Merge branch 'main' into upload-database

github · Jun 18, 2021 · 33ac512 · 33ac512
2 parents 69c30da + 6a7c236
commit 33ac512
Show file tree

Hide file tree

Showing 30 changed files with 1,177 additions and 158 deletions.
diff --git a/.github/update-release-branch.py b/.github/update-release-branch.py
@@ -122,7 +122,7 @@ def get_commit_difference(repo):
 
 # Is the given commit the automatic merge commit from when merging a PR
 def is_pr_merge_commit(commit):
-  return commit.committer.login == 'web-flow' and len(commit.parents) > 1
+  return commit.committer is not None and commit.committer.login == 'web-flow' and len(commit.parents) > 1
 
 # Gets a copy of the commit message that should display nicely
 def get_truncated_commit_message(commit):

diff --git a/.github/workflows/post-release-mergeback.yml b/.github/workflows/post-release-mergeback.yml
@@ -16,10 +16,6 @@ on:
     branches:
       - v1
 
-  pull_request:
-    paths:
-      - .github/workflows/post-release-mergeback.yml
-
 jobs:
   merge-back:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml
@@ -100,6 +100,49 @@ jobs:
           exit 1
         fi
 
+  # Packaging test that runs against a javascript database
+  test-packaging-javascript:
+    needs: [check-js, check-node-modules]
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Move codeql-action
+      shell: bash
+      run: |
+        mkdir ../action
+        mv * .github ../action/
+        mv ../action/tests/multi-language-repo/{*,.github} .
+        mv ../action/.github/workflows .github
+    - uses: ./../action/init
+      with:
+        config-file: ".github/codeql/codeql-config-packaging.yml"
+        languages: javascript
+        # TODO: this can be removed when cli v2.5.6 is released and available in the tool cache
+        tools: https://github.com/dsp-testing/aeisenberg-codeql-action-packaging/releases/download/codeql-bundle-20210615/codeql-bundle-linux64.tar.gz
+
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      with:
+        output: "${{ runner.temp }}/results"
+      env:
+        TEST_MODE: true
+    - name: Assert Results
+      run: |
+        cd "$RUNNER_TEMP/results"
+        # We should have 3 hits from these rules
+        EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/two-block"
+
+        # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | xargs)"
+        echo "Found matching rules '$RULES'"
+        if [ "$RULES" != "$EXPECTED_RULES" ]; then
+          echo "Did not match expected rules '$EXPECTED_RULES'."
+          exit 1
+        fi
+
   # Identify the CodeQL tool versions to integration test against.
   check-codeql-versions:
     needs: [check-js, check-node-modules]

diff --git a/CODEOWNERS b/CODEOWNERS
@@ -0,0 +1 @@
+**/* @github/codeql-action-reviewers
diff --git a/lib/analysis-paths.test.js b/lib/analysis-paths.test.js
diff --git a/lib/analysis-paths.test.js.map b/lib/analysis-paths.test.js.map
diff --git a/lib/analyze.js b/lib/analyze.js