Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge main into v1 #913

Merged
merged 63 commits into from
Feb 7, 2022
Merged

Merge main into v1 #913

merged 63 commits into from
Feb 7, 2022

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Feb 7, 2022
edited by henrymercer
Loading

Merging 4eb03fb into v1

Conductor for this PR is @cklin

Contains the following pull requests:

Contains the following commits not from a pull request:

Please review the following:

  • The CHANGELOG displays the correct version and date.
  • The CHANGELOG includes all relevant, user-facing changes since the last release.
  • There are no unexpected commits being merged into the v1 branch.
  • The docs team is aware of any documentation changes that need to be released.
  • The mergeback PR is merged back into main after this PR is merged.

dependabot bot and others added 30 commits January 29, 2022 01:15
@dependabot
Bump trim-off-newlines from 1.0.2 to 1.0.3
253bc84 
Bumps [trim-off-newlines](https://github.com/stevemao/trim-off-newlines) from 1.0.2 to 1.0.3.
- [Release notes](https://github.com/stevemao/trim-off-newlines/releases)
- [Commits](stevemao/trim-off-newlines@v1.0.2...v1.0.3)

---
updated-dependencies:
- dependency-name: trim-off-newlines
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
Update checked-in dependencies
8e07ec6
@henrymercer
Merge branch 'main' into dependabot/npm_and_yarn/trim-off-newlines-1.0.3
9664bae
@henrymercer
Merge pull request #893 from github/dependabot/npm_and_yarn/trim-off-…
ea2ef85 
…newlines-1.0.3

Bump trim-off-newlines from 1.0.2 to 1.0.3
Update changelog and version after v1.0.31
30790fe
1.0.32
ce6e94b
@aeisenberg
Merge branch 'main' into mergeback/v1.0.31-to-main-1a927e93
6677734
Update checked-in dependencies
a602dbe
@dependabot
Bump long from 4.0.0 to 5.2.0
ba2b46d 
Bumps [long](https://github.com/dcodeIO/long.js) from 4.0.0 to 5.2.0.
- [Release notes](https://github.com/dcodeIO/long.js/releases)
- [Commits](dcodeIO/long.js@4.0.0...v5.2.0)

---
updated-dependencies:
- dependency-name: long
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Update checked-in dependencies
3929310
@aeisenberg
Merge pull request #900 from github/mergeback/v1.0.31-to-main-1a927e93
e9d5234 
Mergeback v1.0.31 refs/heads/v1 into main
@aeisenberg
Add a permissions block for generated workflows
e9aa2c6 
Ensure that all workflows are able to write security events.
@cw-alexcroteau
Adds ref and SHA as inputs, and sarif-id as output
980fd4e
@cw-alexcroteau @aeisenberg
Apply documentation suggestions from code review
0dd4dbf 
Co-authored-by: Andrew Eisenberg <[email protected]>
@cw-alexcroteau
Applies recomendation in upload-sarif/action.yml
5916f98
@cw-alexcroteau
Adds check on inputs and compiled files
1eaaf07
@cw-alexcroteau
Adds integration test and fixes linting
1bfa9ac
@cw-alexcroteau
Fixes integration test
260b4d5
@cw-alexcroteau
Updates javascript files
3cc8799
@cw-alexcroteau
Fixes integration tests referred repo
63d0c78
@cw-alexcroteau
Changes to commit hash in main branch
dfe2bc4
@cw-alexcroteau
Splits integration tests
9f36b75
@cw-alexcroteau
Regenerates test workflows
72f9a88
@henrymercer
Merge branch 'main' into dependabot/npm_and_yarn/long-5.2.0
ae87410
@henrymercer
Merge pull request #901 from github/dependabot/npm_and_yarn/long-5.2.0
a9da9fc 
Bump long from 4.0.0 to 5.2.0
@dependabot
Bump @ava/typescript from 2.0.0 to 3.0.1
1163942 
Bumps [@ava/typescript](https://github.com/avajs/typescript) from 2.0.0 to 3.0.1.
- [Release notes](https://github.com/avajs/typescript/releases)
- [Commits](avajs/typescript@v2.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: "@ava/typescript"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@cannist
Detect merge base as base_sha for upload
e836f97
@cannist
remove some debug info
ec0b3ae
Update checked-in dependencies
9a40cc5
@aeisenberg
Avoid sending status reports in test mode
36419a7
aeisenberg and others added 24 commits February 1, 2022 19:17
@aeisenberg
Remove security-events: write from tests
b2af074 
This is not necessary.
@henrymercer
Fix changelog
78eb2c9 
Move a couple of entries for #889 that should have been in the
unreleased section but were inadvertently moved into the 1.0.31
release.
@henrymercer
Merge pull request #905 from github/henrymercer/fix-changelog
6081b90 
Fix changelog
@aibaars
Fix typo in error message
d57c276
@cannist
Merge branch 'main' into use-better-base-sha
3469c69
@henrymercer
Merge pull request #906 from github/aibaars/fix-typo
942b34d 
Fix typo in error message
@henrymercer
Merge branch 'main' into dependabot/npm_and_yarn/ava/typescript-3.0.1
6a6a320
@henrymercer
Merge pull request #822 from github/dependabot/npm_and_yarn/ava/types…
ff33f03 
…cript-3.0.1

Upgrade AVA to v4
@henrymercer
Convert status report comments to documentation
a005206
@henrymercer
Add ML-powered queries enablement to init status report
1cddec9 
We report this information in the `init` status report rather than the
`analyze` status report so we can gather data about timeouts.
@cannist
Merge branch 'main' into use-better-base-sha
9b14aa7
@cannist
Merge pull request #858 from github/use-better-base-sha
904d0ac 
Declare the merge base as base for code scanning comparisons
@henrymercer
Only add ML-powered queries pack if the user didn't manually request it
9f32fc9
@henrymercer
Add "multiple" report for ML-powered JS query enablement
537b2f8 
When multiple ML-powered JS packs are in scope (an unsupported
scenario), the status report is "multiple".
@henrymercer
Merge branch 'main' into henrymercer/report-ml-powered-query-enablement
ad40e4a
@henrymercer
Update getMlPoweredJsQueriesStatus doc
501fe7f
@cklin
Update default CodeQL version to 2.8.0
aab5452
@cklin
Merge pull request #911 from github/cklin/codeql-cli-2.8.0
16d4068 
Update default CodeQL version to 2.8.0
@henrymercer
Nit: Simplify code with optional chaining
f888be7
@henrymercer
Limit cardinality of ML-powered JS queries status report
c95a3d8 
Some platforms that ingest this status report charge based on the
cardinality of the fields, so here we restrict the version strings we
support to a fixed set.
@henrymercer
Merge branch 'main' into henrymercer/report-ml-powered-query-enablement
cc622a0
@henrymercer
Add more documentation for ML-powered JS queries status report
03c64ef 
Also be more explicit about which version strings are reportable in
the code.
@henrymercer
Merge pull request #907 from github/henrymercer/report-ml-powered-que…
4eb03fb 
…ry-enablement

Report ML-powered query enablement in the `init` status report
1.0.32
6d8390b
@henrymercer henrymercer marked this pull request as ready for review February 7, 2022 17:24
@henrymercer henrymercer requested a review from a team as a code owner February 7, 2022 17:24
@cklin cklin merged commit 2b46439 into v1 Feb 7, 2022
@cklin cklin deleted the update-v1.0.32-4eb03fb6 branch February 7, 2022 18:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cklin cklin cklin approved these changes

Assignees

@cklin cklin

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@cklin @henrymercer @aeisenberg @cw-alexcroteau @cannist @aibaars