hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 06:36:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update scan action

Browse Source
This commit is contained in:
Alvaro Muñoz
2024-04-23 12:43:23 +02:00
parent f73571a752
commit a2ed07ec35
5 changed files with 27 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.github/action/dist/index.js vendored
View File

@@ -28606,7 +28606,7 @@ async function newCodeQL() {
return {
language: "yaml",
path: await findCodeQL(),
pack: "githubsecuritylab/actions-queries",
pack: "githubsecuritylab/actions-all",
suite: `codeql-suites/${core.getInput("suite") || "actions-code-scanning"}.qls`,
source_root: core.getInput("source-root"),
output: core.getInput("sarif"),
@@ -28706,6 +28706,15 @@ async function codeqlDatabaseAnalyze(codeql, database_path) {
"--output",
codeql_output,
];
const extPackPath = process.env["EXTPACK_PATH"];
const extPackName = process.env["EXTPACK_NAME"];
if (extPackPath !== undefined &&
extPackName !== undefined &&
extPackPath !== "" &&
extPackName !== "") {
cmd.push("--additional-packs", extPackPath);
cmd.push("--extension-packs", extPackName);
}
// remote pack or local pack
if (codeql.pack.startsWith("githubsecuritylab/")) {
var suite = codeql.pack + ":" + codeql.suite;

14
.github/action/package-lock.json generated vendored
View File

@@ -15,7 +15,7 @@
"@actions/tool-cache": "^2.0.1"
},
"devDependencies": {
"@types/node": "^20.6.0",
"@types/node": "^20.12.7",
"@vercel/ncc": "^0.38.0",
"prettier": "^3.0.3",
"typescript": "^5.2.2"
@@ -195,9 +195,9 @@
}
},
"node_modules/@types/node": {
"version": "20.11.19",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.19.tgz",
"integrity": "sha512-7xMnVEcZFu0DikYjWOlRq7NTPETrm7teqUT2WkQjrTIkEgUyyGdWsj/Zg8bEJt5TNklzbPD1X3fqfsHw3SpapQ==",
"version": "20.12.7",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.7.tgz",
"integrity": "sha512-wq0cICSkRLVaf3UGLMGItu/PtdY7oaXaI/RVU+xliKVOtRna3PRY57ZDfztpDL0n11vfymMUnXv8QwYCO7L1wg==",
"dev": true,
"dependencies": {
"undici-types": "~5.26.4"
@@ -520,9 +520,9 @@
}
},
"@types/node": {
"version": "20.11.19",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.19.tgz",
"integrity": "sha512-7xMnVEcZFu0DikYjWOlRq7NTPETrm7teqUT2WkQjrTIkEgUyyGdWsj/Zg8bEJt5TNklzbPD1X3fqfsHw3SpapQ==",
"version": "20.12.7",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.7.tgz",
"integrity": "sha512-wq0cICSkRLVaf3UGLMGItu/PtdY7oaXaI/RVU+xliKVOtRna3PRY57ZDfztpDL0n11vfymMUnXv8QwYCO7L1wg==",
"dev": true,
"requires": {
"undici-types": "~5.26.4"

2
.github/action/package.json vendored
View File

@@ -40,7 +40,7 @@
"@actions/tool-cache": "^2.0.1"
},
"devDependencies": {
"@types/node": "^20.6.0",
"@types/node": "^20.12.7",
"@vercel/ncc": "^0.38.0",
"prettier": "^3.0.3",
"typescript": "^5.2.2"

7
.github/action/src/codeql.ts vendored
View File

@@ -149,7 +149,12 @@ export async function codeqlDatabaseAnalyze(
const extPackPath = process.env["EXTPACK_PATH"];
const extPackName = process.env["EXTPACK_NAME"];
if (extPackPath !== undefined && extPackName !== undefined) {
if (
extPackPath !== undefined &&
extPackName !== undefined &&
extPackPath !== "" &&
extPackName !== ""
) {
cmd.push("--additional-packs", extPackPath);
cmd.push("--extension-packs", extPackName);
}

15
action.yml
View File

@@ -33,18 +33,9 @@ runs:
mkdir workflow-extpack
cd workflow-extpack
# Store the extension pack file
cat > models.json << 'EOF'
${{ inputs.workflow-models }}
EOF
# Store the extension pack file
cat > models.yml << 'EOF'
extensions:
- addsTo:
pack: githubsecuritylab/actions-all
extensible: workflowDataModel
data: []
${{ inputs.workflow-models }}
EOF
# Create QLPack
@@ -69,7 +60,7 @@ runs:
INPUT_SOURCE-ROOT: ${{ inputs.source-root }}
INPUT_SARIF-OUTPUT: ${{ inputs.sarif-output }}
INPUT_SUITE: ${{ inputs.suite }}
EXTPACK_PATH: ${{ inputs.extpack-path }}
EXTPACK_NAME: ${{ inputs.extpack-name }}
EXTPACK_PATH: ${{ env.EXTPACK_PATH }}
EXTPACK_NAME: ${{ env.EXTPACK_NAME }}
run: |
node ${{ github.action_path }}/.github/action/dist/index.js