Use the --resolve-query-specs parameter of pack download

This will allow the command to resolve packs with paths.

Also, use a more concise version of `tr`.

.github/workflows/__packaging-config-inputs-js.yml

@@ -80,7 +80,7 @@ jobs:
         EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/other-query-block javascript/example/two-block"
 
         # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
-        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | tr "\r" " " | xargs)"
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort tr "\n\r" " " | | xargs)"
         echo "Found matching rules '$RULES'"
         if [ "$RULES" != "$EXPECTED_RULES" ]; then
           echo "Did not match expected rules '$EXPECTED_RULES'."

.github/workflows/__packaging-config-js.yml

@@ -79,7 +79,7 @@ jobs:
         EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/other-query-block javascript/example/two-block"
 
         # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
-        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | tr "\r" " " | xargs)"
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort tr "\n\r" " " | | xargs)"
         echo "Found matching rules '$RULES'"
         if [ "$RULES" != "$EXPECTED_RULES" ]; then
           echo "Did not match expected rules '$EXPECTED_RULES'."

.github/workflows/__packaging-inputs-js.yml

@@ -80,7 +80,7 @@ jobs:
         EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/other-query-block javascript/example/two-block"
 
         # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
-        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | tr "\r" " " | xargs)"
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort tr "\n\r" " " | | xargs)"
         echo "Found matching rules '$RULES'"
         if [ "$RULES" != "$EXPECTED_RULES" ]; then
           echo "Did not match expected rules '$EXPECTED_RULES'."

.github/workflows/__split-workflow.yml

@@ -84,7 +84,7 @@ jobs:
         EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/other-query-block javascript/example/two-block"
 
         # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
-        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | tr "\r" " " | xargs)"
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort tr "\n\r" " " | | xargs)"
         echo "Found matching rules '$RULES'"
         if [ "$RULES" != "$EXPECTED_RULES" ]; then
           echo "Did not match expected rules '$EXPECTED_RULES'."

lib/analyze.js

@@ -136,7 +136,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
             if (hasPackWithCustomQueries) {
                 logger.info("Performing analysis with custom CodeQL Packs.");
                 logger.startGroup(`Downloading custom packs for ${language}`);
-                const results = await codeql.packDownload(removePackPath(packsWithVersion));
+                const results = await codeql.packDownload(packsWithVersion);
                 logger.info(`Downloaded packs: ${results.packs
                     .map((r) => `${r.name}@${r.version || "latest"}`)
                     .join(", ")}`);
@@ -294,15 +294,6 @@ async function injectLinesOfCode(sarifFile, language, locPromise) {
         fs.writeFileSync(sarifFile, JSON.stringify(sarif));
     }
 }
-/**
- * `codeql pack download` command does not support downloading pack specifiers with paths
- * in them. This removes the path from the pack specifier.
- * @param packsWithVersion array of pack specifiers, some of which may have paths in them
- * @returns array of pack specifiers without paths
- */
-function removePackPath(packsWithVersion) {
-    return packsWithVersion.map((pack) => pack.split(":")[0]);
-}
 function printLinesOfCodeSummary(logger, language, lineCounts) {
     if (language in lineCounts) {
         logger.info(`Counted a baseline of ${lineCounts[language]} lines of code for ${language}.`);

lib/codeql.js

@@ -641,6 +641,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 "pack",
                 "download",
                 "--format=json",
+                "--resolve-query-specs",
                 ...getExtraOptionsFromEnv(["pack", "download"]),
                 ...packs,
             ];

pr-checks/checks/packaging-config-inputs-js.yml

@@ -24,7 +24,7 @@ steps:
       EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/other-query-block javascript/example/two-block"
 
       # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
-      RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | tr "\r" " " | xargs)"
+      RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort tr "\n\r" " " | | xargs)"
       echo "Found matching rules '$RULES'"
       if [ "$RULES" != "$EXPECTED_RULES" ]; then
         echo "Did not match expected rules '$EXPECTED_RULES'."

pr-checks/checks/packaging-config-js.yml

@@ -23,7 +23,7 @@ steps:
       EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/other-query-block javascript/example/two-block"
 
       # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
-      RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | tr "\r" " " | xargs)"
+      RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort tr "\n\r" " " | | xargs)"
       echo "Found matching rules '$RULES'"
       if [ "$RULES" != "$EXPECTED_RULES" ]; then
         echo "Did not match expected rules '$EXPECTED_RULES'."

pr-checks/checks/packaging-inputs-js.yml

@@ -24,7 +24,7 @@ steps:
       EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/other-query-block javascript/example/two-block"
 
       # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
-      RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | tr "\r" " " | xargs)"
+      RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort tr "\n\r" " " | | xargs)"
       echo "Found matching rules '$RULES'"
       if [ "$RULES" != "$EXPECTED_RULES" ]; then
         echo "Did not match expected rules '$EXPECTED_RULES'."

pr-checks/checks/split-workflow.yml

@@ -39,7 +39,7 @@ steps:
       EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/other-query-block javascript/example/two-block"
 
       # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
-      RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | tr "\r" " " | xargs)"
+      RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort tr "\n\r" " " | | xargs)"
       echo "Found matching rules '$RULES'"
       if [ "$RULES" != "$EXPECTED_RULES" ]; then
         echo "Did not match expected rules '$EXPECTED_RULES'."

src/analyze.ts

@@ -241,9 +241,8 @@ export async function runQueries(
         logger.info("Performing analysis with custom CodeQL Packs.");
         logger.startGroup(`Downloading custom packs for ${language}`);
 
-        const results = await codeql.packDownload(
-          removePackPath(packsWithVersion)
-        );
+        const results = await codeql.packDownload(packsWithVersion);
+
         logger.info(
           `Downloaded packs: ${results.packs
             .map((r) => `${r.name}@${r.version || "latest"}`)
@@ -499,16 +498,6 @@ async function injectLinesOfCode(
   }
 }
 
-/**
- * `codeql pack download` command does not support downloading pack specifiers with paths
- * in them. This removes the path from the pack specifier.
- * @param packsWithVersion array of pack specifiers, some of which may have paths in them
- * @returns array of pack specifiers without paths
- */
-function removePackPath(packsWithVersion: string[]) {
-  return packsWithVersion.map((pack) => pack.split(":")[0]);
-}
-
 function printLinesOfCodeSummary(
   logger: Logger,
   language: Language,

src/codeql.ts

@@ -955,6 +955,7 @@ async function getCodeQLForCmd(
         "pack",
         "download",
         "--format=json",
+        "--resolve-query-specs",
         ...getExtraOptionsFromEnv(["pack", "download"]),
         ...packs,
       ];