Merge branch 'main' into aeisenberg/multi-init

CHANGELOG.md

@@ -4,6 +4,10 @@
 
 - Display a better error message when encountering a workflow that runs the `codeql-action/init` action multiple times. [#876](https://github.com/github/codeql-action/pull/876)
 
+## 1.0.29 - 21 Jan 2022
+
+- The feature to wait for SARIF processing to complete after upload has been disabled by default due to a bug in its interaction with pull requests from forks.
+
 ## 1.0.28 - 18 Jan 2022
 
 - Update default CodeQL bundle version to 2.7.5. [#866](https://github.com/github/codeql-action/pull/866)

analyze/action.yml

@@ -55,7 +55,7 @@ inputs:
   wait-for-processing:
     description: If true, the Action will wait for the uploaded SARIF to be processed before completing.
     required: true
-    default: "true"
+    default: "false"
   token:
     default: ${{ github.token }}
   matrix:

lib/codeql.js

@@ -512,7 +512,12 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)(cmd, args, error_matcher_1.errorMatchers);
         },
         async resolveLanguages() {
-            const codeqlArgs = ["resolve", "languages", "--format=json"];
+            const codeqlArgs = [
+                "resolve",
+                "languages",
+                "--format=json",
+                ...getExtraOptionsFromEnv(["resolve", "languages"]),
+            ];
             const output = await runTool(cmd, codeqlArgs);
             try {
                 return JSON.parse(output);
@@ -635,6 +640,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 "cleanup",
                 databasePath,
                 `--mode=${cleanupLevel}`,
+                ...getExtraOptionsFromEnv(["database", "cleanup"]),
             ];
             await runTool(cmd, codeqlArgs);
         },
@@ -645,6 +651,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 databasePath,
                 `--output=${outputFilePath}`,
                 `--name=${databaseName}`,
+                ...getExtraOptionsFromEnv(["database", "bundle"]),
             ];
             await new toolrunner.ToolRunner(cmd, args).exec();
         },

node_modules/.package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "1.0.29",
+  "version": "1.0.30",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "codeql",
-  "version": "1.0.29",
+  "version": "1.0.30",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "codeql",
-      "version": "1.0.29",
+      "version": "1.0.30",
       "license": "MIT",
       "dependencies": {
         "@actions/artifact": "^0.5.2",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "1.0.29",
+  "version": "1.0.30",
   "private": true,
   "description": "CodeQL action",
   "scripts": {

runner/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql-runner",
-  "version": "1.0.29",
+  "version": "1.0.30",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {

runner/package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql-runner",
-  "version": "1.0.29",
+  "version": "1.0.30",
   "private": true,
   "description": "CodeQL runner",
   "scripts": {

src/codeql.ts

@@ -805,7 +805,12 @@ async function getCodeQLForCmd(
       await toolrunnerErrorCatcher(cmd, args, errorMatchers);
     },
     async resolveLanguages() {
-      const codeqlArgs = ["resolve", "languages", "--format=json"];
+      const codeqlArgs = [
+        "resolve",
+        "languages",
+        "--format=json",
+        ...getExtraOptionsFromEnv(["resolve", "languages"]),
+      ];
       const output = await runTool(cmd, codeqlArgs);
 
       try {
@@ -956,6 +961,7 @@ async function getCodeQLForCmd(
         "cleanup",
         databasePath,
         `--mode=${cleanupLevel}`,
+        ...getExtraOptionsFromEnv(["database", "cleanup"]),
       ];
       await runTool(cmd, codeqlArgs);
     },
@@ -970,6 +976,7 @@ async function getCodeQLForCmd(
         databasePath,
         `--output=${outputFilePath}`,
         `--name=${databaseName}`,
+        ...getExtraOptionsFromEnv(["database", "bundle"]),
       ];
       await new toolrunner.ToolRunner(cmd, args).exec();
     },

upload-sarif/action.yml

@@ -23,7 +23,7 @@ inputs:
   wait-for-processing:
     description: If true, the Action will wait for the uploaded SARIF to be processed before completing.
     required: true
-    default: "true"
+    default: "false"
 runs:
   using: 'node12'
   main: '../lib/upload-sarif-action.js'