Merge pull request #3074 from github/mbg/cq/hardcode-quality-queries

Hard-code quality queries

init/action.yml

@@ -97,7 +97,7 @@ inputs:
     description: Comma-separated list of additional queries to run. By default, this overrides the same setting in a configuration file; prefix with "+" to use both sets of queries.
     required: false
   quality-queries:
-    description: '[Internal] Comma-separated list of code quality queries to run.'
+    description: '[Internal] DEPRECATED. Comma-separated list of code quality queries to run.'
     required: false
   packs:
     description: >-

lib/analyze-action-post.js

@@ -117926,7 +117926,6 @@ var defaultAugmentationProperties = {
   packsInputCombines: false,
   packsInput: void 0,
   queriesInput: void 0,
-  qualityQueriesInput: void 0,
   extraQueryExclusions: [],
   overlayDatabaseMode: "none" /* None */,
   useOverlayDatabaseCaching: false

lib/analyze-action.js

@@ -90121,6 +90121,15 @@ var path16 = __toESM(require("path"));
 var import_perf_hooks2 = require("perf_hooks");
 var io5 = __toESM(require_io());
 
+// src/analyses.ts
+var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
+  AnalysisKind2["CodeScanning"] = "code-scanning";
+  AnalysisKind2["CodeQuality"] = "code-quality";
+  return AnalysisKind2;
+})(AnalysisKind || {});
+var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
+var codeQualityQueries = ["code-quality"];
+
 // src/api-client.ts
 var core5 = __toESM(require_core());
 var githubUtils = __toESM(require_utils4());
@@ -90528,14 +90537,6 @@ var fs9 = __toESM(require("fs"));
 var path10 = __toESM(require("path"));
 var semver4 = __toESM(require_semver2());
 
-// src/analyses.ts
-var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
-  AnalysisKind2["CodeScanning"] = "code-scanning";
-  AnalysisKind2["CodeQuality"] = "code-quality";
-  return AnalysisKind2;
-})(AnalysisKind || {});
-var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
-
 // src/caching-utils.ts
 var core6 = __toESM(require_core());
 async function getTotalCacheSize(paths, logger, quiet = false) {
@@ -91546,7 +91547,6 @@ var defaultAugmentationProperties = {
   packsInputCombines: false,
   packsInput: void 0,
   queriesInput: void 0,
-  qualityQueriesInput: void 0,
   extraQueryExclusions: [],
   overlayDatabaseMode: "none" /* None */,
   useOverlayDatabaseCaching: false
@@ -93624,8 +93624,8 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
       const queries = [];
       if (isCodeQualityEnabled(config)) {
         queries.push(getGeneratedSuitePath(config, language));
-        for (const qualityQuery of config.augmentationProperties.qualityQueriesInput) {
-          queries.push(resolveQuerySuiteAlias(language, qualityQuery.uses));
+        for (const qualityQuery of codeQualityQueries) {
+          queries.push(resolveQuerySuiteAlias(language, qualityQuery));
         }
       }
       logger.startGroup(`Running queries for ${language}`);
@@ -93656,8 +93656,8 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
         );
         qualityAnalysisSummary = await runInterpretResults(
           language,
-          config.augmentationProperties.qualityQueriesInput.map(
-            (i) => resolveQuerySuiteAlias(language, i.uses)
+          codeQualityQueries.map(
+            (i) => resolveQuerySuiteAlias(language, i)
           ),
           qualitySarifFile,
           config.debugMode,

lib/autobuild-action.js

@@ -78928,7 +78928,6 @@ var defaultAugmentationProperties = {
   packsInputCombines: false,
   packsInput: void 0,
   queriesInput: void 0,
-  qualityQueriesInput: void 0,
   extraQueryExclusions: [],
   overlayDatabaseMode: "none" /* None */,
   useOverlayDatabaseCaching: false

lib/init-action-post.js

@@ -129525,7 +129525,6 @@ var defaultAugmentationProperties = {
   packsInputCombines: false,
   packsInput: void 0,
   queriesInput: void 0,
-  qualityQueriesInput: void 0,
   extraQueryExclusions: [],
   overlayDatabaseMode: "none" /* None */,
   useOverlayDatabaseCaching: false

lib/init-action.js

@@ -87121,7 +87121,6 @@ var defaultAugmentationProperties = {
   packsInputCombines: false,
   packsInput: void 0,
   queriesInput: void 0,
-  qualityQueriesInput: void 0,
   extraQueryExclusions: [],
   overlayDatabaseMode: "none" /* None */,
   useOverlayDatabaseCaching: false
@@ -87289,7 +87288,6 @@ async function getDefaultConfig({
   const augmentationProperties = await calculateAugmentation(
     packsInput,
     queriesInput,
-    qualityQueriesInput,
     languages
   );
   const { trapCaches, trapCacheDownloadTime } = await downloadCacheWithTime(
@@ -87341,7 +87339,7 @@ async function loadUserConfig(configFile, workspacePath, apiDetails, tempDir) {
     return await getRemoteConfig(configFile, apiDetails);
   }
 }
-async function calculateAugmentation(rawPacksInput, rawQueriesInput, rawQualityQueriesInput, languages) {
+async function calculateAugmentation(rawPacksInput, rawQueriesInput, languages) {
   const packsInputCombines = shouldCombine(rawPacksInput);
   const packsInput = parsePacksFromInput(
     rawPacksInput,
@@ -87353,16 +87351,11 @@ async function calculateAugmentation(rawPacksInput, rawQueriesInput, rawQualityQ
     rawQueriesInput,
     queriesInputCombines
   );
-  const qualityQueriesInput = parseQueriesFromInput(
-    rawQualityQueriesInput,
-    false
-  );
   return {
     packsInputCombines,
     packsInput: packsInput?.[languages[0]],
     queriesInput,
     queriesInputCombines,
-    qualityQueriesInput,
     extraQueryExclusions: [],
     overlayDatabaseMode: "none" /* None */,
     useOverlayDatabaseCaching: false
@@ -90342,11 +90335,17 @@ async function run() {
         logger.info("Experimental Rust analysis enabled");
       }
     }
+    const qualityQueriesInput = getOptionalInput("quality-queries");
+    if (qualityQueriesInput !== void 0) {
+      logger.warning(
+        "The `quality-queries` input is deprecated and will be removed in a future version of the CodeQL Action. Use the `analysis-kinds` input to configure different analysis kinds instead."
+      );
+    }
     config = await initConfig2({
       analysisKindsInput: getRequiredInput("analysis-kinds"),
       languagesInput: getOptionalInput("languages"),
       queriesInput: getOptionalInput("queries"),
-      qualityQueriesInput: getOptionalInput("quality-queries"),
+      qualityQueriesInput,
       packsInput: getOptionalInput("packs"),
       buildModeInput: getOptionalInput("build-mode"),
       configFile,

lib/resolve-environment-action.js

@@ -78655,7 +78655,6 @@ var defaultAugmentationProperties = {
   packsInputCombines: false,
   packsInput: void 0,
   queriesInput: void 0,
-  qualityQueriesInput: void 0,
   extraQueryExclusions: [],
   overlayDatabaseMode: "none" /* None */,
   useOverlayDatabaseCaching: false

lib/start-proxy-action-post.js

@@ -117335,7 +117335,6 @@ var defaultAugmentationProperties = {
   packsInputCombines: false,
   packsInput: void 0,
   queriesInput: void 0,
-  qualityQueriesInput: void 0,
   extraQueryExclusions: [],
   overlayDatabaseMode: "none" /* None */,
   useOverlayDatabaseCaching: false

lib/upload-lib.js

@@ -89372,7 +89372,6 @@ var defaultAugmentationProperties = {
   packsInputCombines: false,
   packsInput: void 0,
   queriesInput: void 0,
-  qualityQueriesInput: void 0,
   extraQueryExclusions: [],
   overlayDatabaseMode: "none" /* None */,
   useOverlayDatabaseCaching: false

lib/upload-sarif-action-post.js

@@ -117140,6 +117140,14 @@ var import_archiver = __toESM(require_archiver());
 // src/analyze.ts
 var io5 = __toESM(require_io());
 
+// src/analyses.ts
+var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
+  AnalysisKind2["CodeScanning"] = "code-scanning";
+  AnalysisKind2["CodeQuality"] = "code-quality";
+  return AnalysisKind2;
+})(AnalysisKind || {});
+var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
+
 // src/autobuild.ts
 var core11 = __toESM(require_core());
 
@@ -117283,14 +117291,6 @@ var cliErrorsConfig = {
 // src/config-utils.ts
 var semver4 = __toESM(require_semver2());
 
-// src/analyses.ts
-var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
-  AnalysisKind2["CodeScanning"] = "code-scanning";
-  AnalysisKind2["CodeQuality"] = "code-quality";
-  return AnalysisKind2;
-})(AnalysisKind || {});
-var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
-
 // src/caching-utils.ts
 var core6 = __toESM(require_core());
 
@@ -117500,7 +117500,6 @@ var defaultAugmentationProperties = {
   packsInputCombines: false,
   packsInput: void 0,
   queriesInput: void 0,
-  qualityQueriesInput: void 0,
   extraQueryExclusions: [],
   overlayDatabaseMode: "none" /* None */,
   useOverlayDatabaseCaching: false

lib/upload-sarif-action.js

@@ -90052,7 +90052,6 @@ var defaultAugmentationProperties = {
   packsInputCombines: false,
   packsInput: void 0,
   queriesInput: void 0,
-  qualityQueriesInput: void 0,
   extraQueryExclusions: [],
   overlayDatabaseMode: "none" /* None */,
   useOverlayDatabaseCaching: false

src/analyses.ts

@@ -38,3 +38,6 @@ export async function parseAnalysisKinds(
     new Set(components.map((component) => component as AnalysisKind)),
   );
 }
+
+/** The queries to use for Code Quality analyses. */
+export const codeQualityQueries: string[] = ["code-quality"];

src/analyze.ts

@@ -12,6 +12,7 @@ import {
   getTemporaryDirectory,
   PullRequestBranches,
 } from "./actions-util";
+import * as analyses from "./analyses";
 import { getApiClient } from "./api-client";
 import { setupCppAutobuild } from "./autobuild";
 import { type CodeQL } from "./codeql";
@@ -664,9 +665,8 @@ export async function runQueries(
       const queries: string[] = [];
       if (configUtils.isCodeQualityEnabled(config)) {
         queries.push(util.getGeneratedSuitePath(config, language));
-        for (const qualityQuery of config.augmentationProperties
-          .qualityQueriesInput) {
-          queries.push(resolveQuerySuiteAlias(language, qualityQuery.uses));
+        for (const qualityQuery of analyses.codeQualityQueries) {
+          queries.push(resolveQuerySuiteAlias(language, qualityQuery));
         }
       }
 
@@ -707,8 +707,8 @@ export async function runQueries(
         );
         qualityAnalysisSummary = await runInterpretResults(
           language,
-          config.augmentationProperties.qualityQueriesInput.map((i) =>
-            resolveQuerySuiteAlias(language, i.uses),
+          analyses.codeQualityQueries.map((i) =>
+            resolveQuerySuiteAlias(language, i),
           ),
           qualitySarifFile,
           config.debugMode,

src/config-utils.test.ts

@@ -763,7 +763,6 @@ const calculateAugmentationMacro = test.macro({
     _title: string,
     rawPacksInput: string | undefined,
     rawQueriesInput: string | undefined,
-    rawQualityQueriesInput: string | undefined,
     languages: Language[],
     expectedAugmentationProperties: configUtils.AugmentationProperties,
   ) => {
@@ -771,7 +770,6 @@ const calculateAugmentationMacro = test.macro({
       await configUtils.calculateAugmentation(
         rawPacksInput,
         rawQueriesInput,
-        rawQualityQueriesInput,
         languages,
       );
     t.deepEqual(actualAugmentationProperties, expectedAugmentationProperties);
@@ -784,7 +782,6 @@ test(
   "All empty",
   undefined,
   undefined,
-  undefined,
   [KnownLanguage.javascript],
   {
     ...configUtils.defaultAugmentationProperties,
@@ -796,7 +793,6 @@ test(
   "With queries",
   undefined,
   " a, b , c, d",
-  undefined,
   [KnownLanguage.javascript],
   {
     ...configUtils.defaultAugmentationProperties,
@@ -809,7 +805,6 @@ test(
   "With queries combining",
   undefined,
   "   +   a, b , c, d ",
-  undefined,
   [KnownLanguage.javascript],
   {
     ...configUtils.defaultAugmentationProperties,
@@ -818,49 +813,11 @@ test(
   },
 );
 
-test(
-  calculateAugmentationMacro,
-  "With quality queries",
-  undefined,
-  undefined,
-  " a, b , c, d",
-  [KnownLanguage.javascript],
-  {
-    ...configUtils.defaultAugmentationProperties,
-    qualityQueriesInput: [
-      { uses: "a" },
-      { uses: "b" },
-      { uses: "c" },
-      { uses: "d" },
-    ],
-  },
-);
-
-test(
-  calculateAugmentationMacro,
-  "With security and quality queries",
-  undefined,
-  " a, b , c, d",
-  "e, f , g,h",
-  [KnownLanguage.javascript],
-  {
-    ...configUtils.defaultAugmentationProperties,
-    queriesInput: [{ uses: "a" }, { uses: "b" }, { uses: "c" }, { uses: "d" }],
-    qualityQueriesInput: [
-      { uses: "e" },
-      { uses: "f" },
-      { uses: "g" },
-      { uses: "h" },
-    ],
-  },
-);
-
 test(
   calculateAugmentationMacro,
   "With packs",
   "   codeql/a , codeql/b   , codeql/c  , codeql/d  ",
   undefined,
-  undefined,
   [KnownLanguage.javascript],
   {
     ...configUtils.defaultAugmentationProperties,
@@ -873,7 +830,6 @@ test(
   "With packs combining",
   "   +   codeql/a, codeql/b, codeql/c, codeql/d",
   undefined,
-  undefined,
   [KnownLanguage.javascript],
   {
     ...configUtils.defaultAugmentationProperties,
@@ -888,7 +844,6 @@ const calculateAugmentationErrorMacro = test.macro({
     _title: string,
     rawPacksInput: string | undefined,
     rawQueriesInput: string | undefined,
-    rawQualityQueriesInput: string | undefined,
     languages: Language[],
     expectedError: RegExp | string,
   ) => {
@@ -897,7 +852,6 @@ const calculateAugmentationErrorMacro = test.macro({
         configUtils.calculateAugmentation(
           rawPacksInput,
           rawQueriesInput,
-          rawQualityQueriesInput,
           languages,
         ),
       { message: expectedError },
@@ -911,7 +865,6 @@ test(
   "Plus (+) with nothing else (queries)",
   undefined,
   "   +   ",
-  undefined,
   [KnownLanguage.javascript],
   /The workflow property "queries" is invalid/,
 );
@@ -921,7 +874,6 @@ test(
   "Plus (+) with nothing else (packs)",
   "   +   ",
   undefined,
-  undefined,
   [KnownLanguage.javascript],
   /The workflow property "packs" is invalid/,
 );
@@ -931,7 +883,6 @@ test(
   "Packs input with multiple languages",
   "   +  a/b, c/d ",
   undefined,
-  undefined,
   [KnownLanguage.javascript, KnownLanguage.java],
   /Cannot specify a 'packs' input in a multi-language analysis/,
 );
@@ -941,7 +892,6 @@ test(
   "Packs input with no languages",
   "   +  a/b, c/d ",
   undefined,
-  undefined,
   [],
   /No languages specified/,
 );
@@ -951,7 +901,6 @@ test(
   "Invalid packs",
   " a-pack-without-a-scope ",
   undefined,
-  undefined,
   [KnownLanguage.javascript],
   /"a-pack-without-a-scope" is not a valid pack/,
 );

src/config-utils.ts

@@ -183,11 +183,6 @@ export interface AugmentationProperties {
    */
   queriesInput?: Array<{ uses: string }>;
 
-  /**
-   * The quality queries input from the `with` block of the action declaration.
-   */
-  qualityQueriesInput?: Array<{ uses: string }>;
-
   /**
    * Whether or not the packs input combines with the packs in the config.
    */
@@ -230,7 +225,6 @@ export const defaultAugmentationProperties: AugmentationProperties = {
   packsInputCombines: false,
   packsInput: undefined,
   queriesInput: undefined,
-  qualityQueriesInput: undefined,
   extraQueryExclusions: [],
   overlayDatabaseMode: OverlayDatabaseMode.None,
   useOverlayDatabaseCaching: false,
@@ -567,7 +561,6 @@ export async function getDefaultConfig({
   const augmentationProperties = await calculateAugmentation(
     packsInput,
     queriesInput,
-    qualityQueriesInput,
     languages,
   );
 
@@ -661,7 +654,6 @@ async function loadUserConfig(
 export async function calculateAugmentation(
   rawPacksInput: string | undefined,
   rawQueriesInput: string | undefined,
-  rawQualityQueriesInput: string | undefined,
   languages: Language[],
 ): Promise<AugmentationProperties> {
   const packsInputCombines = shouldCombine(rawPacksInput);
@@ -676,17 +668,11 @@ export async function calculateAugmentation(
     queriesInputCombines,
   );
 
-  const qualityQueriesInput = parseQueriesFromInput(
-    rawQualityQueriesInput,
-    false,
-  );
-
   return {
     packsInputCombines,
     packsInput: packsInput?.[languages[0]],
     queriesInput,
     queriesInputCombines,
-    qualityQueriesInput,
     extraQueryExclusions: [],
     overlayDatabaseMode: OverlayDatabaseMode.None,
     useOverlayDatabaseCaching: false,
@@ -1492,8 +1478,6 @@ export function generateCodeScanningConfig(
 /**
  * Returns `true` if Code Quality analysis is enabled, or `false` if not.
  */
-export function isCodeQualityEnabled(config: Config): config is Config & {
-  augmentationProperties: { qualityQueriesInput: string };
-} {
+export function isCodeQualityEnabled(config: Config): boolean {
   return config.analysisKinds.includes(AnalysisKind.CodeQuality);
 }

src/init-action.ts

@@ -384,11 +384,21 @@ async function run() {
       }
     }
 
+    // Warn that `quality-queries` is deprecated if there is an argument for it.
+    const qualityQueriesInput = getOptionalInput("quality-queries");
+
+    if (qualityQueriesInput !== undefined) {
+      logger.warning(
+        "The `quality-queries` input is deprecated and will be removed in a future version of the CodeQL Action. " +
+          "Use the `analysis-kinds` input to configure different analysis kinds instead.",
+      );
+    }
+
     config = await initConfig({
       analysisKindsInput: getRequiredInput("analysis-kinds"),
       languagesInput: getOptionalInput("languages"),
       queriesInput: getOptionalInput("queries"),
-      qualityQueriesInput: getOptionalInput("quality-queries"),
+      qualityQueriesInput,
       packsInput: getOptionalInput("packs"),
       buildModeInput: getOptionalInput("build-mode"),
       configFile,