hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-09 20:50:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
65,608 Commits 1,679 Branches 158 Tags
844e78dce5107cb747893f950bb473dcdc800236
Commit Graph

688 Commits

Author SHA1 Message Date
Calum Grant
03bf804a68 Add C++ analysis in separate workflow 2024-03-27 11:44:58 +00:00
Cornelius Riemenschneider
b82ffd40e7 Fix windows CI build. 
As we're now checking out the `codeql` repo in a sub-path,
we need to enable long paths on Windows.
 2024-02-26 11:21:23 +00:00
Cornelius Riemenschneider
fd85c44129 Ruby: Start building the language pack using bazel. 
This PR introduces a bazel and `rules_rust`-based build system
for the ruby extractor and language pack.
This replacese the existing, `cargo` and `cross`-based build system.

For local development, nothing changes, and the existing `cargo`-based
build still keeps working as-is.

We no longer need to use `cross` to compile our Linux binaries,
as we now can link against our hermetic C++ toolchain, which ships
with an old enough glibc, so that we don't run into symbol version issues
when deploying the binaries to older systems.
Besides the one change in dependency (explained in detail in `Cargo.toml`
and in https://github.com/github/codeql/pull/15595), nothing ought to
change in how we build the extractor.
 2024-02-26 11:21:22 +00:00
Anders Schack-Mulligen
dab8e237e6 Workflows: Run format check on shared. 2024-02-26 11:33:00 +01:00
Michael B. Gale
0ad04d45a9 Disable setup-go caching 2024-02-16 17:48:12 +00:00
Michael B. Gale
91ed7a8d79 Go: Use 1.22 in CI 2024-02-16 17:33:23 +00:00
Angela P Wen
c75111619e Add security-events: write permission 2024-02-16 02:17:17 -08:00
Tamas Vajk
89384bb855 Extend permissions in csv-coverage-update.yml 2024-02-16 10:19:16 +01:00
Josh Soref
b58c856756 Declare permissions 
Repositories can be configured with Default access (restricted)
https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

Best practice says that workflows should declare the minimal permissions they require.
Without declaring permissions, paranoid forks fail miserably.
 2024-02-14 14:31:45 -05:00
Josh Soref
e468f4062f use github/codeql-action...@main 2024-02-14 14:31:31 -05:00
Óscar San José
96ed6597dd Merge branch 'main' into github-only 2024-02-14 10:23:39 +01:00
Josh Soref
a128161746 Use !cancelled in qhelp-pr-preview workflow 2024-02-12 16:59:42 -05:00
Josh Soref
6779c667f6 Limit xl runner jobs to github org 2024-02-12 05:00:49 -05:00
Michael Nebel
9a6751a6dd C#: Update the RuntimeFrameworkVersion to 8.0.1. 2024-01-31 09:27:37 +01:00
Henti Smith
612256b760 Updated dotnet to 8.0.101 
This is a corresponding PR to https://github.com/github/semmle-code/pull/48786
 2024-01-30 16:23:07 +00:00
Paolo Tranquilli
33b6ce7365 Swift: update formatting to clang-format 17.0.6 
Also, added a format check in `swift.yml`.
 2024-01-25 13:58:14 +01:00
Michael Nebel
04a724f373 Java: Update the model diff workflow. 2024-01-05 11:28:47 +01:00
Michael Nebel
8fe73f72cc Java: Trigger Models as Data diff workflow on changes to the shared scripts. 2024-01-05 09:22:49 +01:00
Owen Mansel-Chan
9cb0bb2fc9 Merge pull request #15034 from github/dependabot/github_actions/actions/setup-go-5 
Bump actions/setup-go from 4 to 5
 2023-12-14 14:14:03 +00:00
Michael Nebel
7006d00702 Merge pull request #14892 from michaelnebel/csharp/dotnet8 
C#: Use .NET 8
 2023-12-11 13:53:35 +01:00
Michael Nebel
0df9dcb0fd C#: Update workflow files to also install .NET 8. 2023-12-11 10:57:43 +01:00
dependabot[bot]
e822fe975d Bump actions/stale from 8 to 9 
Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v8...v9)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-08 03:10:16 +00:00
dependabot[bot]
3d7ab2e0b0 Bump actions/setup-go from 4 to 5 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-07 03:43:13 +00:00
Chuan-kai Lin
ba57a0363c Revert "Bump actions/labeler from 4 to 5" 2023-12-05 12:09:56 -08:00
Henti Smith
33a0de07b6 Merge pull request #15002 from github/dependabot/github_actions/actions/setup-dotnet-4 
Bump actions/setup-dotnet from 3 to 4
 2023-12-05 15:35:00 +00:00
dependabot[bot]
eb08a508c9 Bump actions/labeler from 4 to 5 
Bumps [actions/labeler](https://github.com/actions/labeler) from 4 to 5.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/labeler
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-05 03:33:07 +00:00
dependabot[bot]
4d68beffe0 Bump actions/setup-dotnet from 3 to 4 
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 3 to 4.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](https://github.com/actions/setup-dotnet/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-05 03:33:03 +00:00
Owen Mansel-Chan
00ba7e42b1 Merge pull request #14613 from owen-mc/change-note-check-on-shared 
Update `Change-note-check` workflow to detect changes in shared folder
 2023-10-27 11:45:03 +01:00
Owen Mansel-Chan
1db622e740 Make check-change-note workflow include shared 2023-10-27 11:26:13 +01:00
Jami
c7b9e405b7 Merge pull request #14517 from jcogs33/jcogs33/update-framework-cov-diff-workflow 
CI: Update framework coverage difference commenter
 2023-10-25 14:31:00 -04:00
Michael Nebel
743be92624 C#: Adjust workflow to point to the new location for the script. 2023-10-23 15:10:20 +02:00
Jami Cogswell
687ecffe71 CI: don't upload comment/ID artifact if no existing comment 2023-10-22 15:28:07 -04:00
Jami Cogswell
9263cfdf56 CI: save and upload comment id (if it exists) 2023-10-19 19:14:23 -04:00
Esben Sparre Andreasen
2c99e2f3d5 improve change note file name checks 2023-10-19 12:16:27 +02:00
Esben Sparre Andreasen
836bb6006c improve env var usage in check-change-note.yml 2023-10-19 12:05:29 +02:00
Tamás Vajk
d723905035 Merge pull request #14368 from tamasvajk/standalone/use-legacy-framework-dlls 
C#: Choose between .NET framework or core DLLs in standalone
 2023-10-16 08:53:55 +02:00
Tamas Vajk
534ea3ecac Adjust stub generator test to fix the nuget package version 2023-10-12 08:50:32 +02:00
erik-krogh
ef63d9dd47 use a bigger compilation cache in the compile-queries workflow 2023-10-09 13:21:37 +02:00
Aditya Sharad
cf98b84279 ATM/JS: Remove test workflow 
These queries are deprecated, and upcoming nightly CLIs will no longer support their experimental functionality. To avoid test breakage, remove this workflow.

The code and tests can be cleaned up as future follow-up.
 2023-09-29 15:19:45 -07:00
Michael Nebel
c25113ae46 C#: Execute tests via the bash shell to ensure that we stop on error. 2023-09-29 09:35:43 +02:00
Michael Nebel
e42741e8ed C#: Also run extractor unit tests on a windows runner. 2023-09-29 09:33:33 +02:00
Tom Hvitved
4262fd5a48 C#: Add stub generator integration test 2023-09-25 17:02:11 +02:00
Cornelius Riemenschneider
79d210f7bd Update .github/workflows/ruby-build.yml 
Co-authored-by: Arthur Baars <aibaars@github.com>
 2023-09-06 12:19:46 +02:00
dependabot[bot]
03771ffad2 Bump actions/checkout from 2 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-05 12:17:54 +02:00
Tom Hvitved
7e77c77d92 Ruby: Update expected test output 2023-08-30 13:33:48 +02:00
Michael B. Gale
b95effe916 Allow patch-level updates in Go CI 2023-08-15 14:13:36 +01:00
Michael B. Gale
69589766ec Use Go 1.21 in CI 2023-08-11 10:55:00 +01:00
Kasper Svendsen
dd548945c7 Enable checks for implicit this warnings 2023-06-29 14:25:44 +02:00
Kasper Svendsen
b4ef243733 Add workflow to check for warnOnImplicitThis 2023-06-27 13:48:04 +02:00
Tony Torralba
8401793755 Run "Check framework coverage changes" workflow when models-as-data files change 2023-06-08 15:57:38 +02:00