From 932119ebdd97dd1f6128e4a5b80a7097f1ae2b03 Mon Sep 17 00:00:00 2001 From: Andrew Eisenberg Date: Thu, 31 Aug 2023 05:52:56 -0700 Subject: [PATCH 1/4] Document the `groups` property in codeql pack files (#41576) Co-authored-by: Rachael Rose Renk <91027132+rachaelrenk@users.noreply.github.com> Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com> --- .../publishing-and-using-codeql-packs.md | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md index 4fbc7087ea1f..a9b7c6174d64 100644 --- a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md +++ b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/publishing-and-using-codeql-packs.md @@ -247,6 +247,24 @@ The following properties are supported in `qlpack.yml` files. precision: medium ``` +#### `groups` + +- Optional. +- Defines logical groupings of packs in a {% data variables.product.prodname_codeql %} workspace. Using groups is a way to apply pack operations to subsets of packs in a workspace. For example, the following pack is defined to be a part of the `java` and the `experimental` groups: + + ```yaml + groups: + - java + - experimental + ``` + + Running `codeql pack publish --groups java,-experimental` will publish all of the packs in the `java` group, _except_ the `experimental` packs. You can run the `codeql pack ls --groups [-][,[-]...]` command to list the packs in a workspace that match the specified set of groups. + + A {% data variables.product.prodname_codeql %} pack in the given workspace is included in the list if: + + - It is in at least one of the groups listed without a minus sign (this condition is automatically satisfied if there are no groups listed without a minus sign), and + - It is not in any group listed with a minus sign. + #### `library` - Required by library packs. @@ -479,4 +497,4 @@ Some extra notes on the following properties: - `tests`: This specifies the location of the tests. In this case, the tests are in the root folder (and all sub-folders) of the pack. -- `version`: There is no `version` property for the tests pack. This prevents test packs from accidentally being published. \ No newline at end of file +- `version`: There is no `version` property for the tests pack. This prevents test packs from accidentally being published. From 076a6964f194b17cbb53745edbd7b44eedcb8ce4 Mon Sep 17 00:00:00 2001 From: Ben Ahmady <32935794+subatoi@users.noreply.github.com> Date: Thu, 31 Aug 2023 14:14:13 +0100 Subject: [PATCH 2/4] Moves period into versioning (#41760) --- .../codeql-code-scanning-for-compiled-languages.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md index 6c9f1489b102..91f19a1ea5e6 100644 --- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md +++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md @@ -42,7 +42,7 @@ topics: {% ifversion code-scanning-without-workflow-310 %} -For {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %}, you can use default setup, which analyzes your code and automatically configures your {% data variables.product.prodname_code_scanning %}, or advanced setup, which generates a workflow file you can edit. {% ifversion codeql-swift-advanced-setup %}Default setup can analyze all compiled languages supported by {% data variables.product.prodname_codeql %}{% endif %}. For more information about advanced setup, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-advanced-setup-for-code-scanning-with-codeql)." +For {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %}, you can use default setup, which analyzes your code and automatically configures your {% data variables.product.prodname_code_scanning %}, or advanced setup, which generates a workflow file you can edit. {% ifversion codeql-swift-advanced-setup %}Default setup can analyze all compiled languages supported by {% data variables.product.prodname_codeql %}.{% endif %} For more information about advanced setup, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-advanced-setup-for-code-scanning-with-codeql)." {% ifversion code-scanning-default-setup-self-hosted-310 %} You can use default setup with self-hosted runners for all {% data variables.product.prodname_codeql %}-supported languages except Swift. Default setup will always run the `autobuild` action, so you should configure your self-hosted runners to make sure they can run all necessary commands for C/C++, C#, and Java analysis. Analysis of Javascript/Typescript, Go, Ruby, Python, and Kotlin code does not currently require special configuration. @@ -239,4 +239,4 @@ For more information about the `if` conditional, see "[AUTOTITLE](/actions/using For more tips and tricks about why `autobuild` won't build your code, see "[AUTOTITLE](/code-security/code-scanning/troubleshooting-code-scanning/automatic-build-failed-for-a-compiled-language)." -If you added manual build steps for compiled languages and {% data variables.product.prodname_code_scanning %} is still not working on your repository, contact {% data variables.contact.contact_support %}. \ No newline at end of file +If you added manual build steps for compiled languages and {% data variables.product.prodname_code_scanning %} is still not working on your repository, contact {% data variables.contact.contact_support %}. From b10eb69e8a5cbaf184036caeda68be7a204a4167 Mon Sep 17 00:00:00 2001 From: UnicodeRogue <49918839+UnicodeRogue@users.noreply.github.com> Date: Thu, 31 Aug 2023 09:17:40 -0400 Subject: [PATCH 3/4] updating permissions matrix to match documentation part 2 (#41729) --- .../repository-roles-for-an-organization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md index ecdd1a9e34b5..a5bd9bce26b2 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md @@ -145,7 +145,7 @@ Some of the features listed below are limited to organizations using {% data var | [Lock and unlock discussions](/discussions/managing-discussions-for-your-community/moderating-discussions) | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Individually convert issues to discussions](/discussions/managing-discussions-for-your-community/moderating-discussions) | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Create new discussions and comment on existing discussions](/discussions/collaborating-with-your-community-using-discussions/participating-in-a-discussion) | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | -| [Delete a discussion](/discussions/managing-discussions-for-your-community/managing-discussions#deleting-a-discussion) | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} |{% endif %}{% ifversion fpt or ghec %} +| [Delete a discussion](/discussions/managing-discussions-for-your-community/managing-discussions#deleting-a-discussion) | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} |{% endif %}{% ifversion fpt or ghec %} | [Create codespaces](/codespaces/developing-in-codespaces/creating-a-codespace-for-a-repository?tool=webui) for private{% ifversion ghec %}/internal{% endif %} repositories | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Create codespaces](/codespaces/developing-in-codespaces/creating-a-codespace-for-a-repository?tool=webui) for public repositories | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} |{% endif %} From c862a42a341efdbf0a4b71af748e830804b408ec Mon Sep 17 00:00:00 2001 From: UnicodeRogue <49918839+UnicodeRogue@users.noreply.github.com> Date: Thu, 31 Aug 2023 09:17:57 -0400 Subject: [PATCH 4/4] updating permissions matrix to match documentation (#41721) Co-authored-by: Rachael Rose Renk <91027132+rachaelrenk@users.noreply.github.com> --- .../repository-roles-for-an-organization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md index a5bd9bce26b2..1b3340c69e03 100644 --- a/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md +++ b/content/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization.md @@ -138,7 +138,7 @@ Some of the features listed below are limited to organizations using {% data var | Display a sponsor button (see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository)") | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} |{% endif %} | Create autolink references to external resources, like Jira or Zendesk (see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-autolinks-to-reference-external-resources)") | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} |{% ifversion discussions %} | [Enable {% data variables.product.prodname_discussions %}](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/enabling-or-disabling-github-discussions-for-a-repository) in a repository | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | -| [Create and edit categories](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions) for {% data variables.product.prodname_discussions %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | +| [Create and edit categories](/discussions/managing-discussions-for-your-community/managing-categories-for-discussions) for {% data variables.product.prodname_discussions %} | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Move a discussion to a different category](/discussions/managing-discussions-for-your-community/managing-discussions) | {% octicon "x" aria-label="No" %} | {% ifversion discussions-moderators-control-who-can-report %}{% octicon "check" aria-label="Yes" %}{% endif %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} || [Transfer a discussion](/discussions/managing-discussions-for-your-community/managing-discussions) to a new repository| {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Manage pinned discussions](/discussions/managing-discussions-for-your-community/managing-discussions) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | | [Convert issues to discussions in bulk](/discussions/managing-discussions-for-your-community/managing-discussions) | {% octicon "x" aria-label="No" %} | {% octicon "x" aria-label="No" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} | {% octicon "check" aria-label="Yes" %} |