Merge pull request #2142 from github/update-v3.24.2-1a41e5519

Merge main into releases/v3

.github/update-release-branch.py

@@ -60,7 +60,7 @@ def open_pr(
 
   # Start constructing the body text
   body = []
-  body.append(f'Merging {source_branch_short_sha} into {target_branch}.')
+  body.append(f'Merging {source_branch_short_sha} into `{target_branch}`.')
 
   body.append('')
   body.append(f'Conductor for this PR is @{conductor}.')
@@ -92,7 +92,7 @@ def open_pr(
       'branch to resolve the merge conflicts.')
   body.append(' - [ ] Ensure the CHANGELOG displays the correct version and date.')
   body.append(' - [ ] Ensure the CHANGELOG includes all relevant, user-facing changes since the last release.')
-  body.append(f' - [ ] Check that there are not any unexpected commits being merged into the {target_branch} branch.')
+  body.append(f' - [ ] Check that there are not any unexpected commits being merged into the `{target_branch}` branch.')
   body.append(' - [ ] Ensure the docs team is aware of any documentation changes that need to be released.')
 
   if not is_primary_release:

.github/workflows/__build-mode-rollback.yml

@@ -0,0 +1,89 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
+# to regenerate this file.
+
+name: PR Check - Build mode rollback
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
+on:
+  push:
+    branches:
+    - main
+    - releases/v*
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  build-mode-rollback:
+    strategy:
+      matrix:
+        include:
+        - os: ubuntu-latest
+          version: nightly-latest
+    name: Build mode rollback
+    permissions:
+      contents: read
+      security-events: write
+    timeout-minutes: 45
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Setup Python on MacOS
+      uses: actions/setup-python@v5
+      if: >-
+        matrix.os == 'macos-latest' && (
+
+        matrix.version == 'stable-20221211' ||
+
+        matrix.version == 'stable-20230418' ||
+
+        matrix.version == 'stable-v2.13.5' ||
+
+        matrix.version == 'stable-v2.14.6')
+      with:
+        python-version: '3.11'
+    - name: Check out repository
+      uses: actions/checkout@v4
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/actions/prepare-test
+      with:
+        version: ${{ matrix.version }}
+        use-all-platform-bundle: 'false'
+    - name: Set environment variable for Swift enablement
+      if: runner.os != 'Windows' && matrix.version == '20221211'
+      shell: bash
+      run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
+    - name: Set up Java test repo configuration
+      run: |
+        mv * .github ../action/tests/multi-language-repo/
+        mv ../action/tests/multi-language-repo/.github/workflows .github
+        mv ../action/tests/java-repo/* .
+
+    - uses: ./../action/init
+      id: init
+      with:
+        build-mode: none
+        db-location: ${{ runner.temp }}/customDbLocation
+        languages: java
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+
+    - name: Validate database build mode
+      run: |
+        metadata_path="$RUNNER_TEMP/customDbLocation/java/codeql-database.yml"
+        build_mode=$(yq eval '.buildMode' "$metadata_path")
+        if [[ "$build_mode" != "autobuild" ]]; then
+          echo "Expected build mode to be 'autobuild' but was $build_mode"
+          exit 1
+        fi
+
+    - uses: ./../action/analyze
+    env:
+      CODEQL_ACTION_DISABLE_JAVA_BUILDLESS: true
+      CODEQL_ACTION_TEST_MODE: true

.github/workflows/debug-artifacts-failure.yml

@@ -65,7 +65,7 @@ jobs:
         shell: bash
         run: |
           LANGUAGES="cpp csharp go java javascript python"
-          pushd "./my-debug-artifacts"
+          cd "./my-debug-artifacts"
           echo "Artifacts from run:"
           for language in $LANGUAGES; do
             echo "- Checking $language"
@@ -82,6 +82,5 @@ jobs:
               exit 1
             fi
           done
-          popd
         env:
           GO111MODULE: auto

.github/workflows/rebuild.yml

@@ -24,6 +24,23 @@ jobs:
           gh pr edit --repo github/codeql-action "$PR_NUMBER" \
             --remove-label "Rebuild"
 
+      - name: Merge in changes from base branch
+        env:
+          BASE_BRANCH: ${{ github.event.pull_request.base.ref }}
+        run: |
+          git fetch origin "$BASE_BRANCH"
+
+          # Allow merge conflicts in `lib`, since rebuilding should resolve them.
+          git merge "origin/$BASE_BRANCH" || echo "Merge conflicts detected"
+
+          # Check for merge conflicts outside of `lib`. Disable git diff's trailing whitespace check
+          # since `node_modules/@types/semver/README.md` fails it.
+          if git -c core.whitespace=-trailing-space diff --check | grep --invert-match '^lib/'; then
+            echo "Merge conflicts detected outside of lib/ directory. Please resolve them manually."
+            git -c core.whitespace=-trailing-space diff --check | grep --invert-match '^lib/' || true
+            exit 1
+          fi
+
       - name: Compile TypeScript
         run: |
           npm install

.gitignore

@@ -1,2 +1,7 @@
 # Ignore for example failing-tests.json from AVA
-node_modules/.cache
+node_modules/.cache/
+# Java build files
+.gradle/
+*.class
+# macOS
+.DS_Store

CHANGELOG.md

@@ -4,6 +4,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
 
 Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.
 
+## 3.24.2 - 15 Feb 2024
+
+- Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. [#2141](https://github.com/github/codeql-action/pull/2141)
+
 ## 3.24.1 - 13 Feb 2024
 
 - Update default CodeQL bundle version to 2.16.2. [#2124](https://github.com/github/codeql-action/pull/2124)

lib/analyze.js

@@ -158,7 +158,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
             logger.startGroup(`Running queries for ${language}`);
             const startTimeRunQueries = new Date().getTime();
             const databasePath = util.getCodeQLDatabasePath(config, language);
-            await codeql.databaseRunQueries(databasePath, queryFlags, features);
+            await codeql.databaseRunQueries(databasePath, queryFlags);
             logger.debug(`Finished running queries for ${language}.`);
             // TODO should not be using `builtin` here. We should be using `all` instead.
             // The status report does not support `all` yet.

lib/cli-errors.js

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.wrapCliConfigurationError = exports.getCliConfigCategoryIfExists = exports.cliErrorsConfig = exports.CliConfigErrorCategory = exports.CommandInvocationError = void 0;
 const util_1 = require("./util");
+const NO_SOURCE_CODE_SEEN_DOCS_LINK = "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build";
 /**
  * A class of Error that we can classify as an error stemming from a CLI
  * invocation, with associated exit code, stderr,etc.
@@ -96,7 +97,11 @@ var CliConfigErrorCategory;
     CliConfigErrorCategory["IncompatibleWithActionVersion"] = "IncompatibleWithActionVersion";
     CliConfigErrorCategory["InitCalledTwice"] = "InitCalledTwice";
     CliConfigErrorCategory["InvalidSourceRoot"] = "InvalidSourceRoot";
-    CliConfigErrorCategory["NoJavaScriptTypeScriptCodeFound"] = "NoJavaScriptTypeScriptCodeFound";
+    CliConfigErrorCategory["NoBuildCommandAutodetected"] = "NoBuildCommandAutodetected";
+    CliConfigErrorCategory["NoBuildMethodAutodetected"] = "NoBuildMethodAutodetected";
+    CliConfigErrorCategory["NoSourceCodeSeen"] = "NoSourceCodeSeen";
+    CliConfigErrorCategory["NoSupportedBuildCommandSucceeded"] = "NoSupportedBuildCommandSucceeded";
+    CliConfigErrorCategory["NoSupportedBuildSystemDetected"] = "NoSupportedBuildSystemDetected";
 })(CliConfigErrorCategory || (exports.CliConfigErrorCategory = CliConfigErrorCategory = {}));
 /**
  * All of our caught CLI error messages that we handle specially: ie. if we
@@ -105,38 +110,65 @@ var CliConfigErrorCategory;
 exports.cliErrorsConfig = {
     // Version of CodeQL CLI is incompatible with this version of the CodeQL Action
     [CliConfigErrorCategory.IncompatibleWithActionVersion]: {
-        cliErrorMessageSnippets: ["is not compatible with this CodeQL CLI"],
+        cliErrorMessageCandidates: [
+            new RegExp("is not compatible with this CodeQL CLI"),
+        ],
     },
     [CliConfigErrorCategory.InitCalledTwice]: {
-        cliErrorMessageSnippets: [
-            "Refusing to create databases",
-            "exists and is not an empty directory",
+        cliErrorMessageCandidates: [
+            new RegExp("Refusing to create databases .* but could not process any of it"),
         ],
-        additionalErrorMessageToPrepend: `Is the "init" action called twice in the same job?`,
+        additionalErrorMessageToAppend: `Is the "init" action called twice in the same job?`,
     },
     // Expected source location for database creation does not exist
     [CliConfigErrorCategory.InvalidSourceRoot]: {
-        cliErrorMessageSnippets: ["Invalid source root"],
+        cliErrorMessageCandidates: [new RegExp("Invalid source root")],
     },
-    /**
-     * Earlier versions of the JavaScript extractor (pre-CodeQL 2.12.0) extract externs even if no
-     * source code was found. This means that we don't get the no code found error from
-     * `codeql database finalize`. To ensure users get a good error message, we detect this manually
-     * here, and upon detection override the error message.
-     *
-     * This can be removed once support for CodeQL 2.11.6 is removed.
-     */
-    [CliConfigErrorCategory.NoJavaScriptTypeScriptCodeFound]: {
+    [CliConfigErrorCategory.NoBuildCommandAutodetected]: {
+        cliErrorMessageCandidates: [
+            new RegExp("Could not auto-detect a suitable build method"),
+        ],
+    },
+    [CliConfigErrorCategory.NoBuildMethodAutodetected]: {
+        cliErrorMessageCandidates: [
+            new RegExp("Could not detect a suitable build command for the source checkout"),
+        ],
+    },
+    // Usually when a manual build script has failed, or if an autodetected language
+    // was unintended to have CodeQL analysis run on it.
+    [CliConfigErrorCategory.NoSourceCodeSeen]: {
         exitCode: 32,
-        cliErrorMessageSnippets: ["No JavaScript or TypeScript code found."],
-        additionalErrorMessageToPrepend: "No code found during the build. Please see: " +
-            "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.",
+        cliErrorMessageCandidates: [
+            new RegExp("CodeQL detected code written in .* but could not process any of it"),
+            new RegExp("CodeQL did not detect any code written in languages supported by CodeQL"),
+            /**
+             * Earlier versions of the JavaScript extractor (pre-CodeQL 2.12.0) extract externs even if no
+             * source code was found. This means that we don't get the no code found error from
+             * `codeql database finalize`. To ensure users get a good error message, we detect this manually
+             * here, and upon detection override the error message.
+             *
+             * This can be removed once support for CodeQL 2.11.6 is removed.
+             */
+            new RegExp("No JavaScript or TypeScript code found"),
+        ],
+    },
+    [CliConfigErrorCategory.NoSupportedBuildCommandSucceeded]: {
+        cliErrorMessageCandidates: [
+            new RegExp("No supported build command succeeded"),
+        ],
+    },
+    [CliConfigErrorCategory.NoSupportedBuildSystemDetected]: {
+        cliErrorMessageCandidates: [
+            new RegExp("No supported build system detected"),
+        ],
     },
 };
-// Check if the given CLI error or exit code, if applicable, apply to any known
-// CLI errors in the configuration record. If either the CLI error message matches all of
-// the error messages in the config record, or the exit codes match, return the error category;
-// if not, return undefined.
+/**
+ * Check if the given CLI error or exit code, if applicable, apply to any known
+ * CLI errors in the configuration record. If either the CLI error message matches one of
+ * the error messages in the config record, or the exit codes match, return the error category;
+ * if not, return undefined.
+ */
 function getCliConfigCategoryIfExists(cliError) {
     for (const [category, configuration] of Object.entries(exports.cliErrorsConfig)) {
         if (cliError.exitCode !== undefined &&
@@ -144,22 +176,29 @@ function getCliConfigCategoryIfExists(cliError) {
             cliError.exitCode === configuration.exitCode) {
             return category;
         }
-        let allMessageSnippetsFound = true;
-        for (const e of configuration.cliErrorMessageSnippets) {
-            if (!cliError.message.includes(e) && !cliError.stderr.includes(e)) {
-                allMessageSnippetsFound = false;
+        for (const e of configuration.cliErrorMessageCandidates) {
+            if (cliError.message.match(e) || cliError.stderr.match(e)) {
+                return category;
             }
         }
-        if (allMessageSnippetsFound === true) {
-            return category;
-        }
     }
     return undefined;
 }
 exports.getCliConfigCategoryIfExists = getCliConfigCategoryIfExists;
+/**
+ * Prepend a clearer error message with the docs link if the error message does not already
+ * include it. Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs
+ * should already include the doc link.
+ */
+function prependDocsLinkIfApplicable(cliErrorMessage) {
+    if (!cliErrorMessage.includes(NO_SOURCE_CODE_SEEN_DOCS_LINK)) {
+        return `No code found during the build. Please see: ${NO_SOURCE_CODE_SEEN_DOCS_LINK}. Detailed error: ${cliErrorMessage}`;
+    }
+    return cliErrorMessage;
+}
 /**
  * Changes an error received from the CLI to a ConfigurationError with optionally an extra
- * error message prepended, if it exists in a known set of configuration errors. Otherwise,
+ * error message appended, if it exists in a known set of configuration errors. Otherwise,
  * simply returns the original error.
  */
 function wrapCliConfigurationError(cliError) {
@@ -170,10 +209,17 @@ function wrapCliConfigurationError(cliError) {
     if (cliConfigErrorCategory === undefined) {
         return cliError;
     }
-    const errorMessageWrapperIfExists = exports.cliErrorsConfig[cliConfigErrorCategory].additionalErrorMessageToPrepend;
-    return errorMessageWrapperIfExists
-        ? new util_1.ConfigurationError(`${errorMessageWrapperIfExists} ${cliError.message}`)
-        : new util_1.ConfigurationError(cliError.message);
+    let errorMessageBuilder = cliError.message;
+    // Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs should
+    // already include the doc link.
+    if (cliConfigErrorCategory === CliConfigErrorCategory.NoSourceCodeSeen) {
+        errorMessageBuilder = prependDocsLinkIfApplicable(errorMessageBuilder);
+    }
+    const additionalErrorMessageToAppend = exports.cliErrorsConfig[cliConfigErrorCategory].additionalErrorMessageToAppend;
+    if (additionalErrorMessageToAppend !== undefined) {
+        errorMessageBuilder = `${errorMessageBuilder} ${additionalErrorMessageToAppend}`;
+    }
+    return new util_1.ConfigurationError(errorMessageBuilder);
 }
 exports.wrapCliConfigurationError = wrapCliConfigurationError;
 //# sourceMappingURL=cli-errors.js.map

lib/cli-errors.js.map

@@ -1 +1 @@
-{"version":3,"file":"cli-errors.js","sourceRoot":"","sources":["../src/cli-errors.ts"],"names":[],"mappings":";;;AAAA,iCAA4C;AAE5C;;;GAGG;AACH,MAAa,sBAAuB,SAAQ,KAAK;IAC/C,YACE,GAAW,EACX,IAAc,EACP,QAAgB,EAChB,MAAc,EACd,MAAc;QAErB,MAAM,aAAa,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;aACjC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aAC5C,IAAI,CAAC,GAAG,CAAC,CAAC;QAEb,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC;QACzD,IAAI,KAAK,GAAG,WAAW;YACrB,CAAC,CAAC,mBAAmB,WAAW,CAAC,IAAI,EAAE,EAAE;YACzC,CAAC,CAAC,QAAQ;gBACV,CAAC,CAAC,2BAA2B,QAAQ,EAAE;gBACvC,CAAC,CAAC,EAAE,CAAC;QACP,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACpC,KAAK,IAAI,GAAG,CAAC;QACf,CAAC;QAED,KAAK,CACH,4CAA4C,aAAa,KAAK;YAC5D,iBAAiB,QAAQ,GAAG,KAAK,iCAAiC,CACrE,CAAC;QAtBK,aAAQ,GAAR,QAAQ,CAAQ;QAChB,WAAM,GAAN,MAAM,CAAQ;QACd,WAAM,GAAN,MAAM,CAAQ;IAqBvB,CAAC;CACF;AA5BD,wDA4BC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,SAAS,kBAAkB,CAAC,KAAa;IACvC,MAAM,eAAe,GAAG,2BAA2B,CAAC;IACpD,IAAI,WAAW,GAAa,EAAE,CAAC;IAC/B,IAAI,mBAAuC,CAAC;IAC5C,IAAI,KAA8B,CAAC;IACnC,OAAO,CAAC,KAAK,GAAG,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACtD,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;YACtC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QACzE,CAAC;QACD,mBAAmB,GAAG,KAAK,CAAC,KAAK,CAAC;IACpC,CAAC;IACD,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;QACtC,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,IAAI,EAAE,CAAC;QAC1D,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,kBAAkB;YAClB,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,UAAU,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;QAC9D,IAAI,UAAU,EAAE,CAAC;YACf,WAAW,GAAG,WAAW,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QACpD,CAAC;QACD,OAAO;YACL,kBAAkB,CAAC,SAAS,CAAC;YAC7B,UAAU;YACV,GAAG,WAAW,CAAC,OAAO,EAAE;SACzB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY;IACtC,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC;AAC3D,CAAC;AAED,8FAA8F;AAC9F,IAAY,sBAKX;AALD,WAAY,sBAAsB;IAChC,yFAA+D,CAAA;IAC/D,6DAAmC,CAAA;IACnC,iEAAuC,CAAA;IACvC,6FAAmE,CAAA;AACrE,CAAC,EALW,sBAAsB,sCAAtB,sBAAsB,QAKjC;AAUD;;;GAGG;AACU,QAAA,eAAe,GAGxB;IACF,+EAA+E;IAC/E,CAAC,sBAAsB,CAAC,6BAA6B,CAAC,EAAE;QACtD,uBAAuB,EAAE,CAAC,wCAAwC,CAAC;KACpE;IACD,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAE;QACxC,uBAAuB,EAAE;YACvB,8BAA8B;YAC9B,sCAAsC;SACvC;QACD,+BAA+B,EAAE,oDAAoD;KACtF;IACD,gEAAgE;IAChE,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,EAAE;QAC1C,uBAAuB,EAAE,CAAC,qBAAqB,CAAC;KACjD;IACD;;;;;;;OAOG;IACH,CAAC,sBAAsB,CAAC,+BAA+B,CAAC,EAAE;QACxD,QAAQ,EAAE,EAAE;QACZ,uBAAuB,EAAE,CAAC,yCAAyC,CAAC;QACpE,+BAA+B,EAC7B,8CAA8C;YAC9C,+EAA+E;KAClF;CACF,CAAC;AAEF,+EAA+E;AAC/E,yFAAyF;AACzF,+FAA+F;AAC/F,4BAA4B;AAC5B,SAAgB,4BAA4B,CAC1C,QAAgC;IAEhC,KAAK,MAAM,CAAC,QAAQ,EAAE,aAAa,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,uBAAe,CAAC,EAAE,CAAC;QACxE,IACE,QAAQ,CAAC,QAAQ,KAAK,SAAS;YAC/B,aAAa,CAAC,QAAQ,KAAK,SAAS;YACpC,QAAQ,CAAC,QAAQ,KAAK,aAAa,CAAC,QAAQ,EAC5C,CAAC;YACD,OAAO,QAAkC,CAAC;QAC5C,CAAC;QAED,IAAI,uBAAuB,GAAY,IAAI,CAAC;QAC5C,KAAK,MAAM,CAAC,IAAI,aAAa,CAAC,uBAAuB,EAAE,CAAC;YACtD,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClE,uBAAuB,GAAG,KAAK,CAAC;YAClC,CAAC;QACH,CAAC;QACD,IAAI,uBAAuB,KAAK,IAAI,EAAE,CAAC;YACrC,OAAO,QAAkC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAxBD,oEAwBC;AAED;;;;GAIG;AACH,SAAgB,yBAAyB,CAAC,QAAe;IACvD,IAAI,CAAC,CAAC,QAAQ,YAAY,sBAAsB,CAAC,EAAE,CAAC;QAClD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,sBAAsB,GAAG,4BAA4B,CAAC,QAAQ,CAAC,CAAC;IACtE,IAAI,sBAAsB,KAAK,SAAS,EAAE,CAAC;QACzC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,2BAA2B,GAC/B,uBAAe,CAAC,sBAAsB,CAAC,CAAC,+BAA+B,CAAC;IAE1E,OAAO,2BAA2B;QAChC,CAAC,CAAC,IAAI,yBAAkB,CACpB,GAAG,2BAA2B,IAAI,QAAQ,CAAC,OAAO,EAAE,CACrD;QACH,CAAC,CAAC,IAAI,yBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AAC/C,CAAC;AAlBD,8DAkBC"}
+{"version":3,"file":"cli-errors.js","sourceRoot":"","sources":["../src/cli-errors.ts"],"names":[],"mappings":";;;AAAA,iCAA4C;AAE5C,MAAM,6BAA6B,GACjC,8EAA8E,CAAC;AAEjF;;;GAGG;AACH,MAAa,sBAAuB,SAAQ,KAAK;IAC/C,YACE,GAAW,EACX,IAAc,EACP,QAAgB,EAChB,MAAc,EACd,MAAc;QAErB,MAAM,aAAa,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;aACjC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aAC5C,IAAI,CAAC,GAAG,CAAC,CAAC;QAEb,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC;QACzD,IAAI,KAAK,GAAG,WAAW;YACrB,CAAC,CAAC,mBAAmB,WAAW,CAAC,IAAI,EAAE,EAAE;YACzC,CAAC,CAAC,QAAQ;gBACV,CAAC,CAAC,2BAA2B,QAAQ,EAAE;gBACvC,CAAC,CAAC,EAAE,CAAC;QACP,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACpC,KAAK,IAAI,GAAG,CAAC;QACf,CAAC;QAED,KAAK,CACH,4CAA4C,aAAa,KAAK;YAC5D,iBAAiB,QAAQ,GAAG,KAAK,iCAAiC,CACrE,CAAC;QAtBK,aAAQ,GAAR,QAAQ,CAAQ;QAChB,WAAM,GAAN,MAAM,CAAQ;QACd,WAAM,GAAN,MAAM,CAAQ;IAqBvB,CAAC;CACF;AA5BD,wDA4BC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,SAAS,kBAAkB,CAAC,KAAa;IACvC,MAAM,eAAe,GAAG,2BAA2B,CAAC;IACpD,IAAI,WAAW,GAAa,EAAE,CAAC;IAC/B,IAAI,mBAAuC,CAAC;IAC5C,IAAI,KAA8B,CAAC;IACnC,OAAO,CAAC,KAAK,GAAG,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACtD,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;YACtC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QACzE,CAAC;QACD,mBAAmB,GAAG,KAAK,CAAC,KAAK,CAAC;IACpC,CAAC;IACD,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;QACtC,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,IAAI,EAAE,CAAC;QAC1D,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,kBAAkB;YAClB,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,UAAU,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;QAC9D,IAAI,UAAU,EAAE,CAAC;YACf,WAAW,GAAG,WAAW,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QACpD,CAAC;QACD,OAAO;YACL,kBAAkB,CAAC,SAAS,CAAC;YAC7B,UAAU;YACV,GAAG,WAAW,CAAC,OAAO,EAAE;SACzB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY;IACtC,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC;AAC3D,CAAC;AAED,8FAA8F;AAC9F,IAAY,sBASX;AATD,WAAY,sBAAsB;IAChC,yFAA+D,CAAA;IAC/D,6DAAmC,CAAA;IACnC,iEAAuC,CAAA;IACvC,mFAAyD,CAAA;IACzD,iFAAuD,CAAA;IACvD,+DAAqC,CAAA;IACrC,+FAAqE,CAAA;IACrE,2FAAiE,CAAA;AACnE,CAAC,EATW,sBAAsB,sCAAtB,sBAAsB,QASjC;AASD;;;GAGG;AACU,QAAA,eAAe,GAGxB;IACF,+EAA+E;IAC/E,CAAC,sBAAsB,CAAC,6BAA6B,CAAC,EAAE;QACtD,yBAAyB,EAAE;YACzB,IAAI,MAAM,CAAC,wCAAwC,CAAC;SACrD;KACF;IACD,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAE;QACxC,yBAAyB,EAAE;YACzB,IAAI,MAAM,CACR,iEAAiE,CAClE;SACF;QACD,8BAA8B,EAAE,oDAAoD;KACrF;IACD,gEAAgE;IAChE,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,EAAE;QAC1C,yBAAyB,EAAE,CAAC,IAAI,MAAM,CAAC,qBAAqB,CAAC,CAAC;KAC/D;IACD,CAAC,sBAAsB,CAAC,0BAA0B,CAAC,EAAE;QACnD,yBAAyB,EAAE;YACzB,IAAI,MAAM,CAAC,+CAA+C,CAAC;SAC5D;KACF;IACD,CAAC,sBAAsB,CAAC,yBAAyB,CAAC,EAAE;QAClD,yBAAyB,EAAE;YACzB,IAAI,MAAM,CACR,mEAAmE,CACpE;SACF;KACF;IACD,gFAAgF;IAChF,oDAAoD;IACpD,CAAC,sBAAsB,CAAC,gBAAgB,CAAC,EAAE;QACzC,QAAQ,EAAE,EAAE;QACZ,yBAAyB,EAAE;YACzB,IAAI,MAAM,CACR,oEAAoE,CACrE;YACD,IAAI,MAAM,CACR,yEAAyE,CAC1E;YACD;;;;;;;eAOG;YACH,IAAI,MAAM,CAAC,wCAAwC,CAAC;SACrD;KACF;IAED,CAAC,sBAAsB,CAAC,gCAAgC,CAAC,EAAE;QACzD,yBAAyB,EAAE;YACzB,IAAI,MAAM,CAAC,sCAAsC,CAAC;SACnD;KACF;IACD,CAAC,sBAAsB,CAAC,8BAA8B,CAAC,EAAE;QACvD,yBAAyB,EAAE;YACzB,IAAI,MAAM,CAAC,oCAAoC,CAAC;SACjD;KACF;CACF,CAAC;AAEF;;;;;GAKG;AACH,SAAgB,4BAA4B,CAC1C,QAAgC;IAEhC,KAAK,MAAM,CAAC,QAAQ,EAAE,aAAa,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,uBAAe,CAAC,EAAE,CAAC;QACxE,IACE,QAAQ,CAAC,QAAQ,KAAK,SAAS;YAC/B,aAAa,CAAC,QAAQ,KAAK,SAAS;YACpC,QAAQ,CAAC,QAAQ,KAAK,aAAa,CAAC,QAAQ,EAC5C,CAAC;YACD,OAAO,QAAkC,CAAC;QAC5C,CAAC;QAED,KAAK,MAAM,CAAC,IAAI,aAAa,CAAC,yBAAyB,EAAE,CAAC;YACxD,IAAI,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC1D,OAAO,QAAkC,CAAC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AApBD,oEAoBC;AAED;;;;GAIG;AACH,SAAS,2BAA2B,CAAC,eAAuB;IAC1D,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,6BAA6B,CAAC,EAAE,CAAC;QAC7D,OAAO,+CAA+C,6BAA6B,qBAAqB,eAAe,EAAE,CAAC;IAC5H,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;;;GAIG;AACH,SAAgB,yBAAyB,CAAC,QAAe;IACvD,IAAI,CAAC,CAAC,QAAQ,YAAY,sBAAsB,CAAC,EAAE,CAAC;QAClD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,sBAAsB,GAAG,4BAA4B,CAAC,QAAQ,CAAC,CAAC;IACtE,IAAI,sBAAsB,KAAK,SAAS,EAAE,CAAC;QACzC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,IAAI,mBAAmB,GAAG,QAAQ,CAAC,OAAO,CAAC;IAE3C,2FAA2F;IAC3F,gCAAgC;IAChC,IAAI,sBAAsB,KAAK,sBAAsB,CAAC,gBAAgB,EAAE,CAAC;QACvE,mBAAmB,GAAG,2BAA2B,CAAC,mBAAmB,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,8BAA8B,GAClC,uBAAe,CAAC,sBAAsB,CAAC,CAAC,8BAA8B,CAAC;IACzE,IAAI,8BAA8B,KAAK,SAAS,EAAE,CAAC;QACjD,mBAAmB,GAAG,GAAG,mBAAmB,IAAI,8BAA8B,EAAE,CAAC;IACnF,CAAC;IAED,OAAO,IAAI,yBAAkB,CAAC,mBAAmB,CAAC,CAAC;AACrD,CAAC;AAzBD,8DAyBC"}

lib/codeql.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getGeneratedCodeScanningConfigPath = exports.getTrapCachingExtractorConfigArgsForLang = exports.getTrapCachingExtractorConfigArgs = exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = exports.CODEQL_VERSION_BETTER_NO_CODE_ERROR_MESSAGE = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = void 0;
+exports.getGeneratedCodeScanningConfigPath = exports.getTrapCachingExtractorConfigArgsForLang = exports.getTrapCachingExtractorConfigArgs = exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
@@ -66,6 +66,8 @@ const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.7";
  */
 const GHES_MOST_RECENT_DEPRECATION_DATE = "2023-11-08";
 /*
+ * Deprecated in favor of ToolsFeature.
+ *
  * Versions of CodeQL that version-flag certain functionality in the Action.
  * For convenience, please keep these in descending order. Once a version
  * flag is older than the oldest supported version above, it may be removed.
@@ -84,11 +86,6 @@ exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = "2.12.3";
  * Versions 2.12.4+ of the CodeQL CLI support the `--qlconfig-file` flag in calls to `database init`.
  */
 exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
-/**
- * Versions 2.12.4+ of the CodeQL CLI provide a better error message when `database finalize`
- * determines that no code has been found.
- */
-exports.CODEQL_VERSION_BETTER_NO_CODE_ERROR_MESSAGE = "2.12.4";
 /**
  * Versions 2.13.1+ of the CodeQL CLI fix a bug where diagnostics export could produce invalid SARIF.
  */
@@ -339,7 +336,15 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             // When `DYLD_INSERT_LIBRARIES` is set in the environment for a step,
             // the Actions runtime introduces its own workaround for SIP
             // (https://github.com/actions/runner/pull/416).
-            await runTool(autobuildCmd);
+            try {
+                await runTool(autobuildCmd);
+            }
+            catch (e) {
+                if (e instanceof Error) {
+                    throw (0, cli_errors_1.wrapCliConfigurationError)(e);
+                }
+                throw e;
+            }
         },
         async extractScannedLanguage(config, language) {
             await runTool(cmd, [
@@ -375,8 +380,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 await runTool(cmd, args);
             }
             catch (e) {
-                if (e instanceof Error &&
-                    !(await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_BETTER_NO_CODE_ERROR_MESSAGE))) {
+                if (e instanceof Error) {
                     throw (0, cli_errors_1.wrapCliConfigurationError)(e);
                 }
                 throw e;
@@ -452,7 +456,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 throw new Error(`Unexpected output from codeql resolve build-environment: ${e} in\n${output}`);
             }
         },
-        async databaseRunQueries(databasePath, flags, features) {
+        async databaseRunQueries(databasePath, flags) {
             const codeqlArgs = [
                 "database",
                 "run-queries",
@@ -465,12 +469,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             if (await util.supportExpectDiscardedCache(this)) {
                 codeqlArgs.push("--expect-discarded-cache");
             }
-            if (await features.getValue(feature_flags_1.Feature.EvaluatorFineGrainedParallelismEnabled, this)) {
+            if (await util.codeQlVersionAbove(this, feature_flags_1.CODEQL_VERSION_FINE_GRAINED_PARALLELISM)) {
                 codeqlArgs.push("--intra-layer-parallelism");
             }
-            else if (await util.codeQlVersionAbove(this, feature_flags_1.CODEQL_VERSION_FINE_GRAINED_PARALLELISM)) {
-                codeqlArgs.push("--no-intra-layer-parallelism");
-            }
             await runTool(cmd, codeqlArgs);
         },
         async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, automationDetailsId, config, features, logger) {

lib/codeql.test.js

@@ -555,8 +555,8 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("", "", ""), {
         instanceOf: util.ConfigurationError,
-        message: new RegExp("No code found during the build. Please see: " +
-            "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.+"),
+        message: new RegExp("No code found during the build\\. Please see: " +
+            "https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\."),
     });
 });
 (0, ava_1.default)("database finalize overrides no code found error on CodeQL 2.11.6", async (t) => {
@@ -567,8 +567,8 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("", "", ""), {
         instanceOf: util.ConfigurationError,
-        message: new RegExp("No code found during the build. Please see: " +
-            "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.+"),
+        message: new RegExp("No code found during the build\\. Please see: " +
+            "https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\."),
     });
 });
 (0, ava_1.default)("database finalize does not override no code found error on CodeQL 2.12.4", async (t) => {
@@ -595,8 +595,9 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048"), {
-        message: 'Encountered a fatal error while running "codeql-for-testing database finalize --finalize-dataset --threads=2 --ram=2048 db". ' +
-            `Exit code was 32 and error was: ${datasetImportError}. Context: ${heapError}. See the logs for more details.`,
+        instanceOf: util.ConfigurationError,
+        message: new RegExp('Encountered a fatal error while running \\"codeql-for-testing database finalize --finalize-dataset --threads=2 --ram=2048 db\\"\\. ' +
+            `Exit code was 32 and error was: ${datasetImportError.replaceAll(".", "\\.")}\\. Context: ${heapError.replaceAll(".", "\\.")}\\. See the logs for more details\\.`),
     });
 });
 (0, ava_1.default)("runTool outputs last line of stderr if fatal error could not be found", async (t) => {
@@ -607,8 +608,9 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048"), {
-        message: 'Encountered a fatal error while running "codeql-for-testing database finalize --finalize-dataset --threads=2 --ram=2048 db". ' +
-            "Exit code was 32 and last log line was: line5. See the logs for more details.",
+        instanceOf: util.ConfigurationError,
+        message: new RegExp('Encountered a fatal error while running \\"codeql-for-testing database finalize --finalize-dataset --threads=2 --ram=2048 db\\"\\. ' +
+            "Exit code was 32 and last log line was: line5\\. See the logs for more details\\."),
     });
 });
 function stubToolRunnerConstructor(exitCode = 0, stderr) {

lib/config-utils.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.wrapEnvironment = exports.generateRegistries = exports.getConfig = exports.getPathToParsedConfigFile = exports.initConfig = exports.validatePackSpecification = exports.parsePacksSpecification = exports.parsePacksFromInput = exports.calculateAugmentation = exports.getDefaultConfig = exports.getRawLanguages = exports.getLanguageAliases = exports.getLanguages = exports.getLanguagesInRepo = exports.getUnknownLanguagesError = exports.getNoLanguagesError = exports.getConfigFileDirectoryGivenMessage = exports.getConfigFileFormatInvalidMessage = exports.getConfigFileRepoFormatInvalidMessage = exports.getConfigFileDoesNotExistErrorMessage = exports.getConfigFileOutsideWorkspaceErrorMessage = exports.getPacksStrInvalid = exports.defaultAugmentationProperties = exports.BuildMode = void 0;
+exports.parseBuildModeInput = exports.wrapEnvironment = exports.generateRegistries = exports.getConfig = exports.getPathToParsedConfigFile = exports.initConfig = exports.validatePackSpecification = exports.parsePacksSpecification = exports.parsePacksFromInput = exports.calculateAugmentation = exports.getDefaultConfig = exports.getRawLanguages = exports.getLanguageAliases = exports.getLanguages = exports.getLanguagesInRepo = exports.getUnknownLanguagesError = exports.getNoLanguagesError = exports.getConfigFileDirectoryGivenMessage = exports.getConfigFileFormatInvalidMessage = exports.getConfigFileRepoFormatInvalidMessage = exports.getConfigFileDoesNotExistErrorMessage = exports.getConfigFileOutsideWorkspaceErrorMessage = exports.getPacksStrInvalid = exports.defaultAugmentationProperties = exports.BuildMode = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const perf_hooks_1 = require("perf_hooks");
@@ -31,6 +31,7 @@ const yaml = __importStar(require("js-yaml"));
 const semver = __importStar(require("semver"));
 const api = __importStar(require("./api-client"));
 const codeql_1 = require("./codeql");
+const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
 const trap_caching_1 = require("./trap-caching");
 const util_1 = require("./util");
@@ -218,13 +219,14 @@ exports.getRawLanguages = getRawLanguages;
 /**
  * Get the default config for when the user has not supplied one.
  */
-async function getDefaultConfig({ languagesInput, queriesInput, packsInput, buildModeInput, dbLocation, trapCachingEnabled, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeql, githubVersion, logger, }) {
+async function getDefaultConfig({ languagesInput, queriesInput, packsInput, buildModeInput, dbLocation, trapCachingEnabled, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeql, githubVersion, features, logger, }) {
     const languages = await getLanguages(codeql, languagesInput, repository, logger);
+    const buildMode = await parseBuildModeInput(buildModeInput, languages, features, logger);
     const augmentationProperties = calculateAugmentation(packsInput, queriesInput, languages);
     const { trapCaches, trapCacheDownloadTime } = await downloadCacheWithTime(trapCachingEnabled, codeql, languages, logger);
     return {
         languages,
-        buildMode: validateBuildModeInput(buildModeInput),
+        buildMode,
         originalUserInput: {},
         tempDir,
         codeQLCmd: codeql.getPath(),
@@ -252,7 +254,7 @@ async function downloadCacheWithTime(trapCachingEnabled, codeQL, languages, logg
 /**
  * Load the config from the given file.
  */
-async function loadConfig({ languagesInput, queriesInput, packsInput, buildModeInput, configFile, dbLocation, trapCachingEnabled, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeql, workspacePath, githubVersion, apiDetails, logger, }) {
+async function loadConfig({ languagesInput, queriesInput, packsInput, buildModeInput, configFile, dbLocation, trapCachingEnabled, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeql, workspacePath, githubVersion, apiDetails, features, logger, }) {
     let parsedYAML;
     if (isLocal(configFile)) {
         // Treat the config file as relative to the workspace
@@ -263,11 +265,12 @@ async function loadConfig({ languagesInput, queriesInput, packsInput, buildModeI
         parsedYAML = await getRemoteConfig(configFile, apiDetails);
     }
     const languages = await getLanguages(codeql, languagesInput, repository, logger);
+    const buildMode = await parseBuildModeInput(buildModeInput, languages, features, logger);
     const augmentationProperties = calculateAugmentation(packsInput, queriesInput, languages);
     const { trapCaches, trapCacheDownloadTime } = await downloadCacheWithTime(trapCachingEnabled, codeql, languages, logger);
     return {
         languages,
-        buildMode: validateBuildModeInput(buildModeInput),
+        buildMode,
         originalUserInput: parsedYAML,
         tempDir,
         codeQLCmd: codeql.getPath(),
@@ -462,13 +465,13 @@ function dbLocationOrDefault(dbLocation, tempDir) {
  */
 async function initConfig(inputs) {
     let config;
-    const { logger, workspacePath } = inputs;
+    const { logger, tempDir } = inputs;
     // if configInput is set, it takes precedence over configFile
     if (inputs.configInput) {
         if (inputs.configFile) {
             logger.warning(`Both a config file and config input were provided. Ignoring config file.`);
         }
-        inputs.configFile = path.resolve(workspacePath, "user-config-from-action.yml");
+        inputs.configFile = path.resolve(tempDir, "user-config-from-action.yml");
         fs.writeFileSync(inputs.configFile, inputs.configInput);
         logger.debug(`Using config from action input: ${inputs.configFile}`);
     }
@@ -664,13 +667,20 @@ async function wrapEnvironment(env, operation) {
     }
 }
 exports.wrapEnvironment = wrapEnvironment;
-function validateBuildModeInput(buildModeInput) {
-    if (buildModeInput === undefined) {
+// Exported for testing
+async function parseBuildModeInput(input, languages, features, logger) {
+    if (input === undefined) {
         return undefined;
     }
-    if (!Object.values(BuildMode).includes(buildModeInput)) {
-        throw new util_1.ConfigurationError(`Invalid build mode: '${buildModeInput}'. Supported build modes are: ${Object.values(BuildMode).join(", ")}.`);
+    if (!Object.values(BuildMode).includes(input)) {
+        throw new util_1.ConfigurationError(`Invalid build mode: '${input}'. Supported build modes are: ${Object.values(BuildMode).join(", ")}.`);
     }
-    return buildModeInput;
+    if (languages.includes(languages_1.Language.java) &&
+        (await features.getValue(feature_flags_1.Feature.DisableJavaBuildlessEnabled))) {
+        logger.warning("Scanning Java code without a build is temporarily unavailable. Falling back to 'autobuild' build mode.");
+        return BuildMode.Autobuild;
+    }
+    return input;
 }
+exports.parseBuildModeInput = parseBuildModeInput;
 //# sourceMappingURL=config-utils.js.map

lib/config-utils.test.js

@@ -36,6 +36,7 @@ const api = __importStar(require("./api-client"));
 const codeql_1 = require("./codeql");
 const configUtils = __importStar(require("./config-utils"));
 const config_utils_1 = require("./config-utils");
+const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
@@ -68,6 +69,7 @@ function createTestInitConfigInputs(overrides) {
             apiURL: undefined,
             registriesAuthTokens: undefined,
         },
+        features: (0, testing_utils_1.createFeatures)([]),
         logger: (0, logging_1.getRunnerLogger)(true),
     }, overrides);
 }
@@ -763,4 +765,27 @@ const mockRepositoryNwo = (0, repository_1.parseRepositoryNwo)("owner/repo");
         t.deepEqual(mockRequest.called, args.expectedApiCall);
     });
 });
+(0, ava_1.default)("Build mode not overridden when disable Java buildless feature flag disabled", async (t) => {
+    const messages = [];
+    const buildMode = await configUtils.parseBuildModeInput("none", [languages_1.Language.java], (0, testing_utils_1.createFeatures)([]), (0, testing_utils_1.getRecordingLogger)(messages));
+    t.is(buildMode, config_utils_1.BuildMode.None);
+    t.deepEqual(messages, []);
+});
+(0, ava_1.default)("Build mode not overridden for other languages", async (t) => {
+    const messages = [];
+    const buildMode = await configUtils.parseBuildModeInput("none", [languages_1.Language.python], (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.DisableJavaBuildlessEnabled]), (0, testing_utils_1.getRecordingLogger)(messages));
+    t.is(buildMode, config_utils_1.BuildMode.None);
+    t.deepEqual(messages, []);
+});
+(0, ava_1.default)("Build mode overridden when analyzing Java and disable Java buildless feature flag enabled", async (t) => {
+    const messages = [];
+    const buildMode = await configUtils.parseBuildModeInput("none", [languages_1.Language.java], (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.DisableJavaBuildlessEnabled]), (0, testing_utils_1.getRecordingLogger)(messages));
+    t.is(buildMode, config_utils_1.BuildMode.Autobuild);
+    t.deepEqual(messages, [
+        {
+            message: "Scanning Java code without a build is temporarily unavailable. Falling back to 'autobuild' build mode.",
+            type: "warning",
+        },
+    ]);
+});
 //# sourceMappingURL=config-utils.test.js.map

lib/feature-flags.js

@@ -50,10 +50,10 @@ var Feature;
 (function (Feature) {
     Feature["CppDependencyInstallation"] = "cpp_dependency_installation_enabled";
     Feature["CppTrapCachingEnabled"] = "cpp_trap_caching_enabled";
+    Feature["DisableJavaBuildlessEnabled"] = "disable_java_buildless_enabled";
     Feature["DisableKotlinAnalysisEnabled"] = "disable_kotlin_analysis_enabled";
     Feature["DisablePythonDependencyInstallationEnabled"] = "disable_python_dependency_installation_enabled";
     Feature["PythonDefaultIsToSkipDependencyInstallationEnabled"] = "python_default_is_to_skip_dependency_installation_enabled";
-    Feature["EvaluatorFineGrainedParallelismEnabled"] = "evaluator_fine_grained_parallelism_enabled";
     Feature["ExportDiagnosticsEnabled"] = "export_diagnostics_enabled";
     Feature["QaTelemetryEnabled"] = "qa_telemetry_enabled";
 })(Feature || (exports.Feature = Feature = {}));
@@ -68,14 +68,14 @@ exports.featureConfig = {
         minimumVersion: "2.16.1",
         defaultValue: false,
     },
-    [Feature.DisableKotlinAnalysisEnabled]: {
-        envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
+    [Feature.DisableJavaBuildlessEnabled]: {
+        envVar: "CODEQL_ACTION_DISABLE_JAVA_BUILDLESS",
         minimumVersion: undefined,
         defaultValue: false,
     },
-    [Feature.EvaluatorFineGrainedParallelismEnabled]: {
-        envVar: "CODEQL_EVALUATOR_FINE_GRAINED_PARALLELISM",
-        minimumVersion: exports.CODEQL_VERSION_FINE_GRAINED_PARALLELISM,
+    [Feature.DisableKotlinAnalysisEnabled]: {
+        envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
+        minimumVersion: undefined,
         defaultValue: false,
     },
     [Feature.ExportDiagnosticsEnabled]: {

lib/init-action.js

@@ -157,6 +157,7 @@ async function run() {
             workspacePath: (0, util_1.getRequiredEnvParam)("GITHUB_WORKSPACE"),
             githubVersion: gitHubVersion,
             apiDetails,
+            features,
             logger,
         });
         await (0, init_1.checkInstallPython311)(config.languages, codeql);

node_modules/.package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "3.24.1",
+  "version": "3.24.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "codeql",
-  "version": "3.24.1",
+  "version": "3.24.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "codeql",
-      "version": "3.24.1",
+      "version": "3.24.2",
       "license": "MIT",
       "dependencies": {
         "@actions/artifact": "^1.1.2",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "3.24.1",
+  "version": "3.24.2",
   "private": true,
   "description": "CodeQL action",
   "scripts": {

pr-checks/checks/build-mode-rollback.yml

@@ -0,0 +1,31 @@
+name: "Build mode rollback"
+description: "The build mode is rolled back from none to autobuild when the relevant feature flag is enabled."
+operatingSystems: ["ubuntu"]
+versions: ["nightly-latest"]
+env:
+  CODEQL_ACTION_DISABLE_JAVA_BUILDLESS: true
+steps:
+  - name: Set up Java test repo configuration
+    run: |
+      mv * .github ../action/tests/multi-language-repo/
+      mv ../action/tests/multi-language-repo/.github/workflows .github
+      mv ../action/tests/java-repo/* .
+
+  - uses: ./../action/init
+    id: init
+    with:
+      build-mode: none
+      db-location: "${{ runner.temp }}/customDbLocation"
+      languages: java
+      tools: ${{ steps.prepare-test.outputs.tools-url }}
+
+  - name: Validate database build mode
+    run: |
+      metadata_path="$RUNNER_TEMP/customDbLocation/java/codeql-database.yml"
+      build_mode=$(yq eval '.buildMode' "$metadata_path")
+      if [[ "$build_mode" != "autobuild" ]]; then
+        echo "Expected build mode to be 'autobuild' but was $build_mode"
+        exit 1
+      fi
+
+  - uses: ./../action/analyze

src/analyze.ts

@@ -295,7 +295,7 @@ export async function runQueries(
       logger.startGroup(`Running queries for ${language}`);
       const startTimeRunQueries = new Date().getTime();
       const databasePath = util.getCodeQLDatabasePath(config, language);
-      await codeql.databaseRunQueries(databasePath, queryFlags, features);
+      await codeql.databaseRunQueries(databasePath, queryFlags);
       logger.debug(`Finished running queries for ${language}.`);
       // TODO should not be using `builtin` here. We should be using `all` instead.
       // The status report does not support `all` yet.

src/cli-errors.ts

@@ -1,5 +1,8 @@
 import { ConfigurationError } from "./util";
 
+const NO_SOURCE_CODE_SEEN_DOCS_LINK =
+  "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build";
+
 /**
  * A class of Error that we can classify as an error stemming from a CLI
  * invocation, with associated exit code, stderr,etc.
@@ -102,15 +105,18 @@ export enum CliConfigErrorCategory {
   IncompatibleWithActionVersion = "IncompatibleWithActionVersion",
   InitCalledTwice = "InitCalledTwice",
   InvalidSourceRoot = "InvalidSourceRoot",
-  NoJavaScriptTypeScriptCodeFound = "NoJavaScriptTypeScriptCodeFound",
+  NoBuildCommandAutodetected = "NoBuildCommandAutodetected",
+  NoBuildMethodAutodetected = "NoBuildMethodAutodetected",
+  NoSourceCodeSeen = "NoSourceCodeSeen",
+  NoSupportedBuildCommandSucceeded = "NoSupportedBuildCommandSucceeded",
+  NoSupportedBuildSystemDetected = "NoSupportedBuildSystemDetected",
 }
 
 type CliErrorConfiguration = {
-  cliErrorMessageSnippets: string[];
+  /** One of these candidates, or the exit code, must be present in the error message. */
+  cliErrorMessageCandidates: RegExp[];
   exitCode?: number;
-  // Error message to prepend for this type of CLI error.
-  // If undefined, use original CLI error message.
-  additionalErrorMessageToPrepend?: string;
+  additionalErrorMessageToAppend?: string;
 };
 
 /**
@@ -123,40 +129,75 @@ export const cliErrorsConfig: Record<
 > = {
   // Version of CodeQL CLI is incompatible with this version of the CodeQL Action
   [CliConfigErrorCategory.IncompatibleWithActionVersion]: {
-    cliErrorMessageSnippets: ["is not compatible with this CodeQL CLI"],
+    cliErrorMessageCandidates: [
+      new RegExp("is not compatible with this CodeQL CLI"),
+    ],
   },
   [CliConfigErrorCategory.InitCalledTwice]: {
-    cliErrorMessageSnippets: [
-      "Refusing to create databases",
-      "exists and is not an empty directory",
+    cliErrorMessageCandidates: [
+      new RegExp(
+        "Refusing to create databases .* but could not process any of it",
+      ),
     ],
-    additionalErrorMessageToPrepend: `Is the "init" action called twice in the same job?`,
+    additionalErrorMessageToAppend: `Is the "init" action called twice in the same job?`,
   },
   // Expected source location for database creation does not exist
   [CliConfigErrorCategory.InvalidSourceRoot]: {
-    cliErrorMessageSnippets: ["Invalid source root"],
+    cliErrorMessageCandidates: [new RegExp("Invalid source root")],
   },
-  /**
-   * Earlier versions of the JavaScript extractor (pre-CodeQL 2.12.0) extract externs even if no
-   * source code was found. This means that we don't get the no code found error from
-   * `codeql database finalize`. To ensure users get a good error message, we detect this manually
-   * here, and upon detection override the error message.
-   *
-   * This can be removed once support for CodeQL 2.11.6 is removed.
-   */
-  [CliConfigErrorCategory.NoJavaScriptTypeScriptCodeFound]: {
+  [CliConfigErrorCategory.NoBuildCommandAutodetected]: {
+    cliErrorMessageCandidates: [
+      new RegExp("Could not auto-detect a suitable build method"),
+    ],
+  },
+  [CliConfigErrorCategory.NoBuildMethodAutodetected]: {
+    cliErrorMessageCandidates: [
+      new RegExp(
+        "Could not detect a suitable build command for the source checkout",
+      ),
+    ],
+  },
+  // Usually when a manual build script has failed, or if an autodetected language
+  // was unintended to have CodeQL analysis run on it.
+  [CliConfigErrorCategory.NoSourceCodeSeen]: {
     exitCode: 32,
-    cliErrorMessageSnippets: ["No JavaScript or TypeScript code found."],
-    additionalErrorMessageToPrepend:
-      "No code found during the build. Please see: " +
-      "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.",
+    cliErrorMessageCandidates: [
+      new RegExp(
+        "CodeQL detected code written in .* but could not process any of it",
+      ),
+      new RegExp(
+        "CodeQL did not detect any code written in languages supported by CodeQL",
+      ),
+      /**
+       * Earlier versions of the JavaScript extractor (pre-CodeQL 2.12.0) extract externs even if no
+       * source code was found. This means that we don't get the no code found error from
+       * `codeql database finalize`. To ensure users get a good error message, we detect this manually
+       * here, and upon detection override the error message.
+       *
+       * This can be removed once support for CodeQL 2.11.6 is removed.
+       */
+      new RegExp("No JavaScript or TypeScript code found"),
+    ],
+  },
+
+  [CliConfigErrorCategory.NoSupportedBuildCommandSucceeded]: {
+    cliErrorMessageCandidates: [
+      new RegExp("No supported build command succeeded"),
+    ],
+  },
+  [CliConfigErrorCategory.NoSupportedBuildSystemDetected]: {
+    cliErrorMessageCandidates: [
+      new RegExp("No supported build system detected"),
+    ],
   },
 };
 
-// Check if the given CLI error or exit code, if applicable, apply to any known
-// CLI errors in the configuration record. If either the CLI error message matches all of
-// the error messages in the config record, or the exit codes match, return the error category;
-// if not, return undefined.
+/**
+ * Check if the given CLI error or exit code, if applicable, apply to any known
+ * CLI errors in the configuration record. If either the CLI error message matches one of
+ * the error messages in the config record, or the exit codes match, return the error category;
+ * if not, return undefined.
+ */
 export function getCliConfigCategoryIfExists(
   cliError: CommandInvocationError,
 ): CliConfigErrorCategory | undefined {
@@ -169,23 +210,31 @@ export function getCliConfigCategoryIfExists(
       return category as CliConfigErrorCategory;
     }
 
-    let allMessageSnippetsFound: boolean = true;
-    for (const e of configuration.cliErrorMessageSnippets) {
-      if (!cliError.message.includes(e) && !cliError.stderr.includes(e)) {
-        allMessageSnippetsFound = false;
+    for (const e of configuration.cliErrorMessageCandidates) {
+      if (cliError.message.match(e) || cliError.stderr.match(e)) {
+        return category as CliConfigErrorCategory;
       }
     }
-    if (allMessageSnippetsFound === true) {
-      return category as CliConfigErrorCategory;
-    }
   }
 
   return undefined;
 }
 
+/**
+ * Prepend a clearer error message with the docs link if the error message does not already
+ * include it. Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs
+ * should already include the doc link.
+ */
+function prependDocsLinkIfApplicable(cliErrorMessage: string): string {
+  if (!cliErrorMessage.includes(NO_SOURCE_CODE_SEEN_DOCS_LINK)) {
+    return `No code found during the build. Please see: ${NO_SOURCE_CODE_SEEN_DOCS_LINK}. Detailed error: ${cliErrorMessage}`;
+  }
+  return cliErrorMessage;
+}
+
 /**
  * Changes an error received from the CLI to a ConfigurationError with optionally an extra
- * error message prepended, if it exists in a known set of configuration errors. Otherwise,
+ * error message appended, if it exists in a known set of configuration errors. Otherwise,
  * simply returns the original error.
  */
 export function wrapCliConfigurationError(cliError: Error): Error {
@@ -198,12 +247,19 @@ export function wrapCliConfigurationError(cliError: Error): Error {
     return cliError;
   }
 
-  const errorMessageWrapperIfExists =
-    cliErrorsConfig[cliConfigErrorCategory].additionalErrorMessageToPrepend;
+  let errorMessageBuilder = cliError.message;
 
-  return errorMessageWrapperIfExists
-    ? new ConfigurationError(
-        `${errorMessageWrapperIfExists} ${cliError.message}`,
-      )
-    : new ConfigurationError(cliError.message);
+  // Can be removed once support for CodeQL 2.11.6 is removed; at that point, all runs should
+  // already include the doc link.
+  if (cliConfigErrorCategory === CliConfigErrorCategory.NoSourceCodeSeen) {
+    errorMessageBuilder = prependDocsLinkIfApplicable(errorMessageBuilder);
+  }
+
+  const additionalErrorMessageToAppend =
+    cliErrorsConfig[cliConfigErrorCategory].additionalErrorMessageToAppend;
+  if (additionalErrorMessageToAppend !== undefined) {
+    errorMessageBuilder = `${errorMessageBuilder} ${additionalErrorMessageToAppend}`;
+  }
+
+  return new ConfigurationError(errorMessageBuilder);
 }

src/codeql.test.ts

@@ -877,8 +877,8 @@ test("database finalize recognises JavaScript no code found error on CodeQL 2.11
     {
       instanceOf: util.ConfigurationError,
       message: new RegExp(
-        "No code found during the build. Please see: " +
-          "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.+",
+        "No code found during the build\\. Please see: " +
+          "https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\.",
       ),
     },
   );
@@ -896,8 +896,8 @@ test("database finalize overrides no code found error on CodeQL 2.11.6", async (
     {
       instanceOf: util.ConfigurationError,
       message: new RegExp(
-        "No code found during the build. Please see: " +
-          "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.+",
+        "No code found during the build\\. Please see: " +
+          "https://gh\\.io/troubleshooting-code-scanning/no-source-code-seen-during-build\\.",
       ),
     },
   );
@@ -942,9 +942,17 @@ test("runTool summarizes several fatal errors", async (t) => {
     async () =>
       await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048"),
     {
-      message:
-        'Encountered a fatal error while running "codeql-for-testing database finalize --finalize-dataset --threads=2 --ram=2048 db". ' +
-        `Exit code was 32 and error was: ${datasetImportError}. Context: ${heapError}. See the logs for more details.`,
+      instanceOf: util.ConfigurationError,
+      message: new RegExp(
+        'Encountered a fatal error while running \\"codeql-for-testing database finalize --finalize-dataset --threads=2 --ram=2048 db\\"\\. ' +
+          `Exit code was 32 and error was: ${datasetImportError.replaceAll(
+            ".",
+            "\\.",
+          )}\\. Context: ${heapError.replaceAll(
+            ".",
+            "\\.",
+          )}\\. See the logs for more details\\.`,
+      ),
     },
   );
 });
@@ -961,9 +969,11 @@ test("runTool outputs last line of stderr if fatal error could not be found", as
     async () =>
       await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048"),
     {
-      message:
-        'Encountered a fatal error while running "codeql-for-testing database finalize --finalize-dataset --threads=2 --ram=2048 db". ' +
-        "Exit code was 32 and last log line was: line5. See the logs for more details.",
+      instanceOf: util.ConfigurationError,
+      message: new RegExp(
+        'Encountered a fatal error while running \\"codeql-for-testing database finalize --finalize-dataset --threads=2 --ram=2048 db\\"\\. ' +
+          "Exit code was 32 and last log line was: line5\\. See the logs for more details\\.",
+      ),
     },
   );
 });

src/codeql.ts

@@ -147,11 +147,7 @@ export interface CodeQL {
   /**
    * Run 'codeql database run-queries'.
    */
-  databaseRunQueries(
-    databasePath: string,
-    flags: string[],
-    features: FeatureEnablement,
-  ): Promise<void>;
+  databaseRunQueries(databasePath: string, flags: string[]): Promise<void>;
   /**
    * Run 'codeql database interpret-results'.
    */
@@ -284,6 +280,8 @@ const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.7";
 const GHES_MOST_RECENT_DEPRECATION_DATE = "2023-11-08";
 
 /*
+ * Deprecated in favor of ToolsFeature.
+ *
  * Versions of CodeQL that version-flag certain functionality in the Action.
  * For convenience, please keep these in descending order. Once a version
  * flag is older than the oldest supported version above, it may be removed.
@@ -306,12 +304,6 @@ export const CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = "2.12.3";
  */
 export const CODEQL_VERSION_INIT_WITH_QLCONFIG = "2.12.4";
 
-/**
- * Versions 2.12.4+ of the CodeQL CLI provide a better error message when `database finalize`
- * determines that no code has been found.
- */
-export const CODEQL_VERSION_BETTER_NO_CODE_ERROR_MESSAGE = "2.12.4";
-
 /**
  * Versions 2.13.1+ of the CodeQL CLI fix a bug where diagnostics export could produce invalid SARIF.
  */
@@ -670,7 +662,14 @@ export async function getCodeQLForCmd(
       // When `DYLD_INSERT_LIBRARIES` is set in the environment for a step,
       // the Actions runtime introduces its own workaround for SIP
       // (https://github.com/actions/runner/pull/416).
-      await runTool(autobuildCmd);
+      try {
+        await runTool(autobuildCmd);
+      } catch (e) {
+        if (e instanceof Error) {
+          throw wrapCliConfigurationError(e);
+        }
+        throw e;
+      }
     },
     async extractScannedLanguage(config: Config, language: Language) {
       await runTool(cmd, [
@@ -709,13 +708,7 @@ export async function getCodeQLForCmd(
       try {
         await runTool(cmd, args);
       } catch (e) {
-        if (
-          e instanceof Error &&
-          !(await util.codeQlVersionAbove(
-            this,
-            CODEQL_VERSION_BETTER_NO_CODE_ERROR_MESSAGE,
-          ))
-        ) {
+        if (e instanceof Error) {
           throw wrapCliConfigurationError(e);
         }
         throw e;
@@ -806,7 +799,6 @@ export async function getCodeQLForCmd(
     async databaseRunQueries(
       databasePath: string,
       flags: string[],
-      features: FeatureEnablement,
     ): Promise<void> {
       const codeqlArgs = [
         "database",
@@ -821,19 +813,12 @@ export async function getCodeQLForCmd(
         codeqlArgs.push("--expect-discarded-cache");
       }
       if (
-        await features.getValue(
-          Feature.EvaluatorFineGrainedParallelismEnabled,
-          this,
-        )
-      ) {
-        codeqlArgs.push("--intra-layer-parallelism");
-      } else if (
         await util.codeQlVersionAbove(
           this,
           CODEQL_VERSION_FINE_GRAINED_PARALLELISM,
         )
       ) {
-        codeqlArgs.push("--no-intra-layer-parallelism");
+        codeqlArgs.push("--intra-layer-parallelism");
       }
       await runTool(cmd, codeqlArgs);
     },

src/config-utils.test.ts

@@ -15,12 +15,16 @@ import {
 } from "./codeql";
 import * as configUtils from "./config-utils";
 import { BuildMode } from "./config-utils";
+import { Feature } from "./feature-flags";
 import { Language } from "./languages";
 import { getRunnerLogger } from "./logging";
 import { parseRepositoryNwo } from "./repository";
 import {
   setupTests,
   mockLanguagesInRepo as mockLanguagesInRepo,
+  createFeatures,
+  getRecordingLogger,
+  LoggedMessage,
 } from "./testing-utils";
 import {
   GitHubVariant,
@@ -63,6 +67,7 @@ function createTestInitConfigInputs(
         apiURL: undefined,
         registriesAuthTokens: undefined,
       },
+      features: createFeatures([]),
       logger: getRunnerLogger(true),
     },
     overrides,
@@ -1080,3 +1085,45 @@ const mockRepositoryNwo = parseRepositoryNwo("owner/repo");
     t.deepEqual(mockRequest.called, args.expectedApiCall);
   });
 });
+
+test("Build mode not overridden when disable Java buildless feature flag disabled", async (t) => {
+  const messages: LoggedMessage[] = [];
+  const buildMode = await configUtils.parseBuildModeInput(
+    "none",
+    [Language.java],
+    createFeatures([]),
+    getRecordingLogger(messages),
+  );
+  t.is(buildMode, BuildMode.None);
+  t.deepEqual(messages, []);
+});
+
+test("Build mode not overridden for other languages", async (t) => {
+  const messages: LoggedMessage[] = [];
+  const buildMode = await configUtils.parseBuildModeInput(
+    "none",
+    [Language.python],
+    createFeatures([Feature.DisableJavaBuildlessEnabled]),
+    getRecordingLogger(messages),
+  );
+  t.is(buildMode, BuildMode.None);
+  t.deepEqual(messages, []);
+});
+
+test("Build mode overridden when analyzing Java and disable Java buildless feature flag enabled", async (t) => {
+  const messages: LoggedMessage[] = [];
+  const buildMode = await configUtils.parseBuildModeInput(
+    "none",
+    [Language.java],
+    createFeatures([Feature.DisableJavaBuildlessEnabled]),
+    getRecordingLogger(messages),
+  );
+  t.is(buildMode, BuildMode.Autobuild);
+  t.deepEqual(messages, [
+    {
+      message:
+        "Scanning Java code without a build is temporarily unavailable. Falling back to 'autobuild' build mode.",
+      type: "warning",
+    },
+  ]);
+});

src/config-utils.ts

@@ -7,6 +7,7 @@ import * as semver from "semver";
 
 import * as api from "./api-client";
 import { CodeQL, CODEQL_VERSION_LANGUAGE_ALIASING } from "./codeql";
+import { Feature, FeatureEnablement } from "./feature-flags";
 import { Language, parseLanguage } from "./languages";
 import { Logger } from "./logging";
 import { RepositoryNwo } from "./repository";
@@ -420,6 +421,7 @@ export interface InitConfigInputs {
   workspacePath: string;
   githubVersion: GitHubVersion;
   apiDetails: api.GitHubApiCombinedDetails;
+  features: FeatureEnablement;
   logger: Logger;
 }
 
@@ -449,6 +451,7 @@ export async function getDefaultConfig({
   tempDir,
   codeql,
   githubVersion,
+  features,
   logger,
 }: GetDefaultConfigInputs): Promise<Config> {
   const languages = await getLanguages(
@@ -457,6 +460,14 @@ export async function getDefaultConfig({
     repository,
     logger,
   );
+
+  const buildMode = await parseBuildModeInput(
+    buildModeInput,
+    languages,
+    features,
+    logger,
+  );
+
   const augmentationProperties = calculateAugmentation(
     packsInput,
     queriesInput,
@@ -472,7 +483,7 @@ export async function getDefaultConfig({
 
   return {
     languages,
-    buildMode: validateBuildModeInput(buildModeInput),
+    buildMode,
     originalUserInput: {},
     tempDir,
     codeQLCmd: codeql.getPath(),
@@ -526,6 +537,7 @@ async function loadConfig({
   workspacePath,
   githubVersion,
   apiDetails,
+  features,
   logger,
 }: LoadConfigInputs): Promise<Config> {
   let parsedYAML: UserConfig;
@@ -545,6 +557,13 @@ async function loadConfig({
     logger,
   );
 
+  const buildMode = await parseBuildModeInput(
+    buildModeInput,
+    languages,
+    features,
+    logger,
+  );
+
   const augmentationProperties = calculateAugmentation(
     packsInput,
     queriesInput,
@@ -560,7 +579,7 @@ async function loadConfig({
 
   return {
     languages,
-    buildMode: validateBuildModeInput(buildModeInput),
+    buildMode,
     originalUserInput: parsedYAML,
     tempDir,
     codeQLCmd: codeql.getPath(),
@@ -813,7 +832,7 @@ function dbLocationOrDefault(
 export async function initConfig(inputs: InitConfigInputs): Promise<Config> {
   let config: Config;
 
-  const { logger, workspacePath } = inputs;
+  const { logger, tempDir } = inputs;
 
   // if configInput is set, it takes precedence over configFile
   if (inputs.configInput) {
@@ -822,10 +841,7 @@ export async function initConfig(inputs: InitConfigInputs): Promise<Config> {
         `Both a config file and config input were provided. Ignoring config file.`,
       );
     }
-    inputs.configFile = path.resolve(
-      workspacePath,
-      "user-config-from-action.yml",
-    );
+    inputs.configFile = path.resolve(tempDir, "user-config-from-action.yml");
     fs.writeFileSync(inputs.configFile, inputs.configInput);
     logger.debug(`Using config from action input: ${inputs.configFile}`);
   }
@@ -1073,19 +1089,33 @@ export async function wrapEnvironment(
   }
 }
 
-function validateBuildModeInput(
-  buildModeInput: string | undefined,
-): BuildMode | undefined {
-  if (buildModeInput === undefined) {
+// Exported for testing
+export async function parseBuildModeInput(
+  input: string | undefined,
+  languages: Language[],
+  features: FeatureEnablement,
+  logger: Logger,
+): Promise<BuildMode | undefined> {
+  if (input === undefined) {
     return undefined;
   }
 
-  if (!Object.values(BuildMode).includes(buildModeInput as BuildMode)) {
+  if (!Object.values(BuildMode).includes(input as BuildMode)) {
     throw new ConfigurationError(
-      `Invalid build mode: '${buildModeInput}'. Supported build modes are: ${Object.values(
+      `Invalid build mode: '${input}'. Supported build modes are: ${Object.values(
         BuildMode,
       ).join(", ")}.`,
     );
   }
-  return buildModeInput as BuildMode;
+
+  if (
+    languages.includes(Language.java) &&
+    (await features.getValue(Feature.DisableJavaBuildlessEnabled))
+  ) {
+    logger.warning(
+      "Scanning Java code without a build is temporarily unavailable. Falling back to 'autobuild' build mode.",
+    );
+    return BuildMode.Autobuild;
+  }
+  return input as BuildMode;
 }

src/feature-flags.ts

@@ -46,10 +46,10 @@ export interface FeatureEnablement {
 export enum Feature {
   CppDependencyInstallation = "cpp_dependency_installation_enabled",
   CppTrapCachingEnabled = "cpp_trap_caching_enabled",
+  DisableJavaBuildlessEnabled = "disable_java_buildless_enabled",
   DisableKotlinAnalysisEnabled = "disable_kotlin_analysis_enabled",
   DisablePythonDependencyInstallationEnabled = "disable_python_dependency_installation_enabled",
   PythonDefaultIsToSkipDependencyInstallationEnabled = "python_default_is_to_skip_dependency_installation_enabled",
-  EvaluatorFineGrainedParallelismEnabled = "evaluator_fine_grained_parallelism_enabled",
   ExportDiagnosticsEnabled = "export_diagnostics_enabled",
   QaTelemetryEnabled = "qa_telemetry_enabled",
 }
@@ -68,14 +68,14 @@ export const featureConfig: Record<
     minimumVersion: "2.16.1",
     defaultValue: false,
   },
-  [Feature.DisableKotlinAnalysisEnabled]: {
-    envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
+  [Feature.DisableJavaBuildlessEnabled]: {
+    envVar: "CODEQL_ACTION_DISABLE_JAVA_BUILDLESS",
     minimumVersion: undefined,
     defaultValue: false,
   },
-  [Feature.EvaluatorFineGrainedParallelismEnabled]: {
-    envVar: "CODEQL_EVALUATOR_FINE_GRAINED_PARALLELISM",
-    minimumVersion: CODEQL_VERSION_FINE_GRAINED_PARALLELISM,
+  [Feature.DisableKotlinAnalysisEnabled]: {
+    envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
+    minimumVersion: undefined,
     defaultValue: false,
   },
   [Feature.ExportDiagnosticsEnabled]: {

src/init-action.ts

@@ -285,6 +285,7 @@ async function run() {
       workspacePath: getRequiredEnvParam("GITHUB_WORKSPACE"),
       githubVersion: gitHubVersion,
       apiDetails,
+      features,
       logger,
     });
 

tests/java-repo/.gradle/buildOutputCleanup/cache.properties

@@ -1,2 +0,0 @@
-#Thu Feb 08 15:11:31 GMT 2024
-gradle.version=8.1.1