["macos"] # TODO: Switch back to ubuntu for `nightly-latest` and `latest` once CLI v2.17.4 is available.
steps: steps:
- uses: ./../action/init - uses: ./../action/init
id: init id: init
@ -10,6 +12,9 @@ steps:
- uses: ./../action/.github/actions/setup-swift - uses: ./../action/.github/actions/setup-swift
with: with:
codeql-path: ${{ steps.init.outputs.codeql-path }} codeql-path: ${{ steps.init.outputs.codeql-path }}
- uses: actions/setup-go@v5
with:
go-version: '>=1.21.0'
- name: Build code - name: Build code
shell: bash shell: bash
# Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a

8
src/defaults.json
View file

@ -1,6 +1,6 @@
{ {
"bundleVersion": "codeql-bundle-v2.17.2", "bundleVersion": "codeql-bundle-v2.17.3",
"cliVersion": "2.17.2", "cliVersion": "2.17.3",
"priorBundleVersion": "codeql-bundle-v2.17.1", "priorBundleVersion": "codeql-bundle-v2.17.2",
"priorCliVersion": "2.17.1" "priorCliVersion": "2.17.2"
} }