Update Dependabot config file

Co-authored-by: Henry Mercer <henry.mercer@me.com>

.github/dependabot.yml

@@ -1,20 +1,29 @@
+---
 version: 2
 updates:
-  - package-ecosystem: "npm"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-      day: "thursday" # Gives us a working day to merge this before our typical release
-    labels:
-      - "Update dependencies"
-    ignore:
-      - dependency-name: "*"
-        update-types: ["version-update:semver-minor", "version-update:semver-patch"]
-  - package-ecosystem: "npm"
-    directory: "/runner"
-    schedule:
-      interval: "weekly"
-      day: "thursday" # Gives us a working day to merge this before our typical release
-    ignore:
-      - dependency-name: "*"
-        update-types: ["version-update:semver-minor", "version-update:semver-patch"]
+- package-ecosystem: npm
+  directory: "/"
+  schedule:
+    interval: weekly
+    day: thursday
+  labels:
+  - Update dependencies
+  ignore:
+  - dependency-name: "*"
+    update-types:
+    - version-update:semver-minor
+    - version-update:semver-patch
+- package-ecosystem: npm
+  directory: "/runner"
+  schedule:
+    interval: weekly
+    day: thursday
+  ignore:
+  - dependency-name: "*"
+    update-types:
+    - version-update:semver-minor
+    - version-update:semver-patch
+- package-ecosystem: github-actions
+  directory: "/"
+  schedule:
+    interval: daily

CHANGELOG.md

@@ -2,6 +2,14 @@
 
 ## [UNRELEASED]
 
+No user facing changes.
+
+## 2.1.35 - 01 Dec 2022
+
+No user facing changes.
+
+## 2.1.34 - 25 Nov 2022
+
 - Update default CodeQL bundle version to 2.11.4. [#1391](https://github.com/github/codeql-action/pull/1391)
 - Fixed a bug where some the `init` action and the `analyze` action would have different sets of experimental feature flags enabled. [#1384](https://github.com/github/codeql-action/pull/1384)
 

lib/analyze-action-env.test.js

@@ -45,6 +45,7 @@ const util = __importStar(require("./util"));
             .stub(actionsUtil, "createStatusReportBase")
             .resolves({});
         sinon.stub(actionsUtil, "sendStatusReport").resolves(true);
+        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
         const gitHubVersion = {
             type: util.GitHubVariant.DOTCOM,
         };

lib/analyze-action-env.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEnE,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/analyze-action-input.test.js

@@ -61,6 +61,7 @@ const util = __importStar(require("./util"));
         optionalInputStub.withArgs("cleanup-level").returns("none");
         optionalInputStub.withArgs("expect-error").returns("false");
         sinon.stub(util, "getGitHubVersion").resolves(gitHubVersion);
+        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
         (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
         (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, {});
         process.env["CODEQL_THREADS"] = "1";

lib/analyze-action-input.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnE,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/analyze-action.js

@@ -103,6 +103,8 @@ function doesGoExtractionOutputExist(config) {
  * - We detect whether an autobuild step is present by checking the
  * `util.DID_AUTOBUILD_GO_ENV_VAR_NAME` environment variable, which is set
  * when the autobuilder is invoked.
+ * - We detect whether the Go database has already been finalized in case it
+ * has been manually set in a prior Action step.
  * - We approximate whether manual build steps are present by looking at
  * whether any extraction output already exists for Go.
  */
@@ -114,6 +116,10 @@ async function runAutobuildIfLegacyGoWorkflow(config, logger) {
         logger.debug("Won't run Go autobuild since it has already been run.");
         return;
     }
+    if ((0, analyze_1.dbIsFinalized)(config, languages_1.Language.go, logger)) {
+        logger.debug("Won't run Go autobuild since there is already a finalized database for Go.");
+        return;
+    }
     // This captures whether a user has added manual build steps for Go
     if (doesGoExtractionOutputExist(config)) {
         logger.debug("Won't run Go autobuild since at least one file of Go code has already been extracted.");
@@ -202,7 +208,6 @@ async function run() {
             hasBadExpectErrorInput()) {
             core.setFailed(error.message);
         }
-        console.log(error);
         if (error instanceof analyze_1.CodeQLAnalysisError) {
             const stats = { ...error.queriesStatusReport };
             await sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
@@ -232,7 +237,6 @@ async function runWrapper() {
     }
     catch (error) {
         core.setFailed(`analyze action failed: ${error}`);
-        console.log(error);
     }
     await (0, util_1.checkForTimeout)();
 }

lib/codeql.js

@@ -666,7 +666,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             if (querySuitePath) {
                 codeqlArgs.push(querySuitePath);
             }
-            await runTool(cmd, codeqlArgs);
+            await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)(cmd, codeqlArgs, error_matcher_1.errorMatchers);
         },
         async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, automationDetailsId, featureEnablement) {
             const codeqlArgs = [
@@ -695,7 +695,8 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 codeqlArgs.push(...querySuitePaths);
             }
             // capture stdout, which contains analysis summaries
-            return await runTool(cmd, codeqlArgs);
+            const returnState = await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)(cmd, codeqlArgs, error_matcher_1.errorMatchers);
+            return returnState.stdout;
         },
         async databasePrintBaseline(databasePath) {
             const codeqlArgs = [
@@ -846,11 +847,16 @@ async function runTool(cmd, args = []) {
     const exitCode = await new toolrunner.ToolRunner(cmd, args, {
         listeners: {
             stdout: (data) => {
-                output += data.toString();
+                output += data.toString("utf8");
             },
             stderr: (data) => {
-                const toRead = Math.min(maxErrorSize - error.length, data.length);
-                error += data.toString("utf8", 0, toRead);
+                let readStartIndex = 0;
+                // If the error is too large, then we only take the last 20,000 characters
+                if (data.length - maxErrorSize > 0) {
+                    // Eg: if we have 20,000 the start index should be 2.
+                    readStartIndex = data.length - maxErrorSize + 1;
+                }
+                error += data.toString("utf8", readStartIndex);
             },
         },
         ignoreReturnCode: true,

lib/codeql.test.js

@@ -27,6 +27,7 @@ const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const toolcache = __importStar(require("@actions/tool-cache"));
+const safeWhich = __importStar(require("@chrisgavin/safe-which"));
 const ava_1 = __importDefault(require("ava"));
 const del_1 = __importDefault(require("del"));
 const yaml = __importStar(require("js-yaml"));
@@ -308,6 +309,8 @@ for (const [isFeatureEnabled, toolsInput, shouldToolcacheBeBypassed,] of TOOLCAC
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
     sinon.stub(codeqlObject, "getVersion").resolves("2.7.0");
+    // safeWhich throws because of the test CodeQL object.
+    sinon.stub(safeWhich, "safeWhich").resolves("");
     await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([]));
     t.false(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"), "--sarif-add-query-help should be absent, but it is present");
 });
@@ -315,6 +318,8 @@ for (const [isFeatureEnabled, toolsInput, shouldToolcacheBeBypassed,] of TOOLCAC
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
     sinon.stub(codeqlObject, "getVersion").resolves("2.7.1");
+    // safeWhich throws because of the test CodeQL object.
+    sinon.stub(safeWhich, "safeWhich").resolves("");
     await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([]));
     t.true(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"), "--sarif-add-query-help should be present, but it is absent");
 });
@@ -323,6 +328,8 @@ for (const [isFeatureEnabled, toolsInput, shouldToolcacheBeBypassed,] of TOOLCAC
         const runnerConstructorStub = stubToolRunnerConstructor();
         const codeqlObject = await codeql.getCodeQLForTesting();
         sinon.stub(codeqlObject, "getVersion").resolves("2.8.1");
+        // safeWhich throws because of the test CodeQL object.
+        sinon.stub(safeWhich, "safeWhich").resolves("");
         const thisStubConfig = {
             ...stubConfig,
             tempDir,
@@ -571,6 +578,8 @@ const injectedConfigMacro = ava_1.default.macro({
     // The version of CodeQL is checked separately to determine feature enablement, and does not
     // otherwise impact this test, so set it to 0.0.0.
     sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
+    // safeWhich throws because of the test CodeQL object.
+    sinon.stub(safeWhich, "safeWhich").resolves("");
     await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.FileBaselineInformationEnabled]));
     t.true(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-baseline-file-info"), "--sarif-add-baseline-file-info should be present, but it is absent");
 });
@@ -581,6 +590,8 @@ const injectedConfigMacro = ava_1.default.macro({
     // The version of CodeQL is checked upstream to determine feature enablement, so it does not
     // affect this test.
     sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
+    // safeWhich throws because of the test CodeQL object.
+    sinon.stub(safeWhich, "safeWhich").resolves("");
     await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([]));
     t.false(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-baseline-file-info"), "--sarif-add-baseline-file-info must be absent, but it is present");
 });

lib/error-matcher.js

@@ -12,6 +12,10 @@ exports.namedMatchersForTesting = {
         message: "No code found during the build. Please see:\n" +
             "https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-code-scanning#no-code-found-during-the-build",
     },
+    fatalError: {
+        outputRegex: new RegExp("A fatal error occurred"),
+        message: "A fatal error occurred.",
+    },
 };
 // we collapse the matches into an array for use in execErrorCatcher
 exports.errorMatchers = Object.values(exports.namedMatchersForTesting);

lib/error-matcher.js.map

@@ -1 +1 @@
-{"version":3,"file":"error-matcher.js","sourceRoot":"","sources":["../src/error-matcher.ts"],"names":[],"mappings":";;;AAQA,qCAAqC;AACxB,QAAA,uBAAuB,GAAoC;IACtE;;MAEE;IACF,iBAAiB,EAAE;QACjB,QAAQ,EAAE,EAAE;QACZ,WAAW,EAAE,IAAI,MAAM,CAAC,2CAA2C,CAAC;QACpE,OAAO,EACL,+CAA+C;YAC/C,yJAAyJ;KAC5J;CACF,CAAC;AAEF,oEAAoE;AACvD,QAAA,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,+BAAuB,CAAC,CAAC"}
+{"version":3,"file":"error-matcher.js","sourceRoot":"","sources":["../src/error-matcher.ts"],"names":[],"mappings":";;;AAQA,qCAAqC;AACxB,QAAA,uBAAuB,GAAoC;IACtE;;MAEE;IACF,iBAAiB,EAAE;QACjB,QAAQ,EAAE,EAAE;QACZ,WAAW,EAAE,IAAI,MAAM,CAAC,2CAA2C,CAAC;QACpE,OAAO,EACL,+CAA+C;YAC/C,yJAAyJ;KAC5J;IACD,UAAU,EAAE;QACV,WAAW,EAAE,IAAI,MAAM,CAAC,wBAAwB,CAAC;QACjD,OAAO,EAAE,yBAAyB;KACnC;CACF,CAAC;AAEF,oEAAoE;AACvD,QAAA,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,+BAAuB,CAAC,CAAC"}

lib/error-matcher.test.js

@@ -16,6 +16,9 @@ NB We test the regexes for all the matchers against example log output snippets.
   2020-09-07T17:39:53.9251124Z [2020-09-07 17:39:53] [ERROR] Spawned process exited abnormally (code 255; tried to run: [/opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/javascript/tools/autobuild.sh])
   `));
 });
+(0, ava_1.default)("fatalError matches against example log output", async (t) => {
+    t.assert(testErrorMatcher("fatalError", "A fatal error occurred: Could not process query metadata for test-query.ql"));
+});
 function testErrorMatcher(matcherName, logSample) {
     if (!(matcherName in error_matcher_1.namedMatchersForTesting)) {
         throw new Error(`Unknown matcher ${matcherName}`);

lib/error-matcher.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"error-matcher.test.js","sourceRoot":"","sources":["../src/error-matcher.test.ts"],"names":[],"mappings":";;;;;AAAA,8CAAuB;AAEvB,mDAA0D;AAE1D;;EAEE;AAEF,IAAA,aAAI,EAAC,6DAA6D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC9E,CAAC,CAAC,MAAM,CACN,gBAAgB,CACd,mBAAmB,EACnB;;;;;GAKH,CACE,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,SAAS,gBAAgB,CAAC,WAAmB,EAAE,SAAiB;IAC9D,IAAI,CAAC,CAAC,WAAW,IAAI,uCAAuB,CAAC,EAAE;QAC7C,MAAM,IAAI,KAAK,CAAC,mBAAmB,WAAW,EAAE,CAAC,CAAC;KACnD;IACD,MAAM,KAAK,GAAG,uCAAuB,CAAC,WAAW,CAAC,CAAC,WAAW,CAAC;IAC/D,IAAI,KAAK,KAAK,SAAS,EAAE;QACvB,MAAM,IAAI,KAAK,CAAC,uBAAuB,WAAW,kBAAkB,CAAC,CAAC;KACvE;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAC/B,CAAC"}
+{"version":3,"file":"error-matcher.test.js","sourceRoot":"","sources":["../src/error-matcher.test.ts"],"names":[],"mappings":";;;;;AAAA,8CAAuB;AAEvB,mDAA0D;AAE1D;;EAEE;AAEF,IAAA,aAAI,EAAC,6DAA6D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC9E,CAAC,CAAC,MAAM,CACN,gBAAgB,CACd,mBAAmB,EACnB;;;;;GAKH,CACE,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,+CAA+C,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChE,CAAC,CAAC,MAAM,CACN,gBAAgB,CACd,YAAY,EACZ,4EAA4E,CAC7E,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,SAAS,gBAAgB,CAAC,WAAmB,EAAE,SAAiB;IAC9D,IAAI,CAAC,CAAC,WAAW,IAAI,uCAAuB,CAAC,EAAE;QAC7C,MAAM,IAAI,KAAK,CAAC,mBAAmB,WAAW,EAAE,CAAC,CAAC;KACnD;IACD,MAAM,KAAK,GAAG,uCAAuB,CAAC,WAAW,CAAC,CAAC,WAAW,CAAC;IAC/D,IAAI,KAAK,KAAK,SAAS,EAAE;QACvB,MAAM,IAAI,KAAK,CAAC,uBAAuB,WAAW,kBAAkB,CAAC,CAAC;KACvE;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAC/B,CAAC"}

lib/toolrunner-error-catcher.js

@@ -31,7 +31,7 @@ const safeWhich = __importStar(require("@chrisgavin/safe-which"));
  * @param     args               optional arguments for tool. Escaping is handled by the lib.
  * @param     matchers           defines specific codes and/or regexes that should lead to return of a custom error
  * @param     options            optional exec options.  See ExecOptions
- * @returns   Promise<number>    exit code
+ * @returns   ReturnState        exit code and stdout output, if applicable
  */
 async function toolrunnerErrorCatcher(commandLine, args, matchers, options) {
     var _a, _b;
@@ -54,40 +54,36 @@ async function toolrunnerErrorCatcher(commandLine, args, matchers, options) {
         },
     };
     // we capture the original return code or error so that if no match is found we can duplicate the behavior
-    let returnState;
+    let exitCode;
     try {
-        returnState = await new toolrunner.ToolRunner(await safeWhich.safeWhich(commandLine), args, {
+        exitCode = await new toolrunner.ToolRunner(await safeWhich.safeWhich(commandLine), args, {
             ...options,
             listeners,
             ignoreReturnCode: true, // so we can check for specific codes using the matchers
         }).exec();
-    }
-    catch (e) {
-        returnState = e instanceof Error ? e : new Error(String(e));
-    }
-    // if there is a zero return code then we do not apply the matchers
-    if (returnState === 0)
-        return returnState;
-    if (matchers) {
-        for (const matcher of matchers) {
-            if (matcher.exitCode === returnState ||
-                ((_a = matcher.outputRegex) === null || _a === void 0 ? void 0 : _a.test(stderr)) ||
-                ((_b = matcher.outputRegex) === null || _b === void 0 ? void 0 : _b.test(stdout))) {
-                throw new Error(matcher.message);
+        // if there is a zero return code then we do not apply the matchers
+        if (exitCode === 0)
+            return { exitCode, stdout };
+        if (matchers) {
+            for (const matcher of matchers) {
+                if (matcher.exitCode === exitCode ||
+                    ((_a = matcher.outputRegex) === null || _a === void 0 ? void 0 : _a.test(stderr)) ||
+                    ((_b = matcher.outputRegex) === null || _b === void 0 ? void 0 : _b.test(stdout))) {
+                    throw new Error(matcher.message);
+                }
             }
         }
-    }
-    if (typeof returnState === "number") {
         // only if we were instructed to ignore the return code do we ever return it non-zero
         if (options === null || options === void 0 ? void 0 : options.ignoreReturnCode) {
-            return returnState;
+            return { exitCode, stdout };
         }
         else {
-            throw new Error(`The process '${commandLine}' failed with exit code ${returnState}`);
+            throw new Error(`The process '${commandLine}' failed with exit code ${exitCode}`);
         }
     }
-    else {
-        throw returnState;
+    catch (e) {
+        const error = e instanceof Error ? e : new Error(String(e));
+        throw error;
     }
 }
 exports.toolrunnerErrorCatcher = toolrunnerErrorCatcher;

lib/toolrunner-error-catcher.js.map

@@ -1 +1 @@
-{"version":3,"file":"toolrunner-error-catcher.js","sourceRoot":"","sources":["../src/toolrunner-error-catcher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AACA,yEAA2D;AAC3D,kEAAoD;AAIpD;;;;;;;;;;GAUG;AACI,KAAK,UAAU,sBAAsB,CAC1C,WAAmB,EACnB,IAAe,EACf,QAAyB,EACzB,OAAwB;;IAExB,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,MAAM,SAAS,GAAG;QAChB,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;QACH,CAAC;QACD,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;QACH,CAAC;KACF,CAAC;IAEF,0GAA0G;IAC1G,IAAI,WAA2B,CAAC;IAChC,IAAI;QACF,WAAW,GAAG,MAAM,IAAI,UAAU,CAAC,UAAU,CAC3C,MAAM,SAAS,CAAC,SAAS,CAAC,WAAW,CAAC,EACtC,IAAI,EACJ;YACE,GAAG,OAAO;YACV,SAAS;YACT,gBAAgB,EAAE,IAAI,EAAE,wDAAwD;SACjF,CACF,CAAC,IAAI,EAAE,CAAC;KACV;IAAC,OAAO,CAAC,EAAE;QACV,WAAW,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;KAC7D;IAED,mEAAmE;IACnE,IAAI,WAAW,KAAK,CAAC;QAAE,OAAO,WAAW,CAAC;IAE1C,IAAI,QAAQ,EAAE;QACZ,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;YAC9B,IACE,OAAO,CAAC,QAAQ,KAAK,WAAW;iBAChC,MAAA,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,CAAC,CAAA;iBACjC,MAAA,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,CAAC,CAAA,EACjC;gBACA,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;aAClC;SACF;KACF;IAED,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE;QACnC,qFAAqF;QACrF,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gBAAgB,EAAE;YAC7B,OAAO,WAAW,CAAC;SACpB;aAAM;YACL,MAAM,IAAI,KAAK,CACb,gBAAgB,WAAW,2BAA2B,WAAW,EAAE,CACpE,CAAC;SACH;KACF;SAAM;QACL,MAAM,WAAW,CAAC;KACnB;AACH,CAAC;AAnED,wDAmEC"}
+{"version":3,"file":"toolrunner-error-catcher.js","sourceRoot":"","sources":["../src/toolrunner-error-catcher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AACA,yEAA2D;AAC3D,kEAAoD;AASpD;;;;;;;;;;GAUG;AACI,KAAK,UAAU,sBAAsB,CAC1C,WAAmB,EACnB,IAAe,EACf,QAAyB,EACzB,OAAwB;;IAExB,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,MAAM,SAAS,GAAG;QAChB,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;QACH,CAAC;QACD,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;QACH,CAAC;KACF,CAAC;IAEF,0GAA0G;IAC1G,IAAI,QAAgB,CAAC;IACrB,IAAI;QACF,QAAQ,GAAG,MAAM,IAAI,UAAU,CAAC,UAAU,CACxC,MAAM,SAAS,CAAC,SAAS,CAAC,WAAW,CAAC,EACtC,IAAI,EACJ;YACE,GAAG,OAAO;YACV,SAAS;YACT,gBAAgB,EAAE,IAAI,EAAE,wDAAwD;SACjF,CACF,CAAC,IAAI,EAAE,CAAC;QAET,mEAAmE;QACnE,IAAI,QAAQ,KAAK,CAAC;YAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;QAEhD,IAAI,QAAQ,EAAE;YACZ,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;gBAC9B,IACE,OAAO,CAAC,QAAQ,KAAK,QAAQ;qBAC7B,MAAA,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,CAAC,CAAA;qBACjC,MAAA,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,CAAC,CAAA,EACjC;oBACA,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;iBAClC;aACF;SACF;QAED,qFAAqF;QACrF,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gBAAgB,EAAE;YAC7B,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;SAC7B;aAAM;YACL,MAAM,IAAI,KAAK,CACb,gBAAgB,WAAW,2BAA2B,QAAQ,EAAE,CACjE,CAAC;SACH;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,KAAK,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5D,MAAM,KAAK,CAAC;KACb;AACH,CAAC;AAhED,wDAgEC"}

lib/toolrunner-error-catcher.test.js

@@ -33,7 +33,8 @@ const toolrunner_error_catcher_1 = require("./toolrunner-error-catcher");
         { exitCode: 123, outputRegex: new RegExp("foo bar"), message: "error!!!" },
     ];
     t.deepEqual(await exec.exec("node", testArgs), 0);
-    t.deepEqual(await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)("node", testArgs, matchers), 0);
+    const returnState = await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)("node", testArgs, matchers);
+    t.deepEqual(returnState.exitCode, 0);
 });
 (0, ava_1.default)("regex matchers are applied to stdout for non-zero exit code", async (t) => {
     const testArgs = buildDummyArgs("foo bar\\nblort qux", "", "", 1);
@@ -116,9 +117,10 @@ const toolrunner_error_catcher_1 = require("./toolrunner-error-catcher");
 (0, ava_1.default)("execErrorCatcher respects the ignoreReturnValue option", async (t) => {
     const testArgs = buildDummyArgs("standard output", "error output", "", 199);
     await t.throwsAsync((0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)("node", testArgs, [], { ignoreReturnCode: false }), { instanceOf: Error });
-    t.deepEqual(await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)("node", testArgs, [], {
+    const returnState = await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)("node", testArgs, [], {
         ignoreReturnCode: true,
-    }), 199);
+    });
+    t.deepEqual(returnState.exitCode, 199);
 });
 (0, ava_1.default)("execErrorCatcher preserves behavior of provided listeners", async (t) => {
     const stdoutExpected = "standard output";
@@ -134,9 +136,10 @@ const toolrunner_error_catcher_1 = require("./toolrunner-error-catcher");
         },
     };
     const testArgs = buildDummyArgs(stdoutExpected, stderrExpected, "", 0);
-    t.deepEqual(await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)("node", testArgs, [], {
+    const returnState = await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)("node", testArgs, [], {
         listeners,
-    }), 0);
+    });
+    t.deepEqual(returnState.exitCode, 0);
     t.deepEqual(stdoutActual, `${stdoutExpected}\n`);
     t.deepEqual(stderrActual, `${stderrExpected}\n`);
 });

lib/workflow.js

@@ -19,7 +19,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getCategoryInputOrThrow = exports.getStepsCallingAction = exports.getWorkflowRunID = exports.getWorkflowPath = exports.getWorkflow = exports.formatWorkflowCause = exports.formatWorkflowErrors = exports.validateWorkflow = exports.getWorkflowErrors = exports.WorkflowErrors = exports.patternIsSuperset = void 0;
+exports.getCategoryInputOrThrow = exports.getWorkflowRunID = exports.getWorkflowPath = exports.getWorkflow = exports.formatWorkflowCause = exports.formatWorkflowErrors = exports.validateWorkflow = exports.getWorkflowErrors = exports.WorkflowErrors = exports.patternIsSuperset = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
@@ -253,11 +253,12 @@ function getStepsCallingAction(job, actionName) {
     }
     return steps.filter((step) => { var _a; return (_a = step.uses) === null || _a === void 0 ? void 0 : _a.includes(actionName); });
 }
-exports.getStepsCallingAction = getStepsCallingAction;
 /**
  * Makes a best effort attempt to retrieve the value of a particular input with which
  * an Action in the workflow would be invoked.
  *
+ * Typically you'll want to wrap this function in a try/catch block and handle the error.
+ *
  * @returns the value of the input, or undefined if no such input is passed to the Action
  * @throws an error if the value of the input could not be determined, or we could not
  * determine that no such input is passed to the Action.
@@ -295,6 +296,8 @@ function getInputOrThrow(workflow, jobName, actionName, inputName, matrixVars) {
  * Makes a best effort attempt to retrieve the category input for the particular job,
  * given a set of matrix variables.
  *
+ * Typically you'll want to wrap this function in a try/catch block and handle the error.
+ *
  * @returns the category input, or undefined if the category input is not defined
  * @throws an error if the category input could not be determined
  */

node_modules/.package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.1.34",
+  "version": "2.1.36",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "codeql",
-  "version": "2.1.34",
+  "version": "2.1.36",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "codeql",
-      "version": "2.1.34",
+      "version": "2.1.36",
       "license": "MIT",
       "dependencies": {
         "@actions/artifact": "^1.1.0",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.1.34",
+  "version": "2.1.36",
   "private": true,
   "description": "CodeQL action",
   "scripts": {

python-setup/install_tools.ps1

@@ -1,11 +1,7 @@
 #! /usr/bin/pwsh
 
-# while waiting for the next release of `virtualenv` after v20.16.5, we install an older
-# version of `setuptools` to ensure that binaries are always put under
-# `<venv-path>/bin`, which wouldn't always happen with the GitHub actions version of
-# Ubuntu 22.04. See https://github.com/github/codeql-action/issues/1249
-py -2 -m pip install --user --upgrade pip 'setuptools<60' wheel
-py -3 -m pip install --user --upgrade pip 'setuptools<60' wheel
+py -2 -m pip install --user --upgrade pip setuptools wheel
+py -3 -m pip install --user --upgrade pip setuptools wheel
 
 # virtualenv is a bit nicer for setting up virtual environment, since it will provide up-to-date versions of
 # pip/setuptools/wheel which basic `python3 -m venv venv` won't

python-setup/install_tools.sh

@@ -12,16 +12,15 @@ export PATH="$HOME/.local/bin:$PATH"
 
 # Setup Python 3 dependency installation tools.
 
-# we install an older version of `setuptools` to ensure that binaries are always put
-# under `<venv-path>/bin`, which wouldn't always happen with the GitHub actions version
-# of Ubuntu 22.04. See https://github.com/github/codeql-action/issues/1249. The the next
-# release of `virtualenv` after v20.16.5 will include a fix for this, so we can remove
-# this bit of the logic again.
-python3 -m pip install --user --upgrade pip 'setuptools<60' wheel
+python3 -m pip install --user --upgrade pip setuptools wheel
 
-# virtualenv is a bit nicer for setting up virtual environment, since it will provide up-to-date versions of
-# pip/setuptools/wheel which basic `python3 -m venv venv` won't
-python3 -m pip install --user virtualenv
+# virtualenv is a bit nicer for setting up virtual environment, since it will provide
+# up-to-date versions of pip/setuptools/wheel which basic `python3 -m venv venv` won't.
+#
+# version 20.16.5 (Python 3 only) had some problems when used together with newer
+# versions of setuptools (60+) and would not always put binaries under `<venv-path>/bin`
+# -- see https://github.com/github/codeql-action/issues/1249 for more details.
+python3 -m pip install --user --upgrade 'virtualenv>20.16.5'
 
 # We install poetry with pip instead of the recommended way, since the recommended way
 # caused some problem since `poetry run` gives output like:
@@ -45,7 +44,7 @@ if command -v python2 >/dev/null 2>&1; then
 		curl --location --fail https://bootstrap.pypa.io/pip/2.7/get-pip.py | python2
 	fi
 
-	python2 -m pip install --user --upgrade pip 'setuptools<60' wheel
+	python2 -m pip install --user --upgrade pip setuptools wheel
 
 	python2 -m pip install --user 'virtualenv!=20.12.0'
 fi

src/analyze-action-env.test.ts

@@ -29,6 +29,8 @@ test("analyze action with RAM & threads from environment variables", async (t) =
       .stub(actionsUtil, "createStatusReportBase")
       .resolves({} as actionsUtil.StatusReportBase);
     sinon.stub(actionsUtil, "sendStatusReport").resolves(true);
+    sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
+
     const gitHubVersion: util.GitHubVersion = {
       type: util.GitHubVariant.DOTCOM,
     };

src/analyze-action-input.test.ts

@@ -45,6 +45,7 @@ test("analyze action with RAM & threads from action inputs", async (t) => {
     optionalInputStub.withArgs("cleanup-level").returns("none");
     optionalInputStub.withArgs("expect-error").returns("false");
     sinon.stub(util, "getGitHubVersion").resolves(gitHubVersion);
+    sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
     setupActionsVars(tmpDir, tmpDir);
     mockFeatureFlagApiEndpoint(200, {});
 

src/analyze-action.ts

@@ -9,6 +9,7 @@ import * as actionsUtil from "./actions-util";
 import { DatabaseCreationTimings } from "./actions-util";
 import {
   CodeQLAnalysisError,
+  dbIsFinalized,
   QueriesStatusReport,
   runCleanup,
   runFinalize,
@@ -134,6 +135,8 @@ function doesGoExtractionOutputExist(config: Config): boolean {
  * - We detect whether an autobuild step is present by checking the
  * `util.DID_AUTOBUILD_GO_ENV_VAR_NAME` environment variable, which is set
  * when the autobuilder is invoked.
+ * - We detect whether the Go database has already been finalized in case it
+ * has been manually set in a prior Action step.
  * - We approximate whether manual build steps are present by looking at
  * whether any extraction output already exists for Go.
  */
@@ -145,6 +148,12 @@ async function runAutobuildIfLegacyGoWorkflow(config: Config, logger: Logger) {
     logger.debug("Won't run Go autobuild since it has already been run.");
     return;
   }
+  if (dbIsFinalized(config, Language.go, logger)) {
+    logger.debug(
+      "Won't run Go autobuild since there is already a finalized database for Go."
+    );
+    return;
+  }
   // This captures whether a user has added manual build steps for Go
   if (doesGoExtractionOutputExist(config)) {
     logger.debug(
@@ -306,8 +315,6 @@ async function run() {
       core.setFailed(error.message);
     }
 
-    console.log(error);
-
     if (error instanceof CodeQLAnalysisError) {
       const stats = { ...error.queriesStatusReport };
       await sendStatusReport(
@@ -382,7 +389,6 @@ async function runWrapper() {
     await runPromise;
   } catch (error) {
     core.setFailed(`analyze action failed: ${error}`);
-    console.log(error);
   }
   await checkForTimeout();
 }

src/codeql.test.ts

@@ -3,6 +3,7 @@ import * as path from "path";
 
 import * as toolrunner from "@actions/exec/lib/toolrunner";
 import * as toolcache from "@actions/tool-cache";
+import * as safeWhich from "@chrisgavin/safe-which";
 import test, { ExecutionContext } from "ava";
 import del from "del";
 import * as yaml from "js-yaml";
@@ -442,6 +443,8 @@ test("databaseInterpretResults() does not set --sarif-add-query-help for 2.7.0",
   const runnerConstructorStub = stubToolRunnerConstructor();
   const codeqlObject = await codeql.getCodeQLForTesting();
   sinon.stub(codeqlObject, "getVersion").resolves("2.7.0");
+  // safeWhich throws because of the test CodeQL object.
+  sinon.stub(safeWhich, "safeWhich").resolves("");
   await codeqlObject.databaseInterpretResults(
     "",
     [],
@@ -462,6 +465,8 @@ test("databaseInterpretResults() sets --sarif-add-query-help for 2.7.1", async (
   const runnerConstructorStub = stubToolRunnerConstructor();
   const codeqlObject = await codeql.getCodeQLForTesting();
   sinon.stub(codeqlObject, "getVersion").resolves("2.7.1");
+  // safeWhich throws because of the test CodeQL object.
+  sinon.stub(safeWhich, "safeWhich").resolves("");
   await codeqlObject.databaseInterpretResults(
     "",
     [],
@@ -483,6 +488,8 @@ test("databaseInitCluster() without injected codescanning config", async (t) =>
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
     sinon.stub(codeqlObject, "getVersion").resolves("2.8.1");
+    // safeWhich throws because of the test CodeQL object.
+    sinon.stub(safeWhich, "safeWhich").resolves("");
 
     const thisStubConfig: Config = {
       ...stubConfig,
@@ -865,6 +872,8 @@ test("databaseInterpretResults() sets --sarif-add-baseline-file-info when featur
   // The version of CodeQL is checked separately to determine feature enablement, and does not
   // otherwise impact this test, so set it to 0.0.0.
   sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
+  // safeWhich throws because of the test CodeQL object.
+  sinon.stub(safeWhich, "safeWhich").resolves("");
   await codeqlObject.databaseInterpretResults(
     "",
     [],
@@ -890,6 +899,8 @@ test("databaseInterpretResults() does not set --sarif-add-baseline-file-info if
   // The version of CodeQL is checked upstream to determine feature enablement, so it does not
   // affect this test.
   sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
+  // safeWhich throws because of the test CodeQL object.
+  sinon.stub(safeWhich, "safeWhich").resolves("");
   await codeqlObject.databaseInterpretResults(
     "",
     [],

src/codeql.ts

@@ -1016,7 +1016,7 @@ async function getCodeQLForCmd(
       if (querySuitePath) {
         codeqlArgs.push(querySuitePath);
       }
-      await runTool(cmd, codeqlArgs);
+      await toolrunnerErrorCatcher(cmd, codeqlArgs, errorMatchers);
     },
     async databaseInterpretResults(
       databasePath: string,
@@ -1059,7 +1059,12 @@ async function getCodeQLForCmd(
         codeqlArgs.push(...querySuitePaths);
       }
       // capture stdout, which contains analysis summaries
-      return await runTool(cmd, codeqlArgs);
+      const returnState = await toolrunnerErrorCatcher(
+        cmd,
+        codeqlArgs,
+        errorMatchers
+      );
+      return returnState.stdout;
     },
     async databasePrintBaseline(databasePath: string): Promise<string> {
       const codeqlArgs = [
@@ -1247,11 +1252,16 @@ async function runTool(cmd: string, args: string[] = []) {
   const exitCode = await new toolrunner.ToolRunner(cmd, args, {
     listeners: {
       stdout: (data: Buffer) => {
-        output += data.toString();
+        output += data.toString("utf8");
       },
       stderr: (data: Buffer) => {
-        const toRead = Math.min(maxErrorSize - error.length, data.length);
-        error += data.toString("utf8", 0, toRead);
+        let readStartIndex = 0;
+        // If the error is too large, then we only take the last 20,000 characters
+        if (data.length - maxErrorSize > 0) {
+          // Eg: if we have 20,000 the start index should be 2.
+          readStartIndex = data.length - maxErrorSize + 1;
+        }
+        error += data.toString("utf8", readStartIndex);
       },
     },
     ignoreReturnCode: true,

src/error-matcher.test.ts

@@ -20,6 +20,15 @@ test("noSourceCodeFound matches against example javascript output", async (t) =>
   );
 });
 
+test("fatalError matches against example log output", async (t) => {
+  t.assert(
+    testErrorMatcher(
+      "fatalError",
+      "A fatal error occurred: Could not process query metadata for test-query.ql"
+    )
+  );
+});
+
 function testErrorMatcher(matcherName: string, logSample: string): boolean {
   if (!(matcherName in namedMatchersForTesting)) {
     throw new Error(`Unknown matcher ${matcherName}`);

src/error-matcher.ts

@@ -18,6 +18,10 @@ export const namedMatchersForTesting: { [key: string]: ErrorMatcher } = {
       "No code found during the build. Please see:\n" +
       "https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-code-scanning#no-code-found-during-the-build",
   },
+  fatalError: {
+    outputRegex: new RegExp("A fatal error occurred"),
+    message: "A fatal error occurred.",
+  },
 };
 
 // we collapse the matches into an array for use in execErrorCatcher

src/toolrunner-error-catcher.test.ts

@@ -21,7 +21,8 @@ test("matchers are never applied if non-error exit", async (t) => {
 
   t.deepEqual(await exec.exec("node", testArgs), 0);
 
-  t.deepEqual(await toolrunnerErrorCatcher("node", testArgs, matchers), 0);
+  const returnState = await toolrunnerErrorCatcher("node", testArgs, matchers);
+  t.deepEqual(returnState.exitCode, 0);
 });
 
 test("regex matchers are applied to stdout for non-zero exit code", async (t) => {
@@ -150,12 +151,11 @@ test("execErrorCatcher respects the ignoreReturnValue option", async (t) => {
     { instanceOf: Error }
   );
 
-  t.deepEqual(
-    await toolrunnerErrorCatcher("node", testArgs, [], {
-      ignoreReturnCode: true,
-    }),
-    199
-  );
+  const returnState = await toolrunnerErrorCatcher("node", testArgs, [], {
+    ignoreReturnCode: true,
+  });
+
+  t.deepEqual(returnState.exitCode, 199);
 });
 
 test("execErrorCatcher preserves behavior of provided listeners", async (t) => {
@@ -176,12 +176,10 @@ test("execErrorCatcher preserves behavior of provided listeners", async (t) => {
 
   const testArgs = buildDummyArgs(stdoutExpected, stderrExpected, "", 0);
 
-  t.deepEqual(
-    await toolrunnerErrorCatcher("node", testArgs, [], {
-      listeners,
-    }),
-    0
-  );
+  const returnState = await toolrunnerErrorCatcher("node", testArgs, [], {
+    listeners,
+  });
+  t.deepEqual(returnState.exitCode, 0);
 
   t.deepEqual(stdoutActual, `${stdoutExpected}\n`);
   t.deepEqual(stderrActual, `${stderrExpected}\n`);

src/toolrunner-error-catcher.ts

@@ -4,6 +4,11 @@ import * as safeWhich from "@chrisgavin/safe-which";
 
 import { ErrorMatcher } from "./error-matcher";
 
+export interface ReturnState {
+  exitCode: number;
+  stdout: string;
+}
+
 /**
  * Wrapper for toolrunner.Toolrunner which checks for specific return code and/or regex matches in console output.
  * Output will be streamed to the live console as well as captured for subsequent processing.
@@ -13,14 +18,14 @@ import { ErrorMatcher } from "./error-matcher";
  * @param     args               optional arguments for tool. Escaping is handled by the lib.
  * @param     matchers           defines specific codes and/or regexes that should lead to return of a custom error
  * @param     options            optional exec options.  See ExecOptions
- * @returns   Promise<number>    exit code
+ * @returns   ReturnState        exit code and stdout output, if applicable
  */
 export async function toolrunnerErrorCatcher(
   commandLine: string,
   args?: string[],
   matchers?: ErrorMatcher[],
   options?: im.ExecOptions
-): Promise<number> {
+): Promise<ReturnState> {
   let stdout = "";
   let stderr = "";
 
@@ -40,9 +45,9 @@ export async function toolrunnerErrorCatcher(
   };
 
   // we capture the original return code or error so that if no match is found we can duplicate the behavior
-  let returnState: Error | number;
+  let exitCode: number;
   try {
-    returnState = await new toolrunner.ToolRunner(
+    exitCode = await new toolrunner.ToolRunner(
       await safeWhich.safeWhich(commandLine),
       args,
       {
@@ -51,35 +56,32 @@ export async function toolrunnerErrorCatcher(
         ignoreReturnCode: true, // so we can check for specific codes using the matchers
       }
     ).exec();
-  } catch (e) {
-    returnState = e instanceof Error ? e : new Error(String(e));
-  }
 
-  // if there is a zero return code then we do not apply the matchers
-  if (returnState === 0) return returnState;
+    // if there is a zero return code then we do not apply the matchers
+    if (exitCode === 0) return { exitCode, stdout };
 
-  if (matchers) {
-    for (const matcher of matchers) {
-      if (
-        matcher.exitCode === returnState ||
-        matcher.outputRegex?.test(stderr) ||
-        matcher.outputRegex?.test(stdout)
-      ) {
-        throw new Error(matcher.message);
+    if (matchers) {
+      for (const matcher of matchers) {
+        if (
+          matcher.exitCode === exitCode ||
+          matcher.outputRegex?.test(stderr) ||
+          matcher.outputRegex?.test(stdout)
+        ) {
+          throw new Error(matcher.message);
+        }
       }
     }
-  }
 
-  if (typeof returnState === "number") {
     // only if we were instructed to ignore the return code do we ever return it non-zero
     if (options?.ignoreReturnCode) {
-      return returnState;
+      return { exitCode, stdout };
     } else {
       throw new Error(
-        `The process '${commandLine}' failed with exit code ${returnState}`
+        `The process '${commandLine}' failed with exit code ${exitCode}`
       );
     }
-  } else {
-    throw returnState;
+  } catch (e) {
+    const error = e instanceof Error ? e : new Error(String(e));
+    throw error;
   }
 }

src/workflow.ts

@@ -293,7 +293,7 @@ export function getWorkflowRunID(): number {
   return workflowRunID;
 }
 
-export function getStepsCallingAction(
+function getStepsCallingAction(
   job: WorkflowJob,
   actionName: string
 ): WorkflowJobStep[] {
@@ -310,6 +310,8 @@ export function getStepsCallingAction(
  * Makes a best effort attempt to retrieve the value of a particular input with which
  * an Action in the workflow would be invoked.
  *
+ * Typically you'll want to wrap this function in a try/catch block and handle the error.
+ *
  * @returns the value of the input, or undefined if no such input is passed to the Action
  * @throws an error if the value of the input could not be determined, or we could not
  * determine that no such input is passed to the Action.
@@ -366,6 +368,8 @@ function getInputOrThrow(
  * Makes a best effort attempt to retrieve the category input for the particular job,
  * given a set of matrix variables.
  *
+ * Typically you'll want to wrap this function in a try/catch block and handle the error.
+ *
  * @returns the category input, or undefined if the category input is not defined
  * @throws an error if the category input could not be determined
  */