-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 8016a71
Showing
14,778 changed files
with
2,787,194 additions
and
0 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| root = true | ||
|
|
||
| [*] | ||
| end_of_line = lf | ||
| insert_final_newline = true | ||
| trim_trailing_whitespace = true | ||
|
|
||
| [*.ts] | ||
| indent_style = space | ||
| indent_size = 2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| **/webpack.config.js | ||
| lib/** | ||
| src/testdata/** | ||
| tests/** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,77 @@ | ||
|
|
||
| { | ||
| "parser": "@typescript-eslint/parser", | ||
| "parserOptions": { | ||
| "project": "./tsconfig.json" | ||
| }, | ||
| "plugins": ["@typescript-eslint", "filenames", "github", "import", "no-async-foreach"], | ||
| "extends": [ | ||
| "eslint:recommended", | ||
| "plugin:@typescript-eslint/recommended", | ||
| "plugin:@typescript-eslint/recommended-requiring-type-checking", | ||
| "plugin:github/recommended", | ||
| "plugin:github/typescript", | ||
| "plugin:import/typescript" | ||
| ], | ||
| "rules": { | ||
| "filenames/match-regex": ["error", "^[a-z0-9-]+(\\.test)?$"], | ||
| "i18n-text/no-en": "off", | ||
| "import/extensions": ["error", { | ||
| // Allow importing JSON files | ||
| "json": {} | ||
| }], | ||
| "import/no-amd": "error", | ||
| "import/no-commonjs": "error", | ||
| "import/no-cycle": "error", | ||
| "import/no-dynamic-require": "error", | ||
| // Disable the rule that checks that devDependencies aren't imported since we use a single | ||
| // linting configuration file for both source and test code. | ||
| "import/no-extraneous-dependencies": ["error", {"devDependencies": true}], | ||
| "import/no-namespace": "off", | ||
| "import/no-unresolved": "error", | ||
| "import/no-webpack-loader-syntax": "error", | ||
| "import/order": ["error", { | ||
| "alphabetize": {"order": "asc"}, | ||
| "newlines-between": "always" | ||
| }], | ||
| "max-len": ["error", { | ||
| "code": 120, | ||
| "ignoreUrls": true, | ||
| "ignoreStrings": true, | ||
| "ignoreTemplateLiterals": true | ||
| }], | ||
| "no-async-foreach/no-async-foreach": "error", | ||
| "no-console": "off", | ||
| "no-sequences": "error", | ||
| "no-shadow": "off", | ||
| "@typescript-eslint/no-shadow": ["error"], | ||
| "one-var": ["error", "never"] | ||
| }, | ||
| "overrides": [{ | ||
| // "temporarily downgraded during transition to eslint | ||
| "files": "**", | ||
| "rules": { | ||
| "@typescript-eslint/ban-types": "off", | ||
| "@typescript-eslint/explicit-module-boundary-types": "off", | ||
| "@typescript-eslint/no-explicit-any": "off", | ||
| "@typescript-eslint/no-unsafe-assignment": "off", | ||
| "@typescript-eslint/no-unsafe-call": "off", | ||
| "@typescript-eslint/no-unsafe-member-access": "off", | ||
| "@typescript-eslint/no-unsafe-return": "off", | ||
| "@typescript-eslint/no-var-requires": "off", | ||
| "@typescript-eslint/prefer-regexp-exec": "off", | ||
| "@typescript-eslint/require-await": "off", | ||
| "@typescript-eslint/restrict-template-expressions": "off", | ||
| "func-style": "off", | ||
| "sort-imports": "off" | ||
| } | ||
| }], | ||
| "settings": { | ||
| "import/resolver": { | ||
| "node": { | ||
| "moduleDirectory": ["node_modules", "src"] | ||
| }, | ||
| "typescript": {} | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| # .git-blame-ignore-revs | ||
| # Added trailing commas to adhere to new eslint rules | ||
| b16296be30e150034524d6dd0b0418fc6b184267 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| lib/*.js linguist-generated=true | ||
| .github/workflows/__* linguist-generated=true | ||
|
|
||
| # Reduce incidence of needless merge conflicts on CHANGELOG.md | ||
| # The man page at | ||
| # https://mirrors.edge.kernel.org/pub/software/scm/git/docs/gitattributes.html | ||
| # suggests that this might interleave lines arbitrarily, but empirically | ||
| # it keeps added chunks contiguous | ||
| CHANGELOG.md merge=union |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| blank_issues_enabled: true | ||
| contact_links: | ||
| - name: Contact GitHub Support | ||
| url: https://support.github.com/request | ||
| about: Contact Support |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| name: Check Code-Scanning Config | ||
| description: | | ||
| Checks the code scanning configuration file generated by the | ||
| action to ensure it contains the expected contents | ||
| inputs: | ||
| languages: | ||
| required: false | ||
| description: The languages field passed to the init action. | ||
|
|
||
| packs: | ||
| required: false | ||
| description: The packs field passed to the init action. | ||
|
|
||
| queries: | ||
| required: false | ||
| description: The queries field passed to the init action. | ||
|
|
||
| config-file-test: | ||
| required: false | ||
| description: | | ||
| The location of the config file to use. If empty, | ||
| then no config file is used. | ||
| expected-config-file-contents: | ||
| required: true | ||
| description: | | ||
| A JSON string containing the exact contents of the config file. | ||
| tools: | ||
| required: true | ||
| description: | | ||
| The url of codeql to use. | ||
| runs: | ||
| using: composite | ||
| steps: | ||
| - uses: ./../action/init | ||
| with: | ||
| languages: ${{ inputs.languages }} | ||
| config-file: ${{ inputs.config-file-test }} | ||
| queries: ${{ inputs.queries }} | ||
| packs: ${{ inputs.packs }} | ||
| tools: ${{ inputs.tools }} | ||
| db-location: ${{ runner.temp }}/codescanning-config-cli-test | ||
| env: | ||
| CODEQL_ACTION_TEST_MODE: 'true' | ||
|
|
||
| - name: Install dependencies | ||
| shell: bash | ||
| run: npm install --location=global ts-node js-yaml | ||
|
|
||
| - name: Check config | ||
| working-directory: ${{ github.action_path }} | ||
| shell: bash | ||
| run: ts-node ./index.ts "${{ runner.temp }}/user-config.yaml" '${{ inputs.expected-config-file-contents }}' | ||
|
|
||
| - name: Clean up | ||
| shell: bash | ||
| if: always() | ||
| run: | | ||
| rm -rf ${{ runner.temp }}/codescanning-config-cli-test | ||
| rm -rf ${{ runner.temp }}/user-config.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
|
|
||
| import * as core from '@actions/core' | ||
| import * as yaml from 'js-yaml' | ||
| import * as fs from 'fs' | ||
| import * as assert from 'assert' | ||
|
|
||
| const actualConfig = loadActualConfig() | ||
|
|
||
| const rawExpectedConfig = process.argv[3].trim() | ||
| if (!rawExpectedConfig) { | ||
| core.info('No expected configuration provided') | ||
| } else { | ||
| core.startGroup('Expected generated user config') | ||
| core.info(yaml.dump(JSON.parse(rawExpectedConfig))) | ||
| core.endGroup() | ||
| } | ||
|
|
||
| const expectedConfig = rawExpectedConfig ? JSON.parse(rawExpectedConfig) : undefined; | ||
|
|
||
| assert.deepStrictEqual( | ||
| actualConfig, | ||
| expectedConfig, | ||
| 'Expected configuration does not match actual configuration' | ||
| ); | ||
|
|
||
|
|
||
| function loadActualConfig() { | ||
| if (!fs.existsSync(process.argv[2])) { | ||
| core.info('No configuration file found') | ||
| return undefined | ||
| } else { | ||
| const rawActualConfig = fs.readFileSync(process.argv[2], 'utf8') | ||
| core.startGroup('Actual generated user config') | ||
| core.info(rawActualConfig) | ||
| core.endGroup() | ||
|
|
||
| return yaml.load(rawActualConfig) | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| name: Check SARIF | ||
| description: Checks a SARIF file to see if certain queries were run and others were not run. | ||
| inputs: | ||
| sarif-file: | ||
| required: true | ||
| description: The SARIF file to check | ||
|
|
||
| queries-run: | ||
| required: true | ||
| description: | | ||
| Comma separated list of query ids that should be included in this SARIF file. | ||
| queries-not-run: | ||
| required: true | ||
| description: | | ||
| Comma separated list of query ids that should NOT be included in this SARIF file. | ||
| runs: | ||
| using: node16 | ||
| main: index.js |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| 'use strict' | ||
|
|
||
| const core = require('@actions/core') | ||
| const fs = require('fs') | ||
|
|
||
| const sarif = JSON.parse(fs.readFileSync(core.getInput('sarif-file'), 'utf8')) | ||
| const rules = sarif.runs[0].tool.extensions.flatMap(ext => ext.rules || []) | ||
| const ruleIds = rules.map(rule => rule.id) | ||
|
|
||
| // Check that all the expected queries ran | ||
| const expectedQueriesRun = getQueryIdsInput('queries-run') | ||
| const queriesThatShouldHaveRunButDidNot = expectedQueriesRun.filter(queryId => !ruleIds.includes(queryId)) | ||
|
|
||
| if (queriesThatShouldHaveRunButDidNot.length > 0) { | ||
| core.setFailed(`The following queries were expected to run but did not: ${queriesThatShouldHaveRunButDidNot.join(', ')}`) | ||
| } | ||
|
|
||
| // Check that all the unexpected queries did not run | ||
| const expectedQueriesNotRun = getQueryIdsInput('queries-not-run') | ||
|
|
||
| const queriesThatShouldNotHaveRunButDid = expectedQueriesNotRun.filter(queryId => ruleIds.includes(queryId)) | ||
|
|
||
| if (queriesThatShouldNotHaveRunButDid.length > 0) { | ||
| core.setFailed(`The following queries were NOT expected to have run but did: ${queriesThatShouldNotHaveRunButDid.join(', ')}`) | ||
| } | ||
|
|
||
|
|
||
| core.startGroup('All queries run') | ||
| rules.forEach(rule => { | ||
| core.info(`${rule.id}: ${(rule.properties && rule.properties.name) || rule.name}`) | ||
| }) | ||
| core.endGroup() | ||
|
|
||
| core.startGroup('Full SARIF') | ||
| core.info(JSON.stringify(sarif, null, 2)) | ||
| core.endGroup() | ||
|
|
||
| function getQueryIdsInput(name) { | ||
| return core.getInput(name) | ||
| .split(',') | ||
| .map(q => q.trim()) | ||
| .filter(q => q.length > 0) | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| name: "Prepare test" | ||
| description: Performs some preparation to run tests | ||
| inputs: | ||
| version: | ||
| description: "The version of the CodeQL CLI to use. Can be 'latest', 'default', 'nightly-latest', 'nightly-YYYY-MM-DD', or 'stable-YYYY-MM-DD'." | ||
| required: true | ||
| use-all-platform-bundle: | ||
| description: "If true, we output a tools URL with codeql-bundle.tar.gz file rather than platform-specific URL" | ||
| default: 'false' | ||
| required: false | ||
| outputs: | ||
| tools-url: | ||
| description: "The value that should be passed as the 'tools' input of the 'init' step." | ||
| value: ${{ steps.get-url.outputs.tools-url }} | ||
| runs: | ||
| using: composite | ||
| steps: | ||
| - name: Move codeql-action | ||
| shell: bash | ||
| run: | | ||
| mkdir ../action | ||
| mv * .github ../action/ | ||
| mv ../action/tests/multi-language-repo/{*,.github} . | ||
| mv ../action/.github/workflows .github | ||
| - id: get-url | ||
| name: Determine URL | ||
| shell: bash | ||
| run: | | ||
| set -e # Fail this Action if `gh release list` fails. | ||
| if [[ ${{ inputs.use-all-platform-bundle }} == "true" ]]; then | ||
| artifact_name="codeql-bundle.tar.gz" | ||
| elif [[ "$RUNNER_OS" == "Linux" ]]; then | ||
| artifact_name="codeql-bundle-linux64.tar.gz" | ||
| elif [[ "$RUNNER_OS" == "macOS" ]]; then | ||
| artifact_name="codeql-bundle-osx64.tar.gz" | ||
| elif [[ "$RUNNER_OS" == "Windows" ]]; then | ||
| artifact_name="codeql-bundle-win64.tar.gz" | ||
| else | ||
| echo "::error::Unrecognized OS $RUNNER_OS" | ||
| exit 1 | ||
| fi | ||
| if [[ ${{ inputs.version }} == "nightly-latest" ]]; then | ||
| tag=`gh release list --repo dsp-testing/codeql-cli-nightlies -L 1 | cut -f 3` | ||
| echo "tools-url=https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/$tag/$artifact_name" >> $GITHUB_OUTPUT | ||
| elif [[ ${{ inputs.version }} == *"nightly"* ]]; then | ||
| version=`echo ${{ inputs.version }} | sed -e 's/^.*\-//'` | ||
| echo "tools-url=https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-$version-manual/$artifact_name" >> $GITHUB_OUTPUT | ||
| elif [[ ${{ inputs.version }} == *"stable"* ]]; then | ||
| version=`echo ${{ inputs.version }} | sed -e 's/^.*\-//'` | ||
| echo "tools-url=https://github.com/github/codeql-action/releases/download/codeql-bundle-$version/$artifact_name" >> $GITHUB_OUTPUT | ||
| elif [[ ${{ inputs.version }} == "latest" ]]; then | ||
| echo "tools-url=latest" >> $GITHUB_OUTPUT | ||
| elif [[ ${{ inputs.version }} == "default" ]]; then | ||
| echo "tools-url=" >> $GITHUB_OUTPUT | ||
| else | ||
| echo "::error::Unrecognized version specified!" | ||
| exit 1 | ||
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| name: Query Filter Test | ||
| description: Runs a test of query filters using the check SARIF action | ||
| inputs: | ||
| sarif-file: | ||
| required: true | ||
| description: The SARIF file to check | ||
|
|
||
| queries-run: | ||
| required: true | ||
| description: | | ||
| Comma separated list of query ids that should be included in this SARIF file. | ||
| queries-not-run: | ||
| required: true | ||
| description: | | ||
| Comma separated list of query ids that should NOT be included in this SARIF file. | ||
| config-file: | ||
| required: true | ||
| description: | | ||
| The location of the codeql configuration file to use. | ||
| tools: | ||
| required: true | ||
| description: | | ||
| The url of codeql to use. | ||
| runs: | ||
| using: composite | ||
| steps: | ||
| - uses: ./../action/init | ||
| with: | ||
| languages: javascript | ||
| config-file: ${{ inputs.config-file }} | ||
| tools: ${{ inputs.tools }} | ||
| db-location: ${{ runner.temp }}/query-filter-test | ||
| env: | ||
| CODEQL_ACTION_TEST_MODE: "true" | ||
| - uses: ./../action/analyze | ||
| with: | ||
| output: ${{ runner.temp }}/results | ||
| upload-database: false | ||
| upload: never | ||
| env: | ||
| CODEQL_ACTION_TEST_MODE: "true" | ||
| - name: Check SARIF | ||
| uses: ./../action/.github/actions/check-sarif | ||
| with: | ||
| sarif-file: ${{ inputs.sarif-file }} | ||
| queries-run: ${{ inputs.queries-run}} | ||
| queries-not-run: ${{ inputs.queries-not-run}} | ||
| - name: Cleanup after test | ||
| shell: bash | ||
| run: rm -rf "$RUNNER_TEMP/results" "$RUNNER_TEMP/query-filter-test" |
Oops, something went wrong.