Skip to content

Commit a494fed

Browse files
aeisenbergaeisenberg
committed
Add threat-models as a property to config file and inputs
There's a lot of changes here, but it's pretty formulaic. It follows the approach used by the `queries` input and config property. `threat-models` can appear as an input or in the config file. If it appears in the input, then we need to either merge it with the threat-models in the config (if prefixed with `+`) or overwrite it. There's no danger if someone uses `threat-models` with an older CLI since the CLI can handle configs with extra properties.
1 parent afdf30f commit a494fed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

44 files changed

+534
-142
lines changed

Diff for: init/action.yml

+7-2
Original file line numberDiff line numberDiff line change
@@ -45,17 +45,22 @@ inputs:
4545
description: Path where CodeQL databases should be created. If not specified, a temporary directory will be used.
4646
required: false
4747
queries:
48-
description: Comma-separated list of additional queries to run. By default, this overrides the same setting in a configuration file; prefix with "+" to use both sets of queries.
48+
description: Comma-separated list of additional queries to run. By default, this overrides the same setting in a configuration file; prefix with "+" to combine both sets of queries.
4949
required: false
5050
packs:
5151
description: >-
5252
[Experimental] Comma-separated list of packs to run. Reference a pack in the format `scope/name[@version]`. If `version` is not
5353
specified, then the latest version of the pack is used. By default, this overrides the same setting in a
54-
configuration file; prefix with "+" to use both sets of packs.
54+
configuration file; prefix with "+" to combine both sets of packs.
5555
5656
This input is only available in single-language analyses. To use packs in multi-language
5757
analyses, you must specify packs in the codeql-config.yml file.
5858
required: false
59+
threat-models:
60+
description: >-
61+
[Experimental] Comma-separated list of threat models to include in this analysis. By default, this overrides the same setting in a
62+
configuration file; prefix with "+" to combine both sets of threat-models.
63+
required: false
5964
external-repository-token:
6065
description: A token for fetching external config files and queries if they reside in a private repository in the same GitHub instance that is running this action.
6166
required: false

Diff for: lib/analysis-paths.test.js

+4-15
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Diff for: lib/analysis-paths.test.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Diff for: lib/analyze.test.js

+3-10
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)