Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge branch 'main' into daverlo/python-v2
David Verdeguer committed Sep 23, 2020

Unverified

No user is associated with the committer email.
Learn about vigilant mode
2 parents 4ab5cbc + 367ad73 commit 23a1a65
Showing 6,132 changed files with 570,494 additions and 216,134 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
5 changes: 5 additions & 0 deletions .eslintignore
View file
@@ -0,0 +1,5 @@
**/webpack.config.js
lib/**
runner/dist/**
src/testdata/**
tests/**
58 changes: 58 additions & 0 deletions .eslintrc.json
View file
@@ -0,0 +1,58 @@

{
"parser": "@typescript-eslint/parser",
"parserOptions": {
"project": "./tsconfig.json"
},
"plugins": ["@typescript-eslint", "filenames", "github", "import", "no-async-foreach"],
"extends": [
"eslint:recommended",
"plugin:@typescript-eslint/recommended",
"plugin:@typescript-eslint/recommended-requiring-type-checking",
"plugin:github/recommended",
"plugin:github/typescript"
],
"rules": {
"filenames/match-regex": ["error", "^[a-z0-9-]+(\\.test)?$"],
"import/extensions": "error",
"import/no-amd": "error",
"import/no-commonjs": "error",
"import/no-dynamic-require": "error",
"import/no-extraneous-dependencies": ["error", {"devDependencies": false}],
"import/no-namespace": "off",
"import/no-unresolved": "error",
"import/no-webpack-loader-syntax": "error",
"no-async-foreach/no-async-foreach": "error",
"no-console": "off",
"no-sequences": "error",
"one-var": ["error", "never"],
"sort-imports": ["error", { "allowSeparatedGroups": true }]
},
"overrides": [{
// "temporarily downgraded during transition to eslint
"files": "**",
"rules": {
"@typescript-eslint/ban-types": "off",
"@typescript-eslint/explicit-module-boundary-types": "off",
"@typescript-eslint/no-explicit-any": "off",
"@typescript-eslint/no-unsafe-assignment": "off",
"@typescript-eslint/no-unsafe-call": "off",
"@typescript-eslint/no-unsafe-member-access": "off",
"@typescript-eslint/no-unsafe-return": "off",
"@typescript-eslint/no-unused-vars": "off",
"@typescript-eslint/no-var-requires": "off",
"@typescript-eslint/prefer-regexp-exec": "off",
"@typescript-eslint/require-await": "off",
"@typescript-eslint/restrict-template-expressions": "off",
"eslint-comments/no-use": "off",
"func-style": "off",
"github/no-then": "off",
"import/no-extraneous-dependencies": "off",
"no-shadow": "off",
"no-sparse-arrays": "off",
"no-throw-literal": "off",
"no-useless-escape": "off",
"sort-imports": "off"
}
}]
}
5 changes: 4 additions & 1 deletion .github/workflows/codeql.yml
View file
@@ -1,6 +1,9 @@
name: "CodeQL action"

on: [push, pull_request]
on:
push:
branches: [main, v1]
pull_request:

jobs:
build:
19 changes: 11 additions & 8 deletions .github/workflows/integration-testing.yml
View file
@@ -1,6 +1,9 @@
name: "Integration Testing"

on: [push, pull_request]
on:
push:
branches: [main, v1]
pull_request:

jobs:
multi-language-repo_test-autodetect-languages:
@@ -150,7 +153,7 @@ jobs:
- uses: ./../action/analyze
env:
TEST_MODE: true

runner-analyze-javascript-ubuntu:
runs-on: ubuntu-latest

@@ -176,7 +179,7 @@ jobs:
runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
env:
TEST_MODE: true

runner-analyze-javascript-windows:
runs-on: windows-latest

@@ -198,7 +201,7 @@ jobs:
runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
env:
TEST_MODE: true

runner-analyze-javascript-macos:
runs-on: macos-latest

@@ -220,7 +223,7 @@ jobs:
runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
env:
TEST_MODE: true

runner-analyze-csharp-ubuntu:
runs-on: ubuntu-latest

@@ -254,7 +257,7 @@ jobs:
../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
env:
TEST_MODE: true

runner-analyze-csharp-windows:
runs-on: windows-latest

@@ -325,7 +328,7 @@ jobs:
env:
TEST_MODE: true


runner-analyze-csharp-autobuild-ubuntu:
runs-on: ubuntu-latest

@@ -358,7 +361,7 @@ jobs:
../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
env:
TEST_MODE: true

runner-analyze-csharp-autobuild-windows:
runs-on: windows-latest

18 changes: 10 additions & 8 deletions .github/workflows/pr-checks.yml
View file
@@ -1,21 +1,24 @@
name: "PR checks"

on: [push, pull_request]
on:
push:
branches: [main, v1]
pull_request:

jobs:
tslint:
lint-js:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v1
- name: tslint
- uses: actions/checkout@v2
- name: Run Lint
run: npm run-script lint

check-js:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- name: Check generated JavaScript
run: |
# Sanity check that repo is clean to start with
@@ -41,7 +44,7 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- name: Check node modules up to date
run: |
# Sanity check that repo is clean to start with
@@ -50,7 +53,6 @@ jobs:
>&2 echo "Failed: Repo should be clean before testing!"
exit 1
fi
# Reinstall modules and then clean to remove absolute paths
# Use 'npm ci' instead of 'npm install' as this is intended to be reproducible
npm ci
@@ -71,6 +73,6 @@ jobs:
runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- name: npm run-script test
run: npm run-script test
73 changes: 73 additions & 0 deletions .github/workflows/split.yml
View file
@@ -0,0 +1,73 @@
#
# Split the CodeQL Bundle into platform bundles
#
# Instructions:
# 1. Upload the new codeql-bundle (codeql-bundle.tar.gz) as an asset of the
# release (codeql-bundle-20200826)
# 2. Take note of the CLI Release used by the bundle (e.g., v2.2.5)
# 3. Manually launch this workflow file (via the Actions UI) specifying
# - The CLI Release (e.g., v2.2.5)
# - The release tag (e.g., codeql-bundle-20200826)
# 4. If everything succeeds you should see 3 new assets.
#

name: Split Bundle

on:
workflow_dispatch:
inputs:
cli-release:
description: 'CodeQL CLI Release (e.g., "v2.2.5")'
required: true
bundle-tag:
description: 'Tag of the bundle release (e.g., "codeql-bundle-20200826")'
required: true

jobs:
build:
runs-on: ubuntu-latest
env:
CLI_RELEASE: "${{ github.event.inputs.cli-release }}"
RELEASE_TAG: "${{ github.event.inputs.bundle-tag }}"

strategy:
fail-fast: false
matrix:
platform: ["linux64", "osx64", "win64"]

steps:
- name: Resolve Upload URL for the release
id: save_url
run: |
UPLOAD_URL=$(curl -sS \
"https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/tags/${RELEASE_TAG}" \
-H "Accept: application/json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" | jq .upload_url | sed s/\"//g)
echo ${UPLOAD_URL}
echo "::set-output name=upload_url::${UPLOAD_URL}"
- name: Download CodeQL CLI and Bundle
run: |
wget --no-verbose "https://github.com/${GITHUB_REPOSITORY}/releases/download/${RELEASE_TAG}/codeql-bundle.tar.gz"
wget --no-verbose "https://github.com/github/codeql-cli-binaries/releases/download/${CLI_RELEASE}/codeql-${{matrix.platform}}.zip"
- name: Create Platform Package
# Replace the codeql-binaries with the platform specific ones
run: |
gunzip codeql-bundle.tar.gz
tar -f codeql-bundle.tar --delete codeql
unzip -q codeql-${{matrix.platform}}.zip
tar -f codeql-bundle.tar --append codeql
gzip codeql-bundle.tar
mv codeql-bundle.tar.gz codeql-bundle-${{matrix.platform}}.tar.gz
du -sh codeql-bundle-${{matrix.platform}}.tar.gz
- name: Upload Platform Package
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.save_url.outputs.upload_url }}
asset_path: ./codeql-bundle-${{matrix.platform}}.tar.gz
asset_name: codeql-bundle-${{matrix.platform}}.tar.gz
asset_content_type: application/tar+gzip
2 changes: 1 addition & 1 deletion README.md
View file
@@ -98,7 +98,7 @@ Use the `config-file` parameter of the `init` action to enable the configuration
config-file: ./.github/codeql/codeql-config.yml
```

The configuration file must be located within the local repository. For information on how to write a configuration file, see "[Using a custom configuration](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#using-a-custom-configuration)."
The configuration file must be located within the local repository. For information on how to write a configuration file, see "[Using a custom configuration file](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#using-a-custom-configuration-file)."

If you only want to customise the queries used, you can specify them in your workflow instead of creating a config file, using the `queries` property of the `init` action:

4 changes: 4 additions & 0 deletions analyze/action.yml
View file
@@ -16,6 +16,10 @@ inputs:
ram:
description: Override the amount of memory in MB to be used by CodeQL. By default, almost all the memory of the machine is used.
required: false
add-snippets:
description: Specify whether or not to add code snippets to the output sarif file.
required: false
default: "false"
threads:
description: The number of threads to be used by CodeQL.
required: false
266 changes: 266 additions & 0 deletions lib/actions-util.js
View file
1 change: 1 addition & 0 deletions lib/actions-util.js.map
View file
31 changes: 31 additions & 0 deletions lib/actions-util.test.js
View file
1 change: 1 addition & 0 deletions lib/actions-util.test.js.map
View file
23 changes: 11 additions & 12 deletions lib/analysis-paths.js
View file
2 changes: 1 addition & 1 deletion lib/analysis-paths.js.map
View file
20 changes: 10 additions & 10 deletions lib/analysis-paths.test.js
View file
2 changes: 1 addition & 1 deletion lib/analysis-paths.test.js.map
View file
21 changes: 12 additions & 9 deletions lib/analyze-action.js
View file
2 changes: 1 addition & 1 deletion lib/analyze-action.js.map
View file
96 changes: 56 additions & 40 deletions lib/analyze.js
View file
2 changes: 1 addition & 1 deletion lib/analyze.js.map
View file
63 changes: 63 additions & 0 deletions lib/analyze.test.js
View file
1 change: 1 addition & 0 deletions lib/analyze.test.js.map
View file
23 changes: 12 additions & 11 deletions lib/api-client.js
View file
2 changes: 1 addition & 1 deletion lib/api-client.js.map
View file
24 changes: 13 additions & 11 deletions lib/autobuild-action.js
View file
2 changes: 1 addition & 1 deletion lib/autobuild-action.js.map
View file
4 changes: 3 additions & 1 deletion lib/autobuild.js
View file
2 changes: 1 addition & 1 deletion lib/autobuild.js.map
View file
245 changes: 130 additions & 115 deletions lib/codeql.js
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion lib/codeql.js.map
View file

Large diffs are not rendered by default.

62 changes: 31 additions & 31 deletions lib/codeql.test.js
View file
2 changes: 1 addition & 1 deletion lib/codeql.test.js.map
View file

0 comments on commit 23a1a65

Please sign in to comment.