github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-05-07 14:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3081 from github/update-v3.30.1-2d2f57ed3

Browse Source 
Merge main into releases/v3
This commit is contained in:
Arthur Baars
2025-09-05 13:56:19 +02:00
committed by GitHub
parent 2d92b76c45 5dd2164a3d
commit 07a3889388
39 changed files with 25250 additions and 90593 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/dependabot.yml
-3
View File
@@ -11,9 +11,6 @@ updates:
# There is a type incompatibility issue between v0.0.9 and our other dependencies.
- dependency-name: "@octokit/plugin-retry"
versions: ["~6.0.0"]
# v7 requires ESM
- dependency-name: "del"
versions: ["^7.0.0"]
# This is broken due to the way configuration files have changed.
# This might be fixed when we move to eslint v9.
- dependency-name: "eslint-plugin-import"
.github/workflows/__rubocop-multi-language.yml
Generated
+1 -1
View File
@@ -49,7 +49,7 @@ jobs:
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Set up Ruby
uses: ruby/setup-ruby@efbf473cab83af4468e8606cc33eca9281bb213f # v1.256.0
uses: ruby/setup-ruby@44511735964dcb71245e7e55f72539531f7bc0eb # v1.257.0
with:
ruby-version: 2.6
- name: Install Code Scanning integration
.github/workflows/update-bundle.yml
+9
View File
@@ -36,6 +36,15 @@ jobs:
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config --global user.name "github-actions[bot]"
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '20.x'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Update bundle
uses: ./.github/actions/update-bundle
CHANGELOG.md
+5 -1
View File
@@ -2,9 +2,13 @@
See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
## 3.30.1 - 05 Sep 2025
- Update default CodeQL bundle version to 2.23.0. [#3077](https://github.com/github/codeql-action/pull/3077)
## 3.30.0 - 01 Sep 2025
No user facing changes.
- Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. [#3054](https://github.com/github/codeql-action/pull/3054)
## 3.29.11 - 21 Aug 2025
eslint.config.mjs
+1 -1
View File
@@ -76,7 +76,7 @@ export default [
typescript: {},
},
"import/ignore": ["sinon", "uuid", "@octokit/plugin-retry"],
"import/ignore": ["sinon", "uuid", "@octokit/plugin-retry", "del", "get-folder-size"],
},
rules: {
init/action.yml
+1 -1
View File
@@ -97,7 +97,7 @@ inputs:
description: Comma-separated list of additional queries to run. By default, this overrides the same setting in a configuration file; prefix with "+" to use both sets of queries.
required: false
quality-queries:
description: '[Internal] Comma-separated list of code quality queries to run.'
description: '[Internal] DEPRECATED. Comma-separated list of code quality queries to run.'
required: false
packs:
description: >-
lib/analyze-action-post.js
Generated
+2060 -10422
View File
File diff suppressed because it is too large Load Diff
lib/analyze-action.js
Generated
+3064 -5646
View File
File diff suppressed because it is too large Load Diff
lib/autobuild-action.js
Generated
+1085 -10266
View File
File diff suppressed because it is too large Load Diff
lib/defaults.json
+4 -4
View File
@@ -1,6 +1,6 @@
{
"bundleVersion": "codeql-bundle-v2.22.4",
"cliVersion": "2.22.4",
"priorBundleVersion": "codeql-bundle-v2.22.3",
"priorCliVersion": "2.22.3"
"bundleVersion": "codeql-bundle-v2.23.0",
"cliVersion": "2.23.0",
"priorBundleVersion": "codeql-bundle-v2.22.4",
"priorCliVersion": "2.22.4"
}
lib/init-action-post.js
Generated
+4430 -6194
View File
File diff suppressed because it is too large Load Diff
lib/init-action.js
Generated
+2759 -5282
View File
File diff suppressed because it is too large Load Diff
lib/resolve-environment-action.js
Generated
+1075 -10256
View File
File diff suppressed because it is too large Load Diff
lib/start-proxy-action-post.js
Generated
+2042 -10376
View File
File diff suppressed because it is too large Load Diff
lib/start-proxy-action.js
Generated
+122 -10053
View File
File diff suppressed because it is too large Load Diff
lib/upload-lib.js
Generated
+2912 -5491
View File
File diff suppressed because it is too large Load Diff
lib/upload-sarif-action-post.js
Generated
+2063 -10397
View File
File diff suppressed because it is too large Load Diff
lib/upload-sarif-action.js
Generated
+3037 -5616
View File
File diff suppressed because it is too large Load Diff
package-lock.json
Generated
+93 -196
View File
@@ -1,12 +1,12 @@
{
"name": "codeql",
"version": "3.30.0",
"version": "3.30.1",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "codeql",
"version": "3.30.0",
"version": "3.30.1",
"license": "MIT",
"dependencies": {
"@actions/artifact": "^2.3.1",
@@ -24,21 +24,17 @@
"archiver": "^7.0.1",
"check-disk-space": "^3.4.0",
"console-log-level": "^1.4.1",
"del": "^6.1.1",
"del": "^8.0.0",
"fast-deep-equal": "^3.1.3",
"file-url": "^3.0.0",
"follow-redirects": "^1.15.11",
"fs": "0.0.1-security",
"get-folder-size": "^2.0.1",
"get-folder-size": "^5.0.0",
"js-yaml": "^4.1.0",
"jsonschema": "1.4.1",
"long": "^5.3.2",
"node-forge": "^1.3.1",
"octokit": "^5.0.3",
"path": "^0.12.7",
"semver": "^7.7.2",
"uuid": "^11.1.0",
"zlib": "^1.0.5"
"uuid": "^11.1.0"
},
"devDependencies": {
"@ava/typescript": "6.0.0",
@@ -50,7 +46,7 @@
"@types/archiver": "^6.0.3",
"@types/console-log-level": "^1.4.5",
"@types/follow-redirects": "^1.14.4",
"@types/get-folder-size": "^2.0.0",
"@types/get-folder-size": "^3.0.4",
"@types/js-yaml": "^4.0.9",
"@types/node": "20.19.9",
"@types/node-forge": "^1.3.14",
@@ -2464,9 +2460,14 @@
}
},
"node_modules/@types/get-folder-size": {
"version": "2.0.0",
"version": "3.0.4",
"resolved": "https://registry.npmjs.org/@types/get-folder-size/-/get-folder-size-3.0.4.tgz",
"integrity": "sha512-tSf/k7Undx6jKRwpChR9tl+0ZPf0BVwkjBRtJ5qSnz6iWm2ZRYMAS2MktC2u7YaTAFHmxpL/LBxI85M7ioJCSg==",
"dev": true,
"license": "MIT"
"license": "MIT",
"dependencies": {
"@types/node": "*"
}
},
"node_modules/@types/js-yaml": {
"version": "4.0.9",
@@ -3681,13 +3682,6 @@
"url": "https://github.com/sponsors/ljharb"
}
},
"node_modules/array-union": {
"version": "2.1.0",
"license": "MIT",
"engines": {
"node": ">=8"
}
},
"node_modules/array.prototype.findlastindex": {
"version": "1.2.5",
"resolved": "https://registry.npmjs.org/array.prototype.findlastindex/-/array.prototype.findlastindex-1.2.5.tgz",
@@ -3870,18 +3864,6 @@
}
}
},
"node_modules/ava/node_modules/@sindresorhus/merge-streams": {
"version": "2.3.0",
"resolved": "https://registry.npmjs.org/@sindresorhus/merge-streams/-/merge-streams-2.3.0.tgz",
"integrity": "sha512-LtoMMhxAlorcGhmFYI+LhPgbPZCkgP6ra1YL604EeF6U98pLlQ3iWIGMdWSC+vWmPBWBNgmDBAhnAobLROJmwg==",
"dev": true,
"engines": {
"node": ">=18"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/ava/node_modules/ansi-regex": {
"version": "6.1.0",
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz",
@@ -3906,47 +3888,6 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/ava/node_modules/globby": {
"version": "14.1.0",
"resolved": "https://registry.npmjs.org/globby/-/globby-14.1.0.tgz",
"integrity": "sha512-0Ia46fDOaT7k4og1PDW4YbodWWr3scS2vAr2lTbsplOt2WkKp0vQbkI9wKis/T5LV/dqPjO3bpS/z6GTJB82LA==",
"dev": true,
"dependencies": {
"@sindresorhus/merge-streams": "^2.1.0",
"fast-glob": "^3.3.3",
"ignore": "^7.0.3",
"path-type": "^6.0.0",
"slash": "^5.1.0",
"unicorn-magic": "^0.3.0"
},
"engines": {
"node": ">=18"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/ava/node_modules/ignore": {
"version": "7.0.5",
"resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.5.tgz",
"integrity": "sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==",
"dev": true,
"engines": {
"node": ">= 4"
}
},
"node_modules/ava/node_modules/path-type": {
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/path-type/-/path-type-6.0.0.tgz",
"integrity": "sha512-Vj7sf++t5pBD637NSfkxpHSMfWaeig5+DKWLhcqIYx6mWQz5hdJTGDVMQiJcw1ZYkhs7AazKDGpRVji1LJCZUQ==",
"dev": true,
"engines": {
"node": ">=18"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/ava/node_modules/picomatch": {
"version": "4.0.2",
"resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz",
@@ -3959,18 +3900,6 @@
"url": "https://github.com/sponsors/jonschlinkert"
}
},
"node_modules/ava/node_modules/slash": {
"version": "5.1.0",
"resolved": "https://registry.npmjs.org/slash/-/slash-5.1.0.tgz",
"integrity": "sha512-ZA6oR3T/pEyuqwMgAKT0/hAv8oAXckzbkmR0UkUosQ+Mc4RxGoJkRmwHgHufaenlyAgE1Mxgpdcrf75y6XcnDg==",
"dev": true,
"engines": {
"node": ">=14.16"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/ava/node_modules/strip-ansi": {
"version": "7.1.0",
"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz",
@@ -4701,58 +4630,32 @@
}
},
"node_modules/del": {
"version": "6.1.1",
"version": "8.0.0",
"resolved": "https://registry.npmjs.org/del/-/del-8.0.0.tgz",
"integrity": "sha512-R6ep6JJ+eOBZsBr9esiNN1gxFbZE4Q2cULkUSFumGYecAiS6qodDvcPx/sFuWHMNul7DWmrtoEOpYSm7o6tbSA==",
"license": "MIT",
"dependencies": {
"globby": "^11.0.1",
"graceful-fs": "^4.2.4",
"is-glob": "^4.0.1",
"is-path-cwd": "^2.2.0",
"is-path-inside": "^3.0.2",
"p-map": "^4.0.0",
"rimraf": "^3.0.2",
"slash": "^3.0.0"
"globby": "^14.0.2",
"is-glob": "^4.0.3",
"is-path-cwd": "^3.0.0",
"is-path-inside": "^4.0.0",
"p-map": "^7.0.2",
"slash": "^5.1.0"
},
"engines": {
"node": ">=10"
"node": ">=18"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/del/node_modules/aggregate-error": {
"version": "3.1.0",
"license": "MIT",
"dependencies": {
"clean-stack": "^2.0.0",
"indent-string": "^4.0.0"
},
"engines": {
"node": ">=8"
}
},
"node_modules/del/node_modules/clean-stack": {
"version": "2.2.0",
"license": "MIT",
"engines": {
"node": ">=6"
}
},
"node_modules/del/node_modules/indent-string": {
"node_modules/del/node_modules/is-path-inside": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-4.0.0.tgz",
"integrity": "sha512-lJJV/5dYS+RcL8uQdBDW9c9uWFLLBNRyFhnAKXw5tVqLlKZ4RMGZKv+YQ/IA3OhD+RpbJa1LLFM1FQPGyIXvOA==",
"license": "MIT",
"engines": {
"node": ">=8"
}
},
"node_modules/del/node_modules/p-map": {
"version": "4.0.0",
"license": "MIT",
"dependencies": {
"aggregate-error": "^3.0.0"
},
"engines": {
"node": ">=10"
"node": ">=12"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
@@ -4787,16 +4690,6 @@
"node": ">=0.3.1"
}
},
"node_modules/dir-glob": {
"version": "3.0.1",
"license": "MIT",
"dependencies": {
"path-type": "^4.0.0"
},
"engines": {
"node": ">=8"
}
},
"node_modules/doctrine": {
"version": "2.1.0",
"dev": true,
@@ -5900,13 +5793,6 @@
"integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==",
"dev": true
},
"node_modules/file-url": {
"version": "3.0.0",
"license": "MIT",
"engines": {
"node": ">=8"
}
},
"node_modules/fill-range": {
"version": "7.1.1",
"license": "MIT",
@@ -6007,12 +5893,9 @@
"node": ">= 0.12"
}
},
"node_modules/fs": {
"version": "0.0.1-security",
"license": "ISC"
},
"node_modules/fs.realpath": {
"version": "1.0.0",
"dev": true,
"license": "ISC"
},
"node_modules/function-bind": {
@@ -6048,10 +5931,6 @@
"url": "https://github.com/sponsors/ljharb"
}
},
"node_modules/gar": {
"version": "1.0.4",
"license": "MIT"
},
"node_modules/get-caller-file": {
"version": "2.0.5",
"resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz",
@@ -6074,14 +5953,15 @@
}
},
"node_modules/get-folder-size": {
"version": "2.0.1",
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/get-folder-size/-/get-folder-size-5.0.0.tgz",
"integrity": "sha512-+fgtvbL83tSDypEK+T411GDBQVQtxv+qtQgbV+HVa/TYubqDhNd5ghH/D6cOHY9iC5/88GtOZB7WI8PXy2A3bg==",
"license": "MIT",
"dependencies": {
"gar": "^1.0.4",
"tiny-each-async": "2.0.3"
},
"bin": {
"get-folder-size": "bin/get-folder-size"
"get-folder-size": "bin/get-folder-size.js"
},
"engines": {
"node": ">=18.11.0"
}
},
"node_modules/get-intrinsic": {
@@ -6244,23 +6124,46 @@
}
},
"node_modules/globby": {
"version": "11.1.0",
"version": "14.1.0",
"resolved": "https://registry.npmjs.org/globby/-/globby-14.1.0.tgz",
"integrity": "sha512-0Ia46fDOaT7k4og1PDW4YbodWWr3scS2vAr2lTbsplOt2WkKp0vQbkI9wKis/T5LV/dqPjO3bpS/z6GTJB82LA==",
"license": "MIT",
"dependencies": {
"array-union": "^2.1.0",
"dir-glob": "^3.0.1",
"fast-glob": "^3.2.9",
"ignore": "^5.2.0",
"merge2": "^1.4.1",
"slash": "^3.0.0"
"@sindresorhus/merge-streams": "^2.1.0",
"fast-glob": "^3.3.3",
"ignore": "^7.0.3",
"path-type": "^6.0.0",
"slash": "^5.1.0",
"unicorn-magic": "^0.3.0"
},
"engines": {
"node": ">=10"
"node": ">=18"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/globby/node_modules/@sindresorhus/merge-streams": {
"version": "2.3.0",
"resolved": "https://registry.npmjs.org/@sindresorhus/merge-streams/-/merge-streams-2.3.0.tgz",
"integrity": "sha512-LtoMMhxAlorcGhmFYI+LhPgbPZCkgP6ra1YL604EeF6U98pLlQ3iWIGMdWSC+vWmPBWBNgmDBAhnAobLROJmwg==",
"license": "MIT",
"engines": {
"node": ">=18"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/globby/node_modules/ignore": {
"version": "7.0.5",
"resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.5.tgz",
"integrity": "sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==",
"license": "MIT",
"engines": {
"node": ">= 4"
}
},
"node_modules/gopd": {
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz",
@@ -6415,6 +6318,7 @@
},
"node_modules/ignore": {
"version": "5.3.1",
"dev": true,
"license": "MIT",
"engines": {
"node": ">= 4"
@@ -6474,6 +6378,7 @@
},
"node_modules/inflight": {
"version": "1.0.6",
"dev": true,
"license": "ISC",
"dependencies": {
"once": "^1.3.0",
@@ -6678,14 +6583,20 @@
}
},
"node_modules/is-path-cwd": {
"version": "2.2.0",
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/is-path-cwd/-/is-path-cwd-3.0.0.tgz",
"integrity": "sha512-kyiNFFLU0Ampr6SDZitD/DwUo4Zs1nSdnygUBqsu3LooL00Qvb5j+UnvApUn/TTj1J3OuE6BTdQ5rudKmU2ZaA==",
"license": "MIT",
"engines": {
"node": ">=6"
"node": "^12.20.0 || ^14.13.1 || >=16.0.0"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/is-path-inside": {
"version": "3.0.3",
"dev": true,
"license": "MIT",
"engines": {
"node": ">=8"
@@ -7624,7 +7535,6 @@
"version": "7.0.3",
"resolved": "https://registry.npmjs.org/p-map/-/p-map-7.0.3.tgz",
"integrity": "sha512-VkndIv2fIB99swvQoA65bm+fsmt6UNdGeIB0oxBs+WhAhdh08QA04JXpI7rbB9r08/nkbysKoya9rtDERYOYMA==",
"dev": true,
"engines": {
"node": ">=18"
},
@@ -7677,16 +7587,9 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/path": {
"version": "0.12.7",
"license": "MIT",
"dependencies": {
"process": "^0.11.1",
"util": "^0.10.3"
}
},
"node_modules/path-is-absolute": {
"version": "1.0.1",
"dev": true,
"license": "MIT",
"engines": {
"node": ">=0.10.0"
@@ -7722,10 +7625,15 @@
}
},
"node_modules/path-type": {
"version": "4.0.0",
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/path-type/-/path-type-6.0.0.tgz",
"integrity": "sha512-Vj7sf++t5pBD637NSfkxpHSMfWaeig5+DKWLhcqIYx6mWQz5hdJTGDVMQiJcw1ZYkhs7AazKDGpRVji1LJCZUQ==",
"license": "MIT",
"engines": {
"node": ">=8"
"node": ">=18"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/picocolors": {
@@ -8012,6 +7920,7 @@
},
"node_modules/rimraf": {
"version": "3.0.2",
"dev": true,
"license": "ISC",
"dependencies": {
"glob": "^7.1.3"
@@ -8025,6 +7934,7 @@
},
"node_modules/rimraf/node_modules/glob": {
"version": "7.2.0",
"dev": true,
"license": "ISC",
"dependencies": {
"fs.realpath": "^1.0.0",
@@ -8250,10 +8160,15 @@
}
},
"node_modules/slash": {
"version": "3.0.0",
"version": "5.1.0",
"resolved": "https://registry.npmjs.org/slash/-/slash-5.1.0.tgz",
"integrity": "sha512-ZA6oR3T/pEyuqwMgAKT0/hAv8oAXckzbkmR0UkUosQ+Mc4RxGoJkRmwHgHufaenlyAgE1Mxgpdcrf75y6XcnDg==",
"license": "MIT",
"engines": {
"node": ">=8"
"node": ">=14.16"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/slice-ansi": {
@@ -8704,10 +8619,6 @@
"node": ">=4"
}
},
"node_modules/tiny-each-async": {
"version": "2.0.3",
"license": "MIT"
},
"node_modules/tinyglobby": {
"version": "0.2.12",
"resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.12.tgz",
@@ -9103,7 +9014,6 @@
"version": "0.3.0",
"resolved": "https://registry.npmjs.org/unicorn-magic/-/unicorn-magic-0.3.0.tgz",
"integrity": "sha512-+QBBXBCvifc56fsbuxZQ6Sic3wqqc3WWaqxs58gvJrcOuN83HGTCwz3oS5phzU9LthRNE9VrJCFCLUgHeeFnfA==",
"dev": true,
"engines": {
"node": ">=18"
},
@@ -9175,13 +9085,6 @@
"integrity": "sha512-E8VjFIQ/TyQgp+TZfS6l8yp/xWppSAHzidGiRrqe4bK4XP9pTRyKFgGJpO3SN7zdX4DeomTrwaseCHovfpFcqQ==",
"dev": true
},
"node_modules/util": {
"version": "0.10.4",
"license": "MIT",
"dependencies": {
"inherits": "2.0.3"
}
},
"node_modules/util-deprecate": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz",
@@ -9439,12 +9342,6 @@
"engines": {
"node": ">= 14"
}
},
"node_modules/zlib": {
"version": "1.0.5",
"engines": {
"node": ">=0.2.0"
}
}
}
}
package.json
+4 -10
View File
@@ -1,6 +1,6 @@
{
"name": "codeql",
"version": "3.30.0",
"version": "3.30.1",
"private": true,
"description": "CodeQL action",
"scripts": {
@@ -38,21 +38,17 @@
"archiver": "^7.0.1",
"check-disk-space": "^3.4.0",
"console-log-level": "^1.4.1",
"del": "^6.1.1",
"del": "^8.0.0",
"fast-deep-equal": "^3.1.3",
"file-url": "^3.0.0",
"follow-redirects": "^1.15.11",
"fs": "0.0.1-security",
"get-folder-size": "^2.0.1",
"get-folder-size": "^5.0.0",
"js-yaml": "^4.1.0",
"jsonschema": "1.4.1",
"long": "^5.3.2",
"node-forge": "^1.3.1",
"octokit": "^5.0.3",
"path": "^0.12.7",
"semver": "^7.7.2",
"uuid": "^11.1.0",
"zlib": "^1.0.5"
"uuid": "^11.1.0"
},
"devDependencies": {
"@ava/typescript": "6.0.0",
@@ -64,13 +60,11 @@
"@types/archiver": "^6.0.3",
"@types/console-log-level": "^1.4.5",
"@types/follow-redirects": "^1.14.4",
"@types/get-folder-size": "^2.0.0",
"@types/js-yaml": "^4.0.9",
"@types/node": "20.19.9",
"@types/node-forge": "^1.3.14",
"@types/semver": "^7.7.0",
"@types/sinon": "^17.0.4",
"@types/uuid": "^10.0.0",
"@typescript-eslint/eslint-plugin": "^8.41.0",
"@typescript-eslint/parser": "^8.41.0",
"ava": "^6.4.1",
pr-checks/checks/rubocop-multi-language.yml
+1 -1
View File
@@ -5,7 +5,7 @@ operatingSystems: ["ubuntu"]
versions: ["default"]
steps:
- name: Set up Ruby
uses: ruby/setup-ruby@efbf473cab83af4468e8606cc33eca9281bb213f # v1.256.0
uses: ruby/setup-ruby@44511735964dcb71245e7e55f72539531f7bc0eb # v1.257.0
with:
ruby-version: 2.6
- name: Install Code Scanning integration
src/analyses.ts
+3
View File
@@ -38,3 +38,6 @@ export async function parseAnalysisKinds(
new Set(components.map((component) => component as AnalysisKind)),
);
}
/** The queries to use for Code Quality analyses. */
export const codeQualityQueries: string[] = ["code-quality"];
src/analyze.ts
+11 -19
View File
@@ -3,7 +3,7 @@ import * as path from "path";
import { performance } from "perf_hooks";
import * as io from "@actions/io";
import del from "del";
import * as del from "del";
import * as yaml from "js-yaml";
import {
@@ -12,6 +12,7 @@ import {
getTemporaryDirectory,
PullRequestBranches,
} from "./actions-util";
import * as analyses from "./analyses";
import { getApiClient } from "./api-client";
import { setupCppAutobuild } from "./autobuild";
import { type CodeQL } from "./codeql";
@@ -625,10 +626,7 @@ export async function runQueries(
const incrementalMode: string[] = [];
// Preserve cached intermediate results for overlay-base databases.
if (
config.augmentationProperties.overlayDatabaseMode !==
OverlayDatabaseMode.OverlayBase
) {
if (config.overlayDatabaseMode !== OverlayDatabaseMode.OverlayBase) {
queryFlags.push("--expect-discarded-cache");
}
@@ -640,15 +638,10 @@ export async function runQueries(
}
statusReport.analysis_is_overlay =
config.augmentationProperties.overlayDatabaseMode ===
OverlayDatabaseMode.Overlay;
config.overlayDatabaseMode === OverlayDatabaseMode.Overlay;
statusReport.analysis_builds_overlay_base_database =
config.augmentationProperties.overlayDatabaseMode ===
OverlayDatabaseMode.OverlayBase;
if (
config.augmentationProperties.overlayDatabaseMode ===
OverlayDatabaseMode.Overlay
) {
config.overlayDatabaseMode === OverlayDatabaseMode.OverlayBase;
if (config.overlayDatabaseMode === OverlayDatabaseMode.Overlay) {
incrementalMode.push("overlay");
}
@@ -664,9 +657,8 @@ export async function runQueries(
const queries: string[] = [];
if (configUtils.isCodeQualityEnabled(config)) {
queries.push(util.getGeneratedSuitePath(config, language));
for (const qualityQuery of config.augmentationProperties
.qualityQueriesInput) {
queries.push(resolveQuerySuiteAlias(language, qualityQuery.uses));
for (const qualityQuery of analyses.codeQualityQueries) {
queries.push(resolveQuerySuiteAlias(language, qualityQuery));
}
}
@@ -707,8 +699,8 @@ export async function runQueries(
);
qualityAnalysisSummary = await runInterpretResults(
language,
config.augmentationProperties.qualityQueriesInput.map((i) =>
resolveQuerySuiteAlias(language, i.uses),
analyses.codeQualityQueries.map((i) =>
resolveQuerySuiteAlias(language, i),
),
qualitySarifFile,
config.debugMode,
@@ -812,7 +804,7 @@ export async function runFinalize(
logger: Logger,
): Promise<DatabaseCreationTimings> {
try {
await del(outputDir, { force: true });
await del.deleteAsync(outputDir, { force: true });
} catch (error: any) {
if (error?.code !== "ENOENT") {
throw error;
src/codeql.test.ts
+8 -4
View File
@@ -5,7 +5,7 @@ import * as toolrunner from "@actions/exec/lib/toolrunner";
import * as io from "@actions/io";
import * as toolcache from "@actions/tool-cache";
import test, { ExecutionContext } from "ava";
import del from "del";
import * as del from "del";
import * as yaml from "js-yaml";
import nock from "nock";
import * as sinon from "sinon";
@@ -18,6 +18,7 @@ import {
AugmentationProperties,
Config,
defaultAugmentationProperties,
generateCodeScanningConfig,
} from "./config-utils";
import * as defaults from "./defaults.json";
import { DocUrl } from "./doc-url";
@@ -502,8 +503,11 @@ const injectedConfigMacro = test.macro({
...stubConfig,
...configOverride,
tempDir,
augmentationProperties,
};
thisStubConfig.computedConfig = generateCodeScanningConfig(
thisStubConfig.originalUserInput,
augmentationProperties,
);
await codeqlObject.databaseInitCluster(
thisStubConfig,
@@ -523,7 +527,7 @@ const injectedConfigMacro = test.macro({
const augmentedConfig = yaml.load(fs.readFileSync(configFile, "utf8"));
t.deepEqual(augmentedConfig, expectedConfig);
await del(configFile, { force: true });
await del.deleteAsync(configFile, { force: true });
});
},
@@ -1012,7 +1016,7 @@ test("Avoids duplicating --overwrite flag if specified in CODEQL_ACTION_EXTRA_OP
);
t.truthy(configArg, "Should have injected a codescanning config");
const configFile = configArg!.split("=")[1];
await del(configFile, { force: true });
await del.deleteAsync(configFile, { force: true });
});
export function stubToolRunnerConstructor(
src/codeql.ts
+14 -9
View File
@@ -13,7 +13,7 @@ import {
} from "./actions-util";
import * as api from "./api-client";
import { CliError, wrapCliConfigurationError } from "./cli-errors";
import { generateCodeScanningConfig, type Config } from "./config-utils";
import { appendExtraQueryExclusions, type Config } from "./config-utils";
import { DocUrl } from "./doc-url";
import { EnvVar } from "./environment";
import {
@@ -593,8 +593,7 @@ export async function getCodeQLForCmd(
? "--force-overwrite"
: "--overwrite";
const overlayDatabaseMode =
config.augmentationProperties.overlayDatabaseMode;
const overlayDatabaseMode = config.overlayDatabaseMode;
if (overlayDatabaseMode === OverlayDatabaseMode.Overlay) {
const overlayChangesFile = await writeOverlayChangesFile(
config,
@@ -1150,20 +1149,26 @@ async function runCli(
}
/**
* Generates a code scanning configuration that is to be used for a scan.
* Writes the code scanning configuration that is to be used by the CLI.
*
* @param codeql The CodeQL object to use.
* @param config The configuration to use.
* @returns the path to the generated user configuration file.
* @param config The CodeQL Action state to use.
* @returns The path to the generated user configuration file.
*/
async function writeCodeScanningConfigFile(
config: Config,
logger: Logger,
): Promise<string> {
const codeScanningConfigFile = getGeneratedCodeScanningConfigPath(config);
const augmentedConfig = generateCodeScanningConfig(
config.originalUserInput,
config.augmentationProperties,
// Apply the `extraQueryExclusions` from the CodeQL Action state to the CLI configuration.
// We do this here at the latest possible point before passing the CLI configuration on to
// the CLI so that the `extraQueryExclusions` appear after all user-configured `query-filters`.
// See the comment in `applyExtraQueryExclusions` for more information, as well as
// https://github.com/github/codeql-action/pull/2938
const augmentedConfig = appendExtraQueryExclusions(
config.extraQueryExclusions,
config.computedConfig,
);
logger.info(
src/config-utils.test.ts
+23 -69
View File
@@ -157,17 +157,17 @@ test("load empty config", async (t) => {
}),
);
t.deepEqual(
config,
await configUtils.getDefaultConfig(
createTestInitConfigInputs({
languagesInput: languages,
tempDir,
codeql,
logger,
}),
),
const expectedConfig = await configUtils.initActionState(
createTestInitConfigInputs({
languagesInput: languages,
tempDir,
codeql,
logger,
}),
{},
);
t.deepEqual(config, expectedConfig);
});
});
@@ -322,18 +322,21 @@ test("load non-empty input", async (t) => {
fs.mkdirSync(path.join(tempDir, "foo"));
const userConfig: configUtils.UserConfig = {
name: "my config",
"disable-default-queries": true,
queries: [{ uses: "./foo" }],
"paths-ignore": ["a", "b"],
paths: ["c/d"],
};
// And the config we expect it to parse to
const expectedConfig: configUtils.Config = {
analysisKinds: [AnalysisKind.CodeScanning],
languages: [KnownLanguage.javascript],
buildMode: BuildMode.None,
originalUserInput: {
name: "my config",
"disable-default-queries": true,
queries: [{ uses: "./foo" }],
"paths-ignore": ["a", "b"],
paths: ["c/d"],
},
originalUserInput: userConfig,
computedConfig: userConfig,
tempDir,
codeQLCmd: codeql.getPath(),
gitHubVersion: githubVersion,
@@ -341,10 +344,12 @@ test("load non-empty input", async (t) => {
debugMode: false,
debugArtifactName: "my-artifact",
debugDatabaseName: "my-db",
augmentationProperties: configUtils.defaultAugmentationProperties,
trapCaches: {},
trapCacheDownloadTime: 0,
dependencyCachingEnabled: CachingKind.None,
extraQueryExclusions: [],
overlayDatabaseMode: OverlayDatabaseMode.None,
useOverlayDatabaseCaching: false,
};
const languagesInput = "javascript";
@@ -763,7 +768,6 @@ const calculateAugmentationMacro = test.macro({
_title: string,
rawPacksInput: string | undefined,
rawQueriesInput: string | undefined,
rawQualityQueriesInput: string | undefined,
languages: Language[],
expectedAugmentationProperties: configUtils.AugmentationProperties,
) => {
@@ -771,7 +775,6 @@ const calculateAugmentationMacro = test.macro({
await configUtils.calculateAugmentation(
rawPacksInput,
rawQueriesInput,
rawQualityQueriesInput,
languages,
);
t.deepEqual(actualAugmentationProperties, expectedAugmentationProperties);
@@ -784,7 +787,6 @@ test(
"All empty",
undefined,
undefined,
undefined,
[KnownLanguage.javascript],
{
...configUtils.defaultAugmentationProperties,
@@ -796,7 +798,6 @@ test(
"With queries",
undefined,
" a, b , c, d",
undefined,
[KnownLanguage.javascript],
{
...configUtils.defaultAugmentationProperties,
@@ -809,7 +810,6 @@ test(
"With queries combining",
undefined,
" + a, b , c, d ",
undefined,
[KnownLanguage.javascript],
{
...configUtils.defaultAugmentationProperties,
@@ -818,49 +818,11 @@ test(
},
);
test(
calculateAugmentationMacro,
"With quality queries",
undefined,
undefined,
" a, b , c, d",
[KnownLanguage.javascript],
{
...configUtils.defaultAugmentationProperties,
qualityQueriesInput: [
{ uses: "a" },
{ uses: "b" },
{ uses: "c" },
{ uses: "d" },
],
},
);
test(
calculateAugmentationMacro,
"With security and quality queries",
undefined,
" a, b , c, d",
"e, f , g,h",
[KnownLanguage.javascript],
{
...configUtils.defaultAugmentationProperties,
queriesInput: [{ uses: "a" }, { uses: "b" }, { uses: "c" }, { uses: "d" }],
qualityQueriesInput: [
{ uses: "e" },
{ uses: "f" },
{ uses: "g" },
{ uses: "h" },
],
},
);
test(
calculateAugmentationMacro,
"With packs",
" codeql/a , codeql/b , codeql/c , codeql/d ",
undefined,
undefined,
[KnownLanguage.javascript],
{
...configUtils.defaultAugmentationProperties,
@@ -873,7 +835,6 @@ test(
"With packs combining",
" + codeql/a, codeql/b, codeql/c, codeql/d",
undefined,
undefined,
[KnownLanguage.javascript],
{
...configUtils.defaultAugmentationProperties,
@@ -888,7 +849,6 @@ const calculateAugmentationErrorMacro = test.macro({
_title: string,
rawPacksInput: string | undefined,
rawQueriesInput: string | undefined,
rawQualityQueriesInput: string | undefined,
languages: Language[],
expectedError: RegExp | string,
) => {
@@ -897,7 +857,6 @@ const calculateAugmentationErrorMacro = test.macro({
configUtils.calculateAugmentation(
rawPacksInput,
rawQueriesInput,
rawQualityQueriesInput,
languages,
),
{ message: expectedError },
@@ -911,7 +870,6 @@ test(
"Plus (+) with nothing else (queries)",
undefined,
" + ",
undefined,
[KnownLanguage.javascript],
/The workflow property "queries" is invalid/,
);
@@ -921,7 +879,6 @@ test(
"Plus (+) with nothing else (packs)",
" + ",
undefined,
undefined,
[KnownLanguage.javascript],
/The workflow property "packs" is invalid/,
);
@@ -931,7 +888,6 @@ test(
"Packs input with multiple languages",
" + a/b, c/d ",
undefined,
undefined,
[KnownLanguage.javascript, KnownLanguage.java],
/Cannot specify a 'packs' input in a multi-language analysis/,
);
@@ -941,7 +897,6 @@ test(
"Packs input with no languages",
" + a/b, c/d ",
undefined,
undefined,
[],
/No languages specified/,
);
@@ -951,7 +906,6 @@ test(
"Invalid packs",
" a-pack-without-a-scope ",
undefined,
undefined,
[KnownLanguage.javascript],
/"a-pack-without-a-scope" is not a valid pack/,
);
src/config-utils.ts
+107 -89
View File
@@ -144,8 +144,11 @@ export interface Config {
* Specifies the name of the database in the debugging artifact.
*/
debugDatabaseName: string;
augmentationProperties: AugmentationProperties;
/**
* The configuration we computed by combining `originalUserInput` with `augmentationProperties`,
* as well as adjustments made to it based on unsupported or required options.
*/
computedConfig: UserConfig;
/**
* Partial map from languages to locations of TRAP caches for that language.
@@ -160,43 +163,6 @@ export interface Config {
/** A value indicating how dependency caching should be used. */
dependencyCachingEnabled: CachingKind;
}
/**
* Describes how to augment the user config with inputs from the action.
*
* When running a CodeQL analysis, the user can supply a config file. When
* running a CodeQL analysis from a GitHub action, the user can supply a
* config file _and_ a set of inputs.
*
* The inputs from the action are used to augment the user config before
* passing the user config to the CodeQL CLI invocation.
*/
export interface AugmentationProperties {
/**
* Whether or not the queries input combines with the queries in the config.
*/
queriesInputCombines: boolean;
/**
* The queries input from the `with` block of the action declaration
*/
queriesInput?: Array<{ uses: string }>;
/**
* The quality queries input from the `with` block of the action declaration.
*/
qualityQueriesInput?: Array<{ uses: string }>;
/**
* Whether or not the packs input combines with the packs in the config.
*/
packsInputCombines: boolean;
/**
* The packs input from the `with` block of the action declaration
*/
packsInput?: string[];
/**
* Extra query exclusions to append to the config.
@@ -221,6 +187,38 @@ export interface AugmentationProperties {
useOverlayDatabaseCaching: boolean;
}
/**
* Describes how to augment the user config with inputs from the action.
*
* When running a CodeQL analysis, the user can supply a config file. When
* running a CodeQL analysis from a GitHub action, the user can supply a
* config file _and_ a set of inputs.
*
* The inputs from the action are used to augment the user config before
* passing the user config to the CodeQL CLI invocation.
*/
export interface AugmentationProperties {
/**
* Whether or not the queries input combines with the queries in the config.
*/
queriesInputCombines: boolean;
/**
* The queries input from the `with` block of the action declaration
*/
queriesInput?: Array<{ uses: string }>;
/**
* Whether or not the packs input combines with the packs in the config.
*/
packsInputCombines: boolean;
/**
* The packs input from the `with` block of the action declaration
*/
packsInput?: string[];
}
/**
* The default, empty augmentation properties. This is most useful
* for tests.
@@ -230,10 +228,6 @@ export const defaultAugmentationProperties: AugmentationProperties = {
packsInputCombines: false,
packsInput: undefined,
queriesInput: undefined,
qualityQueriesInput: undefined,
extraQueryExclusions: [],
overlayDatabaseMode: OverlayDatabaseMode.None,
useOverlayDatabaseCaching: false,
};
export type Packs = Partial<Record<Language, string[]>>;
@@ -514,29 +508,33 @@ export interface InitConfigInputs {
}
/**
* Get the default config, populated without user configuration file.
* Initialise the CodeQL Action state, which includes the base configuration for the Action
* and computes the configuration for the CodeQL CLI.
*/
export async function getDefaultConfig({
analysisKindsInput,
languagesInput,
queriesInput,
qualityQueriesInput,
packsInput,
buildModeInput,
dbLocation,
trapCachingEnabled,
dependencyCachingEnabled,
debugMode,
debugArtifactName,
debugDatabaseName,
repository,
tempDir,
codeql,
sourceRoot,
githubVersion,
features,
logger,
}: InitConfigInputs): Promise<Config> {
export async function initActionState(
{
analysisKindsInput,
languagesInput,
queriesInput,
qualityQueriesInput,
packsInput,
buildModeInput,
dbLocation,
trapCachingEnabled,
dependencyCachingEnabled,
debugMode,
debugArtifactName,
debugDatabaseName,
repository,
tempDir,
codeql,
sourceRoot,
githubVersion,
features,
logger,
}: InitConfigInputs,
userConfig: UserConfig,
): Promise<Config> {
const analysisKinds = await parseAnalysisKinds(analysisKindsInput);
// For backwards compatibility, add Code Quality to the enabled analysis kinds
@@ -567,7 +565,6 @@ export async function getDefaultConfig({
const augmentationProperties = await calculateAugmentation(
packsInput,
queriesInput,
qualityQueriesInput,
languages,
);
@@ -578,11 +575,19 @@ export async function getDefaultConfig({
logger,
);
// Compute the full Code Scanning configuration that combines the configuration from the
// configuration file / `config` input with other inputs, such as `queries`.
const computedConfig = generateCodeScanningConfig(
userConfig,
augmentationProperties,
);
return {
analysisKinds,
languages,
buildMode,
originalUserInput: {},
originalUserInput: userConfig,
computedConfig,
tempDir,
codeQLCmd: codeql.getPath(),
gitHubVersion: githubVersion,
@@ -590,10 +595,12 @@ export async function getDefaultConfig({
debugMode,
debugArtifactName,
debugDatabaseName,
augmentationProperties,
trapCaches,
trapCacheDownloadTime,
dependencyCachingEnabled: getCachingKind(dependencyCachingEnabled),
extraQueryExclusions: [],
overlayDatabaseMode: OverlayDatabaseMode.None,
useOverlayDatabaseCaching: false,
};
}
@@ -661,7 +668,6 @@ async function loadUserConfig(
export async function calculateAugmentation(
rawPacksInput: string | undefined,
rawQueriesInput: string | undefined,
rawQualityQueriesInput: string | undefined,
languages: Language[],
): Promise<AugmentationProperties> {
const packsInputCombines = shouldCombine(rawPacksInput);
@@ -676,20 +682,11 @@ export async function calculateAugmentation(
queriesInputCombines,
);
const qualityQueriesInput = parseQueriesFromInput(
rawQualityQueriesInput,
false,
);
return {
packsInputCombines,
packsInput: packsInput?.[languages[0]],
queriesInput,
queriesInputCombines,
qualityQueriesInput,
extraQueryExclusions: [],
overlayDatabaseMode: OverlayDatabaseMode.None,
useOverlayDatabaseCaching: false,
};
}
@@ -1111,9 +1108,7 @@ export async function initConfig(inputs: InitConfigInputs): Promise<Config> {
);
}
const config = await getDefaultConfig(inputs);
const augmentationProperties = config.augmentationProperties;
config.originalUserInput = userConfig;
const config = await initActionState(inputs, userConfig);
// The choice of overlay database mode depends on the selection of languages
// and queries, which in turn depends on the user config and the augmentation
@@ -1127,15 +1122,15 @@ export async function initConfig(inputs: InitConfigInputs): Promise<Config> {
config.languages,
inputs.sourceRoot,
config.buildMode,
generateCodeScanningConfig(userConfig, augmentationProperties),
config.computedConfig,
logger,
);
logger.info(
`Using overlay database mode: ${overlayDatabaseMode} ` +
`${useOverlayDatabaseCaching ? "with" : "without"} caching.`,
);
augmentationProperties.overlayDatabaseMode = overlayDatabaseMode;
augmentationProperties.useOverlayDatabaseCaching = useOverlayDatabaseCaching;
config.overlayDatabaseMode = overlayDatabaseMode;
config.useOverlayDatabaseCaching = useOverlayDatabaseCaching;
if (
overlayDatabaseMode === OverlayDatabaseMode.Overlay ||
@@ -1145,7 +1140,7 @@ export async function initConfig(inputs: InitConfigInputs): Promise<Config> {
logger,
))
) {
augmentationProperties.extraQueryExclusions.push({
config.extraQueryExclusions.push({
exclude: { tags: "exclude-from-incremental" },
});
}
@@ -1475,25 +1470,48 @@ export function generateCodeScanningConfig(
delete augmentedConfig.packs;
}
return augmentedConfig;
}
/**
* Appends `extraQueryExclusions` to `cliConfig`'s `query-filters`.
*
* @param extraQueryExclusions The extra query exclusions to append to the `query-filters`.
* @param cliConfig The CodeQL CLI configuration to extend.
* @returns Returns `cliConfig` if there are no extra query exclusions
* or a copy of `cliConfig` where the extra query exclusions
* have been appended to `query-filters`.
*/
export function appendExtraQueryExclusions(
extraQueryExclusions: ExcludeQueryFilter[],
cliConfig: UserConfig,
): Readonly<UserConfig> {
// make a copy so we can modify it and so that modifications to the input
// object do not affect the result that is marked as `Readonly`.
const augmentedConfig = cloneObject(cliConfig);
if (extraQueryExclusions.length === 0) {
return augmentedConfig;
}
augmentedConfig["query-filters"] = [
// Ordering matters. If the first filter is an inclusion, it implicitly
// excludes all queries that are not included. If it is an exclusion,
// it implicitly includes all queries that are not excluded. So user
// filters (if any) should always be first to preserve intent.
...(augmentedConfig["query-filters"] || []),
...augmentationProperties.extraQueryExclusions,
...extraQueryExclusions,
];
if (augmentedConfig["query-filters"]?.length === 0) {
delete augmentedConfig["query-filters"];
}
return augmentedConfig;
}
/**
* Returns `true` if Code Quality analysis is enabled, or `false` if not.
*/
export function isCodeQualityEnabled(config: Config): config is Config & {
augmentationProperties: { qualityQueriesInput: string };
} {
export function isCodeQualityEnabled(config: Config): boolean {
return config.analysisKinds.includes(AnalysisKind.CodeQuality);
}
src/debug-artifacts.ts
+2 -2
View File
@@ -5,7 +5,7 @@ import * as artifact from "@actions/artifact";
import * as artifactLegacy from "@actions/artifact-legacy";
import * as core from "@actions/core";
import archiver from "archiver";
import del from "del";
import * as del from "del";
import { getOptionalInput, getTemporaryDirectory } from "./actions-util";
import { dbIsFinalized } from "./analyze";
@@ -345,7 +345,7 @@ async function createPartialDatabaseBundle(
);
// See `bundleDb` for explanation behind deleting existing db bundle.
if (fs.existsSync(databaseBundlePath)) {
await del(databaseBundlePath, { force: true });
await del.deleteAsync(databaseBundlePath, { force: true });
}
const output = fs.createWriteStream(databaseBundlePath);
const zip = archiver("zip");
src/defaults.json
+4 -4
View File
@@ -1,6 +1,6 @@
{
"bundleVersion": "codeql-bundle-v2.22.4",
"cliVersion": "2.22.4",
"priorBundleVersion": "codeql-bundle-v2.22.3",
"priorCliVersion": "2.22.3"
"bundleVersion": "codeql-bundle-v2.23.0",
"cliVersion": "2.23.0",
"priorBundleVersion": "codeql-bundle-v2.22.4",
"priorCliVersion": "2.22.4"
}
src/init-action.ts
+30 -134
View File
@@ -51,7 +51,9 @@ import { getRepositoryNwo } from "./repository";
import { ToolsSource } from "./setup-codeql";
import {
ActionName,
StatusReportBase,
InitStatusReport,
InitWithConfigStatusReport,
createInitWithConfigStatusReport,
createStatusReportBase,
getActionsStatus,
sendStatusReport,
@@ -75,52 +77,9 @@ import {
ConfigurationError,
wrapError,
checkActionVersion,
cloneObject,
getErrorMessage,
} from "./util";
import { validateWorkflow } from "./workflow";
/** Fields of the init status report that can be sent before `config` is populated. */
interface InitStatusReport extends StatusReportBase {
/** Value given by the user as the "tools" input. */
tools_input: string;
/** Version of the bundle used. */
tools_resolved_version: string;
/** Where the bundle originated from. */
tools_source: ToolsSource;
/** Comma-separated list of languages specified explicitly in the workflow file. */
workflow_languages: string;
}
/** Fields of the init status report that are populated using values from `config`. */
interface InitWithConfigStatusReport extends InitStatusReport {
/** Comma-separated list of languages where the default queries are disabled. */
disable_default_queries: string;
/** Comma-separated list of paths, from the 'paths' config field. */
paths: string;
/** Comma-separated list of paths, from the 'paths-ignore' config field. */
paths_ignore: string;
/** Comma-separated list of queries sources, from the 'queries' config field or workflow input. */
queries: string;
/** Stringified JSON object of packs, from the 'packs' config field or workflow input. */
packs: string;
/** Comma-separated list of languages for which we are using TRAP caching. */
trap_cache_languages: string;
/** Size of TRAP caches that we downloaded, in bytes. */
trap_cache_download_size_bytes: number;
/** Time taken to download TRAP caches, in milliseconds. */
trap_cache_download_duration_ms: number;
/** Size of the overlay-base database that we downloaded, in bytes. */
overlay_base_database_download_size_bytes?: number;
/** Time taken to download the overlay-base database, in milliseconds. */
overlay_base_database_download_duration_ms?: number;
/** Stringified JSON array of registry configuration objects, from the 'registries' config field
or workflow input. **/
registries: string;
/** Stringified JSON object representing a query-filters, from the 'query-filters' config field. **/
query_filters: string;
/** Path to the specified code scanning config file, from the 'config-file' config field. */
config_file: string;
}
/** Fields of the init status report populated when the tools source is `download`. */
interface InitToolsDownloadFields {
@@ -180,83 +139,17 @@ async function sendCompletedStatusReport(
}
if (config !== undefined) {
const languages = config.languages.join(",");
const paths = (config.originalUserInput.paths || []).join(",");
const pathsIgnore = (config.originalUserInput["paths-ignore"] || []).join(
",",
);
const disableDefaultQueries = config.originalUserInput[
"disable-default-queries"
]
? languages
: "";
const queries: string[] = [];
let queriesInput = getOptionalInput("queries")?.trim();
if (queriesInput === undefined || queriesInput.startsWith("+")) {
queries.push(
...(config.originalUserInput.queries || []).map((q) => q.uses),
);
}
if (queriesInput !== undefined) {
queriesInput = queriesInput.startsWith("+")
? queriesInput.slice(1)
: queriesInput;
queries.push(...queriesInput.split(","));
}
let packs: Record<string, string[]> = {};
if (
(config.augmentationProperties.packsInputCombines ||
!config.augmentationProperties.packsInput) &&
config.originalUserInput.packs
) {
// Make a copy, because we might modify `packs`.
const copyPacksFromOriginalUserInput = cloneObject(
config.originalUserInput.packs,
);
// If it is an array, then assume there is only a single language being analyzed.
if (Array.isArray(copyPacksFromOriginalUserInput)) {
packs[config.languages[0]] = copyPacksFromOriginalUserInput;
} else {
packs = copyPacksFromOriginalUserInput;
}
}
if (config.augmentationProperties.packsInput) {
packs[config.languages[0]] ??= [];
packs[config.languages[0]].push(
...config.augmentationProperties.packsInput,
);
}
// Append fields that are dependent on `config`
const initWithConfigStatusReport: InitWithConfigStatusReport = {
...initStatusReport,
config_file: configFile ?? "",
disable_default_queries: disableDefaultQueries,
paths,
paths_ignore: pathsIgnore,
queries: queries.join(","),
packs: JSON.stringify(packs),
trap_cache_languages: Object.keys(config.trapCaches).join(","),
trap_cache_download_size_bytes: Math.round(
await getTotalCacheSize(Object.values(config.trapCaches), logger),
),
trap_cache_download_duration_ms: Math.round(config.trapCacheDownloadTime),
overlay_base_database_download_size_bytes:
overlayBaseDatabaseStats?.databaseSizeBytes,
overlay_base_database_download_duration_ms:
overlayBaseDatabaseStats?.databaseDownloadDurationMs,
query_filters: JSON.stringify(
config.originalUserInput["query-filters"] ?? [],
),
registries: JSON.stringify(
configUtils.parseRegistriesWithoutCredentials(
getOptionalInput("registries"),
) ?? [],
),
};
const initWithConfigStatusReport: InitWithConfigStatusReport =
await createInitWithConfigStatusReport(
config,
initStatusReport,
configFile,
Math.round(
await getTotalCacheSize(Object.values(config.trapCaches), logger),
),
overlayBaseDatabaseStats,
);
await sendStatusReport({
...initWithConfigStatusReport,
...initToolsDownloadFields,
@@ -384,11 +277,21 @@ async function run() {
}
}
// Warn that `quality-queries` is deprecated if there is an argument for it.
const qualityQueriesInput = getOptionalInput("quality-queries");
if (qualityQueriesInput !== undefined) {
logger.warning(
"The `quality-queries` input is deprecated and will be removed in a future version of the CodeQL Action. " +
"Use the `analysis-kinds` input to configure different analysis kinds instead.",
);
}
config = await initConfig({
analysisKindsInput: getRequiredInput("analysis-kinds"),
languagesInput: getOptionalInput("languages"),
queriesInput: getOptionalInput("queries"),
qualityQueriesInput: getOptionalInput("quality-queries"),
qualityQueriesInput,
packsInput: getOptionalInput("packs"),
buildModeInput: getOptionalInput("build-mode"),
configFile,
@@ -439,9 +342,8 @@ async function run() {
let overlayBaseDatabaseStats: OverlayBaseDatabaseDownloadStats | undefined;
try {
if (
config.augmentationProperties.overlayDatabaseMode ===
OverlayDatabaseMode.Overlay &&
config.augmentationProperties.useOverlayDatabaseCaching
config.overlayDatabaseMode === OverlayDatabaseMode.Overlay &&
config.useOverlayDatabaseCaching
) {
// OverlayDatabaseMode.Overlay comes in two flavors: with database
// caching, or without. The flavor with database caching is intended to be
@@ -460,8 +362,7 @@ async function run() {
logger,
);
if (!overlayBaseDatabaseStats) {
config.augmentationProperties.overlayDatabaseMode =
OverlayDatabaseMode.None;
config.overlayDatabaseMode = OverlayDatabaseMode.None;
logger.info(
"No overlay-base database found in cache, " +
`reverting overlay database mode to ${OverlayDatabaseMode.None}.`,
@@ -469,10 +370,7 @@ async function run() {
}
}
if (
config.augmentationProperties.overlayDatabaseMode !==
OverlayDatabaseMode.Overlay
) {
if (config.overlayDatabaseMode !== OverlayDatabaseMode.Overlay) {
cleanupDatabaseClusterDirectory(config, logger);
}
@@ -729,15 +627,13 @@ async function run() {
// revert to `OverlayDatabaseMode.None`, re-initialize the database cluster
// with the new overlay database mode.
if (
config.augmentationProperties.overlayDatabaseMode !==
OverlayDatabaseMode.None &&
config.overlayDatabaseMode !== OverlayDatabaseMode.None &&
!(await checkPacksForOverlayCompatibility(codeql, config, logger))
) {
logger.info(
"Reverting overlay database mode to None due to incompatible packs.",
);
config.augmentationProperties.overlayDatabaseMode =
OverlayDatabaseMode.None;
config.overlayDatabaseMode = OverlayDatabaseMode.None;
cleanupDatabaseClusterDirectory(config, logger, {
disableExistingDirectoryWarning: true,
});
src/overlay-database-utils.test.ts
+2 -4
View File
@@ -120,10 +120,8 @@ const testDownloadOverlayBaseDatabaseFromCache = test.macro({
const testCase = { ...defaultDownloadTestCase, ...partialTestCase };
config.augmentationProperties.overlayDatabaseMode =
testCase.overlayDatabaseMode;
config.augmentationProperties.useOverlayDatabaseCaching =
testCase.useOverlayDatabaseCaching;
config.overlayDatabaseMode = testCase.overlayDatabaseMode;
config.useOverlayDatabaseCaching = testCase.useOverlayDatabaseCaching;
if (testCase.hasBaseDatabaseOidsFile) {
const baseDatabaseOidsFile = path.join(
src/overlay-database-utils.ts
+4 -4
View File
@@ -192,7 +192,7 @@ export async function uploadOverlayBaseDatabaseToCache(
config: Config,
logger: Logger,
): Promise<boolean> {
const overlayDatabaseMode = config.augmentationProperties.overlayDatabaseMode;
const overlayDatabaseMode = config.overlayDatabaseMode;
if (overlayDatabaseMode !== OverlayDatabaseMode.OverlayBase) {
logger.debug(
`Overlay database mode is ${overlayDatabaseMode}. ` +
@@ -200,7 +200,7 @@ export async function uploadOverlayBaseDatabaseToCache(
);
return false;
}
if (!config.augmentationProperties.useOverlayDatabaseCaching) {
if (!config.useOverlayDatabaseCaching) {
logger.debug(
"Overlay database caching is disabled. " +
"Skip uploading overlay-base database to cache.",
@@ -298,7 +298,7 @@ export async function downloadOverlayBaseDatabaseFromCache(
config: Config,
logger: Logger,
): Promise<OverlayBaseDatabaseDownloadStats | undefined> {
const overlayDatabaseMode = config.augmentationProperties.overlayDatabaseMode;
const overlayDatabaseMode = config.overlayDatabaseMode;
if (overlayDatabaseMode !== OverlayDatabaseMode.Overlay) {
logger.debug(
`Overlay database mode is ${overlayDatabaseMode}. ` +
@@ -306,7 +306,7 @@ export async function downloadOverlayBaseDatabaseFromCache(
);
return undefined;
}
if (!config.augmentationProperties.useOverlayDatabaseCaching) {
if (!config.useOverlayDatabaseCaching) {
logger.debug(
"Overlay database caching is disabled. " +
"Skip downloading overlay-base database from cache.",
src/start-proxy.test.ts
+22 -13
View File
@@ -11,6 +11,14 @@ setupTests(test);
const toEncodedJSON = (data: any) =>
Buffer.from(JSON.stringify(data)).toString("base64");
const mixedCredentials = [
{ type: "npm_registry", host: "npm.pkg.github.com", token: "abc" },
{ type: "maven_repository", host: "maven.pkg.github.com", token: "def" },
{ type: "nuget_feed", host: "nuget.pkg.github.com", token: "ghi" },
{ type: "goproxy_server", host: "goproxy.example.com", token: "jkl" },
{ type: "git_source", host: "github.com/github", token: "mno" },
];
test("getCredentials prefers registriesCredentials over registrySecrets", async (t) => {
const registryCredentials = Buffer.from(
JSON.stringify([
@@ -94,13 +102,6 @@ test("getCredentials throws error when credential missing host and url", async (
});
test("getCredentials filters by language when specified", async (t) => {
const mixedCredentials = [
{ type: "npm_registry", host: "npm.pkg.github.com", token: "abc" },
{ type: "maven_repository", host: "maven.pkg.github.com", token: "def" },
{ type: "nuget_feed", host: "nuget.pkg.github.com", token: "ghi" },
{ type: "goproxy_server", host: "goproxy.example.com", token: "jkl" },
];
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
@@ -111,13 +112,21 @@ test("getCredentials filters by language when specified", async (t) => {
t.is(credentials[0].type, "maven_repository");
});
test("getCredentials returns all for a language when specified", async (t) => {
const credentials = startProxyExports.getCredentials(
getRunnerLogger(true),
undefined,
toEncodedJSON(mixedCredentials),
"go",
);
t.is(credentials.length, 2);
const credentialsTypes = credentials.map((c) => c.type);
t.assert(credentialsTypes.includes("goproxy_server"));
t.assert(credentialsTypes.includes("git_source"));
});
test("getCredentials returns all credentials when no language specified", async (t) => {
const mixedCredentials = [
{ type: "npm_registry", host: "npm.pkg.github.com", token: "abc" },
{ type: "maven_repository", host: "maven.pkg.github.com", token: "def" },
{ type: "nuget_feed", host: "nuget.pkg.github.com", token: "ghi" },
{ type: "goproxy_server", host: "goproxy.example.com", token: "jkl" },
];
const credentialsInput = toEncodedJSON(mixedCredentials);
const credentials = startProxyExports.getCredentials(
src/start-proxy.ts
+12 -9
View File
@@ -55,14 +55,14 @@ export function parseLanguage(language: string): KnownLanguage | undefined {
return undefined;
}
const LANGUAGE_TO_REGISTRY_TYPE: Partial<Record<KnownLanguage, string>> = {
java: "maven_repository",
csharp: "nuget_feed",
javascript: "npm_registry",
python: "python_index",
ruby: "rubygems_server",
rust: "cargo_registry",
go: "goproxy_server",
const LANGUAGE_TO_REGISTRY_TYPE: Partial<Record<KnownLanguage, string[]>> = {
java: ["maven_repository"],
csharp: ["nuget_feed"],
javascript: ["npm_registry"],
python: ["python_index"],
ruby: ["rubygems_server"],
rust: ["cargo_registry"],
go: ["goproxy_server", "git_source"],
} as const;
/**
@@ -140,7 +140,10 @@ export function getCredentials(
// Filter credentials based on language if specified. `type` is the registry type.
// E.g., "maven_feed" for Java/Kotlin, "nuget_repository" for C#.
if (registryTypeForLanguage && e.type !== registryTypeForLanguage) {
if (
registryTypeForLanguage &&
!registryTypeForLanguage.some((t) => t === e.type)
) {
continue;
}
src/status-report.test.ts
+105
View File
@@ -2,13 +2,18 @@ import test from "ava";
import * as sinon from "sinon";
import * as actionsUtil from "./actions-util";
import { Config } from "./config-utils";
import { EnvVar } from "./environment";
import { KnownLanguage } from "./languages";
import { getRunnerLogger } from "./logging";
import { ToolsSource } from "./setup-codeql";
import {
ActionName,
createInitWithConfigStatusReport,
createStatusReportBase,
getActionsStatus,
InitStatusReport,
InitWithConfigStatusReport,
} from "./status-report";
import {
setupTests,
@@ -243,3 +248,103 @@ test("getActionStatus handling correctly various types of errors", (t) => {
"We still recognise a wrapped ConfigurationError as a user error",
);
});
const testCreateInitWithConfigStatusReport = test.macro({
exec: async (
t,
_title: string,
config: Config,
expectedReportProperties: Partial<InitWithConfigStatusReport>,
) => {
await withTmpDir(async (tmpDir: string) => {
setupEnvironmentAndStub(tmpDir);
const statusReportBase = await createStatusReportBase(
ActionName.Init,
"failure",
new Date("May 19, 2023 05:19:00"),
config,
{ numAvailableBytes: 100, numTotalBytes: 500 },
getRunnerLogger(false),
"failure cause",
"exception stack trace",
);
if (t.truthy(statusReportBase)) {
const initStatusReport: InitStatusReport = {
...statusReportBase,
tools_input: "",
tools_resolved_version: "foo",
tools_source: ToolsSource.Unknown,
workflow_languages: "actions",
};
const initWithConfigStatusReport =
await createInitWithConfigStatusReport(
config,
initStatusReport,
undefined,
1024,
undefined,
);
if (t.truthy(initWithConfigStatusReport)) {
t.like(initWithConfigStatusReport, expectedReportProperties);
}
}
});
},
title: (_, title) => `createInitWithConfigStatusReport: ${title}`,
});
test(
testCreateInitWithConfigStatusReport,
"returns a value",
createTestConfig({
buildMode: BuildMode.None,
languages: [KnownLanguage.java, KnownLanguage.swift],
}),
{
trap_cache_download_size_bytes: 1024,
registries: "[]",
query_filters: "[]",
packs: "{}",
},
);
test(
testCreateInitWithConfigStatusReport,
"includes packs for a single language",
createTestConfig({
buildMode: BuildMode.None,
languages: [KnownLanguage.java],
computedConfig: {
packs: ["foo", "bar"],
},
}),
{
registries: "[]",
query_filters: "[]",
packs: JSON.stringify({ java: ["foo", "bar"] }),
},
);
test(
testCreateInitWithConfigStatusReport,
"includes packs for multiple languages",
createTestConfig({
buildMode: BuildMode.None,
languages: [KnownLanguage.java, KnownLanguage.swift],
computedConfig: {
packs: { java: ["java-foo", "java-bar"], swift: ["swift-bar"] },
},
}),
{
registries: "[]",
query_filters: "[]",
packs: JSON.stringify({
java: ["java-foo", "java-bar"],
swift: ["swift-bar"],
}),
},
);
src/status-report.ts
+119 -1
View File
@@ -12,12 +12,14 @@ import {
isSelfHostedRunner,
} from "./actions-util";
import { getAnalysisKey, getApiClient } from "./api-client";
import { type Config } from "./config-utils";
import { parseRegistriesWithoutCredentials, type Config } from "./config-utils";
import { DocUrl } from "./doc-url";
import { EnvVar } from "./environment";
import { getRef } from "./git-utils";
import { Logger } from "./logging";
import { OverlayBaseDatabaseDownloadStats } from "./overlay-database-utils";
import { getRepositoryNwo } from "./repository";
import { ToolsSource } from "./setup-codeql";
import {
ConfigurationError,
isHTTPError,
@@ -460,3 +462,119 @@ export async function sendStatusReport<S extends StatusReportBase>(
);
}
}
/** Fields of the init status report that can be sent before `config` is populated. */
export interface InitStatusReport extends StatusReportBase {
/** Value given by the user as the "tools" input. */
tools_input: string;
/** Version of the bundle used. */
tools_resolved_version: string;
/** Where the bundle originated from. */
tools_source: ToolsSource;
/** Comma-separated list of languages specified explicitly in the workflow file. */
workflow_languages: string;
}
/** Fields of the init status report that are populated using values from `config`. */
export interface InitWithConfigStatusReport extends InitStatusReport {
/** Comma-separated list of languages where the default queries are disabled. */
disable_default_queries: string;
/** Comma-separated list of paths, from the 'paths' config field. */
paths: string;
/** Comma-separated list of paths, from the 'paths-ignore' config field. */
paths_ignore: string;
/** Comma-separated list of queries sources, from the 'queries' config field or workflow input. */
queries: string;
/** Stringified JSON object of packs, from the 'packs' config field or workflow input. */
packs: string;
/** Comma-separated list of languages for which we are using TRAP caching. */
trap_cache_languages: string;
/** Size of TRAP caches that we downloaded, in bytes. */
trap_cache_download_size_bytes: number;
/** Time taken to download TRAP caches, in milliseconds. */
trap_cache_download_duration_ms: number;
/** Size of the overlay-base database that we downloaded, in bytes. */
overlay_base_database_download_size_bytes?: number;
/** Time taken to download the overlay-base database, in milliseconds. */
overlay_base_database_download_duration_ms?: number;
/** Stringified JSON array of registry configuration objects, from the 'registries' config field
or workflow input. **/
registries: string;
/** Stringified JSON object representing a query-filters, from the 'query-filters' config field. **/
query_filters: string;
/** Path to the specified code scanning config file, from the 'config-file' config field. */
config_file: string;
}
/**
* Composes a `InitWithConfigStatusReport` from the given values.
*
* @param config The CodeQL Action configuration whose values should be added to the base status report.
* @param initStatusReport The base status report.
* @param configFile Optionally, the filename of the configuration file that was read.
* @param totalCacheSize The computed total TRAP cache size.
* @param overlayBaseDatabaseStats Statistics about the overlay database, if any.
* @returns
*/
export async function createInitWithConfigStatusReport(
config: Config,
initStatusReport: InitStatusReport,
configFile: string | undefined,
totalCacheSize: number,
overlayBaseDatabaseStats: OverlayBaseDatabaseDownloadStats | undefined,
): Promise<InitWithConfigStatusReport> {
const languages = config.languages.join(",");
const paths = (config.originalUserInput.paths || []).join(",");
const pathsIgnore = (config.originalUserInput["paths-ignore"] || []).join(
",",
);
const disableDefaultQueries = config.originalUserInput[
"disable-default-queries"
]
? languages
: "";
const queries: string[] = [];
let queriesInput = getOptionalInput("queries")?.trim();
if (queriesInput === undefined || queriesInput.startsWith("+")) {
queries.push(
...(config.originalUserInput.queries || []).map((q) => q.uses),
);
}
if (queriesInput !== undefined) {
queriesInput = queriesInput.startsWith("+")
? queriesInput.slice(1)
: queriesInput;
queries.push(...queriesInput.split(","));
}
let packs: Record<string, string[]> = {};
if (Array.isArray(config.computedConfig.packs)) {
packs[config.languages[0]] = config.computedConfig.packs;
} else if (config.computedConfig.packs !== undefined) {
packs = config.computedConfig.packs;
}
return {
...initStatusReport,
config_file: configFile ?? "",
disable_default_queries: disableDefaultQueries,
paths,
paths_ignore: pathsIgnore,
queries: queries.join(","),
packs: JSON.stringify(packs),
trap_cache_languages: Object.keys(config.trapCaches).join(","),
trap_cache_download_size_bytes: totalCacheSize,
trap_cache_download_duration_ms: Math.round(config.trapCacheDownloadTime),
overlay_base_database_download_size_bytes:
overlayBaseDatabaseStats?.databaseSizeBytes,
overlay_base_database_download_duration_ms:
overlayBaseDatabaseStats?.databaseDownloadDurationMs,
query_filters: JSON.stringify(
config.originalUserInput["query-filters"] ?? [],
),
registries: JSON.stringify(
parseRegistriesWithoutCredentials(getOptionalInput("registries")) ?? [],
),
};
}
src/testing-utils.ts
+8 -7
View File
@@ -9,6 +9,7 @@ import * as sinon from "sinon";
import { AnalysisKind } from "./analyses";
import * as apiClient from "./api-client";
import { GitHubApiDetails } from "./api-client";
import { CachingKind } from "./caching-utils";
import * as codeql from "./codeql";
import { Config } from "./config-utils";
import * as defaults from "./defaults.json";
@@ -19,6 +20,7 @@ import {
FeatureEnablement,
} from "./feature-flags";
import { Logger } from "./logging";
import { OverlayDatabaseMode } from "./overlay-database-utils";
import {
DEFAULT_DEBUG_ARTIFACT_NAME,
DEFAULT_DEBUG_DATABASE_NAME,
@@ -358,6 +360,7 @@ export function createTestConfig(overrides: Partial<Config>): Config {
languages: [],
buildMode: undefined,
originalUserInput: {},
computedConfig: {},
tempDir: "",
codeQLCmd: "",
gitHubVersion: {
@@ -367,15 +370,13 @@ export function createTestConfig(overrides: Partial<Config>): Config {
debugMode: false,
debugArtifactName: DEFAULT_DEBUG_ARTIFACT_NAME,
debugDatabaseName: DEFAULT_DEBUG_DATABASE_NAME,
augmentationProperties: {
packsInputCombines: false,
queriesInputCombines: false,
extraQueryExclusions: [],
},
trapCaches: {},
trapCacheDownloadTime: 0,
dependencyCachingEnabled: false,
},
dependencyCachingEnabled: CachingKind.None,
extraQueryExclusions: [],
overlayDatabaseMode: OverlayDatabaseMode.None,
useOverlayDatabaseCaching: false,
} satisfies Config,
overrides,
);
}
src/upload-lib.ts
+2 -2
View File
@@ -1,10 +1,10 @@
import * as fs from "fs";
import * as path from "path";
import * as url from "url";
import zlib from "zlib";
import * as core from "@actions/core";
import { OctokitResponse } from "@octokit/types";
import fileUrl from "file-url";
import * as jsonschema from "jsonschema";
import * as actionsUtil from "./actions-util";
@@ -728,7 +728,7 @@ export async function uploadSpecifiedFiles(
const sarifPayload = JSON.stringify(sarif);
logger.debug(`Compressing serialized SARIF`);
const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64");
const checkoutURI = fileUrl(checkoutPath);
const checkoutURI = url.pathToFileURL(checkoutPath).href;
const payload = buildPayload(
await gitUtils.getCommitOid(checkoutPath),
src/util.ts
+6 -6
View File
@@ -1,13 +1,12 @@
import * as fs from "fs";
import * as os from "os";
import * as path from "path";
import { promisify } from "util";
import * as core from "@actions/core";
import * as exec from "@actions/exec/lib/exec";
import * as io from "@actions/io";
import checkDiskSpace from "check-disk-space";
import del from "del";
import * as del from "del";
import getFolderSize from "get-folder-size";
import * as yaml from "js-yaml";
import * as semver from "semver";
@@ -168,7 +167,7 @@ export async function withTmpDir<T>(
): Promise<T> {
const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "codeql-action-"));
const result = await body(tmpDir);
await del(tmpDir, { force: true });
await del.deleteAsync(tmpDir, { force: true });
return result;
}
@@ -732,7 +731,7 @@ export async function bundleDb(
// from somewhere else or someone trying to make the action upload a
// non-database file.
if (fs.existsSync(databaseBundlePath)) {
await del(databaseBundlePath, { force: true });
await del.deleteAsync(databaseBundlePath, { force: true });
}
await codeql.databaseBundle(databasePath, databaseBundlePath, dbName);
return databaseBundlePath;
@@ -831,7 +830,8 @@ export async function tryGetFolderBytes(
quiet: boolean = false,
): Promise<number | undefined> {
try {
return await promisify<string, number>(getFolderSize)(cacheDir);
// tolerate some errors since we're only estimating the size
return await getFolderSize.loose(cacheDir);
} catch (e) {
if (!quiet || logger.isDebug()) {
logger.warning(
@@ -1234,7 +1234,7 @@ export async function checkSipEnablement(
export async function cleanUpGlob(glob: string, name: string, logger: Logger) {
logger.debug(`Cleaning up ${name}.`);
try {
const deletedPaths = await del(glob, { force: true });
const deletedPaths = await del.deleteAsync(glob, { force: true });
if (deletedPaths.length === 0) {
logger.warning(
`Failed to clean up ${name}: no files found matching ${glob}.`,