From 0d16d70d874517fa82d61eb7fbc7f6ccf5ea4c1e Mon Sep 17 00:00:00 2001 From: Aditya Sharad Date: Wed, 27 Jul 2022 12:31:35 -0700 Subject: [PATCH 01/13] CI: Add path filters to python-deps workflow No need to run this workflow on all PRs, only those that change the Python dependency installation mechanism. --- .github/workflows/python-deps.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/python-deps.yml b/.github/workflows/python-deps.yml index 28efa81053..ae4f8bc427 100644 --- a/.github/workflows/python-deps.yml +++ b/.github/workflows/python-deps.yml @@ -7,6 +7,13 @@ on: # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened # by other workflows. types: [opened, synchronize, reopened, ready_for_review] + paths: + # Changes to this workflow. + - '.github/workflows/python-deps.yml' + # Changes to the Python package installation scripts and their tests. + - 'python-setup/**' + # Changes to the default CodeQL bundle version. + - '**/defaults.json' jobs: test-setup-python-scripts: From bf24993f0c23fbdd8dcabc3a8141f3dec5103134 Mon Sep 17 00:00:00 2001 From: Aditya Sharad Date: Wed, 27 Jul 2022 13:22:10 -0700 Subject: [PATCH 02/13] CI: Add scheduled and manual triggers to python-deps workflow --- .github/workflows/python-deps.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/python-deps.yml b/.github/workflows/python-deps.yml index ae4f8bc427..4a9ecbac0d 100644 --- a/.github/workflows/python-deps.yml +++ b/.github/workflows/python-deps.yml @@ -14,6 +14,10 @@ on: - 'python-setup/**' # Changes to the default CodeQL bundle version. - '**/defaults.json' + schedule: + # Weekly on Monday. + - cron: '0 0 * * 1' + workflow_dispatch: jobs: test-setup-python-scripts: From 507d4b7b3181750a270b0130c28e66a4bc6d9402 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 28 Jul 2022 17:47:32 +0000 Subject: [PATCH 03/13] Update changelog and version after v2.1.17 --- CHANGELOG.md | 4 ++++ package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e162524bb7..631462b5d8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # CodeQL Action Changelog +## [UNRELEASED] + +No user facing changes. + ## 2.1.17 - 28 Jul 2022 - Update default CodeQL bundle version to 2.10.1. [#1143](https://github.com/github/codeql-action/pull/1143) diff --git a/package-lock.json b/package-lock.json index d169a816bb..0ef48a9b02 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "2.1.17", + "version": "2.1.18", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "codeql", - "version": "2.1.17", + "version": "2.1.18", "license": "MIT", "dependencies": { "@actions/artifact": "^1.0.0", diff --git a/package.json b/package.json index 80036aad9f..1692493b4c 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "2.1.17", + "version": "2.1.18", "private": true, "description": "CodeQL action", "scripts": { From 351171d4e95d578e03b229f0584e21e938ea130b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 28 Jul 2022 18:39:20 +0000 Subject: [PATCH 04/13] Update checked-in dependencies --- node_modules/.package-lock.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index eaa33ca13e..0475626e49 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "2.1.17", + "version": "2.1.18", "lockfileVersion": 2, "requires": true, "packages": { From 992d0116661afe47ed4260002dae42ab05ebe083 Mon Sep 17 00:00:00 2001 From: Aditya Sharad Date: Thu, 28 Jul 2022 15:36:04 -0700 Subject: [PATCH 05/13] CI: Combine JS lint and JS check jobs Reduce the number of concurrent jobs. This will require a branch protection rule update, renaming `check-js` to Check JS` and removing `Lint`. --- .github/workflows/pr-checks.yml | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index b36fdb8000..a7a754b9e4 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -10,17 +10,8 @@ on: workflow_dispatch: jobs: - lint-js: - name: Lint - runs-on: ubuntu-latest - timeout-minutes: 45 - - steps: - - uses: actions/checkout@v3 - - name: Run Lint - run: npm run-script lint - check-js: + name: Check JS runs-on: ubuntu-latest timeout-minutes: 45 @@ -30,7 +21,11 @@ jobs: node-types-version: [12.12, current] steps: - - uses: actions/checkout@v3 + - name: Checkout + uses: actions/checkout@v3 + + - name: Lint + run: npm run-script lint - name: Update version of @types/node if: matrix.node-types-version != 'current' From ceea66834a225250507757c9e09b9716bdac3fb8 Mon Sep 17 00:00:00 2001 From: Aditya Sharad Date: Thu, 28 Jul 2022 16:00:41 -0700 Subject: [PATCH 06/13] CI: Move Runner checks into their own workflow Refactor the PR checks workflow into two workflows: PR checks and Runner checks. This does not change the actual check jobs that are run. It also does not change the expected check names (which rely only on the job name, not the workflow name). This makes it easier to inspect workflow run summaries in the UI and to separately retry subsets of failed jobs in case of flakiness. In future we will clean up the Runner checks, since this is a deprecated component. --- .github/workflows/pr-checks.yml | 387 +-------------------------- .github/workflows/runner-checks.yml | 393 ++++++++++++++++++++++++++++ 2 files changed, 394 insertions(+), 386 deletions(-) create mode 100644 .github/workflows/runner-checks.yml diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index a7a754b9e4..fb5b615b1c 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -1,4 +1,4 @@ -name: PR Checks (Basic Checks and Runner) +name: PR Checks on: push: @@ -97,388 +97,3 @@ jobs: # we won't be able to find them on Windows. npm config set script-shell bash npm test - - runner-analyze-javascript-ubuntu: - name: Runner ubuntu JS analyze - needs: [check-js, check-node-modules] - timeout-minutes: 45 - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Run init - run: | - # Pass --config-file here, but not for other jobs in this workflow. - # This means we're testing the config file parsing in the runner - # but not slowing down all jobs unnecessarily as it doesn't add much - # testing the parsing on different operating systems and languages. - runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Run analyze - run: | - runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-javascript-windows: - name: Runner windows JS analyze - needs: [check-js, check-node-modules] - timeout-minutes: 45 - runs-on: windows-latest - - steps: - - uses: actions/checkout@v3 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Run init - run: | - runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Run analyze - run: | - runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-javascript-macos: - name: Runner macos JS analyze - needs: [check-js, check-node-modules] - timeout-minutes: 45 - runs-on: macos-latest - - steps: - - uses: actions/checkout@v3 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Run init - run: | - runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Run analyze - run: | - runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-ubuntu: - name: Runner ubuntu C# analyze - needs: [check-js, check-node-modules] - timeout-minutes: 45 - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - mv ../action/.github/workflows .github - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - run: | - . ./codeql-runner/codeql-env.sh - $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-windows: - name: Runner windows C# analyze - needs: [check-js, check-node-modules] - # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of - # `windows-latest`. - timeout-minutes: 45 - runs-on: windows-2019 - - steps: - - uses: actions/checkout@v3 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - mv ../action/.github/workflows .github - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: powershell - run: | - cat ./codeql-runner/codeql-env.sh | Invoke-Expression - $Env:CODEQL_EXTRACTOR_CSHARP_ROOT = "" # Unset an environment variable to make sure the tracer resists this - & $Env:CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false - - - name: Upload tracer logs - uses: actions/upload-artifact@v3 - with: - name: tracer-logs - path: ./codeql-runner/compound-build-tracer.log - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-macos: - name: Runner macos C# analyze - timeout-minutes: 45 - needs: [check-js, check-node-modules] - runs-on: macos-latest - - steps: - - uses: actions/checkout@v3 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - mv ../action/.github/workflows .github - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: bash - run: | - . ./codeql-runner/codeql-env.sh - $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-autobuild-ubuntu: - name: Runner ubuntu autobuild C# analyze - timeout-minutes: 45 - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - mv ../action/.github/workflows .github - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - run: | - ../action/runner/dist/codeql-runner-linux autobuild - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-autobuild-windows: - timeout-minutes: 45 - name: Runner windows autobuild C# analyze - needs: [check-js, check-node-modules] - # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of - # `windows-latest`. - runs-on: windows-2019 - - steps: - - uses: actions/checkout@v3 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - mv ../action/.github/workflows .github - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: powershell - run: | - ../action/runner/dist/codeql-runner-win.exe autobuild - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-analyze-csharp-autobuild-macos: - name: Runner macos autobuild C# analyze - needs: [check-js, check-node-modules] - runs-on: macos-latest - timeout-minutes: 45 - - steps: - - uses: actions/checkout@v3 - - - name: Move codeql-action - shell: bash - run: | - mkdir ../action - mv * .github ../action/ - mv ../action/tests/multi-language-repo/{*,.github} . - mv ../action/.github/workflows .github - - - name: Build runner - run: | - cd ../action/runner - npm install - npm run build-runner - - - name: Run init - run: | - ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Build code - shell: bash - run: | - . codeql-runner/codeql-env.sh - CODEQL_RUNNER="$(cat codeql-runner/codeql-env.json | jq -r '.CODEQL_RUNNER')" - echo "$CODEQL_RUNNER" - $CODEQL_RUNNER ../action/runner/dist/codeql-runner-macos autobuild - - - name: Run analyze - run: | - ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - env: - TEST_MODE: true - - runner-upload-sarif: - name: Runner upload sarif - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - timeout-minutes: 45 - - if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }} - - steps: - - uses: actions/checkout@v3 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Upload with runner - run: | - # Deliberately don't use TEST_MODE here. This is specifically testing - # the compatibility with the API. - runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - runner-extractor-ram-threads-options: - name: Runner ubuntu extractor RAM and threads options - needs: [check-js, check-node-modules] - runs-on: ubuntu-latest - timeout-minutes: 45 - - steps: - - uses: actions/checkout@v3 - - - name: Build runner - run: | - cd runner - npm install - npm run build-runner - - - name: Run init - run: | - runner/dist/codeql-runner-linux init --ram=230 --threads=1 --repository $GITHUB_REPOSITORY --languages java --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} - - - name: Assert Results - shell: bash - run: | - . ./codeql-runner/codeql-env.sh - if [ "${CODEQL_RAM}" != "230" ]; then - echo "CODEQL_RAM is '${CODEQL_RAM}' instead of 230" - exit 1 - fi - if [ "${CODEQL_EXTRACTOR_JAVA_RAM}" != "230" ]; then - echo "CODEQL_EXTRACTOR_JAVA_RAM is '${CODEQL_EXTRACTOR_JAVA_RAM}' instead of 230" - exit 1 - fi - if [ "${CODEQL_THREADS}" != "1" ]; then - echo "CODEQL_THREADS is '${CODEQL_THREADS}' instead of 1" - exit 1 - fi - if [ "${CODEQL_EXTRACTOR_JAVA_THREADS}" != "1" ]; then - echo "CODEQL_EXTRACTOR_JAVA_THREADS is '${CODEQL_EXTRACTOR_JAVA_THREADS}' instead of 1" - exit 1 - fi diff --git a/.github/workflows/runner-checks.yml b/.github/workflows/runner-checks.yml new file mode 100644 index 0000000000..7fd3cfde8f --- /dev/null +++ b/.github/workflows/runner-checks.yml @@ -0,0 +1,393 @@ +name: CodeQL Runner Checks + +on: + push: + branches: [main, releases/v1, releases/v2] + pull_request: + # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened + # by other workflows. + types: [opened, synchronize, reopened, ready_for_review] + workflow_dispatch: + +jobs: + runner-analyze-javascript-ubuntu: + name: Runner ubuntu JS analyze + + timeout-minutes: 45 + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Run init + run: | + # Pass --config-file here, but not for other jobs in this workflow. + # This means we're testing the config file parsing in the runner + # but not slowing down all jobs unnecessarily as it doesn't add much + # testing the parsing on different operating systems and languages. + runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Run analyze + run: | + runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-javascript-windows: + name: Runner windows JS analyze + timeout-minutes: 45 + runs-on: windows-latest + + steps: + - uses: actions/checkout@v3 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Run init + run: | + runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Run analyze + run: | + runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-javascript-macos: + name: Runner macos JS analyze + timeout-minutes: 45 + runs-on: macos-latest + + steps: + - uses: actions/checkout@v3 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Run init + run: | + runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Run analyze + run: | + runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-ubuntu: + name: Runner ubuntu C# analyze + timeout-minutes: 45 + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + mv ../action/.github/workflows .github + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + run: | + . ./codeql-runner/codeql-env.sh + $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-windows: + name: Runner windows C# analyze + + # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of + # `windows-latest`. + timeout-minutes: 45 + runs-on: windows-2019 + + steps: + - uses: actions/checkout@v3 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + mv ../action/.github/workflows .github + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: powershell + run: | + cat ./codeql-runner/codeql-env.sh | Invoke-Expression + $Env:CODEQL_EXTRACTOR_CSHARP_ROOT = "" # Unset an environment variable to make sure the tracer resists this + & $Env:CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false + + - name: Upload tracer logs + uses: actions/upload-artifact@v3 + with: + name: tracer-logs + path: ./codeql-runner/compound-build-tracer.log + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-macos: + name: Runner macos C# analyze + timeout-minutes: 45 + + runs-on: macos-latest + + steps: + - uses: actions/checkout@v3 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + mv ../action/.github/workflows .github + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: bash + run: | + . ./codeql-runner/codeql-env.sh + $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-autobuild-ubuntu: + name: Runner ubuntu autobuild C# analyze + timeout-minutes: 45 + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + mv ../action/.github/workflows .github + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + run: | + ../action/runner/dist/codeql-runner-linux autobuild + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-autobuild-windows: + timeout-minutes: 45 + name: Runner windows autobuild C# analyze + + # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of + # `windows-latest`. + runs-on: windows-2019 + + steps: + - uses: actions/checkout@v3 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + mv ../action/.github/workflows .github + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: powershell + run: | + ../action/runner/dist/codeql-runner-win.exe autobuild + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-analyze-csharp-autobuild-macos: + name: Runner macos autobuild C# analyze + + runs-on: macos-latest + timeout-minutes: 45 + + steps: + - uses: actions/checkout@v3 + + - name: Move codeql-action + shell: bash + run: | + mkdir ../action + mv * .github ../action/ + mv ../action/tests/multi-language-repo/{*,.github} . + mv ../action/.github/workflows .github + + - name: Build runner + run: | + cd ../action/runner + npm install + npm run build-runner + + - name: Run init + run: | + ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Build code + shell: bash + run: | + . codeql-runner/codeql-env.sh + CODEQL_RUNNER="$(cat codeql-runner/codeql-env.json | jq -r '.CODEQL_RUNNER')" + echo "$CODEQL_RUNNER" + $CODEQL_RUNNER ../action/runner/dist/codeql-runner-macos autobuild + + - name: Run analyze + run: | + ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + env: + TEST_MODE: true + + runner-upload-sarif: + name: Runner upload sarif + + runs-on: ubuntu-latest + timeout-minutes: 45 + + if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }} + + steps: + - uses: actions/checkout@v3 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Upload with runner + run: | + # Deliberately don't use TEST_MODE here. This is specifically testing + # the compatibility with the API. + runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + runner-extractor-ram-threads-options: + name: Runner ubuntu extractor RAM and threads options + + runs-on: ubuntu-latest + timeout-minutes: 45 + + steps: + - uses: actions/checkout@v3 + + - name: Build runner + run: | + cd runner + npm install + npm run build-runner + + - name: Run init + run: | + runner/dist/codeql-runner-linux init --ram=230 --threads=1 --repository $GITHUB_REPOSITORY --languages java --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} + + - name: Assert Results + shell: bash + run: | + . ./codeql-runner/codeql-env.sh + if [ "${CODEQL_RAM}" != "230" ]; then + echo "CODEQL_RAM is '${CODEQL_RAM}' instead of 230" + exit 1 + fi + if [ "${CODEQL_EXTRACTOR_JAVA_RAM}" != "230" ]; then + echo "CODEQL_EXTRACTOR_JAVA_RAM is '${CODEQL_EXTRACTOR_JAVA_RAM}' instead of 230" + exit 1 + fi + if [ "${CODEQL_THREADS}" != "1" ]; then + echo "CODEQL_THREADS is '${CODEQL_THREADS}' instead of 1" + exit 1 + fi + if [ "${CODEQL_EXTRACTOR_JAVA_THREADS}" != "1" ]; then + echo "CODEQL_EXTRACTOR_JAVA_THREADS is '${CODEQL_EXTRACTOR_JAVA_THREADS}' instead of 1" + exit 1 + fi From 2f739fcd04dfc437bd6ebafae18ff748981ac7fc Mon Sep 17 00:00:00 2001 From: Aditya Sharad Date: Thu, 28 Jul 2022 17:02:52 -0700 Subject: [PATCH 07/13] CI: Combine verify-pr-checks and check-for-conflicts jobs Reduce the number of concurrent jobs by 1. Run these checks in succession instead, as the `check-file-contents` job in the PR checks workflow. --- .github/workflows/check-for-conflicts.yml | 31 ----------------------- .github/workflows/pr-checks.yml | 28 +++++++++++++++++--- 2 files changed, 25 insertions(+), 34 deletions(-) delete mode 100644 .github/workflows/check-for-conflicts.yml diff --git a/.github/workflows/check-for-conflicts.yml b/.github/workflows/check-for-conflicts.yml deleted file mode 100644 index fe96d9ac3b..0000000000 --- a/.github/workflows/check-for-conflicts.yml +++ /dev/null @@ -1,31 +0,0 @@ -# Checks for any conflict markers created by git. This check is primarily intended to validate that -# any merge conflicts in the v2 -> v1 backport PR are fixed before the PR is merged. -name: Check for conflicts - -on: - pull_request: - branches: [main, releases/v1, releases/v2] - # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened - # by other workflows. - types: [opened, synchronize, reopened, ready_for_review] - -jobs: - check-for-conflicts: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Check for conflicts - run: | - # Use `|| true` since grep returns exit code 1 if there are no matches, and we don't want - # this to fail the workflow. - FILES_WITH_CONFLICTS=$(grep --extended-regexp --ignore-case --line-number --recursive \ - '^(<<<<<<<|>>>>>>>)' . || true) - if [[ "${FILES_WITH_CONFLICTS}" ]]; then - echo "Fail: Found merge conflict markers in the following files:" - echo "" - echo "${FILES_WITH_CONFLICTS}" - exit 1 - else - echo "Success: Found no merge conflict markers." - fi diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index fb5b615b1c..a97ef1d405 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -62,21 +62,43 @@ jobs: - name: Check node modules up to date run: .github/workflows/script/check-node-modules.sh - verify-pr-checks: - name: Verify PR checks up to date + check-file-contents: + name: Check file contents runs-on: ubuntu-latest timeout-minutes: 45 steps: - - uses: actions/checkout@v3 + - name: Checkout + uses: actions/checkout@v3 + + # Checks for any conflict markers created by git. This check is primarily intended to validate that + # any merge conflicts in the v2 -> v1 backport PR are fixed before the PR is merged. + - name: Check for merge conflicts + run: | + # Use `|| true` since grep returns exit code 1 if there are no matches, and we don't want + # this to fail the workflow. + FILES_WITH_CONFLICTS=$(grep --extended-regexp --ignore-case --line-number --recursive \ + '^(<<<<<<<|>>>>>>>)' . || true) + if [[ "${FILES_WITH_CONFLICTS}" ]]; then + echo "Fail: Found merge conflict markers in the following files:" + echo "" + echo "${FILES_WITH_CONFLICTS}" + exit 1 + else + echo "Success: Found no merge conflict markers." + fi + - name: Set up Python uses: actions/setup-python@v3 with: python-version: 3.8 + - name: Install dependencies run: | python -m pip install --upgrade pip pip install ruamel.yaml + + # Ensure the generated PR check workflows are up to date. - name: Verify PR checks up to date run: .github/workflows/script/verify-pr-checks.sh From a5def177685b5df2521a294f76bb15184554dc93 Mon Sep 17 00:00:00 2001 From: Chuan-kai Lin Date: Thu, 28 Jul 2022 13:16:21 -0700 Subject: [PATCH 08/13] Update default CodeQL version to 2.10.2 --- CHANGELOG.md | 2 +- lib/defaults.json | 2 +- src/defaults.json | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 631462b5d8..cfcb703a17 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ ## [UNRELEASED] -No user facing changes. +- Update default CodeQL bundle version to 2.10.2. [#1156](https://github.com/github/codeql-action/pull/1156) ## 2.1.17 - 28 Jul 2022 diff --git a/lib/defaults.json b/lib/defaults.json index 2dd1a86cf7..13c30cf139 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,3 +1,3 @@ { - "bundleVersion": "codeql-bundle-20220714" + "bundleVersion": "codeql-bundle-20220728" } diff --git a/src/defaults.json b/src/defaults.json index 69211563e0..b04119e141 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,3 +1,3 @@ { - "bundleVersion": "codeql-bundle-20220714" + "bundleVersion": "codeql-bundle-20220728" } From 9dc4e8a2c774fc10b9399511a3c07cff071ef6dd Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 3 Aug 2022 16:37:42 +0000 Subject: [PATCH 09/13] Update changelog for v2.1.18 --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cfcb703a17..3e44bf12a2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ # CodeQL Action Changelog -## [UNRELEASED] +## 2.1.18 - 03 Aug 2022 - Update default CodeQL bundle version to 2.10.2. [#1156](https://github.com/github/codeql-action/pull/1156) From 236b7c2b056f6f348d994485a6eafcdf2460717a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 3 Aug 2022 17:48:06 +0000 Subject: [PATCH 10/13] Revert "Update version and changelog for v1.1.17" This reverts commit d8ed0a3afb47cd97a0c46a858bff2395d914b04e. --- CHANGELOG.md | 25 +++++++++++++------------ package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 16 insertions(+), 15 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5cdb6838c6..e162524bb7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,59 +1,60 @@ # CodeQL Action Changelog -## 1.1.17 - 28 Jul 2022 +## 2.1.17 - 28 Jul 2022 - Update default CodeQL bundle version to 2.10.1. [#1143](https://github.com/github/codeql-action/pull/1143) -## 1.1.16 - 13 Jul 2022 +## 2.1.16 - 13 Jul 2022 - You can now quickly debug a job that uses the CodeQL Action by re-running the job from the GitHub UI and selecting the "Enable debug logging" option. [#1132](https://github.com/github/codeql-action/pull/1132) - You can now see diagnostic messages produced by the analysis in the logs of the `analyze` Action by enabling debug mode. To enable debug mode, pass `debug: true` to the `init` Action, or [enable step debug logging](https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging#enabling-step-debug-logging). This feature is available for CodeQL CLI version 2.10.0 and later. [#1133](https://github.com/github/codeql-action/pull/1133) -## 1.1.15 - 28 Jun 2022 +## 2.1.15 - 28 Jun 2022 - CodeQL query packs listed in the `packs` configuration field will be skipped if their target language is not being analyzed in the current Actions job. Previously, this would throw an error. [#1116](https://github.com/github/codeql-action/pull/1116) - The combination of python2 and poetry is no longer supported. See https://github.com/actions/setup-python/issues/374 for more details. [#1124](https://github.com/github/codeql-action/pull/1124) - Update default CodeQL bundle version to 2.10.0. [#1123](https://github.com/github/codeql-action/pull/1123) -## 1.1.14 - 22 Jun 2022 +## 2.1.14 - 22 Jun 2022 No user facing changes. -## 1.1.13 - 21 Jun 2022 +## 2.1.13 - 21 Jun 2022 - Update default CodeQL bundle version to 2.9.4. [#1100](https://github.com/github/codeql-action/pull/1100) -## 1.1.12 - 01 Jun 2022 +## 2.1.12 - 01 Jun 2022 - Update default CodeQL bundle version to 2.9.3. [#1084](https://github.com/github/codeql-action/pull/1084) -## 1.1.11 - 17 May 2022 +## 2.1.11 - 17 May 2022 - Update default CodeQL bundle version to 2.9.2. [#1074](https://github.com/github/codeql-action/pull/1074) -## 1.1.10 - 10 May 2022 +## 2.1.10 - 10 May 2022 - Update default CodeQL bundle version to 2.9.1. [#1056](https://github.com/github/codeql-action/pull/1056) - When `wait-for-processing` is enabled, the workflow will now fail if there were any errors that occurred during processing of the analysis results. -## 1.1.9 - 27 Apr 2022 +## 2.1.9 - 27 Apr 2022 - Add `working-directory` input to the `autobuild` action. [#1024](https://github.com/github/codeql-action/pull/1024) - The `analyze` and `upload-sarif` actions will now wait up to 2 minutes for processing to complete after they have uploaded the results so they can report any processing errors that occurred. This behavior can be disabled by setting the `wait-for-processing` action input to `"false"`. [#1007](https://github.com/github/codeql-action/pull/1007) - Update default CodeQL bundle version to 2.9.0. - Fix a bug where [status reporting fails on Windows](https://github.com/github/codeql-action/issues/1041). [#1042](https://github.com/github/codeql-action/pull/1042) -## 1.1.8 - 08 Apr 2022 +## 2.1.8 - 08 Apr 2022 - Update default CodeQL bundle version to 2.8.5. [#1014](https://github.com/github/codeql-action/pull/1014) - Fix error where the init action would fail due to a GitHub API request that was taking too long to complete [#1025](https://github.com/github/codeql-action/pull/1025) -## 1.1.7 - 05 Apr 2022 +## 2.1.7 - 05 Apr 2022 - A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. [#1018](https://github.com/github/codeql-action/pull/1018) -## 1.1.6 - 30 Mar 2022 +## 2.1.6 - 30 Mar 2022 +- [v2+ only] The CodeQL Action now runs on Node.js v16. [#1000](https://github.com/github/codeql-action/pull/1000) - Update default CodeQL bundle version to 2.8.4. [#990](https://github.com/github/codeql-action/pull/990) - Fix a bug where an invalid `commit_oid` was being sent to code scanning when a custom checkout path was being used. [#956](https://github.com/github/codeql-action/pull/956) diff --git a/package-lock.json b/package-lock.json index 4716bc7a49..be02a6feac 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "1.1.17", + "version": "2.1.17", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "codeql", - "version": "1.1.17", + "version": "2.1.17", "license": "MIT", "dependencies": { "@actions/artifact": "^1.0.0", diff --git a/package.json b/package.json index c496d796d8..ddef712f70 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "1.1.17", + "version": "2.1.17", "private": true, "description": "CodeQL action", "scripts": { From ac911e9964ce2f6375625c17d419b9315e462f8b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 3 Aug 2022 17:48:06 +0000 Subject: [PATCH 11/13] Revert "Update checked-in dependencies" This reverts commit 624285f8b2e5342724fe9a01db89984fdd66244e. --- node_modules/.package-lock.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index 2816a0b272..e0acfeb19d 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "1.1.17", + "version": "2.1.17", "lockfileVersion": 2, "requires": true, "packages": { From 0c10062e5eac013ee29ef201ede52d391d585dfe Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 3 Aug 2022 17:48:10 +0000 Subject: [PATCH 12/13] Update version and changelog for v1.1.18 --- CHANGELOG.md | 27 +++++++++++++-------------- package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 16 insertions(+), 17 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3e44bf12a2..cbe7777e85 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,64 +1,63 @@ # CodeQL Action Changelog -## 2.1.18 - 03 Aug 2022 +## 1.1.18 - 03 Aug 2022 - Update default CodeQL bundle version to 2.10.2. [#1156](https://github.com/github/codeql-action/pull/1156) -## 2.1.17 - 28 Jul 2022 +## 1.1.17 - 28 Jul 2022 - Update default CodeQL bundle version to 2.10.1. [#1143](https://github.com/github/codeql-action/pull/1143) -## 2.1.16 - 13 Jul 2022 +## 1.1.16 - 13 Jul 2022 - You can now quickly debug a job that uses the CodeQL Action by re-running the job from the GitHub UI and selecting the "Enable debug logging" option. [#1132](https://github.com/github/codeql-action/pull/1132) - You can now see diagnostic messages produced by the analysis in the logs of the `analyze` Action by enabling debug mode. To enable debug mode, pass `debug: true` to the `init` Action, or [enable step debug logging](https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging#enabling-step-debug-logging). This feature is available for CodeQL CLI version 2.10.0 and later. [#1133](https://github.com/github/codeql-action/pull/1133) -## 2.1.15 - 28 Jun 2022 +## 1.1.15 - 28 Jun 2022 - CodeQL query packs listed in the `packs` configuration field will be skipped if their target language is not being analyzed in the current Actions job. Previously, this would throw an error. [#1116](https://github.com/github/codeql-action/pull/1116) - The combination of python2 and poetry is no longer supported. See https://github.com/actions/setup-python/issues/374 for more details. [#1124](https://github.com/github/codeql-action/pull/1124) - Update default CodeQL bundle version to 2.10.0. [#1123](https://github.com/github/codeql-action/pull/1123) -## 2.1.14 - 22 Jun 2022 +## 1.1.14 - 22 Jun 2022 No user facing changes. -## 2.1.13 - 21 Jun 2022 +## 1.1.13 - 21 Jun 2022 - Update default CodeQL bundle version to 2.9.4. [#1100](https://github.com/github/codeql-action/pull/1100) -## 2.1.12 - 01 Jun 2022 +## 1.1.12 - 01 Jun 2022 - Update default CodeQL bundle version to 2.9.3. [#1084](https://github.com/github/codeql-action/pull/1084) -## 2.1.11 - 17 May 2022 +## 1.1.11 - 17 May 2022 - Update default CodeQL bundle version to 2.9.2. [#1074](https://github.com/github/codeql-action/pull/1074) -## 2.1.10 - 10 May 2022 +## 1.1.10 - 10 May 2022 - Update default CodeQL bundle version to 2.9.1. [#1056](https://github.com/github/codeql-action/pull/1056) - When `wait-for-processing` is enabled, the workflow will now fail if there were any errors that occurred during processing of the analysis results. -## 2.1.9 - 27 Apr 2022 +## 1.1.9 - 27 Apr 2022 - Add `working-directory` input to the `autobuild` action. [#1024](https://github.com/github/codeql-action/pull/1024) - The `analyze` and `upload-sarif` actions will now wait up to 2 minutes for processing to complete after they have uploaded the results so they can report any processing errors that occurred. This behavior can be disabled by setting the `wait-for-processing` action input to `"false"`. [#1007](https://github.com/github/codeql-action/pull/1007) - Update default CodeQL bundle version to 2.9.0. - Fix a bug where [status reporting fails on Windows](https://github.com/github/codeql-action/issues/1041). [#1042](https://github.com/github/codeql-action/pull/1042) -## 2.1.8 - 08 Apr 2022 +## 1.1.8 - 08 Apr 2022 - Update default CodeQL bundle version to 2.8.5. [#1014](https://github.com/github/codeql-action/pull/1014) - Fix error where the init action would fail due to a GitHub API request that was taking too long to complete [#1025](https://github.com/github/codeql-action/pull/1025) -## 2.1.7 - 05 Apr 2022 +## 1.1.7 - 05 Apr 2022 - A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. [#1018](https://github.com/github/codeql-action/pull/1018) -## 2.1.6 - 30 Mar 2022 +## 1.1.6 - 30 Mar 2022 -- [v2+ only] The CodeQL Action now runs on Node.js v16. [#1000](https://github.com/github/codeql-action/pull/1000) - Update default CodeQL bundle version to 2.8.4. [#990](https://github.com/github/codeql-action/pull/990) - Fix a bug where an invalid `commit_oid` was being sent to code scanning when a custom checkout path was being used. [#956](https://github.com/github/codeql-action/pull/956) diff --git a/package-lock.json b/package-lock.json index 8e661c33be..8c255a1527 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "2.1.18", + "version": "1.1.18", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "codeql", - "version": "2.1.18", + "version": "1.1.18", "license": "MIT", "dependencies": { "@actions/artifact": "^1.0.0", diff --git a/package.json b/package.json index 19cdc6f50c..d257eacb90 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "2.1.18", + "version": "1.1.18", "private": true, "description": "CodeQL action", "scripts": { From 944b1f8c5c480935a27313d90639b5a850cf96aa Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 3 Aug 2022 17:59:40 +0000 Subject: [PATCH 13/13] Update checked-in dependencies --- node_modules/.package-lock.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index 0782dd15c5..564128bd04 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "2.1.18", + "version": "1.1.18", "lockfileVersion": 2, "requires": true, "packages": {