Merge pull request #2716 from github/mergeback/v3.28.4-to-main-ee117c90

Mergeback v3.28.4 refs/heads/releases/v3 into main
Update checked-in dependencies
2026-05-03 12:20:09 +00:00 · 2025-01-23 17:09:33 +00:00 · 2025-01-23 16:48:10 +00:00 · 2025-01-23 16:44:36 +00:00 · 2025-01-23 16:43:44 +00:00 · 2025-01-23 16:28:37 +00:00
1125 changed files with 44129 additions and 9314 deletions
@@ -1 +1 @@
-OLDEST_SUPPORTED_MAJOR_VERSION=2
+OLDEST_SUPPORTED_MAJOR_VERSION=3
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -42,11 +42,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -42,11 +42,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -38,11 +38,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -46,11 +46,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -46,11 +46,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -38,11 +38,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -66,11 +66,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -66,11 +66,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -66,11 +66,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -53,11 +53,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -66,11 +66,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -52,11 +52,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -52,11 +52,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -52,11 +52,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -52,11 +52,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -38,11 +38,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -52,11 +52,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -46,11 +46,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -46,11 +46,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -36,11 +36,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -50,11 +50,6 @@ jobs:
          apt-add-repository https://cli.github.com/packages
          apt install -y gh
        env: {}
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -38,11 +38,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -38,11 +38,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -40,11 +40,6 @@ jobs:
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Setup Python on macOS
-        uses: actions/setup-python@v5
-        if: runner.os == 'macOS' && matrix.version == 'stable-v2.14.6'
-        with:
-          python-version: '3.11'
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Prepare test
@@ -19,8 +19,6 @@ jobs:

    strategy:
      fail-fast: false
-      matrix:
-        node-types-version: [16.11, current] # run tests on 16.11 while CodeQL Action v2 is still supported

    steps:
      - name: Checkout
@@ -32,34 +30,10 @@ jobs:

      - name: Upload sarif
        uses: github/codeql-action/upload-sarif@v3
-        # Only upload SARIF for the latest version of Node.js
-        if: "!cancelled() && matrix.node-types-version == 'current' && !startsWith(github.head_ref, 'dependabot/')"
        with:
          sarif_file: eslint.sarif
          category: eslint

-      - name: Update version of @types/node
-        if: matrix.node-types-version != 'current'
-        env:
-          NODE_TYPES_VERSION: ${{ matrix.node-types-version }}
-        run: |
-          # Export `NODE_TYPES_VERSION` so it's available to jq
-          export NODE_TYPES_VERSION="${NODE_TYPES_VERSION}"
-          contents=$(jq '.devDependencies."@types/node" = env.NODE_TYPES_VERSION' package.json)
-          echo "${contents}" > package.json
-          # Usually we run `npm install` on macOS to ensure that we pick up macOS-only dependencies.
-          # However we're not checking in the updated lockfile here, so it's fine to run
-          # `npm install` on Linux.
-          npm install
-
-          if [ ! -z "$(git status --porcelain)" ]; then
-            git config --global user.email "github-actions@github.com"
-            git config --global user.name "github-actions[bot]"
-            # The period in `git add --all .` ensures that we stage deleted files too.
-            git add --all .
-            git commit -m "Use @types/node=${NODE_TYPES_VERSION}"
-          fi
-
      - name: Check generated JS
        run: .github/workflows/script/check-js.sh

@@ -2,6 +2,24 @@

 See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.

+## [UNRELEASED]
+
+No user facing changes.
+
+## 3.28.4 - 23 Jan 2025
+
+No user facing changes.
+
+## 3.28.3 - 22 Jan 2025
+
+- Update default CodeQL bundle version to 2.20.2. [#2707](https://github.com/github/codeql-action/pull/2707)
+- Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the [CodeQL Action sync tool](https://github.com/github/codeql-action-sync-tool) and the Actions runner did not have Zstandard installed. [#2710](https://github.com/github/codeql-action/pull/2710)
+- Uploading debug artifacts for CodeQL analysis is temporarily disabled. [#2712](https://github.com/github/codeql-action/pull/2712)
+
+## 3.28.2 - 21 Jan 2025
+
+No user facing changes.
+
 ## 3.28.1 - 10 Jan 2025

 - CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see [this changelog post](https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/). [#2677](https://github.com/github/codeql-action/pull/2677)
@@ -72,7 +90,7 @@ No user facing changes.

 - _Upcoming breaking change_: Add support for using `actions/download-artifact@v4` to programmatically consume CodeQL Action debug artifacts.

-  Starting November 30, 2024, GitHub.com customers will [no longer be able to use `actions/download-artifact@v3`](https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/). Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the `CODEQL_ACTION_ARTIFACT_V4_UPGRADE` environment variable to `true` and bump `actions/download-artifact@v3` to `actions/download-artifact@v4` in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped to `actions/download-artifact@v3` to `actions/download-artifact@v4` will begin failing then.
+  Starting November 30, 2024, GitHub.com customers will [no longer be able to use `actions/download-artifact@v3`](https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/). Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the `CODEQL_ACTION_ARTIFACT_V4_UPGRADE` environment variable to `true` and bump `actions/download-artifact@v3` to `actions/download-artifact@v4` in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped `actions/download-artifact@v3` to `actions/download-artifact@v4` will begin failing then.

  This change is currently unavailable for GitHub Enterprise Server customers, as `actions/upload-artifact@v4` and `actions/download-artifact@v4` are not yet compatible with GHES.
 - Update default CodeQL bundle version to 2.19.1. [#2519](https://github.com/github/codeql-action/pull/2519)
@@ -27,7 +27,7 @@ You may want to run `tsc --watch` from the command line or inside of vscode in o

 ### Checking in compiled artifacts and `node_modules`

-Because CodeQL Action users consume the code directly from this repository, and there can be no build step during an GitHub Actions run, this repository contains all compiled artifacts and node modules. There is a PR check that will fail if any of the compiled artifacts are not up to date. Compiled artifacts are stored in the `lib/` directory. For all day-to-day development purposes, this folder can be ignored.
+Because CodeQL Action users consume the code directly from this repository, and there can be no build step during a GitHub Actions run, this repository contains all compiled artifacts and node modules. There is a PR check that will fail if any of the compiled artifacts are not up to date. Compiled artifacts are stored in the `lib/` directory. For all day-to-day development purposes, this folder can be ignored.

 Only run `npm install` if you are explicitly changing the set of dependencies in `package.json`. The `node_modules` directory should be up to date when you check out, but if for some reason, there is an inconsistency use `npm ci && npm run removeNPMAbsolutePaths` to ensure the directory is in a state consistent with the `package-lock.json`. Note that due to a macOS-specific dependency, this command should be run on a macOS machine. There is a PR check to ensure the consistency of the `node_modules` directory.

@@ -63,7 +63,7 @@ Here are a few things you can do that will increase the likelihood of your pull
    You can start a release by triggering this workflow via [workflow dispatch](https://github.com/github/codeql-action/actions/workflows/update-release-branch.yml).
 1. The workflow run will open a pull request titled "Merge main into releases/v3". Follow the steps on the checklist in the pull request. Once you've checked off all but the last two of these, approve the PR and automerge it.
 1. When the "Merge main into releases/v3" pull request is merged into the `releases/v3` branch, a mergeback pull request to `main` will be automatically created. This mergeback pull request incorporates the changelog updates into `main`, tags the release using the merge commit of the "Merge main into releases/v3" pull request, and bumps the patch version of the CodeQL Action. 
-1. If a backport to an older major version is required, a pull request targeting that version's branch will also be automatically created
+1. If a backport to an older major version is required, a pull request targeting that version's branch will also be automatically created.
 1. Approve the mergeback and backport pull request (if applicable) and automerge them.

 Once the mergeback and backport pull request have been merged, the release is complete.
@@ -109,6 +109,7 @@ To add a new major version of the Action:
 1. Change the `version` field of `package.json` by running `npm version x.y.z` where `x` is the new major version, and `y` and `z` match the latest minor and patch versions of the last release.
 1. Update appropriate documentation to explain the reasoning behind the releases: see [the diff](https://github.com/github/codeql-action/pull/2677/commits/913d60579d4b560addf53ec3c493d491dd3c1378) in our last major version deprecation for examples on which parts of the documentation should be updated.
 1. Consider the timeline behind deprecating the prior Action version: see [CodeQL Action deprecation documentation](#deprecating-a-codeql-action-major-version-write-access-required)
+1. If the new major version runs on a new version of Node, add a PR check to ensure the codebase continues to compile against the previous version of Node. See [Remove Node 16 compilation PR check](https://github.com/github/codeql-action/pull/2695) for an example.

 ## Deprecating a CodeQL Action major version (write access required)

@@ -188,7 +188,7 @@ async function run() {
        const memory = util.getMemoryFlag(actionsUtil.getOptionalInput("ram") || process.env["CODEQL_RAM"], logger);
        const pull_request = github.context.payload.pull_request;
        const diffRangePackDir = pull_request &&
-            (await (0, analyze_1.setupDiffInformedQueryRun)(pull_request.base.ref, pull_request.head.ref, codeql, logger, features));
+            (await (0, analyze_1.setupDiffInformedQueryRun)(pull_request.base.ref, pull_request.head.label, codeql, logger, features));
        await (0, analyze_1.warnIfGoInstalledAfterInit)(config, logger);
        await runAutobuildIfLegacyGoWorkflow(config, logger);
        dbCreationTimings = await (0, analyze_1.runFinalize)(outputDir, threads, memory, codeql, config, logger);
@@ -36,7 +36,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CodeQLAnalysisError = void 0;
+exports.exportedForTesting = exports.CodeQLAnalysisError = void 0;
 exports.runExtraction = runExtraction;
 exports.dbIsFinalized = dbIsFinalized;
 exports.setupDiffInformedQueryRun = setupDiffInformedQueryRun;
@@ -51,12 +51,12 @@ const io = __importStar(require("@actions/io"));
 const del_1 = __importDefault(require("del"));
 const yaml = __importStar(require("js-yaml"));
 const actionsUtil = __importStar(require("./actions-util"));
+const api_client_1 = require("./api-client");
 const autobuild_1 = require("./autobuild");
 const codeql_1 = require("./codeql");
 const diagnostics_1 = require("./diagnostics");
 const environment_1 = require("./environment");
 const feature_flags_1 = require("./feature-flags");
-const gitUtils = __importStar(require("./git-utils"));
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const tools_features_1 = require("./tools-features");
@@ -152,124 +152,173 @@ async function finalizeDatabaseCreation(codeql, config, threadsFlag, memoryFlag,
 * Set up the diff-informed analysis feature.
 *
 * @param baseRef The base branch name, used for calculating the diff range.
- * @param headRef The head branch name, used for calculating the diff range.
+ * @param headLabel The label that uniquely identifies the head branch across
+ * repositories, used for calculating the diff range.
 * @param codeql
 * @param logger
 * @param features
 * @returns Absolute path to the directory containing the extension pack for
 * the diff range information, or `undefined` if the feature is disabled.
 */
-async function setupDiffInformedQueryRun(baseRef, headRef, codeql, logger, features) {
+async function setupDiffInformedQueryRun(baseRef, headLabel, codeql, logger, features) {
    if (!(await features.getValue(feature_flags_1.Feature.DiffInformedQueries, codeql))) {
        return undefined;
    }
    return await (0, logging_1.withGroupAsync)("Generating diff range extension pack", async () => {
-        const diffRanges = await getPullRequestEditedDiffRanges(baseRef, headRef, logger);
-        return writeDiffRangeDataExtensionPack(logger, diffRanges);
+        const diffRanges = await getPullRequestEditedDiffRanges(baseRef, headLabel, logger);
+        const packDir = writeDiffRangeDataExtensionPack(logger, diffRanges);
+        if (packDir === undefined) {
+            logger.warning("Cannot create diff range extension pack for diff-informed queries; " +
+                "reverting to performing full analysis.");
+        }
+        else {
+            logger.info(`Successfully created diff range extension pack at ${packDir}.`);
+        }
+        return packDir;
    });
 }
 /**
 * Return the file line ranges that were added or modified in the pull request.
 *
 * @param baseRef The base branch name, used for calculating the diff range.
- * @param headRef The head branch name, used for calculating the diff range.
+ * @param headLabel The label that uniquely identifies the head branch across
+ * repositories, used for calculating the diff range.
 * @param logger
 * @returns An array of tuples, where each tuple contains the absolute path of a
 * file, the start line and the end line (both 1-based and inclusive) of an
 * added or modified range in that file. Returns `undefined` if the action was
 * not triggered by a pull request or if there was an error.
 */
-async function getPullRequestEditedDiffRanges(baseRef, headRef, logger) {
-    const checkoutPath = actionsUtil.getOptionalInput("checkout_path");
-    if (checkoutPath === undefined) {
+async function getPullRequestEditedDiffRanges(baseRef, headLabel, logger) {
+    const fileDiffs = await getFileDiffsWithBasehead(baseRef, headLabel, logger);
+    if (fileDiffs === undefined) {
        return undefined;
    }
-    // To compute the merge bases between the base branch and the PR topic branch,
-    // we need to fetch the commit graph from the branch heads to those merge
-    // babes. The following 6-step procedure does so while limiting the amount of
-    // history fetched.
-    // Step 1: Deepen from the PR merge commit to the base branch head and the PR
-    // topic branch head, so that the PR merge commit is no longer considered a
-    // grafted commit.
-    await gitUtils.deepenGitHistory();
-    // Step 2: Fetch the base branch shallow history. This step ensures that the
-    // base branch name is present in the local repository. Normally the base
-    // branch name would be added by Step 4. However, if the base branch head is
-    // an ancestor of the PR topic branch head, Step 4 would fail without doing
-    // anything, so we need to fetch the base branch explicitly.
-    await gitUtils.gitFetch(baseRef, ["--depth=1"]);
-    // Step 3: Fetch the PR topic branch history, stopping when we reach commits
-    // that are reachable from the base branch head.
-    await gitUtils.gitFetch(headRef, [`--shallow-exclude=${baseRef}`]);
-    // Step 4: Fetch the base branch history, stopping when we reach commits that
-    // are reachable from the PR topic branch head.
-    await gitUtils.gitFetch(baseRef, [`--shallow-exclude=${headRef}`]);
-    // Step 5: Repack the history to remove the shallow grafts that were added by
-    // the previous fetches. This step works around a bug that causes subsequent
-    // deepening fetches to fail with "fatal: error in object: unshallow <SHA>".
-    // See https://stackoverflow.com/q/63878612
-    await gitUtils.gitRepack(["-d"]);
-    // Step 6: Deepen the history so that we have the merge bases between the base
-    // branch and the PR topic branch.
-    await gitUtils.deepenGitHistory();
-    // To compute the exact same diff as GitHub would compute for the PR, we need
-    // to use the same merge base as GitHub. That is easy to do if there is only
-    // one merge base, which is by far the most common case. If there are multiple
-    // merge bases, we stop without producing a diff range.
-    const mergeBases = await gitUtils.getAllGitMergeBases([baseRef, headRef]);
-    logger.info(`Merge bases: ${mergeBases.join(", ")}`);
-    if (mergeBases.length !== 1) {
-        logger.info("Cannot compute diff range because baseRef and headRef " +
-            `have ${mergeBases.length} merge bases (instead of exactly 1).`);
+    if (fileDiffs.length >= 300) {
+        // The "compare two commits" API returns a maximum of 300 changed files. If
+        // we see that many changed files, it is possible that there could be more,
+        // with the rest being truncated. In this case, we should not attempt to
+        // compute the diff ranges, as the result would be incomplete.
+        logger.warning(`Cannot retrieve the full diff because there are too many ` +
+            `(${fileDiffs.length}) changed files in the pull request.`);
        return undefined;
    }
-    const diffHunkHeaders = await gitUtils.getGitDiffHunkHeaders(mergeBases[0], headRef);
-    if (diffHunkHeaders === undefined) {
-        return undefined;
-    }
-    const results = new Array();
-    let changedFile = "";
-    for (const line of diffHunkHeaders) {
-        if (line.startsWith("+++ ")) {
-            const filePath = gitUtils.decodeGitFilePath(line.substring(4));
-            if (filePath.startsWith("b/")) {
-                // The file was edited: track all hunks in the file
-                changedFile = filePath.substring(2);
-            }
-            else if (filePath === "/dev/null") {
-                // The file was deleted: skip all hunks in the file
-                changedFile = "";
-            }
-            else {
-                logger.warning(`Failed to parse diff hunk header line: ${line}`);
-                return undefined;
-            }
-            continue;
-        }
-        if (line.startsWith("@@ ")) {
-            if (changedFile === "")
-                continue;
-            const match = line.match(/^@@ -\d+(?:,\d+)? \+(\d+)(?:,(\d+))? @@/);
-            if (match === null) {
-                logger.warning(`Failed to parse diff hunk header line: ${line}`);
-                return undefined;
-            }
-            const startLine = parseInt(match[1], 10);
-            const numLines = parseInt(match[2], 10);
-            if (numLines === 0) {
-                // The hunk was a deletion: skip it
-                continue;
-            }
-            const endLine = startLine + (numLines || 1) - 1;
-            results.push({
-                path: path.join(checkoutPath, changedFile),
-                startLine,
-                endLine,
-            });
+    const results = [];
+    for (const filediff of fileDiffs) {
+        const diffRanges = getDiffRanges(filediff, logger);
+        if (diffRanges === undefined) {
+            return undefined;
        }
+        results.push(...diffRanges);
    }
    return results;
 }
+async function getFileDiffsWithBasehead(baseRef, headLabel, logger) {
+    const ownerRepo = util.getRequiredEnvParam("GITHUB_REPOSITORY").split("/");
+    const owner = ownerRepo[0];
+    const repo = ownerRepo[1];
+    const basehead = `${baseRef}...${headLabel}`;
+    try {
+        const response = await (0, api_client_1.getApiClient)().rest.repos.compareCommitsWithBasehead({
+            owner,
+            repo,
+            basehead,
+            per_page: 1,
+        });
+        logger.debug(`Response from compareCommitsWithBasehead(${basehead}):` +
+            `\n${JSON.stringify(response, null, 2)}`);
+        return response.data.files;
+    }
+    catch (error) {
+        if (error.status) {
+            logger.warning(`Error retrieving diff ${basehead}: ${error.message}`);
+            logger.debug(`Error running compareCommitsWithBasehead(${basehead}):` +
+                `\nRequest: ${JSON.stringify(error.request, null, 2)}` +
+                `\nError Response: ${JSON.stringify(error.response, null, 2)}`);
+            return undefined;
+        }
+        else {
+            throw error;
+        }
+    }
+}
+function getDiffRanges(fileDiff, logger) {
+    // Diff-informed queries expect the file path to be absolute. CodeQL always
+    // uses forward slashes as the path separator, so on Windows we need to
+    // replace any backslashes with forward slashes.
+    const filename = path
+        .join(actionsUtil.getRequiredInput("checkout_path"), fileDiff.filename)
+        .replaceAll(path.sep, "/");
+    if (fileDiff.patch === undefined) {
+        if (fileDiff.changes === 0) {
+            // There are situations where a changed file legitimately has no diff.
+            // For example, the file may be a binary file, or that the file may have
+            // been renamed with no changes to its contents. In these cases, the
+            // file would be reported as having 0 changes, and we can return an empty
+            // array to indicate no diff range in this file.
+            return [];
+        }
+        // If a file is reported to have nonzero changes but no patch, that may be
+        // due to the file diff being too large. In this case, we should fall back
+        // to a special diff range that covers the entire file.
+        return [
+            {
+                path: filename,
+                startLine: 0,
+                endLine: 0,
+            },
+        ];
+    }
+    // The 1-based file line number of the current line
+    let currentLine = 0;
+    // The 1-based file line number that starts the current range of added lines
+    let additionRangeStartLine = undefined;
+    const diffRanges = [];
+    const diffLines = fileDiff.patch.split("\n");
+    // Adding a fake context line at the end ensures that the following loop will
+    // always terminate the last range of added lines.
+    diffLines.push(" ");
+    for (const diffLine of diffLines) {
+        if (diffLine.startsWith("-")) {
+            // Ignore deletions completely -- we do not even want to consider them when
+            // calculating consecutive ranges of added lines.
+            continue;
+        }
+        if (diffLine.startsWith("+")) {
+            if (additionRangeStartLine === undefined) {
+                additionRangeStartLine = currentLine;
+            }
+            currentLine++;
+            continue;
+        }
+        if (additionRangeStartLine !== undefined) {
+            // Any line that does not start with a "+" or "-" terminates the current
+            // range of added lines.
+            diffRanges.push({
+                path: filename,
+                startLine: additionRangeStartLine,
+                endLine: currentLine - 1,
+            });
+            additionRangeStartLine = undefined;
+        }
+        if (diffLine.startsWith("@@ ")) {
+            // A new hunk header line resets the current line number.
+            const match = diffLine.match(/^@@ -\d+(?:,\d+)? \+(\d+)(?:,\d+)? @@/);
+            if (match === null) {
+                logger.warning(`Cannot parse diff hunk header for ${fileDiff.filename}: ${diffLine}`);
+                return undefined;
+            }
+            currentLine = parseInt(match[1], 10);
+            continue;
+        }
+        if (diffLine.startsWith(" ")) {
+            // An unchanged context line advances the current line number.
+            currentLine++;
+            continue;
+        }
+    }
+    return diffRanges;
+}
 /**
 * Create an extension pack in the temporary directory that contains the file
 * line ranges that were added or modified in the pull request.
@@ -303,7 +352,12 @@ extensions:
    data:
 `;
    let data = ranges
-        .map((range) => `      - ["${range.path}", ${range.startLine}, ${range.endLine}]\n`)
+        .map((range) => 
+    // Using yaml.dump() with `forceQuotes: true` ensures that all special
+    // characters are escaped, and that the path is always rendered as a
+    // quoted string on a single line.
+    `      - [${yaml.dump(range.path, { forceQuotes: true }).trim()}, ` +
+        `${range.startLine}, ${range.endLine}]\n`)
        .join("");
    if (!data) {
        // Ensure that the data extension is not empty, so that a pull request with
@@ -319,6 +373,7 @@ extensions:
 // Runs queries and creates sarif files in the given folder
 async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag, diffRangePackDir, automationDetailsId, config, logger, features) {
    const statusReport = {};
+    statusReport.analysis_is_diff_informed = diffRangePackDir !== undefined;
    const dataExtensionFlags = diffRangePackDir
        ? [
            `--additional-packs=${diffRangePackDir}`,
@@ -371,9 +426,6 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
                }
                statusReport["event_reports"].push(perQueryAlertCountEventReport);
            }
-            if (!(await util.codeQlVersionAtLeast(codeql, codeql_1.CODEQL_VERSION_ANALYSIS_SUMMARY_V2))) {
-                await runPrintLinesOfCode(language);
-            }
        }
        catch (e) {
            statusReport.analyze_failure_language = language;
@@ -405,10 +457,6 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
        }
        return perQueryAlertCounts;
    }
-    async function runPrintLinesOfCode(language) {
-        const databasePath = util.getCodeQLDatabasePath(config, language);
-        return await codeql.databasePrintBaseline(databasePath);
-    }
 }
 async function runFinalize(outputDir, threadsFlag, memoryFlag, codeql, config, logger) {
    try {
@@ -461,4 +509,7 @@ async function runCleanup(config, cleanupLevel, logger) {
    }
    logger.endGroup();
 }
+exports.exportedForTesting = {
+    getDiffRanges,
+};
 //# sourceMappingURL=analyze.js.map
@@ -40,6 +40,7 @@ const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const ava_1 = __importDefault(require("ava"));
 const sinon = __importStar(require("sinon"));
+const actionsUtil = __importStar(require("./actions-util"));
 const analyze_1 = require("./analyze");
 const codeql_1 = require("./codeql");
 const feature_flags_1 = require("./feature-flags");
@@ -115,6 +116,7 @@ const util = __importStar(require("./util"));
            });
            const statusReport = await (0, analyze_1.runQueries)(tmpDir, memoryFlag, addSnippetsFlag, threadsFlag, undefined, undefined, config, (0, logging_1.getRunnerLogger)(true), (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.QaTelemetryEnabled]));
            t.deepEqual(Object.keys(statusReport).sort(), [
+                "analysis_is_diff_informed",
                `analyze_builtin_queries_${language}_duration_ms`,
                "event_reports",
                `interpret_results_${language}_duration_ms`,
@@ -127,4 +129,188 @@ const util = __importStar(require("./util"));
        }
    });
 });
+function runGetDiffRanges(changes, patch) {
+    sinon
+        .stub(actionsUtil, "getRequiredInput")
+        .withArgs("checkout_path")
+        .returns("/checkout/path");
+    return analyze_1.exportedForTesting.getDiffRanges({
+        filename: "test.txt",
+        changes,
+        patch: patch?.join("\n"),
+    }, (0, logging_1.getRunnerLogger)(true));
+}
+(0, ava_1.default)("getDiffRanges: file unchanged", async (t) => {
+    const diffRanges = runGetDiffRanges(0, undefined);
+    t.deepEqual(diffRanges, []);
+});
+(0, ava_1.default)("getDiffRanges: file diff too large", async (t) => {
+    const diffRanges = runGetDiffRanges(1000000, undefined);
+    t.deepEqual(diffRanges, [
+        {
+            path: "/checkout/path/test.txt",
+            startLine: 0,
+            endLine: 0,
+        },
+    ]);
+});
+(0, ava_1.default)("getDiffRanges: diff thunk with single addition range", async (t) => {
+    const diffRanges = runGetDiffRanges(2, [
+        "@@ -30,6 +50,8 @@",
+        " a",
+        " b",
+        " c",
+        "+1",
+        "+2",
+        " d",
+        " e",
+        " f",
+    ]);
+    t.deepEqual(diffRanges, [
+        {
+            path: "/checkout/path/test.txt",
+            startLine: 53,
+            endLine: 54,
+        },
+    ]);
+});
+(0, ava_1.default)("getDiffRanges: diff thunk with single deletion range", async (t) => {
+    const diffRanges = runGetDiffRanges(2, [
+        "@@ -30,8 +50,6 @@",
+        " a",
+        " b",
+        " c",
+        "-1",
+        "-2",
+        " d",
+        " e",
+        " f",
+    ]);
+    t.deepEqual(diffRanges, []);
+});
+(0, ava_1.default)("getDiffRanges: diff thunk with single update range", async (t) => {
+    const diffRanges = runGetDiffRanges(2, [
+        "@@ -30,7 +50,7 @@",
+        " a",
+        " b",
+        " c",
+        "-1",
+        "+2",
+        " d",
+        " e",
+        " f",
+    ]);
+    t.deepEqual(diffRanges, [
+        {
+            path: "/checkout/path/test.txt",
+            startLine: 53,
+            endLine: 53,
+        },
+    ]);
+});
+(0, ava_1.default)("getDiffRanges: diff thunk with addition ranges", async (t) => {
+    const diffRanges = runGetDiffRanges(2, [
+        "@@ -30,7 +50,9 @@",
+        " a",
+        " b",
+        " c",
+        "+1",
+        " c",
+        "+2",
+        " d",
+        " e",
+        " f",
+    ]);
+    t.deepEqual(diffRanges, [
+        {
+            path: "/checkout/path/test.txt",
+            startLine: 53,
+            endLine: 53,
+        },
+        {
+            path: "/checkout/path/test.txt",
+            startLine: 55,
+            endLine: 55,
+        },
+    ]);
+});
+(0, ava_1.default)("getDiffRanges: diff thunk with mixed ranges", async (t) => {
+    const diffRanges = runGetDiffRanges(2, [
+        "@@ -30,7 +50,7 @@",
+        " a",
+        " b",
+        " c",
+        "-1",
+        " d",
+        "-2",
+        "+3",
+        " e",
+        " f",
+        "+4",
+        "+5",
+        " g",
+        " h",
+        " i",
+    ]);
+    t.deepEqual(diffRanges, [
+        {
+            path: "/checkout/path/test.txt",
+            startLine: 54,
+            endLine: 54,
+        },
+        {
+            path: "/checkout/path/test.txt",
+            startLine: 57,
+            endLine: 58,
+        },
+    ]);
+});
+(0, ava_1.default)("getDiffRanges: multiple diff thunks", async (t) => {
+    const diffRanges = runGetDiffRanges(2, [
+        "@@ -30,6 +50,8 @@",
+        " a",
+        " b",
+        " c",
+        "+1",
+        "+2",
+        " d",
+        " e",
+        " f",
+        "@@ -130,6 +150,8 @@",
+        " a",
+        " b",
+        " c",
+        "+1",
+        "+2",
+        " d",
+        " e",
+        " f",
+    ]);
+    t.deepEqual(diffRanges, [
+        {
+            path: "/checkout/path/test.txt",
+            startLine: 53,
+            endLine: 54,
+        },
+        {
+            path: "/checkout/path/test.txt",
+            startLine: 153,
+            endLine: 154,
+        },
+    ]);
+});
+(0, ava_1.default)("getDiffRanges: no diff context lines", async (t) => {
+    const diffRanges = runGetDiffRanges(2, ["@@ -30 +50,2 @@", "+1", "+2"]);
+    t.deepEqual(diffRanges, [
+        {
+            path: "/checkout/path/test.txt",
+            startLine: 50,
+            endLine: 51,
+        },
+    ]);
+});
+(0, ava_1.default)("getDiffRanges: malformed thunk header", async (t) => {
+    const diffRanges = runGetDiffRanges(2, ["@@ 30 +50,2 @@", "+1", "+2"]);
+    t.deepEqual(diffRanges, undefined);
+});
 //# sourceMappingURL=analyze.test.js.map
@@ -1 +1 @@
-{ "maximumVersion": "3.16", "minimumVersion": "3.11" }
+{ "maximumVersion": "3.16", "minimumVersion": "3.12" }
@@ -115,6 +115,7 @@ var CliConfigErrorCategory;
    CliConfigErrorCategory["IncompatibleWithActionVersion"] = "IncompatibleWithActionVersion";
    CliConfigErrorCategory["InitCalledTwice"] = "InitCalledTwice";
    CliConfigErrorCategory["InvalidConfigFile"] = "InvalidConfigFile";
+    CliConfigErrorCategory["InvalidExternalRepoSpecifier"] = "InvalidExternalRepoSpecifier";
    CliConfigErrorCategory["InvalidSourceRoot"] = "InvalidSourceRoot";
    CliConfigErrorCategory["MavenBuildFailed"] = "MavenBuildFailed";
    CliConfigErrorCategory["NoBuildCommandAutodetected"] = "NoBuildCommandAutodetected";
@@ -166,6 +167,11 @@ exports.cliErrorsConfig = {
            new RegExp("The supplied config file is empty"),
        ],
    },
+    [CliConfigErrorCategory.InvalidExternalRepoSpecifier]: {
+        cliErrorMessageCandidates: [
+            new RegExp("Specifier for external repository is invalid"),
+        ],
+    },
    // Expected source location for database creation does not exist
    [CliConfigErrorCategory.InvalidSourceRoot]: {
        cliErrorMessageCandidates: [new RegExp("Invalid source root")],
@@ -33,7 +33,6 @@ var __importStar = (this && this.__importStar) || (function () {
    };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = void 0;
 exports.setupCodeQL = setupCodeQL;
 exports.getCodeQL = getCodeQL;
 exports.setCodeQL = setCodeQL;
@@ -49,7 +48,6 @@ const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const yaml = __importStar(require("js-yaml"));
-const semver = __importStar(require("semver"));
 const actions_util_1 = require("./actions-util");
 const cli_errors_1 = require("./cli-errors");
 const doc_url_1 = require("./doc-url");
@@ -97,18 +95,6 @@ const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
 * For convenience, please keep these in descending order. Once a version
 * flag is older than the oldest supported version above, it may be removed.
 */
-/**
- * Versions 2.15.0+ of the CodeQL CLI support new analysis summaries.
- */
-exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = "2.15.0";
-/**
- * Versions 2.15.0+ of the CodeQL CLI support sub-language file coverage information.
- */
-exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = "2.15.0";
-/**
- * Versions 2.15.2+ of the CodeQL CLI support the `--sarif-include-query-help` option.
- */
-const CODEQL_VERSION_INCLUDE_QUERY_HELP = "2.15.2";
 /**
 * Versions 2.17.1+ of the CodeQL CLI support the `--cache-cleanup` option.
 */
@@ -289,13 +275,6 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            if (qlconfigFile !== undefined) {
                extraArgs.push(`--qlconfig-file=${qlconfigFile}`);
            }
-            extraArgs.push("--calculate-language-specific-baseline");
-            if (await isSublanguageFileCoverageEnabled(config, this)) {
-                extraArgs.push("--sublanguage-file-coverage");
-            }
-            else if (await util.codeQlVersionAtLeast(this, exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE)) {
-                extraArgs.push("--no-sublanguage-file-coverage");
-            }
            const overwriteFlag = (0, tools_features_1.isSupportedToolsFeature)(await this.getVersion(), tools_features_1.ToolsFeature.ForceOverwrite)
                ? "--force-overwrite"
                : "--overwrite";
@@ -306,7 +285,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                "--db-cluster",
                config.dbLocation,
                `--source-root=${sourceRoot}`,
+                "--calculate-language-specific-baseline",
                "--extractor-include-aliases",
+                "--sublanguage-file-coverage",
                ...extraArgs,
                ...getExtraOptionsFromEnv(["database", "init"], {
                    ignoringOptions: ["--overwrite"],
@@ -466,15 +447,13 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                ...flags,
                databasePath,
                "--expect-discarded-cache",
+                "--intra-layer-parallelism",
                "--min-disk-free=1024", // Try to leave at least 1GB free
                "-v",
                ...getExtraOptionsFromEnv(["database", "run-queries"], {
                    ignoringOptions: ["--expect-discarded-cache"],
                }),
            ];
-            if (await util.codeQlVersionAtLeast(this, feature_flags_1.CODEQL_VERSION_FINE_GRAINED_PARALLELISM)) {
-                codeqlArgs.push("--intra-layer-parallelism");
-            }
            await runCli(cmd, codeqlArgs);
        },
        async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, sarifRunPropertyFlag, automationDetailsId, config, features) {
@@ -492,7 +471,8 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                "--sarif-add-baseline-file-info",
                `--sarif-codescanning-config=${getGeneratedCodeScanningConfigPath(config)}`,
                "--sarif-group-rules-by-pack",
-                ...(await getCodeScanningQueryHelpArguments(this)),
+                "--sarif-include-query-help=always",
+                "--sublanguage-file-coverage",
                ...(await getJobRunUuidSarifOptions(this)),
                ...getExtraOptionsFromEnv(["database", "interpret-results"]),
            ];
@@ -502,20 +482,13 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            if (automationDetailsId !== undefined) {
                codeqlArgs.push("--sarif-category", automationDetailsId);
            }
-            if (await isSublanguageFileCoverageEnabled(config, this)) {
-                codeqlArgs.push("--sublanguage-file-coverage");
-            }
-            else if (await util.codeQlVersionAtLeast(this, exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE)) {
-                codeqlArgs.push("--no-sublanguage-file-coverage");
-            }
            if (shouldExportDiagnostics) {
                codeqlArgs.push("--sarif-include-diagnostics");
            }
            else {
                codeqlArgs.push("--no-sarif-include-diagnostics");
            }
-            if ((await util.codeQlVersionAtLeast(this, exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2)) &&
-                !(0, tools_features_1.isSupportedToolsFeature)(await this.getVersion(), tools_features_1.ToolsFeature.AnalysisSummaryV2IsDefault)) {
+            if (!(0, tools_features_1.isSupportedToolsFeature)(await this.getVersion(), tools_features_1.ToolsFeature.AnalysisSummaryV2IsDefault)) {
                codeqlArgs.push("--new-analysis-summary");
            }
            codeqlArgs.push(databasePath);
@@ -846,19 +819,6 @@ async function getTrapCachingExtractorConfigArgsForLang(config, language) {
 function getGeneratedCodeScanningConfigPath(config) {
    return path.resolve(config.tempDir, "user-config.yaml");
 }
-async function isSublanguageFileCoverageEnabled(config, codeql) {
-    return (
-    // Sub-language file coverage is first supported in GHES 3.12.
-    (config.gitHubVersion.type !== util.GitHubVariant.GHES ||
-        semver.gte(config.gitHubVersion.version, "3.12.0")) &&
-        (await util.codeQlVersionAtLeast(codeql, exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE)));
-}
-async function getCodeScanningQueryHelpArguments(codeql) {
-    if (await util.codeQlVersionAtLeast(codeql, CODEQL_VERSION_INCLUDE_QUERY_HELP)) {
-        return ["--sarif-include-query-help=always"];
-    }
-    return ["--sarif-add-query-help"];
-}
 function getExtractionVerbosityArguments(enableDebugLogging) {
    return enableDebugLogging
        ? [`--verbosity=${EXTRACTION_DEBUG_MODE_VERBOSITY}`]
@@ -521,14 +521,6 @@ const NEW_ANALYSIS_SUMMARY_TEST_CASES = [
        flagPassed: true,
        negativeFlagPassed: false,
    },
-    {
-        codeqlVersion: (0, testing_utils_1.makeVersionInfo)("2.14.6"),
-        githubVersion: {
-            type: util.GitHubVariant.DOTCOM,
-        },
-        flagPassed: false,
-        negativeFlagPassed: false,
-    },
 ];
 for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of NEW_ANALYSIS_SUMMARY_TEST_CASES) {
    (0, ava_1.default)(`database interpret-results passes ${flagPassed
@@ -620,7 +612,7 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
    sinon.stub(io, "which").resolves("");
    await t.throwsAsync(async () => await codeqlObject.databaseRunQueries(stubConfig.dbLocation, []), {
        instanceOf: cli_errors_1.CliError,
-        message: `Encountered a fatal error while running "codeql-for-testing database run-queries  --expect-discarded-cache --min-disk-free=1024 -v --intra-layer-parallelism". Exit code was 1 and error was: Oops! A fatal internal error occurred. Details:
+        message: `Encountered a fatal error while running "codeql-for-testing database run-queries  --expect-discarded-cache --intra-layer-parallelism --min-disk-free=1024 -v". Exit code was 1 and error was: Oops! A fatal internal error occurred. Details:
    com.semmle.util.exception.CatastrophicError: An error occurred while evaluating ControlFlowGraph::ControlFlow::Root.isRootOf/1#dispred#f610e6ed/2@86282cc8
    Severe disk cache trouble (corruption or out of space) at /home/runner/work/_temp/codeql_databases/go/db-go/default/cache/pages/28/33.pack: Failed to write item to disk. See the logs for more details.`,
    });
@@ -190,6 +190,8 @@ async function uploadDebugArtifacts(logger, toUpload, rootDir, artifactName, ghV
    if (toUpload.length === 0) {
        return;
    }
+    logger.info("Uploading debug artifacts is temporarily disabled");
+    return;
    let suffix = "";
    const matrix = (0, actions_util_1.getRequiredInput)("matrix");
    if (matrix) {
@@ -1,6 +1,6 @@
 {
-    "bundleVersion": "codeql-bundle-v2.20.1",
-    "cliVersion": "2.20.1",
-    "priorBundleVersion": "codeql-bundle-v2.20.0",
-    "priorCliVersion": "2.20.0"
+    "bundleVersion": "codeql-bundle-v2.20.2",
+    "cliVersion": "2.20.2",
+    "priorBundleVersion": "codeql-bundle-v2.20.1",
+    "priorCliVersion": "2.20.1"
 }
@@ -33,7 +33,7 @@ var __importStar = (this && this.__importStar) || (function () {
    };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Features = exports.FEATURE_FLAGS_FILE_NAME = exports.featureConfig = exports.Feature = exports.CODEQL_VERSION_ZSTD_BUNDLE = exports.CODEQL_VERSION_FINE_GRAINED_PARALLELISM = void 0;
+exports.Features = exports.FEATURE_FLAGS_FILE_NAME = exports.featureConfig = exports.Feature = exports.CODEQL_VERSION_ZSTD_BUNDLE = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const semver = __importStar(require("semver"));
@@ -43,11 +43,6 @@ const tools_features_1 = require("./tools-features");
 const util = __importStar(require("./util"));
 const DEFAULT_VERSION_FEATURE_FLAG_PREFIX = "default_codeql_version_";
 const DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled";
-/**
- * Evaluator fine-grained parallelism (aka intra-layer parallelism) is only safe to enable in 2.15.1 onwards.
- * (Some earlier versions recognize the command-line flag, but they contain a bug which makes it unsafe to use).
- */
-exports.CODEQL_VERSION_FINE_GRAINED_PARALLELISM = "2.15.1";
 /**
 * The first version of the CodeQL Bundle that shipped with zstd-compressed bundles.
 */
@@ -343,12 +343,12 @@ async function testFailedSarifUpload(t, actionsWorkflow, { category, databaseExi
            zipped_upload_size_bytes: 10,
        });
        if (databaseExists && exportDiagnosticsEnabled) {
-            t.true(databaseExportDiagnosticsStub.calledOnceWith(config.dbLocation, sinon.match.string, category), `Actual args were: ${databaseExportDiagnosticsStub.args}`);
+            t.true(databaseExportDiagnosticsStub.calledOnceWith(config.dbLocation, sinon.match.string, category), `Actual args were: ${JSON.stringify(databaseExportDiagnosticsStub.args)}`);
        }
        else {
-            t.true(diagnosticsExportStub.calledOnceWith(sinon.match.string, category, config), `Actual args were: ${diagnosticsExportStub.args}`);
+            t.true(diagnosticsExportStub.calledOnceWith(sinon.match.string, category, config), `Actual args were: ${JSON.stringify(diagnosticsExportStub.args)}`);
        }
-        t.true(uploadFiles.calledOnceWith(sinon.match.string, sinon.match.string, category, sinon.match.any, sinon.match.any), `Actual args were: ${uploadFiles.args}`);
+        t.true(uploadFiles.calledOnceWith(sinon.match.string, sinon.match.string, category, sinon.match.any, sinon.match.any), `Actual args were: ${JSON.stringify(uploadFiles.args)}`);
        t.true(waitForProcessing.calledOnceWith(sinon.match.any, "42", sinon.match.any, {
            isUnsuccessfulExecution: true,
        }));
@@ -25,6 +25,8 @@ exports.LANGUAGE_ALIASES = {
    "c#": Language.csharp,
    kotlin: Language.java,
    typescript: Language.javascript,
+    "javascript-typescript": Language.javascript,
+    "java-kotlin": Language.java,
 };
 /**
 * Translate from user input or GitHub's API names for languages to CodeQL's
@@ -1 +1 @@
-{"version":3,"file":"languages.js","sourceRoot":"","sources":["../src/languages.ts"],"names":[],"mappings":";;;AAgCA,sCAgBC;AAED,4CAQC;AAED,8CAEC;AA9DD,wCAAwC;AACxC,IAAY,QAWX;AAXD,WAAY,QAAQ;IAClB,+BAAmB,CAAA;IACnB,6BAAiB,CAAA;IACjB,uBAAW,CAAA;IACX,qBAAS,CAAA;IACT,yBAAa,CAAA;IACb,qCAAyB,CAAA;IACzB,6BAAiB,CAAA;IACjB,yBAAa,CAAA;IACb,yBAAa,CAAA;IACb,2BAAe,CAAA;AACjB,CAAC,EAXW,QAAQ,wBAAR,QAAQ,QAWnB;AAED,iCAAiC;AACpB,QAAA,gBAAgB,GAAiC;IAC5D,CAAC,EAAE,QAAQ,CAAC,GAAG;IACf,KAAK,EAAE,QAAQ,CAAC,GAAG;IACnB,IAAI,EAAE,QAAQ,CAAC,MAAM;IACrB,MAAM,EAAE,QAAQ,CAAC,IAAI;IACrB,UAAU,EAAE,QAAQ,CAAC,UAAU;CAChC,CAAC;AAEF;;;;;;;;GAQG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,0BAA0B;IAC1B,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAEzC,6BAA6B;IAC7B,IAAI,QAAQ,IAAI,QAAQ,EAAE,CAAC;QACzB,OAAO,QAAoB,CAAC;IAC9B,CAAC;IAED,iEAAiE;IACjE,oCAAoC;IACpC,IAAI,QAAQ,IAAI,wBAAgB,EAAE,CAAC;QACjC,OAAO,wBAAgB,CAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAgB,gBAAgB,CAAC,QAAkB;IACjD,OAAO;QACL,QAAQ,CAAC,GAAG;QACZ,QAAQ,CAAC,MAAM;QACf,QAAQ,CAAC,EAAE;QACX,QAAQ,CAAC,IAAI;QACb,QAAQ,CAAC,KAAK;KACf,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACvB,CAAC;AAED,SAAgB,iBAAiB,CAAC,QAAkB;IAClD,OAAO,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC"}
+{"version":3,"file":"languages.js","sourceRoot":"","sources":["../src/languages.ts"],"names":[],"mappings":";;;AAkCA,sCAgBC;AAED,4CAQC;AAED,8CAEC;AAhED,wCAAwC;AACxC,IAAY,QAWX;AAXD,WAAY,QAAQ;IAClB,+BAAmB,CAAA;IACnB,6BAAiB,CAAA;IACjB,uBAAW,CAAA;IACX,qBAAS,CAAA;IACT,yBAAa,CAAA;IACb,qCAAyB,CAAA;IACzB,6BAAiB,CAAA;IACjB,yBAAa,CAAA;IACb,yBAAa,CAAA;IACb,2BAAe,CAAA;AACjB,CAAC,EAXW,QAAQ,wBAAR,QAAQ,QAWnB;AAED,iCAAiC;AACpB,QAAA,gBAAgB,GAAiC;IAC5D,CAAC,EAAE,QAAQ,CAAC,GAAG;IACf,KAAK,EAAE,QAAQ,CAAC,GAAG;IACnB,IAAI,EAAE,QAAQ,CAAC,MAAM;IACrB,MAAM,EAAE,QAAQ,CAAC,IAAI;IACrB,UAAU,EAAE,QAAQ,CAAC,UAAU;IAC/B,uBAAuB,EAAE,QAAQ,CAAC,UAAU;IAC5C,aAAa,EAAE,QAAQ,CAAC,IAAI;CAC7B,CAAC;AAEF;;;;;;;;GAQG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,0BAA0B;IAC1B,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAEzC,6BAA6B;IAC7B,IAAI,QAAQ,IAAI,QAAQ,EAAE,CAAC;QACzB,OAAO,QAAoB,CAAC;IAC9B,CAAC;IAED,iEAAiE;IACjE,oCAAoC;IACpC,IAAI,QAAQ,IAAI,wBAAgB,EAAE,CAAC;QACjC,OAAO,wBAAgB,CAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAgB,gBAAgB,CAAC,QAAkB;IACjD,OAAO;QACL,QAAQ,CAAC,GAAG;QACZ,QAAQ,CAAC,MAAM;QACf,QAAQ,CAAC,EAAE;QACX,QAAQ,CAAC,IAAI;QACb,QAAQ,CAAC,KAAK;KACf,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACvB,CAAC;AAED,SAAgB,iBAAiB,CAAC,QAAkB;IAClD,OAAO,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC"}
@@ -70,11 +70,18 @@ var ToolsSource;
 })(ToolsSource || (exports.ToolsSource = ToolsSource = {}));
 exports.CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action";
 const CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"];
-function getCodeQLBundleExtension(useZstd) {
-    return useZstd ? ".tar.zst" : ".tar.gz";
+function getCodeQLBundleExtension(compressionMethod) {
+    switch (compressionMethod) {
+        case "gzip":
+            return ".tar.gz";
+        case "zstd":
+            return ".tar.zst";
+        default:
+            util.assertNever(compressionMethod);
+    }
 }
-function getCodeQLBundleName(useZstd) {
-    const extension = getCodeQLBundleExtension(useZstd);
+function getCodeQLBundleName(compressionMethod) {
+    const extension = getCodeQLBundleExtension(compressionMethod);
    let platform;
    if (process.platform === "win32") {
        platform = "win64";
@@ -100,7 +107,7 @@ function getCodeQLActionRepository(logger) {
    }
    return util.getRequiredEnvParam("GITHUB_ACTION_REPOSITORY");
 }
-async function getCodeQLBundleDownloadURL(tagName, apiDetails, useZstd, logger) {
+async function getCodeQLBundleDownloadURL(tagName, apiDetails, compressionMethod, logger) {
    const codeQLActionRepository = getCodeQLActionRepository(logger);
    const potentialDownloadSources = [
        // This GitHub instance, and this Action.
@@ -115,7 +122,7 @@ async function getCodeQLBundleDownloadURL(tagName, apiDetails, useZstd, logger)
    const uniqueDownloadSources = potentialDownloadSources.filter((source, index, self) => {
        return !self.slice(0, index).some((other) => (0, fast_deep_equal_1.default)(source, other));
    });
-    const codeQLBundleName = getCodeQLBundleName(useZstd);
+    const codeQLBundleName = getCodeQLBundleName(compressionMethod);
    for (const downloadSource of uniqueDownloadSources) {
        const [apiURL, repository] = downloadSource;
        // If we've reached the final case, short-circuit the API check since we know the bundle exists and is public.
@@ -132,13 +139,13 @@ async function getCodeQLBundleDownloadURL(tagName, apiDetails, useZstd, logger)
            });
            for (const asset of release.data.assets) {
                if (asset.name === codeQLBundleName) {
-                    logger.info(`Found CodeQL bundle in ${downloadSource[1]} on ${downloadSource[0]} with URL ${asset.url}.`);
+                    logger.info(`Found CodeQL bundle ${codeQLBundleName} in ${repository} on ${apiURL} with URL ${asset.url}.`);
                    return asset.url;
                }
            }
        }
        catch (e) {
-            logger.info(`Looked for CodeQL bundle in ${downloadSource[1]} on ${downloadSource[0]} but got error ${e}.`);
+            logger.info(`Looked for CodeQL bundle ${codeQLBundleName} in ${repository} on ${apiURL} but got error ${e}.`);
        }
    }
    return `https://github.com/${exports.CODEQL_DEFAULT_ACTION_REPOSITORY}/releases/download/${tagName}/${codeQLBundleName}`;
@@ -221,8 +228,14 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
        !CODEQL_BUNDLE_VERSION_ALIAS.includes(toolsInput) &&
        !toolsInput.startsWith("http")) {
        logger.info(`Using CodeQL CLI from local path ${toolsInput}`);
+        const compressionMethod = tar.inferCompressionMethod(toolsInput);
+        if (compressionMethod === undefined) {
+            throw new util.ConfigurationError(`Could not infer compression method from path ${toolsInput}. Please specify a path ` +
+                "ending in '.tar.gz' or '.tar.zst'.");
+        }
        return {
            codeqlTarPath: toolsInput,
+            compressionMethod,
            sourceType: "local",
            toolsVersion: "local",
        };
@@ -356,9 +369,22 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
            return result;
        }
    }
+    let compressionMethod;
    if (!url) {
-        url = await getCodeQLBundleDownloadURL(tagName, apiDetails, cliVersion !== undefined &&
-            (await useZstdBundle(cliVersion, tarSupportsZstd)), logger);
+        compressionMethod =
+            cliVersion !== undefined &&
+                (await useZstdBundle(cliVersion, tarSupportsZstd))
+                ? "zstd"
+                : "gzip";
+        url = await getCodeQLBundleDownloadURL(tagName, apiDetails, compressionMethod, logger);
+    }
+    else {
+        const method = tar.inferCompressionMethod(url);
+        if (method === undefined) {
+            throw new util.ConfigurationError(`Could not infer compression method from URL ${url}. Please specify a URL ` +
+                "ending in '.tar.gz' or '.tar.zst'.");
+        }
+        compressionMethod = method;
    }
    if (cliVersion) {
        logger.info(`Using CodeQL CLI version ${cliVersion} sourced from ${url} .`);
@@ -370,6 +396,7 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
        bundleVersion: tagName && tryGetBundleVersionFromTagName(tagName, logger),
        cliVersion,
        codeqlURL: url,
+        compressionMethod,
        sourceType: "download",
        toolsVersion: cliVersion ?? humanReadableVersion,
    };
@@ -390,7 +417,7 @@ async function tryGetFallbackToolcacheVersion(cliVersion, tagName, logger) {
 }
 // Exported using `export const` for testing purposes. Specifically, we want to
 // be able to stub this function and have other functions in this file use that stub.
-const downloadCodeQL = async function (codeqlURL, maybeBundleVersion, maybeCliVersion, apiDetails, tarVersion, tempDir, features, logger) {
+const downloadCodeQL = async function (codeqlURL, compressionMethod, maybeBundleVersion, maybeCliVersion, apiDetails, tarVersion, tempDir, features, logger) {
    const parsedCodeQLURL = new URL(codeqlURL);
    const searchParams = new URLSearchParams(parsedCodeQLURL.search);
    const headers = {
@@ -417,7 +444,7 @@ const downloadCodeQL = async function (codeqlURL, maybeBundleVersion, maybeCliVe
    const extractedBundlePath = extractToToolcache
        ? toolcacheInfo.path
        : getTempExtractionDir(tempDir);
-    let statusReport = await (0, tools_download_1.downloadAndExtract)(codeqlURL, extractedBundlePath, authorization, { "User-Agent": "CodeQL Action", ...headers }, tarVersion, logger);
+    let statusReport = await (0, tools_download_1.downloadAndExtract)(codeqlURL, compressionMethod, extractedBundlePath, authorization, { "User-Agent": "CodeQL Action", ...headers }, tarVersion, logger);
    if (!toolcacheInfo) {
        logger.debug("Could not cache CodeQL tools because we could not determine the bundle version from the " +
            `URL ${codeqlURL}.`);
@@ -509,8 +536,7 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, featu
    let toolsSource;
    switch (source.sourceType) {
        case "local": {
-            const compressionMethod = tar.inferCompressionMethod(source.codeqlTarPath);
-            codeqlFolder = await tar.extract(source.codeqlTarPath, getTempExtractionDir(tempDir), compressionMethod, zstdAvailability.version, logger);
+            codeqlFolder = await tar.extract(source.codeqlTarPath, getTempExtractionDir(tempDir), source.compressionMethod, zstdAvailability.version, logger);
            toolsSource = ToolsSource.Local;
            break;
        }
@@ -520,7 +546,7 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, featu
            toolsSource = ToolsSource.Toolcache;
            break;
        case "download": {
-            const result = await (0, exports.downloadCodeQL)(source.codeqlURL, source.bundleVersion, source.cliVersion, apiDetails, zstdAvailability.version, tempDir, features, logger);
+            const result = await (0, exports.downloadCodeQL)(source.codeqlURL, source.compressionMethod, source.bundleVersion, source.cliVersion, apiDetails, zstdAvailability.version, tempDir, features, logger);
            toolsVersion = result.toolsVersion;
            codeqlFolder = result.codeqlFolder;
            toolsDownloadStatusReport = result.statusReport;
@@ -39,6 +39,7 @@ const core = __importStar(require("@actions/core"));
 const toolcache = __importStar(require("@actions/tool-cache"));
 const node_forge_1 = require("node-forge");
 const actionsUtil = __importStar(require("./actions-util"));
+const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const util = __importStar(require("./util"));
 const UPDATEJOB_PROXY = "update-job-proxy";
@@ -47,6 +48,19 @@ const UPDATEJOB_PROXY_URL_PREFIX = "https://github.com/github/codeql-action/rele
 const PROXY_USER = "proxy_user";
 const KEY_SIZE = 2048;
 const KEY_EXPIRY_YEARS = 2;
+const LANGUAGE_TO_REGISTRY_TYPE = {
+    java: "maven_repository",
+    csharp: "nuget_feed",
+    javascript: "npm_registry",
+    python: "python_index",
+    ruby: "rubygems_server",
+    rust: "cargo_registry",
+    // We do not have an established proxy type for these languages, thus leaving empty.
+    actions: "",
+    cpp: "",
+    go: "",
+    swift: "",
+};
 const CERT_SUBJECT = [
    {
        name: "commonName",
@@ -170,6 +184,11 @@ async function startProxy(binPath, config, logFilePath, logger) {
 function getCredentials(logger) {
    const registriesCredentials = actionsUtil.getOptionalInput("registries_credentials");
    const registrySecrets = actionsUtil.getOptionalInput("registry_secrets");
+    const languageString = actionsUtil.getOptionalInput("language");
+    const language = languageString ? (0, languages_1.parseLanguage)(languageString) : undefined;
+    const registryTypeForLanguage = language
+        ? LANGUAGE_TO_REGISTRY_TYPE[language]
+        : undefined;
    let credentialsStr;
    if (registriesCredentials !== undefined) {
        logger.info(`Using registries_credentials input.`);
@@ -190,6 +209,11 @@ function getCredentials(logger) {
        if (e.url === undefined && e.host === undefined) {
            throw new Error("Invalid credentials - must specify host or url");
        }
+        // Filter credentials based on language if specified. `type` is the registry type.
+        // E.g., "maven_feed" for Java/Kotlin, "nuget_repository" for C#.
+        if (e.type !== registryTypeForLanguage) {
+            continue;
+        }
        out.push({
            type: e.type,
            host: e.host,
@@ -43,6 +43,7 @@ const stream = __importStar(require("stream"));
 const toolrunner_1 = require("@actions/exec/lib/toolrunner");
 const io = __importStar(require("@actions/io"));
 const toolcache = __importStar(require("@actions/tool-cache"));
+const semver = __importStar(require("semver"));
 const actions_util_1 = require("./actions-util");
 const util_1 = require("./util");
 const MIN_REQUIRED_BSD_TAR_VERSION = "3.4.3";
@@ -88,13 +89,18 @@ async function isZstdAvailable(logger) {
        switch (type) {
            case "gnu":
                return {
-                    available: foundZstdBinary && version >= MIN_REQUIRED_GNU_TAR_VERSION,
+                    available: foundZstdBinary &&
+                        // GNU tar only uses major and minor version numbers
+                        semver.gte(semver.coerce(version), semver.coerce(MIN_REQUIRED_GNU_TAR_VERSION)),
                    foundZstdBinary,
                    version: tarVersion,
                };
            case "bsd":
                return {
-                    available: foundZstdBinary && version >= MIN_REQUIRED_BSD_TAR_VERSION,
+                    available: foundZstdBinary &&
+                        // Do a loose comparison since these version numbers don't contain
+                        // a patch version number.
+                        semver.gte(version, MIN_REQUIRED_BSD_TAR_VERSION),
                    foundZstdBinary,
                    version: tarVersion,
                };
@@ -179,10 +185,16 @@ async function extractTarZst(tar, dest, tarVersion, logger) {
        throw e;
    }
 }
+const KNOWN_EXTENSIONS = {
+    "tar.gz": "gzip",
+    "tar.zst": "zstd",
+};
 function inferCompressionMethod(tarPath) {
-    if (tarPath.endsWith(".tar.gz")) {
-        return "gzip";
+    for (const [ext, method] of Object.entries(KNOWN_EXTENSIONS)) {
+        if (tarPath.endsWith(`.${ext}`)) {
+            return method;
+        }
    }
-    return "zstd";
+    return undefined;
 }
 //# sourceMappingURL=tar.js.map
@@ -73,9 +73,8 @@ function makeStreamedToolsDownloadDurations(combinedDurationMs) {
        streamExtraction: true,
    };
 }
-async function downloadAndExtract(codeqlURL, dest, authorization, headers, tarVersion, logger) {
+async function downloadAndExtract(codeqlURL, compressionMethod, dest, authorization, headers, tarVersion, logger) {
    logger.info(`Downloading CodeQL tools from ${codeqlURL} . This may take a while.`);
-    const compressionMethod = tar.inferCompressionMethod(codeqlURL);
    try {
        if (compressionMethod === "zstd" && process.platform === "linux") {
            logger.info(`Streaming the extraction of the CodeQL bundle.`);
@@ -1 +1 @@
-{"version":3,"file":"tools-download.js","sourceRoot":"","sources":["../src/tools-download.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkFA,gDAmGC;AA8CD,sDAOC;AAED,4DAOC;AAnPD,uCAAyB;AAEzB,uCAAyB;AACzB,2CAA6B;AAC7B,2CAAyC;AAEzC,oDAAsC;AACtC,sDAAkD;AAClD,+DAAiD;AACjD,uDAAyC;AACzC,+CAAiC;AAEjC,uCAAmD;AACnD,2CAA6B;AAC7B,iCAA2E;AAE3E;;GAEG;AACU,QAAA,8BAA8B,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,QAAQ;AAEvE;;GAEG;AACH,MAAM,mBAAmB,GAAG,QAAQ,CAAC;AAarC,SAAS,uCAAuC,CAC9C,kBAA0B,EAC1B,oBAA4B;IAE5B,OAAO;QACL,kBAAkB,EAAE,kBAAkB,GAAG,oBAAoB;QAC7D,kBAAkB;QAClB,oBAAoB;QACpB,gBAAgB,EAAE,KAAK;KACxB,CAAC;AACJ,CAAC;AAaD,SAAS,kCAAkC,CACzC,kBAA0B;IAE1B,OAAO;QACL,kBAAkB;QAClB,kBAAkB,EAAE,SAAS;QAC7B,oBAAoB,EAAE,SAAS;QAC/B,gBAAgB,EAAE,IAAI;KACvB,CAAC;AACJ,CAAC;AAaM,KAAK,UAAU,kBAAkB,CACtC,SAAiB,EACjB,IAAY,EACZ,aAAiC,EACjC,OAA4B,EAC5B,UAAsC,EACtC,MAAc;IAEd,MAAM,CAAC,IAAI,CACT,iCAAiC,SAAS,2BAA2B,CACtE,CAAC;IAEF,MAAM,iBAAiB,GAAG,GAAG,CAAC,sBAAsB,CAAC,SAAS,CAAC,CAAC;IAEhE,IAAI,CAAC;QACH,IAAI,iBAAiB,KAAK,MAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjE,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;YAE9D,MAAM,iBAAiB,GAAG,wBAAW,CAAC,GAAG,EAAE,CAAC;YAC5C,MAAM,mCAAmC,CACvC,SAAS,EACT,IAAI,EACJ,aAAa,EACb,OAAO,EACP,UAAW,EACX,MAAM,CACP,CAAC;YAEF,MAAM,kBAAkB,GAAG,IAAI,CAAC,KAAK,CACnC,wBAAW,CAAC,GAAG,EAAE,GAAG,iBAAiB,CACtC,CAAC;YACF,MAAM,CAAC,IAAI,CACT,wDAAwD,IAAI,KAAK,IAAA,wBAAc,EAC7E,kBAAkB,CACnB,IAAI,CACN,CAAC;YAEF,OAAO;gBACL,iBAAiB;gBACjB,QAAQ,EAAE,0BAA0B,CAAC,SAAS,CAAC;gBAC/C,GAAG,kCAAkC,CAAC,kBAAkB,CAAC;aAC1D,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,OAAO,CACV,4EAA4E,IAAA,sBAAe,EAAC,CAAC,CAAC,EAAE,CACjG,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,2DAA2D,CAAC,CAAC;QAE1E,gFAAgF;QAChF,uBAAuB;QACvB,MAAM,IAAA,kBAAW,EAAC,IAAI,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;IACnD,CAAC;IAED,MAAM,kBAAkB,GAAG,wBAAW,CAAC,GAAG,EAAE,CAAC;IAC7C,MAAM,kBAAkB,GAAG,MAAM,SAAS,CAAC,YAAY,CACrD,SAAS,EACT,SAAS,EACT,aAAa,EACb,OAAO,CACR,CAAC;IACF,MAAM,kBAAkB,GAAG,IAAI,CAAC,KAAK,CAAC,wBAAW,CAAC,GAAG,EAAE,GAAG,kBAAkB,CAAC,CAAC;IAE9E,MAAM,CAAC,IAAI,CACT,yCAAyC,kBAAkB,KAAK,IAAA,wBAAc,EAC5E,kBAAkB,CACnB,IAAI,CACN,CAAC;IAEF,IAAI,oBAA4B,CAAC;IAEjC,IAAI,CAAC;QACH,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QACzC,MAAM,eAAe,GAAG,wBAAW,CAAC,GAAG,EAAE,CAAC;QAC1C,MAAM,GAAG,CAAC,OAAO,CACf,kBAAkB,EAClB,IAAI,EACJ,iBAAiB,EACjB,UAAU,EACV,MAAM,CACP,CAAC;QACF,oBAAoB,GAAG,IAAI,CAAC,KAAK,CAAC,wBAAW,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC,CAAC;QACvE,MAAM,CAAC,IAAI,CACT,wCAAwC,IAAI,KAAK,IAAA,wBAAc,EAC7D,oBAAoB,CACrB,IAAI,CACN,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,MAAM,IAAA,kBAAW,EAAC,kBAAkB,EAAE,uBAAuB,EAAE,MAAM,CAAC,CAAC;IACzE,CAAC;IAED,OAAO;QACL,iBAAiB;QACjB,QAAQ,EAAE,0BAA0B,CAAC,SAAS,CAAC;QAC/C,GAAG,uCAAuC,CACxC,kBAAkB,EAClB,oBAAoB,CACrB;KACF,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,mCAAmC,CAChD,SAAiB,EACjB,IAAY,EACZ,aAAiC,EACjC,OAA4B,EAC5B,UAA0B,EAC1B,MAAc;IAEd,4BAA4B;IAC5B,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAExC,mDAAmD;IACnD,MAAM,KAAK,GAAG,IAAI,wBAAU,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEnD,8DAA8D;IAC9D,OAAO,GAAG,MAAM,CAAC,MAAM,CACrB,EAAE,YAAY,EAAE,eAAe,EAAE,EACjC,aAAa,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,EACtC,OAAO,CACR,CAAC;IACF,MAAM,QAAQ,GAAG,MAAM,IAAI,OAAO,CAAkB,CAAC,OAAO,EAAE,EAAE,CAC9D,wBAAK,CAAC,GAAG,CACP,SAAS,EACT;QACE,OAAO;QACP,uDAAuD;QACvD,aAAa,EAAE,sCAA8B;QAC7C,2CAA2C;QAC3C,KAAK;KACuB,EAC9B,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAClB,CACF,CAAC;IAEF,IAAI,QAAQ,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CACb,yCAAyC,SAAS,uBAAuB,QAAQ,CAAC,UAAU,GAAG,CAChG,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;AAC9D,CAAC;AAED,8FAA8F;AAC9F,SAAgB,qBAAqB,CAAC,OAAe;IACnD,OAAO,IAAI,CAAC,IAAI,CACd,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,EACxC,mBAAmB,EACnB,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,OAAO,EAChC,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,CAChB,CAAC;AACJ,CAAC;AAED,SAAgB,wBAAwB,CACtC,aAAqB,EACrB,MAAc;IAEd,MAAM,cAAc,GAAG,GAAG,aAAa,WAAW,CAAC;IACnD,EAAE,CAAC,aAAa,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;IACrC,MAAM,CAAC,IAAI,CAAC,iCAAiC,cAAc,EAAE,CAAC,CAAC;AACjE,CAAC;AAED,SAAS,0BAA0B,CAAC,GAAW;IAC7C,OAAO,CAAC,sBAAsB,EAAE,kCAAkC,CAAC,CAAC,IAAI,CACtE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,sBAAsB,IAAI,qBAAqB,CAAC,CAC1E;QACC,CAAC,CAAC,GAAG;QACL,CAAC,CAAC,iBAAiB,CAAC;AACxB,CAAC"}
+{"version":3,"file":"tools-download.js","sourceRoot":"","sources":["../src/tools-download.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkFA,gDAkGC;AA8CD,sDAOC;AAED,4DAOC;AAlPD,uCAAyB;AAEzB,uCAAyB;AACzB,2CAA6B;AAC7B,2CAAyC;AAEzC,oDAAsC;AACtC,sDAAkD;AAClD,+DAAiD;AACjD,uDAAyC;AACzC,+CAAiC;AAEjC,uCAAmD;AACnD,2CAA6B;AAC7B,iCAA2E;AAE3E;;GAEG;AACU,QAAA,8BAA8B,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,QAAQ;AAEvE;;GAEG;AACH,MAAM,mBAAmB,GAAG,QAAQ,CAAC;AAarC,SAAS,uCAAuC,CAC9C,kBAA0B,EAC1B,oBAA4B;IAE5B,OAAO;QACL,kBAAkB,EAAE,kBAAkB,GAAG,oBAAoB;QAC7D,kBAAkB;QAClB,oBAAoB;QACpB,gBAAgB,EAAE,KAAK;KACxB,CAAC;AACJ,CAAC;AAaD,SAAS,kCAAkC,CACzC,kBAA0B;IAE1B,OAAO;QACL,kBAAkB;QAClB,kBAAkB,EAAE,SAAS;QAC7B,oBAAoB,EAAE,SAAS;QAC/B,gBAAgB,EAAE,IAAI;KACvB,CAAC;AACJ,CAAC;AAaM,KAAK,UAAU,kBAAkB,CACtC,SAAiB,EACjB,iBAAwC,EACxC,IAAY,EACZ,aAAiC,EACjC,OAA4B,EAC5B,UAAsC,EACtC,MAAc;IAEd,MAAM,CAAC,IAAI,CACT,iCAAiC,SAAS,2BAA2B,CACtE,CAAC;IAEF,IAAI,CAAC;QACH,IAAI,iBAAiB,KAAK,MAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjE,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;YAE9D,MAAM,iBAAiB,GAAG,wBAAW,CAAC,GAAG,EAAE,CAAC;YAC5C,MAAM,mCAAmC,CACvC,SAAS,EACT,IAAI,EACJ,aAAa,EACb,OAAO,EACP,UAAW,EACX,MAAM,CACP,CAAC;YAEF,MAAM,kBAAkB,GAAG,IAAI,CAAC,KAAK,CACnC,wBAAW,CAAC,GAAG,EAAE,GAAG,iBAAiB,CACtC,CAAC;YACF,MAAM,CAAC,IAAI,CACT,wDAAwD,IAAI,KAAK,IAAA,wBAAc,EAC7E,kBAAkB,CACnB,IAAI,CACN,CAAC;YAEF,OAAO;gBACL,iBAAiB;gBACjB,QAAQ,EAAE,0BAA0B,CAAC,SAAS,CAAC;gBAC/C,GAAG,kCAAkC,CAAC,kBAAkB,CAAC;aAC1D,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,OAAO,CACV,4EAA4E,IAAA,sBAAe,EAAC,CAAC,CAAC,EAAE,CACjG,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,2DAA2D,CAAC,CAAC;QAE1E,gFAAgF;QAChF,uBAAuB;QACvB,MAAM,IAAA,kBAAW,EAAC,IAAI,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;IACnD,CAAC;IAED,MAAM,kBAAkB,GAAG,wBAAW,CAAC,GAAG,EAAE,CAAC;IAC7C,MAAM,kBAAkB,GAAG,MAAM,SAAS,CAAC,YAAY,CACrD,SAAS,EACT,SAAS,EACT,aAAa,EACb,OAAO,CACR,CAAC;IACF,MAAM,kBAAkB,GAAG,IAAI,CAAC,KAAK,CAAC,wBAAW,CAAC,GAAG,EAAE,GAAG,kBAAkB,CAAC,CAAC;IAE9E,MAAM,CAAC,IAAI,CACT,yCAAyC,kBAAkB,KAAK,IAAA,wBAAc,EAC5E,kBAAkB,CACnB,IAAI,CACN,CAAC;IAEF,IAAI,oBAA4B,CAAC;IAEjC,IAAI,CAAC;QACH,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QACzC,MAAM,eAAe,GAAG,wBAAW,CAAC,GAAG,EAAE,CAAC;QAC1C,MAAM,GAAG,CAAC,OAAO,CACf,kBAAkB,EAClB,IAAI,EACJ,iBAAiB,EACjB,UAAU,EACV,MAAM,CACP,CAAC;QACF,oBAAoB,GAAG,IAAI,CAAC,KAAK,CAAC,wBAAW,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC,CAAC;QACvE,MAAM,CAAC,IAAI,CACT,wCAAwC,IAAI,KAAK,IAAA,wBAAc,EAC7D,oBAAoB,CACrB,IAAI,CACN,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,MAAM,IAAA,kBAAW,EAAC,kBAAkB,EAAE,uBAAuB,EAAE,MAAM,CAAC,CAAC;IACzE,CAAC;IAED,OAAO;QACL,iBAAiB;QACjB,QAAQ,EAAE,0BAA0B,CAAC,SAAS,CAAC;QAC/C,GAAG,uCAAuC,CACxC,kBAAkB,EAClB,oBAAoB,CACrB;KACF,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,mCAAmC,CAChD,SAAiB,EACjB,IAAY,EACZ,aAAiC,EACjC,OAA4B,EAC5B,UAA0B,EAC1B,MAAc;IAEd,4BAA4B;IAC5B,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAExC,mDAAmD;IACnD,MAAM,KAAK,GAAG,IAAI,wBAAU,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEnD,8DAA8D;IAC9D,OAAO,GAAG,MAAM,CAAC,MAAM,CACrB,EAAE,YAAY,EAAE,eAAe,EAAE,EACjC,aAAa,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,EACtC,OAAO,CACR,CAAC;IACF,MAAM,QAAQ,GAAG,MAAM,IAAI,OAAO,CAAkB,CAAC,OAAO,EAAE,EAAE,CAC9D,wBAAK,CAAC,GAAG,CACP,SAAS,EACT;QACE,OAAO;QACP,uDAAuD;QACvD,aAAa,EAAE,sCAA8B;QAC7C,2CAA2C;QAC3C,KAAK;KACuB,EAC9B,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAClB,CACF,CAAC;IAEF,IAAI,QAAQ,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CACb,yCAAyC,SAAS,uBAAuB,QAAQ,CAAC,UAAU,GAAG,CAChG,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;AAC9D,CAAC;AAED,8FAA8F;AAC9F,SAAgB,qBAAqB,CAAC,OAAe;IACnD,OAAO,IAAI,CAAC,IAAI,CACd,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,EACxC,mBAAmB,EACnB,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,OAAO,EAChC,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,CAChB,CAAC;AACJ,CAAC;AAED,SAAgB,wBAAwB,CACtC,aAAqB,EACrB,MAAc;IAEd,MAAM,cAAc,GAAG,GAAG,aAAa,WAAW,CAAC;IACnD,EAAE,CAAC,aAAa,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;IACrC,MAAM,CAAC,IAAI,CAAC,iCAAiC,cAAc,EAAE,CAAC,CAAC;AACjE,CAAC;AAED,SAAS,0BAA0B,CAAC,GAAW;IAC7C,OAAO,CAAC,sBAAsB,EAAE,kCAAkC,CAAC,CAAC,IAAI,CACtE,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,sBAAsB,IAAI,qBAAqB,CAAC,CAC1E;QACC,CAAC,CAAC,GAAG;QACL,CAAC,CAAC,iBAAiB,CAAC;AACxB,CAAC"}
@@ -1,6 +1,6 @@
 {
  "name": "codeql",
-  "version": "3.28.1",
+  "version": "3.28.5",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
@@ -169,29 +169,16 @@
      "license": "MIT"
    },
    "node_modules/@actions/tool-cache": {
-      "version": "2.0.1",
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/@actions/tool-cache/-/tool-cache-2.0.2.tgz",
+      "integrity": "sha512-fBhNNOWxuoLxztQebpOaWu6WeVmuwa77Z+DxIZ1B+OYvGkGQon6kTVg6Z32Cb13WCuw0szqonK+hh03mJV7Z6w==",
      "license": "MIT",
      "dependencies": {
-        "@actions/core": "^1.2.6",
+        "@actions/core": "^1.11.1",
        "@actions/exec": "^1.0.0",
        "@actions/http-client": "^2.0.1",
        "@actions/io": "^1.1.1",
-        "semver": "^6.1.0",
-        "uuid": "^3.3.2"
-      }
-    },
-    "node_modules/@actions/tool-cache/node_modules/semver": {
-      "version": "6.3.1",
-      "license": "ISC",
-      "bin": {
-        "semver": "bin/semver.js"
-      }
-    },
-    "node_modules/@actions/tool-cache/node_modules/uuid": {
-      "version": "3.4.0",
-      "license": "MIT",
-      "bin": {
-        "uuid": "bin/uuid"
+        "semver": "^6.1.0"
      }
    },
    "node_modules/@ava/typescript": {
@@ -651,9 +638,9 @@
      }
    },
    "node_modules/@eslint/js": {
-      "version": "9.17.0",
-      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.17.0.tgz",
-      "integrity": "sha512-Sxc4hqcs1kTu0iID3kcZDW3JHq2a77HO9P8CP6YEA/FpH3Ll8UXE2r/86Rz9YJLKme39S9vU5OWNjC6Xl0Cr3w==",
+      "version": "9.18.0",
+      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.18.0.tgz",
+      "integrity": "sha512-fK6L7rxcq6/z+AaQMtiFTkvbHkBLNlwyRxHpKawP0x3u9+NC6MQTnFW+AdpwC6gfHTW0051cokQgtTN2FqlxQA==",
      "dev": true,
      "license": "MIT",
      "engines": {
@@ -1060,16 +1047,18 @@
      }
    },
    "node_modules/@octokit/types": {
-      "version": "13.6.2",
-      "resolved": "https://registry.npmjs.org/@octokit/types/-/types-13.6.2.tgz",
-      "integrity": "sha512-WpbZfZUcZU77DrSW4wbsSgTPfKcp286q3ItaIgvSbBpZJlu6mnYXAkjZz6LVZPXkEvLIM8McanyZejKTYUHipA==",
+      "version": "13.7.0",
+      "resolved": "https://registry.npmjs.org/@octokit/types/-/types-13.7.0.tgz",
+      "integrity": "sha512-BXfRP+3P3IN6fd4uF3SniaHKOO4UXWBfkdR3vA8mIvaoO/wLjGN5qivUtW0QRitBHHMcfC41SLhNVYIZZE+wkA==",
      "license": "MIT",
      "dependencies": {
-        "@octokit/openapi-types": "^22.2.0"
+        "@octokit/openapi-types": "^23.0.1"
      }
    },
    "node_modules/@octokit/types/node_modules/@octokit/openapi-types": {
-      "version": "22.2.0",
+      "version": "23.0.1",
+      "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-23.0.1.tgz",
+      "integrity": "sha512-izFjMJ1sir0jn0ldEKhZ7xegCTj/ObmEDlEfpFrx4k/JyZSMRHbO3/rBwgE7f3m2DHt+RrNGIVw4wSmwnm3t/g==",
      "license": "MIT"
    },
    "node_modules/@pkgjs/parseargs": {
@@ -1303,21 +1292,21 @@
      "license": "MIT"
    },
    "node_modules/@typescript-eslint/eslint-plugin": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.19.0.tgz",
-      "integrity": "sha512-NggSaEZCdSrFddbctrVjkVZvFC6KGfKfNK0CU7mNK/iKHGKbzT4Wmgm08dKpcZECBu9f5FypndoMyRHkdqfT1Q==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.21.0.tgz",
+      "integrity": "sha512-eTH+UOR4I7WbdQnG4Z48ebIA6Bgi7WO8HvFEneeYBxG8qCOYgTOFPSg6ek9ITIDvGjDQzWHcoWHCDO2biByNzA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@eslint-community/regexpp": "^4.10.0",
-        "@typescript-eslint/scope-manager": "8.19.0",
-        "@typescript-eslint/type-utils": "8.19.0",
-        "@typescript-eslint/utils": "8.19.0",
-        "@typescript-eslint/visitor-keys": "8.19.0",
+        "@typescript-eslint/scope-manager": "8.21.0",
+        "@typescript-eslint/type-utils": "8.21.0",
+        "@typescript-eslint/utils": "8.21.0",
+        "@typescript-eslint/visitor-keys": "8.21.0",
        "graphemer": "^1.4.0",
        "ignore": "^5.3.1",
        "natural-compare": "^1.4.0",
-        "ts-api-utils": "^1.3.0"
+        "ts-api-utils": "^2.0.0"
      },
      "engines": {
        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1333,14 +1322,14 @@
      }
    },
    "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.19.0.tgz",
-      "integrity": "sha512-hkoJiKQS3GQ13TSMEiuNmSCvhz7ujyqD1x3ShbaETATHrck+9RaDdUbt+osXaUuns9OFwrDTTrjtwsU8gJyyRA==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.21.0.tgz",
+      "integrity": "sha512-G3IBKz0/0IPfdeGRMbp+4rbjfSSdnGkXsM/pFZA8zM9t9klXDnB/YnKOBQ0GoPmoROa4bCq2NeHgJa5ydsQ4mA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/types": "8.19.0",
-        "@typescript-eslint/visitor-keys": "8.19.0"
+        "@typescript-eslint/types": "8.21.0",
+        "@typescript-eslint/visitor-keys": "8.21.0"
      },
      "engines": {
        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1351,9 +1340,9 @@
      }
    },
    "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.19.0.tgz",
-      "integrity": "sha512-8XQ4Ss7G9WX8oaYvD4OOLCjIQYgRQxO+qCiR2V2s2GxI9AUpo7riNwo6jDhKtTcaJjT8PY54j2Yb33kWtSJsmA==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.21.0.tgz",
+      "integrity": "sha512-PAL6LUuQwotLW2a8VsySDBwYMm129vFm4tMVlylzdoTybTHaAi0oBp7Ac6LhSrHHOdLM3efH+nAR6hAWoMF89A==",
      "dev": true,
      "license": "MIT",
      "engines": {
@@ -1365,20 +1354,20 @@
      }
    },
    "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/typescript-estree": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.19.0.tgz",
-      "integrity": "sha512-WW9PpDaLIFW9LCbucMSdYUuGeFUz1OkWYS/5fwZwTA+l2RwlWFdJvReQqMUMBw4yJWJOfqd7An9uwut2Oj8sLw==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.21.0.tgz",
+      "integrity": "sha512-x+aeKh/AjAArSauz0GiQZsjT8ciadNMHdkUSwBB9Z6PrKc/4knM4g3UfHml6oDJmKC88a6//cdxnO/+P2LkMcg==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/types": "8.19.0",
-        "@typescript-eslint/visitor-keys": "8.19.0",
+        "@typescript-eslint/types": "8.21.0",
+        "@typescript-eslint/visitor-keys": "8.21.0",
        "debug": "^4.3.4",
        "fast-glob": "^3.3.2",
        "is-glob": "^4.0.3",
        "minimatch": "^9.0.4",
        "semver": "^7.6.0",
-        "ts-api-utils": "^1.3.0"
+        "ts-api-utils": "^2.0.0"
      },
      "engines": {
        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1392,16 +1381,16 @@
      }
    },
    "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/utils": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.19.0.tgz",
-      "integrity": "sha512-PTBG+0oEMPH9jCZlfg07LCB2nYI0I317yyvXGfxnvGvw4SHIOuRnQ3kadyyXY6tGdChusIHIbM5zfIbp4M6tCg==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.21.0.tgz",
+      "integrity": "sha512-xcXBfcq0Kaxgj7dwejMbFyq7IOHgpNMtVuDveK7w3ZGwG9owKzhALVwKpTF2yrZmEwl9SWdetf3fxNzJQaVuxw==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@eslint-community/eslint-utils": "^4.4.0",
-        "@typescript-eslint/scope-manager": "8.19.0",
-        "@typescript-eslint/types": "8.19.0",
-        "@typescript-eslint/typescript-estree": "8.19.0"
+        "@typescript-eslint/scope-manager": "8.21.0",
+        "@typescript-eslint/types": "8.21.0",
+        "@typescript-eslint/typescript-estree": "8.21.0"
      },
      "engines": {
        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1416,13 +1405,13 @@
      }
    },
    "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.19.0.tgz",
-      "integrity": "sha512-mCFtBbFBJDCNCWUl5y6sZSCHXw1DEFEk3c/M3nRK2a4XUB8StGFtmcEMizdjKuBzB6e/smJAAWYug3VrdLMr1w==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.21.0.tgz",
+      "integrity": "sha512-BkLMNpdV6prozk8LlyK/SOoWLmUFi+ZD+pcqti9ILCbVvHGk1ui1g4jJOc2WDLaeExz2qWwojxlPce5PljcT3w==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/types": "8.19.0",
+        "@typescript-eslint/types": "8.21.0",
        "eslint-visitor-keys": "^4.2.0"
      },
      "engines": {
@@ -1472,17 +1461,30 @@
        "url": "https://github.com/sponsors/isaacs"
      }
    },
+    "node_modules/@typescript-eslint/eslint-plugin/node_modules/ts-api-utils": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.0.0.tgz",
+      "integrity": "sha512-xCt/TOAc+EOHS1XPnijD3/yzpH6qg2xppZO1YDqGoVsNXfQfzHpOdNuXwrwOU8u4ITXJyDCTyt8w5g1sZv9ynQ==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=18.12"
+      },
+      "peerDependencies": {
+        "typescript": ">=4.8.4"
+      }
+    },
    "node_modules/@typescript-eslint/parser": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.19.0.tgz",
-      "integrity": "sha512-6M8taKyOETY1TKHp0x8ndycipTVgmp4xtg5QpEZzXxDhNvvHOJi5rLRkLr8SK3jTgD5l4fTlvBiRdfsuWydxBw==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.21.0.tgz",
+      "integrity": "sha512-Wy+/sdEH9kI3w9civgACwabHbKl+qIOu0uFZ9IMKzX3Jpv9og0ZBJrZExGrPpFAY7rWsXuxs5e7CPPP17A4eYA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/scope-manager": "8.19.0",
-        "@typescript-eslint/types": "8.19.0",
-        "@typescript-eslint/typescript-estree": "8.19.0",
-        "@typescript-eslint/visitor-keys": "8.19.0",
+        "@typescript-eslint/scope-manager": "8.21.0",
+        "@typescript-eslint/types": "8.21.0",
+        "@typescript-eslint/typescript-estree": "8.21.0",
+        "@typescript-eslint/visitor-keys": "8.21.0",
        "debug": "^4.3.4"
      },
      "engines": {
@@ -1498,14 +1500,14 @@
      }
    },
    "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/scope-manager": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.19.0.tgz",
-      "integrity": "sha512-hkoJiKQS3GQ13TSMEiuNmSCvhz7ujyqD1x3ShbaETATHrck+9RaDdUbt+osXaUuns9OFwrDTTrjtwsU8gJyyRA==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.21.0.tgz",
+      "integrity": "sha512-G3IBKz0/0IPfdeGRMbp+4rbjfSSdnGkXsM/pFZA8zM9t9klXDnB/YnKOBQ0GoPmoROa4bCq2NeHgJa5ydsQ4mA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/types": "8.19.0",
-        "@typescript-eslint/visitor-keys": "8.19.0"
+        "@typescript-eslint/types": "8.21.0",
+        "@typescript-eslint/visitor-keys": "8.21.0"
      },
      "engines": {
        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1516,9 +1518,9 @@
      }
    },
    "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/types": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.19.0.tgz",
-      "integrity": "sha512-8XQ4Ss7G9WX8oaYvD4OOLCjIQYgRQxO+qCiR2V2s2GxI9AUpo7riNwo6jDhKtTcaJjT8PY54j2Yb33kWtSJsmA==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.21.0.tgz",
+      "integrity": "sha512-PAL6LUuQwotLW2a8VsySDBwYMm129vFm4tMVlylzdoTybTHaAi0oBp7Ac6LhSrHHOdLM3efH+nAR6hAWoMF89A==",
      "dev": true,
      "license": "MIT",
      "engines": {
@@ -1530,20 +1532,20 @@
      }
    },
    "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/typescript-estree": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.19.0.tgz",
-      "integrity": "sha512-WW9PpDaLIFW9LCbucMSdYUuGeFUz1OkWYS/5fwZwTA+l2RwlWFdJvReQqMUMBw4yJWJOfqd7An9uwut2Oj8sLw==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.21.0.tgz",
+      "integrity": "sha512-x+aeKh/AjAArSauz0GiQZsjT8ciadNMHdkUSwBB9Z6PrKc/4knM4g3UfHml6oDJmKC88a6//cdxnO/+P2LkMcg==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/types": "8.19.0",
-        "@typescript-eslint/visitor-keys": "8.19.0",
+        "@typescript-eslint/types": "8.21.0",
+        "@typescript-eslint/visitor-keys": "8.21.0",
        "debug": "^4.3.4",
        "fast-glob": "^3.3.2",
        "is-glob": "^4.0.3",
        "minimatch": "^9.0.4",
        "semver": "^7.6.0",
-        "ts-api-utils": "^1.3.0"
+        "ts-api-utils": "^2.0.0"
      },
      "engines": {
        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1557,13 +1559,13 @@
      }
    },
    "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/visitor-keys": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.19.0.tgz",
-      "integrity": "sha512-mCFtBbFBJDCNCWUl5y6sZSCHXw1DEFEk3c/M3nRK2a4XUB8StGFtmcEMizdjKuBzB6e/smJAAWYug3VrdLMr1w==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.21.0.tgz",
+      "integrity": "sha512-BkLMNpdV6prozk8LlyK/SOoWLmUFi+ZD+pcqti9ILCbVvHGk1ui1g4jJOc2WDLaeExz2qWwojxlPce5PljcT3w==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/types": "8.19.0",
+        "@typescript-eslint/types": "8.21.0",
        "eslint-visitor-keys": "^4.2.0"
      },
      "engines": {
@@ -1613,6 +1615,19 @@
        "url": "https://github.com/sponsors/isaacs"
      }
    },
+    "node_modules/@typescript-eslint/parser/node_modules/ts-api-utils": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.0.0.tgz",
+      "integrity": "sha512-xCt/TOAc+EOHS1XPnijD3/yzpH6qg2xppZO1YDqGoVsNXfQfzHpOdNuXwrwOU8u4ITXJyDCTyt8w5g1sZv9ynQ==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=18.12"
+      },
+      "peerDependencies": {
+        "typescript": ">=4.8.4"
+      }
+    },
    "node_modules/@typescript-eslint/scope-manager": {
      "version": "8.17.0",
      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.17.0.tgz",
@@ -1632,16 +1647,16 @@
      }
    },
    "node_modules/@typescript-eslint/type-utils": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.19.0.tgz",
-      "integrity": "sha512-TZs0I0OSbd5Aza4qAMpp1cdCYVnER94IziudE3JU328YUHgWu9gwiwhag+fuLeJ2LkWLXI+F/182TbG+JaBdTg==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.21.0.tgz",
+      "integrity": "sha512-95OsL6J2BtzoBxHicoXHxgk3z+9P3BEcQTpBKriqiYzLKnM2DeSqs+sndMKdamU8FosiadQFT3D+BSL9EKnAJQ==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/typescript-estree": "8.19.0",
-        "@typescript-eslint/utils": "8.19.0",
+        "@typescript-eslint/typescript-estree": "8.21.0",
+        "@typescript-eslint/utils": "8.21.0",
        "debug": "^4.3.4",
-        "ts-api-utils": "^1.3.0"
+        "ts-api-utils": "^2.0.0"
      },
      "engines": {
        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1656,14 +1671,14 @@
      }
    },
    "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/scope-manager": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.19.0.tgz",
-      "integrity": "sha512-hkoJiKQS3GQ13TSMEiuNmSCvhz7ujyqD1x3ShbaETATHrck+9RaDdUbt+osXaUuns9OFwrDTTrjtwsU8gJyyRA==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.21.0.tgz",
+      "integrity": "sha512-G3IBKz0/0IPfdeGRMbp+4rbjfSSdnGkXsM/pFZA8zM9t9klXDnB/YnKOBQ0GoPmoROa4bCq2NeHgJa5ydsQ4mA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/types": "8.19.0",
-        "@typescript-eslint/visitor-keys": "8.19.0"
+        "@typescript-eslint/types": "8.21.0",
+        "@typescript-eslint/visitor-keys": "8.21.0"
      },
      "engines": {
        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1674,9 +1689,9 @@
      }
    },
    "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/types": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.19.0.tgz",
-      "integrity": "sha512-8XQ4Ss7G9WX8oaYvD4OOLCjIQYgRQxO+qCiR2V2s2GxI9AUpo7riNwo6jDhKtTcaJjT8PY54j2Yb33kWtSJsmA==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.21.0.tgz",
+      "integrity": "sha512-PAL6LUuQwotLW2a8VsySDBwYMm129vFm4tMVlylzdoTybTHaAi0oBp7Ac6LhSrHHOdLM3efH+nAR6hAWoMF89A==",
      "dev": true,
      "license": "MIT",
      "engines": {
@@ -1688,20 +1703,20 @@
      }
    },
    "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/typescript-estree": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.19.0.tgz",
-      "integrity": "sha512-WW9PpDaLIFW9LCbucMSdYUuGeFUz1OkWYS/5fwZwTA+l2RwlWFdJvReQqMUMBw4yJWJOfqd7An9uwut2Oj8sLw==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.21.0.tgz",
+      "integrity": "sha512-x+aeKh/AjAArSauz0GiQZsjT8ciadNMHdkUSwBB9Z6PrKc/4knM4g3UfHml6oDJmKC88a6//cdxnO/+P2LkMcg==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/types": "8.19.0",
-        "@typescript-eslint/visitor-keys": "8.19.0",
+        "@typescript-eslint/types": "8.21.0",
+        "@typescript-eslint/visitor-keys": "8.21.0",
        "debug": "^4.3.4",
        "fast-glob": "^3.3.2",
        "is-glob": "^4.0.3",
        "minimatch": "^9.0.4",
        "semver": "^7.6.0",
-        "ts-api-utils": "^1.3.0"
+        "ts-api-utils": "^2.0.0"
      },
      "engines": {
        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1715,16 +1730,16 @@
      }
    },
    "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/utils": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.19.0.tgz",
-      "integrity": "sha512-PTBG+0oEMPH9jCZlfg07LCB2nYI0I317yyvXGfxnvGvw4SHIOuRnQ3kadyyXY6tGdChusIHIbM5zfIbp4M6tCg==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.21.0.tgz",
+      "integrity": "sha512-xcXBfcq0Kaxgj7dwejMbFyq7IOHgpNMtVuDveK7w3ZGwG9owKzhALVwKpTF2yrZmEwl9SWdetf3fxNzJQaVuxw==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@eslint-community/eslint-utils": "^4.4.0",
-        "@typescript-eslint/scope-manager": "8.19.0",
-        "@typescript-eslint/types": "8.19.0",
-        "@typescript-eslint/typescript-estree": "8.19.0"
+        "@typescript-eslint/scope-manager": "8.21.0",
+        "@typescript-eslint/types": "8.21.0",
+        "@typescript-eslint/typescript-estree": "8.21.0"
      },
      "engines": {
        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -1739,13 +1754,13 @@
      }
    },
    "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/visitor-keys": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.19.0.tgz",
-      "integrity": "sha512-mCFtBbFBJDCNCWUl5y6sZSCHXw1DEFEk3c/M3nRK2a4XUB8StGFtmcEMizdjKuBzB6e/smJAAWYug3VrdLMr1w==",
+      "version": "8.21.0",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.21.0.tgz",
+      "integrity": "sha512-BkLMNpdV6prozk8LlyK/SOoWLmUFi+ZD+pcqti9ILCbVvHGk1ui1g4jJOc2WDLaeExz2qWwojxlPce5PljcT3w==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@typescript-eslint/types": "8.19.0",
+        "@typescript-eslint/types": "8.21.0",
        "eslint-visitor-keys": "^4.2.0"
      },
      "engines": {
@@ -1795,6 +1810,19 @@
        "url": "https://github.com/sponsors/isaacs"
      }
    },
+    "node_modules/@typescript-eslint/type-utils/node_modules/ts-api-utils": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.0.0.tgz",
+      "integrity": "sha512-xCt/TOAc+EOHS1XPnijD3/yzpH6qg2xppZO1YDqGoVsNXfQfzHpOdNuXwrwOU8u4ITXJyDCTyt8w5g1sZv9ynQ==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=18.12"
+      },
+      "peerDependencies": {
+        "typescript": ">=4.8.4"
+      }
+    },
    "node_modules/@typescript-eslint/types": {
      "version": "8.17.0",
      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.17.0.tgz",
@@ -3714,10 +3742,11 @@
      }
    },
    "node_modules/eslint-plugin-github": {
-      "version": "5.1.4",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-5.1.4.tgz",
-      "integrity": "sha512-j5IgIxsDoch06zJzeqPvenfzRXDKI9Z8YwfUg1pm2ay1q44tMSFwvEu6l0uEIrTpA3v8QdPyLr98LqDl1TIhSA==",
+      "version": "5.1.5",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-5.1.5.tgz",
+      "integrity": "sha512-vRgIVJ88FfESAGGYsJlf7SQhQlFEJaa7/I9z/5K5vKbWEQ3DnRkg8cvoj8LZA30MFb2uW1SltOcEj+Q8UR8LxA==",
      "dev": true,
+      "license": "MIT",
      "dependencies": {
        "@eslint/compat": "^1.2.3",
        "@eslint/eslintrc": "^3.1.0",
@@ -5555,7 +5584,9 @@
      "license": "MIT"
    },
    "node_modules/long": {
-      "version": "5.2.3",
+      "version": "5.2.4",
+      "resolved": "https://registry.npmjs.org/long/-/long-5.2.4.tgz",
+      "integrity": "sha512-qtzLbJE8hq7VabR3mISmVGtoXP8KGc2Z/AT8OuqlYD7JTR3oqrgwdjnk07wpj1twXxYmgDXgoKVWUG/fReSzHg==",
      "license": "Apache-2.0"
    },
    "node_modules/lower-case": {
@@ -7394,9 +7425,9 @@
      }
    },
    "node_modules/typescript": {
-      "version": "5.7.2",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz",
-      "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==",
+      "version": "5.7.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.3.tgz",
+      "integrity": "sha512-84MVSjMEHP+FQRPy3pX9sTVV/INIex71s9TL2Gm5FG/WG1SqXeKyZ0k7/blY/4FdOzI12CBy1vGc4og/eus0fw==",
      "dev": true,
      "license": "Apache-2.0",
      "bin": {
@@ -7537,9 +7568,10 @@
      }
    },
    "node_modules/undici": {
-      "version": "5.28.4",
-      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz",
-      "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==",
+      "version": "5.28.5",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.5.tgz",
+      "integrity": "sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==",
+      "license": "MIT",
      "dependencies": {
        "@fastify/busboy": "^2.0.0"
      },
@@ -7624,9 +7656,9 @@
      "license": "MIT"
    },
    "node_modules/uuid": {
-      "version": "11.0.4",
-      "resolved": "https://registry.npmjs.org/uuid/-/uuid-11.0.4.tgz",
-      "integrity": "sha512-IzL6VtTTYcAhA/oghbFJ1Dkmqev+FpQWnCBaKq/gUluLxliWvO8DPFWfIviRmYbtaavtSQe4WBL++rFjdcGWEg==",
+      "version": "11.0.5",
+      "resolved": "https://registry.npmjs.org/uuid/-/uuid-11.0.5.tgz",
+      "integrity": "sha512-508e6IcKLrhxKdBbcA2b4KQZlLVp2+J5UwQ6F7Drckkc5N9ZJwFa4TgWtsww9UG8fGHbm6gbV19TdM5pQ4GaIA==",
      "funding": [
        "https://github.com/sponsors/broofa",
        "https://github.com/sponsors/ctavan"
@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -14,7 +18,7 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 var __importStar = (this && this.__importStar) || function (mod) {
    if (mod && mod.__esModule) return mod;
    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
    __setModuleDefault(result, mod);
    return result;
 };
@@ -44,11 +48,11 @@ function _findMatch(versionSpec, stable, candidates, archFilter) {
        let file;
        for (const candidate of candidates) {
            const version = candidate.version;
-            core_1.debug(`check ${version} satisfies ${versionSpec}`);
+            (0, core_1.debug)(`check ${version} satisfies ${versionSpec}`);
            if (semver.satisfies(version, versionSpec) &&
                (!stable || candidate.stable === stable)) {
                file = candidate.files.find(item => {
-                    core_1.debug(`${item.arch}===${archFilter} && ${item.platform}===${platFilter}`);
+                    (0, core_1.debug)(`${item.arch}===${archFilter} && ${item.platform}===${platFilter}`);
                    let chk = item.arch === archFilter && item.platform === platFilter;
                    if (chk && item.platform_version) {
                        const osVersion = module.exports._getOsVersion();
@@ -62,7 +66,7 @@ function _findMatch(versionSpec, stable, candidates, archFilter) {
                    return chk;
                });
                if (file) {
-                    core_1.debug(`matched ${candidate.version}`);
+                    (0, core_1.debug)(`matched ${candidate.version}`);
                    match = candidate;
                    break;
                }
@@ -100,10 +104,7 @@ function _getOsVersion() {
                if (parts.length === 2 &&
                    (parts[0].trim() === 'VERSION_ID' ||
                        parts[0].trim() === 'DISTRIB_RELEASE')) {
-                    version = parts[1]
-                        .trim()
-                        .replace(/^"/, '')
-                        .replace(/"$/, '');
+                    version = parts[1].trim().replace(/^"/, '').replace(/"$/, '');
                    break;
                }
            }
@@ -1 +1 @@
-{"version":3,"file":"manifest.js","sourceRoot":"","sources":["../src/manifest.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAgC;AAChC,wCAAmC;AAEnC,yDAAyD;AACzD,qDAAqD;AAErD,yBAAyB;AACzB,oCAAoC;AACpC,yBAAyB;AAqDzB,SAAsB,UAAU,CAC9B,WAAmB,EACnB,MAAe,EACf,UAA0B,EAC1B,UAAkB;;QAElB,MAAM,UAAU,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAA;QAEhC,IAAI,MAAgC,CAAA;QACpC,IAAI,KAA+B,CAAA;QAEnC,IAAI,IAAkC,CAAA;QACtC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE;YAClC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,CAAA;YAEjC,YAAK,CAAC,SAAS,OAAO,cAAc,WAAW,EAAE,CAAC,CAAA;YAClD,IACE,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,WAAW,CAAC;gBACtC,CAAC,CAAC,MAAM,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,CAAC,EACxC;gBACA,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBACjC,YAAK,CACH,GAAG,IAAI,CAAC,IAAI,MAAM,UAAU,OAAO,IAAI,CAAC,QAAQ,MAAM,UAAU,EAAE,CACnE,CAAA;oBAED,IAAI,GAAG,GAAG,IAAI,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAA;oBAClE,IAAI,GAAG,IAAI,IAAI,CAAC,gBAAgB,EAAE;wBAChC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;wBAEhD,IAAI,SAAS,KAAK,IAAI,CAAC,gBAAgB,EAAE;4BACvC,GAAG,GAAG,IAAI,CAAA;yBACX;6BAAM;4BACL,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAA;yBACzD;qBACF;oBAED,OAAO,GAAG,CAAA;gBACZ,CAAC,CAAC,CAAA;gBAEF,IAAI,IAAI,EAAE;oBACR,YAAK,CAAC,WAAW,SAAS,CAAC,OAAO,EAAE,CAAC,CAAA;oBACrC,KAAK,GAAG,SAAS,CAAA;oBACjB,MAAK;iBACN;aACF;SACF;QAED,IAAI,KAAK,IAAI,IAAI,EAAE;YACjB,4EAA4E;YAC5E,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;YACjC,MAAM,CAAC,KAAK,GAAG,CAAC,IAAI,CAAC,CAAA;SACtB;QAED,OAAO,MAAM,CAAA;IACf,CAAC;CAAA;AAtDD,gCAsDC;AAED,SAAgB,aAAa;IAC3B,kDAAkD;IAClD,6GAA6G;IAC7G,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAA;IAC1B,IAAI,OAAO,GAAG,EAAE,CAAA;IAEhB,IAAI,IAAI,KAAK,QAAQ,EAAE;QACrB,OAAO,GAAG,EAAE,CAAC,QAAQ,CAAC,yBAAyB,CAAC,CAAC,QAAQ,EAAE,CAAA;KAC5D;SAAM,IAAI,IAAI,KAAK,OAAO,EAAE;QAC3B,uDAAuD;QACvD,2BAA2B;QAC3B,oBAAoB;QACpB,wBAAwB;QACxB,0BAA0B;QAC1B,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAA;QAC1D,IAAI,WAAW,EAAE;YACf,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;YACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;gBACxB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBAC7B,IACE,KAAK,CAAC,MAAM,KAAK,CAAC;oBAClB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,YAAY;wBAC/B,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,iBAAiB,CAAC,EACxC;oBACA,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC;yBACf,IAAI,EAAE;yBACN,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;yBACjB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;oBACpB,MAAK;iBACN;aACF;SACF;KACF;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AApCD,sCAoCC;AAED,SAAgB,qBAAqB;IACnC,MAAM,cAAc,GAAG,kBAAkB,CAAA;IACzC,MAAM,aAAa,GAAG,iBAAiB,CAAA;IACvC,IAAI,QAAQ,GAAG,EAAE,CAAA;IAEjB,IAAI,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE;QACjC,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC,QAAQ,EAAE,CAAA;KACtD;SAAM,IAAI,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE;QACvC,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC,QAAQ,EAAE,CAAA;KACrD;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AAZD,sDAYC"}
+{"version":3,"file":"manifest.js","sourceRoot":"","sources":["../src/manifest.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAgC;AAChC,wCAAmC;AAEnC,yDAAyD;AACzD,qDAAqD;AAErD,yBAAyB;AACzB,oCAAoC;AACpC,yBAAyB;AAqDzB,SAAsB,UAAU,CAC9B,WAAmB,EACnB,MAAe,EACf,UAA0B,EAC1B,UAAkB;;QAElB,MAAM,UAAU,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAA;QAEhC,IAAI,MAAgC,CAAA;QACpC,IAAI,KAA+B,CAAA;QAEnC,IAAI,IAAkC,CAAA;QACtC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE;YAClC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,CAAA;YAEjC,IAAA,YAAK,EAAC,SAAS,OAAO,cAAc,WAAW,EAAE,CAAC,CAAA;YAClD,IACE,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,WAAW,CAAC;gBACtC,CAAC,CAAC,MAAM,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,CAAC,EACxC;gBACA,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBACjC,IAAA,YAAK,EACH,GAAG,IAAI,CAAC,IAAI,MAAM,UAAU,OAAO,IAAI,CAAC,QAAQ,MAAM,UAAU,EAAE,CACnE,CAAA;oBAED,IAAI,GAAG,GAAG,IAAI,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAA;oBAClE,IAAI,GAAG,IAAI,IAAI,CAAC,gBAAgB,EAAE;wBAChC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;wBAEhD,IAAI,SAAS,KAAK,IAAI,CAAC,gBAAgB,EAAE;4BACvC,GAAG,GAAG,IAAI,CAAA;yBACX;6BAAM;4BACL,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAA;yBACzD;qBACF;oBAED,OAAO,GAAG,CAAA;gBACZ,CAAC,CAAC,CAAA;gBAEF,IAAI,IAAI,EAAE;oBACR,IAAA,YAAK,EAAC,WAAW,SAAS,CAAC,OAAO,EAAE,CAAC,CAAA;oBACrC,KAAK,GAAG,SAAS,CAAA;oBACjB,MAAK;iBACN;aACF;SACF;QAED,IAAI,KAAK,IAAI,IAAI,EAAE;YACjB,4EAA4E;YAC5E,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;YACjC,MAAM,CAAC,KAAK,GAAG,CAAC,IAAI,CAAC,CAAA;SACtB;QAED,OAAO,MAAM,CAAA;IACf,CAAC;CAAA;AAtDD,gCAsDC;AAED,SAAgB,aAAa;IAC3B,kDAAkD;IAClD,6GAA6G;IAC7G,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAA;IAC1B,IAAI,OAAO,GAAG,EAAE,CAAA;IAEhB,IAAI,IAAI,KAAK,QAAQ,EAAE;QACrB,OAAO,GAAG,EAAE,CAAC,QAAQ,CAAC,yBAAyB,CAAC,CAAC,QAAQ,EAAE,CAAA;KAC5D;SAAM,IAAI,IAAI,KAAK,OAAO,EAAE;QAC3B,uDAAuD;QACvD,2BAA2B;QAC3B,oBAAoB;QACpB,wBAAwB;QACxB,0BAA0B;QAC1B,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAA;QAC1D,IAAI,WAAW,EAAE;YACf,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;YACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;gBACxB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBAC7B,IACE,KAAK,CAAC,MAAM,KAAK,CAAC;oBAClB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,YAAY;wBAC/B,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,iBAAiB,CAAC,EACxC;oBACA,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;oBAC7D,MAAK;iBACN;aACF;SACF;KACF;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAjCD,sCAiCC;AAED,SAAgB,qBAAqB;IACnC,MAAM,cAAc,GAAG,kBAAkB,CAAA;IACzC,MAAM,aAAa,GAAG,iBAAiB,CAAA;IACvC,IAAI,QAAQ,GAAG,EAAE,CAAA;IAEjB,IAAI,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE;QACjC,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC,QAAQ,EAAE,CAAA;KACtD;SAAM,IAAI,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE;QACvC,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC,QAAQ,EAAE,CAAA;KACrD;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AAZD,sDAYC"}
@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -14,7 +18,7 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 var __importStar = (this && this.__importStar) || function (mod) {
    if (mod && mod.__esModule) return mod;
    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
    __setModuleDefault(result, mod);
    return result;
 };
@@ -1 +1 @@
-{"version":3,"file":"retry-helper.js","sourceRoot":"","sources":["../src/retry-helper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAqC;AAErC;;GAEG;AACH,MAAa,WAAW;IAKtB,YAAY,WAAmB,EAAE,UAAkB,EAAE,UAAkB;QACrE,IAAI,WAAW,GAAG,CAAC,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;SACrE;QAED,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QACxC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QACxC,IAAI,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE;YACrC,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAA;SAC3E;IACH,CAAC;IAEK,OAAO,CACX,MAAwB,EACxB,WAAmC;;YAEnC,IAAI,OAAO,GAAG,CAAC,CAAA;YACf,OAAO,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE;gBACjC,MAAM;gBACN,IAAI;oBACF,OAAO,MAAM,MAAM,EAAE,CAAA;iBACtB;gBAAC,OAAO,GAAG,EAAE;oBACZ,IAAI,WAAW,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE;wBACpC,MAAM,GAAG,CAAA;qBACV;oBAED,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;iBACvB;gBAED,QAAQ;gBACR,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,EAAE,CAAA;gBACrC,IAAI,CAAC,IAAI,CAAC,WAAW,OAAO,8BAA8B,CAAC,CAAA;gBAC3D,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;gBACzB,OAAO,EAAE,CAAA;aACV;YAED,eAAe;YACf,OAAO,MAAM,MAAM,EAAE,CAAA;QACvB,CAAC;KAAA;IAEO,cAAc;QACpB,OAAO,CACL,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;YACnE,IAAI,CAAC,UAAU,CAChB,CAAA;IACH,CAAC;IAEa,KAAK,CAAC,OAAe;;YACjC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAAC,CAAC,CAAA;QACpE,CAAC;KAAA;CACF;AAxDD,kCAwDC"}
+{"version":3,"file":"retry-helper.js","sourceRoot":"","sources":["../src/retry-helper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAqC;AAErC;;GAEG;AACH,MAAa,WAAW;IAKtB,YAAY,WAAmB,EAAE,UAAkB,EAAE,UAAkB;QACrE,IAAI,WAAW,GAAG,CAAC,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;SACrE;QAED,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QACxC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;QACxC,IAAI,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE;YACrC,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAA;SAC3E;IACH,CAAC;IAEK,OAAO,CACX,MAAwB,EACxB,WAAmC;;YAEnC,IAAI,OAAO,GAAG,CAAC,CAAA;YACf,OAAO,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE;gBACjC,MAAM;gBACN,IAAI;oBACF,OAAO,MAAM,MAAM,EAAE,CAAA;iBACtB;gBAAC,OAAO,GAAG,EAAE;oBACZ,IAAI,WAAW,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE;wBACpC,MAAM,GAAG,CAAA;qBACV;oBAED,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;iBACvB;gBAED,QAAQ;gBACR,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,EAAE,CAAA;gBACrC,IAAI,CAAC,IAAI,CAAC,WAAW,OAAO,8BAA8B,CAAC,CAAA;gBAC3D,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;gBACzB,OAAO,EAAE,CAAA;aACV;YAED,eAAe;YACf,OAAO,MAAM,MAAM,EAAE,CAAA;QACvB,CAAC;KAAA;IAEO,cAAc;QACpB,OAAO,CACL,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;YACnE,IAAI,CAAC,UAAU,CAChB,CAAA;IACH,CAAC;IAEa,KAAK,CAAC,OAAe;;YACjC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAAC,CAAC,CAAA;QACpE,CAAC;KAAA;CACF;AAxDD,kCAwDC"}
@@ -92,8 +92,8 @@ export declare function find(toolName: string, versionSpec: string, arch?: strin
 * @param arch      optional arch.  defaults to arch of computer
 */
 export declare function findAllVersions(toolName: string, arch?: string): string[];
-export declare type IToolRelease = mm.IToolRelease;
-export declare type IToolReleaseFile = mm.IToolReleaseFile;
+export type IToolRelease = mm.IToolRelease;
+export type IToolReleaseFile = mm.IToolReleaseFile;
 export declare function getManifestFromRepo(owner: string, repo: string, auth?: string, branch?: string): Promise<IToolRelease[]>;
 export declare function findFromManifest(versionSpec: string, stable: boolean, manifest: IToolRelease[], archFilter?: string): Promise<IToolRelease | undefined>;
 /**
@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -14,7 +18,7 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 var __importStar = (this && this.__importStar) || function (mod) {
    if (mod && mod.__esModule) return mod;
    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
    __setModuleDefault(result, mod);
    return result;
 };
@@ -27,13 +31,11 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.evaluateVersions = exports.isExplicitVersion = exports.findFromManifest = exports.getManifestFromRepo = exports.findAllVersions = exports.find = exports.cacheFile = exports.cacheDir = exports.extractZip = exports.extractXar = exports.extractTar = exports.extract7z = exports.downloadTool = exports.HTTPError = void 0;
 const core = __importStar(require("@actions/core"));
 const io = __importStar(require("@actions/io"));
+const crypto = __importStar(require("crypto"));
 const fs = __importStar(require("fs"));
 const mm = __importStar(require("./manifest"));
 const os = __importStar(require("os"));
@@ -43,7 +45,6 @@ const semver = __importStar(require("semver"));
 const stream = __importStar(require("stream"));
 const util = __importStar(require("util"));
 const assert_1 = require("assert");
-const v4_1 = __importDefault(require("uuid/v4"));
 const exec_1 = require("@actions/exec/lib/exec");
 const retry_helper_1 = require("./retry-helper");
 class HTTPError extends Error {
@@ -68,7 +69,7 @@ const userAgent = 'actions/tool-cache';
 */
 function downloadTool(url, dest, auth, headers) {
    return __awaiter(this, void 0, void 0, function* () {
-        dest = dest || path.join(_getTempDirectory(), v4_1.default());
+        dest = dest || path.join(_getTempDirectory(), crypto.randomUUID());
        yield io.mkdirP(path.dirname(dest));
        core.debug(`Downloading ${url}`);
        core.debug(`Destination ${dest}`);
@@ -157,8 +158,8 @@ function downloadToolAttempt(url, dest, auth, headers) {
 */
 function extract7z(file, dest, _7zPath) {
    return __awaiter(this, void 0, void 0, function* () {
-        assert_1.ok(IS_WINDOWS, 'extract7z() not supported on current OS');
-        assert_1.ok(file, 'parameter "file" is required');
+        (0, assert_1.ok)(IS_WINDOWS, 'extract7z() not supported on current OS');
+        (0, assert_1.ok)(file, 'parameter "file" is required');
        dest = yield _createExtractFolder(dest);
        const originalCwd = process.cwd();
        process.chdir(dest);
@@ -175,7 +176,7 @@ function extract7z(file, dest, _7zPath) {
                const options = {
                    silent: true
                };
-                yield exec_1.exec(`"${_7zPath}"`, args, options);
+                yield (0, exec_1.exec)(`"${_7zPath}"`, args, options);
            }
            finally {
                process.chdir(originalCwd);
@@ -204,7 +205,7 @@ function extract7z(file, dest, _7zPath) {
            };
            try {
                const powershellPath = yield io.which('powershell', true);
-                yield exec_1.exec(`"${powershellPath}"`, args, options);
+                yield (0, exec_1.exec)(`"${powershellPath}"`, args, options);
            }
            finally {
                process.chdir(originalCwd);
@@ -232,7 +233,7 @@ function extractTar(file, dest, flags = 'xz') {
        // Determine whether GNU tar
        core.debug('Checking tar --version');
        let versionOutput = '';
-        yield exec_1.exec('tar --version', [], {
+        yield (0, exec_1.exec)('tar --version', [], {
            ignoreReturnCode: true,
            silent: true,
            listeners: {
@@ -268,7 +269,7 @@ function extractTar(file, dest, flags = 'xz') {
            args.push('--overwrite');
        }
        args.push('-C', destArg, '-f', fileArg);
-        yield exec_1.exec(`tar`, args);
+        yield (0, exec_1.exec)(`tar`, args);
        return dest;
    });
 }
@@ -283,8 +284,8 @@ exports.extractTar = extractTar;
 */
 function extractXar(file, dest, flags = []) {
    return __awaiter(this, void 0, void 0, function* () {
-        assert_1.ok(IS_MAC, 'extractXar() not supported on current OS');
-        assert_1.ok(file, 'parameter "file" is required');
+        (0, assert_1.ok)(IS_MAC, 'extractXar() not supported on current OS');
+        (0, assert_1.ok)(file, 'parameter "file" is required');
        dest = yield _createExtractFolder(dest);
        let args;
        if (flags instanceof Array) {
@@ -298,7 +299,7 @@ function extractXar(file, dest, flags = []) {
            args.push('-v');
        }
        const xarPath = yield io.which('xar', true);
-        yield exec_1.exec(`"${xarPath}"`, _unique(args));
+        yield (0, exec_1.exec)(`"${xarPath}"`, _unique(args));
        return dest;
    });
 }
@@ -352,7 +353,7 @@ function extractZipWin(file, dest) {
                pwshCommand
            ];
            core.debug(`Using pwsh at path: ${pwshPath}`);
-            yield exec_1.exec(`"${pwshPath}"`, args);
+            yield (0, exec_1.exec)(`"${pwshPath}"`, args);
        }
        else {
            const powershellCommand = [
@@ -373,7 +374,7 @@ function extractZipWin(file, dest) {
            ];
            const powershellPath = yield io.which('powershell', true);
            core.debug(`Using powershell at path: ${powershellPath}`);
-            yield exec_1.exec(`"${powershellPath}"`, args);
+            yield (0, exec_1.exec)(`"${powershellPath}"`, args);
        }
    });
 }
@@ -385,7 +386,7 @@ function extractZipNix(file, dest) {
            args.unshift('-q');
        }
        args.unshift('-o'); //overwrite with -o, otherwise a prompt is shown which freezes the run
-        yield exec_1.exec(`"${unzipPath}"`, args, { cwd: dest });
+        yield (0, exec_1.exec)(`"${unzipPath}"`, args, { cwd: dest });
    });
 }
 /**
@@ -562,7 +563,7 @@ function _createExtractFolder(dest) {
    return __awaiter(this, void 0, void 0, function* () {
        if (!dest) {
            // create a temp dir
-            dest = path.join(_getTempDirectory(), v4_1.default());
+            dest = path.join(_getTempDirectory(), crypto.randomUUID());
        }
        yield io.mkdirP(dest);
        return dest;
@@ -635,7 +636,7 @@ exports.evaluateVersions = evaluateVersions;
 */
 function _getCacheDirectory() {
    const cacheDirectory = process.env['RUNNER_TOOL_CACHE'] || '';
-    assert_1.ok(cacheDirectory, 'Expected RUNNER_TOOL_CACHE to be defined');
+    (0, assert_1.ok)(cacheDirectory, 'Expected RUNNER_TOOL_CACHE to be defined');
    return cacheDirectory;
 }
 /**
@@ -643,7 +644,7 @@ function _getCacheDirectory() {
 */
 function _getTempDirectory() {
    const tempDirectory = process.env['RUNNER_TEMP'] || '';
-    assert_1.ok(tempDirectory, 'Expected RUNNER_TEMP to be defined');
+    (0, assert_1.ok)(tempDirectory, 'Expected RUNNER_TEMP to be defined');
    return tempDirectory;
 }
 /**
@@ -1 +0,0 @@
-../semver/bin/semver.js
@@ -1 +0,0 @@
-../uuid/bin/uuid
@@ -1,15 +0,0 @@
-The ISC License
-
-Copyright (c) Isaac Z. Schlueter and Contributors
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
-IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
@@ -1,443 +0,0 @@
-semver(1) -- The semantic versioner for npm
-===========================================
-
-## Install
-
-```bash
-npm install semver
-````
-
-## Usage
-
-As a node module:
-
-```js
-const semver = require('semver')
-
-semver.valid('1.2.3') // '1.2.3'
-semver.valid('a.b.c') // null
-semver.clean('  =v1.2.3   ') // '1.2.3'
-semver.satisfies('1.2.3', '1.x || >=2.5.0 || 5.0.0 - 7.2.3') // true
-semver.gt('1.2.3', '9.8.7') // false
-semver.lt('1.2.3', '9.8.7') // true
-semver.minVersion('>=1.0.0') // '1.0.0'
-semver.valid(semver.coerce('v2')) // '2.0.0'
-semver.valid(semver.coerce('42.6.7.9.3-alpha')) // '42.6.7'
-```
-
-As a command-line utility:
-
-```
-$ semver -h
-
-A JavaScript implementation of the https://semver.org/ specification
-Copyright Isaac Z. Schlueter
-
-Usage: semver [options] <version> [<version> [...]]
-Prints valid versions sorted by SemVer precedence
-
-Options:
-r --range <range>
-        Print versions that match the specified range.
-
-i --increment [<level>]
-        Increment a version by the specified level.  Level can
-        be one of: major, minor, patch, premajor, preminor,
-        prepatch, or prerelease.  Default level is 'patch'.
-        Only one version may be specified.
-
--preid <identifier>
-        Identifier to be used to prefix premajor, preminor,
-        prepatch or prerelease version increments.
-
-l --loose
-        Interpret versions and ranges loosely
-
-p --include-prerelease
-        Always include prerelease versions in range matching
-
-c --coerce
-        Coerce a string into SemVer if possible
-        (does not imply --loose)
-
--rtl
-        Coerce version strings right to left
-
--ltr
-        Coerce version strings left to right (default)
-
-Program exits successfully if any valid version satisfies
-all supplied ranges, and prints all satisfying versions.
-
-If no satisfying versions are found, then exits failure.
-
-Versions are printed in ascending order, so supplying
-multiple versions to the utility will just sort them.
-```
-
-## Versions
-
-A "version" is described by the `v2.0.0` specification found at
-<https://semver.org/>.
-
-A leading `"="` or `"v"` character is stripped off and ignored.
-
-## Ranges
-
-A `version range` is a set of `comparators` which specify versions
-that satisfy the range.
-
-A `comparator` is composed of an `operator` and a `version`.  The set
-of primitive `operators` is:
-
-* `<` Less than
-* `<=` Less than or equal to
-* `>` Greater than
-* `>=` Greater than or equal to
-* `=` Equal.  If no operator is specified, then equality is assumed,
-  so this operator is optional, but MAY be included.
-
-For example, the comparator `>=1.2.7` would match the versions
-`1.2.7`, `1.2.8`, `2.5.3`, and `1.3.9`, but not the versions `1.2.6`
-or `1.1.0`.
-
-Comparators can be joined by whitespace to form a `comparator set`,
-which is satisfied by the **intersection** of all of the comparators
-it includes.
-
-A range is composed of one or more comparator sets, joined by `||`.  A
-version matches a range if and only if every comparator in at least
-one of the `||`-separated comparator sets is satisfied by the version.
-
-For example, the range `>=1.2.7 <1.3.0` would match the versions
-`1.2.7`, `1.2.8`, and `1.2.99`, but not the versions `1.2.6`, `1.3.0`,
-or `1.1.0`.
-
-The range `1.2.7 || >=1.2.9 <2.0.0` would match the versions `1.2.7`,
-`1.2.9`, and `1.4.6`, but not the versions `1.2.8` or `2.0.0`.
-
-### Prerelease Tags
-
-If a version has a prerelease tag (for example, `1.2.3-alpha.3`) then
-it will only be allowed to satisfy comparator sets if at least one
-comparator with the same `[major, minor, patch]` tuple also has a
-prerelease tag.
-
-For example, the range `>1.2.3-alpha.3` would be allowed to match the
-version `1.2.3-alpha.7`, but it would *not* be satisfied by
-`3.4.5-alpha.9`, even though `3.4.5-alpha.9` is technically "greater
-than" `1.2.3-alpha.3` according to the SemVer sort rules.  The version
-range only accepts prerelease tags on the `1.2.3` version.  The
-version `3.4.5` *would* satisfy the range, because it does not have a
-prerelease flag, and `3.4.5` is greater than `1.2.3-alpha.7`.
-
-The purpose for this behavior is twofold.  First, prerelease versions
-frequently are updated very quickly, and contain many breaking changes
-that are (by the author's design) not yet fit for public consumption.
-Therefore, by default, they are excluded from range matching
-semantics.
-
-Second, a user who has opted into using a prerelease version has
-clearly indicated the intent to use *that specific* set of
-alpha/beta/rc versions.  By including a prerelease tag in the range,
-the user is indicating that they are aware of the risk.  However, it
-is still not appropriate to assume that they have opted into taking a
-similar risk on the *next* set of prerelease versions.
-
-Note that this behavior can be suppressed (treating all prerelease
-versions as if they were normal versions, for the purpose of range
-matching) by setting the `includePrerelease` flag on the options
-object to any
-[functions](https://github.com/npm/node-semver#functions) that do
-range matching.
-
-#### Prerelease Identifiers
-
-The method `.inc` takes an additional `identifier` string argument that
-will append the value of the string as a prerelease identifier:
-
-```javascript
-semver.inc('1.2.3', 'prerelease', 'beta')
-// '1.2.4-beta.0'
-```
-
-command-line example:
-
-```bash
-$ semver 1.2.3 -i prerelease --preid beta
-1.2.4-beta.0
-```
-
-Which then can be used to increment further:
-
-```bash
-$ semver 1.2.4-beta.0 -i prerelease
-1.2.4-beta.1
-```
-
-### Advanced Range Syntax
-
-Advanced range syntax desugars to primitive comparators in
-deterministic ways.
-
-Advanced ranges may be combined in the same way as primitive
-comparators using white space or `||`.
-
-#### Hyphen Ranges `X.Y.Z - A.B.C`
-
-Specifies an inclusive set.
-
-* `1.2.3 - 2.3.4` := `>=1.2.3 <=2.3.4`
-
-If a partial version is provided as the first version in the inclusive
-range, then the missing pieces are replaced with zeroes.
-
-* `1.2 - 2.3.4` := `>=1.2.0 <=2.3.4`
-
-If a partial version is provided as the second version in the
-inclusive range, then all versions that start with the supplied parts
-of the tuple are accepted, but nothing that would be greater than the
-provided tuple parts.
-
-* `1.2.3 - 2.3` := `>=1.2.3 <2.4.0`
-* `1.2.3 - 2` := `>=1.2.3 <3.0.0`
-
-#### X-Ranges `1.2.x` `1.X` `1.2.*` `*`
-
-Any of `X`, `x`, or `*` may be used to "stand in" for one of the
-numeric values in the `[major, minor, patch]` tuple.
-
-* `*` := `>=0.0.0` (Any version satisfies)
-* `1.x` := `>=1.0.0 <2.0.0` (Matching major version)
-* `1.2.x` := `>=1.2.0 <1.3.0` (Matching major and minor versions)
-
-A partial version range is treated as an X-Range, so the special
-character is in fact optional.
-
-* `""` (empty string) := `*` := `>=0.0.0`
-* `1` := `1.x.x` := `>=1.0.0 <2.0.0`
-* `1.2` := `1.2.x` := `>=1.2.0 <1.3.0`
-
-#### Tilde Ranges `~1.2.3` `~1.2` `~1`
-
-Allows patch-level changes if a minor version is specified on the
-comparator.  Allows minor-level changes if not.
-
-* `~1.2.3` := `>=1.2.3 <1.(2+1).0` := `>=1.2.3 <1.3.0`
-* `~1.2` := `>=1.2.0 <1.(2+1).0` := `>=1.2.0 <1.3.0` (Same as `1.2.x`)
-* `~1` := `>=1.0.0 <(1+1).0.0` := `>=1.0.0 <2.0.0` (Same as `1.x`)
-* `~0.2.3` := `>=0.2.3 <0.(2+1).0` := `>=0.2.3 <0.3.0`
-* `~0.2` := `>=0.2.0 <0.(2+1).0` := `>=0.2.0 <0.3.0` (Same as `0.2.x`)
-* `~0` := `>=0.0.0 <(0+1).0.0` := `>=0.0.0 <1.0.0` (Same as `0.x`)
-* `~1.2.3-beta.2` := `>=1.2.3-beta.2 <1.3.0` Note that prereleases in
-  the `1.2.3` version will be allowed, if they are greater than or
-  equal to `beta.2`.  So, `1.2.3-beta.4` would be allowed, but
-  `1.2.4-beta.2` would not, because it is a prerelease of a
-  different `[major, minor, patch]` tuple.
-
-#### Caret Ranges `^1.2.3` `^0.2.5` `^0.0.4`
-
-Allows changes that do not modify the left-most non-zero element in the
-`[major, minor, patch]` tuple.  In other words, this allows patch and
-minor updates for versions `1.0.0` and above, patch updates for
-versions `0.X >=0.1.0`, and *no* updates for versions `0.0.X`.
-
-Many authors treat a `0.x` version as if the `x` were the major
-"breaking-change" indicator.
-
-Caret ranges are ideal when an author may make breaking changes
-between `0.2.4` and `0.3.0` releases, which is a common practice.
-However, it presumes that there will *not* be breaking changes between
-`0.2.4` and `0.2.5`.  It allows for changes that are presumed to be
-additive (but non-breaking), according to commonly observed practices.
-
-* `^1.2.3` := `>=1.2.3 <2.0.0`
-* `^0.2.3` := `>=0.2.3 <0.3.0`
-* `^0.0.3` := `>=0.0.3 <0.0.4`
-* `^1.2.3-beta.2` := `>=1.2.3-beta.2 <2.0.0` Note that prereleases in
-  the `1.2.3` version will be allowed, if they are greater than or
-  equal to `beta.2`.  So, `1.2.3-beta.4` would be allowed, but
-  `1.2.4-beta.2` would not, because it is a prerelease of a
-  different `[major, minor, patch]` tuple.
-* `^0.0.3-beta` := `>=0.0.3-beta <0.0.4`  Note that prereleases in the
-  `0.0.3` version *only* will be allowed, if they are greater than or
-  equal to `beta`.  So, `0.0.3-pr.2` would be allowed.
-
-When parsing caret ranges, a missing `patch` value desugars to the
-number `0`, but will allow flexibility within that value, even if the
-major and minor versions are both `0`.
-
-* `^1.2.x` := `>=1.2.0 <2.0.0`
-* `^0.0.x` := `>=0.0.0 <0.1.0`
-* `^0.0` := `>=0.0.0 <0.1.0`
-
-A missing `minor` and `patch` values will desugar to zero, but also
-allow flexibility within those values, even if the major version is
-zero.
-
-* `^1.x` := `>=1.0.0 <2.0.0`
-* `^0.x` := `>=0.0.0 <1.0.0`
-
-### Range Grammar
-
-Putting all this together, here is a Backus-Naur grammar for ranges,
-for the benefit of parser authors:
-
-```bnf
-range-set  ::= range ( logical-or range ) *
-logical-or ::= ( ' ' ) * '||' ( ' ' ) *
-range      ::= hyphen | simple ( ' ' simple ) * | ''
-hyphen     ::= partial ' - ' partial
-simple     ::= primitive | partial | tilde | caret
-primitive  ::= ( '<' | '>' | '>=' | '<=' | '=' ) partial
-partial    ::= xr ( '.' xr ( '.' xr qualifier ? )? )?
-xr         ::= 'x' | 'X' | '*' | nr
-nr         ::= '0' | ['1'-'9'] ( ['0'-'9'] ) *
-tilde      ::= '~' partial
-caret      ::= '^' partial
-qualifier  ::= ( '-' pre )? ( '+' build )?
-pre        ::= parts
-build      ::= parts
-parts      ::= part ( '.' part ) *
-part       ::= nr | [-0-9A-Za-z]+
-```
-
-## Functions
-
-All methods and classes take a final `options` object argument.  All
-options in this object are `false` by default.  The options supported
-are:
-
- `loose`  Be more forgiving about not-quite-valid semver strings.
-  (Any resulting output will always be 100% strict compliant, of
-  course.)  For backwards compatibility reasons, if the `options`
-  argument is a boolean value instead of an object, it is interpreted
-  to be the `loose` param.
- `includePrerelease`  Set to suppress the [default
-  behavior](https://github.com/npm/node-semver#prerelease-tags) of
-  excluding prerelease tagged versions from ranges unless they are
-  explicitly opted into.
-
-Strict-mode Comparators and Ranges will be strict about the SemVer
-strings that they parse.
-
-* `valid(v)`: Return the parsed version, or null if it's not valid.
-* `inc(v, release)`: Return the version incremented by the release
-  type (`major`,   `premajor`, `minor`, `preminor`, `patch`,
-  `prepatch`, or `prerelease`), or null if it's not valid
-  * `premajor` in one call will bump the version up to the next major
-    version and down to a prerelease of that major version.
-    `preminor`, and `prepatch` work the same way.
-  * If called from a non-prerelease version, the `prerelease` will work the
-    same as `prepatch`. It increments the patch version, then makes a
-    prerelease. If the input version is already a prerelease it simply
-    increments it.
-* `prerelease(v)`: Returns an array of prerelease components, or null
-  if none exist. Example: `prerelease('1.2.3-alpha.1') -> ['alpha', 1]`
-* `major(v)`: Return the major version number.
-* `minor(v)`: Return the minor version number.
-* `patch(v)`: Return the patch version number.
-* `intersects(r1, r2, loose)`: Return true if the two supplied ranges
-  or comparators intersect.
-* `parse(v)`: Attempt to parse a string as a semantic version, returning either
-  a `SemVer` object or `null`.
-
-### Comparison
-
-* `gt(v1, v2)`: `v1 > v2`
-* `gte(v1, v2)`: `v1 >= v2`
-* `lt(v1, v2)`: `v1 < v2`
-* `lte(v1, v2)`: `v1 <= v2`
-* `eq(v1, v2)`: `v1 == v2` This is true if they're logically equivalent,
-  even if they're not the exact same string.  You already know how to
-  compare strings.
-* `neq(v1, v2)`: `v1 != v2` The opposite of `eq`.
-* `cmp(v1, comparator, v2)`: Pass in a comparison string, and it'll call
-  the corresponding function above.  `"==="` and `"!=="` do simple
-  string comparison, but are included for completeness.  Throws if an
-  invalid comparison string is provided.
-* `compare(v1, v2)`: Return `0` if `v1 == v2`, or `1` if `v1` is greater, or `-1` if
-  `v2` is greater.  Sorts in ascending order if passed to `Array.sort()`.
-* `rcompare(v1, v2)`: The reverse of compare.  Sorts an array of versions
-  in descending order when passed to `Array.sort()`.
-* `compareBuild(v1, v2)`: The same as `compare` but considers `build` when two versions
-  are equal.  Sorts in ascending order if passed to `Array.sort()`.
-  `v2` is greater.  Sorts in ascending order if passed to `Array.sort()`.
-* `diff(v1, v2)`: Returns difference between two versions by the release type
-  (`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`),
-  or null if the versions are the same.
-
-### Comparators
-
-* `intersects(comparator)`: Return true if the comparators intersect
-
-### Ranges
-
-* `validRange(range)`: Return the valid range or null if it's not valid
-* `satisfies(version, range)`: Return true if the version satisfies the
-  range.
-* `maxSatisfying(versions, range)`: Return the highest version in the list
-  that satisfies the range, or `null` if none of them do.
-* `minSatisfying(versions, range)`: Return the lowest version in the list
-  that satisfies the range, or `null` if none of them do.
-* `minVersion(range)`: Return the lowest version that can possibly match
-  the given range.
-* `gtr(version, range)`: Return `true` if version is greater than all the
-  versions possible in the range.
-* `ltr(version, range)`: Return `true` if version is less than all the
-  versions possible in the range.
-* `outside(version, range, hilo)`: Return true if the version is outside
-  the bounds of the range in either the high or low direction.  The
-  `hilo` argument must be either the string `'>'` or `'<'`.  (This is
-  the function called by `gtr` and `ltr`.)
-* `intersects(range)`: Return true if any of the ranges comparators intersect
-
-Note that, since ranges may be non-contiguous, a version might not be
-greater than a range, less than a range, *or* satisfy a range!  For
-example, the range `1.2 <1.2.9 || >2.0.0` would have a hole from `1.2.9`
-until `2.0.0`, so the version `1.2.10` would not be greater than the
-range (because `2.0.1` satisfies, which is higher), nor less than the
-range (since `1.2.8` satisfies, which is lower), and it also does not
-satisfy the range.
-
-If you want to know if a version satisfies or does not satisfy a
-range, use the `satisfies(version, range)` function.
-
-### Coercion
-
-* `coerce(version, options)`: Coerces a string to semver if possible
-
-This aims to provide a very forgiving translation of a non-semver string to
-semver. It looks for the first digit in a string, and consumes all
-remaining characters which satisfy at least a partial semver (e.g., `1`,
-`1.2`, `1.2.3`) up to the max permitted length (256 characters).  Longer
-versions are simply truncated (`4.6.3.9.2-alpha2` becomes `4.6.3`).  All
-surrounding text is simply ignored (`v3.4 replaces v3.3.1` becomes
-`3.4.0`).  Only text which lacks digits will fail coercion (`version one`
-is not valid).  The maximum  length for any semver component considered for
-coercion is 16 characters; longer components will be ignored
-(`10000000000000000.4.7.4` becomes `4.7.4`).  The maximum value for any
-semver component is `Integer.MAX_SAFE_INTEGER || (2**53 - 1)`; higher value
-components are invalid (`9999999999999999.4.7.4` is likely invalid).
-
-If the `options.rtl` flag is set, then `coerce` will return the right-most
-coercible tuple that does not share an ending index with a longer coercible
-tuple.  For example, `1.2.3.4` will return `2.3.4` in rtl mode, not
-`4.0.0`.  `1.2.3/4` will return `4.0.0`, because the `4` is not a part of
-any other overlapping SemVer tuple.
-
-### Clean
-
-* `clean(version)`: Clean a string to be a valid semver if possible
-
-This will return a cleaned and trimmed semver version. If the provided version is not valid a null will be returned. This does not work for ranges. 
-
-ex.
-* `s.clean(' = v 2.1.5foo')`: `null`
-* `s.clean(' = v 2.1.5foo', { loose: true })`: `'2.1.5-foo'`
-* `s.clean(' = v 2.1.5-foo')`: `null`
-* `s.clean(' = v 2.1.5-foo', { loose: true })`: `'2.1.5-foo'`
-* `s.clean('=v2.1.5')`: `'2.1.5'`
-* `s.clean('  =v2.1.5')`: `2.1.5`
-* `s.clean('      2.1.5   ')`: `'2.1.5'`
-* `s.clean('~1.0.0')`: `null`
@@ -1,174 +0,0 @@
-#!/usr/bin/env node
-// Standalone semver comparison program.
-// Exits successfully and prints matching version(s) if
-// any supplied version is valid and passes all tests.
-
-var argv = process.argv.slice(2)
-
-var versions = []
-
-var range = []
-
-var inc = null
-
-var version = require('../package.json').version
-
-var loose = false
-
-var includePrerelease = false
-
-var coerce = false
-
-var rtl = false
-
-var identifier
-
-var semver = require('../semver')
-
-var reverse = false
-
-var options = {}
-
-main()
-
-function main () {
-  if (!argv.length) return help()
-  while (argv.length) {
-    var a = argv.shift()
-    var indexOfEqualSign = a.indexOf('=')
-    if (indexOfEqualSign !== -1) {
-      a = a.slice(0, indexOfEqualSign)
-      argv.unshift(a.slice(indexOfEqualSign + 1))
-    }
-    switch (a) {
-      case '-rv': case '-rev': case '--rev': case '--reverse':
-        reverse = true
-        break
-      case '-l': case '--loose':
-        loose = true
-        break
-      case '-p': case '--include-prerelease':
-        includePrerelease = true
-        break
-      case '-v': case '--version':
-        versions.push(argv.shift())
-        break
-      case '-i': case '--inc': case '--increment':
-        switch (argv[0]) {
-          case 'major': case 'minor': case 'patch': case 'prerelease':
-          case 'premajor': case 'preminor': case 'prepatch':
-            inc = argv.shift()
-            break
-          default:
-            inc = 'patch'
-            break
-        }
-        break
-      case '--preid':
-        identifier = argv.shift()
-        break
-      case '-r': case '--range':
-        range.push(argv.shift())
-        break
-      case '-c': case '--coerce':
-        coerce = true
-        break
-      case '--rtl':
-        rtl = true
-        break
-      case '--ltr':
-        rtl = false
-        break
-      case '-h': case '--help': case '-?':
-        return help()
-      default:
-        versions.push(a)
-        break
-    }
-  }
-
-  var options = { loose: loose, includePrerelease: includePrerelease, rtl: rtl }
-
-  versions = versions.map(function (v) {
-    return coerce ? (semver.coerce(v, options) || { version: v }).version : v
-  }).filter(function (v) {
-    return semver.valid(v)
-  })
-  if (!versions.length) return fail()
-  if (inc && (versions.length !== 1 || range.length)) { return failInc() }
-
-  for (var i = 0, l = range.length; i < l; i++) {
-    versions = versions.filter(function (v) {
-      return semver.satisfies(v, range[i], options)
-    })
-    if (!versions.length) return fail()
-  }
-  return success(versions)
-}
-
-function failInc () {
-  console.error('--inc can only be used on a single version with no range')
-  fail()
-}
-
-function fail () { process.exit(1) }
-
-function success () {
-  var compare = reverse ? 'rcompare' : 'compare'
-  versions.sort(function (a, b) {
-    return semver[compare](a, b, options)
-  }).map(function (v) {
-    return semver.clean(v, options)
-  }).map(function (v) {
-    return inc ? semver.inc(v, inc, options, identifier) : v
-  }).forEach(function (v, i, _) { console.log(v) })
-}
-
-function help () {
-  console.log(['SemVer ' + version,
-    '',
-    'A JavaScript implementation of the https://semver.org/ specification',
-    'Copyright Isaac Z. Schlueter',
-    '',
-    'Usage: semver [options] <version> [<version> [...]]',
-    'Prints valid versions sorted by SemVer precedence',
-    '',
-    'Options:',
-    '-r --range <range>',
-    '        Print versions that match the specified range.',
-    '',
-    '-i --increment [<level>]',
-    '        Increment a version by the specified level.  Level can',
-    '        be one of: major, minor, patch, premajor, preminor,',
-    "        prepatch, or prerelease.  Default level is 'patch'.",
-    '        Only one version may be specified.',
-    '',
-    '--preid <identifier>',
-    '        Identifier to be used to prefix premajor, preminor,',
-    '        prepatch or prerelease version increments.',
-    '',
-    '-l --loose',
-    '        Interpret versions and ranges loosely',
-    '',
-    '-p --include-prerelease',
-    '        Always include prerelease versions in range matching',
-    '',
-    '-c --coerce',
-    '        Coerce a string into SemVer if possible',
-    '        (does not imply --loose)',
-    '',
-    '--rtl',
-    '        Coerce version strings right to left',
-    '',
-    '--ltr',
-    '        Coerce version strings left to right (default)',
-    '',
-    'Program exits successfully if any valid version satisfies',
-    'all supplied ranges, and prints all satisfying versions.',
-    '',
-    'If no satisfying versions are found, then exits failure.',
-    '',
-    'Versions are printed in ascending order, so supplying',
-    'multiple versions to the utility will just sort them.'
-  ].join('\n'))
-}
@@ -1,38 +0,0 @@
-{
-  "name": "semver",
-  "version": "6.3.1",
-  "description": "The semantic version parser used by npm.",
-  "main": "semver.js",
-  "scripts": {
-    "test": "tap test/ --100 --timeout=30",
-    "lint": "echo linting disabled",
-    "postlint": "template-oss-check",
-    "template-oss-apply": "template-oss-apply --force",
-    "lintfix": "npm run lint -- --fix",
-    "snap": "tap test/ --100 --timeout=30",
-    "posttest": "npm run lint"
-  },
-  "devDependencies": {
-    "@npmcli/template-oss": "4.17.0",
-    "tap": "^12.7.0"
-  },
-  "license": "ISC",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/npm/node-semver.git"
-  },
-  "bin": {
-    "semver": "./bin/semver.js"
-  },
-  "files": [
-    "bin",
-    "range.bnf",
-    "semver.js"
-  ],
-  "author": "GitHub Inc.",
-  "templateOSS": {
-    "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
-    "content": "./scripts/template-oss",
-    "version": "4.17.0"
-  }
-}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Chris Smowton	7e3036b9cd	Merge pull request #2716 from github/mergeback/v3.28.4-to-main-ee117c90 Mergeback v3.28.4 refs/heads/releases/v3 into main	2025-01-23 17:09:33 +00:00
github-actions[bot]	e32a0d62d4	Update checked-in dependencies	2025-01-23 16:48:10 +00:00
github-actions[bot]	67c21e4084	Update changelog and version after v3.28.4	2025-01-23 16:44:36 +00:00
Chris Smowton	ee117c905a	Merge pull request #2715 from github/update-v3.28.4-b44b19fe8 Merge main into releases/v3	2025-01-23 16:43:44 +00:00
github-actions[bot]	377913f015	Update changelog for v3.28.4	2025-01-23 16:28:37 +00:00
Angela P Wen	b44b19fe8d	Merge pull request #2714 from github/mergeback/v3.28.3-to-main-dd196fa9 Mergeback v3.28.3 refs/heads/releases/v3 into main	2025-01-22 11:34:36 -08:00
github-actions[bot]	d7366a1e50	Update checked-in dependencies	2025-01-22 19:16:53 +00:00
github-actions[bot]	4872b26ff9	Update changelog and version after v3.28.3	2025-01-22 19:14:27 +00:00
Angela P Wen	dd196fa9ce	Merge pull request #2713 from github/update-v3.28.3-23ec3afaf Merge main into releases/v3	2025-01-22 11:13:29 -08:00
github-actions[bot]	23d07bb885	Update changelog for v3.28.3	2025-01-22 18:55:38 +00:00
Angela P Wen	23ec3afaf8	Merge pull request #2712 from github/angelapwen/stop-debug-artifacts Temporarily disable uploading debug artifacts	2025-01-22 10:53:09 -08:00
Angela P Wen	519de26711	Temporarily disable uploading debug artifacts	2025-01-22 10:35:38 -08:00
Henry Mercer	7e4b683a3d	Merge pull request #2710 from github/henrymercer/fix-extension-assumption Fix assumption that download URLs contain file extension	2025-01-22 16:03:43 +00:00
Henry Mercer	3505f8142a	Merge branch 'main' into henrymercer/fix-extension-assumption	2025-01-22 14:52:26 +00:00
Chris Smowton	1645dbd3bf	Merge pull request #2707 from github/update-bundle/codeql-bundle-v2.20.2 Update default bundle to 2.20.2	2025-01-22 14:41:04 +00:00
Chris Smowton	4b7c237f3d	Merge branch 'main' into update-bundle/codeql-bundle-v2.20.2	2025-01-22 14:27:19 +00:00
Henry Mercer	924ef8f189	Merge pull request #2711 from github/dependabot/npm_and_yarn/npm_and_yarn-2c579f9325 build(deps): bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group	2025-01-22 13:35:07 +00:00
github-actions[bot]	140c5ea762	Update checked-in dependencies	2025-01-22 13:22:06 +00:00
dependabot[bot]	c34eb63970	build(deps): bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group Bumps the npm_and_yarn group with 1 update: [undici](https://github.com/nodejs/undici). Updates `undici` from 5.28.4 to 5.28.5 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.28.4...v5.28.5) --- updated-dependencies: - dependency-name: undici dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>	2025-01-22 13:20:50 +00:00
Henry Mercer	07d32980ce	Tweak wording of changelog entry	2025-01-22 13:14:30 +00:00
Henry Mercer	20bbc8f5b5	Add changelog note	2025-01-22 13:02:46 +00:00
Henry Mercer	d23f49f56f	Fix assumption that download URLs contain file extension This is not the case when downloading the bundle from a GitHub Release synced to GHES with the CodeQL Action sync tool.	2025-01-22 13:02:45 +00:00
Marco Gario	f89b8a7d52	Merge pull request #2709 from github/mergeback/v3.28.2-to-main-d68b2d4e Mergeback v3.28.2 refs/heads/releases/v3 into main	2025-01-21 18:20:37 +01:00
github-actions[bot]	86400836d1	Update checked-in dependencies	2025-01-21 17:07:17 +00:00
github-actions[bot]	6fee807c9b	Update changelog and version after v3.28.2	2025-01-21 17:05:34 +00:00
Marco Gario	d68b2d4edb	Merge pull request #2708 from github/update-v3.28.2-d90e07f32 Merge main into releases/v3	2025-01-21 18:04:25 +01:00
github-actions[bot]	ea23796445	Update changelog for v3.28.2	2025-01-21 15:58:08 +00:00
github-actions[bot]	a0c2b7d296	Add changelog note	2025-01-21 14:20:16 +00:00
github-actions[bot]	aa76523503	Update default bundle to codeql-bundle-v2.20.2	2025-01-21 14:20:11 +00:00
Andrew Eisenberg	d90e07f32e	Merge pull request #2703 from github/dependabot/npm_and_yarn/npm-cd3f77644b build(deps): bump the npm group with 3 updates	2025-01-20 11:06:11 -08:00
github-actions[bot]	7b7562b176	Update checked-in dependencies	2025-01-20 17:43:54 +00:00
dependabot[bot]	c16863838b	build(deps): bump the npm group with 3 updates Bumps the npm group with 3 updates: [@actions/tool-cache](https://github.com/actions/toolkit/tree/HEAD/packages/tool-cache), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser). Updates `@actions/tool-cache` from 2.0.1 to 2.0.2 - [Changelog](https://github.com/actions/toolkit/blob/main/packages/tool-cache/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/tool-cache) Updates `@typescript-eslint/eslint-plugin` from 8.20.0 to 8.21.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.21.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.20.0 to 8.21.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.21.0/packages/parser) --- updated-dependencies: - dependency-name: "@actions/tool-cache" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm ... Signed-off-by: dependabot[bot] <support@github.com>	2025-01-20 17:42:26 +00:00
Chuan-kai Lin	0f1559aeaf	Merge pull request #2699 from github/cklin/diff-informed-file-fallback getDiffRanges: better fallback for absent patch	2025-01-16 13:46:22 -08:00
Chuan-kai Lin	2d608a3097	Merge branch 'main' into cklin/diff-informed-file-fallback	2025-01-16 13:27:15 -08:00
Chuan-kai Lin	94f08f339e	Merge pull request #2698 from github/cklin/diff-informed-status-report Add analysis_is_diff_informed to status report	2025-01-16 12:47:24 -08:00
Chuan-kai Lin	071996fbe2	getDiffRanges: better fallback for absent patch	2025-01-16 09:26:22 -08:00
Chuan-kai Lin	5889cfd499	Add analysis_is_diff_informed to status report	2025-01-16 08:50:23 -08:00
Henry Mercer	7ae5fc37a2	Merge pull request #2696 from github/henrymercer/delete-code Remove redundant version checks	2025-01-16 15:55:05 +00:00
Henry Mercer	40a203a0ea	Remove redundant version checks Remove version checks that always return true given the new minimum version of CodeQL.	2025-01-15 18:02:25 +00:00
Henry Mercer	bd76a92ebe	PR checks: Remove code for unsupported versions	2025-01-15 17:50:02 +00:00
Henry Mercer	93da9f25ab	Merge pull request #2690 from github/dependabot/npm_and_yarn/npm-006da05bd8 build(deps): bump the npm group with 8 updates	2025-01-15 17:43:17 +00:00
Henry Mercer	4de061d85d	Merge branch 'main' into dependabot/npm_and_yarn/npm-006da05bd8	2025-01-15 17:30:02 +00:00
Henry Mercer	b40fa61fd6	Merge pull request #2695 from github/henrymercer/remove-node-16-check Remove Node 16 compilation PR check	2025-01-15 17:29:40 +00:00
Henry Mercer	fc8d71f801	Add reminder to CONTRIBUTING.md	2025-01-15 14:12:58 +00:00
Henry Mercer	048b0a2fc9	Remove Node 16 compilation PR check	2025-01-15 13:59:30 +00:00
Henry Mercer	02dfacf1c1	Fix linting errors	2025-01-15 13:57:55 +00:00
Marco Gario	3b4f4d94c0	Merge pull request #2680 from github/marcogario/filter_registries Filter registry credentials by language	2025-01-15 11:34:00 +01:00
Chuan-kai Lin	1efc6bb9ce	Merge pull request #2679 from github/cklin/get-diff-from-api getPullRequestEditedDiffRanges: use GitHub API	2025-01-14 07:10:58 -08:00
Marco Gario	31d11b19a0	Use Language type	2025-01-14 14:29:26 +00:00
Chuan-kai Lin	ae19466961	build: refresh js files	2025-01-13 14:29:39 -08:00
Chuan-kai Lin	3548ff54b5	writeDiffRangeDataExtensionPack: escape special characters in filenames	2025-01-13 14:28:56 -08:00
Chuan-kai Lin	52315a9f7d	setupDiffInformedQueryRun: log setup failure	2025-01-13 14:28:56 -08:00
Chuan-kai Lin	784896750f	getDiffRanges: add unit tests	2025-01-13 14:28:56 -08:00
Chuan-kai Lin	d4c56bbb31	getDiffRanges: improve handling for missing patch	2025-01-13 14:28:56 -08:00
Chuan-kai Lin	63d1f4f8a2	getPullRequestEditedDiffRanges: check the number of changed files	2025-01-13 14:28:56 -08:00
Chuan-kai Lin	68b1b4e9eb	getPullRequestEditedDiffRanges: compute diff ranges	2025-01-13 14:28:54 -08:00
Andrew Eisenberg	10a3f072a0	Merge pull request #2689 from josiahaltschuler/add-period-to-sentence Add period to end of sentence	2025-01-13 09:44:46 -08:00
github-actions[bot]	e5a7c904c1	Update checked-in dependencies	2025-01-13 17:23:46 +00:00
dependabot[bot]	7269bf610b	build(deps): bump the npm group with 8 updates Bumps the npm group with 8 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [@octokit/types](https://github.com/octokit/types.ts) \| `13.6.2` \| `13.7.0` \| \| [long](https://github.com/dcodeIO/long.js) \| `5.2.3` \| `5.2.4` \| \| [uuid](https://github.com/uuidjs/uuid) \| `11.0.4` \| `11.0.5` \| \| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) \| `9.17.0` \| `9.18.0` \| \| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) \| `8.19.0` \| `8.20.0` \| \| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) \| `8.19.0` \| `8.20.0` \| \| [eslint-plugin-github](https://github.com/github/eslint-plugin-github) \| `5.1.4` \| `5.1.5` \| \| [typescript](https://github.com/microsoft/TypeScript) \| `5.7.2` \| `5.7.3` \| Updates `@octokit/types` from 13.6.2 to 13.7.0 - [Release notes](https://github.com/octokit/types.ts/releases) - [Commits](https://github.com/octokit/types.ts/compare/v13.6.2...v13.7.0) Updates `long` from 5.2.3 to 5.2.4 - [Release notes](https://github.com/dcodeIO/long.js/releases) - [Commits](https://github.com/dcodeIO/long.js/compare/v5.2.3...v5.2.4) Updates `uuid` from 11.0.4 to 11.0.5 - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md) - [Commits](https://github.com/uuidjs/uuid/compare/v11.0.4...v11.0.5) Updates `@eslint/js` from 9.17.0 to 9.18.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/commits/v9.18.0/packages/js) Updates `@typescript-eslint/eslint-plugin` from 8.19.0 to 8.20.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.20.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.19.0 to 8.20.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.20.0/packages/parser) Updates `eslint-plugin-github` from 5.1.4 to 5.1.5 - [Release notes](https://github.com/github/eslint-plugin-github/releases) - [Commits](https://github.com/github/eslint-plugin-github/compare/v5.1.4...v5.1.5) Updates `typescript` from 5.7.2 to 5.7.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](https://github.com/microsoft/TypeScript/compare/v5.7.2...v5.7.3) --- updated-dependencies: - dependency-name: "@octokit/types" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: npm - dependency-name: long dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm - dependency-name: uuid dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@eslint/js" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: eslint-plugin-github dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm ... Signed-off-by: dependabot[bot] <support@github.com>	2025-01-13 17:22:41 +00:00
Andrew Eisenberg	a082142a01	Merge branch 'main' into add-period-to-sentence	2025-01-13 09:21:14 -08:00
Andrew Eisenberg	2584941842	Merge pull request #2687 from josiahaltschuler/typo-change-an-to-a Change 'an' to 'a'	2025-01-13 08:44:03 -08:00
Andrew Eisenberg	cecb471d0a	Merge branch 'main' into typo-change-an-to-a	2025-01-13 08:30:14 -08:00
Marco Gario	de0f9cf316	Support both namings for java	2025-01-13 16:15:26 +00:00
Chuan-kai Lin	68378a359a	getPullRequestEditedDiffRanges: use GitHub API	2025-01-13 07:35:44 -08:00
Henry Mercer	1f86f55dce	Merge pull request #2685 from github/henrymercer/invalid-specifier-config-error Mark invalid external repo specifiers as configuration error	2025-01-13 11:30:58 +00:00
Marco Gario	e02d65ac18	Filter registry credentials by language	2025-01-13 10:52:07 +00:00
Josiah Altschuler	c0addecf24	Add period to end of sentence	2025-01-10 21:37:36 -06:00
Josiah Altschuler	a477602004	Change 'an' to 'a'	2025-01-10 20:20:12 -06:00
Andrew Eisenberg	db7177a1c6	Merge pull request #2686 from josiahaltschuler/fix-typo-in-changelog Remove the word 'to'	2025-01-10 15:30:23 -08:00
Josiah Altschuler	79c94942ec	Remove the word 'to'	2025-01-10 17:07:04 -06:00
Henry Mercer	fe593c34e6	Mark invalid external repo specifiers as configuration error This is a workaround — the proper fix is to better separate out user input vs the Action in `database init` so we can better attribute configuration errors.	2025-01-10 20:41:24 +00:00
Henry Mercer	87fc816d25	Merge pull request #2669 from github/update-supported-enterprise-server-versions Update supported GitHub Enterprise Server versions	2025-01-10 19:24:40 +00:00
Angela P Wen	47835cd7ea	Merge pull request #2684 from github/angelapwen/stop-updating-v2-branch Stop updating `releases/v2` branch	2025-01-10 11:17:26 -08:00
Angela P Wen	c050c40379	Stop updating `releases/v2` branch CodeQL Action v2 is now deprecated: https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/ and this PR will prevent the automation from backporting new changes to the `v2` branch when we replease.	2025-01-10 10:59:20 -08:00
Angela P Wen	2b9e645437	Merge pull request #2682 from github/mergeback/v3.28.1-to-main-b6a472f6 Mergeback v3.28.1 refs/heads/releases/v3 into main	2025-01-10 10:51:41 -08:00
github-actions[bot]	fd3c034df5	Update checked-in dependencies	2025-01-10 18:35:55 +00:00
github-actions[bot]	18c1cbf7f6	Update changelog and version after v3.28.1	2025-01-10 18:25:54 +00:00
github-actions[bot]	a5a85242b9	Update supported GitHub Enterprise Server versions	2024-12-27 00:14:47 +00:00