Merge branch 'main' into split_builtin_custom_queries

.eslintignore

@@ -0,0 +1,5 @@
+**/webpack.config.js
+lib/**
+runner/dist/**
+src/testdata/**
+tests/**

.eslintrc.json

@@ -0,0 +1,59 @@
+
+{
+    "parser": "@typescript-eslint/parser",
+    "parserOptions": {
+        "project": "./tsconfig.json"
+    },
+    "plugins": ["@typescript-eslint", "filenames", "github", "import", "no-async-foreach"],
+    "extends": [
+        "eslint:recommended",
+        "plugin:@typescript-eslint/recommended",
+        "plugin:@typescript-eslint/recommended-requiring-type-checking",
+        "plugin:github/recommended",
+        "plugin:github/typescript"
+    ],
+    "rules": {
+        "filenames/match-regex": ["error", "^[a-z0-9-]+(\\.test)?$"],
+        "import/extensions": "error",
+        "import/no-amd": "error",
+        "import/no-commonjs": "error",
+        "import/no-dynamic-require": "error",
+        "import/no-extraneous-dependencies": ["error", {"devDependencies": false}],
+        "import/no-namespace": "off",
+        "import/no-unresolved": "error",
+        "import/no-webpack-loader-syntax": "error",
+        "no-async-foreach/no-async-foreach": "error",
+        "no-console": "off",
+        "no-sequences": "error",
+        "one-var": ["error", "never"],
+        "sort-imports": ["error", { "allowSeparatedGroups": true }]
+    },
+    "overrides": [{
+        // "temporarily downgraded during transition to eslint
+        "files": "**",
+        "rules": {
+            "@typescript-eslint/ban-types": "off",
+            "@typescript-eslint/explicit-module-boundary-types": "off",
+            "@typescript-eslint/no-explicit-any": "off",
+            "@typescript-eslint/no-unsafe-assignment": "off",
+            "@typescript-eslint/no-unsafe-call": "off",
+            "@typescript-eslint/no-unsafe-member-access": "off",
+            "@typescript-eslint/no-unsafe-return": "off",
+            "@typescript-eslint/no-unused-vars": "off",
+            "@typescript-eslint/no-var-requires": "off",
+            "@typescript-eslint/prefer-regexp-exec": "off",
+            "@typescript-eslint/require-await": "off",
+            "@typescript-eslint/restrict-template-expressions": "off",
+            "eslint-comments/no-use": "off",
+            "func-style": "off",
+            "github/array-foreach": "off",
+            "github/no-then": "off",
+            "import/no-extraneous-dependencies": "off",
+            "no-shadow": "off",
+            "no-sparse-arrays": "off",
+            "no-throw-literal": "off",
+            "no-useless-escape": "off",
+            "sort-imports": "off"
+        }
+    }]
+}

.github/workflows/codeql.yml

@@ -1,6 +1,9 @@
 name: "CodeQL action"
 
-on: [push, pull_request]
+on:
+  push:
+    branches: [main, v1]
+  pull_request:
 
 jobs:
   build:

.github/workflows/integration-testing.yml

@@ -1,6 +1,9 @@
 name: "Integration Testing"
 
-on: [push, pull_request]
+on:
+  push:
+    branches: [main, v1]
+  pull_request:
 
 jobs:
   multi-language-repo_test-autodetect-languages:
@@ -150,7 +153,7 @@ jobs:
     - uses: ./../action/analyze
       env:
         TEST_MODE: true
-  
+
   runner-analyze-javascript-ubuntu:
     runs-on: ubuntu-latest
 
@@ -176,7 +179,7 @@ jobs:
         runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
       env:
         TEST_MODE: true
-  
+
   runner-analyze-javascript-windows:
     runs-on: windows-latest
 
@@ -198,7 +201,7 @@ jobs:
         runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
       env:
         TEST_MODE: true
-  
+
   runner-analyze-javascript-macos:
     runs-on: macos-latest
 
@@ -220,7 +223,7 @@ jobs:
         runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
       env:
         TEST_MODE: true
-  
+
   runner-analyze-csharp-ubuntu:
     runs-on: ubuntu-latest
 
@@ -254,7 +257,7 @@ jobs:
         ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
       env:
         TEST_MODE: true
-  
+
   runner-analyze-csharp-windows:
     runs-on: windows-latest
 
@@ -325,7 +328,7 @@ jobs:
       env:
         TEST_MODE: true
 
-  
+
   runner-analyze-csharp-autobuild-ubuntu:
     runs-on: ubuntu-latest
 
@@ -358,7 +361,7 @@ jobs:
         ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
       env:
         TEST_MODE: true
-  
+
   runner-analyze-csharp-autobuild-windows:
     runs-on: windows-latest
 

.github/workflows/pr-checks.yml

@@ -1,21 +1,24 @@
 name: "PR checks"
 
-on: [push, pull_request]
+on:
+  push:
+    branches: [main, v1]
+  pull_request:
 
 jobs:
-  tslint:
+  lint-js:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v1
-    - name: tslint
+    - uses: actions/checkout@v2
+    - name: Run Lint
       run: npm run-script lint
 
   check-js:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v1
+    - uses: actions/checkout@v2
     - name: Check generated JavaScript
       run: |
         # Sanity check that repo is clean to start with
@@ -41,7 +44,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v1
+    - uses: actions/checkout@v2
     - name: Check node modules up to date
       run: |
         # Sanity check that repo is clean to start with
@@ -50,7 +53,6 @@ jobs:
           >&2 echo "Failed: Repo should be clean before testing!"
           exit 1
         fi
-
         # Reinstall modules and then clean to remove absolute paths
         # Use 'npm ci' instead of 'npm install' as this is intended to be reproducible
         npm ci
@@ -71,6 +73,6 @@ jobs:
     runs-on: ${{ matrix.os }}
 
     steps:
-    - uses: actions/checkout@v1
+    - uses: actions/checkout@v2
     - name: npm run-script test
       run: npm run-script test

README.md

@@ -98,7 +98,7 @@ Use the `config-file` parameter of the `init` action to enable the configuration
     config-file: ./.github/codeql/codeql-config.yml
 ```
 
-The configuration file must be located within the local repository. For information on how to write a configuration file, see "[Using a custom configuration](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#using-a-custom-configuration)."
+The configuration file must be located within the local repository. For information on how to write a configuration file, see "[Using a custom configuration file](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#using-a-custom-configuration-file)."
 
 If you only want to customise the queries used, you can specify them in your workflow instead of creating a config file, using the `queries` property of the `init` action:
 

analyze/action.yml

@@ -16,6 +16,10 @@ inputs:
   ram:
     description: Override the amount of memory in MB to be used by CodeQL. By default, almost all the memory of the machine is used.
     required: false
+  add-snippets:
+    description: Specify whether or not to add code snippets to the output sarif file.
+    required: false
+    default: "false"
   threads:
     description: The number of threads to be used by CodeQL.
     required: false