-
Notifications
You must be signed in to change notification settings - Fork 333
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update README with detailed information #2415
Conversation
Please ignore for now. I created this PR using a copilot workspace. There are a lot of things I need to clean up. I just wanted to try out using it. |
885261b
to
0f63fee
Compare
@aeisenberg just checking, is this PR ready for review by a human or not yet? 🤖 |
It needs some more work. I haven't had a chance to really look at it. I'm not sure when I'll get another chance, so if you want to pick it up, feel free to. |
Ah, was just wondering if you were blocked on review 😸 |
Update `README.md` to include detailed information about inputs, workflow permissions, build modes, and actions. * **Inputs**: Add a section on inputs, including the `config` option, `languages`, `queries`, `packs`, `db-location`, `ram`, `threads`, and `source-root`. * **Workflow Permissions**: Add a section on workflow permissions required for the actions. * **Build Modes**: Add a section explaining the different build modes available for the actions (`none`, `autobuild`, `manual`). * **Actions**: Add a section describing the different actions (`init`, `autobuild`, `analyze`, `upload-sarif`, `resolve-environment`, `start-proxy`) and how to use them, with links to the relevant documentation on GitHub. --- For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/github/codeql-action?shareId=XXXX-XXXX-XXXX-XXXX).
Restructured the change to the README. Instead of directly including the descriptions of the language inputs, added links to the inputs for each action.
0f63fee
to
c768f67
Compare
@angelapwen This is now ready for review. Can you take a look when you have a chance? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a few questions!! Thanks!
README.md
Outdated
|
||
Actions with special purposes and unlikely to be used directly: | ||
|
||
- `autobuild`: (Deprecated) Attempts to automatically build the code. Only used for analyzing languages that require a build. Use the `build-mode: autobuild` input in the `init` action instead. For information about input parameters, see the [autobuild action definition](https://github.com/github/codeql-action/blob/main/autobuild/action.yml). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is autobuild officially deprecated? I might have missed that 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not deprecated yet. I should probably remove the tag, but it's a good discussion to have.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Makes sense 👍 I think we should also remove it from the description in the .yml file too then!
README.md
Outdated
- `resolve-environment`: Attempts to infer a build environment suitable for automatic builds. For information about input parameters, see the [resolve-environment action definition](https://github.com/github/codeql-action/blob/main/resolve-environment/action.yml). | ||
- `start-proxy`: Starts an HTTP proxy server for downloading dependencies in private registries. For information about input parameters, see the [start-proxy action definition](https://github.com/github/codeql-action/blob/main/start-proxy/action.yml). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We might want to label these experimental (they're labeled that way in the definitions). Also, start-proxy
is explicitly for internal GH use only — not sure if we want to advertise it in the README?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's worth keeping start-proxy
since the action exists and users can see it, but I will make sure it's clear that it's internal use only.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The recent changes in the pull request affect the following files:
-
- Added detailed descriptions for different actions related to CodeQL analysis.
- Expanded sections for workflow permissions and build modes.
-
- Updated the description to include more details about the autobuild mode.
Next Steps
- Create a file to document your review comments.
- Commit your changes to a new branch.
- Create a pull request from the new branch.
Update
README.md
to include detailed information about inputs, workflow permissions, build modes, and actions.config
option,languages
,queries
,packs
,db-location
,ram
,threads
, andsource-root
.none
,autobuild
,manual
).init
,autobuild
,analyze
,upload-sarif
,resolve-environment
,start-proxy
) and how to use them, with links to the relevant documentation on GitHub.For more details, open the Copilot Workspace session.