Merge pull request #228 from advanced-security/v0_5_1

GeekMasher · web-flow · commit e389dc1ae37b · 2025-09-12T15:51:58.000+01:00
v0.5.1
diff --git a/.release.yml b/.release.yml
@@ -1,6 +1,6 @@
 name: codeql-extractor-iac
 repository: advanced-security/codeql-extractor-iac
-version: 0.5.0
+version: 0.5.1
 
 ecosystems:
   - "Docs"
@@ -31,4 +31,5 @@ locations:
     paths:
       - "action.yml"
     patterns:
-      - '{repository}@v{version}'
+      - "{repository}@v{version}"
+      - "advanced-security/iac-queries@{version}"
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/README.md b/README.md
@@ -26,7 +26,7 @@
 
 ```yaml
 - name: Initialize and Analyze IaC
-  uses: advanced-security/codeql-extractor-iac@v0.5.0
+  uses: advanced-security/codeql-extractor-iac@v0.5.1
 ```
 
 **Note:** See full documentation on [Workflows][docs-workflows].
diff --git a/action.yml b/action.yml
@@ -12,6 +12,12 @@ inputs:
     default: ${{ github.token }}
     required: false
 
+  rewrite-sarif-tool-name:
+    description: >
+      Whether to rewrite the SARIF tool name to "CodeQL IaC" or keep the original tool name.
+    required: false
+    default: "true"
+
 outputs:
   sarif-results:
     description: >
@@ -22,10 +28,12 @@ runs:
   using: "composite"
   steps:
     - name: "CodeQL Extractor Action"
-      uses: advanced-security/codeql-extractor-action@v0.1.0
+      uses: advanced-security/codeql-extractor-action@v0.1.5
       id: extractor
       with:
         token: ${{ inputs.token }}
-        extractors: "advanced-security/codeql-extractor-iac@v0.5.0"
-        packs: advanced-security/iac-queries
+        extractors: "advanced-security/codeql-extractor-iac@v0.5.1"
+        packs: advanced-security/iac-queries@0.5.1
         languages: "iac"
+        # Other settings
+        sarif-tool-name: ${{ inputs.rewrite-sarif-tool-name }}
diff --git a/codeql-extractor.yml b/codeql-extractor.yml
@@ -1,6 +1,6 @@
 name: "iac"
 display_name: "IAC"
-version: 0.5.0
+version: 0.5.1
 column_kind: "utf8"
 legacy_qltest_extraction: true
 github_api_languages:
diff --git a/docs/workflows.md b/docs/workflows.md
@@ -6,7 +6,7 @@ To use the CodeQL Extractor, Library, and Queries for Infrastructure as Code, yo
 
 ```yaml
 - name: Initialize and Analyze IaC
-  uses: advanced-security/codeql-extractor-iac@v0.4.1
+  uses: advanced-security/codeql-extractor-iac@v0.5.1
 ```
 
 ### Uploading SARIF files to GitHub
@@ -50,7 +50,7 @@ jobs:
 
       - name: Initialize and Analyze IaC
         id: codeql_iac
-        uses: advanced-security/codeql-extractor-iac@v0.4.1
+        uses: advanced-security/codeql-extractor-iac@v0.5.1
 
       - name: Upload SARIF file
         uses: github/codeql-action/upload-sarif@v3
diff --git a/extractor/Cargo.toml b/extractor/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "codeql-extractor-iac"
-version = "0.5.0"
+version = "0.5.1"
 authors = ["GitHub"]
 
 edition = "2024"
diff --git a/ql/lib/qlpack.yml b/ql/lib/qlpack.yml
@@ -2,7 +2,7 @@
 library: true
 warnOnImplicitThis: false
 name: advanced-security/iac-all
-version: 0.5.0
+version: 0.5.1
 dependencies:
   codeql/util: ^1.0.12
   codeql/yaml: ^1.0.25
diff --git a/ql/src/qlpack.yml b/ql/src/qlpack.yml
@@ -1,5 +1,5 @@
 name: advanced-security/iac-queries
-version: 0.5.0
+version: 0.5.1
 groups: 
   - iac
   - queries

-Original file line number
+Diff line change
 ```yaml
 - name: Initialize and Analyze IaC
 -  uses: advanced-security/[email protected].0
 +  uses: advanced-security/[email protected].1
 ```
 **Note:** See full documentation on [Workflows][docs-workflows].