Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitaa72dda

Browse files
authored
Merge branch 'main' into mbg/interpret-cq-results
2 parents65d1e45 +8593ea6 commitaa72dda

15 files changed

+149
-36
lines changed

‎.github/copilot-instructions.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
#CodeQL Action - Copilot Instructions
2+
3+
The CodeQL Action is written in TypeScript and compiled to JavaScript. Both the TypeScript sources and the**generated** JavaScript code are contained in this repository. The TypeScript sources are contained in the`src` directory and the JavaScript code is contained in the`lib` directory. A GitHub Actions workflow checks that the JavaScript code in`lib` is up-to-date. Therefore, you should not review any changes to the contents of the`lib` folder and it is expected that the JavaScript code in`lib` closely mirrors the TypeScript code it is generated from.
4+
5+
GitHub Actions workflows in the`.github/workflows` directory whose filenames start with two underscores (e.g.`__all-platform-bundle.yml`) are automatically generated using the`pr-checks/sync.sh` script from template files in the`pr-checks/checks` directory. Therefore, you do not need to review files in the`.github/workflows` directory that starts with two underscores. However, you should review changes to the`pr-checks` directory as well as workflows in the`.github/workflows` directory that do not start with underscores.
Lines changed: 101 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,101 @@
1+
name:Update dependency proxy release assets
2+
on:
3+
workflow_dispatch:
4+
inputs:
5+
tag:
6+
description:"The tag of CodeQL Bundle release that contains the proxy binaries as release assets"
7+
type:string
8+
required:true
9+
10+
jobs:
11+
update:
12+
name:Update code and create PR
13+
timeout-minutes:15
14+
runs-on:ubuntu-latest
15+
permissions:
16+
contents:write# needed to push the updated files
17+
pull-requests:write# needed to create the PR
18+
env:
19+
RELEASE_TAG:${{ inputs.tag }}
20+
steps:
21+
-name:Check release tag format
22+
id:checks
23+
shell:bash
24+
run:|
25+
if ! [[ $RELEASE_TAG =~ ^codeql-bundle-v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
26+
echo "Invalid release tag: expected a CodeQL bundle tag in the 'codeql-bundle-vM.N.P' format."
27+
exit 1
28+
fi
29+
30+
echo "target_branch=dependency-proxy/$RELEASE_TAG" >> $GITHUB_OUTPUT
31+
32+
-name:Check that the release exists
33+
shell:bash
34+
env:
35+
GITHUB_TOKEN:"${{ secrets.GITHUB_TOKEN }}"
36+
run:|
37+
(gh release view --repo "$GITHUB_REPOSITORY" --json "assets" "$RELEASE_TAG" && echo "Release found.") || exit 1
38+
39+
-name:Install Node
40+
uses:actions/setup-node@v4
41+
42+
-name:Checkout repository
43+
uses:actions/checkout@v4
44+
with:
45+
fetch-depth:0# ensure we have all tags and can push commits
46+
ref:main
47+
48+
-name:Update git config
49+
shell:bash
50+
run:|
51+
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
52+
git config --global user.name "github-actions[bot]"
53+
54+
-name:Update release tag and version
55+
shell:bash
56+
run:|
57+
NOW=$(date +"%Y%m%d%H%M%S") # only used to make sure we don't fetch stale binaries from the toolcache
58+
sed -i "s|https://github.com/github/codeql-action/releases/download/codeql-bundle-v[0-9.]\+/|https://github.com/github/codeql-action/releases/download/$RELEASE_TAG/|g" ./src/start-proxy-action.ts
59+
sed -i "s/\"v2.0.[0-9]\+\"/\"v2.0.$NOW\"/g" ./src/start-proxy-action.ts
60+
61+
-name:Compile TypeScript and commit changes
62+
shell:bash
63+
env:
64+
TARGET_BRANCH:${{ steps.checks.outputs.target_branch }}
65+
run:|
66+
set -exu
67+
git checkout -b "$TARGET_BRANCH"
68+
69+
npm run build
70+
git add ./src/start-proxy-action.ts
71+
git add ./lib
72+
git commit -m "Update release used by \`start-proxy\` action"
73+
74+
-name:Push changes and open PR
75+
shell:bash
76+
env:
77+
GITHUB_TOKEN:"${{ secrets.GITHUB_TOKEN }}"
78+
TARGET_BRANCH:${{ steps.checks.outputs.target_branch }}
79+
PR_FLAG:${{ (github.event_name == 'workflow_dispatch' && '--draft') || '--dry-run' }}
80+
run:|
81+
set -exu
82+
pr_title="Update release used by \`start-proxy\` to \`$RELEASE_TAG\`"
83+
pr_body=$(cat << EOF
84+
This PR updates the \`start-proxy\` action to use the private registry proxy binaries that
85+
are attached as release assets to the \`$RELEASE_TAG\` release.
86+
87+
88+
Please do the following before merging:
89+
90+
- [ ] Verify that the changes to the code are correct.
91+
- [ ] Mark the PR as ready for review to trigger the CI.
92+
EOF
93+
)
94+
95+
git push origin "$TARGET_BRANCH"
96+
gh pr create \
97+
--head "$TARGET_BRANCH" \
98+
--base "main" \
99+
--title "${pr_title}" \
100+
--body "${pr_body}" \
101+
$PR_FLAG

‎CHANGELOG.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,12 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
44

55
##[UNRELEASED]
66

7+
No user facing changes.
8+
9+
##3.29.1 - 27 Jun 2025
10+
711
- Fix bug in PR analysis where user-provided`include` query filter fails to exclude non-included queries.[#2938](https://github.com/github/codeql-action/pull/2938)
12+
- Update default CodeQL bundle version to 2.22.1.[#2950](https://github.com/github/codeql-action/pull/2950)
813

914
##3.29.0 - 11 Jun 2025
1015

‎lib/api-compatibility.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
{"maximumVersion":"3.18","minimumVersion":"3.13" }
1+
{"maximumVersion":"3.18","minimumVersion":"3.14" }

‎lib/defaults.json

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
2-
"bundleVersion":"codeql-bundle-v2.22.0",
3-
"cliVersion":"2.22.0",
4-
"priorBundleVersion":"codeql-bundle-v2.21.4",
5-
"priorCliVersion":"2.21.4"
2+
"bundleVersion":"codeql-bundle-v2.22.1",
3+
"cliVersion":"2.22.1",
4+
"priorBundleVersion":"codeql-bundle-v2.22.0",
5+
"priorCliVersion":"2.22.0"
66
}

‎lib/start-proxy-action.js

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎node_modules/.package-lock.json

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎package-lock.json

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name":"codeql",
3-
"version":"3.29.1",
3+
"version":"3.29.2",
44
"private":true,
55
"description":"CodeQL action",
66
"scripts": {

‎src/api-compatibility.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
{"maximumVersion":"3.18","minimumVersion":"3.13"}
1+
{"maximumVersion":"3.18","minimumVersion":"3.14"}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp