From b0942116d7fb70909c0153ccfe7e4a54dd932def Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Wed, 6 May 2026 15:53:38 +0100 Subject: [PATCH] Expose all enabled default CLI versions --- lib/analyze-action-post.js | 22 ++++---- lib/analyze-action.js | 83 +++++++++++++++++-------------- lib/autobuild-action.js | 71 +++++++++++++++----------- lib/init-action-post.js | 83 +++++++++++++++++-------------- lib/init-action.js | 83 +++++++++++++++++-------------- lib/resolve-environment-action.js | 22 ++++---- lib/setup-codeql-action.js | 83 +++++++++++++++++-------------- lib/start-proxy-action-post.js | 22 ++++---- lib/start-proxy-action.js | 75 ++++++++++++++++------------ lib/upload-lib.js | 34 ++++++------- lib/upload-sarif-action-post.js | 22 ++++---- lib/upload-sarif-action.js | 83 +++++++++++++++++-------------- src/codeql.test.ts | 29 +++++++---- src/feature-flags.test.ts | 39 ++++++++++----- src/feature-flags.ts | 79 ++++++++++++++++++++--------- src/init-action.ts | 5 +- src/setup-codeql-action.ts | 5 +- src/setup-codeql.test.ts | 5 +- src/setup-codeql.ts | 8 +-- src/start-proxy.test.ts | 6 ++- src/start-proxy.ts | 4 +- src/testing-utils.ts | 16 +++--- src/upload-lib.ts | 5 +- 23 files changed, 507 insertions(+), 377 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index 0ecdbe3fe..fe1995a45 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); - module2.exports = rcompare; + var rcompare2 = (a, b, loose) => compare2(b, a, loose); + module2.exports = rcompare2; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare2 = require_compare(); - var rcompare = require_rcompare(); + var rcompare2 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare2, - rcompare, + rcompare: rcompare2, compareLoose, compareBuild, sort, @@ -51129,8 +51129,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare; - function rcompare(a, b, loose) { + exports2.rcompare = rcompare2; + function rcompare2(a, b, loose) { return compare2(b, a, loose); } exports2.sort = sort; @@ -162803,11 +162803,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -162824,6 +162819,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 558ad5147..580125393 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare3 = require_compare(); - var rcompare2 = (a, b, loose) => compare3(b, a, loose); - module2.exports = rcompare2; + var rcompare3 = (a, b, loose) => compare3(b, a, loose); + module2.exports = rcompare3; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare3 = require_compare(); - var rcompare2 = require_rcompare(); + var rcompare3 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare3, - rcompare: rcompare2, + rcompare: rcompare3, compareLoose, compareBuild, sort, @@ -51129,8 +51129,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare2; - function rcompare2(a, b, loose) { + exports2.rcompare = rcompare3; + function rcompare3(a, b, loose) { return compare3(b, a, loose); } exports2.sort = sort; @@ -108403,11 +108403,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -108424,6 +108419,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", @@ -108484,10 +108484,14 @@ var OfflineFeatures = class { this.logger = logger; } logger; - async getDefaultCliVersion(_variant) { + async getEnabledDefaultCliVersions(_variant) { return { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; } /** @@ -108592,11 +108596,11 @@ var Features = class extends OfflineFeatures { logger ); } - async getDefaultCliVersion(variant) { + async getEnabledDefaultCliVersions(variant) { if (supportsFeatureFlags(variant)) { - return await this.gitHubFeatureFlags.getDefaultCliVersionFromFlags(); + return await this.gitHubFeatureFlags.getEnabledDefaultCliVersionsFromFlags(); } - return super.getDefaultCliVersion(variant); + return super.getEnabledDefaultCliVersions(variant); } /** * @@ -108655,34 +108659,41 @@ var GitHubFeatureFlags = class { } return version; } - async getDefaultCliVersionFromFlags() { + /** + * Returns CLI versions enabled by `default_codeql_version_*_enabled` feature + * flags, sorted from highest to lowest. Falls back to the version pinned in + * `defaults.json` if no such flags are enabled. + */ + async getEnabledDefaultCliVersionsFromFlags() { const response = await this.getAllFeatures(); - const enabledFeatureFlagCliVersions = Object.entries(response).map( + const sortedCliVersions = Object.entries(response).map( ([f, isEnabled]) => isEnabled ? this.getCliVersionFromFeatureFlag(f) : void 0 - ).filter((f) => f !== void 0); - if (enabledFeatureFlagCliVersions.length === 0) { + ).filter((f) => f !== void 0).sort(semver5.rcompare); + if (sortedCliVersions.length === 0) { this.logger.warning( `Feature flags do not specify a default CLI version. Falling back to the CLI version shipped with the Action. This is ${cliVersion}.` ); const result = { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; if (this.hasAccessedRemoteFeatureFlags) { result.toolsFeatureFlagsValid = false; } return result; } - const maxCliVersion = enabledFeatureFlagCliVersions.reduce( - (maxVersion, currentVersion) => currentVersion > maxVersion ? currentVersion : maxVersion, - enabledFeatureFlagCliVersions[0] - ); this.logger.debug( - `Derived default CLI version of ${maxCliVersion} from feature flags.` + `Derived default CLI version of ${sortedCliVersions[0]} from feature flags.` ); return { - cliVersion: maxCliVersion, - tagName: `codeql-bundle-v${maxCliVersion}`, + enabledVersions: sortedCliVersions.map((cliVersion2) => ({ + cliVersion: cliVersion2, + tagName: `codeql-bundle-v${cliVersion2}` + })), toolsFeatureFlagsValid: true }; } @@ -109673,8 +109684,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); @@ -109686,8 +109697,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } } else { - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } const bundleVersion2 = tagName && tryGetBundleVersionFromTagName(tagName, logger); const humanReadableVersion = cliVersion2 ?? (bundleVersion2 && convertToSemVer(bundleVersion2, logger)) ?? tagName ?? url2 ?? "unknown"; @@ -113070,9 +113081,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo url: getRequiredEnvParam("GITHUB_SERVER_URL"), apiURL: getRequiredEnvParam("GITHUB_API_URL") }; - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type - ); + const codeQLDefaultVersionInfo = await features.getEnabledDefaultCliVersions(gitHubVersion.type); const initCodeQLResult = await initCodeQL( void 0, // There is no tools input on the upload action diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 3ba526579..bff71e9b7 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); - module2.exports = rcompare; + var rcompare2 = (a, b, loose) => compare2(b, a, loose); + module2.exports = rcompare2; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare2 = require_compare(); - var rcompare = require_rcompare(); + var rcompare2 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare2, - rcompare, + rcompare: rcompare2, compareLoose, compareBuild, sort, @@ -51129,8 +51129,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare; - function rcompare(a, b, loose) { + exports2.rcompare = rcompare2; + function rcompare2(a, b, loose) { return compare2(b, a, loose); } exports2.sort = sort; @@ -104855,11 +104855,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -104876,6 +104871,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", @@ -104936,10 +104936,14 @@ var OfflineFeatures = class { this.logger = logger; } logger; - async getDefaultCliVersion(_variant) { + async getEnabledDefaultCliVersions(_variant) { return { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; } /** @@ -105044,11 +105048,11 @@ var Features = class extends OfflineFeatures { logger ); } - async getDefaultCliVersion(variant) { + async getEnabledDefaultCliVersions(variant) { if (supportsFeatureFlags(variant)) { - return await this.gitHubFeatureFlags.getDefaultCliVersionFromFlags(); + return await this.gitHubFeatureFlags.getEnabledDefaultCliVersionsFromFlags(); } - return super.getDefaultCliVersion(variant); + return super.getEnabledDefaultCliVersions(variant); } /** * @@ -105107,34 +105111,41 @@ var GitHubFeatureFlags = class { } return version; } - async getDefaultCliVersionFromFlags() { + /** + * Returns CLI versions enabled by `default_codeql_version_*_enabled` feature + * flags, sorted from highest to lowest. Falls back to the version pinned in + * `defaults.json` if no such flags are enabled. + */ + async getEnabledDefaultCliVersionsFromFlags() { const response = await this.getAllFeatures(); - const enabledFeatureFlagCliVersions = Object.entries(response).map( + const sortedCliVersions = Object.entries(response).map( ([f, isEnabled]) => isEnabled ? this.getCliVersionFromFeatureFlag(f) : void 0 - ).filter((f) => f !== void 0); - if (enabledFeatureFlagCliVersions.length === 0) { + ).filter((f) => f !== void 0).sort(semver5.rcompare); + if (sortedCliVersions.length === 0) { this.logger.warning( `Feature flags do not specify a default CLI version. Falling back to the CLI version shipped with the Action. This is ${cliVersion}.` ); const result = { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; if (this.hasAccessedRemoteFeatureFlags) { result.toolsFeatureFlagsValid = false; } return result; } - const maxCliVersion = enabledFeatureFlagCliVersions.reduce( - (maxVersion, currentVersion) => currentVersion > maxVersion ? currentVersion : maxVersion, - enabledFeatureFlagCliVersions[0] - ); this.logger.debug( - `Derived default CLI version of ${maxCliVersion} from feature flags.` + `Derived default CLI version of ${sortedCliVersions[0]} from feature flags.` ); return { - cliVersion: maxCliVersion, - tagName: `codeql-bundle-v${maxCliVersion}`, + enabledVersions: sortedCliVersions.map((cliVersion2) => ({ + cliVersion: cliVersion2, + tagName: `codeql-bundle-v${cliVersion2}` + })), toolsFeatureFlagsValid: true }; } diff --git a/lib/init-action-post.js b/lib/init-action-post.js index f589829b3..ca4210952 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare3 = require_compare(); - var rcompare = (a, b, loose) => compare3(b, a, loose); - module2.exports = rcompare; + var rcompare2 = (a, b, loose) => compare3(b, a, loose); + module2.exports = rcompare2; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare3 = require_compare(); - var rcompare = require_rcompare(); + var rcompare2 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare3, - rcompare, + rcompare: rcompare2, compareLoose, compareBuild, sort, @@ -51129,8 +51129,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare; - function rcompare(a, b, loose) { + exports2.rcompare = rcompare2; + function rcompare2(a, b, loose) { return compare3(b, a, loose); } exports2.sort = sort; @@ -166326,11 +166326,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -166347,6 +166342,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", @@ -166407,10 +166407,14 @@ var OfflineFeatures = class { this.logger = logger; } logger; - async getDefaultCliVersion(_variant) { + async getEnabledDefaultCliVersions(_variant) { return { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; } /** @@ -166515,11 +166519,11 @@ var Features = class extends OfflineFeatures { logger ); } - async getDefaultCliVersion(variant) { + async getEnabledDefaultCliVersions(variant) { if (supportsFeatureFlags(variant)) { - return await this.gitHubFeatureFlags.getDefaultCliVersionFromFlags(); + return await this.gitHubFeatureFlags.getEnabledDefaultCliVersionsFromFlags(); } - return super.getDefaultCliVersion(variant); + return super.getEnabledDefaultCliVersions(variant); } /** * @@ -166578,34 +166582,41 @@ var GitHubFeatureFlags = class { } return version; } - async getDefaultCliVersionFromFlags() { + /** + * Returns CLI versions enabled by `default_codeql_version_*_enabled` feature + * flags, sorted from highest to lowest. Falls back to the version pinned in + * `defaults.json` if no such flags are enabled. + */ + async getEnabledDefaultCliVersionsFromFlags() { const response = await this.getAllFeatures(); - const enabledFeatureFlagCliVersions = Object.entries(response).map( + const sortedCliVersions = Object.entries(response).map( ([f, isEnabled]) => isEnabled ? this.getCliVersionFromFeatureFlag(f) : void 0 - ).filter((f) => f !== void 0); - if (enabledFeatureFlagCliVersions.length === 0) { + ).filter((f) => f !== void 0).sort(semver5.rcompare); + if (sortedCliVersions.length === 0) { this.logger.warning( `Feature flags do not specify a default CLI version. Falling back to the CLI version shipped with the Action. This is ${cliVersion}.` ); const result = { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; if (this.hasAccessedRemoteFeatureFlags) { result.toolsFeatureFlagsValid = false; } return result; } - const maxCliVersion = enabledFeatureFlagCliVersions.reduce( - (maxVersion, currentVersion) => currentVersion > maxVersion ? currentVersion : maxVersion, - enabledFeatureFlagCliVersions[0] - ); this.logger.debug( - `Derived default CLI version of ${maxCliVersion} from feature flags.` + `Derived default CLI version of ${sortedCliVersions[0]} from feature flags.` ); return { - cliVersion: maxCliVersion, - tagName: `codeql-bundle-v${maxCliVersion}`, + enabledVersions: sortedCliVersions.map((cliVersion2) => ({ + cliVersion: cliVersion2, + tagName: `codeql-bundle-v${cliVersion2}` + })), toolsFeatureFlagsValid: true }; } @@ -167518,8 +167529,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); @@ -167531,8 +167542,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } } else { - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } const bundleVersion2 = tagName && tryGetBundleVersionFromTagName(tagName, logger); const humanReadableVersion = cliVersion2 ?? (bundleVersion2 && convertToSemVer(bundleVersion2, logger)) ?? tagName ?? url2 ?? "unknown"; @@ -170298,9 +170309,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo url: getRequiredEnvParam("GITHUB_SERVER_URL"), apiURL: getRequiredEnvParam("GITHUB_API_URL") }; - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type - ); + const codeQLDefaultVersionInfo = await features.getEnabledDefaultCliVersions(gitHubVersion.type); const initCodeQLResult = await initCodeQL( void 0, // There is no tools input on the upload action diff --git a/lib/init-action.js b/lib/init-action.js index 2dbf6b3d0..03ad45b9a 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var rcompare2 = (a, b, loose) => compare2(b, a, loose); - module2.exports = rcompare2; + var rcompare3 = (a, b, loose) => compare2(b, a, loose); + module2.exports = rcompare3; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare2 = require_compare(); - var rcompare2 = require_rcompare(); + var rcompare3 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare2, - rcompare: rcompare2, + rcompare: rcompare3, compareLoose, compareBuild, sort, @@ -51280,8 +51280,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare2; - function rcompare2(a, b, loose) { + exports2.rcompare = rcompare3; + function rcompare3(a, b, loose) { return compare2(b, a, loose); } exports2.sort = sort; @@ -105960,11 +105960,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -105981,6 +105976,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", @@ -106041,10 +106041,14 @@ var OfflineFeatures = class { this.logger = logger; } logger; - async getDefaultCliVersion(_variant) { + async getEnabledDefaultCliVersions(_variant) { return { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; } /** @@ -106149,11 +106153,11 @@ var Features = class extends OfflineFeatures { logger ); } - async getDefaultCliVersion(variant) { + async getEnabledDefaultCliVersions(variant) { if (supportsFeatureFlags(variant)) { - return await this.gitHubFeatureFlags.getDefaultCliVersionFromFlags(); + return await this.gitHubFeatureFlags.getEnabledDefaultCliVersionsFromFlags(); } - return super.getDefaultCliVersion(variant); + return super.getEnabledDefaultCliVersions(variant); } /** * @@ -106212,34 +106216,41 @@ var GitHubFeatureFlags = class { } return version; } - async getDefaultCliVersionFromFlags() { + /** + * Returns CLI versions enabled by `default_codeql_version_*_enabled` feature + * flags, sorted from highest to lowest. Falls back to the version pinned in + * `defaults.json` if no such flags are enabled. + */ + async getEnabledDefaultCliVersionsFromFlags() { const response = await this.getAllFeatures(); - const enabledFeatureFlagCliVersions = Object.entries(response).map( + const sortedCliVersions = Object.entries(response).map( ([f, isEnabled]) => isEnabled ? this.getCliVersionFromFeatureFlag(f) : void 0 - ).filter((f) => f !== void 0); - if (enabledFeatureFlagCliVersions.length === 0) { + ).filter((f) => f !== void 0).sort(semver5.rcompare); + if (sortedCliVersions.length === 0) { this.logger.warning( `Feature flags do not specify a default CLI version. Falling back to the CLI version shipped with the Action. This is ${cliVersion}.` ); const result = { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; if (this.hasAccessedRemoteFeatureFlags) { result.toolsFeatureFlagsValid = false; } return result; } - const maxCliVersion = enabledFeatureFlagCliVersions.reduce( - (maxVersion, currentVersion) => currentVersion > maxVersion ? currentVersion : maxVersion, - enabledFeatureFlagCliVersions[0] - ); this.logger.debug( - `Derived default CLI version of ${maxCliVersion} from feature flags.` + `Derived default CLI version of ${sortedCliVersions[0]} from feature flags.` ); return { - cliVersion: maxCliVersion, - tagName: `codeql-bundle-v${maxCliVersion}`, + enabledVersions: sortedCliVersions.map((cliVersion2) => ({ + cliVersion: cliVersion2, + tagName: `codeql-bundle-v${cliVersion2}` + })), toolsFeatureFlagsValid: true }; } @@ -108614,8 +108625,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); @@ -108627,8 +108638,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } } else { - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } const bundleVersion2 = tagName && tryGetBundleVersionFromTagName(tagName, logger); const humanReadableVersion = cliVersion2 ?? (bundleVersion2 && convertToSemVer(bundleVersion2, logger)) ?? tagName ?? url ?? "unknown"; @@ -110538,9 +110549,7 @@ async function run(startedAt) { `The 'init' action should not be run in the same workflow as 'setup-codeql'.` ); } - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type - ); + const codeQLDefaultVersionInfo = await features.getEnabledDefaultCliVersions(gitHubVersion.type); toolsFeatureFlagsValid = codeQLDefaultVersionInfo.toolsFeatureFlagsValid; const initCodeQLResult = await initCodeQL( getOptionalInput("tools"), diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index c819d2eda..6d9b50f18 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); - module2.exports = rcompare; + var rcompare2 = (a, b, loose) => compare2(b, a, loose); + module2.exports = rcompare2; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare2 = require_compare(); - var rcompare = require_rcompare(); + var rcompare2 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare2, - rcompare, + rcompare: rcompare2, compareLoose, compareBuild, sort, @@ -51129,8 +51129,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare; - function rcompare(a, b, loose) { + exports2.rcompare = rcompare2; + function rcompare2(a, b, loose) { return compare2(b, a, loose); } exports2.sort = sort; @@ -104846,11 +104846,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -104867,6 +104862,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 86a1340f4..e647efada 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); - module2.exports = rcompare; + var rcompare2 = (a, b, loose) => compare2(b, a, loose); + module2.exports = rcompare2; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare2 = require_compare(); - var rcompare = require_rcompare(); + var rcompare2 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare2, - rcompare, + rcompare: rcompare2, compareLoose, compareBuild, sort, @@ -51129,8 +51129,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare; - function rcompare(a, b, loose) { + exports2.rcompare = rcompare2; + function rcompare2(a, b, loose) { return compare2(b, a, loose); } exports2.sort = sort; @@ -104697,11 +104697,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -104718,6 +104713,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", @@ -104778,10 +104778,14 @@ var OfflineFeatures = class { this.logger = logger; } logger; - async getDefaultCliVersion(_variant) { + async getEnabledDefaultCliVersions(_variant) { return { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; } /** @@ -104886,11 +104890,11 @@ var Features = class extends OfflineFeatures { logger ); } - async getDefaultCliVersion(variant) { + async getEnabledDefaultCliVersions(variant) { if (supportsFeatureFlags(variant)) { - return await this.gitHubFeatureFlags.getDefaultCliVersionFromFlags(); + return await this.gitHubFeatureFlags.getEnabledDefaultCliVersionsFromFlags(); } - return super.getDefaultCliVersion(variant); + return super.getEnabledDefaultCliVersions(variant); } /** * @@ -104949,34 +104953,41 @@ var GitHubFeatureFlags = class { } return version; } - async getDefaultCliVersionFromFlags() { + /** + * Returns CLI versions enabled by `default_codeql_version_*_enabled` feature + * flags, sorted from highest to lowest. Falls back to the version pinned in + * `defaults.json` if no such flags are enabled. + */ + async getEnabledDefaultCliVersionsFromFlags() { const response = await this.getAllFeatures(); - const enabledFeatureFlagCliVersions = Object.entries(response).map( + const sortedCliVersions = Object.entries(response).map( ([f, isEnabled]) => isEnabled ? this.getCliVersionFromFeatureFlag(f) : void 0 - ).filter((f) => f !== void 0); - if (enabledFeatureFlagCliVersions.length === 0) { + ).filter((f) => f !== void 0).sort(semver4.rcompare); + if (sortedCliVersions.length === 0) { this.logger.warning( `Feature flags do not specify a default CLI version. Falling back to the CLI version shipped with the Action. This is ${cliVersion}.` ); const result = { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; if (this.hasAccessedRemoteFeatureFlags) { result.toolsFeatureFlagsValid = false; } return result; } - const maxCliVersion = enabledFeatureFlagCliVersions.reduce( - (maxVersion, currentVersion) => currentVersion > maxVersion ? currentVersion : maxVersion, - enabledFeatureFlagCliVersions[0] - ); this.logger.debug( - `Derived default CLI version of ${maxCliVersion} from feature flags.` + `Derived default CLI version of ${sortedCliVersions[0]} from feature flags.` ); return { - cliVersion: maxCliVersion, - tagName: `codeql-bundle-v${maxCliVersion}`, + enabledVersions: sortedCliVersions.map((cliVersion2) => ({ + cliVersion: cliVersion2, + tagName: `codeql-bundle-v${cliVersion2}` + })), toolsFeatureFlagsValid: true }; } @@ -106129,8 +106140,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); @@ -106142,8 +106153,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } } else { - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } const bundleVersion2 = tagName && tryGetBundleVersionFromTagName(tagName, logger); const humanReadableVersion = cliVersion2 ?? (bundleVersion2 && convertToSemVer(bundleVersion2, logger)) ?? tagName ?? url ?? "unknown"; @@ -107386,9 +107397,7 @@ async function run(startedAt) { if (statusReportBase !== void 0) { await sendStatusReport(statusReportBase); } - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type - ); + const codeQLDefaultVersionInfo = await features.getEnabledDefaultCliVersions(gitHubVersion.type); toolsFeatureFlagsValid = codeQLDefaultVersionInfo.toolsFeatureFlagsValid; const initCodeQLResult = await initCodeQL( getOptionalInput("tools"), diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index d65876fc2..86f78ffda 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); - module2.exports = rcompare; + var rcompare2 = (a, b, loose) => compare2(b, a, loose); + module2.exports = rcompare2; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare2 = require_compare(); - var rcompare = require_rcompare(); + var rcompare2 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare2, - rcompare, + rcompare: rcompare2, compareLoose, compareBuild, sort, @@ -51129,8 +51129,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare; - function rcompare(a, b, loose) { + exports2.rcompare = rcompare2; + function rcompare2(a, b, loose) { return compare2(b, a, loose); } exports2.sort = sort; @@ -162123,11 +162123,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -162144,6 +162139,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index d3dbfcc98..bd1e56c2b 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); - module2.exports = rcompare; + var rcompare2 = (a, b, loose) => compare(b, a, loose); + module2.exports = rcompare2; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare = require_compare(); - var rcompare = require_rcompare(); + var rcompare2 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare, - rcompare, + rcompare: rcompare2, compareLoose, compareBuild, sort, @@ -51951,8 +51951,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare; - function rcompare(a, b, loose) { + exports2.rcompare = rcompare2; + function rcompare2(a, b, loose) { return compare(b, a, loose); } exports2.sort = sort; @@ -121494,11 +121494,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -121515,6 +121510,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", @@ -121575,10 +121575,14 @@ var OfflineFeatures = class { this.logger = logger; } logger; - async getDefaultCliVersion(_variant) { + async getEnabledDefaultCliVersions(_variant) { return { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; } /** @@ -121683,11 +121687,11 @@ var Features = class extends OfflineFeatures { logger ); } - async getDefaultCliVersion(variant) { + async getEnabledDefaultCliVersions(variant) { if (supportsFeatureFlags(variant)) { - return await this.gitHubFeatureFlags.getDefaultCliVersionFromFlags(); + return await this.gitHubFeatureFlags.getEnabledDefaultCliVersionsFromFlags(); } - return super.getDefaultCliVersion(variant); + return super.getEnabledDefaultCliVersions(variant); } /** * @@ -121746,34 +121750,41 @@ var GitHubFeatureFlags = class { } return version; } - async getDefaultCliVersionFromFlags() { + /** + * Returns CLI versions enabled by `default_codeql_version_*_enabled` feature + * flags, sorted from highest to lowest. Falls back to the version pinned in + * `defaults.json` if no such flags are enabled. + */ + async getEnabledDefaultCliVersionsFromFlags() { const response = await this.getAllFeatures(); - const enabledFeatureFlagCliVersions = Object.entries(response).map( + const sortedCliVersions = Object.entries(response).map( ([f, isEnabled]) => isEnabled ? this.getCliVersionFromFeatureFlag(f) : void 0 - ).filter((f) => f !== void 0); - if (enabledFeatureFlagCliVersions.length === 0) { + ).filter((f) => f !== void 0).sort(semver4.rcompare); + if (sortedCliVersions.length === 0) { this.logger.warning( `Feature flags do not specify a default CLI version. Falling back to the CLI version shipped with the Action. This is ${cliVersion}.` ); const result = { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; if (this.hasAccessedRemoteFeatureFlags) { result.toolsFeatureFlagsValid = false; } return result; } - const maxCliVersion = enabledFeatureFlagCliVersions.reduce( - (maxVersion, currentVersion) => currentVersion > maxVersion ? currentVersion : maxVersion, - enabledFeatureFlagCliVersions[0] - ); this.logger.debug( - `Derived default CLI version of ${maxCliVersion} from feature flags.` + `Derived default CLI version of ${sortedCliVersions[0]} from feature flags.` ); return { - cliVersion: maxCliVersion, - tagName: `codeql-bundle-v${maxCliVersion}`, + enabledVersions: sortedCliVersions.map((cliVersion2) => ({ + cliVersion: cliVersion2, + tagName: `codeql-bundle-v${cliVersion2}` + })), toolsFeatureFlagsValid: true }; } @@ -122653,7 +122664,7 @@ async function getReleaseByVersion(version) { } async function getCliVersionFromFeatures(features) { const gitHubVersion = await getGitHubVersion(); - return await features.getDefaultCliVersion(gitHubVersion.type); + return await features.getEnabledDefaultCliVersions(gitHubVersion.type); } async function getDownloadUrl(logger, features) { const proxyPackage = getProxyPackage(); @@ -122661,7 +122672,7 @@ async function getDownloadUrl(logger, features) { const useFeaturesToDetermineCLI = await features.getValue( "start_proxy_use_features_release" /* StartProxyUseFeaturesRelease */ ); - const versionInfo = useFeaturesToDetermineCLI ? await getCliVersionFromFeatures(features) : { + const versionInfo = useFeaturesToDetermineCLI ? (await getCliVersionFromFeatures(features)).enabledVersions[0] : { cliVersion, tagName: bundleVersion }; diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 9ab80fc08..17dbf166e 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -45983,8 +45983,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare3 = require_compare(); - var rcompare = (a, b, loose) => compare3(b, a, loose); - module2.exports = rcompare; + var rcompare2 = (a, b, loose) => compare3(b, a, loose); + module2.exports = rcompare2; } }); @@ -47209,7 +47209,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare3 = require_compare(); - var rcompare = require_rcompare(); + var rcompare2 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -47247,7 +47247,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare3, - rcompare, + rcompare: rcompare2, compareLoose, compareBuild, sort, @@ -51129,8 +51129,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare; - function rcompare(a, b, loose) { + exports2.rcompare = rcompare2; + function rcompare2(a, b, loose) { return compare3(b, a, loose); } exports2.sort = sort; @@ -108009,11 +108009,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -108030,6 +108025,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", @@ -108815,8 +108815,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); @@ -108828,8 +108828,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } } else { - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } const bundleVersion2 = tagName && tryGetBundleVersionFromTagName(tagName, logger); const humanReadableVersion = cliVersion2 ?? (bundleVersion2 && convertToSemVer(bundleVersion2, logger)) ?? tagName ?? url2 ?? "unknown"; @@ -111060,9 +111060,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo url: getRequiredEnvParam("GITHUB_SERVER_URL"), apiURL: getRequiredEnvParam("GITHUB_API_URL") }; - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type - ); + const codeQLDefaultVersionInfo = await features.getEnabledDefaultCliVersions(gitHubVersion.type); const initCodeQLResult = await initCodeQL( void 0, // There is no tools input on the upload action diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 1913fac84..d0733a471 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); - module2.exports = rcompare; + var rcompare2 = (a, b, loose) => compare2(b, a, loose); + module2.exports = rcompare2; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare2 = require_compare(); - var rcompare = require_rcompare(); + var rcompare2 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare2, - rcompare, + rcompare: rcompare2, compareLoose, compareBuild, sort, @@ -153559,8 +153559,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare; - function rcompare(a, b, loose) { + exports2.rcompare = rcompare2; + function rcompare2(a, b, loose) { return compare2(b, a, loose); } exports2.sort = sort; @@ -162293,11 +162293,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -162314,6 +162309,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 00df3fef8..1ba53990b 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -44678,8 +44678,8 @@ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; var compare3 = require_compare(); - var rcompare = (a, b, loose) => compare3(b, a, loose); - module2.exports = rcompare; + var rcompare2 = (a, b, loose) => compare3(b, a, loose); + module2.exports = rcompare2; } }); @@ -45904,7 +45904,7 @@ var require_semver2 = __commonJS({ var patch = require_patch(); var prerelease = require_prerelease(); var compare3 = require_compare(); - var rcompare = require_rcompare(); + var rcompare2 = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); @@ -45942,7 +45942,7 @@ var require_semver2 = __commonJS({ patch, prerelease, compare: compare3, - rcompare, + rcompare: rcompare2, compareLoose, compareBuild, sort, @@ -51129,8 +51129,8 @@ var require_semver3 = __commonJS({ var versionB = new SemVer(b, loose); return versionA.compare(versionB) || versionA.compareBuild(versionB); } - exports2.rcompare = rcompare; - function rcompare(a, b, loose) { + exports2.rcompare = rcompare2; + function rcompare2(a, b, loose) { return compare3(b, a, loose); } exports2.sort = sort; @@ -107682,11 +107682,6 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT", minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION_JAVASCRIPT }, - ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", - minimumVersion: void 0 - }, ["overlay_analysis_python" /* OverlayAnalysisPython */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON", @@ -107703,6 +107698,11 @@ var featureConfig = { envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_DISABLE_TRAP_CACHING", minimumVersion: void 0 }, + ["overlay_analysis_match_codeql_version" /* OverlayAnalysisMatchCodeqlVersion */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_MATCH_CODEQL_VERSION", + minimumVersion: void 0 + }, ["overlay_analysis_resource_checks_v2" /* OverlayAnalysisResourceChecksV2 */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RESOURCE_CHECKS_V2", @@ -107763,10 +107763,14 @@ var OfflineFeatures = class { this.logger = logger; } logger; - async getDefaultCliVersion(_variant) { + async getEnabledDefaultCliVersions(_variant) { return { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; } /** @@ -107871,11 +107875,11 @@ var Features = class extends OfflineFeatures { logger ); } - async getDefaultCliVersion(variant) { + async getEnabledDefaultCliVersions(variant) { if (supportsFeatureFlags(variant)) { - return await this.gitHubFeatureFlags.getDefaultCliVersionFromFlags(); + return await this.gitHubFeatureFlags.getEnabledDefaultCliVersionsFromFlags(); } - return super.getDefaultCliVersion(variant); + return super.getEnabledDefaultCliVersions(variant); } /** * @@ -107934,34 +107938,41 @@ var GitHubFeatureFlags = class { } return version; } - async getDefaultCliVersionFromFlags() { + /** + * Returns CLI versions enabled by `default_codeql_version_*_enabled` feature + * flags, sorted from highest to lowest. Falls back to the version pinned in + * `defaults.json` if no such flags are enabled. + */ + async getEnabledDefaultCliVersionsFromFlags() { const response = await this.getAllFeatures(); - const enabledFeatureFlagCliVersions = Object.entries(response).map( + const sortedCliVersions = Object.entries(response).map( ([f, isEnabled]) => isEnabled ? this.getCliVersionFromFeatureFlag(f) : void 0 - ).filter((f) => f !== void 0); - if (enabledFeatureFlagCliVersions.length === 0) { + ).filter((f) => f !== void 0).sort(semver4.rcompare); + if (sortedCliVersions.length === 0) { this.logger.warning( `Feature flags do not specify a default CLI version. Falling back to the CLI version shipped with the Action. This is ${cliVersion}.` ); const result = { - cliVersion, - tagName: bundleVersion + enabledVersions: [ + { + cliVersion, + tagName: bundleVersion + } + ] }; if (this.hasAccessedRemoteFeatureFlags) { result.toolsFeatureFlagsValid = false; } return result; } - const maxCliVersion = enabledFeatureFlagCliVersions.reduce( - (maxVersion, currentVersion) => currentVersion > maxVersion ? currentVersion : maxVersion, - enabledFeatureFlagCliVersions[0] - ); this.logger.debug( - `Derived default CLI version of ${maxCliVersion} from feature flags.` + `Derived default CLI version of ${sortedCliVersions[0]} from feature flags.` ); return { - cliVersion: maxCliVersion, - tagName: `codeql-bundle-v${maxCliVersion}`, + enabledVersions: sortedCliVersions.map((cliVersion2) => ({ + cliVersion: cliVersion2, + tagName: `codeql-bundle-v${cliVersion2}` + })), toolsFeatureFlagsValid: true }; } @@ -109481,8 +109492,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); @@ -109494,8 +109505,8 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } } else { - cliVersion2 = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion2 = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } const bundleVersion2 = tagName && tryGetBundleVersionFromTagName(tagName, logger); const humanReadableVersion = cliVersion2 ?? (bundleVersion2 && convertToSemVer(bundleVersion2, logger)) ?? tagName ?? url2 ?? "unknown"; @@ -111655,9 +111666,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo url: getRequiredEnvParam("GITHUB_SERVER_URL"), apiURL: getRequiredEnvParam("GITHUB_API_URL") }; - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type - ); + const codeQLDefaultVersionInfo = await features.getEnabledDefaultCliVersions(gitHubVersion.type); const initCodeQLResult = await initCodeQL( void 0, // There is no tools input on the upload action diff --git a/src/codeql.test.ts b/src/codeql.test.ts index eccad6895..de7c40096 100644 --- a/src/codeql.test.ts +++ b/src/codeql.test.ts @@ -70,7 +70,7 @@ async function installIntoToolcache({ tmpDir, util.GitHubVariant.GHES, cliVersion !== undefined - ? { cliVersion, tagName } + ? { enabledVersions: [{ cliVersion, tagName }] } : SAMPLE_DEFAULT_CLI_VERSION, createFeatures([]), getRunnerLogger(true), @@ -284,11 +284,11 @@ for (const { for (const toolcacheVersion of [ // Test that we use the tools from the toolcache when `SAMPLE_DEFAULT_CLI_VERSION` is requested // and `SAMPLE_DEFAULT_CLI_VERSION-` is in the toolcache. - SAMPLE_DEFAULT_CLI_VERSION.cliVersion, - `${SAMPLE_DEFAULT_CLI_VERSION.cliVersion}-20230101`, + SAMPLE_DEFAULT_CLI_VERSION.enabledVersions[0].cliVersion, + `${SAMPLE_DEFAULT_CLI_VERSION.enabledVersions[0].cliVersion}-20230101`, ]) { test.serial( - `uses tools from toolcache when ${SAMPLE_DEFAULT_CLI_VERSION.cliVersion} is requested and ` + + `uses tools from toolcache when ${SAMPLE_DEFAULT_CLI_VERSION.enabledVersions[0].cliVersion} is requested and ` + `${toolcacheVersion} is installed`, async (t) => { const features = createFeatures([]); @@ -312,7 +312,10 @@ for (const toolcacheVersion of [ getRunnerLogger(true), false, ); - t.is(result.toolsVersion, SAMPLE_DEFAULT_CLI_VERSION.cliVersion); + t.is( + result.toolsVersion, + SAMPLE_DEFAULT_CLI_VERSION.enabledVersions[0].cliVersion, + ); t.is(result.toolsSource, ToolsSource.Toolcache); t.is(result.toolsDownloadStatusReport?.combinedDurationMs, undefined); t.is(result.toolsDownloadStatusReport?.downloadDurationMs, undefined); @@ -342,8 +345,12 @@ test.serial( tmpDir, util.GitHubVariant.GHES, { - cliVersion: defaults.cliVersion, - tagName: defaults.bundleVersion, + enabledVersions: [ + { + cliVersion: defaults.cliVersion, + tagName: defaults.bundleVersion, + }, + ], }, features, getRunnerLogger(true), @@ -384,8 +391,12 @@ test.serial( tmpDir, util.GitHubVariant.GHES, { - cliVersion: defaults.cliVersion, - tagName: defaults.bundleVersion, + enabledVersions: [ + { + cliVersion: defaults.cliVersion, + tagName: defaults.bundleVersion, + }, + ], }, features, getRunnerLogger(true), diff --git a/src/feature-flags.test.ts b/src/feature-flags.test.ts index 85007df13..d8b5eea04 100644 --- a/src/feature-flags.test.ts +++ b/src/feature-flags.test.ts @@ -451,12 +451,16 @@ test.serial(`selects CLI from defaults.json on GHES`, async (t) => { await withTmpDir(async (tmpDir) => { const features = setUpFeatureFlagTests(tmpDir); - const defaultCliVersion = await features.getDefaultCliVersion( + const defaultCliVersion = await features.getEnabledDefaultCliVersions( GitHubVariant.GHES, ); t.deepEqual(defaultCliVersion, { - cliVersion: defaults.cliVersion, - tagName: defaults.bundleVersion, + enabledVersions: [ + { + cliVersion: defaults.cliVersion, + tagName: defaults.bundleVersion, + }, + ], }); }); }); @@ -482,10 +486,13 @@ for (const variant of [GitHubVariant.DOTCOM, GitHubVariant.GHEC_DR]) { false; mockFeatureFlagApiEndpoint(200, expectedFeatureEnablement); - const defaultCliVersion = await features.getDefaultCliVersion(variant); + const defaultCliVersion = + await features.getEnabledDefaultCliVersions(variant); t.deepEqual(defaultCliVersion, { - cliVersion: "2.20.1", - tagName: "codeql-bundle-v2.20.1", + enabledVersions: [ + { cliVersion: "2.20.1", tagName: "codeql-bundle-v2.20.1" }, + { cliVersion: "2.20.0", tagName: "codeql-bundle-v2.20.0" }, + ], toolsFeatureFlagsValid: true, }); }); @@ -500,10 +507,15 @@ for (const variant of [GitHubVariant.DOTCOM, GitHubVariant.GHEC_DR]) { const expectedFeatureEnablement = initializeFeatures(true); mockFeatureFlagApiEndpoint(200, expectedFeatureEnablement); - const defaultCliVersion = await features.getDefaultCliVersion(variant); + const defaultCliVersion = + await features.getEnabledDefaultCliVersions(variant); t.deepEqual(defaultCliVersion, { - cliVersion: defaults.cliVersion, - tagName: defaults.bundleVersion, + enabledVersions: [ + { + cliVersion: defaults.cliVersion, + tagName: defaults.bundleVersion, + }, + ], toolsFeatureFlagsValid: false, }); }); @@ -529,10 +541,13 @@ for (const variant of [GitHubVariant.DOTCOM, GitHubVariant.GHEC_DR]) { ] = true; mockFeatureFlagApiEndpoint(200, expectedFeatureEnablement); - const defaultCliVersion = await features.getDefaultCliVersion(variant); + const defaultCliVersion = + await features.getEnabledDefaultCliVersions(variant); t.deepEqual(defaultCliVersion, { - cliVersion: "2.20.1", - tagName: "codeql-bundle-v2.20.1", + enabledVersions: [ + { cliVersion: "2.20.1", tagName: "codeql-bundle-v2.20.1" }, + { cliVersion: "2.20.0", tagName: "codeql-bundle-v2.20.0" }, + ], toolsFeatureFlagsValid: true, }); diff --git a/src/feature-flags.ts b/src/feature-flags.ts index b9afbb849..d6a6ba7bb 100644 --- a/src/feature-flags.ts +++ b/src/feature-flags.ts @@ -29,9 +29,27 @@ const DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled"; */ export const CODEQL_VERSION_ZSTD_BUNDLE = "2.19.0"; -export interface CodeQLDefaultVersionInfo { +export interface CodeQLVersionInfo { + /** The version number of the CodeQL CLI, e.g. `2.19.0`. */ cliVersion: string; + /** + * The tag name of the CodeQL Bundle associated with this version, e.g. `codeql-bundle-v2.19.0`. + */ tagName: string; +} + +export interface CodeQLDefaultVersionInfo { + /** + * CodeQL CLI versions that are enabled as defaults, sorted from highest to lowest. + * + * Guaranteed to be non-empty. When feature flags are unavailable, this falls back to a single + * entry containing the version pinned in `defaults.json`. + */ + enabledVersions: CodeQLVersionInfo[]; + /** + * If accessed, whether the tools feature flags are valid, i.e. contain at least one enabled + * version. + */ toolsFeatureFlagsValid?: boolean; } @@ -358,8 +376,12 @@ export type FeatureWithoutCLI = { }[keyof typeof featureConfig]; export interface FeatureEnablement { - /** Gets the default version of the CodeQL tools. */ - getDefaultCliVersion( + /** + * Returns the set of default CodeQL CLI versions to consider, sorted from + * highest to lowest. The first entry is the version that the CodeQL Action + * will use by default. The list is always non-empty. + */ + getEnabledDefaultCliVersions( variant: util.GitHubVariant, ): Promise; getValue(feature: FeatureWithoutCLI): Promise; @@ -383,12 +405,16 @@ export const FEATURE_FLAGS_FILE_NAME = "cached-feature-flags.json"; class OfflineFeatures implements FeatureEnablement { constructor(protected readonly logger: Logger) {} - async getDefaultCliVersion( + async getEnabledDefaultCliVersions( _variant: util.GitHubVariant, ): Promise { return { - cliVersion: defaults.cliVersion, - tagName: defaults.bundleVersion, + enabledVersions: [ + { + cliVersion: defaults.cliVersion, + tagName: defaults.bundleVersion, + }, + ], }; } @@ -530,13 +556,13 @@ class Features extends OfflineFeatures { ); } - async getDefaultCliVersion( + async getEnabledDefaultCliVersions( variant: util.GitHubVariant, ): Promise { if (supportsFeatureFlags(variant)) { - return await this.gitHubFeatureFlags.getDefaultCliVersionFromFlags(); + return await this.gitHubFeatureFlags.getEnabledDefaultCliVersionsFromFlags(); } - return super.getDefaultCliVersion(variant); + return super.getEnabledDefaultCliVersions(variant); } /** @@ -612,16 +638,22 @@ class GitHubFeatureFlags { return version; } - async getDefaultCliVersionFromFlags(): Promise { + /** + * Returns CLI versions enabled by `default_codeql_version_*_enabled` feature + * flags, sorted from highest to lowest. Falls back to the version pinned in + * `defaults.json` if no such flags are enabled. + */ + async getEnabledDefaultCliVersionsFromFlags(): Promise { const response = await this.getAllFeatures(); - const enabledFeatureFlagCliVersions = Object.entries(response) + const sortedCliVersions = Object.entries(response) .map(([f, isEnabled]) => isEnabled ? this.getCliVersionFromFeatureFlag(f) : undefined, ) - .filter((f): f is string => f !== undefined); + .filter((f): f is string => f !== undefined) + .sort(semver.rcompare); - if (enabledFeatureFlagCliVersions.length === 0) { + if (sortedCliVersions.length === 0) { // We expect at least one default CLI version to be enabled on Dotcom at any time. However if // the feature flags are misconfigured, rather than crashing, we fall back to the CLI version // shipped with the Action in defaults.json. This has the effect of immediately rolling out @@ -637,8 +669,12 @@ class GitHubFeatureFlags { `shipped with the Action. This is ${defaults.cliVersion}.`, ); const result: CodeQLDefaultVersionInfo = { - cliVersion: defaults.cliVersion, - tagName: defaults.bundleVersion, + enabledVersions: [ + { + cliVersion: defaults.cliVersion, + tagName: defaults.bundleVersion, + }, + ], }; if (this.hasAccessedRemoteFeatureFlags) { result.toolsFeatureFlagsValid = false; @@ -646,17 +682,14 @@ class GitHubFeatureFlags { return result; } - const maxCliVersion = enabledFeatureFlagCliVersions.reduce( - (maxVersion, currentVersion) => - currentVersion > maxVersion ? currentVersion : maxVersion, - enabledFeatureFlagCliVersions[0], - ); this.logger.debug( - `Derived default CLI version of ${maxCliVersion} from feature flags.`, + `Derived default CLI version of ${sortedCliVersions[0]} from feature flags.`, ); return { - cliVersion: maxCliVersion, - tagName: `codeql-bundle-v${maxCliVersion}`, + enabledVersions: sortedCliVersions.map((cliVersion) => ({ + cliVersion, + tagName: `codeql-bundle-v${cliVersion}`, + })), toolsFeatureFlagsValid: true, }; } diff --git a/src/init-action.ts b/src/init-action.ts index 859dcefa2..3d599d545 100644 --- a/src/init-action.ts +++ b/src/init-action.ts @@ -298,9 +298,8 @@ async function run(startedAt: Date) { ); } - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type, - ); + const codeQLDefaultVersionInfo = + await features.getEnabledDefaultCliVersions(gitHubVersion.type); toolsFeatureFlagsValid = codeQLDefaultVersionInfo.toolsFeatureFlagsValid; const initCodeQLResult = await initCodeQL( getOptionalInput("tools"), diff --git a/src/setup-codeql-action.ts b/src/setup-codeql-action.ts index bd504f3fd..34d5d76aa 100644 --- a/src/setup-codeql-action.ts +++ b/src/setup-codeql-action.ts @@ -136,9 +136,8 @@ async function run(startedAt: Date): Promise { if (statusReportBase !== undefined) { await sendStatusReport(statusReportBase); } - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type, - ); + const codeQLDefaultVersionInfo = + await features.getEnabledDefaultCliVersions(gitHubVersion.type); toolsFeatureFlagsValid = codeQLDefaultVersionInfo.toolsFeatureFlagsValid; const initCodeQLResult = await initCodeQL( getOptionalInput("tools"), diff --git a/src/setup-codeql.test.ts b/src/setup-codeql.test.ts index 555352bd2..c35bd1d9d 100644 --- a/src/setup-codeql.test.ts +++ b/src/setup-codeql.test.ts @@ -514,7 +514,10 @@ const toolcacheInputFallbackMacro = test.macro({ // Check that `sourceType` and `toolsVersion` match expectations. t.is(source.sourceType, "download"); - t.is(source.toolsVersion, SAMPLE_DEFAULT_CLI_VERSION.cliVersion); + t.is( + source.toolsVersion, + SAMPLE_DEFAULT_CLI_VERSION.enabledVersions[0].cliVersion, + ); // Check that key messages we would expect to find in the log are present. for (const expectedMessage of expectedMessages) { diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index 4ca3302f9..41eb7f1e4 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -438,8 +438,8 @@ export async function getCodeQLSource( } } - cliVersion = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } } else if (toolsInput !== undefined) { // If a tools URL was provided, then use that. @@ -455,8 +455,8 @@ export async function getCodeQLSource( } } else { // Otherwise, use the default CLI version passed in. - cliVersion = defaultCliVersion.cliVersion; - tagName = defaultCliVersion.tagName; + cliVersion = defaultCliVersion.enabledVersions[0].cliVersion; + tagName = defaultCliVersion.enabledVersions[0].tagName; } const bundleVersion = diff --git a/src/start-proxy.test.ts b/src/start-proxy.test.ts index 621b8d499..a9d8be894 100644 --- a/src/start-proxy.test.ts +++ b/src/start-proxy.test.ts @@ -1019,8 +1019,10 @@ test.serial( return true; }); const getDefaultCliVersion = sinon - .stub(features, "getDefaultCliVersion") - .resolves({ cliVersion: "2.20.1", tagName: expectedTag }); + .stub(features, "getEnabledDefaultCliVersions") + .resolves({ + enabledVersions: [{ cliVersion: "2.20.1", tagName: expectedTag }], + }); const path = await startProxyExports.getProxyBinaryPath(logger, features); t.assert(getDefaultCliVersion.calledOnce); diff --git a/src/start-proxy.ts b/src/start-proxy.ts index 1013ae386..d6111510f 100644 --- a/src/start-proxy.ts +++ b/src/start-proxy.ts @@ -415,7 +415,7 @@ async function getCliVersionFromFeatures( features: FeatureEnablement, ): Promise { const gitHubVersion = await getGitHubVersion(); - return await features.getDefaultCliVersion(gitHubVersion.type); + return await features.getEnabledDefaultCliVersions(gitHubVersion.type); } /** @@ -440,7 +440,7 @@ export async function getDownloadUrl( // Retrieve information about the CLI version we should use. This will be either the linked // version, or the one enabled by FFs. const versionInfo = useFeaturesToDetermineCLI - ? await getCliVersionFromFeatures(features) + ? (await getCliVersionFromFeatures(features)).enabledVersions[0] : { cliVersion: defaults.cliVersion, tagName: defaults.bundleVersion, diff --git a/src/testing-utils.ts b/src/testing-utils.ts index fcb7149b5..29966c1ad 100644 --- a/src/testing-utils.ts +++ b/src/testing-utils.ts @@ -36,16 +36,20 @@ export const SAMPLE_DOTCOM_API_DETAILS = { apiURL: "https://api.github.com", }; -export const SAMPLE_DEFAULT_CLI_VERSION: CodeQLDefaultVersionInfo = { - cliVersion: "2.20.0", - tagName: "codeql-bundle-v2.20.0", -}; - export const LINKED_CLI_VERSION = { cliVersion: defaults.cliVersion, tagName: defaults.bundleVersion, }; +export const SAMPLE_DEFAULT_CLI_VERSION: CodeQLDefaultVersionInfo = { + enabledVersions: [ + { + cliVersion: "2.20.0", + tagName: "codeql-bundle-v2.20.0", + }, + ], +}; + type TestContext = { stdoutWrite: any; stderrWrite: any; @@ -442,7 +446,7 @@ export function mockCodeQLVersion( */ export function createFeatures(enabledFeatures: Feature[]): FeatureEnablement { return { - getDefaultCliVersion: async () => { + getEnabledDefaultCliVersions: async () => { throw new Error("not implemented"); }, getValue: async (feature) => { diff --git a/src/upload-lib.ts b/src/upload-lib.ts index 2464fe5ea..e4230b6f9 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -156,9 +156,8 @@ async function combineSarifFilesUsingCLI( apiURL: getRequiredEnvParam("GITHUB_API_URL"), }; - const codeQLDefaultVersionInfo = await features.getDefaultCliVersion( - gitHubVersion.type, - ); + const codeQLDefaultVersionInfo = + await features.getEnabledDefaultCliVersions(gitHubVersion.type); const initCodeQLResult = await initCodeQL( undefined, // There is no tools input on the upload action