robojerk/codeql-action

Remove support for CodeQL v2.12.5 and earlier

Browse source
This commit is contained in:
Henry Mercer 2024-04-09 12:29:14 +01:00
parent 2f0d0eaebd
commit 1a60a91726
19 changed files with 45 additions and 315 deletions
Download patch file Download diff file Expand all files Collapse all files

59
src/codeql.ts
View file

@ -303,23 +303,6 @@ const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
* flag is older than the oldest supported version above, it may be removed.
*/
/**
* Versions 2.12.1+ of the CodeQL Bundle include a `security-experimental` built-in query suite for
* each language.
*/
export const CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = "2.12.1";
/**
* Versions 2.12.3+ of the CodeQL CLI support exporting configuration information from a code
* scanning config file to SARIF.
*/
export const CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = "2.12.3";
/**
* Versions 2.12.4+ of the CodeQL CLI support the `--qlconfig-file` flag in calls to `database init`.
*/
export const CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
/**
* Versions 2.13.1+ of the CodeQL CLI fix a bug where diagnostics export could produce invalid SARIF.
*/
@ -602,10 +585,7 @@ export async function getCodeQLForCmd(
) {
extraArgs.push(`--build-mode=${config.buildMode}`);
}
if (
qlconfigFile !== undefined &&
(await util.codeQlVersionAbove(this, CODEQL_VERSION_INIT_WITH_QLCONFIG))
) {
if (qlconfigFile !== undefined) {
extraArgs.push(`--qlconfig-file=${qlconfigFile}`);
}
@ -817,13 +797,11 @@ export async function getCodeQLForCmd(
"run-queries",
...flags,
databasePath,
"--expect-discarded-cache",
"--min-disk-free=1024", // Try to leave at least 1GB free
"-v",
...getExtraOptionsFromEnv(["database", "run-queries"]),
];
if (await util.supportExpectDiscardedCache(this)) {
codeqlArgs.push("--expect-discarded-cache");
}
if (
await util.codeQlVersionAbove(
this,
@ -867,7 +845,9 @@ export async function getCodeQLForCmd(
"--print-diagnostics-summary",
"--print-metrics-summary",
"--sarif-add-baseline-file-info",
...(await getCodeScanningConfigExportArguments(config, this)),
`--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(
config,
)}`,
"--sarif-group-rules-by-pack",
...(await getCodeScanningQueryHelpArguments(this)),
...getExtraOptionsFromEnv(["database", "interpret-results"]),
@ -887,7 +867,7 @@ export async function getCodeQLForCmd(
}
if (shouldExportDiagnostics) {
codeqlArgs.push("--sarif-include-diagnostics");
} else if (await util.codeQlVersionAbove(this, "2.12.4")) {
} else {
codeqlArgs.push("--no-sarif-include-diagnostics");
}
if (
@ -1051,7 +1031,9 @@ export async function getCodeQLForCmd(
"export",
"--format=sarif-latest",
`--output=${sarifFile}`,
...(await getCodeScanningConfigExportArguments(config, this)),
`--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(
config,
)}`,
...getExtraOptionsFromEnv(["diagnostics", "export"]),
];
if (automationDetailsId !== undefined) {
@ -1334,29 +1316,6 @@ function cloneObject<T>(obj: T): T {
return JSON.parse(JSON.stringify(obj));
}
/**
* Gets arguments for passing the code scanning configuration file to interpretation commands like
* `codeql database interpret-results` and `codeql database export-diagnostics`.
*
* Returns an empty list if a code scanning configuration file was not generated by the CLI.
*/
async function getCodeScanningConfigExportArguments(
config: Config,
codeql: CodeQL,
): Promise<string[]> {
const codeScanningConfigPath = getGeneratedCodeScanningConfigPath(config);
if (
fs.existsSync(codeScanningConfigPath) &&
(await util.codeQlVersionAbove(
codeql,
CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG,
))
) {
return ["--sarif-codescanning-config", codeScanningConfigPath];
}
return [];
}
// This constant sets the size of each TRAP cache in megabytes.
const TRAP_CACHE_SIZE_MB = 1024;