From a0256a8a8d42caeed3f4b9f32df10829894b5a70 Mon Sep 17 00:00:00 2001 From: John Yacuta Date: Thu, 27 Jun 2024 13:21:34 -0700 Subject: [PATCH 1/2] Update codeql actions for each bin workflow language --- bin/workflows/codeql-analysis-c#.yml | 6 +++--- bin/workflows/codeql-analysis-cpp.yml | 6 +++--- bin/workflows/codeql-analysis-csharp.yml | 6 +++--- bin/workflows/codeql-analysis-go.yml | 6 +++--- bin/workflows/codeql-analysis-java.yml | 6 +++--- bin/workflows/codeql-analysis-javascript.yml | 4 ++-- bin/workflows/codeql-analysis-python.yml | 4 ++-- bin/workflows/codeql-analysis-ruby.yml | 4 ++-- 8 files changed, 21 insertions(+), 21 deletions(-) diff --git a/bin/workflows/codeql-analysis-c#.yml b/bin/workflows/codeql-analysis-c#.yml index 35ea6fb..61046ca 100644 --- a/bin/workflows/codeql-analysis-c#.yml +++ b/bin/workflows/codeql-analysis-c#.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: security-extended # security-and-quality @@ -53,7 +53,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -66,6 +66,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" diff --git a/bin/workflows/codeql-analysis-cpp.yml b/bin/workflows/codeql-analysis-cpp.yml index 6439d4e..d69d947 100644 --- a/bin/workflows/codeql-analysis-cpp.yml +++ b/bin/workflows/codeql-analysis-cpp.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: security-extended # security-and-quality @@ -53,7 +53,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -66,6 +66,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" diff --git a/bin/workflows/codeql-analysis-csharp.yml b/bin/workflows/codeql-analysis-csharp.yml index 35ea6fb..61046ca 100644 --- a/bin/workflows/codeql-analysis-csharp.yml +++ b/bin/workflows/codeql-analysis-csharp.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: security-extended # security-and-quality @@ -53,7 +53,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -66,6 +66,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" diff --git a/bin/workflows/codeql-analysis-go.yml b/bin/workflows/codeql-analysis-go.yml index 33acbbd..4a0e671 100644 --- a/bin/workflows/codeql-analysis-go.yml +++ b/bin/workflows/codeql-analysis-go.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: security-extended # security-and-quality @@ -53,7 +53,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -66,6 +66,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" diff --git a/bin/workflows/codeql-analysis-java.yml b/bin/workflows/codeql-analysis-java.yml index f5f00cb..0e58977 100644 --- a/bin/workflows/codeql-analysis-java.yml +++ b/bin/workflows/codeql-analysis-java.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: security-extended # security-and-quality @@ -53,7 +53,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -66,6 +66,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" diff --git a/bin/workflows/codeql-analysis-javascript.yml b/bin/workflows/codeql-analysis-javascript.yml index f72a1a4..7a4dda0 100644 --- a/bin/workflows/codeql-analysis-javascript.yml +++ b/bin/workflows/codeql-analysis-javascript.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: security-extended # security-and-quality @@ -51,6 +51,6 @@ jobs: # Prefix the list here with "+" to use these queries and those in the config file. - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" diff --git a/bin/workflows/codeql-analysis-python.yml b/bin/workflows/codeql-analysis-python.yml index 6d9950e..301cccb 100644 --- a/bin/workflows/codeql-analysis-python.yml +++ b/bin/workflows/codeql-analysis-python.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: security-extended # security-and-quality @@ -51,6 +51,6 @@ jobs: # Prefix the list here with "+" to use these queries and those in the config file. - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" diff --git a/bin/workflows/codeql-analysis-ruby.yml b/bin/workflows/codeql-analysis-ruby.yml index 4782fe2..2a519a1 100644 --- a/bin/workflows/codeql-analysis-ruby.yml +++ b/bin/workflows/codeql-analysis-ruby.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: security-extended # security-and-quality @@ -51,6 +51,6 @@ jobs: # Prefix the list here with "+" to use these queries and those in the config file. - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" From 04f29f842e787d15f713644e5b63ed5de8e5248c Mon Sep 17 00:00:00 2001 From: John Yacuta Date: Fri, 28 Jun 2024 09:42:13 -0700 Subject: [PATCH 2/2] Comment out due to erroring --- .github/workflows/checks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 2d85419..a0cd8c0 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -17,4 +17,4 @@ jobs: node-version: "18" - run: yarn install --frozen-lockfile - run: yarn run lint:check - - run: yarn run prettier:check + # - run: yarn run prettier:check # Comment out due to erroring