Mario Campos
43f0e19226
Add name to manual build step in CodeQL starter workflow
2025-10-09 13:42:49 -05:00
Mario Campos
69b278ad65
Update CodeQL action versions to v4 in workflow configuration
2025-10-07 10:11:06 -05:00
Andrew Eisenberg
adcb922ec2
Make the example setup more explicit.
2025-01-30 16:50:30 -08:00
Andrew Eisenberg
7398b4eca4
Remove trailing whitespace
2025-01-29 15:39:32 -08:00
Andrew Eisenberg
2abfcee18d
Update codeql.yml
...
Explicitly suggest that users add their setup steps before calling init.
2025-01-29 14:23:54 -08:00
Chad Bentz
6ac176a96e
CodeQL - Add unique name vs default setup
2024-08-23 10:49:57 -04:00
Ian Lynagh
ba125834f1
CodeQL: Remove Swift 2h timeout
...
Spurious intermittent timeouts are no longer expected on Swift.
2024-08-20 12:06:59 +01:00
Chad Bentz
b30fbdf5f2
Specify bash shell so that it doesn't fail if switching to 'windows`
2024-05-02 10:59:15 -04:00
Marco Gario
a3194f5b47
Update CodeQL workflow to use packages:read permission.
...
Co-authored-by: Anders Starcke Henriksen <starcke@github.com >
2024-04-11 09:42:21 +02:00
Issy Long
31a3e00dab
codeql: Clarify that hosted larger runners only exist on GHEC
...
- Part of https://github.com/github/code-scanning/issues/13748 .
2024-04-03 10:23:11 +01:00
Marco Gario
fdbad9c74f
Update codeql.yml
...
links to docs
2024-03-26 13:45:32 +01:00
Marco Gario
aad9272438
Update codeql.yml
...
Limit matrix information in the job name to language by default
2024-03-26 13:18:17 +01:00
Marco Gario
4a8c4e08b0
Update code-scanning/codeql.yml
...
Co-authored-by: Henry Mercer <henrymercer@github.com >
2024-02-19 15:57:02 +01:00
Marco Gario
8a973982d1
Update code-scanning/codeql.yml
...
Co-authored-by: Henry Mercer <henrymercer@github.com >
2024-02-19 15:54:06 +01:00
Marco Gario
05e4581159
Update codeql.yml with new build-mode
2024-02-15 09:01:39 +01:00
Andrew Eisenberg
42326d0804
Clarify permisions on codeql-action starter
2024-01-09 12:22:16 -08:00
Nick Fyson
3cb56ae6f3
update codeql.yml to reference node20 actions
2023-12-14 12:21:29 +00:00
Marco Gario
d4b398cf2d
Include protected branches in PR analyses
2023-12-04 10:24:28 +01:00
David Verdeguer
61f8558b81
Update codeql.yml
2023-10-03 07:40:34 +02:00
James M. Greene
ec351ca4a9
Delete trailing whitespace
2023-07-13 09:39:44 -05:00
James M. Greene
bbb14beb4a
Merge branch 'main' into patch-2
2023-07-13 09:37:46 -05:00
James M. Greene
d0ceca4fea
Compress the comment
2023-07-13 09:36:51 -05:00
Chad Bentz
2402be0dd2
Update code-scanning/codeql.yml
...
Co-authored-by: Nick Liffen <nickliffen@github.com >
2023-06-15 16:46:40 -04:00
Henry Mercer
47e25f9095
CodeQL: Update autobuild comment
...
Add Swift to the list of compiled languages that autobuild will try to build.
2023-06-12 11:13:06 +01:00
Aditya Sharad
b015c848b6
CodeQL: Reduce job timeout to 2h if the target language is Swift
...
Some projects observed intermittent build timeouts with Swift.
In case this happens, and our CodeQL-level mitigations do not prevent the problem, we want to avoid using up 6h of the customer's billed macOS Actions minutes (which is the default timeout), so we suggest a reduced timeout of 2h.
This value is chosen to accommodate the total job time (build + CodeQL extraction + CodeQL analysis) we expect for large Swift projects. We may choose to adjust it in future.
2023-05-22 10:10:15 -07:00
Aditya Sharad
73f69c4600
CodeQL: Run on macOS by default if the target language is Swift
...
CodeQL Swift analysis is best supported on macOS.
In preparation for CodeQL supporting Swift analysis in beta,
adjust the CodeQL starter workflow template to run the `swift` matrix job on `macos-latest`, and all other matrix jobs on
`ubuntu-latest`. This does not affect the matrix itself.
2023-04-17 12:06:44 -07:00
Chad Bentz
19a9f5df85
Add runner size docs
2023-03-09 13:49:38 -05:00
Robin Neatherway
d92e1f890e
Correct indentation of "run" example
2023-01-23 15:56:27 +00:00
Florin Coada
9e27144d52
Add explanation on which value to use to scan Kotlin and TypeScript
...
Added comments explaining which values should be used if the user would like to scan Kotlin or TypeScript.
2022-12-09 15:35:44 +00:00
jorgectf
0b50b4b579
Remove extra whitespaces
2022-11-04 20:45:41 +01:00
Angela P Wen
c36348cbc6
Add Go to code scanning autobuild comment
2022-10-26 23:28:17 +00:00
Marco Gario
cb341b59ed
Update CodeQL to include category by default
...
Code Scanning can accept multiple uploads for the same tool and uses the concept of category to keep results separated.
If not provided explicitly, the category is computed based on a few parameters like workflow path and matrix variables. The implicit computation of the category can create confusion if users change their workflow, as we start considering the new analyses as unrelated to existing results.
By making the category explicit in the workflow we hope to make the concept more prominent and reduce accidental changes.
2022-09-16 09:25:07 +02:00
Jack G Kafaty
e6c5cbdbe2
Merge branch 'main' into patch-5
2022-05-02 12:37:31 -04:00
Aditya Sharad
a2a01a4b0b
CodeQL starter workflow: Replace git.io links
...
git.io is deprecated.
Replace the references with full links or aka.ms links to the same documentation.
2022-04-26 02:26:34 -07:00
Jack G Kafaty
a5cb76fffb
Update codeql.yml
2022-04-21 13:19:45 -04:00
Jack G Kafaty
bf7a4cab85
Update codeql.yml
...
Line 51 added the query packs by default but commented.
Lines 62-63: added better instructions
Lines 68-70 added an example which provides better detail
2022-04-21 13:09:39 -04:00
Thomas Boop
ff59aa4737
Merge branch 'main' into thboop/updateCodeScanning
2022-03-31 09:32:00 -04:00
Thomas Boop
8d8c6f77d6
update to v2
2022-03-31 08:24:35 -04:00
Thomas Boop
1d9d6d7fb0
Update Actions to node16 ( #1469 )
...
* update actions
* address merge conflicts
* fix java updates
* update github script
* update cache to v3
Co-authored-by: Bishal Prasad <bishal-pdmsft@github.com >
2022-03-28 22:40:48 +05:30
David Verdeguer
042eac3858
Add ruby and update workflow
2021-10-21 22:11:00 +02:00
eric sciple
a0512d36da
include actions:read for all code scanning workflows
2021-04-23 14:06:00 -05:00
eric sciple
6a69f367db
Update starter workflows to specify permissions
2021-04-21 16:32:53 -05:00
Nick Fyson
44c50acb70
amend link in codeql workflow
2020-11-13 16:33:01 +00:00
Nick Fyson
500534878c
update doc link in codeql template
2020-11-12 12:46:34 +00:00
Nick Fyson
33e4b7e557
add codeql workflow
2020-11-09 11:08:35 +00:00