Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge main into releases/v3 #2192

Merged
merged 16 commits into from
Mar 12, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
The diff you're trying to view is too large. We only load the first 3000 changed files.
4 changes: 3 additions & 1 deletion .github/workflows/debug-artifacts-failure.yml
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,11 @@ jobs:
run: ./build.sh
- uses: ./../action/analyze
id: analysis
env:
# Forces a failure in this step.
CODEQL_ACTION_EXTRA_OPTIONS: '{ "database": { "finalize": ["--invalid-option"] } }'
with:
expect-error: true
ram: 1
download-and-check-artifacts:
name: Download and check debug artifacts after failure in analyze
needs: upload-artifacts
Expand Down
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th

Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

## 3.24.7 - 12 Mar 2024

- Update default CodeQL bundle version to 2.16.4. [#2185](https://github.com/github/codeql-action/pull/2185)

## 3.24.6 - 29 Feb 2024

No user facing changes.
Expand Down
34 changes: 21 additions & 13 deletions init/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,25 +7,33 @@ inputs:
required: false
# If not specified the Action will check in several places until it finds the CodeQL tools.
languages:
description: |
A comma-separated value of the languages to be analysed e.g. python,javascript
description: >-
A comma-separated list of CodeQL languages to analyze.

Due to the performance benefit of parallelizing builds, we recommend specifying languages to
analyze using a matrix and providing `\$\{{ matrix.language }}` as this input.

For more information, see
https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#changing-the-languages-that-are-analyzed.
required: false
build-mode:
description: >-
[Experimental, for internal testing only] The build mode that will be used to analyze the language.
This input is only available in single-language analyses.
The build mode that will be used to analyze the language. This input is only available when
analyzing a single CodeQL language per job, for example using a matrix.

Available build modes will differ based on the language being analyzed. One of:

- none: The database will be created without building the source code.
Available for all interpreted languages and some compiled languages.
- autobuild: The database will be created by attempting to automatically build the source code.
To use this build mode, ensure that your workflow calls the `autobuild` action
between the `init` and `analyze` steps.
Available for all compiled languages.
- manual: The database will be created by building the source code using a manually specified
build command. To use this build mode, specify manual build steps in your workflow
between the `init` and `analyze` steps. Available for all compiled languages.
- `none`: The database will be created without building the source code.
Available for all interpreted languages and some compiled languages.
- `autobuild`: The database will be created by attempting to automatically build the source
code.
To use this build mode, ensure that your workflow calls the `autobuild` action
between the `init` and `analyze` steps.
Available for all compiled languages.
- `manual`: The database will be created by building the source code using a manually
specified build command. To use this build mode, specify manual build steps in
your workflow between the `init` and `analyze` steps. Available for all
compiled languages.
required: false
token:
description: GitHub token to use for authenticating with this instance of GitHub. To download custom packs from multiple registries, use the registries input.
Expand Down
2 changes: 1 addition & 1 deletion lib/api-compatibility.json
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{ "maximumVersion": "3.12", "minimumVersion": "3.8" }
{ "maximumVersion": "3.13", "minimumVersion": "3.8" }
16 changes: 13 additions & 3 deletions lib/codeql.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/codeql.js.map

Large diffs are not rendered by default.

8 changes: 4 additions & 4 deletions lib/defaults.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"bundleVersion": "codeql-bundle-v2.16.3",
"cliVersion": "2.16.3",
"priorBundleVersion": "codeql-bundle-v2.16.2",
"priorCliVersion": "2.16.2"
"bundleVersion": "codeql-bundle-v2.16.4",
"cliVersion": "2.16.4",
"priorBundleVersion": "codeql-bundle-v2.16.3",
"priorCliVersion": "2.16.3"
}
4 changes: 2 additions & 2 deletions lib/trap-caching.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/trap-caching.js.map

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/trap-caching.test.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Loading