robojerk/codeql-action

Merge pull request #1664 from github/update-bundle/codeql-bundle-20230428

Browse source 
Update default bundle to 2.13.1
This commit is contained in:
Dave Bartolomeo 2023-05-04 00:32:01 -04:00 committed by GitHub
commit 318bcc7f84
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 19 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.github/workflows/__ml-powered-queries.yml generated vendored
View file

@ -114,7 +114,8 @@ jobs:
if: "!(matrix.version == 'stable-20220401' && runner.os == 'Windows')" if: "!(matrix.version == 'stable-20220401' && runner.os == 'Windows')"
with: with:
sarif-file: ${{ runner.temp }}/results/javascript.sarif sarif-file: ${{ runner.temp }}/results/javascript.sarif
queries-run: js/ml-powered/nosql-injection,js/ml-powered/path-injection,js/ml-powered/sql-injection,js/ml-powered/xss queries-run:
js/ml-powered/nosql-injection,js/ml-powered/path-injection,js/ml-powered/sql-injection,js/ml-powered/xss
queries-not-run: foo,bar queries-not-run: foo,bar
- name: Check results - name: Check results

3
.github/workflows/__packaging-codescanning-config-inputs-js.yml generated vendored
View file

@ -83,7 +83,8 @@ jobs:
uses: ./../action/.github/actions/check-sarif uses: ./../action/.github/actions/check-sarif
with: with:
sarif-file: ${{ runner.temp }}/results/javascript.sarif sarif-file: ${{ runner.temp }}/results/javascript.sarif
queries-run: javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block queries-run:
javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
queries-not-run: foo,bar queries-not-run: foo,bar
- name: Assert Results - name: Assert Results

3
.github/workflows/__packaging-config-inputs-js.yml generated vendored
View file

@ -83,7 +83,8 @@ jobs:
uses: ./../action/.github/actions/check-sarif uses: ./../action/.github/actions/check-sarif
with: with:
sarif-file: ${{ runner.temp }}/results/javascript.sarif sarif-file: ${{ runner.temp }}/results/javascript.sarif
queries-run: javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block queries-run:
javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
queries-not-run: foo,bar queries-not-run: foo,bar
- name: Assert Results - name: Assert Results

3
.github/workflows/__packaging-config-js.yml generated vendored
View file

@ -82,7 +82,8 @@ jobs:
uses: ./../action/.github/actions/check-sarif uses: ./../action/.github/actions/check-sarif
with: with:
sarif-file: ${{ runner.temp }}/results/javascript.sarif sarif-file: ${{ runner.temp }}/results/javascript.sarif
queries-run: javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block queries-run:
javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
queries-not-run: foo,bar queries-not-run: foo,bar
- name: Assert Results - name: Assert Results

3
.github/workflows/__packaging-inputs-js.yml generated vendored
View file

@ -82,7 +82,8 @@ jobs:
uses: ./../action/.github/actions/check-sarif uses: ./../action/.github/actions/check-sarif
with: with:
sarif-file: ${{ runner.temp }}/results/javascript.sarif sarif-file: ${{ runner.temp }}/results/javascript.sarif
queries-run: javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block queries-run:
javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
queries-not-run: foo,bar queries-not-run: foo,bar
- name: Assert Results - name: Assert Results

1
CHANGELOG.md
View file

@ -2,6 +2,7 @@
## [UNRELEASED] ## [UNRELEASED]
- Update default CodeQL bundle version to 2.13.1. [#1664](https://github.com/github/codeql-action/pull/1664)
- You can now configure CodeQL within your code scanning workflow by passing a `config` input to the `init` Action. See [Using a custom configuration file](https://aka.ms/code-scanning-docs/config-file) for more information about configuring code scanning. [#1590](https://github.com/github/codeql-action/pull/1590) - You can now configure CodeQL within your code scanning workflow by passing a `config` input to the `init` Action. See [Using a custom configuration file](https://aka.ms/code-scanning-docs/config-file) for more information about configuring code scanning. [#1590](https://github.com/github/codeql-action/pull/1590)
## 2.3.2 - 27 Apr 2023 ## 2.3.2 - 27 Apr 2023

8
lib/defaults.json
View file

@ -1,6 +1,6 @@
{ {
"bundleVersion": "codeql-bundle-20230414", "bundleVersion": "codeql-bundle-20230428",
"cliVersion": "2.13.0", "cliVersion": "2.13.1",
"priorBundleVersion": "codeql-bundle-20230403", "priorBundleVersion": "codeql-bundle-20230414",
"priorCliVersion": "2.12.6" "priorCliVersion": "2.13.0"
} }

8
src/defaults.json
View file

@ -1,6 +1,6 @@
{ {
"bundleVersion": "codeql-bundle-20230414", "bundleVersion": "codeql-bundle-20230428",
"cliVersion": "2.13.0", "cliVersion": "2.13.1",
"priorBundleVersion": "codeql-bundle-20230403", "priorBundleVersion": "codeql-bundle-20230414",
"priorCliVersion": "2.12.6" "priorCliVersion": "2.13.0"
} }