Skip to content

Commit e56cfd0

Browse files
authored
Merge pull request #2194 from github/backport-v2.24.7-3ab410190
Merge releases/v3 into releases/v2
2 parents 928ff8c + 6046c63 commit e56cfd0

File tree

3,439 files changed

+13734
-136539
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

3,439 files changed

+13734
-136539
lines changed

.github/workflows/debug-artifacts-failure.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,9 +50,11 @@ jobs:
5050
run: ./build.sh
5151
- uses: ./../action/analyze
5252
id: analysis
53+
env:
54+
# Forces a failure in this step.
55+
CODEQL_ACTION_EXTRA_OPTIONS: '{ "database": { "finalize": ["--invalid-option"] } }'
5356
with:
5457
expect-error: true
55-
ram: 1
5658
download-and-check-artifacts:
5759
name: Download and check debug artifacts after failure in analyze
5860
needs: upload-artifacts

CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
44

55
Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.
66

7+
## 2.24.7 - 12 Mar 2024
8+
9+
- Update default CodeQL bundle version to 2.16.4. [#2185](https://github.com/github/codeql-action/pull/2185)
10+
711
## 2.24.6 - 29 Feb 2024
812

913
No user facing changes.

init/action.yml

Lines changed: 21 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -7,25 +7,33 @@ inputs:
77
required: false
88
# If not specified the Action will check in several places until it finds the CodeQL tools.
99
languages:
10-
description: |
11-
A comma-separated value of the languages to be analysed e.g. python,javascript
10+
description: >-
11+
A comma-separated list of CodeQL languages to analyze.
12+
13+
Due to the performance benefit of parallelizing builds, we recommend specifying languages to
14+
analyze using a matrix and providing `\$\{{ matrix.language }}` as this input.
15+
16+
For more information, see
17+
https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#changing-the-languages-that-are-analyzed.
1218
required: false
1319
build-mode:
1420
description: >-
15-
[Experimental, for internal testing only] The build mode that will be used to analyze the language.
16-
This input is only available in single-language analyses.
21+
The build mode that will be used to analyze the language. This input is only available when
22+
analyzing a single CodeQL language per job, for example using a matrix.
1723
1824
Available build modes will differ based on the language being analyzed. One of:
1925
20-
- none: The database will be created without building the source code.
21-
Available for all interpreted languages and some compiled languages.
22-
- autobuild: The database will be created by attempting to automatically build the source code.
23-
To use this build mode, ensure that your workflow calls the `autobuild` action
24-
between the `init` and `analyze` steps.
25-
Available for all compiled languages.
26-
- manual: The database will be created by building the source code using a manually specified
27-
build command. To use this build mode, specify manual build steps in your workflow
28-
between the `init` and `analyze` steps. Available for all compiled languages.
26+
- `none`: The database will be created without building the source code.
27+
Available for all interpreted languages and some compiled languages.
28+
- `autobuild`: The database will be created by attempting to automatically build the source
29+
code.
30+
To use this build mode, ensure that your workflow calls the `autobuild` action
31+
between the `init` and `analyze` steps.
32+
Available for all compiled languages.
33+
- `manual`: The database will be created by building the source code using a manually
34+
specified build command. To use this build mode, specify manual build steps in
35+
your workflow between the `init` and `analyze` steps. Available for all
36+
compiled languages.
2937
required: false
3038
token:
3139
description: GitHub token to use for authenticating with this instance of GitHub. To download custom packs from multiple registries, use the registries input.

lib/api-compatibility.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
{ "maximumVersion": "3.12", "minimumVersion": "3.8" }
1+
{ "maximumVersion": "3.13", "minimumVersion": "3.8" }

lib/codeql.js

Lines changed: 13 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/codeql.js.map

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/defaults.json

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
2-
"bundleVersion": "codeql-bundle-v2.16.3",
3-
"cliVersion": "2.16.3",
4-
"priorBundleVersion": "codeql-bundle-v2.16.2",
5-
"priorCliVersion": "2.16.2"
2+
"bundleVersion": "codeql-bundle-v2.16.4",
3+
"cliVersion": "2.16.4",
4+
"priorBundleVersion": "codeql-bundle-v2.16.3",
5+
"priorCliVersion": "2.16.3"
66
}

lib/trap-caching.js

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/trap-caching.js.map

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/trap-caching.test.js

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)