Skip to content

Commit

Permalink
Merge pull request #2192 from github/update-v3.24.7-5e882999f
Browse files Browse the repository at this point in the history
* Update changelog and version after v3.24.6

* Update checked-in dependencies

* Bump the npm group with 3 updates (#2183)

* Bump the npm group with 3 updates

Bumps the npm group with 3 updates: [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser), [eslint-plugin-github](https://github.com/github/eslint-plugin-github) and [nock](https://github.com/nock/nock).


Updates `@typescript-eslint/parser` from 7.1.0 to 7.1.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.1.1/packages/parser)

Updates `eslint-plugin-github` from 4.10.1 to 4.10.2
- [Release notes](https://github.com/github/eslint-plugin-github/releases)
- [Commits](github/eslint-plugin-github@v4.10.1...v4.10.2)

Updates `nock` from 13.5.3 to 13.5.4
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](nock/nock@v13.5.3...v13.5.4)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: eslint-plugin-github
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update checked-in dependencies

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* Update supported GitHub Enterprise Server versions

* Update `languages` help

Recommend using a matrix build

* Remove experimental qualifiers from build mode input

* Escape named value in input description

* Fail `analyze` step by passing an invalid option to `database finalize` (#2189)

As the `ram: 1` trick won't work anymore with updates to the CLI.

* Update default bundle to 2.16.4 (#2185)

* Update default bundle to codeql-bundle-v2.16.4

* Add changelog note

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <[email protected]>

* Use the `--sarif-include-query-help` option when supported

* Bump the npm group with 2 updates (#2190)

* Bump the npm group with 2 updates

Bumps the npm group with 2 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [typescript](https://github.com/Microsoft/TypeScript).


Updates `@typescript-eslint/eslint-plugin` from 7.1.0 to 7.1.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.1.1/packages/eslint-plugin)

Updates `typescript` from 5.3.3 to 5.4.2
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.3.3...v5.4.2)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <[email protected]>

* Rebuild sources

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Andrew Eisenberg <[email protected]>

* Update changelog for v3.24.7

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Angela P Wen <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Henry Mercer <[email protected]>
Co-authored-by: Andrew Eisenberg <[email protected]>
  • Loading branch information
5 people authored Mar 12, 2024
2 parents 8a470fd + a006adf commit 3ab4101
Show file tree
Hide file tree
Showing 3,439 changed files with 13,734 additions and 136,539 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
4 changes: 3 additions & 1 deletion .github/workflows/debug-artifacts-failure.yml
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,11 @@ jobs:
run: ./build.sh
- uses: ./../action/analyze
id: analysis
env:
# Forces a failure in this step.
CODEQL_ACTION_EXTRA_OPTIONS: '{ "database": { "finalize": ["--invalid-option"] } }'
with:
expect-error: true
ram: 1
download-and-check-artifacts:
name: Download and check debug artifacts after failure in analyze
needs: upload-artifacts
Expand Down
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th

Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

## 3.24.7 - 12 Mar 2024

- Update default CodeQL bundle version to 2.16.4. [#2185](https://github.com/github/codeql-action/pull/2185)

## 3.24.6 - 29 Feb 2024

No user facing changes.
Expand Down
34 changes: 21 additions & 13 deletions init/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,25 +7,33 @@ inputs:
required: false
# If not specified the Action will check in several places until it finds the CodeQL tools.
languages:
description: |
A comma-separated value of the languages to be analysed e.g. python,javascript
description: >-
A comma-separated list of CodeQL languages to analyze.
Due to the performance benefit of parallelizing builds, we recommend specifying languages to
analyze using a matrix and providing `\$\{{ matrix.language }}` as this input.
For more information, see
https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#changing-the-languages-that-are-analyzed.
required: false
build-mode:
description: >-
[Experimental, for internal testing only] The build mode that will be used to analyze the language.
This input is only available in single-language analyses.
The build mode that will be used to analyze the language. This input is only available when
analyzing a single CodeQL language per job, for example using a matrix.
Available build modes will differ based on the language being analyzed. One of:
- none: The database will be created without building the source code.
Available for all interpreted languages and some compiled languages.
- autobuild: The database will be created by attempting to automatically build the source code.
To use this build mode, ensure that your workflow calls the `autobuild` action
between the `init` and `analyze` steps.
Available for all compiled languages.
- manual: The database will be created by building the source code using a manually specified
build command. To use this build mode, specify manual build steps in your workflow
between the `init` and `analyze` steps. Available for all compiled languages.
- `none`: The database will be created without building the source code.
Available for all interpreted languages and some compiled languages.
- `autobuild`: The database will be created by attempting to automatically build the source
code.
To use this build mode, ensure that your workflow calls the `autobuild` action
between the `init` and `analyze` steps.
Available for all compiled languages.
- `manual`: The database will be created by building the source code using a manually
specified build command. To use this build mode, specify manual build steps in
your workflow between the `init` and `analyze` steps. Available for all
compiled languages.
required: false
token:
description: GitHub token to use for authenticating with this instance of GitHub. To download custom packs from multiple registries, use the registries input.
Expand Down
2 changes: 1 addition & 1 deletion lib/api-compatibility.json
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{ "maximumVersion": "3.12", "minimumVersion": "3.8" }
{ "maximumVersion": "3.13", "minimumVersion": "3.8" }
16 changes: 13 additions & 3 deletions lib/codeql.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/codeql.js.map

Large diffs are not rendered by default.

8 changes: 4 additions & 4 deletions lib/defaults.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"bundleVersion": "codeql-bundle-v2.16.3",
"cliVersion": "2.16.3",
"priorBundleVersion": "codeql-bundle-v2.16.2",
"priorCliVersion": "2.16.2"
"bundleVersion": "codeql-bundle-v2.16.4",
"cliVersion": "2.16.4",
"priorBundleVersion": "codeql-bundle-v2.16.3",
"priorCliVersion": "2.16.3"
}
4 changes: 2 additions & 2 deletions lib/trap-caching.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/trap-caching.js.map

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/trap-caching.test.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 3ab4101

Please sign in to comment.