Merge branch 'main' into henrymercer/cli-deprecation-warning

lib/codeql.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_NEW_ANALYSIS_SUMMARY = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
+exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_NEW_ANALYSIS_SUMMARY = exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
@@ -105,6 +105,10 @@ exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
  * Versions 2.13.4+ of the CodeQL CLI support the `resolve build-environment` command.
  */
 exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = "2.13.4";
+/**
+ * Versions 2.13.4+ of the CodeQL CLI have an associated CodeQL Bundle release that is semantically versioned.
+ */
+exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = "2.13.4";
 /**
  * Versions 2.14.0+ of the CodeQL CLI support new analysis summaries.
  */

lib/feature-flags.js

@@ -181,14 +181,20 @@ class GitHubFeatureFlags {
     }
     async getDefaultCliVersion(variant) {
         if (variant === util.GitHubVariant.DOTCOM) {
-            const defaultDotComCliVersion = await this.getDefaultDotcomCliVersion();
-            return {
-                cliVersion: defaultDotComCliVersion.version,
-                toolsFeatureFlagsValid: this.hasAccessedRemoteFeatureFlags
-                    ? defaultDotComCliVersion.toolsFeatureFlagsValid
-                    : undefined,
+            const defaultDotcomCliVersion = await this.getDefaultDotcomCliVersion();
+            const cliVersion = defaultDotcomCliVersion.version;
+            const result = {
+                cliVersion,
                 variant,
             };
+            if (semver.gte(cliVersion, codeql_1.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED)) {
+                result.tagName = `codeql-bundle-v${cliVersion}`;
+            }
+            if (this.hasAccessedRemoteFeatureFlags) {
+                result.toolsFeatureFlagsValid =
+                    defaultDotcomCliVersion.toolsFeatureFlagsValid;
+            }
+            return result;
         }
         return {
             cliVersion: defaults.cliVersion,

lib/feature-flags.test.js

@@ -247,6 +247,21 @@ for (const variant of [util_1.GitHubVariant.GHAE, util_1.GitHubVariant.GHES]) {
         });
     });
 });
+(0, ava_1.default)("includes tag name when feature flags enable version greater than v2.13.4", async (t) => {
+    await (0, util_1.withTmpDir)(async (tmpDir) => {
+        const features = setUpFeatureFlagTests(tmpDir);
+        const expectedFeatureEnablement = initializeFeatures(true);
+        expectedFeatureEnablement["default_codeql_version_2_20_0_enabled"] = true;
+        (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, expectedFeatureEnablement);
+        const defaultCliVersion = await features.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM);
+        t.deepEqual(defaultCliVersion, {
+            cliVersion: "2.20.0",
+            tagName: "codeql-bundle-v2.20.0",
+            toolsFeatureFlagsValid: true,
+            variant: util_1.GitHubVariant.DOTCOM,
+        });
+    });
+});
 (0, ava_1.default)(`selects CLI from defaults.json on Dotcom when no default version feature flags are enabled`, async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {
         const features = setUpFeatureFlagTests(tmpDir);
@@ -255,6 +270,7 @@ for (const variant of [util_1.GitHubVariant.GHAE, util_1.GitHubVariant.GHES]) {
         const defaultCliVersion = await features.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM);
         t.deepEqual(defaultCliVersion, {
             cliVersion: defaults.cliVersion,
+            tagName: defaults.bundleVersion,
             toolsFeatureFlagsValid: false,
             variant: util_1.GitHubVariant.DOTCOM,
         });

lib/setup-codeql.js

@@ -326,7 +326,7 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
     else {
         // Otherwise, use the default CLI version passed in.
         cliVersion = defaultCliVersion.cliVersion;
-        tagName = defaultCliVersion["tagName"];
+        tagName = defaultCliVersion.tagName;
     }
     const bundleVersion = tagName && tryGetBundleVersionFromTagName(tagName, logger);
     const humanReadableVersion = cliVersion ??

src/codeql.ts

@@ -322,6 +322,11 @@ export const CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
  */
 export const CODEQL_VERSION_RESOLVE_ENVIRONMENT = "2.13.4";
 
+/**
+ * Versions 2.13.4+ of the CodeQL CLI have an associated CodeQL Bundle release that is semantically versioned.
+ */
+export const CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = "2.13.4";
+
 /**
  * Versions 2.14.0+ of the CodeQL CLI support new analysis summaries.
  */

src/feature-flags.test.ts

@@ -395,6 +395,25 @@ test("selects CLI v2.12.1 on Dotcom when feature flags enable v2.12.0 and v2.12.
   });
 });
 
+test("includes tag name when feature flags enable version greater than v2.13.4", async (t) => {
+  await withTmpDir(async (tmpDir) => {
+    const features = setUpFeatureFlagTests(tmpDir);
+    const expectedFeatureEnablement = initializeFeatures(true);
+    expectedFeatureEnablement["default_codeql_version_2_20_0_enabled"] = true;
+    mockFeatureFlagApiEndpoint(200, expectedFeatureEnablement);
+
+    const defaultCliVersion = await features.getDefaultCliVersion(
+      GitHubVariant.DOTCOM
+    );
+    t.deepEqual(defaultCliVersion, {
+      cliVersion: "2.20.0",
+      tagName: "codeql-bundle-v2.20.0",
+      toolsFeatureFlagsValid: true,
+      variant: GitHubVariant.DOTCOM,
+    });
+  });
+});
+
 test(`selects CLI from defaults.json on Dotcom when no default version feature flags are enabled`, async (t) => {
   await withTmpDir(async (tmpDir) => {
     const features = setUpFeatureFlagTests(tmpDir);
@@ -406,6 +425,7 @@ test(`selects CLI from defaults.json on Dotcom when no default version feature f
     );
     t.deepEqual(defaultCliVersion, {
       cliVersion: defaults.cliVersion,
+      tagName: defaults.bundleVersion,
       toolsFeatureFlagsValid: false,
       variant: GitHubVariant.DOTCOM,
     });

src/feature-flags.ts

@@ -4,7 +4,11 @@ import * as path from "path";
 import * as semver from "semver";
 
 import { getApiClient } from "./api-client";
-import { CODEQL_VERSION_NEW_ANALYSIS_SUMMARY, CodeQL } from "./codeql";
+import {
+  CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED,
+  CODEQL_VERSION_NEW_ANALYSIS_SUMMARY,
+  CodeQL,
+} from "./codeql";
 import * as defaults from "./defaults.json";
 import { Logger } from "./logging";
 import { RepositoryNwo } from "./repository";
@@ -16,6 +20,7 @@ const DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled";
 export type CodeQLDefaultVersionInfo =
   | {
       cliVersion: string;
+      tagName?: string;
       toolsFeatureFlagsValid?: boolean;
       variant: util.GitHubVariant.DOTCOM;
     }
@@ -256,14 +261,24 @@ class GitHubFeatureFlags {
     variant: util.GitHubVariant
   ): Promise<CodeQLDefaultVersionInfo> {
     if (variant === util.GitHubVariant.DOTCOM) {
-      const defaultDotComCliVersion = await this.getDefaultDotcomCliVersion();
-      return {
-        cliVersion: defaultDotComCliVersion.version,
-        toolsFeatureFlagsValid: this.hasAccessedRemoteFeatureFlags
-          ? defaultDotComCliVersion.toolsFeatureFlagsValid
-          : undefined,
+      const defaultDotcomCliVersion = await this.getDefaultDotcomCliVersion();
+      const cliVersion = defaultDotcomCliVersion.version;
+      const result: CodeQLDefaultVersionInfo = {
+        cliVersion,
         variant,
       };
+      if (
+        semver.gte(cliVersion, CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED)
+      ) {
+        result.tagName = `codeql-bundle-v${cliVersion}`;
+      }
+
+      if (this.hasAccessedRemoteFeatureFlags) {
+        result.toolsFeatureFlagsValid =
+          defaultDotcomCliVersion.toolsFeatureFlagsValid;
+      }
+
+      return result;
     }
     return {
       cliVersion: defaults.cliVersion,

src/setup-codeql.ts

@@ -411,7 +411,7 @@ export async function getCodeQLSource(
   } else {
     // Otherwise, use the default CLI version passed in.
     cliVersion = defaultCliVersion.cliVersion;
-    tagName = defaultCliVersion["tagName"];
+    tagName = defaultCliVersion.tagName;
   }
 
   const bundleVersion =