Skip to content

Commit

Permalink
Merge pull request #1608 from github/update-v2.2.9-fb32c3fef
Browse files Browse the repository at this point in the history
Merge main into releases/v2
  • Loading branch information
henrymercer authored Mar 27, 2023
2 parents 67a35a0 + f0988cb commit 04df126
Show file tree
Hide file tree
Showing 57 changed files with 819 additions and 268 deletions.
2 changes: 1 addition & 1 deletion .github/query-filter-test/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ runs:
with:
output: ${{ runner.temp }}/results
upload-database: false
upload: false
upload: never
env:
CODEQL_ACTION_TEST_MODE: "true"
- name: Check SARIF
Expand Down
53 changes: 44 additions & 9 deletions .github/workflows/__diagnostics-export.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/__javascript-source-root.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/__upload-ref-sha-input.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/__with-checkout-path.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/expected-queries-runs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
with:
output: ${{ runner.temp }}/results
upload-database: false
upload: false
upload: never

- name: Check Sarif
uses: ./../action/.github/check-sarif
Expand Down
10 changes: 10 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,15 @@
# CodeQL Action Changelog

## 2.2.9 - 27 Mar 2023

- Customers post-processing the SARIF output of the `analyze` Action before uploading it to Code Scanning will benefit from an improved debugging experience. [#1598](https://github.com/github/codeql-action/pull/1598)
- The CodeQL Action will now upload a SARIF file with debugging information to Code Scanning on failed runs for customers using `upload: false`. Previously, this was only available for customers using the default value of the `upload` input.
- The `upload` input to the `analyze` Action now accepts the following values:
- `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
- `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
- `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
- The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.

## 2.2.8 - 22 Mar 2023

- Update default CodeQL bundle version to 2.12.5. [#1585](https://github.com/github/codeql-action/pull/1585)
Expand Down
8 changes: 6 additions & 2 deletions analyze/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,14 @@ inputs:
required: false
default: "../results"
upload:
description: Upload the SARIF file to Code Scanning
description: >-
Upload the SARIF file to Code Scanning.
Defaults to 'always' which uploads the SARIF file to Code Scanning for successful and failed runs.
'failure-only' only uploads debugging information to Code Scanning if the workflow run fails, for users post-processing the SARIF file before uploading it to Code Scanning.
'never' avoids uploading the SARIF file to Code Scanning, even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
required: false
# If changing this, make sure to update workflow.ts accordingly.
default: "true"
default: "always"
cleanup-level:
description: "Level of cleanup to perform on CodeQL databases at the end of the analyze step. This should either be 'none' to skip cleanup, or be a valid argument for the --mode flag of the CodeQL CLI command 'codeql database cleanup' as documented at https://codeql.github.com/docs/codeql-cli/manual/database-cleanup"
required: false
Expand Down
29 changes: 26 additions & 3 deletions lib/actions-util.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 04df126

Please sign in to comment.