Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge main into v1 #720

Closed
wants to merge 22 commits into from
Closed

Merge main into v1 #720

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
78cda05
Update changelog and version after v1.0.12
invalid-email-address Aug 16, 2021
2eb8300
1.0.13
invalid-email-address Aug 16, 2021
e86cff2
Update checked-in dependencies
invalid-email-address Aug 16, 2021
2639547
Merge pull request #705 from github/mergeback/v1.0.12-to-main-b0e70410
edoardopirovano Aug 16, 2021
a2f0227
Bump webpack from 5.48.0 to 5.50.0 in /runner
dependabot[bot] Aug 16, 2021
e3151ae
Merge pull request #703 from github/dependabot/npm_and_yarn/runner/we…
edoardopirovano Aug 16, 2021
bf91ac9
fix indentation error on README.md
mlbo Aug 17, 2021
f0a2954
Merge pull request #706 from iotbo/main
edoardopirovano Aug 17, 2021
4ba53e3
Cache result of `codeql version`
edoardopirovano Aug 18, 2021
fb77829
Version flag usage of certain CLI flags
edoardopirovano Aug 18, 2021
70d2efc
Enforce a minimum version of CodeQL CLI
edoardopirovano Aug 18, 2021
e70ec1d
Test against oldest supported version
edoardopirovano Aug 18, 2021
fd45eac
Address PR comments from @henrymercer
edoardopirovano Aug 18, 2021
7208845
Update CodeQL bundle to 20210824 / 2.6.0
hmakholm Aug 24, 2021
132e08a
Bump version of testing pack
edoardopirovano Aug 24, 2021
50de2e4
Merge pull request #712 from github/hmakholm/pr/2.6.0
adityasharad Aug 24, 2021
a062fc9
Merge branch 'main' into cli-version
henrymercer Aug 25, 2021
a44b61d
Merge pull request #707 from edoardopirovano/cli-version
edoardopirovano Aug 25, 2021
b29bf7b
Upgrade linguist dependency
aeisenberg Aug 25, 2021
e2d592d
Merge pull request #714 from github/aeisenberg/update-linguist
aeisenberg Aug 26, 2021
a00e94b
1.0.13
invalid-email-address Aug 26, 2021
502403e
Update CHANGELOG.md
adityasharad Aug 26, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 24 additions & 8 deletions .github/workflows/pr-checks.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,7 @@ jobs:
with:
config-file: ".github/codeql/codeql-config-packaging2.yml"
languages: javascript
packs: dsp-testing/codeql-pack1@0.0.4, dsp-testing/codeql-pack2
packs: dsp-testing/codeql-pack1@0.0.5, dsp-testing/codeql-pack2

- name: Build code
shell: bash
Expand Down Expand Up @@ -206,7 +206,7 @@ jobs:
- uses: ./../action/init
with:
config-file: ".github/codeql/codeql-config-packaging3.yml"
packs: +dsp-testing/codeql-pack1@0.0.4
packs: +dsp-testing/codeql-pack1@0.0.5
languages: javascript

- name: Build code
Expand Down Expand Up @@ -248,7 +248,7 @@ jobs:
- uses: ./../action/init
with:
config-file: ".github/codeql/codeql-config-packaging3.yml"
packs: +dsp-testing/codeql-pack1@0.0.4
packs: +dsp-testing/codeql-pack1@0.0.5
languages: javascript
tools: latest
- name: Build code
Expand Down Expand Up @@ -292,7 +292,10 @@ jobs:
outputs:
versions: ${{ steps.compare.outputs.versions }}
nightly-url: ${{ steps.get-url.outputs.nightly-url }}

env:
# URL of the oldest release that we support, if this is being bumped then the constant
# CODEQL_MINIMUM_VERSION in the file codeql.ts should also be bumped to match this.
OLDEST_URL: https://github.com/github/codeql-action/releases/download/codeql-bundle-20201028/codeql-bundle.tar.gz
steps:
- uses: actions/checkout@v2
- name: Move codeql-action
Expand Down Expand Up @@ -336,31 +339,44 @@ jobs:
with:
tools: ${{ steps.get-url.outputs.nightly-url }}
languages: javascript
- name: Remove empty database
# allows us to run init a fourth time
run: |
rm -rf "$RUNNER_TEMP/codeql_databases"
- name: Init with a CodeQL bundle from the oldest supported release
id: init-oldest
uses: ./../action/init
with:
tools: ${{ env.OLDEST_URL }}
languages: javascript
- name: Compare CodeQL bundle versions
id: compare
env:
CODEQL_DEFAULT: ${{ steps.init-default.outputs.codeql-path }}
CODEQL_LATEST: ${{ steps.init-latest.outputs.codeql-path }}
CODEQL_NIGHTLY: ${{ steps.init-nightly.outputs.codeql-path }}
CODEQL_OLDEST: ${{ steps.init-oldest.outputs.codeql-path }}
NIGHTLY_URL: ${{ steps.get-url.outputs.nightly-url }}
run: |
CODEQL_VERSION_DEFAULT="$("$CODEQL_DEFAULT" version --format terse)"
CODEQL_VERSION_LATEST="$("$CODEQL_LATEST" version --format terse)"
CODEQL_VERSION_NIGHTLY="$("$CODEQL_NIGHTLY" version --format terse)"
CODEQL_VERSION_OLDEST="$("$CODEQL_OLDEST" version --format terse)"
echo "Default CodeQL bundle version is $CODEQL_VERSION_DEFAULT"
echo "Latest CodeQL bundle version is $CODEQL_VERSION_LATEST"
echo "Nightly CodeQL bundle version is $CODEQL_VERSION_NIGHTLY"
echo "Oldest supported CodeQL bundle version is $CODEQL_VERSION_OLDEST"

# If we're running on a pull request, run each integration test with all three bundles, even
# If we're running on a pull request, run each integration test with all four bundles, even
# if `tools: latest` would be the same as `tools: null`. This allows us to make the
# integration test job for each of the three bundles a required status check.
# integration test job for each of the four bundles a required status check.
#
# If we're running on push, then we can skip running with `tools: latest` when it would be
# the same as running with `tools: null`.
if [[ "$GITHUB_EVENT_NAME" != "pull_request" && "$CODEQL_VERSION_DEFAULT" == "$CODEQL_VERSION_LATEST" ]]; then
VERSIONS_JSON="[null, \"$NIGHTLY_URL\"]"
VERSIONS_JSON="[null, \"$NIGHTLY_URL\", \"$OLDEST_URL\"]"
else
VERSIONS_JSON="[null, \"$NIGHTLY_URL\", \"latest\"]"
VERSIONS_JSON="[null, \"$NIGHTLY_URL\", \"$OLDEST_URL\", \"latest\"]"
fi

# Output a JSON-encoded list with the distinct versions to test against.
Expand Down
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# CodeQL Action and CodeQL Runner Changelog

## 1.0.13 - 26 Aug 2021

- Update default CodeQL bundle version to 2.6.0. [#712](https://github.com/github/codeql-action/pull/712)

## 1.0.12 - 16 Aug 2021

- Update README to include a sample permissions block. [#689](https://github.com/github/codeql-action/pull/689)
Expand Down
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,8 +74,8 @@ jobs:
# project uses a compiled language

#- run: |
# make bootstrap
# make release
# make bootstrap
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
Expand Down
12 changes: 6 additions & 6 deletions lib/analyze.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/analyze.js.map
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion lib/autobuild.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/autobuild.js.map
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

52 changes: 41 additions & 11 deletions lib/codeql.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/codeql.js.map
View file
Open in desktop

Large diffs are not rendered by default.

Loading