Only run ML-powered queries with v2.7.5 or newer of the CLI

2022-01-06 11:55:03 +00:00 · 2022-01-06 11:55:03 +00:00 · 2159631658
commit 2159631658
parent 9de1702400
9 changed files with 40 additions and 20 deletions
--- a/lib/codeql.js
+++ b/lib/codeql.js
@ -22,7 +22,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.convertToSemVer = exports.getCodeQLURLVersion = exports.setupCodeQL = exports.getCodeQLActionRepository = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_COUNTS_LINES = exports.CommandInvocationError = void 0;
+exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.convertToSemVer = exports.getCodeQLURLVersion = exports.setupCodeQL = exports.getCodeQLActionRepository = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_ML_POWERED_QUERIES = exports.CODEQL_VERSION_COUNTS_LINES = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
@ -74,6 +74,7 @@ const CODEQL_VERSION_GROUP_RULES = "2.5.5";
 const CODEQL_VERSION_SARIF_GROUP = "2.5.3";
 exports.CODEQL_VERSION_COUNTS_LINES = "2.6.2";
 const CODEQL_VERSION_CUSTOM_QUERY_HELP = "2.7.1";
+exports.CODEQL_VERSION_ML_POWERED_QUERIES = "2.7.5";
 /**
 * This variable controls using the new style of tracing from the CodeQL
 * CLI. In particular, with versions above this we will use both indirect
--- a/lib/codeql.js.map
+++ b/lib/codeql.js.map
--- a/lib/config-utils.js
+++ b/lib/config-utils.js
@ -25,9 +25,11 @@ const path = __importStar(require("path"));
 const yaml = __importStar(require("js-yaml"));
 const semver = __importStar(require("semver"));
 const api = __importStar(require("./api-client"));
+const codeql_1 = require("./codeql");
 const externalQueries = __importStar(require("./external-queries"));
 const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
+const util_1 = require("./util");
 // Property names from the user-supplied config file.
 const NAME_PROPERTY = "name";
 const DISABLE_DEFAULT_QUERIES_PROPERTY = "disable-default-queries";
@ -127,7 +129,8 @@ async function addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, suite
    // the ML-powered queries.
    if (languages.includes("javascript") &&
        (found === "security-extended" || found === "security-and-quality") &&
-        (await featureFlags.getValue(feature_flags_1.FeatureFlag.MlPoweredQueriesEnabled))) {
+        (await featureFlags.getValue(feature_flags_1.FeatureFlag.MlPoweredQueriesEnabled)) &&
+        (await (0, util_1.codeQlVersionAbove)(codeQL, codeql_1.CODEQL_VERSION_ML_POWERED_QUERIES))) {
        if (!packs.javascript) {
            packs.javascript = [];
        }
--- a/lib/config-utils.js.map
+++ b/lib/config-utils.js.map
--- a/lib/config-utils.test.js
+++ b/lib/config-utils.test.js
@ -868,9 +868,12 @@ parseInputAndConfigErrorMacro.title = (providedTitle) => `Parse Packs input and
 (0, ava_1.default)("input with two languages", parseInputAndConfigErrorMacro, {}, "c/d", [languages_1.Language.cpp, languages_1.Language.csharp], /multi-language analysis/);
 (0, ava_1.default)("input with + only", parseInputAndConfigErrorMacro, {}, " + ", [languages_1.Language.cpp], /remove the '\+'/);
 (0, ava_1.default)("input with invalid pack name", parseInputAndConfigErrorMacro, {}, " xxx", [languages_1.Language.cpp], /"xxx" is not a valid pack/);
-async function mlPoweredQueriesMacro(t, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries) {
+async function mlPoweredQueriesMacro(t, codeQLVersion, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries) {
    return await util.withTmpDir(async (tmpDir) => {
        const codeQL = (0, codeql_1.setCodeQL)({
+            async getVersion() {
+                return codeQLVersion;
+            },
            async resolveQueries() {
                return {
                    byLanguage: {
@ -899,15 +902,16 @@ async function mlPoweredQueriesMacro(t, isMlPoweredQueriesFlagEnabled, queriesIn
        }
    });
 }
-mlPoweredQueriesMacro.title = (_providedTitle, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries) => {
+mlPoweredQueriesMacro.title = (_providedTitle, codeQLVersion, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries) => {
    const queriesInputDescription = queriesInput
        ? `'queries: ${queriesInput}'`
        : "default config";
-    return `ML-powered queries ${shouldRunMlPoweredQueries ? "are" : "aren't"} loaded for ${queriesInputDescription} when feature flag is ${isMlPoweredQueriesFlagEnabled ? "enabled" : "disabled"}`;
+    return `ML-powered queries ${shouldRunMlPoweredQueries ? "are" : "aren't"} loaded for ${queriesInputDescription} using CLI v${codeQLVersion} when feature flag is ${isMlPoweredQueriesFlagEnabled ? "enabled" : "disabled"}`;
 };
 // macro, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries
-(0, ava_1.default)(mlPoweredQueriesMacro, false, "security-extended", false);
-(0, ava_1.default)(mlPoweredQueriesMacro, true, undefined, false);
-(0, ava_1.default)(mlPoweredQueriesMacro, true, "security-extended", true);
-(0, ava_1.default)(mlPoweredQueriesMacro, true, "security-and-quality", true);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.4", true, "security-extended", false);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", false, "security-extended", false);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, undefined, false);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, "security-extended", true);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, "security-and-quality", true);
 //# sourceMappingURL=config-utils.test.js.map
--- a/lib/config-utils.test.js.map
+++ b/lib/config-utils.test.js.map
--- a/src/codeql.ts
+++ b/src/codeql.ts
@ -215,6 +215,7 @@ const CODEQL_VERSION_GROUP_RULES = "2.5.5";
 const CODEQL_VERSION_SARIF_GROUP = "2.5.3";
 export const CODEQL_VERSION_COUNTS_LINES = "2.6.2";
 const CODEQL_VERSION_CUSTOM_QUERY_HELP = "2.7.1";
+export const CODEQL_VERSION_ML_POWERED_QUERIES = "2.7.5";

 /**
 * This variable controls using the new style of tracing from the CodeQL
--- a/src/config-utils.test.ts
+++ b/src/config-utils.test.ts
@ -1656,12 +1656,16 @@ test(

 async function mlPoweredQueriesMacro(
  t: ExecutionContext,
+  codeQLVersion: string,
  isMlPoweredQueriesFlagEnabled: boolean,
  queriesInput: string | undefined,
  shouldRunMlPoweredQueries: boolean
 ) {
  return await util.withTmpDir(async (tmpDir) => {
    const codeQL = setCodeQL({
+      async getVersion() {
+        return codeQLVersion;
+      },
      async resolveQueries() {
        return {
          byLanguage: {
@ -1711,6 +1715,7 @@ async function mlPoweredQueriesMacro(

 mlPoweredQueriesMacro.title = (
  _providedTitle: string,
+  codeQLVersion: string,
  isMlPoweredQueriesFlagEnabled: boolean,
  queriesInput: string | undefined,
  shouldRunMlPoweredQueries: boolean
@ -1721,13 +1726,14 @@ mlPoweredQueriesMacro.title = (

  return `ML-powered queries ${
    shouldRunMlPoweredQueries ? "are" : "aren't"
-  } loaded for ${queriesInputDescription} when feature flag is ${
+  } loaded for ${queriesInputDescription} using CLI v${codeQLVersion} when feature flag is ${
    isMlPoweredQueriesFlagEnabled ? "enabled" : "disabled"
  }`;
 };

 // macro, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries
-test(mlPoweredQueriesMacro, false, "security-extended", false);
-test(mlPoweredQueriesMacro, true, undefined, false);
-test(mlPoweredQueriesMacro, true, "security-extended", true);
-test(mlPoweredQueriesMacro, true, "security-and-quality", true);
+test(mlPoweredQueriesMacro, "2.7.4", true, "security-extended", false);
+test(mlPoweredQueriesMacro, "2.7.5", false, "security-extended", false);
+test(mlPoweredQueriesMacro, "2.7.5", true, undefined, false);
+test(mlPoweredQueriesMacro, "2.7.5", true, "security-extended", true);
+test(mlPoweredQueriesMacro, "2.7.5", true, "security-and-quality", true);
--- a/src/config-utils.ts
+++ b/src/config-utils.ts
@ -5,13 +5,17 @@ import * as yaml from "js-yaml";
 import * as semver from "semver";

 import * as api from "./api-client";
-import { CodeQL, ResolveQueriesOutput } from "./codeql";
+import {
+  CodeQL,
+  CODEQL_VERSION_ML_POWERED_QUERIES,
+  ResolveQueriesOutput,
+} from "./codeql";
 import * as externalQueries from "./external-queries";
 import { FeatureFlag, FeatureFlags } from "./feature-flags";
 import { Language, parseLanguage } from "./languages";
 import { Logger } from "./logging";
 import { RepositoryNwo } from "./repository";
-import { GitHubVersion } from "./util";
+import { codeQlVersionAbove, GitHubVersion } from "./util";

 // Property names from the user-supplied config file.
 const NAME_PROPERTY = "name";
@ -279,7 +283,8 @@ async function addBuiltinSuiteQueries(
  if (
    languages.includes("javascript") &&
    (found === "security-extended" || found === "security-and-quality") &&
-    (await featureFlags.getValue(FeatureFlag.MlPoweredQueriesEnabled))
+    (await featureFlags.getValue(FeatureFlag.MlPoweredQueriesEnabled)) &&
+    (await codeQlVersionAbove(codeQL, CODEQL_VERSION_ML_POWERED_QUERIES))
  ) {
    if (!packs.javascript) {
      packs.javascript = [];