Merge branch 'main' into mbg/pr-checks/upload-sarif

src/autobuild.ts

@@ -52,11 +52,11 @@ export async function determineAutobuildLanguages(
    * For example, consider a user with the following workflow file:
    *
    * ```yml
-   * - uses: github/codeql-action/init@v3
+   * - uses: github/codeql-action/init@v4
    *   with:
    *     languages: go, java
-   * - uses: github/codeql-action/autobuild@v3
-   * - uses: github/codeql-action/analyze@v3
+   * - uses: github/codeql-action/autobuild@v4
+   * - uses: github/codeql-action/analyze@v4
    * ```
    *
    * - With Go extraction disabled, we will run the Java autobuilder in the

src/init-action-post-helper.test.ts

@@ -84,14 +84,14 @@ test("uploads failed SARIF run with `diagnostics export` if feature flag is off"
     },
     {
       name: "Initialize CodeQL",
-      uses: "github/codeql-action/init@v3",
+      uses: "github/codeql-action/init@v4",
       with: {
         languages: "javascript",
       },
     },
     {
       name: "Perform CodeQL Analysis",
-      uses: "github/codeql-action/analyze@v3",
+      uses: "github/codeql-action/analyze@v4",
       with: {
         category: "my-category",
       },
@@ -108,14 +108,14 @@ test("uploads failed SARIF run with `diagnostics export` if the database doesn't
     },
     {
       name: "Initialize CodeQL",
-      uses: "github/codeql-action/init@v3",
+      uses: "github/codeql-action/init@v4",
       with: {
         languages: "javascript",
       },
     },
     {
       name: "Perform CodeQL Analysis",
-      uses: "github/codeql-action/analyze@v3",
+      uses: "github/codeql-action/analyze@v4",
       with: {
         category: "my-category",
       },
@@ -135,14 +135,14 @@ test("uploads failed SARIF run with database export-diagnostics if the database
     },
     {
       name: "Initialize CodeQL",
-      uses: "github/codeql-action/init@v3",
+      uses: "github/codeql-action/init@v4",
       with: {
         languages: "javascript",
       },
     },
     {
       name: "Perform CodeQL Analysis",
-      uses: "github/codeql-action/analyze@v3",
+      uses: "github/codeql-action/analyze@v4",
       with: {
         category: "my-category",
       },
@@ -192,14 +192,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
       },
       {
         name: "Initialize CodeQL",
-        uses: "github/codeql-action/init@v3",
+        uses: "github/codeql-action/init@v4",
         with: {
           languages: "javascript",
         },
       },
       {
         name: "Perform CodeQL Analysis",
-        uses: "github/codeql-action/analyze@v3",
+        uses: "github/codeql-action/analyze@v4",
         with: {
           category: "my-category",
           upload: uploadInput,
@@ -227,14 +227,14 @@ test("uploading failed SARIF run succeeds when workflow uses an input with a mat
     },
     {
       name: "Initialize CodeQL",
-      uses: "github/codeql-action/init@v3",
+      uses: "github/codeql-action/init@v4",
       with: {
         languages: "javascript",
       },
     },
     {
       name: "Perform CodeQL Analysis",
-      uses: "github/codeql-action/analyze@v3",
+      uses: "github/codeql-action/analyze@v4",
       with: {
         category: "/language:${{ matrix.language }}",
       },
@@ -254,14 +254,14 @@ test("uploading failed SARIF run fails when workflow uses a complex upload input
     },
     {
       name: "Initialize CodeQL",
-      uses: "github/codeql-action/init@v3",
+      uses: "github/codeql-action/init@v4",
       with: {
         languages: "javascript",
       },
     },
     {
       name: "Perform CodeQL Analysis",
-      uses: "github/codeql-action/analyze@v3",
+      uses: "github/codeql-action/analyze@v4",
       with: {
         upload: "${{ matrix.language != 'csharp' }}",
       },

src/workflow.test.ts

@@ -395,9 +395,9 @@ async function testLanguageAliases(
             },
           },
           steps: [
-            { uses: "actions/checkout@v3" },
-            { uses: "github/codeql-action/init@v3" },
-            { uses: "github/codeql-action/analyze@v3" },
+            { uses: "actions/checkout@v4" },
+            { uses: "github/codeql-action/init@v4" },
+            { uses: "github/codeql-action/analyze@v4" },
           ],
         },
       },
@@ -666,7 +666,7 @@ test("getWorkflowErrors() should report a warning if different versions of the C
         analyze:
           steps:
             - uses: github/codeql-action/init@v2
-            - uses: github/codeql-action/analyze@v3
+            - uses: github/codeql-action/analyze@v4
     `) as Workflow,
     await getCodeQLForTesting(),
   );
@@ -686,8 +686,8 @@ test("getWorkflowErrors() should not report a warning if the same versions of th
       jobs:
         analyze:
           steps:
-            - uses: github/codeql-action/init@v3
-            - uses: github/codeql-action/analyze@v3
+            - uses: github/codeql-action/init@v4
+            - uses: github/codeql-action/analyze@v4
     `) as Workflow,
     await getCodeQLForTesting(),
   );
@@ -706,7 +706,7 @@ test("getWorkflowErrors() should not report a warning involving versions of othe
         analyze:
           steps:
             - uses: actions/checkout@v5
-            - uses: github/codeql-action/init@v3
+            - uses: github/codeql-action/init@v4
     `) as Workflow,
     await getCodeQLForTesting(),
   );
@@ -723,9 +723,9 @@ test("getCategoryInputOrThrow returns category for simple workflow with category
           analysis:
             runs-on: ubuntu-latest
             steps:
-              - uses: actions/checkout@v3
-              - uses: github/codeql-action/init@v3
-              - uses: github/codeql-action/analyze@v3
+              - uses: actions/checkout@v4
+              - uses: github/codeql-action/init@v4
+              - uses: github/codeql-action/analyze@v4
                 with:
                   category: some-category
       `) as Workflow,
@@ -745,9 +745,9 @@ test("getCategoryInputOrThrow returns undefined for simple workflow without cate
           analysis:
             runs-on: ubuntu-latest
             steps:
-              - uses: actions/checkout@v3
-              - uses: github/codeql-action/init@v3
-              - uses: github/codeql-action/analyze@v3
+              - uses: actions/checkout@v4
+              - uses: github/codeql-action/init@v4
+              - uses: github/codeql-action/analyze@v4
       `) as Workflow,
       "analysis",
       {},
@@ -765,19 +765,19 @@ test("getCategoryInputOrThrow returns category for workflow with multiple jobs",
           foo:
             runs-on: ubuntu-latest
             steps:
-              - uses: actions/checkout@v3
-              - uses: github/codeql-action/init@v3
+              - uses: actions/checkout@v4
+              - uses: github/codeql-action/init@v4
               - runs: ./build foo
-              - uses: github/codeql-action/analyze@v3
+              - uses: github/codeql-action/analyze@v4
                 with:
                   category: foo-category
           bar:
             runs-on: ubuntu-latest
             steps:
-              - uses: actions/checkout@v3
-              - uses: github/codeql-action/init@v3
+              - uses: actions/checkout@v4
+              - uses: github/codeql-action/init@v4
               - runs: ./build bar
-              - uses: github/codeql-action/analyze@v3
+              - uses: github/codeql-action/analyze@v4
                 with:
                   category: bar-category
       `) as Workflow,
@@ -800,11 +800,11 @@ test("getCategoryInputOrThrow finds category for workflow with language matrix",
               matrix:
                 language: [javascript, python]
             steps:
-              - uses: actions/checkout@v3
-              - uses: github/codeql-action/init@v3
+              - uses: actions/checkout@v4
+              - uses: github/codeql-action/init@v4
                 with:
                   language: \${{ matrix.language }}
-              - uses: github/codeql-action/analyze@v3
+              - uses: github/codeql-action/analyze@v4
                 with:
                   category: "/language:\${{ matrix.language }}"
       `) as Workflow,
@@ -824,9 +824,9 @@ test("getCategoryInputOrThrow throws error for workflow with dynamic category",
           jobs:
             analysis:
               steps:
-                - uses: actions/checkout@v3
-                - uses: github/codeql-action/init@v3
-                - uses: github/codeql-action/analyze@v3
+                - uses: actions/checkout@v4
+                - uses: github/codeql-action/init@v4
+                - uses: github/codeql-action/analyze@v4
                   with:
                     category: "\${{ github.workflow }}"
         `) as Workflow,
@@ -851,12 +851,12 @@ test("getCategoryInputOrThrow throws error for workflow with multiple calls to a
             analysis:
               runs-on: ubuntu-latest
               steps:
-                - uses: actions/checkout@v3
-                - uses: github/codeql-action/init@v3
-                - uses: github/codeql-action/analyze@v3
+                - uses: actions/checkout@v4
+                - uses: github/codeql-action/init@v4
+                - uses: github/codeql-action/analyze@v4
                   with:
                     category: some-category
-                - uses: github/codeql-action/analyze@v3
+                - uses: github/codeql-action/analyze@v4
                   with:
                     category: another-category
         `) as Workflow,