Skip to content

Merge main into releases/v4 #3867

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mbg merged 87 commits into from
May 1, 2026
Merged

Merge main into releases/v4 #3867

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
87 commits
Select commit Hold shift + click to select a range
bad0a74
Store all built-in languages
henrymercer Apr 10, 2026
e6c21da
Refactoring: Rename `KnownLanguage` to `BuiltInLanguage`
henrymercer Apr 10, 2026
97bcdd8
Move script to `pr-checks` directory
henrymercer Apr 13, 2026
8cf2dc5
Fix casing mismatch
henrymercer Apr 13, 2026
130ab2d
Improve JSDoc
henrymercer Apr 13, 2026
7c9e131
Add constant for builtin languages file path
henrymercer Apr 13, 2026
cb52ba6
Refactoring: Split up script
henrymercer Apr 13, 2026
1aef4ed
Exclude new TypeScript code from package tests
henrymercer Apr 13, 2026
90d7616
Merge branch 'main' into henrymercer/record-all-builtin-languages
henrymercer Apr 13, 2026
f8b6213
Include experimental languages
henrymercer Apr 14, 2026
8d9c36a
Update changelog and version after v4.35.2
github-actions[bot] Apr 15, 2026
ca7d6d3
Rebuild
github-actions[bot] Apr 15, 2026
f820c80
Merge pull request #3825 from github/mergeback/v4.35.2-to-main-95e58e9a
henrymercer Apr 15, 2026
6847a42
Bump follow-redirects from 1.15.11 to 1.16.0
dependabot[bot] Apr 15, 2026
9df9e91
Rebuild
github-actions[bot] Apr 15, 2026
e2d518d
Merge pull request #3827 from github/dependabot/npm_and_yarn/follow-r…
henrymercer Apr 15, 2026
9f95de4
Add workflow to rerun potentially transient failures
henrymercer Apr 15, 2026
3b3a775
Rename job
henrymercer Apr 15, 2026
79f9c05
Merge remote-tracking branch 'origin/main' into henrymercer/record-al…
henrymercer Apr 15, 2026
6777c89
Merge pull request #3811 from github/henrymercer/record-all-builtin-l…
henrymercer Apr 15, 2026
d64d81d
Bump the npm-minor group across 1 directory with 2 updates
dependabot[bot] Apr 15, 2026
5019ed0
Bump eslint-import-resolver-typescript from 3.8.7 to 4.4.4
dependabot[bot] Apr 15, 2026
0ac8596
Merge branch 'main' into dependabot/npm_and_yarn/npm-minor-f46f1f14d7
henrymercer Apr 16, 2026
0b7b740
Merge pull request #3831 from github/dependabot/npm_and_yarn/npm-mino…
henrymercer Apr 16, 2026
1dcdb94
Merge pull request #3830 from github/henrymercer/deflake
henrymercer Apr 21, 2026
f6a5638
Escape "+"s in `on.workflow_run.workflows`
henrymercer Apr 22, 2026
4cbe7be
Merge pull request #3839 from github/henrymercer/workflow-run-triggers
henrymercer Apr 22, 2026
c2574ef
Bump the npm-minor group across 1 directory with 3 updates
dependabot[bot] Apr 22, 2026
4fb8483
Merge pull request #3835 from github/dependabot/npm_and_yarn/eslint-i…
henrymercer Apr 22, 2026
860353f
Merge pull request #3840 from github/dependabot/npm_and_yarn/npm-mino…
henrymercer Apr 22, 2026
f0e6490
Bump uuid from 13.0.0 to 14.0.0
dependabot[bot] Apr 22, 2026
365478c
Bump fast-xml-parser from 5.5.7 to 5.7.1
dependabot[bot] Apr 22, 2026
c486cac
Rebuild
github-actions[bot] Apr 22, 2026
6c35f86
Rebuild
github-actions[bot] Apr 22, 2026
59aede2
Merge pull request #3847 from github/dependabot/npm_and_yarn/uuid-14.0.0
henrymercer Apr 22, 2026
c60c755
Merge pull request #3848 from github/dependabot/npm_and_yarn/fast-xml…
henrymercer Apr 22, 2026
858a614
Simplify `writeDiffRangeDataExtensionPack` interface
henrymercer Apr 23, 2026
19b3a84
Merge pull request #3849 from github/henrymercer/simplify-diff-range-…
henrymercer Apr 23, 2026
243c274
Add simple JSON schema / validation helpers
mbg Apr 25, 2026
0752451
Use schema/validation for existing OIDC config types
mbg Apr 25, 2026
c8e26e2
Move `getAuthConfig` out of `start-proxy.ts`
mbg Apr 25, 2026
bc4097b
Simplify credential cloning in `getAuthConfig`
mbg Apr 25, 2026
d2a54a4
Add schemas for basic credential types
mbg Apr 25, 2026
2acf819
Add tests for `getAuthConfig`
mbg Apr 25, 2026
530fcb3
Group OIDC schemas into an array
mbg Apr 25, 2026
70b2658
Validate Cloudsmith OIDC configurations
mbg Apr 25, 2026
4d2c7c6
Validate GCP OIDC configurations
mbg Apr 25, 2026
efdcb31
Accept `replaces-base` option
mbg Apr 25, 2026
0ed734b
Ignore test files
mbg Apr 25, 2026
6153577
Switch from `HEAD` to `GET` requests
mbg Apr 28, 2026
cdb655d
Add random suffix when writing diagnostics to avoid filename collisions
henrymercer Apr 28, 2026
e73c940
Defensively sanitize timestamp
henrymercer Apr 28, 2026
c109008
Add changelog note
henrymercer Apr 28, 2026
245f682
Use a counter instead of Math.random for diagnostic filename suffix
henrymercer Apr 28, 2026
7c5585e
Merge pull request #3852 from github/henrymercer/avoid-diagnostic-col…
henrymercer Apr 28, 2026
30e0f43
Use `/v3/index.json` for NuGet feed check
mbg Apr 28, 2026
7a818e6
Log disclaimer about connection tests, with link to docs
mbg Apr 28, 2026
de303a9
Update supported GitHub Enterprise Server versions
github-actions[bot] Apr 17, 2026
97be3af
Deprecate CodeQL versions 2.19.3 and earlier
henrymercer Apr 28, 2026
0a63608
Add GHES 3.21 to supported versions table
henrymercer Apr 28, 2026
56733fb
Add log group for downloading overlay-base DB
henrymercer Apr 28, 2026
4fe9b1e
Merge pull request #3856 from github/henrymercer/overlay-add-log-group
henrymercer Apr 29, 2026
7108503
Bump @ava/typescript from 6.0.0 to 7.0.0
dependabot[bot] Apr 29, 2026
5145c11
Bump ruby/setup-ruby
dependabot[bot] Apr 29, 2026
f073360
Rebuild
github-actions[bot] Apr 29, 2026
1517969
Merge pull request #3837 from github/update-supported-enterprise-serv…
henrymercer Apr 30, 2026
bac7fda
Fix linter error
mbg Apr 30, 2026
35715ef
Improve typing of `cloneCredential`
mbg Apr 30, 2026
91fbc51
Improve `validateSchema` comment
mbg Apr 30, 2026
7a6ed56
Modify `FromSchema` so that optional properties are actually optional
mbg Apr 30, 2026
549683c
Make it clearer what the expectations for `isUsernamePassword` are
mbg Apr 30, 2026
1fed3e9
Merge branch 'main' into dependabot/npm_and_yarn/ava/typescript-7.0.0
henrymercer Apr 30, 2026
fcf29e3
Merge pull request #3862 from github/dependabot/github_actions/dot-gi…
henrymercer Apr 30, 2026
b779832
Fix `permutations` comment
mbg Apr 30, 2026
facd53f
Merge pull request #3859 from github/dependabot/npm_and_yarn/ava/type…
henrymercer Apr 30, 2026
d1edf2e
Improve `replaces-base` validation and add tests
mbg Apr 30, 2026
0a4d574
Add changelog entry
mbg Apr 30, 2026
022ff3c
Merge remote-tracking branch 'origin/main' into mbg/private-registry/…
mbg Apr 30, 2026
a6109b1
Merge pull request #3853 from github/mbg/start-proxy/improved-checks
mbg Apr 30, 2026
262a15f
Add generic non-printable chars test for OIDC configs
mbg Apr 30, 2026
7851e55
Merge pull request #3850 from github/mbg/private-registry/cloudsmith-gcp
mbg Apr 30, 2026
2bb2095
Update default bundle to codeql-bundle-v2.25.3
github-actions[bot] Apr 30, 2026
7190983
Add changelog note
github-actions[bot] Apr 30, 2026
8c6e48d
Merge pull request #3865 from github/update-bundle/codeql-bundle-v2.25.3
henrymercer Apr 30, 2026
ec298da
Update changelog for v4.35.3
github-actions[bot] May 1, 2026
24e0bb0
Reorder changelog entries
mbg May 1, 2026
b73d1d1
Add changelog entry for #3853
mbg May 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Log disclaimer about connection tests, with link to docs
  • Loading branch information
@mbg
mbg committed Apr 28, 2026
commit 7a818e69771a11e3c5263c3824ac9b3f67f576d3
5 changes: 5 additions & 0 deletions lib/start-proxy-action.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions src/doc-url.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ export enum DocUrl {
CODEQL_BUILD_MODES = "https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes",
DEFINE_ENV_VARIABLES = "https://docs.github.com/en/actions/learn-github-actions/variables#defining-environment-variables-for-a-single-workflow",
DELETE_ACTIONS_CACHE_ENTRIES = "https://docs.github.com/en/actions/how-tos/manage-workflow-runs/manage-caches#deleting-cache-entries",
PRIVATE_REGISTRY_LOGS = "https://docs.github.com/en/code-security/reference/code-scanning/code-scanning-logs#diagnostic-information-for-private-package-registries",
SCANNING_ON_PUSH = "https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#scanning-on-push",
SPECIFY_BUILD_STEPS_MANUALLY = "https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#about-specifying-build-steps-manually",
SYSTEM_REQUIREMENTS = "https://codeql.github.com/docs/codeql-overview/system-requirements/",
Expand Down
2 changes: 1 addition & 1 deletion src/start-proxy-action.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ async function run(startedAt: Date) {
logger,
);

// Check that the private registries are reachable.
// Perform best-effort checks that the private registries are reachable.
await checkConnections(logger, proxyInfo);

// Report success if we have reached this point.
Expand Down
9 changes: 9 additions & 0 deletions src/start-proxy/reachability.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ import * as https from "https";

import { HttpsProxyAgent } from "https-proxy-agent";

import { DocUrl } from "../doc-url";
import { Logger } from "../logging";
import { getErrorMessage } from "../util";

Expand Down Expand Up @@ -114,6 +115,13 @@ export async function checkConnections(
// Don't do anything if there are no registries.
if (proxy.registries.length === 0) return result;

// Start a log group and print a message with a disclaimer with a link to the
// relevant documentation that these checks are a best-effort process.
logger.startGroup("Testing connections via the proxy");
logger.info(
`The connection tests performed here are best-effort only and failures here may not affect the subsequent analysis. See ${DocUrl.PRIVATE_REGISTRY_LOGS} for more information.`,
);

try {
// Initialise a networking backend if no backend was provided.
if (backend === undefined) {
Expand Down Expand Up @@ -158,5 +166,6 @@ export async function checkConnections(
);
}

logger.endGroup();
return result;
}
Loading