Skip to content

Commit

Permalink
Merge pull request #1669 from github/update-v2.3.3-318bcc7f8
Browse files Browse the repository at this point in the history
Merge main into releases/v2
  • Loading branch information
dbartol authored May 4, 2023
2 parents f3feb00 + 140500d commit 29b1f65
Show file tree
Hide file tree
Showing 25 changed files with 428 additions and 72 deletions.
3 changes: 2 additions & 1 deletion .github/workflows/__ml-powered-queries.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion .github/workflows/__packaging-config-inputs-js.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion .github/workflows/__packaging-config-js.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion .github/workflows/__packaging-inputs-js.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
# CodeQL Action Changelog

## 2.3.3 - 04 May 2023

- Update default CodeQL bundle version to 2.13.1. [#1664](https://github.com/github/codeql-action/pull/1664)
- You can now configure CodeQL within your code scanning workflow by passing a `config` input to the `init` Action. See [Using a custom configuration file](https://aka.ms/code-scanning-docs/config-file) for more information about configuring code scanning. [#1590](https://github.com/github/codeql-action/pull/1590)

## 2.3.2 - 27 Apr 2023

No user facing changes.
Expand Down
33 changes: 32 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,38 @@ By default, this will override any queries specified in a config file. If you wi
queries: +<local-or-remote-query>,<another-query>
```

### Configuration via `config` input

You can alternatively configure CodeQL using the `config` input to the `init` Action. The value of this input must be a YAML string that follows the configuration file format documented at "[Using a custom configuration file](https://aka.ms/code-scanning-docs/config-file)."

#### Example configuration

```yaml
- uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
config: |
disable-default-queries: true
queries:
- uses: security-extended
- uses: security-and-quality
query-filters:
- include:
tags: /cwe-020/
```


#### Sharing configuration across multiple repositories

You can use Actions or environment variables to share configuration across multiple repositories and to modify configuration without needing to edit the workflow file. In the following example, `vars.CODEQL_CONF` is an [Actions configuration variable](https://docs.github.com/en/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows):

```yaml
- uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
config: ${{ vars.CODEQL_CONF }}
```

## Troubleshooting

Read about [troubleshooting code scanning](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-code-scanning).

3 changes: 3 additions & 0 deletions init/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,9 @@ inputs:
db-location:
description: Path where CodeQL databases should be created. If not specified, a temporary directory will be used.
required: false
config:
description: Configuration passed as a YAML string in the same format as the config-file input. This takes precedence over the config-file input.
required: false
queries:
description: Comma-separated list of additional queries to run. By default, this overrides the same setting in a configuration file; prefix with "+" to use both sets of queries.
required: false
Expand Down
11 changes: 10 additions & 1 deletion lib/config-utils.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/config-utils.js.map

Large diffs are not rendered by default.

Loading

0 comments on commit 29b1f65

Please sign in to comment.