From 2d18b49be43e55f742438b334997dacd78a460f9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 8 Feb 2024 06:26:22 -0800
Subject: [PATCH 1/2] pip: bump edk2-pytool-library from 0.20.0 to 0.21.2
(#433)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps
[edk2-pytool-library](https://github.com/tianocore/edk2-pytool-library)
from 0.20.0 to 0.21.2.
Release notes
Sourced from edk2-pytool-library's
releases.
v0.21.2
Dependency Updates
Full Changelog: https://github.com/tianocore/edk2-pytool-library/compare/v0.21.1...v0.21.2
v0.21.1
What's Changed
Dependency Updates
Full Changelog: https://github.com/tianocore/edk2-pytool-library/compare/v0.20.0...v0.21.1
Commits
f116146
build(deps-dev): bump ruff from 0.1.14 to 0.2.0 (#502)6456408
build(deps-dev): bump mkdocs-material from 9.5.6 to 9.5.7 (#503)6830d7c
build(deps): bump codecov/codecov-action from 3 to 4 (#504)ce85203
upgrade markdownlint-cli (#501)af49723
instanced_inf_table: include NULL libs (#499)b5c4a66
source_table: Add optional source analysis. (#498)f680bad
build(deps-dev): bump coverage from 7.4.0 to 7.4.1 (#496)99b1a7f
build(deps-dev): bump pytest from 7.4.4 to 8.0.0 (#497)a8e12f1
build(deps-dev): bump black from 23.12.1 to 24.1.1 (#495)e71d480
build(deps-dev): bump mkdocs-material from 9.5.4 to 9.5.6 (#494)- Additional commits viewable in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
pip-requirements.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pip-requirements.txt b/pip-requirements.txt
index c5fa989b04..f4241df1ae 100644
--- a/pip-requirements.txt
+++ b/pip-requirements.txt
@@ -12,7 +12,7 @@
# https://www.python.org/dev/peps/pep-0440/#version-specifiers
##
-edk2-pytool-library==0.20.0
+edk2-pytool-library==0.21.2
edk2-pytool-extensions==0.27.2
edk2-basetools==0.1.29
antlr4-python3-runtime==4.13.1
From 1432641b7759a9b380e7c943aa367b973834128f Mon Sep 17 00:00:00 2001
From: "Project Mu UEFI Bot [bot]" <45776386+uefibot@users.noreply.github.com>
Date: Thu, 8 Feb 2024 09:57:29 -0500
Subject: [PATCH 2/2] Repo File Sync: Improve inline documentation in CodeQL
workflow (#436)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
synced local file(s) with
[microsoft/mu_devops](https://github.com/microsoft/mu_devops).
🤖: View the [Repo File Sync Configuration
File](https://github.com/microsoft/mu_devops/blob/main/.sync/Files.yml)
to see how files are synced.
---
This PR was created automatically by the
[repo-file-sync-action](https://github.com/BetaHuhn/repo-file-sync-action)
workflow run
[#7827181619](https://github.com/microsoft/mu_devops/actions/runs/7827181619)
Signed-off-by: Project Mu UEFI Bot
---
.github/workflows/codeql.yml | 26 +++++++++++++++++++++-----
1 file changed, 21 insertions(+), 5 deletions(-)
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 01b85ee5e7..a44eb4d25b 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -2,13 +2,15 @@
#
# Results are uploaded to GitHub Code Scanning.
#
-# Note: Important: This file currently only works with "CI" builds. "Platform" builds can
-# be supported without much effort but that will be done in the future.
+# Note: Important: This file only works with "CI" builds. "Platform" builds are
+# supported with the codeql-platform.yml file.
#
# Note: This workflow only supports Windows as CodeQL CLI has confirmed issues running
# against edk2-style codebases on Linux (only tested on Ubuntu). Therefore, this
# workflow is written only for Windows but could easily be adapted to run on Linux
-# in the future if needed (e.g. swap out "windows" with agent OS var value, etc.)
+# in the future if needed (e.g. swap out "windows" with agent OS var value, etc.).
+#
+# For details about the Linux issue see: https://github.com/github/codeql-action/issues/1338
#
# NOTE: This file is automatically synchronized from Mu DevOps. Update the original file there
# instead of the file in this repo.
@@ -270,7 +272,14 @@ jobs:
import sys
from pathlib import Path
- # Find the plugin directory that contains the CodeQL plugin
+ #
+ # Find the plugin directory that contains the CodeQL plugin.
+ #
+ # Prior to Mu Basecore 202311, the CodeQL plugin was located in .pytool. After it
+ # is located in BaseTools. First check BaseTools, but consider .pytool as a backup
+ # for backward compatibility. The .pytool backup can be removed when no longer needed
+ # for supported branches.
+ #
plugin_dir = list(Path(os.environ['GITHUB_WORKSPACE']).rglob('BaseTools/Plugin/CodeQL'))
if not plugin_dir:
plugin_dir = list(Path(os.environ['GITHUB_WORKSPACE']).rglob('.pytool/Plugin/CodeQL'))
@@ -352,7 +361,14 @@ jobs:
import shutil
from pathlib import Path
- # Only these two plugins are needed for CodeQL
+ # Only these two plugins are needed for CodeQL.
+ #
+ # CodeQL build time is reduced by removing other plugins that are not needed for the CodeQL
+ # build in the .pytool directory. The CompilerPlugin is required to compile code for CodeQL
+ # to extract results from and the CodeQL plugin is necessary to to analyze the results and
+ # build the CodeQL database from them. The CodeQL plugin should be in BaseTools moving forward
+ # but still might be in .pytool in older branches so it is kept here as an exception.
+ #
plugins_to_keep = ['CodeQL', 'CompilerPlugin']
plugin_dir = Path(os.environ['PYTOOL_PLUGIN_DIR']).absolute()