Remove support for CodeQL v2.12.5 and earlier

lib/cli-errors.js

@@ -2,7 +2,6 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.wrapCliConfigurationError = exports.getCliConfigCategoryIfExists = exports.cliErrorsConfig = exports.CliConfigErrorCategory = exports.CommandInvocationError = void 0;
 const util_1 = require("./util");
-const NO_SOURCE_CODE_SEEN_DOCS_LINK = "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build";
 /**
  * A class of Error that we can classify as an error stemming from a CLI
  * invocation, with associated exit code, stderr,etc.
@@ -177,15 +176,6 @@ exports.cliErrorsConfig = {
         cliErrorMessageCandidates: [
             new RegExp("CodeQL detected code written in .* but could not process any of it"),
             new RegExp("CodeQL did not detect any code written in languages supported by CodeQL"),
-            /**
-             * Earlier versions of the JavaScript extractor (pre-CodeQL 2.12.0) extract externs even if no
-             * source code was found. This means that we don't get the no code found error from
-             * `codeql database finalize`. To ensure users get a good error message, we detect this manually
-             * here, and upon detection override the error message.
-             *
-             * This can be removed once support for CodeQL 2.11.6 is removed.
-             */
-            new RegExp("No JavaScript or TypeScript code found"),
         ],
     },
     [CliConfigErrorCategory.NoSupportedBuildCommandSucceeded]: {
@@ -226,17 +216,6 @@ function getCliConfigCategoryIfExists(cliError) {
     return undefined;
 }
 exports.getCliConfigCategoryIfExists = getCliConfigCategoryIfExists;
-/**
- * Prepend a clearer error message with the docs link if the error message does not already
- * include it. Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs
- * should already include the doc link.
- */
-function prependDocsLinkIfApplicable(cliErrorMessage) {
-    if (!cliErrorMessage.includes(NO_SOURCE_CODE_SEEN_DOCS_LINK)) {
-        return `No code found during the build. Please see: ${NO_SOURCE_CODE_SEEN_DOCS_LINK}. Detailed error: ${cliErrorMessage}`;
-    }
-    return cliErrorMessage;
-}
 /**
  * Changes an error received from the CLI to a ConfigurationError with optionally an extra
  * error message appended, if it exists in a known set of configuration errors. Otherwise,
@@ -251,11 +230,6 @@ function wrapCliConfigurationError(cliError) {
         return cliError;
     }
     let errorMessageBuilder = cliError.message;
-    // Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs should
-    // already include the doc link.
-    if (cliConfigErrorCategory === CliConfigErrorCategory.NoSourceCodeSeen) {
-        errorMessageBuilder = prependDocsLinkIfApplicable(errorMessageBuilder);
-    }
     const additionalErrorMessageToAppend = exports.cliErrorsConfig[cliConfigErrorCategory].additionalErrorMessageToAppend;
     if (additionalErrorMessageToAppend !== undefined) {
         errorMessageBuilder = `${errorMessageBuilder} ${additionalErrorMessageToAppend}`;

lib/codeql.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getGeneratedCodeScanningConfigPath = exports.getTrapCachingExtractorConfigArgsForLang = exports.getTrapCachingExtractorConfigArgs = exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = void 0;
+exports.getGeneratedCodeScanningConfigPath = exports.getTrapCachingExtractorConfigArgsForLang = exports.getTrapCachingExtractorConfigArgs = exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
@@ -74,20 +74,6 @@ const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
  * For convenience, please keep these in descending order. Once a version
  * flag is older than the oldest supported version above, it may be removed.
  */
-/**
- * Versions 2.12.1+ of the CodeQL Bundle include a `security-experimental` built-in query suite for
- * each language.
- */
-exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = "2.12.1";
-/**
- * Versions 2.12.3+ of the CodeQL CLI support exporting configuration information from a code
- * scanning config file to SARIF.
- */
-exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = "2.12.3";
-/**
- * Versions 2.12.4+ of the CodeQL CLI support the `--qlconfig-file` flag in calls to `database init`.
- */
-exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
 /**
  * Versions 2.13.1+ of the CodeQL CLI fix a bug where diagnostics export could produce invalid SARIF.
  */
@@ -285,8 +271,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 (await this.supportsFeature(tools_features_1.ToolsFeature.BuildModeOption))) {
                 extraArgs.push(`--build-mode=${config.buildMode}`);
             }
-            if (qlconfigFile !== undefined &&
+            if (qlconfigFile !== undefined) {
-                (await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_INIT_WITH_QLCONFIG))) {
                 extraArgs.push(`--qlconfig-file=${qlconfigFile}`);
             }
             if (await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG)) {
@@ -454,13 +439,11 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 "run-queries",
                 ...flags,
                 databasePath,
+                "--expect-discarded-cache",
                 "--min-disk-free=1024", // Try to leave at least 1GB free
                 "-v",
                 ...getExtraOptionsFromEnv(["database", "run-queries"]),
             ];
-            if (await util.supportExpectDiscardedCache(this)) {
-                codeqlArgs.push("--expect-discarded-cache");
-            }
             if (await util.codeQlVersionAbove(this, feature_flags_1.CODEQL_VERSION_FINE_GRAINED_PARALLELISM)) {
                 codeqlArgs.push("--intra-layer-parallelism");
             }
@@ -484,7 +467,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 "--print-diagnostics-summary",
                 "--print-metrics-summary",
                 "--sarif-add-baseline-file-info",
-                ...(await getCodeScanningConfigExportArguments(config, this)),
+                `--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(config)}`,
                 "--sarif-group-rules-by-pack",
                 ...(await getCodeScanningQueryHelpArguments(this)),
                 ...getExtraOptionsFromEnv(["database", "interpret-results"]),
@@ -501,7 +484,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             if (shouldExportDiagnostics) {
                 codeqlArgs.push("--sarif-include-diagnostics");
             }
-            else if (await util.codeQlVersionAbove(this, "2.12.4")) {
+            else {
                 codeqlArgs.push("--no-sarif-include-diagnostics");
             }
             if ((await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2)) &&
@@ -627,7 +610,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 "export",
                 "--format=sarif-latest",
                 `--output=${sarifFile}`,
-                ...(await getCodeScanningConfigExportArguments(config, this)),
+                `--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(config)}`,
                 ...getExtraOptionsFromEnv(["diagnostics", "export"]),
             ];
             if (automationDetailsId !== undefined) {
@@ -852,20 +835,6 @@ async function generateCodeScanningConfig(config, logger) {
 function cloneObject(obj) {
     return JSON.parse(JSON.stringify(obj));
 }
-/**
- * Gets arguments for passing the code scanning configuration file to interpretation commands like
- * `codeql database interpret-results` and `codeql database export-diagnostics`.
- *
- * Returns an empty list if a code scanning configuration file was not generated by the CLI.
- */
-async function getCodeScanningConfigExportArguments(config, codeql) {
-    const codeScanningConfigPath = getGeneratedCodeScanningConfigPath(config);
-    if (fs.existsSync(codeScanningConfigPath) &&
-        (await util.codeQlVersionAbove(codeql, exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG))) {
-        return ["--sarif-codescanning-config", codeScanningConfigPath];
-    }
-    return [];
-}
 // This constant sets the size of each TRAP cache in megabytes.
 const TRAP_CACHE_SIZE_MB = 1024;
 async function getTrapCachingExtractorConfigArgs(config) {

lib/codeql.test.js

@@ -262,7 +262,7 @@ for (const toolcacheVersion of [
         mockApiDetails(testing_utils_1.SAMPLE_DOTCOM_API_DETAILS);
         sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
         const releasesApiMock = mockReleaseApi({
-            assetNames: ["cli-version-2.12.2.txt"],
+            assetNames: ["cli-version-2.12.6.txt"],
             tagName: "codeql-bundle-20230203",
         });
         (0, testing_utils_1.mockBundleDownloadApi)({
@@ -450,9 +450,7 @@ const injectedConfigMacro = ava_1.default.macro({
     await util.withTmpDir(async (tempDir) => {
         const runnerConstructorStub = stubToolRunnerConstructor();
         const codeqlObject = await codeql.getCodeQLForTesting();
-        sinon
+        sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
-            .stub(codeqlObject, "getVersion")
-            .resolves((0, testing_utils_1.makeVersionInfo)(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG));
         await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, "/path/to/qlconfig.yml", (0, logging_1.getRunnerLogger)(true));
         const args = runnerConstructorStub.firstCall.args[1];
         // should have used a config file
@@ -463,28 +461,11 @@ const injectedConfigMacro = ava_1.default.macro({
         t.truthy(hasQlconfigArg, "Should have injected a codescanning config");
     });
 });
-(0, ava_1.default)("passes a code scanning config BUT NOT a qlconfig to the CLI for CodeQL v2.12.2", async (t) => {
-    await util.withTmpDir(async (tempDir) => {
-        const runnerConstructorStub = stubToolRunnerConstructor();
-        const codeqlObject = await codeql.getCodeQLForTesting();
-        sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.2"));
-        await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, "/path/to/qlconfig.yml", (0, logging_1.getRunnerLogger)(true));
-        const args = runnerConstructorStub.firstCall.args[1];
-        // should have used a config file
-        const hasCodeScanningConfigArg = args.some((arg) => arg.startsWith("--codescanning-config="));
-        t.true(hasCodeScanningConfigArg, "Should have injected a codescanning config");
-        // should not have passed a qlconfig file
-        const hasQlconfigArg = args.some((arg) => arg.startsWith("--qlconfig-file="));
-        t.false(hasQlconfigArg, "should NOT have injected a qlconfig");
-    });
-});
 (0, ava_1.default)("does not pass a qlconfig to the CLI when it is undefined", async (t) => {
     await util.withTmpDir(async (tempDir) => {
         const runnerConstructorStub = stubToolRunnerConstructor();
         const codeqlObject = await codeql.getCodeQLForTesting();
-        sinon
+        sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
-            .stub(codeqlObject, "getVersion")
-            .resolves((0, testing_utils_1.makeVersionInfo)(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG));
         await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, undefined, // undefined qlconfigFile
         (0, logging_1.getRunnerLogger)(true));
         const args = runnerConstructorStub.firstCall.args[1];
@@ -545,39 +526,12 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
         t.is(runnerConstructorStub.firstCall.args[1].includes("--no-new-analysis-summary"), negativeFlagPassed, `--no-new-analysis-summary should${negativeFlagPassed ? "" : "n't"} be passed`);
     });
 }
-(0, ava_1.default)("database finalize recognises JavaScript no code found error on CodeQL 2.11.6", async (t) => {
+(0, ava_1.default)("database finalize does not override no code found error on CodeQL 2.12.6", async (t) => {
-    stubToolRunnerConstructor(1, `2020-09-07T17:39:53.9050522Z [2020-09-07 17:39:53] [build] Done extracting /opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/javascript/tools/data/externs/web/ie_vml.js (3 ms)
-    2020-09-07T17:39:53.9051849Z [2020-09-07 17:39:53] [build-err] No JavaScript or TypeScript code found.
-    2020-09-07T17:39:53.9052444Z [2020-09-07 17:39:53] [build-err] No JavaScript or TypeScript code found.
-    2020-09-07T17:39:53.9251124Z [2020-09-07 17:39:53] [ERROR] Spawned process exited abnormally (code 255; tried to run: [/opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/javascript/tools/autobuild.sh])`);
-    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.11.6"));
-    // safeWhich throws because of the test CodeQL object.
-    sinon.stub(safeWhich, "safeWhich").resolves("");
-    await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("", "", "", false), {
-        instanceOf: util.ConfigurationError,
-        message: new RegExp("No code found during the build\\. Please see: " +
-            "https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\."),
-    });
-});
-(0, ava_1.default)("database finalize overrides no code found error on CodeQL 2.11.6", async (t) => {
-    stubToolRunnerConstructor(32);
-    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.11.6"));
-    // safeWhich throws because of the test CodeQL object.
-    sinon.stub(safeWhich, "safeWhich").resolves("");
-    await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("", "", "", false), {
-        instanceOf: util.ConfigurationError,
-        message: new RegExp("No code found during the build\\. Please see: " +
-            "https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\."),
-    });
-});
-(0, ava_1.default)("database finalize does not override no code found error on CodeQL 2.12.4", async (t) => {
     const cliMessage = "CodeQL did not detect any code written in languages supported by CodeQL. Review our troubleshooting guide at " +
         "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.";
     stubToolRunnerConstructor(32, cliMessage);
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048", false), {
@@ -592,7 +546,7 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
         `${heapError}\n${datasetImportError}.`;
     stubToolRunnerConstructor(32, cliStderr);
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048", false), {
@@ -614,7 +568,7 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
   `;
     stubToolRunnerConstructor(1, stderr);
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
     sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
@@ -633,7 +587,7 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
     const stderr = Array.from({ length: 20 }, (_, i) => `[2019-09-18 12:00:00] [autobuild] [ERROR] line${i + 1}`).join("\n");
     stubToolRunnerConstructor(1, stderr);
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
     sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
@@ -650,7 +604,7 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
     const cliStderr = "line1\nline2\nline3\nline4\nline5";
     stubToolRunnerConstructor(32, cliStderr);
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048", false), {

lib/feature-flags.js

@@ -87,7 +87,7 @@ exports.featureConfig = {
     },
     [Feature.ExportDiagnosticsEnabled]: {
         envVar: "CODEQL_ACTION_EXPORT_DIAGNOSTICS",
-        minimumVersion: "2.12.4",
+        minimumVersion: undefined,
         defaultValue: true,
     },
     [Feature.QaTelemetryEnabled]: {

lib/init-action-post-helper.test.js

@@ -315,7 +315,7 @@ async function testFailedSarifUpload(t, actionsWorkflow, { category, databaseExi
         .returns(JSON.stringify(matrix));
     const codeqlObject = await codeql.getCodeQLForTesting();
     sinon.stub(codeql, "getCodeQL").resolves(codeqlObject);
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.0"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
     const databaseExportDiagnosticsStub = sinon.stub(codeqlObject, "databaseExportDiagnostics");
     const diagnosticsExportStub = sinon.stub(codeqlObject, "diagnosticsExport");
     sinon.stub(workflow, "getWorkflow").resolves(actionsWorkflow);

lib/setup-codeql.js

@@ -241,7 +241,7 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
         logger.info("Overriding the version of the CodeQL tools by the version shipped with the Action since " +
             `"tools: latest" was requested.`);
     }
-    /** CLI version number, for example 2.12.1. */
+    /** CLI version number, for example 2.12.6. */
     let cliVersion;
     /** Tag name of the CodeQL bundle, for example `codeql-bundle-20230120`. */
     let tagName;

lib/util.js

@@ -26,7 +26,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.checkActionVersion = exports.checkDiskUsage = exports.prettyPrintPack = exports.getErrorMessage = exports.wrapError = exports.fixInvalidNotificationsInFile = exports.fixInvalidNotifications = exports.parseMatrixInput = exports.isHostedRunner = exports.checkForTimeout = exports.withTimeout = exports.tryGetFolderBytes = exports.listFolder = exports.doesDirectoryExist = exports.isInTestMode = exports.supportExpectDiscardedCache = exports.isGoodVersion = exports.delay = exports.bundleDb = exports.codeQlVersionAbove = exports.getCachedCodeQlVersion = exports.cacheCodeQlVersion = exports.isHTTPError = exports.ConfigurationError = exports.HTTPError = exports.getRequiredEnvParam = exports.initializeEnvironment = exports.assertNever = exports.apiVersionInRange = exports.DisallowedAPIVersionReason = exports.checkGitHubVersionInRange = exports.GitHubVariant = exports.parseGitHubUrl = exports.getCodeQLDatabasePath = exports.getThreadsFlag = exports.getCgroupCpuCountFromCpus = exports.getThreadsFlagValue = exports.getAddSnippetsFlag = exports.getMemoryFlag = exports.getMemoryFlagValue = exports.getMemoryFlagValueForPlatform = exports.withTmpDir = exports.getToolNames = exports.getExtraOptionsEnvParam = exports.DEFAULT_DEBUG_DATABASE_NAME = exports.DEFAULT_DEBUG_ARTIFACT_NAME = exports.GITHUB_DOTCOM_URL = void 0;
+exports.checkActionVersion = exports.checkDiskUsage = exports.prettyPrintPack = exports.getErrorMessage = exports.wrapError = exports.fixInvalidNotificationsInFile = exports.fixInvalidNotifications = exports.parseMatrixInput = exports.isHostedRunner = exports.checkForTimeout = exports.withTimeout = exports.tryGetFolderBytes = exports.listFolder = exports.doesDirectoryExist = exports.isInTestMode = exports.isGoodVersion = exports.delay = exports.bundleDb = exports.codeQlVersionAbove = exports.getCachedCodeQlVersion = exports.cacheCodeQlVersion = exports.isHTTPError = exports.ConfigurationError = exports.HTTPError = exports.getRequiredEnvParam = exports.initializeEnvironment = exports.assertNever = exports.apiVersionInRange = exports.DisallowedAPIVersionReason = exports.checkGitHubVersionInRange = exports.GitHubVariant = exports.parseGitHubUrl = exports.getCodeQLDatabasePath = exports.getThreadsFlag = exports.getCgroupCpuCountFromCpus = exports.getThreadsFlagValue = exports.getAddSnippetsFlag = exports.getMemoryFlag = exports.getMemoryFlagValue = exports.getMemoryFlagValueForPlatform = exports.withTmpDir = exports.getToolNames = exports.getExtraOptionsEnvParam = exports.DEFAULT_DEBUG_DATABASE_NAME = exports.DEFAULT_DEBUG_ARTIFACT_NAME = exports.GITHUB_DOTCOM_URL = void 0;
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
@@ -545,13 +545,6 @@ function isGoodVersion(versionSpec) {
     return !BROKEN_VERSIONS.includes(versionSpec);
 }
 exports.isGoodVersion = isGoodVersion;
-/**
- * Checks whether the CodeQL CLI supports the `--expect-discarded-cache` command-line flag.
- */
-async function supportExpectDiscardedCache(codeQL) {
-    return codeQlVersionAbove(codeQL, "2.12.1");
-}
-exports.supportExpectDiscardedCache = supportExpectDiscardedCache;
 /*
  * Returns whether we are in test mode.
  *

src/cli-errors.ts

@@ -1,8 +1,5 @@
 import { ConfigurationError } from "./util";
 
-const NO_SOURCE_CODE_SEEN_DOCS_LINK =
-  "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build";
-
 /**
  * A class of Error that we can classify as an error stemming from a CLI
  * invocation, with associated exit code, stderr,etc.
@@ -203,15 +200,6 @@ export const cliErrorsConfig: Record<
       new RegExp(
         "CodeQL did not detect any code written in languages supported by CodeQL",
       ),
-      /**
-       * Earlier versions of the JavaScript extractor (pre-CodeQL 2.12.0) extract externs even if no
-       * source code was found. This means that we don't get the no code found error from
-       * `codeql database finalize`. To ensure users get a good error message, we detect this manually
-       * here, and upon detection override the error message.
-       *
-       * This can be removed once support for CodeQL 2.11.6 is removed.
-       */
-      new RegExp("No JavaScript or TypeScript code found"),
     ],
   },
 
@@ -262,18 +250,6 @@ export function getCliConfigCategoryIfExists(
   return undefined;
 }
 
-/**
- * Prepend a clearer error message with the docs link if the error message does not already
- * include it. Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs
- * should already include the doc link.
- */
-function prependDocsLinkIfApplicable(cliErrorMessage: string): string {
-  if (!cliErrorMessage.includes(NO_SOURCE_CODE_SEEN_DOCS_LINK)) {
-    return `No code found during the build. Please see: ${NO_SOURCE_CODE_SEEN_DOCS_LINK}. Detailed error: ${cliErrorMessage}`;
-  }
-  return cliErrorMessage;
-}
-
 /**
  * Changes an error received from the CLI to a ConfigurationError with optionally an extra
  * error message appended, if it exists in a known set of configuration errors. Otherwise,
@@ -291,12 +267,6 @@ export function wrapCliConfigurationError(cliError: Error): Error {
 
   let errorMessageBuilder = cliError.message;
 
-  // Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs should
-  // already include the doc link.
-  if (cliConfigErrorCategory === CliConfigErrorCategory.NoSourceCodeSeen) {
-    errorMessageBuilder = prependDocsLinkIfApplicable(errorMessageBuilder);
-  }
-
   const additionalErrorMessageToAppend =
     cliErrorsConfig[cliConfigErrorCategory].additionalErrorMessageToAppend;
   if (additionalErrorMessageToAppend !== undefined) {

src/codeql.test.ts

@@ -385,7 +385,7 @@ test("bundle URL from another repo is cached as 0.0.0-bundleVersion", async (t)
     mockApiDetails(SAMPLE_DOTCOM_API_DETAILS);
     sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
     const releasesApiMock = mockReleaseApi({
-      assetNames: ["cli-version-2.12.2.txt"],
+      assetNames: ["cli-version-2.12.6.txt"],
       tagName: "codeql-bundle-20230203",
     });
     mockBundleDownloadApi({
@@ -688,9 +688,7 @@ test("passes a code scanning config AND qlconfig to the CLI", async (t: Executio
   await util.withTmpDir(async (tempDir) => {
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon
+    sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
-      .stub(codeqlObject, "getVersion")
-      .resolves(makeVersionInfo(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG));
 
     await codeqlObject.databaseInitCluster(
       { ...stubConfig, tempDir },
@@ -715,45 +713,11 @@ test("passes a code scanning config AND qlconfig to the CLI", async (t: Executio
   });
 });
 
-test("passes a code scanning config BUT NOT a qlconfig to the CLI for CodeQL v2.12.2", async (t: ExecutionContext<unknown>) => {
-  await util.withTmpDir(async (tempDir) => {
-    const runnerConstructorStub = stubToolRunnerConstructor();
-    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.2"));
-
-    await codeqlObject.databaseInitCluster(
-      { ...stubConfig, tempDir },
-      "",
-      undefined,
-      "/path/to/qlconfig.yml",
-      getRunnerLogger(true),
-    );
-
-    const args = runnerConstructorStub.firstCall.args[1] as any[];
-    // should have used a config file
-    const hasCodeScanningConfigArg = args.some((arg: string) =>
-      arg.startsWith("--codescanning-config="),
-    );
-    t.true(
-      hasCodeScanningConfigArg,
-      "Should have injected a codescanning config",
-    );
-
-    // should not have passed a qlconfig file
-    const hasQlconfigArg = args.some((arg: string) =>
-      arg.startsWith("--qlconfig-file="),
-    );
-    t.false(hasQlconfigArg, "should NOT have injected a qlconfig");
-  });
-});
-
 test("does not pass a qlconfig to the CLI when it is undefined", async (t: ExecutionContext<unknown>) => {
   await util.withTmpDir(async (tempDir) => {
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon
+    sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
-      .stub(codeqlObject, "getVersion")
-      .resolves(makeVersionInfo(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG));
 
     await codeqlObject.databaseInitCluster(
       { ...stubConfig, tempDir },
@@ -860,57 +824,13 @@ for (const {
   });
 }
 
-test("database finalize recognises JavaScript no code found error on CodeQL 2.11.6", async (t) => {
+test("database finalize does not override no code found error on CodeQL 2.12.6", async (t) => {
-  stubToolRunnerConstructor(
-    1,
-    `2020-09-07T17:39:53.9050522Z [2020-09-07 17:39:53] [build] Done extracting /opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/javascript/tools/data/externs/web/ie_vml.js (3 ms)
-    2020-09-07T17:39:53.9051849Z [2020-09-07 17:39:53] [build-err] No JavaScript or TypeScript code found.
-    2020-09-07T17:39:53.9052444Z [2020-09-07 17:39:53] [build-err] No JavaScript or TypeScript code found.
-    2020-09-07T17:39:53.9251124Z [2020-09-07 17:39:53] [ERROR] Spawned process exited abnormally (code 255; tried to run: [/opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/javascript/tools/autobuild.sh])`,
-  );
-  const codeqlObject = await codeql.getCodeQLForTesting();
-  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.11.6"));
-  // safeWhich throws because of the test CodeQL object.
-  sinon.stub(safeWhich, "safeWhich").resolves("");
-
-  await t.throwsAsync(
-    async () => await codeqlObject.finalizeDatabase("", "", "", false),
-    {
-      instanceOf: util.ConfigurationError,
-      message: new RegExp(
-        "No code found during the build\\. Please see: " +
-          "https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\.",
-      ),
-    },
-  );
-});
-
-test("database finalize overrides no code found error on CodeQL 2.11.6", async (t) => {
-  stubToolRunnerConstructor(32);
-  const codeqlObject = await codeql.getCodeQLForTesting();
-  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.11.6"));
-  // safeWhich throws because of the test CodeQL object.
-  sinon.stub(safeWhich, "safeWhich").resolves("");
-
-  await t.throwsAsync(
-    async () => await codeqlObject.finalizeDatabase("", "", "", false),
-    {
-      instanceOf: util.ConfigurationError,
-      message: new RegExp(
-        "No code found during the build\\. Please see: " +
-          "https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\.",
-      ),
-    },
-  );
-});
-
-test("database finalize does not override no code found error on CodeQL 2.12.4", async (t) => {
   const cliMessage =
     "CodeQL did not detect any code written in languages supported by CodeQL. Review our troubleshooting guide at " +
     "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.";
   stubToolRunnerConstructor(32, cliMessage);
   const codeqlObject = await codeql.getCodeQLForTesting();
-  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.4"));
+  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
   // safeWhich throws because of the test CodeQL object.
   sinon.stub(safeWhich, "safeWhich").resolves("");
 
@@ -940,7 +860,7 @@ test("runTool summarizes several fatal errors", async (t) => {
     `${heapError}\n${datasetImportError}.`;
   stubToolRunnerConstructor(32, cliStderr);
   const codeqlObject = await codeql.getCodeQLForTesting();
-  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.4"));
+  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
   // safeWhich throws because of the test CodeQL object.
   sinon.stub(safeWhich, "safeWhich").resolves("");
 
@@ -981,7 +901,7 @@ test("runTool summarizes autobuilder errors", async (t) => {
   `;
   stubToolRunnerConstructor(1, stderr);
   const codeqlObject = await codeql.getCodeQLForTesting();
-  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.4"));
+  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
   sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
   // safeWhich throws because of the test CodeQL object.
   sinon.stub(safeWhich, "safeWhich").resolves("");
@@ -1009,7 +929,7 @@ test("runTool truncates long autobuilder errors", async (t) => {
   ).join("\n");
   stubToolRunnerConstructor(1, stderr);
   const codeqlObject = await codeql.getCodeQLForTesting();
-  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.4"));
+  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
   sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
   // safeWhich throws because of the test CodeQL object.
   sinon.stub(safeWhich, "safeWhich").resolves("");
@@ -1034,7 +954,7 @@ test("runTool outputs last line of stderr if fatal error could not be found", as
   const cliStderr = "line1\nline2\nline3\nline4\nline5";
   stubToolRunnerConstructor(32, cliStderr);
   const codeqlObject = await codeql.getCodeQLForTesting();
-  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.4"));
+  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
   // safeWhich throws because of the test CodeQL object.
   sinon.stub(safeWhich, "safeWhich").resolves("");
 

src/codeql.ts

@@ -303,23 +303,6 @@ const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
  * flag is older than the oldest supported version above, it may be removed.
  */
 
-/**
- * Versions 2.12.1+ of the CodeQL Bundle include a `security-experimental` built-in query suite for
- * each language.
- */
-export const CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = "2.12.1";
-
-/**
- * Versions 2.12.3+ of the CodeQL CLI support exporting configuration information from a code
- * scanning config file to SARIF.
- */
-export const CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = "2.12.3";
-
-/**
- * Versions 2.12.4+ of the CodeQL CLI support the `--qlconfig-file` flag in calls to `database init`.
- */
-export const CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
-
 /**
  * Versions 2.13.1+ of the CodeQL CLI fix a bug where diagnostics export could produce invalid SARIF.
  */
@@ -602,10 +585,7 @@ export async function getCodeQLForCmd(
       ) {
         extraArgs.push(`--build-mode=${config.buildMode}`);
       }
-      if (
+      if (qlconfigFile !== undefined) {
-        qlconfigFile !== undefined &&
-        (await util.codeQlVersionAbove(this, CODEQL_VERSION_INIT_WITH_QLCONFIG))
-      ) {
         extraArgs.push(`--qlconfig-file=${qlconfigFile}`);
       }
 
@@ -817,13 +797,11 @@ export async function getCodeQLForCmd(
         "run-queries",
         ...flags,
         databasePath,
+        "--expect-discarded-cache",
         "--min-disk-free=1024", // Try to leave at least 1GB free
         "-v",
         ...getExtraOptionsFromEnv(["database", "run-queries"]),
       ];
-      if (await util.supportExpectDiscardedCache(this)) {
-        codeqlArgs.push("--expect-discarded-cache");
-      }
       if (
         await util.codeQlVersionAbove(
           this,
@@ -867,7 +845,9 @@ export async function getCodeQLForCmd(
         "--print-diagnostics-summary",
         "--print-metrics-summary",
         "--sarif-add-baseline-file-info",
-        ...(await getCodeScanningConfigExportArguments(config, this)),
+        `--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(
+          config,
+        )}`,
         "--sarif-group-rules-by-pack",
         ...(await getCodeScanningQueryHelpArguments(this)),
         ...getExtraOptionsFromEnv(["database", "interpret-results"]),
@@ -887,7 +867,7 @@ export async function getCodeQLForCmd(
       }
       if (shouldExportDiagnostics) {
         codeqlArgs.push("--sarif-include-diagnostics");
-      } else if (await util.codeQlVersionAbove(this, "2.12.4")) {
+      } else {
         codeqlArgs.push("--no-sarif-include-diagnostics");
       }
       if (
@@ -1051,7 +1031,9 @@ export async function getCodeQLForCmd(
         "export",
         "--format=sarif-latest",
         `--output=${sarifFile}`,
-        ...(await getCodeScanningConfigExportArguments(config, this)),
+        `--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(
+          config,
+        )}`,
         ...getExtraOptionsFromEnv(["diagnostics", "export"]),
       ];
       if (automationDetailsId !== undefined) {
@@ -1334,29 +1316,6 @@ function cloneObject<T>(obj: T): T {
   return JSON.parse(JSON.stringify(obj));
 }
 
-/**
- * Gets arguments for passing the code scanning configuration file to interpretation commands like
- * `codeql database interpret-results` and `codeql database export-diagnostics`.
- *
- * Returns an empty list if a code scanning configuration file was not generated by the CLI.
- */
-async function getCodeScanningConfigExportArguments(
-  config: Config,
-  codeql: CodeQL,
-): Promise<string[]> {
-  const codeScanningConfigPath = getGeneratedCodeScanningConfigPath(config);
-  if (
-    fs.existsSync(codeScanningConfigPath) &&
-    (await util.codeQlVersionAbove(
-      codeql,
-      CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG,
-    ))
-  ) {
-    return ["--sarif-codescanning-config", codeScanningConfigPath];
-  }
-  return [];
-}
-
 // This constant sets the size of each TRAP cache in megabytes.
 const TRAP_CACHE_SIZE_MB = 1024;
 

src/feature-flags.ts

@@ -87,7 +87,7 @@ export const featureConfig: Record<
   },
   [Feature.ExportDiagnosticsEnabled]: {
     envVar: "CODEQL_ACTION_EXPORT_DIAGNOSTICS",
-    minimumVersion: "2.12.4",
+    minimumVersion: undefined,
     defaultValue: true,
   },
   [Feature.QaTelemetryEnabled]: {

src/init-action-post-helper.test.ts

@@ -359,7 +359,7 @@ async function testFailedSarifUpload(
 
   const codeqlObject = await codeql.getCodeQLForTesting();
   sinon.stub(codeql, "getCodeQL").resolves(codeqlObject);
-  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.0"));
+  sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
   const databaseExportDiagnosticsStub = sinon.stub(
     codeqlObject,
     "databaseExportDiagnostics",

src/setup-codeql.ts

@@ -304,7 +304,7 @@ export async function getCodeQLSource(
     );
   }
 
-  /** CLI version number, for example 2.12.1. */
+  /** CLI version number, for example 2.12.6. */
   let cliVersion: string | undefined;
   /** Tag name of the CodeQL bundle, for example `codeql-bundle-20230120`. */
   let tagName: string | undefined;

src/util.ts

@@ -734,15 +734,6 @@ export function isGoodVersion(versionSpec: string) {
   return !BROKEN_VERSIONS.includes(versionSpec);
 }
 
-/**
- * Checks whether the CodeQL CLI supports the `--expect-discarded-cache` command-line flag.
- */
-export async function supportExpectDiscardedCache(
-  codeQL: CodeQL,
-): Promise<boolean> {
-  return codeQlVersionAbove(codeQL, "2.12.1");
-}
-
 /*
  * Returns whether we are in test mode.
  *