Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge main into releases/v3 #2490

Merged
merged 37 commits into from
Sep 19, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
b296f26
Refactor: upload all available debug artifacts in init-post
angelapwen Sep 11, 2024
c098b25
Only upload `upload-sarif` debug artifacts at most once
angelapwen Sep 11, 2024
4ba2440
Rebuild: add transpiled files
angelapwen Sep 11, 2024
82ce313
Remove unused helper file
angelapwen Sep 11, 2024
d4bfd40
Use `.push` rather than `.concat`
angelapwen Sep 11, 2024
cb7faf5
Refactor: move combined SARIF debug artifact logic to `debug-artifact`
angelapwen Sep 12, 2024
e771680
Rename `upload-debug-artifacts` to `combined-sarif-artifacts`
angelapwen Sep 12, 2024
bc660fc
Copy SARIF file to database location rather than move
angelapwen Sep 12, 2024
d795ead
Fix incorrect documentation about the `token` input to the Actions.
chrisgavin Sep 13, 2024
d4f57b8
Update changelog and version after v3.26.7
github-actions[bot] Sep 13, 2024
fa08c06
Update checked-in dependencies
github-actions[bot] Sep 13, 2024
e1d2bc5
Merge pull request #2479 from github/mergeback/v3.26.7-to-main-8214744c
dbartol Sep 13, 2024
51de6a8
Use RFC-style requirements.
chrisgavin Sep 13, 2024
86b04fb
Add a warning to not specify a `token` input in most cases.
chrisgavin Sep 13, 2024
c101242
Merge pull request #2477 from github/fix-incorrect-token-docs
chrisgavin Sep 13, 2024
762210d
Use generated token on checkout
rvermeulen Sep 13, 2024
fe22310
Merge pull request #2475 from github/angelapwen/refactor-debug-artifa…
angelapwen Sep 13, 2024
5618c9f
Merge pull request #2481 from rvermeulen/rvermeulen/use-correct-token…
dbartol Sep 13, 2024
d061f2c
Handle CLI errors when creating debug artifacts
henrymercer Sep 16, 2024
bbd9c4a
Update default bundle to codeql-bundle-v2.19.0
github-actions[bot] Sep 16, 2024
6cc3253
Add changelog note
github-actions[bot] Sep 16, 2024
80d7a6c
Tolerate failures in uploading debug artifacts
henrymercer Sep 16, 2024
bbd7c80
Fall back to partial database bundle if CLI command fails
henrymercer Sep 16, 2024
dd7307d
Refactoring: Simplify retrieving error message
henrymercer Sep 16, 2024
213bf36
Improve documentation
henrymercer Sep 16, 2024
642bbfc
Turn invalid helpUri attribute into a warning
rvermeulen Sep 16, 2024
782de45
Merge pull request #2486 from github/henrymercer/improve-debug-artifa…
henrymercer Sep 17, 2024
78d398e
Improve docs and method naming
henrymercer Sep 17, 2024
d0a3cf2
Improve logging for debug artifacts
henrymercer Sep 17, 2024
6e24973
Improve logging for combined SARIF debug artifact
henrymercer Sep 17, 2024
34666c1
Merge pull request #2488 from github/henrymercer/debug-artifacts-bett…
henrymercer Sep 17, 2024
a1a585f
Merge branch 'main' into rvermeulen/uri-errors-as-warnings
rvermeulen Sep 17, 2024
498c508
Rebuild JavaScript files
rvermeulen Sep 17, 2024
cb28816
Merge pull request #2487 from rvermeulen/rvermeulen/uri-errors-as-war…
rvermeulen Sep 17, 2024
e0e2d75
Merge branch 'main' into update-bundle/codeql-bundle-v2.19.0
smowton Sep 18, 2024
64431c6
Merge pull request #2483 from github/update-bundle/codeql-bundle-v2.19.0
smowton Sep 18, 2024
00b3604
Update changelog for v3.26.8
github-actions[bot] Sep 19, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions .github/workflows/update-release-branch.yml
Original file line number Diff line number Diff line change
Expand Up @@ -115,19 +115,21 @@ jobs:
SOURCE_BRANCH: ${{ needs.prepare.outputs.backport_source_branch }}
TARGET_BRANCH: ${{ matrix.target_branch }}
steps:
- uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4
- name: Generate token
uses: actions/create-github-app-token@31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4
id: app-token
with:
app-id: ${{ vars.AUTOMATION_APP_ID }}
private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}
- uses: actions/checkout@v4

- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # Need full history for calculation of diffs
token: ${{ steps.app-token.outputs.token }}
- uses: ./.github/actions/release-initialise

- name: Update older release branch
env:
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
run: |
echo SOURCE_BRANCH=${SOURCE_BRANCH}
echo TARGET_BRANCH=${TARGET_BRANCH}
Expand Down
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th

Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

## 3.26.8 - 19 Sep 2024

- Update default CodeQL bundle version to 2.19.0. [#2483](https://github.com/github/codeql-action/pull/2483)

## 3.26.7 - 13 Sep 2024

- Update default CodeQL bundle version to 2.18.4. [#2471](https://github.com/github/codeql-action/pull/2471)
Expand Down
2 changes: 1 addition & 1 deletion analyze/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ inputs:
required: true
default: "true"
token:
description: "GitHub token to use for authenticating with this instance of GitHub. The token needs the `security-events: write` permission."
description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow must have the `security-events: write` permission. Most of the time it is advisable to avoid specifying this input so that the workflow falls back to using the default value."
required: false
default: ${{ github.token }}
matrix:
Expand Down
44 changes: 0 additions & 44 deletions lib/analyze-action-post-helper.js

This file was deleted.

1 change: 0 additions & 1 deletion lib/analyze-action-post-helper.js.map

This file was deleted.

73 changes: 0 additions & 73 deletions lib/analyze-action-post-helper.test.js

This file was deleted.

1 change: 0 additions & 1 deletion lib/analyze-action-post-helper.test.js.map

This file was deleted.

16 changes: 9 additions & 7 deletions lib/analyze-action-post.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/analyze-action-post.js.map

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 2 additions & 1 deletion lib/analyze-action.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Loading