8000 Merge pull request #3201 from github/backport-v3.30.8-2a6736cca · github/codeql-action@755f449 · GitHub
[go: up one dir, main page]
Skip to content

Commit 755f449

Browse files
mbgmbg
authored
Merge pull request #3201 from github/backport-v3.30.8-2a6736cca
Merge releases/v4 into releases/v3
2 parents a8d1ac4 + 948223f commit 755f449

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

48 files changed

+2511
-917
lines changed

.github/actions/prepare-test/action.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ name: "Prepare test"
22
description: Performs some preparation to run tests
33
inputs:
44
version:
5-
description: "The version of the CodeQL CLI to use. Can be 'linked', 'default', 'nightly', 'nightly-latest', 'nightly-YYYYMMDD', or 'stable-vX.Y.Z"
5+
description: "The version of the CodeQL CLI to use. Can be 'linked', 'default', 'toolcache', 'nightly', 'nightly-latest', 'nightly-YYYYMMDD', or 'stable-vX.Y.Z"
66
required: true
77
use-all-platform-bundle:
88
description: "If true, we output a tools URL with codeql-bundle.tar.gz file rather than platform-specific URL"
@@ -41,6 +41,9 @@ runs:
4141
elif [[ "$VERSION" == "linked" ]]; then
4242
echo "tools-url=linked" >> "$GITHUB_OUTPUT"
4343
exit 0
44+
elif [[ "$VERSION" == "toolcache" ]]; then
45+
echo "tools-url=toolcache" >> "$GITHUB_OUTPUT"
46+
exit 0
4447
elif [[ "$VERSION" == "default" ]]; then
4548
echo "tools-url=" >> "$GITHUB_OUTPUT"
4649
exit 0

.github/dependabot.yml

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,9 +16,12 @@ updates:
1616
- dependency-name: "eslint-plugin-import"
1717
versions: [">=2.30.0"]
1818
groups:
19-
npm:
19+
npm-minor:
2020
patterns:
2121
- "*"
22+
update-types:
23+
- "minor"
24+
- "patch"
2225
- package-ecosystem: github-actions
2326
directories:
2427
- "/.github/workflows"
@@ -28,6 +31,9 @@ updates:
2831
labels:
2932
- Rebuild
3033
groups:
31-
actions:
34+
actions-minor:
3235
patterns:
3336
- "*"
37+
update-types:
38+
- "minor"
39+
- "patch"

.github/pull_request_template.md

Lines changed: 48 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,13 @@
1-
<!-- For GitHub staff: Remember that this is a public repository. -->
1+
<!--
2+
For GitHub staff: Remember that this is a public repository. Do not link to internal resources.
3+
If necessary, link to this PR from an internal issue and include further details there.
4+
5+
Everyone: Include a summary of the context of this change, what it aims to accomplish, and why you
6+
chose the approach you did if applicable. Indicate any open questions you want to answer
7+
during the review process and anything you want reviewers to pay particular attention to.
8+
9+
See https://github.com/github/codeql-action/blob/main/CONTRIBUTING.md for additional information.
10+
-->
211

312
### Risk assessment
413

@@ -7,6 +16,44 @@ For internal use only. Please select the risk level of this change:
716
- **Low risk:** Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only.
817
- **High risk:** Changes are not fully under feature flags, have limited visibility and/or cannot be tested outside of production.
918

19+
#### Which use cases does this change impact?
20+
21+
<!-- Delete options that don't apply. -->
22+
23+
- **Advanced setup** - Impacts users who have custom workflows.
24+
- **Default setup** - Impacts users who use default setup.
25+
- **Code Scanning** - Impacts Code Scanning (i.e. `analysis-kinds: code-scanning`).
26+
- **Code Quality** - Impacts Code Quality (i.e. `analysis-kinds: code-quality`).
27+
- **Third-party analyses** - Impacts third-party analyses (i.e. `upload-sarif`).
28+
- **GHES** - Impacts GitHub Enterprise Server.
29+
30+
#### How did/will you validate this change?
31+
32+
<!-- Delete options that don't apply. -->
33+
34+
- **Test repository** - This change will be tested on a test repository before merging.
35+
- **Unit tests** - I am depending on unit test coverage (i.e. tests in `.test.ts` files).
36+
- **End-to-end tests** - I am depending on PR checks (i.e. tests in `pr-checks`).
37+
- **Other** - Please provide details.
38+
- **None** - I am not validating these changes.
39+
40+
#### If something goes wrong after this change is released, what are the mitigation and rollback strategies?
41+
42+
<!-- Delete strategies that don't apply. -->
43+
44+
- **Feature flags** - All new or changed code paths can be fully disabled with corresponding feature flags.
45+
- **Rollback** - Change can only be disabled by rolling back the release or releasing a new version with a fix.
46+
- **Other** - Please provide details.
47+
48+
#### How will you know if something goes wrong after this change is released?
49+
50+
<!-- Delete options that don't apply. -->
51+
52+
- **Telemetry** - I rely on existing telemetry or have made changes to the telemetry.
53+
- **Dashboards** - I will watch relevant dashboards for issues after the release. Consider whether this requires this change to be released at a particular time rather than as part of a regular release.
54+
- **Alerts** - New or existing monitors will trip if something goes wrong with this change.
55+
- **Other** - Please provide details.
56+
1057
### Merge / deployment checklist
1158

1259
- Confirm this change is backwards compatible with existing workflows.

.github/update-release-branch.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -371,10 +371,10 @@ def main():
371371
# releases.
372372
run_git('revert', vOlder_update_commits[0], '--no-edit')
373373

374-
# Also revert the "Update checked-in dependencies" commit created by Actions.
375-
update_dependencies_commit = run_git('log', '--grep', '^Update checked-in dependencies', '--format=%H').split()[0]
376-
print(f' Reverting {update_dependencies_commit}')
377-
run_git('revert', update_dependencies_commit, '--no-edit')
374+
# Also revert the "Rebuild" commit created by Actions.
375+
rebuild_commit = run_git('log', '--grep', '^Rebuild$', '--format=%H').split()[0]
376+
print(f' Reverting {rebuild_commit}')
377+
run_git('revert', rebuild_commit, '--no-edit')
378378

379379
else:
380380
print(' Nothing to revert.')

.github/workflows/__upload-quality-sarif.yml renamed to .github/workflows/__bundle-from-toolcache.yml

Lines changed: 29 additions & 38 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.github/workflows/__rubocop-multi-language.yml

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.github/workflows/__upload-sarif.yml

Lines changed: 158 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)
0