From 7b7f47d02c136c198dc14e8cdd6dc2aabac84e26 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 26 Sep 2025 15:52:33 +0100 Subject: [PATCH] Check that file doesn't belong to other analysis in `getSarifFilePaths` --- lib/analyze-action.js | 20 ++++++++------- lib/init-action-post.js | 20 ++++++++------- lib/upload-lib.js | 52 +++++++++++++++++++++++++------------- lib/upload-sarif-action.js | 16 ++++++++---- src/upload-lib.ts | 14 ++++------ src/upload-sarif.ts | 2 +- 6 files changed, 74 insertions(+), 50 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 83ab73590..facabe1f7 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -90177,6 +90177,12 @@ var CodeQuality = { sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension), sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_" }; +var Analyses = [CodeScanning, CodeQuality]; +function isOtherAnalysisSarif(current, filepath) { + return Analyses.some( + (config) => config.kind !== current && config.sarifPredicate(filepath) + ); +} // src/analyze.ts var fs15 = __toESM(require("fs")); @@ -95568,11 +95574,11 @@ function findSarifFilesInDir(sarifPath, isSarif) { walkSarifFiles(sarifPath); return sarifFiles; } -function getSarifFilePaths(sarifPath, isSarif, pathStats) { - let sarifFiles; +function getSarifFilePaths(sarifPath, analysis, pathStats) { + let sarifFiles = []; if (pathStats.isDirectory()) { - sarifFiles = findSarifFilesInDir(sarifPath, isSarif); - } else { + sarifFiles = findSarifFilesInDir(sarifPath, analysis.sarifPredicate); + } else if (!isOtherAnalysisSarif(analysis.kind, sarifPath)) { sarifFiles = [sarifPath]; } return sarifFiles; @@ -95677,11 +95683,7 @@ async function uploadFiles(inputSarifPath, checkoutPath, category, features, log if (pathStats === void 0) { throw new ConfigurationError(`Path does not exist: ${inputSarifPath}`); } - const sarifPaths = getSarifFilePaths( - inputSarifPath, - uploadTarget.sarifPredicate, - pathStats - ); + const sarifPaths = getSarifFilePaths(inputSarifPath, uploadTarget, pathStats); if (sarifPaths.length === 0) { throw new ConfigurationError( `No SARIF files found to upload in "${inputSarifPath}".` diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 08dcb8148..cf2731032 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -128817,6 +128817,12 @@ var CodeQuality = { sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension), sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_" }; +var Analyses = [CodeScanning, CodeQuality]; +function isOtherAnalysisSarif(current, filepath) { + return Analyses.some( + (config) => config.kind !== current && config.sarifPredicate(filepath) + ); +} // src/caching-utils.ts var core6 = __toESM(require_core()); @@ -133002,11 +133008,11 @@ function findSarifFilesInDir(sarifPath, isSarif) { walkSarifFiles(sarifPath); return sarifFiles; } -function getSarifFilePaths(sarifPath, isSarif, pathStats) { - let sarifFiles; +function getSarifFilePaths(sarifPath, analysis, pathStats) { + let sarifFiles = []; if (pathStats.isDirectory()) { - sarifFiles = findSarifFilesInDir(sarifPath, isSarif); - } else { + sarifFiles = findSarifFilesInDir(sarifPath, analysis.sarifPredicate); + } else if (!isOtherAnalysisSarif(analysis.kind, sarifPath)) { sarifFiles = [sarifPath]; } return sarifFiles; @@ -133111,11 +133117,7 @@ async function uploadFiles(inputSarifPath, checkoutPath, category, features, log if (pathStats === void 0) { throw new ConfigurationError(`Path does not exist: ${inputSarifPath}`); } - const sarifPaths = getSarifFilePaths( - inputSarifPath, - uploadTarget.sarifPredicate, - pathStats - ); + const sarifPaths = getSarifFilePaths(inputSarifPath, uploadTarget, pathStats); if (sarifPaths.length === 0) { throw new ConfigurationError( `No SARIF files found to upload in "${inputSarifPath}".` diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 1686c4f8d..e6354de85 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -88530,6 +88530,36 @@ async function runTool(cmd, args = [], opts = {}) { return stdout; } +// src/analyses.ts +var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { + AnalysisKind2["CodeScanning"] = "code-scanning"; + AnalysisKind2["CodeQuality"] = "code-quality"; + return AnalysisKind2; +})(AnalysisKind || {}); +var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); +var CodeScanning = { + kind: "code-scanning" /* CodeScanning */, + name: "code scanning", + target: "PUT /repos/:owner/:repo/code-scanning/analysis" /* CODE_SCANNING */, + sarifExtension: ".sarif", + sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name), + sentinelPrefix: "CODEQL_UPLOAD_SARIF_" +}; +var CodeQuality = { + kind: "code-quality" /* CodeQuality */, + name: "code quality", + target: "PUT /repos/:owner/:repo/code-quality/analysis" /* CODE_QUALITY */, + sarifExtension: ".quality.sarif", + sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension), + sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_" +}; +var Analyses = [CodeScanning, CodeQuality]; +function isOtherAnalysisSarif(current, filepath) { + return Analyses.some( + (config) => config.kind !== current && config.sarifPredicate(filepath) + ); +} + // src/api-client.ts var core5 = __toESM(require_core()); var githubUtils = __toESM(require_utils4()); @@ -88921,14 +88951,6 @@ function wrapCliConfigurationError(cliError) { var fs7 = __toESM(require("fs")); var path9 = __toESM(require("path")); -// src/analyses.ts -var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => { - AnalysisKind2["CodeScanning"] = "code-scanning"; - AnalysisKind2["CodeQuality"] = "code-quality"; - return AnalysisKind2; -})(AnalysisKind || {}); -var supportedAnalysisKinds = new Set(Object.values(AnalysisKind)); - // src/caching-utils.ts var core6 = __toESM(require_core()); @@ -92374,11 +92396,11 @@ function findSarifFilesInDir(sarifPath, isSarif) { walkSarifFiles(sarifPath); return sarifFiles; } -function getSarifFilePaths(sarifPath, isSarif, pathStats) { - let sarifFiles; +function getSarifFilePaths(sarifPath, analysis, pathStats) { + let sarifFiles = []; if (pathStats.isDirectory()) { - sarifFiles = findSarifFilesInDir(sarifPath, isSarif); - } else { + sarifFiles = findSarifFilesInDir(sarifPath, analysis.sarifPredicate); + } else if (!isOtherAnalysisSarif(analysis.kind, sarifPath)) { sarifFiles = [sarifPath]; } return sarifFiles; @@ -92483,11 +92505,7 @@ async function uploadFiles(inputSarifPath, checkoutPath, category, features, log if (pathStats === void 0) { throw new ConfigurationError(`Path does not exist: ${inputSarifPath}`); } - const sarifPaths = getSarifFilePaths( - inputSarifPath, - uploadTarget.sarifPredicate, - pathStats - ); + const sarifPaths = getSarifFilePaths(inputSarifPath, uploadTarget, pathStats); if (sarifPaths.length === 0) { throw new ConfigurationError( `No SARIF files found to upload in "${inputSarifPath}".` diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 7232c358c..6606e1037 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -88781,6 +88781,12 @@ var CodeQuality = { sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension), sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_" }; +var Analyses = [CodeScanning, CodeQuality]; +function isOtherAnalysisSarif(current, filepath) { + return Analyses.some( + (config) => config.kind !== current && config.sarifPredicate(filepath) + ); +} // src/api-client.ts var core5 = __toESM(require_core()); @@ -93075,11 +93081,11 @@ function findSarifFilesInDir(sarifPath, isSarif) { walkSarifFiles(sarifPath); return sarifFiles; } -function getSarifFilePaths(sarifPath, isSarif, pathStats) { - let sarifFiles; +function getSarifFilePaths(sarifPath, analysis, pathStats) { + let sarifFiles = []; if (pathStats.isDirectory()) { - sarifFiles = findSarifFilesInDir(sarifPath, isSarif); - } else { + sarifFiles = findSarifFilesInDir(sarifPath, analysis.sarifPredicate); + } else if (!isOtherAnalysisSarif(analysis.kind, sarifPath)) { sarifFiles = [sarifPath]; } return sarifFiles; @@ -93430,7 +93436,7 @@ var core13 = __toESM(require_core()); async function findAndUpload(logger, features, sarifPath, pathStats, checkoutPath, analysis, category) { const sarifFiles = getSarifFilePaths( sarifPath, - analysis.sarifPredicate, + analysis, pathStats ); if (sarifFiles.length !== 0) { diff --git a/src/upload-lib.ts b/src/upload-lib.ts index db19a260d..8bf8deb6e 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -437,13 +437,13 @@ export function findSarifFilesInDir( export function getSarifFilePaths( sarifPath: string, - isSarif: (name: string) => boolean, + analysis: analyses.AnalysisConfig, pathStats: fs.Stats, ) { - let sarifFiles: string[]; + let sarifFiles: string[] = []; if (pathStats.isDirectory()) { - sarifFiles = findSarifFilesInDir(sarifPath, isSarif); - } else { + sarifFiles = findSarifFilesInDir(sarifPath, analysis.sarifPredicate); + } else if (!analyses.isOtherAnalysisSarif(analysis.kind, sarifPath)) { sarifFiles = [sarifPath]; } return sarifFiles; @@ -620,11 +620,7 @@ export async function uploadFiles( throw new ConfigurationError(`Path does not exist: ${inputSarifPath}`); } - const sarifPaths = getSarifFilePaths( - inputSarifPath, - uploadTarget.sarifPredicate, - pathStats, - ); + const sarifPaths = getSarifFilePaths(inputSarifPath, uploadTarget, pathStats); if (sarifPaths.length === 0) { // This is always a configuration error, even for first-party runs. diff --git a/src/upload-sarif.ts b/src/upload-sarif.ts index e0ac38def..368ae69ed 100644 --- a/src/upload-sarif.ts +++ b/src/upload-sarif.ts @@ -32,7 +32,7 @@ export async function findAndUpload( ): Promise { const sarifFiles: string[] | undefined = upload_lib.getSarifFilePaths( sarifPath, - analysis.sarifPredicate, + analysis, pathStats, );