Merge pull request #2106 from github/rasmuswl/default-no-dep-inst

Python: disable dependency installation on GHES

CHANGELOG.md

@@ -6,7 +6,7 @@ Note that the only difference between `v2` and `v3` of the CodeQL Action is the
 
 ## [UNRELEASED]
 
-No user facing changes.
+- CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See [release notes for 3.23.0](#3230---08-jan-2024) for more details. [#2106](https://github.com/github/codeql-action/pull/2106)
 
 ## 3.23.2 - 26 Jan 2024
 

lib/feature-flags.js

@@ -105,7 +105,7 @@ exports.featureConfig = {
         // here!
         envVar: "CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION",
         minimumVersion: "2.16.0",
-        defaultValue: false,
+        defaultValue: true,
     },
 };
 exports.FEATURE_FLAGS_FILE_NAME = "cached-feature-flags.json";

node_modules/.package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "3.23.3",
+  "version": "3.24.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "codeql",
-  "version": "3.23.3",
+  "version": "3.24.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "codeql",
-      "version": "3.23.3",
+      "version": "3.24.0",
       "license": "MIT",
       "dependencies": {
         "@actions/artifact": "^1.1.2",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "3.23.3",
+  "version": "3.24.0",
   "private": true,
   "description": "CodeQL action",
   "scripts": {

src/feature-flags.ts

@@ -105,7 +105,7 @@ export const featureConfig: Record<
     // here!
     envVar: "CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION",
     minimumVersion: "2.16.0",
-    defaultValue: false,
+    defaultValue: true,
   },
 };