Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge main into releases/v2 #1476

Merged
merged 46 commits into from
Jan 12, 2023
Merged

Merge main into releases/v2 #1476

merged 46 commits into from
Jan 12, 2023

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Jan 12, 2023

Merging 70fdddf into releases/v2

Conductor for this PR is @dbartol.

Contains the following pull requests:

Please do the following:

  • Ensure the CHANGELOG displays the correct version and date.
  • Ensure the CHANGELOG includes all relevant, user-facing changes since the last release.
  • Check that there are not any unexpected commits being merged into the releases/v2 branch.
  • Ensure the docs team is aware of any documentation changes that need to be released.
  • Approve and merge this PR. Make sure Create a merge commit is selected rather than Squash and merge or Rebase and merge.
  • Merge the mergeback PR that will automatically be created once this PR is merged.
  • Merge the v1 release PR that will automatically be created once this PR is merged.

github-actions[bot] and others added 30 commits December 14, 2022 14:06
Mergeback v2.1.37 refs/heads/releases/v2 into main
…ests

Remove tests with old certifi dependency
This doesn’t affect the overall behaviour, but means we can
short-circuit slightly more quickly when `analyze` is passed
`upload: false`.
We now report errors via telemetry, and this feature will shortly be
enabled by default.
Test results directly via return value of `testFailedSarifUpload` vs
via checking log messages.
Ensure we are regularly running code scanning using
the latest CodeQL and remain up to date with the
internal security scorecard, even if we have a period
longer than a week with no pushes to the repo.
…ng-schedule

Code scanning: Add scheduled trigger to workflow
…-improvements

Improve reporting failed runs via SARIF
)

* Add CLI version field to `defaults` file

* Add fields for prior CLI version
This commit does a few related things:

1. Bumps the minimum version for cli config parsing to 2.10.6
2. Ensures that if cli config parsing is enabled, then remove repos
   are _not_ downloaded by the action. It happens in the CLI.
3. Passes the `--external-repository-token-stdin` option to the CLI
   and passes the appropriate token via stdin if cli config parsing is
   enabled.
…tream

Use a stream when uploading database contents
@dbartol dbartol marked this pull request as ready for review January 12, 2023 02:29
@dbartol dbartol requested review from a team as code owners January 12, 2023 02:29
Comment on lines +50 to +61
{
owner: repositoryNwo.owner,
repo: repositoryNwo.repo,
language,
name: `${language}-database`,
data: bundledDbReadStream,
headers: {
authorization: `token ${apiDetails.auth}`,
"Content-Type": "application/zip",
"Content-Length": bundledDbSize,
},
}

Check warning

Code scanning / CodeQL

File data in outbound network request

Outbound network request depends on [file data](1).
@henrymercer henrymercer assigned henrymercer and unassigned dbartol Jan 12, 2023
@henrymercer
Copy link
Contributor

@dbartol I'll go ahead and release this now to unblock some other changes.

@henrymercer henrymercer merged commit 515828d into releases/v2 Jan 12, 2023
@henrymercer henrymercer deleted the update-v2.1.38-70fdddff branch January 12, 2023 10:32
@github-actions github-actions bot mentioned this pull request Jan 12, 2023
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants