Merge pull request #3941 from github/mergeback/v4.36.1-to-main-87557b9c

Mergeback v4.36.1 refs/heads/releases/v4 into main
Rebuild
2026-06-03 04:14:33 +00:00 · 2026-06-02 10:35:51 +00:00 · 2026-06-02 10:09:37 +00:00 · 2026-06-02 10:09:22 +00:00 · 2026-06-02 11:07:55 +01:00 · 2026-06-02 09:50:57 +00:00
9 changed files with 118 additions and 67 deletions
@@ -6,6 +6,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th

 No user facing changes.

+## 4.36.1 - 02 Jun 2026
+
+No user facing changes.
+
 ## 4.36.0 - 22 May 2026

 - _Breaking change_: Bump the minimum required CodeQL bundle version to 2.19.4. [#3894](https://github.com/github/codeql-action/pull/3894)
@@ -148366,7 +148366,7 @@ function getDiffRangesJsonFilePath() {
  return path2.join(getTemporaryDirectory(), PR_DIFF_RANGE_JSON_FILENAME);
 }
 function getActionVersion() {
-  return "4.36.1";
+  return "4.36.2";
 }
 function getWorkflowEventName() {
  return getRequiredEnvParam("GITHUB_EVENT_NAME");
@@ -149396,11 +149396,6 @@ var featureConfig = {
    legacyApi: true,
    minimumVersion: void 0
  },
-  ["force_jgit" /* ForceJGit */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_FORCE_JGIT",
-    minimumVersion: void 0
-  },
  ["force_nightly" /* ForceNightly */]: {
    defaultValue: false,
    envVar: "CODEQL_ACTION_FORCE_NIGHTLY",
@@ -151716,6 +151711,7 @@ async function initActionState({
    extraQueryExclusions: [],
    overlayDatabaseMode: "none" /* None */,
    useOverlayDatabaseCaching: false,
+    overlayModeSetExplicitly: false,
    repositoryProperties,
    enableFileCoverageInformation
  };
@@ -151844,6 +151840,7 @@ async function checkOverlayEnablement(codeql, features, languages, sourceRoot, b
    return validateOverlayDatabaseMode(
      modeEnv,
      false,
+      true,
      codeql,
      languages,
      sourceRoot,
@@ -151918,6 +151915,7 @@ async function checkOverlayEnablement(codeql, features, languages, sourceRoot, b
  return validateOverlayDatabaseMode(
    overlayDatabaseMode,
    true,
+    false,
    codeql,
    languages,
    sourceRoot,
@@ -151926,7 +151924,7 @@ async function checkOverlayEnablement(codeql, features, languages, sourceRoot, b
    logger
  );
 }
-async function validateOverlayDatabaseMode(overlayDatabaseMode, useOverlayDatabaseCaching, codeql, languages, sourceRoot, buildMode, gitVersion, logger) {
+async function validateOverlayDatabaseMode(overlayDatabaseMode, useOverlayDatabaseCaching, overlayModeSetExplicitly, codeql, languages, sourceRoot, buildMode, gitVersion, logger) {
  if (buildMode !== "none" /* None */ && (await Promise.all(
    languages.map(
      async (l) => l !== "go" /* go */ && // Workaround to allow overlay analysis for Go with any build
@@ -151970,7 +151968,8 @@ async function validateOverlayDatabaseMode(overlayDatabaseMode, useOverlayDataba
  }
  return new Success({
    overlayDatabaseMode,
-    useOverlayDatabaseCaching
+    useOverlayDatabaseCaching,
+    overlayModeSetExplicitly
  });
 }
 async function isTrapCachingEnabled(features, overlayDatabaseMode) {
@@ -152008,7 +152007,7 @@ function hasQueryCustomisation(userConfig) {
  return isDefined2(userConfig["disable-default-queries"]) || isDefined2(userConfig.queries) || isDefined2(userConfig["query-filters"]);
 }
 async function applyIncrementalAnalysisSettings(config, hasDiffRanges, codeql, logger) {
-  if (config.overlayDatabaseMode === "overlay" /* Overlay */ && !hasDiffRanges) {
+  if (config.overlayDatabaseMode === "overlay" /* Overlay */ && !hasDiffRanges && !config.overlayModeSetExplicitly) {
    logger.info(
      `Reverting overlay database mode to ${"none" /* None */} because the PR diff ranges could not be computed.`
    );
@@ -152116,12 +152115,17 @@ async function initConfig(features, inputs) {
    logger
  );
  if (overlayDatabaseModeResult.isSuccess()) {
-    const { overlayDatabaseMode, useOverlayDatabaseCaching } = overlayDatabaseModeResult.value;
+    const {
+      overlayDatabaseMode,
+      useOverlayDatabaseCaching,
+      overlayModeSetExplicitly
+    } = overlayDatabaseModeResult.value;
    logger.info(
      `Using overlay database mode: ${overlayDatabaseMode} ${useOverlayDatabaseCaching ? "with" : "without"} caching.`
    );
    config.overlayDatabaseMode = overlayDatabaseMode;
    config.useOverlayDatabaseCaching = useOverlayDatabaseCaching;
+    config.overlayModeSetExplicitly = overlayModeSetExplicitly;
  } else {
    const overlayDisabledReason = overlayDatabaseModeResult.value;
    logger.info(
@@ -159353,9 +159357,6 @@ exec ${goBinaryPath} "$@"`
    if (await features.getValue("disable_kotlin_analysis_enabled" /* DisableKotlinAnalysisEnabled */)) {
      core21.exportVariable("CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN", "true");
    }
-    if (await features.getValue("force_jgit" /* ForceJGit */)) {
-      core21.exportVariable("CODEQL_GIT_BACKEND", "jgit");
-    }
    const kotlinLimitVar = "CODEQL_EXTRACTOR_KOTLIN_OVERRIDE_MAXIMUM_VERSION_LIMIT";
    if (await codeQlVersionAtLeast(codeql, "2.20.3") && !await codeQlVersionAtLeast(codeql, "2.20.4")) {
      core21.exportVariable(kotlinLimitVar, "2.1.20");
@@ -1,12 +1,12 @@
 {
  "name": "codeql",
-  "version": "4.36.1",
+  "version": "4.36.2",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "codeql",
-      "version": "4.36.1",
+      "version": "4.36.2",
      "license": "MIT",
      "workspaces": [
        "pr-checks"
@@ -1,6 +1,6 @@
 {
  "name": "codeql",
-  "version": "4.36.1",
+  "version": "4.36.2",
  "private": true,
  "description": "CodeQL action",
  "scripts": {
@@ -1044,6 +1044,7 @@ const checkOverlayEnablementMacro = makeMacro({
      | {
          overlayDatabaseMode: OverlayDatabaseMode;
          useOverlayDatabaseCaching: boolean;
+          overlayModeSetExplicitly?: boolean;
        }
      | {
          disabledReason: OverlayDisabledReason;
@@ -1124,7 +1125,13 @@ const checkOverlayEnablementMacro = makeMacro({
        if ("disabledReason" in expected) {
          t.deepEqual(result, new Failure(expected.disabledReason));
        } else {
-          t.deepEqual(result, new Success(expected));
+          t.deepEqual(
+            result,
+            new Success({
+              overlayModeSetExplicitly: false,
+              ...expected,
+            }),
+          );
        }
      } finally {
        // Restore the original environment
@@ -1143,6 +1150,7 @@ checkOverlayEnablementMacro.serial(
  {
    overlayDatabaseMode: OverlayDatabaseMode.Overlay,
    useOverlayDatabaseCaching: false,
+    overlayModeSetExplicitly: true,
  },
 );

@@ -1154,6 +1162,7 @@ checkOverlayEnablementMacro.serial(
  {
    overlayDatabaseMode: OverlayDatabaseMode.OverlayBase,
    useOverlayDatabaseCaching: false,
+    overlayModeSetExplicitly: true,
  },
 );

@@ -1812,6 +1821,7 @@ checkOverlayEnablementMacro.serial(
  {
    overlayDatabaseMode: OverlayDatabaseMode.Overlay,
    useOverlayDatabaseCaching: false,
+    overlayModeSetExplicitly: true,
  },
 );

@@ -1824,6 +1834,7 @@ checkOverlayEnablementMacro.serial(
  {
    overlayDatabaseMode: OverlayDatabaseMode.Overlay,
    useOverlayDatabaseCaching: false,
+    overlayModeSetExplicitly: true,
  },
 );

@@ -1920,6 +1931,7 @@ checkOverlayEnablementMacro.serial(
  {
    overlayDatabaseMode: OverlayDatabaseMode.Overlay,
    useOverlayDatabaseCaching: false,
+    overlayModeSetExplicitly: true,
  },
 );

@@ -1965,6 +1977,7 @@ checkOverlayEnablementMacro.serial(
  {
    overlayDatabaseMode: OverlayDatabaseMode.Overlay,
    useOverlayDatabaseCaching: false,
+    overlayModeSetExplicitly: true,
  },
 );

@@ -2182,33 +2195,64 @@ test("applyIncrementalAnalysisSettings: keeps overlay mode and adds exclusions w
  ]);
 });

-test("applyIncrementalAnalysisSettings: disables overlay analysis when diff ranges are unavailable", async (t) => {
-  const config = createTestConfig({
-    overlayDatabaseMode: OverlayDatabaseMode.Overlay,
-  });
-  config.useOverlayDatabaseCaching = true;
-  const codeql = createStubCodeQL({});
-  const logger = getRunnerLogger(true);
-  const addDiagnosticsStub = sinon
-    .stub(overlayDiagnostics, "addOverlayDisablementDiagnostics")
-    .resolves();
+test.serial(
+  "applyIncrementalAnalysisSettings: disables overlay analysis when diff ranges are unavailable",
+  async (t) => {
+    const config = createTestConfig({
+      overlayDatabaseMode: OverlayDatabaseMode.Overlay,
+    });
+    config.useOverlayDatabaseCaching = true;
+    const codeql = createStubCodeQL({});
+    const logger = getRunnerLogger(true);
+    const addDiagnosticsStub = sinon
+      .stub(overlayDiagnostics, "addOverlayDisablementDiagnostics")
+      .resolves();

-  await configUtils.applyIncrementalAnalysisSettings(
-    config,
-    false,
-    codeql,
-    logger,
-  );
+    await configUtils.applyIncrementalAnalysisSettings(
+      config,
+      false,
+      codeql,
+      logger,
+    );

-  t.is(config.overlayDatabaseMode, OverlayDatabaseMode.None);
-  t.is(config.useOverlayDatabaseCaching, false);
-  t.deepEqual(config.extraQueryExclusions, []);
-  t.true(addDiagnosticsStub.calledOnce);
-  t.is(
-    addDiagnosticsStub.firstCall.args[2],
-    OverlayDisabledReason.DiffInformedAnalysisNotEnabled,
-  );
-});
+    t.is(config.overlayDatabaseMode, OverlayDatabaseMode.None);
+    t.is(config.useOverlayDatabaseCaching, false);
+    t.deepEqual(config.extraQueryExclusions, []);
+    t.true(addDiagnosticsStub.calledOnce);
+    t.is(
+      addDiagnosticsStub.firstCall.args[2],
+      OverlayDisabledReason.DiffInformedAnalysisNotEnabled,
+    );
+  },
+);
+
+test.serial(
+  "applyIncrementalAnalysisSettings: keeps overlay mode when set explicitly and diff ranges are unavailable",
+  async (t) => {
+    const config = createTestConfig({
+      overlayDatabaseMode: OverlayDatabaseMode.Overlay,
+    });
+    config.useOverlayDatabaseCaching = false;
+    config.overlayModeSetExplicitly = true;
+    const codeql = createStubCodeQL({});
+    const logger = getRunnerLogger(true);
+    const addDiagnosticsStub = sinon
+      .stub(overlayDiagnostics, "addOverlayDisablementDiagnostics")
+      .resolves();
+
+    await configUtils.applyIncrementalAnalysisSettings(
+      config,
+      false,
+      codeql,
+      logger,
+    );
+
+    t.is(config.overlayDatabaseMode, OverlayDatabaseMode.Overlay);
+    t.is(config.useOverlayDatabaseCaching, false);
+    t.deepEqual(config.extraQueryExclusions, []);
+    t.true(addDiagnosticsStub.notCalled);
+  },
+);

 test("applyIncrementalAnalysisSettings: adds exclusions for diff-informed-only runs", async (t) => {
  const config = createTestConfig({});
@@ -243,6 +243,11 @@ export interface Config {
   */
  useOverlayDatabaseCaching: boolean;

+  /**
+   * Whether the overlay database mode was set explicitly.
+   */
+  overlayModeSetExplicitly: boolean;
+
  /**
   * A partial mapping from repository properties that affect us to their values.
   */
@@ -573,6 +578,7 @@ export async function initActionState(
    extraQueryExclusions: [],
    overlayDatabaseMode: OverlayDatabaseMode.None,
    useOverlayDatabaseCaching: false,
+    overlayModeSetExplicitly: false,
    repositoryProperties,
    enableFileCoverageInformation,
  };
@@ -772,6 +778,7 @@ async function checkRunnerResources(
 interface EnabledOverlayConfig {
  overlayDatabaseMode: Exclude<OverlayDatabaseMode, OverlayDatabaseMode.None>;
  useOverlayDatabaseCaching: boolean;
+  overlayModeSetExplicitly: boolean;
 }

 /**
@@ -826,6 +833,7 @@ export async function checkOverlayEnablement(
    return validateOverlayDatabaseMode(
      modeEnv,
      false,
+      true,
      codeql,
      languages,
      sourceRoot,
@@ -917,6 +925,7 @@ export async function checkOverlayEnablement(
  return validateOverlayDatabaseMode(
    overlayDatabaseMode,
    true,
+    false,
    codeql,
    languages,
    sourceRoot,
@@ -935,6 +944,7 @@ export async function checkOverlayEnablement(
 async function validateOverlayDatabaseMode(
  overlayDatabaseMode: Exclude<OverlayDatabaseMode, OverlayDatabaseMode.None>,
  useOverlayDatabaseCaching: boolean,
+  overlayModeSetExplicitly: boolean,
  codeql: CodeQL,
  languages: Language[],
  sourceRoot: string,
@@ -1006,6 +1016,7 @@ async function validateOverlayDatabaseMode(
  return new Success({
    overlayDatabaseMode,
    useOverlayDatabaseCaching,
+    overlayModeSetExplicitly,
  });
 }

@@ -1080,14 +1091,14 @@ function hasQueryCustomisation(userConfig: UserConfig): boolean {
 /**
 * Finalize the incremental-analysis configuration for this run.
 *
- * Overlay analysis has only been validated in combination with diff-informed
- * analysis, so if `Overlay` mode was selected for a pull request but the diff
- * ranges could not be computed, fall back to a full non-overlay analysis.
+ * Overlay analysis has only been validated in combination with diff-informed analysis, so if
+ * `Overlay` mode was selected for a pull request but the diff ranges could not be computed, fall
+ * back to a full non-overlay analysis. If the overlay mode was set explicitly, this fallback does
+ * not apply.
 *
- * Query exclusions for incremental-only queries are then applied whenever the
- * diff ranges are available — which, after the fallback above, is exactly the
- * set of runs where any kind of incremental analysis (overlay or
- * diff-informed) is in effect.
+ * Query exclusions for incremental-only queries are then applied whenever the diff ranges are
+ * available — which, after the fallback above, is exactly the set of runs where any kind of
+ * incremental analysis (overlay or diff-informed) is in effect.
 */
 export async function applyIncrementalAnalysisSettings(
  config: Config,
@@ -1097,7 +1108,8 @@ export async function applyIncrementalAnalysisSettings(
 ): Promise<void> {
  if (
    config.overlayDatabaseMode === OverlayDatabaseMode.Overlay &&
-    !hasDiffRanges
+    !hasDiffRanges &&
+    !config.overlayModeSetExplicitly
  ) {
    logger.info(
      `Reverting overlay database mode to ${OverlayDatabaseMode.None} ` +
@@ -1251,14 +1263,18 @@ export async function initConfig(
    logger,
  );
  if (overlayDatabaseModeResult.isSuccess()) {
-    const { overlayDatabaseMode, useOverlayDatabaseCaching } =
-      overlayDatabaseModeResult.value;
+    const {
+      overlayDatabaseMode,
+      useOverlayDatabaseCaching,
+      overlayModeSetExplicitly,
+    } = overlayDatabaseModeResult.value;
    logger.info(
      `Using overlay database mode: ${overlayDatabaseMode} ` +
        `${useOverlayDatabaseCaching ? "with" : "without"} caching.`,
    );
    config.overlayDatabaseMode = overlayDatabaseMode;
    config.useOverlayDatabaseCaching = useOverlayDatabaseCaching;
+    config.overlayModeSetExplicitly = overlayModeSetExplicitly;
  } else {
    const overlayDisabledReason = overlayDatabaseModeResult.value;
    logger.info(
@@ -82,11 +82,6 @@ export enum Feature {
  DisableJavaBuildlessEnabled = "disable_java_buildless_enabled",
  DisableKotlinAnalysisEnabled = "disable_kotlin_analysis_enabled",
  ExportDiagnosticsEnabled = "export_diagnostics_enabled",
-  /**
-   * Emergency override that forces the CodeQL CLI to use the JGit-based Git backend instead of its
-   * default backend selection.
-   */
-  ForceJGit = "force_jgit",
  ForceNightly = "force_nightly",
  IgnoreGeneratedFiles = "ignore_generated_files",
  JavaNetworkDebugging = "java_network_debugging",
@@ -229,11 +224,6 @@ export const featureConfig = {
    legacyApi: true,
    minimumVersion: undefined,
  },
-  [Feature.ForceJGit]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_FORCE_JGIT",
-    minimumVersion: undefined,
-  },
  [Feature.ForceNightly]: {
    defaultValue: false,
    envVar: "CODEQL_ACTION_FORCE_NIGHTLY",
@@ -614,11 +614,6 @@ async function run(startedAt: Date) {
      core.exportVariable("CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN", "true");
    }

-    // Emergency override to force the CodeQL CLI back to the JGit-based Git backend.
-    if (await features.getValue(Feature.ForceJGit)) {
-      core.exportVariable("CODEQL_GIT_BACKEND", "jgit");
-    }
-
    const kotlinLimitVar =
      "CODEQL_EXTRACTOR_KOTLIN_OVERRIDE_MAXIMUM_VERSION_LIMIT";
    if (
@@ -585,6 +585,7 @@ export function createTestConfig(overrides: Partial<Config>): Config {
      extraQueryExclusions: [],
      overlayDatabaseMode: OverlayDatabaseMode.None,
      useOverlayDatabaseCaching: false,
+      overlayModeSetExplicitly: false,
      repositoryProperties: {},
      enableFileCoverageInformation: true,
    } satisfies Config,
Author	SHA1	Message	Date
Henry Mercer	8ed7f7c384	Merge pull request #3941 from github/mergeback/v4.36.1-to-main-87557b9c Mergeback v4.36.1 refs/heads/releases/v4 into main	2026-06-02 10:35:51 +00:00
github-actions[bot]	0ad7c1f95e	Rebuild	2026-06-02 10:09:37 +00:00
github-actions[bot]	25c25b5e09	Update changelog and version after v4.36.1	2026-06-02 10:09:22 +00:00
Henry Mercer	87557b9c84	Merge pull request #3940 from github/update-v4.36.1-2a1689ed4 Merge main into releases/v4	2026-06-02 11:07:55 +01:00
github-actions[bot]	9431011964	Update changelog for v4.36.1	2026-06-02 09:50:57 +00:00
Henry Mercer	2a1689ed43	Merge pull request #3939 from github/henrymercer/skip-overlay-revert-when-explicit Disable missing diff-ranges fallback when overlay enabled manually	2026-06-01 17:25:10 +00:00
Henry Mercer	524532393a	Disable missing diff-ranges fallback when overlay enabled manually	2026-06-01 15:34:08 +01:00