mirror of
https://github.com/github/codeql-action.git
synced 2026-05-03 04:10:10 +00:00
Move extraQueryExclusions out of AugmentationProperties
This commit is contained in:
Michael B. Gale
Generated
+112
-87
@@ -117083,6 +117083,9 @@ function wrapError(error2) {
|
||||
function getErrorMessage(error2) {
|
||||
return error2 instanceof Error ? error2.message : String(error2);
|
||||
}
|
||||
function cloneObject(obj) {
|
||||
return JSON.parse(JSON.stringify(obj));
|
||||
}
|
||||
async function asyncSome(array, predicate) {
|
||||
const results = await Promise.all(array.map(predicate));
|
||||
return results.some((result) => result);
|
||||
@@ -117240,9 +117243,9 @@ async function getGitHubVersion() {
|
||||
}
|
||||
|
||||
// src/codeql.ts
|
||||
var fs3 = __toESM(require("fs"));
|
||||
var path3 = __toESM(require("path"));
|
||||
var core9 = __toESM(require_core());
|
||||
var fs4 = __toESM(require("fs"));
|
||||
var path4 = __toESM(require("path"));
|
||||
var core10 = __toESM(require_core());
|
||||
var toolrunner3 = __toESM(require_toolrunner());
|
||||
|
||||
// src/cli-errors.ts
|
||||
@@ -117482,6 +117485,22 @@ function wrapCliConfigurationError(cliError) {
|
||||
return new ConfigurationError(errorMessageBuilder);
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs3 = __toESM(require("fs"));
|
||||
var path3 = __toESM(require("path"));
|
||||
var semver4 = __toESM(require_semver2());
|
||||
|
||||
// src/analyses.ts
|
||||
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
AnalysisKind2["CodeScanning"] = "code-scanning";
|
||||
AnalysisKind2["CodeQuality"] = "code-quality";
|
||||
return AnalysisKind2;
|
||||
})(AnalysisKind || {});
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
|
||||
// src/feature-flags.ts
|
||||
var semver3 = __toESM(require_semver2());
|
||||
|
||||
@@ -117491,13 +117510,13 @@ var path2 = __toESM(require("path"));
|
||||
var actionsCache = __toESM(require_cache3());
|
||||
|
||||
// src/git-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
var core7 = __toESM(require_core());
|
||||
var toolrunner2 = __toESM(require_toolrunner());
|
||||
var io3 = __toESM(require_io());
|
||||
var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
|
||||
let stdout = "";
|
||||
let stderr = "";
|
||||
core6.debug(`Running git command: git ${args.join(" ")}`);
|
||||
core7.debug(`Running git command: git ${args.join(" ")}`);
|
||||
try {
|
||||
await new toolrunner2.ToolRunner(await io3.which("git", true), args, {
|
||||
silent: true,
|
||||
@@ -117517,7 +117536,7 @@ var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
|
||||
if (stderr.includes("not a git repository")) {
|
||||
reason = "The checkout path provided to the action does not appear to be a git repository.";
|
||||
}
|
||||
core6.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
|
||||
core7.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
|
||||
throw error2;
|
||||
}
|
||||
};
|
||||
@@ -117628,7 +117647,7 @@ async function getRef() {
|
||||
) !== head;
|
||||
if (hasChangedRef) {
|
||||
const newRef = ref.replace(pull_ref_regex, "refs/pull/$1/head");
|
||||
core6.debug(
|
||||
core7.debug(
|
||||
`No longer on merge commit, rewriting ref from ${ref} to ${newRef}.`
|
||||
);
|
||||
return newRef;
|
||||
@@ -117654,16 +117673,16 @@ async function isAnalyzingDefaultBranch() {
|
||||
}
|
||||
|
||||
// src/logging.ts
|
||||
var core7 = __toESM(require_core());
|
||||
var core8 = __toESM(require_core());
|
||||
function getActionsLogger() {
|
||||
return core7;
|
||||
return core8;
|
||||
}
|
||||
function withGroup(groupName, f) {
|
||||
core7.startGroup(groupName);
|
||||
core8.startGroup(groupName);
|
||||
try {
|
||||
return f();
|
||||
} finally {
|
||||
core7.endGroup();
|
||||
core8.endGroup();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -117898,23 +117917,89 @@ var featureConfig = {
|
||||
}
|
||||
};
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path3.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs3.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs3.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
function appendExtraQueryExclusions(extraQueryExclusions, cliConfig) {
|
||||
if (extraQueryExclusions.length === 0) {
|
||||
return cliConfig;
|
||||
}
|
||||
const augmentedConfig = cloneObject(cliConfig);
|
||||
augmentedConfig["query-filters"] = [
|
||||
// Ordering matters. If the first filter is an inclusion, it implicitly
|
||||
// excludes all queries that are not included. If it is an exclusion,
|
||||
// it implicitly includes all queries that are not excluded. So user
|
||||
// filters (if any) should always be first to preserve intent.
|
||||
...augmentedConfig["query-filters"] || [],
|
||||
...extraQueryExclusions
|
||||
];
|
||||
if (augmentedConfig["query-filters"]?.length === 0) {
|
||||
delete augmentedConfig["query-filters"];
|
||||
}
|
||||
return augmentedConfig;
|
||||
}
|
||||
|
||||
// src/setup-codeql.ts
|
||||
var toolcache3 = __toESM(require_tool_cache());
|
||||
var import_fast_deep_equal = __toESM(require_fast_deep_equal());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// src/tar.ts
|
||||
var import_toolrunner = __toESM(require_toolrunner());
|
||||
var io4 = __toESM(require_io());
|
||||
var toolcache = __toESM(require_tool_cache());
|
||||
var semver4 = __toESM(require_semver2());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
|
||||
// src/tools-download.ts
|
||||
var core8 = __toESM(require_core());
|
||||
var core9 = __toESM(require_core());
|
||||
var import_http_client = __toESM(require_lib());
|
||||
var toolcache2 = __toESM(require_tool_cache());
|
||||
var import_follow_redirects = __toESM(require_follow_redirects());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var STREAMING_HIGH_WATERMARK_BYTES = 4 * 1024 * 1024;
|
||||
|
||||
// src/tracer-config.ts
|
||||
@@ -117972,12 +118057,12 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async isTracedLanguage(language) {
|
||||
const extractorPath = await this.resolveExtractor(language);
|
||||
const tracingConfigPath = path3.join(
|
||||
const tracingConfigPath = path4.join(
|
||||
extractorPath,
|
||||
"tools",
|
||||
"tracing-config.lua"
|
||||
);
|
||||
return fs3.existsSync(tracingConfigPath);
|
||||
return fs4.existsSync(tracingConfigPath);
|
||||
},
|
||||
async isScannedLanguage(language) {
|
||||
return !await this.isTracedLanguage(language);
|
||||
@@ -118048,7 +118133,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async runAutobuild(config, language) {
|
||||
applyAutobuildAzurePipelinesTimeoutFix();
|
||||
const autobuildCmd = path3.join(
|
||||
const autobuildCmd = path4.join(
|
||||
await this.resolveExtractor(language),
|
||||
"tools",
|
||||
process.platform === "win32" ? "autobuild.cmd" : "autobuild.sh"
|
||||
@@ -118369,12 +118454,12 @@ ${output}`
|
||||
);
|
||||
} else if (checkVersion && process.env["CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */] !== "true" && !await codeQlVersionAtLeast(codeql, CODEQL_NEXT_MINIMUM_VERSION)) {
|
||||
const result = await codeql.getVersion();
|
||||
core9.warning(
|
||||
core10.warning(
|
||||
`CodeQL CLI version ${result.version} was discontinued on ${GHES_MOST_RECENT_DEPRECATION_DATE} alongside GitHub Enterprise Server ${GHES_VERSION_MOST_RECENTLY_DEPRECATED} and will not be supported by the next minor release of the CodeQL Action. Please update to CodeQL CLI version ${CODEQL_NEXT_MINIMUM_VERSION} or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
|
||||
|
||||
Alternatively, if you want to continue using CodeQL CLI version ${result.version}, you can replace 'github/codeql-action/*@v${getActionVersion().split(".")[0]}' by 'github/codeql-action/*@v${getActionVersion()}' in your code scanning workflow to continue using this version of the CodeQL Action.`
|
||||
);
|
||||
core9.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
core10.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
}
|
||||
return codeql;
|
||||
}
|
||||
@@ -118426,13 +118511,17 @@ async function runCli(cmd, args = [], opts = {}) {
|
||||
}
|
||||
async function writeCodeScanningConfigFile(config, logger) {
|
||||
const codeScanningConfigFile = getGeneratedCodeScanningConfigPath(config);
|
||||
const augmentedConfig = appendExtraQueryExclusions(
|
||||
config.extraQueryExclusions,
|
||||
config.computedConfig
|
||||
);
|
||||
logger.info(
|
||||
`Writing augmented user configuration file to ${codeScanningConfigFile}`
|
||||
);
|
||||
logger.startGroup("Augmented user configuration file contents");
|
||||
logger.info(dump(config.computedConfig));
|
||||
logger.info(dump(augmentedConfig));
|
||||
logger.endGroup();
|
||||
fs3.writeFileSync(codeScanningConfigFile, dump(config.computedConfig));
|
||||
fs4.writeFileSync(codeScanningConfigFile, dump(augmentedConfig));
|
||||
return codeScanningConfigFile;
|
||||
}
|
||||
var TRAP_CACHE_SIZE_MB = 1024;
|
||||
@@ -118455,7 +118544,7 @@ async function getTrapCachingExtractorConfigArgsForLang(config, language) {
|
||||
];
|
||||
}
|
||||
function getGeneratedCodeScanningConfigPath(config) {
|
||||
return path3.resolve(config.tempDir, "user-config.yaml");
|
||||
return path4.resolve(config.tempDir, "user-config.yaml");
|
||||
}
|
||||
function getExtractionVerbosityArguments(enableDebugLogging) {
|
||||
return enableDebugLogging ? [`--verbosity=${EXTRACTION_DEBUG_MODE_VERBOSITY}`] : [];
|
||||
@@ -118475,70 +118564,6 @@ async function getJobRunUuidSarifOptions(codeql) {
|
||||
) ? [`--sarif-run-property=jobRunUuid=${jobRunUuid}`] : [];
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs4 = __toESM(require("fs"));
|
||||
var path4 = __toESM(require("path"));
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// src/analyses.ts
|
||||
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
AnalysisKind2["CodeScanning"] = "code-scanning";
|
||||
AnalysisKind2["CodeQuality"] = "code-quality";
|
||||
return AnalysisKind2;
|
||||
})(AnalysisKind || {});
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core10 = __toESM(require_core());
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path4.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs4.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs4.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
|
||||
// src/debug-artifacts.ts
|
||||
var fs5 = __toESM(require("fs"));
|
||||
var path5 = __toESM(require("path"));
|
||||
|
||||
Generated
+315
-288
@@ -89845,6 +89845,9 @@ function satisfiesGHESVersion(ghesVersion, range, defaultIfInvalid) {
|
||||
semverVersion.prerelease = [];
|
||||
return semver.satisfies(semverVersion, range);
|
||||
}
|
||||
function cloneObject(obj) {
|
||||
return JSON.parse(JSON.stringify(obj));
|
||||
}
|
||||
async function checkSipEnablement(logger) {
|
||||
if (process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */] !== void 0 && ["true", "false"].includes(process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */])) {
|
||||
return process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */] === "true";
|
||||
@@ -90284,12 +90287,12 @@ function wrapApiConfigurationError(e) {
|
||||
}
|
||||
|
||||
// src/autobuild.ts
|
||||
var core10 = __toESM(require_core());
|
||||
var core11 = __toESM(require_core());
|
||||
|
||||
// src/codeql.ts
|
||||
var fs12 = __toESM(require("fs"));
|
||||
var path12 = __toESM(require("path"));
|
||||
var core9 = __toESM(require_core());
|
||||
var fs14 = __toESM(require("fs"));
|
||||
var path14 = __toESM(require("path"));
|
||||
var core10 = __toESM(require_core());
|
||||
var toolrunner3 = __toESM(require_toolrunner());
|
||||
|
||||
// src/cli-errors.ts
|
||||
@@ -90529,6 +90532,27 @@ function wrapCliConfigurationError(cliError) {
|
||||
return new ConfigurationError(errorMessageBuilder);
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs9 = __toESM(require("fs"));
|
||||
var path10 = __toESM(require("path"));
|
||||
var semver4 = __toESM(require_semver2());
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
async function getTotalCacheSize(paths, logger, quiet = false) {
|
||||
const sizes = await Promise.all(
|
||||
paths.map((cacheDir) => tryGetFolderBytes(cacheDir, logger, quiet))
|
||||
);
|
||||
return sizes.map((a) => a || 0).reduce((a, b) => a + b, 0);
|
||||
}
|
||||
function shouldStoreCache(kind) {
|
||||
return kind === "full" /* Full */ || kind === "store" /* Store */;
|
||||
}
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
var fs8 = __toESM(require("fs"));
|
||||
var path9 = __toESM(require("path"));
|
||||
|
||||
// src/feature-flags.ts
|
||||
var fs7 = __toESM(require("fs"));
|
||||
var path8 = __toESM(require("path"));
|
||||
@@ -90544,13 +90568,13 @@ var path7 = __toESM(require("path"));
|
||||
var actionsCache = __toESM(require_cache3());
|
||||
|
||||
// src/git-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
var core7 = __toESM(require_core());
|
||||
var toolrunner2 = __toESM(require_toolrunner());
|
||||
var io3 = __toESM(require_io());
|
||||
var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
|
||||
let stdout = "";
|
||||
let stderr = "";
|
||||
core6.debug(`Running git command: git ${args.join(" ")}`);
|
||||
core7.debug(`Running git command: git ${args.join(" ")}`);
|
||||
try {
|
||||
await new toolrunner2.ToolRunner(await io3.which("git", true), args, {
|
||||
silent: true,
|
||||
@@ -90570,7 +90594,7 @@ var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
|
||||
if (stderr.includes("not a git repository")) {
|
||||
reason = "The checkout path provided to the action does not appear to be a git repository.";
|
||||
}
|
||||
core6.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
|
||||
core7.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
|
||||
throw error2;
|
||||
}
|
||||
};
|
||||
@@ -90715,7 +90739,7 @@ async function getRef() {
|
||||
) !== head;
|
||||
if (hasChangedRef) {
|
||||
const newRef = ref.replace(pull_ref_regex, "refs/pull/$1/head");
|
||||
core6.debug(
|
||||
core7.debug(
|
||||
`No longer on merge commit, rewriting ref from ${ref} to ${newRef}.`
|
||||
);
|
||||
return newRef;
|
||||
@@ -90741,16 +90765,16 @@ async function isAnalyzingDefaultBranch() {
|
||||
}
|
||||
|
||||
// src/logging.ts
|
||||
var core7 = __toESM(require_core());
|
||||
var core8 = __toESM(require_core());
|
||||
function getActionsLogger() {
|
||||
return core7;
|
||||
return core8;
|
||||
}
|
||||
async function withGroupAsync(groupName, f) {
|
||||
core7.startGroup(groupName);
|
||||
core8.startGroup(groupName);
|
||||
try {
|
||||
return await f();
|
||||
} finally {
|
||||
core7.endGroup();
|
||||
core8.endGroup();
|
||||
}
|
||||
}
|
||||
function formatDuration(durationMs) {
|
||||
@@ -91352,12 +91376,243 @@ var GitHubFeatureFlags = class {
|
||||
}
|
||||
};
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
async function getDiffInformedAnalysisBranches(codeql, features, logger) {
|
||||
if (!await features.getValue("diff_informed_queries" /* DiffInformedQueries */, codeql)) {
|
||||
return void 0;
|
||||
}
|
||||
const gitHubVersion = await getGitHubVersion();
|
||||
if (gitHubVersion.type === 1 /* GHES */ && satisfiesGHESVersion(gitHubVersion.version, "<3.19", true)) {
|
||||
return void 0;
|
||||
}
|
||||
const branches = getPullRequestBranches();
|
||||
if (!branches) {
|
||||
logger.info(
|
||||
"Not performing diff-informed analysis because we are not analyzing a pull request."
|
||||
);
|
||||
}
|
||||
return branches;
|
||||
}
|
||||
function getDiffRangesJsonFilePath() {
|
||||
return path9.join(getTemporaryDirectory(), "pr-diff-range.json");
|
||||
}
|
||||
function writeDiffRangesJsonFile(logger, ranges) {
|
||||
const jsonContents = JSON.stringify(ranges, null, 2);
|
||||
const jsonFilePath = getDiffRangesJsonFilePath();
|
||||
fs8.writeFileSync(jsonFilePath, jsonContents);
|
||||
logger.debug(
|
||||
`Wrote pr-diff-range JSON file to ${jsonFilePath}:
|
||||
${jsonContents}`
|
||||
);
|
||||
}
|
||||
function readDiffRangesJsonFile(logger) {
|
||||
const jsonFilePath = getDiffRangesJsonFilePath();
|
||||
if (!fs8.existsSync(jsonFilePath)) {
|
||||
logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
|
||||
return void 0;
|
||||
}
|
||||
const jsonContents = fs8.readFileSync(jsonFilePath, "utf8");
|
||||
logger.debug(
|
||||
`Read pr-diff-range JSON file from ${jsonFilePath}:
|
||||
${jsonContents}`
|
||||
);
|
||||
return JSON.parse(jsonContents);
|
||||
}
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
var CACHE_VERSION2 = 1;
|
||||
var CODEQL_TRAP_CACHE_PREFIX = "codeql-trap";
|
||||
var MINIMUM_CACHE_MB_TO_UPLOAD = 10;
|
||||
var MAX_CACHE_OPERATION_MS2 = 12e4;
|
||||
async function uploadTrapCaches(codeql, config, logger) {
|
||||
if (!await isAnalyzingDefaultBranch()) return false;
|
||||
for (const language of config.languages) {
|
||||
const cacheDir = config.trapCaches[language];
|
||||
if (cacheDir === void 0) continue;
|
||||
const trapFolderSize = await tryGetFolderBytes(cacheDir, logger);
|
||||
if (trapFolderSize === void 0) {
|
||||
logger.info(
|
||||
`Skipping upload of TRAP cache for ${language} as we couldn't determine its size`
|
||||
);
|
||||
continue;
|
||||
}
|
||||
if (trapFolderSize < MINIMUM_CACHE_MB_TO_UPLOAD * 1048576) {
|
||||
logger.info(
|
||||
`Skipping upload of TRAP cache for ${language} as it is too small`
|
||||
);
|
||||
continue;
|
||||
}
|
||||
const key = await cacheKey(
|
||||
codeql,
|
||||
language,
|
||||
process.env.GITHUB_SHA || "unknown"
|
||||
);
|
||||
logger.info(`Uploading TRAP cache to Actions cache with key ${key}`);
|
||||
await withTimeout(
|
||||
MAX_CACHE_OPERATION_MS2,
|
||||
actionsCache2.saveCache([cacheDir], key),
|
||||
() => {
|
||||
logger.info(
|
||||
`Timed out waiting for TRAP cache for ${language} to upload, will continue without uploading`
|
||||
);
|
||||
}
|
||||
);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
async function cleanupTrapCaches(config, features, logger) {
|
||||
if (!await features.getValue("cleanup_trap_caches" /* CleanupTrapCaches */)) {
|
||||
return {
|
||||
trap_cache_cleanup_skipped_because: "feature disabled"
|
||||
};
|
||||
}
|
||||
if (!await isAnalyzingDefaultBranch()) {
|
||||
return {
|
||||
trap_cache_cleanup_skipped_because: "not analyzing default branch"
|
||||
};
|
||||
}
|
||||
try {
|
||||
let totalBytesCleanedUp = 0;
|
||||
const allCaches = await listActionsCaches(
|
||||
CODEQL_TRAP_CACHE_PREFIX,
|
||||
await getRef()
|
||||
);
|
||||
for (const language of config.languages) {
|
||||
if (config.trapCaches[language]) {
|
||||
const cachesToRemove = await getTrapCachesForLanguage(
|
||||
allCaches,
|
||||
language,
|
||||
logger
|
||||
);
|
||||
cachesToRemove.sort((a, b) => a.created_at.localeCompare(b.created_at));
|
||||
const mostRecentCache = cachesToRemove.pop();
|
||||
logger.debug(
|
||||
`Keeping most recent TRAP cache (${JSON.stringify(mostRecentCache)})`
|
||||
);
|
||||
if (cachesToRemove.length === 0) {
|
||||
logger.info(`No TRAP caches to clean up for ${language}.`);
|
||||
continue;
|
||||
}
|
||||
for (const cache of cachesToRemove) {
|
||||
logger.debug(`Cleaning up TRAP cache (${JSON.stringify(cache)})`);
|
||||
await deleteActionsCache(cache.id);
|
||||
}
|
||||
const bytesCleanedUp = cachesToRemove.reduce(
|
||||
(acc, item) => acc + item.size_in_bytes,
|
||||
0
|
||||
);
|
||||
totalBytesCleanedUp += bytesCleanedUp;
|
||||
const megabytesCleanedUp = (bytesCleanedUp / (1024 * 1024)).toFixed(2);
|
||||
logger.info(
|
||||
`Cleaned up ${megabytesCleanedUp} MiB of old TRAP caches for ${language}.`
|
||||
);
|
||||
}
|
||||
}
|
||||
return { trap_cache_cleanup_size_bytes: totalBytesCleanedUp };
|
||||
} catch (e) {
|
||||
if (isHTTPError(e) && e.status === 403) {
|
||||
logger.warning(
|
||||
`Could not cleanup TRAP caches as the token did not have the required permissions. To clean up TRAP caches, ensure the token has the "actions:write" permission. See ${"https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs" /* ASSIGNING_PERMISSIONS_TO_JOBS */} for more information.`
|
||||
);
|
||||
} else {
|
||||
logger.info(`Failed to cleanup TRAP caches, continuing. Details: ${e}`);
|
||||
}
|
||||
return { trap_cache_cleanup_error: getErrorMessage(e) };
|
||||
}
|
||||
}
|
||||
async function getTrapCachesForLanguage(allCaches, language, logger) {
|
||||
logger.debug(`Listing TRAP caches for ${language}`);
|
||||
for (const cache of allCaches) {
|
||||
if (!cache.created_at || !cache.id || !cache.key || !cache.size_in_bytes) {
|
||||
throw new Error(
|
||||
`An unexpected cache item was returned from the API that was missing one or more required fields: ${JSON.stringify(cache)}`
|
||||
);
|
||||
}
|
||||
}
|
||||
return allCaches.filter((cache) => {
|
||||
return cache.key?.includes(`-${language}-`);
|
||||
});
|
||||
}
|
||||
async function cacheKey(codeql, language, baseSha) {
|
||||
return `${await cachePrefix(codeql, language)}${baseSha}`;
|
||||
}
|
||||
async function cachePrefix(codeql, language) {
|
||||
return `${CODEQL_TRAP_CACHE_PREFIX}-${CACHE_VERSION2}-${(await codeql.getVersion()).version}-${language}-`;
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path10.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs9.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs9.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
function appendExtraQueryExclusions(extraQueryExclusions, cliConfig) {
|
||||
if (extraQueryExclusions.length === 0) {
|
||||
return cliConfig;
|
||||
}
|
||||
const augmentedConfig = cloneObject(cliConfig);
|
||||
augmentedConfig["query-filters"] = [
|
||||
// Ordering matters. If the first filter is an inclusion, it implicitly
|
||||
// excludes all queries that are not included. If it is an exclusion,
|
||||
// it implicitly includes all queries that are not excluded. So user
|
||||
// filters (if any) should always be first to preserve intent.
|
||||
...augmentedConfig["query-filters"] || [],
|
||||
...extraQueryExclusions
|
||||
];
|
||||
if (augmentedConfig["query-filters"]?.length === 0) {
|
||||
delete augmentedConfig["query-filters"];
|
||||
}
|
||||
return augmentedConfig;
|
||||
}
|
||||
function isCodeQualityEnabled(config) {
|
||||
return config.analysisKinds.includes("code-quality" /* CodeQuality */);
|
||||
}
|
||||
|
||||
// src/setup-codeql.ts
|
||||
var fs10 = __toESM(require("fs"));
|
||||
var path10 = __toESM(require("path"));
|
||||
var fs12 = __toESM(require("fs"));
|
||||
var path12 = __toESM(require("path"));
|
||||
var toolcache3 = __toESM(require_tool_cache());
|
||||
var import_fast_deep_equal = __toESM(require_fast_deep_equal());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// node_modules/uuid/dist/esm/stringify.js
|
||||
var byteToHex = [];
|
||||
@@ -91412,12 +91667,12 @@ var v4_default = v4;
|
||||
|
||||
// src/tar.ts
|
||||
var import_child_process = require("child_process");
|
||||
var fs8 = __toESM(require("fs"));
|
||||
var fs10 = __toESM(require("fs"));
|
||||
var stream = __toESM(require("stream"));
|
||||
var import_toolrunner = __toESM(require_toolrunner());
|
||||
var io4 = __toESM(require_io());
|
||||
var toolcache = __toESM(require_tool_cache());
|
||||
var semver4 = __toESM(require_semver2());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var MIN_REQUIRED_BSD_TAR_VERSION = "3.4.3";
|
||||
var MIN_REQUIRED_GNU_TAR_VERSION = "1.31";
|
||||
async function getTarVersion() {
|
||||
@@ -91459,9 +91714,9 @@ async function isZstdAvailable(logger) {
|
||||
case "gnu":
|
||||
return {
|
||||
available: foundZstdBinary && // GNU tar only uses major and minor version numbers
|
||||
semver4.gte(
|
||||
semver4.coerce(version),
|
||||
semver4.coerce(MIN_REQUIRED_GNU_TAR_VERSION)
|
||||
semver5.gte(
|
||||
semver5.coerce(version),
|
||||
semver5.coerce(MIN_REQUIRED_GNU_TAR_VERSION)
|
||||
),
|
||||
foundZstdBinary,
|
||||
version: tarVersion
|
||||
@@ -91470,7 +91725,7 @@ async function isZstdAvailable(logger) {
|
||||
return {
|
||||
available: foundZstdBinary && // Do a loose comparison since these version numbers don't contain
|
||||
// a patch version number.
|
||||
semver4.gte(version, MIN_REQUIRED_BSD_TAR_VERSION),
|
||||
semver5.gte(version, MIN_REQUIRED_BSD_TAR_VERSION),
|
||||
foundZstdBinary,
|
||||
version: tarVersion
|
||||
};
|
||||
@@ -91485,7 +91740,7 @@ async function isZstdAvailable(logger) {
|
||||
}
|
||||
}
|
||||
async function extract(tarPath, dest, compressionMethod, tarVersion, logger) {
|
||||
fs8.mkdirSync(dest, { recursive: true });
|
||||
fs10.mkdirSync(dest, { recursive: true });
|
||||
switch (compressionMethod) {
|
||||
case "gzip":
|
||||
return await toolcache.extractTar(tarPath, dest);
|
||||
@@ -91569,15 +91824,15 @@ function inferCompressionMethod(tarPath) {
|
||||
}
|
||||
|
||||
// src/tools-download.ts
|
||||
var fs9 = __toESM(require("fs"));
|
||||
var fs11 = __toESM(require("fs"));
|
||||
var os2 = __toESM(require("os"));
|
||||
var path9 = __toESM(require("path"));
|
||||
var path11 = __toESM(require("path"));
|
||||
var import_perf_hooks = require("perf_hooks");
|
||||
var core8 = __toESM(require_core());
|
||||
var core9 = __toESM(require_core());
|
||||
var import_http_client = __toESM(require_lib());
|
||||
var toolcache2 = __toESM(require_tool_cache());
|
||||
var import_follow_redirects = __toESM(require_follow_redirects());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var STREAMING_HIGH_WATERMARK_BYTES = 4 * 1024 * 1024;
|
||||
var TOOLCACHE_TOOL_NAME = "CodeQL";
|
||||
function makeDownloadFirstToolsDownloadDurations(downloadDurationMs, extractionDurationMs) {
|
||||
@@ -91627,10 +91882,10 @@ async function downloadAndExtract(codeqlURL, compressionMethod, dest, authorizat
|
||||
};
|
||||
}
|
||||
} catch (e) {
|
||||
core8.warning(
|
||||
core9.warning(
|
||||
`Failed to download and extract CodeQL bundle using streaming with error: ${getErrorMessage(e)}`
|
||||
);
|
||||
core8.warning(`Falling back to downloading the bundle before extracting.`);
|
||||
core9.warning(`Falling back to downloading the bundle before extracting.`);
|
||||
await cleanUpGlob(dest, "CodeQL bundle", logger);
|
||||
}
|
||||
const toolsDownloadStart = import_perf_hooks.performance.now();
|
||||
@@ -91676,7 +91931,7 @@ async function downloadAndExtract(codeqlURL, compressionMethod, dest, authorizat
|
||||
};
|
||||
}
|
||||
async function downloadAndExtractZstdWithStreaming(codeqlURL, dest, authorization, headers, tarVersion, logger) {
|
||||
fs9.mkdirSync(dest, { recursive: true });
|
||||
fs11.mkdirSync(dest, { recursive: true });
|
||||
const agent = new import_http_client.HttpClient().getAgent(codeqlURL);
|
||||
headers = Object.assign(
|
||||
{ "User-Agent": "CodeQL Action" },
|
||||
@@ -91704,16 +91959,16 @@ async function downloadAndExtractZstdWithStreaming(codeqlURL, dest, authorizatio
|
||||
await extractTarZst(response, dest, tarVersion, logger);
|
||||
}
|
||||
function getToolcacheDirectory(version) {
|
||||
return path9.join(
|
||||
return path11.join(
|
||||
getRequiredEnvParam("RUNNER_TOOL_CACHE"),
|
||||
TOOLCACHE_TOOL_NAME,
|
||||
semver5.clean(version) || version,
|
||||
semver6.clean(version) || version,
|
||||
os2.arch() || ""
|
||||
);
|
||||
}
|
||||
function writeToolcacheMarkerFile(extractedPath, logger) {
|
||||
const markerFilePath = `${extractedPath}.complete`;
|
||||
fs9.writeFileSync(markerFilePath, "");
|
||||
fs11.writeFileSync(markerFilePath, "");
|
||||
logger.info(`Created toolcache marker file ${markerFilePath}`);
|
||||
}
|
||||
function sanitizeUrlForStatusReport(url2) {
|
||||
@@ -91828,13 +92083,13 @@ function tryGetTagNameFromUrl(url2, logger) {
|
||||
return match[1];
|
||||
}
|
||||
function convertToSemVer(version, logger) {
|
||||
if (!semver6.valid(version)) {
|
||||
if (!semver7.valid(version)) {
|
||||
logger.debug(
|
||||
`Bundle version ${version} is not in SemVer format. Will treat it as pre-release 0.0.0-${version}.`
|
||||
);
|
||||
version = `0.0.0-${version}`;
|
||||
}
|
||||
const s = semver6.clean(version);
|
||||
const s = semver7.clean(version);
|
||||
if (!s) {
|
||||
throw new Error(`Bundle version ${version} is not in SemVer format.`);
|
||||
}
|
||||
@@ -91844,7 +92099,7 @@ async function findOverridingToolsInCache(humanReadableVersion, logger) {
|
||||
const candidates = toolcache3.findAllVersions("CodeQL").filter(isGoodVersion).map((version) => ({
|
||||
folder: toolcache3.find("CodeQL", version),
|
||||
version
|
||||
})).filter(({ folder }) => fs10.existsSync(path10.join(folder, "pinned-version")));
|
||||
})).filter(({ folder }) => fs12.existsSync(path12.join(folder, "pinned-version")));
|
||||
if (candidates.length === 1) {
|
||||
const candidate = candidates[0];
|
||||
logger.debug(
|
||||
@@ -91904,7 +92159,7 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
|
||||
url2 = toolsInput;
|
||||
if (tagName) {
|
||||
const bundleVersion3 = tryGetBundleVersionFromTagName(tagName, logger);
|
||||
if (bundleVersion3 && semver6.valid(bundleVersion3)) {
|
||||
if (bundleVersion3 && semver7.valid(bundleVersion3)) {
|
||||
cliVersion2 = convertToSemVer(bundleVersion3, logger);
|
||||
}
|
||||
}
|
||||
@@ -92173,16 +92428,16 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defau
|
||||
async function useZstdBundle(cliVersion2, tarSupportsZstd) {
|
||||
return (
|
||||
// In testing, gzip performs better than zstd on Windows.
|
||||
process.platform !== "win32" && tarSupportsZstd && semver6.gte(cliVersion2, CODEQL_VERSION_ZSTD_BUNDLE)
|
||||
process.platform !== "win32" && tarSupportsZstd && semver7.gte(cliVersion2, CODEQL_VERSION_ZSTD_BUNDLE)
|
||||
);
|
||||
}
|
||||
function getTempExtractionDir(tempDir) {
|
||||
return path10.join(tempDir, v4_default());
|
||||
return path12.join(tempDir, v4_default());
|
||||
}
|
||||
|
||||
// src/tracer-config.ts
|
||||
var fs11 = __toESM(require("fs"));
|
||||
var path11 = __toESM(require("path"));
|
||||
var fs13 = __toESM(require("fs"));
|
||||
var path13 = __toESM(require("path"));
|
||||
async function shouldEnableIndirectTracing(codeql, config) {
|
||||
if (config.buildMode === "none" /* None */) {
|
||||
return false;
|
||||
@@ -92197,18 +92452,18 @@ async function endTracingForCluster(codeql, config, logger) {
|
||||
logger.info(
|
||||
"Unsetting build tracing environment variables. Subsequent steps of this job will not be traced."
|
||||
);
|
||||
const envVariablesFile = path11.resolve(
|
||||
const envVariablesFile = path13.resolve(
|
||||
config.dbLocation,
|
||||
"temp/tracingEnvironment/end-tracing.json"
|
||||
);
|
||||
if (!fs11.existsSync(envVariablesFile)) {
|
||||
if (!fs13.existsSync(envVariablesFile)) {
|
||||
throw new Error(
|
||||
`Environment file for ending tracing not found: ${envVariablesFile}`
|
||||
);
|
||||
}
|
||||
try {
|
||||
const endTracingEnvVariables = JSON.parse(
|
||||
fs11.readFileSync(envVariablesFile, "utf8")
|
||||
fs13.readFileSync(envVariablesFile, "utf8")
|
||||
);
|
||||
for (const [key, value] of Object.entries(endTracingEnvVariables)) {
|
||||
if (value !== null) {
|
||||
@@ -92253,7 +92508,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV
|
||||
toolsDownloadStatusReport
|
||||
)}`
|
||||
);
|
||||
let codeqlCmd = path12.join(codeqlFolder, "codeql", "codeql");
|
||||
let codeqlCmd = path14.join(codeqlFolder, "codeql", "codeql");
|
||||
if (process.platform === "win32") {
|
||||
codeqlCmd += ".exe";
|
||||
} else if (process.platform !== "linux" && process.platform !== "darwin") {
|
||||
@@ -92314,12 +92569,12 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async isTracedLanguage(language) {
|
||||
const extractorPath = await this.resolveExtractor(language);
|
||||
const tracingConfigPath = path12.join(
|
||||
const tracingConfigPath = path14.join(
|
||||
extractorPath,
|
||||
"tools",
|
||||
"tracing-config.lua"
|
||||
);
|
||||
return fs12.existsSync(tracingConfigPath);
|
||||
return fs14.existsSync(tracingConfigPath);
|
||||
},
|
||||
async isScannedLanguage(language) {
|
||||
return !await this.isTracedLanguage(language);
|
||||
@@ -92390,7 +92645,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async runAutobuild(config, language) {
|
||||
applyAutobuildAzurePipelinesTimeoutFix();
|
||||
const autobuildCmd = path12.join(
|
||||
const autobuildCmd = path14.join(
|
||||
await this.resolveExtractor(language),
|
||||
"tools",
|
||||
process.platform === "win32" ? "autobuild.cmd" : "autobuild.sh"
|
||||
@@ -92711,12 +92966,12 @@ ${output}`
|
||||
);
|
||||
} else if (checkVersion && process.env["CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */] !== "true" && !await codeQlVersionAtLeast(codeql, CODEQL_NEXT_MINIMUM_VERSION)) {
|
||||
const result = await codeql.getVersion();
|
||||
core9.warning(
|
||||
core10.warning(
|
||||
`CodeQL CLI version ${result.version} was discontinued on ${GHES_MOST_RECENT_DEPRECATION_DATE} alongside GitHub Enterprise Server ${GHES_VERSION_MOST_RECENTLY_DEPRECATED} and will not be supported by the next minor release of the CodeQL Action. Please update to CodeQL CLI version ${CODEQL_NEXT_MINIMUM_VERSION} or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
|
||||
|
||||
Alternatively, if you want to continue using CodeQL CLI version ${result.version}, you can replace 'github/codeql-action/*@v${getActionVersion().split(".")[0]}' by 'github/codeql-action/*@v${getActionVersion()}' in your code scanning workflow to continue using this version of the CodeQL Action.`
|
||||
);
|
||||
core9.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
core10.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
}
|
||||
return codeql;
|
||||
}
|
||||
@@ -92768,13 +93023,17 @@ async function runCli(cmd, args = [], opts = {}) {
|
||||
}
|
||||
async function writeCodeScanningConfigFile(config, logger) {
|
||||
const codeScanningConfigFile = getGeneratedCodeScanningConfigPath(config);
|
||||
const augmentedConfig = appendExtraQueryExclusions(
|
||||
config.extraQueryExclusions,
|
||||
config.computedConfig
|
||||
);
|
||||
logger.info(
|
||||
`Writing augmented user configuration file to ${codeScanningConfigFile}`
|
||||
);
|
||||
logger.startGroup("Augmented user configuration file contents");
|
||||
logger.info(dump(config.computedConfig));
|
||||
logger.info(dump(augmentedConfig));
|
||||
logger.endGroup();
|
||||
fs12.writeFileSync(codeScanningConfigFile, dump(config.computedConfig));
|
||||
fs14.writeFileSync(codeScanningConfigFile, dump(augmentedConfig));
|
||||
return codeScanningConfigFile;
|
||||
}
|
||||
var TRAP_CACHE_SIZE_MB = 1024;
|
||||
@@ -92797,7 +93056,7 @@ async function getTrapCachingExtractorConfigArgsForLang(config, language) {
|
||||
];
|
||||
}
|
||||
function getGeneratedCodeScanningConfigPath(config) {
|
||||
return path12.resolve(config.tempDir, "user-config.yaml");
|
||||
return path14.resolve(config.tempDir, "user-config.yaml");
|
||||
}
|
||||
function getExtractionVerbosityArguments(enableDebugLogging) {
|
||||
return enableDebugLogging ? [`--verbosity=${EXTRACTION_DEBUG_MODE_VERBOSITY}`] : [];
|
||||
@@ -92834,16 +93093,16 @@ async function setupCppAutobuild(codeql, logger) {
|
||||
logger.info(
|
||||
`Disabling ${featureName} as we are on a self-hosted runner.${getWorkflowEventName() !== "dynamic" ? ` To override this, set the ${envVar} environment variable to 'true' in your workflow. See ${"https://docs.github.com/en/actions/learn-github-actions/variables#defining-environment-variables-for-a-single-workflow" /* DEFINE_ENV_VARIABLES */} for more information.` : ""}`
|
||||
);
|
||||
core10.exportVariable(envVar, "false");
|
||||
core11.exportVariable(envVar, "false");
|
||||
} else {
|
||||
logger.info(
|
||||
`Enabling ${featureName}. This can be disabled by setting the ${envVar} environment variable to 'false'. See ${"https://docs.github.com/en/actions/learn-github-actions/variables#defining-environment-variables-for-a-single-workflow" /* DEFINE_ENV_VARIABLES */} for more information.`
|
||||
);
|
||||
core10.exportVariable(envVar, "true");
|
||||
core11.exportVariable(envVar, "true");
|
||||
}
|
||||
} else {
|
||||
logger.info(`Disabling ${featureName}.`);
|
||||
core10.exportVariable(envVar, "false");
|
||||
core11.exportVariable(envVar, "false");
|
||||
}
|
||||
}
|
||||
async function runAutobuild(config, language, logger) {
|
||||
@@ -92858,243 +93117,11 @@ async function runAutobuild(config, language, logger) {
|
||||
await codeQL.runAutobuild(config, language);
|
||||
}
|
||||
if (language === "go" /* go */) {
|
||||
core10.exportVariable("CODEQL_ACTION_DID_AUTOBUILD_GOLANG" /* DID_AUTOBUILD_GOLANG */, "true");
|
||||
core11.exportVariable("CODEQL_ACTION_DID_AUTOBUILD_GOLANG" /* DID_AUTOBUILD_GOLANG */, "true");
|
||||
}
|
||||
logger.endGroup();
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs14 = __toESM(require("fs"));
|
||||
var path14 = __toESM(require("path"));
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core11 = __toESM(require_core());
|
||||
async function getTotalCacheSize(paths, logger, quiet = false) {
|
||||
const sizes = await Promise.all(
|
||||
paths.map((cacheDir) => tryGetFolderBytes(cacheDir, logger, quiet))
|
||||
);
|
||||
return sizes.map((a) => a || 0).reduce((a, b) => a + b, 0);
|
||||
}
|
||||
function shouldStoreCache(kind) {
|
||||
return kind === "full" /* Full */ || kind === "store" /* Store */;
|
||||
}
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
var fs13 = __toESM(require("fs"));
|
||||
var path13 = __toESM(require("path"));
|
||||
async function getDiffInformedAnalysisBranches(codeql, features, logger) {
|
||||
if (!await features.getValue("diff_informed_queries" /* DiffInformedQueries */, codeql)) {
|
||||
return void 0;
|
||||
}
|
||||
const gitHubVersion = await getGitHubVersion();
|
||||
if (gitHubVersion.type === 1 /* GHES */ && satisfiesGHESVersion(gitHubVersion.version, "<3.19", true)) {
|
||||
return void 0;
|
||||
}
|
||||
const branches = getPullRequestBranches();
|
||||
if (!branches) {
|
||||
logger.info(
|
||||
"Not performing diff-informed analysis because we are not analyzing a pull request."
|
||||
);
|
||||
}
|
||||
return branches;
|
||||
}
|
||||
function getDiffRangesJsonFilePath() {
|
||||
return path13.join(getTemporaryDirectory(), "pr-diff-range.json");
|
||||
}
|
||||
function writeDiffRangesJsonFile(logger, ranges) {
|
||||
const jsonContents = JSON.stringify(ranges, null, 2);
|
||||
const jsonFilePath = getDiffRangesJsonFilePath();
|
||||
fs13.writeFileSync(jsonFilePath, jsonContents);
|
||||
logger.debug(
|
||||
`Wrote pr-diff-range JSON file to ${jsonFilePath}:
|
||||
${jsonContents}`
|
||||
);
|
||||
}
|
||||
function readDiffRangesJsonFile(logger) {
|
||||
const jsonFilePath = getDiffRangesJsonFilePath();
|
||||
if (!fs13.existsSync(jsonFilePath)) {
|
||||
logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
|
||||
return void 0;
|
||||
}
|
||||
const jsonContents = fs13.readFileSync(jsonFilePath, "utf8");
|
||||
logger.debug(
|
||||
`Read pr-diff-range JSON file from ${jsonFilePath}:
|
||||
${jsonContents}`
|
||||
);
|
||||
return JSON.parse(jsonContents);
|
||||
}
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
var CACHE_VERSION2 = 1;
|
||||
var CODEQL_TRAP_CACHE_PREFIX = "codeql-trap";
|
||||
var MINIMUM_CACHE_MB_TO_UPLOAD = 10;
|
||||
var MAX_CACHE_OPERATION_MS2 = 12e4;
|
||||
async function uploadTrapCaches(codeql, config, logger) {
|
||||
if (!await isAnalyzingDefaultBranch()) return false;
|
||||
for (const language of config.languages) {
|
||||
const cacheDir = config.trapCaches[language];
|
||||
if (cacheDir === void 0) continue;
|
||||
const trapFolderSize = await tryGetFolderBytes(cacheDir, logger);
|
||||
if (trapFolderSize === void 0) {
|
||||
logger.info(
|
||||
`Skipping upload of TRAP cache for ${language} as we couldn't determine its size`
|
||||
);
|
||||
continue;
|
||||
}
|
||||
if (trapFolderSize < MINIMUM_CACHE_MB_TO_UPLOAD * 1048576) {
|
||||
logger.info(
|
||||
`Skipping upload of TRAP cache for ${language} as it is too small`
|
||||
);
|
||||
continue;
|
||||
}
|
||||
const key = await cacheKey(
|
||||
codeql,
|
||||
language,
|
||||
process.env.GITHUB_SHA || "unknown"
|
||||
);
|
||||
logger.info(`Uploading TRAP cache to Actions cache with key ${key}`);
|
||||
await withTimeout(
|
||||
MAX_CACHE_OPERATION_MS2,
|
||||
actionsCache2.saveCache([cacheDir], key),
|
||||
() => {
|
||||
logger.info(
|
||||
`Timed out waiting for TRAP cache for ${language} to upload, will continue without uploading`
|
||||
);
|
||||
}
|
||||
);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
async function cleanupTrapCaches(config, features, logger) {
|
||||
if (!await features.getValue("cleanup_trap_caches" /* CleanupTrapCaches */)) {
|
||||
return {
|
||||
trap_cache_cleanup_skipped_because: "feature disabled"
|
||||
};
|
||||
}
|
||||
if (!await isAnalyzingDefaultBranch()) {
|
||||
return {
|
||||
trap_cache_cleanup_skipped_because: "not analyzing default branch"
|
||||
};
|
||||
}
|
||||
try {
|
||||
let totalBytesCleanedUp = 0;
|
||||
const allCaches = await listActionsCaches(
|
||||
CODEQL_TRAP_CACHE_PREFIX,
|
||||
await getRef()
|
||||
);
|
||||
for (const language of config.languages) {
|
||||
if (config.trapCaches[language]) {
|
||||
const cachesToRemove = await getTrapCachesForLanguage(
|
||||
allCaches,
|
||||
language,
|
||||
logger
|
||||
);
|
||||
cachesToRemove.sort((a, b) => a.created_at.localeCompare(b.created_at));
|
||||
const mostRecentCache = cachesToRemove.pop();
|
||||
logger.debug(
|
||||
`Keeping most recent TRAP cache (${JSON.stringify(mostRecentCache)})`
|
||||
);
|
||||
if (cachesToRemove.length === 0) {
|
||||
logger.info(`No TRAP caches to clean up for ${language}.`);
|
||||
continue;
|
||||
}
|
||||
for (const cache of cachesToRemove) {
|
||||
logger.debug(`Cleaning up TRAP cache (${JSON.stringify(cache)})`);
|
||||
await deleteActionsCache(cache.id);
|
||||
}
|
||||
const bytesCleanedUp = cachesToRemove.reduce(
|
||||
(acc, item) => acc + item.size_in_bytes,
|
||||
0
|
||||
);
|
||||
totalBytesCleanedUp += bytesCleanedUp;
|
||||
const megabytesCleanedUp = (bytesCleanedUp / (1024 * 1024)).toFixed(2);
|
||||
logger.info(
|
||||
`Cleaned up ${megabytesCleanedUp} MiB of old TRAP caches for ${language}.`
|
||||
);
|
||||
}
|
||||
}
|
||||
return { trap_cache_cleanup_size_bytes: totalBytesCleanedUp };
|
||||
} catch (e) {
|
||||
if (isHTTPError(e) && e.status === 403) {
|
||||
logger.warning(
|
||||
`Could not cleanup TRAP caches as the token did not have the required permissions. To clean up TRAP caches, ensure the token has the "actions:write" permission. See ${"https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs" /* ASSIGNING_PERMISSIONS_TO_JOBS */} for more information.`
|
||||
);
|
||||
} else {
|
||||
logger.info(`Failed to cleanup TRAP caches, continuing. Details: ${e}`);
|
||||
}
|
||||
return { trap_cache_cleanup_error: getErrorMessage(e) };
|
||||
}
|
||||
}
|
||||
async function getTrapCachesForLanguage(allCaches, language, logger) {
|
||||
logger.debug(`Listing TRAP caches for ${language}`);
|
||||
for (const cache of allCaches) {
|
||||
if (!cache.created_at || !cache.id || !cache.key || !cache.size_in_bytes) {
|
||||
throw new Error(
|
||||
`An unexpected cache item was returned from the API that was missing one or more required fields: ${JSON.stringify(cache)}`
|
||||
);
|
||||
}
|
||||
}
|
||||
return allCaches.filter((cache) => {
|
||||
return cache.key?.includes(`-${language}-`);
|
||||
});
|
||||
}
|
||||
async function cacheKey(codeql, language, baseSha) {
|
||||
return `${await cachePrefix(codeql, language)}${baseSha}`;
|
||||
}
|
||||
async function cachePrefix(codeql, language) {
|
||||
return `${CODEQL_TRAP_CACHE_PREFIX}-${CACHE_VERSION2}-${(await codeql.getVersion()).version}-${language}-`;
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path14.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs14.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs14.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
function isCodeQualityEnabled(config) {
|
||||
return config.analysisKinds.includes("code-quality" /* CodeQuality */);
|
||||
}
|
||||
|
||||
// src/dependency-caching.ts
|
||||
var os3 = __toESM(require("os"));
|
||||
var import_path = require("path");
|
||||
|
||||
Generated
+120
-95
@@ -77708,6 +77708,9 @@ function checkActionVersion(version, githubVersion) {
|
||||
}
|
||||
}
|
||||
}
|
||||
function cloneObject(obj) {
|
||||
return JSON.parse(JSON.stringify(obj));
|
||||
}
|
||||
async function checkSipEnablement(logger) {
|
||||
if (process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */] !== void 0 && ["true", "false"].includes(process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */])) {
|
||||
return process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */] === "true";
|
||||
@@ -77979,12 +77982,12 @@ async function getAnalysisKey() {
|
||||
}
|
||||
|
||||
// src/autobuild.ts
|
||||
var core10 = __toESM(require_core());
|
||||
var core11 = __toESM(require_core());
|
||||
|
||||
// src/codeql.ts
|
||||
var fs5 = __toESM(require("fs"));
|
||||
var path5 = __toESM(require("path"));
|
||||
var core9 = __toESM(require_core());
|
||||
var fs6 = __toESM(require("fs"));
|
||||
var path6 = __toESM(require("path"));
|
||||
var core10 = __toESM(require_core());
|
||||
var toolrunner3 = __toESM(require_toolrunner());
|
||||
|
||||
// src/cli-errors.ts
|
||||
@@ -78224,6 +78227,22 @@ function wrapCliConfigurationError(cliError) {
|
||||
return new ConfigurationError(errorMessageBuilder);
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs4 = __toESM(require("fs"));
|
||||
var path4 = __toESM(require("path"));
|
||||
var semver4 = __toESM(require_semver2());
|
||||
|
||||
// src/analyses.ts
|
||||
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
AnalysisKind2["CodeScanning"] = "code-scanning";
|
||||
AnalysisKind2["CodeQuality"] = "code-quality";
|
||||
return AnalysisKind2;
|
||||
})(AnalysisKind || {});
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
|
||||
// src/feature-flags.ts
|
||||
var fs3 = __toESM(require("fs"));
|
||||
var path3 = __toESM(require("path"));
|
||||
@@ -78239,13 +78258,13 @@ var path2 = __toESM(require("path"));
|
||||
var actionsCache = __toESM(require_cache3());
|
||||
|
||||
// src/git-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
var core7 = __toESM(require_core());
|
||||
var toolrunner2 = __toESM(require_toolrunner());
|
||||
var io3 = __toESM(require_io());
|
||||
var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
|
||||
let stdout = "";
|
||||
let stderr = "";
|
||||
core6.debug(`Running git command: git ${args.join(" ")}`);
|
||||
core7.debug(`Running git command: git ${args.join(" ")}`);
|
||||
try {
|
||||
await new toolrunner2.ToolRunner(await io3.which("git", true), args, {
|
||||
silent: true,
|
||||
@@ -78265,7 +78284,7 @@ var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
|
||||
if (stderr.includes("not a git repository")) {
|
||||
reason = "The checkout path provided to the action does not appear to be a git repository.";
|
||||
}
|
||||
core6.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
|
||||
core7.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
|
||||
throw error2;
|
||||
}
|
||||
};
|
||||
@@ -78376,7 +78395,7 @@ async function getRef() {
|
||||
) !== head;
|
||||
if (hasChangedRef) {
|
||||
const newRef = ref.replace(pull_ref_regex, "refs/pull/$1/head");
|
||||
core6.debug(
|
||||
core7.debug(
|
||||
`No longer on merge commit, rewriting ref from ${ref} to ${newRef}.`
|
||||
);
|
||||
return newRef;
|
||||
@@ -78402,9 +78421,9 @@ async function isAnalyzingDefaultBranch() {
|
||||
}
|
||||
|
||||
// src/logging.ts
|
||||
var core7 = __toESM(require_core());
|
||||
var core8 = __toESM(require_core());
|
||||
function getActionsLogger() {
|
||||
return core7;
|
||||
return core8;
|
||||
}
|
||||
|
||||
// src/overlay-database-utils.ts
|
||||
@@ -78900,28 +78919,94 @@ var GitHubFeatureFlags = class {
|
||||
}
|
||||
};
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path4.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs4.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs4.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
function appendExtraQueryExclusions(extraQueryExclusions, cliConfig) {
|
||||
if (extraQueryExclusions.length === 0) {
|
||||
return cliConfig;
|
||||
}
|
||||
const augmentedConfig = cloneObject(cliConfig);
|
||||
augmentedConfig["query-filters"] = [
|
||||
// Ordering matters. If the first filter is an inclusion, it implicitly
|
||||
// excludes all queries that are not included. If it is an exclusion,
|
||||
// it implicitly includes all queries that are not excluded. So user
|
||||
// filters (if any) should always be first to preserve intent.
|
||||
...augmentedConfig["query-filters"] || [],
|
||||
...extraQueryExclusions
|
||||
];
|
||||
if (augmentedConfig["query-filters"]?.length === 0) {
|
||||
delete augmentedConfig["query-filters"];
|
||||
}
|
||||
return augmentedConfig;
|
||||
}
|
||||
|
||||
// src/setup-codeql.ts
|
||||
var toolcache3 = __toESM(require_tool_cache());
|
||||
var import_fast_deep_equal = __toESM(require_fast_deep_equal());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// src/tar.ts
|
||||
var import_toolrunner = __toESM(require_toolrunner());
|
||||
var io4 = __toESM(require_io());
|
||||
var toolcache = __toESM(require_tool_cache());
|
||||
var semver4 = __toESM(require_semver2());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
|
||||
// src/tools-download.ts
|
||||
var core8 = __toESM(require_core());
|
||||
var core9 = __toESM(require_core());
|
||||
var import_http_client = __toESM(require_lib());
|
||||
var toolcache2 = __toESM(require_tool_cache());
|
||||
var import_follow_redirects = __toESM(require_follow_redirects());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var STREAMING_HIGH_WATERMARK_BYTES = 4 * 1024 * 1024;
|
||||
|
||||
// src/tracer-config.ts
|
||||
var fs4 = __toESM(require("fs"));
|
||||
var path4 = __toESM(require("path"));
|
||||
var fs5 = __toESM(require("fs"));
|
||||
var path5 = __toESM(require("path"));
|
||||
async function shouldEnableIndirectTracing(codeql, config) {
|
||||
if (config.buildMode === "none" /* None */) {
|
||||
return false;
|
||||
@@ -78936,18 +79021,18 @@ async function endTracingForCluster(codeql, config, logger) {
|
||||
logger.info(
|
||||
"Unsetting build tracing environment variables. Subsequent steps of this job will not be traced."
|
||||
);
|
||||
const envVariablesFile = path4.resolve(
|
||||
const envVariablesFile = path5.resolve(
|
||||
config.dbLocation,
|
||||
"temp/tracingEnvironment/end-tracing.json"
|
||||
);
|
||||
if (!fs4.existsSync(envVariablesFile)) {
|
||||
if (!fs5.existsSync(envVariablesFile)) {
|
||||
throw new Error(
|
||||
`Environment file for ending tracing not found: ${envVariablesFile}`
|
||||
);
|
||||
}
|
||||
try {
|
||||
const endTracingEnvVariables = JSON.parse(
|
||||
fs4.readFileSync(envVariablesFile, "utf8")
|
||||
fs5.readFileSync(envVariablesFile, "utf8")
|
||||
);
|
||||
for (const [key, value] of Object.entries(endTracingEnvVariables)) {
|
||||
if (value !== null) {
|
||||
@@ -79007,12 +79092,12 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async isTracedLanguage(language) {
|
||||
const extractorPath = await this.resolveExtractor(language);
|
||||
const tracingConfigPath = path5.join(
|
||||
const tracingConfigPath = path6.join(
|
||||
extractorPath,
|
||||
"tools",
|
||||
"tracing-config.lua"
|
||||
);
|
||||
return fs5.existsSync(tracingConfigPath);
|
||||
return fs6.existsSync(tracingConfigPath);
|
||||
},
|
||||
async isScannedLanguage(language) {
|
||||
return !await this.isTracedLanguage(language);
|
||||
@@ -79083,7 +79168,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async runAutobuild(config, language) {
|
||||
applyAutobuildAzurePipelinesTimeoutFix();
|
||||
const autobuildCmd = path5.join(
|
||||
const autobuildCmd = path6.join(
|
||||
await this.resolveExtractor(language),
|
||||
"tools",
|
||||
process.platform === "win32" ? "autobuild.cmd" : "autobuild.sh"
|
||||
@@ -79404,12 +79489,12 @@ ${output}`
|
||||
);
|
||||
} else if (checkVersion && process.env["CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */] !== "true" && !await codeQlVersionAtLeast(codeql, CODEQL_NEXT_MINIMUM_VERSION)) {
|
||||
const result = await codeql.getVersion();
|
||||
core9.warning(
|
||||
core10.warning(
|
||||
`CodeQL CLI version ${result.version} was discontinued on ${GHES_MOST_RECENT_DEPRECATION_DATE} alongside GitHub Enterprise Server ${GHES_VERSION_MOST_RECENTLY_DEPRECATED} and will not be supported by the next minor release of the CodeQL Action. Please update to CodeQL CLI version ${CODEQL_NEXT_MINIMUM_VERSION} or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
|
||||
|
||||
Alternatively, if you want to continue using CodeQL CLI version ${result.version}, you can replace 'github/codeql-action/*@v${getActionVersion().split(".")[0]}' by 'github/codeql-action/*@v${getActionVersion()}' in your code scanning workflow to continue using this version of the CodeQL Action.`
|
||||
);
|
||||
core9.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
core10.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
}
|
||||
return codeql;
|
||||
}
|
||||
@@ -79461,13 +79546,17 @@ async function runCli(cmd, args = [], opts = {}) {
|
||||
}
|
||||
async function writeCodeScanningConfigFile(config, logger) {
|
||||
const codeScanningConfigFile = getGeneratedCodeScanningConfigPath(config);
|
||||
const augmentedConfig = appendExtraQueryExclusions(
|
||||
config.extraQueryExclusions,
|
||||
config.computedConfig
|
||||
);
|
||||
logger.info(
|
||||
`Writing augmented user configuration file to ${codeScanningConfigFile}`
|
||||
);
|
||||
logger.startGroup("Augmented user configuration file contents");
|
||||
logger.info(dump(config.computedConfig));
|
||||
logger.info(dump(augmentedConfig));
|
||||
logger.endGroup();
|
||||
fs5.writeFileSync(codeScanningConfigFile, dump(config.computedConfig));
|
||||
fs6.writeFileSync(codeScanningConfigFile, dump(augmentedConfig));
|
||||
return codeScanningConfigFile;
|
||||
}
|
||||
var TRAP_CACHE_SIZE_MB = 1024;
|
||||
@@ -79490,7 +79579,7 @@ async function getTrapCachingExtractorConfigArgsForLang(config, language) {
|
||||
];
|
||||
}
|
||||
function getGeneratedCodeScanningConfigPath(config) {
|
||||
return path5.resolve(config.tempDir, "user-config.yaml");
|
||||
return path6.resolve(config.tempDir, "user-config.yaml");
|
||||
}
|
||||
function getExtractionVerbosityArguments(enableDebugLogging) {
|
||||
return enableDebugLogging ? [`--verbosity=${EXTRACTION_DEBUG_MODE_VERBOSITY}`] : [];
|
||||
@@ -79566,16 +79655,16 @@ async function setupCppAutobuild(codeql, logger) {
|
||||
logger.info(
|
||||
`Disabling ${featureName} as we are on a self-hosted runner.${getWorkflowEventName() !== "dynamic" ? ` To override this, set the ${envVar} environment variable to 'true' in your workflow. See ${"https://docs.github.com/en/actions/learn-github-actions/variables#defining-environment-variables-for-a-single-workflow" /* DEFINE_ENV_VARIABLES */} for more information.` : ""}`
|
||||
);
|
||||
core10.exportVariable(envVar, "false");
|
||||
core11.exportVariable(envVar, "false");
|
||||
} else {
|
||||
logger.info(
|
||||
`Enabling ${featureName}. This can be disabled by setting the ${envVar} environment variable to 'false'. See ${"https://docs.github.com/en/actions/learn-github-actions/variables#defining-environment-variables-for-a-single-workflow" /* DEFINE_ENV_VARIABLES */} for more information.`
|
||||
);
|
||||
core10.exportVariable(envVar, "true");
|
||||
core11.exportVariable(envVar, "true");
|
||||
}
|
||||
} else {
|
||||
logger.info(`Disabling ${featureName}.`);
|
||||
core10.exportVariable(envVar, "false");
|
||||
core11.exportVariable(envVar, "false");
|
||||
}
|
||||
}
|
||||
async function runAutobuild(config, language, logger) {
|
||||
@@ -79590,75 +79679,11 @@ async function runAutobuild(config, language, logger) {
|
||||
await codeQL.runAutobuild(config, language);
|
||||
}
|
||||
if (language === "go" /* go */) {
|
||||
core10.exportVariable("CODEQL_ACTION_DID_AUTOBUILD_GOLANG" /* DID_AUTOBUILD_GOLANG */, "true");
|
||||
core11.exportVariable("CODEQL_ACTION_DID_AUTOBUILD_GOLANG" /* DID_AUTOBUILD_GOLANG */, "true");
|
||||
}
|
||||
logger.endGroup();
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs6 = __toESM(require("fs"));
|
||||
var path6 = __toESM(require("path"));
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// src/analyses.ts
|
||||
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
AnalysisKind2["CodeScanning"] = "code-scanning";
|
||||
AnalysisKind2["CodeQuality"] = "code-quality";
|
||||
return AnalysisKind2;
|
||||
})(AnalysisKind || {});
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core11 = __toESM(require_core());
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path6.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs6.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs6.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
|
||||
// src/status-report.ts
|
||||
var os = __toESM(require("os"));
|
||||
var core12 = __toESM(require_core());
|
||||
|
||||
Generated
+157
-130
@@ -128114,6 +128114,9 @@ function satisfiesGHESVersion(ghesVersion, range, defaultIfInvalid) {
|
||||
semverVersion.prerelease = [];
|
||||
return semver.satisfies(semverVersion, range);
|
||||
}
|
||||
function cloneObject(obj) {
|
||||
return JSON.parse(JSON.stringify(obj));
|
||||
}
|
||||
async function checkSipEnablement(logger) {
|
||||
if (process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */] !== void 0 && ["true", "false"].includes(process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */])) {
|
||||
return process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */] === "true";
|
||||
@@ -128499,9 +128502,9 @@ function wrapApiConfigurationError(e) {
|
||||
}
|
||||
|
||||
// src/codeql.ts
|
||||
var fs11 = __toESM(require("fs"));
|
||||
var path11 = __toESM(require("path"));
|
||||
var core9 = __toESM(require_core());
|
||||
var fs13 = __toESM(require("fs"));
|
||||
var path13 = __toESM(require("path"));
|
||||
var core10 = __toESM(require_core());
|
||||
var toolrunner3 = __toESM(require_toolrunner());
|
||||
|
||||
// src/cli-errors.ts
|
||||
@@ -128741,6 +128744,26 @@ function wrapCliConfigurationError(cliError) {
|
||||
return new ConfigurationError(errorMessageBuilder);
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs9 = __toESM(require("fs"));
|
||||
var path10 = __toESM(require("path"));
|
||||
var semver4 = __toESM(require_semver2());
|
||||
|
||||
// src/analyses.ts
|
||||
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
AnalysisKind2["CodeScanning"] = "code-scanning";
|
||||
AnalysisKind2["CodeQuality"] = "code-quality";
|
||||
return AnalysisKind2;
|
||||
})(AnalysisKind || {});
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
var fs8 = __toESM(require("fs"));
|
||||
var path9 = __toESM(require("path"));
|
||||
|
||||
// src/feature-flags.ts
|
||||
var fs7 = __toESM(require("fs"));
|
||||
var path8 = __toESM(require("path"));
|
||||
@@ -128756,13 +128779,13 @@ var path7 = __toESM(require("path"));
|
||||
var actionsCache = __toESM(require_cache3());
|
||||
|
||||
// src/git-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
var core7 = __toESM(require_core());
|
||||
var toolrunner2 = __toESM(require_toolrunner());
|
||||
var io3 = __toESM(require_io());
|
||||
var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
|
||||
let stdout = "";
|
||||
let stderr = "";
|
||||
core6.debug(`Running git command: git ${args.join(" ")}`);
|
||||
core7.debug(`Running git command: git ${args.join(" ")}`);
|
||||
try {
|
||||
await new toolrunner2.ToolRunner(await io3.which("git", true), args, {
|
||||
silent: true,
|
||||
@@ -128782,7 +128805,7 @@ var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
|
||||
if (stderr.includes("not a git repository")) {
|
||||
reason = "The checkout path provided to the action does not appear to be a git repository.";
|
||||
}
|
||||
core6.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
|
||||
core7.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
|
||||
throw error2;
|
||||
}
|
||||
};
|
||||
@@ -128927,7 +128950,7 @@ async function getRef() {
|
||||
) !== head;
|
||||
if (hasChangedRef) {
|
||||
const newRef = ref.replace(pull_ref_regex, "refs/pull/$1/head");
|
||||
core6.debug(
|
||||
core7.debug(
|
||||
`No longer on merge commit, rewriting ref from ${ref} to ${newRef}.`
|
||||
);
|
||||
return newRef;
|
||||
@@ -128953,16 +128976,16 @@ async function isAnalyzingDefaultBranch() {
|
||||
}
|
||||
|
||||
// src/logging.ts
|
||||
var core7 = __toESM(require_core());
|
||||
var core8 = __toESM(require_core());
|
||||
function getActionsLogger() {
|
||||
return core7;
|
||||
return core8;
|
||||
}
|
||||
function withGroup(groupName, f) {
|
||||
core7.startGroup(groupName);
|
||||
core8.startGroup(groupName);
|
||||
try {
|
||||
return f();
|
||||
} finally {
|
||||
core7.endGroup();
|
||||
core8.endGroup();
|
||||
}
|
||||
}
|
||||
function formatDuration(durationMs) {
|
||||
@@ -129475,12 +129498,96 @@ var GitHubFeatureFlags = class {
|
||||
}
|
||||
};
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
function getDiffRangesJsonFilePath() {
|
||||
return path9.join(getTemporaryDirectory(), "pr-diff-range.json");
|
||||
}
|
||||
function readDiffRangesJsonFile(logger) {
|
||||
const jsonFilePath = getDiffRangesJsonFilePath();
|
||||
if (!fs8.existsSync(jsonFilePath)) {
|
||||
logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
|
||||
return void 0;
|
||||
}
|
||||
const jsonContents = fs8.readFileSync(jsonFilePath, "utf8");
|
||||
logger.debug(
|
||||
`Read pr-diff-range JSON file from ${jsonFilePath}:
|
||||
${jsonContents}`
|
||||
);
|
||||
return JSON.parse(jsonContents);
|
||||
}
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path10.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs9.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs9.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
function appendExtraQueryExclusions(extraQueryExclusions, cliConfig) {
|
||||
if (extraQueryExclusions.length === 0) {
|
||||
return cliConfig;
|
||||
}
|
||||
const augmentedConfig = cloneObject(cliConfig);
|
||||
augmentedConfig["query-filters"] = [
|
||||
// Ordering matters. If the first filter is an inclusion, it implicitly
|
||||
// excludes all queries that are not included. If it is an exclusion,
|
||||
// it implicitly includes all queries that are not excluded. So user
|
||||
// filters (if any) should always be first to preserve intent.
|
||||
...augmentedConfig["query-filters"] || [],
|
||||
...extraQueryExclusions
|
||||
];
|
||||
if (augmentedConfig["query-filters"]?.length === 0) {
|
||||
delete augmentedConfig["query-filters"];
|
||||
}
|
||||
return augmentedConfig;
|
||||
}
|
||||
|
||||
// src/setup-codeql.ts
|
||||
var fs10 = __toESM(require("fs"));
|
||||
var path10 = __toESM(require("path"));
|
||||
var fs12 = __toESM(require("fs"));
|
||||
var path12 = __toESM(require("path"));
|
||||
var toolcache3 = __toESM(require_tool_cache());
|
||||
var import_fast_deep_equal = __toESM(require_fast_deep_equal());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// node_modules/uuid/dist/esm/stringify.js
|
||||
var byteToHex = [];
|
||||
@@ -129535,12 +129642,12 @@ var v4_default = v4;
|
||||
|
||||
// src/tar.ts
|
||||
var import_child_process = require("child_process");
|
||||
var fs8 = __toESM(require("fs"));
|
||||
var fs10 = __toESM(require("fs"));
|
||||
var stream = __toESM(require("stream"));
|
||||
var import_toolrunner = __toESM(require_toolrunner());
|
||||
var io4 = __toESM(require_io());
|
||||
var toolcache = __toESM(require_tool_cache());
|
||||
var semver4 = __toESM(require_semver2());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var MIN_REQUIRED_BSD_TAR_VERSION = "3.4.3";
|
||||
var MIN_REQUIRED_GNU_TAR_VERSION = "1.31";
|
||||
async function getTarVersion() {
|
||||
@@ -129582,9 +129689,9 @@ async function isZstdAvailable(logger) {
|
||||
case "gnu":
|
||||
return {
|
||||
available: foundZstdBinary && // GNU tar only uses major and minor version numbers
|
||||
semver4.gte(
|
||||
semver4.coerce(version),
|
||||
semver4.coerce(MIN_REQUIRED_GNU_TAR_VERSION)
|
||||
semver5.gte(
|
||||
semver5.coerce(version),
|
||||
semver5.coerce(MIN_REQUIRED_GNU_TAR_VERSION)
|
||||
),
|
||||
foundZstdBinary,
|
||||
version: tarVersion
|
||||
@@ -129593,7 +129700,7 @@ async function isZstdAvailable(logger) {
|
||||
return {
|
||||
available: foundZstdBinary && // Do a loose comparison since these version numbers don't contain
|
||||
// a patch version number.
|
||||
semver4.gte(version, MIN_REQUIRED_BSD_TAR_VERSION),
|
||||
semver5.gte(version, MIN_REQUIRED_BSD_TAR_VERSION),
|
||||
foundZstdBinary,
|
||||
version: tarVersion
|
||||
};
|
||||
@@ -129608,7 +129715,7 @@ async function isZstdAvailable(logger) {
|
||||
}
|
||||
}
|
||||
async function extract(tarPath, dest, compressionMethod, tarVersion, logger) {
|
||||
fs8.mkdirSync(dest, { recursive: true });
|
||||
fs10.mkdirSync(dest, { recursive: true });
|
||||
switch (compressionMethod) {
|
||||
case "gzip":
|
||||
return await toolcache.extractTar(tarPath, dest);
|
||||
@@ -129692,15 +129799,15 @@ function inferCompressionMethod(tarPath) {
|
||||
}
|
||||
|
||||
// src/tools-download.ts
|
||||
var fs9 = __toESM(require("fs"));
|
||||
var fs11 = __toESM(require("fs"));
|
||||
var os = __toESM(require("os"));
|
||||
var path9 = __toESM(require("path"));
|
||||
var path11 = __toESM(require("path"));
|
||||
var import_perf_hooks = require("perf_hooks");
|
||||
var core8 = __toESM(require_core());
|
||||
var core9 = __toESM(require_core());
|
||||
var import_http_client = __toESM(require_lib());
|
||||
var toolcache2 = __toESM(require_tool_cache());
|
||||
var import_follow_redirects = __toESM(require_follow_redirects());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var STREAMING_HIGH_WATERMARK_BYTES = 4 * 1024 * 1024;
|
||||
var TOOLCACHE_TOOL_NAME = "CodeQL";
|
||||
function makeDownloadFirstToolsDownloadDurations(downloadDurationMs, extractionDurationMs) {
|
||||
@@ -129750,10 +129857,10 @@ async function downloadAndExtract(codeqlURL, compressionMethod, dest, authorizat
|
||||
};
|
||||
}
|
||||
} catch (e) {
|
||||
core8.warning(
|
||||
core9.warning(
|
||||
`Failed to download and extract CodeQL bundle using streaming with error: ${getErrorMessage(e)}`
|
||||
);
|
||||
core8.warning(`Falling back to downloading the bundle before extracting.`);
|
||||
core9.warning(`Falling back to downloading the bundle before extracting.`);
|
||||
await cleanUpGlob(dest, "CodeQL bundle", logger);
|
||||
}
|
||||
const toolsDownloadStart = import_perf_hooks.performance.now();
|
||||
@@ -129799,7 +129906,7 @@ async function downloadAndExtract(codeqlURL, compressionMethod, dest, authorizat
|
||||
};
|
||||
}
|
||||
async function downloadAndExtractZstdWithStreaming(codeqlURL, dest, authorization, headers, tarVersion, logger) {
|
||||
fs9.mkdirSync(dest, { recursive: true });
|
||||
fs11.mkdirSync(dest, { recursive: true });
|
||||
const agent = new import_http_client.HttpClient().getAgent(codeqlURL);
|
||||
headers = Object.assign(
|
||||
{ "User-Agent": "CodeQL Action" },
|
||||
@@ -129827,16 +129934,16 @@ async function downloadAndExtractZstdWithStreaming(codeqlURL, dest, authorizatio
|
||||
await extractTarZst(response, dest, tarVersion, logger);
|
||||
}
|
||||
function getToolcacheDirectory(version) {
|
||||
return path9.join(
|
||||
return path11.join(
|
||||
getRequiredEnvParam("RUNNER_TOOL_CACHE"),
|
||||
TOOLCACHE_TOOL_NAME,
|
||||
semver5.clean(version) || version,
|
||||
semver6.clean(version) || version,
|
||||
os.arch() || ""
|
||||
);
|
||||
}
|
||||
function writeToolcacheMarkerFile(extractedPath, logger) {
|
||||
const markerFilePath = `${extractedPath}.complete`;
|
||||
fs9.writeFileSync(markerFilePath, "");
|
||||
fs11.writeFileSync(markerFilePath, "");
|
||||
logger.info(`Created toolcache marker file ${markerFilePath}`);
|
||||
}
|
||||
function sanitizeUrlForStatusReport(url2) {
|
||||
@@ -129951,13 +130058,13 @@ function tryGetTagNameFromUrl(url2, logger) {
|
||||
return match[1];
|
||||
}
|
||||
function convertToSemVer(version, logger) {
|
||||
if (!semver6.valid(version)) {
|
||||
if (!semver7.valid(version)) {
|
||||
logger.debug(
|
||||
`Bundle version ${version} is not in SemVer format. Will treat it as pre-release 0.0.0-${version}.`
|
||||
);
|
||||
version = `0.0.0-${version}`;
|
||||
}
|
||||
const s = semver6.clean(version);
|
||||
const s = semver7.clean(version);
|
||||
if (!s) {
|
||||
throw new Error(`Bundle version ${version} is not in SemVer format.`);
|
||||
}
|
||||
@@ -129967,7 +130074,7 @@ async function findOverridingToolsInCache(humanReadableVersion, logger) {
|
||||
const candidates = toolcache3.findAllVersions("CodeQL").filter(isGoodVersion).map((version) => ({
|
||||
folder: toolcache3.find("CodeQL", version),
|
||||
version
|
||||
})).filter(({ folder }) => fs10.existsSync(path10.join(folder, "pinned-version")));
|
||||
})).filter(({ folder }) => fs12.existsSync(path12.join(folder, "pinned-version")));
|
||||
if (candidates.length === 1) {
|
||||
const candidate = candidates[0];
|
||||
logger.debug(
|
||||
@@ -130027,7 +130134,7 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
|
||||
url2 = toolsInput;
|
||||
if (tagName) {
|
||||
const bundleVersion3 = tryGetBundleVersionFromTagName(tagName, logger);
|
||||
if (bundleVersion3 && semver6.valid(bundleVersion3)) {
|
||||
if (bundleVersion3 && semver7.valid(bundleVersion3)) {
|
||||
cliVersion2 = convertToSemVer(bundleVersion3, logger);
|
||||
}
|
||||
}
|
||||
@@ -130296,11 +130403,11 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defau
|
||||
async function useZstdBundle(cliVersion2, tarSupportsZstd) {
|
||||
return (
|
||||
// In testing, gzip performs better than zstd on Windows.
|
||||
process.platform !== "win32" && tarSupportsZstd && semver6.gte(cliVersion2, CODEQL_VERSION_ZSTD_BUNDLE)
|
||||
process.platform !== "win32" && tarSupportsZstd && semver7.gte(cliVersion2, CODEQL_VERSION_ZSTD_BUNDLE)
|
||||
);
|
||||
}
|
||||
function getTempExtractionDir(tempDir) {
|
||||
return path10.join(tempDir, v4_default());
|
||||
return path12.join(tempDir, v4_default());
|
||||
}
|
||||
|
||||
// src/tracer-config.ts
|
||||
@@ -130343,7 +130450,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV
|
||||
toolsDownloadStatusReport
|
||||
)}`
|
||||
);
|
||||
let codeqlCmd = path11.join(codeqlFolder, "codeql", "codeql");
|
||||
let codeqlCmd = path13.join(codeqlFolder, "codeql", "codeql");
|
||||
if (process.platform === "win32") {
|
||||
codeqlCmd += ".exe";
|
||||
} else if (process.platform !== "linux" && process.platform !== "darwin") {
|
||||
@@ -130404,12 +130511,12 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async isTracedLanguage(language) {
|
||||
const extractorPath = await this.resolveExtractor(language);
|
||||
const tracingConfigPath = path11.join(
|
||||
const tracingConfigPath = path13.join(
|
||||
extractorPath,
|
||||
"tools",
|
||||
"tracing-config.lua"
|
||||
);
|
||||
return fs11.existsSync(tracingConfigPath);
|
||||
return fs13.existsSync(tracingConfigPath);
|
||||
},
|
||||
async isScannedLanguage(language) {
|
||||
return !await this.isTracedLanguage(language);
|
||||
@@ -130480,7 +130587,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async runAutobuild(config, language) {
|
||||
applyAutobuildAzurePipelinesTimeoutFix();
|
||||
const autobuildCmd = path11.join(
|
||||
const autobuildCmd = path13.join(
|
||||
await this.resolveExtractor(language),
|
||||
"tools",
|
||||
process.platform === "win32" ? "autobuild.cmd" : "autobuild.sh"
|
||||
@@ -130801,12 +130908,12 @@ ${output}`
|
||||
);
|
||||
} else if (checkVersion && process.env["CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */] !== "true" && !await codeQlVersionAtLeast(codeql, CODEQL_NEXT_MINIMUM_VERSION)) {
|
||||
const result = await codeql.getVersion();
|
||||
core9.warning(
|
||||
core10.warning(
|
||||
`CodeQL CLI version ${result.version} was discontinued on ${GHES_MOST_RECENT_DEPRECATION_DATE} alongside GitHub Enterprise Server ${GHES_VERSION_MOST_RECENTLY_DEPRECATED} and will not be supported by the next minor release of the CodeQL Action. Please update to CodeQL CLI version ${CODEQL_NEXT_MINIMUM_VERSION} or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
|
||||
|
||||
Alternatively, if you want to continue using CodeQL CLI version ${result.version}, you can replace 'github/codeql-action/*@v${getActionVersion().split(".")[0]}' by 'github/codeql-action/*@v${getActionVersion()}' in your code scanning workflow to continue using this version of the CodeQL Action.`
|
||||
);
|
||||
core9.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
core10.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
}
|
||||
return codeql;
|
||||
}
|
||||
@@ -130858,13 +130965,17 @@ async function runCli(cmd, args = [], opts = {}) {
|
||||
}
|
||||
async function writeCodeScanningConfigFile(config, logger) {
|
||||
const codeScanningConfigFile = getGeneratedCodeScanningConfigPath(config);
|
||||
const augmentedConfig = appendExtraQueryExclusions(
|
||||
config.extraQueryExclusions,
|
||||
config.computedConfig
|
||||
);
|
||||
logger.info(
|
||||
`Writing augmented user configuration file to ${codeScanningConfigFile}`
|
||||
);
|
||||
logger.startGroup("Augmented user configuration file contents");
|
||||
logger.info(dump(config.computedConfig));
|
||||
logger.info(dump(augmentedConfig));
|
||||
logger.endGroup();
|
||||
fs11.writeFileSync(codeScanningConfigFile, dump(config.computedConfig));
|
||||
fs13.writeFileSync(codeScanningConfigFile, dump(augmentedConfig));
|
||||
return codeScanningConfigFile;
|
||||
}
|
||||
var TRAP_CACHE_SIZE_MB = 1024;
|
||||
@@ -130887,7 +130998,7 @@ async function getTrapCachingExtractorConfigArgsForLang(config, language) {
|
||||
];
|
||||
}
|
||||
function getGeneratedCodeScanningConfigPath(config) {
|
||||
return path11.resolve(config.tempDir, "user-config.yaml");
|
||||
return path13.resolve(config.tempDir, "user-config.yaml");
|
||||
}
|
||||
function getExtractionVerbosityArguments(enableDebugLogging) {
|
||||
return enableDebugLogging ? [`--verbosity=${EXTRACTION_DEBUG_MODE_VERBOSITY}`] : [];
|
||||
@@ -130907,90 +131018,6 @@ async function getJobRunUuidSarifOptions(codeql) {
|
||||
) ? [`--sarif-run-property=jobRunUuid=${jobRunUuid}`] : [];
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs13 = __toESM(require("fs"));
|
||||
var path13 = __toESM(require("path"));
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// src/analyses.ts
|
||||
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
AnalysisKind2["CodeScanning"] = "code-scanning";
|
||||
AnalysisKind2["CodeQuality"] = "code-quality";
|
||||
return AnalysisKind2;
|
||||
})(AnalysisKind || {});
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core10 = __toESM(require_core());
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
var fs12 = __toESM(require("fs"));
|
||||
var path12 = __toESM(require("path"));
|
||||
function getDiffRangesJsonFilePath() {
|
||||
return path12.join(getTemporaryDirectory(), "pr-diff-range.json");
|
||||
}
|
||||
function readDiffRangesJsonFile(logger) {
|
||||
const jsonFilePath = getDiffRangesJsonFilePath();
|
||||
if (!fs12.existsSync(jsonFilePath)) {
|
||||
logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
|
||||
return void 0;
|
||||
}
|
||||
const jsonContents = fs12.readFileSync(jsonFilePath, "utf8");
|
||||
logger.debug(
|
||||
`Read pr-diff-range JSON file from ${jsonFilePath}:
|
||||
${jsonContents}`
|
||||
);
|
||||
return JSON.parse(jsonContents);
|
||||
}
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path13.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs13.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs13.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
|
||||
// src/debug-artifacts.ts
|
||||
var fs15 = __toESM(require("fs"));
|
||||
var path15 = __toESM(require("path"));
|
||||
|
||||
Generated
+17
-9
@@ -87304,6 +87304,7 @@ async function getDefaultConfig({
|
||||
trapCaches,
|
||||
trapCacheDownloadTime,
|
||||
dependencyCachingEnabled: getCachingKind(dependencyCachingEnabled),
|
||||
extraQueryExclusions: [],
|
||||
overlayDatabaseMode: "none" /* None */,
|
||||
useOverlayDatabaseCaching: false
|
||||
};
|
||||
@@ -87349,8 +87350,7 @@ async function calculateAugmentation(rawPacksInput, rawQueriesInput, languages)
|
||||
packsInputCombines,
|
||||
packsInput: packsInput?.[languages[0]],
|
||||
queriesInput,
|
||||
queriesInputCombines,
|
||||
extraQueryExclusions: []
|
||||
queriesInputCombines
|
||||
};
|
||||
}
|
||||
function parseQueriesFromInput(rawQueriesInput, queriesInputCombines) {
|
||||
@@ -87627,10 +87627,7 @@ async function initConfig(inputs) {
|
||||
inputs.features,
|
||||
logger
|
||||
)) {
|
||||
if (config.computedConfig["query-filters"] === void 0) {
|
||||
config.computedConfig["query-filters"] = [];
|
||||
}
|
||||
config.computedConfig["query-filters"].push({
|
||||
config.extraQueryExclusions.push({
|
||||
exclude: { tags: "exclude-from-incremental" }
|
||||
});
|
||||
}
|
||||
@@ -87823,13 +87820,20 @@ function generateCodeScanningConfig(originalUserInput, augmentationProperties) {
|
||||
if (Array.isArray(augmentedConfig.packs) && !augmentedConfig.packs.length) {
|
||||
delete augmentedConfig.packs;
|
||||
}
|
||||
return augmentedConfig;
|
||||
}
|
||||
function appendExtraQueryExclusions(extraQueryExclusions, cliConfig) {
|
||||
if (extraQueryExclusions.length === 0) {
|
||||
return cliConfig;
|
||||
}
|
||||
const augmentedConfig = cloneObject(cliConfig);
|
||||
augmentedConfig["query-filters"] = [
|
||||
// Ordering matters. If the first filter is an inclusion, it implicitly
|
||||
// excludes all queries that are not included. If it is an exclusion,
|
||||
// it implicitly includes all queries that are not excluded. So user
|
||||
// filters (if any) should always be first to preserve intent.
|
||||
...augmentedConfig["query-filters"] || [],
|
||||
...augmentationProperties.extraQueryExclusions
|
||||
...extraQueryExclusions
|
||||
];
|
||||
if (augmentedConfig["query-filters"]?.length === 0) {
|
||||
delete augmentedConfig["query-filters"];
|
||||
@@ -89604,13 +89608,17 @@ async function runCli(cmd, args = [], opts = {}) {
|
||||
}
|
||||
async function writeCodeScanningConfigFile(config, logger) {
|
||||
const codeScanningConfigFile = getGeneratedCodeScanningConfigPath(config);
|
||||
const augmentedConfig = appendExtraQueryExclusions(
|
||||
config.extraQueryExclusions,
|
||||
config.computedConfig
|
||||
);
|
||||
logger.info(
|
||||
`Writing augmented user configuration file to ${codeScanningConfigFile}`
|
||||
);
|
||||
logger.startGroup("Augmented user configuration file contents");
|
||||
logger.info(dump(config.computedConfig));
|
||||
logger.info(dump(augmentedConfig));
|
||||
logger.endGroup();
|
||||
fs14.writeFileSync(codeScanningConfigFile, dump(config.computedConfig));
|
||||
fs14.writeFileSync(codeScanningConfigFile, dump(augmentedConfig));
|
||||
return codeScanningConfigFile;
|
||||
}
|
||||
var TRAP_CACHE_SIZE_MB = 1024;
|
||||
|
||||
Generated
+27
-2
@@ -77720,6 +77720,9 @@ function checkActionVersion(version, githubVersion) {
|
||||
}
|
||||
}
|
||||
}
|
||||
function cloneObject(obj) {
|
||||
return JSON.parse(JSON.stringify(obj));
|
||||
}
|
||||
async function checkSipEnablement(logger) {
|
||||
if (process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */] !== void 0 && ["true", "false"].includes(process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */])) {
|
||||
return process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */] === "true";
|
||||
@@ -78690,6 +78693,24 @@ async function getConfig(tempDir, logger) {
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
function appendExtraQueryExclusions(extraQueryExclusions, cliConfig) {
|
||||
if (extraQueryExclusions.length === 0) {
|
||||
return cliConfig;
|
||||
}
|
||||
const augmentedConfig = cloneObject(cliConfig);
|
||||
augmentedConfig["query-filters"] = [
|
||||
// Ordering matters. If the first filter is an inclusion, it implicitly
|
||||
// excludes all queries that are not included. If it is an exclusion,
|
||||
// it implicitly includes all queries that are not excluded. So user
|
||||
// filters (if any) should always be first to preserve intent.
|
||||
...augmentedConfig["query-filters"] || [],
|
||||
...extraQueryExclusions
|
||||
];
|
||||
if (augmentedConfig["query-filters"]?.length === 0) {
|
||||
delete augmentedConfig["query-filters"];
|
||||
}
|
||||
return augmentedConfig;
|
||||
}
|
||||
|
||||
// src/codeql.ts
|
||||
var fs4 = __toESM(require("fs"));
|
||||
@@ -79225,13 +79246,17 @@ async function runCli(cmd, args = [], opts = {}) {
|
||||
}
|
||||
async function writeCodeScanningConfigFile(config, logger) {
|
||||
const codeScanningConfigFile = getGeneratedCodeScanningConfigPath(config);
|
||||
const augmentedConfig = appendExtraQueryExclusions(
|
||||
config.extraQueryExclusions,
|
||||
config.computedConfig
|
||||
);
|
||||
logger.info(
|
||||
`Writing augmented user configuration file to ${codeScanningConfigFile}`
|
||||
);
|
||||
logger.startGroup("Augmented user configuration file contents");
|
||||
logger.info(dump(config.computedConfig));
|
||||
logger.info(dump(augmentedConfig));
|
||||
logger.endGroup();
|
||||
fs4.writeFileSync(codeScanningConfigFile, dump(config.computedConfig));
|
||||
fs4.writeFileSync(codeScanningConfigFile, dump(augmentedConfig));
|
||||
return codeScanningConfigFile;
|
||||
}
|
||||
var TRAP_CACHE_SIZE_MB = 1024;
|
||||
|
||||
Generated
+154
-127
@@ -88331,6 +88331,9 @@ function satisfiesGHESVersion(ghesVersion, range, defaultIfInvalid) {
|
||||
semverVersion.prerelease = [];
|
||||
return semver.satisfies(semverVersion, range);
|
||||
}
|
||||
function cloneObject(obj) {
|
||||
return JSON.parse(JSON.stringify(obj));
|
||||
}
|
||||
async function cleanUpGlob(glob, name, logger) {
|
||||
logger.debug(`Cleaning up ${name}.`);
|
||||
try {
|
||||
@@ -88629,9 +88632,9 @@ function wrapApiConfigurationError(e) {
|
||||
}
|
||||
|
||||
// src/codeql.ts
|
||||
var fs9 = __toESM(require("fs"));
|
||||
var path10 = __toESM(require("path"));
|
||||
var core9 = __toESM(require_core());
|
||||
var fs11 = __toESM(require("fs"));
|
||||
var path12 = __toESM(require("path"));
|
||||
var core10 = __toESM(require_core());
|
||||
var toolrunner3 = __toESM(require_toolrunner());
|
||||
|
||||
// src/cli-errors.ts
|
||||
@@ -88871,6 +88874,26 @@ function wrapCliConfigurationError(cliError) {
|
||||
return new ConfigurationError(errorMessageBuilder);
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs7 = __toESM(require("fs"));
|
||||
var path9 = __toESM(require("path"));
|
||||
var semver4 = __toESM(require_semver2());
|
||||
|
||||
// src/analyses.ts
|
||||
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
AnalysisKind2["CodeScanning"] = "code-scanning";
|
||||
AnalysisKind2["CodeQuality"] = "code-quality";
|
||||
return AnalysisKind2;
|
||||
})(AnalysisKind || {});
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
var fs6 = __toESM(require("fs"));
|
||||
var path8 = __toESM(require("path"));
|
||||
|
||||
// src/feature-flags.ts
|
||||
var semver3 = __toESM(require_semver2());
|
||||
|
||||
@@ -88884,13 +88907,13 @@ var path7 = __toESM(require("path"));
|
||||
var actionsCache = __toESM(require_cache3());
|
||||
|
||||
// src/git-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
var core7 = __toESM(require_core());
|
||||
var toolrunner2 = __toESM(require_toolrunner());
|
||||
var io3 = __toESM(require_io());
|
||||
var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
|
||||
let stdout = "";
|
||||
let stderr = "";
|
||||
core6.debug(`Running git command: git ${args.join(" ")}`);
|
||||
core7.debug(`Running git command: git ${args.join(" ")}`);
|
||||
try {
|
||||
await new toolrunner2.ToolRunner(await io3.which("git", true), args, {
|
||||
silent: true,
|
||||
@@ -88910,7 +88933,7 @@ var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
|
||||
if (stderr.includes("not a git repository")) {
|
||||
reason = "The checkout path provided to the action does not appear to be a git repository.";
|
||||
}
|
||||
core6.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
|
||||
core7.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
|
||||
throw error2;
|
||||
}
|
||||
};
|
||||
@@ -89055,7 +89078,7 @@ async function getRef() {
|
||||
) !== head;
|
||||
if (hasChangedRef) {
|
||||
const newRef = ref.replace(pull_ref_regex, "refs/pull/$1/head");
|
||||
core6.debug(
|
||||
core7.debug(
|
||||
`No longer on merge commit, rewriting ref from ${ref} to ${newRef}.`
|
||||
);
|
||||
return newRef;
|
||||
@@ -89081,7 +89104,7 @@ async function isAnalyzingDefaultBranch() {
|
||||
}
|
||||
|
||||
// src/logging.ts
|
||||
var core7 = __toESM(require_core());
|
||||
var core8 = __toESM(require_core());
|
||||
function formatDuration(durationMs) {
|
||||
if (durationMs < 1e3) {
|
||||
return `${durationMs}ms`;
|
||||
@@ -89322,12 +89345,96 @@ var featureConfig = {
|
||||
}
|
||||
};
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
function getDiffRangesJsonFilePath() {
|
||||
return path8.join(getTemporaryDirectory(), "pr-diff-range.json");
|
||||
}
|
||||
function readDiffRangesJsonFile(logger) {
|
||||
const jsonFilePath = getDiffRangesJsonFilePath();
|
||||
if (!fs6.existsSync(jsonFilePath)) {
|
||||
logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
|
||||
return void 0;
|
||||
}
|
||||
const jsonContents = fs6.readFileSync(jsonFilePath, "utf8");
|
||||
logger.debug(
|
||||
`Read pr-diff-range JSON file from ${jsonFilePath}:
|
||||
${jsonContents}`
|
||||
);
|
||||
return JSON.parse(jsonContents);
|
||||
}
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path9.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs7.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs7.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
function appendExtraQueryExclusions(extraQueryExclusions, cliConfig) {
|
||||
if (extraQueryExclusions.length === 0) {
|
||||
return cliConfig;
|
||||
}
|
||||
const augmentedConfig = cloneObject(cliConfig);
|
||||
augmentedConfig["query-filters"] = [
|
||||
// Ordering matters. If the first filter is an inclusion, it implicitly
|
||||
// excludes all queries that are not included. If it is an exclusion,
|
||||
// it implicitly includes all queries that are not excluded. So user
|
||||
// filters (if any) should always be first to preserve intent.
|
||||
...augmentedConfig["query-filters"] || [],
|
||||
...extraQueryExclusions
|
||||
];
|
||||
if (augmentedConfig["query-filters"]?.length === 0) {
|
||||
delete augmentedConfig["query-filters"];
|
||||
}
|
||||
return augmentedConfig;
|
||||
}
|
||||
|
||||
// src/setup-codeql.ts
|
||||
var fs8 = __toESM(require("fs"));
|
||||
var path9 = __toESM(require("path"));
|
||||
var fs10 = __toESM(require("fs"));
|
||||
var path11 = __toESM(require("path"));
|
||||
var toolcache3 = __toESM(require_tool_cache());
|
||||
var import_fast_deep_equal = __toESM(require_fast_deep_equal());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// node_modules/uuid/dist/esm/stringify.js
|
||||
var byteToHex = [];
|
||||
@@ -89382,12 +89489,12 @@ var v4_default = v4;
|
||||
|
||||
// src/tar.ts
|
||||
var import_child_process = require("child_process");
|
||||
var fs6 = __toESM(require("fs"));
|
||||
var fs8 = __toESM(require("fs"));
|
||||
var stream = __toESM(require("stream"));
|
||||
var import_toolrunner = __toESM(require_toolrunner());
|
||||
var io4 = __toESM(require_io());
|
||||
var toolcache = __toESM(require_tool_cache());
|
||||
var semver4 = __toESM(require_semver2());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var MIN_REQUIRED_BSD_TAR_VERSION = "3.4.3";
|
||||
var MIN_REQUIRED_GNU_TAR_VERSION = "1.31";
|
||||
async function getTarVersion() {
|
||||
@@ -89429,9 +89536,9 @@ async function isZstdAvailable(logger) {
|
||||
case "gnu":
|
||||
return {
|
||||
available: foundZstdBinary && // GNU tar only uses major and minor version numbers
|
||||
semver4.gte(
|
||||
semver4.coerce(version),
|
||||
semver4.coerce(MIN_REQUIRED_GNU_TAR_VERSION)
|
||||
semver5.gte(
|
||||
semver5.coerce(version),
|
||||
semver5.coerce(MIN_REQUIRED_GNU_TAR_VERSION)
|
||||
),
|
||||
foundZstdBinary,
|
||||
version: tarVersion
|
||||
@@ -89440,7 +89547,7 @@ async function isZstdAvailable(logger) {
|
||||
return {
|
||||
available: foundZstdBinary && // Do a loose comparison since these version numbers don't contain
|
||||
// a patch version number.
|
||||
semver4.gte(version, MIN_REQUIRED_BSD_TAR_VERSION),
|
||||
semver5.gte(version, MIN_REQUIRED_BSD_TAR_VERSION),
|
||||
foundZstdBinary,
|
||||
version: tarVersion
|
||||
};
|
||||
@@ -89455,7 +89562,7 @@ async function isZstdAvailable(logger) {
|
||||
}
|
||||
}
|
||||
async function extract(tarPath, dest, compressionMethod, tarVersion, logger) {
|
||||
fs6.mkdirSync(dest, { recursive: true });
|
||||
fs8.mkdirSync(dest, { recursive: true });
|
||||
switch (compressionMethod) {
|
||||
case "gzip":
|
||||
return await toolcache.extractTar(tarPath, dest);
|
||||
@@ -89539,15 +89646,15 @@ function inferCompressionMethod(tarPath) {
|
||||
}
|
||||
|
||||
// src/tools-download.ts
|
||||
var fs7 = __toESM(require("fs"));
|
||||
var fs9 = __toESM(require("fs"));
|
||||
var os = __toESM(require("os"));
|
||||
var path8 = __toESM(require("path"));
|
||||
var path10 = __toESM(require("path"));
|
||||
var import_perf_hooks = require("perf_hooks");
|
||||
var core8 = __toESM(require_core());
|
||||
var core9 = __toESM(require_core());
|
||||
var import_http_client = __toESM(require_lib());
|
||||
var toolcache2 = __toESM(require_tool_cache());
|
||||
var import_follow_redirects = __toESM(require_follow_redirects());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var STREAMING_HIGH_WATERMARK_BYTES = 4 * 1024 * 1024;
|
||||
var TOOLCACHE_TOOL_NAME = "CodeQL";
|
||||
function makeDownloadFirstToolsDownloadDurations(downloadDurationMs, extractionDurationMs) {
|
||||
@@ -89597,10 +89704,10 @@ async function downloadAndExtract(codeqlURL, compressionMethod, dest, authorizat
|
||||
};
|
||||
}
|
||||
} catch (e) {
|
||||
core8.warning(
|
||||
core9.warning(
|
||||
`Failed to download and extract CodeQL bundle using streaming with error: ${getErrorMessage(e)}`
|
||||
);
|
||||
core8.warning(`Falling back to downloading the bundle before extracting.`);
|
||||
core9.warning(`Falling back to downloading the bundle before extracting.`);
|
||||
await cleanUpGlob(dest, "CodeQL bundle", logger);
|
||||
}
|
||||
const toolsDownloadStart = import_perf_hooks.performance.now();
|
||||
@@ -89646,7 +89753,7 @@ async function downloadAndExtract(codeqlURL, compressionMethod, dest, authorizat
|
||||
};
|
||||
}
|
||||
async function downloadAndExtractZstdWithStreaming(codeqlURL, dest, authorization, headers, tarVersion, logger) {
|
||||
fs7.mkdirSync(dest, { recursive: true });
|
||||
fs9.mkdirSync(dest, { recursive: true });
|
||||
const agent = new import_http_client.HttpClient().getAgent(codeqlURL);
|
||||
headers = Object.assign(
|
||||
{ "User-Agent": "CodeQL Action" },
|
||||
@@ -89674,16 +89781,16 @@ async function downloadAndExtractZstdWithStreaming(codeqlURL, dest, authorizatio
|
||||
await extractTarZst(response, dest, tarVersion, logger);
|
||||
}
|
||||
function getToolcacheDirectory(version) {
|
||||
return path8.join(
|
||||
return path10.join(
|
||||
getRequiredEnvParam("RUNNER_TOOL_CACHE"),
|
||||
TOOLCACHE_TOOL_NAME,
|
||||
semver5.clean(version) || version,
|
||||
semver6.clean(version) || version,
|
||||
os.arch() || ""
|
||||
);
|
||||
}
|
||||
function writeToolcacheMarkerFile(extractedPath, logger) {
|
||||
const markerFilePath = `${extractedPath}.complete`;
|
||||
fs7.writeFileSync(markerFilePath, "");
|
||||
fs9.writeFileSync(markerFilePath, "");
|
||||
logger.info(`Created toolcache marker file ${markerFilePath}`);
|
||||
}
|
||||
function sanitizeUrlForStatusReport(url2) {
|
||||
@@ -89798,13 +89905,13 @@ function tryGetTagNameFromUrl(url2, logger) {
|
||||
return match[1];
|
||||
}
|
||||
function convertToSemVer(version, logger) {
|
||||
if (!semver6.valid(version)) {
|
||||
if (!semver7.valid(version)) {
|
||||
logger.debug(
|
||||
`Bundle version ${version} is not in SemVer format. Will treat it as pre-release 0.0.0-${version}.`
|
||||
);
|
||||
version = `0.0.0-${version}`;
|
||||
}
|
||||
const s = semver6.clean(version);
|
||||
const s = semver7.clean(version);
|
||||
if (!s) {
|
||||
throw new Error(`Bundle version ${version} is not in SemVer format.`);
|
||||
}
|
||||
@@ -89814,7 +89921,7 @@ async function findOverridingToolsInCache(humanReadableVersion, logger) {
|
||||
const candidates = toolcache3.findAllVersions("CodeQL").filter(isGoodVersion).map((version) => ({
|
||||
folder: toolcache3.find("CodeQL", version),
|
||||
version
|
||||
})).filter(({ folder }) => fs8.existsSync(path9.join(folder, "pinned-version")));
|
||||
})).filter(({ folder }) => fs10.existsSync(path11.join(folder, "pinned-version")));
|
||||
if (candidates.length === 1) {
|
||||
const candidate = candidates[0];
|
||||
logger.debug(
|
||||
@@ -89874,7 +89981,7 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
|
||||
url2 = toolsInput;
|
||||
if (tagName) {
|
||||
const bundleVersion3 = tryGetBundleVersionFromTagName(tagName, logger);
|
||||
if (bundleVersion3 && semver6.valid(bundleVersion3)) {
|
||||
if (bundleVersion3 && semver7.valid(bundleVersion3)) {
|
||||
cliVersion2 = convertToSemVer(bundleVersion3, logger);
|
||||
}
|
||||
}
|
||||
@@ -90143,11 +90250,11 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defau
|
||||
async function useZstdBundle(cliVersion2, tarSupportsZstd) {
|
||||
return (
|
||||
// In testing, gzip performs better than zstd on Windows.
|
||||
process.platform !== "win32" && tarSupportsZstd && semver6.gte(cliVersion2, CODEQL_VERSION_ZSTD_BUNDLE)
|
||||
process.platform !== "win32" && tarSupportsZstd && semver7.gte(cliVersion2, CODEQL_VERSION_ZSTD_BUNDLE)
|
||||
);
|
||||
}
|
||||
function getTempExtractionDir(tempDir) {
|
||||
return path9.join(tempDir, v4_default());
|
||||
return path11.join(tempDir, v4_default());
|
||||
}
|
||||
|
||||
// src/tracer-config.ts
|
||||
@@ -90190,7 +90297,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV
|
||||
toolsDownloadStatusReport
|
||||
)}`
|
||||
);
|
||||
let codeqlCmd = path10.join(codeqlFolder, "codeql", "codeql");
|
||||
let codeqlCmd = path12.join(codeqlFolder, "codeql", "codeql");
|
||||
if (process.platform === "win32") {
|
||||
codeqlCmd += ".exe";
|
||||
} else if (process.platform !== "linux" && process.platform !== "darwin") {
|
||||
@@ -90251,12 +90358,12 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async isTracedLanguage(language) {
|
||||
const extractorPath = await this.resolveExtractor(language);
|
||||
const tracingConfigPath = path10.join(
|
||||
const tracingConfigPath = path12.join(
|
||||
extractorPath,
|
||||
"tools",
|
||||
"tracing-config.lua"
|
||||
);
|
||||
return fs9.existsSync(tracingConfigPath);
|
||||
return fs11.existsSync(tracingConfigPath);
|
||||
},
|
||||
async isScannedLanguage(language) {
|
||||
return !await this.isTracedLanguage(language);
|
||||
@@ -90327,7 +90434,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async runAutobuild(config, language) {
|
||||
applyAutobuildAzurePipelinesTimeoutFix();
|
||||
const autobuildCmd = path10.join(
|
||||
const autobuildCmd = path12.join(
|
||||
await this.resolveExtractor(language),
|
||||
"tools",
|
||||
process.platform === "win32" ? "autobuild.cmd" : "autobuild.sh"
|
||||
@@ -90648,12 +90755,12 @@ ${output}`
|
||||
);
|
||||
} else if (checkVersion && process.env["CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */] !== "true" && !await codeQlVersionAtLeast(codeql, CODEQL_NEXT_MINIMUM_VERSION)) {
|
||||
const result = await codeql.getVersion();
|
||||
core9.warning(
|
||||
core10.warning(
|
||||
`CodeQL CLI version ${result.version} was discontinued on ${GHES_MOST_RECENT_DEPRECATION_DATE} alongside GitHub Enterprise Server ${GHES_VERSION_MOST_RECENTLY_DEPRECATED} and will not be supported by the next minor release of the CodeQL Action. Please update to CodeQL CLI version ${CODEQL_NEXT_MINIMUM_VERSION} or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
|
||||
|
||||
Alternatively, if you want to continue using CodeQL CLI version ${result.version}, you can replace 'github/codeql-action/*@v${getActionVersion().split(".")[0]}' by 'github/codeql-action/*@v${getActionVersion()}' in your code scanning workflow to continue using this version of the CodeQL Action.`
|
||||
);
|
||||
core9.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
core10.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
}
|
||||
return codeql;
|
||||
}
|
||||
@@ -90705,13 +90812,17 @@ async function runCli(cmd, args = [], opts = {}) {
|
||||
}
|
||||
async function writeCodeScanningConfigFile(config, logger) {
|
||||
const codeScanningConfigFile = getGeneratedCodeScanningConfigPath(config);
|
||||
const augmentedConfig = appendExtraQueryExclusions(
|
||||
config.extraQueryExclusions,
|
||||
config.computedConfig
|
||||
);
|
||||
logger.info(
|
||||
`Writing augmented user configuration file to ${codeScanningConfigFile}`
|
||||
);
|
||||
logger.startGroup("Augmented user configuration file contents");
|
||||
logger.info(dump(config.computedConfig));
|
||||
logger.info(dump(augmentedConfig));
|
||||
logger.endGroup();
|
||||
fs9.writeFileSync(codeScanningConfigFile, dump(config.computedConfig));
|
||||
fs11.writeFileSync(codeScanningConfigFile, dump(augmentedConfig));
|
||||
return codeScanningConfigFile;
|
||||
}
|
||||
var TRAP_CACHE_SIZE_MB = 1024;
|
||||
@@ -90734,7 +90845,7 @@ async function getTrapCachingExtractorConfigArgsForLang(config, language) {
|
||||
];
|
||||
}
|
||||
function getGeneratedCodeScanningConfigPath(config) {
|
||||
return path10.resolve(config.tempDir, "user-config.yaml");
|
||||
return path12.resolve(config.tempDir, "user-config.yaml");
|
||||
}
|
||||
function getExtractionVerbosityArguments(enableDebugLogging) {
|
||||
return enableDebugLogging ? [`--verbosity=${EXTRACTION_DEBUG_MODE_VERBOSITY}`] : [];
|
||||
@@ -90754,90 +90865,6 @@ async function getJobRunUuidSarifOptions(codeql) {
|
||||
) ? [`--sarif-run-property=jobRunUuid=${jobRunUuid}`] : [];
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs11 = __toESM(require("fs"));
|
||||
var path12 = __toESM(require("path"));
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// src/analyses.ts
|
||||
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
AnalysisKind2["CodeScanning"] = "code-scanning";
|
||||
AnalysisKind2["CodeQuality"] = "code-quality";
|
||||
return AnalysisKind2;
|
||||
})(AnalysisKind || {});
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core10 = __toESM(require_core());
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
var fs10 = __toESM(require("fs"));
|
||||
var path11 = __toESM(require("path"));
|
||||
function getDiffRangesJsonFilePath() {
|
||||
return path11.join(getTemporaryDirectory(), "pr-diff-range.json");
|
||||
}
|
||||
function readDiffRangesJsonFile(logger) {
|
||||
const jsonFilePath = getDiffRangesJsonFilePath();
|
||||
if (!fs10.existsSync(jsonFilePath)) {
|
||||
logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
|
||||
return void 0;
|
||||
}
|
||||
const jsonContents = fs10.readFileSync(jsonFilePath, "utf8");
|
||||
logger.debug(
|
||||
`Read pr-diff-range JSON file from ${jsonFilePath}:
|
||||
${jsonContents}`
|
||||
);
|
||||
return JSON.parse(jsonContents);
|
||||
}
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path12.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs11.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs11.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
|
||||
// src/fingerprints.ts
|
||||
var fs12 = __toESM(require("fs"));
|
||||
var import_path = __toESM(require("path"));
|
||||
|
||||
Generated
+32
-32
@@ -117149,10 +117149,10 @@ var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/autobuild.ts
|
||||
var core10 = __toESM(require_core());
|
||||
var core11 = __toESM(require_core());
|
||||
|
||||
// src/codeql.ts
|
||||
var core9 = __toESM(require_core());
|
||||
var core10 = __toESM(require_core());
|
||||
var toolrunner3 = __toESM(require_toolrunner());
|
||||
|
||||
// src/cli-errors.ts
|
||||
@@ -117288,6 +117288,12 @@ var cliErrorsConfig = {
|
||||
}
|
||||
};
|
||||
|
||||
// src/config-utils.ts
|
||||
var semver4 = __toESM(require_semver2());
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
|
||||
// src/feature-flags.ts
|
||||
var semver3 = __toESM(require_semver2());
|
||||
|
||||
@@ -117295,21 +117301,21 @@ var semver3 = __toESM(require_semver2());
|
||||
var actionsCache = __toESM(require_cache3());
|
||||
|
||||
// src/git-utils.ts
|
||||
var core6 = __toESM(require_core());
|
||||
var core7 = __toESM(require_core());
|
||||
var toolrunner2 = __toESM(require_toolrunner());
|
||||
var io3 = __toESM(require_io());
|
||||
|
||||
// src/logging.ts
|
||||
var core7 = __toESM(require_core());
|
||||
var core8 = __toESM(require_core());
|
||||
function getActionsLogger() {
|
||||
return core7;
|
||||
return core8;
|
||||
}
|
||||
function withGroup(groupName, f) {
|
||||
core7.startGroup(groupName);
|
||||
core8.startGroup(groupName);
|
||||
try {
|
||||
return f();
|
||||
} finally {
|
||||
core7.endGroup();
|
||||
core8.endGroup();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -117485,31 +117491,6 @@ var featureConfig = {
|
||||
}
|
||||
};
|
||||
|
||||
// src/setup-codeql.ts
|
||||
var toolcache3 = __toESM(require_tool_cache());
|
||||
var import_fast_deep_equal = __toESM(require_fast_deep_equal());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
|
||||
// src/tar.ts
|
||||
var import_toolrunner = __toESM(require_toolrunner());
|
||||
var io4 = __toESM(require_io());
|
||||
var toolcache = __toESM(require_tool_cache());
|
||||
var semver4 = __toESM(require_semver2());
|
||||
|
||||
// src/tools-download.ts
|
||||
var core8 = __toESM(require_core());
|
||||
var import_http_client = __toESM(require_lib());
|
||||
var toolcache2 = __toESM(require_tool_cache());
|
||||
var import_follow_redirects = __toESM(require_follow_redirects());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var STREAMING_HIGH_WATERMARK_BYTES = 4 * 1024 * 1024;
|
||||
|
||||
// src/config-utils.ts
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core11 = __toESM(require_core());
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
@@ -117545,6 +117526,25 @@ var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
|
||||
// src/setup-codeql.ts
|
||||
var toolcache3 = __toESM(require_tool_cache());
|
||||
var import_fast_deep_equal = __toESM(require_fast_deep_equal());
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// src/tar.ts
|
||||
var import_toolrunner = __toESM(require_toolrunner());
|
||||
var io4 = __toESM(require_io());
|
||||
var toolcache = __toESM(require_tool_cache());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
|
||||
// src/tools-download.ts
|
||||
var core9 = __toESM(require_core());
|
||||
var import_http_client = __toESM(require_lib());
|
||||
var toolcache2 = __toESM(require_tool_cache());
|
||||
var import_follow_redirects = __toESM(require_follow_redirects());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var STREAMING_HIGH_WATERMARK_BYTES = 4 * 1024 * 1024;
|
||||
|
||||
// src/dependency-caching.ts
|
||||
var actionsCache3 = __toESM(require_cache3());
|
||||
var glob = __toESM(require_glob3());
|
||||
|
||||
Generated
+147
-122
@@ -88491,6 +88491,9 @@ function satisfiesGHESVersion(ghesVersion, range, defaultIfInvalid) {
|
||||
semverVersion.prerelease = [];
|
||||
return semver.satisfies(semverVersion, range);
|
||||
}
|
||||
function cloneObject(obj) {
|
||||
return JSON.parse(JSON.stringify(obj));
|
||||
}
|
||||
async function checkSipEnablement(logger) {
|
||||
if (process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */] !== void 0 && ["true", "false"].includes(process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */])) {
|
||||
return process.env["CODEQL_ACTION_IS_SIP_ENABLED" /* IS_SIP_ENABLED */] === "true";
|
||||
@@ -89762,9 +89765,9 @@ var core12 = __toESM(require_core());
|
||||
var jsonschema = __toESM(require_lib2());
|
||||
|
||||
// src/codeql.ts
|
||||
var fs10 = __toESM(require("fs"));
|
||||
var path11 = __toESM(require("path"));
|
||||
var core10 = __toESM(require_core());
|
||||
var fs12 = __toESM(require("fs"));
|
||||
var path13 = __toESM(require("path"));
|
||||
var core11 = __toESM(require_core());
|
||||
var toolrunner3 = __toESM(require_toolrunner());
|
||||
|
||||
// src/cli-errors.ts
|
||||
@@ -90004,12 +90007,114 @@ function wrapCliConfigurationError(cliError) {
|
||||
return new ConfigurationError(errorMessageBuilder);
|
||||
}
|
||||
|
||||
// src/setup-codeql.ts
|
||||
var fs9 = __toESM(require("fs"));
|
||||
// src/config-utils.ts
|
||||
var fs8 = __toESM(require("fs"));
|
||||
var path10 = __toESM(require("path"));
|
||||
var semver4 = __toESM(require_semver2());
|
||||
|
||||
// src/analyses.ts
|
||||
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
AnalysisKind2["CodeScanning"] = "code-scanning";
|
||||
AnalysisKind2["CodeQuality"] = "code-quality";
|
||||
return AnalysisKind2;
|
||||
})(AnalysisKind || {});
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core9 = __toESM(require_core());
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
var fs7 = __toESM(require("fs"));
|
||||
var path9 = __toESM(require("path"));
|
||||
function getDiffRangesJsonFilePath() {
|
||||
return path9.join(getTemporaryDirectory(), "pr-diff-range.json");
|
||||
}
|
||||
function readDiffRangesJsonFile(logger) {
|
||||
const jsonFilePath = getDiffRangesJsonFilePath();
|
||||
if (!fs7.existsSync(jsonFilePath)) {
|
||||
logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
|
||||
return void 0;
|
||||
}
|
||||
const jsonContents = fs7.readFileSync(jsonFilePath, "utf8");
|
||||
logger.debug(
|
||||
`Read pr-diff-range JSON file from ${jsonFilePath}:
|
||||
${jsonContents}`
|
||||
);
|
||||
return JSON.parse(jsonContents);
|
||||
}
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path10.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs8.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs8.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
function appendExtraQueryExclusions(extraQueryExclusions, cliConfig) {
|
||||
if (extraQueryExclusions.length === 0) {
|
||||
return cliConfig;
|
||||
}
|
||||
const augmentedConfig = cloneObject(cliConfig);
|
||||
augmentedConfig["query-filters"] = [
|
||||
// Ordering matters. If the first filter is an inclusion, it implicitly
|
||||
// excludes all queries that are not included. If it is an exclusion,
|
||||
// it implicitly includes all queries that are not excluded. So user
|
||||
// filters (if any) should always be first to preserve intent.
|
||||
...augmentedConfig["query-filters"] || [],
|
||||
...extraQueryExclusions
|
||||
];
|
||||
if (augmentedConfig["query-filters"]?.length === 0) {
|
||||
delete augmentedConfig["query-filters"];
|
||||
}
|
||||
return augmentedConfig;
|
||||
}
|
||||
|
||||
// src/setup-codeql.ts
|
||||
var fs11 = __toESM(require("fs"));
|
||||
var path12 = __toESM(require("path"));
|
||||
var toolcache3 = __toESM(require_tool_cache());
|
||||
var import_fast_deep_equal = __toESM(require_fast_deep_equal());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// node_modules/uuid/dist/esm/stringify.js
|
||||
var byteToHex = [];
|
||||
@@ -90064,12 +90169,12 @@ var v4_default = v4;
|
||||
|
||||
// src/tar.ts
|
||||
var import_child_process = require("child_process");
|
||||
var fs7 = __toESM(require("fs"));
|
||||
var fs9 = __toESM(require("fs"));
|
||||
var stream = __toESM(require("stream"));
|
||||
var import_toolrunner = __toESM(require_toolrunner());
|
||||
var io4 = __toESM(require_io());
|
||||
var toolcache = __toESM(require_tool_cache());
|
||||
var semver4 = __toESM(require_semver2());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var MIN_REQUIRED_BSD_TAR_VERSION = "3.4.3";
|
||||
var MIN_REQUIRED_GNU_TAR_VERSION = "1.31";
|
||||
async function getTarVersion() {
|
||||
@@ -90111,9 +90216,9 @@ async function isZstdAvailable(logger) {
|
||||
case "gnu":
|
||||
return {
|
||||
available: foundZstdBinary && // GNU tar only uses major and minor version numbers
|
||||
semver4.gte(
|
||||
semver4.coerce(version),
|
||||
semver4.coerce(MIN_REQUIRED_GNU_TAR_VERSION)
|
||||
semver5.gte(
|
||||
semver5.coerce(version),
|
||||
semver5.coerce(MIN_REQUIRED_GNU_TAR_VERSION)
|
||||
),
|
||||
foundZstdBinary,
|
||||
version: tarVersion
|
||||
@@ -90122,7 +90227,7 @@ async function isZstdAvailable(logger) {
|
||||
return {
|
||||
available: foundZstdBinary && // Do a loose comparison since these version numbers don't contain
|
||||
// a patch version number.
|
||||
semver4.gte(version, MIN_REQUIRED_BSD_TAR_VERSION),
|
||||
semver5.gte(version, MIN_REQUIRED_BSD_TAR_VERSION),
|
||||
foundZstdBinary,
|
||||
version: tarVersion
|
||||
};
|
||||
@@ -90137,7 +90242,7 @@ async function isZstdAvailable(logger) {
|
||||
}
|
||||
}
|
||||
async function extract(tarPath, dest, compressionMethod, tarVersion, logger) {
|
||||
fs7.mkdirSync(dest, { recursive: true });
|
||||
fs9.mkdirSync(dest, { recursive: true });
|
||||
switch (compressionMethod) {
|
||||
case "gzip":
|
||||
return await toolcache.extractTar(tarPath, dest);
|
||||
@@ -90221,15 +90326,15 @@ function inferCompressionMethod(tarPath) {
|
||||
}
|
||||
|
||||
// src/tools-download.ts
|
||||
var fs8 = __toESM(require("fs"));
|
||||
var fs10 = __toESM(require("fs"));
|
||||
var os2 = __toESM(require("os"));
|
||||
var path9 = __toESM(require("path"));
|
||||
var path11 = __toESM(require("path"));
|
||||
var import_perf_hooks = require("perf_hooks");
|
||||
var core9 = __toESM(require_core());
|
||||
var core10 = __toESM(require_core());
|
||||
var import_http_client = __toESM(require_lib());
|
||||
var toolcache2 = __toESM(require_tool_cache());
|
||||
var import_follow_redirects = __toESM(require_follow_redirects());
|
||||
var semver5 = __toESM(require_semver2());
|
||||
var semver6 = __toESM(require_semver2());
|
||||
var STREAMING_HIGH_WATERMARK_BYTES = 4 * 1024 * 1024;
|
||||
var TOOLCACHE_TOOL_NAME = "CodeQL";
|
||||
function makeDownloadFirstToolsDownloadDurations(downloadDurationMs, extractionDurationMs) {
|
||||
@@ -90279,10 +90384,10 @@ async function downloadAndExtract(codeqlURL, compressionMethod, dest, authorizat
|
||||
};
|
||||
}
|
||||
} catch (e) {
|
||||
core9.warning(
|
||||
core10.warning(
|
||||
`Failed to download and extract CodeQL bundle using streaming with error: ${getErrorMessage(e)}`
|
||||
);
|
||||
core9.warning(`Falling back to downloading the bundle before extracting.`);
|
||||
core10.warning(`Falling back to downloading the bundle before extracting.`);
|
||||
await cleanUpGlob(dest, "CodeQL bundle", logger);
|
||||
}
|
||||
const toolsDownloadStart = import_perf_hooks.performance.now();
|
||||
@@ -90328,7 +90433,7 @@ async function downloadAndExtract(codeqlURL, compressionMethod, dest, authorizat
|
||||
};
|
||||
}
|
||||
async function downloadAndExtractZstdWithStreaming(codeqlURL, dest, authorization, headers, tarVersion, logger) {
|
||||
fs8.mkdirSync(dest, { recursive: true });
|
||||
fs10.mkdirSync(dest, { recursive: true });
|
||||
const agent = new import_http_client.HttpClient().getAgent(codeqlURL);
|
||||
headers = Object.assign(
|
||||
{ "User-Agent": "CodeQL Action" },
|
||||
@@ -90356,16 +90461,16 @@ async function downloadAndExtractZstdWithStreaming(codeqlURL, dest, authorizatio
|
||||
await extractTarZst(response, dest, tarVersion, logger);
|
||||
}
|
||||
function getToolcacheDirectory(version) {
|
||||
return path9.join(
|
||||
return path11.join(
|
||||
getRequiredEnvParam("RUNNER_TOOL_CACHE"),
|
||||
TOOLCACHE_TOOL_NAME,
|
||||
semver5.clean(version) || version,
|
||||
semver6.clean(version) || version,
|
||||
os2.arch() || ""
|
||||
);
|
||||
}
|
||||
function writeToolcacheMarkerFile(extractedPath, logger) {
|
||||
const markerFilePath = `${extractedPath}.complete`;
|
||||
fs8.writeFileSync(markerFilePath, "");
|
||||
fs10.writeFileSync(markerFilePath, "");
|
||||
logger.info(`Created toolcache marker file ${markerFilePath}`);
|
||||
}
|
||||
function sanitizeUrlForStatusReport(url2) {
|
||||
@@ -90480,13 +90585,13 @@ function tryGetTagNameFromUrl(url2, logger) {
|
||||
return match[1];
|
||||
}
|
||||
function convertToSemVer(version, logger) {
|
||||
if (!semver6.valid(version)) {
|
||||
if (!semver7.valid(version)) {
|
||||
logger.debug(
|
||||
`Bundle version ${version} is not in SemVer format. Will treat it as pre-release 0.0.0-${version}.`
|
||||
);
|
||||
version = `0.0.0-${version}`;
|
||||
}
|
||||
const s = semver6.clean(version);
|
||||
const s = semver7.clean(version);
|
||||
if (!s) {
|
||||
throw new Error(`Bundle version ${version} is not in SemVer format.`);
|
||||
}
|
||||
@@ -90496,7 +90601,7 @@ async function findOverridingToolsInCache(humanReadableVersion, logger) {
|
||||
const candidates = toolcache3.findAllVersions("CodeQL").filter(isGoodVersion).map((version) => ({
|
||||
folder: toolcache3.find("CodeQL", version),
|
||||
version
|
||||
})).filter(({ folder }) => fs9.existsSync(path10.join(folder, "pinned-version")));
|
||||
})).filter(({ folder }) => fs11.existsSync(path12.join(folder, "pinned-version")));
|
||||
if (candidates.length === 1) {
|
||||
const candidate = candidates[0];
|
||||
logger.debug(
|
||||
@@ -90556,7 +90661,7 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
|
||||
url2 = toolsInput;
|
||||
if (tagName) {
|
||||
const bundleVersion3 = tryGetBundleVersionFromTagName(tagName, logger);
|
||||
if (bundleVersion3 && semver6.valid(bundleVersion3)) {
|
||||
if (bundleVersion3 && semver7.valid(bundleVersion3)) {
|
||||
cliVersion2 = convertToSemVer(bundleVersion3, logger);
|
||||
}
|
||||
}
|
||||
@@ -90825,11 +90930,11 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defau
|
||||
async function useZstdBundle(cliVersion2, tarSupportsZstd) {
|
||||
return (
|
||||
// In testing, gzip performs better than zstd on Windows.
|
||||
process.platform !== "win32" && tarSupportsZstd && semver6.gte(cliVersion2, CODEQL_VERSION_ZSTD_BUNDLE)
|
||||
process.platform !== "win32" && tarSupportsZstd && semver7.gte(cliVersion2, CODEQL_VERSION_ZSTD_BUNDLE)
|
||||
);
|
||||
}
|
||||
function getTempExtractionDir(tempDir) {
|
||||
return path10.join(tempDir, v4_default());
|
||||
return path12.join(tempDir, v4_default());
|
||||
}
|
||||
|
||||
// src/tracer-config.ts
|
||||
@@ -90872,7 +90977,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV
|
||||
toolsDownloadStatusReport
|
||||
)}`
|
||||
);
|
||||
let codeqlCmd = path11.join(codeqlFolder, "codeql", "codeql");
|
||||
let codeqlCmd = path13.join(codeqlFolder, "codeql", "codeql");
|
||||
if (process.platform === "win32") {
|
||||
codeqlCmd += ".exe";
|
||||
} else if (process.platform !== "linux" && process.platform !== "darwin") {
|
||||
@@ -90933,12 +91038,12 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async isTracedLanguage(language) {
|
||||
const extractorPath = await this.resolveExtractor(language);
|
||||
const tracingConfigPath = path11.join(
|
||||
const tracingConfigPath = path13.join(
|
||||
extractorPath,
|
||||
"tools",
|
||||
"tracing-config.lua"
|
||||
);
|
||||
return fs10.existsSync(tracingConfigPath);
|
||||
return fs12.existsSync(tracingConfigPath);
|
||||
},
|
||||
async isScannedLanguage(language) {
|
||||
return !await this.isTracedLanguage(language);
|
||||
@@ -91009,7 +91114,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
|
||||
},
|
||||
async runAutobuild(config, language) {
|
||||
applyAutobuildAzurePipelinesTimeoutFix();
|
||||
const autobuildCmd = path11.join(
|
||||
const autobuildCmd = path13.join(
|
||||
await this.resolveExtractor(language),
|
||||
"tools",
|
||||
process.platform === "win32" ? "autobuild.cmd" : "autobuild.sh"
|
||||
@@ -91330,12 +91435,12 @@ ${output}`
|
||||
);
|
||||
} else if (checkVersion && process.env["CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */] !== "true" && !await codeQlVersionAtLeast(codeql, CODEQL_NEXT_MINIMUM_VERSION)) {
|
||||
const result = await codeql.getVersion();
|
||||
core10.warning(
|
||||
core11.warning(
|
||||
`CodeQL CLI version ${result.version} was discontinued on ${GHES_MOST_RECENT_DEPRECATION_DATE} alongside GitHub Enterprise Server ${GHES_VERSION_MOST_RECENTLY_DEPRECATED} and will not be supported by the next minor release of the CodeQL Action. Please update to CodeQL CLI version ${CODEQL_NEXT_MINIMUM_VERSION} or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
|
||||
|
||||
Alternatively, if you want to continue using CodeQL CLI version ${result.version}, you can replace 'github/codeql-action/*@v${getActionVersion().split(".")[0]}' by 'github/codeql-action/*@v${getActionVersion()}' in your code scanning workflow to continue using this version of the CodeQL Action.`
|
||||
);
|
||||
core10.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
core11.exportVariable("CODEQL_ACTION_SUPPRESS_DEPRECATED_SOON_WARNING" /* SUPPRESS_DEPRECATED_SOON_WARNING */, "true");
|
||||
}
|
||||
return codeql;
|
||||
}
|
||||
@@ -91387,13 +91492,17 @@ async function runCli(cmd, args = [], opts = {}) {
|
||||
}
|
||||
async function writeCodeScanningConfigFile(config, logger) {
|
||||
const codeScanningConfigFile = getGeneratedCodeScanningConfigPath(config);
|
||||
const augmentedConfig = appendExtraQueryExclusions(
|
||||
config.extraQueryExclusions,
|
||||
config.computedConfig
|
||||
);
|
||||
logger.info(
|
||||
`Writing augmented user configuration file to ${codeScanningConfigFile}`
|
||||
);
|
||||
logger.startGroup("Augmented user configuration file contents");
|
||||
logger.info(dump(config.computedConfig));
|
||||
logger.info(dump(augmentedConfig));
|
||||
logger.endGroup();
|
||||
fs10.writeFileSync(codeScanningConfigFile, dump(config.computedConfig));
|
||||
fs12.writeFileSync(codeScanningConfigFile, dump(augmentedConfig));
|
||||
return codeScanningConfigFile;
|
||||
}
|
||||
var TRAP_CACHE_SIZE_MB = 1024;
|
||||
@@ -91416,7 +91525,7 @@ async function getTrapCachingExtractorConfigArgsForLang(config, language) {
|
||||
];
|
||||
}
|
||||
function getGeneratedCodeScanningConfigPath(config) {
|
||||
return path11.resolve(config.tempDir, "user-config.yaml");
|
||||
return path13.resolve(config.tempDir, "user-config.yaml");
|
||||
}
|
||||
function getExtractionVerbosityArguments(enableDebugLogging) {
|
||||
return enableDebugLogging ? [`--verbosity=${EXTRACTION_DEBUG_MODE_VERBOSITY}`] : [];
|
||||
@@ -91436,90 +91545,6 @@ async function getJobRunUuidSarifOptions(codeql) {
|
||||
) ? [`--sarif-run-property=jobRunUuid=${jobRunUuid}`] : [];
|
||||
}
|
||||
|
||||
// src/config-utils.ts
|
||||
var fs12 = __toESM(require("fs"));
|
||||
var path13 = __toESM(require("path"));
|
||||
var semver7 = __toESM(require_semver2());
|
||||
|
||||
// src/analyses.ts
|
||||
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
|
||||
AnalysisKind2["CodeScanning"] = "code-scanning";
|
||||
AnalysisKind2["CodeQuality"] = "code-quality";
|
||||
return AnalysisKind2;
|
||||
})(AnalysisKind || {});
|
||||
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
|
||||
|
||||
// src/caching-utils.ts
|
||||
var core11 = __toESM(require_core());
|
||||
|
||||
// src/diff-informed-analysis-utils.ts
|
||||
var fs11 = __toESM(require("fs"));
|
||||
var path12 = __toESM(require("path"));
|
||||
function getDiffRangesJsonFilePath() {
|
||||
return path12.join(getTemporaryDirectory(), "pr-diff-range.json");
|
||||
}
|
||||
function readDiffRangesJsonFile(logger) {
|
||||
const jsonFilePath = getDiffRangesJsonFilePath();
|
||||
if (!fs11.existsSync(jsonFilePath)) {
|
||||
logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
|
||||
return void 0;
|
||||
}
|
||||
const jsonContents = fs11.readFileSync(jsonFilePath, "utf8");
|
||||
logger.debug(
|
||||
`Read pr-diff-range JSON file from ${jsonFilePath}:
|
||||
${jsonContents}`
|
||||
);
|
||||
return JSON.parse(jsonContents);
|
||||
}
|
||||
|
||||
// src/trap-caching.ts
|
||||
var actionsCache2 = __toESM(require_cache3());
|
||||
|
||||
// src/config-utils.ts
|
||||
var OVERLAY_ANALYSIS_FEATURES = {
|
||||
actions: "overlay_analysis_actions" /* OverlayAnalysisActions */,
|
||||
cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */,
|
||||
csharp: "overlay_analysis_csharp" /* OverlayAnalysisCsharp */,
|
||||
go: "overlay_analysis_go" /* OverlayAnalysisGo */,
|
||||
java: "overlay_analysis_java" /* OverlayAnalysisJava */,
|
||||
javascript: "overlay_analysis_javascript" /* OverlayAnalysisJavascript */,
|
||||
python: "overlay_analysis_python" /* OverlayAnalysisPython */,
|
||||
ruby: "overlay_analysis_ruby" /* OverlayAnalysisRuby */,
|
||||
rust: "overlay_analysis_rust" /* OverlayAnalysisRust */,
|
||||
swift: "overlay_analysis_swift" /* OverlayAnalysisSwift */
|
||||
};
|
||||
var OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES = {
|
||||
actions: "overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */,
|
||||
cpp: "overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */,
|
||||
csharp: "overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */,
|
||||
go: "overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */,
|
||||
java: "overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */,
|
||||
javascript: "overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */,
|
||||
python: "overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */,
|
||||
ruby: "overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */,
|
||||
rust: "overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */,
|
||||
swift: "overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */
|
||||
};
|
||||
var PACK_IDENTIFIER_PATTERN = (function() {
|
||||
const alphaNumeric = "[a-z0-9]";
|
||||
const alphaNumericDash = "[a-z0-9-]";
|
||||
const component = `${alphaNumeric}(${alphaNumericDash}*${alphaNumeric})?`;
|
||||
return new RegExp(`^${component}/${component}$`);
|
||||
})();
|
||||
function getPathToParsedConfigFile(tempDir) {
|
||||
return path13.join(tempDir, "config");
|
||||
}
|
||||
async function getConfig(tempDir, logger) {
|
||||
const configFile = getPathToParsedConfigFile(tempDir);
|
||||
if (!fs12.existsSync(configFile)) {
|
||||
return void 0;
|
||||
}
|
||||
const configString = fs12.readFileSync(configFile, "utf8");
|
||||
logger.debug("Loaded config:");
|
||||
logger.debug(configString);
|
||||
return JSON.parse(configString);
|
||||
}
|
||||
|
||||
// src/fingerprints.ts
|
||||
var fs13 = __toESM(require("fs"));
|
||||
var import_path = __toESM(require("path"));
|
||||
|
||||
+16
-6
@@ -13,7 +13,7 @@ import {
|
||||
} from "./actions-util";
|
||||
import * as api from "./api-client";
|
||||
import { CliError, wrapCliConfigurationError } from "./cli-errors";
|
||||
import { type Config } from "./config-utils";
|
||||
import { appendExtraQueryExclusions, type Config } from "./config-utils";
|
||||
import { DocUrl } from "./doc-url";
|
||||
import { EnvVar } from "./environment";
|
||||
import {
|
||||
@@ -1149,11 +1149,11 @@ async function runCli(
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a code scanning configuration that is to be used for a scan.
|
||||
* Writes the code scanning configuration that is to be used by the CLI.
|
||||
*
|
||||
* @param codeql The CodeQL object to use.
|
||||
* @param config The configuration to use.
|
||||
* @returns the path to the generated user configuration file.
|
||||
* @param config The CodeQL Action state to use.
|
||||
* @returns The path to the generated user configuration file.
|
||||
*/
|
||||
async function writeCodeScanningConfigFile(
|
||||
config: Config,
|
||||
@@ -1161,14 +1161,24 @@ async function writeCodeScanningConfigFile(
|
||||
): Promise<string> {
|
||||
const codeScanningConfigFile = getGeneratedCodeScanningConfigPath(config);
|
||||
|
||||
// Apply the `extraQueryExclusions` from the CodeQL Action state to the CLI configuration.
|
||||
// We do this here at the latest possible point before passing the CLI configuration on to
|
||||
// the CLI so that the `extraQueryExclusions` appear after all user-configured `query-filters`.
|
||||
// See the comment in `applyExtraQueryExclusions` for more information, as well as
|
||||
// https://github.com/github/codeql-action/pull/2938
|
||||
const augmentedConfig = appendExtraQueryExclusions(
|
||||
config.extraQueryExclusions,
|
||||
config.computedConfig,
|
||||
);
|
||||
|
||||
logger.info(
|
||||
`Writing augmented user configuration file to ${codeScanningConfigFile}`,
|
||||
);
|
||||
logger.startGroup("Augmented user configuration file contents");
|
||||
logger.info(yaml.dump(config.computedConfig));
|
||||
logger.info(yaml.dump(augmentedConfig));
|
||||
logger.endGroup();
|
||||
|
||||
fs.writeFileSync(codeScanningConfigFile, yaml.dump(config.computedConfig));
|
||||
fs.writeFileSync(codeScanningConfigFile, yaml.dump(augmentedConfig));
|
||||
return codeScanningConfigFile;
|
||||
}
|
||||
|
||||
|
||||
@@ -348,6 +348,7 @@ test("load non-empty input", async (t) => {
|
||||
trapCaches: {},
|
||||
trapCacheDownloadTime: 0,
|
||||
dependencyCachingEnabled: CachingKind.None,
|
||||
extraQueryExclusions: [],
|
||||
overlayDatabaseMode: OverlayDatabaseMode.None,
|
||||
useOverlayDatabaseCaching: false,
|
||||
};
|
||||
|
||||
+32
-12
@@ -170,6 +170,11 @@ export interface Config {
|
||||
/** A value indicating how dependency caching should be used. */
|
||||
dependencyCachingEnabled: CachingKind;
|
||||
|
||||
/**
|
||||
* Extra query exclusions to append to the config.
|
||||
*/
|
||||
extraQueryExclusions: ExcludeQueryFilter[];
|
||||
|
||||
/**
|
||||
* The overlay database mode to use.
|
||||
*/
|
||||
@@ -218,11 +223,6 @@ export interface AugmentationProperties {
|
||||
* The packs input from the `with` block of the action declaration
|
||||
*/
|
||||
packsInput?: string[];
|
||||
|
||||
/**
|
||||
* Extra query exclusions to append to the config.
|
||||
*/
|
||||
extraQueryExclusions: ExcludeQueryFilter[];
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -234,7 +234,6 @@ export const defaultAugmentationProperties: AugmentationProperties = {
|
||||
packsInputCombines: false,
|
||||
packsInput: undefined,
|
||||
queriesInput: undefined,
|
||||
extraQueryExclusions: [],
|
||||
};
|
||||
export type Packs = Partial<Record<Language, string[]>>;
|
||||
|
||||
@@ -595,6 +594,7 @@ export async function getDefaultConfig({
|
||||
trapCaches,
|
||||
trapCacheDownloadTime,
|
||||
dependencyCachingEnabled: getCachingKind(dependencyCachingEnabled),
|
||||
extraQueryExclusions: [],
|
||||
overlayDatabaseMode: OverlayDatabaseMode.None,
|
||||
useOverlayDatabaseCaching: false,
|
||||
};
|
||||
@@ -683,7 +683,6 @@ export async function calculateAugmentation(
|
||||
packsInput: packsInput?.[languages[0]],
|
||||
queriesInput,
|
||||
queriesInputCombines,
|
||||
extraQueryExclusions: [],
|
||||
};
|
||||
}
|
||||
|
||||
@@ -1145,10 +1144,7 @@ export async function initConfig(inputs: InitConfigInputs): Promise<Config> {
|
||||
logger,
|
||||
))
|
||||
) {
|
||||
if (config.computedConfig["query-filters"] === undefined) {
|
||||
config.computedConfig["query-filters"] = [];
|
||||
}
|
||||
config.computedConfig["query-filters"].push({
|
||||
config.extraQueryExclusions.push({
|
||||
exclude: { tags: "exclude-from-incremental" },
|
||||
});
|
||||
}
|
||||
@@ -1478,17 +1474,41 @@ export function generateCodeScanningConfig(
|
||||
delete augmentedConfig.packs;
|
||||
}
|
||||
|
||||
return augmentedConfig;
|
||||
}
|
||||
|
||||
/**
|
||||
* Appends `extraQueryExclusions` to `cliConfig`'s `query-filters`.
|
||||
*
|
||||
* @param extraQueryExclusions The extra query exclusions to append to the `query-filters`.
|
||||
* @param cliConfig The CodeQL CLI configuration to extend.
|
||||
* @returns Returns `cliConfig` if there are no extra query exclusions
|
||||
* or a copy of `cliConfig` where the extra query exclusions
|
||||
* have been appended to `query-filters`.
|
||||
*/
|
||||
export function appendExtraQueryExclusions(
|
||||
extraQueryExclusions: ExcludeQueryFilter[],
|
||||
cliConfig: UserConfig,
|
||||
): UserConfig {
|
||||
if (extraQueryExclusions.length === 0) {
|
||||
return cliConfig;
|
||||
}
|
||||
|
||||
// make a copy so we can modify it
|
||||
const augmentedConfig = cloneObject(cliConfig);
|
||||
|
||||
augmentedConfig["query-filters"] = [
|
||||
// Ordering matters. If the first filter is an inclusion, it implicitly
|
||||
// excludes all queries that are not included. If it is an exclusion,
|
||||
// it implicitly includes all queries that are not excluded. So user
|
||||
// filters (if any) should always be first to preserve intent.
|
||||
...(augmentedConfig["query-filters"] || []),
|
||||
...augmentationProperties.extraQueryExclusions,
|
||||
...extraQueryExclusions,
|
||||
];
|
||||
if (augmentedConfig["query-filters"]?.length === 0) {
|
||||
delete augmentedConfig["query-filters"];
|
||||
}
|
||||
|
||||
return augmentedConfig;
|
||||
}
|
||||
|
||||
|
||||
@@ -373,11 +373,11 @@ export function createTestConfig(overrides: Partial<Config>): Config {
|
||||
augmentationProperties: {
|
||||
packsInputCombines: false,
|
||||
queriesInputCombines: false,
|
||||
extraQueryExclusions: [],
|
||||
} satisfies AugmentationProperties,
|
||||
trapCaches: {},
|
||||
trapCacheDownloadTime: 0,
|
||||
dependencyCachingEnabled: CachingKind.None,
|
||||
extraQueryExclusions: [],
|
||||
overlayDatabaseMode: OverlayDatabaseMode.None,
|
||||
useOverlayDatabaseCaching: false,
|
||||
} satisfies Config,
|
||||
|
||||
Reference in New Issue
Block a user