github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-27 09:18:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3183 from github/update-v4.30.7-55283843c

Browse Source 
Merge main into releases/v4
This commit is contained in:
Mario Campos
2025-10-07 10:21:14 -05:00
committed by GitHub
parent 64d10c1313 93c16735fa
commit e296a93559
31 changed files with 108 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/actions/check-sarif/action.yml
+1 -1
View File
@@ -16,5 +16,5 @@ inputs:
Comma separated list of query ids that should NOT be included in this SARIF file.
runs:
using: node20
using: node24
main: index.js
.github/workflows/codescanning-config-cli.yml
+1 -1
View File
@@ -58,7 +58,7 @@ jobs:
- name: Set up Node.js
uses: actions/setup-node@v5
with:
node-version: '20'
node-version: 24
cache: 'npm'
- name: Install dependencies
.github/workflows/pr-checks.yml
+3 -2
View File
@@ -20,6 +20,7 @@ jobs:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
node-version: [20, 24]
permissions:
contents: read
security-events: write # needed to upload ESLint results
@@ -36,7 +37,7 @@ jobs:
- name: Set up Node.js
uses: actions/setup-node@v5
with:
node-version: '20.x'
node-version: ${{ matrix.node-version }}
cache: 'npm'
- name: Set up Python
@@ -73,7 +74,7 @@ jobs:
- name: Upload sarif
uses: github/codeql-action/upload-sarif@v3
if: matrix.os == 'ubuntu-latest'
if: matrix.os == 'ubuntu-latest' && matrix.node-version == 24
with:
sarif_file: eslint.sarif
category: eslint
.github/workflows/query-filters.yml
+1 -1
View File
@@ -34,7 +34,7 @@ jobs:
- name: Install Node.js
uses: actions/setup-node@v5
with:
node-version: 20.x
node-version: 24
cache: npm
- name: Install dependencies
.github/workflows/update-bundle.yml
+1 -1
View File
@@ -43,7 +43,7 @@ jobs:
- name: Set up Node.js
uses: actions/setup-node@v5
with:
node-version: '20.x'
node-version: 24
cache: 'npm'
- name: Install dependencies
CHANGELOG.md
+4
View File
@@ -2,6 +2,10 @@
See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
## 4.30.7 - 06 Oct 2025
- [v4+ only] The CodeQL Action now runs on Node.js v24. [#3169](https://github.com/github/codeql-action/pull/3169)
## 3.30.6 - 02 Oct 2025
- Update default CodeQL bundle version to 2.23.2. [#3168](https://github.com/github/codeql-action/pull/3168)
CONTRIBUTING.md
+1 -1
View File
@@ -13,7 +13,7 @@ Please note that this project is released with a [Contributor Code of Conduct][c
## Development and Testing
Before you start, ensure that you have a recent version of node (16 or higher) installed, along with a recent version of npm (9.2 or higher). You can see which version of node is used by the action in `init/action.yml`.
Before you start, ensure that you have a recent version of node (24 or higher) installed, along with a recent version of npm (9.2 or higher). You can see which version of node is used by the action in `init/action.yml`.
### Common tasks
README.md
+2 -1
View File
@@ -62,7 +62,8 @@ For compiled languages:
The following versions of the CodeQL Action are currently supported:
- v3 (latest)
- v4 (latest)
- v3
## Supported versions of the CodeQL Bundle on GitHub Enterprise Server
analyze/action.yml
+1 -1
View File
@@ -92,6 +92,6 @@ outputs:
sarif-id:
description: The ID of the uploaded SARIF file.
runs:
using: node20
using: node24
main: "../lib/analyze-action.js"
post: "../lib/analyze-action-post.js"
autobuild/action.yml
+1 -1
View File
@@ -15,5 +15,5 @@ inputs:
$GITHUB_WORKSPACE as its working directory.
required: false
runs:
using: node20
using: node24
main: '../lib/autobuild-action.js'
init/action.yml
+1 -1
View File
@@ -165,6 +165,6 @@ outputs:
codeql-version:
description: The version of the CodeQL binary used for analysis
runs:
using: node20
using: node24
main: '../lib/init-action.js'
post: '../lib/init-action-post.js'
lib/analyze-action-post.js
Generated
+1 -1
View File
@@ -26438,7 +26438,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
lib/analyze-action.js
Generated
+4 -1
View File
@@ -32287,7 +32287,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
@@ -94123,6 +94123,9 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi
logger.warning(
`Caught an exception while gathering information for telemetry: ${e}. Will skip sending status report.`
);
if (isInTestMode()) {
throw e;
}
return void 0;
}
}
lib/autobuild-action.js
Generated
+4 -1
View File
@@ -26438,7 +26438,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
@@ -79872,6 +79872,9 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi
logger.warning(
`Caught an exception while gathering information for telemetry: ${e}. Will skip sending status report.`
);
if (isInTestMode()) {
throw e;
}
return void 0;
}
}
lib/init-action-post.js
Generated
+4 -1
View File
@@ -32287,7 +32287,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
@@ -131599,6 +131599,9 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi
logger.warning(
`Caught an exception while gathering information for telemetry: ${e}. Will skip sending status report.`
);
if (isInTestMode()) {
throw e;
}
return void 0;
}
}
lib/init-action.js
Generated
+4 -1
View File
@@ -32287,7 +32287,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
@@ -90274,6 +90274,9 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi
logger.warning(
`Caught an exception while gathering information for telemetry: ${e}. Will skip sending status report.`
);
if (isInTestMode()) {
throw e;
}
return void 0;
}
}
lib/resolve-environment-action.js
Generated
+4 -1
View File
@@ -26438,7 +26438,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
@@ -79499,6 +79499,9 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi
logger.warning(
`Caught an exception while gathering information for telemetry: ${e}. Will skip sending status report.`
);
if (isInTestMode()) {
throw e;
}
return void 0;
}
}
lib/start-proxy-action-post.js
Generated
+1 -1
View File
@@ -26438,7 +26438,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
lib/start-proxy-action.js
Generated
+4 -1
View File
@@ -44974,7 +44974,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
@@ -95649,6 +95649,9 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi
logger.warning(
`Caught an exception while gathering information for telemetry: ${e}. Will skip sending status report.`
);
if (isInTestMode()) {
throw e;
}
return void 0;
}
}
lib/upload-lib.js
Generated
+1 -1
View File
@@ -33584,7 +33584,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
lib/upload-sarif-action-post.js
Generated
+1 -1
View File
@@ -26438,7 +26438,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
lib/upload-sarif-action.js
Generated
+4 -1
View File
@@ -32287,7 +32287,7 @@ var require_package = __commonJS({
"package.json"(exports2, module2) {
module2.exports = {
name: "codeql",
version: "3.30.6",
version: "4.30.7",
private: true,
description: "CodeQL action",
scripts: {
@@ -89910,6 +89910,9 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi
logger.warning(
`Caught an exception while gathering information for telemetry: ${e}. Will skip sending status report.`
);
if (isInTestMode()) {
throw e;
}
return void 0;
}
}
package-lock.json
Generated
+2 -2
View File
@@ -1,12 +1,12 @@
{
"name": "codeql",
"version": "3.30.6",
"version": "4.30.7",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "codeql",
"version": "3.30.6",
"version": "4.30.7",
"license": "MIT",
"dependencies": {
"@actions/artifact": "^2.3.1",
package.json
+1 -1
View File
@@ -1,6 +1,6 @@
{
"name": "codeql",
"version": "3.30.6",
"version": "4.30.7",
"private": true,
"description": "CodeQL action",
"scripts": {
resolve-environment/action.yml
+1 -1
View File
@@ -21,5 +21,5 @@ outputs:
environment:
description: The inferred build environment configuration.
runs:
using: node20
using: node24
main: '../lib/resolve-environment-action.js'
src/autobuild.ts
+3 -3
View File
@@ -52,11 +52,11 @@ export async function determineAutobuildLanguages(
* For example, consider a user with the following workflow file:
*
* ```yml
* - uses: github/codeql-action/init@v3
* - uses: github/codeql-action/init@v4
* with:
* languages: go, java
* - uses: github/codeql-action/autobuild@v3
* - uses: github/codeql-action/analyze@v3
* - uses: github/codeql-action/autobuild@v4
* - uses: github/codeql-action/analyze@v4
* ```
*
* - With Go extraction disabled, we will run the Java autobuilder in the
src/init-action-post-helper.test.ts
+12 -12
View File
@@ -84,14 +84,14 @@ test("uploads failed SARIF run with `diagnostics export` if feature flag is off"
},
{
name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3",
uses: "github/codeql-action/init@v4",
with: {
languages: "javascript",
},
},
{
name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3",
uses: "github/codeql-action/analyze@v4",
with: {
category: "my-category",
},
@@ -108,14 +108,14 @@ test("uploads failed SARIF run with `diagnostics export` if the database doesn't
},
{
name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3",
uses: "github/codeql-action/init@v4",
with: {
languages: "javascript",
},
},
{
name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3",
uses: "github/codeql-action/analyze@v4",
with: {
category: "my-category",
},
@@ -135,14 +135,14 @@ test("uploads failed SARIF run with database export-diagnostics if the database
},
{
name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3",
uses: "github/codeql-action/init@v4",
with: {
languages: "javascript",
},
},
{
name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3",
uses: "github/codeql-action/analyze@v4",
with: {
category: "my-category",
},
@@ -192,14 +192,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
},
{
name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3",
uses: "github/codeql-action/init@v4",
with: {
languages: "javascript",
},
},
{
name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3",
uses: "github/codeql-action/analyze@v4",
with: {
category: "my-category",
upload: uploadInput,
@@ -227,14 +227,14 @@ test("uploading failed SARIF run succeeds when workflow uses an input with a mat
},
{
name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3",
uses: "github/codeql-action/init@v4",
with: {
languages: "javascript",
},
},
{
name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3",
uses: "github/codeql-action/analyze@v4",
with: {
category: "/language:${{ matrix.language }}",
},
@@ -254,14 +254,14 @@ test("uploading failed SARIF run fails when workflow uses a complex upload input
},
{
name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3",
uses: "github/codeql-action/init@v4",
with: {
languages: "javascript",
},
},
{
name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3",
uses: "github/codeql-action/analyze@v4",
with: {
upload: "${{ matrix.language != 'csharp' }}",
},
src/status-report.ts
+6
View File
@@ -375,6 +375,12 @@ export async function createStatusReportBase(
logger.warning(
`Caught an exception while gathering information for telemetry: ${e}. Will skip sending status report.`,
);
// Re-throw the exception in test mode. While testing, we want to know if something goes wrong here.
if (isInTestMode()) {
throw e;
}
return undefined;
}
}
src/workflow.test.ts
+29 -29
View File
@@ -395,9 +395,9 @@ async function testLanguageAliases(
},
},
steps: [
{ uses: "actions/checkout@v3" },
{ uses: "github/codeql-action/init@v3" },
{ uses: "github/codeql-action/analyze@v3" },
{ uses: "actions/checkout@v4" },
{ uses: "github/codeql-action/init@v4" },
{ uses: "github/codeql-action/analyze@v4" },
],
},
},
@@ -666,7 +666,7 @@ test("getWorkflowErrors() should report a warning if different versions of the C
analyze:
steps:
- uses: github/codeql-action/init@v2
- uses: github/codeql-action/analyze@v3
- uses: github/codeql-action/analyze@v4
`) as Workflow,
await getCodeQLForTesting(),
);
@@ -686,8 +686,8 @@ test("getWorkflowErrors() should not report a warning if the same versions of th
jobs:
analyze:
steps:
- uses: github/codeql-action/init@v3
- uses: github/codeql-action/analyze@v3
- uses: github/codeql-action/init@v4
- uses: github/codeql-action/analyze@v4
`) as Workflow,
await getCodeQLForTesting(),
);
@@ -706,7 +706,7 @@ test("getWorkflowErrors() should not report a warning involving versions of othe
analyze:
steps:
- uses: actions/checkout@v5
- uses: github/codeql-action/init@v3
- uses: github/codeql-action/init@v4
`) as Workflow,
await getCodeQLForTesting(),
);
@@ -723,9 +723,9 @@ test("getCategoryInputOrThrow returns category for simple workflow with category
analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: github/codeql-action/init@v3
- uses: github/codeql-action/analyze@v3
- uses: actions/checkout@v4
- uses: github/codeql-action/init@v4
- uses: github/codeql-action/analyze@v4
with:
category: some-category
`) as Workflow,
@@ -745,9 +745,9 @@ test("getCategoryInputOrThrow returns undefined for simple workflow without cate
analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: github/codeql-action/init@v3
- uses: github/codeql-action/analyze@v3
- uses: actions/checkout@v4
- uses: github/codeql-action/init@v4
- uses: github/codeql-action/analyze@v4
`) as Workflow,
"analysis",
{},
@@ -765,19 +765,19 @@ test("getCategoryInputOrThrow returns category for workflow with multiple jobs",
foo:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: github/codeql-action/init@v3
- uses: actions/checkout@v4
- uses: github/codeql-action/init@v4
- runs: ./build foo
- uses: github/codeql-action/analyze@v3
- uses: github/codeql-action/analyze@v4
with:
category: foo-category
bar:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: github/codeql-action/init@v3
- uses: actions/checkout@v4
- uses: github/codeql-action/init@v4
- runs: ./build bar
- uses: github/codeql-action/analyze@v3
- uses: github/codeql-action/analyze@v4
with:
category: bar-category
`) as Workflow,
@@ -800,11 +800,11 @@ test("getCategoryInputOrThrow finds category for workflow with language matrix",
matrix:
language: [javascript, python]
steps:
- uses: actions/checkout@v3
- uses: github/codeql-action/init@v3
- uses: actions/checkout@v4
- uses: github/codeql-action/init@v4
with:
language: \${{ matrix.language }}
- uses: github/codeql-action/analyze@v3
- uses: github/codeql-action/analyze@v4
with:
category: "/language:\${{ matrix.language }}"
`) as Workflow,
@@ -824,9 +824,9 @@ test("getCategoryInputOrThrow throws error for workflow with dynamic category",
jobs:
analysis:
steps:
- uses: actions/checkout@v3
- uses: github/codeql-action/init@v3
- uses: github/codeql-action/analyze@v3
- uses: actions/checkout@v4
- uses: github/codeql-action/init@v4
- uses: github/codeql-action/analyze@v4
with:
category: "\${{ github.workflow }}"
`) as Workflow,
@@ -851,12 +851,12 @@ test("getCategoryInputOrThrow throws error for workflow with multiple calls to a
analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: github/codeql-action/init@v3
- uses: github/codeql-action/analyze@v3
- uses: actions/checkout@v4
- uses: github/codeql-action/init@v4
- uses: github/codeql-action/analyze@v4
with:
category: some-category
- uses: github/codeql-action/analyze@v3
- uses: github/codeql-action/analyze@v4
with:
category: another-category
`) as Workflow,
start-proxy/action.yml
+4 -1
View File
@@ -16,6 +16,9 @@ inputs:
language:
description: The programming language to setup the proxy for the correct ecosystem
required: false
matrix:
default: ${{ toJson(matrix) }}
required: false
outputs:
proxy_host:
description: The IP address of the proxy
@@ -26,6 +29,6 @@ outputs:
proxy_urls:
description: A stringified JSON array of objects containing the types and URLs of the configured registries.
runs:
using: node20
using: node24
main: "../lib/start-proxy-action.js"
post: "../lib/start-proxy-action-post.js"
upload-sarif/action.yml
+1 -1
View File
@@ -41,6 +41,6 @@ outputs:
{ "code-scanning": "some-id", "code-quality": "some-other-id" }
runs:
using: node20
using: node24
main: '../lib/upload-sarif-action.js'
post: '../lib/upload-sarif-action-post.js'