From 21be2b0e7433d9b26bfe3968d9711e0aa3e849ab Mon Sep 17 00:00:00 2001
From: Alison Jo <2660348+alisonjo315@users.noreply.github.com>
Date: Tue, 13 Oct 2020 04:18:52 -0400
Subject: [PATCH 1/9] remove trailing space from link in quotes
---
.../about-comparing-branches-in-pull-requests.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/content/github/collaborating-with-issues-and-pull-requests/about-comparing-branches-in-pull-requests.md b/content/github/collaborating-with-issues-and-pull-requests/about-comparing-branches-in-pull-requests.md
index bf7cded43c3c..c66689d29b11 100644
--- a/content/github/collaborating-with-issues-and-pull-requests/about-comparing-branches-in-pull-requests.md
+++ b/content/github/collaborating-with-issues-and-pull-requests/about-comparing-branches-in-pull-requests.md
@@ -54,7 +54,7 @@ A two-dot diff compares two Git committish references, such as SHAs or OIDs (Obj
If you want to simulate a two-dot diff in a pull request and see a comparison between the most recent versions of each branch, you can merge the base branch into your topic branch, which updates the last common ancestor between your branches.
-For more information about Git commands to compare changes, see "[Git diff options ](https://git-scm.com/docs/git-diff#git-diff-emgitdiffemltoptionsgtltcommitgtltcommitgt--ltpathgt82308203)" from the _Pro Git_ book site.
+For more information about Git commands to compare changes, see "[Git diff options](https://git-scm.com/docs/git-diff#git-diff-emgitdiffemltoptionsgtltcommitgtltcommitgt--ltpathgt82308203)" from the _Pro Git_ book site.
### Reasons diffs will not display
- You've exceeded the total limit of files or certain file types. For more information, see "[Limits for viewing content and diffs in a repository](/articles/limits-for-viewing-content-and-diffs-in-a-repository/#diff-limits)."
From 535ebb20b9140cdeea0350f648d881b1a9762613 Mon Sep 17 00:00:00 2001
From: "allcontributors[bot]"
<46447321+allcontributors[bot]@users.noreply.github.com>
Date: Tue, 13 Oct 2020 14:42:10 +0000
Subject: [PATCH 2/9] docs: update README.md [skip ci]
---
README.md | 76 +++++++++++++++++++++++++++----------------------------
1 file changed, 38 insertions(+), 38 deletions(-)
diff --git a/README.md b/README.md
index 837d2cf61cd1..f4b96999b920 100644
--- a/README.md
+++ b/README.md
@@ -80,58 +80,58 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
-
+
-
This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!
From afb68b5d5942a15ff31ea3ca205d6661e4053e65 Mon Sep 17 00:00:00 2001
From: "allcontributors[bot]"
<46447321+allcontributors[bot]@users.noreply.github.com>
Date: Tue, 13 Oct 2020 14:42:11 +0000
Subject: [PATCH 3/9] docs: update .all-contributorsrc [skip ci]
---
.all-contributorsrc | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/.all-contributorsrc b/.all-contributorsrc
index 405e028630c1..7c7775d2976b 100644
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@@ -358,6 +358,15 @@
"contributions": [
"code"
]
+ },
+ {
+ "login": "Protectator",
+ "name": "Kewin Dousse",
+ "avatar_url": "https://avatars3.githubusercontent.com/u/1529017?v=4",
+ "profile": "https://www.kewindousse.ch",
+ "contributions": [
+ "content"
+ ]
}
],
"contributorsPerLine": 7,
From dbd6ddcdc8d39fea79c0e93ffb57f63d9afc3df7 Mon Sep 17 00:00:00 2001
From: "allcontributors[bot]"
<46447321+allcontributors[bot]@users.noreply.github.com>
Date: Tue, 13 Oct 2020 14:42:52 +0000
Subject: [PATCH 4/9] docs: update README.md [skip ci]
From a941bdaa2119b940f84af377548fb9e93a70aeb4 Mon Sep 17 00:00:00 2001
From: "allcontributors[bot]"
<46447321+allcontributors[bot]@users.noreply.github.com>
Date: Tue, 13 Oct 2020 14:42:53 +0000
Subject: [PATCH 5/9] docs: update .all-contributorsrc [skip ci]
From fd130da97785aa23773e7b69db0f02f7e1428fce Mon Sep 17 00:00:00 2001
From: mc <42146119+mchammer01@users.noreply.github.com>
Date: Tue, 13 Oct 2020 16:02:24 +0100
Subject: [PATCH 6/9] Code Scanning python setup (#15972)
* document new behavior for Python analysis
* add versioning
* update the second article
* add link to Cnfiguring article
* add word
* polishing
* Apply suggestions from code review
Co-authored-by: Felicity Chapman
* address review comments
* add comments in yaml snippet
* remove contraction
* Update content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md
Co-authored-by: Felicity Chapman
* commit changes
* false, not true
* write comments over 2 lines
* again
* remove white spaces
Co-authored-by: Felicity Chapman
---
.../configuring-code-scanning.md | 46 +++++++++++++++++++
.../troubleshooting-the-codeql-workflow.md | 9 ++++
2 files changed, 55 insertions(+)
diff --git a/content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md b/content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md
index 7906c341ae70..af2300e7a3c5 100644
--- a/content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md
+++ b/content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md
@@ -130,6 +130,52 @@ If your workflow does not contain a matrix called `language`, then {% data varia
with:
languages: cpp, csharp, python
```
+{% if currentVersion == "free-pro-team@latest" %}
+### Analyzing Python dependencies
+
+For GitHub-hosted runners that use Linux only, the {% data variables.product.prodname_codeql_workflow %} will try to auto-install Python dependencies to give more results for the CodeQL analysis. You can control this behavior by specifying the `setup-python-dependencies` parameter for the action called by the "Initialize CodeQL" step. By default, this parameter is set to `true`:
+
+- If the repository contains code written in Python, the "Initialize CodeQL" step installs the necessary dependencies on the GitHub-hosted runner. If the auto-install succeeds, the action also sets the environment variable `CODEQL_PYTHON` to the Python executable file that includes the dependencies.
+
+- If the repository doesn't have any Python dependencies, or the dependencies are specified in an unexpected way, you'll get a warning and the action will continue with the remaining jobs. The action can run successfully even when there are problems interpreting dependencies, but the results may be incomplete.
+
+Alternatively, you can install Python dependencies manually on any operating system. You will need to add `setup-python-dependencies` and set it to `false`, as well as set `CODEQL_PYTHON` to the Python executable that includes the dependencies, as shown in this workflow extract:
+
+```yaml
+jobs:
+ CodeQL-Build:
+
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v2
+ with:
+ fetch-depth: 2
+ - name: Set up Python
+ uses: actions/setup-python@v2
+ with:
+ python-version: '3.x'
+ - name: Install dependencies
+ run: |
+ python -m pip install --upgrade pip
+ if [ -f requirements.txt ];
+ then pip install -r requirements.txt;
+ fi
+ # Set the `CODEQL-PYTHON` environment variable to the Python executable
+ # that includes the dependencies
+ echo "::set-env name=CODEQL_PYTHON::$(which python)"
+ - run: git checkout HEAD^2
+ if: ${{ github.event_name == 'pull_request' }}
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v1
+ with:
+ languages: python
+ # Override the default behavior so that the action doesn't attempt
+ # to auto-install Python dependencies
+ setup-python-dependencies: false
+```
+{% endif %}
### Running additional queries
diff --git a/content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow.md b/content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow.md
index baadd06ebb14..f42dbb3db617 100644
--- a/content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow.md
+++ b/content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow.md
@@ -114,3 +114,12 @@ If you split your analysis into multiple workflows as described above, we still
#### Run only during a `schedule` event
If your analysis is still too slow to be run during `push` or `pull_request` events, then you may want to only trigger analysis on the `schedule` event. For more information, see "[Events](/actions/learn-github-actions/introduction-to-github-actions#events)."
+
+{% if currentVersion == "free-pro-team@latest" %}
+### Results differ between analysis platforms
+
+If you are analyzing code written in Python, you may see different results depending on whether you run the {% data variables.product.prodname_codeql_workflow %} on Linux, macOS, or Windows.
+
+On GitHub-hosted runners that use Linux, the {% data variables.product.prodname_codeql_workflow %} tries to install and analyze Python dependencies, which could lead to more results. To disable the auto-install, add `setup-python-dependencies: false` to the "Initialize CodeQL" step of the workflow. For more information about configuring the analysis of Python dependencies, see "[Analyzing Python dependencies](/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#analyzing-python-dependencies)."
+
+{% endif %}
\ No newline at end of file
From 9e89fe9656c5e9f14652b2b754918e1884b58b38 Mon Sep 17 00:00:00 2001
From: Chiedo John <2156688+chiedo@users.noreply.github.com>
Date: Tue, 13 Oct 2020 11:26:45 -0400
Subject: [PATCH 7/9] Enable manual Crowdin runs (#16009)
Co-authored-by: Chiedo
---
.github/workflows/crowdin.yml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml
index 48100cbbe1d0..b9ceee7e5b2b 100644
--- a/.github/workflows/crowdin.yml
+++ b/.github/workflows/crowdin.yml
@@ -3,6 +3,7 @@
name: Crowdin Sync
on:
+ workflow_dispatch:
push:
branches:
- main
@@ -47,4 +48,4 @@ jobs:
# This token was created by logging into Crowdin with the octoglot user
CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
-
\ No newline at end of file
+
From 5439891d1de9ad2be99c12baf43e072f9d1dc455 Mon Sep 17 00:00:00 2001
From: Zeke Sikelianos
Date: Tue, 13 Oct 2020 10:01:31 -0700
Subject: [PATCH 8/9] Run Crowdin workflow only on private repo and update
CODEOWNERS (#16010)
* only run Crowdin workflow on private repo
Co-Authored-By: Chiedo John <2156688+chiedo@users.noreply.github.com>
* organize codeowners for localization-related files
Co-Authored-By: Chiedo John <2156688+chiedo@users.noreply.github.com>
* do not upload translations
Co-Authored-By: Chiedo John <2156688+chiedo@users.noreply.github.com>
Co-authored-by: Chiedo John <2156688+chiedo@users.noreply.github.com>
---
.github/CODEOWNERS | 9 +++++++--
.github/workflows/crowdin.yml | 3 ++-
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index eb71a6edef7a..3eb7f05d4013 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -3,16 +3,21 @@
# https://help.github.com/articles/about-codeowners
# https://git-scm.com/docs/gitignore
-/translations/ @github/docs-localization @github-actions
+# Engineering
*.js @github/docs-engineering
/.github/ @github/docs-engineering
/script/ @github/docs-engineering
app.json @github/docs-engineering
-crowdin.yml @github/docs-engineering
Dockerfile @github/docs-engineering
package-lock.json @github/docs-engineering
package.json @github/docs-engineering
+# Localization
+/.github/workflows/crowdin.yml @github/docs-localization
+/crowdin*.yml @github/docs-engineering @github/docs-localization
+/translations/ @github/docs-engineering @github/docs-localization @github-actions
+
+# Site Policy
/content/github/site-policy/ @github/site-policy-admins
# Make sure that Octokit maintainers get notified about changes
diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml
index b9ceee7e5b2b..89b4f42689e6 100644
--- a/.github/workflows/crowdin.yml
+++ b/.github/workflows/crowdin.yml
@@ -11,6 +11,7 @@ on:
jobs:
sync_with_crowdin:
name: Sync with Crowdin
+ if: github.repository == 'github/docs-internal'
runs-on: ubuntu-latest
steps:
- name: Checkout
@@ -19,7 +20,7 @@ jobs:
- name: Sync
uses: crowdin/github-action@1.0.10
with:
- upload_translations: true
+ upload_translations: false
download_translations: true
create_pull_request: true
From fe95555f912c6a012613348185d9ac93df465c2f Mon Sep 17 00:00:00 2001
From: Jason Etcovitch
Date: Tue, 13 Oct 2020 16:37:47 -0400
Subject: [PATCH 9/9] Use pull_request_target (#457)
---
.github/workflows/merged-notification.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/merged-notification.yml b/.github/workflows/merged-notification.yml
index 2251541a639e..8e821a002009 100644
--- a/.github/workflows/merged-notification.yml
+++ b/.github/workflows/merged-notification.yml
@@ -1,5 +1,5 @@
on:
- pull_request:
+ pull_request_target:
types: ['closed']
jobs:
