diff --git a/.github/workflows/__rubocop-multi-language.yml b/.github/workflows/__rubocop-multi-language.yml index 442fd0b93..33e78dd70 100644 --- a/.github/workflows/__rubocop-multi-language.yml +++ b/.github/workflows/__rubocop-multi-language.yml @@ -59,7 +59,7 @@ jobs: use-all-platform-bundle: 'false' setup-kotlin: 'true' - name: Set up Ruby - uses: ruby/setup-ruby@4c56a21280b36d862b5fc31348f463d60bdc55d5 # v1.301.0 + uses: ruby/setup-ruby@0cb964fd540e0a24c900370abf38a33466142735 # v1.305.0 with: ruby-version: 2.6 - name: Install Code Scanning integration diff --git a/CHANGELOG.md b/CHANGELOG.md index 8b9a76e4e..75d131337 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,8 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th ## [UNRELEASED] - Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. [#3850](https://github.com/github/codeql-action/pull/3850) +- Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. [#3852](https://github.com/github/codeql-action/pull/3852) +- _Upcoming breaking change_: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. [#3837](https://github.com/github/codeql-action/pull/3837) ## 4.35.2 - 15 Apr 2026 diff --git a/README.md b/README.md index 35b50c6a3..bee9072a0 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ We typically release new minor versions of the CodeQL Action and Bundle when a n | Minimum CodeQL Action | Minimum CodeQL Bundle Version | GitHub Environment | Notes | |-----------------------|-------------------------------|--------------------|-------| +| `v4.33.0` | `2.24.3` | Enterprise Server 3.21 | | | `v4.31.10` | `2.23.9` | Enterprise Server 3.20 | | | `v3.29.11` | `2.22.4` | Enterprise Server 3.19 | | | `v3.28.21` | `2.21.3` | Enterprise Server 3.18 | | diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index aa0463414..e09612b2c 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -161660,7 +161660,7 @@ var semver = __toESM(require_semver2()); // src/api-compatibility.json var maximumVersion = "3.21"; -var minimumVersion = "3.14"; +var minimumVersion = "3.16"; // src/json/index.ts function isObject2(value) { @@ -163010,9 +163010,9 @@ async function shouldEnableIndirectTracing(codeql, config) { // src/codeql.ts var cachedCodeQL = void 0; var CODEQL_MINIMUM_VERSION = "2.17.6"; -var CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; -var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; -var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; +var CODEQL_NEXT_MINIMUM_VERSION = "2.19.4"; +var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.15"; +var GHES_MOST_RECENT_DEPRECATION_DATE = "2026-04-09"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; async function getCodeQL(cmd) { if (cachedCodeQL === void 0) { diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 712b2b62b..372021fc2 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -107850,6 +107850,7 @@ function formatDuration(durationMs) { // src/diagnostics.ts var unwrittenDiagnostics = []; var unwrittenDefaultLanguageDiagnostics = []; +var diagnosticCounter = 0; function makeDiagnostic(id, name, data = void 0) { return { ...data, @@ -107892,10 +107893,14 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = (diagnosticCounter++).toString(); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { @@ -110040,9 +110045,9 @@ async function endTracingForCluster(codeql, config, logger) { // src/codeql.ts var cachedCodeQL = void 0; var CODEQL_MINIMUM_VERSION = "2.17.6"; -var CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; -var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; -var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; +var CODEQL_NEXT_MINIMUM_VERSION = "2.19.4"; +var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.15"; +var GHES_MOST_RECENT_DEPRECATION_DATE = "2026-04-09"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index a1b0a3255..6825745a3 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -103552,7 +103552,7 @@ var semver = __toESM(require_semver2()); // src/api-compatibility.json var maximumVersion = "3.21"; -var minimumVersion = "3.14"; +var minimumVersion = "3.16"; // src/json/index.ts function isObject2(value) { @@ -105422,9 +105422,9 @@ async function endTracingForCluster(codeql, config, logger) { // src/codeql.ts var cachedCodeQL = void 0; var CODEQL_MINIMUM_VERSION = "2.17.6"; -var CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; -var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; -var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; +var CODEQL_NEXT_MINIMUM_VERSION = "2.19.4"; +var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.15"; +var GHES_MOST_RECENT_DEPRECATION_DATE = "2026-04-09"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; async function getCodeQL(cmd) { if (cachedCodeQL === void 0) { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 59a13f628..e8dc72e0b 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -164557,7 +164557,7 @@ var semver = __toESM(require_semver2()); // src/api-compatibility.json var maximumVersion = "3.21"; -var minimumVersion = "3.14"; +var minimumVersion = "3.16"; // src/json/index.ts function isObject2(value) { @@ -165769,6 +165769,7 @@ function formatDuration(durationMs) { // src/diagnostics.ts var unwrittenDiagnostics = []; var unwrittenDefaultLanguageDiagnostics = []; +var diagnosticCounter = 0; function makeDiagnostic(id, name, data = void 0) { return { ...data, @@ -165811,10 +165812,14 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = (diagnosticCounter++).toString(); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { @@ -167852,9 +167857,9 @@ async function shouldEnableIndirectTracing(codeql, config) { // src/codeql.ts var cachedCodeQL = void 0; var CODEQL_MINIMUM_VERSION = "2.17.6"; -var CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; -var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; -var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; +var CODEQL_NEXT_MINIMUM_VERSION = "2.19.4"; +var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.15"; +var GHES_MOST_RECENT_DEPRECATION_DATE = "2026-04-09"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { diff --git a/lib/init-action.js b/lib/init-action.js index 51f1eef91..cb2a6bc9f 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -103760,7 +103760,7 @@ var semver = __toESM(require_semver2()); // src/api-compatibility.json var maximumVersion = "3.21"; -var minimumVersion = "3.14"; +var minimumVersion = "3.16"; // src/json/index.ts function isObject2(value) { @@ -105355,6 +105355,7 @@ function formatDuration(durationMs) { // src/diagnostics.ts var unwrittenDiagnostics = []; var unwrittenDefaultLanguageDiagnostics = []; +var diagnosticCounter = 0; function makeDiagnostic(id, name, data = void 0) { return { ...data, @@ -105397,10 +105398,14 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = (diagnosticCounter++).toString(); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { @@ -108970,9 +108975,9 @@ async function getCombinedTracerConfig(codeql, config) { // src/codeql.ts var cachedCodeQL = void 0; var CODEQL_MINIMUM_VERSION = "2.17.6"; -var CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; -var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; -var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; +var CODEQL_NEXT_MINIMUM_VERSION = "2.19.4"; +var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.15"; +var GHES_MOST_RECENT_DEPRECATION_DATE = "2026-04-09"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { @@ -110654,17 +110659,22 @@ async function run(startedAt) { let dependencyCachingStatus; try { if (config.overlayDatabaseMode === "overlay" /* Overlay */ && config.useOverlayDatabaseCaching) { - overlayBaseDatabaseStats = await downloadOverlayBaseDatabaseFromCache( - codeql, - config, - logger + await withGroupAsync( + "Checking cache for overlay-base database", + async () => { + overlayBaseDatabaseStats = await downloadOverlayBaseDatabaseFromCache( + codeql, + config, + logger + ); + if (!overlayBaseDatabaseStats) { + config.overlayDatabaseMode = "none" /* None */; + logger.info( + `No overlay-base database found in cache, reverting overlay database mode to ${"none" /* None */}.` + ); + } + } ); - if (!overlayBaseDatabaseStats) { - config.overlayDatabaseMode = "none" /* None */; - logger.info( - `No overlay-base database found in cache, reverting overlay database mode to ${"none" /* None */}.` - ); - } } if (config.overlayDatabaseMode !== "overlay" /* Overlay */) { cleanupDatabaseClusterDirectory(config, logger); diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 02342c09b..87def4ccd 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -103552,7 +103552,7 @@ var semver = __toESM(require_semver2()); // src/api-compatibility.json var maximumVersion = "3.21"; -var minimumVersion = "3.14"; +var minimumVersion = "3.16"; // src/json/index.ts function isObject2(value) { @@ -105059,9 +105059,9 @@ async function shouldEnableIndirectTracing(codeql, config) { // src/codeql.ts var cachedCodeQL = void 0; var CODEQL_MINIMUM_VERSION = "2.17.6"; -var CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; -var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; -var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; +var CODEQL_NEXT_MINIMUM_VERSION = "2.19.4"; +var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.15"; +var GHES_MOST_RECENT_DEPRECATION_DATE = "2026-04-09"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; async function getCodeQL(cmd) { if (cachedCodeQL === void 0) { diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 58431548c..a2699cb27 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -103597,7 +103597,7 @@ var semver = __toESM(require_semver2()); // src/api-compatibility.json var maximumVersion = "3.21"; -var minimumVersion = "3.14"; +var minimumVersion = "3.16"; // src/json/index.ts function isObject2(value) { @@ -105425,6 +105425,7 @@ function formatDuration(durationMs) { // src/diagnostics.ts var unwrittenDiagnostics = []; var unwrittenDefaultLanguageDiagnostics = []; +var diagnosticCounter = 0; function makeDiagnostic(id, name, data = void 0) { return { ...data, @@ -105467,10 +105468,14 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = (diagnosticCounter++).toString(); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { @@ -106463,9 +106468,9 @@ async function shouldEnableIndirectTracing(codeql, config) { // src/codeql.ts var cachedCodeQL = void 0; var CODEQL_MINIMUM_VERSION = "2.17.6"; -var CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; -var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; -var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; +var CODEQL_NEXT_MINIMUM_VERSION = "2.19.4"; +var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.15"; +var GHES_MOST_RECENT_DEPRECATION_DATE = "2026-04-09"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 00a390c1f..11e1e8a97 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -161656,7 +161656,7 @@ var semver = __toESM(require_semver2()); // src/api-compatibility.json var maximumVersion = "3.21"; -var minimumVersion = "3.14"; +var minimumVersion = "3.16"; // src/json/index.ts function isObject2(value) { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 60cd5fe57..0d9ffc35e 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -107460,6 +107460,7 @@ function formatDuration(durationMs) { // src/diagnostics.ts var unwrittenDiagnostics = []; var unwrittenDefaultLanguageDiagnostics = []; +var diagnosticCounter = 0; function makeDiagnostic(id, name, data = void 0) { return { ...data, @@ -107502,10 +107503,14 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = (diagnosticCounter++).toString(); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { @@ -109149,9 +109154,9 @@ async function shouldEnableIndirectTracing(codeql, config) { // src/codeql.ts var cachedCodeQL = void 0; var CODEQL_MINIMUM_VERSION = "2.17.6"; -var CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; -var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; -var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; +var CODEQL_NEXT_MINIMUM_VERSION = "2.19.4"; +var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.15"; +var GHES_MOST_RECENT_DEPRECATION_DATE = "2026-04-09"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 00baeb360..9f2fd24eb 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -161656,7 +161656,7 @@ var semver = __toESM(require_semver2()); // src/api-compatibility.json var maximumVersion = "3.21"; -var minimumVersion = "3.14"; +var minimumVersion = "3.16"; // src/json/index.ts function isObject2(value) { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index aeaf1e7c6..02f6c1fb3 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -108216,6 +108216,7 @@ var import_fs = require("fs"); var import_path = __toESM(require("path")); var unwrittenDiagnostics = []; var unwrittenDefaultLanguageDiagnostics = []; +var diagnosticCounter = 0; function makeDiagnostic(id, name, data = void 0) { return { ...data, @@ -108258,10 +108259,14 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = (diagnosticCounter++).toString(); + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "" + ); const jsonPath = import_path.default.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { @@ -109815,9 +109820,9 @@ async function shouldEnableIndirectTracing(codeql, config) { // src/codeql.ts var cachedCodeQL = void 0; var CODEQL_MINIMUM_VERSION = "2.17.6"; -var CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; -var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; -var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; +var CODEQL_NEXT_MINIMUM_VERSION = "2.19.4"; +var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.15"; +var GHES_MOST_RECENT_DEPRECATION_DATE = "2026-04-09"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { diff --git a/pr-checks/checks/rubocop-multi-language.yml b/pr-checks/checks/rubocop-multi-language.yml index ecfdcde46..504dce1cd 100644 --- a/pr-checks/checks/rubocop-multi-language.yml +++ b/pr-checks/checks/rubocop-multi-language.yml @@ -5,7 +5,7 @@ versions: - default steps: - name: Set up Ruby - uses: ruby/setup-ruby@4c56a21280b36d862b5fc31348f463d60bdc55d5 # v1.301.0 + uses: ruby/setup-ruby@0cb964fd540e0a24c900370abf38a33466142735 # v1.305.0 with: ruby-version: 2.6 - name: Install Code Scanning integration diff --git a/src/api-compatibility.json b/src/api-compatibility.json index 2e55b9ad7..2cded5e4c 100644 --- a/src/api-compatibility.json +++ b/src/api-compatibility.json @@ -1 +1 @@ -{"maximumVersion": "3.21", "minimumVersion": "3.14"} +{"maximumVersion": "3.21", "minimumVersion": "3.16"} diff --git a/src/codeql.ts b/src/codeql.ts index fda355033..ecad2ea19 100644 --- a/src/codeql.ts +++ b/src/codeql.ts @@ -282,17 +282,17 @@ const CODEQL_MINIMUM_VERSION = "2.17.6"; /** * This version will shortly become the oldest version of CodeQL that the Action will run with. */ -const CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; +const CODEQL_NEXT_MINIMUM_VERSION = "2.19.4"; /** * This is the version of GHES that was most recently deprecated. */ -const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; +const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.15"; /** * This is the deprecation date for the version of GHES that was most recently deprecated. */ -const GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; +const GHES_MOST_RECENT_DEPRECATION_DATE = "2026-04-09"; /** The CLI verbosity level to use for extraction in debug mode. */ const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; diff --git a/src/diagnostics.ts b/src/diagnostics.ts index 4d8fc87b5..65e82ce1a 100644 --- a/src/diagnostics.ts +++ b/src/diagnostics.ts @@ -72,6 +72,13 @@ let unwrittenDiagnostics: UnwrittenDiagnostic[] = []; */ let unwrittenDefaultLanguageDiagnostics: DiagnosticMessage[] = []; +/** + * Counter used to generate a unique suffix for each diagnostic filename, so that + * two diagnostics produced within the same millisecond do not overwrite each + * other on disk. + */ +let diagnosticCounter = 0; + /** * Constructs a new diagnostic message with the specified id and name, as well as optional additional data. * @@ -167,10 +174,18 @@ function writeDiagnostic( // Create the directory if it doesn't exist yet. mkdirSync(diagnosticsPath, { recursive: true }); + // Include a monotonically increasing suffix to avoid filename collisions + // between diagnostics produced within the same millisecond. + const uniqueSuffix = (diagnosticCounter++).toString(); + // We should only need to remove colons, but to be defensive, only allow a restricted set of + // characters. + const sanitizedTimestamp = diagnostic.timestamp.replace( + /[^a-zA-Z0-9.-]/g, + "", + ); const jsonPath = path.resolve( diagnosticsPath, - // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json`, + `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json`, ); writeFileSync(jsonPath, JSON.stringify(diagnostic)); diff --git a/src/init-action.ts b/src/init-action.ts index 37a9df9c8..859dcefa2 100644 --- a/src/init-action.ts +++ b/src/init-action.ts @@ -465,18 +465,23 @@ async function run(startedAt: Date) { // necessary preparations. So, in that mode, we would assume that // everything is in order and let the analysis fail if that turns out not // to be the case. - overlayBaseDatabaseStats = await downloadOverlayBaseDatabaseFromCache( - codeql, - config, - logger, + await withGroupAsync( + "Checking cache for overlay-base database", + async () => { + overlayBaseDatabaseStats = await downloadOverlayBaseDatabaseFromCache( + codeql, + config, + logger, + ); + if (!overlayBaseDatabaseStats) { + config.overlayDatabaseMode = OverlayDatabaseMode.None; + logger.info( + "No overlay-base database found in cache, " + + `reverting overlay database mode to ${OverlayDatabaseMode.None}.`, + ); + } + }, ); - if (!overlayBaseDatabaseStats) { - config.overlayDatabaseMode = OverlayDatabaseMode.None; - logger.info( - "No overlay-base database found in cache, " + - `reverting overlay database mode to ${OverlayDatabaseMode.None}.`, - ); - } } if (config.overlayDatabaseMode !== OverlayDatabaseMode.Overlay) {