build

lib/analyze.js

@@ -56,7 +56,8 @@ async function setupPythonExtractor(logger, features, codeql) {
         // If CODEQL_PYTHON is not set, no dependencies were installed, so we don't need to do anything
         return;
     }
-    if (await features.getValue(feature_flags_1.Feature.DisablePythonDependencyInstallationEnabled, codeql)) {
+    if ((await features.getValue(feature_flags_1.Feature.DisablePythonDependencyInstallationEnabled, codeql)) ||
+        (await features.getValue(feature_flags_1.Feature.PythonDefaultIsToSkipDependencyInstallationEnabled, codeql))) {
         logger.warning("We recommend that you remove the CODEQL_PYTHON environment variable from your workflow. This environment variable was originally used to specify a Python executable that included the dependencies of your Python code, however Python analysis no longer uses these dependencies." +
             "\nIf you used CODEQL_PYTHON to force the version of Python to analyze as, please use CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION instead, such as 'CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION=2.7' or 'CODEQL_EXTRACTOR_PYTHON_ANALYSIS_VERSION=3.11'.");
         return;

lib/feature-flags.js

@@ -53,6 +53,7 @@ var Feature;
     Feature["CppDependencyInstallation"] = "cpp_dependency_installation_enabled";
     Feature["DisableKotlinAnalysisEnabled"] = "disable_kotlin_analysis_enabled";
     Feature["DisablePythonDependencyInstallationEnabled"] = "disable_python_dependency_installation_enabled";
+    Feature["PythonDefaultIsToSkipDependencyInstallationEnabled"] = "python_default_is_to_skip_dependency_installation_enabled";
     Feature["EvaluatorFineGrainedParallelismEnabled"] = "evaluator_fine_grained_parallelism_enabled";
     Feature["ExportDiagnosticsEnabled"] = "export_diagnostics_enabled";
     Feature["QaTelemetryEnabled"] = "qa_telemetry_enabled";
@@ -103,6 +104,15 @@ exports.featureConfig = {
         minimumVersion: undefined,
         defaultValue: false,
     },
+    [Feature.PythonDefaultIsToSkipDependencyInstallationEnabled]: {
+        // we can reuse the same environment variable as above. If someone has set it to
+        // `true` in their workflow this means dependencies are not installed, setting it to
+        // `false` means dependencies _will_ be installed. The same semantics are applied
+        // here!
+        envVar: "CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION",
+        minimumVersion: "2.16.0",
+        defaultValue: false,
+    },
 };
 exports.FEATURE_FLAGS_FILE_NAME = "cached-feature-flags.json";
 /**

lib/init-action.js

@@ -146,7 +146,8 @@ async function run() {
         await (0, init_1.checkInstallPython311)(config.languages, codeql);
         if (config.languages.includes(languages_1.Language.python) &&
             (0, actions_util_1.getRequiredInput)("setup-python-dependencies") === "true") {
-            if (await features.getValue(feature_flags_1.Feature.DisablePythonDependencyInstallationEnabled, codeql)) {
+            if ((await features.getValue(feature_flags_1.Feature.DisablePythonDependencyInstallationEnabled, codeql)) ||
+                (await features.getValue(feature_flags_1.Feature.PythonDefaultIsToSkipDependencyInstallationEnabled, codeql))) {
                 logger.info("Skipping python dependency installation");
             }
             else {
@@ -246,9 +247,13 @@ async function run() {
             }
         }
         // Disable Python dependency extraction if feature flag set
-        if (await features.getValue(feature_flags_1.Feature.DisablePythonDependencyInstallationEnabled, codeql)) {
+        if ((await features.getValue(feature_flags_1.Feature.DisablePythonDependencyInstallationEnabled, codeql)) ||
+            (await features.getValue(feature_flags_1.Feature.PythonDefaultIsToSkipDependencyInstallationEnabled, codeql))) {
             core.exportVariable("CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION", "true");
         }
+        else {
+            core.exportVariable("CODEQL_EXTRACTOR_PYTHON_FORCE_ENABLE_LIBRARY_EXTRACTION_UNTIL_2_17_0", "true");
+        }
         const sourceRoot = path.resolve((0, util_1.getRequiredEnvParam)("GITHUB_WORKSPACE"), (0, actions_util_1.getOptionalInput)("source-root") || "");
         const tracerConfig = await (0, init_1.runInit)(codeql, config, sourceRoot, "Runner.Worker.exe", registriesInput, features, apiDetails, logger);
         if (tracerConfig !== undefined) {