Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support updating CodeQL config #75

Merged
30 commits merged into from May 9, 2023
Merged

Support updating CodeQL config #75

30 commits merged into from May 9, 2023

Conversation

ghost
Copy link

@ghost ghost commented Apr 21, 2023

This PR adds support for updating the current configuration for CodeQL.

@ghost ghost changed the title [WIP] Update CodeQL config Support updating CodeQL config Apr 24, 2023
@ghost ghost marked this pull request as ready for review April 24, 2023 03:21
@ghost ghost requested a review from jboursier-mwb April 24, 2023 03:22
@ghost ghost closed this Apr 24, 2023
@ghost ghost reopened this Apr 24, 2023
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 24, 2023
View reviewed changes
src/ghas_cli/utils/network.py Fixed Show fixed Hide fixed
src/ghas_cli/utils/teams.py Fixed Show fixed Hide fixed
src/ghas_cli/utils/repositories.py Fixed Show resolved Hide resolved
jboursier-mwb
jboursier-mwb requested changes Apr 24, 2023
View reviewed changes
Copy link
Collaborator

@jboursier-mwb jboursier-mwb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great changes! Just a couple of minor details I think should be fixed before merging, but great addition otherwise! 🥳

src/ghas_cli/utils/repositories.py Fixed Show resolved Hide resolved
src/ghas_cli/utils/repositories.py Outdated Show resolved Hide resolved
@jboursier-mwb jboursier-mwb added the enhancement New feature or request label Apr 24, 2023
@jboursier-mwb jboursier-mwb assigned ghost Apr 24, 2023
@jboursier-mwb jboursier-mwb self-requested a review April 24, 2023 13:36
@jboursier-mwb
Copy link
Collaborator

👍🏻

@ghost
Copy link
Author

ghost commented Apr 24, 2023

Disregard the part about scanning on every PR, it seems we can use '**'.

jboursier-mwb added 17 commits May 9, 2023 16:08
@jboursier-mwb
Rename some variables
d8b3db7 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Support custom format for repositories team listing
aceb30a 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Remove unused import to make CodeQL happy
a403bf5 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Update CodeQL templates
b25de06 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Ability to export a list of repositories last updated before a specif…
f72b016 
…ied time

Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Ability to archive a repository
f4ce732 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Catch Exception only
14657ec 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Return a boolean
2eeb500 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Mass archive a list of repositories
12a82cd 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Create an issue to inform of the upcoming archive event
63915c1 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Add a link to GitHub's documentation
bc31f74 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Remove unused variable
8c0e775 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Check archivable status on all repositories, not just public ones
6d602ea 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Remove excessive logging
42b83b7 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Fix typo
41b4bc8 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Improve issue creation output
6297c1c 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
* Add debugging steps
575e21a 
* Improve archiving issue body to be more explanatory
* Fix rate-limit handling

Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
jboursier-mwb and others added 11 commits May 9, 2023 16:08
@jboursier-mwb
Use a passed repository list instead of having to generate the list e…
3af9b64 
…verytime

Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Remove debug lines
a801642 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Pass X-GitHub-Api-Version header to use the new calendar versioning
86df5f1 
Close #58

Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@jboursier-mwb
Bump dependencies
5588812 
Signed-off-by: jboursier <jboursier@malwarebytes.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@dependabot
Bump urllib3 from 1.26.14 to 1.26.15
49762f1 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.14 to 1.26.15.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.26.14...1.26.15)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
add authorization check
4469b93 
Signed-off-by: Security & Stuff <74931194+SecurityAndStuff@users.noreply.github.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
lint
b4c1093 
Signed-off-by: Security & Stuff <74931194+SecurityAndStuff@users.noreply.github.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
make security-extended a default
f0ab42b 
Signed-off-by: Security & Stuff <74931194+SecurityAndStuff@users.noreply.github.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@dependabot
Bump requests from 2.28.2 to 2.29.0
b1ac887 
Bumps [requests](https://github.com/psf/requests) from 2.28.2 to 2.29.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.28.2...v2.29.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@dependabot
Bump requests from 2.29.0 to 2.30.0
65a8e4c 
Bumps [requests](https://github.com/psf/requests) from 2.29.0 to 2.30.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.29.0...v2.30.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
Merge branch 'main' into update_codeql_config
8e054fa 
Signed-off-by: Security & Stuff <74931194+SecurityAndStuff@users.noreply.github.com>
github-advanced-security[bot]
github-advanced-security bot found potential problems May 9, 2023
View reviewed changes
src/cli.py Fixed Show fixed Hide fixed
ssousa-mwb added 2 commits May 9, 2023 16:30
appease codeql
adf8226 
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
fix merge
4290dc2 
Signed-off-by: Security & Stuff <74931194+SecurityAndStuff@users.noreply.github.com>
Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com>
@ghost ghost merged commit 216c984 into Malwarebytes:main May 9, 2023
@ghost ghost deleted the update_codeql_config branch May 9, 2023 15:42
svc-productsecurity-mwb added a commit that referenced this pull request May 10, 2023
@svc-productsecurity-mwb
Revert "Support updating CodeQL config (#75)"
f93712c 
This reverts commit 216c984.
@svc-productsecurity-mwb svc-productsecurity-mwb mentioned this pull request May 10, 2023
Merged
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jboursier-mwb