codeql-action

codeql-action copied to clipboard

This adds a deprecation warning for merging SARIF files with non-unique categories. This is behind a feature flag. These are the criteria for showing the deprecation warning: - The feature...

koesie10

### Merge / deployment checklist - [ ] Confirm this change is backwards compatible with existing workflows. - [ ] Confirm the [readme](https://github.com/github/codeql-action/blob/main/README.md) has been updated if necessary. - [...

alexet

1 files were completely excluded from scanning due to a fundamental problem that is known to cause problems scanning other files.

3

I created a new test [repository](https://github.com/RovoMe/test-release-pipeline) for setting up various github actions. The repository itself does not have real important code other than to demonstrate various things like a functioning...

RovoMe

Upload-sarif action doesn't seem to respect "uriBaseId" in SARIF files

9

We're using "Android Lint" to generate a sarif file. The sarif locations use this pattern: ``` "originalUriBaseIds": { "%SRCROOT%": { "uri": "file:///runner/_work/myrepo/myrepo/some/repo/dir/" } }, ... "physicalLocation": { "artifactLocation": { "uriBaseId":...

scottjasso

Re-enable kotlin tests

3

Reverts https://github.com/github/codeql-action/pull/1473

aeisenberg

`upload-sarif@v3`: could not convert rules: invalid security severity value, is not a number: undefined

15

Hi, recently I'm seeing the following error when running the `upload-sarif@v3` GH action. Example failure: https://github.com/cloudnative-pg/postgres-containers/actions/runs/8196632252/job/22417260216 ``` Uploading results Processing sarif files: ["snyk.sarif"] Uploading results Successfully uploaded results Waiting for...

NiccoloFei

perform codeql analysis issues

1

Hi, In perform codeql analysis step getting below error. I am running a typescript&javascript application. error: ``` Error: 3-30 11:41:29] [ERROR] Spawned process exited abnormally (code 1; tried to run:...

Subharanjan2055

Intermittent DirectoryNotEmptyException when running analyze@v2

1

Getting the below error intermittently on Perform CodeQL Analysis step, specifically when running database finalize command. Ultimately the error is java.nio.file.DirectoryNotEmptyException, the directory in question being C:\actions-runner\_work\_temp\codeql_databases\csharp\db-csharp\default\cache\working `C:\actions-runner\_work\_tool\CodeQL\2.16.3\x64\codeql\codeql.exe database finalize...

ghardaway2

StackOverflow error on index files

11

Suddenly, Perform CodeQL Analysis step has started failing on index files step. github/codeql-action/analyze@v2 I've tried using v3 too with no luck Also, I've tried increasing thread heap size from 2M...

theveriton

Merge releases/v3 into releases/v2

2

Merging b7cec7526 into `releases/v2`. Conductor for this PR is @henrymercer. Contains the following pull requests: - #2273 (@aeisenberg) - #2274 (@aeisenberg) - #2276 (@henrymercer) - #2277 (@henrymercer) - #2279 (@henrymercer)...

henrymercer