Skip to content

Commit

Permalink
Merge branch 'main' into cklin/codeql-cli-2.11.5
Browse files Browse the repository at this point in the history
  • Loading branch information
cklin authored Dec 7, 2022
2 parents 1e5919b + 79166d0 commit c51babb
Show file tree
Hide file tree
Showing 65 changed files with 1,102 additions and 332 deletions.
21 changes: 9 additions & 12 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -1,20 +1,17 @@
version: 2
updates:
- package-ecosystem: "npm"
- package-ecosystem: npm
directory: "/"
schedule:
interval: "weekly"
day: "thursday" # Gives us a working day to merge this before our typical release
interval: weekly
labels:
- "Update dependencies"
- Update dependencies
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-minor", "version-update:semver-patch"]
- package-ecosystem: "npm"
directory: "/runner"
update-types:
- version-update:semver-minor
- version-update:semver-patch
- package-ecosystem: github-actions
directory: "/"
schedule:
interval: "weekly"
day: "thursday" # Gives us a working day to merge this before our typical release
ignore:
- dependency-name: "*"
update-types: ["version-update:semver-minor", "version-update:semver-patch"]
interval: weekly
4 changes: 2 additions & 2 deletions .github/workflows/__export-file-baseline-information.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions .github/workflows/__multi-language-autodetect.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

72 changes: 72 additions & 0 deletions .github/workflows/__submit-sarif-failure.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions .github/workflows/__swift-autobuild.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions .github/workflows/__swift-custom-build.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/pr-checks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ jobs:
fi
- name: Set up Python
uses: actions/setup-python@v3
uses: actions/setup-python@v4
with:
python-version: 3.8

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/python-deps.yml
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,7 @@ jobs:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3

- uses: actions/setup-python@v3
- uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python_version }}

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/update-release-branch.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
fetch-depth: 0

- name: Set up Python
uses: actions/setup-python@v3
uses: actions/setup-python@v4
with:
python-version: 3.8

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:

steps:
- name: Setup Python
uses: actions/setup-python@v3
uses: actions/setup-python@v4
with:
python-version: "3.7"
- name: Checkout CodeQL Action
Expand All @@ -35,7 +35,7 @@ jobs:
env:
ENTERPRISE_RELEASES_PATH: ${{ github.workspace }}/enterprise-releases/
- name: Commit Changes
uses: peter-evans/create-pull-request@c7f493a8000b8aeb17a1332e326ba76b57cb83eb # v3.4.1
uses: peter-evans/create-pull-request@2b011faafdcbc9ceb11414d64d0573f37c774b04 # v4.2.3
with:
commit-message: Update supported GitHub Enterprise Server versions.
title: Update supported GitHub Enterprise Server versions.
Expand Down
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
## [UNRELEASED]

- Update default CodeQL bundle version to 2.11.5. [#1412](https://github.com/github/codeql-action/pull/1412)
- Add a step that tries to upload a SARIF file for the workflow run when that workflow run fails. This will help better surface failed code scanning workflow runs. [#1393](https://github.com/github/codeql-action/pull/1393)
- Python automatic dependency installation will no longer consider dependecy code installed in venv as user-written, for projects using Poetry that specify `virtualenvs.in-project = true` in their `poetry.toml`. [#1419](https://github.com/github/codeql-action/pull/1419).

## 2.1.35 - 01 Dec 2022

Expand Down
2 changes: 2 additions & 0 deletions analyze/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ inputs:
upload:
description: Upload the SARIF file to Code Scanning
required: false
# If changing this, make sure to update workflow.ts accordingly.
default: "true"
cleanup-level:
description: "Level of cleanup to perform on CodeQL databases at the end of the analyze step. This should either be 'none' to skip cleanup, or be a valid argument for the --mode flag of the CodeQL CLI command 'codeql database cleanup' as documented at https://codeql.github.com/docs/codeql-cli/manual/database-cleanup"
Expand Down Expand Up @@ -44,6 +45,7 @@ inputs:
checkout_path:
description: "The path at which the analyzed repository was checked out. Used to relativize any absolute paths in the uploaded SARIF file."
required: false
# If changing this, make sure to update workflow.ts accordingly.
default: ${{ github.workspace }}
ref:
description: "The ref where results will be uploaded. If not provided, the Action will use the GITHUB_REF environment variable. If provided, the sha input must be provided as well. This input is not available in pull requests from forks."
Expand Down
8 changes: 4 additions & 4 deletions lib/actions-util.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit c51babb

Please sign in to comment.