Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Update CodeQL workflow and configuration, fix found bugs (#51263)
  • Loading branch information
jakebailey committed Oct 27, 2022
1 parent d8aad26 commit 754eeb2
Show file tree
Hide file tree
Showing 5 changed files with 64 additions and 50 deletions.
6 changes: 5 additions & 1 deletion .github/codeql/codeql-configuration.yml
@@ -1,4 +1,8 @@
name : CodeQL Configuration

paths:
- './src'
- src
- scripts
- Gulpfile.mjs
paths-ignore:
- src/lib
90 changes: 52 additions & 38 deletions .github/workflows/codeql.yml
@@ -1,50 +1,64 @@
name: "Code scanning - action"
name: "Code Scanning - Action"

on:
push:
branches:
- main
- release-*
pull_request:
branches:
- main
- release-*
schedule:
- cron: '0 19 * * 0'
# ┌───────────── minute (0 - 59)
# │ ┌───────────── hour (0 - 23)
# │ │ ┌───────────── day of the month (1 - 31)
# │ │ │ ┌───────────── month (1 - 12 or JAN-DEC)
# │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT)
# │ │ │ │ │
# │ │ │ │ │
# │ │ │ │ │
# * * * * *
- cron: '30 1 * * 0'

jobs:
CodeQL-Build:

# CodeQL runs on ubuntu-latest and windows-latest
# CodeQL runs on ubuntu-latest, windows-latest, and macos-latest
runs-on: ubuntu-latest
if: github.repository == 'microsoft/TypeScript'

permissions:
# required for all workflows
security-events: write

steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
config-file: ./.github/codeql/codeql-configuration.yml
# Override language selection by uncommenting this and choosing your languages
# with:
# languages: go, javascript, csharp, python, cpp, java

# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl

# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language

#- run: |
# make bootstrap
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
- name: Checkout repository
uses: actions/checkout@v3

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
config-file: ./.github/codeql/codeql-configuration.yml
# Override language selection by uncommenting this and choosing your languages
# with:
# languages: go, javascript, csharp, python, cpp, java

# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below).
- name: Autobuild
uses: github/codeql-action/autobuild@v2

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun

# ✏️ If the Autobuild fails above, remove it and uncomment the following
# three lines and modify them (or add more) to build your code if your
# project uses a compiled language

#- run: |
# make bootstrap
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
2 changes: 1 addition & 1 deletion scripts/generateLocalizedDiagnosticMessages.mjs
Expand Up @@ -171,7 +171,7 @@ function main() {
*/
function getItemXML(key, value) {
// escape entrt value
value = value.replace(/]/, "]5D;");
value = value.replace(/]/g, "]5D;");

return `
<Item ItemId=";${key}" ItemType="0" PsrId="306" Leaf="true">
Expand Down
2 changes: 1 addition & 1 deletion scripts/importDefinitelyTypedTests.mjs
Expand Up @@ -157,7 +157,7 @@ function importDefinitelyTypedTests(tscPath, rwcTestPath, definitelyTypedRoot) {

if (testFiles.length === 0) {
// no test files but multiple d.ts's, e.g. winjs
const regexp = new RegExp(d + "(([-][0-9])|([\.]d[\.]ts))");
const regexp = new RegExp(d + "(([-][0-9])|(\\.d\\.ts))");
if (tsFiles.length > 1 && tsFiles.every(t => filePathEndsWith(t, ".d.ts") && regexp.test(t))) {
for (const fileName of tsFiles) {
importDefinitelyTypedTest(tscPath, rwcTestPath, path.basename(fileName, ".d.ts"), [fileName], paramFile);
Expand Down
14 changes: 5 additions & 9 deletions scripts/processDiagnosticMessages.mjs
Expand Up @@ -104,19 +104,15 @@ function buildInfoFileOutput(messageTable, inputFilePathRel, thisFilePathRel) {
* @returns {string}
*/
function buildDiagnosticMessageOutput(messageTable) {
let result = "{";
/** @type {Record<string, string>} */
const result = {};

messageTable.forEach(({ code }, name) => {
const propName = convertPropertyName(name);
result += `\r\n "${createKey(propName, code)}" : "${name.replace(/[\"]/g, '\\"')}",`;
result[createKey(propName, code)] = name;
});

// Shave trailing comma, then add newline and ending brace
result = result.slice(0, result.length - 1) + "\r\n}";

// Assert that we generated valid JSON
JSON.parse(result);

return result;
return JSON.stringify(result, undefined, 2).replace(/\r?\n/g, "\r\n");
}

/**
Expand Down

0 comments on commit 754eeb2

Please sign in to comment.