Skip to content

Support security-experimental as a well-known suite #1519

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
angelapwen merged 6 commits into from
Feb 6, 2023
Merged

Support security-experimental as a well-known suite #1519

angelapwen merged 6 commits into from
Feb 6, 2023

Conversation

@angelapwen
Copy link
Contributor

@angelapwen angelapwen commented Feb 3, 2023
edited
Loading

This change adds security-experimental as a well-known query suite that can be specified under the queries input. Note that this change is intended for internal/field users and will not be publicized in our changelog or documentation.

The suite will be supported for CLI versions 2.11.1+, and an error will be thrown if the suite was specified but the CLI version is not up to date.

As security-experimental includes the ML-powered queries, we test via the existing ML-powered query tests.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Confirm the readme has been updated if necessary.
  • Confirm the changelog has been updated if necessary.

@angelapwen angelapwen force-pushed the support-security-experimental branch from 5039ea0 to 5e71946 Compare February 3, 2023 21:51
@angelapwen angelapwen force-pushed the support-security-experimental branch from 5e71946 to 8c8bc11 Compare February 3, 2023 22:14
@angelapwen angelapwen marked this pull request as ready for review February 4, 2023 03:00
@angelapwen angelapwen requested a review from a team as a code owner February 4, 2023 03:00
@angelapwen
Copy link
Contributor Author

angelapwen commented Feb 4, 2023

Skipped/failing test is unrelated (observed on other SHAs as well) so marking ready for review.

henrymercer
henrymercer reviewed Feb 6, 2023
View reviewed changes
Copy link
Contributor

@henrymercer henrymercer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Another thing to consider is adding the security-experimental suite to .github/codeql/codeql-config.yml. This would give us a little more assurance that this suite will continue working.

@angelapwen
Copy link
Contributor Author

angelapwen commented Feb 6, 2023

Have added the suite into .github/codeql/codeql-config.yml — thank you, I had meant to do that but it slipped my mind!

henrymercer
henrymercer previously approved these changes Feb 6, 2023
View reviewed changes
Copy link
Contributor

@henrymercer henrymercer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, though I realise now that we run the CodeQL check using both the latest and the cached tools, so we'll probably have to wait until 2.12.2 is released before we can update .github/codeql/codeql-config.yml.

@angelapwen
Copy link
Contributor Author

angelapwen commented Feb 6, 2023

Ah yeah that makes sense. I've made the changes and will make a note for the two follow-up changes (adding the suite to codeql-config.yml after the 2.12.2 release, and improving the linter)

@angelapwen angelapwen enabled auto-merge (squash) February 6, 2023 18:57
@angelapwen angelapwen merged commit 39c954c into github:main Feb 6, 2023
@angelapwen angelapwen deleted the support-security-experimental branch February 6, 2023 22:10
@github-actions github-actions bot mentioned this pull request Feb 8, 2023
Merged
6 tasks
@angelapwen angelapwen mentioned this pull request Mar 7, 2023
Merged
3 tasks
This was referenced Jun 21, 2023
Open
Open
Open
Open
Open
This was referenced Jun 22, 2023
Open
Open
Open
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@henrymercer henrymercer henrymercer approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@angelapwen @henrymercer