diff --git a/.github/workflows/__analysis-kinds.yml b/.github/workflows/__analysis-kinds.yml index 94b8877c7..1e43775ff 100644 --- a/.github/workflows/__analysis-kinds.yml +++ b/.github/workflows/__analysis-kinds.yml @@ -92,7 +92,7 @@ jobs: post-processed-sarif-path: '${{ runner.temp }}/post-processed' - name: Upload SARIF files - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: | analysis-kinds-${{ matrix.os }}-${{ matrix.version }}-${{ matrix.analysis-kinds }} @@ -100,7 +100,7 @@ jobs: retention-days: 7 - name: Upload post-processed SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: | post-processed-${{ matrix.os }}-${{ matrix.version }}-${{ matrix.analysis-kinds }} diff --git a/.github/workflows/__analyze-ref-input.yml b/.github/workflows/__analyze-ref-input.yml index 66988ce3a..9ad6c3ec7 100644 --- a/.github/workflows/__analyze-ref-input.yml +++ b/.github/workflows/__analyze-ref-input.yml @@ -35,11 +35,6 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' workflow_call: inputs: dotnet-version: @@ -52,17 +47,12 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' defaults: run: shell: bash concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' || false }} - group: analyze-ref-input-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}-${{inputs.python-version}} + group: analyze-ref-input-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}} jobs: analyze-ref-input: strategy: @@ -90,11 +80,6 @@ jobs: with: go-version: ${{ inputs.go-version || '>=1.21.0' }} cache: false - - name: Install Python - if: matrix.version != 'nightly-latest' || !matrix.version - uses: actions/setup-python@v6 - with: - python-version: ${{ inputs.python-version || '3.13' }} - name: Prepare test id: prepare-test uses: ./.github/actions/prepare-test diff --git a/.github/workflows/__bundle-zstd.yml b/.github/workflows/__bundle-zstd.yml index d1ddf108f..ede1e320c 100644 --- a/.github/workflows/__bundle-zstd.yml +++ b/.github/workflows/__bundle-zstd.yml @@ -82,7 +82,7 @@ jobs: output: ${{ runner.temp }}/results upload-database: false - name: Upload SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: ${{ matrix.os }}-zstd-bundle.sarif path: ${{ runner.temp }}/results/javascript.sarif diff --git a/.github/workflows/__config-export.yml b/.github/workflows/__config-export.yml index dce3fc85d..24549dd18 100644 --- a/.github/workflows/__config-export.yml +++ b/.github/workflows/__config-export.yml @@ -70,7 +70,7 @@ jobs: output: '${{ runner.temp }}/results' upload-database: false - name: Upload SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: config-export-${{ matrix.os }}-${{ matrix.version }}.sarif.json path: '${{ runner.temp }}/results/javascript.sarif' diff --git a/.github/workflows/__diagnostics-export.yml b/.github/workflows/__diagnostics-export.yml index c18641694..bdf6b0aee 100644 --- a/.github/workflows/__diagnostics-export.yml +++ b/.github/workflows/__diagnostics-export.yml @@ -81,7 +81,7 @@ jobs: output: '${{ runner.temp }}/results' upload-database: false - name: Upload SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: diagnostics-export-${{ matrix.os }}-${{ matrix.version }}.sarif.json path: '${{ runner.temp }}/results/javascript.sarif' diff --git a/.github/workflows/__export-file-baseline-information.yml b/.github/workflows/__export-file-baseline-information.yml index e07009774..359461007 100644 --- a/.github/workflows/__export-file-baseline-information.yml +++ b/.github/workflows/__export-file-baseline-information.yml @@ -102,7 +102,7 @@ jobs: with: output: '${{ runner.temp }}/results' - name: Upload SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: with-baseline-information-${{ matrix.os }}-${{ matrix.version }}.sarif.json path: '${{ runner.temp }}/results/javascript.sarif' diff --git a/.github/workflows/__job-run-uuid-sarif.yml b/.github/workflows/__job-run-uuid-sarif.yml index 3e48afbb1..a10ccd1d1 100644 --- a/.github/workflows/__job-run-uuid-sarif.yml +++ b/.github/workflows/__job-run-uuid-sarif.yml @@ -67,7 +67,7 @@ jobs: with: output: '${{ runner.temp }}/results' - name: Upload SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: ${{ matrix.os }}-${{ matrix.version }}.sarif.json path: '${{ runner.temp }}/results/javascript.sarif' diff --git a/.github/workflows/__local-bundle.yml b/.github/workflows/__local-bundle.yml index 47975dbd5..50eb33349 100644 --- a/.github/workflows/__local-bundle.yml +++ b/.github/workflows/__local-bundle.yml @@ -35,11 +35,6 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' workflow_call: inputs: dotnet-version: @@ -52,17 +47,12 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' defaults: run: shell: bash concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' || false }} - group: local-bundle-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}-${{inputs.python-version}} + group: local-bundle-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}} jobs: local-bundle: strategy: @@ -90,11 +80,6 @@ jobs: with: go-version: ${{ inputs.go-version || '>=1.21.0' }} cache: false - - name: Install Python - if: matrix.version != 'nightly-latest' || !matrix.version - uses: actions/setup-python@v6 - with: - python-version: ${{ inputs.python-version || '3.13' }} - name: Prepare test id: prepare-test uses: ./.github/actions/prepare-test diff --git a/.github/workflows/__packaging-codescanning-config-inputs-js.yml b/.github/workflows/__packaging-codescanning-config-inputs-js.yml index cd97dd80c..94280eeed 100644 --- a/.github/workflows/__packaging-codescanning-config-inputs-js.yml +++ b/.github/workflows/__packaging-codescanning-config-inputs-js.yml @@ -35,11 +35,6 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' workflow_call: inputs: dotnet-version: @@ -52,17 +47,12 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' defaults: run: shell: bash concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' || false }} - group: packaging-codescanning-config-inputs-js-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}-${{inputs.python-version}} + group: packaging-codescanning-config-inputs-js-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}} jobs: packaging-codescanning-config-inputs-js: strategy: @@ -101,11 +91,6 @@ jobs: cache: npm - name: Install dependencies run: npm ci - - name: Install Python - if: matrix.version != 'nightly-latest' || !matrix.version - uses: actions/setup-python@v6 - with: - python-version: ${{ inputs.python-version || '3.13' }} - name: Prepare test id: prepare-test uses: ./.github/actions/prepare-test diff --git a/.github/workflows/__remote-config.yml b/.github/workflows/__remote-config.yml index 82cbee135..4302583d7 100644 --- a/.github/workflows/__remote-config.yml +++ b/.github/workflows/__remote-config.yml @@ -35,11 +35,6 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' workflow_call: inputs: dotnet-version: @@ -52,17 +47,12 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' defaults: run: shell: bash concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' || false }} - group: remote-config-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}-${{inputs.python-version}} + group: remote-config-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}} jobs: remote-config: strategy: @@ -92,11 +82,6 @@ jobs: with: go-version: ${{ inputs.go-version || '>=1.21.0' }} cache: false - - name: Install Python - if: matrix.version != 'nightly-latest' || !matrix.version - uses: actions/setup-python@v6 - with: - python-version: ${{ inputs.python-version || '3.13' }} - name: Prepare test id: prepare-test uses: ./.github/actions/prepare-test diff --git a/.github/workflows/__unset-environment.yml b/.github/workflows/__unset-environment.yml index e5189ca01..535362e83 100644 --- a/.github/workflows/__unset-environment.yml +++ b/.github/workflows/__unset-environment.yml @@ -35,11 +35,6 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' workflow_call: inputs: dotnet-version: @@ -52,17 +47,12 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' defaults: run: shell: bash concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' || false }} - group: unset-environment-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}-${{inputs.python-version}} + group: unset-environment-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}} jobs: unset-environment: strategy: @@ -92,11 +82,6 @@ jobs: with: go-version: ${{ inputs.go-version || '>=1.21.0' }} cache: false - - name: Install Python - if: matrix.version != 'nightly-latest' || !matrix.version - uses: actions/setup-python@v6 - with: - python-version: ${{ inputs.python-version || '3.13' }} - name: Prepare test id: prepare-test uses: ./.github/actions/prepare-test diff --git a/.github/workflows/__upload-ref-sha-input.yml b/.github/workflows/__upload-ref-sha-input.yml index f75b9f61f..4e9502149 100644 --- a/.github/workflows/__upload-ref-sha-input.yml +++ b/.github/workflows/__upload-ref-sha-input.yml @@ -35,11 +35,6 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' workflow_call: inputs: dotnet-version: @@ -52,17 +47,12 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' defaults: run: shell: bash concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' || false }} - group: upload-ref-sha-input-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}-${{inputs.python-version}} + group: upload-ref-sha-input-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}} jobs: upload-ref-sha-input: strategy: @@ -90,11 +80,6 @@ jobs: with: go-version: ${{ inputs.go-version || '>=1.21.0' }} cache: false - - name: Install Python - if: matrix.version != 'nightly-latest' || !matrix.version - uses: actions/setup-python@v6 - with: - python-version: ${{ inputs.python-version || '3.13' }} - name: Prepare test id: prepare-test uses: ./.github/actions/prepare-test diff --git a/.github/workflows/__upload-sarif.yml b/.github/workflows/__upload-sarif.yml index e017a2527..547828d07 100644 --- a/.github/workflows/__upload-sarif.yml +++ b/.github/workflows/__upload-sarif.yml @@ -35,11 +35,6 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' workflow_call: inputs: dotnet-version: @@ -52,17 +47,12 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' defaults: run: shell: bash concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' || false }} - group: upload-sarif-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}-${{inputs.python-version}} + group: upload-sarif-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}} jobs: upload-sarif: strategy: @@ -97,11 +87,6 @@ jobs: with: go-version: ${{ inputs.go-version || '>=1.21.0' }} cache: false - - name: Install Python - if: matrix.version != 'nightly-latest' || !matrix.version - uses: actions/setup-python@v6 - with: - python-version: ${{ inputs.python-version || '3.13' }} - name: Prepare test id: prepare-test uses: ./.github/actions/prepare-test diff --git a/.github/workflows/__with-checkout-path.yml b/.github/workflows/__with-checkout-path.yml index cfcfb077f..0d9728757 100644 --- a/.github/workflows/__with-checkout-path.yml +++ b/.github/workflows/__with-checkout-path.yml @@ -35,11 +35,6 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' workflow_call: inputs: dotnet-version: @@ -52,17 +47,12 @@ on: description: The version of Go to install required: false default: '>=1.21.0' - python-version: - type: string - description: The version of Python to install - required: false - default: '3.13' defaults: run: shell: bash concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' || false }} - group: with-checkout-path-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}}-${{inputs.python-version}} + group: with-checkout-path-${{github.ref}}-${{inputs.dotnet-version}}-${{inputs.go-version}} jobs: with-checkout-path: strategy: @@ -91,11 +81,6 @@ jobs: with: go-version: ${{ inputs.go-version || '>=1.21.0' }} cache: false - - name: Install Python - if: matrix.version != 'nightly-latest' || !matrix.version - uses: actions/setup-python@v6 - with: - python-version: ${{ inputs.python-version || '3.13' }} - name: Prepare test id: prepare-test uses: ./.github/actions/prepare-test diff --git a/.github/workflows/debug-artifacts-failure-safe.yml b/.github/workflows/debug-artifacts-failure-safe.yml index 6c456ea88..fdb028ca5 100644 --- a/.github/workflows/debug-artifacts-failure-safe.yml +++ b/.github/workflows/debug-artifacts-failure-safe.yml @@ -89,7 +89,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Download all artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 - name: Check expected artifacts exist run: | LANGUAGES="cpp csharp go java javascript python" diff --git a/.github/workflows/debug-artifacts-safe.yml b/.github/workflows/debug-artifacts-safe.yml index 7c1d8da64..dddc7ba44 100644 --- a/.github/workflows/debug-artifacts-safe.yml +++ b/.github/workflows/debug-artifacts-safe.yml @@ -83,7 +83,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Download all artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 - name: Check expected artifacts exist run: | VERSIONS="stable-v2.20.3 default linked nightly-latest" diff --git a/CHANGELOG.md b/CHANGELOG.md index 5ad77b2e1..6d6c8a15e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,12 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th ## [UNRELEASED] -No user facing changes. +- Fixed [a bug](https://github.com/github/codeql-action/issues/3555) which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. [#3557](https://github.com/github/codeql-action/pull/3557) +- The CodeQL Action now loads [custom repository properties](https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization) on GitHub Enterprise Server, enabling the customization of features such as `github-codeql-disable-overlay` that was previously only available on GitHub.com. [#3559](https://github.com/github/codeql-action/pull/3559) + +## 4.32.6 - 05 Mar 2026 + +- Update default CodeQL bundle version to [2.24.3](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3). [#3548](https://github.com/github/codeql-action/pull/3548) ## 4.32.5 - 02 Mar 2026 diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index b753e030e..454c2d9fb 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -162243,11 +162243,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 5a99e1d1f..78ce035ed 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -107350,8 +107350,8 @@ var path5 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.24.2"; -var cliVersion = "2.24.2"; +var bundleVersion = "codeql-bundle-v2.24.3"; +var cliVersion = "2.24.3"; // src/overlay/index.ts var fs3 = __toESM(require("fs")); @@ -107992,11 +107992,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 6a5998873..acd1b250e 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -103820,8 +103820,8 @@ var path3 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.24.2"; -var cliVersion = "2.24.2"; +var bundleVersion = "codeql-bundle-v2.24.3"; +var cliVersion = "2.24.3"; // src/overlay/index.ts var fs2 = __toESM(require("fs")); @@ -104292,11 +104292,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/lib/defaults.json b/lib/defaults.json index 94988f4cf..9b6ec84bd 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.24.2", - "cliVersion": "2.24.2", - "priorBundleVersion": "codeql-bundle-v2.24.1", - "priorCliVersion": "2.24.1" + "bundleVersion": "codeql-bundle-v2.24.3", + "cliVersion": "2.24.3", + "priorBundleVersion": "codeql-bundle-v2.24.2", + "priorCliVersion": "2.24.2" } diff --git a/lib/init-action-post.js b/lib/init-action-post.js index a24252700..6a89d40a2 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -165218,8 +165218,8 @@ var path5 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.24.2"; -var cliVersion = "2.24.2"; +var bundleVersion = "codeql-bundle-v2.24.3"; +var cliVersion = "2.24.3"; // src/overlay/index.ts var fs3 = __toESM(require("fs")); @@ -165729,11 +165729,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/lib/init-action.js b/lib/init-action.js index cc32ddc52..5d5a6fa59 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -100091,7 +100091,7 @@ var require_follow_redirects = __commonJS({ if (this._ending) { throw new WriteAfterEndError(); } - if (!isString(data) && !isBuffer(data)) { + if (!isString2(data) && !isBuffer(data)) { throw new TypeError("data should be a string, Buffer or Uint8Array"); } if (isFunction(encoding)) { @@ -100346,7 +100346,7 @@ var require_follow_redirects = __commonJS({ function request2(input, options, callback) { if (isURL(input)) { input = spreadUrlObject(input); - } else if (isString(input)) { + } else if (isString2(input)) { input = spreadUrlObject(parseUrl2(input)); } else { callback = options; @@ -100362,7 +100362,7 @@ var require_follow_redirects = __commonJS({ maxBodyLength: exports3.maxBodyLength }, input, options); options.nativeProtocols = nativeProtocols; - if (!isString(options.host) && !isString(options.hostname)) { + if (!isString2(options.host) && !isString2(options.hostname)) { options.hostname = "::1"; } assert.equal(options.protocol, protocol, "protocol mismatch"); @@ -100389,7 +100389,7 @@ var require_follow_redirects = __commonJS({ parsed = new URL2(input); } else { parsed = validateUrl(url.parse(input)); - if (!isString(parsed.protocol)) { + if (!isString2(parsed.protocol)) { throw new InvalidUrlError({ input }); } } @@ -100461,11 +100461,11 @@ var require_follow_redirects = __commonJS({ request2.destroy(error3); } function isSubdomain(subdomain, domain) { - assert(isString(subdomain) && isString(domain)); + assert(isString2(subdomain) && isString2(domain)); var dot = subdomain.length - domain.length - 1; return dot > 0 && subdomain[dot] === "." && subdomain.endsWith(domain); } - function isString(value) { + function isString2(value) { return typeof value === "string" || value instanceof String; } function isFunction(value) { @@ -104408,14 +104408,23 @@ var RepositoryPropertyName = /* @__PURE__ */ ((RepositoryPropertyName2) => { RepositoryPropertyName2["EXTRA_QUERIES"] = "github-codeql-extra-queries"; return RepositoryPropertyName2; })(RepositoryPropertyName || {}); -var repositoryPropertyParsers = { - ["github-codeql-disable-overlay" /* DISABLE_OVERLAY */]: parseBooleanRepositoryProperty, - ["github-codeql-extra-queries" /* EXTRA_QUERIES */]: parseStringRepositoryProperty +function isString(value) { + return typeof value === "string"; +} +var stringProperty = { + validate: isString, + parse: parseStringRepositoryProperty }; -async function loadPropertiesFromApi(gitHubVersion, logger, repositoryNwo) { - if (gitHubVersion.type === "GitHub Enterprise Server" /* GHES */) { - return {}; - } +var booleanProperty = { + // The value from the API should come as a string, which we then parse into a boolean. + validate: isString, + parse: parseBooleanRepositoryProperty +}; +var repositoryPropertyParsers = { + ["github-codeql-disable-overlay" /* DISABLE_OVERLAY */]: booleanProperty, + ["github-codeql-extra-queries" /* EXTRA_QUERIES */]: stringProperty +}; +async function loadPropertiesFromApi(logger, repositoryNwo) { try { const response = await getRepositoryProperties(repositoryNwo); const remoteProperties = response.data; @@ -104434,11 +104443,6 @@ async function loadPropertiesFromApi(gitHubVersion, logger, repositoryNwo) { `Expected repository property object to have a 'property_name', but got: ${JSON.stringify(property)}` ); } - if (typeof property.value !== "string") { - throw new Error( - `Expected repository property '${property.property_name}' to have a string value, but got: ${JSON.stringify(property)}` - ); - } if (isKnownPropertyName(property.property_name)) { setProperty2(properties, property.property_name, property.value, logger); } @@ -104463,7 +104467,14 @@ async function loadPropertiesFromApi(gitHubVersion, logger, repositoryNwo) { } } function setProperty2(properties, name, value, logger) { - properties[name] = repositoryPropertyParsers[name](name, value, logger); + const propertyOptions = repositoryPropertyParsers[name]; + if (propertyOptions.validate(value)) { + properties[name] = propertyOptions.parse(name, value, logger); + } else { + throw new Error( + `Unexpected value for repository property '${name}' (${typeof value}), got: ${JSON.stringify(value)}` + ); + } } function parseBooleanRepositoryProperty(name, value, logger) { if (value !== "true" && value !== "false") { @@ -104857,8 +104868,8 @@ var path6 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.24.2"; -var cliVersion = "2.24.2"; +var bundleVersion = "codeql-bundle-v2.24.3"; +var cliVersion = "2.24.3"; // src/overlay/index.ts var fs3 = __toESM(require("fs")); @@ -105538,11 +105549,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", @@ -106393,9 +106399,9 @@ var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = { rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */, swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */ }; -async function isOverlayAnalysisFeatureEnabled(features, codeql, languages, codeScanningConfig) { +async function checkOverlayAnalysisFeatureEnabled(features, codeql, languages, codeScanningConfig) { if (!await features.getValue("overlay_analysis" /* OverlayAnalysis */, codeql)) { - return false; + return new Failure("overall-feature-not-enabled" /* OverallFeatureNotEnabled */); } let enableForCodeScanningOnly = false; for (const language of languages) { @@ -106408,17 +106414,20 @@ async function isOverlayAnalysisFeatureEnabled(features, codeql, languages, code enableForCodeScanningOnly = true; continue; } - return false; + return new Failure("language-not-enabled" /* LanguageNotEnabled */); } if (enableForCodeScanningOnly) { - return codeScanningConfig["disable-default-queries"] !== true && codeScanningConfig.packs === void 0 && codeScanningConfig.queries === void 0 && codeScanningConfig["query-filters"] === void 0; + const usesDefaultQueriesOnly = codeScanningConfig["disable-default-queries"] !== true && codeScanningConfig.packs === void 0 && codeScanningConfig.queries === void 0 && codeScanningConfig["query-filters"] === void 0; + if (!usesDefaultQueriesOnly) { + return new Failure("non-default-queries" /* NonDefaultQueries */); + } } - return true; + return new Success(void 0); } function runnerHasSufficientDiskSpace(diskUsage, logger, useV2ResourceChecks) { const minimumDiskSpaceBytes = useV2ResourceChecks ? OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_BYTES : OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES; - if (diskUsage === void 0 || diskUsage.numAvailableBytes < minimumDiskSpaceBytes) { - const diskSpaceMb = diskUsage === void 0 ? 0 : Math.round(diskUsage.numAvailableBytes / 1e6); + if (diskUsage.numAvailableBytes < minimumDiskSpaceBytes) { + const diskSpaceMb = Math.round(diskUsage.numAvailableBytes / 1e6); const minimumDiskSpaceMb = Math.round(minimumDiskSpaceBytes / 1e6); logger.info( `Setting overlay database mode to ${"none" /* None */} due to insufficient disk space (${diskSpaceMb} MB, needed ${minimumDiskSpaceMb} MB).` @@ -106449,93 +106458,110 @@ async function runnerHasSufficientMemory(codeql, ramInput, logger) { ); return true; } -async function runnerSupportsOverlayAnalysis(codeql, diskUsage, ramInput, logger, useV2ResourceChecks) { +async function checkRunnerResources(codeql, diskUsage, ramInput, logger, useV2ResourceChecks) { if (!runnerHasSufficientDiskSpace(diskUsage, logger, useV2ResourceChecks)) { - return false; + return new Failure("insufficient-disk-space" /* InsufficientDiskSpace */); } if (!await runnerHasSufficientMemory(codeql, ramInput, logger)) { - return false; + return new Failure("insufficient-memory" /* InsufficientMemory */); } - return true; + return new Success(void 0); } -async function getOverlayDatabaseMode(codeql, features, languages, sourceRoot, buildMode, ramInput, codeScanningConfig, repositoryProperties, gitVersion, logger) { - let overlayDatabaseMode = "none" /* None */; - let useOverlayDatabaseCaching = false; - let disabledReason; +async function checkOverlayEnablement(codeql, features, languages, sourceRoot, buildMode, ramInput, codeScanningConfig, repositoryProperties, gitVersion, logger) { const modeEnv = process.env.CODEQL_OVERLAY_DATABASE_MODE; if (modeEnv === "overlay" /* Overlay */ || modeEnv === "overlay-base" /* OverlayBase */ || modeEnv === "none" /* None */) { - overlayDatabaseMode = modeEnv; logger.info( - `Setting overlay database mode to ${overlayDatabaseMode} from the CODEQL_OVERLAY_DATABASE_MODE environment variable.` + `Setting overlay database mode to ${modeEnv} from the CODEQL_OVERLAY_DATABASE_MODE environment variable.` ); - } else if (repositoryProperties["github-codeql-disable-overlay" /* DISABLE_OVERLAY */] === true) { + if (modeEnv === "none" /* None */) { + return new Failure("disabled-by-environment-variable" /* DisabledByEnvironmentVariable */); + } + return validateOverlayDatabaseMode( + modeEnv, + false, + codeql, + languages, + sourceRoot, + buildMode, + gitVersion, + logger + ); + } + if (repositoryProperties["github-codeql-disable-overlay" /* DISABLE_OVERLAY */] === true) { logger.info( `Setting overlay database mode to ${"none" /* None */} because the ${"github-codeql-disable-overlay" /* DISABLE_OVERLAY */} repository property is set to true.` ); - overlayDatabaseMode = "none" /* None */; - disabledReason = "disabled-by-repository-property" /* DisabledByRepositoryProperty */; - } else if (await isOverlayAnalysisFeatureEnabled( + return new Failure("disabled-by-repository-property" /* DisabledByRepositoryProperty */); + } + const featureResult = await checkOverlayAnalysisFeatureEnabled( features, codeql, languages, codeScanningConfig - )) { - const performResourceChecks = !await features.getValue( - "overlay_analysis_skip_resource_checks" /* OverlayAnalysisSkipResourceChecks */, - codeql + ); + if (featureResult.isFailure()) { + return featureResult; + } + const performResourceChecks = !await features.getValue( + "overlay_analysis_skip_resource_checks" /* OverlayAnalysisSkipResourceChecks */, + codeql + ); + const useV2ResourceChecks = await features.getValue( + "overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */ + ); + const checkOverlayStatus = await features.getValue( + "overlay_analysis_status_check" /* OverlayAnalysisStatusCheck */ + ); + const needDiskUsage = performResourceChecks || checkOverlayStatus; + const diskUsage = needDiskUsage ? await checkDiskUsage(logger) : void 0; + if (needDiskUsage && diskUsage === void 0) { + logger.warning( + `Unable to determine disk usage, therefore setting overlay database mode to ${"none" /* None */}.` ); - const useV2ResourceChecks = await features.getValue( - "overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */ + return new Failure("unable-to-determine-disk-usage" /* UnableToDetermineDiskUsage */); + } + const resourceResult = performResourceChecks && diskUsage !== void 0 ? await checkRunnerResources( + codeql, + diskUsage, + ramInput, + logger, + useV2ResourceChecks + ) : new Success(void 0); + if (resourceResult.isFailure()) { + return resourceResult; + } + if (checkOverlayStatus && diskUsage !== void 0 && await shouldSkipOverlayAnalysis(codeql, languages, diskUsage, logger)) { + logger.info( + `Setting overlay database mode to ${"none" /* None */} because overlay analysis previously failed with this combination of languages, disk space, and CodeQL version.` ); - const checkOverlayStatus = await features.getValue( - "overlay_analysis_status_check" /* OverlayAnalysisStatusCheck */ + return new Failure("skipped-due-to-cached-status" /* SkippedDueToCachedStatus */); + } + let overlayDatabaseMode; + if (isAnalyzingPullRequest()) { + overlayDatabaseMode = "overlay" /* Overlay */; + logger.info( + `Setting overlay database mode to ${overlayDatabaseMode} with caching because we are analyzing a pull request.` + ); + } else if (await isAnalyzingDefaultBranch()) { + overlayDatabaseMode = "overlay-base" /* OverlayBase */; + logger.info( + `Setting overlay database mode to ${overlayDatabaseMode} with caching because we are analyzing the default branch.` ); - const diskUsage = performResourceChecks || checkOverlayStatus ? await checkDiskUsage(logger) : void 0; - if (performResourceChecks && !await runnerSupportsOverlayAnalysis( - codeql, - diskUsage, - ramInput, - logger, - useV2ResourceChecks - )) { - overlayDatabaseMode = "none" /* None */; - disabledReason = "insufficient-resources" /* InsufficientResources */; - } else if (checkOverlayStatus && diskUsage === void 0) { - logger.warning( - `Unable to determine disk usage, therefore setting overlay database mode to ${"none" /* None */}.` - ); - overlayDatabaseMode = "none" /* None */; - disabledReason = "unable-to-determine-disk-usage" /* UnableToDetermineDiskUsage */; - } else if (checkOverlayStatus && diskUsage && await shouldSkipOverlayAnalysis(codeql, languages, diskUsage, logger)) { - logger.info( - `Setting overlay database mode to ${"none" /* None */} because overlay analysis previously failed with this combination of languages, disk space, and CodeQL version.` - ); - overlayDatabaseMode = "none" /* None */; - disabledReason = "skipped-due-to-cached-status" /* SkippedDueToCachedStatus */; - } else if (isAnalyzingPullRequest()) { - overlayDatabaseMode = "overlay" /* Overlay */; - useOverlayDatabaseCaching = true; - logger.info( - `Setting overlay database mode to ${overlayDatabaseMode} with caching because we are analyzing a pull request.` - ); - } else if (await isAnalyzingDefaultBranch()) { - overlayDatabaseMode = "overlay-base" /* OverlayBase */; - useOverlayDatabaseCaching = true; - logger.info( - `Setting overlay database mode to ${overlayDatabaseMode} with caching because we are analyzing the default branch.` - ); - } } else { - disabledReason = "feature-not-enabled" /* FeatureNotEnabled */; - } - const disabledResult = (reason) => ({ - overlayDatabaseMode: "none" /* None */, - useOverlayDatabaseCaching: false, - disabledReason: reason - }); - if (overlayDatabaseMode === "none" /* None */) { - return disabledResult(disabledReason); + return new Failure("not-pull-request-or-default-branch" /* NotPullRequestOrDefaultBranch */); } + return validateOverlayDatabaseMode( + overlayDatabaseMode, + true, + codeql, + languages, + sourceRoot, + buildMode, + gitVersion, + logger + ); +} +async function validateOverlayDatabaseMode(overlayDatabaseMode, useOverlayDatabaseCaching, codeql, languages, sourceRoot, buildMode, gitVersion, logger) { if (buildMode !== "none" /* None */ && (await Promise.all( languages.map( async (l) => l !== "go" /* go */ && // Workaround to allow overlay analysis for Go with any build @@ -106548,37 +106574,36 @@ async function getOverlayDatabaseMode(codeql, features, languages, sourceRoot, b logger.warning( `Cannot build an ${overlayDatabaseMode} database because build-mode is set to "${buildMode}" instead of "none". Falling back to creating a normal full database instead.` ); - return disabledResult("incompatible-build-mode" /* IncompatibleBuildMode */); + return new Failure("incompatible-build-mode" /* IncompatibleBuildMode */); } if (!await codeQlVersionAtLeast(codeql, CODEQL_OVERLAY_MINIMUM_VERSION)) { logger.warning( `Cannot build an ${overlayDatabaseMode} database because the CodeQL CLI is older than ${CODEQL_OVERLAY_MINIMUM_VERSION}. Falling back to creating a normal full database instead.` ); - return disabledResult("incompatible-codeql" /* IncompatibleCodeQl */); + return new Failure("incompatible-codeql" /* IncompatibleCodeQl */); } if (await getGitRoot(sourceRoot) === void 0) { logger.warning( `Cannot build an ${overlayDatabaseMode} database because the source root "${sourceRoot}" is not inside a git repository. Falling back to creating a normal full database instead.` ); - return disabledResult("no-git-root" /* NoGitRoot */); + return new Failure("no-git-root" /* NoGitRoot */); } if (gitVersion === void 0) { logger.warning( `Cannot build an ${overlayDatabaseMode} database because the Git version could not be determined. Falling back to creating a normal full database instead.` ); - return disabledResult("incompatible-git" /* IncompatibleGit */); + return new Failure("incompatible-git" /* IncompatibleGit */); } if (!gitVersion.isAtLeast(GIT_MINIMUM_VERSION_FOR_OVERLAY)) { logger.warning( `Cannot build an ${overlayDatabaseMode} database because the installed Git version is older than ${GIT_MINIMUM_VERSION_FOR_OVERLAY}. Falling back to creating a normal full database instead.` ); - return disabledResult("incompatible-git" /* IncompatibleGit */); + return new Failure("incompatible-git" /* IncompatibleGit */); } - return { + return new Success({ overlayDatabaseMode, - useOverlayDatabaseCaching, - disabledReason - }; + useOverlayDatabaseCaching + }); } function dbLocationOrDefault(dbLocation, tempDir) { return dbLocation || path9.resolve(tempDir, "codeql_databases"); @@ -106666,11 +106691,7 @@ async function initConfig(features, inputs) { } else { logger.debug(`Skipping check for generated files.`); } - const { - overlayDatabaseMode, - useOverlayDatabaseCaching, - disabledReason: overlayDisabledReason - } = await getOverlayDatabaseMode( + const overlayDatabaseModeResult = await checkOverlayEnablement( inputs.codeql, inputs.features, config.languages, @@ -106682,19 +106703,27 @@ async function initConfig(features, inputs) { gitVersion, logger ); - logger.info( - `Using overlay database mode: ${overlayDatabaseMode} ${useOverlayDatabaseCaching ? "with" : "without"} caching.` - ); - config.overlayDatabaseMode = overlayDatabaseMode; - config.useOverlayDatabaseCaching = useOverlayDatabaseCaching; - if (overlayDisabledReason !== void 0) { + if (overlayDatabaseModeResult.isSuccess()) { + const { overlayDatabaseMode, useOverlayDatabaseCaching } = overlayDatabaseModeResult.value; + logger.info( + `Using overlay database mode: ${overlayDatabaseMode} ${useOverlayDatabaseCaching ? "with" : "without"} caching.` + ); + config.overlayDatabaseMode = overlayDatabaseMode; + config.useOverlayDatabaseCaching = useOverlayDatabaseCaching; + } else { + const overlayDisabledReason = overlayDatabaseModeResult.value; + logger.info( + `Using overlay database mode: ${"none" /* None */} without caching.` + ); + config.overlayDatabaseMode = "none" /* None */; + config.useOverlayDatabaseCaching = false; await addOverlayDisablementDiagnostics( config, inputs.codeql, overlayDisabledReason ); } - if (overlayDatabaseMode === "overlay" /* Overlay */ || await shouldPerformDiffInformedAnalysis( + if (config.overlayDatabaseMode === "overlay" /* Overlay */ || await shouldPerformDiffInformedAnalysis( inputs.codeql, inputs.features, logger @@ -109610,8 +109639,6 @@ async function run(startedAt) { ); const repositoryPropertiesResult = await loadRepositoryProperties( repositoryNwo, - gitHubVersion, - features, logger ); const jobRunUuid = v4_default(); @@ -110011,7 +110038,7 @@ exec ${goBinaryPath} "$@"` logger ); } -async function loadRepositoryProperties(repositoryNwo, gitHubVersion, features, logger) { +async function loadRepositoryProperties(repositoryNwo, logger) { const repositoryOwnerType = github2.context.payload.repository?.owner.type; logger.debug( `Repository owner type is '${repositoryOwnerType ?? "unknown"}'.` @@ -110022,16 +110049,8 @@ async function loadRepositoryProperties(repositoryNwo, gitHubVersion, features, ); return new Success({}); } - if (!await features.getValue("use_repository_properties_v2" /* UseRepositoryProperties */)) { - logger.debug( - "Skipping loading repository properties because the UseRepositoryProperties feature flag is disabled." - ); - return new Success({}); - } try { - return new Success( - await loadPropertiesFromApi(gitHubVersion, logger, repositoryNwo) - ); + return new Success(await loadPropertiesFromApi(logger, repositoryNwo)); } catch (error3) { logger.warning( `Failed to load repository properties: ${getErrorMessage(error3)}` diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 1631f7c2c..aa3673bd3 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -104283,11 +104283,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 6f1f3261f..a9eb08eb5 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -103679,8 +103679,8 @@ var path4 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.24.2"; -var cliVersion = "2.24.2"; +var bundleVersion = "codeql-bundle-v2.24.3"; +var cliVersion = "2.24.3"; // src/overlay/index.ts var fs3 = __toESM(require("fs")); @@ -104180,11 +104180,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index d1b828de8..6fdfe2d8b 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -161649,11 +161649,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 0dbbe3691..84519a068 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -120612,8 +120612,8 @@ var path = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.24.2"; -var cliVersion = "2.24.2"; +var bundleVersion = "codeql-bundle-v2.24.3"; +var cliVersion = "2.24.3"; // src/overlay/index.ts var actionsCache = __toESM(require_cache5()); @@ -120972,11 +120972,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/lib/upload-lib.js b/lib/upload-lib.js index b3d35b747..236eb8512 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -47283,7 +47283,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -47350,14 +47350,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -106934,8 +106934,8 @@ var path5 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.24.2"; -var cliVersion = "2.24.2"; +var bundleVersion = "codeql-bundle-v2.24.3"; +var cliVersion = "2.24.3"; // src/overlay/index.ts var fs3 = __toESM(require("fs")); @@ -107439,11 +107439,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index b3802f733..dab78eb86 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -161811,11 +161811,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index c41ee0c1a..ab769c22f 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.6", + version: "4.32.7", private: true, description: "CodeQL action", scripts: { @@ -46053,14 +46053,14 @@ var require_package = __commonJS({ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", glob: "^11.1.0", globals: "^17.3.0", nock: "^14.0.11", sinon: "^21.0.1", typescript: "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, overrides: { "@actions/tool-cache": { @@ -106618,8 +106618,8 @@ var path4 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.24.2"; -var cliVersion = "2.24.2"; +var bundleVersion = "codeql-bundle-v2.24.3"; +var cliVersion = "2.24.3"; // src/overlay/index.ts var fs3 = __toESM(require("fs")); @@ -107153,11 +107153,6 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "bundleSupportsOverlay" /* BundleSupportsOverlay */ }, - ["use_repository_properties_v2" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/package-lock.json b/package-lock.json index 2bd163cb5..2fbb729f7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "4.32.6", + "version": "4.32.7", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "4.32.6", + "version": "4.32.7", "license": "MIT", "dependencies": { "@actions/artifact": "^5.0.3", @@ -52,14 +52,14 @@ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", "glob": "^11.1.0", "globals": "^17.3.0", "nock": "^14.0.11", "sinon": "^21.0.1", "typescript": "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" } }, "node_modules/@aashutoshrathi/word-wrap": { @@ -2553,17 +2553,17 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.56.0.tgz", - "integrity": "sha512-lRyPDLzNCuae71A3t9NEINBiTn7swyOhvUj3MyUOxb8x6g6vPEFoOU+ZRmGMusNC3X3YMhqMIX7i8ShqhT74Pw==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.56.1.tgz", + "integrity": "sha512-Jz9ZztpB37dNC+HU2HI28Bs9QXpzCz+y/twHOwhyrIRdbuVDxSytJNDl6z/aAKlaRIwC7y8wJdkBv7FxYGgi0A==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/regexpp": "^4.12.2", - "@typescript-eslint/scope-manager": "8.56.0", - "@typescript-eslint/type-utils": "8.56.0", - "@typescript-eslint/utils": "8.56.0", - "@typescript-eslint/visitor-keys": "8.56.0", + "@typescript-eslint/scope-manager": "8.56.1", + "@typescript-eslint/type-utils": "8.56.1", + "@typescript-eslint/utils": "8.56.1", + "@typescript-eslint/visitor-keys": "8.56.1", "ignore": "^7.0.5", "natural-compare": "^1.4.0", "ts-api-utils": "^2.4.0" @@ -2576,7 +2576,7 @@ "url": "https://opencollective.com/typescript-eslint" }, "peerDependencies": { - "@typescript-eslint/parser": "^8.56.0", + "@typescript-eslint/parser": "^8.56.1", "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.0.0" } @@ -2592,16 +2592,16 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.56.0.tgz", - "integrity": "sha512-IgSWvLobTDOjnaxAfDTIHaECbkNlAlKv2j5SjpB2v7QHKv1FIfjwMy8FsDbVfDX/KjmCmYICcw7uGaXLhtsLNg==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.56.1.tgz", + "integrity": "sha512-klQbnPAAiGYFyI02+znpBRLyjL4/BrBd0nyWkdC0s/6xFLkXYQ8OoRrSkqacS1ddVxf/LDyODIKbQ5TgKAf/Fg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/scope-manager": "8.56.0", - "@typescript-eslint/types": "8.56.0", - "@typescript-eslint/typescript-estree": "8.56.0", - "@typescript-eslint/visitor-keys": "8.56.0", + "@typescript-eslint/scope-manager": "8.56.1", + "@typescript-eslint/types": "8.56.1", + "@typescript-eslint/typescript-estree": "8.56.1", + "@typescript-eslint/visitor-keys": "8.56.1", "debug": "^4.4.3" }, "engines": { @@ -2635,14 +2635,14 @@ } }, "node_modules/@typescript-eslint/project-service": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.56.0.tgz", - "integrity": "sha512-M3rnyL1vIQOMeWxTWIW096/TtVP+8W3p/XnaFflhmcFp+U4zlxUxWj4XwNs6HbDeTtN4yun0GNTTDBw/SvufKg==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.56.1.tgz", + "integrity": "sha512-TAdqQTzHNNvlVFfR+hu2PDJrURiwKsUvxFn1M0h95BB8ah5jejas08jUWG4dBA68jDMI988IvtfdAI53JzEHOQ==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/tsconfig-utils": "^8.56.0", - "@typescript-eslint/types": "^8.56.0", + "@typescript-eslint/tsconfig-utils": "^8.56.1", + "@typescript-eslint/types": "^8.56.1", "debug": "^4.4.3" }, "engines": { @@ -2675,14 +2675,14 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.56.0.tgz", - "integrity": "sha512-7UiO/XwMHquH+ZzfVCfUNkIXlp/yQjjnlYUyYz7pfvlK3/EyyN6BK+emDmGNyQLBtLGaYrTAI6KOw8tFucWL2w==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.56.1.tgz", + "integrity": "sha512-YAi4VDKcIZp0O4tz/haYKhmIDZFEUPOreKbfdAN3SzUDMcPhJ8QI99xQXqX+HoUVq8cs85eRKnD+rne2UAnj2w==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.56.0", - "@typescript-eslint/visitor-keys": "8.56.0" + "@typescript-eslint/types": "8.56.1", + "@typescript-eslint/visitor-keys": "8.56.1" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -2693,9 +2693,9 @@ } }, "node_modules/@typescript-eslint/tsconfig-utils": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.56.0.tgz", - "integrity": "sha512-bSJoIIt4o3lKXD3xmDh9chZcjCz5Lk8xS7Rxn+6l5/pKrDpkCwtQNQQwZ2qRPk7TkUYhrq3WPIHXOXlbXP0itg==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.56.1.tgz", + "integrity": "sha512-qOtCYzKEeyr3aR9f28mPJqBty7+DBqsdd63eO0yyDwc6vgThj2UjWfJIcsFeSucYydqcuudMOprZ+x1SpF3ZuQ==", "dev": true, "license": "MIT", "engines": { @@ -2710,15 +2710,15 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.56.0.tgz", - "integrity": "sha512-qX2L3HWOU2nuDs6GzglBeuFXviDODreS58tLY/BALPC7iu3Fa+J7EOTwnX9PdNBxUI7Uh0ntP0YWGnxCkXzmfA==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.56.1.tgz", + "integrity": "sha512-yB/7dxi7MgTtGhZdaHCemf7PuwrHMenHjmzgUW1aJpO+bBU43OycnM3Wn+DdvDO/8zzA9HlhaJ0AUGuvri4oGg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.56.0", - "@typescript-eslint/typescript-estree": "8.56.0", - "@typescript-eslint/utils": "8.56.0", + "@typescript-eslint/types": "8.56.1", + "@typescript-eslint/typescript-estree": "8.56.1", + "@typescript-eslint/utils": "8.56.1", "debug": "^4.4.3", "ts-api-utils": "^2.4.0" }, @@ -2753,9 +2753,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.56.0.tgz", - "integrity": "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.56.1.tgz", + "integrity": "sha512-dbMkdIUkIkchgGDIv7KLUpa0Mda4IYjo4IAMJUZ+3xNoUXxMsk9YtKpTHSChRS85o+H9ftm51gsK1dZReY9CVw==", "dev": true, "license": "MIT", "engines": { @@ -2767,18 +2767,18 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.56.0.tgz", - "integrity": "sha512-ex1nTUMWrseMltXUHmR2GAQ4d+WjkZCT4f+4bVsps8QEdh0vlBsaCokKTPlnqBFqqGaxilDNJG7b8dolW2m43Q==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.56.1.tgz", + "integrity": "sha512-qzUL1qgalIvKWAf9C1HpvBjif+Vm6rcT5wZd4VoMb9+Km3iS3Cv9DY6dMRMDtPnwRAFyAi7YXJpTIEXLvdfPxg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/project-service": "8.56.0", - "@typescript-eslint/tsconfig-utils": "8.56.0", - "@typescript-eslint/types": "8.56.0", - "@typescript-eslint/visitor-keys": "8.56.0", + "@typescript-eslint/project-service": "8.56.1", + "@typescript-eslint/tsconfig-utils": "8.56.1", + "@typescript-eslint/types": "8.56.1", + "@typescript-eslint/visitor-keys": "8.56.1", "debug": "^4.4.3", - "minimatch": "^9.0.5", + "minimatch": "^10.2.2", "semver": "^7.7.3", "tinyglobby": "^0.2.15", "ts-api-utils": "^2.4.0" @@ -2794,14 +2794,27 @@ "typescript": ">=4.8.4 <6.0.0" } }, + "node_modules/@typescript-eslint/typescript-estree/node_modules/balanced-match": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz", + "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==", + "dev": true, + "license": "MIT", + "engines": { + "node": "18 || 20 || >=22" + } + }, "node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", - "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", + "version": "5.0.4", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.4.tgz", + "integrity": "sha512-h+DEnpVvxmfVefa4jFbCf5HdH5YMDXRsmKflpf1pILZWRFlTbJpxeU55nJl4Smt5HQaGzg1o6RHFPJaOqnmBDg==", "dev": true, "license": "MIT", "dependencies": { - "balanced-match": "^1.0.0" + "balanced-match": "^4.0.2" + }, + "engines": { + "node": "18 || 20 || >=22" } }, "node_modules/@typescript-eslint/typescript-estree/node_modules/debug": { @@ -2823,32 +2836,32 @@ } }, "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": { - "version": "9.0.9", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz", - "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==", + "version": "10.2.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.4.tgz", + "integrity": "sha512-oRjTw/97aTBN0RHbYCdtF1MQfvusSIBQM0IZEgzl6426+8jSC0nF1a/GmnVLpfB9yyr6g6FTqWqiZVbxrtaCIg==", "dev": true, - "license": "ISC", + "license": "BlueOak-1.0.0", "dependencies": { - "brace-expansion": "^2.0.2" + "brace-expansion": "^5.0.2" }, "engines": { - "node": ">=16 || 14 >=14.17" + "node": "18 || 20 || >=22" }, "funding": { "url": "https://github.com/sponsors/isaacs" } }, "node_modules/@typescript-eslint/utils": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.56.0.tgz", - "integrity": "sha512-RZ3Qsmi2nFGsS+n+kjLAYDPVlrzf7UhTffrDIKr+h2yzAlYP/y5ZulU0yeDEPItos2Ph46JAL5P/On3pe7kDIQ==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.56.1.tgz", + "integrity": "sha512-HPAVNIME3tABJ61siYlHzSWCGtOoeP2RTIaHXFMPqjrQKCGB9OgUVdiNgH7TJS2JNIQ5qQ4RsAUDuGaGme/KOA==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.9.1", - "@typescript-eslint/scope-manager": "8.56.0", - "@typescript-eslint/types": "8.56.0", - "@typescript-eslint/typescript-estree": "8.56.0" + "@typescript-eslint/scope-manager": "8.56.1", + "@typescript-eslint/types": "8.56.1", + "@typescript-eslint/typescript-estree": "8.56.1" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -2863,13 +2876,13 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.56.0.tgz", - "integrity": "sha512-q+SL+b+05Ud6LbEE35qe4A99P+htKTKVbyiNEe45eCbJFyh/HVK9QXwlrbz+Q4L8SOW4roxSVwXYj4DMBT7Ieg==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.56.1.tgz", + "integrity": "sha512-KiROIzYdEV85YygXw6BI/Dx4fnBlFQu6Mq4QE4MOH9fFnhohw6wX/OAvDY2/C+ut0I3RSPKenvZJIVYqJNkhEw==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.56.0", + "@typescript-eslint/types": "8.56.1", "eslint-visitor-keys": "^5.0.0" }, "engines": { @@ -2881,9 +2894,9 @@ } }, "node_modules/@typescript-eslint/visitor-keys/node_modules/eslint-visitor-keys": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-5.0.0.tgz", - "integrity": "sha512-A0XeIi7CXU7nPlfHS9loMYEKxUaONu/hTEzHTGba9Huu94Cq1hPivf+DE5erJozZOky0LfvXAyrV/tcswpLI0Q==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-5.0.1.tgz", + "integrity": "sha512-tD40eHxA35h0PEIZNeIjkHoDR4YjjJp34biM0mDvplBe//mB+IHCqHDGV7pxF+7MklTvighcCPPZC7ynWyjdTA==", "dev": true, "license": "Apache-2.0", "engines": { @@ -5146,9 +5159,9 @@ } }, "node_modules/eslint-plugin-jsdoc": { - "version": "62.6.0", - "resolved": "https://registry.npmjs.org/eslint-plugin-jsdoc/-/eslint-plugin-jsdoc-62.6.0.tgz", - "integrity": "sha512-Z18zZD1Q2m9usqFbAzb30z+lF8bzE4WiUy+dfOXljJlZ1Jm5uhkuAWfGV97FYyh+WlKfrvpDYs+s1z45eZWMfA==", + "version": "62.7.1", + "resolved": "https://registry.npmjs.org/eslint-plugin-jsdoc/-/eslint-plugin-jsdoc-62.7.1.tgz", + "integrity": "sha512-4Zvx99Q7d1uggYBUX/AIjvoyqXhluGbbKrRmG8SQTLprPFg6fa293tVJH1o1GQwNe3lUydd8ZHzn37OaSncgSQ==", "dev": true, "license": "BSD-3-Clause", "dependencies": { @@ -5163,7 +5176,7 @@ "html-entities": "^2.6.0", "object-deep-merge": "^2.0.0", "parse-imports-exports": "^0.2.4", - "semver": "^7.7.3", + "semver": "^7.7.4", "spdx-expression-parse": "^4.0.0", "to-valid-identifier": "^1.0.0" }, @@ -5171,7 +5184,7 @@ "node": "^20.19.0 || ^22.13.0 || >=24" }, "peerDependencies": { - "eslint": "^7.0.0 || ^8.0.0 || ^9.0.0" + "eslint": "^7.0.0 || ^8.0.0 || ^9.0.0 || ^10.0.0" } }, "node_modules/eslint-plugin-jsdoc/node_modules/debug": { @@ -8857,9 +8870,9 @@ } }, "node_modules/tar": { - "version": "7.5.7", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.7.tgz", - "integrity": "sha512-fov56fJiRuThVFXD6o6/Q354S7pnWMJIVlDBYijsTNx6jKSE4pvrDTs6lUnmGvNyfJwFQQwWy3owKz1ucIhveQ==", + "version": "7.5.10", + "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.10.tgz", + "integrity": "sha512-8mOPs1//5q/rlkNSPcCegA6hiHJYDmSLEI8aMH/CdSQJNWztHC9WHNam5zdQlfpTwB9Xp7IBEsHfV5LKMJGVAw==", "dev": true, "license": "BlueOak-1.0.0", "dependencies": { @@ -9189,16 +9202,16 @@ } }, "node_modules/typescript-eslint": { - "version": "8.56.0", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.56.0.tgz", - "integrity": "sha512-c7toRLrotJ9oixgdW7liukZpsnq5CZ7PuKztubGYlNppuTqhIoWfhgHo/7EU0v06gS2l/x0i2NEFK1qMIf0rIg==", + "version": "8.56.1", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.56.1.tgz", + "integrity": "sha512-U4lM6pjmBX7J5wk4szltF7I1cGBHXZopnAXCMXb3+fZ3B/0Z3hq3wS/CCUB2NZBNAExK92mCU2tEohWuwVMsDQ==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/eslint-plugin": "8.56.0", - "@typescript-eslint/parser": "8.56.0", - "@typescript-eslint/typescript-estree": "8.56.0", - "@typescript-eslint/utils": "8.56.0" + "@typescript-eslint/eslint-plugin": "8.56.1", + "@typescript-eslint/parser": "8.56.1", + "@typescript-eslint/typescript-estree": "8.56.1", + "@typescript-eslint/utils": "8.56.1" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" diff --git a/package.json b/package.json index 197f910f0..85628de5c 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "4.32.6", + "version": "4.32.7", "private": true, "description": "CodeQL action", "scripts": { @@ -67,14 +67,14 @@ "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.1", - "eslint-plugin-jsdoc": "^62.6.0", + "eslint-plugin-jsdoc": "^62.7.1", "eslint-plugin-no-async-foreach": "^0.1.1", "glob": "^11.1.0", "globals": "^17.3.0", "nock": "^14.0.11", "sinon": "^21.0.1", "typescript": "^5.9.3", - "typescript-eslint": "^8.56.0" + "typescript-eslint": "^8.56.1" }, "overrides": { "@actions/tool-cache": { diff --git a/pr-checks/checks/analysis-kinds.yml b/pr-checks/checks/analysis-kinds.yml index 6eedaec02..1fed31053 100644 --- a/pr-checks/checks/analysis-kinds.yml +++ b/pr-checks/checks/analysis-kinds.yml @@ -40,7 +40,7 @@ steps: post-processed-sarif-path: "${{ runner.temp }}/post-processed" - name: Upload SARIF files - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: | analysis-kinds-${{ matrix.os }}-${{ matrix.version }}-${{ matrix.analysis-kinds }} @@ -48,7 +48,7 @@ steps: retention-days: 7 - name: Upload post-processed SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: | post-processed-${{ matrix.os }}-${{ matrix.version }}-${{ matrix.analysis-kinds }} diff --git a/pr-checks/checks/analyze-ref-input.yml b/pr-checks/checks/analyze-ref-input.yml index e9d2cd176..f3425ec70 100644 --- a/pr-checks/checks/analyze-ref-input.yml +++ b/pr-checks/checks/analyze-ref-input.yml @@ -2,7 +2,6 @@ name: "Analyze: 'ref' and 'sha' from inputs" description: "Checks that specifying 'ref' and 'sha' as inputs works" versions: ["default"] installGo: true -installPython: true installDotNet: true steps: - uses: ./../action/init diff --git a/pr-checks/checks/bundle-zstd.yml b/pr-checks/checks/bundle-zstd.yml index 371525aab..002334523 100644 --- a/pr-checks/checks/bundle-zstd.yml +++ b/pr-checks/checks/bundle-zstd.yml @@ -27,7 +27,7 @@ steps: output: ${{ runner.temp }}/results upload-database: false - name: Upload SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: ${{ matrix.os }}-zstd-bundle.sarif path: ${{ runner.temp }}/results/javascript.sarif diff --git a/pr-checks/checks/config-export.yml b/pr-checks/checks/config-export.yml index fc4c68ad6..ea66ad994 100644 --- a/pr-checks/checks/config-export.yml +++ b/pr-checks/checks/config-export.yml @@ -12,7 +12,7 @@ steps: output: "${{ runner.temp }}/results" upload-database: false - name: Upload SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: config-export-${{ matrix.os }}-${{ matrix.version }}.sarif.json path: "${{ runner.temp }}/results/javascript.sarif" diff --git a/pr-checks/checks/diagnostics-export.yml b/pr-checks/checks/diagnostics-export.yml index ccf5b3501..1b2696937 100644 --- a/pr-checks/checks/diagnostics-export.yml +++ b/pr-checks/checks/diagnostics-export.yml @@ -25,7 +25,7 @@ steps: output: "${{ runner.temp }}/results" upload-database: false - name: Upload SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: diagnostics-export-${{ matrix.os }}-${{ matrix.version }}.sarif.json path: "${{ runner.temp }}/results/javascript.sarif" diff --git a/pr-checks/checks/export-file-baseline-information.yml b/pr-checks/checks/export-file-baseline-information.yml index e45fc58ca..114aa8c43 100644 --- a/pr-checks/checks/export-file-baseline-information.yml +++ b/pr-checks/checks/export-file-baseline-information.yml @@ -19,7 +19,7 @@ steps: with: output: "${{ runner.temp }}/results" - name: Upload SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: with-baseline-information-${{ matrix.os }}-${{ matrix.version }}.sarif.json path: "${{ runner.temp }}/results/javascript.sarif" diff --git a/pr-checks/checks/job-run-uuid-sarif.yml b/pr-checks/checks/job-run-uuid-sarif.yml index e0610846b..815d88000 100644 --- a/pr-checks/checks/job-run-uuid-sarif.yml +++ b/pr-checks/checks/job-run-uuid-sarif.yml @@ -11,7 +11,7 @@ steps: with: output: "${{ runner.temp }}/results" - name: Upload SARIF - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: ${{ matrix.os }}-${{ matrix.version }}.sarif.json path: "${{ runner.temp }}/results/javascript.sarif" diff --git a/pr-checks/checks/local-bundle.yml b/pr-checks/checks/local-bundle.yml index c0930772e..2d090d432 100644 --- a/pr-checks/checks/local-bundle.yml +++ b/pr-checks/checks/local-bundle.yml @@ -2,7 +2,6 @@ name: "Local CodeQL bundle" description: "Tests using a CodeQL bundle from a local file rather than a URL" versions: ["linked"] installGo: true -installPython: true installDotNet: true steps: - name: Fetch latest CodeQL bundle diff --git a/pr-checks/checks/packaging-codescanning-config-inputs-js.yml b/pr-checks/checks/packaging-codescanning-config-inputs-js.yml index 6fd0f7c8a..20fd16a48 100644 --- a/pr-checks/checks/packaging-codescanning-config-inputs-js.yml +++ b/pr-checks/checks/packaging-codescanning-config-inputs-js.yml @@ -3,7 +3,6 @@ description: "Checks that specifying packages using a combination of a config fi versions: ["linked", "default", "nightly-latest"] # This feature is not compatible with old CLIs installGo: true installNode: true -installPython: true installDotNet: true steps: - uses: ./../action/init diff --git a/pr-checks/checks/remote-config.yml b/pr-checks/checks/remote-config.yml index 24249156e..9211cb212 100644 --- a/pr-checks/checks/remote-config.yml +++ b/pr-checks/checks/remote-config.yml @@ -6,7 +6,6 @@ versions: - linked - nightly-latest installGo: true -installPython: true installDotNet: true steps: - uses: ./../action/init diff --git a/pr-checks/checks/unset-environment.yml b/pr-checks/checks/unset-environment.yml index 4cc728600..dd41f159b 100644 --- a/pr-checks/checks/unset-environment.yml +++ b/pr-checks/checks/unset-environment.yml @@ -6,7 +6,6 @@ versions: - linked - nightly-latest installGo: true -installPython: true installDotNet: true steps: - uses: ./../action/init diff --git a/pr-checks/checks/upload-ref-sha-input.yml b/pr-checks/checks/upload-ref-sha-input.yml index 0c8059a51..95b753b2b 100644 --- a/pr-checks/checks/upload-ref-sha-input.yml +++ b/pr-checks/checks/upload-ref-sha-input.yml @@ -2,7 +2,6 @@ name: "Upload-sarif: 'ref' and 'sha' from inputs" description: "Checks that specifying 'ref' and 'sha' as inputs works" versions: ["default"] installGo: true -installPython: true installDotNet: true steps: - uses: ./../action/init diff --git a/pr-checks/checks/upload-sarif.yml b/pr-checks/checks/upload-sarif.yml index 8009225c2..403cdab3a 100644 --- a/pr-checks/checks/upload-sarif.yml +++ b/pr-checks/checks/upload-sarif.yml @@ -3,7 +3,6 @@ description: "Checks that uploading SARIFs to the code quality endpoint works" versions: ["default"] analysisKinds: ["code-scanning", "code-quality", "code-scanning,code-quality"] installGo: true -installPython: true installDotNet: true steps: - uses: ./../action/init diff --git a/pr-checks/checks/with-checkout-path.yml b/pr-checks/checks/with-checkout-path.yml index 230e342e3..6f69d45d8 100644 --- a/pr-checks/checks/with-checkout-path.yml +++ b/pr-checks/checks/with-checkout-path.yml @@ -2,7 +2,6 @@ name: "Use a custom `checkout_path`" description: "Checks that a custom `checkout_path` will find the proper commit_oid" versions: ["linked"] installGo: true -installPython: true installDotNet: true steps: # This ensures we don't accidentally use the original checkout for any part of the test. diff --git a/src/config-utils.test.ts b/src/config-utils.test.ts index 4ab7a1748..06994c0ed 100644 --- a/src/config-utils.test.ts +++ b/src/config-utils.test.ts @@ -40,6 +40,8 @@ import { withTmpDir, BuildMode, DiskUsage, + Success, + Failure, } from "./util"; import * as util from "./util"; @@ -942,55 +944,46 @@ for (const { displayName, language, feature } of [ feature: Feature.DisableCsharpBuildless, }, ]) { - test.serial( - `Build mode not overridden when disable ${displayName} buildless feature flag disabled`, - async (t) => { - const messages: LoggedMessage[] = []; - const buildMode = await configUtils.parseBuildModeInput( - "none", - [language], - createFeatures([]), - getRecordingLogger(messages), - ); - t.is(buildMode, BuildMode.None); - t.deepEqual(messages, []); - }, - ); + test(`Build mode not overridden when disable ${displayName} buildless feature flag disabled`, async (t) => { + const messages: LoggedMessage[] = []; + const buildMode = await configUtils.parseBuildModeInput( + "none", + [language], + createFeatures([]), + getRecordingLogger(messages), + ); + t.is(buildMode, BuildMode.None); + t.deepEqual(messages, []); + }); - test.serial( - `Build mode not overridden for other languages when disable ${displayName} buildless feature flag enabled`, - async (t) => { - const messages: LoggedMessage[] = []; - const buildMode = await configUtils.parseBuildModeInput( - "none", - [KnownLanguage.python], - createFeatures([feature]), - getRecordingLogger(messages), - ); - t.is(buildMode, BuildMode.None); - t.deepEqual(messages, []); - }, - ); + test(`Build mode not overridden for other languages when disable ${displayName} buildless feature flag enabled`, async (t) => { + const messages: LoggedMessage[] = []; + const buildMode = await configUtils.parseBuildModeInput( + "none", + [KnownLanguage.python], + createFeatures([feature]), + getRecordingLogger(messages), + ); + t.is(buildMode, BuildMode.None); + t.deepEqual(messages, []); + }); - test.serial( - `Build mode overridden when analyzing ${displayName} and disable ${displayName} buildless feature flag enabled`, - async (t) => { - const messages: LoggedMessage[] = []; - const buildMode = await configUtils.parseBuildModeInput( - "none", - [language], - createFeatures([feature]), - getRecordingLogger(messages), - ); - t.is(buildMode, BuildMode.Autobuild); - t.deepEqual(messages, [ - { - message: `Scanning ${displayName} code without a build is temporarily unavailable. Falling back to 'autobuild' build mode.`, - type: "warning", - }, - ]); - }, - ); + test(`Build mode overridden when analyzing ${displayName} and disable ${displayName} buildless feature flag enabled`, async (t) => { + const messages: LoggedMessage[] = []; + const buildMode = await configUtils.parseBuildModeInput( + "none", + [language], + createFeatures([feature]), + getRecordingLogger(messages), + ); + t.is(buildMode, BuildMode.Autobuild); + t.deepEqual(messages, [ + { + message: `Scanning ${displayName} code without a build is temporarily unavailable. Falling back to 'autobuild' build mode.`, + type: "warning", + }, + ]); + }); } interface OverlayDatabaseModeTestSetup { @@ -1033,16 +1026,19 @@ const defaultOverlayDatabaseModeTestSetup: OverlayDatabaseModeTestSetup = { repositoryProperties: {}, }; -const getOverlayDatabaseModeMacro = test.macro({ +const checkOverlayEnablementMacro = test.macro({ exec: async ( t: ExecutionContext, _title: string, setupOverrides: Partial, - expected: { - overlayDatabaseMode: OverlayDatabaseMode; - useOverlayDatabaseCaching: boolean; - disabledReason?: OverlayDisabledReason; - }, + expected: + | { + overlayDatabaseMode: OverlayDatabaseMode; + useOverlayDatabaseCaching: boolean; + } + | { + disabledReason: OverlayDisabledReason; + }, ) => { return await withTmpDir(async (tempDir) => { const messages: LoggedMessage[] = []; @@ -1100,7 +1096,7 @@ const getOverlayDatabaseModeMacro = test.macro({ .stub(gitUtils, "isAnalyzingDefaultBranch") .resolves(setup.isDefaultBranch); - const result = await configUtils.getOverlayDatabaseMode( + const result = await configUtils.checkOverlayEnablement( codeql, features, setup.languages, @@ -1113,22 +1109,22 @@ const getOverlayDatabaseModeMacro = test.macro({ logger, ); - if (!("disabledReason" in expected)) { - expected.disabledReason = undefined; + if ("disabledReason" in expected) { + t.deepEqual(result, new Failure(expected.disabledReason)); + } else { + t.deepEqual(result, new Success(expected)); } - - t.deepEqual(result, expected); } finally { // Restore the original environment process.env = originalEnv; } }); }, - title: (_, title) => `getOverlayDatabaseMode: ${title}`, + title: (_, title) => `checkOverlayEnablement: ${title}`, }); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Environment variable override - Overlay", { overlayDatabaseEnvVar: "overlay", @@ -1140,7 +1136,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Environment variable override - OverlayBase", { overlayDatabaseEnvVar: "overlay-base", @@ -1152,45 +1148,41 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Environment variable override - None", { overlayDatabaseEnvVar: "none", }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, + disabledReason: OverlayDisabledReason.DisabledByEnvironmentVariable, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Ignore invalid environment variable", { overlayDatabaseEnvVar: "invalid-mode", }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.OverallFeatureNotEnabled, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Ignore feature flag when analyzing non-default branch", { languages: [KnownLanguage.javascript], features: [Feature.OverlayAnalysis, Feature.OverlayAnalysisJavascript], }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, + disabledReason: OverlayDisabledReason.NotPullRequestOrDefaultBranch, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay-base database on default branch when feature enabled", { languages: [KnownLanguage.javascript], @@ -1204,7 +1196,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay-base database on default branch when feature enabled with custom analysis", { languages: [KnownLanguage.javascript], @@ -1221,7 +1213,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay-base database on default branch when code-scanning feature enabled", { languages: [KnownLanguage.javascript], @@ -1238,7 +1230,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch if runner disk space is too low", { languages: [KnownLanguage.javascript], @@ -1253,14 +1245,12 @@ test.serial( }, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.InsufficientResources, + disabledReason: OverlayDisabledReason.InsufficientDiskSpace, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch if we can't determine runner disk space", { languages: [KnownLanguage.javascript], @@ -1272,14 +1262,12 @@ test.serial( diskUsage: undefined, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.InsufficientResources, + disabledReason: OverlayDisabledReason.UnableToDetermineDiskUsage, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay-base database on default branch if runner disk space is too low and skip resource checks flag is enabled", { languages: [KnownLanguage.javascript], @@ -1301,7 +1289,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch if runner disk space is below v2 limit and v2 resource checks enabled", { languages: [KnownLanguage.javascript], @@ -1317,14 +1305,12 @@ test.serial( }, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.InsufficientResources, + disabledReason: OverlayDisabledReason.InsufficientDiskSpace, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay-base database on default branch if runner disk space is between v2 and v1 limits and v2 resource checks enabled", { languages: [KnownLanguage.javascript], @@ -1346,7 +1332,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch if runner disk space is between v2 and v1 limits and v2 resource checks not enabled", { languages: [KnownLanguage.javascript], @@ -1361,14 +1347,12 @@ test.serial( }, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.InsufficientResources, + disabledReason: OverlayDisabledReason.InsufficientDiskSpace, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch if memory flag is too low", { languages: [KnownLanguage.javascript], @@ -1380,14 +1364,12 @@ test.serial( memoryFlagValue: 3072, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.InsufficientResources, + disabledReason: OverlayDisabledReason.InsufficientMemory, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay-base database on default branch if memory flag is too low but CodeQL >= 2.24.3", { languages: [KnownLanguage.javascript], @@ -1406,7 +1388,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay-base database on default branch if memory flag is too low and skip resource checks flag is enabled", { languages: [KnownLanguage.javascript], @@ -1425,7 +1407,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch when cached status indicates previous failure", { languages: [KnownLanguage.javascript], @@ -1438,14 +1420,12 @@ test.serial( shouldSkipOverlayAnalysisDueToCachedStatus: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, disabledReason: OverlayDisabledReason.SkippedDueToCachedStatus, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR when cached status indicates previous failure", { languages: [KnownLanguage.javascript], @@ -1458,14 +1438,12 @@ test.serial( shouldSkipOverlayAnalysisDueToCachedStatus: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, disabledReason: OverlayDisabledReason.SkippedDueToCachedStatus, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch when code-scanning feature enabled with disable-default-queries", { languages: [KnownLanguage.javascript], @@ -1479,14 +1457,12 @@ test.serial( isDefaultBranch: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.NonDefaultQueries, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch when code-scanning feature enabled with packs", { languages: [KnownLanguage.javascript], @@ -1500,14 +1476,12 @@ test.serial( isDefaultBranch: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.NonDefaultQueries, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch when code-scanning feature enabled with queries", { languages: [KnownLanguage.javascript], @@ -1521,14 +1495,12 @@ test.serial( isDefaultBranch: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.NonDefaultQueries, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch when code-scanning feature enabled with query-filters", { languages: [KnownLanguage.javascript], @@ -1542,14 +1514,12 @@ test.serial( isDefaultBranch: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.NonDefaultQueries, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch when only language-specific feature enabled", { languages: [KnownLanguage.javascript], @@ -1557,14 +1527,12 @@ test.serial( isDefaultBranch: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.OverallFeatureNotEnabled, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch when only code-scanning feature enabled", { languages: [KnownLanguage.javascript], @@ -1572,14 +1540,12 @@ test.serial( isDefaultBranch: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.OverallFeatureNotEnabled, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay-base database on default branch when language-specific feature disabled", { languages: [KnownLanguage.javascript], @@ -1587,14 +1553,12 @@ test.serial( isDefaultBranch: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.LanguageNotEnabled, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay analysis on PR when feature enabled", { languages: [KnownLanguage.javascript], @@ -1608,7 +1572,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay analysis on PR when feature enabled with custom analysis", { languages: [KnownLanguage.javascript], @@ -1625,7 +1589,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay analysis on PR when code-scanning feature enabled", { languages: [KnownLanguage.javascript], @@ -1642,7 +1606,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR if runner disk space is too low", { languages: [KnownLanguage.javascript], @@ -1657,14 +1621,12 @@ test.serial( }, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.InsufficientResources, + disabledReason: OverlayDisabledReason.InsufficientDiskSpace, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay analysis on PR if runner disk space is too low and skip resource checks flag is enabled", { languages: [KnownLanguage.javascript], @@ -1686,7 +1648,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR if we can't determine runner disk space", { languages: [KnownLanguage.javascript], @@ -1698,14 +1660,12 @@ test.serial( diskUsage: undefined, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.InsufficientResources, + disabledReason: OverlayDisabledReason.UnableToDetermineDiskUsage, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR if memory flag is too low", { languages: [KnownLanguage.javascript], @@ -1717,14 +1677,12 @@ test.serial( memoryFlagValue: 3072, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.InsufficientResources, + disabledReason: OverlayDisabledReason.InsufficientMemory, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay analysis on PR if memory flag is too low but CodeQL >= 2.24.3", { languages: [KnownLanguage.javascript], @@ -1743,7 +1701,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay analysis on PR if memory flag is too low and skip resource checks flag is enabled", { languages: [KnownLanguage.javascript], @@ -1762,7 +1720,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR when code-scanning feature enabled with disable-default-queries", { languages: [KnownLanguage.javascript], @@ -1776,14 +1734,12 @@ test.serial( isPullRequest: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.NonDefaultQueries, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR when code-scanning feature enabled with packs", { languages: [KnownLanguage.javascript], @@ -1797,14 +1753,12 @@ test.serial( isPullRequest: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.NonDefaultQueries, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR when code-scanning feature enabled with queries", { languages: [KnownLanguage.javascript], @@ -1818,14 +1772,12 @@ test.serial( isPullRequest: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.NonDefaultQueries, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR when code-scanning feature enabled with query-filters", { languages: [KnownLanguage.javascript], @@ -1839,14 +1791,12 @@ test.serial( isPullRequest: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.NonDefaultQueries, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR when only language-specific feature enabled", { languages: [KnownLanguage.javascript], @@ -1854,14 +1804,12 @@ test.serial( isPullRequest: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.OverallFeatureNotEnabled, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR when only code-scanning feature enabled", { languages: [KnownLanguage.javascript], @@ -1869,14 +1817,12 @@ test.serial( isPullRequest: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.OverallFeatureNotEnabled, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay analysis on PR when language-specific feature disabled", { languages: [KnownLanguage.javascript], @@ -1884,14 +1830,12 @@ test.serial( isPullRequest: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.LanguageNotEnabled, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay PR analysis by env", { overlayDatabaseEnvVar: "overlay", @@ -1903,7 +1847,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay PR analysis by env on a runner with low disk space", { overlayDatabaseEnvVar: "overlay", @@ -1916,7 +1860,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay PR analysis by feature flag", { languages: [KnownLanguage.javascript], @@ -1930,7 +1874,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Fallback due to autobuild with traced language", { overlayDatabaseEnvVar: "overlay", @@ -1938,14 +1882,12 @@ test.serial( languages: [KnownLanguage.java], }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, disabledReason: OverlayDisabledReason.IncompatibleBuildMode, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Fallback due to no build mode with traced language", { overlayDatabaseEnvVar: "overlay", @@ -1953,70 +1895,60 @@ test.serial( languages: [KnownLanguage.java], }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, disabledReason: OverlayDisabledReason.IncompatibleBuildMode, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Fallback due to old CodeQL version", { overlayDatabaseEnvVar: "overlay", codeqlVersion: "2.14.0", }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, disabledReason: OverlayDisabledReason.IncompatibleCodeQl, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Fallback due to missing git root", { overlayDatabaseEnvVar: "overlay", gitRoot: undefined, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, disabledReason: OverlayDisabledReason.NoGitRoot, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Fallback due to old git version", { overlayDatabaseEnvVar: "overlay", gitVersion: new GitVersionInfo("2.30.0", "2.30.0"), // Version below required 2.38.0 }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, disabledReason: OverlayDisabledReason.IncompatibleGit, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Fallback when git version cannot be determined", { overlayDatabaseEnvVar: "overlay", gitVersion: undefined, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, disabledReason: OverlayDisabledReason.IncompatibleGit, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "No overlay when disabled via repository property", { languages: [KnownLanguage.javascript], @@ -2027,14 +1959,12 @@ test.serial( }, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, disabledReason: OverlayDisabledReason.DisabledByRepositoryProperty, }, ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Overlay not disabled when repository property is false", { languages: [KnownLanguage.javascript], @@ -2051,7 +1981,7 @@ test.serial( ); test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, "Environment variable override takes precedence over repository property", { overlayDatabaseEnvVar: "overlay", @@ -2068,7 +1998,7 @@ test.serial( // Exercise language-specific overlay analysis features code paths for (const language in KnownLanguage) { test.serial( - getOverlayDatabaseModeMacro, + checkOverlayEnablementMacro, `Check default overlay analysis feature for ${language}`, { languages: [language], @@ -2076,9 +2006,7 @@ for (const language in KnownLanguage) { isPullRequest: true, }, { - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: OverlayDisabledReason.FeatureNotEnabled, + disabledReason: OverlayDisabledReason.LanguageNotEnabled, }, ); } diff --git a/src/config-utils.ts b/src/config-utils.ts index 14274a723..b80586938 100644 --- a/src/config-utils.ts +++ b/src/config-utils.ts @@ -69,6 +69,9 @@ import { isInTestMode, joinAtMost, DiskUsage, + Result, + Success, + Failure, } from "./util"; /** @@ -653,14 +656,18 @@ const OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES: Record = { swift: Feature.OverlayAnalysisCodeScanningSwift, }; -async function isOverlayAnalysisFeatureEnabled( +/** + * Checks whether the overlay analysis feature is enabled for the given + * languages and configuration. + */ +async function checkOverlayAnalysisFeatureEnabled( features: FeatureEnablement, codeql: CodeQL, languages: Language[], codeScanningConfig: UserConfig, -): Promise { +): Promise> { if (!(await features.getValue(Feature.OverlayAnalysis, codeql))) { - return false; + return new Failure(OverlayDisabledReason.OverallFeatureNotEnabled); } let enableForCodeScanningOnly = false; for (const language of languages) { @@ -677,39 +684,35 @@ async function isOverlayAnalysisFeatureEnabled( enableForCodeScanningOnly = true; continue; } - return false; + return new Failure(OverlayDisabledReason.LanguageNotEnabled); } if (enableForCodeScanningOnly) { // A code-scanning configuration runs only the (default) code-scanning suite // if the default queries are not disabled, and no packs, queries, or // query-filters are specified. - return ( + const usesDefaultQueriesOnly = codeScanningConfig["disable-default-queries"] !== true && codeScanningConfig.packs === undefined && codeScanningConfig.queries === undefined && - codeScanningConfig["query-filters"] === undefined - ); + codeScanningConfig["query-filters"] === undefined; + if (!usesDefaultQueriesOnly) { + return new Failure(OverlayDisabledReason.NonDefaultQueries); + } } - return true; + return new Success(undefined); } /** Checks if the runner has enough disk space for overlay analysis. */ function runnerHasSufficientDiskSpace( - diskUsage: DiskUsage | undefined, + diskUsage: DiskUsage, logger: Logger, useV2ResourceChecks: boolean, ): boolean { const minimumDiskSpaceBytes = useV2ResourceChecks ? OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_V2_BYTES : OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES; - if ( - diskUsage === undefined || - diskUsage.numAvailableBytes < minimumDiskSpaceBytes - ) { - const diskSpaceMb = - diskUsage === undefined - ? 0 - : Math.round(diskUsage.numAvailableBytes / 1_000_000); + if (diskUsage.numAvailableBytes < minimumDiskSpaceBytes) { + const diskSpaceMb = Math.round(diskUsage.numAvailableBytes / 1_000_000); const minimumDiskSpaceMb = Math.round(minimumDiskSpaceBytes / 1_000_000); logger.info( `Setting overlay database mode to ${OverlayDatabaseMode.None} ` + @@ -754,23 +757,28 @@ async function runnerHasSufficientMemory( } /** - * Checks if the runner supports overlay analysis based on available disk space - * and the maximum memory CodeQL will be allowed to use. + * Checks if the runner has sufficient disk space and memory for overlay + * analysis. */ -async function runnerSupportsOverlayAnalysis( +async function checkRunnerResources( codeql: CodeQL, - diskUsage: DiskUsage | undefined, + diskUsage: DiskUsage, ramInput: string | undefined, logger: Logger, useV2ResourceChecks: boolean, -): Promise { +): Promise> { if (!runnerHasSufficientDiskSpace(diskUsage, logger, useV2ResourceChecks)) { - return false; + return new Failure(OverlayDisabledReason.InsufficientDiskSpace); } if (!(await runnerHasSufficientMemory(codeql, ramInput, logger))) { - return false; + return new Failure(OverlayDisabledReason.InsufficientMemory); } - return true; + return new Success(undefined); +} + +interface EnabledOverlayConfig { + overlayDatabaseMode: Exclude; + useOverlayDatabaseCaching: boolean; } /** @@ -791,10 +799,11 @@ async function runnerSupportsOverlayAnalysis( * For `Overlay` and `OverlayBase`, the function performs further checks and * reverts to `None` if any check should fail. * - * @returns An object containing the overlay database mode and whether the - * action should perform overlay-base database caching. + * @returns A `Success` containing the overlay database mode and whether the + * action should perform overlay-base database caching, or a `Failure` + * containing the reason why overlay analysis is disabled. */ -export async function getOverlayDatabaseMode( +export async function checkOverlayEnablement( codeql: CodeQL, features: FeatureEnablement, languages: Language[], @@ -805,15 +814,7 @@ export async function getOverlayDatabaseMode( repositoryProperties: RepositoryProperties, gitVersion: GitVersionInfo | undefined, logger: Logger, -): Promise<{ - overlayDatabaseMode: OverlayDatabaseMode; - useOverlayDatabaseCaching: boolean; - disabledReason: OverlayDisabledReason | undefined; -}> { - let overlayDatabaseMode = OverlayDatabaseMode.None; - let useOverlayDatabaseCaching = false; - let disabledReason: OverlayDisabledReason | undefined; - +): Promise> { const modeEnv = process.env.CODEQL_OVERLAY_DATABASE_MODE; // Any unrecognized CODEQL_OVERLAY_DATABASE_MODE value will be ignored and // treated as if the environment variable was not set. @@ -822,101 +823,132 @@ export async function getOverlayDatabaseMode( modeEnv === OverlayDatabaseMode.OverlayBase || modeEnv === OverlayDatabaseMode.None ) { - overlayDatabaseMode = modeEnv; logger.info( - `Setting overlay database mode to ${overlayDatabaseMode} ` + + `Setting overlay database mode to ${modeEnv} ` + "from the CODEQL_OVERLAY_DATABASE_MODE environment variable.", ); - } else if ( - repositoryProperties[RepositoryPropertyName.DISABLE_OVERLAY] === true - ) { + if (modeEnv === OverlayDatabaseMode.None) { + return new Failure(OverlayDisabledReason.DisabledByEnvironmentVariable); + } + return validateOverlayDatabaseMode( + modeEnv, + false, + codeql, + languages, + sourceRoot, + buildMode, + gitVersion, + logger, + ); + } + + if (repositoryProperties[RepositoryPropertyName.DISABLE_OVERLAY] === true) { logger.info( `Setting overlay database mode to ${OverlayDatabaseMode.None} ` + `because the ${RepositoryPropertyName.DISABLE_OVERLAY} repository property is set to true.`, ); - overlayDatabaseMode = OverlayDatabaseMode.None; - disabledReason = OverlayDisabledReason.DisabledByRepositoryProperty; - } else if ( - await isOverlayAnalysisFeatureEnabled( - features, - codeql, - languages, - codeScanningConfig, - ) + return new Failure(OverlayDisabledReason.DisabledByRepositoryProperty); + } + + const featureResult = await checkOverlayAnalysisFeatureEnabled( + features, + codeql, + languages, + codeScanningConfig, + ); + if (featureResult.isFailure()) { + return featureResult; + } + + const performResourceChecks = !(await features.getValue( + Feature.OverlayAnalysisSkipResourceChecks, + codeql, + )); + const useV2ResourceChecks = await features.getValue( + Feature.OverlayAnalysisResourceChecksV2, + ); + const checkOverlayStatus = await features.getValue( + Feature.OverlayAnalysisStatusCheck, + ); + const needDiskUsage = performResourceChecks || checkOverlayStatus; + const diskUsage = needDiskUsage ? await checkDiskUsage(logger) : undefined; + if (needDiskUsage && diskUsage === undefined) { + logger.warning( + `Unable to determine disk usage, therefore setting overlay database mode to ${OverlayDatabaseMode.None}.`, + ); + return new Failure(OverlayDisabledReason.UnableToDetermineDiskUsage); + } + const resourceResult = + performResourceChecks && diskUsage !== undefined + ? await checkRunnerResources( + codeql, + diskUsage, + ramInput, + logger, + useV2ResourceChecks, + ) + : new Success(undefined); + if (resourceResult.isFailure()) { + return resourceResult; + } + if ( + checkOverlayStatus && + diskUsage !== undefined && + (await shouldSkipOverlayAnalysis(codeql, languages, diskUsage, logger)) ) { - const performResourceChecks = !(await features.getValue( - Feature.OverlayAnalysisSkipResourceChecks, - codeql, - )); - const useV2ResourceChecks = await features.getValue( - Feature.OverlayAnalysisResourceChecksV2, + logger.info( + `Setting overlay database mode to ${OverlayDatabaseMode.None} ` + + "because overlay analysis previously failed with this combination of languages, " + + "disk space, and CodeQL version.", ); - const checkOverlayStatus = await features.getValue( - Feature.OverlayAnalysisStatusCheck, + return new Failure(OverlayDisabledReason.SkippedDueToCachedStatus); + } + + let overlayDatabaseMode: OverlayDatabaseMode; + if (isAnalyzingPullRequest()) { + overlayDatabaseMode = OverlayDatabaseMode.Overlay; + logger.info( + `Setting overlay database mode to ${overlayDatabaseMode} ` + + "with caching because we are analyzing a pull request.", + ); + } else if (await isAnalyzingDefaultBranch()) { + overlayDatabaseMode = OverlayDatabaseMode.OverlayBase; + logger.info( + `Setting overlay database mode to ${overlayDatabaseMode} ` + + "with caching because we are analyzing the default branch.", ); - const diskUsage = - performResourceChecks || checkOverlayStatus - ? await checkDiskUsage(logger) - : undefined; - if ( - performResourceChecks && - !(await runnerSupportsOverlayAnalysis( - codeql, - diskUsage, - ramInput, - logger, - useV2ResourceChecks, - )) - ) { - overlayDatabaseMode = OverlayDatabaseMode.None; - disabledReason = OverlayDisabledReason.InsufficientResources; - } else if (checkOverlayStatus && diskUsage === undefined) { - logger.warning( - `Unable to determine disk usage, therefore setting overlay database mode to ${OverlayDatabaseMode.None}.`, - ); - overlayDatabaseMode = OverlayDatabaseMode.None; - disabledReason = OverlayDisabledReason.UnableToDetermineDiskUsage; - } else if ( - checkOverlayStatus && - diskUsage && - (await shouldSkipOverlayAnalysis(codeql, languages, diskUsage, logger)) - ) { - logger.info( - `Setting overlay database mode to ${OverlayDatabaseMode.None} ` + - "because overlay analysis previously failed with this combination of languages, " + - "disk space, and CodeQL version.", - ); - overlayDatabaseMode = OverlayDatabaseMode.None; - disabledReason = OverlayDisabledReason.SkippedDueToCachedStatus; - } else if (isAnalyzingPullRequest()) { - overlayDatabaseMode = OverlayDatabaseMode.Overlay; - useOverlayDatabaseCaching = true; - logger.info( - `Setting overlay database mode to ${overlayDatabaseMode} ` + - "with caching because we are analyzing a pull request.", - ); - } else if (await isAnalyzingDefaultBranch()) { - overlayDatabaseMode = OverlayDatabaseMode.OverlayBase; - useOverlayDatabaseCaching = true; - logger.info( - `Setting overlay database mode to ${overlayDatabaseMode} ` + - "with caching because we are analyzing the default branch.", - ); - } } else { - disabledReason = OverlayDisabledReason.FeatureNotEnabled; + return new Failure(OverlayDisabledReason.NotPullRequestOrDefaultBranch); } - const disabledResult = (reason: OverlayDisabledReason | undefined) => ({ - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - disabledReason: reason, - }); - - if (overlayDatabaseMode === OverlayDatabaseMode.None) { - return disabledResult(disabledReason); - } + return validateOverlayDatabaseMode( + overlayDatabaseMode, + true, + codeql, + languages, + sourceRoot, + buildMode, + gitVersion, + logger, + ); +} +/** + * Validates that the given overlay database mode is compatible with the current + * configuration (build mode, CodeQL version, git repository, git version). Returns + * the mode unchanged if all checks pass, or falls back to `None` with the + * appropriate disabled reason. + */ +async function validateOverlayDatabaseMode( + overlayDatabaseMode: Exclude, + useOverlayDatabaseCaching: boolean, + codeql: CodeQL, + languages: Language[], + sourceRoot: string, + buildMode: BuildMode | undefined, + gitVersion: GitVersionInfo | undefined, + logger: Logger, +): Promise> { if ( buildMode !== BuildMode.None && ( @@ -937,7 +969,7 @@ export async function getOverlayDatabaseMode( `build-mode is set to "${buildMode}" instead of "none". ` + "Falling back to creating a normal full database instead.", ); - return disabledResult(OverlayDisabledReason.IncompatibleBuildMode); + return new Failure(OverlayDisabledReason.IncompatibleBuildMode); } if (!(await codeQlVersionAtLeast(codeql, CODEQL_OVERLAY_MINIMUM_VERSION))) { logger.warning( @@ -945,7 +977,7 @@ export async function getOverlayDatabaseMode( `the CodeQL CLI is older than ${CODEQL_OVERLAY_MINIMUM_VERSION}. ` + "Falling back to creating a normal full database instead.", ); - return disabledResult(OverlayDisabledReason.IncompatibleCodeQl); + return new Failure(OverlayDisabledReason.IncompatibleCodeQl); } if ((await getGitRoot(sourceRoot)) === undefined) { logger.warning( @@ -953,7 +985,7 @@ export async function getOverlayDatabaseMode( `the source root "${sourceRoot}" is not inside a git repository. ` + "Falling back to creating a normal full database instead.", ); - return disabledResult(OverlayDisabledReason.NoGitRoot); + return new Failure(OverlayDisabledReason.NoGitRoot); } if (gitVersion === undefined) { logger.warning( @@ -961,7 +993,7 @@ export async function getOverlayDatabaseMode( "the Git version could not be determined. " + "Falling back to creating a normal full database instead.", ); - return disabledResult(OverlayDisabledReason.IncompatibleGit); + return new Failure(OverlayDisabledReason.IncompatibleGit); } if (!gitVersion.isAtLeast(GIT_MINIMUM_VERSION_FOR_OVERLAY)) { logger.warning( @@ -969,14 +1001,13 @@ export async function getOverlayDatabaseMode( `the installed Git version is older than ${GIT_MINIMUM_VERSION_FOR_OVERLAY}. ` + "Falling back to creating a normal full database instead.", ); - return disabledResult(OverlayDisabledReason.IncompatibleGit); + return new Failure(OverlayDisabledReason.IncompatibleGit); } - return { + return new Success({ overlayDatabaseMode, useOverlayDatabaseCaching, - disabledReason, - }; + }); } function dbLocationOrDefault( @@ -1122,11 +1153,7 @@ export async function initConfig( // and queries, which in turn depends on the user config and the augmentation // properties. So we need to calculate the overlay database mode after the // rest of the config has been populated. - const { - overlayDatabaseMode, - useOverlayDatabaseCaching, - disabledReason: overlayDisabledReason, - } = await getOverlayDatabaseMode( + const overlayDatabaseModeResult = await checkOverlayEnablement( inputs.codeql, inputs.features, config.languages, @@ -1138,14 +1165,22 @@ export async function initConfig( gitVersion, logger, ); - logger.info( - `Using overlay database mode: ${overlayDatabaseMode} ` + - `${useOverlayDatabaseCaching ? "with" : "without"} caching.`, - ); - config.overlayDatabaseMode = overlayDatabaseMode; - config.useOverlayDatabaseCaching = useOverlayDatabaseCaching; - - if (overlayDisabledReason !== undefined) { + if (overlayDatabaseModeResult.isSuccess()) { + const { overlayDatabaseMode, useOverlayDatabaseCaching } = + overlayDatabaseModeResult.value; + logger.info( + `Using overlay database mode: ${overlayDatabaseMode} ` + + `${useOverlayDatabaseCaching ? "with" : "without"} caching.`, + ); + config.overlayDatabaseMode = overlayDatabaseMode; + config.useOverlayDatabaseCaching = useOverlayDatabaseCaching; + } else { + const overlayDisabledReason = overlayDatabaseModeResult.value; + logger.info( + `Using overlay database mode: ${OverlayDatabaseMode.None} without caching.`, + ); + config.overlayDatabaseMode = OverlayDatabaseMode.None; + config.useOverlayDatabaseCaching = false; await addOverlayDisablementDiagnostics( config, inputs.codeql, @@ -1154,7 +1189,7 @@ export async function initConfig( } if ( - overlayDatabaseMode === OverlayDatabaseMode.Overlay || + config.overlayDatabaseMode === OverlayDatabaseMode.Overlay || (await shouldPerformDiffInformedAnalysis( inputs.codeql, inputs.features, diff --git a/src/defaults.json b/src/defaults.json index 94988f4cf..9b6ec84bd 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.24.2", - "cliVersion": "2.24.2", - "priorBundleVersion": "codeql-bundle-v2.24.1", - "priorCliVersion": "2.24.1" + "bundleVersion": "codeql-bundle-v2.24.3", + "cliVersion": "2.24.3", + "priorBundleVersion": "codeql-bundle-v2.24.2", + "priorCliVersion": "2.24.2" } diff --git a/src/feature-flags.ts b/src/feature-flags.ts index c77bd794f..c773ca9a4 100644 --- a/src/feature-flags.ts +++ b/src/feature-flags.ts @@ -87,7 +87,6 @@ export enum Feature { StartProxyRemoveUnusedRegistries = "start_proxy_remove_unused_registries", StartProxyUseFeaturesRelease = "start_proxy_use_features_release", UploadOverlayDbToApi = "upload_overlay_db_to_api", - UseRepositoryProperties = "use_repository_properties_v2", ValidateDbConfig = "validate_db_config", } @@ -352,11 +351,6 @@ export const featureConfig = { minimumVersion: undefined, toolsFeature: ToolsFeature.BundleSupportsOverlay, }, - [Feature.UseRepositoryProperties]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: undefined, - }, [Feature.ValidateDbConfig]: { defaultValue: false, envVar: "CODEQL_ACTION_VALIDATE_DB_CONFIG", diff --git a/src/feature-flags/properties.test.ts b/src/feature-flags/properties.test.ts index afe936932..a468b3349 100644 --- a/src/feature-flags/properties.test.ts +++ b/src/feature-flags/properties.test.ts @@ -5,7 +5,6 @@ import * as api from "../api-client"; import { getRunnerLogger } from "../logging"; import { parseRepositoryNwo } from "../repository"; import { setupTests } from "../testing-utils"; -import * as util from "../util"; import * as properties from "./properties"; @@ -23,13 +22,7 @@ test.serial( const logger = getRunnerLogger(true); const mockRepositoryNwo = parseRepositoryNwo("owner/repo"); await t.throwsAsync( - properties.loadPropertiesFromApi( - { - type: util.GitHubVariant.DOTCOM, - }, - logger, - mockRepositoryNwo, - ), + properties.loadPropertiesFromApi(logger, mockRepositoryNwo), { message: /Expected repository properties API to return an array/, }, @@ -38,7 +31,7 @@ test.serial( ); test.serial( - "loadPropertiesFromApi throws if response data contains unexpected objects", + "loadPropertiesFromApi throws if response data contains objects without `property_name`", async (t) => { sinon.stub(api, "getRepositoryProperties").resolves({ headers: {}, @@ -49,13 +42,7 @@ test.serial( const logger = getRunnerLogger(true); const mockRepositoryNwo = parseRepositoryNwo("owner/repo"); await t.throwsAsync( - properties.loadPropertiesFromApi( - { - type: util.GitHubVariant.DOTCOM, - }, - logger, - mockRepositoryNwo, - ), + properties.loadPropertiesFromApi(logger, mockRepositoryNwo), { message: /Expected repository property object to have a 'property_name'/, @@ -65,28 +52,22 @@ test.serial( ); test.serial( - "loadPropertiesFromApi returns empty object if on GHES", + "loadPropertiesFromApi does not throw for unexpected value types of unknown properties", async (t) => { sinon.stub(api, "getRepositoryProperties").resolves({ headers: {}, status: 200, url: "", data: [ - { property_name: "github-codeql-extra-queries", value: "+queries" }, - { property_name: "unknown-property", value: "something" }, - ] satisfies properties.GitHubPropertiesResponse, + { property_name: "not-used-by-us", value: { foo: "bar" } }, + { property_name: "also-not-used-by-us", value: ["A", "B", "C"] }, + ], }); const logger = getRunnerLogger(true); const mockRepositoryNwo = parseRepositoryNwo("owner/repo"); - const response = await properties.loadPropertiesFromApi( - { - type: util.GitHubVariant.GHES, - version: "", - }, - logger, - mockRepositoryNwo, + await t.notThrowsAsync( + properties.loadPropertiesFromApi(logger, mockRepositoryNwo), ); - t.deepEqual(response, {}); }, ); @@ -103,9 +84,6 @@ test.serial("loadPropertiesFromApi loads known properties", async (t) => { const logger = getRunnerLogger(true); const mockRepositoryNwo = parseRepositoryNwo("owner/repo"); const response = await properties.loadPropertiesFromApi( - { - type: util.GitHubVariant.DOTCOM, - }, logger, mockRepositoryNwo, ); @@ -129,9 +107,6 @@ test.serial("loadPropertiesFromApi parses true boolean property", async (t) => { const warningSpy = sinon.spy(logger, "warning"); const mockRepositoryNwo = parseRepositoryNwo("owner/repo"); const response = await properties.loadPropertiesFromApi( - { - type: util.GitHubVariant.DOTCOM, - }, logger, mockRepositoryNwo, ); @@ -160,9 +135,6 @@ test.serial( const warningSpy = sinon.spy(logger, "warning"); const mockRepositoryNwo = parseRepositoryNwo("owner/repo"); const response = await properties.loadPropertiesFromApi( - { - type: util.GitHubVariant.DOTCOM, - }, logger, mockRepositoryNwo, ); @@ -174,7 +146,7 @@ test.serial( ); test.serial( - "loadPropertiesFromApi throws if property value is not a string", + "loadPropertiesFromApi throws if known property value is not a string", async (t) => { sinon.stub(api, "getRepositoryProperties").resolves({ headers: {}, @@ -185,16 +157,10 @@ test.serial( const logger = getRunnerLogger(true); const mockRepositoryNwo = parseRepositoryNwo("owner/repo"); await t.throwsAsync( - properties.loadPropertiesFromApi( - { - type: util.GitHubVariant.DOTCOM, - }, - logger, - mockRepositoryNwo, - ), + properties.loadPropertiesFromApi(logger, mockRepositoryNwo), { message: - /Expected repository property 'github-codeql-extra-queries' to have a string value/, + /Unexpected value for repository property 'github-codeql-extra-queries' \(number\), got: 123/, }, ); }, @@ -218,9 +184,6 @@ test.serial( const warningSpy = sinon.spy(logger, "warning"); const mockRepositoryNwo = parseRepositoryNwo("owner/repo"); const response = await properties.loadPropertiesFromApi( - { - type: util.GitHubVariant.DOTCOM, - }, logger, mockRepositoryNwo, ); diff --git a/src/feature-flags/properties.ts b/src/feature-flags/properties.ts index 3b55fcb6a..7c339e3f3 100644 --- a/src/feature-flags/properties.ts +++ b/src/feature-flags/properties.ts @@ -1,7 +1,6 @@ import { getRepositoryProperties } from "../api-client"; import { Logger } from "../logging"; import { RepositoryNwo } from "../repository"; -import { GitHubVariant, GitHubVersion } from "../util"; /** * Enumerates repository property names that have some meaning to us. @@ -12,7 +11,7 @@ export enum RepositoryPropertyName { } /** Parsed types of the known repository properties. */ -type AllRepositoryProperties = { +export type AllRepositoryProperties = { [RepositoryPropertyName.DISABLE_OVERLAY]: boolean; [RepositoryPropertyName.EXTRA_QUERIES]: string; }; @@ -20,16 +19,56 @@ type AllRepositoryProperties = { /** Parsed repository properties. */ export type RepositoryProperties = Partial; +/** Maps known repository properties to the type we expect to get from the API. */ +export type RepositoryPropertyApiType = { + [RepositoryPropertyName.DISABLE_OVERLAY]: string; + [RepositoryPropertyName.EXTRA_QUERIES]: string; +}; + +/** The type of functions which take the `value` from the API and try to convert it to the type we want. */ +export type PropertyParser = ( + name: K, + value: RepositoryPropertyApiType[K], + logger: Logger, +) => AllRepositoryProperties[K]; + +/** Possible types of `value`s we get from the API. */ +export type RepositoryPropertyValue = string | string[]; + +/** The type of repository property configurations. */ +export type PropertyInfo = { + /** A validator which checks that the value received from the API is what we expect. */ + validate: ( + value: RepositoryPropertyValue, + ) => value is RepositoryPropertyApiType[K]; + /** A `PropertyParser` for the property. */ + parse: PropertyParser; +}; + +/** Determines whether a value from the API is a string or not. */ +function isString(value: RepositoryPropertyValue): value is string { + return typeof value === "string"; +} + +/** A repository property that we expect to contain a string value. */ +const stringProperty = { + validate: isString, + parse: parseStringRepositoryProperty, +}; + +/** A repository property that we expect to contain a boolean value. */ +const booleanProperty = { + // The value from the API should come as a string, which we then parse into a boolean. + validate: isString, + parse: parseBooleanRepositoryProperty, +}; + /** Parsers that transform repository properties from the API response into typed values. */ const repositoryPropertyParsers: { - [K in RepositoryPropertyName]: ( - name: K, - value: string, - logger: Logger, - ) => AllRepositoryProperties[K]; + [K in RepositoryPropertyName]: PropertyInfo; } = { - [RepositoryPropertyName.DISABLE_OVERLAY]: parseBooleanRepositoryProperty, - [RepositoryPropertyName.EXTRA_QUERIES]: parseStringRepositoryProperty, + [RepositoryPropertyName.DISABLE_OVERLAY]: booleanProperty, + [RepositoryPropertyName.EXTRA_QUERIES]: stringProperty, }; /** @@ -37,7 +76,7 @@ const repositoryPropertyParsers: { */ export interface GitHubRepositoryProperty { property_name: string; - value: string; + value: RepositoryPropertyValue; } /** @@ -53,16 +92,9 @@ export type GitHubPropertiesResponse = GitHubRepositoryProperty[]; * @returns Returns a partial mapping from `RepositoryPropertyName` to values. */ export async function loadPropertiesFromApi( - gitHubVersion: GitHubVersion, logger: Logger, repositoryNwo: RepositoryNwo, ): Promise { - // TODO: To be safe for now; later we should replace this with a version check once we know - // which version of GHES we expect this to be supported by. - if (gitHubVersion.type === GitHubVariant.GHES) { - return {}; - } - try { const response = await getRepositoryProperties(repositoryNwo); const remoteProperties = response.data as GitHubPropertiesResponse; @@ -85,12 +117,6 @@ export async function loadPropertiesFromApi( ); } - if (typeof property.value !== "string") { - throw new Error( - `Expected repository property '${property.property_name}' to have a string value, but got: ${JSON.stringify(property)}`, - ); - } - if (isKnownPropertyName(property.property_name)) { setProperty(properties, property.property_name, property.value, logger); } @@ -117,14 +143,30 @@ export async function loadPropertiesFromApi( } } -/** Update the partial set of repository properties with the parsed value of the specified property. */ +/** + * Validate that `value` has the correct type for `K` and, if so, update the partial set of repository + * properties with the parsed value of the specified property. + */ function setProperty( properties: RepositoryProperties, name: K, - value: string, + value: RepositoryPropertyValue, logger: Logger, ): void { - properties[name] = repositoryPropertyParsers[name](name, value, logger); + const propertyOptions = repositoryPropertyParsers[name]; + + // We perform the validation here for two reasons: + // 1. This function is only called if `name` is a property we care about, to avoid throwing + // on unrelated properties that may use representations we do not support. + // 2. The `propertyOptions.validate` function checks that the type of `value` we received from + // the API is what expect and narrows the type accordingly, allowing us to call `parse`. + if (propertyOptions.validate(value)) { + properties[name] = propertyOptions.parse(name, value, logger); + } else { + throw new Error( + `Unexpected value for repository property '${name}' (${typeof value}), got: ${JSON.stringify(value)}`, + ); + } } /** Parse a boolean repository property. */ diff --git a/src/init-action.ts b/src/init-action.ts index 7bd749e82..f7d9d52eb 100644 --- a/src/init-action.ts +++ b/src/init-action.ts @@ -93,7 +93,6 @@ import { checkActionVersion, getErrorMessage, BuildMode, - GitHubVersion, Result, getOptionalEnvVar, Success, @@ -250,8 +249,6 @@ async function run(startedAt: Date) { // Fetch the values of known repository properties that affect us. const repositoryPropertiesResult = await loadRepositoryProperties( repositoryNwo, - gitHubVersion, - features, logger, ); @@ -820,8 +817,6 @@ async function run(startedAt: Date) { */ async function loadRepositoryProperties( repositoryNwo: RepositoryNwo, - gitHubVersion: GitHubVersion, - features: FeatureEnablement, logger: Logger, ): Promise> { // See if we can skip loading repository properties early. In particular, @@ -839,17 +834,8 @@ async function loadRepositoryProperties( return new Success({}); } - if (!(await features.getValue(Feature.UseRepositoryProperties))) { - logger.debug( - "Skipping loading repository properties because the UseRepositoryProperties feature flag is disabled.", - ); - return new Success({}); - } - try { - return new Success( - await loadPropertiesFromApi(gitHubVersion, logger, repositoryNwo), - ); + return new Success(await loadPropertiesFromApi(logger, repositoryNwo)); } catch (error) { logger.warning( `Failed to load repository properties: ${getErrorMessage(error)}`, diff --git a/src/overlay/diagnostics.ts b/src/overlay/diagnostics.ts index abf3c24a7..6bc11a73f 100644 --- a/src/overlay/diagnostics.ts +++ b/src/overlay/diagnostics.ts @@ -10,20 +10,35 @@ import { RepositoryPropertyName } from "../feature-flags/properties"; /** Reason why overlay analysis was disabled. */ export enum OverlayDisabledReason { + /** Overlay analysis was disabled by the CODEQL_OVERLAY_DATABASE_MODE environment variable being set to "none". */ + DisabledByEnvironmentVariable = "disabled-by-environment-variable", /** Overlay analysis was disabled by a repository property. */ DisabledByRepositoryProperty = "disabled-by-repository-property", - /** Overlay analysis feature was not enabled. */ - FeatureNotEnabled = "feature-not-enabled", /** The build mode is incompatible with overlay analysis. */ IncompatibleBuildMode = "incompatible-build-mode", /** The CodeQL CLI version is too old to support overlay analysis. */ IncompatibleCodeQl = "incompatible-codeql", /** The Git version could not be determined or is too old. */ IncompatibleGit = "incompatible-git", - /** The runner does not have enough disk space or memory. */ - InsufficientResources = "insufficient-resources", + /** The runner does not have enough disk space to perform overlay analysis. */ + InsufficientDiskSpace = "insufficient-disk-space", + /** The runner does not have enough memory to perform overlay analysis. */ + InsufficientMemory = "insufficient-memory", + /** Overlay analysis is not enabled for one or more of the configured languages. */ + LanguageNotEnabled = "language-not-enabled", /** The source root is not inside a git repository. */ NoGitRoot = "no-git-root", + /** + * For one or more of the configured languages, overlay analysis is only + * enabled when using the default query suite, but the config customises the + * queries by disabling default queries, specifying custom queries or packs, + * or adding query filters. + */ + NonDefaultQueries = "non-default-queries", + /** We are not analyzing a pull request or the default branch. */ + NotPullRequestOrDefaultBranch = "not-pull-request-or-default-branch", + /** The top-level overlay analysis feature flag is not enabled. */ + OverallFeatureNotEnabled = "overall-feature-not-enabled", /** Overlay analysis was skipped because it previously failed with similar hardware resources. */ SkippedDueToCachedStatus = "skipped-due-to-cached-status", /** Disk usage could not be determined during the overlay status check. */