-
Notifications
You must be signed in to change notification settings - Fork 334
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merge main into releases/v2 #1192
Conversation
This reverts commit 99d4397.
This reverts commit 43d0664.
This commit adds the packs and queries from the actions input to the config file used by the CodeQL CLI. When the `+` is used, the actions input value is combined with the config value and when it is not used, the input value overrides the config value. This commit also adds a bunch of integration tests for this feature. In order to avoid adding too many new jobs, all of the tests are run sequentially in a single job (matrixed across relevant operating systems and OSes).
When the codescanning config is being used by the CLI, there is a single query suite that is generated that contains all queries to be run by the analysis. This is different from the traditional way, where there are potentially three query suites: builtin, custom, and packs. We need to ensure that when the codescanning config is being used, only a single call to run queries is used, and this call uses the single generated query suite. Also, this commit changes the cutoff version for codescanning config to 2.10.1. Earlier versions work, but there were some bugs that are only fixed in 2.10.1 and later.
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
…er-versions Update supported GitHub Enterprise Server versions.
…ture-flag Enable bypassing the cached CodeQL bundle via a feature flag
Round fields in TRAP caching telemetry to integers
This should help us debug failures on `main` like this https://github.com/github/codeql-action/actions/runs/2875586196.
This should be more robust than determining whether the repo is the CodeQL Action or a fork of it.
…ests-on-push Modify `expect-error` input checking to fix errors on main
Fix TRAP cache upload timing
@aeisenberg Just going through the checklist here:
Could I get your 👍 that the docs team are aware of the query filtering documentation changes? |
Yes, documentation is being discussed here: https://github.com/github/docs-content/issues/7617 It is not ready and won't be for another week or two. Maybe we should update that changelog entry when we have documentation. |
Merging 5502fef into releases/v2
Conductor for this PR is @henrymercer
Contains the following pull requests:
@actions/cache
#1164 - Add dependency on@actions/cache
(@edoardopirovano)GITHUB_ACTION_REF
for local actions #1174 - Remove distrust ofGITHUB_ACTION_REF
for local actions (@edoardopirovano)expect-error
input to force PR check green on expected failure #1177 - Addexpect-error
input to force PR check green on expected failure (@angelapwen)util.promisify
instead of manually constructing promise #1184 - Useutil.promisify
instead of manually constructing promise (@edoardopirovano)expect-error
input checking to fix errors on main #1190 - Modifyexpect-error
input checking to fix errors on main (@henrymercer)Please review the following: