robojerk/codeql-action

add first_party_analysis boolean to all status reports

Browse source
This commit is contained in:
nickfyson 2024-02-01 16:02:52 +00:00
parent 592977e6ae
commit a7dc229496
15 changed files with 126 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

14
lib/actions-util.js generated
View file

@ -23,12 +23,13 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.getFileType = exports.getWorkflowRunAttempt = exports.getWorkflowRunID = exports.getUploadValue = exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.getWorkflowEventName = exports.getActionVersion = exports.getRef = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
exports.getFileType = exports.getWorkflowRunAttempt = exports.getWorkflowRunID = exports.getUploadValue = exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.getWorkflowEventName = exports.isFirstPartyAnalysis = exports.getActionVersion = exports.getRef = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
const fs = __importStar(require("fs"));
const path = __importStar(require("path"));
const core = __importStar(require("@actions/core"));
const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
const safeWhich = __importStar(require("@chrisgavin/safe-which"));
const environment_1 = require("./environment");
const util_1 = require("./util");
// eslint-disable-next-line import/no-commonjs
const pkg = require("../package.json");
@ -236,6 +237,17 @@ function getActionVersion() {
return pkg.version;
}
exports.getActionVersion = getActionVersion;
/**
* @returns a boolean indicating whether the analysis is considered to be first party.
*
* This is based on whether the init action has been used, which is only used for first party analysis.
* When a SARIF file has been generated by other means and submitted using the upload action, this is
* considered to be a third party analysis and is treated differently when calculating SLOs.
*/
function isFirstPartyAnalysis() {
return process.env[environment_1.EnvVar.INIT_ACTION_HAS_RUN] === "true";
}
exports.isFirstPartyAnalysis = isFirstPartyAnalysis;
/**
* Returns the name of the event that triggered this workflow.
*