This was manually added in the docs site at the time of 2.21.1 release and GA.
Include the change note in the relevant places so it remains
in future docs updates:
- codeql/actions-queries@0.5.4
- codeql/actions-all@0.4.7
- 2.21.1 changelog
Always concatenate the default filters with the user-provided filters.
This ensures that when `paths-ignore` is provided,
we begin with the default path inclusions,
not all YAML files.
This makes the `paths-ignore-only` integration test variant
under `filters` pass.
The handling of `paths` is unchanged:
if provided, this overrides the default filters.
Use the common structure from the existing test
for default filters.
Check both query output finding workflows and actions,
and source archive output showing all extracted YAML files.
The test for only `paths-ignore` fails in this commit,
demonstrating a bug: we start with all YAML files
rather than starting with the default includes.
The tests for `paths` reflect current behaviour
which is consistent with other languages:
`paths` overrides the default inclusions,
and only files under `paths` are included.
This may not be the best user experience for Actions,
since we want to scan all workflow and action files
even in the presence of `paths`, but that is not
currently addressed.
Create a common file structure to be shared among multiple tests
for path filters, and rename accordingly.
Update test expectations with additional files.
Use pytest markers to indicate the expected outputs.
Add source archive checking in addition to checking query output.
This allows us to test which YAML files were extracted
separately from whether they are semantically meaningful
to the Actions analysis.
Pass the quoted script path to PowerShell using `-File`.
This ensures the path is treated as a string rather
than a command, and correctly handles file paths
that contain spaces, unblocking integration tests.
Add logging to autobuild.cmd for easier debugging.
Include a reachable workflow, and several unreachable workflow files.
Include action metadata files at various depths, all reachable.
This test exercises the default filters when the user doesn't
specify paths/paths-ignore.
Quote the paths to the CodeQL CLI dist or autobuild scripts when invoked.
This unblocks integration testing, since our integration tests always use
a CLI with a space in its directory name.
