hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,517 Commits 1,671 Branches 157 Tags
sauyon/java-spring-stringutils
Commit Graph

62 Commits

Author SHA1 Message Date
Aditya Sharad
a0465d20cb Actions: Remove docs-review workflow 
Being replaced by internal automation that polls the repo for open labelled PRs, since this workflow currently cannot tag the docs team in a comment.
 2021-03-24 11:26:00 -07:00
Aditya Sharad
f4dc5b963b Merge pull request #5335 from Marcono1234/patch-1 
Add name to check-change-note.yml workflow
 2021-03-18 10:44:53 -07:00
Aditya Sharad
b1d0b9afbb Merge pull request #5363 from github/adityasharad/actions/docs-review-fix 
Actions: Fix comment that tags the Docs team
 2021-03-09 07:17:24 -08:00
Taus Brock-Nannestad
3d0d280972 Merge remote-tracking branch 'upstream/rc/3.1' into mergeback-rc/3.1-to-main 2021-03-08 22:15:10 +01:00
Aditya Sharad
318ce47982 Actions: Fix comment that tags the Docs team 2021-03-08 09:17:19 -08:00
Shati Patel
85205a21de Docs: Remove query help script 2021-03-05 16:02:53 +00:00
Marcono1234
879dbba8f0 Add name to check-change-note.yml workflow 2021-03-05 00:34:42 +01:00
Aditya Sharad
648910e974 Merge pull request #5285 from adityasharad/actions/docs-review 
Actions: Add workflow to request docs review
 2021-03-02 08:52:32 -08:00
Aditya Sharad
dbed4a1a8b Actions: Add workflow to request docs review 
When a PR is labelled with 'ready-for-docs-review',
this workflow comments on the PR to notify the GitHub CodeQL docs team.
Runs on `pull_request_target` events so it can write comments to the PR.
Since this runs in the context of the base repo, it must not check out the PR
or use untrusted data from the event payload.

Only runs when the PR base is github/codeql, to prevent notifications from forks.
 2021-03-01 17:15:03 -08:00
Tamas Vajk
1ecbbf6af3 C#: Fix codeql analysis workflow 2021-03-01 09:18:05 +01:00
Tamás Vajk
91928fa098 Merge pull request #5220 from tamasvajk/feature/limit-codescanning-csharp 
Limit C# codeql analysis to the csharp folder
 2021-02-23 21:05:38 +01:00
Taus Brock-Nannestad
439f9f1d90 Actions: More cleanup 
Removes the checkout action, as this is no longer needed, and folds
the `grep` into `jq`.
 2021-02-22 11:05:54 +01:00
Taus Brock-Nannestad
4680b25f23 Actions: Remove dependence on external actions 2021-02-21 15:14:33 +01:00
Taus Brock-Nannestad
ca48e57e30 Actions: Peg external actions to specific SHAs 2021-02-19 16:50:08 +01:00
Tamas Vajk
e1b90912de Limit C# codeql analysis to the csharp folder 2021-02-19 16:13:22 +01:00
Taus Brock-Nannestad
6095138acc Actions: Address comments on change note CI check 
- Fail the CI check if change note is missing.
- Disregards changes outside of `*/ql/src`.
- Runs the workflow on label changes, and upon moving the PR out of
  draft mode.
- Only fails the CI check if the PR is out of draft.
- Changes label to `no-change-note-required`.
 2021-02-19 13:55:35 +01:00
Taus Brock-Nannestad
03d3f2c8e8 Actions: Add change note checker 2021-02-19 10:16:50 +01:00
Shati Patel
6a46be2379 Install sphinx extension for building markdown tables 2021-02-05 12:07:06 +00:00
Julian Tibble
121ffbbfa8 Restrict triggers for CodeQL workflow 
Analysing all branches on both 'push' and 'pull request' events causes
duplicate analysis. It is only necessary to analyse the _target_
branches of pull requests on push.
 2021-02-04 11:49:15 +00:00
Julian Tibble
ecfad6b5c7 Update CodeQL workflow 
Bring the CodeQL workflow up to date with the latest recommended
configuration, which analyses the merge commit of pull requests (not the
head of the PR branch).
 2021-02-04 11:45:15 +00:00
james
a5c0802379 address review comments 2020-12-11 17:29:22 +00:00
James Fletcher
9c6962ec25 Update generate-query-help-docs.yml 2020-12-10 09:39:44 +00:00
James Fletcher
0640d2834d Update generate-query-help-docs.yml 2020-12-10 09:19:44 +00:00
James Fletcher
66c756b7f5 Update generate-query-help-docs.yml 2020-12-10 09:07:30 +00:00
Aditya Sharad
771425e860 Actions: Run query help workflow on PRs that modify it 2020-12-02 10:00:55 -08:00
Aditya Sharad
38ab87e5b1 Actions: Pin to fixed version of Sphinx Action 
Better for security to fix the commit SHA of the external Action, rather than specifying a branch or tag.
 2020-12-02 09:56:25 -08:00
james
65a048b65c address docs review comments 2020-12-01 14:19:12 +00:00
james
f5ae00865f rebase on rc/1.26 branch 2020-11-20 11:51:35 +00:00
james
4a9b61274a improve docs 2020-11-19 09:45:20 +00:00
james
d6e9f4d6f2 remove unnecessary steps from work flow 2020-11-19 09:45:20 +00:00
james
d70240c786 update conf.py for query help 2020-11-19 09:45:19 +00:00
james
cb962a9ce0 tests 2020-11-19 09:45:19 +00:00
james
0fe0d067e9 copy more sphinx files 2020-11-19 09:45:19 +00:00
james
27f52851ca add sphinx step 2020-11-19 09:45:19 +00:00
james
2383960e0d copy folder correctly 2020-11-19 09:45:19 +00:00
james
e9b2d771c2 add test steps 2020-11-19 09:45:19 +00:00
james
bb1c0a184a fix path 2020-11-19 09:45:19 +00:00
james
1a60f961e6 add set up step 2020-11-19 09:45:19 +00:00
james
fc848e553e fix working directory 2020-11-19 09:45:19 +00:00
james
fe5979d92a add working-directory 2020-11-19 09:45:19 +00:00
james
d25a0ef7e6 another test 2020-11-19 09:45:19 +00:00
james
c775a27a22 test2 2020-11-19 09:45:19 +00:00
james
2d93b3a45a test 2020-11-19 09:45:19 +00:00
james
8504724dbb add generate-query-help workflow 2020-11-19 09:45:18 +00:00
Asger F
dd5fb6ce12 Exclude JS tests from code scanning 2020-10-06 08:46:43 +01:00
Bas van Schaik
31495b876e Python script to generate lists of code scanning queries in CSV format (#4177) 
* Create a PowerShell script that can be used to report on the set of queries inside of a particular QL Suite.
* Translate PowerShell script into Python
* support running this script from anywhere within the CodeQL git repo
* print non-fatal error if metadata is not available
* make sure warning about missing pack is printed to stderr
* only run on pushes against main and rcs
* detect repo by checking remote, rather than first SHA
* specify full sha of dsaltares/fetch-gh-release-asset
* trigger workflow on PR that modifies paths of interest

Co-authored-by: Justin Hutchings <jhutchings1@users.noreply.github.com>
Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>
 2020-09-10 12:25:02 -07:00
Rasmus Wriedt Larsen
7e6ebfd636 Enable labeler action again 
This time using `pull_request_target`, so it will work properly with forks. See
https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target

This reverts commit d5d6093e75.
 2020-08-28 09:31:46 +02:00
Taus
b99ec29f6e Code Scanning: Additionally exclude Java and C++. 2020-07-03 13:56:25 +02:00
Taus
39bc978573 Code Scanning: Don't scan the Python directory. 
... Possibly some of the other language teams want to get on this? 🙂 
If so, give me a shout!
 2020-07-03 13:46:30 +02:00
Tom Hvitved
56670f3a5f Disable analysis for JS and Python 2020-06-19 16:25:23 +02:00