Remove support for CodeQL CLI 2.9.3 and earlier

2023-06-12 11:34:01 +01:00 · 2023-06-12 11:34:01 +01:00 · 7bd23b58b5
commit 7bd23b58b5
parent f1c4784a3f
17 changed files with 39 additions and 136 deletions
--- a/lib/codeql.js
+++ b/lib/codeql.js
@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
+exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
@ -70,12 +70,6 @@ const CODEQL_VERSION_LUA_TRACER_CONFIG = "2.10.0";
 const CODEQL_VERSION_LUA_TRACING_GO_WINDOWS_FIXED = "2.10.4";
 exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = "2.10.4";
 const CODEQL_VERSION_FILE_BASELINE_INFORMATION = "2.11.3";
 /**
 * Versions 2.9.0+ of the CodeQL CLI run machine learning models from a temporary directory, which
 * resolves an issue on Windows where TensorFlow models are not correctly loaded due to the path of
 * some of their files being greater than MAX_PATH (260 characters).
 */
 exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = "2.9.0";
 /**
 * Previous versions had the option already, but were missing the
 * --extractor-options-verbosity that we need.
--- a/lib/codeql.js.map
+++ b/lib/codeql.js.map
--- a/lib/codeql.test.js
+++ b/lib/codeql.test.js
@ -392,7 +392,7 @@ for (const isBundleVersionInUrl of [true, false]) {
    await util.withTmpDir(async (tempDir) => {
        const runnerConstructorStub = stubToolRunnerConstructor();
        const codeqlObject = await codeql.getCodeQLForTesting();
-        sinon.stub(codeqlObject, "getVersion").resolves("2.8.1");
+        sinon.stub(codeqlObject, "getVersion").resolves("2.9.4");
        // safeWhich throws because of the test CodeQL object.
        sinon.stub(safeWhich, "safeWhich").resolves("");
        const thisStubConfig = {
--- a/lib/config-utils.js
+++ b/lib/config-utils.js
@ -156,11 +156,7 @@ async function addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, suite
    // If we're running the JavaScript security-extended analysis (or a superset of it), the repo is
    // opted into the ML-powered queries beta, and a user hasn't already added the ML-powered query
    // pack, then add the ML-powered query pack so that we run ML-powered queries.
-    if (
+    if (languages.includes("javascript") &&
    // Only run ML-powered queries on Windows if we have a CLI that supports it.
    (process.platform !== "win32" ||
        (await (0, util_1.codeQlVersionAbove)(codeQL, codeql_1.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS))) &&
        languages.includes("javascript") &&
        (found === "security-experimental" ||
            found === "security-extended" ||
            found === "security-and-quality") &&
--- a/lib/config-utils.js.map
+++ b/lib/config-utils.js.map
--- a/lib/config-utils.test.js
+++ b/lib/config-utils.test.js
@ -1101,37 +1101,23 @@ const mlPoweredQueriesMacro = ava_1.default.macro({
 });
 // macro, codeQLVersion, isMlPoweredQueriesEnabled, packsInput, queriesInput, expectedVersionString
 // Test that ML-powered queries aren't run when the feature is off.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", false, undefined, "security-extended", undefined);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.12.3", false, undefined, "security-extended", undefined);
 // Test that the ~0.1.0 version of ML-powered queries is run on v2.8.3 of the CLI.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.8.3", true, undefined, "security-extended", process.platform === "win32" ? undefined : "~0.1.0");
 // Test that ML-powered queries aren't run when the user hasn't specified that we should run the
 //  `security-extended`, `security-and-quality`, or `security-experimental` query suite.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, undefined, undefined, undefined);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.12.3", true, undefined, undefined, undefined);
 // Test that ML-powered queries are run on non-Windows platforms running `security-extended` on
 // versions of the CodeQL CLI prior to 2.9.0.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.8.5", true, undefined, "security-extended", process.platform === "win32" ? undefined : "~0.2.0");
 // Test that ML-powered queries are run on non-Windows platforms running `security-and-quality` on
 // versions of the CodeQL CLI prior to 2.9.0.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.8.5", true, undefined, "security-and-quality", process.platform === "win32" ? undefined : "~0.2.0");
 // Test that ML-powered queries are run on all platforms running `security-extended` on CodeQL CLI
 // 2.9.0+.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.9.0", true, undefined, "security-extended", "~0.2.0");
 // Test that ML-powered queries are run on all platforms running `security-and-quality` on CodeQL
 // CLI 2.9.0+.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.9.0", true, undefined, "security-and-quality", "~0.2.0");
 // Test that we don't inject an ML-powered query pack if the user has already specified one.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.9.0", true, "codeql/javascript-experimental-atm-queries@0.0.1", "security-and-quality", "0.0.1");
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.12.3", true, "codeql/javascript-experimental-atm-queries@0.0.1", "security-and-quality", "0.0.1");
-// Test that ML-powered queries are run on all platforms running `security-extended` on CodeQL
+// Test that ML-powered queries ~0.3.0 are run on all platforms running `security-extended` on
-// CLI 2.9.3+.
+// CodeQL CLI 2.9.4+.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.9.3", true, undefined, "security-extended", "~0.3.0");
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.9.4", true, undefined, "security-extended", "~0.3.0");
-// Test that ML-powered queries are run on all platforms running `security-and-quality` on CodeQL
+// Test that ML-powered queries ~0.3.0 are run on all platforms running `security-and-quality` on
-// CLI 2.9.3+.
+// CodeQL CLI 2.9.4+.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.9.3", true, undefined, "security-and-quality", "~0.3.0");
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.9.4", true, undefined, "security-and-quality", "~0.3.0");
-// Test that ML-powered queries are run on all platforms running `security-extended` on CodeQL
+// Test that ML-powered queries ~0.4.0 are run on all platforms running `security-extended` on
-// CLI 2.11.3+.
+// CodeQL CLI 2.11.3+.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.11.3", true, undefined, "security-extended", "~0.4.0");
-// Test that ML-powered queries are run on all platforms running `security-and-quality` on CodeQL
+// Test that ML-powered queries ~0.4.0 are run on all platforms running `security-and-quality` on
-// CLI 2.11.3+.
+// CodeQL CLI 2.11.3+.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.11.3", true, undefined, "security-and-quality", "~0.4.0");
 // Test that ML-powered queries are run on all platforms running `security-experimental` on CodeQL
 // CLI 2.12.1+.
--- a/lib/config-utils.test.js.map
+++ b/lib/config-utils.test.js.map
--- a/lib/feature-flags.js
+++ b/lib/feature-flags.js
@ -65,7 +65,7 @@ exports.featureConfig = {
    },
    [Feature.MlPoweredQueriesEnabled]: {
        envVar: "CODEQL_ML_POWERED_QUERIES",
-        minimumVersion: "2.7.5",
+        minimumVersion: undefined,
        defaultValue: false,
    },
    [Feature.UploadFailedSarifEnabled]: {
--- a/lib/feature-flags.js.map
+++ b/lib/feature-flags.js.map
--- a/lib/util.js
+++ b/lib/util.js
@ -445,14 +445,8 @@ async function getMlPoweredJsQueriesPack(codeQL) {
    if (await codeQlVersionAbove(codeQL, "2.11.3")) {
        version = "~0.4.0";
    }
    else if (await codeQlVersionAbove(codeQL, "2.9.3")) {
        version = `~0.3.0`;
    }
    else if (await codeQlVersionAbove(codeQL, "2.8.4")) {
        version = `~0.2.0`;
    }
    else {
-        version = `~0.1.0`;
+        version = `~0.3.0`;
    }
    return (0, config_utils_1.prettyPrintPack)({
        name: exports.ML_POWERED_JS_QUERIES_PACK_NAME,
--- a/lib/util.js.map
+++ b/lib/util.js.map
--- a/src/codeql.test.ts
+++ b/src/codeql.test.ts
@ -572,7 +572,7 @@ test("databaseInitCluster() without injected codescanning config", async (t) =>
  await util.withTmpDir(async (tempDir) => {
    const runnerConstructorStub = stubToolRunnerConstructor();
    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves("2.8.1");
+    sinon.stub(codeqlObject, "getVersion").resolves("2.9.4");
    // safeWhich throws because of the test CodeQL object.
    sinon.stub(safeWhich, "safeWhich").resolves("");
--- a/src/codeql.ts
+++ b/src/codeql.ts
@ -266,13 +266,6 @@ const CODEQL_VERSION_LUA_TRACING_GO_WINDOWS_FIXED = "2.10.4";
 export const CODEQL_VERSION_GHES_PACK_DOWNLOAD = "2.10.4";
 const CODEQL_VERSION_FILE_BASELINE_INFORMATION = "2.11.3";
 /**
 * Versions 2.9.0+ of the CodeQL CLI run machine learning models from a temporary directory, which
 * resolves an issue on Windows where TensorFlow models are not correctly loaded due to the path of
 * some of their files being greater than MAX_PATH (260 characters).
 */
 export const CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = "2.9.0";
 /**
 * Previous versions had the option already, but were missing the
 * --extractor-options-verbosity that we need.
--- a/src/config-utils.test.ts
+++ b/src/config-utils.test.ts
@ -2178,95 +2178,46 @@ const mlPoweredQueriesMacro = test.macro({
 // Test that ML-powered queries aren't run when the feature is off.
 test(
  mlPoweredQueriesMacro,
-  "2.7.5",
+  "2.12.3",
  false,
  undefined,
  "security-extended",
  undefined
 );
 // Test that the ~0.1.0 version of ML-powered queries is run on v2.8.3 of the CLI.
 test(
  mlPoweredQueriesMacro,
  "2.8.3",
  true,
  undefined,
  "security-extended",
  process.platform === "win32" ? undefined : "~0.1.0"
 );
 // Test that ML-powered queries aren't run when the user hasn't specified that we should run the
 //  `security-extended`, `security-and-quality`, or `security-experimental` query suite.
-test(mlPoweredQueriesMacro, "2.7.5", true, undefined, undefined, undefined);
+test(mlPoweredQueriesMacro, "2.12.3", true, undefined, undefined, undefined);
 // Test that ML-powered queries are run on non-Windows platforms running `security-extended` on
 // versions of the CodeQL CLI prior to 2.9.0.
 test(
  mlPoweredQueriesMacro,
  "2.8.5",
  true,
  undefined,
  "security-extended",
  process.platform === "win32" ? undefined : "~0.2.0"
 );
 // Test that ML-powered queries are run on non-Windows platforms running `security-and-quality` on
 // versions of the CodeQL CLI prior to 2.9.0.
 test(
  mlPoweredQueriesMacro,
  "2.8.5",
  true,
  undefined,
  "security-and-quality",
  process.platform === "win32" ? undefined : "~0.2.0"
 );
 // Test that ML-powered queries are run on all platforms running `security-extended` on CodeQL CLI
 // 2.9.0+.
 test(
  mlPoweredQueriesMacro,
  "2.9.0",
  true,
  undefined,
  "security-extended",
  "~0.2.0"
 );
 // Test that ML-powered queries are run on all platforms running `security-and-quality` on CodeQL
 // CLI 2.9.0+.
 test(
  mlPoweredQueriesMacro,
  "2.9.0",
  true,
  undefined,
  "security-and-quality",
  "~0.2.0"
 );
 // Test that we don't inject an ML-powered query pack if the user has already specified one.
 test(
  mlPoweredQueriesMacro,
-  "2.9.0",
+  "2.12.3",
  true,
  "codeql/javascript-experimental-atm-queries@0.0.1",
  "security-and-quality",
  "0.0.1"
 );
-// Test that ML-powered queries are run on all platforms running `security-extended` on CodeQL
+// Test that ML-powered queries ~0.3.0 are run on all platforms running `security-extended` on
-// CLI 2.9.3+.
+// CodeQL CLI 2.9.4+.
 test(
  mlPoweredQueriesMacro,
-  "2.9.3",
+  "2.9.4",
  true,
  undefined,
  "security-extended",
  "~0.3.0"
 );
-// Test that ML-powered queries are run on all platforms running `security-and-quality` on CodeQL
+// Test that ML-powered queries ~0.3.0 are run on all platforms running `security-and-quality` on
-// CLI 2.9.3+.
+// CodeQL CLI 2.9.4+.
 test(
  mlPoweredQueriesMacro,
-  "2.9.3",
+  "2.9.4",
  true,
  undefined,
  "security-and-quality",
  "~0.3.0"
 );
-// Test that ML-powered queries are run on all platforms running `security-extended` on CodeQL
+// Test that ML-powered queries ~0.4.0 are run on all platforms running `security-extended` on
-// CLI 2.11.3+.
+// CodeQL CLI 2.11.3+.
 test(
  mlPoweredQueriesMacro,
  "2.11.3",
@ -2275,8 +2226,8 @@ test(
  "security-extended",
  "~0.4.0"
 );
-// Test that ML-powered queries are run on all platforms running `security-and-quality` on CodeQL
+// Test that ML-powered queries ~0.4.0 are run on all platforms running `security-and-quality` on
-// CLI 2.11.3+.
+// CodeQL CLI 2.11.3+.
 test(
  mlPoweredQueriesMacro,
  "2.11.3",
--- a/src/config-utils.ts
+++ b/src/config-utils.ts
@ -9,7 +9,6 @@ import * as api from "./api-client";
 import {
  CodeQL,
  CODEQL_VERSION_GHES_PACK_DOWNLOAD,
  CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS,
  CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE,
  ResolveQueriesOutput,
 } from "./codeql";
@ -424,12 +423,6 @@ async function addBuiltinSuiteQueries(
  // opted into the ML-powered queries beta, and a user hasn't already added the ML-powered query
  // pack, then add the ML-powered query pack so that we run ML-powered queries.
  if (
    // Only run ML-powered queries on Windows if we have a CLI that supports it.
    (process.platform !== "win32" ||
      (await codeQlVersionAbove(
        codeQL,
        CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS
      ))) &&
    languages.includes("javascript") &&
    (found === "security-experimental" ||
      found === "security-extended" ||
--- a/src/feature-flags.ts
+++ b/src/feature-flags.ts
@ -73,7 +73,7 @@ export const featureConfig: Record<
  [Feature.MlPoweredQueriesEnabled]: {
    envVar: "CODEQL_ML_POWERED_QUERIES",
-    minimumVersion: "2.7.5",
+    minimumVersion: undefined,
    defaultValue: false,
  },
  [Feature.UploadFailedSarifEnabled]: {
--- a/src/util.ts
+++ b/src/util.ts
@ -565,12 +565,8 @@ export async function getMlPoweredJsQueriesPack(
  let version;
  if (await codeQlVersionAbove(codeQL, "2.11.3")) {
    version = "~0.4.0";
  } else if (await codeQlVersionAbove(codeQL, "2.9.3")) {
    version = `~0.3.0`;
  } else if (await codeQlVersionAbove(codeQL, "2.8.4")) {
    version = `~0.2.0`;
  } else {
-    version = `~0.1.0`;
+    version = `~0.3.0`;
  }
  return prettyPrintPack({
    name: ML_POWERED_JS_QUERIES_PACK_NAME,