-
Notifications
You must be signed in to change notification settings - Fork 334
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merge main into releases/v2 #1246
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This change adds: - new `registries` block allowed in code scanning config file - new `registries-auth-tokens` input in init action - Change the downloadPacks function so that it accepts new parameters: - registries block - api auth - Generate a qlconfig.yml file with the registries block if one is supplied. Use this file when downloading packs. - temporarily set the `GITHUB_TOKEN` and `CODEQL_REGISTRIES_AUTH` based on api auth TODO: 1. integration test 2. handle pack downloads when the config is generated by the CLI
This will enable us to test this behavior in PR checks. Also simplify and add some more detailed documentation.
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
`in` checks the indices of an array, not the values.
Mergeback v2.1.22 refs/heads/releases/v2 into main
Previously the test depended on `createdDBForScannedLanguages` making no async calls prior to `codeql resolve extractor`.
Now the test is fixed, we can simplify by introducing an async call.
We now trace in init when using reconciled tracing, so we no longer need to set the `CODEQL_EXTRACTOR_GO_BUILD_TRACING` environment variable.
A bug preventing us from using Lua tracing for Go on Windows is fixed in CLI 2.10.4+, so we can now resume using Lua tracing for Go on Windows when using these CLI versions.
…-go-windows Run Lua tracing for Go on Windows in CLI 2.10.4+
Autobuild Go in `analyze` if not already built
The [release notes](https://github.com/avajs/ava/releases/tag/v4.3.3) mention compatibility with Node 18.8.
Add workflowEventName util function
Avoids a bug in 2.10.4. Also, add some better handling for invalid registries blocks.
Add support for downloading packs from GHES
Always defer to the CLI on the Lua tracer state from now on.
Bump CodeQL version to 2.10.5
This test is broken, as it first sets environment variables, and then immediately unsets it again. This only worked by chance with the legacy tracer, and breaks the Lua tracer.
Remove the lua tracer feature flag check from the codeql-action.
henrymercer
approved these changes
Sep 15, 2022
4 tasks
This was referenced Jun 22, 2023
This was referenced Nov 30, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merging fd4dc5b into releases/v2
Conductor for this PR is @henrymercer
Contains the following pull requests:
analyze
if not already built #1219 - Autobuild Go inanalyze
if not already built (@henrymercer)Please review the following: