robojerk/codeql-action

Merge pull request #2580 from jsoref/minor-cleanup

Browse source 
Minor cleanup
This commit is contained in:
Andrew Eisenberg 2024-11-06 14:53:47 -08:00 committed by GitHub
commit 5ac2ddd6fc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
67 changed files with 99 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/__all-platform-bundle.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__analyze-ref-input.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__autobuild-action.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__autobuild-direct-tracing-with-working-dir.yml generated vendored
View file

@ -42,7 +42,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__autobuild-direct-tracing.yml generated vendored
View file

@ -42,7 +42,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__build-mode-autobuild.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__build-mode-manual.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__build-mode-none.yml generated vendored
View file

@ -38,7 +38,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__build-mode-rollback.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__cleanup-db-cluster-dir.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__config-export.yml generated vendored
View file

@ -46,7 +46,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__config-input.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__cpp-deptrace-disabled.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__cpp-deptrace-enabled-on-macos.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__cpp-deptrace-enabled.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__diagnostics-export.yml generated vendored
View file

@ -46,7 +46,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__export-file-baseline-information.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__extractor-ram-threads.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__go-custom-queries.yml generated vendored
View file

@ -38,7 +38,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__go-indirect-tracing-workaround-no-file-program.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__go-indirect-tracing-workaround.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__go-tracing-autobuilder.yml generated vendored
View file

@ -66,7 +66,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__go-tracing-custom-build-steps.yml generated vendored
View file

@ -66,7 +66,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__go-tracing-legacy-workflow.yml generated vendored
View file

@ -66,7 +66,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__init-with-registries.yml generated vendored
View file

@ -53,7 +53,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__javascript-source-root.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__job-run-uuid-sarif.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__language-aliases.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

4
.github/workflows/__multi-language-autodetect.yml generated vendored
View file

@ -66,7 +66,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:
@ -146,7 +146,7 @@ jobs:
exit 1 exit 1
fi fi
- name: Check language autodetect for Swift on MacOS - name: Check language autodetect for Swift on macOS
if: runner.os == 'macOS' if: runner.os == 'macOS'
shell: bash shell: bash
run: | run: |

4
.github/workflows/__packaging-codescanning-config-inputs-js.yml generated vendored
View file

@ -52,7 +52,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:
@ -84,7 +84,7 @@ jobs:
uses: ./../action/.github/actions/check-sarif uses: ./../action/.github/actions/check-sarif
with: with:
sarif-file: ${{ runner.temp }}/results/javascript.sarif sarif-file: ${{ runner.temp }}/results/javascript.sarif
queries-run: queries-run:
javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
queries-not-run: foo,bar queries-not-run: foo,bar

4
.github/workflows/__packaging-config-inputs-js.yml generated vendored
View file

@ -52,7 +52,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:
@ -84,7 +84,7 @@ jobs:
uses: ./../action/.github/actions/check-sarif uses: ./../action/.github/actions/check-sarif
with: with:
sarif-file: ${{ runner.temp }}/results/javascript.sarif sarif-file: ${{ runner.temp }}/results/javascript.sarif
queries-run: queries-run:
javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
queries-not-run: foo,bar queries-not-run: foo,bar

4
.github/workflows/__packaging-config-js.yml generated vendored
View file

@ -52,7 +52,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:
@ -83,7 +83,7 @@ jobs:
uses: ./../action/.github/actions/check-sarif uses: ./../action/.github/actions/check-sarif
with: with:
sarif-file: ${{ runner.temp }}/results/javascript.sarif sarif-file: ${{ runner.temp }}/results/javascript.sarif
queries-run: queries-run:
javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
queries-not-run: foo,bar queries-not-run: foo,bar

4
.github/workflows/__packaging-inputs-js.yml generated vendored
View file

@ -52,7 +52,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:
@ -83,7 +83,7 @@ jobs:
uses: ./../action/.github/actions/check-sarif uses: ./../action/.github/actions/check-sarif
with: with:
sarif-file: ${{ runner.temp }}/results/javascript.sarif sarif-file: ${{ runner.temp }}/results/javascript.sarif
queries-run: queries-run:
javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
queries-not-run: foo,bar queries-not-run: foo,bar

2
.github/workflows/__remote-config.yml generated vendored
View file

@ -38,7 +38,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

4
.github/workflows/__resolve-environment-action.yml generated vendored
View file

@ -52,7 +52,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:
@ -88,7 +88,7 @@ jobs:
language: javascript-typescript language: javascript-typescript
- name: Fail if JavaScript/TypeScript configuration present - name: Fail if JavaScript/TypeScript configuration present
if: if:
fromJSON(steps.resolve-environment-js.outputs.environment).configuration.javascript fromJSON(steps.resolve-environment-js.outputs.environment).configuration.javascript
run: exit 1 run: exit 1
env: env:

2
.github/workflows/__rubocop-multi-language.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__ruby.yml generated vendored
View file

@ -46,7 +46,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__split-workflow.yml generated vendored
View file

@ -46,7 +46,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__submit-sarif-failure.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__swift-autobuild.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__swift-custom-build.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__test-autobuild-working-dir.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__test-local-codeql.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__test-proxy.yml generated vendored
View file

@ -36,7 +36,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__unset-environment.yml generated vendored
View file

@ -38,7 +38,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__upload-ref-sha-input.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

2
.github/workflows/__with-checkout-path.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:

6
.github/workflows/__zstd-bundle-streaming.yml generated vendored
View file

@ -38,7 +38,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:
@ -59,7 +59,9 @@ jobs:
const fs = require('fs'); const fs = require('fs');
const path = require('path'); const path = require('path');
const codeqlPath = path.join(process.env['RUNNER_TOOL_CACHE'], 'CodeQL'); const codeqlPath = path.join(process.env['RUNNER_TOOL_CACHE'], 'CodeQL');
fs.rmdirSync(codeqlPath, { recursive: true }); if (codeqlPath !== undefined) {
fs.rmdirSync(codeqlPath, { recursive: true });
}
- id: init - id: init
uses: ./../action/init uses: ./../action/init
with: with:

6
.github/workflows/__zstd-bundle.yml generated vendored
View file

@ -40,7 +40,7 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup Python on MacOS - name: Setup Python on macOS
uses: actions/setup-python@v5 uses: actions/setup-python@v5
if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6' if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
with: with:
@ -61,7 +61,9 @@ jobs:
const fs = require('fs'); const fs = require('fs');
const path = require('path'); const path = require('path');
const codeqlPath = path.join(process.env['RUNNER_TOOL_CACHE'], 'CodeQL'); const codeqlPath = path.join(process.env['RUNNER_TOOL_CACHE'], 'CodeQL');
fs.rmdirSync(codeqlPath, { recursive: true }); if (codeqlPath !== undefined) {
fs.rmdirSync(codeqlPath, { recursive: true });
}
- id: init - id: init
uses: ./../action/init uses: ./../action/init
with: with:

2
.github/workflows/debug-artifacts-failure.yml vendored
View file

@ -50,7 +50,7 @@ jobs:
run: ./build.sh run: ./build.sh
- uses: ./../action/analyze - uses: ./../action/analyze
id: analysis id: analysis
env: env:
# Forces a failure in this step. # Forces a failure in this step.
CODEQL_ACTION_EXTRA_OPTIONS: '{ "database": { "finalize": ["--invalid-option"] } }' CODEQL_ACTION_EXTRA_OPTIONS: '{ "database": { "finalize": ["--invalid-option"] } }'
with: with:

2
.github/workflows/debug-artifacts-legacy.yml vendored
View file

@ -56,7 +56,7 @@ jobs:
debug-artifact-name: my-debug-artifacts debug-artifact-name: my-debug-artifacts
debug-database-name: my-db debug-database-name: my-db
# We manually exclude Swift from the languages list here, as it is not supported on Ubuntu # We manually exclude Swift from the languages list here, as it is not supported on Ubuntu
languages: cpp,csharp,go,java,javascript,python,ruby languages: cpp,csharp,go,java,javascript,python,ruby
- name: Build code - name: Build code
shell: bash shell: bash
run: ./build.sh run: ./build.sh

2
.github/workflows/debug-artifacts.yml vendored
View file

@ -55,7 +55,7 @@ jobs:
debug-artifact-name: my-debug-artifacts debug-artifact-name: my-debug-artifacts
debug-database-name: my-db debug-database-name: my-db
# We manually exclude Swift from the languages list here, as it is not supported on Ubuntu # We manually exclude Swift from the languages list here, as it is not supported on Ubuntu
languages: cpp,csharp,go,java,javascript,python,ruby languages: cpp,csharp,go,java,javascript,python,ruby
- name: Build code - name: Build code
shell: bash shell: bash
run: ./build.sh run: ./build.sh

3
.github/workflows/expected-queries-runs.yml vendored
View file

@ -22,6 +22,9 @@ jobs:
CODEQL_ACTION_TEST_MODE: true CODEQL_ACTION_TEST_MODE: true
timeout-minutes: 45 timeout-minutes: 45
runs-on: ubuntu-latest runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps: steps:
- name: Check out repository - name: Check out repository
uses: actions/checkout@v4 uses: actions/checkout@v4

2
.github/workflows/publish-immutable-action.yml vendored
View file

@ -32,4 +32,4 @@ jobs:
- name: Publish - name: Publish
if: steps.check.outputs.is-action-release == 'true' if: steps.check.outputs.is-action-release == 'true'
id: publish id: publish
uses: actions/publish-immutable-action@0.0.3 uses: actions/publish-immutable-action@v0.0.4

2
.github/workflows/script/check-js.sh vendored
View file

@ -7,7 +7,7 @@ if [ ! -z "$(git status --porcelain)" ]; then
>&2 echo "Failed: Repo should be clean before testing!" >&2 echo "Failed: Repo should be clean before testing!"
exit 1 exit 1
fi fi
# Wipe the lib directory incase there are extra unnecessary files in there # Wipe the lib directory in case there are extra unnecessary files in there
rm -rf lib rm -rf lib
# Generate the JavaScript files # Generate the JavaScript files
npm run-script build npm run-script build

6
CHANGELOG.md
View file

@ -57,12 +57,12 @@ No user facing changes.
## 3.26.5 - 23 Aug 2024 ## 3.26.5 - 23 Aug 2024
- Fix an issue where the `csrutil` system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. [#2441](https://github.com/github/codeql-action/pull/2441) - Fix an issue where the `csrutil` system call used for telemetry would fail on macOS ARM machines with System Integrity Protection disabled. [#2441](https://github.com/github/codeql-action/pull/2441)
## 3.26.4 - 21 Aug 2024 ## 3.26.4 - 21 Aug 2024
- _Deprecation:_ The `add-snippets` input on the `analyze` Action is deprecated and will be removed in the first release in August 2025. [#2436](https://github.com/github/codeql-action/pull/2436) - _Deprecation:_ The `add-snippets` input on the `analyze` Action is deprecated and will be removed in the first release in August 2025. [#2436](https://github.com/github/codeql-action/pull/2436)
- Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. [#2434](https://github.com/github/codeql-action/pull/2434) - Fix an issue where the disk usage system call used for telemetry would fail on macOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. [#2434](https://github.com/github/codeql-action/pull/2434)
## 3.26.3 - 19 Aug 2024 ## 3.26.3 - 19 Aug 2024
@ -140,7 +140,7 @@ No user facing changes.
## 3.25.3 - 25 Apr 2024 ## 3.25.3 - 25 Apr 2024
- Update default CodeQL bundle version to 2.17.1. [#2247](https://github.com/github/codeql-action/pull/2247) - Update default CodeQL bundle version to 2.17.1. [#2247](https://github.com/github/codeql-action/pull/2247)
- Workflows running on `macos-latest` using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as `macos-12`. ARM machines with SIP disabled, including the newest `macos-latest` image, are unsupported for CLI versions before 2.15.1. [#2261](https://github.com/github/codeql-action/pull/2261) - Workflows running on `macos-latest` using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel macOS runner, such as `macos-12`. ARM machines with SIP disabled, including the newest `macos-latest` image, are unsupported for CLI versions before 2.15.1. [#2261](https://github.com/github/codeql-action/pull/2261)
## 3.25.2 - 22 Apr 2024 ## 3.25.2 - 22 Apr 2024

2
lib/environment.js generated
View file

@ -44,7 +44,7 @@ var EnvVar;
/** Whether the init action has been run. */ /** Whether the init action has been run. */
EnvVar["INIT_ACTION_HAS_RUN"] = "CODEQL_ACTION_INIT_HAS_RUN"; EnvVar["INIT_ACTION_HAS_RUN"] = "CODEQL_ACTION_INIT_HAS_RUN";
/** /**
* For MacOS. Result of `csrutil status` to determine whether System Integrity * For macOS. Result of `csrutil status` to determine whether System Integrity
* Protection is enabled. * Protection is enabled.
*/ */
EnvVar["IS_SIP_ENABLED"] = "CODEQL_ACTION_IS_SIP_ENABLED"; EnvVar["IS_SIP_ENABLED"] = "CODEQL_ACTION_IS_SIP_ENABLED";

4
lib/init-action.js generated
View file

@ -330,13 +330,13 @@ async function run() {
if ((0, caching_utils_1.shouldRestoreCache)(config.dependencyCachingEnabled)) { if ((0, caching_utils_1.shouldRestoreCache)(config.dependencyCachingEnabled)) {
await (0, dependency_caching_1.downloadDependencyCaches)(config.languages, logger); await (0, dependency_caching_1.downloadDependencyCaches)(config.languages, logger);
} }
// For CLI versions <2.15.1, build tracing caused errors in MacOS ARM machines with // For CLI versions <2.15.1, build tracing caused errors in macOS ARM machines with
// System Integrity Protection (SIP) disabled. // System Integrity Protection (SIP) disabled.
if (!(await (0, util_1.codeQlVersionAtLeast)(codeql, "2.15.1")) && if (!(await (0, util_1.codeQlVersionAtLeast)(codeql, "2.15.1")) &&
process.platform === "darwin" && process.platform === "darwin" &&
(process.arch === "arm" || process.arch === "arm64") && (process.arch === "arm" || process.arch === "arm64") &&
!(await (0, util_1.checkSipEnablement)(logger))) { !(await (0, util_1.checkSipEnablement)(logger))) {
logger.warning("CodeQL versions 2.15.0 and lower are not supported on MacOS ARM machines with System Integrity Protection (SIP) disabled."); logger.warning("CodeQL versions 2.15.0 and lower are not supported on macOS ARM machines with System Integrity Protection (SIP) disabled.");
} }
// From 2.16.0 the default for the python extractor is to not perform any // From 2.16.0 the default for the python extractor is to not perform any
// dependency extraction. For versions before that, you needed to set this flag to // dependency extraction. For versions before that, you needed to set this flag to

2
lib/tracer-config.js generated
View file

@ -92,7 +92,7 @@ async function getCombinedTracerConfig(codeql, config) {
// If the CLI doesn't yet support setting the CODEQL_RUNNER environment variable to // If the CLI doesn't yet support setting the CODEQL_RUNNER environment variable to
// the runner executable path, we set it here in the Action. // the runner executable path, we set it here in the Action.
if (!(await codeql.supportsFeature(tools_features_1.ToolsFeature.SetsCodeqlRunnerEnvVar))) { if (!(await codeql.supportsFeature(tools_features_1.ToolsFeature.SetsCodeqlRunnerEnvVar))) {
// On MacOS when System Integrity Protection is enabled, it's necessary to prefix // On macOS when System Integrity Protection is enabled, it's necessary to prefix
// the build command with the runner executable for indirect tracing, so we expose // the build command with the runner executable for indirect tracing, so we expose
// it here via the CODEQL_RUNNER environment variable. // it here via the CODEQL_RUNNER environment variable.
// The executable also exists and works for other platforms so we unconditionally // The executable also exists and works for other platforms so we unconditionally

4
pr-checks/checks/multi-language-autodetect.yml
View file

@ -1,5 +1,5 @@
name: "Multi-language repository" name: "Multi-language repository"
description: "An end-to-end integration test of a multi-language repository using automatic language detection for MacOS" description: "An end-to-end integration test of a multi-language repository using automatic language detection for macOS"
operatingSystems: ["macos", "ubuntu"] operatingSystems: ["macos", "ubuntu"]
steps: steps:
- uses: actions/setup-go@v5 - uses: actions/setup-go@v5
@ -67,7 +67,7 @@ steps:
exit 1 exit 1
fi fi
- name: Check language autodetect for Swift on MacOS - name: Check language autodetect for Swift on macOS
if: runner.os == 'macOS' if: runner.os == 'macOS'
shell: bash shell: bash
run: | run: |

4
pr-checks/checks/zstd-bundle-streaming.yml
View file

@ -16,7 +16,9 @@ steps:
const fs = require('fs'); const fs = require('fs');
const path = require('path'); const path = require('path');
const codeqlPath = path.join(process.env['RUNNER_TOOL_CACHE'], 'CodeQL'); const codeqlPath = path.join(process.env['RUNNER_TOOL_CACHE'], 'CodeQL');
fs.rmdirSync(codeqlPath, { recursive: true }); if (codeqlPath !== undefined) {
fs.rmdirSync(codeqlPath, { recursive: true });
}
- id: init - id: init
uses: ./../action/init uses: ./../action/init
with: with:

4
pr-checks/checks/zstd-bundle.yml
View file

@ -16,7 +16,9 @@ steps:
const fs = require('fs'); const fs = require('fs');
const path = require('path'); const path = require('path');
const codeqlPath = path.join(process.env['RUNNER_TOOL_CACHE'], 'CodeQL'); const codeqlPath = path.join(process.env['RUNNER_TOOL_CACHE'], 'CodeQL');
fs.rmdirSync(codeqlPath, { recursive: true }); if (codeqlPath !== undefined) {
fs.rmdirSync(codeqlPath, { recursive: true });
}
- id: init - id: init
uses: ./../action/init uses: ./../action/init
with: with:

12
pr-checks/sync.py
View file

@ -4,6 +4,7 @@ import ruamel.yaml
from ruamel.yaml.scalarstring import FoldedScalarString, SingleQuotedScalarString from ruamel.yaml.scalarstring import FoldedScalarString, SingleQuotedScalarString
import pathlib import pathlib
import textwrap import textwrap
import os
# The default set of CodeQL Bundle versions to use for the PR checks. # The default set of CodeQL Bundle versions to use for the PR checks.
defaultTestVersions = [ defaultTestVersions = [
@ -98,7 +99,7 @@ for file in (this_dir / 'checks').glob('*.yml'):
steps = [ steps = [
{ {
'name': 'Setup Python on MacOS', 'name': 'Setup Python on macOS',
'uses': 'actions/setup-python@v5', 'uses': 'actions/setup-python@v5',
'if': "runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'", 'if': "runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'",
'with': { 'with': {
@ -153,7 +154,8 @@ for file in (this_dir / 'checks').glob('*.yml'):
checkJob['env']['CODEQL_ACTION_TEST_MODE'] = True checkJob['env']['CODEQL_ACTION_TEST_MODE'] = True
checkName = file.stem checkName = file.stem
with open(this_dir.parent / ".github" / "workflows" / f"__{checkName}.yml", 'w') as output_stream: raw_file = this_dir.parent / ".github" / "workflows" / f"__{checkName}.yml.raw"
with open(raw_file, 'w') as output_stream:
writeHeader(output_stream) writeHeader(output_stream)
yaml.dump({ yaml.dump({
'name': f"PR Check - {checkSpecification['name']}", 'name': f"PR Check - {checkSpecification['name']}",
@ -175,3 +177,9 @@ for file in (this_dir / 'checks').glob('*.yml'):
checkName: checkJob checkName: checkJob
} }
}, output_stream) }, output_stream)
with open(raw_file, 'r') as input_stream:
with open(this_dir.parent / ".github" / "workflows" / f"__{checkName}.yml", 'w') as output_stream:
content = input_stream.read()
output_stream.write("\n".join(list(map(lambda x:x.rstrip(), content.splitlines()))+['']))
os.remove(raw_file)

2
src/environment.ts
View file

@ -51,7 +51,7 @@ export enum EnvVar {
INIT_ACTION_HAS_RUN = "CODEQL_ACTION_INIT_HAS_RUN", INIT_ACTION_HAS_RUN = "CODEQL_ACTION_INIT_HAS_RUN",
/** /**
* For MacOS. Result of `csrutil status` to determine whether System Integrity * For macOS. Result of `csrutil status` to determine whether System Integrity
* Protection is enabled. * Protection is enabled.
*/ */
IS_SIP_ENABLED = "CODEQL_ACTION_IS_SIP_ENABLED", IS_SIP_ENABLED = "CODEQL_ACTION_IS_SIP_ENABLED",

4
src/init-action.ts
View file

@ -566,7 +566,7 @@ async function run() {
await downloadDependencyCaches(config.languages, logger); await downloadDependencyCaches(config.languages, logger);
} }
// For CLI versions <2.15.1, build tracing caused errors in MacOS ARM machines with // For CLI versions <2.15.1, build tracing caused errors in macOS ARM machines with
// System Integrity Protection (SIP) disabled. // System Integrity Protection (SIP) disabled.
if ( if (
!(await codeQlVersionAtLeast(codeql, "2.15.1")) && !(await codeQlVersionAtLeast(codeql, "2.15.1")) &&
@ -575,7 +575,7 @@ async function run() {
!(await checkSipEnablement(logger)) !(await checkSipEnablement(logger))
) { ) {
logger.warning( logger.warning(
"CodeQL versions 2.15.0 and lower are not supported on MacOS ARM machines with System Integrity Protection (SIP) disabled.", "CodeQL versions 2.15.0 and lower are not supported on macOS ARM machines with System Integrity Protection (SIP) disabled.",
); );
} }

2
src/tracer-config.ts
View file

@ -111,7 +111,7 @@ export async function getCombinedTracerConfig(
// If the CLI doesn't yet support setting the CODEQL_RUNNER environment variable to // If the CLI doesn't yet support setting the CODEQL_RUNNER environment variable to
// the runner executable path, we set it here in the Action. // the runner executable path, we set it here in the Action.
if (!(await codeql.supportsFeature(ToolsFeature.SetsCodeqlRunnerEnvVar))) { if (!(await codeql.supportsFeature(ToolsFeature.SetsCodeqlRunnerEnvVar))) {
// On MacOS when System Integrity Protection is enabled, it's necessary to prefix // On macOS when System Integrity Protection is enabled, it's necessary to prefix
// the build command with the runner executable for indirect tracing, so we expose // the build command with the runner executable for indirect tracing, so we expose
// it here via the CODEQL_RUNNER environment variable. // it here via the CODEQL_RUNNER environment variable.
// The executable also exists and works for other platforms so we unconditionally // The executable also exists and works for other platforms so we unconditionally