diff --git a/.all-contributorsrc b/.all-contributorsrc index fce1e30b62dc..7beffebfe1ab 100644 --- a/.all-contributorsrc +++ b/.all-contributorsrc @@ -367,8 +367,17 @@ "contributions": [ "content" ] - } - ], + }, + { + "login": "Protectator", + "name": "Kewin Dousse", + "avatar_url": "https://avatars3.githubusercontent.com/u/1529017?v=4", + "profile": "https://www.kewindousse.ch", + "contributions": [ + "content" + ] + }, + { "contributorsPerLine": 7, "projectName": "docs", "projectOwner": "github", diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index eb71a6edef7a..3eb7f05d4013 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -3,16 +3,21 @@ # https://help.github.com/articles/about-codeowners # https://git-scm.com/docs/gitignore -/translations/ @github/docs-localization @github-actions +# Engineering *.js @github/docs-engineering /.github/ @github/docs-engineering /script/ @github/docs-engineering app.json @github/docs-engineering -crowdin.yml @github/docs-engineering Dockerfile @github/docs-engineering package-lock.json @github/docs-engineering package.json @github/docs-engineering +# Localization +/.github/workflows/crowdin.yml @github/docs-localization +/crowdin*.yml @github/docs-engineering @github/docs-localization +/translations/ @github/docs-engineering @github/docs-localization @github-actions + +# Site Policy /content/github/site-policy/ @github/site-policy-admins # Make sure that Octokit maintainers get notified about changes diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml index 48100cbbe1d0..89b4f42689e6 100644 --- a/.github/workflows/crowdin.yml +++ b/.github/workflows/crowdin.yml @@ -3,6 +3,7 @@ name: Crowdin Sync on: + workflow_dispatch: push: branches: - main @@ -10,6 +11,7 @@ on: jobs: sync_with_crowdin: name: Sync with Crowdin + if: github.repository == 'github/docs-internal' runs-on: ubuntu-latest steps: - name: Checkout @@ -18,7 +20,7 @@ jobs: - name: Sync uses: crowdin/github-action@1.0.10 with: - upload_translations: true + upload_translations: false download_translations: true create_pull_request: true @@ -47,4 +49,4 @@ jobs: # This token was created by logging into Crowdin with the octoglot user CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }} - \ No newline at end of file + diff --git a/.github/workflows/merged-notification.yml b/.github/workflows/merged-notification.yml index 2251541a639e..8e821a002009 100644 --- a/.github/workflows/merged-notification.yml +++ b/.github/workflows/merged-notification.yml @@ -1,5 +1,5 @@ on: - pull_request: + pull_request_target: types: ['closed'] jobs: diff --git a/README.md b/README.md index 62b090fdfa38..d0eb8248f461 100644 --- a/README.md +++ b/README.md @@ -127,6 +127,7 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
Chiedo John
💻
Paul Schifferer
🖋 +
Kewin Dousse
🖋 diff --git a/content/github/collaborating-with-issues-and-pull-requests/about-comparing-branches-in-pull-requests.md b/content/github/collaborating-with-issues-and-pull-requests/about-comparing-branches-in-pull-requests.md index bf7cded43c3c..c66689d29b11 100644 --- a/content/github/collaborating-with-issues-and-pull-requests/about-comparing-branches-in-pull-requests.md +++ b/content/github/collaborating-with-issues-and-pull-requests/about-comparing-branches-in-pull-requests.md @@ -54,7 +54,7 @@ A two-dot diff compares two Git committish references, such as SHAs or OIDs (Obj If you want to simulate a two-dot diff in a pull request and see a comparison between the most recent versions of each branch, you can merge the base branch into your topic branch, which updates the last common ancestor between your branches. -For more information about Git commands to compare changes, see "[Git diff options ](https://git-scm.com/docs/git-diff#git-diff-emgitdiffemltoptionsgtltcommitgtltcommitgt--ltpathgt82308203)" from the _Pro Git_ book site. +For more information about Git commands to compare changes, see "[Git diff options](https://git-scm.com/docs/git-diff#git-diff-emgitdiffemltoptionsgtltcommitgtltcommitgt--ltpathgt82308203)" from the _Pro Git_ book site. ### Reasons diffs will not display - You've exceeded the total limit of files or certain file types. For more information, see "[Limits for viewing content and diffs in a repository](/articles/limits-for-viewing-content-and-diffs-in-a-repository/#diff-limits)." diff --git a/content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md b/content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md index 7906c341ae70..af2300e7a3c5 100644 --- a/content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md +++ b/content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md @@ -130,6 +130,52 @@ If your workflow does not contain a matrix called `language`, then {% data varia with: languages: cpp, csharp, python ``` +{% if currentVersion == "free-pro-team@latest" %} +### Analyzing Python dependencies + +For GitHub-hosted runners that use Linux only, the {% data variables.product.prodname_codeql_workflow %} will try to auto-install Python dependencies to give more results for the CodeQL analysis. You can control this behavior by specifying the `setup-python-dependencies` parameter for the action called by the "Initialize CodeQL" step. By default, this parameter is set to `true`: + +- If the repository contains code written in Python, the "Initialize CodeQL" step installs the necessary dependencies on the GitHub-hosted runner. If the auto-install succeeds, the action also sets the environment variable `CODEQL_PYTHON` to the Python executable file that includes the dependencies. + +- If the repository doesn't have any Python dependencies, or the dependencies are specified in an unexpected way, you'll get a warning and the action will continue with the remaining jobs. The action can run successfully even when there are problems interpreting dependencies, but the results may be incomplete. + +Alternatively, you can install Python dependencies manually on any operating system. You will need to add `setup-python-dependencies` and set it to `false`, as well as set `CODEQL_PYTHON` to the Python executable that includes the dependencies, as shown in this workflow extract: + +```yaml +jobs: + CodeQL-Build: + + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + with: + fetch-depth: 2 + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: '3.x' + - name: Install dependencies + run: | + python -m pip install --upgrade pip + if [ -f requirements.txt ]; + then pip install -r requirements.txt; + fi + # Set the `CODEQL-PYTHON` environment variable to the Python executable + # that includes the dependencies + echo "::set-env name=CODEQL_PYTHON::$(which python)" + - run: git checkout HEAD^2 + if: ${{ github.event_name == 'pull_request' }} + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: python + # Override the default behavior so that the action doesn't attempt + # to auto-install Python dependencies + setup-python-dependencies: false +``` +{% endif %} ### Running additional queries diff --git a/content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow.md b/content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow.md index baadd06ebb14..f42dbb3db617 100644 --- a/content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow.md +++ b/content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow.md @@ -114,3 +114,12 @@ If you split your analysis into multiple workflows as described above, we still #### Run only during a `schedule` event If your analysis is still too slow to be run during `push` or `pull_request` events, then you may want to only trigger analysis on the `schedule` event. For more information, see "[Events](/actions/learn-github-actions/introduction-to-github-actions#events)." + +{% if currentVersion == "free-pro-team@latest" %} +### Results differ between analysis platforms + +If you are analyzing code written in Python, you may see different results depending on whether you run the {% data variables.product.prodname_codeql_workflow %} on Linux, macOS, or Windows. + +On GitHub-hosted runners that use Linux, the {% data variables.product.prodname_codeql_workflow %} tries to install and analyze Python dependencies, which could lead to more results. To disable the auto-install, add `setup-python-dependencies: false` to the "Initialize CodeQL" step of the workflow. For more information about configuring the analysis of Python dependencies, see "[Analyzing Python dependencies](/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#analyzing-python-dependencies)." + +{% endif %} \ No newline at end of file