robojerk/codeql-action

Merge pull request #2232 from github/henrymercer/remove-support-codeql-2.12.5

Browse source 
Remove support for CodeQL 2.12.5 and earlier
This commit is contained in:
Henry Mercer 2024-04-09 20:03:42 +01:00 committed by GitHub
commit 24a01703e4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
67 changed files with 196 additions and 698 deletions
Download patch file Download diff file Expand all files Collapse all files

8
.github/workflows/__all-platform-bundle.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'true'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- id: init
uses: ./../action/init
with:

8
.github/workflows/__analyze-ref-input.yml generated vendored
View file

@ -45,9 +45,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -62,10 +60,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}

8
.github/workflows/__autobuild-action.yml generated vendored
View file

@ -45,9 +45,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -62,10 +60,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
languages: csharp

8
.github/workflows/__build-mode-autobuild.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Set up Java test repo configuration
run: |
mv * .github ../action/tests/multi-language-repo/

8
.github/workflows/__build-mode-manual.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
id: init
with:

8
.github/workflows/__build-mode-none.yml generated vendored
View file

@ -43,9 +43,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -60,10 +58,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
id: init
with:

8
.github/workflows/__build-mode-rollback.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Set up Java test repo configuration
run: |
mv * .github ../action/tests/multi-language-repo/

8
.github/workflows/__config-export.yml generated vendored
View file

@ -51,9 +51,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -68,10 +66,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
languages: javascript

8
.github/workflows/__config-input.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Copy queries into workspace
run: |
cp -a ../action/queries .

8
.github/workflows/__cpp-deptrace-disabled.yml generated vendored
View file

@ -45,9 +45,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -62,10 +60,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Test setup
shell: bash
run: |

8
.github/workflows/__cpp-deptrace-enabled-on-macos.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Test setup
shell: bash
run: |

8
.github/workflows/__cpp-deptrace-enabled.yml generated vendored
View file

@ -45,9 +45,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -62,10 +60,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Test setup
shell: bash
run: |

16
.github/workflows/__diagnostics-export.yml generated vendored
View file

@ -28,11 +28,11 @@ jobs:
matrix:
include:
- os: ubuntu-latest
version: stable-20230317
version: stable-20230403
- os: macos-latest
version: stable-20230317
version: stable-20230403
- os: windows-latest
version: stable-20230317
version: stable-20230403
- os: ubuntu-latest
version: latest
- os: macos-latest
@ -57,9 +57,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -74,10 +72,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
id: init
with:
@ -89,7 +83,7 @@ jobs:
CODEQL_PATH: ${{ steps.init.outputs.codeql-path }}
run: |
for i in {1..2}; do
# Use the same location twice to test the workaround for the bug in CodeQL CLI 2.12.5 that
# Use the same location twice to test the workaround for the bug in CodeQL CLI 2.12.6 that
# produces an invalid diagnostic with multiple identical location objects.
"$CODEQL_PATH" database add-diagnostic \
"$RUNNER_TEMP/codeql_databases/javascript" \

8
.github/workflows/__export-file-baseline-information.yml generated vendored
View file

@ -45,9 +45,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -62,10 +60,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
id: init
with:

8
.github/workflows/__extractor-ram-threads.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
languages: java

32
.github/workflows/__go-custom-queries.yml generated vendored
View file

@ -28,17 +28,11 @@ jobs:
matrix:
include:
- os: ubuntu-latest
version: stable-20221211
version: stable-20230403
- os: macos-latest
version: stable-20221211
version: stable-20230403
- os: windows-latest
version: stable-20221211
- os: ubuntu-latest
version: stable-20230418
- os: macos-latest
version: stable-20230418
- os: windows-latest
version: stable-20230418
version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: macos-latest
@ -51,6 +45,18 @@ jobs:
version: stable-v2.14.6
- os: windows-latest
version: stable-v2.14.6
- os: ubuntu-latest
version: stable-v2.15.5
- os: macos-latest
version: stable-v2.15.5
- os: windows-latest
version: stable-v2.15.5
- os: ubuntu-latest
version: stable-v2.16.6
- os: macos-latest
version: stable-v2.16.6
- os: windows-latest
version: stable-v2.16.6
- os: ubuntu-latest
version: default
- os: macos-latest
@ -81,9 +87,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -98,10 +102,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
languages: go

8
.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
# We need a Go version that ships with statically linked binaries on Linux

8
.github/workflows/__go-indirect-tracing-workaround.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
# We need a Go version that ships with statically linked binaries on Linux

24
.github/workflows/__go-tracing-autobuilder.yml generated vendored
View file

@ -28,13 +28,9 @@ jobs:
matrix:
include:
- os: ubuntu-latest
version: stable-20221211
version: stable-20230403
- os: macos-latest
version: stable-20221211
- os: ubuntu-latest
version: stable-20230418
- os: macos-latest
version: stable-20230418
version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: macos-latest
@ -43,6 +39,14 @@ jobs:
version: stable-v2.14.6
- os: macos-latest
version: stable-v2.14.6
- os: ubuntu-latest
version: stable-v2.15.5
- os: macos-latest
version: stable-v2.15.5
- os: ubuntu-latest
version: stable-v2.16.6
- os: macos-latest
version: stable-v2.16.6
- os: ubuntu-latest
version: default
- os: macos-latest
@ -67,9 +71,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -84,10 +86,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
go-version: ~1.22.0

24
.github/workflows/__go-tracing-custom-build-steps.yml generated vendored
View file

@ -28,13 +28,9 @@ jobs:
matrix:
include:
- os: ubuntu-latest
version: stable-20221211
version: stable-20230403
- os: macos-latest
version: stable-20221211
- os: ubuntu-latest
version: stable-20230418
- os: macos-latest
version: stable-20230418
version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: macos-latest
@ -43,6 +39,14 @@ jobs:
version: stable-v2.14.6
- os: macos-latest
version: stable-v2.14.6
- os: ubuntu-latest
version: stable-v2.15.5
- os: macos-latest
version: stable-v2.15.5
- os: ubuntu-latest
version: stable-v2.16.6
- os: macos-latest
version: stable-v2.16.6
- os: ubuntu-latest
version: default
- os: macos-latest
@ -67,9 +71,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -84,10 +86,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
go-version: ~1.22.0

24
.github/workflows/__go-tracing-legacy-workflow.yml generated vendored
View file

@ -28,13 +28,9 @@ jobs:
matrix:
include:
- os: ubuntu-latest
version: stable-20221211
version: stable-20230403
- os: macos-latest
version: stable-20221211
- os: ubuntu-latest
version: stable-20230418
- os: macos-latest
version: stable-20230418
version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: macos-latest
@ -43,6 +39,14 @@ jobs:
version: stable-v2.14.6
- os: macos-latest
version: stable-v2.14.6
- os: ubuntu-latest
version: stable-v2.15.5
- os: macos-latest
version: stable-v2.15.5
- os: ubuntu-latest
version: stable-v2.16.6
- os: macos-latest
version: stable-v2.16.6
- os: ubuntu-latest
version: default
- os: macos-latest
@ -67,9 +71,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -84,10 +86,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: actions/setup-go@v5
with:
go-version: ~1.22.0

8
.github/workflows/__init-with-registries.yml generated vendored
View file

@ -58,9 +58,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -75,10 +73,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Init with registries
uses: ./../action/init
with:

8
.github/workflows/__javascript-source-root.yml generated vendored
View file

@ -45,9 +45,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -62,10 +60,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Move codeql-action
shell: bash
run: |

8
.github/workflows/__language-aliases.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
languages: C#,java-kotlin,swift,typescript

28
.github/workflows/__multi-language-autodetect.yml generated vendored
View file

@ -28,13 +28,9 @@ jobs:
matrix:
include:
- os: ubuntu-latest
version: stable-20221211
version: stable-20230403
- os: macos-latest
version: stable-20221211
- os: ubuntu-latest
version: stable-20230418
- os: macos-latest
version: stable-20230418
version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: macos-latest
@ -43,6 +39,14 @@ jobs:
version: stable-v2.14.6
- os: macos-latest
version: stable-v2.14.6
- os: ubuntu-latest
version: stable-v2.15.5
- os: macos-latest
version: stable-v2.15.5
- os: ubuntu-latest
version: stable-v2.16.6
- os: macos-latest
version: stable-v2.16.6
- os: ubuntu-latest
version: default
- os: macos-latest
@ -67,9 +71,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -84,10 +86,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
id: init
with:
@ -147,9 +145,7 @@ jobs:
fi
- name: Check language autodetect for Swift
if: >-
env.CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT == 'true' ||
(runner.os != 'Windows' && matrix.version == 'nightly-latest')
if: runner.os != 'Windows' && matrix.version != 'stable-20230403'
shell: bash
run: |
SWIFT_DB=${{ fromJson(steps.analysis.outputs.db-locations).swift }}

8
.github/workflows/__packaging-codescanning-config-inputs-js.yml generated vendored
View file

@ -57,9 +57,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -74,10 +72,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
config-file: .github/codeql/codeql-config-packaging3.yml

8
.github/workflows/__packaging-config-inputs-js.yml generated vendored
View file

@ -57,9 +57,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -74,10 +72,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
config-file: .github/codeql/codeql-config-packaging3.yml

8
.github/workflows/__packaging-config-js.yml generated vendored
View file

@ -57,9 +57,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -74,10 +72,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
config-file: .github/codeql/codeql-config-packaging.yml

8
.github/workflows/__packaging-inputs-js.yml generated vendored
View file

@ -57,9 +57,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -74,10 +72,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
config-file: .github/codeql/codeql-config-packaging2.yml

32
.github/workflows/__remote-config.yml generated vendored
View file

@ -28,17 +28,11 @@ jobs:
matrix:
include:
- os: ubuntu-latest
version: stable-20221211
version: stable-20230403
- os: macos-latest
version: stable-20221211
version: stable-20230403
- os: windows-latest
version: stable-20221211
- os: ubuntu-latest
version: stable-20230418
- os: macos-latest
version: stable-20230418
- os: windows-latest
version: stable-20230418
version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: macos-latest
@ -51,6 +45,18 @@ jobs:
version: stable-v2.14.6
- os: windows-latest
version: stable-v2.14.6
- os: ubuntu-latest
version: stable-v2.15.5
- os: macos-latest
version: stable-v2.15.5
- os: windows-latest
version: stable-v2.15.5
- os: ubuntu-latest
version: stable-v2.16.6
- os: macos-latest
version: stable-v2.16.6
- os: windows-latest
version: stable-v2.16.6
- os: ubuntu-latest
version: default
- os: macos-latest
@ -81,9 +87,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -98,10 +102,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}

8
.github/workflows/__resolve-environment-action.yml generated vendored
View file

@ -63,9 +63,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -80,10 +78,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
languages: ${{ matrix.version == 'stable-v2.13.4' && 'go' || 'go,javascript-typescript'

8
.github/workflows/__rubocop-multi-language.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:

8
.github/workflows/__ruby.yml generated vendored
View file

@ -51,9 +51,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -68,10 +66,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
languages: ruby

24
.github/workflows/__scaling-reserved-ram.yml generated vendored
View file

@ -28,13 +28,9 @@ jobs:
matrix:
include:
- os: ubuntu-latest
version: stable-20221211
version: stable-20230403
- os: macos-latest
version: stable-20221211
- os: ubuntu-latest
version: stable-20230418
- os: macos-latest
version: stable-20230418
version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: macos-latest
@ -43,6 +39,14 @@ jobs:
version: stable-v2.14.6
- os: macos-latest
version: stable-v2.14.6
- os: ubuntu-latest
version: stable-v2.15.5
- os: macos-latest
version: stable-v2.15.5
- os: ubuntu-latest
version: stable-v2.16.6
- os: macos-latest
version: stable-v2.16.6
- os: ubuntu-latest
version: default
- os: macos-latest
@ -67,9 +71,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -84,10 +86,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
id: init
with:

8
.github/workflows/__split-workflow.yml generated vendored
View file

@ -51,9 +51,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -68,10 +66,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
config-file: .github/codeql/codeql-config-packaging3.yml

8
.github/workflows/__submit-sarif-failure.yml generated vendored
View file

@ -45,9 +45,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -62,10 +60,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: actions/checkout@v4
- uses: ./init
with:

8
.github/workflows/__swift-custom-build.yml generated vendored
View file

@ -51,9 +51,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -68,10 +66,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
id: init
with:

8
.github/workflows/__test-autobuild-working-dir.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Test setup
shell: bash
run: |

8
.github/workflows/__test-local-codeql.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Fetch a CodeQL bundle
shell: bash
env:

8
.github/workflows/__test-proxy.yml generated vendored
View file

@ -41,9 +41,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -58,10 +56,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
languages: javascript

16
.github/workflows/__unset-environment.yml generated vendored
View file

@ -28,13 +28,15 @@ jobs:
matrix:
include:
- os: ubuntu-latest
version: stable-20221211
- os: ubuntu-latest
version: stable-20230418
version: stable-20230403
- os: ubuntu-latest
version: stable-v2.13.5
- os: ubuntu-latest
version: stable-v2.14.6
- os: ubuntu-latest
version: stable-v2.15.5
- os: ubuntu-latest
version: stable-v2.16.6
- os: ubuntu-latest
version: default
- os: ubuntu-latest
@ -53,9 +55,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -70,10 +70,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
id: init
with:

8
.github/workflows/__upload-ref-sha-input.yml generated vendored
View file

@ -45,9 +45,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -62,10 +60,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}

8
.github/workflows/__with-checkout-path.yml generated vendored
View file

@ -45,9 +45,7 @@ jobs:
if: >-
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
@ -62,10 +60,6 @@ jobs:
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
- name: Set environment variable for Swift enablement
if: runner.os != 'Windows' && matrix.version == '20221211'
shell: bash
run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
- name: Delete original checkout
shell: bash
run: |

7
.github/workflows/debug-artifacts.yml vendored
View file

@ -24,10 +24,11 @@ jobs:
strategy:
matrix:
version:
- stable-20221211
- stable-20230418
- stable-20230403
- stable-v2.13.5
- stable-v2.14.6
- stable-v2.15.5
- stable-v2.16.6
- default
- latest
- nightly-latest
@ -73,7 +74,7 @@ jobs:
- name: Check expected artifacts exist
shell: bash
run: |
VERSIONS="stable-20221211 stable-20230418 stable-v2.13.5 stable-v2.14.6 default latest nightly-latest"
VERSIONS="stable-20230403 stable-v2.13.5 stable-v2.14.6 stable-v2.15.5 stable-v2.16.6 default latest nightly-latest"
LANGUAGES="cpp csharp go java javascript python"
for version in $VERSIONS; do
pushd "./my-debug-artifacts-${version//./}"

1
CHANGELOG.md
View file

@ -15,6 +15,7 @@ Note that the only difference between `v2` and `v3` of the CodeQL Action is the
We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.
- Automatically overwrite an existing database if found on the filesystem. [#2229](https://github.com/github/codeql-action/pull/2229)
- Bump the minimum CodeQL bundle version to 2.12.6. [#2232](https://github.com/github/codeql-action/pull/2232)
## 3.24.10 - 05 Apr 2024

26
lib/cli-errors.js generated
View file

@ -2,7 +2,6 @@
Object.defineProperty(exports, "__esModule", { value: true });
exports.wrapCliConfigurationError = exports.getCliConfigCategoryIfExists = exports.cliErrorsConfig = exports.CliConfigErrorCategory = exports.CommandInvocationError = void 0;
const util_1 = require("./util");
const NO_SOURCE_CODE_SEEN_DOCS_LINK = "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build";
/**
* A class of Error that we can classify as an error stemming from a CLI
* invocation, with associated exit code, stderr,etc.
@ -177,15 +176,6 @@ exports.cliErrorsConfig = {
cliErrorMessageCandidates: [
new RegExp("CodeQL detected code written in .* but could not process any of it"),
new RegExp("CodeQL did not detect any code written in languages supported by CodeQL"),
/**
* Earlier versions of the JavaScript extractor (pre-CodeQL 2.12.0) extract externs even if no
* source code was found. This means that we don't get the no code found error from
* `codeql database finalize`. To ensure users get a good error message, we detect this manually
* here, and upon detection override the error message.
*
* This can be removed once support for CodeQL 2.11.6 is removed.
*/
new RegExp("No JavaScript or TypeScript code found"),
],
},
[CliConfigErrorCategory.NoSupportedBuildCommandSucceeded]: {
@ -226,17 +216,6 @@ function getCliConfigCategoryIfExists(cliError) {
return undefined;
}
exports.getCliConfigCategoryIfExists = getCliConfigCategoryIfExists;
/**
* Prepend a clearer error message with the docs link if the error message does not already
* include it. Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs
* should already include the doc link.
*/
function prependDocsLinkIfApplicable(cliErrorMessage) {
if (!cliErrorMessage.includes(NO_SOURCE_CODE_SEEN_DOCS_LINK)) {
return `No code found during the build. Please see: ${NO_SOURCE_CODE_SEEN_DOCS_LINK}. Detailed error: ${cliErrorMessage}`;
}
return cliErrorMessage;
}
/**
* Changes an error received from the CLI to a ConfigurationError with optionally an extra
* error message appended, if it exists in a known set of configuration errors. Otherwise,
@ -251,11 +230,6 @@ function wrapCliConfigurationError(cliError) {
return cliError;
}
let errorMessageBuilder = cliError.message;
// Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs should
// already include the doc link.
if (cliConfigErrorCategory === CliConfigErrorCategory.NoSourceCodeSeen) {
errorMessageBuilder = prependDocsLinkIfApplicable(errorMessageBuilder);
}
const additionalErrorMessageToAppend = exports.cliErrorsConfig[cliConfigErrorCategory].additionalErrorMessageToAppend;
if (additionalErrorMessageToAppend !== undefined) {
errorMessageBuilder = `${errorMessageBuilder} ${additionalErrorMessageToAppend}`;

2
lib/cli-errors.js.map
View file

File diff suppressed because one or more lines are too long

45
lib/codeql.js generated
View file

@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.getGeneratedCodeScanningConfigPath = exports.getTrapCachingExtractorConfigArgsForLang = exports.getTrapCachingExtractorConfigArgs = exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = void 0;
exports.getGeneratedCodeScanningConfigPath = exports.getTrapCachingExtractorConfigArgsForLang = exports.getTrapCachingExtractorConfigArgs = exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = void 0;
const fs = __importStar(require("fs"));
const path = __importStar(require("path"));
const core = __importStar(require("@actions/core"));
@ -52,7 +52,7 @@ let cachedCodeQL = undefined;
* The version flags below can be used to conditionally enable certain features
* on versions newer than this.
*/
const CODEQL_MINIMUM_VERSION = "2.11.6";
const CODEQL_MINIMUM_VERSION = "2.12.6";
/**
* This version will shortly become the oldest version of CodeQL that the Action will run with.
*/
@ -74,20 +74,6 @@ const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
* For convenience, please keep these in descending order. Once a version
* flag is older than the oldest supported version above, it may be removed.
*/
/**
* Versions 2.12.1+ of the CodeQL Bundle include a `security-experimental` built-in query suite for
* each language.
*/
exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = "2.12.1";
/**
* Versions 2.12.3+ of the CodeQL CLI support exporting configuration information from a code
* scanning config file to SARIF.
*/
exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = "2.12.3";
/**
* Versions 2.12.4+ of the CodeQL CLI support the `--qlconfig-file` flag in calls to `database init`.
*/
exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
/**
* Versions 2.13.1+ of the CodeQL CLI fix a bug where diagnostics export could produce invalid SARIF.
*/
@ -285,8 +271,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
(await this.supportsFeature(tools_features_1.ToolsFeature.BuildModeOption))) {
extraArgs.push(`--build-mode=${config.buildMode}`);
}
if (qlconfigFile !== undefined &&
(await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_INIT_WITH_QLCONFIG))) {
if (qlconfigFile !== undefined) {
extraArgs.push(`--qlconfig-file=${qlconfigFile}`);
}
if (await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG)) {
@ -454,13 +439,11 @@ async function getCodeQLForCmd(cmd, checkVersion) {
"run-queries",
...flags,
databasePath,
"--expect-discarded-cache",
"--min-disk-free=1024", // Try to leave at least 1GB free
"-v",
...getExtraOptionsFromEnv(["database", "run-queries"]),
];
if (await util.supportExpectDiscardedCache(this)) {
codeqlArgs.push("--expect-discarded-cache");
}
if (await util.codeQlVersionAbove(this, feature_flags_1.CODEQL_VERSION_FINE_GRAINED_PARALLELISM)) {
codeqlArgs.push("--intra-layer-parallelism");
}
@ -484,7 +467,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
"--print-diagnostics-summary",
"--print-metrics-summary",
"--sarif-add-baseline-file-info",
...(await getCodeScanningConfigExportArguments(config, this)),
`--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(config)}`,
"--sarif-group-rules-by-pack",
...(await getCodeScanningQueryHelpArguments(this)),
...getExtraOptionsFromEnv(["database", "interpret-results"]),
@ -501,7 +484,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
if (shouldExportDiagnostics) {
codeqlArgs.push("--sarif-include-diagnostics");
}
else if (await util.codeQlVersionAbove(this, "2.12.4")) {
else {
codeqlArgs.push("--no-sarif-include-diagnostics");
}
if ((await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2)) &&
@ -627,7 +610,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
"export",
"--format=sarif-latest",
`--output=${sarifFile}`,
...(await getCodeScanningConfigExportArguments(config, this)),
`--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(config)}`,
...getExtraOptionsFromEnv(["diagnostics", "export"]),
];
if (automationDetailsId !== undefined) {
@ -852,20 +835,6 @@ async function generateCodeScanningConfig(config, logger) {
function cloneObject(obj) {
return JSON.parse(JSON.stringify(obj));
}
/**
* Gets arguments for passing the code scanning configuration file to interpretation commands like
* `codeql database interpret-results` and `codeql database export-diagnostics`.
*
* Returns an empty list if a code scanning configuration file was not generated by the CLI.
*/
async function getCodeScanningConfigExportArguments(config, codeql) {
const codeScanningConfigPath = getGeneratedCodeScanningConfigPath(config);
if (fs.existsSync(codeScanningConfigPath) &&
(await util.codeQlVersionAbove(codeql, exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG))) {
return ["--sarif-codescanning-config", codeScanningConfigPath];
}
return [];
}
// This constant sets the size of each TRAP cache in megabytes.
const TRAP_CACHE_SIZE_MB = 1024;
async function getTrapCachingExtractorConfigArgs(config) {

2
lib/codeql.js.map
View file

File diff suppressed because one or more lines are too long

64
lib/codeql.test.js generated
View file

@ -262,7 +262,7 @@ for (const toolcacheVersion of [
mockApiDetails(testing_utils_1.SAMPLE_DOTCOM_API_DETAILS);
sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
const releasesApiMock = mockReleaseApi({
assetNames: ["cli-version-2.12.2.txt"],
assetNames: ["cli-version-2.12.6.txt"],
tagName: "codeql-bundle-20230203",
});
(0, testing_utils_1.mockBundleDownloadApi)({
@ -450,9 +450,7 @@ const injectedConfigMacro = ava_1.default.macro({
await util.withTmpDir(async (tempDir) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon
.stub(codeqlObject, "getVersion")
.resolves((0, testing_utils_1.makeVersionInfo)(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG));
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, "/path/to/qlconfig.yml", (0, logging_1.getRunnerLogger)(true));
const args = runnerConstructorStub.firstCall.args[1];
// should have used a config file
@ -463,28 +461,11 @@ const injectedConfigMacro = ava_1.default.macro({
t.truthy(hasQlconfigArg, "Should have injected a codescanning config");
});
});
(0, ava_1.default)("passes a code scanning config BUT NOT a qlconfig to the CLI for CodeQL v2.12.2", async (t) => {
await util.withTmpDir(async (tempDir) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.2"));
await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, "/path/to/qlconfig.yml", (0, logging_1.getRunnerLogger)(true));
const args = runnerConstructorStub.firstCall.args[1];
// should have used a config file
const hasCodeScanningConfigArg = args.some((arg) => arg.startsWith("--codescanning-config="));
t.true(hasCodeScanningConfigArg, "Should have injected a codescanning config");
// should not have passed a qlconfig file
const hasQlconfigArg = args.some((arg) => arg.startsWith("--qlconfig-file="));
t.false(hasQlconfigArg, "should NOT have injected a qlconfig");
});
});
(0, ava_1.default)("does not pass a qlconfig to the CLI when it is undefined", async (t) => {
await util.withTmpDir(async (tempDir) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon
.stub(codeqlObject, "getVersion")
.resolves((0, testing_utils_1.makeVersionInfo)(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG));
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, undefined, // undefined qlconfigFile
(0, logging_1.getRunnerLogger)(true));
const args = runnerConstructorStub.firstCall.args[1];
@ -545,39 +526,12 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
t.is(runnerConstructorStub.firstCall.args[1].includes("--no-new-analysis-summary"), negativeFlagPassed, `--no-new-analysis-summary should${negativeFlagPassed ? "" : "n't"} be passed`);
});
}
(0, ava_1.default)("database finalize recognises JavaScript no code found error on CodeQL 2.11.6", async (t) => {
stubToolRunnerConstructor(1, `2020-09-07T17:39:53.9050522Z [2020-09-07 17:39:53] [build] Done extracting /opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/javascript/tools/data/externs/web/ie_vml.js (3 ms)
2020-09-07T17:39:53.9051849Z [2020-09-07 17:39:53] [build-err] No JavaScript or TypeScript code found.
2020-09-07T17:39:53.9052444Z [2020-09-07 17:39:53] [build-err] No JavaScript or TypeScript code found.
2020-09-07T17:39:53.9251124Z [2020-09-07 17:39:53] [ERROR] Spawned process exited abnormally (code 255; tried to run: [/opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/javascript/tools/autobuild.sh])`);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.11.6"));
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("", "", "", false), {
instanceOf: util.ConfigurationError,
message: new RegExp("No code found during the build\\. Please see: " +
"https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\."),
});
});
(0, ava_1.default)("database finalize overrides no code found error on CodeQL 2.11.6", async (t) => {
stubToolRunnerConstructor(32);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.11.6"));
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("", "", "", false), {
instanceOf: util.ConfigurationError,
message: new RegExp("No code found during the build\\. Please see: " +
"https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\."),
});
});
(0, ava_1.default)("database finalize does not override no code found error on CodeQL 2.12.4", async (t) => {
(0, ava_1.default)("database finalize does not override no code found error on CodeQL 2.12.6", async (t) => {
const cliMessage = "CodeQL did not detect any code written in languages supported by CodeQL. Review our troubleshooting guide at " +
"https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.";
stubToolRunnerConstructor(32, cliMessage);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048", false), {
@ -592,7 +546,7 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
`${heapError}\n${datasetImportError}.`;
stubToolRunnerConstructor(32, cliStderr);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048", false), {
@ -614,7 +568,7 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
`;
stubToolRunnerConstructor(1, stderr);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
@ -633,7 +587,7 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
const stderr = Array.from({ length: 20 }, (_, i) => `[2019-09-18 12:00:00] [autobuild] [ERROR] line${i + 1}`).join("\n");
stubToolRunnerConstructor(1, stderr);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
@ -650,7 +604,7 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
const cliStderr = "line1\nline2\nline3\nline4\nline5";
stubToolRunnerConstructor(32, cliStderr);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048", false), {

2
lib/codeql.test.js.map
View file

File diff suppressed because one or more lines are too long

2
lib/feature-flags.js generated
View file

@ -85,7 +85,7 @@ exports.featureConfig = {
},
[Feature.ExportDiagnosticsEnabled]: {
envVar: "CODEQL_ACTION_EXPORT_DIAGNOSTICS",
minimumVersion: "2.12.4",
minimumVersion: undefined,
defaultValue: true,
},
[Feature.QaTelemetryEnabled]: {

2
lib/feature-flags.js.map
View file

File diff suppressed because one or more lines are too long

2
lib/init-action-post-helper.test.js generated
View file

@ -315,7 +315,7 @@ async function testFailedSarifUpload(t, actionsWorkflow, { category, databaseExi
.returns(JSON.stringify(matrix));
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeql, "getCodeQL").resolves(codeqlObject);
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.0"));
sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
const databaseExportDiagnosticsStub = sinon.stub(codeqlObject, "databaseExportDiagnostics");
const diagnosticsExportStub = sinon.stub(codeqlObject, "diagnosticsExport");
sinon.stub(workflow, "getWorkflow").resolves(actionsWorkflow);

2
lib/setup-codeql.js generated
View file

@ -241,7 +241,7 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
logger.info("Overriding the version of the CodeQL tools by the version shipped with the Action since " +
`"tools: latest" was requested.`);
}
/** CLI version number, for example 2.12.1. */
/** CLI version number, for example 2.12.6. */
let cliVersion;
/** Tag name of the CodeQL bundle, for example `codeql-bundle-20230120`. */
let tagName;

9
lib/util.js generated
View file

@ -26,7 +26,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.checkActionVersion = exports.checkDiskUsage = exports.prettyPrintPack = exports.getErrorMessage = exports.wrapError = exports.fixInvalidNotificationsInFile = exports.fixInvalidNotifications = exports.parseMatrixInput = exports.isHostedRunner = exports.checkForTimeout = exports.withTimeout = exports.tryGetFolderBytes = exports.listFolder = exports.doesDirectoryExist = exports.isInTestMode = exports.supportExpectDiscardedCache = exports.isGoodVersion = exports.delay = exports.bundleDb = exports.codeQlVersionAbove = exports.getCachedCodeQlVersion = exports.cacheCodeQlVersion = exports.isHTTPError = exports.ConfigurationError = exports.HTTPError = exports.getRequiredEnvParam = exports.initializeEnvironment = exports.assertNever = exports.apiVersionInRange = exports.DisallowedAPIVersionReason = exports.checkGitHubVersionInRange = exports.GitHubVariant = exports.parseGitHubUrl = exports.getCodeQLDatabasePath = exports.getThreadsFlag = exports.getCgroupCpuCountFromCpus = exports.getThreadsFlagValue = exports.getAddSnippetsFlag = exports.getMemoryFlag = exports.getMemoryFlagValue = exports.getMemoryFlagValueForPlatform = exports.withTmpDir = exports.getToolNames = exports.getExtraOptionsEnvParam = exports.DEFAULT_DEBUG_DATABASE_NAME = exports.DEFAULT_DEBUG_ARTIFACT_NAME = exports.GITHUB_DOTCOM_URL = void 0;
exports.checkActionVersion = exports.checkDiskUsage = exports.prettyPrintPack = exports.getErrorMessage = exports.wrapError = exports.fixInvalidNotificationsInFile = exports.fixInvalidNotifications = exports.parseMatrixInput = exports.isHostedRunner = exports.checkForTimeout = exports.withTimeout = exports.tryGetFolderBytes = exports.listFolder = exports.doesDirectoryExist = exports.isInTestMode = exports.isGoodVersion = exports.delay = exports.bundleDb = exports.codeQlVersionAbove = exports.getCachedCodeQlVersion = exports.cacheCodeQlVersion = exports.isHTTPError = exports.ConfigurationError = exports.HTTPError = exports.getRequiredEnvParam = exports.initializeEnvironment = exports.assertNever = exports.apiVersionInRange = exports.DisallowedAPIVersionReason = exports.checkGitHubVersionInRange = exports.GitHubVariant = exports.parseGitHubUrl = exports.getCodeQLDatabasePath = exports.getThreadsFlag = exports.getCgroupCpuCountFromCpus = exports.getThreadsFlagValue = exports.getAddSnippetsFlag = exports.getMemoryFlag = exports.getMemoryFlagValue = exports.getMemoryFlagValueForPlatform = exports.withTmpDir = exports.getToolNames = exports.getExtraOptionsEnvParam = exports.DEFAULT_DEBUG_DATABASE_NAME = exports.DEFAULT_DEBUG_ARTIFACT_NAME = exports.GITHUB_DOTCOM_URL = void 0;
const fs = __importStar(require("fs"));
const os = __importStar(require("os"));
const path = __importStar(require("path"));
@ -545,13 +545,6 @@ function isGoodVersion(versionSpec) {
return !BROKEN_VERSIONS.includes(versionSpec);
}
exports.isGoodVersion = isGoodVersion;
/**
* Checks whether the CodeQL CLI supports the `--expect-discarded-cache` command-line flag.
*/
async function supportExpectDiscardedCache(codeQL) {
return codeQlVersionAbove(codeQL, "2.12.1");
}
exports.supportExpectDiscardedCache = supportExpectDiscardedCache;
/*
* Returns whether we are in test mode.
*

2
lib/util.js.map
View file

File diff suppressed because one or more lines are too long

6
pr-checks/checks/diagnostics-export.yml
View file

@ -1,8 +1,8 @@
name: "Diagnostic export"
description: "Tests that manually added diagnostics are correctly exported to SARIF."
# Test on 2.12.5 (which requires a workaround in the Action), the latest release, and the latest
# Test on 2.12.6 (which requires a workaround in the Action), the latest release, and the latest
# nightly.
versions: ["stable-20230317", "latest", "nightly-latest"]
versions: ["stable-20230403", "latest", "nightly-latest"]
env:
CODEQL_ACTION_EXPORT_DIAGNOSTICS: true
steps:
@ -17,7 +17,7 @@ steps:
CODEQL_PATH: ${{ steps.init.outputs.codeql-path }}
run: |
for i in {1..2}; do
# Use the same location twice to test the workaround for the bug in CodeQL CLI 2.12.5 that
# Use the same location twice to test the workaround for the bug in CodeQL CLI 2.12.6 that
# produces an invalid diagnostic with multiple identical location objects.
"$CODEQL_PATH" database add-diagnostic \
"$RUNNER_TEMP/codeql_databases/javascript" \

4
pr-checks/checks/multi-language-autodetect.yml
View file

@ -61,9 +61,7 @@ steps:
fi
- name: Check language autodetect for Swift
if: >-
env.CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT == 'true' ||
(runner.os != 'Windows' && matrix.version == 'nightly-latest')
if: runner.os != 'Windows' && matrix.version != 'stable-20230403'
shell: bash
run: |
SWIFT_DB=${{ fromJson(steps.analysis.outputs.db-locations).swift }}

20
pr-checks/sync.py
View file

@ -7,14 +7,16 @@ import textwrap
# The default set of CodeQL Bundle versions to use for the PR checks.
defaultTestVersions = [
# The oldest supported CodeQL version: 2.11.6. If bumping, update `CODEQL_MINIMUM_VERSION` in `codeql.ts`
"stable-20221211",
# The last CodeQL release in the 2.12 series: 2.12.7.
"stable-20230418",
# The oldest supported CodeQL version: 2.12.6. If bumping, update `CODEQL_MINIMUM_VERSION` in `codeql.ts`
"stable-20230403",
# The last CodeQL release in the 2.13 series: 2.13.5.
"stable-v2.13.5",
# The last CodeQL release in the 2.14 series: 2.14.6.
"stable-v2.14.6",
# The last CodeQL release in the 2.15 series: 2.15.5.
"stable-v2.15.5",
# The last CodeQL release in the 2.16 series: 2.16.6.
"stable-v2.16.6",
# The default version of CodeQL for Dotcom, as determined by feature flags.
"default",
# The version of CodeQL shipped with the Action in `defaults.json`. During the release process
@ -80,8 +82,7 @@ for file in (this_dir / 'checks').glob('*.yml'):
# of the generated workflow.
'if': FoldedScalarString(textwrap.dedent('''
matrix.os == 'macos-latest' && (
matrix.version == 'stable-20221211' ||
matrix.version == 'stable-20230418' ||
matrix.version == 'stable-20230403' ||
matrix.version == 'stable-v2.13.5' ||
matrix.version == 'stable-v2.14.6')
''').strip()),
@ -102,13 +103,6 @@ for file in (this_dir / 'checks').glob('*.yml'):
'use-all-platform-bundle': useAllPlatformBundle
}
},
# We don't support Swift on Windows or prior versions of the CLI.
{
'name': 'Set environment variable for Swift enablement',
'if': "runner.os != 'Windows' && matrix.version == '20221211'",
'shell': 'bash',
'run': 'echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV'
},
]
steps.extend(checkSpecification['steps'])

30
src/cli-errors.ts
View file

@ -1,8 +1,5 @@
import { ConfigurationError } from "./util";
const NO_SOURCE_CODE_SEEN_DOCS_LINK =
"https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build";
/**
* A class of Error that we can classify as an error stemming from a CLI
* invocation, with associated exit code, stderr,etc.
@ -203,15 +200,6 @@ export const cliErrorsConfig: Record<
new RegExp(
"CodeQL did not detect any code written in languages supported by CodeQL",
),
/**
* Earlier versions of the JavaScript extractor (pre-CodeQL 2.12.0) extract externs even if no
* source code was found. This means that we don't get the no code found error from
* `codeql database finalize`. To ensure users get a good error message, we detect this manually
* here, and upon detection override the error message.
*
* This can be removed once support for CodeQL 2.11.6 is removed.
*/
new RegExp("No JavaScript or TypeScript code found"),
],
},
@ -262,18 +250,6 @@ export function getCliConfigCategoryIfExists(
return undefined;
}
/**
* Prepend a clearer error message with the docs link if the error message does not already
* include it. Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs
* should already include the doc link.
*/
function prependDocsLinkIfApplicable(cliErrorMessage: string): string {
if (!cliErrorMessage.includes(NO_SOURCE_CODE_SEEN_DOCS_LINK)) {
return `No code found during the build. Please see: ${NO_SOURCE_CODE_SEEN_DOCS_LINK}. Detailed error: ${cliErrorMessage}`;
}
return cliErrorMessage;
}
/**
* Changes an error received from the CLI to a ConfigurationError with optionally an extra
* error message appended, if it exists in a known set of configuration errors. Otherwise,
@ -291,12 +267,6 @@ export function wrapCliConfigurationError(cliError: Error): Error {
let errorMessageBuilder = cliError.message;
// Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs should
// already include the doc link.
if (cliConfigErrorCategory === CliConfigErrorCategory.NoSourceCodeSeen) {
errorMessageBuilder = prependDocsLinkIfApplicable(errorMessageBuilder);
}
const additionalErrorMessageToAppend =
cliErrorsConfig[cliConfigErrorCategory].additionalErrorMessageToAppend;
if (additionalErrorMessageToAppend !== undefined) {

98
src/codeql.test.ts
View file

@ -385,7 +385,7 @@ test("bundle URL from another repo is cached as 0.0.0-bundleVersion", async (t)
mockApiDetails(SAMPLE_DOTCOM_API_DETAILS);
sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
const releasesApiMock = mockReleaseApi({
assetNames: ["cli-version-2.12.2.txt"],
assetNames: ["cli-version-2.12.6.txt"],
tagName: "codeql-bundle-20230203",
});
mockBundleDownloadApi({
@ -688,9 +688,7 @@ test("passes a code scanning config AND qlconfig to the CLI", async (t: Executio
await util.withTmpDir(async (tempDir) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon
.stub(codeqlObject, "getVersion")
.resolves(makeVersionInfo(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG));
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
await codeqlObject.databaseInitCluster(
{ ...stubConfig, tempDir },
@ -715,45 +713,11 @@ test("passes a code scanning config AND qlconfig to the CLI", async (t: Executio
});
});
test("passes a code scanning config BUT NOT a qlconfig to the CLI for CodeQL v2.12.2", async (t: ExecutionContext<unknown>) => {
await util.withTmpDir(async (tempDir) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.2"));
await codeqlObject.databaseInitCluster(
{ ...stubConfig, tempDir },
"",
undefined,
"/path/to/qlconfig.yml",
getRunnerLogger(true),
);
const args = runnerConstructorStub.firstCall.args[1] as any[];
// should have used a config file
const hasCodeScanningConfigArg = args.some((arg: string) =>
arg.startsWith("--codescanning-config="),
);
t.true(
hasCodeScanningConfigArg,
"Should have injected a codescanning config",
);
// should not have passed a qlconfig file
const hasQlconfigArg = args.some((arg: string) =>
arg.startsWith("--qlconfig-file="),
);
t.false(hasQlconfigArg, "should NOT have injected a qlconfig");
});
});
test("does not pass a qlconfig to the CLI when it is undefined", async (t: ExecutionContext<unknown>) => {
await util.withTmpDir(async (tempDir) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon
.stub(codeqlObject, "getVersion")
.resolves(makeVersionInfo(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG));
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
await codeqlObject.databaseInitCluster(
{ ...stubConfig, tempDir },
@ -860,57 +824,13 @@ for (const {
});
}
test("database finalize recognises JavaScript no code found error on CodeQL 2.11.6", async (t) => {
stubToolRunnerConstructor(
1,
`2020-09-07T17:39:53.9050522Z [2020-09-07 17:39:53] [build] Done extracting /opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/javascript/tools/data/externs/web/ie_vml.js (3 ms)
2020-09-07T17:39:53.9051849Z [2020-09-07 17:39:53] [build-err] No JavaScript or TypeScript code found.
2020-09-07T17:39:53.9052444Z [2020-09-07 17:39:53] [build-err] No JavaScript or TypeScript code found.
2020-09-07T17:39:53.9251124Z [2020-09-07 17:39:53] [ERROR] Spawned process exited abnormally (code 255; tried to run: [/opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/javascript/tools/autobuild.sh])`,
);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.11.6"));
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
await t.throwsAsync(
async () => await codeqlObject.finalizeDatabase("", "", "", false),
{
instanceOf: util.ConfigurationError,
message: new RegExp(
"No code found during the build\\. Please see: " +
"https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\.",
),
},
);
});
test("database finalize overrides no code found error on CodeQL 2.11.6", async (t) => {
stubToolRunnerConstructor(32);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.11.6"));
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
await t.throwsAsync(
async () => await codeqlObject.finalizeDatabase("", "", "", false),
{
instanceOf: util.ConfigurationError,
message: new RegExp(
"No code found during the build\\. Please see: " +
"https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\.",
),
},
);
});
test("database finalize does not override no code found error on CodeQL 2.12.4", async (t) => {
test("database finalize does not override no code found error on CodeQL 2.12.6", async (t) => {
const cliMessage =
"CodeQL did not detect any code written in languages supported by CodeQL. Review our troubleshooting guide at " +
"https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.";
stubToolRunnerConstructor(32, cliMessage);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.4"));
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
@ -940,7 +860,7 @@ test("runTool summarizes several fatal errors", async (t) => {
`${heapError}\n${datasetImportError}.`;
stubToolRunnerConstructor(32, cliStderr);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.4"));
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
@ -981,7 +901,7 @@ test("runTool summarizes autobuilder errors", async (t) => {
`;
stubToolRunnerConstructor(1, stderr);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.4"));
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
@ -1009,7 +929,7 @@ test("runTool truncates long autobuilder errors", async (t) => {
).join("\n");
stubToolRunnerConstructor(1, stderr);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.4"));
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
@ -1034,7 +954,7 @@ test("runTool outputs last line of stderr if fatal error could not be found", as
const cliStderr = "line1\nline2\nline3\nline4\nline5";
stubToolRunnerConstructor(32, cliStderr);
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.4"));
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");

61
src/codeql.ts
View file

@ -275,7 +275,7 @@ let cachedCodeQL: CodeQL | undefined = undefined;
* The version flags below can be used to conditionally enable certain features
* on versions newer than this.
*/
const CODEQL_MINIMUM_VERSION = "2.11.6";
const CODEQL_MINIMUM_VERSION = "2.12.6";
/**
* This version will shortly become the oldest version of CodeQL that the Action will run with.
@ -303,23 +303,6 @@ const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
* flag is older than the oldest supported version above, it may be removed.
*/
/**
* Versions 2.12.1+ of the CodeQL Bundle include a `security-experimental` built-in query suite for
* each language.
*/
export const CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = "2.12.1";
/**
* Versions 2.12.3+ of the CodeQL CLI support exporting configuration information from a code
* scanning config file to SARIF.
*/
export const CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = "2.12.3";
/**
* Versions 2.12.4+ of the CodeQL CLI support the `--qlconfig-file` flag in calls to `database init`.
*/
export const CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
/**
* Versions 2.13.1+ of the CodeQL CLI fix a bug where diagnostics export could produce invalid SARIF.
*/
@ -602,10 +585,7 @@ export async function getCodeQLForCmd(
) {
extraArgs.push(`--build-mode=${config.buildMode}`);
}
if (
qlconfigFile !== undefined &&
(await util.codeQlVersionAbove(this, CODEQL_VERSION_INIT_WITH_QLCONFIG))
) {
if (qlconfigFile !== undefined) {
extraArgs.push(`--qlconfig-file=${qlconfigFile}`);
}
@ -817,13 +797,11 @@ export async function getCodeQLForCmd(
"run-queries",
...flags,
databasePath,
"--expect-discarded-cache",
"--min-disk-free=1024", // Try to leave at least 1GB free
"-v",
...getExtraOptionsFromEnv(["database", "run-queries"]),
];
if (await util.supportExpectDiscardedCache(this)) {
codeqlArgs.push("--expect-discarded-cache");
}
if (
await util.codeQlVersionAbove(
this,
@ -867,7 +845,9 @@ export async function getCodeQLForCmd(
"--print-diagnostics-summary",
"--print-metrics-summary",
"--sarif-add-baseline-file-info",
...(await getCodeScanningConfigExportArguments(config, this)),
`--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(
config,
)}`,
"--sarif-group-rules-by-pack",
...(await getCodeScanningQueryHelpArguments(this)),
...getExtraOptionsFromEnv(["database", "interpret-results"]),
@ -887,7 +867,7 @@ export async function getCodeQLForCmd(
}
if (shouldExportDiagnostics) {
codeqlArgs.push("--sarif-include-diagnostics");
} else if (await util.codeQlVersionAbove(this, "2.12.4")) {
} else {
codeqlArgs.push("--no-sarif-include-diagnostics");
}
if (
@ -1051,7 +1031,9 @@ export async function getCodeQLForCmd(
"export",
"--format=sarif-latest",
`--output=${sarifFile}`,
...(await getCodeScanningConfigExportArguments(config, this)),
`--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(
config,
)}`,
...getExtraOptionsFromEnv(["diagnostics", "export"]),
];
if (automationDetailsId !== undefined) {
@ -1334,29 +1316,6 @@ function cloneObject<T>(obj: T): T {
return JSON.parse(JSON.stringify(obj));
}
/**
* Gets arguments for passing the code scanning configuration file to interpretation commands like
* `codeql database interpret-results` and `codeql database export-diagnostics`.
*
* Returns an empty list if a code scanning configuration file was not generated by the CLI.
*/
async function getCodeScanningConfigExportArguments(
config: Config,
codeql: CodeQL,
): Promise<string[]> {
const codeScanningConfigPath = getGeneratedCodeScanningConfigPath(config);
if (
fs.existsSync(codeScanningConfigPath) &&
(await util.codeQlVersionAbove(
codeql,
CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG,
))
) {
return ["--sarif-codescanning-config", codeScanningConfigPath];
}
return [];
}
// This constant sets the size of each TRAP cache in megabytes.
const TRAP_CACHE_SIZE_MB = 1024;

2
src/feature-flags.ts
View file

@ -85,7 +85,7 @@ export const featureConfig: Record<
},
[Feature.ExportDiagnosticsEnabled]: {
envVar: "CODEQL_ACTION_EXPORT_DIAGNOSTICS",
minimumVersion: "2.12.4",
minimumVersion: undefined,
defaultValue: true,
},
[Feature.QaTelemetryEnabled]: {

2
src/init-action-post-helper.test.ts
View file

@ -359,7 +359,7 @@ async function testFailedSarifUpload(
const codeqlObject = await codeql.getCodeQLForTesting();
sinon.stub(codeql, "getCodeQL").resolves(codeqlObject);
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.0"));
sinon.stub(codeqlObject, "getVersion").resolves(makeVersionInfo("2.12.6"));
const databaseExportDiagnosticsStub = sinon.stub(
codeqlObject,
"databaseExportDiagnostics",

2
src/setup-codeql.ts
View file

@ -304,7 +304,7 @@ export async function getCodeQLSource(
);
}
/** CLI version number, for example 2.12.1. */
/** CLI version number, for example 2.12.6. */
let cliVersion: string | undefined;
/** Tag name of the CodeQL bundle, for example `codeql-bundle-20230120`. */
let tagName: string | undefined;

9
src/util.ts
View file

@ -734,15 +734,6 @@ export function isGoodVersion(versionSpec: string) {
return !BROKEN_VERSIONS.includes(versionSpec);
}
/**
* Checks whether the CodeQL CLI supports the `--expect-discarded-cache` command-line flag.
*/
export async function supportExpectDiscardedCache(
codeQL: CodeQL,
): Promise<boolean> {
return codeQlVersionAbove(codeQL, "2.12.1");
}
/*
* Returns whether we are in test mode.
*