robojerk/codeql-action

Remove supporting code for CodeQL 2.13.0 through 2.13.4

Browse source
This commit is contained in:
Henry Mercer 2024-08-05 18:33:27 +01:00
parent a1404425d9
commit 48c11ed2ba
16 changed files with 72 additions and 122 deletions
Download patch file Download diff file Expand all files Collapse all files

31
lib/codeql.test.js generated
View file

@ -141,19 +141,25 @@ function mockApiDetails(apiDetails) {
});
const EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES = [
{
cliVersion: "2.10.0",
expectedToolcacheVersion: "2.10.0-20200610",
cliVersion: "2.17.6",
tagName: "codeql-bundle-2.17.6",
expectedToolcacheVersion: "2.17.6",
shouldCallReleasesApi: false,
},
{
cliVersion: "2.10.0-pre",
expectedToolcacheVersion: "0.0.0-20200610",
cliVersion: "2.17.6-pre",
tagName: "codeql-bundle-20240805",
expectedToolcacheVersion: "0.0.0-20240805",
shouldCallReleasesApi: true,
},
{
cliVersion: "2.10.0+202006100101",
expectedToolcacheVersion: "0.0.0-20200610",
cliVersion: "2.17.6+202006100101",
tagName: "codeql-bundle-20240805",
expectedToolcacheVersion: "0.0.0-20240805",
shouldCallReleasesApi: true,
},
];
for (const { cliVersion, expectedToolcacheVersion, } of EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES) {
for (const { cliVersion, tagName, expectedToolcacheVersion, shouldCallReleasesApi, } of EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES) {
(0, ava_1.default)(`caches an explicitly requested bundle containing CLI ${cliVersion} as ${expectedToolcacheVersion}`, async (t) => {
await util.withTmpDir(async (tmpDir) => {
(0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
@ -161,13 +167,18 @@ for (const { cliVersion, expectedToolcacheVersion, } of EXPLICITLY_REQUESTED_BUN
sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
const releaseApiMock = mockReleaseApi({
assetNames: [`cli-version-${cliVersion}.txt`],
tagName: "codeql-bundle-20200610",
tagName,
});
const url = (0, testing_utils_1.mockBundleDownloadApi)({
tagName: "codeql-bundle-20200610",
tagName,
});
const result = await codeql.setupCodeQL(url, testing_utils_1.SAMPLE_DOTCOM_API_DETAILS, tmpDir, util.GitHubVariant.DOTCOM, testing_utils_1.SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
t.assert(releaseApiMock.isDone(), "Releases API should have been called");
if (shouldCallReleasesApi) {
t.assert(releaseApiMock.isDone(), "Releases API should have been called");
}
else {
t.false(releaseApiMock.isDone(), "Releases API should not have been called");
}
t.assert(toolcache.find("CodeQL", expectedToolcacheVersion));
t.deepEqual(result.toolsVersion, cliVersion);
t.is(result.toolsSource, setup_codeql_1.ToolsSource.Download);

2
lib/codeql.test.js.map
View file

File diff suppressed because one or more lines are too long

11
lib/feature-flags.js generated
View file

@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.Features = exports.FEATURE_FLAGS_FILE_NAME = exports.featureConfig = exports.Feature = exports.CODEQL_VERSION_FINE_GRAINED_PARALLELISM = exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = void 0;
exports.Features = exports.FEATURE_FLAGS_FILE_NAME = exports.featureConfig = exports.Feature = exports.CODEQL_VERSION_FINE_GRAINED_PARALLELISM = void 0;
const fs = __importStar(require("fs"));
const path = __importStar(require("path"));
const semver = __importStar(require("semver"));
@ -32,10 +32,6 @@ const defaults = __importStar(require("./defaults.json"));
const util = __importStar(require("./util"));
const DEFAULT_VERSION_FEATURE_FLAG_PREFIX = "default_codeql_version_";
const DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled";
/**
* Versions 2.13.4+ of the CodeQL CLI have an associated CodeQL Bundle release that is semantically versioned.
*/
exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = "2.13.4";
/**
* Evaluator fine-grained parallelism (aka intra-layer parallelism) is only safe to enable in 2.15.1 onwards.
* (Some earlier versions recognize the command-line flag, but they contain a bug which makes it unsafe to use).
@ -213,10 +209,7 @@ class GitHubFeatureFlags {
const response = await this.getAllFeatures();
const enabledFeatureFlagCliVersions = Object.entries(response)
.map(([f, isEnabled]) => isEnabled ? this.getCliVersionFromFeatureFlag(f) : undefined)
.filter((f) => f !== undefined &&
// Only consider versions that have semantically versioned bundles.
semver.gte(f, exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED))
.map((f) => f);
.filter((f) => f !== undefined);
if (enabledFeatureFlagCliVersions.length === 0) {
// We expect at least one default CLI version to be enabled on Dotcom at any time. However if
// the feature flags are misconfigured, rather than crashing, we fall back to the CLI version

2
lib/feature-flags.js.map
View file

File diff suppressed because one or more lines are too long

17
lib/feature-flags.test.js generated
View file

@ -256,7 +256,7 @@ for (const feature of Object.keys(feature_flags_1.featureConfig)) {
});
});
});
(0, ava_1.default)("includes tag name when feature flags enable version greater than v2.13.4", async (t) => {
(0, ava_1.default)("includes tag name", async (t) => {
await (0, util_1.withTmpDir)(async (tmpDir) => {
const features = setUpFeatureFlagTests(tmpDir);
const expectedFeatureEnablement = initializeFeatures(true);
@ -283,21 +283,6 @@ for (const feature of Object.keys(feature_flags_1.featureConfig)) {
});
});
});
(0, ava_1.default)(`selects CLI from defaults.json on Dotcom when default version feature flags are unsupported`, async (t) => {
await (0, util_1.withTmpDir)(async (tmpDir) => {
const features = setUpFeatureFlagTests(tmpDir);
const expectedFeatureEnablement = initializeFeatures(true);
// Doesn't have a semantically versioned bundle
expectedFeatureEnablement["default_codeql_version_2_13_3_enabled"] = true;
(0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, expectedFeatureEnablement);
const defaultCliVersion = await features.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM);
t.deepEqual(defaultCliVersion, {
cliVersion: defaults.cliVersion,
tagName: defaults.bundleVersion,
toolsFeatureFlagsValid: false,
});
});
});
(0, ava_1.default)("ignores invalid version numbers in default version feature flags", async (t) => {
await (0, util_1.withTmpDir)(async (tmpDir) => {
const loggedMessages = [];

2
lib/feature-flags.test.js.map
View file

File diff suppressed because one or more lines are too long

10
lib/init-action.js generated
View file

@ -255,8 +255,7 @@ async function run() {
core.exportVariable("CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN", "true");
}
const kotlinLimitVar = "CODEQL_EXTRACTOR_KOTLIN_OVERRIDE_MAXIMUM_VERSION_LIMIT";
if ((await (0, util_1.codeQlVersionAtLeast)(codeql, "2.13.4")) &&
!(await (0, util_1.codeQlVersionAtLeast)(codeql, "2.14.4"))) {
if (!(await (0, util_1.codeQlVersionAtLeast)(codeql, "2.14.4"))) {
core.exportVariable(kotlinLimitVar, "1.9.20");
}
if (config.languages.includes(languages_1.Language.java) &&
@ -297,7 +296,7 @@ async function run() {
}
// From 2.16.0 the default for the python extractor is to not perform any
// dependency extraction. For versions before that, you needed to set this flag to
// enable this behavior (supported since 2.13.1).
// enable this behavior.
if (await (0, util_1.codeQlVersionAtLeast)(codeql, "2.17.1")) {
// disabled by default, no warning
}
@ -305,11 +304,8 @@ async function run() {
// disabled by default, prints warning if environment variable is not set
core.exportVariable("CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION", "true");
}
else if (await (0, util_1.codeQlVersionAtLeast)(codeql, "2.13.1")) {
core.exportVariable("CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION", "true");
}
else {
logger.warning(`CodeQL Action versions 3.25.0 and later, and versions 2.25.0 and later no longer install Python dependencies. We recommend upgrading to at least CodeQL Bundle 2.16.0 to avoid any potential problems due to this (you are currently using ${(await codeql.getVersion()).version}). Alternatively, we recommend downgrading the CodeQL Action to version 3.24.10 (for customers using GitHub.com or GitHub Enterprise Server v3.12 or later) or 2.24.10 (for customers using GitHub Enterprise Server v3.11 or earlier).`);
core.exportVariable("CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION", "true");
}
if ((0, actions_util_1.getOptionalInput)("setup-python-dependencies") !== undefined) {
logger.warning("The setup-python-dependencies input is deprecated and no longer has any effect. We recommend removing any references from your workflows. See https://github.blog/changelog/2024-01-23-codeql-2-16-python-dependency-installation-disabled-new-queries-and-bug-fixes/ for more information.");

2
lib/init-action.js.map
View file

File diff suppressed because one or more lines are too long

12
lib/setup-codeql.js generated
View file

@ -49,7 +49,6 @@ const api = __importStar(require("./api-client"));
// creation scripts. Ensure that any changes to the format of this file are compatible with both of
// these dependents.
const defaults = __importStar(require("./defaults.json"));
const feature_flags_1 = require("./feature-flags");
const util = __importStar(require("./util"));
const util_1 = require("./util");
var ToolsSource;
@ -490,14 +489,9 @@ function getCanonicalToolcacheVersion(cliVersion, bundleVersion, logger) {
if (!cliVersion?.match(/^[0-9]+\.[0-9]+\.[0-9]+$/)) {
return convertToSemVer(bundleVersion, logger);
}
// If the bundle is semantically versioned, it can be looked up based on just the CLI version
// number, so version it in the toolcache using just the CLI version number.
if (semver.gte(cliVersion, feature_flags_1.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED)) {
return cliVersion;
}
// Include both the CLI version and the bundle version in the toolcache version number. That way
// we can find the bundle in the toolcache based on either the CLI version or the bundle version.
return `${cliVersion}-${bundleVersion}`;
// Bundles are now semantically versioned and can be looked up based on just the CLI version
// number, so we can version them in the toolcache using just the CLI version number.
return cliVersion;
}
/**
* Obtains the CodeQL bundle, installs it in the toolcache if appropriate, and extracts it.

2
lib/setup-codeql.js.map
View file

File diff suppressed because one or more lines are too long

2
pr-checks/sync.py
View file

@ -76,7 +76,7 @@ for file in (this_dir / 'checks').glob('*.yml'):
# Prior to CLI v2.15.1, ARM runners were not supported by the build tracer.
# "macos-latest" is now an ARM runner, so we run tests on the old CLIs on Intel runners instead.
if version in ["stable-v2.13.4", "stable-v2.13.5", "stable-v2.14.6"] and runnerImage == "macos-latest":
if version in ["stable-v2.13.5", "stable-v2.14.6"] and runnerImage == "macos-latest":
matrix.append({
'os': "macos-12",
'version': version

36
src/codeql.test.ts
View file

@ -197,22 +197,30 @@ test("downloads an explicitly requested bundle even if a different version is ca
const EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES = [
{
cliVersion: "2.10.0",
expectedToolcacheVersion: "2.10.0-20200610",
cliVersion: "2.17.6",
tagName: "codeql-bundle-2.17.6",
expectedToolcacheVersion: "2.17.6",
shouldCallReleasesApi: false,
},
{
cliVersion: "2.10.0-pre",
expectedToolcacheVersion: "0.0.0-20200610",
cliVersion: "2.17.6-pre",
tagName: "codeql-bundle-20240805",
expectedToolcacheVersion: "0.0.0-20240805",
shouldCallReleasesApi: true,
},
{
cliVersion: "2.10.0+202006100101",
expectedToolcacheVersion: "0.0.0-20200610",
cliVersion: "2.17.6+202006100101",
tagName: "codeql-bundle-20240805",
expectedToolcacheVersion: "0.0.0-20240805",
shouldCallReleasesApi: true,
},
];
for (const {
cliVersion,
tagName,
expectedToolcacheVersion,
shouldCallReleasesApi,
} of EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES) {
test(`caches an explicitly requested bundle containing CLI ${cliVersion} as ${expectedToolcacheVersion}`, async (t) => {
await util.withTmpDir(async (tmpDir) => {
@ -223,10 +231,10 @@ for (const {
const releaseApiMock = mockReleaseApi({
assetNames: [`cli-version-${cliVersion}.txt`],
tagName: "codeql-bundle-20200610",
tagName,
});
const url = mockBundleDownloadApi({
tagName: "codeql-bundle-20200610",
tagName,
});
const result = await codeql.setupCodeQL(
@ -238,7 +246,17 @@ for (const {
getRunnerLogger(true),
false,
);
t.assert(releaseApiMock.isDone(), "Releases API should have been called");
if (shouldCallReleasesApi) {
t.assert(
releaseApiMock.isDone(),
"Releases API should have been called",
);
} else {
t.false(
releaseApiMock.isDone(),
"Releases API should not have been called",
);
}
t.assert(toolcache.find("CodeQL", expectedToolcacheVersion));
t.deepEqual(result.toolsVersion, cliVersion);
t.is(result.toolsSource, ToolsSource.Download);

21
src/feature-flags.test.ts
View file

@ -404,7 +404,7 @@ test("selects CLI v2.20.1 on Dotcom when feature flags enable v2.20.0 and v2.20.
});
});
test("includes tag name when feature flags enable version greater than v2.13.4", async (t) => {
test("includes tag name", async (t) => {
await withTmpDir(async (tmpDir) => {
const features = setUpFeatureFlagTests(tmpDir);
const expectedFeatureEnablement = initializeFeatures(true);
@ -439,25 +439,6 @@ test(`selects CLI from defaults.json on Dotcom when no default version feature f
});
});
test(`selects CLI from defaults.json on Dotcom when default version feature flags are unsupported`, async (t) => {
await withTmpDir(async (tmpDir) => {
const features = setUpFeatureFlagTests(tmpDir);
const expectedFeatureEnablement = initializeFeatures(true);
// Doesn't have a semantically versioned bundle
expectedFeatureEnablement["default_codeql_version_2_13_3_enabled"] = true;
mockFeatureFlagApiEndpoint(200, expectedFeatureEnablement);
const defaultCliVersion = await features.getDefaultCliVersion(
GitHubVariant.DOTCOM,
);
t.deepEqual(defaultCliVersion, {
cliVersion: defaults.cliVersion,
tagName: defaults.bundleVersion,
toolsFeatureFlagsValid: false,
});
});
});
test("ignores invalid version numbers in default version feature flags", async (t) => {
await withTmpDir(async (tmpDir) => {
const loggedMessages = [];

13
src/feature-flags.ts
View file

@ -14,11 +14,6 @@ import * as util from "./util";
const DEFAULT_VERSION_FEATURE_FLAG_PREFIX = "default_codeql_version_";
const DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled";
/**
* Versions 2.13.4+ of the CodeQL CLI have an associated CodeQL Bundle release that is semantically versioned.
*/
export const CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = "2.13.4";
/**
* Evaluator fine-grained parallelism (aka intra-layer parallelism) is only safe to enable in 2.15.1 onwards.
* (Some earlier versions recognize the command-line flag, but they contain a bug which makes it unsafe to use).
@ -323,13 +318,7 @@ class GitHubFeatureFlags {
.map(([f, isEnabled]) =>
isEnabled ? this.getCliVersionFromFeatureFlag(f) : undefined,
)
.filter(
(f) =>
f !== undefined &&
// Only consider versions that have semantically versioned bundles.
semver.gte(f, CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED),
)
.map((f) => f as string);
.filter((f): f is string => f !== undefined);
if (enabledFeatureFlagCliVersions.length === 0) {
// We expect at least one default CLI version to be enabled on Dotcom at any time. However if

15
src/init-action.ts
View file

@ -443,10 +443,7 @@ async function run() {
const kotlinLimitVar =
"CODEQL_EXTRACTOR_KOTLIN_OVERRIDE_MAXIMUM_VERSION_LIMIT";
if (
(await codeQlVersionAtLeast(codeql, "2.13.4")) &&
!(await codeQlVersionAtLeast(codeql, "2.14.4"))
) {
if (!(await codeQlVersionAtLeast(codeql, "2.14.4"))) {
core.exportVariable(kotlinLimitVar, "1.9.20");
}
@ -500,7 +497,7 @@ async function run() {
// From 2.16.0 the default for the python extractor is to not perform any
// dependency extraction. For versions before that, you needed to set this flag to
// enable this behavior (supported since 2.13.1).
// enable this behavior.
if (await codeQlVersionAtLeast(codeql, "2.17.1")) {
// disabled by default, no warning
@ -510,17 +507,11 @@ async function run() {
"CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION",
"true",
);
} else if (await codeQlVersionAtLeast(codeql, "2.13.1")) {
} else {
core.exportVariable(
"CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION",
"true",
);
} else {
logger.warning(
`CodeQL Action versions 3.25.0 and later, and versions 2.25.0 and later no longer install Python dependencies. We recommend upgrading to at least CodeQL Bundle 2.16.0 to avoid any potential problems due to this (you are currently using ${
(await codeql.getVersion()).version
}). Alternatively, we recommend downgrading the CodeQL Action to version 3.24.10 (for customers using GitHub.com or GitHub Enterprise Server v3.12 or later) or 2.24.10 (for customers using GitHub Enterprise Server v3.11 or earlier).`,
);
}
if (getOptionalInput("setup-python-dependencies") !== undefined) {

16
src/setup-codeql.ts
View file

@ -15,10 +15,7 @@ import * as api from "./api-client";
// creation scripts. Ensure that any changes to the format of this file are compatible with both of
// these dependents.
import * as defaults from "./defaults.json";
import {
CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED,
CodeQLDefaultVersionInfo,
} from "./feature-flags";
import { CodeQLDefaultVersionInfo } from "./feature-flags";
import { Logger } from "./logging";
import * as util from "./util";
import { isGoodVersion, wrapError } from "./util";
@ -669,14 +666,9 @@ function getCanonicalToolcacheVersion(
if (!cliVersion?.match(/^[0-9]+\.[0-9]+\.[0-9]+$/)) {
return convertToSemVer(bundleVersion, logger);
}
// If the bundle is semantically versioned, it can be looked up based on just the CLI version
// number, so version it in the toolcache using just the CLI version number.
if (semver.gte(cliVersion, CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED)) {
return cliVersion;
}
// Include both the CLI version and the bundle version in the toolcache version number. That way
// we can find the bundle in the toolcache based on either the CLI version or the bundle version.
return `${cliVersion}-${bundleVersion}`;
// Bundles are now semantically versioned and can be looked up based on just the CLI version
// number, so we can version them in the toolcache using just the CLI version number.
return cliVersion;
}
/**