Merge pull request #1348 from github/henrymercer/use-codeql-2.11.3

Bump default CodeQL version to 2.11.3

.github/workflows/__export-file-baseline-information.yml

@@ -68,7 +68,7 @@ jobs:
       shell: bash
       run: |
         cd "$RUNNER_TEMP/results"
-        expected_baseline_languages="cpp csharp go java js python ruby"
+        expected_baseline_languages="cpp csharp go java js py ruby"
 
         for lang in ${expected_baseline_languages}; do
           rule_name="${lang}/baseline/expected-extracted-files"

.github/workflows/script/check-node-modules.sh

@@ -7,7 +7,10 @@ if [ ! -z "$(git status --porcelain)" ]; then
     >&2 echo "Failed: Repo should be clean before testing!"
     exit 1
 fi
-sudo npm install --force -g npm@latest
+# Pin npm to v8 since v9 doesn't support Node 12.
+# When updating this, make sure to update the npm version in
+# `.github/workflows/update-dependencies.yml` too.
+sudo npm install --force -g npm@^8.19.3
 # Reinstall modules and then clean to remove absolute paths
 # Use 'npm ci' instead of 'npm install' as this is intended to be reproducible
 npm ci
@@ -15,8 +18,8 @@ npm run removeNPMAbsolutePaths
 # Check that repo is still clean
 if [ ! -z "$(git status --porcelain)" ]; then
     # If we get a fail here then the PR needs attention
-    >&2 echo "Failed: node_modules are not up to date. Run 'npm ci && npm run removeNPMAbsolutePaths' on a macOS machine to update. Note it is important this command is run on macOS and not any other operating system as there is one dependency (fsevents) that is needed for macOS and may not be installed if the command is run on a Windows or Linux machine."
+    >&2 echo "Failed: node_modules are not up to date. Add the 'Update dependencies' label to your PR to update them. Note it is important that node modules are updated on macOS and not any other operating system as there is one dependency (fsevents) that is needed for macOS and may not be installed if dependencies are updated on a Windows or Linux machine."
     git status
     exit 1
 fi
-echo "Success: node_modules are up to date"
+echo "Success: node_modules are up to date"

.github/workflows/update-dependencies.yml

@@ -27,7 +27,10 @@ jobs:
       run: |
         git fetch origin "$BRANCH" --depth=1
         git checkout "origin/$BRANCH"
-        sudo npm install --force -g npm@latest
+        # Pin npm to v8 since v9 doesn't support Node 12.
+        # When updating this, make sure to update the npm version in
+        # `.github/workflows/script/check-node-modules.sh` too.
+        sudo npm install --force -g npm@^8.19.3
         npm install
         npm ci
         npm run removeNPMAbsolutePaths

CHANGELOG.md

@@ -2,7 +2,8 @@
 
 ## [UNRELEASED]
 
-- Update the ML-powered additional query pack for JavaScript to version 0.4.0.
+- Update default CodeQL bundle version to 2.11.3. [#1348](https://github.com/github/codeql-action/pull/1348)
+- Update the ML-powered additional query pack for JavaScript to version 0.4.0. [#1351](https://github.com/github/codeql-action/pull/1351)
 
 ## 2.1.31 - 04 Nov 2022
 

lib/defaults.json

@@ -1,3 +1,3 @@
 {
-    "bundleVersion": "codeql-bundle-20221024"
+    "bundleVersion": "codeql-bundle-20221105"
 }

pr-checks/checks/export-file-baseline-information.yml

@@ -28,7 +28,7 @@ steps:
     shell: bash
     run: |
       cd "$RUNNER_TEMP/results"
-      expected_baseline_languages="cpp csharp go java js python ruby"
+      expected_baseline_languages="cpp csharp go java js py ruby"
 
       for lang in ${expected_baseline_languages}; do
         rule_name="${lang}/baseline/expected-extracted-files"

src/defaults.json

@@ -1,3 +1,3 @@
 {
-  "bundleVersion": "codeql-bundle-20221024"
+  "bundleVersion": "codeql-bundle-20221105"
 }