robojerk/codeql-action

Merge branch 'main' into nickfyson/upload-logging

Browse source
This commit is contained in:
Nick Fyson 2024-04-03 20:54:58 +01:00 committed by GitHub
commit 26540626a5
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
12 changed files with 59 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

4
CHANGELOG.md
View file

@ -6,7 +6,9 @@ Note that the only difference between `v2` and `v3` of the CodeQL Action is the
## [UNRELEASED]
No user facing changes.
- Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. [#2220](https://github.com/github/codeql-action/pull/2220)
- If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
- Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace `github/codeql-action/*@v3` by `github/codeql-action/*@v3.24.10` and `github/codeql-action/*@v2` by `github/codeql-action/*@v2.24.10` in your code scanning workflow to ensure you continue using this version of the CodeQL Action.
## 3.24.9 - 22 Mar 2024

2
lib/api-compatibility.json
View file

@ -1 +1 @@
{ "maximumVersion": "3.13", "minimumVersion": "3.8" }
{ "maximumVersion": "3.13", "minimumVersion": "3.9" }

20
lib/codeql.js generated
View file

@ -56,15 +56,15 @@ const CODEQL_MINIMUM_VERSION = "2.11.6";
/**
* This version will shortly become the oldest version of CodeQL that the Action will run with.
*/
const CODEQL_NEXT_MINIMUM_VERSION = "2.11.6";
const CODEQL_NEXT_MINIMUM_VERSION = "2.12.6";
/**
* This is the version of GHES that was most recently deprecated.
*/
const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.7";
const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.8";
/**
* This is the deprecation date for the version of GHES that was most recently deprecated.
*/
const GHES_MOST_RECENT_DEPRECATION_DATE = "2023-11-08";
const GHES_MOST_RECENT_DEPRECATION_DATE = "2024-03-26";
/** The CLI verbosity level to use for extraction in debug mode. */
const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
/*
@ -503,17 +503,10 @@ async function getCodeQLForCmd(cmd, checkVersion) {
else if (await util.codeQlVersionAbove(this, "2.12.4")) {
codeqlArgs.push("--no-sarif-include-diagnostics");
}
if (
// Analysis summary v2 links to the status page, so check the GHES version we're running on
// supports the status page.
(config.gitHubVersion.type !== util.GitHubVariant.GHES ||
semver.gte(config.gitHubVersion.version, "3.9.0")) &&
(await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2))) {
if ((await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2)) &&
!(0, tools_features_1.isSupportedToolsFeature)(await this.getVersion(), tools_features_1.ToolsFeature.AnalysisSummaryV2IsDefault)) {
codeqlArgs.push("--new-analysis-summary");
}
else if (await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2)) {
codeqlArgs.push("--no-new-analysis-summary");
}
codeqlArgs.push(databasePath);
if (querySuitePaths) {
codeqlArgs.push(...querySuitePaths);
@ -706,8 +699,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
"version of the CLI using the 'tools' input to the 'init' Action, you can remove this " +
"input to use the default version.\n\n" +
"Alternatively, if you want to continue using CodeQL CLI version " +
`${result.version}, you can replace 'github/codeql-action/*@v3' by ` +
`'github/codeql-action/*@v${(0, actions_util_1.getActionVersion)()}' in your code scanning workflow to ` +
`${result.version}, you can replace 'github/codeql-action/*@v${(0, actions_util_1.getActionVersion)().split(".")[0]}' by 'github/codeql-action/*@v${(0, actions_util_1.getActionVersion)()}' in your code scanning workflow to ` +
"continue using this version of the CodeQL Action.");
core.exportVariable(environment_1.EnvVar.SUPPRESS_DEPRECATED_SOON_WARNING, "true");
}

2
lib/codeql.js.map
View file

File diff suppressed because one or more lines are too long

32
lib/codeql.test.js generated
View file

@ -44,6 +44,7 @@ const languages_1 = require("./languages");
const logging_1 = require("./logging");
const setup_codeql_1 = require("./setup-codeql");
const testing_utils_1 = require("./testing-utils");
const tools_features_1 = require("./tools-features");
const util = __importStar(require("./util"));
const util_1 = require("./util");
(0, testing_utils_1.setupTests)(ava_1.default);
@ -493,7 +494,17 @@ const injectedConfigMacro = ava_1.default.macro({
});
const NEW_ANALYSIS_SUMMARY_TEST_CASES = [
{
codeqlVersion: "2.15.0",
codeqlVersion: (0, testing_utils_1.makeVersionInfo)("2.15.0", {
[tools_features_1.ToolsFeature.AnalysisSummaryV2IsDefault]: true,
}),
githubVersion: {
type: util.GitHubVariant.DOTCOM,
},
flagPassed: false,
negativeFlagPassed: false,
},
{
codeqlVersion: (0, testing_utils_1.makeVersionInfo)("2.15.0"),
githubVersion: {
type: util.GitHubVariant.DOTCOM,
},
@ -501,7 +512,7 @@ const NEW_ANALYSIS_SUMMARY_TEST_CASES = [
negativeFlagPassed: false,
},
{
codeqlVersion: "2.15.0",
codeqlVersion: (0, testing_utils_1.makeVersionInfo)("2.15.0"),
githubVersion: {
type: util.GitHubVariant.GHES,
version: "3.9.0",
@ -510,16 +521,7 @@ const NEW_ANALYSIS_SUMMARY_TEST_CASES = [
negativeFlagPassed: false,
},
{
codeqlVersion: "2.15.0",
githubVersion: {
type: util.GitHubVariant.GHES,
version: "3.8.6",
},
flagPassed: false,
negativeFlagPassed: true,
},
{
codeqlVersion: "2.14.6",
codeqlVersion: (0, testing_utils_1.makeVersionInfo)("2.14.6"),
githubVersion: {
type: util.GitHubVariant.DOTCOM,
},
@ -532,12 +534,10 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
? "--new-analysis-summary"
: negativeFlagPassed
? "--no-new-analysis-summary"
: "nothing"} for CodeQL CLI v${codeqlVersion} and ${util.GitHubVariant[githubVersion.type]} ${githubVersion.version ? ` ${githubVersion.version}` : ""}`, async (t) => {
: "nothing"} for CodeQL version ${JSON.stringify(codeqlVersion)} and ${util.GitHubVariant[githubVersion.type]} ${githubVersion.version ? ` ${githubVersion.version}` : ""}`, async (t) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon
.stub(codeqlObject, "getVersion")
.resolves((0, testing_utils_1.makeVersionInfo)(codeqlVersion));
sinon.stub(codeqlObject, "getVersion").resolves(codeqlVersion);
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", Object.assign({}, stubConfig, { gitHubVersion: githubVersion }), (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));

2
lib/codeql.test.js.map
View file

File diff suppressed because one or more lines are too long

1
lib/tools-features.js generated
View file

@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
exports.isSupportedToolsFeature = exports.ToolsFeature = void 0;
var ToolsFeature;
(function (ToolsFeature) {
ToolsFeature["AnalysisSummaryV2IsDefault"] = "analysisSummaryV2Default";
ToolsFeature["BuildModeOption"] = "buildModeOption";
ToolsFeature["IndirectTracingSupportsStaticBinaries"] = "indirectTracingSupportsStaticBinaries";
ToolsFeature["InformsAboutUnsupportedPathFilters"] = "informsAboutUnsupportedPathFilters";

2
lib/tools-features.js.map
View file

@ -1 +1 @@
{"version":3,"file":"tools-features.js","sourceRoot":"","sources":["../src/tools-features.ts"],"names":[],"mappings":";;;AAEA,IAAY,YAOX;AAPD,WAAY,YAAY;IACtB,mDAAmC,CAAA;IACnC,+FAA+E,CAAA;IAC/E,yFAAyE,CAAA;IACzE,iEAAiD,CAAA;IACjD,qEAAqD,CAAA;IACrD,mFAAmE,CAAA;AACrE,CAAC,EAPW,YAAY,4BAAZ,YAAY,QAOvB;AAED;;;;;;GAMG;AACH,SAAgB,uBAAuB,CACrC,WAAwB,EACxB,OAAqB;IAErB,OAAO,CAAC,CAAC,WAAW,CAAC,QAAQ,IAAI,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACjE,CAAC;AALD,0DAKC"}
{"version":3,"file":"tools-features.js","sourceRoot":"","sources":["../src/tools-features.ts"],"names":[],"mappings":";;;AAEA,IAAY,YAQX;AARD,WAAY,YAAY;IACtB,uEAAuD,CAAA;IACvD,mDAAmC,CAAA;IACnC,+FAA+E,CAAA;IAC/E,yFAAyE,CAAA;IACzE,iEAAiD,CAAA;IACjD,qEAAqD,CAAA;IACrD,mFAAmE,CAAA;AACrE,CAAC,EARW,YAAY,4BAAZ,YAAY,QAQvB;AAED;;;;;;GAMG;AACH,SAAgB,uBAAuB,CACrC,WAAwB,EACxB,OAAqB;IAErB,OAAO,CAAC,CAAC,WAAW,CAAC,QAAQ,IAAI,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACjE,CAAC;AALD,0DAKC"}

2
src/api-compatibility.json
View file

@ -1 +1 @@
{"maximumVersion": "3.13", "minimumVersion": "3.8"}
{"maximumVersion": "3.13", "minimumVersion": "3.9"}

32
src/codeql.test.ts
View file

@ -29,6 +29,7 @@ import {
makeVersionInfo,
createTestConfig,
} from "./testing-utils";
import { ToolsFeature } from "./tools-features";
import * as util from "./util";
import { initializeEnvironment } from "./util";
@ -772,7 +773,17 @@ test("does not pass a qlconfig to the CLI when it is undefined", async (t: Execu
const NEW_ANALYSIS_SUMMARY_TEST_CASES = [
{
codeqlVersion: "2.15.0",
codeqlVersion: makeVersionInfo("2.15.0", {
[ToolsFeature.AnalysisSummaryV2IsDefault]: true,
}),
githubVersion: {
type: util.GitHubVariant.DOTCOM,
},
flagPassed: false,
negativeFlagPassed: false,
},
{
codeqlVersion: makeVersionInfo("2.15.0"),
githubVersion: {
type: util.GitHubVariant.DOTCOM,
},
@ -780,7 +791,7 @@ const NEW_ANALYSIS_SUMMARY_TEST_CASES = [
negativeFlagPassed: false,
},
{
codeqlVersion: "2.15.0",
codeqlVersion: makeVersionInfo("2.15.0"),
githubVersion: {
type: util.GitHubVariant.GHES,
version: "3.9.0",
@ -789,16 +800,7 @@ const NEW_ANALYSIS_SUMMARY_TEST_CASES = [
negativeFlagPassed: false,
},
{
codeqlVersion: "2.15.0",
githubVersion: {
type: util.GitHubVariant.GHES,
version: "3.8.6",
},
flagPassed: false,
negativeFlagPassed: true,
},
{
codeqlVersion: "2.14.6",
codeqlVersion: makeVersionInfo("2.14.6"),
githubVersion: {
type: util.GitHubVariant.DOTCOM,
},
@ -819,14 +821,12 @@ for (const {
: negativeFlagPassed
? "--no-new-analysis-summary"
: "nothing"
} for CodeQL CLI v${codeqlVersion} and ${
} for CodeQL version ${JSON.stringify(codeqlVersion)} and ${
util.GitHubVariant[githubVersion.type]
} ${githubVersion.version ? ` ${githubVersion.version}` : ""}`, async (t) => {
const runnerConstructorStub = stubToolRunnerConstructor();
const codeqlObject = await codeql.getCodeQLForTesting();
sinon
.stub(codeqlObject, "getVersion")
.resolves(makeVersionInfo(codeqlVersion));
sinon.stub(codeqlObject, "getVersion").resolves(codeqlVersion);
// safeWhich throws because of the test CodeQL object.
sinon.stub(safeWhich, "safeWhich").resolves("");
await codeqlObject.databaseInterpretResults(

25
src/codeql.ts
View file

@ -280,17 +280,17 @@ const CODEQL_MINIMUM_VERSION = "2.11.6";
/**
* This version will shortly become the oldest version of CodeQL that the Action will run with.
*/
const CODEQL_NEXT_MINIMUM_VERSION = "2.11.6";
const CODEQL_NEXT_MINIMUM_VERSION = "2.12.6";
/**
* This is the version of GHES that was most recently deprecated.
*/
const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.7";
const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.8";
/**
* This is the deprecation date for the version of GHES that was most recently deprecated.
*/
const GHES_MOST_RECENT_DEPRECATION_DATE = "2023-11-08";
const GHES_MOST_RECENT_DEPRECATION_DATE = "2024-03-26";
/** The CLI verbosity level to use for extraction in debug mode. */
const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
@ -890,20 +890,16 @@ export async function getCodeQLForCmd(
codeqlArgs.push("--no-sarif-include-diagnostics");
}
if (
// Analysis summary v2 links to the status page, so check the GHES version we're running on
// supports the status page.
(config.gitHubVersion.type !== util.GitHubVariant.GHES ||
semver.gte(config.gitHubVersion.version, "3.9.0")) &&
(await util.codeQlVersionAbove(
this,
CODEQL_VERSION_ANALYSIS_SUMMARY_V2,
))
)) &&
!isSupportedToolsFeature(
await this.getVersion(),
ToolsFeature.AnalysisSummaryV2IsDefault,
)
) {
codeqlArgs.push("--new-analysis-summary");
} else if (
await util.codeQlVersionAbove(this, CODEQL_VERSION_ANALYSIS_SUMMARY_V2)
) {
codeqlArgs.push("--no-new-analysis-summary");
}
codeqlArgs.push(databasePath);
if (querySuitePaths) {
@ -1148,8 +1144,9 @@ export async function getCodeQLForCmd(
"version of the CLI using the 'tools' input to the 'init' Action, you can remove this " +
"input to use the default version.\n\n" +
"Alternatively, if you want to continue using CodeQL CLI version " +
`${result.version}, you can replace 'github/codeql-action/*@v3' by ` +
`'github/codeql-action/*@v${getActionVersion()}' in your code scanning workflow to ` +
`${result.version}, you can replace 'github/codeql-action/*@v${
getActionVersion().split(".")[0]
}' by 'github/codeql-action/*@v${getActionVersion()}' in your code scanning workflow to ` +
"continue using this version of the CodeQL Action.",
);
core.exportVariable(EnvVar.SUPPRESS_DEPRECATED_SOON_WARNING, "true");

1
src/tools-features.ts
View file

@ -1,6 +1,7 @@
import type { VersionInfo } from "./codeql";
export enum ToolsFeature {
AnalysisSummaryV2IsDefault = "analysisSummaryV2Default",
BuildModeOption = "buildModeOption",
IndirectTracingSupportsStaticBinaries = "indirectTracingSupportsStaticBinaries",
InformsAboutUnsupportedPathFilters = "informsAboutUnsupportedPathFilters",