Mercurial > p > roundup > code
annotate .github/workflows/codeql-analysis.yml @ 6593:e70e2789bc2c
issue2551189 - increase text search maxlength
This removes I think all the magic references to 25 and 30 (varchar
size) and replaces them with references to maxlength or maxlength+5.
I am not sure why the db column is 5 characters larger than the size
of what should be the max size of a word, but I'll keep the buffer
of 5 as making it 1/5 the size of maxlength makes less sense.
Also added tests for fts search in templating which were missing.
Added postgres, mysql and sqlite native indexing backends in which to
test fts. Added fts test to native-fts as well to make sure it's
working.
I want to commit this now for CI.
Todo:
add test cases for the use of FTS in the csv output in
actions.py. There is no test coverage of the match case there.
change maxlength to a higher value (50) as requested in the ticket.
Modify existing extremewords test cases to allow words > 25 and < 51
write code to migrate column sizes for mysql and postgresql to match
maxlength I will roll this into the version 7 schema update that
supports use of database fts support.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 25 Jan 2022 13:22:00 -0500 |
| parents | 9972e26ab140 |
| children | 432edc4d8123 |
| rev | line source |
|---|---|
|
6286
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
1 # For most projects, this workflow file will not need changing; you simply need |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
2 # to commit it to your repository. |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
3 # |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
4 # You may wish to alter this file to override the set of languages analyzed, |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
5 # or to provide custom queries or build logic. |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
6 # |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
7 # ******** NOTE ******** |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
8 # We have attempted to detect the languages in your repository. Please check |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
9 # the `language` matrix defined below to confirm you have the correct set of |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
10 # supported CodeQL languages. |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
11 # ******** NOTE ******** |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
12 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
13 name: "CodeQL" |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
14 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
15 on: |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
16 push: |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
17 branches: [ master ] |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
18 pull_request: |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
19 # The branches below must be a subset of the branches above |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
20 branches: [ master ] |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
21 schedule: |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
22 - cron: '28 17 * * 1' |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
23 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
24 jobs: |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
25 analyze: |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
26 name: Analyze |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
27 runs-on: ubuntu-latest |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
28 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
29 strategy: |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
30 fail-fast: false |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
31 matrix: |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
32 language: [ 'javascript', 'python' ] |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
33 # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
34 # Learn more... |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
35 # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
36 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
37 steps: |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
38 - name: Checkout repository |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
39 uses: actions/checkout@v2 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
40 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
41 # Initializes the CodeQL tools for scanning. |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
42 - name: Initialize CodeQL |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
43 uses: github/codeql-action/init@v1 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
44 with: |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
45 languages: ${{ matrix.language }} |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
46 # If you wish to specify custom queries, you can do so here or in a config file. |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
47 # By default, queries listed here will override any specified in a config file. |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
48 # Prefix the list here with "+" to use these queries and those in the config file. |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
49 # queries: ./path/to/local/query, your-org/your-repo/queries@main |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
50 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
51 # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
52 # If this step fails, then you should remove it and run the build manually (see below) |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
53 - name: Autobuild |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
54 uses: github/codeql-action/autobuild@v1 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
55 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
56 # âšī¸ Command-line programs to run using the OS shell. |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
57 # đ https://git.io/JvXDl |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
58 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
59 # âī¸ If the Autobuild fails above, remove it and uncomment the following three lines |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
60 # and modify them (or add more) to build your code if your project |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
61 # uses a compiled language |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
62 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
63 #- run: | |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
64 # make bootstrap |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
65 # make release |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
66 |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
67 - name: Perform CodeQL Analysis |
|
9972e26ab140
add security analysis workflow
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
68 uses: github/codeql-action/analyze@v1 |