Skip to content

Merge main into releases/v2 #1924

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
henrymercer merged 78 commits into from
Oct 6, 2023
Merged

Merge main into releases/v2 #1924

Changes from 1 commit
Commits
Show all changes
78 commits
Select commit Hold shift + click to select a range
d467036
Update supported GitHub Enterprise Server versions
github-actions[bot] Sep 20, 2023
378bbcd
Don't log invalid cgroup memory limits
henrymercer Sep 27, 2023
0dd2eaf
Update changelog and version after v2.21.9
github-actions[bot] Sep 27, 2023
7efe1c9
Update checked-in dependencies
github-actions[bot] Sep 27, 2023
f1752b0
Bump minor version
henrymercer Sep 27, 2023
96fa24c
Bump minimum CodeQL version to 2.10.5
henrymercer Sep 27, 2023
1d5eed8
Remove deprecated functionality
henrymercer Sep 27, 2023
467bfa1
Update CodeQL versions tested in PR checks
henrymercer Sep 27, 2023
a9a0f3b
Add changelog note
henrymercer Sep 27, 2023
219066c
Fix error in generated workflow
henrymercer Sep 27, 2023
9ef3267
Merge pull request #1904 from github/henrymercer/tweak-cgroup-ram-log…
henrymercer Sep 27, 2023
a6484fa
Merge pull request #1896 from github/update-supported-enterprise-serv…
henrymercer Sep 27, 2023
2cc1651
Merge pull request #1906 from github/mergeback/v2.21.9-to-main-ddccb873
henrymercer Sep 27, 2023
e4ef094
Merge branch 'main' into henrymercer/deprecate-codeql-2.9
henrymercer Sep 27, 2023
1d70a98
Document CodeQL deprecation process
henrymercer Sep 27, 2023
6e3f5b0
Prompt maintainers to start process when GHES version deprecated
henrymercer Sep 27, 2023
f59bf3c
Fix expected artifact directory name for semver versions
henrymercer Sep 27, 2023
e7a6fa9
Merge pull request #1907 from github/henrymercer/deprecate-codeql-2.9
henrymercer Sep 27, 2023
e0103ea
Use `actions/checkout@v4`
Panquesito7 Sep 21, 2023
66572c6
Merge branch 'main' into checkout_v4
Panquesito7 Sep 28, 2023
a370ce3
Merge pull request #1898 from Panquesito7/checkout_v4
adityasharad Sep 28, 2023
ebbadee
Remove ML-powered queries
henrymercer Oct 2, 2023
5dac60e
Add changelog note
henrymercer Oct 2, 2023
37a2d1f
Remove ML-powered queries PR checks
henrymercer Oct 2, 2023
7b16c0d
Improve method name for `addQueriesFromWorkflow`.
henrymercer Oct 2, 2023
ed2a90b
Merge pull request #1910 from github/henrymercer/remove-ml-powered-qu…
adityasharad Oct 2, 2023
90f8ed1
Bump the npm group with 3 updates (#1911)
dependabot[bot] Oct 2, 2023
5f88bb1
Bump urllib3 in /python-setup/tests/pipenv/requests-3 (#1914)
dependabot[bot] Oct 3, 2023
896a68d
Bump urllib3 in /python-setup/tests/poetry/requests-3 (#1915)
dependabot[bot] Oct 3, 2023
7de4631
Bump urllib3 in /python-setup/tests/poetry/python-3.8 (#1916)
dependabot[bot] Oct 3, 2023
b686e07
Bump urllib3 in /python-setup/tests/pipenv/python-3.8 (#1917)
dependabot[bot] Oct 3, 2023
3dd4ad8
Bump the actions-setup-swift group (#1912)
dependabot[bot] Oct 3, 2023
74b4662
Support `features` key in `version` JSON output
mbg Oct 4, 2023
a402be8
Fix linter error
mbg Oct 4, 2023
e827ad5
Move `makeVersionOutput` to `testing-utils.js`
mbg Oct 4, 2023
bb67edd
Wrap JSON parsing in try/catch
mbg Oct 4, 2023
49b94f1
Remove unused properties from `VersionOutput`
mbg Oct 4, 2023
bcbb900
Rename `VersionOutput` to `VersionInfo`
mbg Oct 4, 2023
3fb6719
Merge pull request #1918 from github/mbg/support-version-features
mbg Oct 4, 2023
d718153
Use Go 1.21 for Go tracing checks
mbg Sep 28, 2023
c08086a
Add new environment variable for Go binary path
mbg Sep 28, 2023
3c15d23
Add utility function to run `file` command
mbg Sep 28, 2023
2bd75f5
Install Go wrapper script if necessary
mbg Sep 28, 2023
4611ff9
Cross-check Go binary in `analyze` Action
mbg Sep 28, 2023
df098ab
Set `DID_AUTOBUILD_GOLANG` in `runAutobuild`
mbg Sep 28, 2023
4cee553
Output stdout upon error in getFileType
mbg Oct 4, 2023
6044480
Add which go output in warning
mbg Oct 4, 2023
abb71f1
Add CLI feature flag to disable Go workaround
mbg Oct 4, 2023
7b0b42a
Remove `FeaturesInVersionResult`
mbg Oct 4, 2023
f6d9b6b
Improve/add log messages
mbg Oct 4, 2023
8ac1877
Allow other patch versions of Go in workflows
mbg Oct 4, 2023
9a5a628
Improve `getFileType`
mbg Oct 4, 2023
41a13ec
Fix comment in analyse Action
mbg Oct 4, 2023
bb70bab
Add comment explaining workaround
mbg Oct 4, 2023
517782a
Improve description of codeql-action/init languages input (#1919)
igwejk Oct 4, 2023
68d0b65
Add another level to `tempBinPath`
mbg Oct 4, 2023
7380306
Trim `file` output
mbg Oct 5, 2023
db9f2c5
Add test for `isSupportedToolsFeature`
mbg Oct 5, 2023
c8dd2bc
Add integration test for workaround
mbg Oct 5, 2023
36777d2
Add utilities to produce diagnostics
mbg Oct 5, 2023
eb71a60
Emit diagnostic when Go was changed after `init`
mbg Oct 5, 2023
2b193c5
Store diagnostics in a `codeql-action` directory
mbg Oct 5, 2023
faf7528
Add integration test for Go workaround diagnostic
mbg Oct 5, 2023
7f4a948
Fix: create codeql-action diagnostics directory
mbg Oct 5, 2023
4154eb7
Fix: workflow name and description
mbg Oct 5, 2023
a144bf5
Store diagnostics in language-specific database
mbg Oct 5, 2023
3b2fee4
Include `mkdirSync` in `try`/`catch`
mbg Oct 5, 2023
94f3e9b
Apply suggestions from code review
mbg Oct 5, 2023
235bdca
Use `markdownMessage`
mbg Oct 5, 2023
0ac7669
Fix using `resolve-environment` Action with language aliases
henrymercer Oct 5, 2023
e26ed57
Defer language aliasing to CLI when appropriate
henrymercer Oct 5, 2023
1ea6a10
Merge pull request #1909 from github/mbg/go-1.21-workaround
mbg Oct 5, 2023
f243294
Extend PR check to test `resolve-environment` works with language alias
henrymercer Oct 5, 2023
8f0e8b0
Tweak language parsing to improve clarity
henrymercer Oct 5, 2023
2723530
Merge pull request #1923 from github/henrymercer/fix-resolve-environm…
henrymercer Oct 5, 2023
3f7850a
Improve downloading log message (#1920)
hoshinotsuyoshi Oct 5, 2023
0a65c00
Update changelog for v2.22.0
github-actions[bot] Oct 6, 2023
e50f53b
Add changelog note for tracing Go 1.21
henrymercer Oct 6, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Document CodeQL deprecation process
  • Loading branch information
@henrymercer
henrymercer committed Sep 27, 2023
commit 1d70a9858070f551c119f450a9671812da838019
21 changes: 21 additions & 0 deletions CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,27 @@ Since the `codeql-action` runs most of its testing through individual Actions wo
2. Run the script. If there's a reason to, you can pass in a different SHA as a CLI argument.
3. After running, go to the [branch protection rules settings page](https://github.com/github/codeql-action/settings/branches) and validate that the rules for `main`, `v1`, and `v2` have been updated.

## Deprecating a CodeQL version (write access required)

We typically deprecate a version of CodeQL when the GitHub Enterprise Server (GHES) version that it first shipped in is deprecated.

1. Work out the next minimum version of CodeQL. This is the version that shipped in the version of GHES after the one that has just been deprecated.
1. Notify users using the old version of CodeQL about the deprecation.
- Update `CODEQL_NEXT_MINIMUM_VERSION`, `GHES_VERSION_MOST_RECENTLY_DEPRECATED`, and `GHES_MOST_RECENT_DEPRECATION_DATE` in `src/codeql.ts` to reflect the new minimum version of CodeQL and the GHES version that has just been deprecated.
- Add a changelog note announcing the deprecation.
- Example PR: https://github.com/github/codeql-action/pull/1884
1. Release the Action, or wait for the next scheduled release of the Action, then wait at least a week so users have time to see and act on the deprecation warning.
1. Remove support for the old version of CodeQL.
- Bump `CODEQL_MINIMUM_VERSION` in `src/codeql.ts` to the new minimum version of CodeQL.
- Remove any code that is only needed to support the old version of CodeQL. This is often behind a version guard, so look for instances of version numbers between the old minimum version and the new minimum version in the codebase. A good place to start is the list of version numbers in `src/codeql.ts`.
- Update the default set of CodeQL test versions in `pr-checks/sync.py`.
- Remove the old minimum version of CodeQL.
- Add the latest patch release for any new CodeQL minor version series that have shipped in GHES.
- Run the script to update the generated PR checks.
- Do the same for PR checks that aren't auto-generated.
- Add a changelog note announcing the new minimum version of CodeQL that is now required.
- Example PR: https://github.com/github/codeql-action/pull/1907

## Resources

- [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
Expand Down