github
diff --git a/‎README.md
Lines changed: 0 additions & 2 deletions b/‎README.md
Lines changed: 0 additions & 2 deletions
diff --git a/‎lib/finalize-db.js
Lines changed: 2 additions & 2 deletions b/‎lib/finalize-db.js
Lines changed: 2 additions & 2 deletions
diff --git a/‎lib/upload-lib.js
Lines changed: 3 additions & 1 deletion b/‎lib/upload-lib.js
Lines changed: 3 additions & 1 deletion
diff --git a/‎lib/util.js
Lines changed: 18 additions & 0 deletions b/‎lib/util.js
Lines changed: 18 additions & 0 deletions
diff --git a/‎package-lock.json
Lines changed: 3 additions & 3 deletions b/‎package-lock.json
Lines changed: 3 additions & 3 deletions
diff --git a/‎package.json
Lines changed: 1 addition & 1 deletion b/‎package.json
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/finalize-db.ts
Lines changed: 2 additions & 2 deletions b/‎src/finalize-db.ts
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/testdata/tool-names.sarif
Lines changed: 41 additions & 0 deletions b/‎src/testdata/tool-names.sarif
Lines changed: 41 additions & 0 deletions
diff --git a/‎src/upload-lib.ts
Lines changed: 4 additions & 1 deletion b/‎src/upload-lib.ts
Lines changed: 4 additions & 1 deletion
diff --git a/‎src/util.test.ts
Lines changed: 9 additions & 0 deletions b/‎src/util.test.ts
Lines changed: 9 additions & 0 deletions
@@ -2,8 +2,6 @@
 
 This action runs GitHub's industry-leading static analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of [queries](https://github.com/semmle/ql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code.
 
-[Sign up for the Advanced Security beta](https://github.com/features/security/advanced-security/signup)
-
 ## Usage
 
 To get code scanning results from CodeQL analysis on your repo you can use the following workflow as a template:
 
@@ -12,7 +12,7 @@
   "dependencies": {
     "@actions/core": "^1.0.0",
     "@actions/exec": "^1.0.1",
-    "@actions/http-client": "^1.0.4",
+    "@actions/http-client": "^1.0.8",
     "@actions/io": "^1.0.1",
     "@actions/tool-cache": "^1.1.2",
     "@octokit/rest": "^17.1.0",
 
@@ -82,13 +82,13 @@ async function resolveQueryLanguages(codeqlCmd: string, config: configUtils.Conf
     const noDeclaredLanguage = resolveQueriesOutputObject.noDeclaredLanguage;
     const noDeclaredLanguageQueries = Object.keys(noDeclaredLanguage);
     if (noDeclaredLanguageQueries.length !== 0) {
-      core.warning('Some queries do not declare a language:\n' + noDeclaredLanguageQueries.join('\n'));
+      throw new Error('Some queries do not declare a language, their qlpack.yml file is missing or is invalid');
     }
 
     const multipleDeclaredLanguages = resolveQueriesOutputObject.multipleDeclaredLanguages;
     const multipleDeclaredLanguagesQueries = Object.keys(multipleDeclaredLanguages);
     if (multipleDeclaredLanguagesQueries.length !== 0) {
-      core.warning('Some queries declare multiple languages:\n' + multipleDeclaredLanguagesQueries.join('\n'));
+      throw new Error('Some queries declare multiple languages, their qlpack.yml file is missing or is invalid');
     }
   }
 
 
@@ -0,0 +1,41 @@
+{
+  "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
+  "version": "2.1.0",
+  "runs": [
+    {
+      "tool": {
+        "driver": {
+          "name": "CodeQL command-line toolchain"
+        }
+      }
+    },
+    {
+      "tool": {
+        "driver": {
+          "name": "CodeQL command-line toolchain"
+        }
+      }
+    },
+    {
+      "tool": {
+        "driver": {
+          "name": "ESLint"
+        }
+      }
+    },
+    {
+      "tool": {
+        "driver": {
+          "name": ""
+        }
+      }
+    },
+    {
+      "tool": {
+        "driver": {
+          "name": null
+        }
+      }
+    }
+  ]
+}
@@ -98,6 +98,8 @@ async function uploadFiles(sarifFiles: string[]) {
             matrix = undefined;
         }
 
+        const toolNames = util.getToolNames(sarifPayload);
+
         const payload = JSON.stringify({
             "commit_oid": commitOid,
             "ref": ref,
@@ -106,7 +108,8 @@ async function uploadFiles(sarifFiles: string[]) {
             "workflow_run_id": workflowRunID,
             "checkout_uri": checkoutURI,
             "environment": matrix,
-            "started_at": startedAt
+            "started_at": startedAt,
+            "tool_names": toolNames,
         });
 
         core.info('Uploading results');
 
@@ -0,0 +1,9 @@
+import * as fs from 'fs';
+
+import * as util from './util';
+
+test('getToolNames', () => {
+  const input = fs.readFileSync(__dirname + '/testdata/tool-names.sarif', 'utf8')
+  const toolNames = util.getToolNames(input);
+  expect(toolNames).toStrictEqual(["CodeQL command-line toolchain", "ESLint"])
+})
Original file line number	Diff line number	Diff line change
`@@ -82,13 +82,13 @@ async function resolveQueryLanguages(codeqlCmd: string, config: configUtils.Conf`
`82`	`82`	`const noDeclaredLanguage = resolveQueriesOutputObject.noDeclaredLanguage;`
`83`	`83`	`const noDeclaredLanguageQueries = Object.keys(noDeclaredLanguage);`
`84`	`84`	`if (noDeclaredLanguageQueries.length !== 0) {`
`85`		`- core.warning('Some queries do not declare a language:\n' + noDeclaredLanguageQueries.join('\n'));`
	`85`	`+ throw new Error('Some queries do not declare a language, their qlpack.yml file is missing or is invalid');`
`86`	`86`	`}`
`87`	`87`
`88`	`88`	`const multipleDeclaredLanguages = resolveQueriesOutputObject.multipleDeclaredLanguages;`
`89`	`89`	`const multipleDeclaredLanguagesQueries = Object.keys(multipleDeclaredLanguages);`
`90`	`90`	`if (multipleDeclaredLanguagesQueries.length !== 0) {`
`91`		`- core.warning('Some queries declare multiple languages:\n' + multipleDeclaredLanguagesQueries.join('\n'));`
	`91`	`+ throw new Error('Some queries declare multiple languages, their qlpack.yml file is missing or is invalid');`
`92`	`92`	`}`
`93`	`93`	`}`
`94`	`94`