hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
66,351 Commits 1,671 Branches 157 Tags
8cba276b87e17fa3bfbbef3522dd9e863eaa7487
Commit Graph

768 Commits

Author SHA1 Message Date
Henry Mercer
8747438613 JS: Remove ML-powered queries 2024-04-15 17:35:32 +01:00
Paolo Tranquilli
de4ffbb552 Swift: add shared/** to CI triggers 
Not being triggered by changes in shared was making it possible to not
notice changes in `shared` having effect on Swift tests. For example
[this PR](https://github.com/github/codeql/pull/15501) introduced a
test change that was fixed [here](https://github.com/github/codeql/pull/16197).
 2024-04-12 15:46:01 +02:00
Calum Grant
03bf804a68 Add C++ analysis in separate workflow 2024-03-27 11:44:58 +00:00
Ian Lynagh
86b4f27d12 CI: Kotlin: Label Kotlin test changes as "Kotlin" 2024-03-01 11:26:56 +00:00
Cornelius Riemenschneider
b82ffd40e7 Fix windows CI build. 
As we're now checking out the `codeql` repo in a sub-path,
we need to enable long paths on Windows.
 2024-02-26 11:21:23 +00:00
Cornelius Riemenschneider
fd85c44129 Ruby: Start building the language pack using bazel. 
This PR introduces a bazel and `rules_rust`-based build system
for the ruby extractor and language pack.
This replacese the existing, `cargo` and `cross`-based build system.

For local development, nothing changes, and the existing `cargo`-based
build still keeps working as-is.

We no longer need to use `cross` to compile our Linux binaries,
as we now can link against our hermetic C++ toolchain, which ships
with an old enough glibc, so that we don't run into symbol version issues
when deploying the binaries to older systems.
Besides the one change in dependency (explained in detail in `Cargo.toml`
and in https://github.com/github/codeql/pull/15595), nothing ought to
change in how we build the extractor.
 2024-02-26 11:21:22 +00:00
Anders Schack-Mulligen
dab8e237e6 Workflows: Run format check on shared. 2024-02-26 11:33:00 +01:00
Michael B. Gale
0ad04d45a9 Disable setup-go caching 2024-02-16 17:48:12 +00:00
Michael B. Gale
91ed7a8d79 Go: Use 1.22 in CI 2024-02-16 17:33:23 +00:00
Angela P Wen
c75111619e Add security-events: write permission 2024-02-16 02:17:17 -08:00
Tamas Vajk
89384bb855 Extend permissions in csv-coverage-update.yml 2024-02-16 10:19:16 +01:00
Josh Soref
b58c856756 Declare permissions 
Repositories can be configured with Default access (restricted)
https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

Best practice says that workflows should declare the minimal permissions they require.
Without declaring permissions, paranoid forks fail miserably.
 2024-02-14 14:31:45 -05:00
Josh Soref
e468f4062f use github/codeql-action...@main 2024-02-14 14:31:31 -05:00
Óscar San José
96ed6597dd Merge branch 'main' into github-only 2024-02-14 10:23:39 +01:00
Josh Soref
a128161746 Use !cancelled in qhelp-pr-preview workflow 2024-02-12 16:59:42 -05:00
Josh Soref
6779c667f6 Limit xl runner jobs to github org 2024-02-12 05:00:49 -05:00
Michael Nebel
9a6751a6dd C#: Update the RuntimeFrameworkVersion to 8.0.1. 2024-01-31 09:27:37 +01:00
Henti Smith
612256b760 Updated dotnet to 8.0.101 
This is a corresponding PR to https://github.com/github/semmle-code/pull/48786
 2024-01-30 16:23:07 +00:00
Paolo Tranquilli
33b6ce7365 Swift: update formatting to clang-format 17.0.6 
Also, added a format check in `swift.yml`.
 2024-01-25 13:58:14 +01:00
Michael Nebel
04a724f373 Java: Update the model diff workflow. 2024-01-05 11:28:47 +01:00
Michael Nebel
8fe73f72cc Java: Trigger Models as Data diff workflow on changes to the shared scripts. 2024-01-05 09:22:49 +01:00
Owen Mansel-Chan
9cb0bb2fc9 Merge pull request #15034 from github/dependabot/github_actions/actions/setup-go-5 
Bump actions/setup-go from 4 to 5
 2023-12-14 14:14:03 +00:00
Michael Nebel
7006d00702 Merge pull request #14892 from michaelnebel/csharp/dotnet8 
C#: Use .NET 8
 2023-12-11 13:53:35 +01:00
Michael Nebel
0df9dcb0fd C#: Update workflow files to also install .NET 8. 2023-12-11 10:57:43 +01:00
dependabot[bot]
e822fe975d Bump actions/stale from 8 to 9 
Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v8...v9)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-08 03:10:16 +00:00
dependabot[bot]
3d7ab2e0b0 Bump actions/setup-go from 4 to 5 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-07 03:43:13 +00:00
Chuan-kai Lin
ba57a0363c Revert "Bump actions/labeler from 4 to 5" 2023-12-05 12:09:56 -08:00
Henti Smith
33a0de07b6 Merge pull request #15002 from github/dependabot/github_actions/actions/setup-dotnet-4 
Bump actions/setup-dotnet from 3 to 4
 2023-12-05 15:35:00 +00:00
dependabot[bot]
eb08a508c9 Bump actions/labeler from 4 to 5 
Bumps [actions/labeler](https://github.com/actions/labeler) from 4 to 5.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/labeler
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-05 03:33:07 +00:00
dependabot[bot]
4d68beffe0 Bump actions/setup-dotnet from 3 to 4 
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 3 to 4.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](https://github.com/actions/setup-dotnet/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-05 03:33:03 +00:00
Owen Mansel-Chan
00ba7e42b1 Merge pull request #14613 from owen-mc/change-note-check-on-shared 
Update `Change-note-check` workflow to detect changes in shared folder
 2023-10-27 11:45:03 +01:00
Owen Mansel-Chan
1db622e740 Make check-change-note workflow include shared 2023-10-27 11:26:13 +01:00
Jami
c7b9e405b7 Merge pull request #14517 from jcogs33/jcogs33/update-framework-cov-diff-workflow 
CI: Update framework coverage difference commenter
 2023-10-25 14:31:00 -04:00
Michael Nebel
743be92624 C#: Adjust workflow to point to the new location for the script. 2023-10-23 15:10:20 +02:00
Jami Cogswell
687ecffe71 CI: don't upload comment/ID artifact if no existing comment 2023-10-22 15:28:07 -04:00
Jami Cogswell
9263cfdf56 CI: save and upload comment id (if it exists) 2023-10-19 19:14:23 -04:00
Esben Sparre Andreasen
2c99e2f3d5 improve change note file name checks 2023-10-19 12:16:27 +02:00
Esben Sparre Andreasen
836bb6006c improve env var usage in check-change-note.yml 2023-10-19 12:05:29 +02:00
Michael B. Gale
771b5eca47 No allow, only ignore 2023-10-18 14:25:38 +01:00
Michael B. Gale
10e9c6defd Update .github/dependabot.yml 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-10-18 14:23:32 +01:00
Michael B. Gale
df191e4b6d Update .github/dependabot.yml 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
 2023-10-18 14:22:06 +01:00
Michael B. Gale
bd811f25da Add Dependabot config for go/ql/test 2023-10-18 11:06:02 +01:00
Michael B. Gale
8c818a8657 group => groups 2023-10-16 14:53:03 +01:00
Michael B. Gale
822f37156e Merge pull request #14483 from github/mbg/go/dependabot 
Go: Improve Dependabot configuration
 2023-10-16 14:05:36 +01:00
Tamás Vajk
d723905035 Merge pull request #14368 from tamasvajk/standalone/use-legacy-framework-dlls 
C#: Choose between .NET framework or core DLLs in standalone
 2023-10-16 08:53:55 +02:00
Erik Krogh Kristensen
59c43c7904 Merge pull request #14410 from erik-krogh/bigger-compilation-cache 
use a bigger compilation cache in the compile-queries workflow
 2023-10-12 12:35:44 +02:00
Michael B. Gale
75900f05c9 Go: group golang.org dependencies 2023-10-12 10:55:45 +01:00
Michael B. Gale
114a875f3d Go: re-add Dependabot allow list 2023-10-12 10:55:31 +01:00
Tamas Vajk
534ea3ecac Adjust stub generator test to fix the nuget package version 2023-10-12 08:50:32 +02:00
Michael B. Gale
94b0bc1e35 Move go.mod into extractor directory 2023-10-11 13:10:20 +01:00