Merge pull request #88 from github/fail-fast

Remove `strategy: fail-fast`
Remove strategy: fail-fast
2026-05-03 12:20:09 +00:00 · 2020-06-29 12:49:28 +01:00 · 2020-06-29 08:49:16 +01:00 · 2020-06-26 18:41:17 +01:00 · 2020-06-26 16:01:59 +01:00 · 2020-06-26 15:43:55 +01:00
516 changed files with 42287 additions and 8746 deletions
@@ -0,0 +1,10 @@
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.ts]
+indent_style = space
+indent_size = 2
@@ -0,0 +1,5 @@
+blank_issues_enabled: true
+contact_links:
+  - name: Contact GitHub Support
+    url: https://support.github.com/contact?subject=Code+Scanning+Beta+Support&tags=code-scanning-support
+    about: Contact Support about code scanning
@@ -2,5 +2,12 @@ name: "CodeQL config"
 queries: 
  - name: Run custom queries
    uses: ./queries
+  # Run all extra query suites, both because we want to
+  # and because it'll act as extra testing. This is why
+  # we include both even though one is a superset of the
+  # other, because we're testing the parsing logic and
+  # that the suites exist in the codeql bundle.
+  - uses: security-extended
+  - uses: security-and-quality
 paths-ignore:
  - tests
@@ -0,0 +1,178 @@
+import datetime
+from github import Github
+import random
+import requests
+import subprocess
+import sys
+
+# The branch being merged from.
+# This is the one that contains day-to-day development work.
+MAIN_BRANCH = 'main'
+# The branch being merged into.
+# This is the release branch that users reference.
+LATEST_RELEASE_BRANCH = 'v1'
+# Name of the remote
+ORIGIN = 'origin'
+
+# Runs git with the given args and returns the stdout.
+# Raises an error if git does not exit successfully.
+def run_git(*args):
+  cmd = ['git', *args]
+  p = subprocess.run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+  if (p.returncode != 0):
+    raise Exception('Call to ' + ' '.join(cmd) + ' exited with code ' + str(p.returncode) + ' stderr:' + p.stderr.decode('ascii'))
+  return p.stdout.decode('ascii')
+
+# Returns true if the given branch exists on the origin remote
+def branch_exists_on_remote(branch_name):
+  return run_git('ls-remote', '--heads', ORIGIN, branch_name).strip() != ''
+
+# Opens a PR from the given branch to the release branch
+def open_pr(repo, all_commits, short_main_sha, branch_name):
+  # Sort the commits into the pull requests that introduced them,
+  # and any commits that don't have a pull request
+  pull_requests = []
+  commits_without_pull_requests = []
+  for commit in all_commits:
+    pr = get_pr_for_commit(repo, commit)
+    
+    if pr is None:
+      commits_without_pull_requests.append(commit)
+    elif not any(p for p in pull_requests if p.number == pr.number):
+      pull_requests.append(pr)
+
+  print('Found ' + str(len(pull_requests)) + ' pull requests')
+  print('Found ' + str(len(commits_without_pull_requests)) + ' commits not in a pull request')
+
+  # Sort PRs and commits by age
+  pull_requests = sorted(pull_requests, key=lambda pr: pr.number)
+  commits_without_pull_requests = sorted(commits_without_pull_requests, key=lambda c: c.commit.author.date)
+  
+  # Start constructing the body text
+  body = 'Merging ' + short_main_sha + ' into ' + LATEST_RELEASE_BRANCH
+
+  conductor = get_conductor(repo, pull_requests, commits_without_pull_requests)
+  body += '\n\nConductor for this PR is @' + conductor
+
+  # List all PRs merged
+  if len(pull_requests) > 0:
+    body += '\n\nContains the following pull requests:'
+    for pr in pull_requests:
+      merger = get_merger_of_pr(repo, pr)
+      body += '\n- #' + str(pr.number)
+      body += ' - ' + pr.title
+      body += ' (@' + merger + ')'
+  
+  # List all commits not part of a PR
+  if len(commits_without_pull_requests) > 0:
+    body += '\n\nContains the following commits not from a pull request:'
+    for commit in commits_without_pull_requests:
+      body += '\n- ' + commit.sha
+      body += ' - ' + get_truncated_commit_message(commit)
+      body += ' (@' + commit.author.login + ')'
+
+  title = 'Merge ' + MAIN_BRANCH + ' into ' + LATEST_RELEASE_BRANCH
+
+  # Create the pull request
+  pr = repo.create_pull(title=title, body=body, head=branch_name, base=LATEST_RELEASE_BRANCH)
+  print('Created PR #' + str(pr.number))
+
+  # Assign the conductor
+  pr.add_to_assignees(conductor)
+  print('Assigned PR to ' + conductor)
+
+# Gets the person who should be in charge of the mergeback PR
+def get_conductor(repo, pull_requests, other_commits):
+  # If there are any PRs then use whoever merged the last one
+  if len(pull_requests) > 0:
+    return get_merger_of_pr(repo, pull_requests[-1])
+  
+  # Otherwise take the author of the latest commit
+  return other_commits[-1].author.login
+
+# Gets a list of the SHAs of all commits that have happened on main
+# since the release branched off.
+# This will not include any commits that exist on the release branch
+# that aren't on main.
+def get_commit_difference(repo):
+  commits = run_git('log', '--pretty=format:%H', ORIGIN + '/' + LATEST_RELEASE_BRANCH + '...' + MAIN_BRANCH).strip().split('\n')
+
+  # Convert to full-fledged commit objects
+  commits = [repo.get_commit(c) for c in commits]
+
+  # Filter out merge commits for PRs
+  return list(filter(lambda c: not is_pr_merge_commit(c), commits))
+
+# Is the given commit the automatic merge commit from when merging a PR
+def is_pr_merge_commit(commit):
+  return commit.committer.login == 'web-flow' and len(commit.parents) > 1
+
+# Gets a copy of the commit message that should display nicely
+def get_truncated_commit_message(commit):
+  message = commit.commit.message.split('\n')[0]
+  if len(message) > 60:
+    return message[:57] + '...'
+  else:
+    return message
+
+# Converts a commit into the PR that introduced it to the main branch.
+# Returns the PR object, or None if no PR could be found.
+def get_pr_for_commit(repo, commit):
+  prs = commit.get_pulls()
+  
+  if prs.totalCount > 0:
+    # In the case that there are multiple PRs, return the earliest one
+    prs = list(prs)
+    sorted(prs, key=lambda pr: int(pr.number))
+    return prs[0]
+  else:
+    return None
+
+# Get the person who merged the pull request.
+# For most cases this will be the same as the author, but for PRs opened
+# by external contributors getting the merger will get us the GitHub
+# employee who reviewed and merged the PR.
+def get_merger_of_pr(repo, pr):
+  return repo.get_commit(pr.merge_commit_sha).author.login
+
+def main():
+  if len(sys.argv) != 3:
+    raise Exception('Usage: update-release.branch.py <github token> <repository nwo>')
+  github_token = sys.argv[1]
+  repository_nwo = sys.argv[2]
+
+  repo = Github(github_token).get_repo(repository_nwo)
+
+  # Print what we intend to go
+  print('Considering difference between ' + MAIN_BRANCH + ' and ' + LATEST_RELEASE_BRANCH)
+  short_main_sha = run_git('rev-parse', '--short', MAIN_BRANCH).strip()
+  print('Current head of ' + MAIN_BRANCH + ' is ' + short_main_sha)
+
+  # See if there are any commits to merge in
+  commits = get_commit_difference(repo)
+  if len(commits) == 0:
+    print('No commits to merge from ' + MAIN_BRANCH + ' to ' + LATEST_RELEASE_BRANCH)
+    return
+
+  # The branch name is based off of the name of branch being merged into
+  # and the SHA of the branch being merged from. Thus if the branch already
+  # exists we can assume we don't need to recreate it.
+  new_branch_name = 'update-' + LATEST_RELEASE_BRANCH + '-' + short_main_sha
+  print('Branch name is ' + new_branch_name)
+
+  # Check if the branch already exists. If so we can abort as this script
+  # has already run on this combination of branches.
+  if branch_exists_on_remote(new_branch_name):
+    print('Branch ' + new_branch_name + ' already exists. Nothing to do.')
+    return
+  
+  # Create the new branch and push it to the remote
+  print('Creating branch ' + new_branch_name)
+  run_git('checkout', '-b', new_branch_name, MAIN_BRANCH)
+  run_git('push', ORIGIN, new_branch_name)
+
+  # Open a PR to update the branch
+  open_pr(repo, commits, short_main_sha, new_branch_name)
+
+if __name__ == '__main__':
+  main()
@@ -1,6 +1,6 @@
 name: "CodeQL action"

-on: [push]
+on: [push, pull_request]

 jobs:
  build:
@@ -11,6 +11,16 @@ jobs:

    steps:
    - uses: actions/checkout@v1
+      with:
+        # Must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head of the pull request.
+        fetch-depth: 2
+
+    # If this run was triggered by a pull request event then checkout
+    # the head of the pull request instead of the merge commit.
+    - run: git checkout HEAD^2
+      if: ${{ github.event_name == 'pull_request' }}
+
    - uses: ./init
      with:
        languages: javascript
@@ -1,14 +1,10 @@
 name: "Integration Testing"

-on: [push]
+on: [push, pull_request]

 jobs:
  multi-language-repo_test-autodetect-languages:
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [ubuntu-latest, windows-latest]
-    runs-on: ${{ matrix.os }}
+    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v2
@@ -16,9 +12,8 @@ jobs:
      shell: bash
      run: |
        mkdir ../action
-        shopt -s dotglob
-        mv * ../action/
-        mv ../action/tests/multi-language-repo/* .
+        mv * .github ../action/
+        mv ../action/tests/multi-language-repo/{*,.github} .
    - uses: ./../action/init
    - name: Build code
      shell: bash
@@ -26,6 +21,20 @@ jobs:
    - uses: ./../action/analyze
      env:
        TEST_MODE: true
+    - run: |
+        cd "$CODEQL_ACTION_DATABASE_DIR"
+        # List all directories as there will be precisely one directory per database
+        # but there may be other files in this directory such as query suites.
+        if [ "$(ls -d */ | wc -l)" != 6 ] || \
+           [[ ! -d cpp ]] || \
+           [[ ! -d csharp ]] || \
+           [[ ! -d go ]] || \
+           [[ ! -d java ]] || \
+           [[ ! -d javascript ]] || \
+           [[ ! -d python ]]; then
+          echo "Did not find expected number of databases. Database dir contains: $(ls)"
+          exit 1
+        fi

  multi-language-repo_test-custom-queries:
    strategy:
@@ -40,9 +49,8 @@ jobs:
      shell: bash
      run: |
        mkdir ../action
-        shopt -s dotglob
-        mv * ../action/
-        mv ../action/tests/multi-language-repo/* .
+        mv * .github ../action/
+        mv ../action/tests/multi-language-repo/{*,.github} .
    - uses: ./../action/init
      with:
        languages: cpp,csharp,java,javascript,python
@@ -72,9 +80,8 @@ jobs:
      shell: bash
      run: |
        mkdir ../action
-        shopt -s dotglob
-        mv * ../action/
-        mv ../action/tests/multi-language-repo/* .
+        mv * .github ../action/
+        mv ../action/tests/multi-language-repo/{*,.github} .
    - uses: ./../action/init
      with:
        languages: go
@@ -96,15 +103,14 @@ jobs:
      shell: bash
      run: |
        mkdir ../action
-        shopt -s dotglob
-        mv * ../action/
-        mv ../action/tests/multi-language-repo/* .
+        mv * .github ../action/
+        mv ../action/tests/multi-language-repo/{*,.github} .
    - name: Set up Ruby
      uses: ruby/setup-ruby@v1
      with:
        ruby-version: 2.6
    - name: Install Code Scanning integration
-      run: bundle add code-scanning-rubocop --version 0.2.0 --skip-install
+      run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install
    - name: Install dependencies
      run: bundle install
    - name: Rubocop run
@@ -117,4 +123,4 @@ jobs:
      with:
        sarif_file: rubocop.sarif
      env:
-        TEST_MODE: true
+        TEST_MODE: true
@@ -0,0 +1,31 @@
+name: Update release branch
+on:
+  schedule:
+    - cron: 0 9 * * 1
+  repository_dispatch:
+    # Example of how to trigger this:
+    # curl -H "Authorization: Bearer <token>" -X POST https://api.github.com/repos/github/codeql-action/dispatches -d '{"event_type":"update-release-branch"}'
+    # Replace <token> with a personal access token from this page: https://github.com/settings/tokens
+    types: [update-release-branch]
+
+jobs:
+  update:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+      with:
+        # Need full history so we calculate diffs
+        fetch-depth: 0
+
+    - name: Set up Python
+      uses: actions/setup-python@v2
+      with:
+        python-version: 3.5
+
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install PyGithub==1.51 requests
+
+    - name: Update release branch
+      run: python .github/update-release-branch.py ${{ secrets.GITHUB_TOKEN }} ${{ github.repository }}
@@ -0,0 +1,10 @@
+{
+  "files.exclude": {
+    // include the defaults from VS Code
+    "**/.git": true,
+    "**/.DS_Store": true,
+
+    // transpiled JavaScript
+    "lib": true,
+  }
+}
@@ -1,6 +1,6 @@
 # CodeQL Action

-This action runs GitHub's industry-leading static analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of [queries](https://github.com/semmle/ql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code.
+This action runs GitHub's industry-leading static analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of [queries](https://github.com/github/codeql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code.

 ## License

@@ -10,6 +10,8 @@ The underlying CodeQL CLI, used in this action, is licensed under the [GitHub Co

 ## Usage

+This is a short walkthrough, but for more information read [configuring code scanning](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning).
+
 To get code scanning results from CodeQL analysis on your repo you can use the following workflow as a template:

 ```yaml
@@ -18,21 +20,29 @@ name: "Code Scanning - Action"

 on:
  push:
+  pull_request:
  schedule:
    - cron: '0 0 * * 0'

 jobs:
  CodeQL-Build:
-
-    strategy:
-      fail-fast: false
-
    # CodeQL runs on ubuntu-latest, windows-latest, and macos-latest
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v2
+        with:
+          # Must fetch at least the immediate parents so that if this is
+          # a pull request then we can checkout the head of the pull request.
+          # Only include this option if you are running this workflow on pull requests.
+          fetch-depth: 2
+
+      # If this run was triggered by a pull request event then checkout
+      # the head of the pull request instead of the merge commit.
+      # Only include this step if you are running this workflow on pull requests.
+      - run: git checkout HEAD^2
+        if: ${{ github.event_name == 'pull_request' }}

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
@@ -78,24 +88,9 @@ If you prefer to integrate this within an existing CI workflow, it should end up
  uses: github/codeql-action/analyze@v1
 ```

-### Actions triggers
+### Configuration file

-The CodeQL action should be run on `push` events, and on a `schedule`. `Push` events allow us to do a detailed analysis of the delta in a pull request, while the `schedule` event ensures that GitHub regularly scans the repository for the latest vulnerabilities, even if the repository becomes inactive. This action does not support the `pull_request` event.
-
-### Configuration
-
-You may optionally specify additional queries for CodeQL to execute by using a config file. The queries must belong to a [QL pack](https://help.semmle.com/codeql/codeql-cli/reference/qlpack-overview.html) and can be in your repository or any public repository. You can choose a single .ql file, a folder containing multiple .ql files, a .qls [query suite](https://help.semmle.com/codeql/codeql-cli/procedures/query-suites.html) file, or any combination of the above. To use queries from other repositories use the same syntax as when [using an action](https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsuses).
-
-You can disable the default queries using `disable-default-queries: true`.
-
-You can choose to ignore some files or folders from the analysis, or include additional files/folders for analysis. This *only* works for Javascript and Python analysis.
-Identifying potential files for extraction:
-
- Scans each folder that's defined as `paths` in turn, traversing subfolders, and looking for relevant files.
- If it finds a subfolder that's defined as `paths-ignore`, stop traversing.
- If a file or folder is both in `paths` and `paths-ignore`, the `paths-ignore` is ignored.
-
-Use the `config-file` parameter of the init action to enable the configuration file. For example:
+Use the `config-file` parameter of the `init` action to enable the configuration file. The value of `config-file` is the path to the configuration file you want to use. This example loads the configuration file `./.github/codeql/codeql-config.yml`.

 ```yaml
 - uses: github/codeql-action/init@v1
@@ -103,72 +98,8 @@ Use the `config-file` parameter of the init action to enable the configuration f
    config-file: ./.github/codeql/codeql-config.yml
 ```

-A config file looks like this:
-
-```yaml
-name: "My CodeQL config"
-
-disable-default-queries: true
-
-queries:
-  - name: In-repo queries (Runs the queries located in the my-queries folder of the repo)
-    uses: ./my-queries
-  - name: External Javascript QL pack (Runs a QL pack located in an external repo)
-    uses: /Semmle/ql/javascript/ql/src/Electron@master
-  - name: External query (Runs a single query located in an external QL pack)
-    uses: Semmle/ql/javascript/ql/src/AngularJS/DeadAngularJSEventListener.ql@master
-  - name: Select query suite (Runs a query suites)
-    uses: ./codeql-querypacks/complex-python-querypack/rootAndBar.qls
-
-paths:
-  - src/util.ts
-
-paths-ignore:
-  - src
-  - lib
-```
+The configuration file must be located within the local repository. For information on how to write a configuration file, see "[Using a custom configuration](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#using-a-custom-configuration)."

 ## Troubleshooting

-### Trouble with Go dependencies
-
-#### If you use a vendor directory
-
-Try passing
-
-```yaml
-env:
-  GOFLAGS: "-mod=vendor"
-```
-
-to `github/codeql-action/analyze`.
-
-#### If you do not use a vendor directory
-
-Dependencies on public repositories should just work. If you have dependencies on private repositories, one option is to use `git config` and a [personal access token](https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line) to authenticate when downloading dependencies. Add a section like
-
-```yaml
-steps:
-  - name: Configure git private repo access
-    env:
-      TOKEN: ${{ secrets.GITHUB_PAT }}
-    run: |
-      git config --global url."https://${TOKEN}@github.com/foo/bar".insteadOf "https://github.com/foo/bar"
-      git config --global url."https://${TOKEN}@github.com/foo/baz".insteadOf "https://github.com/foo/baz"
-```
-
-before any codeql actions. A similar thing can also be done with an SSH key or deploy key.
-
-### C# using dotnet version 2 on linux
-
-This currently requires invoking `dotnet` with the `/p:UseSharedCompilation=false` flag. For example:
-
-```shell
-dotnet build /p:UseSharedCompilation=false
-```
-
-Version 3 does not require the additional flag.
-
-### Analysing Go together with other languages on `macos-latest`
-
-When running on macos it is currently not possible to analyze Go in conjunction with any of Java, C/C++, or C#. Each language can still be analyzed separately.
+Read about [troubleshooting code scanning](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-code-scanning).
@@ -4,6 +4,7 @@ author: 'GitHub'
 inputs:
  check_name:
    description: The name of the check run to add text to.
+    required: false
  output:
    description: The path of the directory in which to save the SARIF results
    required: false
@@ -11,7 +12,14 @@ inputs:
  upload:
    description: Upload the SARIF file
    required: false
-    default: true
+    default: "true"
+  ram:
+    description: Override the amount of memory in MB to be used by CodeQL. By default, almost all the memory of the machine is used.
+    required: false
+  threads:
+    description: The number of threads to be used by CodeQL.
+    required: false
+    default: "1"
  token:
    default: ${{ github.token }}
  matrix:
@@ -5,12 +5,14 @@ inputs:
  tools:
    description: URL of CodeQL tools
    required: false
-    default: https://github.com/github/codeql-action/releases/download/codeql-bundle-20200427/codeql-bundle.tar.gz
+    default: https://github.com/github/codeql-action/releases/download/codeql-bundle-20200601/codeql-bundle.tar.gz
  languages:
    description: The languages to be analysed
    required: false
  token:
    default: ${{ github.token }}
+  matrix:
+    default: ${{ toJson(matrix) }}
  config-file:
    description: Path of the config file to use
    required: false
@@ -1,11 +0,0 @@
-module.exports = {
-  clearMocks: true,
-  moduleFileExtensions: ['js', 'ts'],
-  testEnvironment: 'node',
-  testMatch: ['**/*.test.ts'],
-  testRunner: 'jest-circus/runner',
-  transform: {
-    '^.+\\.ts$': 'ts-jest'
-  },
-  verbose: true
-}
@@ -16,7 +16,7 @@ function includeAndExcludeAnalysisPaths(config, languages) {
        core.exportVariable('LGTM_INDEX_EXCLUDE', config.pathsIgnore.join('\n'));
    }
    function isInterpretedLanguage(language) {
-        return language === 'javascript' && language === 'python';
+        return language === 'javascript' || language === 'python';
    }
    // Index include/exclude only work in javascript and python
    // If some other language is detected/configured show a warning
@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAItC,SAAgB,8BAA8B,CAAC,MAA0B,EAAE,SAAmB;IAC1F,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC3B,IAAI,CAAC,cAAc,CAAC,oBAAoB,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;KACtE;IAED,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QACjC,IAAI,CAAC,cAAc,CAAC,oBAAoB,EAAE,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;KAC5E;IAED,SAAS,qBAAqB,CAAC,QAAQ;QACnC,OAAO,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,CAAC;IAC9D,CAAC;IAED,2DAA2D;IAC3D,+DAA+D;IAC/D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE;QAC3G,IAAI,CAAC,OAAO,CAAC,4FAA4F,CAAC,CAAC;KAC9G;AACL,CAAC;AAlBD,wEAkBC"}
+{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAItC,SAAgB,8BAA8B,CAAC,MAA0B,EAAE,SAAmB;IAC5F,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,IAAI,CAAC,cAAc,CAAC,oBAAoB,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;KACpE;IAED,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QACnC,IAAI,CAAC,cAAc,CAAC,oBAAoB,EAAE,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;KAC1E;IAED,SAAS,qBAAqB,CAAC,QAAQ;QACrC,OAAO,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,CAAC;IAC5D,CAAC;IAED,2DAA2D;IAC3D,+DAA+D;IAC/D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE;QAC7G,IAAI,CAAC,OAAO,CAAC,4FAA4F,CAAC,CAAC;KAC5G;AACH,CAAC;AAlBD,wEAkBC"}
@@ -13,6 +13,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const ava_1 = __importDefault(require("ava"));
 const analysisPaths = __importStar(require("./analysis-paths"));
 const configUtils = __importStar(require("./config-utils"));
+const testing_utils_1 = require("./testing-utils");
+testing_utils_1.silenceDebugOutput(ava_1.default);
 ava_1.default("emptyPaths", async (t) => {
    let config = new configUtils.Config();
    analysisPaths.includeAndExcludeAnalysisPaths(config, []);
@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAAuB;AAEvB,gEAAkD;AAClD,4DAA8C;AAE9C,aAAI,CAAC,YAAY,EAAE,KAAK,EAAC,CAAC,EAAC,EAAE;IACzB,IAAI,MAAM,GAAG,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;IACtC,aAAa,CAAC,8BAA8B,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,eAAe,EAAE,KAAK,EAAC,CAAC,EAAC,EAAE;IAC5B,IAAI,MAAM,GAAG,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;IACtC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACpC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC1C,aAAa,CAAC,8BAA8B,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;IACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;AAC5D,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAAuB;AAEvB,gEAAkD;AAClD,4DAA8C;AAC9C,mDAAmD;AAEnD,kCAAkB,CAAC,aAAI,CAAC,CAAC;AAEzB,aAAI,CAAC,YAAY,EAAE,KAAK,EAAC,CAAC,EAAC,EAAE;IAC3B,IAAI,MAAM,GAAG,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;IACtC,aAAa,CAAC,8BAA8B,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,eAAe,EAAE,KAAK,EAAC,CAAC,EAAC,EAAE;IAC9B,IAAI,MAAM,GAAG,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;IACtC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACpC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC1C,aAAa,CAAC,8BAA8B,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;IACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;AAC1D,CAAC,CAAC,CAAC"}
@@ -0,0 +1,23 @@
+"use strict";
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const core = __importStar(require("@actions/core"));
+const octokit = __importStar(require("@octokit/rest"));
+const console_log_level_1 = __importDefault(require("console-log-level"));
+const githubAPIURL = process.env["GITHUB_API_URL"] || "https://api.github.com";
+exports.client = new octokit.Octokit({
+    auth: core.getInput("token"),
+    baseUrl: githubAPIURL,
+    userAgent: "CodeQL Action",
+    log: console_log_level_1.default({ level: "debug" })
+});
+//# sourceMappingURL=api-client.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oDAAsC;AACtC,uDAAyC;AACzC,0EAAgD;AAEhD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,wBAAwB,CAAC;AAClE,QAAA,MAAM,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC;IACxC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;IAC5B,OAAO,EAAE,YAAY;IACrB,SAAS,EAAE,eAAe;IAC1B,GAAG,EAAE,2BAAe,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;CACzC,CAAC,CAAC"}
@@ -12,6 +12,13 @@ const io = __importStar(require("@actions/io"));
 const fs = __importStar(require("fs"));
 const yaml = __importStar(require("js-yaml"));
 const path = __importStar(require("path"));
+const util = __importStar(require("./util"));
+const NAME_PROPERTY = 'name';
+const DISPLAY_DEFAULT_QUERIES_PROPERTY = 'disable-default-queries';
+const QUERIES_PROPERTY = 'queries';
+const QUERIES_USES_PROPERTY = 'uses';
+const PATHS_IGNORE_PROPERTY = 'paths-ignore';
+const PATHS_PROPERTY = 'paths';
 class ExternalQuery {
    constructor(repository, ref) {
        this.path = '';
@@ -20,39 +27,74 @@ class ExternalQuery {
    }
 }
 exports.ExternalQuery = ExternalQuery;
+// The set of acceptable values for built-in suites from the codeql bundle
+const builtinSuites = ['security-extended', 'security-and-quality'];
 class Config {
    constructor() {
        this.name = "";
        this.disableDefaultQueries = false;
        this.additionalQueries = [];
        this.externalQueries = [];
+        this.additionalSuites = [];
        this.pathsIgnore = [];
        this.paths = [];
    }
-    addQuery(queryUses) {
+    addQuery(configFile, queryUses) {
        // The logic for parsing the string is based on what actions does for
        // parsing the 'uses' actions in the workflow file
+        queryUses = queryUses.trim();
        if (queryUses === "") {
-            throw '"uses" value for queries cannot be blank';
+            throw new Error(getQueryUsesInvalid(configFile));
        }
+        // Check for the local path case before we start trying to parse the repository name
        if (queryUses.startsWith("./")) {
-            this.additionalQueries.push(queryUses.slice(2));
+            const localQueryPath = queryUses.slice(2);
+            // Resolve the local path against the workspace so that when this is
+            // passed to codeql it resolves to exactly the path we expect it to resolve to.
+            const workspacePath = fs.realpathSync(util.getRequiredEnvParam('GITHUB_WORKSPACE'));
+            let absoluteQueryPath = path.join(workspacePath, localQueryPath);
+            // Check the file exists
+            if (!fs.existsSync(absoluteQueryPath)) {
+                throw new Error(getLocalPathDoesNotExist(configFile, localQueryPath));
+            }
+            // Call this after checking file exists, because it'll fail if file doesn't exist
+            absoluteQueryPath = fs.realpathSync(absoluteQueryPath);
+            // Check the local path doesn't jump outside the repo using '..' or symlinks
+            if (!(absoluteQueryPath + path.sep).startsWith(workspacePath + path.sep)) {
+                throw new Error(getLocalPathOutsideOfRepository(configFile, localQueryPath));
+            }
+            this.additionalQueries.push(absoluteQueryPath);
            return;
        }
+        // Check for one of the builtin suites
+        if (queryUses.indexOf('/') === -1 && queryUses.indexOf('@') === -1) {
+            const suite = builtinSuites.find((suite) => suite === queryUses);
+            if (suite) {
+                this.additionalSuites.push(suite);
+                return;
+            }
+            else {
+                throw new Error(getQueryUsesInvalid(configFile, queryUses));
+            }
+        }
        let tok = queryUses.split('@');
        if (tok.length !== 2) {
-            throw '"uses" value for queries must be a path, or owner/repo@ref \n Found: ' + queryUses;
+            throw new Error(getQueryUsesInvalid(configFile, queryUses));
        }
        const ref = tok[1];
        tok = tok[0].split('/');
        // The first token is the owner
        // The second token is the repo
        // The rest is a path, if there is more than one token combine them to form the full path
+        if (tok.length < 2) {
+            throw new Error(getQueryUsesInvalid(configFile, queryUses));
+        }
        if (tok.length > 3) {
            tok = [tok[0], tok[1], tok.slice(2).join('/')];
        }
-        if (tok.length < 2) {
-            throw '"uses" value for queries must be a path, or owner/repo@ref \n Found: ' + queryUses;
+        // Check none of the parts of the repository name are empty
+        if (tok[0].trim() === '' || tok[1].trim() === '') {
+            throw new Error(getQueryUsesInvalid(configFile, queryUses));
        }
        let external = new ExternalQuery(tok[0] + '/' + tok[1], ref);
        if (tok.length === 3) {
@@ -62,62 +104,137 @@ class Config {
    }
 }
 exports.Config = Config;
-const configFolder = process.env['RUNNER_WORKSPACE'] || '/tmp/codeql-action';
+function getNameInvalid(configFile) {
+    return getConfigFilePropertyError(configFile, NAME_PROPERTY, 'must be a non-empty string');
+}
+exports.getNameInvalid = getNameInvalid;
+function getDisableDefaultQueriesInvalid(configFile) {
+    return getConfigFilePropertyError(configFile, DISPLAY_DEFAULT_QUERIES_PROPERTY, 'must be a boolean');
+}
+exports.getDisableDefaultQueriesInvalid = getDisableDefaultQueriesInvalid;
+function getQueriesInvalid(configFile) {
+    return getConfigFilePropertyError(configFile, QUERIES_PROPERTY, 'must be an array');
+}
+exports.getQueriesInvalid = getQueriesInvalid;
+function getQueryUsesInvalid(configFile, queryUses) {
+    return getConfigFilePropertyError(configFile, QUERIES_PROPERTY + '.' + QUERIES_USES_PROPERTY, 'must be a built-in suite (' + builtinSuites.join(' or ') +
+        '), a relative path, or be of the form "owner/repo[/path]@ref"' +
+        (queryUses !== undefined ? '\n Found: ' + queryUses : ''));
+}
+exports.getQueryUsesInvalid = getQueryUsesInvalid;
+function getPathsIgnoreInvalid(configFile) {
+    return getConfigFilePropertyError(configFile, PATHS_IGNORE_PROPERTY, 'must be an array of non-empty strings');
+}
+exports.getPathsIgnoreInvalid = getPathsIgnoreInvalid;
+function getPathsInvalid(configFile) {
+    return getConfigFilePropertyError(configFile, PATHS_PROPERTY, 'must be an array of non-empty strings');
+}
+exports.getPathsInvalid = getPathsInvalid;
+function getLocalPathOutsideOfRepository(configFile, localPath) {
+    return getConfigFilePropertyError(configFile, QUERIES_PROPERTY + '.' + QUERIES_USES_PROPERTY, 'is invalid as the local path "' + localPath + '" is outside of the repository');
+}
+exports.getLocalPathOutsideOfRepository = getLocalPathOutsideOfRepository;
+function getLocalPathDoesNotExist(configFile, localPath) {
+    return getConfigFilePropertyError(configFile, QUERIES_PROPERTY + '.' + QUERIES_USES_PROPERTY, 'is invalid as the local path "' + localPath + '" does not exist in the repository');
+}
+exports.getLocalPathDoesNotExist = getLocalPathDoesNotExist;
+function getConfigFileOutsideWorkspaceErrorMessage(configFile) {
+    return 'The configuration file "' + configFile + '" is outside of the workspace';
+}
+exports.getConfigFileOutsideWorkspaceErrorMessage = getConfigFileOutsideWorkspaceErrorMessage;
+function getConfigFileDoesNotExistErrorMessage(configFile) {
+    return 'The configuration file "' + configFile + '" does not exist';
+}
+exports.getConfigFileDoesNotExistErrorMessage = getConfigFileDoesNotExistErrorMessage;
+function getConfigFilePropertyError(configFile, property, error) {
+    return 'The configuration file "' + configFile + '" is invalid: property "' + property + '" ' + error;
+}
 function initConfig() {
-    const configFile = core.getInput('config-file');
+    let configFile = core.getInput('config-file');
    const config = new Config();
    // If no config file was provided create an empty one
    if (configFile === '') {
        core.debug('No configuration file was provided');
        return config;
    }
-    try {
-        const parsedYAML = yaml.safeLoad(fs.readFileSync(configFile, 'utf8'));
-        if (parsedYAML.name && typeof parsedYAML.name === "string") {
-            config.name = parsedYAML.name;
-        }
-        if (parsedYAML['disable-default-queries'] && typeof parsedYAML['disable-default-queries'] === "boolean") {
-            config.disableDefaultQueries = parsedYAML['disable-default-queries'];
-        }
-        const queries = parsedYAML.queries;
-        if (queries && queries instanceof Array) {
-            queries.forEach(query => {
-                if (query.uses && typeof query.uses === "string") {
-                    config.addQuery(query.uses);
-                }
-            });
-        }
-        const pathsIgnore = parsedYAML['paths-ignore'];
-        if (pathsIgnore && pathsIgnore instanceof Array) {
-            pathsIgnore.forEach(path => {
-                if (typeof path === "string") {
-                    config.pathsIgnore.push(path);
-                }
-            });
-        }
-        const paths = parsedYAML.paths;
-        if (paths && paths instanceof Array) {
-            paths.forEach(path => {
-                if (typeof path === "string") {
-                    config.paths.push(path);
-                }
-            });
-        }
+    // Treat the config file as relative to the workspace
+    const workspacePath = util.getRequiredEnvParam('GITHUB_WORKSPACE');
+    configFile = path.resolve(workspacePath, configFile);
+    // Error if the config file is now outside of the workspace
+    if (!(configFile + path.sep).startsWith(workspacePath + path.sep)) {
+        throw new Error(getConfigFileOutsideWorkspaceErrorMessage(configFile));
    }
-    catch (err) {
-        core.setFailed(err);
+    // Error if the file does not exist
+    if (!fs.existsSync(configFile)) {
+        throw new Error(getConfigFileDoesNotExistErrorMessage(configFile));
+    }
+    const parsedYAML = yaml.safeLoad(fs.readFileSync(configFile, 'utf8'));
+    if (NAME_PROPERTY in parsedYAML) {
+        if (typeof parsedYAML[NAME_PROPERTY] !== "string") {
+            throw new Error(getNameInvalid(configFile));
+        }
+        if (parsedYAML[NAME_PROPERTY].length === 0) {
+            throw new Error(getNameInvalid(configFile));
+        }
+        config.name = parsedYAML[NAME_PROPERTY];
+    }
+    if (DISPLAY_DEFAULT_QUERIES_PROPERTY in parsedYAML) {
+        if (typeof parsedYAML[DISPLAY_DEFAULT_QUERIES_PROPERTY] !== "boolean") {
+            throw new Error(getDisableDefaultQueriesInvalid(configFile));
+        }
+        config.disableDefaultQueries = parsedYAML[DISPLAY_DEFAULT_QUERIES_PROPERTY];
+    }
+    if (QUERIES_PROPERTY in parsedYAML) {
+        if (!(parsedYAML[QUERIES_PROPERTY] instanceof Array)) {
+            throw new Error(getQueriesInvalid(configFile));
+        }
+        parsedYAML[QUERIES_PROPERTY].forEach(query => {
+            if (!(QUERIES_USES_PROPERTY in query) || typeof query[QUERIES_USES_PROPERTY] !== "string") {
+                throw new Error(getQueryUsesInvalid(configFile));
+            }
+            config.addQuery(configFile, query[QUERIES_USES_PROPERTY]);
+        });
+    }
+    if (PATHS_IGNORE_PROPERTY in parsedYAML) {
+        if (!(parsedYAML[PATHS_IGNORE_PROPERTY] instanceof Array)) {
+            throw new Error(getPathsIgnoreInvalid(configFile));
+        }
+        parsedYAML[PATHS_IGNORE_PROPERTY].forEach(path => {
+            if (typeof path !== "string" || path === '') {
+                throw new Error(getPathsIgnoreInvalid(configFile));
+            }
+            config.pathsIgnore.push(path);
+        });
+    }
+    if (PATHS_PROPERTY in parsedYAML) {
+        if (!(parsedYAML[PATHS_PROPERTY] instanceof Array)) {
+            throw new Error(getPathsInvalid(configFile));
+        }
+        parsedYAML[PATHS_PROPERTY].forEach(path => {
+            if (typeof path !== "string" || path === '') {
+                throw new Error(getPathsInvalid(configFile));
+            }
+            config.paths.push(path);
+        });
    }
    return config;
 }
+function getConfigFolder() {
+    return util.getRequiredEnvParam('RUNNER_TEMP');
+}
+function getConfigFile() {
+    return path.join(getConfigFolder(), 'config');
+}
+exports.getConfigFile = getConfigFile;
 async function saveConfig(config) {
    const configString = JSON.stringify(config);
-    await io.mkdirP(configFolder);
-    fs.writeFileSync(path.join(configFolder, 'config'), configString, 'utf8');
+    await io.mkdirP(getConfigFolder());
+    fs.writeFileSync(getConfigFile(), configString, 'utf8');
    core.debug('Saved config:');
    core.debug(configString);
 }
 async function loadConfig() {
-    const configFile = path.join(configFolder, 'config');
+    const configFile = getConfigFile();
    if (fs.existsSync(configFile)) {
        const configString = fs.readFileSync(configFile, 'utf8');
        core.debug('Loaded config:');
@@ -0,0 +1,164 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const ava_1 = __importDefault(require("ava"));
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const configUtils = __importStar(require("./config-utils"));
+const testing_utils_1 = require("./testing-utils");
+const util = __importStar(require("./util"));
+testing_utils_1.silenceDebugOutput(ava_1.default);
+function setInput(name, value) {
+    // Transformation copied from
+    // https://github.com/actions/toolkit/blob/05e39f551d33e1688f61b209ab5cdd335198f1b8/packages/core/src/core.ts#L69
+    const envVar = `INPUT_${name.replace(/ /g, '_').toUpperCase()}`;
+    if (value !== undefined) {
+        process.env[envVar] = value;
+    }
+    else {
+        delete process.env[envVar];
+    }
+}
+ava_1.default("load empty config", async (t) => {
+    return await util.withTmpDir(async (tmpDir) => {
+        process.env['RUNNER_TEMP'] = tmpDir;
+        process.env['GITHUB_WORKSPACE'] = tmpDir;
+        setInput('config-file', undefined);
+        const config = await configUtils.loadConfig();
+        t.deepEqual(config, new configUtils.Config());
+    });
+});
+ava_1.default("loading config saves config", async (t) => {
+    return await util.withTmpDir(async (tmpDir) => {
+        process.env['RUNNER_TEMP'] = tmpDir;
+        process.env['GITHUB_WORKSPACE'] = tmpDir;
+        const configFile = configUtils.getConfigFile();
+        // Sanity check the saved config file does not already exist
+        t.false(fs.existsSync(configFile));
+        const config = await configUtils.loadConfig();
+        // The saved config file should now exist
+        t.true(fs.existsSync(configFile));
+        // And the contents should parse correctly to the config that was returned
+        t.deepEqual(fs.readFileSync(configFile, 'utf8'), JSON.stringify(config));
+    });
+});
+ava_1.default("load input outside of workspace", async (t) => {
+    return await util.withTmpDir(async (tmpDir) => {
+        process.env['RUNNER_TEMP'] = tmpDir;
+        process.env['GITHUB_WORKSPACE'] = tmpDir;
+        setInput('config-file', '../input');
+        try {
+            await configUtils.loadConfig();
+            throw new Error('loadConfig did not throw error');
+        }
+        catch (err) {
+            t.deepEqual(err, new Error(configUtils.getConfigFileOutsideWorkspaceErrorMessage(path.join(tmpDir, '../input'))));
+        }
+    });
+});
+ava_1.default("load non-existent input", async (t) => {
+    return await util.withTmpDir(async (tmpDir) => {
+        process.env['RUNNER_TEMP'] = tmpDir;
+        process.env['GITHUB_WORKSPACE'] = tmpDir;
+        t.false(fs.existsSync(path.join(tmpDir, 'input')));
+        setInput('config-file', 'input');
+        try {
+            await configUtils.loadConfig();
+            throw new Error('loadConfig did not throw error');
+        }
+        catch (err) {
+            t.deepEqual(err, new Error(configUtils.getConfigFileDoesNotExistErrorMessage(path.join(tmpDir, 'input'))));
+        }
+    });
+});
+ava_1.default("load non-empty input", async (t) => {
+    return await util.withTmpDir(async (tmpDir) => {
+        process.env['RUNNER_TEMP'] = tmpDir;
+        process.env['GITHUB_WORKSPACE'] = tmpDir;
+        // Just create a generic config object with non-default values for all fields
+        const inputFileContents = `
+      name: my config
+      disable-default-queries: true
+      queries:
+        - uses: ./
+        - uses: ./foo
+        - uses: foo/bar@dev
+      paths-ignore:
+        - a
+        - b
+      paths:
+        - c/d`;
+        fs.mkdirSync(path.join(tmpDir, 'foo'));
+        // And the config we expect it to parse to
+        const expectedConfig = new configUtils.Config();
+        expectedConfig.name = 'my config';
+        expectedConfig.disableDefaultQueries = true;
+        expectedConfig.additionalQueries.push(fs.realpathSync(tmpDir));
+        expectedConfig.additionalQueries.push(fs.realpathSync(path.join(tmpDir, 'foo')));
+        expectedConfig.externalQueries = [new configUtils.ExternalQuery('foo/bar', 'dev')];
+        expectedConfig.pathsIgnore = ['a', 'b'];
+        expectedConfig.paths = ['c/d'];
+        fs.writeFileSync(path.join(tmpDir, 'input'), inputFileContents, 'utf8');
+        setInput('config-file', 'input');
+        const actualConfig = await configUtils.loadConfig();
+        // Should exactly equal the object we constructed earlier
+        t.deepEqual(actualConfig, expectedConfig);
+    });
+});
+function doInvalidInputTest(testName, inputFileContents, expectedErrorMessageGenerator) {
+    ava_1.default("load invalid input - " + testName, async (t) => {
+        return await util.withTmpDir(async (tmpDir) => {
+            process.env['RUNNER_TEMP'] = tmpDir;
+            process.env['GITHUB_WORKSPACE'] = tmpDir;
+            const inputFile = path.join(tmpDir, 'input');
+            fs.writeFileSync(inputFile, inputFileContents, 'utf8');
+            setInput('config-file', 'input');
+            try {
+                await configUtils.loadConfig();
+                throw new Error('loadConfig did not throw error');
+            }
+            catch (err) {
+                t.deepEqual(err, new Error(expectedErrorMessageGenerator(inputFile)));
+            }
+        });
+    });
+}
+doInvalidInputTest('name invalid type', `
+  name:
+    - foo: bar`, configUtils.getNameInvalid);
+doInvalidInputTest('disable-default-queries invalid type', `disable-default-queries: 42`, configUtils.getDisableDefaultQueriesInvalid);
+doInvalidInputTest('queries invalid type', `queries: foo`, configUtils.getQueriesInvalid);
+doInvalidInputTest('paths-ignore invalid type', `paths-ignore: bar`, configUtils.getPathsIgnoreInvalid);
+doInvalidInputTest('paths invalid type', `paths: 17`, configUtils.getPathsInvalid);
+doInvalidInputTest('queries uses invalid type', `
+  queries:
+  - uses:
+      - hello: world`, configUtils.getQueryUsesInvalid);
+function doInvalidQueryUsesTest(input, expectedErrorMessageGenerator) {
+    // Invalid contents of a "queries.uses" field.
+    // Should fail with the expected error message
+    const inputFileContents = `
+    name: my config
+    queries:
+      - name: foo
+        uses: ` + input;
+    doInvalidInputTest("queries uses \"" + input + "\"", inputFileContents, expectedErrorMessageGenerator);
+}
+// Various "uses" fields, and the errors they should produce
+doInvalidQueryUsesTest("''", c => configUtils.getQueryUsesInvalid(c, undefined));
+doInvalidQueryUsesTest("foo/bar", c => configUtils.getQueryUsesInvalid(c, "foo/bar"));
+doInvalidQueryUsesTest("foo/bar@v1@v2", c => configUtils.getQueryUsesInvalid(c, "foo/bar@v1@v2"));
+doInvalidQueryUsesTest("foo@master", c => configUtils.getQueryUsesInvalid(c, "foo@master"));
+doInvalidQueryUsesTest("https://github.com/foo/bar@master", c => configUtils.getQueryUsesInvalid(c, "https://github.com/foo/bar@master"));
+doInvalidQueryUsesTest("./foo", c => configUtils.getLocalPathDoesNotExist(c, "foo"));
+doInvalidQueryUsesTest("./..", c => configUtils.getLocalPathOutsideOfRepository(c, ".."));
+//# sourceMappingURL=config-utils.test.js.map
@@ -13,7 +13,7 @@ const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const util = __importStar(require("./util"));
 async function checkoutExternalQueries(config) {
-    const folder = util.getRequiredEnvParam('RUNNER_WORKSPACE');
+    const folder = util.getRequiredEnvParam('RUNNER_TEMP');
    for (const externalQuery of config.externalQueries) {
        core.info('Checking out ' + externalQuery.repository);
        const checkoutLocation = path.join(folder, externalQuery.repository);
@@ -1 +1 @@
-{"version":3,"file":"external-queries.js","sourceRoot":"","sources":["../src/external-queries.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AACtC,oDAAsC;AACtC,uCAAyB;AACzB,2CAA6B;AAG7B,6CAA+B;AAExB,KAAK,UAAU,uBAAuB,CAAC,MAA0B;IACtE,MAAM,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,kBAAkB,CAAC,CAAC;IAE5D,KAAK,MAAM,aAAa,IAAI,MAAM,CAAC,eAAe,EAAE;QAClD,IAAI,CAAC,IAAI,CAAC,eAAe,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;QAEtD,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC;QACrE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE;YACpC,MAAM,OAAO,GAAG,qBAAqB,GAAG,aAAa,CAAC,UAAU,GAAG,MAAM,CAAC;YAC1E,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC;YAC7D,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBACrB,cAAc,GAAG,gBAAgB;gBACjC,YAAY,GAAG,gBAAgB,GAAG,OAAO;gBACzC,UAAU,EAAE,aAAa,CAAC,GAAG;aAC9B,CAAC,CAAC;SACJ;QAED,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;KAChF;AACH,CAAC;AAnBD,0DAmBC"}
+{"version":3,"file":"external-queries.js","sourceRoot":"","sources":["../src/external-queries.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AACtC,oDAAsC;AACtC,uCAAyB;AACzB,2CAA6B;AAG7B,6CAA+B;AAExB,KAAK,UAAU,uBAAuB,CAAC,MAA0B;IACtE,MAAM,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,aAAa,CAAC,CAAC;IAEvD,KAAK,MAAM,aAAa,IAAI,MAAM,CAAC,eAAe,EAAE;QAClD,IAAI,CAAC,IAAI,CAAC,eAAe,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;QAEtD,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC;QACrE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE;YACpC,MAAM,OAAO,GAAG,qBAAqB,GAAG,aAAa,CAAC,UAAU,GAAG,MAAM,CAAC;YAC1E,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC;YAC7D,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBACrB,cAAc,GAAG,gBAAgB;gBACjC,YAAY,GAAG,gBAAgB,GAAG,OAAO;gBACzC,UAAU,EAAE,aAAa,CAAC,GAAG;aAC9B,CAAC,CAAC;SACJ;QAED,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;KAChF;AACH,CAAC;AAnBD,0DAmBC"}
@@ -15,14 +15,16 @@ const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const configUtils = __importStar(require("./config-utils"));
 const externalQueries = __importStar(require("./external-queries"));
+const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
+testing_utils_1.silenceDebugOutput(ava_1.default);
 ava_1.default("checkoutExternalQueries", async (t) => {
    let config = new configUtils.Config();
    config.externalQueries = [
        new configUtils.ExternalQuery("github/codeql-go", "df4c6869212341b601005567381944ed90906b6b"),
    ];
    await util.withTmpDir(async (tmpDir) => {
-        process.env["RUNNER_WORKSPACE"] = tmpDir;
+        process.env["RUNNER_TEMP"] = tmpDir;
        await externalQueries.checkoutExternalQueries(config);
        // COPYRIGHT file existed in df4c6869212341b601005567381944ed90906b6b but not in master
        t.true(fs.existsSync(path.join(tmpDir, "github", "codeql-go", "COPYRIGHT")));
@@ -1 +1 @@
-{"version":3,"file":"external-queries.test.js","sourceRoot":"","sources":["../src/external-queries.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAAuB;AACvB,uCAAyB;AACzB,2CAA6B;AAE7B,4DAA8C;AAC9C,oEAAsD;AACtD,6CAA+B;AAE/B,aAAI,CAAC,yBAAyB,EAAE,KAAK,EAAC,CAAC,EAAC,EAAE;IACtC,IAAI,MAAM,GAAG,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;IACtC,MAAM,CAAC,eAAe,GAAG;QACrB,IAAI,WAAW,CAAC,aAAa,CAAC,kBAAkB,EAAE,0CAA0C,CAAC;KAChG,CAAC;IAEF,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAC,MAAM,EAAC,EAAE;QACjC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,GAAG,MAAM,CAAC;QACzC,MAAM,eAAe,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAC;QAEtD,uFAAuF;QACvF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC,CAAC,CAAC;AACP,CAAC,CAAC,CAAC"}
+{"version":3,"file":"external-queries.test.js","sourceRoot":"","sources":["../src/external-queries.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAAuB;AACvB,uCAAyB;AACzB,2CAA6B;AAE7B,4DAA8C;AAC9C,oEAAsD;AACtD,mDAAmD;AACnD,6CAA+B;AAE/B,kCAAkB,CAAC,aAAI,CAAC,CAAC;AAEzB,aAAI,CAAC,yBAAyB,EAAE,KAAK,EAAC,CAAC,EAAC,EAAE;IACxC,IAAI,MAAM,GAAG,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;IACtC,MAAM,CAAC,eAAe,GAAG;QACvB,IAAI,WAAW,CAAC,aAAa,CAAC,kBAAkB,EAAE,0CAA0C,CAAC;KAC9F,CAAC;IAEF,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAC,MAAM,EAAC,EAAE;QACnC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC;QACpC,MAAM,eAAe,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAC;QAEtD,uFAAuF;QACvF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;IAC/E,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
@@ -17,6 +17,25 @@ const externalQueries = __importStar(require("./external-queries"));
 const sharedEnv = __importStar(require("./shared-environment"));
 const upload_lib = __importStar(require("./upload-lib"));
 const util = __importStar(require("./util"));
+/**
+ * A list of queries from https://github.com/github/codeql that
+ * we don't want to run. Disabling them here is a quicker alternative to
+ * disabling them in the code scanning query suites. Queries should also
+ * be disabled in the suites, and removed from this list here once the
+ * bundle is updated to make those suite changes live.
+ *
+ * Format is a map from language to an array of path suffixes of .ql files.
+ */
+const DISABLED_BUILTIN_QUERIES = {
+    'csharp': [
+        'ql/src/Security Features/CWE-937/VulnerablePackage.ql',
+        'ql/src/Security Features/CWE-451/MissingXFrameOptions.ql',
+    ]
+};
+function queryIsDisabled(language, query) {
+    return (DISABLED_BUILTIN_QUERIES[language] || [])
+        .some(disabledQuery => query.endsWith(disabledQuery));
+}
 async function createdDBForScannedLanguages(codeqlCmd, databaseFolder) {
    const scannedLanguages = process.env[sharedEnv.CODEQL_ACTION_SCANNED_LANGUAGES];
    if (scannedLanguages) {
@@ -49,26 +68,50 @@ async function finalizeDatabaseCreation(codeqlCmd, databaseFolder) {
        core.endGroup();
    }
 }
+async function runResolveQueries(codeqlCmd, queries) {
+    let output = '';
+    const options = {
+        listeners: {
+            stdout: (data) => {
+                output += data.toString();
+            }
+        }
+    };
+    await exec.exec(codeqlCmd, [
+        'resolve',
+        'queries',
+        ...queries,
+        '--format=bylanguage'
+    ], options);
+    return JSON.parse(output);
+}
 async function resolveQueryLanguages(codeqlCmd, config) {
    let res = new Map();
-    if (config.additionalQueries.length !== 0) {
-        let resolveQueriesOutput = '';
-        const options = {
-            listeners: {
-                stdout: (data) => {
-                    resolveQueriesOutput += data.toString();
-                }
+    if (!config.disableDefaultQueries || config.additionalSuites.length !== 0) {
+        const suites = [];
+        for (const language of await util.getLanguages()) {
+            if (!config.disableDefaultQueries) {
+                suites.push(language + '-code-scanning.qls');
            }
-        };
-        await exec.exec(codeqlCmd, [
-            'resolve',
-            'queries',
-            ...config.additionalQueries,
-            '--format=bylanguage'
-        ], options);
-        const resolveQueriesOutputObject = JSON.parse(resolveQueriesOutput);
+            for (const additionalSuite of config.additionalSuites) {
+                suites.push(language + '-' + additionalSuite + '.qls');
+            }
+        }
+        const resolveQueriesOutputObject = await runResolveQueries(codeqlCmd, suites);
        for (const [language, queries] of Object.entries(resolveQueriesOutputObject.byLanguage)) {
-            res[language] = Object.keys(queries);
+            if (res[language] === undefined) {
+                res[language] = [];
+            }
+            res[language].push(...Object.keys(queries).filter(q => !queryIsDisabled(language, q)));
+        }
+    }
+    if (config.additionalQueries.length !== 0) {
+        const resolveQueriesOutputObject = await runResolveQueries(codeqlCmd, config.additionalQueries);
+        for (const [language, queries] of Object.entries(resolveQueriesOutputObject.byLanguage)) {
+            if (res[language] === undefined) {
+                res[language] = [];
+            }
+            res[language].push(...Object.keys(queries));
        }
        const noDeclaredLanguage = resolveQueriesOutputObject.noDeclaredLanguage;
        const noDeclaredLanguageQueries = Object.keys(noDeclaredLanguage);
@@ -88,20 +131,27 @@ async function runQueries(codeqlCmd, databaseFolder, sarifFolder, config) {
    const queriesPerLanguage = await resolveQueryLanguages(codeqlCmd, config);
    for (let database of fs.readdirSync(databaseFolder)) {
        core.startGroup('Analyzing ' + database);
-        const queries = [];
-        if (!config.disableDefaultQueries) {
-            queries.push(database + '-code-scanning.qls');
+        const queries = queriesPerLanguage[database] || [];
+        if (queries.length === 0) {
+            throw new Error('Unable to analyse ' + database + ' as no queries were selected for this language');
        }
-        queries.push(...(queriesPerLanguage[database] || []));
+        // Pass the queries to codeql using a file instead of using the command
+        // line to avoid command line length restrictions, particularly on windows.
+        const querySuite = path.join(databaseFolder, database + '-queries.qls');
+        const querySuiteContents = queries.map(q => '- query: ' + q).join('\n');
+        fs.writeFileSync(querySuite, querySuiteContents);
+        core.debug('Query suite file for ' + database + '...\n' + querySuiteContents);
        const sarifFile = path.join(sarifFolder, database + '.sarif');
        await exec.exec(codeqlCmd, [
            'database',
            'analyze',
+            util.getMemoryFlag(),
+            util.getThreadsFlag(),
            path.join(databaseFolder, database),
            '--format=sarif-latest',
            '--output=' + sarifFile,
            '--no-sarif-add-snippets',
-            ...queries
+            querySuite
        ]);
        core.debug('SARIF results for database ' + database + ' created at "' + sarifFile + '"');
        core.endGroup();
@@ -126,7 +176,7 @@ async function run() {
        await runQueries(codeqlCmd, databaseFolder, sarifFolder, config);
        if ('true' === core.getInput('upload')) {
            if (!await upload_lib.upload(sarifFolder)) {
-                await util.reportActionFailed('failed', 'upload');
+                await util.reportActionFailed('finish', 'upload');
                return;
            }
        }
@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=finalize-db.test.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"finalize-db.test.js","sourceRoot":"","sources":["../src/finalize-db.test.ts"],"names":[],"mappings":""}
@@ -14,6 +14,8 @@ const ava_1 = __importDefault(require("ava"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const fingerprints = __importStar(require("./fingerprints"));
+const testing_utils_1 = require("./testing-utils");
+testing_utils_1.silenceDebugOutput(ava_1.default);
 function testHash(t, input, expectedHashes) {
    let index = 0;
    let callback = function (lineNumber, hash) {
@@ -10,6 +10,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const core = __importStar(require("@actions/core"));
 const toolcache = __importStar(require("@actions/tool-cache"));
 const path = __importStar(require("path"));
+const semver = __importStar(require("semver"));
 class CodeQLSetup {
    constructor(codeqlDist) {
        this.dist = codeqlDist;
@@ -19,7 +20,7 @@ class CodeQLSetup {
        if (process.platform === 'win32') {
            this.platform = 'win64';
            if (this.cmd.endsWith('codeql')) {
-                this.cmd += ".cmd";
+                this.cmd += ".exe";
            }
        }
        else if (process.platform === 'linux') {
@@ -35,17 +36,17 @@ class CodeQLSetup {
 }
 exports.CodeQLSetup = CodeQLSetup;
 async function setupCodeQL() {
-    const version = '1.0.0';
-    const codeqlURL = core.getInput('tools', { required: true });
    try {
-        let codeqlFolder = toolcache.find('CodeQL', version);
+        const codeqlURL = core.getInput('tools', { required: true });
+        const codeqlURLVersion = getCodeQLURLVersion(codeqlURL);
+        let codeqlFolder = toolcache.find('CodeQL', codeqlURLVersion);
        if (codeqlFolder) {
            core.debug(`CodeQL found in cache ${codeqlFolder}`);
        }
        else {
            const codeqlPath = await toolcache.downloadTool(codeqlURL);
            const codeqlExtracted = await toolcache.extractTar(codeqlPath);
-            codeqlFolder = await toolcache.cacheDir(codeqlExtracted, 'CodeQL', version);
+            codeqlFolder = await toolcache.cacheDir(codeqlExtracted, 'CodeQL', codeqlURLVersion);
        }
        return new CodeQLSetup(path.join(codeqlFolder, 'codeql'));
    }
@@ -55,4 +56,21 @@ async function setupCodeQL() {
    }
 }
 exports.setupCodeQL = setupCodeQL;
+function getCodeQLURLVersion(url) {
+    const match = url.match(/\/codeql-bundle-(.*)\//);
+    if (match === null || match.length < 2) {
+        throw new Error(`Malformed tools url: ${url}. Version could not be inferred`);
+    }
+    let version = match[1];
+    if (!semver.valid(version)) {
+        core.debug(`Bundle version ${version} is not in SemVer format. Will treat it as pre-release 0.0.0-${version}.`);
+        version = '0.0.0-' + version;
+    }
+    const s = semver.clean(version);
+    if (!s) {
+        throw new Error(`Malformed tools url ${url}. Version should be in SemVer format but have ${version} instead`);
+    }
+    return s;
+}
+exports.getCodeQLURLVersion = getCodeQLURLVersion;
 //# sourceMappingURL=setup-tools.js.map
@@ -1 +1 @@
-{"version":3,"file":"setup-tools.js","sourceRoot":"","sources":["../src/setup-tools.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AACtC,+DAAiD;AACjD,2CAA6B;AAE7B,MAAa,WAAW;IAMpB,YAAY,UAAkB;QAC1B,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;QACvB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC3C,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAC3C,4BAA4B;QAC5B,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAC9B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;YACxB,IAAI,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;gBAC7B,IAAI,CAAC,GAAG,IAAI,MAAM,CAAC;aACtB;SACJ;aAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YACrC,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC;SAC7B;aAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE;YACtC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;SAC3B;aAAM;YACH,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;SAC/D;IACL,CAAC;CACJ;AAxBD,kCAwBC;AAEM,KAAK,UAAU,WAAW;IAC7B,MAAM,OAAO,GAAG,OAAO,CAAC;IACxB,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;IAE7D,IAAI;QACA,IAAI,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACrD,IAAI,YAAY,EAAE;YACd,IAAI,CAAC,KAAK,CAAC,yBAAyB,YAAY,EAAE,CAAC,CAAC;SACvD;aAAM;YACH,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;YAC3D,MAAM,eAAe,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;YAC/D,YAAY,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;SAC/E;QACD,OAAO,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAC;KAE7D;IAAC,OAAO,CAAC,EAAE;QACR,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;KAChE;AACL,CAAC;AAnBD,kCAmBC"}
+{"version":3,"file":"setup-tools.js","sourceRoot":"","sources":["../src/setup-tools.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AACtC,+DAAiD;AACjD,2CAA6B;AAC7B,+CAAiC;AAEjC,MAAa,WAAW;IAMtB,YAAY,UAAkB;QAC5B,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;QACvB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC3C,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAC3C,4BAA4B;QAC5B,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;YACxB,IAAI,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;gBAC/B,IAAI,CAAC,GAAG,IAAI,MAAM,CAAC;aACpB;SACF;aAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YACvC,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC;SAC3B;aAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE;YACxC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;SACzB;aAAM;YACL,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;SAC7D;IACH,CAAC;CACF;AAxBD,kCAwBC;AAEM,KAAK,UAAU,WAAW;IAC/B,IAAI;QACF,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;QAC7D,MAAM,gBAAgB,GAAG,mBAAmB,CAAC,SAAS,CAAC,CAAC;QAExD,IAAI,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC;QAC9D,IAAI,YAAY,EAAE;YAChB,IAAI,CAAC,KAAK,CAAC,yBAAyB,YAAY,EAAE,CAAC,CAAC;SACrD;aAAM;YACL,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;YAC3D,MAAM,eAAe,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;YAC/D,YAAY,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC;SACtF;QACD,OAAO,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,CAAC;KAE3D;IAAC,OAAO,CAAC,EAAE;QACV,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;KAC9D;AACH,CAAC;AAnBD,kCAmBC;AAED,SAAgB,mBAAmB,CAAC,GAAW;IAE7C,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAClD,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;QACtC,MAAM,IAAI,KAAK,CAAC,wBAAwB,GAAG,iCAAiC,CAAC,CAAC;KAC/E;IAED,IAAI,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IAEvB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE;QAC1B,IAAI,CAAC,KAAK,CAAC,kBAAkB,OAAO,gEAAgE,OAAO,GAAG,CAAC,CAAC;QAChH,OAAO,GAAG,QAAQ,GAAG,OAAO,CAAC;KAC9B;IAED,MAAM,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAChC,IAAI,CAAC,CAAC,EAAE;QACN,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,iDAAiD,OAAO,UAAU,CAAC,CAAC;KAC/G;IAED,OAAO,CAAC,CAAC;AACX,CAAC;AApBD,kDAoBC"}
@@ -0,0 +1,60 @@
+"use strict";
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const toolcache = __importStar(require("@actions/tool-cache"));
+const ava_1 = __importDefault(require("ava"));
+const nock_1 = __importDefault(require("nock"));
+const path = __importStar(require("path"));
+const setupTools = __importStar(require("./setup-tools"));
+const testing_utils_1 = require("./testing-utils");
+const util = __importStar(require("./util"));
+testing_utils_1.silenceDebugOutput(ava_1.default);
+ava_1.default('download codeql bundle cache', async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        process.env['GITHUB_WORKSPACE'] = tmpDir;
+        process.env['RUNNER_TEMP'] = path.join(tmpDir, 'temp');
+        process.env['RUNNER_TOOL_CACHE'] = path.join(tmpDir, 'cache');
+        const versions = ['20200601', '20200610'];
+        for (let i = 0; i < versions.length; i++) {
+            const version = versions[i];
+            nock_1.default('https://example.com')
+                .get(`/download/codeql-bundle-${version}/codeql-bundle.tar.gz`)
+                .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
+            process.env['INPUT_TOOLS'] = `https://example.com/download/codeql-bundle-${version}/codeql-bundle.tar.gz`;
+            await setupTools.setupCodeQL();
+            t.assert(toolcache.find('CodeQL', `0.0.0-${version}`));
+        }
+        const cachedVersions = toolcache.findAllVersions('CodeQL');
+        t.is(cachedVersions.length, 2);
+    });
+});
+ava_1.default('parse codeql bundle url version', t => {
+    const tests = {
+        '20200601': '0.0.0-20200601',
+        '20200601.0': '0.0.0-20200601.0',
+        '20200601.0.0': '20200601.0.0',
+        '1.2.3': '1.2.3',
+        '1.2.3-alpha': '1.2.3-alpha',
+        '1.2.3-beta.1': '1.2.3-beta.1',
+    };
+    for (const [version, expectedVersion] of Object.entries(tests)) {
+        const url = `https://github.com/.../codeql-bundle-${version}/...`;
+        try {
+            const parsedVersion = setupTools.getCodeQLURLVersion(url);
+            t.deepEqual(parsedVersion, expectedVersion);
+        }
+        catch (e) {
+            t.fail(e.message);
+        }
+    }
+});
+//# sourceMappingURL=setup-tools.test.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"setup-tools.test.js","sourceRoot":"","sources":["../src/setup-tools.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,+DAAiD;AACjD,8CAAuB;AACvB,gDAAwB;AACxB,2CAA6B;AAE7B,0DAA4C;AAC5C,mDAAmD;AACnD,6CAA+B;AAE/B,kCAAkB,CAAC,aAAI,CAAC,CAAC;AAEzB,aAAI,CAAC,8BAA8B,EAAE,KAAK,EAAC,CAAC,EAAC,EAAE;IAE7C,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAC,MAAM,EAAC,EAAE;QAEnC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,GAAG,MAAM,CAAC;QAEzC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAE9D,MAAM,QAAQ,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAE1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACxC,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;YAE5B,cAAI,CAAC,qBAAqB,CAAC;iBACxB,GAAG,CAAC,2BAA2B,OAAO,uBAAuB,CAAC;iBAC9D,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,uCAAuC,CAAC,CAAC,CAAC;YAGrF,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,8CAA8C,OAAO,uBAAuB,CAAC;YAE1G,MAAM,UAAU,CAAC,WAAW,EAAE,CAAC;YAE/B,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,OAAO,EAAE,CAAC,CAAC,CAAC;SACxD;QAED,MAAM,cAAc,GAAG,SAAS,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QAE3D,CAAC,CAAC,EAAE,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,iCAAiC,EAAE,CAAC,CAAC,EAAE;IAE1C,MAAM,KAAK,GAAG;QACZ,UAAU,EAAE,gBAAgB;QAC5B,YAAY,EAAE,kBAAkB;QAChC,cAAc,EAAE,cAAc;QAC9B,OAAO,EAAE,OAAO;QAChB,aAAa,EAAE,aAAa;QAC5B,cAAc,EAAE,cAAc;KAC/B,CAAC;IAEF,KAAK,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QAC9D,MAAM,GAAG,GAAG,wCAAwC,OAAO,MAAM,CAAC;QAElE,IAAI;YACF,MAAM,aAAa,GAAG,UAAU,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC;YAC1D,CAAC,CAAC,SAAS,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;SAC7C;QAAC,OAAO,CAAC,EAAE;YACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;SACnB;KACF;AACH,CAAC,CAAC,CAAC"}
@@ -100,12 +100,13 @@ function concatTracerConfigs(configs) {
        totalCount += count;
        totalLines.push(...lines.slice(2));
    }
-    const newLogFilePath = path.resolve(util.workspaceFolder(), 'compound-build-tracer.log');
-    const spec = path.resolve(util.workspaceFolder(), 'compound-spec');
-    const tempFolder = path.resolve(util.workspaceFolder(), 'compound-temp');
+    const tempFolder = util.getRequiredEnvParam('RUNNER_TEMP');
+    const newLogFilePath = path.resolve(tempFolder, 'compound-build-tracer.log');
+    const spec = path.resolve(tempFolder, 'compound-spec');
+    const compoundTempFolder = path.resolve(tempFolder, 'compound-temp');
    const newSpecContent = [newLogFilePath, totalCount.toString(10), ...totalLines];
    if (copyExecutables) {
-        env['SEMMLE_COPY_EXECUTABLES_ROOT'] = tempFolder;
+        env['SEMMLE_COPY_EXECUTABLES_ROOT'] = compoundTempFolder;
        envSize += 1;
    }
    fs.writeFileSync(spec, newSpecContent.join('\n'));
@@ -126,22 +127,28 @@ function concatTracerConfigs(configs) {
    return { env, spec };
 }
 async function run() {
+    let languages;
    try {
        if (util.should_abort('init', false) || !await util.reportActionStarting('init')) {
            return;
        }
-        // The config file MUST be parsed in the init action
-        const config = await configUtils.loadConfig();
        core.startGroup('Load language configuration');
-        const languages = await util.getLanguages();
+        const config = await configUtils.loadConfig();
+        languages = await util.getLanguages();
        // If the languages parameter was not given and no languages were
        // detected then fail here as this is a workflow configuration error.
        if (languages.length === 0) {
-            core.setFailed("Did not detect any languages to analyze. Please update input in workflow.");
-            return;
+            throw new Error("Did not detect any languages to analyze. Please update input in workflow.");
        }
-        core.endGroup();
        analysisPaths.includeAndExcludeAnalysisPaths(config, languages);
+        core.endGroup();
+    }
+    catch (e) {
+        core.setFailed(e.message);
+        await util.reportActionAborted('init', e.message);
+        return;
+    }
+    try {
        const sourceRoot = path.resolve();
        core.startGroup('Setup CodeQL tools');
        const codeqlSetup = await setuptools.setupCodeQL();
@@ -156,7 +163,7 @@ async function run() {
        // Setup CODEQL_RAM flag (todo improve this https://github.com/github/dsp-code-scanning/issues/935)
        const codeqlRam = process.env['CODEQL_RAM'] || '6500';
        core.exportVariable('CODEQL_RAM', codeqlRam);
-        const databaseFolder = path.resolve(util.workspaceFolder(), 'codeql_databases');
+        const databaseFolder = path.resolve(util.getRequiredEnvParam('RUNNER_TEMP'), 'codeql_databases');
        await io.mkdirP(databaseFolder);
        let tracedLanguages = {};
        let scannedLanguages = [];
@@ -164,7 +171,13 @@ async function run() {
        for (let language of languages) {
            const languageDatabase = path.join(databaseFolder, language);
            // Init language database
-            await exec.exec(codeqlSetup.cmd, ['database', 'init', languageDatabase, '--language=' + language, '--source-root=' + sourceRoot]);
+            await exec.exec(codeqlSetup.cmd, [
+                'database',
+                'init',
+                languageDatabase,
+                '--language=' + language,
+                '--source-root=' + sourceRoot,
+            ]);
            // TODO: add better detection of 'traced languages' instead of using a hard coded list
            if (['cpp', 'java', 'csharp'].includes(language)) {
                const config = await tracerConfig(codeqlSetup, languageDatabase);
@@ -186,8 +199,10 @@ async function run() {
                    core.exportVariable('DYLD_INSERT_LIBRARIES', path.join(codeqlSetup.tools, 'osx64', 'libtrace.dylib'));
                }
                else if (process.platform === 'win32') {
-                    await exec.exec('powershell', [path.resolve(__dirname, '..', 'src', 'inject-tracer.ps1'),
-                        path.resolve(codeqlSetup.tools, 'win64', 'tracer.exe')], { env: { 'ODASA_TRACER_CONFIGURATION': mainTracerConfig.spec } });
+                    await exec.exec('powershell', [
+                        path.resolve(__dirname, '..', 'src', 'inject-tracer.ps1'),
+                        path.resolve(codeqlSetup.tools, 'win64', 'tracer.exe'),
+                    ], { env: { 'ODASA_TRACER_CONFIGURATION': mainTracerConfig.spec } });
                }
                else {
                    core.exportVariable('LD_PRELOAD', path.join(codeqlSetup.tools, 'linux64', '${LIB}trace.so'));
@@ -205,8 +220,8 @@ async function run() {
        await util.reportActionFailed('init', error.message, error.stack);
        return;
    }
-    core.exportVariable(sharedEnv.CODEQL_ACTION_INIT_COMPLETED, 'true');
    await util.reportActionSucceeded('init');
+    core.exportVariable(sharedEnv.CODEQL_ACTION_INIT_COMPLETED, 'true');
 }
 run().catch(e => {
    core.setFailed("init action failed: " + e);
@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+function silenceDebugOutput(test) {
+    const typedTest = test;
+    typedTest.beforeEach(t => {
+        const processStdoutWrite = process.stdout.write.bind(process.stdout);
+        t.context.write = processStdoutWrite;
+        process.stdout.write = (str, encoding, cb) => {
+            // Core library will directly call process.stdout.write for commands
+            // We don't want :: commands to be executed by the runner during tests
+            if (!str.match(/^::/)) {
+                processStdoutWrite(str, encoding, cb);
+            }
+            return true;
+        };
+    });
+    typedTest.afterEach(t => {
+        process.stdout.write = t.context.write;
+    });
+}
+exports.silenceDebugOutput = silenceDebugOutput;
+//# sourceMappingURL=test-utils.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"test-utils.js","sourceRoot":"","sources":["../src/test-utils.ts"],"names":[],"mappings":";;AAEA,SAAgB,kBAAkB,CAAC,IAAwB;IACzD,MAAM,SAAS,GAAG,IAAmC,CAAC;IAEtD,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;QACrB,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,KAAK,GAAG,kBAAkB,CAAC;QACrC,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,GAAQ,EAAE,QAAc,EAAE,EAA0B,EAAE,EAAE;YAC5E,oEAAoE;YACpE,sEAAsE;YACtE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE;gBACnB,kBAAkB,CAAC,GAAG,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC;aACzC;YACD,OAAO,IAAI,CAAC;QAChB,CAAC,CAAC;IACN,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE;QACpB,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC;AAnBD,gDAmBC"}
@@ -0,0 +1,48 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+function wrapOutput(context) {
+    // Function signature taken from Socket.write.
+    // Note there are two overloads:
+    // write(buffer: Uint8Array | string, cb?: (err?: Error) => void): boolean;
+    // write(str: Uint8Array | string, encoding?: string, cb?: (err?: Error) => void): boolean;
+    return (chunk, encoding, cb) => {
+        // Work out which method overload we are in
+        if (cb === undefined && typeof encoding === 'function') {
+            cb = encoding;
+            encoding = undefined;
+        }
+        // Record the output
+        if (typeof chunk === 'string') {
+            context.testOutput += chunk;
+        }
+        else {
+            context.testOutput += new TextDecoder(encoding || 'utf-8').decode(chunk);
+        }
+        // Satisfy contract by calling callback when done
+        if (cb !== undefined && typeof cb === 'function') {
+            cb();
+        }
+        return true;
+    };
+}
+function silenceDebugOutput(test) {
+    const typedTest = test;
+    typedTest.beforeEach(t => {
+        t.context.testOutput = "";
+        const processStdoutWrite = process.stdout.write.bind(process.stdout);
+        t.context.stdoutWrite = processStdoutWrite;
+        process.stdout.write = wrapOutput(t.context);
+        const processStderrWrite = process.stderr.write.bind(process.stderr);
+        t.context.stderrWrite = processStderrWrite;
+        process.stderr.write = wrapOutput(t.context);
+    });
+    typedTest.afterEach.always(t => {
+        process.stdout.write = t.context.stdoutWrite;
+        process.stderr.write = t.context.stderrWrite;
+        if (!t.passed) {
+            process.stdout.write(t.context.testOutput);
+        }
+    });
+}
+exports.silenceDebugOutput = silenceDebugOutput;
+//# sourceMappingURL=testing-utils.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"testing-utils.js","sourceRoot":"","sources":["../src/testing-utils.ts"],"names":[],"mappings":";;AAIA,SAAS,UAAU,CAAC,OAAoB;IACtC,8CAA8C;IAC9C,gCAAgC;IAChC,2EAA2E;IAC3E,2FAA2F;IAC3F,OAAO,CAAC,KAA0B,EAAE,QAAiB,EAAE,EAA0B,EAAW,EAAE;QAC5F,2CAA2C;QAC3C,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE;YACtD,EAAE,GAAG,QAAQ,CAAC;YACd,QAAQ,GAAG,SAAS,CAAC;SACtB;QAED,oBAAoB;QACpB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;YAC7B,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;SAC7B;aAAM;YACL,OAAO,CAAC,UAAU,IAAI,IAAI,WAAW,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;SAC1E;QAED,iDAAiD;QACjD,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,EAAE,KAAK,UAAU,EAAE;YAChD,EAAE,EAAE,CAAC;SACN;QAED,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;AACJ,CAAC;AAED,SAAgB,kBAAkB,CAAC,IAAwB;IACzD,MAAM,SAAS,GAAG,IAAkC,CAAC;IAErD,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;QACvB,CAAC,CAAC,OAAO,CAAC,UAAU,GAAG,EAAE,CAAC;QAE1B,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;QAEpD,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;QAC7B,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAE7C,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;SAC5C;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAvBD,gDAuBC"}
@@ -1 +1 @@
-{"version":3,"file":"tracer-env.js","sourceRoot":"","sources":["../src/tracer-env.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AAEzB,MAAM,GAAG,GAAG,EAAE,CAAC;AACf,KAAK,IAAI,KAAK,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;IAC3C,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACrB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,OAAO,KAAK,KAAK,WAAW,IAAI,GAAG,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE;QACpF,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;KACpB;CACJ;AACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AACtC,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,OAAO,CAAC,CAAC"}
+{"version":3,"file":"tracer-env.js","sourceRoot":"","sources":["../src/tracer-env.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AAEzB,MAAM,GAAG,GAAG,EAAE,CAAC;AACf,KAAK,IAAI,KAAK,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;IAC7C,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACrB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACvB,IAAI,OAAO,KAAK,KAAK,WAAW,IAAI,GAAG,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE;QACtF,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;KAClB;CACF;AACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AACtC,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,OAAO,CAAC,CAAC"}
@@ -11,28 +11,15 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const core = __importStar(require("@actions/core"));
-const http = __importStar(require("@actions/http-client"));
-const auth = __importStar(require("@actions/http-client/auth"));
-const io = __importStar(require("@actions/io"));
 const file_url_1 = __importDefault(require("file-url"));
 const fs = __importStar(require("fs"));
+const jsonschema = __importStar(require("jsonschema"));
 const path = __importStar(require("path"));
 const zlib_1 = __importDefault(require("zlib"));
+const api = __importStar(require("./api-client"));
 const fingerprints = __importStar(require("./fingerprints"));
 const sharedEnv = __importStar(require("./shared-environment"));
 const util = __importStar(require("./util"));
-// Construct the location of the sentinel file for detecting multiple uploads.
-// The returned location should be writable.
-async function getSentinelFilePath() {
-    // Use the temp dir instead of placing next to the sarif file because of
-    // issues with docker actions. The directory containing the sarif file
-    // may not be writable by us.
-    const uploadsTmpDir = path.join(process.env['RUNNER_TEMP'] || '/tmp/codeql-action', 'uploads');
-    await io.mkdirP(uploadsTmpDir);
-    // Hash the absolute path so we'll behave correctly in the unlikely
-    // scenario a file is referenced twice with different paths.
-    return path.join(uploadsTmpDir, 'codeql-action-upload-sentinel');
-}
 // Takes a list of paths to sarif files and combines them together,
 // returning the contents of the combined sarif file.
 function combineSarifFiles(sarifFiles) {
@@ -63,27 +50,28 @@ async function uploadPayload(payload) {
    if (testMode) {
        return true;
    }
-    const githubToken = core.getInput('token');
-    const ph = new auth.BearerCredentialHandler(githubToken);
-    const client = new http.HttpClient('Code Scanning : Upload SARIF', [ph]);
-    const url = 'https://api.github.com/repos/' + process.env['GITHUB_REPOSITORY'] + '/code-scanning/analysis';
+    const [owner, repo] = util.getRequiredEnvParam("GITHUB_REPOSITORY").split("/");
    // Make up to 4 attempts to upload, and sleep for these
    // number of seconds between each attempt.
    // We don't want to backoff too much to avoid wasting action
    // minutes, but just waiting a little bit could maybe help.
    const backoffPeriods = [1, 5, 15];
    for (let attempt = 0; attempt <= backoffPeriods.length; attempt++) {
-        const res = await client.put(url, payload);
-        core.debug('response status: ' + res.message.statusCode);
-        const statusCode = res.message.statusCode;
+        const response = await api.client.request("PUT /repos/:owner/:repo/code-scanning/analysis", ({
+            owner: owner,
+            repo: repo,
+            data: payload,
+        }));
+        core.debug('response status: ' + response.status);
+        const statusCode = response.status;
        if (statusCode === 202) {
            core.info("Successfully uploaded results");
            return true;
        }
-        const requestID = res.message.headers["x-github-request-id"];
+        const requestID = response.headers["x-github-request-id"];
        // On any other status code that's not 5xx mark the upload as failed
        if (!statusCode || statusCode < 500 || statusCode >= 600) {
-            core.setFailed('Upload failed (' + requestID + '): (' + statusCode + ') ' + await res.readBody());
+            core.setFailed('Upload failed (' + requestID + '): (' + statusCode + ') ' + JSON.stringify(response.data));
            return false;
        }
        // On a 5xx status code we may retry the request
@@ -91,7 +79,7 @@ async function uploadPayload(payload) {
            // Log the failure as a warning but don't mark the action as failed yet
            core.warning('Upload attempt (' + (attempt + 1) + ' of ' + (backoffPeriods.length + 1) +
                ') failed (' + requestID + '). Retrying in ' + backoffPeriods[attempt] +
-                ' seconds: (' + statusCode + ') ' + await res.readBody());
+                ' seconds: (' + statusCode + ') ' + JSON.stringify(response.data));
            // Sleep for the backoff period
            await new Promise(r => setTimeout(r, backoffPeriods[attempt] * 1000));
            continue;
@@ -100,7 +88,7 @@ async function uploadPayload(payload) {
            // If the upload fails with 5xx then we assume it is a temporary problem
            // and not an error that the user has caused or can fix.
            // We avoid marking the job as failed to avoid breaking CI workflows.
-            core.error('Upload failed (' + requestID + '): (' + statusCode + ') ' + await res.readBody());
+            core.error('Upload failed (' + requestID + '): (' + statusCode + ') ' + JSON.stringify(response.data));
            return false;
        }
    }
@@ -125,62 +113,96 @@ async function upload(input) {
    }
 }
 exports.upload = upload;
+// Counts the number of results in the given SARIF file
+function countResultsInSarif(sarif) {
+    let numResults = 0;
+    for (const run of JSON.parse(sarif).runs) {
+        numResults += run.results.length;
+    }
+    return numResults;
+}
+exports.countResultsInSarif = countResultsInSarif;
+// Validates that the given file path refers to a valid SARIF file.
+// Returns a non-empty list of error message if the file is invalid,
+// otherwise returns the empty list if the file is valid.
+function validateSarifFileSchema(sarifFilePath) {
+    const sarif = JSON.parse(fs.readFileSync(sarifFilePath, 'utf8'));
+    const schema = JSON.parse(fs.readFileSync(__dirname + '/../src/sarif_v2.1.0_schema.json', 'utf8'));
+    const result = new jsonschema.Validator().validate(sarif, schema);
+    if (result.valid) {
+        return true;
+    }
+    else {
+        // Set the failure message to the stacks of all the errors.
+        // This should be of a manageable size and may even give enough to fix the error.
+        const errorMessages = result.errors.map(e => "- " + e.stack);
+        core.setFailed("Unable to upload \"" + sarifFilePath + "\" as it is not valid SARIF:\n" + errorMessages.join("\n"));
+        // Also output the more verbose error messages in groups as these may be very large.
+        for (const error of result.errors) {
+            core.startGroup("Error details: " + error.stack);
+            core.info(JSON.stringify(error, null, 2));
+            core.endGroup();
+        }
+        return false;
+    }
+}
+exports.validateSarifFileSchema = validateSarifFileSchema;
 // Uploads the given set of sarif files.
 // Returns true iff the upload occurred and succeeded
 async function uploadFiles(sarifFiles) {
    core.startGroup("Uploading results");
-    let succeeded = false;
-    try {
-        // Check if an upload has happened before. If so then abort.
-        // This is intended to catch when the finish and upload-sarif actions
-        // are used together, and then the upload-sarif action is invoked twice.
-        const sentinelFile = await getSentinelFilePath();
-        if (fs.existsSync(sentinelFile)) {
-            core.info("Aborting as an upload has already happened from this job");
+    core.info("Uploading sarif files: " + JSON.stringify(sarifFiles));
+    const sentinelEnvVar = "CODEQL_UPLOAD_SARIF";
+    if (process.env[sentinelEnvVar]) {
+        core.error("Aborting upload: only one run of the codeql/analyze or codeql/upload-sarif actions is allowed per job");
+        return false;
+    }
+    core.exportVariable(sentinelEnvVar, sentinelEnvVar);
+    // Validate that the files we were asked to upload are all valid SARIF files
+    for (const file of sarifFiles) {
+        if (!validateSarifFileSchema(file)) {
            return false;
        }
-        const commitOid = util.getRequiredEnvParam('GITHUB_SHA');
-        const workflowRunIDStr = util.getRequiredEnvParam('GITHUB_RUN_ID');
-        const ref = util.getRef();
-        const analysisKey = await util.getAnalysisKey();
-        const analysisName = util.getRequiredEnvParam('GITHUB_WORKFLOW');
-        const startedAt = process.env[sharedEnv.CODEQL_ACTION_STARTED_AT];
-        core.info("Uploading sarif files: " + JSON.stringify(sarifFiles));
-        let sarifPayload = combineSarifFiles(sarifFiles);
-        sarifPayload = fingerprints.addFingerprints(sarifPayload);
-        const zipped_sarif = zlib_1.default.gzipSync(sarifPayload).toString('base64');
-        let checkoutPath = core.getInput('checkout_path');
-        let checkoutURI = file_url_1.default(checkoutPath);
-        const workflowRunID = parseInt(workflowRunIDStr, 10);
-        if (Number.isNaN(workflowRunID)) {
-            core.setFailed('GITHUB_RUN_ID must define a non NaN workflow run ID');
-            return false;
-        }
-        let matrix = core.getInput('matrix');
-        if (matrix === "null" || matrix === "") {
-            matrix = undefined;
-        }
-        const toolNames = util.getToolNames(sarifPayload);
-        const payload = JSON.stringify({
-            "commit_oid": commitOid,
-            "ref": ref,
-            "analysis_key": analysisKey,
-            "analysis_name": analysisName,
-            "sarif": zipped_sarif,
-            "workflow_run_id": workflowRunID,
-            "checkout_uri": checkoutURI,
-            "environment": matrix,
-            "started_at": startedAt,
-            "tool_names": toolNames,
-        });
-        // Make the upload
-        succeeded = await uploadPayload(payload);
-        // Mark that we have made an upload
-        fs.writeFileSync(sentinelFile, '');
    }
-    catch (error) {
-        core.setFailed(error.message);
+    const commitOid = await util.getCommitOid();
+    const workflowRunIDStr = util.getRequiredEnvParam('GITHUB_RUN_ID');
+    const ref = util.getRef();
+    const analysisKey = await util.getAnalysisKey();
+    const analysisName = util.getRequiredEnvParam('GITHUB_WORKFLOW');
+    const startedAt = process.env[sharedEnv.CODEQL_ACTION_STARTED_AT];
+    let sarifPayload = combineSarifFiles(sarifFiles);
+    sarifPayload = fingerprints.addFingerprints(sarifPayload);
+    const zipped_sarif = zlib_1.default.gzipSync(sarifPayload).toString('base64');
+    let checkoutPath = core.getInput('checkout_path');
+    let checkoutURI = file_url_1.default(checkoutPath);
+    const workflowRunID = parseInt(workflowRunIDStr, 10);
+    if (Number.isNaN(workflowRunID)) {
+        core.setFailed('GITHUB_RUN_ID must define a non NaN workflow run ID');
+        return false;
    }
+    let matrix = core.getInput('matrix');
+    if (matrix === "null" || matrix === "") {
+        matrix = undefined;
+    }
+    const toolNames = util.getToolNames(sarifPayload);
+    const payload = JSON.stringify({
+        "commit_oid": commitOid,
+        "ref": ref,
+        "analysis_key": analysisKey,
+        "analysis_name": analysisName,
+        "sarif": zipped_sarif,
+        "workflow_run_id": workflowRunID,
+        "checkout_uri": checkoutURI,
+        "environment": matrix,
+        "started_at": startedAt,
+        "tool_names": toolNames,
+    });
+    // Log some useful debug info about the info
+    core.debug("Raw upload size: " + sarifPayload.length + " bytes");
+    core.debug("Base64 zipped upload size: " + zipped_sarif.length + " bytes");
+    core.debug("Number of results in upload: " + countResultsInSarif(sarifPayload));
+    // Make the upload
+    const succeeded = await uploadPayload(payload);
    core.endGroup();
    return succeeded;
 }
@@ -0,0 +1,27 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const ava_1 = __importDefault(require("ava"));
+const testing_utils_1 = require("./testing-utils");
+const uploadLib = __importStar(require("./upload-lib"));
+testing_utils_1.silenceDebugOutput(ava_1.default);
+ava_1.default('validateSarifFileSchema - valid', t => {
+    const inputFile = __dirname + '/../src/testdata/valid-sarif.sarif';
+    t.true(uploadLib.validateSarifFileSchema(inputFile));
+});
+ava_1.default('validateSarifFileSchema - invalid', t => {
+    const inputFile = __dirname + '/../src/testdata/invalid-sarif.sarif';
+    t.false(uploadLib.validateSarifFileSchema(inputFile));
+    // validateSarifFileSchema calls core.setFailed which sets the exit code on error
+    process.exitCode = 0;
+});
+//# sourceMappingURL=upload-lib.test.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"upload-lib.test.js","sourceRoot":"","sources":["../src/upload-lib.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAAuB;AAEvB,mDAAmD;AACnD,wDAA0C;AAE1C,kCAAkB,CAAC,aAAI,CAAC,CAAC;AAEzB,aAAI,CAAC,iCAAiC,EAAE,CAAC,CAAC,EAAE;IAC1C,MAAM,SAAS,GAAG,SAAS,GAAG,oCAAoC,CAAC;IACnE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC,CAAC;AACvD,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,mCAAmC,EAAE,CAAC,CAAC,EAAE;IAC5C,MAAM,SAAS,GAAG,SAAS,GAAG,sCAAsC,CAAC;IACrE,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC,CAAC;IACtD,iFAAiF;IACjF,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC,CAAC,CAAC"}
@@ -1 +1 @@
-{"version":3,"file":"upload-sarif.js","sourceRoot":"","sources":["../src/upload-sarif.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,yDAA2C;AAC3C,6CAA+B;AAE/B,KAAK,UAAU,GAAG;IACd,IAAI,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,cAAc,CAAC,EAAE;QAC9F,OAAO;KACV;IAED,IAAI;QACA,IAAI,MAAM,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,EAAE;YACtD,MAAM,IAAI,CAAC,qBAAqB,CAAC,cAAc,CAAC,CAAC;SACpD;aAAM;YACH,MAAM,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;SAC3D;KACJ;IAAC,OAAO,KAAK,EAAE;QACZ,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;QAC1E,OAAO;KACV;AACL,CAAC;AAED,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE;IACZ,IAAI,CAAC,SAAS,CAAC,qCAAqC,GAAG,CAAC,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACnB,CAAC,CAAC,CAAC"}
+{"version":3,"file":"upload-sarif.js","sourceRoot":"","sources":["../src/upload-sarif.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,yDAA2C;AAC3C,6CAA+B;AAE/B,KAAK,UAAU,GAAG;IAChB,IAAI,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,cAAc,CAAC,EAAE;QAChG,OAAO;KACR;IAED,IAAI;QACF,IAAI,MAAM,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,EAAE;YACxD,MAAM,IAAI,CAAC,qBAAqB,CAAC,cAAc,CAAC,CAAC;SAClD;aAAM;YACL,MAAM,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;SACzD;KACF;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;QAC1E,OAAO;KACR;AACH,CAAC;AAED,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE;IACd,IAAI,CAAC,SAAS,CAAC,qCAAqC,GAAG,CAAC,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACjB,CAAC,CAAC,CAAC"}
@@ -6,18 +6,13 @@ var __importStar = (this && this.__importStar) || function (mod) {
    result["default"] = mod;
    return result;
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 const core = __importStar(require("@actions/core"));
-const http = __importStar(require("@actions/http-client"));
-const auth = __importStar(require("@actions/http-client/auth"));
-const octokit = __importStar(require("@octokit/rest"));
-const console_log_level_1 = __importDefault(require("console-log-level"));
+const exec = __importStar(require("@actions/exec"));
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
+const api = __importStar(require("./api-client"));
 const sharedEnv = __importStar(require("./shared-environment"));
 /**
 * Should the current action be aborted?
@@ -33,12 +28,6 @@ function should_abort(actionName, requireInitActionHasRun) {
        core.setFailed('GITHUB_REF must be set.');
        return true;
    }
-    // Should abort if called on a merge commit for a pull request.
-    if (ref.startsWith('refs/pull/')) {
-        core.warning('The CodeQL ' + actionName + ' action is intended for workflows triggered on `push` events, '
-            + 'but the current workflow is running on a pull request. Aborting.');
-        return true;
-    }
    // If the init action is required, then check the it completed successfully.
    if (requireInitActionHasRun && process.env[sharedEnv.CODEQL_ACTION_INIT_COMPLETED] === undefined) {
        core.setFailed('The CodeQL ' + actionName + ' action cannot be used unless the CodeQL init action is run first. Aborting.');
@@ -47,22 +36,12 @@ function should_abort(actionName, requireInitActionHasRun) {
    return false;
 }
 exports.should_abort = should_abort;
-/**
- * Resolve the path to the workspace folder.
- */
-function workspaceFolder() {
-    let workspaceFolder = process.env['RUNNER_WORKSPACE'];
-    if (!workspaceFolder)
-        workspaceFolder = path.resolve('..');
-    return workspaceFolder;
-}
-exports.workspaceFolder = workspaceFolder;
 /**
 * Get an environment parameter, but throw an error if it is not set.
 */
 function getRequiredEnvParam(paramName) {
    const value = process.env[paramName];
-    if (value === undefined) {
+    if (value === undefined || value.length === 0) {
        throw new Error(paramName + ' environment variable must be set');
    }
    core.debug(paramName + '=' + value);
@@ -90,12 +69,7 @@ async function getLanguagesInRepo() {
        let owner = repo_nwo[0];
        let repo = repo_nwo[1];
        core.debug(`GitHub repo ${owner} ${repo}`);
-        let ok = new octokit.Octokit({
-            auth: core.getInput('token'),
-            userAgent: "CodeQL Action",
-            log: console_log_level_1.default({ level: "debug" })
-        });
-        const response = await ok.request("GET /repos/:owner/:repo/languages", ({
+        const response = await api.client.request("GET /repos/:owner/:repo/languages", ({
            owner,
            repo
        }));
@@ -151,6 +125,34 @@ async function getLanguages() {
    return languages;
 }
 exports.getLanguages = getLanguages;
+/**
+ * Gets the SHA of the commit that is currently checked out.
+ */
+async function getCommitOid() {
+    // Try to use git to get the current commit SHA. If that fails then
+    // log but otherwise silently fall back to using the SHA from the environment.
+    // The only time these two values will differ is during analysis of a PR when
+    // the workflow has changed the current commit to the head commit instead of
+    // the merge commit, which must mean that git is available.
+    // Even if this does go wrong, it's not a huge problem for the alerts to
+    // reported on the merge commit.
+    try {
+        let commitOid = '';
+        await exec.exec('git', ['rev-parse', 'HEAD'], {
+            silent: true,
+            listeners: {
+                stdout: (data) => { commitOid += data.toString(); },
+                stderr: (data) => { process.stderr.write(data); }
+            }
+        });
+        return commitOid.trim();
+    }
+    catch (e) {
+        core.info("Failed to call git to get current commit. Continuing with data from environment: " + e);
+        return getRequiredEnvParam('GITHUB_SHA');
+    }
+}
+exports.getCommitOid = getCommitOid;
 /**
 * Get the path of the currently executing workflow.
 */
@@ -158,19 +160,14 @@ async function getWorkflowPath() {
    const repo_nwo = getRequiredEnvParam('GITHUB_REPOSITORY').split("/");
    const owner = repo_nwo[0];
    const repo = repo_nwo[1];
-    const run_id = getRequiredEnvParam('GITHUB_RUN_ID');
-    const ok = new octokit.Octokit({
-        auth: core.getInput('token'),
-        userAgent: "CodeQL Action",
-        log: console_log_level_1.default({ level: 'debug' })
-    });
-    const runsResponse = await ok.request('GET /repos/:owner/:repo/actions/runs/:run_id', {
+    const run_id = Number(getRequiredEnvParam('GITHUB_RUN_ID'));
+    const runsResponse = await api.client.request('GET /repos/:owner/:repo/actions/runs/:run_id', {
        owner,
        repo,
        run_id
    });
    const workflowUrl = runsResponse.data.workflow_url;
-    const workflowResponse = await ok.request('GET ' + workflowUrl);
+    const workflowResponse = await api.client.request('GET ' + workflowUrl);
    return workflowResponse.data.path;
 }
 /**
@@ -196,8 +193,20 @@ exports.getAnalysisKey = getAnalysisKey;
 * Get the ref currently being analyzed.
 */
 function getRef() {
-    // it's in the form "refs/heads/master"
-    return getRequiredEnvParam('GITHUB_REF');
+    // Will be in the form "refs/heads/master" on a push event
+    // or in the form "refs/pull/N/merge" on a pull_request event
+    const ref = getRequiredEnvParam('GITHUB_REF');
+    // For pull request refs we want to convert from the 'merge' ref
+    // to the 'head' ref, as that is what we want to analyse.
+    // There should have been some code earlier in the workflow to do
+    // the checkout, but we have no way of verifying that here.
+    const pull_ref_regex = /refs\/pull\/(\d+)\/merge/;
+    if (pull_ref_regex.test(ref)) {
+        return ref.replace(pull_ref_regex, 'refs/pull/$1/head');
+    }
+    else {
+        return ref;
+    }
 }
 exports.getRef = getRef;
 /**
@@ -240,7 +249,7 @@ async function createStatusReport(actionName, status, cause, exception) {
    if (exception) {
        statusReport.exception = exception;
    }
-    if (status === 'success' || status === 'failure') {
+    if (status === 'success' || status === 'failure' || status === 'aborted') {
        statusReport.completed_at = new Date().toISOString();
    }
    let matrix = core.getInput('matrix');
@@ -252,21 +261,19 @@ async function createStatusReport(actionName, status, cause, exception) {
 /**
 * Send a status report to the code_scanning/analysis/status endpoint.
 *
- * Returns the status code of the response to the status request, or
- * undefined if the given statusReport is undefined or no response was
- * received.
+ * Returns the status code of the response to the status request.
 */
 async function sendStatusReport(statusReport) {
-    var _a;
    const statusReportJSON = JSON.stringify(statusReport);
    core.debug('Sending status report: ' + statusReportJSON);
-    const githubToken = core.getInput('token');
-    const ph = new auth.BearerCredentialHandler(githubToken);
-    const client = new http.HttpClient('Code Scanning : Status Report', [ph]);
-    const url = 'https://api.github.com/repos/' + process.env['GITHUB_REPOSITORY']
-        + '/code-scanning/analysis/status';
-    const res = await client.put(url, statusReportJSON);
-    return (_a = res.message) === null || _a === void 0 ? void 0 : _a.statusCode;
+    const nwo = getRequiredEnvParam("GITHUB_REPOSITORY");
+    const [owner, repo] = nwo.split("/");
+    const statusResponse = await api.client.request('PUT /repos/:owner/:repo/code-scanning/analysis/status', {
+        owner: owner,
+        repo: repo,
+        data: statusReportJSON,
+    });
+    return statusResponse.status;
 }
 /**
 * Send a status report that an action is starting.
@@ -315,6 +322,16 @@ async function reportActionSucceeded(action) {
    await sendStatusReport(await createStatusReport(action, 'success'));
 }
 exports.reportActionSucceeded = reportActionSucceeded;
+/**
+ * Report that an action has been aborted.
+ *
+ * Note that the started_at date is always that of the `init` action, since
+ * this is likely to give a more useful duration when inspecting events.
+ */
+async function reportActionAborted(action, cause) {
+    await sendStatusReport(await createStatusReport(action, 'aborted', cause));
+}
+exports.reportActionAborted = reportActionAborted;
 /**
 * Get the array of all the tool names contained in the given sarif contents.
 *
@@ -337,8 +354,63 @@ exports.getToolNames = getToolNames;
 // Mostly intended for use within tests.
 async function withTmpDir(body) {
    const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'codeql-action-'));
-    await body(tmpDir);
+    const realSubdir = path.join(tmpDir, 'real');
+    fs.mkdirSync(realSubdir);
+    const symlinkSubdir = path.join(tmpDir, 'symlink');
+    fs.symlinkSync(realSubdir, symlinkSubdir, 'dir');
+    const result = await body(symlinkSubdir);
    fs.rmdirSync(tmpDir, { recursive: true });
+    return result;
 }
 exports.withTmpDir = withTmpDir;
+/**
+ * Get the codeql `--ram` flag as configured by the `ram` input. If no value was
+ * specified, the total available memory will be used minus 256 MB.
+ *
+ * @returns string
+ */
+function getMemoryFlag() {
+    let memoryToUseMegaBytes;
+    const memoryToUseString = core.getInput("ram");
+    if (memoryToUseString) {
+        memoryToUseMegaBytes = Number(memoryToUseString);
+        if (Number.isNaN(memoryToUseMegaBytes) || memoryToUseMegaBytes <= 0) {
+            throw new Error("Invalid RAM setting \"" + memoryToUseString + "\", specified.");
+        }
+    }
+    else {
+        const totalMemoryBytes = os.totalmem();
+        const totalMemoryMegaBytes = totalMemoryBytes / (1024 * 1024);
+        const systemReservedMemoryMegaBytes = 256;
+        memoryToUseMegaBytes = totalMemoryMegaBytes - systemReservedMemoryMegaBytes;
+    }
+    return "--ram=" + Math.floor(memoryToUseMegaBytes);
+}
+exports.getMemoryFlag = getMemoryFlag;
+/**
+ * Get the codeql `--threads` value specified for the `threads` input. The value
+ * defaults to 1. The value will be capped to the number of available CPUs.
+ *
+ * @returns string
+ */
+function getThreadsFlag() {
+    let numThreads = 1;
+    const numThreadsString = core.getInput("threads");
+    if (numThreadsString) {
+        numThreads = Number(numThreadsString);
+        if (Number.isNaN(numThreads)) {
+            throw new Error(`Invalid threads setting "${numThreadsString}", specified.`);
+        }
+        const maxThreads = os.cpus().length;
+        if (numThreads > maxThreads) {
+            numThreads = maxThreads;
+        }
+        const minThreads = -maxThreads;
+        if (numThreads < minThreads) {
+            numThreads = minThreads;
+        }
+    }
+    return `--threads=${numThreads}`;
+}
+exports.getThreadsFlag = getThreadsFlag;
 //# sourceMappingURL=util.js.map
@@ -12,10 +12,53 @@ var __importStar = (this && this.__importStar) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const ava_1 = __importDefault(require("ava"));
 const fs = __importStar(require("fs"));
+const os = __importStar(require("os"));
+const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
+testing_utils_1.silenceDebugOutput(ava_1.default);
 ava_1.default('getToolNames', t => {
    const input = fs.readFileSync(__dirname + '/../src/testdata/tool-names.sarif', 'utf8');
    const toolNames = util.getToolNames(input);
    t.deepEqual(toolNames, ["CodeQL command-line toolchain", "ESLint"]);
 });
+ava_1.default('getMemoryFlag() should return the correct --ram flag', t => {
+    const totalMem = Math.floor(os.totalmem() / (1024 * 1024));
+    const tests = {
+        "": `--ram=${totalMem - 256}`,
+        "512": "--ram=512",
+    };
+    for (const [input, expectedFlag] of Object.entries(tests)) {
+        process.env['INPUT_RAM'] = input;
+        const flag = util.getMemoryFlag();
+        t.deepEqual(flag, expectedFlag);
+    }
+});
+ava_1.default('getMemoryFlag() throws if the ram input is < 0 or NaN', t => {
+    for (const input of ["-1", "hello!"]) {
+        process.env['INPUT_RAM'] = input;
+        t.throws(util.getMemoryFlag);
+    }
+});
+ava_1.default('getThreadsFlag() should return the correct --threads flag', t => {
+    const numCpus = os.cpus().length;
+    const tests = {
+        "0": "--threads=0",
+        "1": "--threads=1",
+        [`${numCpus + 1}`]: `--threads=${numCpus}`,
+        [`${-numCpus - 1}`]: `--threads=${-numCpus}`
+    };
+    for (const [input, expectedFlag] of Object.entries(tests)) {
+        process.env['INPUT_THREADS'] = input;
+        const flag = util.getThreadsFlag();
+        t.deepEqual(flag, expectedFlag);
+    }
+});
+ava_1.default('getThreadsFlag() throws if the threads input is not an integer', t => {
+    process.env['INPUT_THREADS'] = "hello!";
+    t.throws(util.getThreadsFlag);
+});
+ava_1.default('getRef() throws on the empty string', t => {
+    process.env["GITHUB_REF"] = "";
+    t.throws(util.getRef);
+});
 //# sourceMappingURL=util.test.js.map
@@ -1 +1 @@
-{"version":3,"file":"util.test.js","sourceRoot":"","sources":["../src/util.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAAuB;AACvB,uCAAyB;AAEzB,6CAA+B;AAE/B,aAAI,CAAC,cAAc,EAAE,CAAC,CAAC,EAAE;IACvB,MAAM,KAAK,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,GAAG,mCAAmC,EAAE,MAAM,CAAC,CAAC;IACvF,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,+BAA+B,EAAE,QAAQ,CAAC,CAAC,CAAC;AACtE,CAAC,CAAC,CAAC"}
+{"version":3,"file":"util.test.js","sourceRoot":"","sources":["../src/util.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAAuB;AACvB,uCAAyB;AACzB,uCAAyB;AAEzB,mDAAmD;AACnD,6CAA+B;AAE/B,kCAAkB,CAAC,aAAI,CAAC,CAAC;AAEzB,aAAI,CAAC,cAAc,EAAE,CAAC,CAAC,EAAE;IACvB,MAAM,KAAK,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,GAAG,mCAAmC,EAAE,MAAM,CAAC,CAAC;IACvF,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,+BAA+B,EAAE,QAAQ,CAAC,CAAC,CAAC;AACtE,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,sDAAsD,EAAE,CAAC,CAAC,EAAE;IAE/D,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC;IAE3D,MAAM,KAAK,GAAG;QACZ,EAAE,EAAE,SAAS,QAAQ,GAAG,GAAG,EAAE;QAC7B,KAAK,EAAE,WAAW;KACnB,CAAC;IAEF,KAAK,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QAEzD,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC;QAEjC,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QAClC,CAAC,CAAC,SAAS,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;KACjC;AACH,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,uDAAuD,EAAE,CAAC,CAAC,EAAE;IAChE,KAAK,MAAM,KAAK,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,EAAE;QACpC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC;QACjC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;KAC9B;AACH,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,2DAA2D,EAAE,CAAC,CAAC,EAAE;IAEpE,MAAM,OAAO,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC;IAEjC,MAAM,KAAK,GAAG;QACZ,GAAG,EAAE,aAAa;QAClB,GAAG,EAAE,aAAa;QAClB,CAAC,GAAG,OAAO,GAAG,CAAC,EAAE,CAAC,EAAE,aAAa,OAAO,EAAE;QAC1C,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,EAAE,CAAC,EAAE,aAAa,CAAC,OAAO,EAAE;KAC7C,CAAC;IAEF,KAAK,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QAEzD,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC;QAErC,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QACnC,CAAC,CAAC,SAAS,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;KACjC;AACH,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,gEAAgE,EAAE,CAAC,CAAC,EAAE;IACzE,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,QAAQ,CAAC;IACxC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AAChC,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,qCAAqC,EAAE,CAAC,CAAC,EAAE;IAC9C,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC;IAC/B,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AACxB,CAAC,CAAC,CAAC"}
@@ -1 +1 @@
-../semver/bin/semver
+../semver/bin/semver.js
@@ -22,11 +22,11 @@ These can then be extracted in platform specific ways:
 const tc = require('@actions/tool-cache');

 if (process.platform === 'win32') {
-  const node12Path = tc.downloadTool('https://nodejs.org/dist/v12.7.0/node-v12.7.0-win-x64.zip');
+  const node12Path = await tc.downloadTool('https://nodejs.org/dist/v12.7.0/node-v12.7.0-win-x64.zip');
  const node12ExtractedFolder = await tc.extractZip(node12Path, 'path/to/extract/to');

  // Or alternately
-  const node12Path = tc.downloadTool('https://nodejs.org/dist/v12.7.0/node-v12.7.0-win-x64.7z');
+  const node12Path = await tc.downloadTool('https://nodejs.org/dist/v12.7.0/node-v12.7.0-win-x64.7z');
  const node12ExtractedFolder = await tc.extract7z(node12Path, 'path/to/extract/to');
 }
 else {
@@ -37,7 +37,7 @@ else {

 #### Cache

-Finally, you can cache these directories in our tool-cache. This is useful if you want to switch back and forth between versions of a tool, or save a tool between runs for private runners (private runners are still in development but are on the roadmap).
+Finally, you can cache these directories in our tool-cache. This is useful if you want to switch back and forth between versions of a tool, or save a tool between runs for self-hosted runners.

 You'll often want to add it to the path as part of this step:

@@ -57,7 +57,7 @@ You can also cache files for reuse.
 ```js
 const tc = require('@actions/tool-cache');

-tc.cacheFile('path/to/exe', 'destFileName.exe', 'myExeName', '1.1.0');
+const cachedPath = await tc.cacheFile('path/to/exe', 'destFileName.exe', 'myExeName', '1.1.0');
 ```

 #### Find
@@ -0,0 +1,16 @@
+export interface IToolReleaseFile {
+    filename: string;
+    platform: string;
+    platform_version?: string;
+    arch: string;
+    download_url: string;
+}
+export interface IToolRelease {
+    version: string;
+    stable: boolean;
+    release_url: string;
+    files: IToolReleaseFile[];
+}
+export declare function _findMatch(versionSpec: string, stable: boolean, candidates: IToolRelease[], archFilter: string): Promise<IToolRelease | undefined>;
+export declare function _getOsVersion(): string;
+export declare function _readLinuxVersionFile(): string;
@@ -0,0 +1,106 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const semver = __importStar(require("semver"));
+const core_1 = require("@actions/core");
+// needs to be require for core node modules to be mocked
+/* eslint @typescript-eslint/no-require-imports: 0 */
+const os = require("os");
+const cp = require("child_process");
+const fs = require("fs");
+function _findMatch(versionSpec, stable, candidates, archFilter) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const platFilter = os.platform();
+        let result;
+        let match;
+        let file;
+        for (const candidate of candidates) {
+            const version = candidate.version;
+            core_1.debug(`check ${version} satisfies ${versionSpec}`);
+            if (semver.satisfies(version, versionSpec) &&
+                (!stable || candidate.stable === stable)) {
+                file = candidate.files.find(item => {
+                    core_1.debug(`${item.arch}===${archFilter} && ${item.platform}===${platFilter}`);
+                    let chk = item.arch === archFilter && item.platform === platFilter;
+                    if (chk && item.platform_version) {
+                        const osVersion = module.exports._getOsVersion();
+                        if (osVersion === item.platform_version) {
+                            chk = true;
+                        }
+                        else {
+                            chk = semver.satisfies(osVersion, item.platform_version);
+                        }
+                    }
+                    return chk;
+                });
+                if (file) {
+                    core_1.debug(`matched ${candidate.version}`);
+                    match = candidate;
+                    break;
+                }
+            }
+        }
+        if (match && file) {
+            // clone since we're mutating the file list to be only the file that matches
+            result = Object.assign({}, match);
+            result.files = [file];
+        }
+        return result;
+    });
+}
+exports._findMatch = _findMatch;
+function _getOsVersion() {
+    // TODO: add windows and other linux, arm variants
+    // right now filtering on version is only an ubuntu and macos scenario for tools we build for hosted (python)
+    const plat = os.platform();
+    let version = '';
+    if (plat === 'darwin') {
+        version = cp.execSync('sw_vers -productVersion').toString();
+    }
+    else if (plat === 'linux') {
+        // lsb_release process not in some containers, readfile
+        // Run cat /etc/lsb-release
+        // DISTRIB_ID=Ubuntu
+        // DISTRIB_RELEASE=18.04
+        // DISTRIB_CODENAME=bionic
+        // DISTRIB_DESCRIPTION="Ubuntu 18.04.4 LTS"
+        const lsbContents = module.exports._readLinuxVersionFile();
+        if (lsbContents) {
+            const lines = lsbContents.split('\n');
+            for (const line of lines) {
+                const parts = line.split('=');
+                if (parts.length === 2 && parts[0].trim() === 'DISTRIB_RELEASE') {
+                    version = parts[1].trim();
+                    break;
+                }
+            }
+        }
+    }
+    return version;
+}
+exports._getOsVersion = _getOsVersion;
+function _readLinuxVersionFile() {
+    const lsbFile = '/etc/lsb-release';
+    let contents = '';
+    if (fs.existsSync(lsbFile)) {
+        contents = fs.readFileSync(lsbFile).toString();
+    }
+    return contents;
+}
+exports._readLinuxVersionFile = _readLinuxVersionFile;
+//# sourceMappingURL=manifest.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"manifest.js","sourceRoot":"","sources":["../src/manifest.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,+CAAgC;AAChC,wCAAmC;AAEnC,yDAAyD;AACzD,qDAAqD;AAErD,yBAAyB;AACzB,oCAAoC;AACpC,yBAAyB;AAqDzB,SAAsB,UAAU,CAC9B,WAAmB,EACnB,MAAe,EACf,UAA0B,EAC1B,UAAkB;;QAElB,MAAM,UAAU,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAA;QAEhC,IAAI,MAAgC,CAAA;QACpC,IAAI,KAA+B,CAAA;QAEnC,IAAI,IAAkC,CAAA;QACtC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE;YAClC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,CAAA;YAEjC,YAAK,CAAC,SAAS,OAAO,cAAc,WAAW,EAAE,CAAC,CAAA;YAClD,IACE,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,WAAW,CAAC;gBACtC,CAAC,CAAC,MAAM,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,CAAC,EACxC;gBACA,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBACjC,YAAK,CACH,GAAG,IAAI,CAAC,IAAI,MAAM,UAAU,OAAO,IAAI,CAAC,QAAQ,MAAM,UAAU,EAAE,CACnE,CAAA;oBAED,IAAI,GAAG,GAAG,IAAI,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAA;oBAClE,IAAI,GAAG,IAAI,IAAI,CAAC,gBAAgB,EAAE;wBAChC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;wBAEhD,IAAI,SAAS,KAAK,IAAI,CAAC,gBAAgB,EAAE;4BACvC,GAAG,GAAG,IAAI,CAAA;yBACX;6BAAM;4BACL,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAA;yBACzD;qBACF;oBAED,OAAO,GAAG,CAAA;gBACZ,CAAC,CAAC,CAAA;gBAEF,IAAI,IAAI,EAAE;oBACR,YAAK,CAAC,WAAW,SAAS,CAAC,OAAO,EAAE,CAAC,CAAA;oBACrC,KAAK,GAAG,SAAS,CAAA;oBACjB,MAAK;iBACN;aACF;SACF;QAED,IAAI,KAAK,IAAI,IAAI,EAAE;YACjB,4EAA4E;YAC5E,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;YACjC,MAAM,CAAC,KAAK,GAAG,CAAC,IAAI,CAAC,CAAA;SACtB;QAED,OAAO,MAAM,CAAA;IACf,CAAC;CAAA;AAtDD,gCAsDC;AAED,SAAgB,aAAa;IAC3B,kDAAkD;IAClD,6GAA6G;IAC7G,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAA;IAC1B,IAAI,OAAO,GAAG,EAAE,CAAA;IAEhB,IAAI,IAAI,KAAK,QAAQ,EAAE;QACrB,OAAO,GAAG,EAAE,CAAC,QAAQ,CAAC,yBAAyB,CAAC,CAAC,QAAQ,EAAE,CAAA;KAC5D;SAAM,IAAI,IAAI,KAAK,OAAO,EAAE;QAC3B,uDAAuD;QACvD,2BAA2B;QAC3B,oBAAoB;QACpB,wBAAwB;QACxB,0BAA0B;QAC1B,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAA;QAC1D,IAAI,WAAW,EAAE;YACf,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;YACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;gBACxB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,iBAAiB,EAAE;oBAC/D,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;oBACzB,MAAK;iBACN;aACF;SACF;KACF;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AA7BD,sCA6BC;AAED,SAAgB,qBAAqB;IACnC,MAAM,OAAO,GAAG,kBAAkB,CAAA;IAClC,IAAI,QAAQ,GAAG,EAAE,CAAA;IAEjB,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE;QAC1B,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,CAAA;KAC/C;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AATD,sDASC"}
@@ -0,0 +1,12 @@
+/**
+ * Internal class for retries
+ */
+export declare class RetryHelper {
+    private maxAttempts;
+    private minSeconds;
+    private maxSeconds;
+    constructor(maxAttempts: number, minSeconds: number, maxSeconds: number);
+    execute<T>(action: () => Promise<T>, isRetryable?: (e: Error) => boolean): Promise<T>;
+    private getSleepAmount;
+    private sleep;
+}
@@ -0,0 +1,70 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const core = __importStar(require("@actions/core"));
+/**
+ * Internal class for retries
+ */
+class RetryHelper {
+    constructor(maxAttempts, minSeconds, maxSeconds) {
+        if (maxAttempts < 1) {
+            throw new Error('max attempts should be greater than or equal to 1');
+        }
+        this.maxAttempts = maxAttempts;
+        this.minSeconds = Math.floor(minSeconds);
+        this.maxSeconds = Math.floor(maxSeconds);
+        if (this.minSeconds > this.maxSeconds) {
+            throw new Error('min seconds should be less than or equal to max seconds');
+        }
+    }
+    execute(action, isRetryable) {
+        return __awaiter(this, void 0, void 0, function* () {
+            let attempt = 1;
+            while (attempt < this.maxAttempts) {
+                // Try
+                try {
+                    return yield action();
+                }
+                catch (err) {
+                    if (isRetryable && !isRetryable(err)) {
+                        throw err;
+                    }
+                    core.info(err.message);
+                }
+                // Sleep
+                const seconds = this.getSleepAmount();
+                core.info(`Waiting ${seconds} seconds before trying again`);
+                yield this.sleep(seconds);
+                attempt++;
+            }
+            // Last attempt
+            return yield action();
+        });
+    }
+    getSleepAmount() {
+        return (Math.floor(Math.random() * (this.maxSeconds - this.minSeconds + 1)) +
+            this.minSeconds);
+    }
+    sleep(seconds) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return new Promise(resolve => setTimeout(resolve, seconds * 1000));
+        });
+    }
+}
+exports.RetryHelper = RetryHelper;
+//# sourceMappingURL=retry-helper.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"retry-helper.js","sourceRoot":"","sources":["../src/retry-helper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,oDAAqC;AAErC;;GAEG;AACH,MAAa,WAAW;IAKtB,YAAY,WAAmB,EAAE,UAAkB,EAAE,UAAkB;QACrE,IAAI,WAAW,GAAG,CAAC,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;SACrE;QAED,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QACxC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QACxC,IAAI,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE;YACrC,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAA;SAC3E;IACH,CAAC;IAEK,OAAO,CACX,MAAwB,EACxB,WAAmC;;YAEnC,IAAI,OAAO,GAAG,CAAC,CAAA;YACf,OAAO,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE;gBACjC,MAAM;gBACN,IAAI;oBACF,OAAO,MAAM,MAAM,EAAE,CAAA;iBACtB;gBAAC,OAAO,GAAG,EAAE;oBACZ,IAAI,WAAW,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE;wBACpC,MAAM,GAAG,CAAA;qBACV;oBAED,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;iBACvB;gBAED,QAAQ;gBACR,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,EAAE,CAAA;gBACrC,IAAI,CAAC,IAAI,CAAC,WAAW,OAAO,8BAA8B,CAAC,CAAA;gBAC3D,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;gBACzB,OAAO,EAAE,CAAA;aACV;YAED,eAAe;YACf,OAAO,MAAM,MAAM,EAAE,CAAA;QACvB,CAAC;KAAA;IAEO,cAAc;QACpB,OAAO,CACL,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;YACnE,IAAI,CAAC,UAAU,CAChB,CAAA;IACH,CAAC;IAEa,KAAK,CAAC,OAAe;;YACjC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAAC,CAAC,CAAA;QACpE,CAAC;KAAA;CACF;AAxDD,kCAwDC"}
@@ -1,3 +1,4 @@
+import * as mm from './manifest';
 export declare class HTTPError extends Error {
    readonly httpStatusCode: number | undefined;
    constructor(httpStatusCode: number | undefined);
@@ -6,9 +7,11 @@ export declare class HTTPError extends Error {
 * Download a tool from an url and stream it into a file
 *
 * @param url       url of tool to download
+ * @param dest      path to download tool
+ * @param auth      authorization header
 * @returns         path to downloaded tool
 */
-export declare function downloadTool(url: string): Promise<string>;
+export declare function downloadTool(url: string, dest?: string, auth?: string): Promise<string>;
 /**
 * Extract a .7z file
 *
@@ -26,14 +29,14 @@ export declare function downloadTool(url: string): Promise<string>;
 */
 export declare function extract7z(file: string, dest?: string, _7zPath?: string): Promise<string>;
 /**
- * Extract a tar
+ * Extract a compressed tar archive
 *
 * @param file     path to the tar
 * @param dest     destination directory. Optional.
- * @param flags    flags for the tar. Optional.
+ * @param flags    flags for the tar command to use for extraction. Defaults to 'xz' (extracting gzipped tars). Optional.
 * @returns        path to the destination directory
 */
-export declare function extractTar(file: string, dest?: string, flags?: string): Promise<string>;
+export declare function extractTar(file: string, dest?: string, flags?: string | string[]): Promise<string>;
 /**
 * Extract a zip
 *
@@ -77,3 +80,7 @@ export declare function find(toolName: string, versionSpec: string, arch?: strin
 * @param arch      optional arch.  defaults to arch of computer
 */
 export declare function findAllVersions(toolName: string, arch?: string): string[];
+export declare type IToolRelease = mm.IToolRelease;
+export declare type IToolReleaseFile = mm.IToolReleaseFile;
+export declare function getManifestFromRepo(owner: string, repo: string, auth?: string, branch?: string): Promise<IToolRelease[]>;
+export declare function findFromManifest(versionSpec: string, stable: boolean, manifest: IToolRelease[], archFilter?: string): Promise<IToolRelease | undefined>;
@@ -8,17 +8,31 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
 };
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-const core = require("@actions/core");
-const io = require("@actions/io");
-const fs = require("fs");
-const os = require("os");
-const path = require("path");
-const httpm = require("typed-rest-client/HttpClient");
-const semver = require("semver");
-const uuidV4 = require("uuid/v4");
+const core = __importStar(require("@actions/core"));
+const io = __importStar(require("@actions/io"));
+const fs = __importStar(require("fs"));
+const mm = __importStar(require("./manifest"));
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
+const httpm = __importStar(require("@actions/http-client"));
+const semver = __importStar(require("semver"));
+const stream = __importStar(require("stream"));
+const util = __importStar(require("util"));
+const v4_1 = __importDefault(require("uuid/v4"));
 const exec_1 = require("@actions/exec/lib/exec");
 const assert_1 = require("assert");
+const retry_helper_1 = require("./retry-helper");
 class HTTPError extends Error {
    constructor(httpStatusCode) {
        super(`Unexpected HTTP response: ${httpStatusCode}`);
@@ -29,85 +43,88 @@ class HTTPError extends Error {
 exports.HTTPError = HTTPError;
 const IS_WINDOWS = process.platform === 'win32';
 const userAgent = 'actions/tool-cache';
-// On load grab temp directory and cache directory and remove them from env (currently don't want to expose this)
-let tempDirectory = process.env['RUNNER_TEMP'] || '';
-let cacheRoot = process.env['RUNNER_TOOL_CACHE'] || '';
-// If directories not found, place them in common temp locations
-if (!tempDirectory || !cacheRoot) {
-    let baseLocation;
-    if (IS_WINDOWS) {
-        // On windows use the USERPROFILE env variable
-        baseLocation = process.env['USERPROFILE'] || 'C:\\';
-    }
-    else {
-        if (process.platform === 'darwin') {
-            baseLocation = '/Users';
-        }
-        else {
-            baseLocation = '/home';
-        }
-    }
-    if (!tempDirectory) {
-        tempDirectory = path.join(baseLocation, 'actions', 'temp');
-    }
-    if (!cacheRoot) {
-        cacheRoot = path.join(baseLocation, 'actions', 'cache');
-    }
-}
 /**
 * Download a tool from an url and stream it into a file
 *
 * @param url       url of tool to download
+ * @param dest      path to download tool
+ * @param auth      authorization header
 * @returns         path to downloaded tool
 */
-function downloadTool(url) {
+function downloadTool(url, dest, auth) {
    return __awaiter(this, void 0, void 0, function* () {
-        // Wrap in a promise so that we can resolve from within stream callbacks
-        return new Promise((resolve, reject) => __awaiter(this, void 0, void 0, function* () {
-            try {
-                const http = new httpm.HttpClient(userAgent, [], {
-                    allowRetries: true,
-                    maxRetries: 3
-                });
-                const destPath = path.join(tempDirectory, uuidV4());
-                yield io.mkdirP(tempDirectory);
-                core.debug(`Downloading ${url}`);
-                core.debug(`Downloading ${destPath}`);
-                if (fs.existsSync(destPath)) {
-                    throw new Error(`Destination file path ${destPath} already exists`);
+        dest = dest || path.join(_getTempDirectory(), v4_1.default());
+        yield io.mkdirP(path.dirname(dest));
+        core.debug(`Downloading ${url}`);
+        core.debug(`Destination ${dest}`);
+        const maxAttempts = 3;
+        const minSeconds = _getGlobal('TEST_DOWNLOAD_TOOL_RETRY_MIN_SECONDS', 10);
+        const maxSeconds = _getGlobal('TEST_DOWNLOAD_TOOL_RETRY_MAX_SECONDS', 20);
+        const retryHelper = new retry_helper_1.RetryHelper(maxAttempts, minSeconds, maxSeconds);
+        return yield retryHelper.execute(() => __awaiter(this, void 0, void 0, function* () {
+            return yield downloadToolAttempt(url, dest || '', auth);
+        }), (err) => {
+            if (err instanceof HTTPError && err.httpStatusCode) {
+                // Don't retry anything less than 500, except 408 Request Timeout and 429 Too Many Requests
+                if (err.httpStatusCode < 500 &&
+                    err.httpStatusCode !== 408 &&
+                    err.httpStatusCode !== 429) {
+                    return false;
                }
-                const response = yield http.get(url);
-                if (response.message.statusCode !== 200) {
-                    const err = new HTTPError(response.message.statusCode);
-                    core.debug(`Failed to download from "${url}". Code(${response.message.statusCode}) Message(${response.message.statusMessage})`);
-                    throw err;
-                }
-                const file = fs.createWriteStream(destPath);
-                file.on('open', () => __awaiter(this, void 0, void 0, function* () {
-                    try {
-                        const stream = response.message.pipe(file);
-                        stream.on('close', () => {
-                            core.debug('download complete');
-                            resolve(destPath);
-                        });
-                    }
-                    catch (err) {
-                        core.debug(`Failed to download from "${url}". Code(${response.message.statusCode}) Message(${response.message.statusMessage})`);
-                        reject(err);
-                    }
-                }));
-                file.on('error', err => {
-                    file.end();
-                    reject(err);
-                });
            }
-            catch (err) {
-                reject(err);
-            }
-        }));
+            // Otherwise retry
+            return true;
+        });
    });
 }
 exports.downloadTool = downloadTool;
+function downloadToolAttempt(url, dest, auth) {
+    return __awaiter(this, void 0, void 0, function* () {
+        if (fs.existsSync(dest)) {
+            throw new Error(`Destination file path ${dest} already exists`);
+        }
+        // Get the response headers
+        const http = new httpm.HttpClient(userAgent, [], {
+            allowRetries: false
+        });
+        let headers;
+        if (auth) {
+            core.debug('set auth');
+            headers = {
+                authorization: auth
+            };
+        }
+        const response = yield http.get(url, headers);
+        if (response.message.statusCode !== 200) {
+            const err = new HTTPError(response.message.statusCode);
+            core.debug(`Failed to download from "${url}". Code(${response.message.statusCode}) Message(${response.message.statusMessage})`);
+            throw err;
+        }
+        // Download the response body
+        const pipeline = util.promisify(stream.pipeline);
+        const responseMessageFactory = _getGlobal('TEST_DOWNLOAD_TOOL_RESPONSE_MESSAGE_FACTORY', () => response.message);
+        const readStream = responseMessageFactory();
+        let succeeded = false;
+        try {
+            yield pipeline(readStream, fs.createWriteStream(dest));
+            core.debug('download complete');
+            succeeded = true;
+            return dest;
+        }
+        finally {
+            // Error, delete dest before retry
+            if (!succeeded) {
+                core.debug('download failed');
+                try {
+                    yield io.rmRF(dest);
+                }
+                catch (err) {
+                    core.debug(`Failed to delete '${dest}'. ${err.message}`);
+                }
+            }
+        }
+    });
+}
 /**
 * Extract a .7z file
 *
@@ -127,14 +144,15 @@ function extract7z(file, dest, _7zPath) {
    return __awaiter(this, void 0, void 0, function* () {
        assert_1.ok(IS_WINDOWS, 'extract7z() not supported on current OS');
        assert_1.ok(file, 'parameter "file" is required');
-        dest = dest || (yield _createExtractFolder(dest));
+        dest = yield _createExtractFolder(dest);
        const originalCwd = process.cwd();
        process.chdir(dest);
        if (_7zPath) {
            try {
+                const logLevel = core.isDebug() ? '-bb1' : '-bb0';
                const args = [
                    'x',
-                    '-bb1',
+                    logLevel,
                    '-bd',
                    '-sccUTF-8',
                    file
@@ -182,11 +200,11 @@ function extract7z(file, dest, _7zPath) {
 }
 exports.extract7z = extract7z;
 /**
- * Extract a tar
+ * Extract a compressed tar archive
 *
 * @param file     path to the tar
 * @param dest     destination directory. Optional.
- * @param flags    flags for the tar. Optional.
+ * @param flags    flags for the tar command to use for extraction. Defaults to 'xz' (extracting gzipped tars). Optional.
 * @returns        path to the destination directory
 */
 function extractTar(file, dest, flags = 'xz') {
@@ -194,9 +212,47 @@ function extractTar(file, dest, flags = 'xz') {
        if (!file) {
            throw new Error("parameter 'file' is required");
        }
-        dest = dest || (yield _createExtractFolder(dest));
-        const tarPath = yield io.which('tar', true);
-        yield exec_1.exec(`"${tarPath}"`, [flags, '-C', dest, '-f', file]);
+        // Create dest
+        dest = yield _createExtractFolder(dest);
+        // Determine whether GNU tar
+        core.debug('Checking tar --version');
+        let versionOutput = '';
+        yield exec_1.exec('tar --version', [], {
+            ignoreReturnCode: true,
+            silent: true,
+            listeners: {
+                stdout: (data) => (versionOutput += data.toString()),
+                stderr: (data) => (versionOutput += data.toString())
+            }
+        });
+        core.debug(versionOutput.trim());
+        const isGnuTar = versionOutput.toUpperCase().includes('GNU TAR');
+        // Initialize args
+        let args;
+        if (flags instanceof Array) {
+            args = flags;
+        }
+        else {
+            args = [flags];
+        }
+        if (core.isDebug() && !flags.includes('v')) {
+            args.push('-v');
+        }
+        let destArg = dest;
+        let fileArg = file;
+        if (IS_WINDOWS && isGnuTar) {
+            args.push('--force-local');
+            destArg = dest.replace(/\\/g, '/');
+            // Technically only the dest needs to have `/` but for aesthetic consistency
+            // convert slashes in the file arg too.
+            fileArg = file.replace(/\\/g, '/');
+        }
+        if (isGnuTar) {
+            // Suppress warnings when using GNU tar to extract archives created by BSD tar
+            args.push('--warning=no-unknown-keyword');
+        }
+        args.push('-C', destArg, '-f', fileArg);
+        yield exec_1.exec(`tar`, args);
        return dest;
    });
 }
@@ -213,7 +269,7 @@ function extractZip(file, dest) {
        if (!file) {
            throw new Error("parameter 'file' is required");
        }
-        dest = dest || (yield _createExtractFolder(dest));
+        dest = yield _createExtractFolder(dest);
        if (IS_WINDOWS) {
            yield extractZipWin(file, dest);
        }
@@ -231,7 +287,7 @@ function extractZipWin(file, dest) {
        const escapedDest = dest.replace(/'/g, "''").replace(/"|\n|\r/g, '');
        const command = `$ErrorActionPreference = 'Stop' ; try { Add-Type -AssemblyName System.IO.Compression.FileSystem } catch { } ; [System.IO.Compression.ZipFile]::ExtractToDirectory('${escapedFile}', '${escapedDest}')`;
        // run powershell
-        const powershellPath = yield io.which('powershell');
+        const powershellPath = yield io.which('powershell', true);
        const args = [
            '-NoLogo',
            '-Sta',
@@ -247,8 +303,12 @@ function extractZipWin(file, dest) {
 }
 function extractZipNix(file, dest) {
    return __awaiter(this, void 0, void 0, function* () {
-        const unzipPath = yield io.which('unzip');
-        yield exec_1.exec(`"${unzipPath}"`, [file], { cwd: dest });
+        const unzipPath = yield io.which('unzip', true);
+        const args = [file];
+        if (!core.isDebug()) {
+            args.unshift('-q');
+        }
+        yield exec_1.exec(`"${unzipPath}"`, args, { cwd: dest });
    });
 }
 /**
@@ -339,7 +399,7 @@ function find(toolName, versionSpec, arch) {
    let toolPath = '';
    if (versionSpec) {
        versionSpec = semver.clean(versionSpec) || '';
-        const cachePath = path.join(cacheRoot, toolName, versionSpec, arch);
+        const cachePath = path.join(_getCacheDirectory(), toolName, versionSpec, arch);
        core.debug(`checking cache: ${cachePath}`);
        if (fs.existsSync(cachePath) && fs.existsSync(`${cachePath}.complete`)) {
            core.debug(`Found tool in cache ${toolName} ${versionSpec} ${arch}`);
@@ -361,7 +421,7 @@ exports.find = find;
 function findAllVersions(toolName, arch) {
    const versions = [];
    arch = arch || os.arch();
-    const toolPath = path.join(cacheRoot, toolName);
+    const toolPath = path.join(_getCacheDirectory(), toolName);
    if (fs.existsSync(toolPath)) {
        const children = fs.readdirSync(toolPath);
        for (const child of children) {
@@ -376,11 +436,56 @@ function findAllVersions(toolName, arch) {
    return versions;
 }
 exports.findAllVersions = findAllVersions;
+function getManifestFromRepo(owner, repo, auth, branch = 'master') {
+    return __awaiter(this, void 0, void 0, function* () {
+        let releases = [];
+        const treeUrl = `https://api.github.com/repos/${owner}/${repo}/git/trees/${branch}`;
+        const http = new httpm.HttpClient('tool-cache');
+        const headers = {};
+        if (auth) {
+            core.debug('set auth');
+            headers.authorization = auth;
+        }
+        const response = yield http.getJson(treeUrl, headers);
+        if (!response.result) {
+            return releases;
+        }
+        let manifestUrl = '';
+        for (const item of response.result.tree) {
+            if (item.path === 'versions-manifest.json') {
+                manifestUrl = item.url;
+                break;
+            }
+        }
+        headers['accept'] = 'application/vnd.github.VERSION.raw';
+        let versionsRaw = yield (yield http.get(manifestUrl, headers)).readBody();
+        if (versionsRaw) {
+            // shouldn't be needed but protects against invalid json saved with BOM
+            versionsRaw = versionsRaw.replace(/^\uFEFF/, '');
+            try {
+                releases = JSON.parse(versionsRaw);
+            }
+            catch (_a) {
+                core.debug('Invalid json');
+            }
+        }
+        return releases;
+    });
+}
+exports.getManifestFromRepo = getManifestFromRepo;
+function findFromManifest(versionSpec, stable, manifest, archFilter = os.arch()) {
+    return __awaiter(this, void 0, void 0, function* () {
+        // wrap the internal impl
+        const match = yield mm._findMatch(versionSpec, stable, manifest, archFilter);
+        return match;
+    });
+}
+exports.findFromManifest = findFromManifest;
 function _createExtractFolder(dest) {
    return __awaiter(this, void 0, void 0, function* () {
        if (!dest) {
            // create a temp dir
-            dest = path.join(tempDirectory, uuidV4());
+            dest = path.join(_getTempDirectory(), v4_1.default());
        }
        yield io.mkdirP(dest);
        return dest;
@@ -388,7 +493,7 @@ function _createExtractFolder(dest) {
 }
 function _createToolPath(tool, version, arch) {
    return __awaiter(this, void 0, void 0, function* () {
-        const folderPath = path.join(cacheRoot, tool, semver.clean(version) || version, arch || '');
+        const folderPath = path.join(_getCacheDirectory(), tool, semver.clean(version) || version, arch || '');
        core.debug(`destination ${folderPath}`);
        const markerPath = `${folderPath}.complete`;
        yield io.rmRF(folderPath);
@@ -398,7 +503,7 @@ function _createToolPath(tool, version, arch) {
    });
 }
 function _completeToolPath(tool, version, arch) {
-    const folderPath = path.join(cacheRoot, tool, semver.clean(version) || version, arch || '');
+    const folderPath = path.join(_getCacheDirectory(), tool, semver.clean(version) || version, arch || '');
    const markerPath = `${folderPath}.complete`;
    fs.writeFileSync(markerPath, '');
    core.debug('finished caching tool');
@@ -435,4 +540,29 @@ function _evaluateVersions(versions, versionSpec) {
    }
    return version;
 }
+/**
+ * Gets RUNNER_TOOL_CACHE
+ */
+function _getCacheDirectory() {
+    const cacheDirectory = process.env['RUNNER_TOOL_CACHE'] || '';
+    assert_1.ok(cacheDirectory, 'Expected RUNNER_TOOL_CACHE to be defined');
+    return cacheDirectory;
+}
+/**
+ * Gets RUNNER_TEMP
+ */
+function _getTempDirectory() {
+    const tempDirectory = process.env['RUNNER_TEMP'] || '';
+    assert_1.ok(tempDirectory, 'Expected RUNNER_TEMP to be defined');
+    return tempDirectory;
+}
+/**
+ * Gets a global variable
+ */
+function _getGlobal(key, defaultValue) {
+    /* eslint-disable @typescript-eslint/no-explicit-any */
+    const value = global[key];
+    /* eslint-enable @typescript-eslint/no-explicit-any */
+    return value !== undefined ? value : defaultValue;
+}
 //# sourceMappingURL=tool-cache.js.map
@@ -0,0 +1,146 @@
+# `@actions/core`
+
+> Core functions for setting results, logging, registering secrets and exporting variables across actions
+
+## Usage
+
+### Import the package
+
+```js
+// javascript
+const core = require('@actions/core');
+
+// typescript
+import * as core from '@actions/core';
+```
+
+#### Inputs/Outputs
+
+Action inputs can be read with `getInput`.  Outputs can be set with `setOutput` which makes them available to be mapped into inputs of other actions to ensure they are decoupled.
+
+```js
+const myInput = core.getInput('inputName', { required: true });
+
+core.setOutput('outputKey', 'outputVal');
+```
+
+#### Exporting variables
+
+Since each step runs in a separate process, you can use `exportVariable` to add it to this step and future steps environment blocks.
+
+```js
+core.exportVariable('envVar', 'Val');
+```
+
+#### Setting a secret
+
+Setting a secret registers the secret with the runner to ensure it is masked in logs.
+
+```js
+core.setSecret('myPassword');
+```
+
+#### PATH Manipulation
+
+To make a tool's path available in the path for the remainder of the job (without altering the machine or containers state), use `addPath`.  The runner will prepend the path given to the jobs PATH.
+
+```js
+core.addPath('/path/to/mytool');
+```
+
+#### Exit codes
+
+You should use this library to set the failing exit code for your action.  If status is not set and the script runs to completion, that will lead to a success.
+
+```js
+const core = require('@actions/core');
+
+try {
+  // Do stuff
+}
+catch (err) {
+  // setFailed logs the message and sets a failing exit code
+  core.setFailed(`Action failed with error ${err}`);
+}
+
+Note that `setNeutral` is not yet implemented in actions V2 but equivalent functionality is being planned.
+
+```
+
+#### Logging
+
+Finally, this library provides some utilities for logging. Note that debug logging is hidden from the logs by default. This behavior can be toggled by enabling the [Step Debug Logs](../../docs/action-debugging.md#step-debug-logs).
+
+```js
+const core = require('@actions/core');
+
+const myInput = core.getInput('input');
+try {
+  core.debug('Inside try block');
+  
+  if (!myInput) {
+    core.warning('myInput was not set');
+  }
+  
+  if (core.isDebug()) {
+    // curl -v https://github.com
+  } else {
+    // curl https://github.com
+  }
+
+  // Do stuff
+}
+catch (err) {
+  core.error(`Error ${err}, action may still succeed though`);
+}
+```
+
+This library can also wrap chunks of output in foldable groups.
+
+```js
+const core = require('@actions/core')
+
+// Manually wrap output
+core.startGroup('Do some function')
+doSomeFunction()
+core.endGroup()
+
+// Wrap an asynchronous function call
+const result = await core.group('Do something async', async () => {
+  const response = await doSomeHTTPRequest()
+  return response
+})
+```
+
+#### Action state
+
+You can use this library to save state and get state for sharing information between a given wrapper action: 
+
+**action.yml**
+```yaml
+name: 'Wrapper action sample'
+inputs:
+  name:
+    default: 'GitHub'
+runs:
+  using: 'node12'
+  main: 'main.js'
+  post: 'cleanup.js'
+```
+
+In action's `main.js`:
+
+```js
+const core = require('@actions/core');
+
+core.saveState("pidToKill", 12345);
+```
+
+In action's `cleanup.js`:
+```js
+const core = require('@actions/core');
+
+var pid = core.getState("pidToKill");
+
+process.kill(pid);
+```
@@ -0,0 +1,21 @@
+interface CommandProperties {
+    [key: string]: any;
+}
+/**
+ * Commands
+ *
+ * Command Format:
+ *   ::name key=value,key=value::message
+ *
+ * Examples:
+ *   ::warning::This is the message
+ *   ::set-env name=MY_VAR::some value
+ */
+export declare function issueCommand(command: string, properties: CommandProperties, message: any): void;
+export declare function issue(name: string, message?: string): void;
+/**
+ * Sanitizes an input into a string so it can be passed into issueCommand safely
+ * @param input input to sanitize into a string
+ */
+export declare function toCommandValue(input: any): string;
+export {};
@@ -0,0 +1,92 @@
+"use strict";
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const os = __importStar(require("os"));
+/**
+ * Commands
+ *
+ * Command Format:
+ *   ::name key=value,key=value::message
+ *
+ * Examples:
+ *   ::warning::This is the message
+ *   ::set-env name=MY_VAR::some value
+ */
+function issueCommand(command, properties, message) {
+    const cmd = new Command(command, properties, message);
+    process.stdout.write(cmd.toString() + os.EOL);
+}
+exports.issueCommand = issueCommand;
+function issue(name, message = '') {
+    issueCommand(name, {}, message);
+}
+exports.issue = issue;
+const CMD_STRING = '::';
+class Command {
+    constructor(command, properties, message) {
+        if (!command) {
+            command = 'missing.command';
+        }
+        this.command = command;
+        this.properties = properties;
+        this.message = message;
+    }
+    toString() {
+        let cmdStr = CMD_STRING + this.command;
+        if (this.properties && Object.keys(this.properties).length > 0) {
+            cmdStr += ' ';
+            let first = true;
+            for (const key in this.properties) {
+                if (this.properties.hasOwnProperty(key)) {
+                    const val = this.properties[key];
+                    if (val) {
+                        if (first) {
+                            first = false;
+                        }
+                        else {
+                            cmdStr += ',';
+                        }
+                        cmdStr += `${key}=${escapeProperty(val)}`;
+                    }
+                }
+            }
+        }
+        cmdStr += `${CMD_STRING}${escapeData(this.message)}`;
+        return cmdStr;
+    }
+}
+/**
+ * Sanitizes an input into a string so it can be passed into issueCommand safely
+ * @param input input to sanitize into a string
+ */
+function toCommandValue(input) {
+    if (input === null || input === undefined) {
+        return '';
+    }
+    else if (typeof input === 'string' || input instanceof String) {
+        return input;
+    }
+    return JSON.stringify(input);
+}
+exports.toCommandValue = toCommandValue;
+function escapeData(s) {
+    return toCommandValue(s)
+        .replace(/%/g, '%25')
+        .replace(/\r/g, '%0D')
+        .replace(/\n/g, '%0A');
+}
+function escapeProperty(s) {
+    return toCommandValue(s)
+        .replace(/%/g, '%25')
+        .replace(/\r/g, '%0D')
+        .replace(/\n/g, '%0A')
+        .replace(/:/g, '%3A')
+        .replace(/,/g, '%2C');
+}
+//# sourceMappingURL=command.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"command.js","sourceRoot":"","sources":["../src/command.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAwB;AAWxB;;;;;;;;;GASG;AACH,SAAgB,YAAY,CAC1B,OAAe,EACf,UAA6B,EAC7B,OAAY;IAEZ,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;IACrD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAA;AAC/C,CAAC;AAPD,oCAOC;AAED,SAAgB,KAAK,CAAC,IAAY,EAAE,UAAkB,EAAE;IACtD,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;AACjC,CAAC;AAFD,sBAEC;AAED,MAAM,UAAU,GAAG,IAAI,CAAA;AAEvB,MAAM,OAAO;IAKX,YAAY,OAAe,EAAE,UAA6B,EAAE,OAAe;QACzE,IAAI,CAAC,OAAO,EAAE;YACZ,OAAO,GAAG,iBAAiB,CAAA;SAC5B;QAED,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,CAAC;IAED,QAAQ;QACN,IAAI,MAAM,GAAG,UAAU,GAAG,IAAI,CAAC,OAAO,CAAA;QAEtC,IAAI,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;YAC9D,MAAM,IAAI,GAAG,CAAA;YACb,IAAI,KAAK,GAAG,IAAI,CAAA;YAChB,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,UAAU,EAAE;gBACjC,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE;oBACvC,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;oBAChC,IAAI,GAAG,EAAE;wBACP,IAAI,KAAK,EAAE;4BACT,KAAK,GAAG,KAAK,CAAA;yBACd;6BAAM;4BACL,MAAM,IAAI,GAAG,CAAA;yBACd;wBAED,MAAM,IAAI,GAAG,GAAG,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAA;qBAC1C;iBACF;aACF;SACF;QAED,MAAM,IAAI,GAAG,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAA;QACpD,OAAO,MAAM,CAAA;IACf,CAAC;CACF;AAED;;;GAGG;AACH,SAAgB,cAAc,CAAC,KAAU;IACvC,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE;QACzC,OAAO,EAAE,CAAA;KACV;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,YAAY,MAAM,EAAE;QAC/D,OAAO,KAAe,CAAA;KACvB;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;AAC9B,CAAC;AAPD,wCAOC;AAED,SAAS,UAAU,CAAC,CAAM;IACxB,OAAO,cAAc,CAAC,CAAC,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;SACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;AAC1B,CAAC;AAED,SAAS,cAAc,CAAC,CAAM;IAC5B,OAAO,cAAc,CAAC,CAAC,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;SACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;SACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;AACzB,CAAC"}
@@ -0,0 +1,122 @@
+/**
+ * Interface for getInput options
+ */
+export interface InputOptions {
+    /** Optional. Whether the input is required. If required and not present, will throw. Defaults to false */
+    required?: boolean;
+}
+/**
+ * The code to exit an action
+ */
+export declare enum ExitCode {
+    /**
+     * A code indicating that the action was successful
+     */
+    Success = 0,
+    /**
+     * A code indicating that the action was a failure
+     */
+    Failure = 1
+}
+/**
+ * Sets env variable for this action and future actions in the job
+ * @param name the name of the variable to set
+ * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify
+ */
+export declare function exportVariable(name: string, val: any): void;
+/**
+ * Registers a secret which will get masked from logs
+ * @param secret value of the secret
+ */
+export declare function setSecret(secret: string): void;
+/**
+ * Prepends inputPath to the PATH (for this action and future actions)
+ * @param inputPath
+ */
+export declare function addPath(inputPath: string): void;
+/**
+ * Gets the value of an input.  The value is also trimmed.
+ *
+ * @param     name     name of the input to get
+ * @param     options  optional. See InputOptions.
+ * @returns   string
+ */
+export declare function getInput(name: string, options?: InputOptions): string;
+/**
+ * Sets the value of an output.
+ *
+ * @param     name     name of the output to set
+ * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify
+ */
+export declare function setOutput(name: string, value: any): void;
+/**
+ * Enables or disables the echoing of commands into stdout for the rest of the step.
+ * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set.
+ *
+ */
+export declare function setCommandEcho(enabled: boolean): void;
+/**
+ * Sets the action status to failed.
+ * When the action exits it will be with an exit code of 1
+ * @param message add error issue message
+ */
+export declare function setFailed(message: string | Error): void;
+/**
+ * Gets whether Actions Step Debug is on or not
+ */
+export declare function isDebug(): boolean;
+/**
+ * Writes debug message to user log
+ * @param message debug message
+ */
+export declare function debug(message: string): void;
+/**
+ * Adds an error issue
+ * @param message error issue message. Errors will be converted to string via toString()
+ */
+export declare function error(message: string | Error): void;
+/**
+ * Adds an warning issue
+ * @param message warning issue message. Errors will be converted to string via toString()
+ */
+export declare function warning(message: string | Error): void;
+/**
+ * Writes info to log with console.log.
+ * @param message info message
+ */
+export declare function info(message: string): void;
+/**
+ * Begin an output group.
+ *
+ * Output until the next `groupEnd` will be foldable in this group
+ *
+ * @param name The name of the output group
+ */
+export declare function startGroup(name: string): void;
+/**
+ * End an output group.
+ */
+export declare function endGroup(): void;
+/**
+ * Wrap an asynchronous function call in a group.
+ *
+ * Returns the same type as the function itself.
+ *
+ * @param name The name of the group
+ * @param fn The function to wrap in the group
+ */
+export declare function group<T>(name: string, fn: () => Promise<T>): Promise<T>;
+/**
+ * Saves state for current action, the state can only be retrieved by this action's post job execution.
+ *
+ * @param     name     name of the state to store
+ * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify
+ */
+export declare function saveState(name: string, value: any): void;
+/**
+ * Gets the value of an state set by this action's main execution.
+ *
+ * @param     name     name of the state to get
+ * @returns   string
+ */
+export declare function getState(name: string): string;
@@ -0,0 +1,222 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const command_1 = require("./command");
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
+/**
+ * The code to exit an action
+ */
+var ExitCode;
+(function (ExitCode) {
+    /**
+     * A code indicating that the action was successful
+     */
+    ExitCode[ExitCode["Success"] = 0] = "Success";
+    /**
+     * A code indicating that the action was a failure
+     */
+    ExitCode[ExitCode["Failure"] = 1] = "Failure";
+})(ExitCode = exports.ExitCode || (exports.ExitCode = {}));
+//-----------------------------------------------------------------------
+// Variables
+//-----------------------------------------------------------------------
+/**
+ * Sets env variable for this action and future actions in the job
+ * @param name the name of the variable to set
+ * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify
+ */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+function exportVariable(name, val) {
+    const convertedVal = command_1.toCommandValue(val);
+    process.env[name] = convertedVal;
+    command_1.issueCommand('set-env', { name }, convertedVal);
+}
+exports.exportVariable = exportVariable;
+/**
+ * Registers a secret which will get masked from logs
+ * @param secret value of the secret
+ */
+function setSecret(secret) {
+    command_1.issueCommand('add-mask', {}, secret);
+}
+exports.setSecret = setSecret;
+/**
+ * Prepends inputPath to the PATH (for this action and future actions)
+ * @param inputPath
+ */
+function addPath(inputPath) {
+    command_1.issueCommand('add-path', {}, inputPath);
+    process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`;
+}
+exports.addPath = addPath;
+/**
+ * Gets the value of an input.  The value is also trimmed.
+ *
+ * @param     name     name of the input to get
+ * @param     options  optional. See InputOptions.
+ * @returns   string
+ */
+function getInput(name, options) {
+    const val = process.env[`INPUT_${name.replace(/ /g, '_').toUpperCase()}`] || '';
+    if (options && options.required && !val) {
+        throw new Error(`Input required and not supplied: ${name}`);
+    }
+    return val.trim();
+}
+exports.getInput = getInput;
+/**
+ * Sets the value of an output.
+ *
+ * @param     name     name of the output to set
+ * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify
+ */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+function setOutput(name, value) {
+    command_1.issueCommand('set-output', { name }, value);
+}
+exports.setOutput = setOutput;
+/**
+ * Enables or disables the echoing of commands into stdout for the rest of the step.
+ * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set.
+ *
+ */
+function setCommandEcho(enabled) {
+    command_1.issue('echo', enabled ? 'on' : 'off');
+}
+exports.setCommandEcho = setCommandEcho;
+//-----------------------------------------------------------------------
+// Results
+//-----------------------------------------------------------------------
+/**
+ * Sets the action status to failed.
+ * When the action exits it will be with an exit code of 1
+ * @param message add error issue message
+ */
+function setFailed(message) {
+    process.exitCode = ExitCode.Failure;
+    error(message);
+}
+exports.setFailed = setFailed;
+//-----------------------------------------------------------------------
+// Logging Commands
+//-----------------------------------------------------------------------
+/**
+ * Gets whether Actions Step Debug is on or not
+ */
+function isDebug() {
+    return process.env['RUNNER_DEBUG'] === '1';
+}
+exports.isDebug = isDebug;
+/**
+ * Writes debug message to user log
+ * @param message debug message
+ */
+function debug(message) {
+    command_1.issueCommand('debug', {}, message);
+}
+exports.debug = debug;
+/**
+ * Adds an error issue
+ * @param message error issue message. Errors will be converted to string via toString()
+ */
+function error(message) {
+    command_1.issue('error', message instanceof Error ? message.toString() : message);
+}
+exports.error = error;
+/**
+ * Adds an warning issue
+ * @param message warning issue message. Errors will be converted to string via toString()
+ */
+function warning(message) {
+    command_1.issue('warning', message instanceof Error ? message.toString() : message);
+}
+exports.warning = warning;
+/**
+ * Writes info to log with console.log.
+ * @param message info message
+ */
+function info(message) {
+    process.stdout.write(message + os.EOL);
+}
+exports.info = info;
+/**
+ * Begin an output group.
+ *
+ * Output until the next `groupEnd` will be foldable in this group
+ *
+ * @param name The name of the output group
+ */
+function startGroup(name) {
+    command_1.issue('group', name);
+}
+exports.startGroup = startGroup;
+/**
+ * End an output group.
+ */
+function endGroup() {
+    command_1.issue('endgroup');
+}
+exports.endGroup = endGroup;
+/**
+ * Wrap an asynchronous function call in a group.
+ *
+ * Returns the same type as the function itself.
+ *
+ * @param name The name of the group
+ * @param fn The function to wrap in the group
+ */
+function group(name, fn) {
+    return __awaiter(this, void 0, void 0, function* () {
+        startGroup(name);
+        let result;
+        try {
+            result = yield fn();
+        }
+        finally {
+            endGroup();
+        }
+        return result;
+    });
+}
+exports.group = group;
+//-----------------------------------------------------------------------
+// Wrapper action state
+//-----------------------------------------------------------------------
+/**
+ * Saves state for current action, the state can only be retrieved by this action's post job execution.
+ *
+ * @param     name     name of the state to store
+ * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify
+ */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+function saveState(name, value) {
+    command_1.issueCommand('save-state', { name }, value);
+}
+exports.saveState = saveState;
+/**
+ * Gets the value of an state set by this action's main execution.
+ *
+ * @param     name     name of the state to get
+ * @returns   string
+ */
+function getState(name) {
+    return process.env[`STATE_${name}`] || '';
+}
+exports.getState = getState;
+//# sourceMappingURL=core.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"core.js","sourceRoot":"","sources":["../src/core.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,uCAA6D;AAE7D,uCAAwB;AACxB,2CAA4B;AAU5B;;GAEG;AACH,IAAY,QAUX;AAVD,WAAY,QAAQ;IAClB;;OAEG;IACH,6CAAW,CAAA;IAEX;;OAEG;IACH,6CAAW,CAAA;AACb,CAAC,EAVW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAUnB;AAED,yEAAyE;AACzE,YAAY;AACZ,yEAAyE;AAEzE;;;;GAIG;AACH,8DAA8D;AAC9D,SAAgB,cAAc,CAAC,IAAY,EAAE,GAAQ;IACnD,MAAM,YAAY,GAAG,wBAAc,CAAC,GAAG,CAAC,CAAA;IACxC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,YAAY,CAAA;IAChC,sBAAY,CAAC,SAAS,EAAE,EAAC,IAAI,EAAC,EAAE,YAAY,CAAC,CAAA;AAC/C,CAAC;AAJD,wCAIC;AAED;;;GAGG;AACH,SAAgB,SAAS,CAAC,MAAc;IACtC,sBAAY,CAAC,UAAU,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;AACtC,CAAC;AAFD,8BAEC;AAED;;;GAGG;AACH,SAAgB,OAAO,CAAC,SAAiB;IACvC,sBAAY,CAAC,UAAU,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;IACvC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,GAAG,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAA;AAC7E,CAAC;AAHD,0BAGC;AAED;;;;;;GAMG;AACH,SAAgB,QAAQ,CAAC,IAAY,EAAE,OAAsB;IAC3D,MAAM,GAAG,GACP,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,IAAI,EAAE,CAAA;IACrE,IAAI,OAAO,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,GAAG,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,EAAE,CAAC,CAAA;KAC5D;IAED,OAAO,GAAG,CAAC,IAAI,EAAE,CAAA;AACnB,CAAC;AARD,4BAQC;AAED;;;;;GAKG;AACH,8DAA8D;AAC9D,SAAgB,SAAS,CAAC,IAAY,EAAE,KAAU;IAChD,sBAAY,CAAC,YAAY,EAAE,EAAC,IAAI,EAAC,EAAE,KAAK,CAAC,CAAA;AAC3C,CAAC;AAFD,8BAEC;AAED;;;;GAIG;AACH,SAAgB,cAAc,CAAC,OAAgB;IAC7C,eAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;AACvC,CAAC;AAFD,wCAEC;AAED,yEAAyE;AACzE,UAAU;AACV,yEAAyE;AAEzE;;;;GAIG;AACH,SAAgB,SAAS,CAAC,OAAuB;IAC/C,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAA;IAEnC,KAAK,CAAC,OAAO,CAAC,CAAA;AAChB,CAAC;AAJD,8BAIC;AAED,yEAAyE;AACzE,mBAAmB;AACnB,yEAAyE;AAEzE;;GAEG;AACH,SAAgB,OAAO;IACrB,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,GAAG,CAAA;AAC5C,CAAC;AAFD,0BAEC;AAED;;;GAGG;AACH,SAAgB,KAAK,CAAC,OAAe;IACnC,sBAAY,CAAC,OAAO,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;AACpC,CAAC;AAFD,sBAEC;AAED;;;GAGG;AACH,SAAgB,KAAK,CAAC,OAAuB;IAC3C,eAAK,CAAC,OAAO,EAAE,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;AACzE,CAAC;AAFD,sBAEC;AAED;;;GAGG;AACH,SAAgB,OAAO,CAAC,OAAuB;IAC7C,eAAK,CAAC,SAAS,EAAE,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;AAC3E,CAAC;AAFD,0BAEC;AAED;;;GAGG;AACH,SAAgB,IAAI,CAAC,OAAe;IAClC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,CAAA;AACxC,CAAC;AAFD,oBAEC;AAED;;;;;;GAMG;AACH,SAAgB,UAAU,CAAC,IAAY;IACrC,eAAK,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACtB,CAAC;AAFD,gCAEC;AAED;;GAEG;AACH,SAAgB,QAAQ;IACtB,eAAK,CAAC,UAAU,CAAC,CAAA;AACnB,CAAC;AAFD,4BAEC;AAED;;;;;;;GAOG;AACH,SAAsB,KAAK,CAAI,IAAY,EAAE,EAAoB;;QAC/D,UAAU,CAAC,IAAI,CAAC,CAAA;QAEhB,IAAI,MAAS,CAAA;QAEb,IAAI;YACF,MAAM,GAAG,MAAM,EAAE,EAAE,CAAA;SACpB;gBAAS;YACR,QAAQ,EAAE,CAAA;SACX;QAED,OAAO,MAAM,CAAA;IACf,CAAC;CAAA;AAZD,sBAYC;AAED,yEAAyE;AACzE,uBAAuB;AACvB,yEAAyE;AAEzE;;;;;GAKG;AACH,8DAA8D;AAC9D,SAAgB,SAAS,CAAC,IAAY,EAAE,KAAU;IAChD,sBAAY,CAAC,YAAY,EAAE,EAAC,IAAI,EAAC,EAAE,KAAK,CAAC,CAAA;AAC3C,CAAC;AAFD,8BAEC;AAED;;;;;GAKG;AACH,SAAgB,QAAQ,CAAC,IAAY;IACnC,OAAO,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,IAAI,EAAE,CAAA;AAC3C,CAAC;AAFD,4BAEC"}
@@ -0,0 +1,40 @@
+{
+  "name": "@actions/core",
+  "version": "1.2.4",
+  "description": "Actions core lib",
+  "keywords": [
+    "github",
+    "actions",
+    "core"
+  ],
+  "homepage": "https://github.com/actions/toolkit/tree/master/packages/core",
+  "license": "MIT",
+  "main": "lib/core.js",
+  "types": "lib/core.d.ts",
+  "directories": {
+    "lib": "lib",
+    "test": "__tests__"
+  },
+  "files": [
+    "lib"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/actions/toolkit.git",
+    "directory": "packages/core"
+  },
+  "scripts": {
+    "audit-moderate": "npm install && npm audit --audit-level=moderate",
+    "test": "echo \"Error: run tests from root\" && exit 1",
+    "tsc": "tsc"
+  },
+  "bugs": {
+    "url": "https://github.com/actions/toolkit/issues"
+  },
+  "devDependencies": {
+    "@types/node": "^12.0.2"
+  }
+}
@@ -1,15 +1,16 @@
 {
  "name": "@actions/tool-cache",
-  "version": "1.1.2",
+  "version": "1.5.5",
  "description": "Actions tool-cache lib",
  "keywords": [
    "github",
    "actions",
    "exec"
  ],
-  "homepage": "https://github.com/actions/toolkit/tree/master/packages/exec",
+  "homepage": "https://github.com/actions/toolkit/tree/master/packages/tool-cache",
  "license": "MIT",
  "main": "lib/tool-cache.js",
+  "types": "lib/tool-cache.d.ts",
  "directories": {
    "lib": "lib",
    "test": "__tests__"
@@ -23,9 +24,11 @@
  },
  "repository": {
    "type": "git",
-    "url": "git+https://github.com/actions/toolkit.git"
+    "url": "git+https://github.com/actions/toolkit.git",
+    "directory": "packages/tool-cache"
  },
  "scripts": {
+    "audit-moderate": "npm install && npm audit --audit-level=moderate",
    "test": "echo \"Error: run tests from root\" && exit 1",
    "tsc": "tsc"
  },
@@ -33,11 +36,11 @@
    "url": "https://github.com/actions/toolkit/issues"
  },
  "dependencies": {
-    "@actions/core": "^1.1.0",
-    "@actions/exec": "^1.0.1",
+    "@actions/core": "^1.2.3",
+    "@actions/exec": "^1.0.0",
+    "@actions/http-client": "^1.0.8",
    "@actions/io": "^1.0.1",
    "semver": "^6.1.0",
-    "typed-rest-client": "^1.4.0",
    "uuid": "^3.3.2"
  },
  "devDependencies": {
@@ -0,0 +1,21 @@
+    MIT License
+
+    Copyright (c) Microsoft Corporation. All rights reserved.
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE
@@ -0,0 +1,3 @@
+This is a stub types definition for nock (https://github.com/nock/nock).
+
+nock provides its own type definitions, so you don't need @types/nock installed!
@@ -0,0 +1,14 @@
+{
+  "name": "@types/nock",
+  "version": "11.1.0",
+  "typings": null,
+  "description": "Stub TypeScript definitions entry for nock, which provides its own types definitions",
+  "main": "",
+  "scripts": {},
+  "author": "",
+  "repository": "https://github.com/nock/nock",
+  "license": "MIT",
+  "dependencies": {
+    "nock": "*"
+  }
+}
@@ -0,0 +1,21 @@
+    MIT License
+
+    Copyright (c) Microsoft Corporation.
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE
@@ -0,0 +1,16 @@
+# Installation
+> `npm install --save @types/semver`
+
+# Summary
+This package contains type definitions for semver (https://github.com/npm/node-semver).
+
+# Details
+Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/semver.
+
+### Additional Details
+ * Last updated: Wed, 13 May 2020 16:20:54 GMT
+ * Dependencies: [@types/node](https://npmjs.com/package/@types/node)
+ * Global values: none
+
+# Credits
+These definitions were written by [Bart van der Schoor](https://github.com/Bartvds), [BendingBender](https://github.com/BendingBender), [Lucian Buzzo](https://github.com/LucianBuzzo), [Klaus Meinhardt](https://github.com/ajafff), [ExE Boss](https://github.com/ExE-Boss), and [Piotr Błażejewicz](https://github.com/peterblazejewicz).
@@ -0,0 +1,17 @@
+import sermver = require('../');
+import SemVer = require('./semver');
+
+declare class Comparator {
+    constructor(comp: string | Comparator, optionsOrLoose?: boolean | sermver.Options);
+
+    semver: SemVer;
+    operator: '' | '=' | '<' | '>' | '<=' | '>=';
+    value: string;
+    loose: boolean;
+    options: sermver.Options;
+    parse(comp: string): void;
+    test(version: string | SemVer): boolean;
+    intersects(comp: Comparator, optionsOrLoose?: boolean | sermver.Options): boolean;
+}
+
+export = Comparator;
@@ -0,0 +1,21 @@
+import semver = require('../');
+import Comparator = require('./comparator');
+import SemVer = require('./semver');
+
+declare class Range {
+    constructor(range: string | Range, optionsOrLoose?: boolean | semver.Options);
+
+    range: string;
+    raw: string;
+    loose: boolean;
+    options: semver.Options;
+    includePrerelease: boolean;
+    format(): string;
+    inspect(): string;
+
+    set: ReadonlyArray<ReadonlyArray<Comparator>>;
+    parseRange(range: string): ReadonlyArray<Comparator>;
+    test(version: string | SemVer): boolean;
+    intersects(range: Range, optionsOrLoose?: boolean | semver.Options): boolean;
+}
+export = Range;
@@ -0,0 +1,62 @@
+import semver = require('../');
+
+declare class SemVer {
+    constructor(version: string | SemVer, optionsOrLoose?: boolean | semver.Options);
+
+    raw: string;
+    loose: boolean;
+    options: semver.Options;
+    format(): string;
+    inspect(): string;
+
+    major: number;
+    minor: number;
+    patch: number;
+    version: string;
+    build: ReadonlyArray<string>;
+    prerelease: ReadonlyArray<string | number>;
+
+    /**
+     * Compares two versions excluding build identifiers (the bit after `+` in the semantic version string).
+     *
+     * @return
+     * - `0` if `this` == `other`
+     * - `1` if `this` is greater
+     * - `-1` if `other` is greater.
+     */
+    compare(other: string | SemVer): 1 | 0 | -1;
+
+    /**
+     * Compares the release portion of two versions.
+     *
+     * @return
+     * - `0` if `this` == `other`
+     * - `1` if `this` is greater
+     * - `-1` if `other` is greater.
+     */
+    compareMain(other: string | SemVer): 1 | 0 | -1;
+
+    /**
+     * Compares the prerelease portion of two versions.
+     *
+     * @return
+     * - `0` if `this` == `other`
+     * - `1` if `this` is greater
+     * - `-1` if `other` is greater.
+     */
+    comparePre(other: string | SemVer): 1 | 0 | -1;
+
+    /**
+     * Compares the build identifier of two versions.
+     *
+     * @return
+     * - `0` if `this` == `other`
+     * - `1` if `this` is greater
+     * - `-1` if `other` is greater.
+     */
+    compareBuild(other: string | SemVer): 1 | 0 | -1;
+
+    inc(release: semver.ReleaseType, identifier?: string): SemVer;
+}
+
+export = SemVer;
@@ -0,0 +1,8 @@
+import semver = require('../');
+
+/**
+ * Returns cleaned (removed leading/trailing whitespace, remove '=v' prefix) and parsed version, or null if version is invalid.
+ */
+declare function clean(version: string, optionsOrLoose?: boolean | semver.Options): string | null;
+
+export = clean;
@@ -0,0 +1,16 @@
+import semver = require('../');
+import SemVer = require('../classes/semver');
+
+/**
+ * Pass in a comparison string, and it'll call the corresponding semver comparison function.
+ * "===" and "!==" do simple string comparison, but are included for completeness.
+ * Throws if an invalid comparison string is provided.
+ */
+declare function cmp(
+    v1: string | SemVer,
+    operator: semver.Operator,
+    v2: string | SemVer,
+    optionsOrLoose?: boolean | semver.Options,
+): boolean;
+
+export = cmp;
@@ -0,0 +1,12 @@
+import semver = require('../');
+import SemVer = require('../classes/semver');
+
+/**
+ * Coerces a string to SemVer if possible
+ */
+declare function coerce(
+    version: string | number | SemVer | null | undefined,
+    options?: semver.CoerceOptions,
+): SemVer | null;
+
+export = coerce;
@@ -0,0 +1,16 @@
+import SemVer = require('../classes/semver');
+
+/**
+ * Compares two versions including build identifiers (the bit after `+` in the semantic version string).
+ *
+ * Sorts in ascending order when passed to `Array.sort()`.
+ *
+ * @return
+ * - `0` if `v1` == `v2`
+ * - `1` if `v1` is greater
+ * - `-1` if `v2` is greater.
+ *
+ * @since 6.1.0
+ */
+declare function compareBuild(a: string | SemVer, b: string | SemVer): 1 | 0 | -1;
+export = compareBuild;
@@ -0,0 +1,5 @@
+import SemVer = require('../classes/semver');
+
+declare function compareLoose(v1: string | SemVer, v2: string | SemVer): 1 | 0 | -1;
+
+export = compareLoose;
@@ -0,0 +1,20 @@
+import semver = require('../');
+import SemVer = require('../classes/semver');
+
+/**
+ * Compares two versions excluding build identifiers (the bit after `+` in the semantic version string).
+ *
+ * Sorts in ascending order when passed to `Array.sort()`.
+ *
+ * @return
+ * - `0` if `v1` == `v2`
+ * - `1` if `v1` is greater
+ * - `-1` if `v2` is greater.
+ */
+declare function compare(
+    v1: string | SemVer,
+    v2: string | SemVer,
+    optionsOrLoose?: boolean | semver.Options,
+): 1 | 0 | -1;
+
+export = compare;
@@ -0,0 +1,13 @@
+import semver = require('../');
+import SemVer = require('../classes/semver');
+
+/**
+ * Returns difference between two versions by the release type (major, premajor, minor, preminor, patch, prepatch, or prerelease), or null if the versions are the same.
+ */
+declare function diff(
+    v1: string | SemVer,
+    v2: string | SemVer,
+    optionsOrLoose?: boolean | semver.Options,
+): semver.ReleaseType | null;
+
+export = diff;
@@ -0,0 +1,9 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * v1 == v2 This is true if they're logically equivalent, even if they're not the exact same string. You already know how to compare strings.
+ */
+declare function eq(v1: string | SemVer, v2: string | SemVer, optionsOrLoose?: boolean | semver.Options): boolean;
+
+export = eq;
@@ -0,0 +1,9 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * v1 > v2
+ */
+declare function gt(v1: string | SemVer, v2: string | SemVer, optionsOrLoose?: boolean | semver.Options): boolean;
+
+export = gt;
@@ -0,0 +1,9 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * v1 >= v2
+ */
+declare function gte(v1: string | SemVer, v2: string | SemVer, optionsOrLoose?: boolean | semver.Options): boolean;
+
+export = gte;
@@ -0,0 +1,15 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * Return the version incremented by the release type (major, minor, patch, or prerelease), or null if it's not valid.
+ */
+declare function inc(
+    version: string | SemVer,
+    release: semver.ReleaseType,
+    optionsOrLoose?: boolean | semver.Options,
+    identifier?: string,
+): string | null;
+declare function inc(version: string | SemVer, release: semver.ReleaseType, identifier?: string): string | null;
+
+export = inc;
@@ -0,0 +1,9 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * v1 < v2
+ */
+declare function lt(v1: string | SemVer, v2: string | SemVer, optionsOrLoose?: boolean | semver.Options): boolean;
+
+export = lt;
@@ -0,0 +1,8 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * v1 <= v2
+ */
+declare function lte(v1: string | SemVer, v2: string | SemVer, optionsOrLoose?: boolean | semver.Options): boolean;
+export = lte;
@@ -0,0 +1,9 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * Return the major version number.
+ */
+declare function major(version: string | SemVer, optionsOrLoose?: boolean | semver.Options): number;
+
+export = major;
@@ -0,0 +1,9 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * Return the minor version number.
+ */
+declare function minor(version: string | SemVer, optionsOrLoose?: boolean | semver.Options): number;
+
+export = minor;
@@ -0,0 +1,9 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * v1 != v2 The opposite of eq.
+ */
+declare function neq(v1: string | SemVer, v2: string | SemVer, optionsOrLoose?: boolean | semver.Options): boolean;
+
+export = neq;
@@ -0,0 +1,12 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * Return the parsed version as a SemVer object, or null if it's not valid.
+ */
+declare function parse(
+    version: string | SemVer | null | undefined,
+    optionsOrLoose?: boolean | semver.Options,
+): SemVer | null;
+
+export = parse;
@@ -0,0 +1,9 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * Return the patch version number.
+ */
+declare function patch(version: string | SemVer, optionsOrLoose?: boolean | semver.Options): number;
+
+export = patch;
@@ -0,0 +1,12 @@
+import SemVer = require('../classes/semver');
+import semver = require('../');
+
+/**
+ * Returns an array of prerelease components, or null if none exist.
+ */
+declare function prerelease(
+    version: string | SemVer,
+    optionsOrLoose?: boolean | semver.Options,
+): ReadonlyArray<string> | null;
+
+export = prerelease;
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Robert	e0299c3c04	Merge pull request #88 from github/fail-fast Remove `strategy: fail-fast`	2020-06-29 12:49:28 +01:00
Robert	aad14bf2cb	Remove `strategy: fail-fast`	2020-06-29 08:49:16 +01:00
Robin Neatherway	a08742f199	Merge pull request #86 from github/correct-test-description Correct copy/pasted test description	2020-06-26 18:41:17 +01:00
Robin Neatherway	151d531bd0	Correct copy/pasted test description	2020-06-26 16:01:59 +01:00
Robin Neatherway	504c8cfc6f	Merge pull request #85 from github/non-empty-env-vars getRequiredEnvParams must be non-empty	2020-06-26 15:43:55 +01:00
Robin Neatherway	a0d4330434	Simplify singleton tests by removing the loop	2020-06-26 15:25:32 +01:00
Robin Neatherway	bb9ed79f3d	getRequiredEnvParams must be non-empty	2020-06-26 11:44:17 +01:00
Chris Gavin	17548064f9	Merge pull request #82 from github/octokit Use a single Octokit client for everything rather than a bunch of Octokits and an HTTP client.	2020-06-26 11:03:01 +01:00
Chris Gavin	ef507971e7	Merge branch 'main' into octokit	2020-06-26 10:29:51 +01:00
Robert	96d02d50f7	Merge pull request #84 from github/remove_git_dependency Fall back to GITHUB_SHA env var if git is not available	2020-06-25 16:55:32 +01:00
Robert Brignull	0fdc2c71e4	fall back to GITHUB_SHA env var if git is not available	2020-06-25 15:53:24 +01:00
Robert	28944b580b	Merge pull request #83 from github/aborted_completed_at Include completed_at when action is aborted	2020-06-25 15:11:12 +01:00
Robert Brignull	50a2815790	Include completed_at when action is aborted	2020-06-25 14:10:28 +01:00
Alex Kalyvitis	6846c702da	Merge pull request #81 from github/report-action-aborted Report that an action has been aborted on configuration failures	2020-06-24 15:06:35 +02:00
Alex Kalyvitis	559e2600c1	Merge branch 'main' into report-action-aborted	2020-06-24 15:04:07 +02:00
Robert	5bb9e6e131	Merge pull request #79 from github/only-output-on-failure Only output anything from tests when there's a failure	2020-06-24 14:03:30 +01:00
Chris Gavin	464ce1b43a	Manually convert response.data to a JSON string.	2020-06-24 13:50:52 +01:00
Alex Kalyvitis	8530f5b76a	add missing semicolon	2020-06-24 14:37:12 +02:00
Alex Kalyvitis	a67896b792	fix typo and throw error when languages are not detected	2020-06-24 14:31:06 +02:00
Robert	b3ffa760ab	Merge branch 'main' into only-output-on-failure	2020-06-24 13:13:46 +01:00
Alex Kalyvitis	3871ca717b	reformat remaining 4 space indentations	2020-06-24 14:12:51 +02:00
Alex Kalyvitis	a091618158	Merge branch 'main' into report-action-aborted	2020-06-24 14:04:46 +02:00
Robert	04adf2bf60	Merge pull request #80 from github/symlinks_test Make the temporary directory in tests a symlink	2020-06-24 10:23:06 +01:00
Chris Gavin	74c48f71fa	Use a single Octokit client for everything rather than a bunch of Octokits and an HTTP client.	2020-06-23 21:40:42 +01:00
Alex Kalyvitis	b8ac06a9c8	run tslint --fix	2020-06-23 18:41:16 +02:00
Robert Brignull	7581ac8b17	make the temporary directory in tests a symlink	2020-06-23 17:40:54 +01:00
Alex Kalyvitis	af252d2f0d	report action has aborted	2020-06-23 18:36:08 +02:00
Robert Brignull	cb384e776b	fix indentation	2020-06-23 17:29:15 +01:00
Robert Brignull	403832b950	Merge remote-tracking branch 'origin/main' into only-output-on-failure	2020-06-23 17:18:35 +01:00
Robert Brignull	52e52435f7	handle Uint8Array	2020-06-23 17:17:11 +01:00
Robert	bc21c8f6f3	Merge pull request #77 from nickrolfe/nickrolfe/codeql.exe Call codeql.exe rather than codeql.cmd wrapper on Windows	2020-06-23 16:39:34 +01:00
Nick Rolfe	9a784b1f57	Merge remote-tracking branch 'upstream/main' into nickrolfe/codeql.exe	2020-06-23 16:01:51 +01:00
Chris Gavin	b3c9d6f3a9	Merge pull request #78 from github/fix-indentation Make indentation consistent.	2020-06-23 15:40:31 +01:00
Robert	f009c4c924	Merge branch 'main' into nickrolfe/codeql.exe	2020-06-23 15:37:34 +01:00
Nick Rolfe	852d99d8e2	Call codeql.exe rather than codeql.cmd wrapper on Windows	2020-06-23 15:25:45 +01:00
Chris Gavin	052d39e909	Fix some strange formatting.	2020-06-23 14:44:40 +01:00
Chris Gavin	107d8ffc4c	Fix a line that's too long.	2020-06-23 14:44:40 +01:00
Chris Gavin	88231094bf	Convert all 4-space indented files to 2-space.	2020-06-23 14:44:40 +01:00
Chris Gavin	211ad30f72	Update TSLint configuration to detect bad indentation.	2020-06-23 14:44:36 +01:00
Robert Brignull	350bf488da	add semicolon	2020-06-23 14:42:52 +01:00
Chris Gavin	a1d945f14f	Add a `.editorconfig` with our chosen formatting options.	2020-06-23 14:38:30 +01:00
Robert Brignull	bd4042802d	Merge remote-tracking branch 'origin/main' into only-output-on-failure	2020-06-23 14:36:53 +01:00
Robert Brignull	02776246bf	Only output on failing tests	2020-06-23 14:36:40 +01:00
Robert Brignull	66be268a09	run verbose	2020-06-23 14:36:40 +01:00
Robert Brignull	56f06c77fd	add calls	2020-06-23 14:36:40 +01:00
Alex Kalyvitis	98f8945cfb	Merge pull request #73 from github/add-analyze-threads-flag Add threads flag to analyze action	2020-06-23 15:03:08 +02:00
Sam Partington	a30a5ba788	Add silencing to additional test files https://github.com/github/codeql-action/pull/75#issuecomment-648104201	2020-06-23 13:59:58 +01:00
Alex Kalyvitis	9133b2b54d	Merge branch 'main' into add-analyze-threads-flag	2020-06-23 14:46:41 +02:00
Robert	8e098cbb87	Merge pull request #72 from github/release-sorting Fixing sorting of PRs	2020-06-23 13:06:31 +01:00
Alex Kalyvitis	7ae8c32cbe	Merge branch 'main' into add-analyze-threads-flag	2020-06-23 13:22:23 +02:00
Robert	beedd317d2	Merge branch 'main' into release-sorting	2020-06-23 12:13:58 +01:00
Sam Partington	8a67191278	Merge pull request #76 from github/update-release-branch-base Update release branch base	2020-06-23 10:27:04 +01:00
Sam Partington	1ce7f98898	Update other references to master in release script	2020-06-23 10:10:23 +01:00
Sam Partington	6d413dd723	Update release branch script as main branch is now "main". See https://github.com/github/dsp-code-scanning/issues/1457	2020-06-23 10:08:23 +01:00
Alex Kalyvitis	31996935e6	reformat code and allow negative values for threads	2020-06-22 21:39:09 +02:00
Alex Kalyvitis	bcb5b28954	format code	2020-06-22 18:55:20 +02:00
Sam Partington	8622312249	Update JavaScript with newer comment	2020-06-22 17:20:29 +01:00
Sam Partington	c0c67ce80f	Reduce debug output in tests	2020-06-22 17:13:47 +01:00
Alex Kalyvitis	bc9591a12b	revert node_modules from master	2020-06-22 17:20:03 +02:00
Alex Kalyvitis	dcba70915d	move functions to util.ts	2020-06-22 17:17:25 +02:00
Alex Kalyvitis	2758bd30c8	avoid floating point division of ram	2020-06-22 14:51:18 +02:00
Alex Kalyvitis	f4001a0790	update dependencies	2020-06-22 13:28:23 +02:00
Alex Kalyvitis	d55f711b71	introduce inputs.threads flag to analyze action	2020-06-22 13:27:03 +02:00
Robert	2845a93f4c	Fixing sorting of PRs	2020-06-22 11:27:50 +01:00
Alex Kalyvitis	74f864bee1	Merge pull request #69 from github/fix-self-hosted-stale-bundle-download Use bundle URL version as the cache version	2020-06-19 14:33:53 +02:00
Alex Kalyvitis	38c231113e	build ts	2020-06-19 13:41:33 +02:00
Alex Kalyvitis	34c941dc31	Use Object.entries() instead of checking hasOwnProperty Co-authored-by: Robert <robertbrignull@github.com>	2020-06-19 13:27:45 +02:00
Alex Kalyvitis	5eccb79587	improve regex	2020-06-19 12:07:06 +02:00
Alex Kalyvitis	11a9af0387	update deps again	2020-06-18 19:10:34 +02:00
Alex Kalyvitis	6d036cef6f	Merge branch 'master' into fix-self-hosted-stale-bundle-download	2020-06-18 19:08:04 +02:00
Alex Kalyvitis	f9768ac4ba	update deps	2020-06-18 18:43:30 +02:00
Alex Kalyvitis	3ff198f23b	fix tslint errors	2020-06-18 18:29:25 +02:00
Alex Kalyvitis	ff8fe44e0c	compiled js	2020-06-18 16:40:02 +02:00
Alex Kalyvitis	3f2a60be8a	switch to semver instead of hash	2020-06-18 16:31:39 +02:00
Alex Kalyvitis	4c6749115a	update @actions/tool-cache, install semver, nock	2020-06-18 16:31:13 +02:00
Sam Partington	608ed15968	Merge pull request #67 from github/dont-fail-on-symlinks Ensure config path comparisons don't fail where workspace path is a symlink	2020-06-18 09:21:27 +01:00
Sam Partington	14f179f70b	Merge branch 'master' into dont-fail-on-symlinks	2020-06-17 16:14:36 +01:00
Sam Partington	dc4009c7ed	Merge pull request #68 from github/ignore-javascript Configure VSCode to ignore transpiled JavaScript	2020-06-17 16:14:07 +01:00
Sam Partington	14d602cced	Fix test failures introduced by making code more robust	2020-06-17 16:00:19 +01:00
Sam Partington	24096a1cb3	Don't fail if query path doesn't exist	2020-06-17 15:55:14 +01:00
Alex Kalyvitis	74d434c5ca	fix lint errors	2020-06-17 16:19:00 +02:00
Alex Kalyvitis	fff3de9938	wip: hash bundle url and use it as the cache version	2020-06-17 16:13:58 +02:00
Sam Partington	1aae76b906	Configure VSCode to ignore transpiled JavaScript	2020-06-17 14:57:29 +01:00
Sam Partington	013c02758e	Apply realpathSync sooner Fixes lint: https://github.com/github/codeql-action/pull/67/checks?check_run_id=777215812	2020-06-16 17:04:30 +01:00
Sam Partington	0b53ebbc36	Fix config path comparisons where workspace path is a symlink Before this change, config-utils.ts › load non-empty input was failing on Mac with: The configuration file "/var/folders/gx/y8v1507s29d97m1r_5kq0s000000gn/T/codeql-action-oum66d/input" is invalid: property "queries.uses" is invalid as the local path "" is outside of the repository The reason is that the tmp directory (which is where the config file was put by the test) was a symlink.	2020-06-16 16:59:15 +01:00
Robert	6de3e1cde4	Merge pull request #65 from github/init_missing_matrix Add matrix input to init action	2020-06-16 13:10:16 +01:00
Robert	c9d0312cb7	Merge branch 'master' into init_missing_matrix	2020-06-16 12:47:50 +01:00
Robert	0cdf645694	Merge pull request #63 from github/add_dispatch_instructions Add simple instructions for sending repository dispatch event	2020-06-16 09:57:41 +01:00
Robert	d00417a341	Merge branch 'master' into add_dispatch_instructions	2020-06-16 09:34:13 +01:00
Robert	7928587bdf	Update .github/workflows/update-release-branch.yml Co-authored-by: Alex Kalyvitis <1204095+alexkappa@users.noreply.github.com>	2020-06-16 09:34:06 +01:00
Sam Partington	87ecd0d0cc	Merge pull request #64 from github/remove-jest-config Remove jest config as tests use Ava now	2020-06-15 17:04:17 +01:00
Sam Partington	7e2e297e07	Remove jest config as tests use Ava now Usage of Jest was removed in https://github.com/github/codeql-action/pull/18	2020-06-15 16:24:34 +01:00
Robert Brignull	b97097aaed	add matrix input to init action	2020-06-15 15:52:53 +01:00
Robert	8a8a49d3c5	Merge pull request #39 from github/validate_sarif Validate sarif against schema before uploading	2020-06-15 14:59:31 +01:00
Robert Brignull	fcb696ec59	Merge branch 'master' into validate_sarif	2020-06-15 14:40:01 +01:00
Robert Brignull	c2d2dfdcdd	add instructions	2020-06-15 14:17:16 +01:00
Robert	042ab541fd	Merge pull request #61 from github/disable_queries Add a quick way to disable builtin queries	2020-06-15 14:14:57 +01:00
Robert Brignull	19faafba94	Add ability to disable builtin queries	2020-06-15 12:01:38 +01:00
Robert	476c8a44ba	Merge pull request #57 from github/fixIsInterpretedLanguage Fix the login in the isInterpretedLanguage method	2020-06-15 10:06:56 +01:00
Robert	f9ef310b75	Merge branch 'master' into fixIsInterpretedLanguage	2020-06-15 09:56:33 +01:00
Robert	6bd7f17e0e	Merge pull request #59 from github/update-release-branch Add script to open PR for updating release branch	2020-06-12 15:36:00 +01:00
Robert Brignull	582fd14a81	Add script to open PR for updating release branch	2020-06-12 11:15:14 +01:00
Robert Brignull	8425341ae0	change && to \|\|	2020-06-11 13:53:30 +01:00
Robert	1f2cca021a	Merge pull request #55 from Marcono1234/patch-1 Update CodeQL link in README	2020-06-10 08:52:45 +01:00
Marcono1234	fa9e0ac2a6	Update CodeQL link in README	2020-06-10 01:03:12 +02:00
Robert	a9de5b50d7	Merge pull request #46 from github/safe-config-parsing Make config file parsing more strict	2020-06-09 12:36:49 +01:00
Robert Brignull	af4edf6546	fix typos	2020-06-09 10:42:52 +01:00
Robert Brignull	5a97f7e980	Merge branch 'master' into safe-config-parsing	2020-06-09 10:39:49 +01:00
Robert	d4fb7fc762	Merge pull request #54 from github/self-hosted Fix action when using self-hosted runnners	2020-06-09 10:28:26 +01:00
Robert Brignull	00ebedc522	Merge branch 'master' into self-hosted	2020-06-09 09:43:41 +01:00
Robert	840dc5ee9a	Merge pull request #49 from github/always-report-exceptions-v2 Report exceptions during upload	2020-06-08 14:58:17 +01:00
Robert Brignull	c1add46efa	Merge branch 'master' into validate_sarif	2020-06-08 13:48:14 +01:00
Robert Brignull	e35c90f53d	Merge branch 'master' into safe-config-parsing	2020-06-08 13:40:17 +01:00
Robert Brignull	6db8182349	Merge branch 'master' into always-report-exceptions-v2	2020-06-08 13:24:24 +01:00
Robert	202704856d	Merge pull request #27 from github/slim-readme Reduce duplication between help and readme	2020-06-05 09:49:41 +01:00
Robert Brignull	5ea736059a	move all files to the RUNNER_TEMP directory	2020-06-04 12:15:34 +01:00
Robert Brignull	b4610ac367	reduce duplication between readme and docs	2020-06-04 09:54:20 +01:00
Robert	a0d60d5d9e	Merge pull request #45 from github/suite_syntax introduce new syntax for built-in query suites	2020-06-03 11:14:49 +01:00
Robert Brignull	f18fffbea8	pass queries to codeql via a file	2020-06-01 18:14:36 +01:00
Robert Brignull	655c4497ce	fix when there are additional suites and custom queries	2020-06-01 13:56:27 +01:00
Robert Brignull	d7a2025f2d	run all queries	2020-06-01 13:17:05 +01:00
Robert Brignull	22501fd7c8	change method used to check inclusion	2020-06-01 13:06:47 +01:00
Robert Brignull	07e22b1f4a	add missing return statement	2020-06-01 12:58:38 +01:00
Robert Brignull	3c2191ffdd	fix array inclusion test	2020-06-01 12:45:23 +01:00
Robert Brignull	28abced8ca	Merge remote-tracking branch 'origin/master' into suite_syntax	2020-06-01 12:20:08 +01:00
Robert Brignull	50dcaaf00d	use the new additional suites	2020-06-01 12:19:24 +01:00
Robert Brignull	30f7117e6a	update codeql bundle version	2020-06-01 12:07:23 +01:00
Robert	28a878efc3	Merge pull request #43 from github/integration_test_check Check integration test results	2020-06-01 10:33:50 +01:00
Robert	d518039a6b	Merge branch 'master' into integration_test_check	2020-06-01 10:07:31 +01:00
Robert	855f965205	Merge pull request #50 from github/fix-workflow-indentation Fix identation in workflow	2020-06-01 10:06:43 +01:00
Robert	2909e97a32	Update codeql.yml	2020-06-01 09:44:48 +01:00
Robert	4997c3ff4d	Merge pull request #48 from github/allow_pull_requests Allow pull requests, and report correct commit oid and ref	2020-06-01 09:39:24 +01:00
Robert	0bd4da3a6c	Merge branch 'master' into allow_pull_requests	2020-06-01 09:18:20 +01:00
David Verdeguer	98ad2fc49d	Merge pull request #35 from github/issue Add help link at issue creation	2020-05-29 09:04:40 +02:00
David Verdeguer	3ca3147cd4	Apply suggestions from code review Co-authored-by: Justin Hutchings <jhutchings1@users.noreply.github.com>	2020-05-29 08:22:30 +02:00
Robert Brignull	96da037d49	report exceptions during upload	2020-05-28 10:40:26 +01:00
Robert Brignull	da1e237d1e	Allow pull requests, and report correct commit oid and ref	2020-05-28 09:26:52 +01:00
Robert Brignull	054f867322	make config file parsing more strict	2020-05-26 19:23:28 +01:00
Robert Brignull	1e600686e7	introduce new syntax for built-in query suites	2020-05-26 16:02:22 +01:00
Robert Brignull	cd1625a162	update rubocop version	2020-05-26 10:29:57 +01:00
Ana Armas Romero	8788e5aa59	Merge branch 'master' into issue	2020-05-25 13:22:22 +02:00
Robert Brignull	8fb9090674	fix tests	2020-05-22 17:09:41 +01:00
Robert Brignull	10a2fd615f	remove uniqueItems: false	2020-05-22 16:58:00 +01:00
David Verdeguer	8b71cf3e5f	Merge pull request #42 from github/dot-syntax Add more info about dot syntax to the readme	2020-05-22 16:01:46 +02:00
Robert Brignull	ae301902e1	output a better error message	2020-05-22 14:56:20 +01:00
Robert Brignull	ddee374101	validate sarif against schema before uploading	2020-05-22 14:19:16 +01:00
David Verdeguer	080dc8c3f0	Merge branch 'master' into dot-syntax	2020-05-22 08:40:27 +02:00
Robert Brignull	6d1f969b1c	check integration test results	2020-05-18 15:58:42 +01:00
Robert	ff40939f66	Merge pull request #36 from github/config_utils_tests Add tests for config-utils	2020-05-18 15:40:24 +01:00
David Verdeguer	7b32c3c950	Merge branch 'master' into dot-syntax	2020-05-18 16:12:07 +02:00
David Verdeguer	90c07ef21d	Update README	2020-05-18 16:11:32 +02:00
Robert	852b9186d6	Merge branch 'master' into config_utils_tests	2020-05-18 14:48:19 +01:00
Robert	63f52e71c0	Merge pull request #40 from github/upload_twice Emit an error if upload happens twice	2020-05-18 14:47:54 +01:00
Robert Brignull	3a883af8a6	Merge branch 'master' into upload_twice	2020-05-18 14:29:49 +01:00
Robert	886b7d3e6e	Merge pull request #38 from github/upload_stats Log some simple stats about the upload	2020-05-18 10:17:30 +01:00
Robert	4e12efc7c3	Merge branch 'master' into upload_stats	2020-05-18 09:47:10 +01:00
Chris Gavin	5c5f422edb	Merge pull request #37 from github/use-full-memory Use the full amount of memory when running queries.	2020-05-18 08:56:53 +01:00
Chris Gavin	97ef91227e	Check memory to use is always greater than zero.	2020-05-18 08:38:25 +01:00
David Verdeguer	25e5256866	Add more info about dot syntax	2020-05-18 00:14:03 +02:00
Robert Brignull	5ec6b7524f	Emit an error if upload happens twice	2020-05-15 17:40:17 +01:00
Robert Brignull	b366432cb3	log some stats about the upload	2020-05-15 17:25:34 +01:00
Chris Gavin	fa0a733046	Use the full amount of memory available when running queries.	2020-05-14 17:31:03 +01:00
Robert Brignull	0e6df42024	add tests for config-utils	2020-05-14 16:47:42 +01:00
David Verdeguer	58c1abf92e	Add help link at issue creation	2020-05-14 15:36:47 +02:00
				`@@ -0,0 +1 @@`
				`{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oDAAsC;AACtC,uDAAyC;AACzC,0EAAgD;AAEhD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,wBAAwB,CAAC;AAClE,QAAA,MAAM,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC;IACxC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;IAC5B,OAAO,EAAE,YAAY;IACrB,SAAS,EAAE,eAAe;IAC1B,GAAG,EAAE,2BAAe,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;CACzC,CAAC,CAAC"}`
				`@@ -0,0 +1 @@`
				`{"version":3,"file":"finalize-db.test.js","sourceRoot":"","sources":["../src/finalize-db.test.ts"],"names":[],"mappings":""}`
				`@@ -0,0 +1 @@`
				{"version":3,"file":"setup-tools.test.js","sourceRoot":"","sources":["../src/setup-tools.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,+DAAiD;AACjD,8CAAuB;AACvB,gDAAwB;AACxB,2CAA6B;AAE7B,0DAA4C;AAC5C,mDAAmD;AACnD,6CAA+B;AAE/B,kCAAkB,CAAC,aAAI,CAAC,CAAC;AAEzB,aAAI,CAAC,8BAA8B,EAAE,KAAK,EAAC,CAAC,EAAC,EAAE;IAE7C,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAC,MAAM,EAAC,EAAE;QAEnC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,GAAG,MAAM,CAAC;QAEzC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAE9D,MAAM,QAAQ,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAE1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACxC,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;YAE5B,cAAI,CAAC,qBAAqB,CAAC;iBACxB,GAAG,CAAC,2BAA2B,OAAO,uBAAuB,CAAC;iBAC9D,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,uCAAuC,CAAC,CAAC,CAAC;YAGrF,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,8CAA8C,OAAO,uBAAuB,CAAC;YAE1G,MAAM,UAAU,CAAC,WAAW,EAAE,CAAC;YAE/B,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,OAAO,EAAE,CAAC,CAAC,CAAC;SACxD;QAED,MAAM,cAAc,GAAG,SAAS,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QAE3D,CAAC,CAAC,EAAE,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,iCAAiC,EAAE,CAAC,CAAC,EAAE;IAE1C,MAAM,KAAK,GAAG;QACZ,UAAU,EAAE,gBAAgB;QAC5B,YAAY,EAAE,kBAAkB;QAChC,cAAc,EAAE,cAAc;QAC9B,OAAO,EAAE,OAAO;QAChB,aAAa,EAAE,aAAa;QAC5B,cAAc,EAAE,cAAc;KAC/B,CAAC;IAEF,KAAK,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QAC9D,MAAM,GAAG,GAAG,wCAAwC,OAAO,MAAM,CAAC;QAElE,IAAI;YACF,MAAM,aAAa,GAAG,UAAU,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC;YAC1D,CAAC,CAAC,SAAS,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;SAC7C;QAAC,OAAO,CAAC,EAAE;YACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;SACnB;KACF;AACH,CAAC,CAAC,CAAC"}
				`@@ -0,0 +1 @@`
				{"version":3,"file":"test-utils.js","sourceRoot":"","sources":["../src/test-utils.ts"],"names":[],"mappings":";;AAEA,SAAgB,kBAAkB,CAAC,IAAwB;IACzD,MAAM,SAAS,GAAG,IAAmC,CAAC;IAEtD,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;QACrB,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,KAAK,GAAG,kBAAkB,CAAC;QACrC,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,GAAQ,EAAE,QAAc,EAAE,EAA0B,EAAE,EAAE;YAC5E,oEAAoE;YACpE,sEAAsE;YACtE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE;gBACnB,kBAAkB,CAAC,GAAG,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC;aACzC;YACD,OAAO,IAAI,CAAC;QAChB,CAAC,CAAC;IACN,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE;QACpB,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC;AAnBD,gDAmBC"}
				`@@ -0,0 +1 @@`
				{"version":3,"file":"testing-utils.js","sourceRoot":"","sources":["../src/testing-utils.ts"],"names":[],"mappings":";;AAIA,SAAS,UAAU,CAAC,OAAoB;IACtC,8CAA8C;IAC9C,gCAAgC;IAChC,2EAA2E;IAC3E,2FAA2F;IAC3F,OAAO,CAAC,KAA0B,EAAE,QAAiB,EAAE,EAA0B,EAAW,EAAE;QAC5F,2CAA2C;QAC3C,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE;YACtD,EAAE,GAAG,QAAQ,CAAC;YACd,QAAQ,GAAG,SAAS,CAAC;SACtB;QAED,oBAAoB;QACpB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;YAC7B,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;SAC7B;aAAM;YACL,OAAO,CAAC,UAAU,IAAI,IAAI,WAAW,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;SAC1E;QAED,iDAAiD;QACjD,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,EAAE,KAAK,UAAU,EAAE;YAChD,EAAE,EAAE,CAAC;SACN;QAED,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;AACJ,CAAC;AAED,SAAgB,kBAAkB,CAAC,IAAwB;IACzD,MAAM,SAAS,GAAG,IAAkC,CAAC;IAErD,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;QACvB,CAAC,CAAC,OAAO,CAAC,UAAU,GAAG,EAAE,CAAC;QAE1B,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;QAEpD,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;QAC7B,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAE7C,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;SAC5C;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAvBD,gDAuBC"}
				`@@ -0,0 +1 @@`
				{"version":3,"file":"upload-lib.test.js","sourceRoot":"","sources":["../src/upload-lib.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAAuB;AAEvB,mDAAmD;AACnD,wDAA0C;AAE1C,kCAAkB,CAAC,aAAI,CAAC,CAAC;AAEzB,aAAI,CAAC,iCAAiC,EAAE,CAAC,CAAC,EAAE;IAC1C,MAAM,SAAS,GAAG,SAAS,GAAG,oCAAoC,CAAC;IACnE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC,CAAC;AACvD,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,mCAAmC,EAAE,CAAC,CAAC,EAAE;IAC5C,MAAM,SAAS,GAAG,SAAS,GAAG,sCAAsC,CAAC;IACrE,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC,CAAC;IACtD,iFAAiF;IACjF,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC,CAAC,CAAC"}
				`@@ -0,0 +1 @@`
				{"version":3,"file":"manifest.js","sourceRoot":"","sources":["../src/manifest.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,+CAAgC;AAChC,wCAAmC;AAEnC,yDAAyD;AACzD,qDAAqD;AAErD,yBAAyB;AACzB,oCAAoC;AACpC,yBAAyB;AAqDzB,SAAsB,UAAU,CAC9B,WAAmB,EACnB,MAAe,EACf,UAA0B,EAC1B,UAAkB;;QAElB,MAAM,UAAU,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAA;QAEhC,IAAI,MAAgC,CAAA;QACpC,IAAI,KAA+B,CAAA;QAEnC,IAAI,IAAkC,CAAA;QACtC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE;YAClC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,CAAA;YAEjC,YAAK,CAAC,SAAS,OAAO,cAAc,WAAW,EAAE,CAAC,CAAA;YAClD,IACE,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,WAAW,CAAC;gBACtC,CAAC,CAAC,MAAM,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,CAAC,EACxC;gBACA,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBACjC,YAAK,CACH,GAAG,IAAI,CAAC,IAAI,MAAM,UAAU,OAAO,IAAI,CAAC,QAAQ,MAAM,UAAU,EAAE,CACnE,CAAA;oBAED,IAAI,GAAG,GAAG,IAAI,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAA;oBAClE,IAAI,GAAG,IAAI,IAAI,CAAC,gBAAgB,EAAE;wBAChC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;wBAEhD,IAAI,SAAS,KAAK,IAAI,CAAC,gBAAgB,EAAE;4BACvC,GAAG,GAAG,IAAI,CAAA;yBACX;6BAAM;4BACL,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAA;yBACzD;qBACF;oBAED,OAAO,GAAG,CAAA;gBACZ,CAAC,CAAC,CAAA;gBAEF,IAAI,IAAI,EAAE;oBACR,YAAK,CAAC,WAAW,SAAS,CAAC,OAAO,EAAE,CAAC,CAAA;oBACrC,KAAK,GAAG,SAAS,CAAA;oBACjB,MAAK;iBACN;aACF;SACF;QAED,IAAI,KAAK,IAAI,IAAI,EAAE;YACjB,4EAA4E;YAC5E,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;YACjC,MAAM,CAAC,KAAK,GAAG,CAAC,IAAI,CAAC,CAAA;SACtB;QAED,OAAO,MAAM,CAAA;IACf,CAAC;CAAA;AAtDD,gCAsDC;AAED,SAAgB,aAAa;IAC3B,kDAAkD;IAClD,6GAA6G;IAC7G,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAA;IAC1B,IAAI,OAAO,GAAG,EAAE,CAAA;IAEhB,IAAI,IAAI,KAAK,QAAQ,EAAE;QACrB,OAAO,GAAG,EAAE,CAAC,QAAQ,CAAC,yBAAyB,CAAC,CAAC,QAAQ,EAAE,CAAA;KAC5D;SAAM,IAAI,IAAI,KAAK,OAAO,EAAE;QAC3B,uDAAuD;QACvD,2BAA2B;QAC3B,oBAAoB;QACpB,wBAAwB;QACxB,0BAA0B;QAC1B,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAA;QAC1D,IAAI,WAAW,EAAE;YACf,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;YACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;gBACxB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,iBAAiB,EAAE;oBAC/D,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;oBACzB,MAAK;iBACN;aACF;SACF;KACF;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AA7BD,sCA6BC;AAED,SAAgB,qBAAqB;IACnC,MAAM,OAAO,GAAG,kBAAkB,CAAA;IAClC,IAAI,QAAQ,GAAG,EAAE,CAAA;IAEjB,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE;QAC1B,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,CAAA;KAC/C;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AATD,sDASC"}
				`@@ -0,0 +1 @@`
				{"version":3,"file":"retry-helper.js","sourceRoot":"","sources":["../src/retry-helper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,oDAAqC;AAErC;;GAEG;AACH,MAAa,WAAW;IAKtB,YAAY,WAAmB,EAAE,UAAkB,EAAE,UAAkB;QACrE,IAAI,WAAW,GAAG,CAAC,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;SACrE;QAED,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QACxC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QACxC,IAAI,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE;YACrC,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAA;SAC3E;IACH,CAAC;IAEK,OAAO,CACX,MAAwB,EACxB,WAAmC;;YAEnC,IAAI,OAAO,GAAG,CAAC,CAAA;YACf,OAAO,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE;gBACjC,MAAM;gBACN,IAAI;oBACF,OAAO,MAAM,MAAM,EAAE,CAAA;iBACtB;gBAAC,OAAO,GAAG,EAAE;oBACZ,IAAI,WAAW,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE;wBACpC,MAAM,GAAG,CAAA;qBACV;oBAED,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;iBACvB;gBAED,QAAQ;gBACR,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,EAAE,CAAA;gBACrC,IAAI,CAAC,IAAI,CAAC,WAAW,OAAO,8BAA8B,CAAC,CAAA;gBAC3D,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;gBACzB,OAAO,EAAE,CAAA;aACV;YAED,eAAe;YACf,OAAO,MAAM,MAAM,EAAE,CAAA;QACvB,CAAC;KAAA;IAEO,cAAc;QACpB,OAAO,CACL,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;YACnE,IAAI,CAAC,UAAU,CAChB,CAAA;IACH,CAAC;IAEa,KAAK,CAAC,OAAe;;YACjC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAAC,CAAC,CAAA;QACpE,CAAC;KAAA;CACF;AAxDD,kCAwDC"}
				`@@ -0,0 +1 @@`
				{"version":3,"file":"command.js","sourceRoot":"","sources":["../src/command.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAwB;AAWxB;;;;;;;;;GASG;AACH,SAAgB,YAAY,CAC1B,OAAe,EACf,UAA6B,EAC7B,OAAY;IAEZ,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;IACrD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAA;AAC/C,CAAC;AAPD,oCAOC;AAED,SAAgB,KAAK,CAAC,IAAY,EAAE,UAAkB,EAAE;IACtD,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;AACjC,CAAC;AAFD,sBAEC;AAED,MAAM,UAAU,GAAG,IAAI,CAAA;AAEvB,MAAM,OAAO;IAKX,YAAY,OAAe,EAAE,UAA6B,EAAE,OAAe;QACzE,IAAI,CAAC,OAAO,EAAE;YACZ,OAAO,GAAG,iBAAiB,CAAA;SAC5B;QAED,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,CAAC;IAED,QAAQ;QACN,IAAI,MAAM,GAAG,UAAU,GAAG,IAAI,CAAC,OAAO,CAAA;QAEtC,IAAI,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;YAC9D,MAAM,IAAI,GAAG,CAAA;YACb,IAAI,KAAK,GAAG,IAAI,CAAA;YAChB,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,UAAU,EAAE;gBACjC,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE;oBACvC,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;oBAChC,IAAI,GAAG,EAAE;wBACP,IAAI,KAAK,EAAE;4BACT,KAAK,GAAG,KAAK,CAAA;yBACd;6BAAM;4BACL,MAAM,IAAI,GAAG,CAAA;yBACd;wBAED,MAAM,IAAI,GAAG,GAAG,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAA;qBAC1C;iBACF;aACF;SACF;QAED,MAAM,IAAI,GAAG,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAA;QACpD,OAAO,MAAM,CAAA;IACf,CAAC;CACF;AAED;;;GAGG;AACH,SAAgB,cAAc,CAAC,KAAU;IACvC,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE;QACzC,OAAO,EAAE,CAAA;KACV;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,YAAY,MAAM,EAAE;QAC/D,OAAO,KAAe,CAAA;KACvB;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;AAC9B,CAAC;AAPD,wCAOC;AAED,SAAS,UAAU,CAAC,CAAM;IACxB,OAAO,cAAc,CAAC,CAAC,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;SACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;AAC1B,CAAC;AAED,SAAS,cAAc,CAAC,CAAM;IAC5B,OAAO,cAAc,CAAC,CAAC,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;SACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;SACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;AACzB,CAAC"}