github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-30 02:40:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/releases/v4' into backport-v3.33.0-b1bff8193

Browse Source
This commit is contained in:
github-actions[bot]
2026-03-16 09:08:34 +00:00
parent e50ab6dc1d b1bff81932
commit 4ccf9a5deb
140 changed files with 7262 additions and 7565 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/__all-platform-bundle.yml
Generated
+20 -20
View File
@@ -25,34 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: all-platform-bundle-${{github.ref}}-${{inputs.go-version}}-${{inputs.dotnet-version}}
group: all-platform-bundle-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
all-platform-bundle:
strategy:
@@ -75,6 +75,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -82,15 +91,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'true'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- id: init
uses: ./../action/init
with:
.github/workflows/__analyze-ref-input.yml
Generated
+20 -35
View File
@@ -25,44 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: analyze-ref-input-${{github.ref}}-${{inputs.go-version}}-${{inputs.python-version}}-${{inputs.dotnet-version}}
group: analyze-ref-input-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
analyze-ref-input:
strategy:
@@ -81,6 +71,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -88,20 +87,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Python
if: matrix.version != 'nightly-latest'
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python-version || '3.13' }}
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}
.github/workflows/__autobuild-action.yml
Generated
+4 -4
View File
@@ -65,6 +65,10 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -72,10 +76,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
languages: csharp
.github/workflows/__autobuild-direct-tracing-with-working-dir.yml
Generated
+5 -5
View File
@@ -67,6 +67,11 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install Java
uses: actions/setup-java@v5
with:
java-version: ${{ inputs.java-version || '17' }}
distribution: temurin
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -74,11 +79,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Java
uses: actions/setup-java@v5
with:
java-version: ${{ inputs.java-version || '17' }}
distribution: temurin
- name: Test setup
run: |
# Make sure that Gradle build succeeds in autobuild-dir ...
.github/workflows/__build-mode-autobuild.yml
Generated
+7 -7
View File
@@ -67,13 +67,6 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Java
uses: actions/setup-java@v5
with:
@@ -87,6 +80,13 @@ jobs:
run: |-
gh release download --repo mikefarah/yq --pattern "yq_windows_amd64.exe" "$YQ_VERSION" -O "$YQ_PATH/yq.exe"
echo "$YQ_PATH" >> "$GITHUB_PATH"
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Set up Java test repo configuration
run: |
mv * .github ../action/tests/multi-language-repo/
.github/workflows/__build-mode-manual.yml
Generated
+20 -20
View File
@@ -25,34 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: build-mode-manual-${{github.ref}}-${{inputs.go-version}}-${{inputs.dotnet-version}}
group: build-mode-manual-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
build-mode-manual:
strategy:
@@ -71,6 +71,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -78,15 +87,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
id: init
with:
.github/workflows/__bundle-toolcache.yml
Generated
+2 -2
View File
@@ -39,10 +39,10 @@ jobs:
fail-fast: false
matrix:
include:
- os: macos-latest
version: linked
- os: ubuntu-latest
version: linked
- os: macos-latest
version: linked
- os: windows-latest
version: linked
name: 'Bundle: Caching checks'
.github/workflows/__bundle-zstd.yml
Generated
+2 -2
View File
@@ -39,10 +39,10 @@ jobs:
fail-fast: false
matrix:
include:
- os: macos-latest
version: linked
- os: ubuntu-latest
version: linked
- os: macos-latest
version: linked
- os: windows-latest
version: linked
name: 'Bundle: Zstandard checks'
.github/workflows/__export-file-baseline-information.yml
Generated
+20 -20
View File
@@ -25,34 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: export-file-baseline-information-${{github.ref}}-${{inputs.go-version}}-${{inputs.dotnet-version}}
group: export-file-baseline-information-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
export-file-baseline-information:
strategy:
@@ -75,6 +75,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -82,15 +91,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
id: init
with:
.github/workflows/__go-custom-queries.yml
Generated
+20 -20
View File
@@ -25,34 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: go-custom-queries-${{github.ref}}-${{inputs.go-version}}-${{inputs.dotnet-version}}
group: go-custom-queries-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
go-custom-queries:
strategy:
@@ -73,6 +73,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -80,15 +89,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
languages: go
.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml
Generated
+5 -5
View File
@@ -61,6 +61,11 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -68,11 +73,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- uses: ./../action/init
with:
languages: go
.github/workflows/__go-indirect-tracing-workaround-no-file-program.yml
Generated
+5 -5
View File
@@ -61,6 +61,11 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -68,11 +73,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Remove `file` program
run: |
echo $(which file)
.github/workflows/__go-indirect-tracing-workaround.yml
Generated
+5 -5
View File
@@ -61,6 +61,11 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -68,11 +73,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- uses: ./../action/init
with:
languages: go
.github/workflows/__go-tracing-autobuilder.yml
Generated
+5 -19
View File
@@ -51,32 +51,18 @@ jobs:
include:
- os: ubuntu-latest
version: stable-v2.17.6
- os: macos-latest
version: stable-v2.17.6
- os: ubuntu-latest
version: stable-v2.18.4
- os: macos-latest
version: stable-v2.18.4
- os: ubuntu-latest
version: stable-v2.19.4
- os: macos-latest
version: stable-v2.19.4
- os: ubuntu-latest
version: stable-v2.20.7
- os: macos-latest
version: stable-v2.20.7
- os: ubuntu-latest
version: stable-v2.21.4
- os: macos-latest
version: stable-v2.21.4
- os: ubuntu-latest
version: stable-v2.22.4
- os: macos-latest
version: stable-v2.22.4
- os: ubuntu-latest
version: default
- os: macos-latest
version: default
- os: ubuntu-latest
version: linked
- os: macos-latest
@@ -95,6 +81,11 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -102,11 +93,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- uses: ./../action/init
with:
languages: go
.github/workflows/__go-tracing-custom-build-steps.yml
Generated
+5 -19
View File
@@ -51,32 +51,18 @@ jobs:
include:
- os: ubuntu-latest
version: stable-v2.17.6
- os: macos-latest
version: stable-v2.17.6
- os: ubuntu-latest
version: stable-v2.18.4
- os: macos-latest
version: stable-v2.18.4
- os: ubuntu-latest
version: stable-v2.19.4
- os: macos-latest
version: stable-v2.19.4
- os: ubuntu-latest
version: stable-v2.20.7
- os: macos-latest
version: stable-v2.20.7
- os: ubuntu-latest
version: stable-v2.21.4
- os: macos-latest
version: stable-v2.21.4
- os: ubuntu-latest
version: stable-v2.22.4
- os: macos-latest
version: stable-v2.22.4
- os: ubuntu-latest
version: default
- os: macos-latest
version: default
- os: ubuntu-latest
version: linked
- os: macos-latest
@@ -95,6 +81,11 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -102,11 +93,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- uses: ./../action/init
with:
languages: go
.github/workflows/__go-tracing-legacy-workflow.yml
Generated
+5 -19
View File
@@ -51,32 +51,18 @@ jobs:
include:
- os: ubuntu-latest
version: stable-v2.17.6
- os: macos-latest
version: stable-v2.17.6
- os: ubuntu-latest
version: stable-v2.18.4
- os: macos-latest
version: stable-v2.18.4
- os: ubuntu-latest
version: stable-v2.19.4
- os: macos-latest
version: stable-v2.19.4
- os: ubuntu-latest
version: stable-v2.20.7
- os: macos-latest
version: stable-v2.20.7
- os: ubuntu-latest
version: stable-v2.21.4
- os: macos-latest
version: stable-v2.21.4
- os: ubuntu-latest
version: stable-v2.22.4
- os: macos-latest
version: stable-v2.22.4
- os: ubuntu-latest
version: default
- os: macos-latest
version: default
- os: ubuntu-latest
version: linked
- os: macos-latest
@@ -95,6 +81,11 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -102,11 +93,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- uses: ./../action/init
with:
languages: go
.github/workflows/__go.yml
Generated
+6 -6
View File
@@ -10,16 +10,16 @@ env:
on:
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
jobs:
go-custom-queries:
name: 'Go: Custom queries'
@@ -28,8 +28,8 @@ jobs:
security-events: read
uses: ./.github/workflows/__go-custom-queries.yml
with:
go-version: ${{ inputs.go-version }}
dotnet-version: ${{ inputs.dotnet-version }}
go-version: ${{ inputs.go-version }}
go-indirect-tracing-workaround-diagnostic:
name: 'Go: diagnostic when Go is changed after init step'
permissions:
.github/workflows/__local-bundle.yml
Generated
+20 -35
View File
@@ -25,44 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: local-bundle-${{github.ref}}-${{inputs.go-version}}-${{inputs.python-version}}-${{inputs.dotnet-version}}
group: local-bundle-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
local-bundle:
strategy:
@@ -81,6 +71,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -88,20 +87,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Python
if: matrix.version != 'nightly-latest'
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python-version || '3.13' }}
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Fetch latest CodeQL bundle
run: |
wget https://github.com/github/codeql-action/releases/latest/download/codeql-bundle-linux64.tar.zst
.github/workflows/__multi-language-autodetect.yml
Generated
+36 -43
View File
@@ -25,85 +25,75 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: multi-language-autodetect-${{github.ref}}-${{inputs.go-version}}-${{inputs.python-version}}-${{inputs.dotnet-version}}
group: multi-language-autodetect-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
multi-language-autodetect:
strategy:
fail-fast: false
matrix:
include:
- os: macos-latest
version: stable-v2.17.6
- os: ubuntu-latest
version: stable-v2.17.6
- os: macos-latest
version: stable-v2.18.4
version: stable-v2.17.6
- os: ubuntu-latest
version: stable-v2.18.4
- os: macos-latest
version: stable-v2.19.4
version: stable-v2.18.4
- os: ubuntu-latest
version: stable-v2.19.4
- os: macos-latest
version: stable-v2.20.7
version: stable-v2.19.4
- os: ubuntu-latest
version: stable-v2.20.7
- os: macos-latest
version: stable-v2.21.4
version: stable-v2.20.7
- os: ubuntu-latest
version: stable-v2.21.4
- os: macos-latest
version: stable-v2.22.4
version: stable-v2.21.4
- os: ubuntu-latest
version: stable-v2.22.4
- os: macos-latest
version: default
version: stable-v2.22.4
- os: ubuntu-latest
version: default
- os: macos-latest
version: linked
version: default
- os: ubuntu-latest
version: linked
- os: macos-latest
version: linked
- os: ubuntu-latest
version: nightly-latest
- os: ubuntu-latest
- os: macos-latest
version: nightly-latest
name: Multi-language repository
if: github.triggering_actor != 'dependabot[bot]'
@@ -115,6 +105,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -122,20 +121,14 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Python
if: matrix.version != 'nightly-latest'
- name: Install Python 3.13 for older CLI versions
# We need Python 3.13 for older CLI versions because they are not compatible with Python 3.14 or newer.
# See https://github.com/github/codeql-action/pull/3212
if: matrix.version != 'nightly-latest' && matrix.version != 'linked'
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python-version || '3.13' }}
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
python-version: '3.13'
- name: Use Xcode 16
if: runner.os == 'macOS' && matrix.version != 'nightly-latest'
run: sudo xcode-select -s "/Applications/Xcode_16.app"
.github/workflows/__packaging-codescanning-config-inputs-js.yml
Generated
+20 -35
View File
@@ -25,44 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: packaging-codescanning-config-inputs-js-${{github.ref}}-${{inputs.go-version}}-${{inputs.python-version}}-${{inputs.dotnet-version}}
group: packaging-codescanning-config-inputs-js-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
packaging-codescanning-config-inputs-js:
strategy:
@@ -85,6 +75,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Node.js
uses: actions/setup-node@v6
with:
@@ -99,20 +98,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Python
if: matrix.version != 'nightly-latest'
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python-version || '3.13' }}
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
config-file: '.github/codeql/codeql-config-packaging3.yml'
.github/workflows/__packaging-config-inputs-js.yml
Generated
+20 -20
View File
@@ -25,34 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: packaging-config-inputs-js-${{github.ref}}-${{inputs.go-version}}-${{inputs.dotnet-version}}
group: packaging-config-inputs-js-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
packaging-config-inputs-js:
strategy:
@@ -75,6 +75,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Node.js
uses: actions/setup-node@v6
with:
@@ -89,15 +98,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
config-file: '.github/codeql/codeql-config-packaging3.yml'
.github/workflows/__packaging-config-js.yml
Generated
+20 -20
View File
@@ -25,34 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: packaging-config-js-${{github.ref}}-${{inputs.go-version}}-${{inputs.dotnet-version}}
group: packaging-config-js-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
packaging-config-js:
strategy:
@@ -75,6 +75,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Node.js
uses: actions/setup-node@v6
with:
@@ -89,15 +98,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
config-file: '.github/codeql/codeql-config-packaging.yml'
.github/workflows/__packaging-inputs-js.yml
Generated
+20 -20
View File
@@ -25,34 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: packaging-inputs-js-${{github.ref}}-${{inputs.go-version}}-${{inputs.dotnet-version}}
group: packaging-inputs-js-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
packaging-inputs-js:
strategy:
@@ -75,6 +75,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Node.js
uses: actions/setup-node@v6
with:
@@ -89,15 +98,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
config-file: '.github/codeql/codeql-config-packaging2.yml'
.github/workflows/__remote-config.yml
Generated
+20 -35
View File
@@ -25,44 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: remote-config-${{github.ref}}-${{inputs.go-version}}-${{inputs.python-version}}-${{inputs.dotnet-version}}
group: remote-config-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
remote-config:
strategy:
@@ -83,6 +73,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -90,20 +89,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Python
if: matrix.version != 'nightly-latest'
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python-version || '3.13' }}
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}
.github/workflows/__resolve-environment-action.yml
Generated
+2 -2
View File
@@ -39,10 +39,10 @@ jobs:
fail-fast: false
matrix:
include:
- os: ubuntu-latest
version: default
- os: ubuntu-latest
version: linked
- os: ubuntu-latest
version: default
- os: ubuntu-latest
version: nightly-latest
name: Resolve environment
.github/workflows/__split-workflow.yml
Generated
+20 -20
View File
@@ -25,34 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: split-workflow-${{github.ref}}-${{inputs.go-version}}-${{inputs.dotnet-version}}
group: split-workflow-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
split-workflow:
strategy:
@@ -81,6 +81,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -88,15 +97,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
config-file: '.github/codeql/codeql-config-packaging3.yml'
.github/workflows/__swift-custom-build.yml
Generated
+20 -20
View File
@@ -25,34 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: swift-custom-build-${{github.ref}}-${{inputs.go-version}}-${{inputs.dotnet-version}}
group: swift-custom-build-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
swift-custom-build:
strategy:
@@ -75,6 +75,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -82,15 +91,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Use Xcode 16
if: runner.os == 'macOS' && matrix.version != 'nightly-latest'
run: sudo xcode-select -s "/Applications/Xcode_16.app"
.github/workflows/__unset-environment.yml
Generated
+20 -35
View File
@@ -25,44 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: unset-environment-${{github.ref}}-${{inputs.go-version}}-${{inputs.python-version}}-${{inputs.dotnet-version}}
group: unset-environment-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
unset-environment:
strategy:
@@ -83,6 +73,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -90,20 +89,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Python
if: matrix.version != 'nightly-latest'
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python-version || '3.13' }}
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
id: init
with:
.github/workflows/__upload-ref-sha-input.yml
Generated
+20 -35
View File
@@ -25,44 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: upload-ref-sha-input-${{github.ref}}-${{inputs.go-version}}-${{inputs.python-version}}-${{inputs.dotnet-version}}
group: upload-ref-sha-input-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
upload-ref-sha-input:
strategy:
@@ -81,6 +71,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -88,20 +87,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Python
if: matrix.version != 'nightly-latest'
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python-version || '3.13' }}
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}
.github/workflows/__upload-sarif.yml
Generated
+20 -35
View File
@@ -25,44 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: upload-sarif-${{github.ref}}-${{inputs.go-version}}-${{inputs.python-version}}-${{inputs.dotnet-version}}
group: upload-sarif-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
upload-sarif:
strategy:
@@ -88,6 +78,15 @@ jobs:
steps:
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -95,20 +94,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Python
if: matrix.version != 'nightly-latest'
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python-version || '3.13' }}
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}
.github/workflows/__with-checkout-path.yml
Generated
+20 -35
View File
@@ -25,44 +25,34 @@ on:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
python-version:
type: string
description: The version of Python to install
required: false
default: '3.13'
dotnet-version:
type: string
description: The version of .NET to install
required: false
default: 9.x
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' || false }}
group: with-checkout-path-${{github.ref}}-${{inputs.go-version}}-${{inputs.python-version}}-${{inputs.dotnet-version}}
group: with-checkout-path-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}
jobs:
with-checkout-path:
strategy:
@@ -82,6 +72,15 @@ jobs:
# This ensures we don't accidentally use the original checkout for any part of the test.
- name: Check out repository
uses: actions/checkout@v6
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
@@ -89,20 +88,6 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- name: Install Python
if: matrix.version != 'nightly-latest'
uses: actions/setup-python@v6
with:
python-version: ${{ inputs.python-version || '3.13' }}
- name: Install .NET
uses: actions/setup-dotnet@v5
with:
dotnet-version: ${{ inputs.dotnet-version || '9.x' }}
- name: Delete original checkout
run: |
# delete the original checkout so we don't accidentally use it.
.github/workflows/pr-checks.yml
+37 -9
View File
@@ -52,19 +52,10 @@ jobs:
- name: Verify compiled JS up to date
run: .github/workflows/script/check-js.sh
- name: Verify PR checks up to date
if: always()
run: .github/workflows/script/verify-pr-checks.sh
- name: Run unit tests
if: always()
run: npm test
- name: Run pr-checks tests
if: always()
working-directory: pr-checks
run: npm ci && npx tsx --test
- name: Lint
if: always() && matrix.os != 'windows-latest'
run: npm run lint-ci
@@ -76,6 +67,43 @@ jobs:
sarif_file: eslint.sarif
category: eslint
# Verifying the PR checks are up-to-date requires Node 24. The PR checks are not dependent
# on the main codebase and therefore do not need to be run as part of the same matrix that
# we use for the `unit-tests` job.
verify-pr-checks:
name: Verify PR checks
if: github.triggering_actor != 'dependabot[bot]'
permissions:
contents: read
runs-on: ubuntu-slim
timeout-minutes: 10
steps:
- name: Prepare git (Windows)
if: runner.os == 'Windows'
run: git config --global core.autocrlf false
- name: Checkout repository
uses: actions/checkout@v6
- name: Set up Node.js
uses: actions/setup-node@v6
with:
node-version: 24
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Verify PR checks up to date
if: always()
run: .github/workflows/script/verify-pr-checks.sh
- name: Run pr-checks tests
if: always()
working-directory: pr-checks
run: npx tsx --test
check-node-version:
if: github.triggering_actor != 'dependabot[bot]'
name: Check Action Node versions
.github/workflows/rebuild.yml
+18 -3
View File
@@ -29,6 +29,12 @@ jobs:
fetch-depth: 0
ref: ${{ env.HEAD_REF }}
- name: Set up Node.js
uses: actions/setup-node@v6
with:
node-version: 24
cache: 'npm'
- name: Remove label
if: github.event_name == 'pull_request'
env:
@@ -49,9 +55,18 @@ jobs:
git fetch origin "$BASE_BRANCH"
# Allow merge conflicts in `lib`, since rebuilding should resolve them.
git merge "origin/$BASE_BRANCH" || echo "Merge conflicts detected, continuing."
git merge "origin/$BASE_BRANCH"
MERGE_RESULT=$?
if [ "$MERGE_RESULT" -eq 0 ]; then
echo "Merge succeeded cleanly."
elif [ "$MERGE_RESULT" -eq 1 ]; then
echo "Merge conflicts detected (exit code $MERGE_RESULT), continuing."
else
echo "git merge failed with unexpected exit code $MERGE_RESULT."
exit 1
fi
if [ "$MERGE_RESULT" -ne 0 ]; then
echo "merge-in-progress=true" >> $GITHUB_OUTPUT
@@ -79,7 +94,7 @@ jobs:
working-directory: pr-checks
run: |
npm ci
npx tsx sync_back.ts --verbose
npx tsx sync-back.ts --verbose
- name: Generate workflows
working-directory: pr-checks
@@ -104,7 +119,7 @@ jobs:
# Otherwise, just commit the changes.
if git rev-parse --verify MERGE_HEAD >/dev/null 2>&1; then
echo "In progress merge detected, finishing it up."
git merge --continue --no-edit
git commit --no-edit
else
echo "No in-progress merge detected, committing changes."
git commit -m "Rebuild"
CHANGELOG.md
+14
View File
@@ -2,6 +2,20 @@
See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
## 4.33.0 - 16 Mar 2026
- Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. [#3562](https://github.com/github/codeql-action/pull/3562)
To opt out of this change:
- **Repositories owned by an organization:** Create a custom repository property with the name `github-codeql-file-coverage-on-prs` and the type "True/false", then set this property to `true` in the repository's settings. For more information, see [Managing custom properties for repositories in your organization](https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization). Alternatively, if you are using an advanced setup workflow, you can set the `CODEQL_ACTION_FILE_COVERAGE_ON_PRS` environment variable to `true` in your workflow.
- **User-owned repositories using default setup:** Switch to an advanced setup workflow and set the `CODEQL_ACTION_FILE_COVERAGE_ON_PRS` environment variable to `true` in your workflow.
- **User-owned repositories using advanced setup:** Set the `CODEQL_ACTION_FILE_COVERAGE_ON_PRS` environment variable to `true` in your workflow.
- Fixed [a bug](https://github.com/github/codeql-action/issues/3555) which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. [#3557](https://github.com/github/codeql-action/pull/3557)
- The CodeQL Action now loads [custom repository properties](https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization) on GitHub Enterprise Server, enabling the customization of features such as `github-codeql-disable-overlay` that was previously only available on GitHub.com. [#3559](https://github.com/github/codeql-action/pull/3559)
- Once [private package registries](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries) can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. [#3563](https://github.com/github/codeql-action/pull/3563)
- Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". [#3564](https://github.com/github/codeql-action/pull/3564)
- A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. [#3570](https://github.com/github/codeql-action/pull/3570)
## 4.32.6 - 05 Mar 2026
- Update default CodeQL bundle version to [2.24.3](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3). [#3548](https://github.com/github/codeql-action/pull/3548)
ava.config.mjs
+9
View File
@@ -0,0 +1,9 @@
export default {
typescript: {
rewritePaths: {
"src/": "build/",
},
compile: false,
},
require: ["./ava.setup.mjs"],
};
ava.setup.mjs
+3
View File
@@ -0,0 +1,3 @@
import pkg from "./package.json" with { type: "json" };
globalThis.__CODEQL_ACTION_VERSION__ = pkg.version;
build.mjs
+7 -2
View File
@@ -5,6 +5,8 @@ import { fileURLToPath } from "node:url";
import * as esbuild from "esbuild";
import { globSync } from "glob";
import pkg from "./package.json" with { type: "json" };
const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename);
@@ -13,7 +15,7 @@ const OUT_DIR = join(__dirname, "lib");
/**
* Clean the output directory before building.
*
*
* @type {esbuild.Plugin}
*/
const cleanPlugin = {
@@ -27,7 +29,7 @@ const cleanPlugin = {
/**
* Copy defaults.json to the output directory since other projects depend on it.
*
*
* @type {esbuild.Plugin}
*/
const copyDefaultsPlugin = {
@@ -69,6 +71,9 @@ const context = await esbuild.context({
platform: "node",
plugins: [cleanPlugin, copyDefaultsPlugin, onEndPlugin],
target: ["node20"],
define: {
__CODEQL_ACTION_VERSION__: JSON.stringify(pkg.version),
},
});
await context.rebuild();
eslint.config.mjs
+28 -1
View File
@@ -19,9 +19,10 @@ export default [
"src/testdata/**/*",
"tests/**/*",
"build.mjs",
"ava.config.mjs",
"ava.setup.mjs",
"eslint.config.mjs",
".github/**/*",
"pr-checks/**/*",
],
},
// eslint recommended config
@@ -161,10 +162,36 @@ export default [
"@typescript-eslint/no-unused-vars": [
"error",
{
"args": "all",
"argsIgnorePattern": "^_",
}
],
"func-style": "off",
},
},
{
files: ["pr-checks/**/*.ts"],
languageOptions: {
parserOptions: {
// Use the correct `tsconfig.json` for `pr-checks`.
project: "./pr-checks/tsconfig.json",
},
},
rules: {
// The scripts in `pr-checks` are expected to output to the console.
"no-console": "off",
"@typescript-eslint/no-floating-promises": [
"error",
{
allowForKnownSafeCalls: [
// Avoid needing explicit `void` in front of `describe` calls in test files.
{ from: "package", name: ["describe"], package: "node:test" },
],
},
],
},
},
];
lib/analyze-action-post.js
Generated
+72 -223
View File
@@ -45981,113 +45981,6 @@ var require_semver2 = __commonJS({
}
});
// package.json
var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "4.32.6",
private: true,
description: "CodeQL action",
scripts: {
_build_comment: "echo 'Run the full build so we typecheck the project and can reuse the transpiled files in npm test'",
build: "./scripts/check-node-modules.sh && npm run transpile && node build.mjs",
lint: "eslint --report-unused-disable-directives --max-warnings=0 .",
"lint-ci": "SARIF_ESLINT_IGNORE_SUPPRESSED=true eslint --report-unused-disable-directives --max-warnings=0 . --format @microsoft/eslint-formatter-sarif --output-file=eslint.sarif",
"lint-fix": "eslint --report-unused-disable-directives --max-warnings=0 . --fix",
ava: "npm run transpile && ava --verbose",
test: "npm run ava -- src/",
"test-debug": "npm run test -- --timeout=20m",
transpile: "tsc --build --verbose"
},
ava: {
typescript: {
rewritePaths: {
"src/": "build/"
},
compile: false
}
},
license: "MIT",
dependencies: {
"@actions/artifact": "^5.0.3",
"@actions/artifact-legacy": "npm:@actions/artifact@^1.1.2",
"@actions/cache": "^5.0.5",
"@actions/core": "^2.0.3",
"@actions/exec": "^2.0.0",
"@actions/github": "^8.0.1",
"@actions/glob": "^0.5.0",
"@actions/http-client": "^3.0.0",
"@actions/io": "^2.0.0",
"@actions/tool-cache": "^3.0.1",
"@octokit/plugin-retry": "^8.0.0",
"@schemastore/package": "0.0.10",
archiver: "^7.0.1",
"fast-deep-equal": "^3.1.3",
"follow-redirects": "^1.15.11",
"get-folder-size": "^5.0.0",
"https-proxy-agent": "^7.0.6",
"js-yaml": "^4.1.1",
jsonschema: "1.4.1",
long: "^5.3.2",
"node-forge": "^1.3.3",
semver: "^7.7.4",
uuid: "^13.0.0"
},
devDependencies: {
"@ava/typescript": "6.0.0",
"@eslint/compat": "^2.0.2",
"@microsoft/eslint-formatter-sarif": "^3.1.0",
"@octokit/types": "^16.0.0",
"@types/archiver": "^7.0.0",
"@types/follow-redirects": "^1.14.4",
"@types/js-yaml": "^4.0.9",
"@types/node": "^20.19.9",
"@types/node-forge": "^1.3.14",
"@types/sarif": "^2.1.7",
"@types/semver": "^7.7.1",
"@types/sinon": "^21.0.0",
ava: "^6.4.1",
esbuild: "^0.27.3",
eslint: "^9.39.2",
"eslint-import-resolver-typescript": "^3.8.7",
"eslint-plugin-github": "^6.0.0",
"eslint-plugin-import-x": "^4.16.1",
"eslint-plugin-jsdoc": "^62.7.1",
"eslint-plugin-no-async-foreach": "^0.1.1",
glob: "^11.1.0",
globals: "^17.3.0",
nock: "^14.0.11",
sinon: "^21.0.1",
typescript: "^5.9.3",
"typescript-eslint": "^8.56.1"
},
overrides: {
"@actions/tool-cache": {
semver: ">=6.3.1"
},
"@octokit/request-error": {
semver: ">=5.1.1"
},
"@octokit/request": {
semver: ">=8.4.1"
},
"@octokit/plugin-paginate-rest": {
semver: ">=9.2.2"
},
"eslint-plugin-import": {
semver: ">=6.3.1"
},
"eslint-plugin-jsx-a11y": {
semver: ">=6.3.1"
},
"brace-expansion@2.0.1": "2.0.2",
glob: "^11.1.0"
}
};
}
});
// node_modules/bottleneck/light.js
var require_light = __commonJS({
"node_modules/bottleneck/light.js"(exports2, module2) {
@@ -53394,8 +53287,8 @@ var require_object = __commonJS({
"node_modules/@typespec/ts-http-runtime/dist/commonjs/util/object.js"(exports2) {
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.isObject = isObject2;
function isObject2(input) {
exports2.isObject = isObject3;
function isObject3(input) {
return typeof input === "object" && input !== null && !Array.isArray(input) && !(input instanceof RegExp) && !(input instanceof Date);
}
}
@@ -57881,7 +57774,7 @@ var require_commonjs4 = __commonJS({
exports2.computeSha256Hmac = computeSha256Hmac;
exports2.getRandomIntegerInclusive = getRandomIntegerInclusive;
exports2.isError = isError;
exports2.isObject = isObject2;
exports2.isObject = isObject3;
exports2.randomUUID = randomUUID;
exports2.uint8ArrayToString = uint8ArrayToString;
exports2.stringToUint8Array = stringToUint8Array;
@@ -57928,7 +57821,7 @@ var require_commonjs4 = __commonJS({
function isError(e) {
return tspRuntime.isError(e);
}
function isObject2(input) {
function isObject3(input) {
return tspRuntime.isObject(input);
}
function randomUUID() {
@@ -92763,7 +92656,7 @@ var require_config = __commonJS({
});
// node_modules/@actions/cache/package.json
var require_package2 = __commonJS({
var require_package = __commonJS({
"node_modules/@actions/cache/package.json"(exports2, module2) {
module2.exports = {
name: "@actions/cache",
@@ -92835,7 +92728,7 @@ var require_user_agent = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.getUserAgentString = getUserAgentString;
var packageJson = require_package2();
var packageJson = require_package();
function getUserAgentString() {
return `@actions/cache-${packageJson.version}`;
}
@@ -99940,7 +99833,7 @@ var require_follow_redirects = __commonJS({
if (this._ending) {
throw new WriteAfterEndError();
}
if (!isString(data) && !isBuffer(data)) {
if (!isString2(data) && !isBuffer(data)) {
throw new TypeError("data should be a string, Buffer or Uint8Array");
}
if (isFunction(encoding)) {
@@ -100195,7 +100088,7 @@ var require_follow_redirects = __commonJS({
function request2(input, options, callback) {
if (isURL(input)) {
input = spreadUrlObject(input);
} else if (isString(input)) {
} else if (isString2(input)) {
input = spreadUrlObject(parseUrl2(input));
} else {
callback = options;
@@ -100211,7 +100104,7 @@ var require_follow_redirects = __commonJS({
maxBodyLength: exports3.maxBodyLength
}, input, options);
options.nativeProtocols = nativeProtocols;
if (!isString(options.host) && !isString(options.hostname)) {
if (!isString2(options.host) && !isString2(options.hostname)) {
options.hostname = "::1";
}
assert.equal(options.protocol, protocol, "protocol mismatch");
@@ -100238,7 +100131,7 @@ var require_follow_redirects = __commonJS({
parsed = new URL2(input);
} else {
parsed = validateUrl(url.parse(input));
if (!isString(parsed.protocol)) {
if (!isString2(parsed.protocol)) {
throw new InvalidUrlError({ input });
}
}
@@ -100310,11 +100203,11 @@ var require_follow_redirects = __commonJS({
request2.destroy(error3);
}
function isSubdomain(subdomain, domain) {
assert(isString(subdomain) && isString(domain));
assert(isString2(subdomain) && isString2(domain));
var dot = subdomain.length - domain.length - 1;
return dot > 0 && subdomain[dot] === "." && subdomain.endsWith(domain);
}
function isString(value) {
function isString2(value) {
return typeof value === "string" || value instanceof String;
}
function isFunction(value) {
@@ -102526,7 +102419,7 @@ The following characters are not allowed in files that are uploaded due to limit
});
// node_modules/@actions/artifact/package.json
var require_package3 = __commonJS({
var require_package2 = __commonJS({
"node_modules/@actions/artifact/package.json"(exports2, module2) {
module2.exports = {
name: "@actions/artifact",
@@ -102605,7 +102498,7 @@ var require_user_agent2 = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.getUserAgentString = void 0;
var packageJson = require_package3();
var packageJson = require_package2();
function getUserAgentString() {
return `@actions/artifact-${packageJson.version}`;
}
@@ -107072,10 +106965,10 @@ var require_util20 = __commonJS({
return typeof arg === "number";
}
exports2.isNumber = isNumber;
function isString(arg) {
function isString2(arg) {
return typeof arg === "string";
}
exports2.isString = isString;
exports2.isString = isString2;
function isSymbol(arg) {
return typeof arg === "symbol";
}
@@ -107088,10 +106981,10 @@ var require_util20 = __commonJS({
return objectToString(re) === "[object RegExp]";
}
exports2.isRegExp = isRegExp;
function isObject2(arg) {
function isObject3(arg) {
return typeof arg === "object" && arg !== null;
}
exports2.isObject = isObject2;
exports2.isObject = isObject3;
function isDate(d) {
return objectToString(d) === "[object Date]";
}
@@ -109133,11 +109026,11 @@ var require_baseGetTag = __commonJS({
// node_modules/lodash/isObject.js
var require_isObject = __commonJS({
"node_modules/lodash/isObject.js"(exports2, module2) {
function isObject2(value) {
function isObject3(value) {
var type2 = typeof value;
return value != null && (type2 == "object" || type2 == "function");
}
module2.exports = isObject2;
module2.exports = isObject3;
}
});
@@ -109145,13 +109038,13 @@ var require_isObject = __commonJS({
var require_isFunction = __commonJS({
"node_modules/lodash/isFunction.js"(exports2, module2) {
var baseGetTag = require_baseGetTag();
var isObject2 = require_isObject();
var isObject3 = require_isObject();
var asyncTag = "[object AsyncFunction]";
var funcTag = "[object Function]";
var genTag = "[object GeneratorFunction]";
var proxyTag = "[object Proxy]";
function isFunction(value) {
if (!isObject2(value)) {
if (!isObject3(value)) {
return false;
}
var tag = baseGetTag(value);
@@ -109212,7 +109105,7 @@ var require_baseIsNative = __commonJS({
"node_modules/lodash/_baseIsNative.js"(exports2, module2) {
var isFunction = require_isFunction();
var isMasked = require_isMasked();
var isObject2 = require_isObject();
var isObject3 = require_isObject();
var toSource = require_toSource();
var reRegExpChar = /[\\^$.*+?()[\]{}|]/g;
var reIsHostCtor = /^\[object .+?Constructor\]$/;
@@ -109224,7 +109117,7 @@ var require_baseIsNative = __commonJS({
"^" + funcToString.call(hasOwnProperty).replace(reRegExpChar, "\\$&").replace(/hasOwnProperty|(function).*?(?=\\\()| for .+?(?=\\\])/g, "$1.*?") + "$"
);
function baseIsNative(value) {
if (!isObject2(value) || isMasked(value)) {
if (!isObject3(value) || isMasked(value)) {
return false;
}
var pattern = isFunction(value) ? reIsNative : reIsHostCtor;
@@ -109392,9 +109285,9 @@ var require_isIterateeCall = __commonJS({
var eq = require_eq2();
var isArrayLike = require_isArrayLike();
var isIndex = require_isIndex();
var isObject2 = require_isObject();
var isObject3 = require_isObject();
function isIterateeCall(value, index, object) {
if (!isObject2(object)) {
if (!isObject3(object)) {
return false;
}
var type2 = typeof index;
@@ -109639,13 +109532,13 @@ var require_nativeKeysIn = __commonJS({
// node_modules/lodash/_baseKeysIn.js
var require_baseKeysIn = __commonJS({
"node_modules/lodash/_baseKeysIn.js"(exports2, module2) {
var isObject2 = require_isObject();
var isObject3 = require_isObject();
var isPrototype = require_isPrototype();
var nativeKeysIn = require_nativeKeysIn();
var objectProto = Object.prototype;
var hasOwnProperty = objectProto.hasOwnProperty;
function baseKeysIn(object) {
if (!isObject2(object)) {
if (!isObject3(object)) {
return nativeKeysIn(object);
}
var isProto = isPrototype(object), result = [];
@@ -110137,7 +110030,7 @@ var require_event_target_shim = __commonJS({
var CAPTURE = 1;
var BUBBLE = 2;
var ATTRIBUTE = 3;
function isObject2(x) {
function isObject3(x) {
return x !== null && typeof x === "object";
}
function getListeners(eventTarget) {
@@ -110163,7 +110056,7 @@ var require_event_target_shim = __commonJS({
return null;
},
set(listener) {
if (typeof listener !== "function" && !isObject2(listener)) {
if (typeof listener !== "function" && !isObject3(listener)) {
listener = null;
}
const listeners = getListeners(this);
@@ -110254,11 +110147,11 @@ var require_event_target_shim = __commonJS({
if (listener == null) {
return;
}
if (typeof listener !== "function" && !isObject2(listener)) {
if (typeof listener !== "function" && !isObject3(listener)) {
throw new TypeError("'listener' should be a function or an object.");
}
const listeners = getListeners(this);
const optionsIsObj = isObject2(options);
const optionsIsObj = isObject3(options);
const capture = optionsIsObj ? Boolean(options.capture) : Boolean(options);
const listenerType = capture ? CAPTURE : BUBBLE;
const newNode = {
@@ -110295,7 +110188,7 @@ var require_event_target_shim = __commonJS({
return;
}
const listeners = getListeners(this);
const capture = isObject2(options) ? Boolean(options.capture) : Boolean(options);
const capture = isObject3(options) ? Boolean(options.capture) : Boolean(options);
const listenerType = capture ? CAPTURE : BUBBLE;
let prev = null;
let node = listeners.get(eventName);
@@ -161103,6 +160996,11 @@ var semver = __toESM(require_semver2());
var maximumVersion = "3.21";
var minimumVersion = "3.14";
// src/json/index.ts
function isObject2(value) {
return typeof value === "object" && value !== null && !Array.isArray(value);
}
// src/util.ts
var BASE_DATABASE_OIDS_FILE_NAME = "base-database-oids.json";
var GITHUB_DOTCOM_URL = "https://github.com";
@@ -161229,7 +161127,6 @@ async function asyncSome(array, predicate) {
}
// src/actions-util.ts
var pkg = require_package();
var getRequiredInput = function(name) {
const value = core4.getInput(name);
if (!value) {
@@ -161246,7 +161143,7 @@ function getTemporaryDirectory() {
return value !== void 0 && value !== "" ? value : getRequiredEnvParam("RUNNER_TEMP");
}
function getActionVersion() {
return pkg.version;
return "4.33.0";
}
function getWorkflowEventName() {
return getRequiredEnvParam("GITHUB_EVENT_NAME");
@@ -161404,6 +161301,7 @@ retry.VERSION = VERSION7;
// src/api-client.ts
var GITHUB_ENTERPRISE_VERSION_HEADER = "x-github-enterprise-version";
var DO_NOT_RETRY_STATUSES = [400, 410, 422, 451];
function createApiClientWithDetails(apiDetails, { allowExternal = false } = {}) {
const auth2 = allowExternal && apiDetails.externalRepoAuth || apiDetails.auth;
const retryingOctokit = githubUtils.GitHub.plugin(retry);
@@ -161418,10 +161316,7 @@ function createApiClientWithDetails(apiDetails, { allowExternal = false } = {})
error: core5.error
},
retry: {
// The default is 400, 401, 403, 404, 410, 422, and 451. We have observed transient errors
// with authentication, so we remove 401, 403, and 404 from the default list to ensure that
// these errors are retried.
doNotRetry: [400, 410, 422, 451]
doNotRetry: DO_NOT_RETRY_STATUSES
}
})
);
@@ -161733,6 +161628,7 @@ var semver2 = __toESM(require_semver2());
var RepositoryPropertyName = /* @__PURE__ */ ((RepositoryPropertyName2) => {
RepositoryPropertyName2["DISABLE_OVERLAY"] = "github-codeql-disable-overlay";
RepositoryPropertyName2["EXTRA_QUERIES"] = "github-codeql-extra-queries";
RepositoryPropertyName2["FILE_COVERAGE_ON_PRS"] = "github-codeql-file-coverage-on-prs";
return RepositoryPropertyName2;
})(RepositoryPropertyName || {});
var KNOWN_REPOSITORY_PROPERTY_NAMES = new Set(
@@ -161944,6 +161840,12 @@ async function isAnalyzingDefaultBranch() {
// src/overlay/index.ts
var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP = "2.24.1";
var CODEQL_OVERLAY_MINIMUM_VERSION_GO = "2.24.2";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVA = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_RUBY = "2.23.9";
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500;
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
async function writeBaseDatabaseOidsFile(config, sourceRoot) {
@@ -162086,70 +161988,48 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
},
["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
minimumVersion: void 0
},
// Per-language overlay feature flags. Each has minimumVersion set to the
// minimum CLI version that supports overlay analysis for that language.
// Only languages that are GA or in staff-ship should have feature flags here.
["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
minimumVersion: void 0
},
["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_status_check" /* OverlayAnalysisStatusCheck */]: {
defaultValue: false,
@@ -162161,25 +162041,20 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_STATUS_SAVE",
minimumVersion: void 0
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: void 0
},
["overlay_analysis_java" /* OverlayAnalysisJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_python" /* OverlayAnalysisPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: {
defaultValue: false,
@@ -162189,23 +162064,13 @@ var featureConfig = {
["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
minimumVersion: void 0
},
["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_skip_resource_checks" /* OverlayAnalysisSkipResourceChecks */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SKIP_RESOURCE_CHECKS",
minimumVersion: void 0
},
["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
minimumVersion: void 0
},
["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
@@ -162221,11 +162086,8 @@ var featureConfig = {
["skip_file_coverage_on_prs" /* SkipFileCoverageOnPrs */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_SKIP_FILE_COVERAGE_ON_PRS",
// For testing, this is not behind a CLI version check yet. However
// before rolling this out externally, we should set a minimum version here
// since current versions of the CodeQL CLI will log if baseline information
// cannot be found when interpreting results.
minimumVersion: void 0
minimumVersion: void 0,
toolsFeature: "suppressesMissingFileBaselineWarning" /* SuppressesMissingFileBaselineWarning */
},
["start_proxy_remove_unused_registries" /* StartProxyRemoveUnusedRegistries */]: {
defaultValue: false,
@@ -162243,11 +162105,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",
@@ -162268,28 +162125,20 @@ var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB = 14e3;
var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB * 1e6;
var OVERLAY_MINIMUM_MEMORY_MB = 5 * 1024;
var OVERLAY_ANALYSIS_FEATURES = {
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */
};
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */
};
function getPathToParsedConfigFile(tempDir) {
return path3.join(tempDir, "config");
@@ -163252,7 +163101,7 @@ function getArtifactSuffix(matrix) {
if (matrix) {
try {
const matrixObject = JSON.parse(matrix);
if (matrixObject !== null && typeof matrixObject === "object") {
if (isObject2(matrixObject)) {
for (const matrixKey of Object.keys(matrixObject).sort())
suffix += `-${matrixObject[matrixKey]}`;
} else {
lib/analyze-action.js
Generated
+372 -485
View File
File diff suppressed because it is too large Load Diff
lib/autobuild-action.js
Generated
+54 -202
View File
@@ -45981,113 +45981,6 @@ var require_semver2 = __commonJS({
}
});
// package.json
var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "4.32.6",
private: true,
description: "CodeQL action",
scripts: {
_build_comment: "echo 'Run the full build so we typecheck the project and can reuse the transpiled files in npm test'",
build: "./scripts/check-node-modules.sh && npm run transpile && node build.mjs",
lint: "eslint --report-unused-disable-directives --max-warnings=0 .",
"lint-ci": "SARIF_ESLINT_IGNORE_SUPPRESSED=true eslint --report-unused-disable-directives --max-warnings=0 . --format @microsoft/eslint-formatter-sarif --output-file=eslint.sarif",
"lint-fix": "eslint --report-unused-disable-directives --max-warnings=0 . --fix",
ava: "npm run transpile && ava --verbose",
test: "npm run ava -- src/",
"test-debug": "npm run test -- --timeout=20m",
transpile: "tsc --build --verbose"
},
ava: {
typescript: {
rewritePaths: {
"src/": "build/"
},
compile: false
}
},
license: "MIT",
dependencies: {
"@actions/artifact": "^5.0.3",
"@actions/artifact-legacy": "npm:@actions/artifact@^1.1.2",
"@actions/cache": "^5.0.5",
"@actions/core": "^2.0.3",
"@actions/exec": "^2.0.0",
"@actions/github": "^8.0.1",
"@actions/glob": "^0.5.0",
"@actions/http-client": "^3.0.0",
"@actions/io": "^2.0.0",
"@actions/tool-cache": "^3.0.1",
"@octokit/plugin-retry": "^8.0.0",
"@schemastore/package": "0.0.10",
archiver: "^7.0.1",
"fast-deep-equal": "^3.1.3",
"follow-redirects": "^1.15.11",
"get-folder-size": "^5.0.0",
"https-proxy-agent": "^7.0.6",
"js-yaml": "^4.1.1",
jsonschema: "1.4.1",
long: "^5.3.2",
"node-forge": "^1.3.3",
semver: "^7.7.4",
uuid: "^13.0.0"
},
devDependencies: {
"@ava/typescript": "6.0.0",
"@eslint/compat": "^2.0.2",
"@microsoft/eslint-formatter-sarif": "^3.1.0",
"@octokit/types": "^16.0.0",
"@types/archiver": "^7.0.0",
"@types/follow-redirects": "^1.14.4",
"@types/js-yaml": "^4.0.9",
"@types/node": "^20.19.9",
"@types/node-forge": "^1.3.14",
"@types/sarif": "^2.1.7",
"@types/semver": "^7.7.1",
"@types/sinon": "^21.0.0",
ava: "^6.4.1",
esbuild: "^0.27.3",
eslint: "^9.39.2",
"eslint-import-resolver-typescript": "^3.8.7",
"eslint-plugin-github": "^6.0.0",
"eslint-plugin-import-x": "^4.16.1",
"eslint-plugin-jsdoc": "^62.7.1",
"eslint-plugin-no-async-foreach": "^0.1.1",
glob: "^11.1.0",
globals: "^17.3.0",
nock: "^14.0.11",
sinon: "^21.0.1",
typescript: "^5.9.3",
"typescript-eslint": "^8.56.1"
},
overrides: {
"@actions/tool-cache": {
semver: ">=6.3.1"
},
"@octokit/request-error": {
semver: ">=5.1.1"
},
"@octokit/request": {
semver: ">=8.4.1"
},
"@octokit/plugin-paginate-rest": {
semver: ">=9.2.2"
},
"eslint-plugin-import": {
semver: ">=6.3.1"
},
"eslint-plugin-jsx-a11y": {
semver: ">=6.3.1"
},
"brace-expansion@2.0.1": "2.0.2",
glob: "^11.1.0"
}
};
}
});
// node_modules/bottleneck/light.js
var require_light = __commonJS({
"node_modules/bottleneck/light.js"(exports2, module2) {
@@ -53394,8 +53287,8 @@ var require_object = __commonJS({
"node_modules/@typespec/ts-http-runtime/dist/commonjs/util/object.js"(exports2) {
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.isObject = isObject2;
function isObject2(input) {
exports2.isObject = isObject3;
function isObject3(input) {
return typeof input === "object" && input !== null && !Array.isArray(input) && !(input instanceof RegExp) && !(input instanceof Date);
}
}
@@ -57881,7 +57774,7 @@ var require_commonjs4 = __commonJS({
exports2.computeSha256Hmac = computeSha256Hmac;
exports2.getRandomIntegerInclusive = getRandomIntegerInclusive;
exports2.isError = isError;
exports2.isObject = isObject2;
exports2.isObject = isObject3;
exports2.randomUUID = randomUUID;
exports2.uint8ArrayToString = uint8ArrayToString;
exports2.stringToUint8Array = stringToUint8Array;
@@ -57928,7 +57821,7 @@ var require_commonjs4 = __commonJS({
function isError(e) {
return tspRuntime.isError(e);
}
function isObject2(input) {
function isObject3(input) {
return tspRuntime.isObject(input);
}
function randomUUID() {
@@ -92763,7 +92656,7 @@ var require_config = __commonJS({
});
// node_modules/@actions/cache/package.json
var require_package2 = __commonJS({
var require_package = __commonJS({
"node_modules/@actions/cache/package.json"(exports2, module2) {
module2.exports = {
name: "@actions/cache",
@@ -92835,7 +92728,7 @@ var require_user_agent = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.getUserAgentString = getUserAgentString;
var packageJson = require_package2();
var packageJson = require_package();
function getUserAgentString() {
return `@actions/cache-${packageJson.version}`;
}
@@ -99940,7 +99833,7 @@ var require_follow_redirects = __commonJS({
if (this._ending) {
throw new WriteAfterEndError();
}
if (!isString(data) && !isBuffer(data)) {
if (!isString2(data) && !isBuffer(data)) {
throw new TypeError("data should be a string, Buffer or Uint8Array");
}
if (isFunction(encoding)) {
@@ -100195,7 +100088,7 @@ var require_follow_redirects = __commonJS({
function request2(input, options, callback) {
if (isURL(input)) {
input = spreadUrlObject(input);
} else if (isString(input)) {
} else if (isString2(input)) {
input = spreadUrlObject(parseUrl2(input));
} else {
callback = options;
@@ -100211,7 +100104,7 @@ var require_follow_redirects = __commonJS({
maxBodyLength: exports3.maxBodyLength
}, input, options);
options.nativeProtocols = nativeProtocols;
if (!isString(options.host) && !isString(options.hostname)) {
if (!isString2(options.host) && !isString2(options.hostname)) {
options.hostname = "::1";
}
assert.equal(options.protocol, protocol, "protocol mismatch");
@@ -100238,7 +100131,7 @@ var require_follow_redirects = __commonJS({
parsed = new URL2(input);
} else {
parsed = validateUrl(url.parse(input));
if (!isString(parsed.protocol)) {
if (!isString2(parsed.protocol)) {
throw new InvalidUrlError({ input });
}
}
@@ -100310,11 +100203,11 @@ var require_follow_redirects = __commonJS({
request2.destroy(error3);
}
function isSubdomain(subdomain, domain) {
assert(isString(subdomain) && isString(domain));
assert(isString2(subdomain) && isString2(domain));
var dot = subdomain.length - domain.length - 1;
return dot > 0 && subdomain[dot] === "." && subdomain.endsWith(domain);
}
function isString(value) {
function isString2(value) {
return typeof value === "string" || value instanceof String;
}
function isFunction(value) {
@@ -102995,6 +102888,14 @@ var semver = __toESM(require_semver2());
var maximumVersion = "3.21";
var minimumVersion = "3.14";
// src/json/index.ts
function isObject2(value) {
return typeof value === "object" && value !== null && !Array.isArray(value);
}
function isString(value) {
return typeof value === "string";
}
// src/util.ts
var BASE_DATABASE_OIDS_FILE_NAME = "base-database-oids.json";
var GITHUB_DOTCOM_URL = "https://github.com";
@@ -103102,7 +103003,7 @@ var HTTPError = class extends Error {
var ConfigurationError = class extends Error {
};
function asHTTPError(arg) {
if (typeof arg !== "object" || arg === null || typeof arg.message !== "string") {
if (!isObject2(arg) || !isString(arg.message)) {
return void 0;
}
if (Number.isInteger(arg.status)) {
@@ -103200,7 +103101,6 @@ async function asyncSome(array, predicate) {
}
// src/actions-util.ts
var pkg = require_package();
var getRequiredInput = function(name) {
const value = core4.getInput(name);
if (!value) {
@@ -103217,7 +103117,7 @@ function getTemporaryDirectory() {
return value !== void 0 && value !== "" ? value : getRequiredEnvParam("RUNNER_TEMP");
}
function getActionVersion() {
return pkg.version;
return "4.33.0";
}
function getWorkflowEventName() {
return getRequiredEnvParam("GITHUB_EVENT_NAME");
@@ -103423,6 +103323,7 @@ function parseRepositoryNwo(input) {
// src/api-client.ts
var GITHUB_ENTERPRISE_VERSION_HEADER = "x-github-enterprise-version";
var DO_NOT_RETRY_STATUSES = [400, 410, 422, 451];
function createApiClientWithDetails(apiDetails, { allowExternal = false } = {}) {
const auth2 = allowExternal && apiDetails.externalRepoAuth || apiDetails.auth;
const retryingOctokit = githubUtils.GitHub.plugin(retry);
@@ -103437,10 +103338,7 @@ function createApiClientWithDetails(apiDetails, { allowExternal = false } = {})
error: core5.error
},
retry: {
// The default is 400, 401, 403, 404, 410, 422, and 451. We have observed transient errors
// with authentication, so we remove 401, 403, and 404 from the default list to ensure that
// these errors are retried.
doNotRetry: [400, 410, 422, 451]
doNotRetry: DO_NOT_RETRY_STATUSES
}
})
);
@@ -103786,6 +103684,7 @@ var semver2 = __toESM(require_semver2());
var RepositoryPropertyName = /* @__PURE__ */ ((RepositoryPropertyName2) => {
RepositoryPropertyName2["DISABLE_OVERLAY"] = "github-codeql-disable-overlay";
RepositoryPropertyName2["EXTRA_QUERIES"] = "github-codeql-extra-queries";
RepositoryPropertyName2["FILE_COVERAGE_ON_PRS"] = "github-codeql-file-coverage-on-prs";
return RepositoryPropertyName2;
})(RepositoryPropertyName || {});
var KNOWN_REPOSITORY_PROPERTY_NAMES = new Set(
@@ -103995,6 +103894,12 @@ async function isAnalyzingDefaultBranch() {
// src/overlay/index.ts
var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP = "2.24.1";
var CODEQL_OVERLAY_MINIMUM_VERSION_GO = "2.24.2";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVA = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_RUBY = "2.23.9";
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500;
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
async function writeBaseDatabaseOidsFile(config, sourceRoot) {
@@ -104135,70 +104040,48 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
},
["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
minimumVersion: void 0
},
// Per-language overlay feature flags. Each has minimumVersion set to the
// minimum CLI version that supports overlay analysis for that language.
// Only languages that are GA or in staff-ship should have feature flags here.
["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
minimumVersion: void 0
},
["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_status_check" /* OverlayAnalysisStatusCheck */]: {
defaultValue: false,
@@ -104210,25 +104093,20 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_STATUS_SAVE",
minimumVersion: void 0
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: void 0
},
["overlay_analysis_java" /* OverlayAnalysisJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_python" /* OverlayAnalysisPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: {
defaultValue: false,
@@ -104238,23 +104116,13 @@ var featureConfig = {
["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
minimumVersion: void 0
},
["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_skip_resource_checks" /* OverlayAnalysisSkipResourceChecks */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SKIP_RESOURCE_CHECKS",
minimumVersion: void 0
},
["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
minimumVersion: void 0
},
["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
@@ -104270,11 +104138,8 @@ var featureConfig = {
["skip_file_coverage_on_prs" /* SkipFileCoverageOnPrs */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_SKIP_FILE_COVERAGE_ON_PRS",
// For testing, this is not behind a CLI version check yet. However
// before rolling this out externally, we should set a minimum version here
// since current versions of the CodeQL CLI will log if baseline information
// cannot be found when interpreting results.
minimumVersion: void 0
minimumVersion: void 0,
toolsFeature: "suppressesMissingFileBaselineWarning" /* SuppressesMissingFileBaselineWarning */
},
["start_proxy_remove_unused_registries" /* StartProxyRemoveUnusedRegistries */]: {
defaultValue: false,
@@ -104292,11 +104157,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",
@@ -104640,28 +104500,20 @@ var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB = 14e3;
var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB * 1e6;
var OVERLAY_MINIMUM_MEMORY_MB = 5 * 1024;
var OVERLAY_ANALYSIS_FEATURES = {
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */
};
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */
};
function getPathToParsedConfigFile(tempDir) {
return path4.join(tempDir, "config");
lib/init-action-post.js
Generated
+1133 -1183
View File
File diff suppressed because it is too large Load Diff
lib/init-action.js
Generated
+455 -511
View File
File diff suppressed because it is too large Load Diff
lib/resolve-environment-action.js
Generated
+54 -202
View File
@@ -45981,113 +45981,6 @@ var require_semver2 = __commonJS({
}
});
// package.json
var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "4.32.6",
private: true,
description: "CodeQL action",
scripts: {
_build_comment: "echo 'Run the full build so we typecheck the project and can reuse the transpiled files in npm test'",
build: "./scripts/check-node-modules.sh && npm run transpile && node build.mjs",
lint: "eslint --report-unused-disable-directives --max-warnings=0 .",
"lint-ci": "SARIF_ESLINT_IGNORE_SUPPRESSED=true eslint --report-unused-disable-directives --max-warnings=0 . --format @microsoft/eslint-formatter-sarif --output-file=eslint.sarif",
"lint-fix": "eslint --report-unused-disable-directives --max-warnings=0 . --fix",
ava: "npm run transpile && ava --verbose",
test: "npm run ava -- src/",
"test-debug": "npm run test -- --timeout=20m",
transpile: "tsc --build --verbose"
},
ava: {
typescript: {
rewritePaths: {
"src/": "build/"
},
compile: false
}
},
license: "MIT",
dependencies: {
"@actions/artifact": "^5.0.3",
"@actions/artifact-legacy": "npm:@actions/artifact@^1.1.2",
"@actions/cache": "^5.0.5",
"@actions/core": "^2.0.3",
"@actions/exec": "^2.0.0",
"@actions/github": "^8.0.1",
"@actions/glob": "^0.5.0",
"@actions/http-client": "^3.0.0",
"@actions/io": "^2.0.0",
"@actions/tool-cache": "^3.0.1",
"@octokit/plugin-retry": "^8.0.0",
"@schemastore/package": "0.0.10",
archiver: "^7.0.1",
"fast-deep-equal": "^3.1.3",
"follow-redirects": "^1.15.11",
"get-folder-size": "^5.0.0",
"https-proxy-agent": "^7.0.6",
"js-yaml": "^4.1.1",
jsonschema: "1.4.1",
long: "^5.3.2",
"node-forge": "^1.3.3",
semver: "^7.7.4",
uuid: "^13.0.0"
},
devDependencies: {
"@ava/typescript": "6.0.0",
"@eslint/compat": "^2.0.2",
"@microsoft/eslint-formatter-sarif": "^3.1.0",
"@octokit/types": "^16.0.0",
"@types/archiver": "^7.0.0",
"@types/follow-redirects": "^1.14.4",
"@types/js-yaml": "^4.0.9",
"@types/node": "^20.19.9",
"@types/node-forge": "^1.3.14",
"@types/sarif": "^2.1.7",
"@types/semver": "^7.7.1",
"@types/sinon": "^21.0.0",
ava: "^6.4.1",
esbuild: "^0.27.3",
eslint: "^9.39.2",
"eslint-import-resolver-typescript": "^3.8.7",
"eslint-plugin-github": "^6.0.0",
"eslint-plugin-import-x": "^4.16.1",
"eslint-plugin-jsdoc": "^62.7.1",
"eslint-plugin-no-async-foreach": "^0.1.1",
glob: "^11.1.0",
globals: "^17.3.0",
nock: "^14.0.11",
sinon: "^21.0.1",
typescript: "^5.9.3",
"typescript-eslint": "^8.56.1"
},
overrides: {
"@actions/tool-cache": {
semver: ">=6.3.1"
},
"@octokit/request-error": {
semver: ">=5.1.1"
},
"@octokit/request": {
semver: ">=8.4.1"
},
"@octokit/plugin-paginate-rest": {
semver: ">=9.2.2"
},
"eslint-plugin-import": {
semver: ">=6.3.1"
},
"eslint-plugin-jsx-a11y": {
semver: ">=6.3.1"
},
"brace-expansion@2.0.1": "2.0.2",
glob: "^11.1.0"
}
};
}
});
// node_modules/bottleneck/light.js
var require_light = __commonJS({
"node_modules/bottleneck/light.js"(exports2, module2) {
@@ -53394,8 +53287,8 @@ var require_object = __commonJS({
"node_modules/@typespec/ts-http-runtime/dist/commonjs/util/object.js"(exports2) {
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.isObject = isObject2;
function isObject2(input) {
exports2.isObject = isObject3;
function isObject3(input) {
return typeof input === "object" && input !== null && !Array.isArray(input) && !(input instanceof RegExp) && !(input instanceof Date);
}
}
@@ -57881,7 +57774,7 @@ var require_commonjs4 = __commonJS({
exports2.computeSha256Hmac = computeSha256Hmac;
exports2.getRandomIntegerInclusive = getRandomIntegerInclusive;
exports2.isError = isError;
exports2.isObject = isObject2;
exports2.isObject = isObject3;
exports2.randomUUID = randomUUID;
exports2.uint8ArrayToString = uint8ArrayToString;
exports2.stringToUint8Array = stringToUint8Array;
@@ -57928,7 +57821,7 @@ var require_commonjs4 = __commonJS({
function isError(e) {
return tspRuntime.isError(e);
}
function isObject2(input) {
function isObject3(input) {
return tspRuntime.isObject(input);
}
function randomUUID() {
@@ -92763,7 +92656,7 @@ var require_config = __commonJS({
});
// node_modules/@actions/cache/package.json
var require_package2 = __commonJS({
var require_package = __commonJS({
"node_modules/@actions/cache/package.json"(exports2, module2) {
module2.exports = {
name: "@actions/cache",
@@ -92835,7 +92728,7 @@ var require_user_agent = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.getUserAgentString = getUserAgentString;
var packageJson = require_package2();
var packageJson = require_package();
function getUserAgentString() {
return `@actions/cache-${packageJson.version}`;
}
@@ -99940,7 +99833,7 @@ var require_follow_redirects = __commonJS({
if (this._ending) {
throw new WriteAfterEndError();
}
if (!isString(data) && !isBuffer(data)) {
if (!isString2(data) && !isBuffer(data)) {
throw new TypeError("data should be a string, Buffer or Uint8Array");
}
if (isFunction(encoding)) {
@@ -100195,7 +100088,7 @@ var require_follow_redirects = __commonJS({
function request2(input, options, callback) {
if (isURL(input)) {
input = spreadUrlObject(input);
} else if (isString(input)) {
} else if (isString2(input)) {
input = spreadUrlObject(parseUrl2(input));
} else {
callback = options;
@@ -100211,7 +100104,7 @@ var require_follow_redirects = __commonJS({
maxBodyLength: exports3.maxBodyLength
}, input, options);
options.nativeProtocols = nativeProtocols;
if (!isString(options.host) && !isString(options.hostname)) {
if (!isString2(options.host) && !isString2(options.hostname)) {
options.hostname = "::1";
}
assert.equal(options.protocol, protocol, "protocol mismatch");
@@ -100238,7 +100131,7 @@ var require_follow_redirects = __commonJS({
parsed = new URL2(input);
} else {
parsed = validateUrl(url.parse(input));
if (!isString(parsed.protocol)) {
if (!isString2(parsed.protocol)) {
throw new InvalidUrlError({ input });
}
}
@@ -100310,11 +100203,11 @@ var require_follow_redirects = __commonJS({
request2.destroy(error3);
}
function isSubdomain(subdomain, domain) {
assert(isString(subdomain) && isString(domain));
assert(isString2(subdomain) && isString2(domain));
var dot = subdomain.length - domain.length - 1;
return dot > 0 && subdomain[dot] === "." && subdomain.endsWith(domain);
}
function isString(value) {
function isString2(value) {
return typeof value === "string" || value instanceof String;
}
function isFunction(value) {
@@ -102995,6 +102888,14 @@ var semver = __toESM(require_semver2());
var maximumVersion = "3.21";
var minimumVersion = "3.14";
// src/json/index.ts
function isObject2(value) {
return typeof value === "object" && value !== null && !Array.isArray(value);
}
function isString(value) {
return typeof value === "string";
}
// src/util.ts
var BASE_DATABASE_OIDS_FILE_NAME = "base-database-oids.json";
var GITHUB_DOTCOM_URL = "https://github.com";
@@ -103095,7 +102996,7 @@ var HTTPError = class extends Error {
var ConfigurationError = class extends Error {
};
function asHTTPError(arg) {
if (typeof arg !== "object" || arg === null || typeof arg.message !== "string") {
if (!isObject2(arg) || !isString(arg.message)) {
return void 0;
}
if (Number.isInteger(arg.status)) {
@@ -103208,7 +103109,6 @@ async function asyncSome(array, predicate) {
}
// src/actions-util.ts
var pkg = require_package();
var getRequiredInput = function(name) {
const value = core4.getInput(name);
if (!value) {
@@ -103225,7 +103125,7 @@ function getTemporaryDirectory() {
return value !== void 0 && value !== "" ? value : getRequiredEnvParam("RUNNER_TEMP");
}
function getActionVersion() {
return pkg.version;
return "4.33.0";
}
function getWorkflowEventName() {
return getRequiredEnvParam("GITHUB_EVENT_NAME");
@@ -103431,6 +103331,7 @@ function parseRepositoryNwo(input) {
// src/api-client.ts
var GITHUB_ENTERPRISE_VERSION_HEADER = "x-github-enterprise-version";
var DO_NOT_RETRY_STATUSES = [400, 410, 422, 451];
function createApiClientWithDetails(apiDetails, { allowExternal = false } = {}) {
const auth2 = allowExternal && apiDetails.externalRepoAuth || apiDetails.auth;
const retryingOctokit = githubUtils.GitHub.plugin(retry);
@@ -103445,10 +103346,7 @@ function createApiClientWithDetails(apiDetails, { allowExternal = false } = {})
error: core5.error
},
retry: {
// The default is 400, 401, 403, 404, 410, 422, and 451. We have observed transient errors
// with authentication, so we remove 401, 403, and 404 from the default list to ensure that
// these errors are retried.
doNotRetry: [400, 410, 422, 451]
doNotRetry: DO_NOT_RETRY_STATUSES
}
})
);
@@ -103785,6 +103683,7 @@ var semver2 = __toESM(require_semver2());
var RepositoryPropertyName = /* @__PURE__ */ ((RepositoryPropertyName2) => {
RepositoryPropertyName2["DISABLE_OVERLAY"] = "github-codeql-disable-overlay";
RepositoryPropertyName2["EXTRA_QUERIES"] = "github-codeql-extra-queries";
RepositoryPropertyName2["FILE_COVERAGE_ON_PRS"] = "github-codeql-file-coverage-on-prs";
return RepositoryPropertyName2;
})(RepositoryPropertyName || {});
var KNOWN_REPOSITORY_PROPERTY_NAMES = new Set(
@@ -103988,6 +103887,12 @@ async function isAnalyzingDefaultBranch() {
// src/overlay/index.ts
var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP = "2.24.1";
var CODEQL_OVERLAY_MINIMUM_VERSION_GO = "2.24.2";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVA = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_RUBY = "2.23.9";
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500;
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
async function writeBaseDatabaseOidsFile(config, sourceRoot) {
@@ -104126,70 +104031,48 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
},
["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
minimumVersion: void 0
},
// Per-language overlay feature flags. Each has minimumVersion set to the
// minimum CLI version that supports overlay analysis for that language.
// Only languages that are GA or in staff-ship should have feature flags here.
["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
minimumVersion: void 0
},
["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_status_check" /* OverlayAnalysisStatusCheck */]: {
defaultValue: false,
@@ -104201,25 +104084,20 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_STATUS_SAVE",
minimumVersion: void 0
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: void 0
},
["overlay_analysis_java" /* OverlayAnalysisJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_python" /* OverlayAnalysisPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: {
defaultValue: false,
@@ -104229,23 +104107,13 @@ var featureConfig = {
["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
minimumVersion: void 0
},
["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_skip_resource_checks" /* OverlayAnalysisSkipResourceChecks */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SKIP_RESOURCE_CHECKS",
minimumVersion: void 0
},
["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
minimumVersion: void 0
},
["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
@@ -104261,11 +104129,8 @@ var featureConfig = {
["skip_file_coverage_on_prs" /* SkipFileCoverageOnPrs */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_SKIP_FILE_COVERAGE_ON_PRS",
// For testing, this is not behind a CLI version check yet. However
// before rolling this out externally, we should set a minimum version here
// since current versions of the CodeQL CLI will log if baseline information
// cannot be found when interpreting results.
minimumVersion: void 0
minimumVersion: void 0,
toolsFeature: "suppressesMissingFileBaselineWarning" /* SuppressesMissingFileBaselineWarning */
},
["start_proxy_remove_unused_registries" /* StartProxyRemoveUnusedRegistries */]: {
defaultValue: false,
@@ -104283,11 +104148,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",
@@ -104308,28 +104168,20 @@ var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB = 14e3;
var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB * 1e6;
var OVERLAY_MINIMUM_MEMORY_MB = 5 * 1024;
var OVERLAY_ANALYSIS_FEATURES = {
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */
};
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */
};
function getPathToParsedConfigFile(tempDir) {
return path3.join(tempDir, "config");
lib/setup-codeql-action.js
Generated
+299 -445
View File
File diff suppressed because it is too large Load Diff
lib/start-proxy-action-post.js
Generated
+72 -223
View File
@@ -45981,113 +45981,6 @@ var require_semver2 = __commonJS({
}
});
// package.json
var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "4.32.6",
private: true,
description: "CodeQL action",
scripts: {
_build_comment: "echo 'Run the full build so we typecheck the project and can reuse the transpiled files in npm test'",
build: "./scripts/check-node-modules.sh && npm run transpile && node build.mjs",
lint: "eslint --report-unused-disable-directives --max-warnings=0 .",
"lint-ci": "SARIF_ESLINT_IGNORE_SUPPRESSED=true eslint --report-unused-disable-directives --max-warnings=0 . --format @microsoft/eslint-formatter-sarif --output-file=eslint.sarif",
"lint-fix": "eslint --report-unused-disable-directives --max-warnings=0 . --fix",
ava: "npm run transpile && ava --verbose",
test: "npm run ava -- src/",
"test-debug": "npm run test -- --timeout=20m",
transpile: "tsc --build --verbose"
},
ava: {
typescript: {
rewritePaths: {
"src/": "build/"
},
compile: false
}
},
license: "MIT",
dependencies: {
"@actions/artifact": "^5.0.3",
"@actions/artifact-legacy": "npm:@actions/artifact@^1.1.2",
"@actions/cache": "^5.0.5",
"@actions/core": "^2.0.3",
"@actions/exec": "^2.0.0",
"@actions/github": "^8.0.1",
"@actions/glob": "^0.5.0",
"@actions/http-client": "^3.0.0",
"@actions/io": "^2.0.0",
"@actions/tool-cache": "^3.0.1",
"@octokit/plugin-retry": "^8.0.0",
"@schemastore/package": "0.0.10",
archiver: "^7.0.1",
"fast-deep-equal": "^3.1.3",
"follow-redirects": "^1.15.11",
"get-folder-size": "^5.0.0",
"https-proxy-agent": "^7.0.6",
"js-yaml": "^4.1.1",
jsonschema: "1.4.1",
long: "^5.3.2",
"node-forge": "^1.3.3",
semver: "^7.7.4",
uuid: "^13.0.0"
},
devDependencies: {
"@ava/typescript": "6.0.0",
"@eslint/compat": "^2.0.2",
"@microsoft/eslint-formatter-sarif": "^3.1.0",
"@octokit/types": "^16.0.0",
"@types/archiver": "^7.0.0",
"@types/follow-redirects": "^1.14.4",
"@types/js-yaml": "^4.0.9",
"@types/node": "^20.19.9",
"@types/node-forge": "^1.3.14",
"@types/sarif": "^2.1.7",
"@types/semver": "^7.7.1",
"@types/sinon": "^21.0.0",
ava: "^6.4.1",
esbuild: "^0.27.3",
eslint: "^9.39.2",
"eslint-import-resolver-typescript": "^3.8.7",
"eslint-plugin-github": "^6.0.0",
"eslint-plugin-import-x": "^4.16.1",
"eslint-plugin-jsdoc": "^62.7.1",
"eslint-plugin-no-async-foreach": "^0.1.1",
glob: "^11.1.0",
globals: "^17.3.0",
nock: "^14.0.11",
sinon: "^21.0.1",
typescript: "^5.9.3",
"typescript-eslint": "^8.56.1"
},
overrides: {
"@actions/tool-cache": {
semver: ">=6.3.1"
},
"@octokit/request-error": {
semver: ">=5.1.1"
},
"@octokit/request": {
semver: ">=8.4.1"
},
"@octokit/plugin-paginate-rest": {
semver: ">=9.2.2"
},
"eslint-plugin-import": {
semver: ">=6.3.1"
},
"eslint-plugin-jsx-a11y": {
semver: ">=6.3.1"
},
"brace-expansion@2.0.1": "2.0.2",
glob: "^11.1.0"
}
};
}
});
// node_modules/bottleneck/light.js
var require_light = __commonJS({
"node_modules/bottleneck/light.js"(exports2, module2) {
@@ -53394,8 +53287,8 @@ var require_object = __commonJS({
"node_modules/@typespec/ts-http-runtime/dist/commonjs/util/object.js"(exports2) {
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.isObject = isObject2;
function isObject2(input) {
exports2.isObject = isObject3;
function isObject3(input) {
return typeof input === "object" && input !== null && !Array.isArray(input) && !(input instanceof RegExp) && !(input instanceof Date);
}
}
@@ -57881,7 +57774,7 @@ var require_commonjs4 = __commonJS({
exports2.computeSha256Hmac = computeSha256Hmac;
exports2.getRandomIntegerInclusive = getRandomIntegerInclusive;
exports2.isError = isError;
exports2.isObject = isObject2;
exports2.isObject = isObject3;
exports2.randomUUID = randomUUID;
exports2.uint8ArrayToString = uint8ArrayToString;
exports2.stringToUint8Array = stringToUint8Array;
@@ -57928,7 +57821,7 @@ var require_commonjs4 = __commonJS({
function isError(e) {
return tspRuntime.isError(e);
}
function isObject2(input) {
function isObject3(input) {
return tspRuntime.isObject(input);
}
function randomUUID() {
@@ -92763,7 +92656,7 @@ var require_config = __commonJS({
});
// node_modules/@actions/cache/package.json
var require_package2 = __commonJS({
var require_package = __commonJS({
"node_modules/@actions/cache/package.json"(exports2, module2) {
module2.exports = {
name: "@actions/cache",
@@ -92835,7 +92728,7 @@ var require_user_agent = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.getUserAgentString = getUserAgentString;
var packageJson = require_package2();
var packageJson = require_package();
function getUserAgentString() {
return `@actions/cache-${packageJson.version}`;
}
@@ -101153,7 +101046,7 @@ The following characters are not allowed in files that are uploaded due to limit
});
// node_modules/@actions/artifact/package.json
var require_package3 = __commonJS({
var require_package2 = __commonJS({
"node_modules/@actions/artifact/package.json"(exports2, module2) {
module2.exports = {
name: "@actions/artifact",
@@ -101232,7 +101125,7 @@ var require_user_agent2 = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.getUserAgentString = void 0;
var packageJson = require_package3();
var packageJson = require_package2();
function getUserAgentString() {
return `@actions/artifact-${packageJson.version}`;
}
@@ -105699,10 +105592,10 @@ var require_util20 = __commonJS({
return typeof arg === "number";
}
exports2.isNumber = isNumber;
function isString(arg) {
function isString2(arg) {
return typeof arg === "string";
}
exports2.isString = isString;
exports2.isString = isString2;
function isSymbol(arg) {
return typeof arg === "symbol";
}
@@ -105715,10 +105608,10 @@ var require_util20 = __commonJS({
return objectToString(re) === "[object RegExp]";
}
exports2.isRegExp = isRegExp;
function isObject2(arg) {
function isObject3(arg) {
return typeof arg === "object" && arg !== null;
}
exports2.isObject = isObject2;
exports2.isObject = isObject3;
function isDate(d) {
return objectToString(d) === "[object Date]";
}
@@ -107760,11 +107653,11 @@ var require_baseGetTag = __commonJS({
// node_modules/lodash/isObject.js
var require_isObject = __commonJS({
"node_modules/lodash/isObject.js"(exports2, module2) {
function isObject2(value) {
function isObject3(value) {
var type2 = typeof value;
return value != null && (type2 == "object" || type2 == "function");
}
module2.exports = isObject2;
module2.exports = isObject3;
}
});
@@ -107772,13 +107665,13 @@ var require_isObject = __commonJS({
var require_isFunction = __commonJS({
"node_modules/lodash/isFunction.js"(exports2, module2) {
var baseGetTag = require_baseGetTag();
var isObject2 = require_isObject();
var isObject3 = require_isObject();
var asyncTag = "[object AsyncFunction]";
var funcTag = "[object Function]";
var genTag = "[object GeneratorFunction]";
var proxyTag = "[object Proxy]";
function isFunction(value) {
if (!isObject2(value)) {
if (!isObject3(value)) {
return false;
}
var tag = baseGetTag(value);
@@ -107839,7 +107732,7 @@ var require_baseIsNative = __commonJS({
"node_modules/lodash/_baseIsNative.js"(exports2, module2) {
var isFunction = require_isFunction();
var isMasked = require_isMasked();
var isObject2 = require_isObject();
var isObject3 = require_isObject();
var toSource = require_toSource();
var reRegExpChar = /[\\^$.*+?()[\]{}|]/g;
var reIsHostCtor = /^\[object .+?Constructor\]$/;
@@ -107851,7 +107744,7 @@ var require_baseIsNative = __commonJS({
"^" + funcToString.call(hasOwnProperty).replace(reRegExpChar, "\\$&").replace(/hasOwnProperty|(function).*?(?=\\\()| for .+?(?=\\\])/g, "$1.*?") + "$"
);
function baseIsNative(value) {
if (!isObject2(value) || isMasked(value)) {
if (!isObject3(value) || isMasked(value)) {
return false;
}
var pattern = isFunction(value) ? reIsNative : reIsHostCtor;
@@ -108019,9 +107912,9 @@ var require_isIterateeCall = __commonJS({
var eq = require_eq2();
var isArrayLike = require_isArrayLike();
var isIndex = require_isIndex();
var isObject2 = require_isObject();
var isObject3 = require_isObject();
function isIterateeCall(value, index, object) {
if (!isObject2(object)) {
if (!isObject3(object)) {
return false;
}
var type2 = typeof index;
@@ -108266,13 +108159,13 @@ var require_nativeKeysIn = __commonJS({
// node_modules/lodash/_baseKeysIn.js
var require_baseKeysIn = __commonJS({
"node_modules/lodash/_baseKeysIn.js"(exports2, module2) {
var isObject2 = require_isObject();
var isObject3 = require_isObject();
var isPrototype = require_isPrototype();
var nativeKeysIn = require_nativeKeysIn();
var objectProto = Object.prototype;
var hasOwnProperty = objectProto.hasOwnProperty;
function baseKeysIn(object) {
if (!isObject2(object)) {
if (!isObject3(object)) {
return nativeKeysIn(object);
}
var isProto = isPrototype(object), result = [];
@@ -108764,7 +108657,7 @@ var require_event_target_shim = __commonJS({
var CAPTURE = 1;
var BUBBLE = 2;
var ATTRIBUTE = 3;
function isObject2(x) {
function isObject3(x) {
return x !== null && typeof x === "object";
}
function getListeners(eventTarget) {
@@ -108790,7 +108683,7 @@ var require_event_target_shim = __commonJS({
return null;
},
set(listener) {
if (typeof listener !== "function" && !isObject2(listener)) {
if (typeof listener !== "function" && !isObject3(listener)) {
listener = null;
}
const listeners = getListeners(this);
@@ -108881,11 +108774,11 @@ var require_event_target_shim = __commonJS({
if (listener == null) {
return;
}
if (typeof listener !== "function" && !isObject2(listener)) {
if (typeof listener !== "function" && !isObject3(listener)) {
throw new TypeError("'listener' should be a function or an object.");
}
const listeners = getListeners(this);
const optionsIsObj = isObject2(options);
const optionsIsObj = isObject3(options);
const capture = optionsIsObj ? Boolean(options.capture) : Boolean(options);
const listenerType = capture ? CAPTURE : BUBBLE;
const newNode = {
@@ -108922,7 +108815,7 @@ var require_event_target_shim = __commonJS({
return;
}
const listeners = getListeners(this);
const capture = isObject2(options) ? Boolean(options.capture) : Boolean(options);
const capture = isObject3(options) ? Boolean(options.capture) : Boolean(options);
const listenerType = capture ? CAPTURE : BUBBLE;
let prev = null;
let node = listeners.get(eventName);
@@ -158048,7 +157941,7 @@ var require_follow_redirects = __commonJS({
if (this._ending) {
throw new WriteAfterEndError();
}
if (!isString(data) && !isBuffer(data)) {
if (!isString2(data) && !isBuffer(data)) {
throw new TypeError("data should be a string, Buffer or Uint8Array");
}
if (isFunction(encoding)) {
@@ -158303,7 +158196,7 @@ var require_follow_redirects = __commonJS({
function request2(input, options, callback) {
if (isURL(input)) {
input = spreadUrlObject(input);
} else if (isString(input)) {
} else if (isString2(input)) {
input = spreadUrlObject(parseUrl2(input));
} else {
callback = options;
@@ -158319,7 +158212,7 @@ var require_follow_redirects = __commonJS({
maxBodyLength: exports3.maxBodyLength
}, input, options);
options.nativeProtocols = nativeProtocols;
if (!isString(options.host) && !isString(options.hostname)) {
if (!isString2(options.host) && !isString2(options.hostname)) {
options.hostname = "::1";
}
assert.equal(options.protocol, protocol, "protocol mismatch");
@@ -158346,7 +158239,7 @@ var require_follow_redirects = __commonJS({
parsed = new URL2(input);
} else {
parsed = validateUrl(url.parse(input));
if (!isString(parsed.protocol)) {
if (!isString2(parsed.protocol)) {
throw new InvalidUrlError({ input });
}
}
@@ -158418,11 +158311,11 @@ var require_follow_redirects = __commonJS({
request2.destroy(error3);
}
function isSubdomain(subdomain, domain) {
assert(isString(subdomain) && isString(domain));
assert(isString2(subdomain) && isString2(domain));
var dot = subdomain.length - domain.length - 1;
return dot > 0 && subdomain[dot] === "." && subdomain.endsWith(domain);
}
function isString(value) {
function isString2(value) {
return typeof value === "string" || value instanceof String;
}
function isFunction(value) {
@@ -161100,6 +160993,11 @@ var semver = __toESM(require_semver2());
var maximumVersion = "3.21";
var minimumVersion = "3.14";
// src/json/index.ts
function isObject2(value) {
return typeof value === "object" && value !== null && !Array.isArray(value);
}
// src/util.ts
var GITHUB_DOTCOM_URL = "https://github.com";
var MINIMUM_CGROUP_MEMORY_LIMIT_BYTES = 1024 * 1024;
@@ -161181,7 +161079,6 @@ function getErrorMessage(error3) {
}
// src/actions-util.ts
var pkg = require_package();
var getRequiredInput = function(name) {
const value = core4.getInput(name);
if (!value) {
@@ -161198,7 +161095,7 @@ function getTemporaryDirectory() {
return value !== void 0 && value !== "" ? value : getRequiredEnvParam("RUNNER_TEMP");
}
function getActionVersion() {
return pkg.version;
return "4.33.0";
}
var persistedInputsKey = "persisted_inputs";
var restoreInputs = function() {
@@ -161287,6 +161184,7 @@ retry.VERSION = VERSION7;
// src/api-client.ts
var GITHUB_ENTERPRISE_VERSION_HEADER = "x-github-enterprise-version";
var DO_NOT_RETRY_STATUSES = [400, 410, 422, 451];
function createApiClientWithDetails(apiDetails, { allowExternal = false } = {}) {
const auth2 = allowExternal && apiDetails.externalRepoAuth || apiDetails.auth;
const retryingOctokit = githubUtils.GitHub.plugin(retry);
@@ -161301,10 +161199,7 @@ function createApiClientWithDetails(apiDetails, { allowExternal = false } = {})
error: core5.error
},
retry: {
// The default is 400, 401, 403, 404, 410, 422, and 451. We have observed transient errors
// with authentication, so we remove 401, 403, and 404 from the default list to ensure that
// these errors are retried.
doNotRetry: [400, 410, 422, 451]
doNotRetry: DO_NOT_RETRY_STATUSES
}
})
);
@@ -161368,6 +161263,7 @@ var semver2 = __toESM(require_semver2());
var RepositoryPropertyName = /* @__PURE__ */ ((RepositoryPropertyName2) => {
RepositoryPropertyName2["DISABLE_OVERLAY"] = "github-codeql-disable-overlay";
RepositoryPropertyName2["EXTRA_QUERIES"] = "github-codeql-extra-queries";
RepositoryPropertyName2["FILE_COVERAGE_ON_PRS"] = "github-codeql-file-coverage-on-prs";
return RepositoryPropertyName2;
})(RepositoryPropertyName || {});
var KNOWN_REPOSITORY_PROPERTY_NAMES = new Set(
@@ -161410,6 +161306,12 @@ var semver3 = __toESM(require_semver2());
// src/overlay/index.ts
var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP = "2.24.1";
var CODEQL_OVERLAY_MINIMUM_VERSION_GO = "2.24.2";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVA = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_RUBY = "2.23.9";
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500;
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
@@ -161492,70 +161394,48 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
},
["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
minimumVersion: void 0
},
// Per-language overlay feature flags. Each has minimumVersion set to the
// minimum CLI version that supports overlay analysis for that language.
// Only languages that are GA or in staff-ship should have feature flags here.
["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
minimumVersion: void 0
},
["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_status_check" /* OverlayAnalysisStatusCheck */]: {
defaultValue: false,
@@ -161567,25 +161447,20 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_STATUS_SAVE",
minimumVersion: void 0
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: void 0
},
["overlay_analysis_java" /* OverlayAnalysisJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_python" /* OverlayAnalysisPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: {
defaultValue: false,
@@ -161595,23 +161470,13 @@ var featureConfig = {
["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
minimumVersion: void 0
},
["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_skip_resource_checks" /* OverlayAnalysisSkipResourceChecks */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SKIP_RESOURCE_CHECKS",
minimumVersion: void 0
},
["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
minimumVersion: void 0
},
["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
@@ -161627,11 +161492,8 @@ var featureConfig = {
["skip_file_coverage_on_prs" /* SkipFileCoverageOnPrs */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_SKIP_FILE_COVERAGE_ON_PRS",
// For testing, this is not behind a CLI version check yet. However
// before rolling this out externally, we should set a minimum version here
// since current versions of the CodeQL CLI will log if baseline information
// cannot be found when interpreting results.
minimumVersion: void 0
minimumVersion: void 0,
toolsFeature: "suppressesMissingFileBaselineWarning" /* SuppressesMissingFileBaselineWarning */
},
["start_proxy_remove_unused_registries" /* StartProxyRemoveUnusedRegistries */]: {
defaultValue: false,
@@ -161649,11 +161511,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",
@@ -161674,28 +161531,20 @@ var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB = 14e3;
var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB * 1e6;
var OVERLAY_MINIMUM_MEMORY_MB = 5 * 1024;
var OVERLAY_ANALYSIS_FEATURES = {
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */
};
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */
};
function getPathToParsedConfigFile(tempDir) {
return path.join(tempDir, "config");
@@ -162152,7 +162001,7 @@ function getArtifactSuffix(matrix) {
if (matrix) {
try {
const matrixObject = JSON.parse(matrix);
if (matrixObject !== null && typeof matrixObject === "object") {
if (isObject2(matrixObject)) {
for (const matrixKey of Object.keys(matrixObject).sort())
suffix += `-${matrixObject[matrixKey]}`;
} else {
lib/start-proxy-action.js
Generated
+212 -234
View File
@@ -45981,113 +45981,6 @@ var require_semver2 = __commonJS({
}
});
// package.json
var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "4.32.6",
private: true,
description: "CodeQL action",
scripts: {
_build_comment: "echo 'Run the full build so we typecheck the project and can reuse the transpiled files in npm test'",
build: "./scripts/check-node-modules.sh && npm run transpile && node build.mjs",
lint: "eslint --report-unused-disable-directives --max-warnings=0 .",
"lint-ci": "SARIF_ESLINT_IGNORE_SUPPRESSED=true eslint --report-unused-disable-directives --max-warnings=0 . --format @microsoft/eslint-formatter-sarif --output-file=eslint.sarif",
"lint-fix": "eslint --report-unused-disable-directives --max-warnings=0 . --fix",
ava: "npm run transpile && ava --verbose",
test: "npm run ava -- src/",
"test-debug": "npm run test -- --timeout=20m",
transpile: "tsc --build --verbose"
},
ava: {
typescript: {
rewritePaths: {
"src/": "build/"
},
compile: false
}
},
license: "MIT",
dependencies: {
"@actions/artifact": "^5.0.3",
"@actions/artifact-legacy": "npm:@actions/artifact@^1.1.2",
"@actions/cache": "^5.0.5",
"@actions/core": "^2.0.3",
"@actions/exec": "^2.0.0",
"@actions/github": "^8.0.1",
"@actions/glob": "^0.5.0",
"@actions/http-client": "^3.0.0",
"@actions/io": "^2.0.0",
"@actions/tool-cache": "^3.0.1",
"@octokit/plugin-retry": "^8.0.0",
"@schemastore/package": "0.0.10",
archiver: "^7.0.1",
"fast-deep-equal": "^3.1.3",
"follow-redirects": "^1.15.11",
"get-folder-size": "^5.0.0",
"https-proxy-agent": "^7.0.6",
"js-yaml": "^4.1.1",
jsonschema: "1.4.1",
long: "^5.3.2",
"node-forge": "^1.3.3",
semver: "^7.7.4",
uuid: "^13.0.0"
},
devDependencies: {
"@ava/typescript": "6.0.0",
"@eslint/compat": "^2.0.2",
"@microsoft/eslint-formatter-sarif": "^3.1.0",
"@octokit/types": "^16.0.0",
"@types/archiver": "^7.0.0",
"@types/follow-redirects": "^1.14.4",
"@types/js-yaml": "^4.0.9",
"@types/node": "^20.19.9",
"@types/node-forge": "^1.3.14",
"@types/sarif": "^2.1.7",
"@types/semver": "^7.7.1",
"@types/sinon": "^21.0.0",
ava: "^6.4.1",
esbuild: "^0.27.3",
eslint: "^9.39.2",
"eslint-import-resolver-typescript": "^3.8.7",
"eslint-plugin-github": "^6.0.0",
"eslint-plugin-import-x": "^4.16.1",
"eslint-plugin-jsdoc": "^62.7.1",
"eslint-plugin-no-async-foreach": "^0.1.1",
glob: "^11.1.0",
globals: "^17.3.0",
nock: "^14.0.11",
sinon: "^21.0.1",
typescript: "^5.9.3",
"typescript-eslint": "^8.56.1"
},
overrides: {
"@actions/tool-cache": {
semver: ">=6.3.1"
},
"@octokit/request-error": {
semver: ">=5.1.1"
},
"@octokit/request": {
semver: ">=8.4.1"
},
"@octokit/plugin-paginate-rest": {
semver: ">=9.2.2"
},
"eslint-plugin-import": {
semver: ">=6.3.1"
},
"eslint-plugin-jsx-a11y": {
semver: ">=6.3.1"
},
"brace-expansion@2.0.1": "2.0.2",
glob: "^11.1.0"
}
};
}
});
// node_modules/bottleneck/light.js
var require_light = __commonJS({
"node_modules/bottleneck/light.js"(exports2, module2) {
@@ -47749,12 +47642,12 @@ var require_concat_map = __commonJS({
var res = [];
for (var i = 0; i < xs.length; i++) {
var x = fn(xs[i], i);
if (isArray(x)) res.push.apply(res, x);
if (isArray2(x)) res.push.apply(res, x);
else res.push(x);
}
return res;
};
var isArray = Array.isArray || function(xs) {
var isArray2 = Array.isArray || function(xs) {
return Object.prototype.toString.call(xs) === "[object Array]";
};
}
@@ -52097,8 +51990,8 @@ var require_object = __commonJS({
"node_modules/@typespec/ts-http-runtime/dist/commonjs/util/object.js"(exports2) {
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.isObject = isObject2;
function isObject2(input) {
exports2.isObject = isObject3;
function isObject3(input) {
return typeof input === "object" && input !== null && !Array.isArray(input) && !(input instanceof RegExp) && !(input instanceof Date);
}
}
@@ -56584,7 +56477,7 @@ var require_commonjs4 = __commonJS({
exports2.computeSha256Hmac = computeSha256Hmac;
exports2.getRandomIntegerInclusive = getRandomIntegerInclusive;
exports2.isError = isError;
exports2.isObject = isObject2;
exports2.isObject = isObject3;
exports2.randomUUID = randomUUID;
exports2.uint8ArrayToString = uint8ArrayToString;
exports2.stringToUint8Array = stringToUint8Array;
@@ -56631,7 +56524,7 @@ var require_commonjs4 = __commonJS({
function isError(e) {
return tspRuntime.isError(e);
}
function isObject2(input) {
function isObject3(input) {
return tspRuntime.isObject(input);
}
function randomUUID() {
@@ -63302,7 +63195,7 @@ var require_Credential = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.Credential = void 0;
var Credential = class {
var Credential2 = class {
/**
* Creates a RequestPolicy object.
*
@@ -63313,7 +63206,7 @@ var require_Credential = __commonJS({
throw new Error("Method should be implemented in children classes.");
}
};
exports2.Credential = Credential;
exports2.Credential = Credential2;
}
});
@@ -64442,7 +64335,7 @@ var require_Credential2 = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.Credential = void 0;
var Credential = class {
var Credential2 = class {
/**
* Creates a RequestPolicy object.
*
@@ -64453,7 +64346,7 @@ var require_Credential2 = __commonJS({
throw new Error("Method should be implemented in children classes.");
}
};
exports2.Credential = Credential;
exports2.Credential = Credential2;
}
});
@@ -91466,7 +91359,7 @@ var require_config = __commonJS({
});
// node_modules/@actions/cache/package.json
var require_package2 = __commonJS({
var require_package = __commonJS({
"node_modules/@actions/cache/package.json"(exports2, module2) {
module2.exports = {
name: "@actions/cache",
@@ -91538,7 +91431,7 @@ var require_user_agent = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.getUserAgentString = getUserAgentString;
var packageJson = require_package2();
var packageJson = require_package();
function getUserAgentString() {
return `@actions/cache-${packageJson.version}`;
}
@@ -120223,6 +120116,25 @@ var safeDump = renamed("safeDump", "dump");
// src/util.ts
var semver = __toESM(require_semver2());
// src/json/index.ts
function parseString(data) {
return JSON.parse(data);
}
function isObject2(value) {
return typeof value === "object" && value !== null && !Array.isArray(value);
}
function isArray(value) {
return Array.isArray(value);
}
function isString(value) {
return typeof value === "string";
}
function isStringOrUndefined(value) {
return value === void 0 || isString(value);
}
// src/util.ts
var GITHUB_DOTCOM_URL = "https://github.com";
var MINIMUM_CGROUP_MEMORY_LIMIT_BYTES = 1024 * 1024;
function parseGitHubUrl(inputUrl) {
@@ -120270,7 +120182,7 @@ var HTTPError = class extends Error {
var ConfigurationError = class extends Error {
};
function asHTTPError(arg) {
if (typeof arg !== "object" || arg === null || typeof arg.message !== "string") {
if (!isObject2(arg) || !isString(arg.message)) {
return void 0;
}
if (Number.isInteger(arg.status)) {
@@ -120346,7 +120258,6 @@ function isDefined2(value) {
}
// src/actions-util.ts
var pkg = require_package();
var getRequiredInput = function(name) {
const value = core4.getInput(name);
if (!value) {
@@ -120363,7 +120274,7 @@ function getTemporaryDirectory() {
return value !== void 0 && value !== "" ? value : getRequiredEnvParam("RUNNER_TEMP");
}
function getActionVersion() {
return pkg.version;
return "4.33.0";
}
function getWorkflowEventName() {
return getRequiredEnvParam("GITHUB_EVENT_NAME");
@@ -120510,6 +120421,7 @@ function parseRepositoryNwo(input) {
// src/api-client.ts
var GITHUB_ENTERPRISE_VERSION_HEADER = "x-github-enterprise-version";
var DO_NOT_RETRY_STATUSES = [400, 410, 422, 451];
function createApiClientWithDetails(apiDetails, { allowExternal = false } = {}) {
const auth2 = allowExternal && apiDetails.externalRepoAuth || apiDetails.auth;
const retryingOctokit = githubUtils.GitHub.plugin(retry);
@@ -120524,10 +120436,7 @@ function createApiClientWithDetails(apiDetails, { allowExternal = false } = {})
error: core5.error
},
retry: {
// The default is 400, 401, 403, 404, 410, 422, and 451. We have observed transient errors
// with authentication, so we remove 401, 403, and 404 from the default list to ensure that
// these errors are retried.
doNotRetry: [400, 410, 422, 451]
doNotRetry: DO_NOT_RETRY_STATUSES
}
})
);
@@ -120731,6 +120640,12 @@ function getActionsLogger() {
// src/overlay/index.ts
var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP = "2.24.1";
var CODEQL_OVERLAY_MINIMUM_VERSION_GO = "2.24.2";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVA = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_RUBY = "2.23.9";
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500;
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
@@ -120815,70 +120730,48 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
},
["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
minimumVersion: void 0
},
// Per-language overlay feature flags. Each has minimumVersion set to the
// minimum CLI version that supports overlay analysis for that language.
// Only languages that are GA or in staff-ship should have feature flags here.
["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
minimumVersion: void 0
},
["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_status_check" /* OverlayAnalysisStatusCheck */]: {
defaultValue: false,
@@ -120890,25 +120783,20 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_STATUS_SAVE",
minimumVersion: void 0
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: void 0
},
["overlay_analysis_java" /* OverlayAnalysisJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_python" /* OverlayAnalysisPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: {
defaultValue: false,
@@ -120918,23 +120806,13 @@ var featureConfig = {
["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
minimumVersion: void 0
},
["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_skip_resource_checks" /* OverlayAnalysisSkipResourceChecks */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SKIP_RESOURCE_CHECKS",
minimumVersion: void 0
},
["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
minimumVersion: void 0
},
["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
@@ -120950,11 +120828,8 @@ var featureConfig = {
["skip_file_coverage_on_prs" /* SkipFileCoverageOnPrs */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_SKIP_FILE_COVERAGE_ON_PRS",
// For testing, this is not behind a CLI version check yet. However
// before rolling this out externally, we should set a minimum version here
// since current versions of the CodeQL CLI will log if baseline information
// cannot be found when interpreting results.
minimumVersion: void 0
minimumVersion: void 0,
toolsFeature: "suppressesMissingFileBaselineWarning" /* SuppressesMissingFileBaselineWarning */
},
["start_proxy_remove_unused_registries" /* StartProxyRemoveUnusedRegistries */]: {
defaultValue: false,
@@ -120972,11 +120847,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",
@@ -121370,6 +121240,95 @@ var KnownLanguage = /* @__PURE__ */ ((KnownLanguage2) => {
return KnownLanguage2;
})(KnownLanguage || {});
// src/start-proxy/types.ts
function hasUsername(config) {
return "username" in config;
}
function isUsernamePassword(config) {
return hasUsername(config) && "password" in config;
}
function isToken(config) {
if ("username" in config && !isStringOrUndefined(config.username)) {
return false;
}
return "token" in config && isStringOrUndefined(config.token);
}
function isAzureConfig(config) {
return "tenant_id" in config && "client_id" in config && isDefined2(config.tenant_id) && isDefined2(config.client_id) && isString(config.tenant_id) && isString(config.client_id);
}
function isAWSConfig(config) {
const requiredProperties = [
"aws_region",
"account_id",
"role_name",
"domain",
"domain_owner"
];
for (const property of requiredProperties) {
if (!(property in config) || !isDefined2(config[property]) || !isString(config[property])) {
return false;
}
}
if ("audience" in config && !isStringOrUndefined(config.audience)) {
return false;
}
return true;
}
function isJFrogConfig(config) {
if ("audience" in config && !isStringOrUndefined(config.audience)) {
return false;
}
if ("identity_mapping_name" in config && !isStringOrUndefined(config.identity_mapping_name)) {
return false;
}
return "jfrog_oidc_provider_name" in config && isDefined2(config.jfrog_oidc_provider_name) && isString(config.jfrog_oidc_provider_name);
}
function credentialToStr(credential) {
let result = `Type: ${credential.type};`;
const appendIfDefined = (name, val) => {
if (isDefined2(val)) {
result += ` ${name}: ${val};`;
}
};
appendIfDefined("Url", credential.url);
appendIfDefined("Host", credential.host);
if (hasUsername(credential)) {
appendIfDefined("Username", credential.username);
}
if ("password" in credential) {
appendIfDefined(
"Password",
isDefined2(credential.password) ? "***" : void 0
);
}
if (isToken(credential)) {
appendIfDefined("Token", isDefined2(credential.token) ? "***" : void 0);
}
if (isAzureConfig(credential)) {
appendIfDefined("Tenant", credential.tenant_id);
appendIfDefined("Client", credential.client_id);
} else if (isAWSConfig(credential)) {
appendIfDefined("AWS Region", credential.aws_region);
appendIfDefined("AWS Account", credential.account_id);
appendIfDefined("AWS Role", credential.role_name);
appendIfDefined("AWS Domain", credential.domain);
appendIfDefined("AWS Domain Owner", credential.domain_owner);
appendIfDefined("AWS Audience", credential.audience);
} else if (isJFrogConfig(credential)) {
appendIfDefined("JFrog Provider", credential.jfrog_oidc_provider_name);
appendIfDefined("JFrog Identity Mapping", credential.identity_mapping_name);
appendIfDefined("JFrog Audience", credential.audience);
}
return result;
}
function getAddressString(address) {
if (address.url === void 0) {
return address.host;
} else {
return address.url;
}
}
// src/status-report.ts
var os = __toESM(require("os"));
var core9 = __toESM(require_core());
@@ -121391,6 +121350,7 @@ var semver5 = __toESM(require_semver2());
var RepositoryPropertyName = /* @__PURE__ */ ((RepositoryPropertyName2) => {
RepositoryPropertyName2["DISABLE_OVERLAY"] = "github-codeql-disable-overlay";
RepositoryPropertyName2["EXTRA_QUERIES"] = "github-codeql-extra-queries";
RepositoryPropertyName2["FILE_COVERAGE_ON_PRS"] = "github-codeql-file-coverage-on-prs";
return RepositoryPropertyName2;
})(RepositoryPropertyName || {});
var KNOWN_REPOSITORY_PROPERTY_NAMES = new Set(
@@ -121418,28 +121378,20 @@ var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB = 14e3;
var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB * 1e6;
var OVERLAY_MINIMUM_MEMORY_MB = 5 * 1024;
var OVERLAY_ANALYSIS_FEATURES = {
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */
};
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */
};
// src/status-report.ts
@@ -121647,15 +121599,6 @@ async function sendUnhandledErrorStatusReport(actionName, actionStartedAt, error
}
}
// src/start-proxy/types.ts
function getAddressString(address) {
if (address.url === void 0) {
return address.host;
} else {
return address.url;
}
}
// src/start-proxy.ts
function getStartProxyErrorMessage(errorType) {
switch (errorType) {
@@ -121766,12 +121709,12 @@ var NEW_LANGUAGE_TO_REGISTRY_TYPE = {
go: ["goproxy_server", "git_source"]
};
function getRegistryAddress(registry) {
if (isDefined2(registry.url)) {
if (isDefined2(registry.url) && isString(registry.url) && isStringOrUndefined(registry.host)) {
return {
url: registry.url,
host: registry.host
};
} else if (isDefined2(registry.host)) {
} else if (isDefined2(registry.host) && isString(registry.host)) {
return {
url: void 0,
host: registry.host
@@ -121782,6 +121725,48 @@ function getRegistryAddress(registry) {
);
}
}
function getAuthConfig(config) {
if (isAzureConfig(config)) {
return {
tenant_id: config.tenant_id,
client_id: config.client_id
};
} else if (isAWSConfig(config)) {
return {
aws_region: config.aws_region,
account_id: config.account_id,
role_name: config.role_name,
domain: config.domain,
domain_owner: config.domain_owner,
audience: config.audience
};
} else if (isJFrogConfig(config)) {
return {
jfrog_oidc_provider_name: config.jfrog_oidc_provider_name,
identity_mapping_name: config.identity_mapping_name,
audience: config.audience
};
} else if (isToken(config)) {
if (isDefined2(config.token)) {
core10.setSecret(config.token);
}
return { username: config.username, token: config.token };
} else {
let username = void 0;
let password = void 0;
if ("password" in config && isString(config.password)) {
core10.setSecret(config.password);
password = config.password;
}
if ("username" in config && isString(config.username)) {
username = config.username;
}
return {
username,
password
};
}
}
function getCredentials(logger, registrySecrets, registriesCredentials, language, skipUnusedRegistries = false) {
const registryMapping = skipUnusedRegistries ? NEW_LANGUAGE_TO_REGISTRY_TYPE : LANGUAGE_TO_REGISTRY_TYPE;
const registryTypeForLanguage = language ? registryMapping[language] : void 0;
@@ -121798,30 +121783,25 @@ function getCredentials(logger, registrySecrets, registriesCredentials, language
}
let parsed;
try {
parsed = JSON.parse(credentialsStr);
parsed = parseString(credentialsStr);
} catch {
logger.error("Failed to parse the credentials data.");
throw new ConfigurationError("Invalid credentials format.");
}
if (!Array.isArray(parsed)) {
if (!isArray(parsed)) {
throw new ConfigurationError(
"Expected credentials data to be an array of configurations, but it is not."
);
}
const out = [];
for (const e of parsed) {
if (e === null || typeof e !== "object") {
if (e === null || !isObject2(e)) {
throw new ConfigurationError("Invalid credentials - must be an object");
}
if (!isDefined2(e.type)) {
if (!isDefined2(e.type) || !isString(e.type)) {
throw new ConfigurationError("Invalid credentials - must have a type");
}
if (isDefined2(e.password)) {
core10.setSecret(e.password);
}
if (isDefined2(e.token)) {
core10.setSecret(e.token);
}
const authConfig = getAuthConfig(e);
const address = getRegistryAddress(e);
if (registryTypeForLanguage && !registryTypeForLanguage.some((t) => t === e.type)) {
continue;
@@ -121829,21 +121809,22 @@ function getCredentials(logger, registrySecrets, registriesCredentials, language
const isPrintable2 = (str2) => {
return str2 ? /^[\x20-\x7E]*$/.test(str2) : true;
};
if (!isPrintable2(e.type) || !isPrintable2(e.host) || !isPrintable2(e.url) || !isPrintable2(e.username) || !isPrintable2(e.password) || !isPrintable2(e.token)) {
throw new ConfigurationError(
"Invalid credentials - fields must contain only printable characters"
);
for (const key of Object.keys(e)) {
const val = e[key];
if (typeof val === "string" && !isPrintable2(val)) {
throw new ConfigurationError(
"Invalid credentials - fields must contain only printable characters"
);
}
}
if (!isDefined2(e.username) && (isDefined2(e.password) && isPAT(e.password) || isDefined2(e.token) && isPAT(e.token))) {
if ((!hasUsername(authConfig) || !isDefined2(authConfig.username)) && isUsernamePassword(authConfig) && isDefined2(authConfig.password) && isPAT(authConfig.password) || isToken(authConfig) && isDefined2(authConfig.token) && isPAT(authConfig.token)) {
logger.warning(
`A ${e.type} private registry is configured for ${e.host || e.url} using a GitHub Personal Access Token (PAT), but no username was provided. This may not work correctly. When configuring a private registry using a PAT, select "Username and password" and enter the username of the user who generated the PAT.`
);
}
out.push({
type: e.type,
username: e.username,
password: e.password,
token: e.token,
...authConfig,
...address
});
}
@@ -121905,9 +121886,6 @@ async function getDownloadUrl(logger, features) {
version: UPDATEJOB_PROXY_VERSION
};
}
function credentialToStr(c) {
return `Type: ${c.type}; Host: ${c.host}; Url: ${c.url} Username: ${c.username}; Password: ${c.password !== void 0}; Token: ${c.token !== void 0}`;
}
async function downloadProxy(logger, url, authorization) {
try {
return toolcache.downloadTool(
lib/upload-lib.js
Generated
+290 -440
View File
File diff suppressed because it is too large Load Diff
lib/upload-sarif-action-post.js
Generated
+72 -223
View File
@@ -45981,113 +45981,6 @@ var require_semver2 = __commonJS({
}
});
// package.json
var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "4.32.6",
private: true,
description: "CodeQL action",
scripts: {
_build_comment: "echo 'Run the full build so we typecheck the project and can reuse the transpiled files in npm test'",
build: "./scripts/check-node-modules.sh && npm run transpile && node build.mjs",
lint: "eslint --report-unused-disable-directives --max-warnings=0 .",
"lint-ci": "SARIF_ESLINT_IGNORE_SUPPRESSED=true eslint --report-unused-disable-directives --max-warnings=0 . --format @microsoft/eslint-formatter-sarif --output-file=eslint.sarif",
"lint-fix": "eslint --report-unused-disable-directives --max-warnings=0 . --fix",
ava: "npm run transpile && ava --verbose",
test: "npm run ava -- src/",
"test-debug": "npm run test -- --timeout=20m",
transpile: "tsc --build --verbose"
},
ava: {
typescript: {
rewritePaths: {
"src/": "build/"
},
compile: false
}
},
license: "MIT",
dependencies: {
"@actions/artifact": "^5.0.3",
"@actions/artifact-legacy": "npm:@actions/artifact@^1.1.2",
"@actions/cache": "^5.0.5",
"@actions/core": "^2.0.3",
"@actions/exec": "^2.0.0",
"@actions/github": "^8.0.1",
"@actions/glob": "^0.5.0",
"@actions/http-client": "^3.0.0",
"@actions/io": "^2.0.0",
"@actions/tool-cache": "^3.0.1",
"@octokit/plugin-retry": "^8.0.0",
"@schemastore/package": "0.0.10",
archiver: "^7.0.1",
"fast-deep-equal": "^3.1.3",
"follow-redirects": "^1.15.11",
"get-folder-size": "^5.0.0",
"https-proxy-agent": "^7.0.6",
"js-yaml": "^4.1.1",
jsonschema: "1.4.1",
long: "^5.3.2",
"node-forge": "^1.3.3",
semver: "^7.7.4",
uuid: "^13.0.0"
},
devDependencies: {
"@ava/typescript": "6.0.0",
"@eslint/compat": "^2.0.2",
"@microsoft/eslint-formatter-sarif": "^3.1.0",
"@octokit/types": "^16.0.0",
"@types/archiver": "^7.0.0",
"@types/follow-redirects": "^1.14.4",
"@types/js-yaml": "^4.0.9",
"@types/node": "^20.19.9",
"@types/node-forge": "^1.3.14",
"@types/sarif": "^2.1.7",
"@types/semver": "^7.7.1",
"@types/sinon": "^21.0.0",
ava: "^6.4.1",
esbuild: "^0.27.3",
eslint: "^9.39.2",
"eslint-import-resolver-typescript": "^3.8.7",
"eslint-plugin-github": "^6.0.0",
"eslint-plugin-import-x": "^4.16.1",
"eslint-plugin-jsdoc": "^62.7.1",
"eslint-plugin-no-async-foreach": "^0.1.1",
glob: "^11.1.0",
globals: "^17.3.0",
nock: "^14.0.11",
sinon: "^21.0.1",
typescript: "^5.9.3",
"typescript-eslint": "^8.56.1"
},
overrides: {
"@actions/tool-cache": {
semver: ">=6.3.1"
},
"@octokit/request-error": {
semver: ">=5.1.1"
},
"@octokit/request": {
semver: ">=8.4.1"
},
"@octokit/plugin-paginate-rest": {
semver: ">=9.2.2"
},
"eslint-plugin-import": {
semver: ">=6.3.1"
},
"eslint-plugin-jsx-a11y": {
semver: ">=6.3.1"
},
"brace-expansion@2.0.1": "2.0.2",
glob: "^11.1.0"
}
};
}
});
// node_modules/bottleneck/light.js
var require_light = __commonJS({
"node_modules/bottleneck/light.js"(exports2, module2) {
@@ -53828,7 +53721,7 @@ The following characters are not allowed in files that are uploaded due to limit
});
// node_modules/@actions/artifact/package.json
var require_package2 = __commonJS({
var require_package = __commonJS({
"node_modules/@actions/artifact/package.json"(exports2, module2) {
module2.exports = {
name: "@actions/artifact",
@@ -53907,7 +53800,7 @@ var require_user_agent = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.getUserAgentString = void 0;
var packageJson = require_package2();
var packageJson = require_package();
function getUserAgentString() {
return `@actions/artifact-${packageJson.version}`;
}
@@ -55607,8 +55500,8 @@ var require_object = __commonJS({
"node_modules/@typespec/ts-http-runtime/dist/commonjs/util/object.js"(exports2) {
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.isObject = isObject2;
function isObject2(input) {
exports2.isObject = isObject3;
function isObject3(input) {
return typeof input === "object" && input !== null && !Array.isArray(input) && !(input instanceof RegExp) && !(input instanceof Date);
}
}
@@ -60094,7 +59987,7 @@ var require_commonjs6 = __commonJS({
exports2.computeSha256Hmac = computeSha256Hmac;
exports2.getRandomIntegerInclusive = getRandomIntegerInclusive;
exports2.isError = isError;
exports2.isObject = isObject2;
exports2.isObject = isObject3;
exports2.randomUUID = randomUUID;
exports2.uint8ArrayToString = uint8ArrayToString;
exports2.stringToUint8Array = stringToUint8Array;
@@ -60141,7 +60034,7 @@ var require_commonjs6 = __commonJS({
function isError(e) {
return tspRuntime.isError(e);
}
function isObject2(input) {
function isObject3(input) {
return tspRuntime.isObject(input);
}
function randomUUID() {
@@ -97883,10 +97776,10 @@ var require_util19 = __commonJS({
return typeof arg === "number";
}
exports2.isNumber = isNumber;
function isString(arg) {
function isString2(arg) {
return typeof arg === "string";
}
exports2.isString = isString;
exports2.isString = isString2;
function isSymbol(arg) {
return typeof arg === "symbol";
}
@@ -97899,10 +97792,10 @@ var require_util19 = __commonJS({
return objectToString(re) === "[object RegExp]";
}
exports2.isRegExp = isRegExp;
function isObject2(arg) {
function isObject3(arg) {
return typeof arg === "object" && arg !== null;
}
exports2.isObject = isObject2;
exports2.isObject = isObject3;
function isDate(d) {
return objectToString(d) === "[object Date]";
}
@@ -99944,11 +99837,11 @@ var require_baseGetTag = __commonJS({
// node_modules/lodash/isObject.js
var require_isObject = __commonJS({
"node_modules/lodash/isObject.js"(exports2, module2) {
function isObject2(value) {
function isObject3(value) {
var type2 = typeof value;
return value != null && (type2 == "object" || type2 == "function");
}
module2.exports = isObject2;
module2.exports = isObject3;
}
});
@@ -99956,13 +99849,13 @@ var require_isObject = __commonJS({
var require_isFunction = __commonJS({
"node_modules/lodash/isFunction.js"(exports2, module2) {
var baseGetTag = require_baseGetTag();
var isObject2 = require_isObject();
var isObject3 = require_isObject();
var asyncTag = "[object AsyncFunction]";
var funcTag = "[object Function]";
var genTag = "[object GeneratorFunction]";
var proxyTag = "[object Proxy]";
function isFunction(value) {
if (!isObject2(value)) {
if (!isObject3(value)) {
return false;
}
var tag = baseGetTag(value);
@@ -100023,7 +99916,7 @@ var require_baseIsNative = __commonJS({
"node_modules/lodash/_baseIsNative.js"(exports2, module2) {
var isFunction = require_isFunction();
var isMasked = require_isMasked();
var isObject2 = require_isObject();
var isObject3 = require_isObject();
var toSource = require_toSource();
var reRegExpChar = /[\\^$.*+?()[\]{}|]/g;
var reIsHostCtor = /^\[object .+?Constructor\]$/;
@@ -100035,7 +99928,7 @@ var require_baseIsNative = __commonJS({
"^" + funcToString.call(hasOwnProperty).replace(reRegExpChar, "\\$&").replace(/hasOwnProperty|(function).*?(?=\\\()| for .+?(?=\\\])/g, "$1.*?") + "$"
);
function baseIsNative(value) {
if (!isObject2(value) || isMasked(value)) {
if (!isObject3(value) || isMasked(value)) {
return false;
}
var pattern = isFunction(value) ? reIsNative : reIsHostCtor;
@@ -100203,9 +100096,9 @@ var require_isIterateeCall = __commonJS({
var eq = require_eq2();
var isArrayLike = require_isArrayLike();
var isIndex = require_isIndex();
var isObject2 = require_isObject();
var isObject3 = require_isObject();
function isIterateeCall(value, index, object) {
if (!isObject2(object)) {
if (!isObject3(object)) {
return false;
}
var type2 = typeof index;
@@ -100450,13 +100343,13 @@ var require_nativeKeysIn = __commonJS({
// node_modules/lodash/_baseKeysIn.js
var require_baseKeysIn = __commonJS({
"node_modules/lodash/_baseKeysIn.js"(exports2, module2) {
var isObject2 = require_isObject();
var isObject3 = require_isObject();
var isPrototype = require_isPrototype();
var nativeKeysIn = require_nativeKeysIn();
var objectProto = Object.prototype;
var hasOwnProperty = objectProto.hasOwnProperty;
function baseKeysIn(object) {
if (!isObject2(object)) {
if (!isObject3(object)) {
return nativeKeysIn(object);
}
var isProto = isPrototype(object), result = [];
@@ -100948,7 +100841,7 @@ var require_event_target_shim = __commonJS({
var CAPTURE = 1;
var BUBBLE = 2;
var ATTRIBUTE = 3;
function isObject2(x) {
function isObject3(x) {
return x !== null && typeof x === "object";
}
function getListeners(eventTarget) {
@@ -100974,7 +100867,7 @@ var require_event_target_shim = __commonJS({
return null;
},
set(listener) {
if (typeof listener !== "function" && !isObject2(listener)) {
if (typeof listener !== "function" && !isObject3(listener)) {
listener = null;
}
const listeners = getListeners(this);
@@ -101065,11 +100958,11 @@ var require_event_target_shim = __commonJS({
if (listener == null) {
return;
}
if (typeof listener !== "function" && !isObject2(listener)) {
if (typeof listener !== "function" && !isObject3(listener)) {
throw new TypeError("'listener' should be a function or an object.");
}
const listeners = getListeners(this);
const optionsIsObj = isObject2(options);
const optionsIsObj = isObject3(options);
const capture = optionsIsObj ? Boolean(options.capture) : Boolean(options);
const listenerType = capture ? CAPTURE : BUBBLE;
const newNode = {
@@ -101106,7 +100999,7 @@ var require_event_target_shim = __commonJS({
return;
}
const listeners = getListeners(this);
const capture = isObject2(options) ? Boolean(options.capture) : Boolean(options);
const capture = isObject3(options) ? Boolean(options.capture) : Boolean(options);
const listenerType = capture ? CAPTURE : BUBBLE;
let prev = null;
let node = listeners.get(eventName);
@@ -155097,7 +154990,7 @@ var require_config2 = __commonJS({
});
// node_modules/@actions/cache/package.json
var require_package3 = __commonJS({
var require_package2 = __commonJS({
"node_modules/@actions/cache/package.json"(exports2, module2) {
module2.exports = {
name: "@actions/cache",
@@ -155169,7 +155062,7 @@ var require_user_agent2 = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.getUserAgentString = getUserAgentString;
var packageJson = require_package3();
var packageJson = require_package2();
function getUserAgentString() {
return `@actions/cache-${packageJson.version}`;
}
@@ -158048,7 +157941,7 @@ var require_follow_redirects = __commonJS({
if (this._ending) {
throw new WriteAfterEndError();
}
if (!isString(data) && !isBuffer(data)) {
if (!isString2(data) && !isBuffer(data)) {
throw new TypeError("data should be a string, Buffer or Uint8Array");
}
if (isFunction(encoding)) {
@@ -158303,7 +158196,7 @@ var require_follow_redirects = __commonJS({
function request2(input, options, callback) {
if (isURL(input)) {
input = spreadUrlObject(input);
} else if (isString(input)) {
} else if (isString2(input)) {
input = spreadUrlObject(parseUrl2(input));
} else {
callback = options;
@@ -158319,7 +158212,7 @@ var require_follow_redirects = __commonJS({
maxBodyLength: exports3.maxBodyLength
}, input, options);
options.nativeProtocols = nativeProtocols;
if (!isString(options.host) && !isString(options.hostname)) {
if (!isString2(options.host) && !isString2(options.hostname)) {
options.hostname = "::1";
}
assert.equal(options.protocol, protocol, "protocol mismatch");
@@ -158346,7 +158239,7 @@ var require_follow_redirects = __commonJS({
parsed = new URL2(input);
} else {
parsed = validateUrl(url.parse(input));
if (!isString(parsed.protocol)) {
if (!isString2(parsed.protocol)) {
throw new InvalidUrlError({ input });
}
}
@@ -158418,11 +158311,11 @@ var require_follow_redirects = __commonJS({
request2.destroy(error3);
}
function isSubdomain(subdomain, domain) {
assert(isString(subdomain) && isString(domain));
assert(isString2(subdomain) && isString2(domain));
var dot = subdomain.length - domain.length - 1;
return dot > 0 && subdomain[dot] === "." && subdomain.endsWith(domain);
}
function isString(value) {
function isString2(value) {
return typeof value === "string" || value instanceof String;
}
function isFunction(value) {
@@ -161100,6 +160993,11 @@ var semver = __toESM(require_semver2());
var maximumVersion = "3.21";
var minimumVersion = "3.14";
// src/json/index.ts
function isObject2(value) {
return typeof value === "object" && value !== null && !Array.isArray(value);
}
// src/util.ts
var GITHUB_DOTCOM_URL = "https://github.com";
var MINIMUM_CGROUP_MEMORY_LIMIT_BYTES = 1024 * 1024;
@@ -161181,7 +161079,6 @@ function getErrorMessage(error3) {
}
// src/actions-util.ts
var pkg = require_package();
var getRequiredInput = function(name) {
const value = core4.getInput(name);
if (!value) {
@@ -161198,7 +161095,7 @@ function getTemporaryDirectory() {
return value !== void 0 && value !== "" ? value : getRequiredEnvParam("RUNNER_TEMP");
}
function getActionVersion() {
return pkg.version;
return "4.33.0";
}
var persistedInputsKey = "persisted_inputs";
var restoreInputs = function() {
@@ -161287,6 +161184,7 @@ retry.VERSION = VERSION7;
// src/api-client.ts
var GITHUB_ENTERPRISE_VERSION_HEADER = "x-github-enterprise-version";
var DO_NOT_RETRY_STATUSES = [400, 410, 422, 451];
function createApiClientWithDetails(apiDetails, { allowExternal = false } = {}) {
const auth2 = allowExternal && apiDetails.externalRepoAuth || apiDetails.auth;
const retryingOctokit = githubUtils.GitHub.plugin(retry);
@@ -161301,10 +161199,7 @@ function createApiClientWithDetails(apiDetails, { allowExternal = false } = {})
error: core5.error
},
retry: {
// The default is 400, 401, 403, 404, 410, 422, and 451. We have observed transient errors
// with authentication, so we remove 401, 403, and 404 from the default list to ensure that
// these errors are retried.
doNotRetry: [400, 410, 422, 451]
doNotRetry: DO_NOT_RETRY_STATUSES
}
})
);
@@ -161518,6 +161413,7 @@ var semver2 = __toESM(require_semver2());
var RepositoryPropertyName = /* @__PURE__ */ ((RepositoryPropertyName2) => {
RepositoryPropertyName2["DISABLE_OVERLAY"] = "github-codeql-disable-overlay";
RepositoryPropertyName2["EXTRA_QUERIES"] = "github-codeql-extra-queries";
RepositoryPropertyName2["FILE_COVERAGE_ON_PRS"] = "github-codeql-file-coverage-on-prs";
return RepositoryPropertyName2;
})(RepositoryPropertyName || {});
var KNOWN_REPOSITORY_PROPERTY_NAMES = new Set(
@@ -161568,6 +161464,12 @@ var semver3 = __toESM(require_semver2());
// src/overlay/index.ts
var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP = "2.24.1";
var CODEQL_OVERLAY_MINIMUM_VERSION_GO = "2.24.2";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVA = "2.23.8";
var CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON = "2.23.9";
var CODEQL_OVERLAY_MINIMUM_VERSION_RUBY = "2.23.9";
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500;
var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
@@ -161654,70 +161556,48 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
},
["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
minimumVersion: void 0
},
// Per-language overlay feature flags. Each has minimumVersion set to the
// minimum CLI version that supports overlay analysis for that language.
// Only languages that are GA or in staff-ship should have feature flags here.
["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
minimumVersion: void 0
},
["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
minimumVersion: void 0
},
["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_CSHARP
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_GO
},
["overlay_analysis_status_check" /* OverlayAnalysisStatusCheck */]: {
defaultValue: false,
@@ -161729,25 +161609,20 @@ var featureConfig = {
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_STATUS_SAVE",
minimumVersion: void 0
},
["overlay_analysis_go" /* OverlayAnalysisGo */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
minimumVersion: void 0
},
["overlay_analysis_java" /* OverlayAnalysisJava */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVA
},
["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT
},
["overlay_analysis_python" /* OverlayAnalysisPython */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_PYTHON
},
["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: {
defaultValue: false,
@@ -161757,23 +161632,13 @@ var featureConfig = {
["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
minimumVersion: void 0
},
["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
minimumVersion: void 0
minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_RUBY
},
["overlay_analysis_skip_resource_checks" /* OverlayAnalysisSkipResourceChecks */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SKIP_RESOURCE_CHECKS",
minimumVersion: void 0
},
["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
minimumVersion: void 0
},
["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
@@ -161789,11 +161654,8 @@ var featureConfig = {
["skip_file_coverage_on_prs" /* SkipFileCoverageOnPrs */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_SKIP_FILE_COVERAGE_ON_PRS",
// For testing, this is not behind a CLI version check yet. However
// before rolling this out externally, we should set a minimum version here
// since current versions of the CodeQL CLI will log if baseline information
// cannot be found when interpreting results.
minimumVersion: void 0
minimumVersion: void 0,
toolsFeature: "suppressesMissingFileBaselineWarning" /* SuppressesMissingFileBaselineWarning */
},
["start_proxy_remove_unused_registries" /* StartProxyRemoveUnusedRegistries */]: {
defaultValue: false,
@@ -161811,11 +161673,6 @@ var featureConfig = {
minimumVersion: void 0,
toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */
},
["use_repository_properties_v2" /* UseRepositoryProperties */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
minimumVersion: void 0
},
["validate_db_config" /* ValidateDbConfig */]: {
defaultValue: false,
envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG",
@@ -161836,28 +161693,20 @@ var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB = 14e3;
var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_MB * 1e6;
var OVERLAY_MINIMUM_MEMORY_MB = 5 * 1024;
var OVERLAY_ANALYSIS_FEATURES = {
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */
};
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */
};
// src/setup-codeql.ts
@@ -162174,7 +162023,7 @@ function getArtifactSuffix(matrix) {
if (matrix) {
try {
const matrixObject = JSON.parse(matrix);
if (matrixObject !== null && typeof matrixObject === "object") {
if (isObject2(matrixObject)) {
for (const matrixKey of Object.keys(matrixObject).sort())
suffix += `-${matrixObject[matrixKey]}`;
} else {
lib/upload-sarif-action.js
Generated
+296 -446
View File
File diff suppressed because it is too large Load Diff
package-lock.json
Generated
+531 -304
View File
File diff suppressed because it is too large Load Diff
package.json
+7 -12
View File
@@ -1,6 +1,6 @@
{
"name": "codeql",
"version": "4.32.6",
"version": "4.33.0",
"private": true,
"description": "CodeQL action",
"scripts": {
@@ -14,15 +14,10 @@
"test-debug": "npm run test -- --timeout=20m",
"transpile": "tsc --build --verbose"
},
"ava": {
"typescript": {
"rewritePaths": {
"src/": "build/"
},
"compile": false
}
},
"license": "MIT",
"workspaces": [
"pr-checks"
],
"dependencies": {
"@actions/artifact": "^5.0.3",
"@actions/artifact-legacy": "npm:@actions/artifact@^1.1.2",
@@ -61,7 +56,7 @@
"@types/sarif": "^2.1.7",
"@types/semver": "^7.7.1",
"@types/sinon": "^21.0.0",
"ava": "^6.4.1",
"ava": "^7.0.0",
"esbuild": "^0.27.3",
"eslint": "^9.39.2",
"eslint-import-resolver-typescript": "^3.8.7",
@@ -70,9 +65,9 @@
"eslint-plugin-jsdoc": "^62.7.1",
"eslint-plugin-no-async-foreach": "^0.1.1",
"glob": "^11.1.0",
"globals": "^17.3.0",
"globals": "^17.4.0",
"nock": "^14.0.11",
"sinon": "^21.0.1",
"sinon": "^21.0.2",
"typescript": "^5.9.3",
"typescript-eslint": "^8.56.1"
},
pr-checks/checks/all-platform-bundle.yml
+6 -2
View File
@@ -1,7 +1,11 @@
name: "All-platform bundle"
description: "Tests using an all-platform CodeQL Bundle"
operatingSystems: ["ubuntu", "macos", "windows"]
versions: ["nightly-latest"]
operatingSystems:
- ubuntu
- macos
- windows
versions:
- nightly-latest
useAllPlatformBundle: "true"
installGo: true
installDotNet: true
pr-checks/checks/analysis-kinds.yml
+8 -2
View File
@@ -1,7 +1,13 @@
name: "Analysis kinds"
description: "Tests basic functionality for different `analysis-kinds` inputs."
versions: ["linked", "nightly-latest"]
analysisKinds: ["code-scanning", "code-quality", "code-scanning,code-quality", "risk-assessment"]
versions:
- linked
- nightly-latest
analysisKinds:
- code-scanning
- code-quality
- code-scanning,code-quality
- risk-assessment
env:
CODEQL_ACTION_RISK_ASSESSMENT_ID: 1
CHECK_SCRIPT: |
pr-checks/checks/analyze-ref-input.yml
+2 -2
View File
@@ -1,8 +1,8 @@
name: "Analyze: 'ref' and 'sha' from inputs"
description: "Checks that specifying 'ref' and 'sha' as inputs works"
versions: ["default"]
versions:
- default
installGo: true
installPython: true
installDotNet: true
steps:
- uses: ./../action/init
pr-checks/checks/autobuild-action.yml
+6 -2
View File
@@ -1,7 +1,11 @@
name: "autobuild-action"
description: "Tests that the C# autobuild action works"
operatingSystems: ["ubuntu", "macos", "windows"]
versions: ["linked"]
operatingSystems:
- ubuntu
- macos
- windows
versions:
- linked
installDotNet: true
steps:
- uses: ./../action/init
pr-checks/checks/autobuild-direct-tracing-with-working-dir.yml
+6 -2
View File
@@ -3,8 +3,12 @@ description: >
An end-to-end integration test of a Java repository built using 'build-mode: autobuild',
with direct tracing enabled and a custom working directory specified as the input to the
autobuild Action.
operatingSystems: ["ubuntu", "windows"]
versions: ["linked", "nightly-latest"]
operatingSystems:
- ubuntu
- windows
versions:
- linked
- nightly-latest
installJava: true
env:
CODEQL_ACTION_AUTOBUILD_BUILD_MODE_DIRECT_TRACING: true
pr-checks/checks/autobuild-working-dir.yml
+2 -1
View File
@@ -1,6 +1,7 @@
name: "Autobuild working directory"
description: "Tests working-directory input of autobuild action"
versions: ["linked"]
versions:
- linked
steps:
- name: Test setup
run: |
pr-checks/checks/build-mode-autobuild.yml
+6 -2
View File
@@ -1,7 +1,11 @@
name: "Build mode autobuild"
description: "An end-to-end integration test of a Java repository built using 'build-mode: autobuild'"
operatingSystems: ["ubuntu", "windows"]
versions: ["linked", "nightly-latest"]
operatingSystems:
- ubuntu
- windows
versions:
- linked
- nightly-latest
installJava: true
installYq: true
steps:
pr-checks/checks/build-mode-manual.yml
+2 -1
View File
@@ -1,6 +1,7 @@
name: "Build mode manual"
description: "An end-to-end integration test of a Java repository built using 'build-mode: manual'"
versions: ["nightly-latest"]
versions:
- nightly-latest
installGo: true
installDotNet: true
steps:
pr-checks/checks/build-mode-none.yml
+3 -1
View File
@@ -1,6 +1,8 @@
name: "Build mode none"
description: "An end-to-end integration test of a Java repository built using 'build-mode: none'"
versions: ["linked", "nightly-latest"]
versions:
- linked
- nightly-latest
steps:
- uses: ./../action/init
id: init
pr-checks/checks/build-mode-rollback.yml
+2 -1
View File
@@ -1,6 +1,7 @@
name: "Build mode rollback"
description: "The build mode is rolled back from none to autobuild when the relevant feature flag is enabled."
versions: ["nightly-latest"]
versions:
- nightly-latest
env:
CODEQL_ACTION_DISABLE_JAVA_BUILDLESS: true
steps:
pr-checks/checks/bundle-toolcache.yml
+1 -1
View File
@@ -3,8 +3,8 @@ description: "The CodeQL bundle should be cached within the toolcache"
versions:
- linked
operatingSystems:
- macos
- ubuntu
- macos
- windows
steps:
- name: Remove CodeQL from toolcache
pr-checks/checks/bundle-zstd.yml
+1 -1
View File
@@ -3,8 +3,8 @@ description: "A Zstandard CodeQL bundle should be extracted on supported operati
versions:
- linked
operatingSystems:
- macos
- ubuntu
- macos
- windows
steps:
- name: Remove CodeQL from toolcache
pr-checks/checks/cleanup-db-cluster-dir.yml
+2 -1
View File
@@ -1,6 +1,7 @@
name: "Clean up database cluster directory"
description: "The database cluster directory is cleaned up if it is not empty."
versions: ["linked"]
versions:
- linked
steps:
- name: Add a file to the database cluster directory
run: |
pr-checks/checks/config-export.yml
+3 -1
View File
@@ -1,6 +1,8 @@
name: "Config export"
description: "Tests that the code scanning configuration file is exported to SARIF correctly."
versions: ["linked", "nightly-latest"]
versions:
- linked
- nightly-latest
steps:
- uses: ./../action/init
with:
pr-checks/checks/config-input.yml
+2 -1
View File
@@ -1,7 +1,8 @@
name: "Config input"
description: "Tests specifying configuration using the config input"
installNode: true
versions: ["linked"]
versions:
- linked
steps:
- name: Copy queries into workspace
run: |
pr-checks/checks/cpp-deptrace-disabled.yml
+4 -1
View File
@@ -1,6 +1,9 @@
name: "C/C++: disabling autoinstalling dependencies (Linux)"
description: "Checks that running C/C++ autobuild with autoinstalling dependencies explicitly disabled works"
versions: ["linked", "default", "nightly-latest"]
versions:
- linked
- default
- nightly-latest
env:
DOTNET_GENERATE_ASPNET_CERTIFICATE: "false"
steps:
pr-checks/checks/cpp-deptrace-enabled-on-macos.yml
+5 -2
View File
@@ -1,7 +1,10 @@
name: "C/C++: autoinstalling dependencies is skipped (macOS)"
description: "Checks that running C/C++ autobuild with autoinstalling dependencies explicitly enabled is a no-op on macOS"
operatingSystems: ["macos"]
versions: ["linked", "nightly-latest"]
operatingSystems:
- macos
versions:
- linked
- nightly-latest
env:
DOTNET_GENERATE_ASPNET_CERTIFICATE: "false"
steps:
pr-checks/checks/cpp-deptrace-enabled.yml
+4 -1
View File
@@ -1,6 +1,9 @@
name: "C/C++: autoinstalling dependencies (Linux)"
description: "Checks that running C/C++ autobuild with autoinstalling dependencies works"
versions: ["linked", "default", "nightly-latest"]
versions:
- linked
- default
- nightly-latest
env:
DOTNET_GENERATE_ASPNET_CERTIFICATE: "false"
steps:
pr-checks/checks/diagnostics-export.yml
+3 -1
View File
@@ -1,6 +1,8 @@
name: "Diagnostic export"
description: "Tests that manually added diagnostics are correctly exported to SARIF."
versions: ["linked", "nightly-latest"]
versions:
- linked
- nightly-latest
env:
CODEQL_ACTION_EXPORT_DIAGNOSTICS: true
steps:
pr-checks/checks/export-file-baseline-information.yml
+6 -2
View File
@@ -1,7 +1,11 @@
name: "Export file baseline information"
description: "Tests that file baseline information is exported when the feature is enabled"
operatingSystems: ["ubuntu", "macos", "windows"]
versions: ["nightly-latest"]
operatingSystems:
- ubuntu
- macos
- windows
versions:
- nightly-latest
installGo: true
installDotNet: true
env:
pr-checks/checks/extractor-ram-threads.yml
+2 -1
View File
@@ -1,6 +1,7 @@
name: "Extractor ram and threads options test"
description: "Tests passing RAM and threads limits to extractors"
versions: ["linked"]
versions:
- linked
steps:
- uses: ./../action/init
with:
pr-checks/checks/global-proxy.yml
+3 -1
View File
@@ -1,6 +1,8 @@
name: "Proxy test"
description: "Tests using a proxy specified by the https_proxy environment variable"
versions: ["linked", "nightly-latest"]
versions:
- linked
- nightly-latest
container:
image: ubuntu:22.04
services:
pr-checks/checks/go-indirect-tracing-workaround-diagnostic.yml
+2 -1
View File
@@ -2,7 +2,8 @@ name: "Go: diagnostic when Go is changed after init step"
description: "Checks that we emit a diagnostic if Go is changed after the init step"
# only Linux is affected
# pinned to a version which does not support statically linked binaries for indirect tracing
versions: ["default"]
versions:
- default
installGo: true
collection: go
steps:
pr-checks/checks/go-indirect-tracing-workaround-no-file-program.yml
+2 -1
View File
@@ -2,7 +2,8 @@ name: "Go: diagnostic when `file` is not installed"
description: "Checks that we emit a diagnostic if the `file` program is not installed"
# only Linux is affected
# pinned to a version which does not support statically linked binaries for indirect tracing
versions: ["default"]
versions:
- default
installGo: true
collection: go
steps:
pr-checks/checks/go-indirect-tracing-workaround.yml
+2 -1
View File
@@ -2,7 +2,8 @@ name: "Go: workaround for indirect tracing"
description: "Checks that our workaround for indirect tracing for Go 1.21+ on Linux works"
# only Linux is affected
# pinned to a version which does not support statically linked binaries for indirect tracing
versions: ["default"]
versions:
- default
installGo: true
collection: go
steps:
pr-checks/checks/go-tracing-autobuilder.yml
+7 -1
View File
@@ -1,7 +1,13 @@
name: "Go: tracing with autobuilder step"
description: "Checks that Go tracing works when using an autobuilder step"
collection: go
operatingSystems: ["ubuntu", "macos"]
operatingSystems:
- ubuntu
- macos
osCodeQlVersions:
macos:
- linked
- nightly-latest
env:
DOTNET_GENERATE_ASPNET_CERTIFICATE: "false"
installGo: true
pr-checks/checks/go-tracing-custom-build-steps.yml
+7 -1
View File
@@ -1,7 +1,13 @@
name: "Go: tracing with custom build steps"
description: "Checks that Go tracing traces the build when using custom build steps"
collection: go
operatingSystems: ["ubuntu", "macos"]
operatingSystems:
- ubuntu
- macos
osCodeQlVersions:
macos:
- linked
- nightly-latest
installGo: true
steps:
- uses: ./../action/init
pr-checks/checks/go-tracing-legacy-workflow.yml
+7 -1
View File
@@ -1,7 +1,13 @@
name: "Go: tracing with legacy workflow"
description: "Checks that we run the autobuilder in legacy workflows with neither an autobuild step nor manual build steps"
collection: go
operatingSystems: ["ubuntu", "macos"]
operatingSystems:
- ubuntu
- macos
osCodeQlVersions:
macos:
- linked
- nightly-latest
env:
DOTNET_GENERATE_ASPNET_CERTIFICATE: "false"
installGo: true
pr-checks/checks/init-with-registries.yml
+5 -6
View File
@@ -4,12 +4,11 @@
# basic mechanics of multi-registry auth is working.
name: "Packaging: Download using registries"
description: "Checks that specifying a registries block and associated auth works as expected"
versions: [
# This feature is not compatible with older CLIs
"default",
"linked",
"nightly-latest",
]
versions:
# This feature is not compatible with older CLIs
- default
- linked
- nightly-latest
permissions:
contents: read
pr-checks/checks/javascript-source-root.yml
+5 -1
View File
@@ -1,6 +1,10 @@
name: "Custom source root"
description: "Checks that the argument specifying a non-default source root works"
versions: ["linked", "default", "nightly-latest"] # This feature is not compatible with old CLIs
# This feature is not compatible with old CLIs
versions:
- linked
- default
- nightly-latest
steps:
- name: Move codeql-action
run: |
pr-checks/checks/job-run-uuid-sarif.yml
+2 -1
View File
@@ -1,6 +1,7 @@
name: "Job run UUID added to SARIF"
description: "Tests that the job run UUID is added to the SARIF output"
versions: ["nightly-latest"]
versions:
- nightly-latest
steps:
- uses: ./../action/init
id: init
pr-checks/checks/language-aliases.yml
+2 -1
View File
@@ -1,6 +1,7 @@
name: "Language aliases"
description: "Tests that language aliases are resolved correctly"
versions: ["linked"]
versions:
- linked
steps:
- uses: ./../action/init
with:
pr-checks/checks/local-bundle.yml
+2 -2
View File
@@ -1,8 +1,8 @@
name: "Local CodeQL bundle"
description: "Tests using a CodeQL bundle from a local file rather than a URL"
versions: ["linked"]
versions:
- linked
installGo: true
installPython: true
installDotNet: true
steps:
- name: Fetch latest CodeQL bundle
pr-checks/checks/multi-language-autodetect.yml
+12 -3
View File
@@ -1,12 +1,21 @@
name: "Multi-language repository"
description: "An end-to-end integration test of a multi-language repository using automatic language detection for macOS"
operatingSystems: ["macos", "ubuntu"]
description: "An end-to-end integration test of a multi-language repository using automatic language detection"
operatingSystems:
- ubuntu
- macos
env:
CODEQL_ACTION_RESOLVE_SUPPORTED_LANGUAGES_USING_CLI: true
installGo: true
installPython: true
installDotNet: true
steps:
- name: Install Python 3.13 for older CLI versions
# We need Python 3.13 for older CLI versions because they are not compatible with Python 3.14 or newer.
# See https://github.com/github/codeql-action/pull/3212
if: matrix.version != 'nightly-latest' && matrix.version != 'linked'
uses: actions/setup-python@v6
with:
python-version: "3.13"
- name: Use Xcode 16
if: runner.os == 'macOS' && matrix.version != 'nightly-latest'
run: sudo xcode-select -s "/Applications/Xcode_16.app"
pr-checks/checks/overlay-init-fallback.yml
+3 -1
View File
@@ -1,6 +1,8 @@
name: "Overlay database init fallback"
description: "Tests that overlay init action succeeds with non-overlay packs"
versions: ["linked", "nightly-latest"]
versions:
- linked
- nightly-latest
steps:
- uses: ./../action/init
with:
pr-checks/checks/packaging-codescanning-config-inputs-js.yml
+5 -2
View File
@@ -1,9 +1,12 @@
name: "Packaging: Config and input passed to the CLI"
description: "Checks that specifying packages using a combination of a config file and input to the Action works"
versions: ["linked", "default", "nightly-latest"] # This feature is not compatible with old CLIs
# This feature is not compatible with old CLIs
versions:
- linked
- default
- nightly-latest
installGo: true
installNode: true
installPython: true
installDotNet: true
steps:
- uses: ./../action/init
pr-checks/checks/packaging-config-inputs-js.yml
+5 -1
View File
@@ -1,6 +1,10 @@
name: "Packaging: Config and input"
description: "Checks that specifying packages using a combination of a config file and input to the Action works"
versions: ["linked", "default", "nightly-latest"] # This feature is not compatible with old CLIs
# This feature is not compatible with old CLIs
versions:
- linked
- default
- nightly-latest
installGo: true
installNode: true
installDotNet: true
pr-checks/checks/packaging-config-js.yml
+5 -1
View File
@@ -1,6 +1,10 @@
name: "Packaging: Config file"
description: "Checks that specifying packages using only a config file works"
versions: ["linked", "default", "nightly-latest"] # This feature is not compatible with old CLIs
# This feature is not compatible with old CLIs
versions:
- linked
- default
- nightly-latest
installGo: true
installNode: true
installDotNet: true
pr-checks/checks/packaging-inputs-js.yml
+5 -1
View File
@@ -1,6 +1,10 @@
name: "Packaging: Action input"
description: "Checks that specifying packages using the input to the Action works"
versions: ["linked", "default", "nightly-latest"] # This feature is not compatible with old CLIs
# This feature is not compatible with old CLIs
versions:
- linked
- default
- nightly-latest
installGo: true
installNode: true
installDotNet: true
pr-checks/checks/remote-config.yml
-1
View File
@@ -6,7 +6,6 @@ versions:
- linked
- nightly-latest
installGo: true
installPython: true
installDotNet: true
steps:
- uses: ./../action/init
pr-checks/checks/resolve-environment-action.yml
+4 -1
View File
@@ -1,6 +1,9 @@
name: "Resolve environment"
description: "Tests that the resolve-environment action works for Go and JavaScript/TypeScript"
versions: ["default", "linked", "nightly-latest"]
versions:
- linked
- default
- nightly-latest
steps:
- uses: ./../action/init
with:
pr-checks/checks/rubocop-multi-language.yml
+2 -1
View File
@@ -1,7 +1,8 @@
name: "RuboCop multi-language"
description: "Tests using RuboCop to analyze a multi-language repository and then using the CodeQL Action to upload the resulting SARIF"
# This check doesn't use CodeQL, so the `version` matrix variable is unused.
versions: ["default"]
versions:
- default
steps:
- name: Set up Ruby
uses: ruby/setup-ruby@09a7688d3b55cf0e976497ff046b70949eeaccfd # v1.288.0
pr-checks/checks/ruby.yml
+7 -2
View File
@@ -1,7 +1,12 @@
name: "Ruby analysis"
description: "Tests creation of a Ruby database"
versions: ["linked", "default", "nightly-latest"]
operatingSystems: ["ubuntu", "macos"]
versions:
- linked
- default
- nightly-latest
operatingSystems:
- ubuntu
- macos
steps:
- uses: ./../action/init
with:
pr-checks/checks/split-workflow.yml
+8 -2
View File
@@ -1,7 +1,13 @@
name: "Split workflow"
description: "Tests a split-up workflow in which we first build a database and later analyze it"
operatingSystems: ["ubuntu", "macos"]
versions: ["linked", "default", "nightly-latest"] # This feature is not compatible with old CLIs
operatingSystems:
- ubuntu
- macos
# This feature is not compatible with old CLIs
versions:
- linked
- default
- nightly-latest
installGo: true
installDotNet: true
steps:
pr-checks/checks/start-proxy.yml
+6 -2
View File
@@ -1,7 +1,11 @@
name: "Start proxy"
description: "Tests that the proxy can be initialised on all platforms"
operatingSystems: ["ubuntu", "macos", "windows"]
versions: ["linked"]
operatingSystems:
- ubuntu
- macos
- windows
versions:
- linked
steps:
- uses: ./../action/init
with:
pr-checks/checks/submit-sarif-failure.yml
+4 -1
View File
@@ -1,6 +1,9 @@
name: Submit SARIF after failure
description: Check that a SARIF file is submitted for the workflow run if it fails
versions: ["linked", "default", "nightly-latest"]
versions:
- linked
- default
- nightly-latest
env:
# Internal-only environment variable used to indicate that the post-init Action
pr-checks/checks/swift-autobuild.yml
+4 -2
View File
@@ -1,7 +1,9 @@
name: "Swift analysis using autobuild"
description: "Tests creation of a Swift database using autobuild"
versions: ["nightly-latest"]
operatingSystems: ["macos"]
versions:
- nightly-latest
operatingSystems:
- macos
steps:
- uses: ./../action/init
id: init
pr-checks/checks/swift-custom-build.yml
+6 -2
View File
@@ -1,7 +1,11 @@
name: "Swift analysis using a custom build command"
description: "Tests creation of a Swift database using custom build"
versions: ["linked", "default", "nightly-latest"]
operatingSystems: ["macos"]
versions:
- linked
- default
- nightly-latest
operatingSystems:
- macos
installGo: true
installDotNet: true
env:

Some files were not shown because too many files have changed in this diff Show More