From cdb655d6d4cbc2686e6e01bc971017d495693931 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Tue, 28 Apr 2026 11:29:32 +0100 Subject: [PATCH] Add random suffix when writing diagnostics to avoid filename collisions --- lib/analyze-action.js | 3 ++- lib/init-action-post.js | 3 ++- lib/init-action.js | 3 ++- lib/setup-codeql-action.js | 3 ++- lib/upload-lib.js | 3 ++- lib/upload-sarif-action.js | 3 ++- src/diagnostics.ts | 8 +++++++- 7 files changed, 19 insertions(+), 7 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 712b2b62b..020c41d20 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -107892,10 +107892,11 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); const jsonPath = import_path.default.resolve( diagnosticsPath, // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 59a13f628..e401797e9 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -165811,10 +165811,11 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); const jsonPath = import_path.default.resolve( diagnosticsPath, // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/lib/init-action.js b/lib/init-action.js index 51f1eef91..977240f21 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -105397,10 +105397,11 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); const jsonPath = import_path.default.resolve( diagnosticsPath, // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 58431548c..48a206e8a 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -105467,10 +105467,11 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); const jsonPath = import_path.default.resolve( diagnosticsPath, // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 60cd5fe57..faca0370a 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -107502,10 +107502,11 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); const jsonPath = import_path.default.resolve( diagnosticsPath, // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index aeaf1e7c6..d412f3547 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -108258,10 +108258,11 @@ function writeDiagnostic(config, language, diagnostic) { ); try { (0, import_fs.mkdirSync)(diagnosticsPath, { recursive: true }); + const uniqueSuffix = Math.floor(Math.random() * 4294967296).toString(16).padStart(8, "0"); const jsonPath = import_path.default.resolve( diagnosticsPath, // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json` + `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json` ); (0, import_fs.writeFileSync)(jsonPath, JSON.stringify(diagnostic)); } catch (err) { diff --git a/src/diagnostics.ts b/src/diagnostics.ts index 4d8fc87b5..6b1911d05 100644 --- a/src/diagnostics.ts +++ b/src/diagnostics.ts @@ -167,10 +167,16 @@ function writeDiagnostic( // Create the directory if it doesn't exist yet. mkdirSync(diagnosticsPath, { recursive: true }); + // Include a random suffix to avoid filename collisions between diagnostics + // produced within the same millisecond. This doesn't need to be + // cryptographically secure, so `Math.random` is fine. + const uniqueSuffix = Math.floor(Math.random() * 0x100000000) + .toString(16) + .padStart(8, "0"); const jsonPath = path.resolve( diagnosticsPath, // Remove colons from the timestamp as these are not allowed in Windows filenames. - `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json`, + `codeql-action-${diagnostic.timestamp.replaceAll(":", "")}-${uniqueSuffix}.json`, ); writeFileSync(jsonPath, JSON.stringify(diagnostic));