From 297313df79f4bcbd08eb529220f6b82f3c2fdeb8 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 3 Oct 2025 14:15:55 +0100 Subject: [PATCH 01/59] Add `getLatestToolcacheVersion` with tests --- lib/analyze-action-post.js | 58 +++++++++++++++---------------- lib/analyze-action.js | 58 +++++++++++++++---------------- lib/autobuild-action.js | 58 +++++++++++++++---------------- lib/init-action-post.js | 58 +++++++++++++++---------------- lib/init-action.js | 58 +++++++++++++++---------------- lib/resolve-environment-action.js | 58 +++++++++++++++---------------- lib/start-proxy-action-post.js | 58 +++++++++++++++---------------- lib/upload-lib.js | 58 +++++++++++++++---------------- lib/upload-sarif-action-post.js | 58 +++++++++++++++---------------- lib/upload-sarif-action.js | 58 +++++++++++++++---------------- src/setup-codeql.test.ts | 13 +++++++ src/setup-codeql.ts | 28 +++++++++++++++ 12 files changed, 331 insertions(+), 290 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index a9b163bc16..bcc8753eb4 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -25195,8 +25195,8 @@ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; var compare = require_compare(); - var lt = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt; + var lt2 = (a, b, loose) => compare(a, b, loose) < 0; + module2.exports = lt2; } }); @@ -25248,7 +25248,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -25279,7 +25279,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -26033,7 +26033,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -26044,12 +26044,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -26229,12 +26229,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt; + let gt, lt2; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt = lowerLT(lt, c, options); + lt2 = lowerLT(lt2, c, options); } else { eqSet.add(c.semver); } @@ -26243,11 +26243,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt) { - gtltComp = compare(gt.semver, lt.semver, options); + if (gt && lt2) { + gtltComp = compare(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { return null; } } @@ -26255,7 +26255,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt && !satisfies2(eq, String(lt), options)) { + if (lt2 && !satisfies2(eq, String(lt2), options)) { return null; } for (const c of dom) { @@ -26267,9 +26267,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; + let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -26290,29 +26290,29 @@ var require_subset = __commonJS({ return false; } } - if (lt) { + if (lt2) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt, c, options); - if (lower === c && lower !== lt) { + lower = lowerLT(lt2, c, options); + if (lower === c && lower !== lt2) { return false; } - } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { + } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { return false; } } - if (!c.operator && (lt || gt) && gtltComp !== 0) { + if (!c.operator && (lt2 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt && gtltComp !== 0) { + if (gt && hasDomLT && !lt2 && gtltComp !== 0) { return false; } - if (lt && hasDomGT && !gt && gtltComp !== 0) { + if (lt2 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -26362,7 +26362,7 @@ var require_semver2 = __commonJS({ var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -26400,7 +26400,7 @@ var require_semver2 = __commonJS({ sort, rsort, gt, - lt, + lt: lt2, eq, neq, gte: gte5, @@ -30295,8 +30295,8 @@ var require_semver3 = __commonJS({ function gt(a, b, loose) { return compare(a, b, loose) > 0; } - exports2.lt = lt; - function lt(a, b, loose) { + exports2.lt = lt2; + function lt2(a, b, loose) { return compare(a, b, loose) < 0; } exports2.eq = eq; @@ -30341,7 +30341,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -30878,12 +30878,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/analyze-action.js b/lib/analyze-action.js index c2788900b3..6951aaef09 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -31044,8 +31044,8 @@ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var lt = (a, b, loose) => compare2(a, b, loose) < 0; - module2.exports = lt; + var lt2 = (a, b, loose) => compare2(a, b, loose) < 0; + module2.exports = lt2; } }); @@ -31097,7 +31097,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -31128,7 +31128,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -31882,7 +31882,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -31893,12 +31893,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -32078,12 +32078,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt; + let gt, lt2; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt = lowerLT(lt, c, options); + lt2 = lowerLT(lt2, c, options); } else { eqSet.add(c.semver); } @@ -32092,11 +32092,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt) { - gtltComp = compare2(gt.semver, lt.semver, options); + if (gt && lt2) { + gtltComp = compare2(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { return null; } } @@ -32104,7 +32104,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt && !satisfies2(eq, String(lt), options)) { + if (lt2 && !satisfies2(eq, String(lt2), options)) { return null; } for (const c of dom) { @@ -32116,9 +32116,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; + let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -32139,29 +32139,29 @@ var require_subset = __commonJS({ return false; } } - if (lt) { + if (lt2) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt, c, options); - if (lower === c && lower !== lt) { + lower = lowerLT(lt2, c, options); + if (lower === c && lower !== lt2) { return false; } - } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { + } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { return false; } } - if (!c.operator && (lt || gt) && gtltComp !== 0) { + if (!c.operator && (lt2 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt && gtltComp !== 0) { + if (gt && hasDomLT && !lt2 && gtltComp !== 0) { return false; } - if (lt && hasDomGT && !gt && gtltComp !== 0) { + if (lt2 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -32211,7 +32211,7 @@ var require_semver2 = __commonJS({ var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -32249,7 +32249,7 @@ var require_semver2 = __commonJS({ sort, rsort, gt, - lt, + lt: lt2, eq, neq, gte: gte5, @@ -36144,8 +36144,8 @@ var require_semver3 = __commonJS({ function gt(a, b, loose) { return compare2(a, b, loose) > 0; } - exports2.lt = lt; - function lt(a, b, loose) { + exports2.lt = lt2; + function lt2(a, b, loose) { return compare2(a, b, loose) < 0; } exports2.eq = eq; @@ -36190,7 +36190,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -36727,12 +36727,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 4cde47d65b..3f5c705517 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -25195,8 +25195,8 @@ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; var compare = require_compare(); - var lt = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt; + var lt2 = (a, b, loose) => compare(a, b, loose) < 0; + module2.exports = lt2; } }); @@ -25248,7 +25248,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -25279,7 +25279,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -26033,7 +26033,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -26044,12 +26044,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -26229,12 +26229,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt; + let gt, lt2; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt = lowerLT(lt, c, options); + lt2 = lowerLT(lt2, c, options); } else { eqSet.add(c.semver); } @@ -26243,11 +26243,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt) { - gtltComp = compare(gt.semver, lt.semver, options); + if (gt && lt2) { + gtltComp = compare(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { return null; } } @@ -26255,7 +26255,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt && !satisfies2(eq, String(lt), options)) { + if (lt2 && !satisfies2(eq, String(lt2), options)) { return null; } for (const c of dom) { @@ -26267,9 +26267,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; + let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -26290,29 +26290,29 @@ var require_subset = __commonJS({ return false; } } - if (lt) { + if (lt2) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt, c, options); - if (lower === c && lower !== lt) { + lower = lowerLT(lt2, c, options); + if (lower === c && lower !== lt2) { return false; } - } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { + } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { return false; } } - if (!c.operator && (lt || gt) && gtltComp !== 0) { + if (!c.operator && (lt2 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt && gtltComp !== 0) { + if (gt && hasDomLT && !lt2 && gtltComp !== 0) { return false; } - if (lt && hasDomGT && !gt && gtltComp !== 0) { + if (lt2 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -26362,7 +26362,7 @@ var require_semver2 = __commonJS({ var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -26400,7 +26400,7 @@ var require_semver2 = __commonJS({ sort, rsort, gt, - lt, + lt: lt2, eq, neq, gte: gte5, @@ -30295,8 +30295,8 @@ var require_semver3 = __commonJS({ function gt(a, b, loose) { return compare(a, b, loose) > 0; } - exports2.lt = lt; - function lt(a, b, loose) { + exports2.lt = lt2; + function lt2(a, b, loose) { return compare(a, b, loose) < 0; } exports2.eq = eq; @@ -30341,7 +30341,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -30878,12 +30878,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/init-action-post.js b/lib/init-action-post.js index e138420a3e..def7116e42 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -31044,8 +31044,8 @@ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var lt = (a, b, loose) => compare2(a, b, loose) < 0; - module2.exports = lt; + var lt2 = (a, b, loose) => compare2(a, b, loose) < 0; + module2.exports = lt2; } }); @@ -31097,7 +31097,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -31128,7 +31128,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -31882,7 +31882,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -31893,12 +31893,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -32078,12 +32078,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt; + let gt, lt2; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt = lowerLT(lt, c, options); + lt2 = lowerLT(lt2, c, options); } else { eqSet.add(c.semver); } @@ -32092,11 +32092,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt) { - gtltComp = compare2(gt.semver, lt.semver, options); + if (gt && lt2) { + gtltComp = compare2(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { return null; } } @@ -32104,7 +32104,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt && !satisfies2(eq, String(lt), options)) { + if (lt2 && !satisfies2(eq, String(lt2), options)) { return null; } for (const c of dom) { @@ -32116,9 +32116,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; + let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -32139,29 +32139,29 @@ var require_subset = __commonJS({ return false; } } - if (lt) { + if (lt2) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt, c, options); - if (lower === c && lower !== lt) { + lower = lowerLT(lt2, c, options); + if (lower === c && lower !== lt2) { return false; } - } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { + } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { return false; } } - if (!c.operator && (lt || gt) && gtltComp !== 0) { + if (!c.operator && (lt2 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt && gtltComp !== 0) { + if (gt && hasDomLT && !lt2 && gtltComp !== 0) { return false; } - if (lt && hasDomGT && !gt && gtltComp !== 0) { + if (lt2 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -32211,7 +32211,7 @@ var require_semver2 = __commonJS({ var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -32249,7 +32249,7 @@ var require_semver2 = __commonJS({ sort, rsort, gt, - lt, + lt: lt2, eq, neq, gte: gte5, @@ -36144,8 +36144,8 @@ var require_semver3 = __commonJS({ function gt(a, b, loose) { return compare2(a, b, loose) > 0; } - exports2.lt = lt; - function lt(a, b, loose) { + exports2.lt = lt2; + function lt2(a, b, loose) { return compare2(a, b, loose) < 0; } exports2.eq = eq; @@ -36190,7 +36190,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -36727,12 +36727,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/init-action.js b/lib/init-action.js index 2f509ad0ee..42e063aad1 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -20486,8 +20486,8 @@ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; var compare = require_compare(); - var lt2 = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt2; + var lt3 = (a, b, loose) => compare(a, b, loose) < 0; + module2.exports = lt3; } }); @@ -20539,7 +20539,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt2 = require_lt(); + var lt3 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -20570,7 +20570,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt3(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -21324,7 +21324,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt2 = require_lt(); + var lt3 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -21335,12 +21335,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt3; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt3; ltefn = gte5; ltfn = gt; comp = "<"; @@ -21520,12 +21520,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt2; + let gt, lt3; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt2 = lowerLT(lt2, c, options); + lt3 = lowerLT(lt3, c, options); } else { eqSet.add(c.semver); } @@ -21534,11 +21534,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt2) { - gtltComp = compare(gt.semver, lt2.semver, options); + if (gt && lt3) { + gtltComp = compare(gt.semver, lt3.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt3.operator !== "<=")) { return null; } } @@ -21546,7 +21546,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt2 && !satisfies2(eq, String(lt2), options)) { + if (lt3 && !satisfies2(eq, String(lt3), options)) { return null; } for (const c of dom) { @@ -21558,9 +21558,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; + let needDomLTPre = lt3 && !options.includePrerelease && lt3.semver.prerelease.length ? lt3.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt3.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -21581,29 +21581,29 @@ var require_subset = __commonJS({ return false; } } - if (lt2) { + if (lt3) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt2, c, options); - if (lower === c && lower !== lt2) { + lower = lowerLT(lt3, c, options); + if (lower === c && lower !== lt3) { return false; } - } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { + } else if (lt3.operator === "<=" && !satisfies2(lt3.semver, String(c), options)) { return false; } } - if (!c.operator && (lt2 || gt) && gtltComp !== 0) { + if (!c.operator && (lt3 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt2 && gtltComp !== 0) { + if (gt && hasDomLT && !lt3 && gtltComp !== 0) { return false; } - if (lt2 && hasDomGT && !gt && gtltComp !== 0) { + if (lt3 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -21653,7 +21653,7 @@ var require_semver2 = __commonJS({ var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt2 = require_lt(); + var lt3 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -21691,7 +21691,7 @@ var require_semver2 = __commonJS({ sort, rsort, gt, - lt: lt2, + lt: lt3, eq, neq, gte: gte5, @@ -36144,8 +36144,8 @@ var require_semver3 = __commonJS({ function gt(a, b, loose) { return compare(a, b, loose) > 0; } - exports2.lt = lt2; - function lt2(a, b, loose) { + exports2.lt = lt3; + function lt3(a, b, loose) { return compare(a, b, loose) < 0; } exports2.eq = eq; @@ -36190,7 +36190,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt3(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -36727,12 +36727,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt3; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt3; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 67cb394e74..2a9c4102b7 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -25195,8 +25195,8 @@ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; var compare = require_compare(); - var lt = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt; + var lt2 = (a, b, loose) => compare(a, b, loose) < 0; + module2.exports = lt2; } }); @@ -25248,7 +25248,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -25279,7 +25279,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -26033,7 +26033,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -26044,12 +26044,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -26229,12 +26229,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt; + let gt, lt2; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt = lowerLT(lt, c, options); + lt2 = lowerLT(lt2, c, options); } else { eqSet.add(c.semver); } @@ -26243,11 +26243,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt) { - gtltComp = compare(gt.semver, lt.semver, options); + if (gt && lt2) { + gtltComp = compare(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { return null; } } @@ -26255,7 +26255,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt && !satisfies2(eq, String(lt), options)) { + if (lt2 && !satisfies2(eq, String(lt2), options)) { return null; } for (const c of dom) { @@ -26267,9 +26267,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; + let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -26290,29 +26290,29 @@ var require_subset = __commonJS({ return false; } } - if (lt) { + if (lt2) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt, c, options); - if (lower === c && lower !== lt) { + lower = lowerLT(lt2, c, options); + if (lower === c && lower !== lt2) { return false; } - } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { + } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { return false; } } - if (!c.operator && (lt || gt) && gtltComp !== 0) { + if (!c.operator && (lt2 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt && gtltComp !== 0) { + if (gt && hasDomLT && !lt2 && gtltComp !== 0) { return false; } - if (lt && hasDomGT && !gt && gtltComp !== 0) { + if (lt2 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -26362,7 +26362,7 @@ var require_semver2 = __commonJS({ var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -26400,7 +26400,7 @@ var require_semver2 = __commonJS({ sort, rsort, gt, - lt, + lt: lt2, eq, neq, gte: gte5, @@ -30295,8 +30295,8 @@ var require_semver3 = __commonJS({ function gt(a, b, loose) { return compare(a, b, loose) > 0; } - exports2.lt = lt; - function lt(a, b, loose) { + exports2.lt = lt2; + function lt2(a, b, loose) { return compare(a, b, loose) < 0; } exports2.eq = eq; @@ -30341,7 +30341,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -30878,12 +30878,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index a52eadfc51..d9a7163aef 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -25195,8 +25195,8 @@ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; var compare = require_compare(); - var lt = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt; + var lt2 = (a, b, loose) => compare(a, b, loose) < 0; + module2.exports = lt2; } }); @@ -25248,7 +25248,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -25279,7 +25279,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -26033,7 +26033,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -26044,12 +26044,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -26229,12 +26229,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt; + let gt, lt2; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt = lowerLT(lt, c, options); + lt2 = lowerLT(lt2, c, options); } else { eqSet.add(c.semver); } @@ -26243,11 +26243,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt) { - gtltComp = compare(gt.semver, lt.semver, options); + if (gt && lt2) { + gtltComp = compare(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { return null; } } @@ -26255,7 +26255,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt && !satisfies2(eq, String(lt), options)) { + if (lt2 && !satisfies2(eq, String(lt2), options)) { return null; } for (const c of dom) { @@ -26267,9 +26267,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; + let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -26290,29 +26290,29 @@ var require_subset = __commonJS({ return false; } } - if (lt) { + if (lt2) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt, c, options); - if (lower === c && lower !== lt) { + lower = lowerLT(lt2, c, options); + if (lower === c && lower !== lt2) { return false; } - } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { + } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { return false; } } - if (!c.operator && (lt || gt) && gtltComp !== 0) { + if (!c.operator && (lt2 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt && gtltComp !== 0) { + if (gt && hasDomLT && !lt2 && gtltComp !== 0) { return false; } - if (lt && hasDomGT && !gt && gtltComp !== 0) { + if (lt2 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -26362,7 +26362,7 @@ var require_semver2 = __commonJS({ var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -26400,7 +26400,7 @@ var require_semver2 = __commonJS({ sort, rsort, gt, - lt, + lt: lt2, eq, neq, gte: gte5, @@ -30295,8 +30295,8 @@ var require_semver3 = __commonJS({ function gt(a, b, loose) { return compare(a, b, loose) > 0; } - exports2.lt = lt; - function lt(a, b, loose) { + exports2.lt = lt2; + function lt2(a, b, loose) { return compare(a, b, loose) < 0; } exports2.eq = eq; @@ -30341,7 +30341,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -30878,12 +30878,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/upload-lib.js b/lib/upload-lib.js index a6342ff212..63d887a2b3 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -32341,8 +32341,8 @@ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var lt = (a, b, loose) => compare2(a, b, loose) < 0; - module2.exports = lt; + var lt2 = (a, b, loose) => compare2(a, b, loose) < 0; + module2.exports = lt2; } }); @@ -32394,7 +32394,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -32425,7 +32425,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -33179,7 +33179,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -33190,12 +33190,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -33375,12 +33375,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt; + let gt, lt2; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt = lowerLT(lt, c, options); + lt2 = lowerLT(lt2, c, options); } else { eqSet.add(c.semver); } @@ -33389,11 +33389,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt) { - gtltComp = compare2(gt.semver, lt.semver, options); + if (gt && lt2) { + gtltComp = compare2(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { return null; } } @@ -33401,7 +33401,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt && !satisfies2(eq, String(lt), options)) { + if (lt2 && !satisfies2(eq, String(lt2), options)) { return null; } for (const c of dom) { @@ -33413,9 +33413,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; + let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -33436,29 +33436,29 @@ var require_subset = __commonJS({ return false; } } - if (lt) { + if (lt2) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt, c, options); - if (lower === c && lower !== lt) { + lower = lowerLT(lt2, c, options); + if (lower === c && lower !== lt2) { return false; } - } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { + } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { return false; } } - if (!c.operator && (lt || gt) && gtltComp !== 0) { + if (!c.operator && (lt2 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt && gtltComp !== 0) { + if (gt && hasDomLT && !lt2 && gtltComp !== 0) { return false; } - if (lt && hasDomGT && !gt && gtltComp !== 0) { + if (lt2 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -33508,7 +33508,7 @@ var require_semver2 = __commonJS({ var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -33546,7 +33546,7 @@ var require_semver2 = __commonJS({ sort, rsort, gt, - lt, + lt: lt2, eq, neq, gte: gte5, @@ -37441,8 +37441,8 @@ var require_semver3 = __commonJS({ function gt(a, b, loose) { return compare2(a, b, loose) > 0; } - exports2.lt = lt; - function lt(a, b, loose) { + exports2.lt = lt2; + function lt2(a, b, loose) { return compare2(a, b, loose) < 0; } exports2.eq = eq; @@ -37487,7 +37487,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -38024,12 +38024,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 233b73d473..a0dc0ed196 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -25195,8 +25195,8 @@ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; var compare = require_compare(); - var lt = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt; + var lt2 = (a, b, loose) => compare(a, b, loose) < 0; + module2.exports = lt2; } }); @@ -25248,7 +25248,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -25279,7 +25279,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -26033,7 +26033,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -26044,12 +26044,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -26229,12 +26229,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt; + let gt, lt2; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt = lowerLT(lt, c, options); + lt2 = lowerLT(lt2, c, options); } else { eqSet.add(c.semver); } @@ -26243,11 +26243,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt) { - gtltComp = compare(gt.semver, lt.semver, options); + if (gt && lt2) { + gtltComp = compare(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { return null; } } @@ -26255,7 +26255,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt && !satisfies2(eq, String(lt), options)) { + if (lt2 && !satisfies2(eq, String(lt2), options)) { return null; } for (const c of dom) { @@ -26267,9 +26267,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; + let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -26290,29 +26290,29 @@ var require_subset = __commonJS({ return false; } } - if (lt) { + if (lt2) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt, c, options); - if (lower === c && lower !== lt) { + lower = lowerLT(lt2, c, options); + if (lower === c && lower !== lt2) { return false; } - } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { + } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { return false; } } - if (!c.operator && (lt || gt) && gtltComp !== 0) { + if (!c.operator && (lt2 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt && gtltComp !== 0) { + if (gt && hasDomLT && !lt2 && gtltComp !== 0) { return false; } - if (lt && hasDomGT && !gt && gtltComp !== 0) { + if (lt2 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -26362,7 +26362,7 @@ var require_semver2 = __commonJS({ var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -26400,7 +26400,7 @@ var require_semver2 = __commonJS({ sort, rsort, gt, - lt, + lt: lt2, eq, neq, gte: gte5, @@ -108119,8 +108119,8 @@ var require_semver3 = __commonJS({ function gt(a, b, loose) { return compare(a, b, loose) > 0; } - exports2.lt = lt; - function lt(a, b, loose) { + exports2.lt = lt2; + function lt2(a, b, loose) { return compare(a, b, loose) < 0; } exports2.eq = eq; @@ -108165,7 +108165,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -108702,12 +108702,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 7ad72583b5..30ed1a1bd9 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -31044,8 +31044,8 @@ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; var compare2 = require_compare(); - var lt = (a, b, loose) => compare2(a, b, loose) < 0; - module2.exports = lt; + var lt2 = (a, b, loose) => compare2(a, b, loose) < 0; + module2.exports = lt2; } }); @@ -31097,7 +31097,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -31128,7 +31128,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -31882,7 +31882,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -31893,12 +31893,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -32078,12 +32078,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt; + let gt, lt2; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt = lowerLT(lt, c, options); + lt2 = lowerLT(lt2, c, options); } else { eqSet.add(c.semver); } @@ -32092,11 +32092,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt) { - gtltComp = compare2(gt.semver, lt.semver, options); + if (gt && lt2) { + gtltComp = compare2(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { return null; } } @@ -32104,7 +32104,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt && !satisfies2(eq, String(lt), options)) { + if (lt2 && !satisfies2(eq, String(lt2), options)) { return null; } for (const c of dom) { @@ -32116,9 +32116,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; + let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -32139,29 +32139,29 @@ var require_subset = __commonJS({ return false; } } - if (lt) { + if (lt2) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt, c, options); - if (lower === c && lower !== lt) { + lower = lowerLT(lt2, c, options); + if (lower === c && lower !== lt2) { return false; } - } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { + } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { return false; } } - if (!c.operator && (lt || gt) && gtltComp !== 0) { + if (!c.operator && (lt2 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt && gtltComp !== 0) { + if (gt && hasDomLT && !lt2 && gtltComp !== 0) { return false; } - if (lt && hasDomGT && !gt && gtltComp !== 0) { + if (lt2 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -32211,7 +32211,7 @@ var require_semver2 = __commonJS({ var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt = require_lt(); + var lt2 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -32249,7 +32249,7 @@ var require_semver2 = __commonJS({ sort, rsort, gt, - lt, + lt: lt2, eq, neq, gte: gte5, @@ -36144,8 +36144,8 @@ var require_semver3 = __commonJS({ function gt(a, b, loose) { return compare2(a, b, loose) > 0; } - exports2.lt = lt; - function lt(a, b, loose) { + exports2.lt = lt2; + function lt2(a, b, loose) { return compare2(a, b, loose) < 0; } exports2.eq = eq; @@ -36190,7 +36190,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -36727,12 +36727,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/src/setup-codeql.test.ts b/src/setup-codeql.test.ts index 6e4a1dc072..f2f199b7d3 100644 --- a/src/setup-codeql.test.ts +++ b/src/setup-codeql.test.ts @@ -1,5 +1,6 @@ import * as path from "path"; +import * as toolcache from "@actions/tool-cache"; import test from "ava"; import * as sinon from "sinon"; @@ -263,3 +264,15 @@ test('tryGetTagNameFromUrl extracts the right tag name for a repo name containin "codeql-bundle-v2.19.0", ); }); + +test("getLatestToolcacheVersion returns undefined if there are no CodeQL CLIs in the toolcache", (t) => { + sinon.stub(toolcache, "findAllVersions").returns([]); + t.is(setupCodeql.getLatestToolcacheVersion(getRunnerLogger(true)), undefined); +}); + +test("getLatestToolcacheVersion returns latest version in the toolcache", (t) => { + const testVersions = ["2.3.1", "3.2.1", "1.2.3"]; + sinon.stub(toolcache, "findAllVersions").returns(testVersions); + + t.is(setupCodeql.getLatestToolcacheVersion(getRunnerLogger(true)), "3.2.1"); +}); diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index 127bb1b930..4f5db88f3f 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -816,6 +816,34 @@ async function getNightlyToolsUrl(logger: Logger) { } } +/** + * Gets the latest version of the CodeQL CLI that is available in the toolcache, or `undefined` + * if no CodeQL CLI is available in the toolcache. + * + * @param logger The logger to use. + * @returns The latest version of the CodeQL CLI that is available in the toolcache, or `undefined` if there is none. + */ +export function getLatestToolcacheVersion(logger: Logger): string | undefined { + const allVersions = toolcache + .findAllVersions("CodeQL") + .sort((a, b) => (semver.lt(a, b) ? 1 : -1)); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions, + )}.`, + ); + + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`, + ); + return latestToolcacheVersion; + } + + return undefined; +} + function isReservedToolsValue(tools: string): boolean { return ( CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || From 425ef8559525de0beae442f8231cc3d3425cef08 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 3 Oct 2025 15:40:33 +0100 Subject: [PATCH 02/59] Support requesting CLI from toolcache with `tools: toolcache` --- init/action.yml | 2 + lib/analyze-action.js | 33 +++++++++++- lib/init-action-post.js | 33 +++++++++++- lib/init-action.js | 33 +++++++++++- lib/upload-lib.js | 33 +++++++++++- lib/upload-sarif-action.js | 33 +++++++++++- src/setup-codeql.test.ts | 107 +++++++++++++++++++++++++++++++++++++ src/setup-codeql.ts | 25 ++++++++- 8 files changed, 293 insertions(+), 6 deletions(-) diff --git a/init/action.yml b/init/action.yml index ba5d6efcc1..5b2baaeca9 100644 --- a/init/action.yml +++ b/init/action.yml @@ -15,6 +15,8 @@ inputs: - A special value `nightly` which uses the latest nightly version of the CodeQL tools. Note that this is unstable and not recommended for production use. + - A special value `toolcache` which uses the latest version available in the + toolcache on the runner. If not specified, the Action will check in several places until it finds the CodeQL tools. diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 6951aaef09..d0486873fa 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -92111,6 +92111,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"]; var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +var CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension(compressionMethod) { switch (compressionMethod) { case "gzip": @@ -92289,6 +92290,20 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required." ); } + } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` + ); + const latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } else { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + cliVersion2 = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); url2 = toolsInput; @@ -92595,8 +92610,24 @@ async function getNightlyToolsUrl(logger) { ); } } +function getLatestToolcacheVersion(logger) { + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.lt(a, b) ? 1 : -1); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions + )}.` + ); + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.` + ); + return latestToolcacheVersion; + } + return void 0; +} function isReservedToolsValue(tools) { - return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools); + return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT; } // src/tracer-config.ts diff --git a/lib/init-action-post.js b/lib/init-action-post.js index def7116e42..c905b89bc5 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -130093,6 +130093,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"]; var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +var CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension(compressionMethod) { switch (compressionMethod) { case "gzip": @@ -130271,6 +130272,20 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required." ); } + } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` + ); + const latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } else { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + cliVersion2 = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); url2 = toolsInput; @@ -130577,8 +130592,24 @@ async function getNightlyToolsUrl(logger) { ); } } +function getLatestToolcacheVersion(logger) { + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.lt(a, b) ? 1 : -1); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions + )}.` + ); + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.` + ); + return latestToolcacheVersion; + } + return void 0; +} function isReservedToolsValue(tools) { - return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools); + return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT; } // src/tracer-config.ts diff --git a/lib/init-action.js b/lib/init-action.js index 42e063aad1..32512e9df2 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -88886,6 +88886,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"]; var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +var CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension(compressionMethod) { switch (compressionMethod) { case "gzip": @@ -89064,6 +89065,20 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required." ); } + } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` + ); + const latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } else { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + cliVersion2 = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); url = toolsInput; @@ -89370,8 +89385,24 @@ async function getNightlyToolsUrl(logger) { ); } } +function getLatestToolcacheVersion(logger) { + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.lt(a, b) ? 1 : -1); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions + )}.` + ); + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.` + ); + return latestToolcacheVersion; + } + return void 0; +} function isReservedToolsValue(tools) { - return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools); + return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT; } // src/tracer-config.ts diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 63d887a2b3..e0cbdcbb59 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -89927,6 +89927,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"]; var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +var CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension(compressionMethod) { switch (compressionMethod) { case "gzip": @@ -90105,6 +90106,20 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required." ); } + } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` + ); + const latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } else { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + cliVersion2 = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); url2 = toolsInput; @@ -90411,8 +90426,24 @@ async function getNightlyToolsUrl(logger) { ); } } +function getLatestToolcacheVersion(logger) { + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.lt(a, b) ? 1 : -1); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions + )}.` + ); + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.` + ); + return latestToolcacheVersion; + } + return void 0; +} function isReservedToolsValue(tools) { - return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools); + return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT; } // src/tracer-config.ts diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 30ed1a1bd9..d8ec6eabe2 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -90599,6 +90599,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"]; var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +var CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension(compressionMethod) { switch (compressionMethod) { case "gzip": @@ -90777,6 +90778,20 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required." ); } + } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` + ); + const latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } else { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + cliVersion2 = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); url2 = toolsInput; @@ -91083,8 +91098,24 @@ async function getNightlyToolsUrl(logger) { ); } } +function getLatestToolcacheVersion(logger) { + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.lt(a, b) ? 1 : -1); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions + )}.` + ); + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.` + ); + return latestToolcacheVersion; + } + return void 0; +} function isReservedToolsValue(tools) { - return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools); + return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT; } // src/tracer-config.ts diff --git a/src/setup-codeql.test.ts b/src/setup-codeql.test.ts index f2f199b7d3..f2bb7efb4c 100644 --- a/src/setup-codeql.test.ts +++ b/src/setup-codeql.test.ts @@ -255,6 +255,113 @@ test("setupCodeQLBundle logs the CodeQL CLI version being used when asked to dow }); }); +test("getCodeQLSource correctly returns latest version from toolcache when tools == toolcache", async (t) => { + const loggedMessages: LoggedMessage[] = []; + const logger = getRecordingLogger(loggedMessages); + + const latestToolcacheVersion = "3.2.1"; + const latestVersionPath = "/path/to/latest"; + const testVersions = ["2.3.1", latestToolcacheVersion, "1.2.3"]; + const findAllVersionsStub = sinon + .stub(toolcache, "findAllVersions") + .returns(testVersions); + const findStub = sinon.stub(toolcache, "find"); + findStub + .withArgs("CodeQL", latestToolcacheVersion) + .returns(latestVersionPath); + + await withTmpDir(async (tmpDir) => { + setupActionsVars(tmpDir, tmpDir); + const source = await setupCodeql.getCodeQLSource( + "toolcache", + SAMPLE_DEFAULT_CLI_VERSION, + SAMPLE_DOTCOM_API_DETAILS, + GitHubVariant.DOTCOM, + false, + logger, + ); + + // Check that the toolcache functions were called with the expected arguments + t.assert( + findAllVersionsStub.calledOnceWith("CodeQL"), + `toolcache.findAllVersions("CodeQL") wasn't called`, + ); + t.assert( + findStub.calledOnceWith("CodeQL", latestToolcacheVersion), + `toolcache.find("CodeQL", ${latestToolcacheVersion}) wasn't called`, + ); + + // Check that `sourceType` and `toolsVersion` match expectations. + t.is(source.sourceType, "toolcache"); + t.is(source.toolsVersion, latestToolcacheVersion); + + // Check that key messages we would expect to find in the log are present. + const expectedMessages: string[] = [ + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: toolcache'.`, + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`, + `Using CodeQL CLI version ${latestToolcacheVersion} from toolcache at ${latestVersionPath}`, + ]; + for (const expectedMessage of expectedMessages) { + t.assert( + loggedMessages.some( + (msg) => + typeof msg.message === "string" && + msg.message.includes(expectedMessage), + ), + `Expected '${expectedMessage}' in the logger output, but didn't find it.`, + ); + } + }); +}); + +test("getCodeQLSource falls back to downloading the CLI if the toolcache doesn't have a CodeQL CLI when tools == toolcache", async (t) => { + const loggedMessages: LoggedMessage[] = []; + const logger = getRecordingLogger(loggedMessages); + + const testVersions = []; + const findAllVersionsStub = sinon + .stub(toolcache, "findAllVersions") + .returns(testVersions); + + await withTmpDir(async (tmpDir) => { + setupActionsVars(tmpDir, tmpDir); + const source = await setupCodeql.getCodeQLSource( + "toolcache", + SAMPLE_DEFAULT_CLI_VERSION, + SAMPLE_DOTCOM_API_DETAILS, + GitHubVariant.DOTCOM, + false, + logger, + ); + + // Check that the toolcache functions were called with the expected arguments + t.assert( + findAllVersionsStub.calledWith("CodeQL"), + `toolcache.findAllVersions("CodeQL") wasn't called`, + ); + + // Check that `sourceType` and `toolsVersion` match expectations. + t.is(source.sourceType, "download"); + t.is(source.toolsVersion, SAMPLE_DEFAULT_CLI_VERSION.cliVersion); + + // Check that key messages we would expect to find in the log are present. + const expectedMessages: string[] = [ + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: toolcache'.`, + `Found no CodeQL CLI in the toolcache, ignoring 'tools: toolcache'...`, + ]; + for (const expectedMessage of expectedMessages) { + t.assert( + loggedMessages.some( + (msg) => + typeof msg.message === "string" && + msg.message.includes(expectedMessage), + ), + `Expected '${expectedMessage}' in the logger output, but didn't find it.`, + ); + } + }); +}); + test('tryGetTagNameFromUrl extracts the right tag name for a repo name containing "codeql-bundle"', (t) => { t.is( setupCodeql.tryGetTagNameFromUrl( diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index 4f5db88f3f..5ae0c5fa35 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -38,6 +38,7 @@ const CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; const CODEQL_BUNDLE_VERSION_ALIAS: string[] = ["linked", "latest"]; const CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +const CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension( compressionMethod: tar.CompressionMethod, @@ -346,6 +347,27 @@ export async function getCodeQLSource( "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required.", ); } + } else if ( + toolsInput !== undefined && + toolsInput === CODEQL_TOOLCACHE_INPUT + ) { + // If `toolsInput === "toolcache"`, try to find the latest version of the CLI that's available in the toolcache + // and use that. We perform this check here since we can set `cliVersion` directly and don't want to default to + // the linked version. + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`, + ); + + const latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion = latestToolcacheVersion; + } else { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`, + ); + cliVersion = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== undefined) { // If a tools URL was provided, then use that. tagName = tryGetTagNameFromUrl(toolsInput, logger); @@ -847,6 +869,7 @@ export function getLatestToolcacheVersion(logger: Logger): string | undefined { function isReservedToolsValue(tools: string): boolean { return ( CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || - CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) + CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || + tools === CODEQL_TOOLCACHE_INPUT ); } From 7d468c931cabb064c8d5c0eeed3f5c30af4e6e89 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 3 Oct 2025 15:48:04 +0100 Subject: [PATCH 03/59] Accept `toolcache` as `version` value for `prepare-test` --- .github/actions/prepare-test/action.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/actions/prepare-test/action.yml b/.github/actions/prepare-test/action.yml index ecabaa69f3..5e2b5028f7 100644 --- a/.github/actions/prepare-test/action.yml +++ b/.github/actions/prepare-test/action.yml @@ -2,7 +2,7 @@ name: "Prepare test" description: Performs some preparation to run tests inputs: version: - description: "The version of the CodeQL CLI to use. Can be 'linked', 'default', 'nightly', 'nightly-latest', 'nightly-YYYYMMDD', or 'stable-vX.Y.Z" + description: "The version of the CodeQL CLI to use. Can be 'linked', 'default', 'toolcache', 'nightly', 'nightly-latest', 'nightly-YYYYMMDD', or 'stable-vX.Y.Z" required: true use-all-platform-bundle: description: "If true, we output a tools URL with codeql-bundle.tar.gz file rather than platform-specific URL" @@ -41,6 +41,9 @@ runs: elif [[ "$VERSION" == "linked" ]]; then echo "tools-url=linked" >> "$GITHUB_OUTPUT" exit 0 + elif [[ "$VERSION" == "toolcache" ]]; then + echo "tools-url=toolcache" >> "$GITHUB_OUTPUT" + exit 0 elif [[ "$VERSION" == "default" ]]; then echo "tools-url=" >> "$GITHUB_OUTPUT" exit 0 From 13a3a6890f9c7464d5a7e0afe6df24f317d8a4b0 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 3 Oct 2025 15:49:29 +0100 Subject: [PATCH 04/59] Add basic PR check for `tools: toolcache` --- .github/workflows/__bundle-from-toolcache.yml | 86 +++++++++++++++++++ pr-checks/checks/bundle-from-toolcache.yml | 32 +++++++ 2 files changed, 118 insertions(+) create mode 100644 .github/workflows/__bundle-from-toolcache.yml create mode 100644 pr-checks/checks/bundle-from-toolcache.yml diff --git a/.github/workflows/__bundle-from-toolcache.yml b/.github/workflows/__bundle-from-toolcache.yml new file mode 100644 index 0000000000..c8957ac58e --- /dev/null +++ b/.github/workflows/__bundle-from-toolcache.yml @@ -0,0 +1,86 @@ +# Warning: This file is generated automatically, and should not be modified. +# Instead, please modify the template in the pr-checks directory and run: +# pr-checks/sync.sh +# to regenerate this file. + +name: 'PR Check - Bundle: From toolcache' +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GO111MODULE: auto +on: + push: + branches: + - main + - releases/v* + pull_request: + types: + - opened + - synchronize + - reopened + - ready_for_review + schedule: + - cron: '0 5 * * *' + workflow_dispatch: + inputs: {} + workflow_call: + inputs: {} +defaults: + run: + shell: bash +concurrency: + cancel-in-progress: ${{ github.event_name == 'pull_request' }} + group: ${{ github.workflow }}-${{ github.ref }} +jobs: + bundle-from-toolcache: + strategy: + fail-fast: false + matrix: + include: + - os: ubuntu-latest + version: toolcache + name: 'Bundle: From toolcache' + if: github.triggering_actor != 'dependabot[bot]' + permissions: + contents: read + security-events: read + timeout-minutes: 45 + runs-on: ${{ matrix.os }} + steps: + - name: Check out repository + uses: actions/checkout@v5 + - name: Prepare test + id: prepare-test + uses: ./.github/actions/prepare-test + with: + version: ${{ matrix.version }} + use-all-platform-bundle: 'false' + setup-kotlin: 'true' + - name: Install @actions/tool-cache + run: npm install @actions/tool-cache + - name: Check toolcache contains CodeQL + continue-on-error: true + uses: actions/github-script@v8 + with: + script: | + const toolcache = require('@actions/tool-cache'); + const allCodeqlVersions = toolcache.findAllVersions('CodeQL'); + if (allCodeqlVersions.length === 0) { + throw new Error(`CodeQL could not be found in the toolcache`); + } + - id: init + uses: ./../action/init + with: + languages: javascript + tools: ${{ steps.prepare-test.outputs.tools-url }} + - name: Check CodeQL is installed within the toolcache + uses: actions/github-script@v8 + with: + script: | + const toolcache = require('@actions/tool-cache'); + const allCodeqlVersions = toolcache.findAllVersions('CodeQL'); + console.log(`Found CodeQL versions: ${allCodeqlVersions}`); + if (allCodeqlVersions.length === 0) { + throw new Error('CodeQL not found in toolcache'); + } + env: + CODEQL_ACTION_TEST_MODE: true diff --git a/pr-checks/checks/bundle-from-toolcache.yml b/pr-checks/checks/bundle-from-toolcache.yml new file mode 100644 index 0000000000..5a53ec12d9 --- /dev/null +++ b/pr-checks/checks/bundle-from-toolcache.yml @@ -0,0 +1,32 @@ +name: "Bundle: From toolcache" +description: "The CodeQL bundle should be cached within the toolcache" +versions: + - toolcache +steps: + - name: Install @actions/tool-cache + run: npm install @actions/tool-cache + - name: Check toolcache contains CodeQL + continue-on-error: true + uses: actions/github-script@v8 + with: + script: | + const toolcache = require('@actions/tool-cache'); + const allCodeqlVersions = toolcache.findAllVersions('CodeQL'); + if (allCodeqlVersions.length === 0) { + throw new Error(`CodeQL could not be found in the toolcache`); + } + - id: init + uses: ./../action/init + with: + languages: javascript + tools: ${{ steps.prepare-test.outputs.tools-url }} + - name: Check CodeQL is installed within the toolcache + uses: actions/github-script@v8 + with: + script: | + const toolcache = require('@actions/tool-cache'); + const allCodeqlVersions = toolcache.findAllVersions('CodeQL'); + console.log(`Found CodeQL versions: ${allCodeqlVersions}`); + if (allCodeqlVersions.length === 0) { + throw new Error('CodeQL not found in toolcache'); + } From dd9e24a8a4b011052881abacca601159aee4b649 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 3 Oct 2025 16:27:36 +0100 Subject: [PATCH 05/59] Add more questions to the PR template --- .github/pull_request_template.md | 49 +++++++++++++++++++++++++++++++- 1 file changed, 48 insertions(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 96e7f52f63..3b632d8f37 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,4 +1,13 @@ - + ### Risk assessment @@ -7,6 +16,44 @@ For internal use only. Please select the risk level of this change: - **Low risk:** Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only. - **High risk:** Changes are not fully under feature flags, have limited visibility and/or cannot be tested outside of production. +#### Which use cases does this change impact? + + + +- **Advanced setup** - Impacts users who have custom workflows. +- **Default setup** - Impacts users who use default setup. +- **Code Scanning** - Impacts Code Scanning (i.e. `analysis-kinds: code-scanning`). +- **Code Quality** - Impacts Code Quality (i.e. `analysis-kinds: code-quality`). +- **Third-party analyses** - Impacts third-party analyses (i.e. `upload-sarif`). +- **GHES** - Impacts GitHub Enterprise Server. + +#### How did/will you validate this change? + + + +- **Test repository** - This change will be tested on a test repository before merging. +- **Unit tests** - I am depending on unit test coverage (i.e. tests in `.test.ts` files). +- **End-to-end tests** - I am depending on PR checks (i.e. tests in `pr-checks`). +- **Other** - Please provide details. +- **None** - I am not validating these changes. + +#### If something goes wrong after this change is released, what are the mitigation and rollback strategies? + + + +- **Feature flags** - All new or changed code paths can be fully disabled with corresponding feature flags. +- **Rollback** - Change can only be disabled by rolling back the release or releasing a new version with a fix. +- **Other** - Please provide details. + +#### How will you know if something goes wrong after this change is released? + + + +- **Telemetry** - I rely on existing telemetry or have made changes to the telemetry. + - **Dashboards** - I will watch relevant dashboards for issues after the release. Consider whether this requires this change to be released at a particular time rather than as part of a regular release. + - **Alerts** - New or existing monitors will trip if something goes wrong with this change. +- **Other** - Please provide details. + ### Merge / deployment checklist - Confirm this change is backwards compatible with existing workflows. From 4d0c164f60f6d3a2e757c80c66857d687506d062 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 12:53:17 +0100 Subject: [PATCH 06/59] Remove `toolcache` option description from `action.yml` --- init/action.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/init/action.yml b/init/action.yml index 5b2baaeca9..ba5d6efcc1 100644 --- a/init/action.yml +++ b/init/action.yml @@ -15,8 +15,6 @@ inputs: - A special value `nightly` which uses the latest nightly version of the CodeQL tools. Note that this is unstable and not recommended for production use. - - A special value `toolcache` which uses the latest version available in the - toolcache on the runner. If not specified, the Action will check in several places until it finds the CodeQL tools. From 43ce7ef39920f9ecce40b7b9aecf0224e866e584 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 12:55:54 +0100 Subject: [PATCH 07/59] Add `isDynamicWorkflow` function --- lib/analyze-action.js | 5 ++++- lib/init-action-post.js | 5 ++++- lib/init-action.js | 5 ++++- lib/upload-lib.js | 5 ++++- lib/upload-sarif-action.js | 5 ++++- src/actions-util.ts | 7 ++++++- 6 files changed, 26 insertions(+), 6 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index d0486873fa..963cd9366a 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -90039,9 +90039,12 @@ function getWorkflowRunAttempt() { function isSelfHostedRunner() { return process.env.RUNNER_ENVIRONMENT === "self-hosted"; } -function isDefaultSetup() { +function isDynamicWorkflow() { return getWorkflowEventName() === "dynamic"; } +function isDefaultSetup() { + return isDynamicWorkflow(); +} function prettyPrintInvocation(cmd, args) { return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" "); } diff --git a/lib/init-action-post.js b/lib/init-action-post.js index c905b89bc5..73e221ccb2 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -128337,9 +128337,12 @@ function getWorkflowRunAttempt() { function isSelfHostedRunner() { return process.env.RUNNER_ENVIRONMENT === "self-hosted"; } -function isDefaultSetup() { +function isDynamicWorkflow() { return getWorkflowEventName() === "dynamic"; } +function isDefaultSetup() { + return isDynamicWorkflow(); +} function prettyPrintInvocation(cmd, args) { return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" "); } diff --git a/lib/init-action.js b/lib/init-action.js index 32512e9df2..e3a96d0a75 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -85943,9 +85943,12 @@ var getFileType = async (filePath) => { function isSelfHostedRunner() { return process.env.RUNNER_ENVIRONMENT === "self-hosted"; } -function isDefaultSetup() { +function isDynamicWorkflow() { return getWorkflowEventName() === "dynamic"; } +function isDefaultSetup() { + return isDynamicWorkflow(); +} function prettyPrintInvocation(cmd, args) { return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" "); } diff --git a/lib/upload-lib.js b/lib/upload-lib.js index e0cbdcbb59..030568f01c 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -88474,9 +88474,12 @@ function getWorkflowRunAttempt() { } return workflowRunAttempt; } -function isDefaultSetup() { +function isDynamicWorkflow() { return getWorkflowEventName() === "dynamic"; } +function isDefaultSetup() { + return isDynamicWorkflow(); +} function prettyPrintInvocation(cmd, args) { return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" "); } diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index d8ec6eabe2..b58f1689e0 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -88671,9 +88671,12 @@ function getWorkflowRunAttempt() { function isSelfHostedRunner() { return process.env.RUNNER_ENVIRONMENT === "self-hosted"; } -function isDefaultSetup() { +function isDynamicWorkflow() { return getWorkflowEventName() === "dynamic"; } +function isDefaultSetup() { + return isDynamicWorkflow(); +} function prettyPrintInvocation(cmd, args) { return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" "); } diff --git a/src/actions-util.ts b/src/actions-util.ts index 8058e5772d..a2d691b42d 100644 --- a/src/actions-util.ts +++ b/src/actions-util.ts @@ -247,9 +247,14 @@ export function isSelfHostedRunner() { return process.env.RUNNER_ENVIRONMENT === "self-hosted"; } +/** Determines whether the workflow trigger is `dynamic`. */ +export function isDynamicWorkflow(): boolean { + return getWorkflowEventName() === "dynamic"; +} + /** Determines whether we are running in default setup. */ export function isDefaultSetup(): boolean { - return getWorkflowEventName() === "dynamic"; + return isDynamicWorkflow(); } export function prettyPrintInvocation(cmd: string, args: string[]): string { From 1cc5eb663691cdc33687fa343c35ef7b22d1e723 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 12:58:00 +0100 Subject: [PATCH 08/59] Use `semver.compare` instead of `semver.lt` --- lib/analyze-action-post.js | 138 ++++++++++++++-------------- lib/analyze-action.js | 134 +++++++++++++-------------- lib/autobuild-action.js | 126 +++++++++++++------------- lib/init-action-post.js | 146 +++++++++++++++--------------- lib/init-action.js | 132 +++++++++++++-------------- lib/resolve-environment-action.js | 126 +++++++++++++------------- lib/start-proxy-action-post.js | 138 ++++++++++++++-------------- lib/upload-lib.js | 134 +++++++++++++-------------- lib/upload-sarif-action-post.js | 138 ++++++++++++++-------------- lib/upload-sarif-action.js | 134 +++++++++++++-------------- src/setup-codeql.ts | 2 +- 11 files changed, 674 insertions(+), 674 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index bcc8753eb4..955d69185e 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -25121,8 +25121,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -25130,8 +25130,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -25194,9 +25194,9 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt2 = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt2; + var compare2 = require_compare(); + var lt = (a, b, loose) => compare2(a, b, loose) < 0; + module2.exports = lt; } }); @@ -25204,8 +25204,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -25214,8 +25214,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -25224,8 +25224,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -25234,8 +25234,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -25248,7 +25248,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -25279,7 +25279,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -26033,7 +26033,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -26044,12 +26044,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -26184,7 +26184,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -26229,12 +26229,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt2; + let gt, lt; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt2 = lowerLT(lt2, c, options); + lt = lowerLT(lt, c, options); } else { eqSet.add(c.semver); } @@ -26243,11 +26243,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt2) { - gtltComp = compare(gt.semver, lt2.semver, options); + if (gt && lt) { + gtltComp = compare2(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { return null; } } @@ -26255,7 +26255,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt2 && !satisfies2(eq, String(lt2), options)) { + if (lt && !satisfies2(eq, String(lt), options)) { return null; } for (const c of dom) { @@ -26267,9 +26267,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; + let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -26290,29 +26290,29 @@ var require_subset = __commonJS({ return false; } } - if (lt2) { + if (lt) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt2, c, options); - if (lower === c && lower !== lt2) { + lower = lowerLT(lt, c, options); + if (lower === c && lower !== lt) { return false; } - } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { + } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { return false; } } - if (!c.operator && (lt2 || gt) && gtltComp !== 0) { + if (!c.operator && (lt || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt2 && gtltComp !== 0) { + if (gt && hasDomLT && !lt && gtltComp !== 0) { return false; } - if (lt2 && hasDomGT && !gt && gtltComp !== 0) { + if (lt && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -26324,14 +26324,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -26355,14 +26355,14 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -26393,14 +26393,14 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, sort, rsort, gt, - lt: lt2, + lt, eq, neq, gte: gte5, @@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } - exports2.lt = lt2; - function lt2(a, b, loose) { - return compare(a, b, loose) < 0; + exports2.lt = lt; + function lt(a, b, loose) { + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -30341,7 +30341,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -30878,12 +30878,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -95823,8 +95823,8 @@ var require_commonjs16 = __commonJS({ if (rootPath === this.root.name) { return this.root; } - for (const [compare, root] of Object.entries(this.roots)) { - if (this.sameRoot(rootPath, compare)) { + for (const [compare2, root] of Object.entries(this.roots)) { + if (this.sameRoot(rootPath, compare2)) { return this.roots[rootPath] = root; } } @@ -95833,9 +95833,9 @@ var require_commonjs16 = __commonJS({ /** * @internal */ - sameRoot(rootPath, compare = this.root.name) { + sameRoot(rootPath, compare2 = this.root.name) { rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\"); - return rootPath === compare; + return rootPath === compare2; } }; exports2.PathWin32 = PathWin32; @@ -99854,7 +99854,7 @@ var require_b4a = __commonJS({ function byteLength(string, encoding) { return Buffer.byteLength(string, encoding); } - function compare(a, b) { + function compare2(a, b) { return Buffer.compare(a, b); } function concat(buffers, totalLength) { @@ -99955,7 +99955,7 @@ var require_b4a = __commonJS({ allocUnsafe, allocUnsafeSlow, byteLength, - compare, + compare: compare2, concat, copy, equals, diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 963cd9366a..77db2a754d 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -25039,7 +25039,7 @@ var require_to_regex_range = __commonJS({ stop = countZeros(max + 1, zeros) - 1; } stops = [...stops]; - stops.sort(compare2); + stops.sort(compare3); return stops; } function rangeToPattern(start, stop, options) { @@ -25111,7 +25111,7 @@ var require_to_regex_range = __commonJS({ for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]); return arr; } - function compare2(a, b) { + function compare3(a, b) { return a > b ? 1 : b > a ? -1 : 0; } function contains(arr, key, val2) { @@ -30970,8 +30970,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare2; + var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare3; } }); @@ -30979,8 +30979,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); + var compare3 = require_compare(); + var rcompare = (a, b, loose) => compare3(b, a, loose); module2.exports = rcompare; } }); @@ -30989,8 +30989,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var compareLoose = (a, b) => compare2(a, b, true); + var compare3 = require_compare(); + var compareLoose = (a, b) => compare3(a, b, true); module2.exports = compareLoose; } }); @@ -31033,8 +31033,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gt = (a, b, loose) => compare2(a, b, loose) > 0; + var compare3 = require_compare(); + var gt = (a, b, loose) => compare3(a, b, loose) > 0; module2.exports = gt; } }); @@ -31043,9 +31043,9 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lt2 = (a, b, loose) => compare2(a, b, loose) < 0; - module2.exports = lt2; + var compare3 = require_compare(); + var lt = (a, b, loose) => compare3(a, b, loose) < 0; + module2.exports = lt; } }); @@ -31053,8 +31053,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var eq = (a, b, loose) => compare2(a, b, loose) === 0; + var compare3 = require_compare(); + var eq = (a, b, loose) => compare3(a, b, loose) === 0; module2.exports = eq; } }); @@ -31063,8 +31063,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var neq = (a, b, loose) => compare2(a, b, loose) !== 0; + var compare3 = require_compare(); + var neq = (a, b, loose) => compare3(a, b, loose) !== 0; module2.exports = neq; } }); @@ -31073,8 +31073,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; + var compare3 = require_compare(); + var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -31083,8 +31083,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lte = (a, b, loose) => compare2(a, b, loose) <= 0; + var compare3 = require_compare(); + var lte = (a, b, loose) => compare3(a, b, loose) <= 0; module2.exports = lte; } }); @@ -31097,7 +31097,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -31128,7 +31128,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -31882,7 +31882,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -31893,12 +31893,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -31980,12 +31980,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare2(a, b, options)); + const v = versions.sort((a, b) => compare3(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -32033,7 +32033,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -32078,12 +32078,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt2; + let gt, lt; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt2 = lowerLT(lt2, c, options); + lt = lowerLT(lt, c, options); } else { eqSet.add(c.semver); } @@ -32092,11 +32092,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt2) { - gtltComp = compare2(gt.semver, lt2.semver, options); + if (gt && lt) { + gtltComp = compare3(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { return null; } } @@ -32104,7 +32104,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt2 && !satisfies2(eq, String(lt2), options)) { + if (lt && !satisfies2(eq, String(lt), options)) { return null; } for (const c of dom) { @@ -32116,9 +32116,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; + let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -32139,29 +32139,29 @@ var require_subset = __commonJS({ return false; } } - if (lt2) { + if (lt) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt2, c, options); - if (lower === c && lower !== lt2) { + lower = lowerLT(lt, c, options); + if (lower === c && lower !== lt) { return false; } - } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { + } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { return false; } } - if (!c.operator && (lt2 || gt) && gtltComp !== 0) { + if (!c.operator && (lt || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt2 && gtltComp !== 0) { + if (gt && hasDomLT && !lt && gtltComp !== 0) { return false; } - if (lt2 && hasDomGT && !gt && gtltComp !== 0) { + if (lt && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -32173,14 +32173,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -32204,14 +32204,14 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare2 = require_compare(); + var compare3 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -32242,14 +32242,14 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare: compare2, + compare: compare3, rcompare, compareLoose, compareBuild, sort, rsort, gt, - lt: lt2, + lt, eq, neq, gte: gte5, @@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare2; - function compare2(a, b, loose) { + exports2.compare = compare3; + function compare3(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare2(a, b, true); + return compare3(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare2(b, a, loose); + return compare3(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare2(a, b, loose) > 0; + return compare3(a, b, loose) > 0; } - exports2.lt = lt2; - function lt2(a, b, loose) { - return compare2(a, b, loose) < 0; + exports2.lt = lt; + function lt(a, b, loose) { + return compare3(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare2(a, b, loose) === 0; + return compare3(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare2(a, b, loose) !== 0; + return compare3(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare2(a, b, loose) >= 0; + return compare3(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare2(a, b, loose) <= 0; + return compare3(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -36190,7 +36190,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -36727,12 +36727,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -92614,7 +92614,7 @@ async function getNightlyToolsUrl(logger) { } } function getLatestToolcacheVersion(logger) { - const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.lt(a, b) ? 1 : -1); + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a)); logger.debug( `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( allVersions @@ -94798,7 +94798,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) { }; LongPrototype.gte = LongPrototype.greaterThanOrEqual; LongPrototype.ge = LongPrototype.greaterThanOrEqual; -LongPrototype.compare = function compare(other) { +LongPrototype.compare = function compare2(other) { if (!isLong(other)) other = fromValue(other); if (this.eq(other)) return 0; var thisNeg = this.isNegative(), otherNeg = other.isNegative(); diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 3f5c705517..74dee6cb82 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -25121,8 +25121,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -25130,8 +25130,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -25194,9 +25194,9 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt2 = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt2; + var compare2 = require_compare(); + var lt = (a, b, loose) => compare2(a, b, loose) < 0; + module2.exports = lt; } }); @@ -25204,8 +25204,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -25214,8 +25214,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -25224,8 +25224,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -25234,8 +25234,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -25248,7 +25248,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -25279,7 +25279,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -26033,7 +26033,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -26044,12 +26044,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -26184,7 +26184,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -26229,12 +26229,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt2; + let gt, lt; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt2 = lowerLT(lt2, c, options); + lt = lowerLT(lt, c, options); } else { eqSet.add(c.semver); } @@ -26243,11 +26243,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt2) { - gtltComp = compare(gt.semver, lt2.semver, options); + if (gt && lt) { + gtltComp = compare2(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { return null; } } @@ -26255,7 +26255,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt2 && !satisfies2(eq, String(lt2), options)) { + if (lt && !satisfies2(eq, String(lt), options)) { return null; } for (const c of dom) { @@ -26267,9 +26267,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; + let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -26290,29 +26290,29 @@ var require_subset = __commonJS({ return false; } } - if (lt2) { + if (lt) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt2, c, options); - if (lower === c && lower !== lt2) { + lower = lowerLT(lt, c, options); + if (lower === c && lower !== lt) { return false; } - } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { + } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { return false; } } - if (!c.operator && (lt2 || gt) && gtltComp !== 0) { + if (!c.operator && (lt || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt2 && gtltComp !== 0) { + if (gt && hasDomLT && !lt && gtltComp !== 0) { return false; } - if (lt2 && hasDomGT && !gt && gtltComp !== 0) { + if (lt && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -26324,14 +26324,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -26355,14 +26355,14 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -26393,14 +26393,14 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, sort, rsort, gt, - lt: lt2, + lt, eq, neq, gte: gte5, @@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } - exports2.lt = lt2; - function lt2(a, b, loose) { - return compare(a, b, loose) < 0; + exports2.lt = lt; + function lt(a, b, loose) { + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -30341,7 +30341,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -30878,12 +30878,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 73e221ccb2..d2b206bdfa 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -25039,7 +25039,7 @@ var require_to_regex_range = __commonJS({ stop = countZeros(max + 1, zeros) - 1; } stops = [...stops]; - stops.sort(compare2); + stops.sort(compare3); return stops; } function rangeToPattern(start, stop, options) { @@ -25111,7 +25111,7 @@ var require_to_regex_range = __commonJS({ for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]); return arr; } - function compare2(a, b) { + function compare3(a, b) { return a > b ? 1 : b > a ? -1 : 0; } function contains(arr, key, val2) { @@ -30970,8 +30970,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare2; + var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare3; } }); @@ -30979,8 +30979,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); + var compare3 = require_compare(); + var rcompare = (a, b, loose) => compare3(b, a, loose); module2.exports = rcompare; } }); @@ -30989,8 +30989,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var compareLoose = (a, b) => compare2(a, b, true); + var compare3 = require_compare(); + var compareLoose = (a, b) => compare3(a, b, true); module2.exports = compareLoose; } }); @@ -31033,8 +31033,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gt = (a, b, loose) => compare2(a, b, loose) > 0; + var compare3 = require_compare(); + var gt = (a, b, loose) => compare3(a, b, loose) > 0; module2.exports = gt; } }); @@ -31043,9 +31043,9 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lt2 = (a, b, loose) => compare2(a, b, loose) < 0; - module2.exports = lt2; + var compare3 = require_compare(); + var lt = (a, b, loose) => compare3(a, b, loose) < 0; + module2.exports = lt; } }); @@ -31053,8 +31053,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var eq = (a, b, loose) => compare2(a, b, loose) === 0; + var compare3 = require_compare(); + var eq = (a, b, loose) => compare3(a, b, loose) === 0; module2.exports = eq; } }); @@ -31063,8 +31063,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var neq = (a, b, loose) => compare2(a, b, loose) !== 0; + var compare3 = require_compare(); + var neq = (a, b, loose) => compare3(a, b, loose) !== 0; module2.exports = neq; } }); @@ -31073,8 +31073,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; + var compare3 = require_compare(); + var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -31083,8 +31083,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lte = (a, b, loose) => compare2(a, b, loose) <= 0; + var compare3 = require_compare(); + var lte = (a, b, loose) => compare3(a, b, loose) <= 0; module2.exports = lte; } }); @@ -31097,7 +31097,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -31128,7 +31128,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -31882,7 +31882,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -31893,12 +31893,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -31980,12 +31980,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare2(a, b, options)); + const v = versions.sort((a, b) => compare3(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -32033,7 +32033,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -32078,12 +32078,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt2; + let gt, lt; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt2 = lowerLT(lt2, c, options); + lt = lowerLT(lt, c, options); } else { eqSet.add(c.semver); } @@ -32092,11 +32092,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt2) { - gtltComp = compare2(gt.semver, lt2.semver, options); + if (gt && lt) { + gtltComp = compare3(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { return null; } } @@ -32104,7 +32104,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt2 && !satisfies2(eq, String(lt2), options)) { + if (lt && !satisfies2(eq, String(lt), options)) { return null; } for (const c of dom) { @@ -32116,9 +32116,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; + let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -32139,29 +32139,29 @@ var require_subset = __commonJS({ return false; } } - if (lt2) { + if (lt) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt2, c, options); - if (lower === c && lower !== lt2) { + lower = lowerLT(lt, c, options); + if (lower === c && lower !== lt) { return false; } - } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { + } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { return false; } } - if (!c.operator && (lt2 || gt) && gtltComp !== 0) { + if (!c.operator && (lt || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt2 && gtltComp !== 0) { + if (gt && hasDomLT && !lt && gtltComp !== 0) { return false; } - if (lt2 && hasDomGT && !gt && gtltComp !== 0) { + if (lt && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -32173,14 +32173,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -32204,14 +32204,14 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare2 = require_compare(); + var compare3 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -32242,14 +32242,14 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare: compare2, + compare: compare3, rcompare, compareLoose, compareBuild, sort, rsort, gt, - lt: lt2, + lt, eq, neq, gte: gte5, @@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare2; - function compare2(a, b, loose) { + exports2.compare = compare3; + function compare3(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare2(a, b, true); + return compare3(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare2(b, a, loose); + return compare3(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare2(a, b, loose) > 0; + return compare3(a, b, loose) > 0; } - exports2.lt = lt2; - function lt2(a, b, loose) { - return compare2(a, b, loose) < 0; + exports2.lt = lt; + function lt(a, b, loose) { + return compare3(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare2(a, b, loose) === 0; + return compare3(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare2(a, b, loose) !== 0; + return compare3(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare2(a, b, loose) >= 0; + return compare3(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare2(a, b, loose) <= 0; + return compare3(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -36190,7 +36190,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -36727,12 +36727,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -101672,8 +101672,8 @@ var require_commonjs16 = __commonJS({ if (rootPath === this.root.name) { return this.root; } - for (const [compare2, root] of Object.entries(this.roots)) { - if (this.sameRoot(rootPath, compare2)) { + for (const [compare3, root] of Object.entries(this.roots)) { + if (this.sameRoot(rootPath, compare3)) { return this.roots[rootPath] = root; } } @@ -101682,9 +101682,9 @@ var require_commonjs16 = __commonJS({ /** * @internal */ - sameRoot(rootPath, compare2 = this.root.name) { + sameRoot(rootPath, compare3 = this.root.name) { rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\"); - return rootPath === compare2; + return rootPath === compare3; } }; exports2.PathWin32 = PathWin32; @@ -105703,7 +105703,7 @@ var require_b4a = __commonJS({ function byteLength(string, encoding) { return Buffer.byteLength(string, encoding); } - function compare2(a, b) { + function compare3(a, b) { return Buffer.compare(a, b); } function concat(buffers, totalLength) { @@ -105804,7 +105804,7 @@ var require_b4a = __commonJS({ allocUnsafe, allocUnsafeSlow, byteLength, - compare: compare2, + compare: compare3, concat, copy, equals: equals2, @@ -130596,7 +130596,7 @@ async function getNightlyToolsUrl(logger) { } } function getLatestToolcacheVersion(logger) { - const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.lt(a, b) ? 1 : -1); + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a)); logger.debug( `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( allVersions @@ -132274,7 +132274,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) { }; LongPrototype.gte = LongPrototype.greaterThanOrEqual; LongPrototype.ge = LongPrototype.greaterThanOrEqual; -LongPrototype.compare = function compare(other) { +LongPrototype.compare = function compare2(other) { if (!isLong(other)) other = fromValue(other); if (this.eq(other)) return 0; var thisNeg = this.isNegative(), otherNeg = other.isNegative(); diff --git a/lib/init-action.js b/lib/init-action.js index e3a96d0a75..b22dbec7ad 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -20412,8 +20412,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -20421,8 +20421,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -20431,8 +20431,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -20475,8 +20475,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -20485,9 +20485,9 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt3 = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt3; + var compare2 = require_compare(); + var lt2 = (a, b, loose) => compare2(a, b, loose) < 0; + module2.exports = lt2; } }); @@ -20495,8 +20495,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -20505,8 +20505,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -20515,8 +20515,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -20525,8 +20525,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -20539,7 +20539,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt3 = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -20570,7 +20570,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt3(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -21324,7 +21324,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt3 = require_lt(); + var lt2 = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -21335,12 +21335,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt3; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt3; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -21422,12 +21422,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -21475,7 +21475,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -21520,12 +21520,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt3; + let gt, lt2; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt3 = lowerLT(lt3, c, options); + lt2 = lowerLT(lt2, c, options); } else { eqSet.add(c.semver); } @@ -21534,11 +21534,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt3) { - gtltComp = compare(gt.semver, lt3.semver, options); + if (gt && lt2) { + gtltComp = compare2(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt3.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { return null; } } @@ -21546,7 +21546,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt3 && !satisfies2(eq, String(lt3), options)) { + if (lt2 && !satisfies2(eq, String(lt2), options)) { return null; } for (const c of dom) { @@ -21558,9 +21558,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt3 && !options.includePrerelease && lt3.semver.prerelease.length ? lt3.semver : false; + let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt3.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -21581,29 +21581,29 @@ var require_subset = __commonJS({ return false; } } - if (lt3) { + if (lt2) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt3, c, options); - if (lower === c && lower !== lt3) { + lower = lowerLT(lt2, c, options); + if (lower === c && lower !== lt2) { return false; } - } else if (lt3.operator === "<=" && !satisfies2(lt3.semver, String(c), options)) { + } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { return false; } } - if (!c.operator && (lt3 || gt) && gtltComp !== 0) { + if (!c.operator && (lt2 || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt3 && gtltComp !== 0) { + if (gt && hasDomLT && !lt2 && gtltComp !== 0) { return false; } - if (lt3 && hasDomGT && !gt && gtltComp !== 0) { + if (lt2 && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -21615,14 +21615,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -21646,14 +21646,14 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt3 = require_lt(); + var lt2 = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -21684,14 +21684,14 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, sort, rsort, gt, - lt: lt3, + lt: lt2, eq, neq, gte: gte5, @@ -26947,7 +26947,7 @@ var require_to_regex_range = __commonJS({ stop = countZeros(max + 1, zeros) - 1; } stops = [...stops]; - stops.sort(compare); + stops.sort(compare2); return stops; } function rangeToPattern(start, stop, options) { @@ -27019,7 +27019,7 @@ var require_to_regex_range = __commonJS({ for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]); return arr; } - function compare(a, b) { + function compare2(a, b) { return a > b ? 1 : b > a ? -1 : 0; } function contains(arr, key, val2) { @@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } - exports2.lt = lt3; - function lt3(a, b, loose) { - return compare(a, b, loose) < 0; + exports2.lt = lt2; + function lt2(a, b, loose) { + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -36190,7 +36190,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt3(a, b, loose); + return lt2(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -36727,12 +36727,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt3; + ltfn = lt2; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt3; + gtfn = lt2; ltefn = gte5; ltfn = gt; comp = "<"; @@ -89389,7 +89389,7 @@ async function getNightlyToolsUrl(logger) { } } function getLatestToolcacheVersion(logger) { - const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.lt(a, b) ? 1 : -1); + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a)); logger.debug( `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( allVersions diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 2a9c4102b7..84807b350f 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -25121,8 +25121,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -25130,8 +25130,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -25194,9 +25194,9 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt2 = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt2; + var compare2 = require_compare(); + var lt = (a, b, loose) => compare2(a, b, loose) < 0; + module2.exports = lt; } }); @@ -25204,8 +25204,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -25214,8 +25214,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -25224,8 +25224,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -25234,8 +25234,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -25248,7 +25248,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -25279,7 +25279,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -26033,7 +26033,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -26044,12 +26044,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -26184,7 +26184,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -26229,12 +26229,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt2; + let gt, lt; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt2 = lowerLT(lt2, c, options); + lt = lowerLT(lt, c, options); } else { eqSet.add(c.semver); } @@ -26243,11 +26243,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt2) { - gtltComp = compare(gt.semver, lt2.semver, options); + if (gt && lt) { + gtltComp = compare2(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { return null; } } @@ -26255,7 +26255,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt2 && !satisfies2(eq, String(lt2), options)) { + if (lt && !satisfies2(eq, String(lt), options)) { return null; } for (const c of dom) { @@ -26267,9 +26267,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; + let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -26290,29 +26290,29 @@ var require_subset = __commonJS({ return false; } } - if (lt2) { + if (lt) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt2, c, options); - if (lower === c && lower !== lt2) { + lower = lowerLT(lt, c, options); + if (lower === c && lower !== lt) { return false; } - } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { + } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { return false; } } - if (!c.operator && (lt2 || gt) && gtltComp !== 0) { + if (!c.operator && (lt || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt2 && gtltComp !== 0) { + if (gt && hasDomLT && !lt && gtltComp !== 0) { return false; } - if (lt2 && hasDomGT && !gt && gtltComp !== 0) { + if (lt && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -26324,14 +26324,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -26355,14 +26355,14 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -26393,14 +26393,14 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, sort, rsort, gt, - lt: lt2, + lt, eq, neq, gte: gte5, @@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } - exports2.lt = lt2; - function lt2(a, b, loose) { - return compare(a, b, loose) < 0; + exports2.lt = lt; + function lt(a, b, loose) { + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -30341,7 +30341,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -30878,12 +30878,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index d9a7163aef..018efc97f5 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -25121,8 +25121,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -25130,8 +25130,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -25194,9 +25194,9 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt2 = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt2; + var compare2 = require_compare(); + var lt = (a, b, loose) => compare2(a, b, loose) < 0; + module2.exports = lt; } }); @@ -25204,8 +25204,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -25214,8 +25214,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -25224,8 +25224,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -25234,8 +25234,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -25248,7 +25248,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -25279,7 +25279,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -26033,7 +26033,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -26044,12 +26044,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -26184,7 +26184,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -26229,12 +26229,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt2; + let gt, lt; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt2 = lowerLT(lt2, c, options); + lt = lowerLT(lt, c, options); } else { eqSet.add(c.semver); } @@ -26243,11 +26243,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt2) { - gtltComp = compare(gt.semver, lt2.semver, options); + if (gt && lt) { + gtltComp = compare2(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { return null; } } @@ -26255,7 +26255,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt2 && !satisfies2(eq, String(lt2), options)) { + if (lt && !satisfies2(eq, String(lt), options)) { return null; } for (const c of dom) { @@ -26267,9 +26267,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; + let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -26290,29 +26290,29 @@ var require_subset = __commonJS({ return false; } } - if (lt2) { + if (lt) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt2, c, options); - if (lower === c && lower !== lt2) { + lower = lowerLT(lt, c, options); + if (lower === c && lower !== lt) { return false; } - } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { + } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { return false; } } - if (!c.operator && (lt2 || gt) && gtltComp !== 0) { + if (!c.operator && (lt || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt2 && gtltComp !== 0) { + if (gt && hasDomLT && !lt && gtltComp !== 0) { return false; } - if (lt2 && hasDomGT && !gt && gtltComp !== 0) { + if (lt && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -26324,14 +26324,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -26355,14 +26355,14 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -26393,14 +26393,14 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, sort, rsort, gt, - lt: lt2, + lt, eq, neq, gte: gte5, @@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } - exports2.lt = lt2; - function lt2(a, b, loose) { - return compare(a, b, loose) < 0; + exports2.lt = lt; + function lt(a, b, loose) { + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -30341,7 +30341,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -30878,12 +30878,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -94483,8 +94483,8 @@ var require_commonjs16 = __commonJS({ if (rootPath === this.root.name) { return this.root; } - for (const [compare, root] of Object.entries(this.roots)) { - if (this.sameRoot(rootPath, compare)) { + for (const [compare2, root] of Object.entries(this.roots)) { + if (this.sameRoot(rootPath, compare2)) { return this.roots[rootPath] = root; } } @@ -94493,9 +94493,9 @@ var require_commonjs16 = __commonJS({ /** * @internal */ - sameRoot(rootPath, compare = this.root.name) { + sameRoot(rootPath, compare2 = this.root.name) { rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\"); - return rootPath === compare; + return rootPath === compare2; } }; exports2.PathWin32 = PathWin32; @@ -98514,7 +98514,7 @@ var require_b4a = __commonJS({ function byteLength(string, encoding) { return Buffer.byteLength(string, encoding); } - function compare(a, b) { + function compare2(a, b) { return Buffer.compare(a, b); } function concat(buffers, totalLength) { @@ -98615,7 +98615,7 @@ var require_b4a = __commonJS({ allocUnsafe, allocUnsafeSlow, byteLength, - compare, + compare: compare2, concat, copy, equals, diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 030568f01c..95316fbe67 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -26336,7 +26336,7 @@ var require_to_regex_range = __commonJS({ stop = countZeros(max + 1, zeros) - 1; } stops = [...stops]; - stops.sort(compare2); + stops.sort(compare3); return stops; } function rangeToPattern(start, stop, options) { @@ -26408,7 +26408,7 @@ var require_to_regex_range = __commonJS({ for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]); return arr; } - function compare2(a, b) { + function compare3(a, b) { return a > b ? 1 : b > a ? -1 : 0; } function contains(arr, key, val2) { @@ -32267,8 +32267,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare2; + var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare3; } }); @@ -32276,8 +32276,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); + var compare3 = require_compare(); + var rcompare = (a, b, loose) => compare3(b, a, loose); module2.exports = rcompare; } }); @@ -32286,8 +32286,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var compareLoose = (a, b) => compare2(a, b, true); + var compare3 = require_compare(); + var compareLoose = (a, b) => compare3(a, b, true); module2.exports = compareLoose; } }); @@ -32330,8 +32330,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gt = (a, b, loose) => compare2(a, b, loose) > 0; + var compare3 = require_compare(); + var gt = (a, b, loose) => compare3(a, b, loose) > 0; module2.exports = gt; } }); @@ -32340,9 +32340,9 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lt2 = (a, b, loose) => compare2(a, b, loose) < 0; - module2.exports = lt2; + var compare3 = require_compare(); + var lt = (a, b, loose) => compare3(a, b, loose) < 0; + module2.exports = lt; } }); @@ -32350,8 +32350,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var eq = (a, b, loose) => compare2(a, b, loose) === 0; + var compare3 = require_compare(); + var eq = (a, b, loose) => compare3(a, b, loose) === 0; module2.exports = eq; } }); @@ -32360,8 +32360,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var neq = (a, b, loose) => compare2(a, b, loose) !== 0; + var compare3 = require_compare(); + var neq = (a, b, loose) => compare3(a, b, loose) !== 0; module2.exports = neq; } }); @@ -32370,8 +32370,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; + var compare3 = require_compare(); + var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -32380,8 +32380,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lte = (a, b, loose) => compare2(a, b, loose) <= 0; + var compare3 = require_compare(); + var lte = (a, b, loose) => compare3(a, b, loose) <= 0; module2.exports = lte; } }); @@ -32394,7 +32394,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -32425,7 +32425,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -33179,7 +33179,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -33190,12 +33190,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -33277,12 +33277,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare2(a, b, options)); + const v = versions.sort((a, b) => compare3(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -33330,7 +33330,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -33375,12 +33375,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt2; + let gt, lt; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt2 = lowerLT(lt2, c, options); + lt = lowerLT(lt, c, options); } else { eqSet.add(c.semver); } @@ -33389,11 +33389,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt2) { - gtltComp = compare2(gt.semver, lt2.semver, options); + if (gt && lt) { + gtltComp = compare3(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { return null; } } @@ -33401,7 +33401,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt2 && !satisfies2(eq, String(lt2), options)) { + if (lt && !satisfies2(eq, String(lt), options)) { return null; } for (const c of dom) { @@ -33413,9 +33413,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; + let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -33436,29 +33436,29 @@ var require_subset = __commonJS({ return false; } } - if (lt2) { + if (lt) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt2, c, options); - if (lower === c && lower !== lt2) { + lower = lowerLT(lt, c, options); + if (lower === c && lower !== lt) { return false; } - } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { + } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { return false; } } - if (!c.operator && (lt2 || gt) && gtltComp !== 0) { + if (!c.operator && (lt || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt2 && gtltComp !== 0) { + if (gt && hasDomLT && !lt && gtltComp !== 0) { return false; } - if (lt2 && hasDomGT && !gt && gtltComp !== 0) { + if (lt && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -33470,14 +33470,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -33501,14 +33501,14 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare2 = require_compare(); + var compare3 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -33539,14 +33539,14 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare: compare2, + compare: compare3, rcompare, compareLoose, compareBuild, sort, rsort, gt, - lt: lt2, + lt, eq, neq, gte: gte5, @@ -37407,13 +37407,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare2; - function compare2(a, b, loose) { + exports2.compare = compare3; + function compare3(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare2(a, b, true); + return compare3(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -37423,7 +37423,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare2(b, a, loose); + return compare3(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -37439,27 +37439,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare2(a, b, loose) > 0; + return compare3(a, b, loose) > 0; } - exports2.lt = lt2; - function lt2(a, b, loose) { - return compare2(a, b, loose) < 0; + exports2.lt = lt; + function lt(a, b, loose) { + return compare3(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare2(a, b, loose) === 0; + return compare3(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare2(a, b, loose) !== 0; + return compare3(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare2(a, b, loose) >= 0; + return compare3(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare2(a, b, loose) <= 0; + return compare3(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -37487,7 +37487,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -38024,12 +38024,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -90430,7 +90430,7 @@ async function getNightlyToolsUrl(logger) { } } function getLatestToolcacheVersion(logger) { - const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.lt(a, b) ? 1 : -1); + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a)); logger.debug( `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( allVersions @@ -91633,7 +91633,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) { }; LongPrototype.gte = LongPrototype.greaterThanOrEqual; LongPrototype.ge = LongPrototype.greaterThanOrEqual; -LongPrototype.compare = function compare(other) { +LongPrototype.compare = function compare2(other) { if (!isLong(other)) other = fromValue(other); if (this.eq(other)) return 0; var thisNeg = this.isNegative(), otherNeg = other.isNegative(); diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index a0dc0ed196..3eff41a558 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -25121,8 +25121,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -25130,8 +25130,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -25194,9 +25194,9 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt2 = (a, b, loose) => compare(a, b, loose) < 0; - module2.exports = lt2; + var compare2 = require_compare(); + var lt = (a, b, loose) => compare2(a, b, loose) < 0; + module2.exports = lt; } }); @@ -25204,8 +25204,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -25214,8 +25214,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -25224,8 +25224,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -25234,8 +25234,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -25248,7 +25248,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -25279,7 +25279,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -26033,7 +26033,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -26044,12 +26044,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -26184,7 +26184,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -26229,12 +26229,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt2; + let gt, lt; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt2 = lowerLT(lt2, c, options); + lt = lowerLT(lt, c, options); } else { eqSet.add(c.semver); } @@ -26243,11 +26243,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt2) { - gtltComp = compare(gt.semver, lt2.semver, options); + if (gt && lt) { + gtltComp = compare2(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { return null; } } @@ -26255,7 +26255,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt2 && !satisfies2(eq, String(lt2), options)) { + if (lt && !satisfies2(eq, String(lt), options)) { return null; } for (const c of dom) { @@ -26267,9 +26267,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; + let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -26290,29 +26290,29 @@ var require_subset = __commonJS({ return false; } } - if (lt2) { + if (lt) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt2, c, options); - if (lower === c && lower !== lt2) { + lower = lowerLT(lt, c, options); + if (lower === c && lower !== lt) { return false; } - } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { + } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { return false; } } - if (!c.operator && (lt2 || gt) && gtltComp !== 0) { + if (!c.operator && (lt || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt2 && gtltComp !== 0) { + if (gt && hasDomLT && !lt && gtltComp !== 0) { return false; } - if (lt2 && hasDomGT && !gt && gtltComp !== 0) { + if (lt && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -26324,14 +26324,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -26355,14 +26355,14 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -26393,14 +26393,14 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, sort, rsort, gt, - lt: lt2, + lt, eq, neq, gte: gte5, @@ -88567,8 +88567,8 @@ var require_commonjs16 = __commonJS({ if (rootPath === this.root.name) { return this.root; } - for (const [compare, root] of Object.entries(this.roots)) { - if (this.sameRoot(rootPath, compare)) { + for (const [compare2, root] of Object.entries(this.roots)) { + if (this.sameRoot(rootPath, compare2)) { return this.roots[rootPath] = root; } } @@ -88577,9 +88577,9 @@ var require_commonjs16 = __commonJS({ /** * @internal */ - sameRoot(rootPath, compare = this.root.name) { + sameRoot(rootPath, compare2 = this.root.name) { rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\"); - return rootPath === compare; + return rootPath === compare2; } }; exports2.PathWin32 = PathWin32; @@ -92598,7 +92598,7 @@ var require_b4a = __commonJS({ function byteLength(string, encoding) { return Buffer.byteLength(string, encoding); } - function compare(a, b) { + function compare2(a, b) { return Buffer.compare(a, b); } function concat(buffers, totalLength) { @@ -92699,7 +92699,7 @@ var require_b4a = __commonJS({ allocUnsafe, allocUnsafeSlow, byteLength, - compare, + compare: compare2, concat, copy, equals, @@ -108085,13 +108085,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -108101,7 +108101,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -108117,27 +108117,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } - exports2.lt = lt2; - function lt2(a, b, loose) { - return compare(a, b, loose) < 0; + exports2.lt = lt; + function lt(a, b, loose) { + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -108165,7 +108165,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -108702,12 +108702,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index b58f1689e0..7fa50945e0 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -25039,7 +25039,7 @@ var require_to_regex_range = __commonJS({ stop = countZeros(max + 1, zeros) - 1; } stops = [...stops]; - stops.sort(compare2); + stops.sort(compare3); return stops; } function rangeToPattern(start, stop, options) { @@ -25111,7 +25111,7 @@ var require_to_regex_range = __commonJS({ for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]); return arr; } - function compare2(a, b) { + function compare3(a, b) { return a > b ? 1 : b > a ? -1 : 0; } function contains(arr, key, val2) { @@ -30970,8 +30970,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare2; + var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare3; } }); @@ -30979,8 +30979,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); + var compare3 = require_compare(); + var rcompare = (a, b, loose) => compare3(b, a, loose); module2.exports = rcompare; } }); @@ -30989,8 +30989,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var compareLoose = (a, b) => compare2(a, b, true); + var compare3 = require_compare(); + var compareLoose = (a, b) => compare3(a, b, true); module2.exports = compareLoose; } }); @@ -31033,8 +31033,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gt = (a, b, loose) => compare2(a, b, loose) > 0; + var compare3 = require_compare(); + var gt = (a, b, loose) => compare3(a, b, loose) > 0; module2.exports = gt; } }); @@ -31043,9 +31043,9 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lt2 = (a, b, loose) => compare2(a, b, loose) < 0; - module2.exports = lt2; + var compare3 = require_compare(); + var lt = (a, b, loose) => compare3(a, b, loose) < 0; + module2.exports = lt; } }); @@ -31053,8 +31053,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var eq = (a, b, loose) => compare2(a, b, loose) === 0; + var compare3 = require_compare(); + var eq = (a, b, loose) => compare3(a, b, loose) === 0; module2.exports = eq; } }); @@ -31063,8 +31063,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var neq = (a, b, loose) => compare2(a, b, loose) !== 0; + var compare3 = require_compare(); + var neq = (a, b, loose) => compare3(a, b, loose) !== 0; module2.exports = neq; } }); @@ -31073,8 +31073,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; + var compare3 = require_compare(); + var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -31083,8 +31083,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lte = (a, b, loose) => compare2(a, b, loose) <= 0; + var compare3 = require_compare(); + var lte = (a, b, loose) => compare3(a, b, loose) <= 0; module2.exports = lte; } }); @@ -31097,7 +31097,7 @@ var require_cmp = __commonJS({ var neq = require_neq(); var gt = require_gt(); var gte5 = require_gte(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var cmp = (a, op, b, loose) => { switch (op) { @@ -31128,7 +31128,7 @@ var require_cmp = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -31882,7 +31882,7 @@ var require_outside = __commonJS({ var Range2 = require_range(); var satisfies2 = require_satisfies(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var lte = require_lte(); var gte5 = require_gte(); var outside = (version, range, hilo, options) => { @@ -31893,12 +31893,12 @@ var require_outside = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -31980,12 +31980,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare2(a, b, options)); + const v = versions.sort((a, b) => compare3(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -32033,7 +32033,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -32078,12 +32078,12 @@ var require_subset = __commonJS({ } } const eqSet = /* @__PURE__ */ new Set(); - let gt, lt2; + let gt, lt; for (const c of sub) { if (c.operator === ">" || c.operator === ">=") { gt = higherGT(gt, c, options); } else if (c.operator === "<" || c.operator === "<=") { - lt2 = lowerLT(lt2, c, options); + lt = lowerLT(lt, c, options); } else { eqSet.add(c.semver); } @@ -32092,11 +32092,11 @@ var require_subset = __commonJS({ return null; } let gtltComp; - if (gt && lt2) { - gtltComp = compare2(gt.semver, lt2.semver, options); + if (gt && lt) { + gtltComp = compare3(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; - } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { + } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { return null; } } @@ -32104,7 +32104,7 @@ var require_subset = __commonJS({ if (gt && !satisfies2(eq, String(gt), options)) { return null; } - if (lt2 && !satisfies2(eq, String(lt2), options)) { + if (lt && !satisfies2(eq, String(lt), options)) { return null; } for (const c of dom) { @@ -32116,9 +32116,9 @@ var require_subset = __commonJS({ } let higher, lower; let hasDomLT, hasDomGT; - let needDomLTPre = lt2 && !options.includePrerelease && lt2.semver.prerelease.length ? lt2.semver : false; + let needDomLTPre = lt && !options.includePrerelease && lt.semver.prerelease.length ? lt.semver : false; let needDomGTPre = gt && !options.includePrerelease && gt.semver.prerelease.length ? gt.semver : false; - if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt2.operator === "<" && needDomLTPre.prerelease[0] === 0) { + if (needDomLTPre && needDomLTPre.prerelease.length === 1 && lt.operator === "<" && needDomLTPre.prerelease[0] === 0) { needDomLTPre = false; } for (const c of dom) { @@ -32139,29 +32139,29 @@ var require_subset = __commonJS({ return false; } } - if (lt2) { + if (lt) { if (needDomLTPre) { if (c.semver.prerelease && c.semver.prerelease.length && c.semver.major === needDomLTPre.major && c.semver.minor === needDomLTPre.minor && c.semver.patch === needDomLTPre.patch) { needDomLTPre = false; } } if (c.operator === "<" || c.operator === "<=") { - lower = lowerLT(lt2, c, options); - if (lower === c && lower !== lt2) { + lower = lowerLT(lt, c, options); + if (lower === c && lower !== lt) { return false; } - } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) { + } else if (lt.operator === "<=" && !satisfies2(lt.semver, String(c), options)) { return false; } } - if (!c.operator && (lt2 || gt) && gtltComp !== 0) { + if (!c.operator && (lt || gt) && gtltComp !== 0) { return false; } } - if (gt && hasDomLT && !lt2 && gtltComp !== 0) { + if (gt && hasDomLT && !lt && gtltComp !== 0) { return false; } - if (lt2 && hasDomGT && !gt && gtltComp !== 0) { + if (lt && hasDomGT && !gt && gtltComp !== 0) { return false; } if (needDomGTPre || needDomLTPre) { @@ -32173,14 +32173,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -32204,14 +32204,14 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare2 = require_compare(); + var compare3 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); var sort = require_sort(); var rsort = require_rsort(); var gt = require_gt(); - var lt2 = require_lt(); + var lt = require_lt(); var eq = require_eq(); var neq = require_neq(); var gte5 = require_gte(); @@ -32242,14 +32242,14 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare: compare2, + compare: compare3, rcompare, compareLoose, compareBuild, sort, rsort, gt, - lt: lt2, + lt, eq, neq, gte: gte5, @@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare2; - function compare2(a, b, loose) { + exports2.compare = compare3; + function compare3(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare2(a, b, true); + return compare3(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare2(b, a, loose); + return compare3(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare2(a, b, loose) > 0; + return compare3(a, b, loose) > 0; } - exports2.lt = lt2; - function lt2(a, b, loose) { - return compare2(a, b, loose) < 0; + exports2.lt = lt; + function lt(a, b, loose) { + return compare3(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare2(a, b, loose) === 0; + return compare3(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare2(a, b, loose) !== 0; + return compare3(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare2(a, b, loose) >= 0; + return compare3(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare2(a, b, loose) <= 0; + return compare3(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -36190,7 +36190,7 @@ var require_semver3 = __commonJS({ case ">=": return gte5(a, b, loose); case "<": - return lt2(a, b, loose); + return lt(a, b, loose); case "<=": return lte(a, b, loose); default: @@ -36727,12 +36727,12 @@ var require_semver3 = __commonJS({ case ">": gtfn = gt; ltefn = lte; - ltfn = lt2; + ltfn = lt; comp = ">"; ecomp = ">="; break; case "<": - gtfn = lt2; + gtfn = lt; ltefn = gte5; ltfn = gt; comp = "<"; @@ -91102,7 +91102,7 @@ async function getNightlyToolsUrl(logger) { } } function getLatestToolcacheVersion(logger) { - const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.lt(a, b) ? 1 : -1); + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a)); logger.debug( `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( allVersions @@ -92305,7 +92305,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) { }; LongPrototype.gte = LongPrototype.greaterThanOrEqual; LongPrototype.ge = LongPrototype.greaterThanOrEqual; -LongPrototype.compare = function compare(other) { +LongPrototype.compare = function compare2(other) { if (!isLong(other)) other = fromValue(other); if (this.eq(other)) return 0; var thisNeg = this.isNegative(), otherNeg = other.isNegative(); diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index 5ae0c5fa35..43868f2530 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -848,7 +848,7 @@ async function getNightlyToolsUrl(logger: Logger) { export function getLatestToolcacheVersion(logger: Logger): string | undefined { const allVersions = toolcache .findAllVersions("CodeQL") - .sort((a, b) => (semver.lt(a, b) ? 1 : -1)); + .sort((a, b) => semver.compare(b, a)); logger.debug( `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( allVersions, From 726a341ed4837e1dce785aac864b13904ee3fea8 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 13:16:03 +0100 Subject: [PATCH 09/59] Restrict when `tools: toolcache` can be used --- lib/analyze-action.js | 27 +++++++++++++++++------- lib/init-action-post.js | 27 +++++++++++++++++------- lib/init-action.js | 27 +++++++++++++++++------- lib/upload-lib.js | 27 +++++++++++++++++------- lib/upload-sarif-action.js | 27 +++++++++++++++++------- src/setup-codeql.test.ts | 4 ++++ src/setup-codeql.ts | 43 ++++++++++++++++++++++++++------------ 7 files changed, 129 insertions(+), 53 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 77db2a754d..2b79889f03 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -92294,16 +92294,27 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { - logger.info( - `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` - ); - const latestToolcacheVersion = getLatestToolcacheVersion(logger); - if (latestToolcacheVersion) { - cliVersion2 = latestToolcacheVersion; - } else { + let latestToolcacheVersion; + const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + if (allowToolcacheValue) { logger.info( - `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` ); + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } + } + if (latestToolcacheVersion === void 0) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } cliVersion2 = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; } diff --git a/lib/init-action-post.js b/lib/init-action-post.js index d2b206bdfa..865a932b83 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -130276,16 +130276,27 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { - logger.info( - `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` - ); - const latestToolcacheVersion = getLatestToolcacheVersion(logger); - if (latestToolcacheVersion) { - cliVersion2 = latestToolcacheVersion; - } else { + let latestToolcacheVersion; + const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + if (allowToolcacheValue) { logger.info( - `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` ); + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } + } + if (latestToolcacheVersion === void 0) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } cliVersion2 = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; } diff --git a/lib/init-action.js b/lib/init-action.js index b22dbec7ad..4484568a4b 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -89069,16 +89069,27 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { - logger.info( - `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` - ); - const latestToolcacheVersion = getLatestToolcacheVersion(logger); - if (latestToolcacheVersion) { - cliVersion2 = latestToolcacheVersion; - } else { + let latestToolcacheVersion; + const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + if (allowToolcacheValue) { logger.info( - `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` ); + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } + } + if (latestToolcacheVersion === void 0) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } cliVersion2 = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; } diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 95316fbe67..7d3d294d40 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -90110,16 +90110,27 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { - logger.info( - `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` - ); - const latestToolcacheVersion = getLatestToolcacheVersion(logger); - if (latestToolcacheVersion) { - cliVersion2 = latestToolcacheVersion; - } else { + let latestToolcacheVersion; + const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + if (allowToolcacheValue) { logger.info( - `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` ); + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } + } + if (latestToolcacheVersion === void 0) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } cliVersion2 = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; } diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 7fa50945e0..23c0466161 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -90782,16 +90782,27 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { - logger.info( - `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` - ); - const latestToolcacheVersion = getLatestToolcacheVersion(logger); - if (latestToolcacheVersion) { - cliVersion2 = latestToolcacheVersion; - } else { + let latestToolcacheVersion; + const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + if (allowToolcacheValue) { logger.info( - `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` ); + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } + } + if (latestToolcacheVersion === void 0) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } cliVersion2 = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; } diff --git a/src/setup-codeql.test.ts b/src/setup-codeql.test.ts index f2bb7efb4c..4e65c6edf4 100644 --- a/src/setup-codeql.test.ts +++ b/src/setup-codeql.test.ts @@ -259,6 +259,8 @@ test("getCodeQLSource correctly returns latest version from toolcache when tools const loggedMessages: LoggedMessage[] = []; const logger = getRecordingLogger(loggedMessages); + process.env["GITHUB_EVENT_NAME"] = "dynamic"; + const latestToolcacheVersion = "3.2.1"; const latestVersionPath = "/path/to/latest"; const testVersions = ["2.3.1", latestToolcacheVersion, "1.2.3"]; @@ -318,6 +320,8 @@ test("getCodeQLSource falls back to downloading the CLI if the toolcache doesn't const loggedMessages: LoggedMessage[] = []; const logger = getRecordingLogger(loggedMessages); + process.env["GITHUB_EVENT_NAME"] = "dynamic"; + const testVersions = []; const findAllVersionsStub = sinon .stub(toolcache, "findAllVersions") diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index 43868f2530..e01037223a 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -7,7 +7,7 @@ import { default as deepEqual } from "fast-deep-equal"; import * as semver from "semver"; import { v4 as uuidV4 } from "uuid"; -import { isRunningLocalAction } from "./actions-util"; +import { isDynamicWorkflow, isRunningLocalAction } from "./actions-util"; import * as api from "./api-client"; import * as defaults from "./defaults.json"; import { @@ -351,20 +351,37 @@ export async function getCodeQLSource( toolsInput !== undefined && toolsInput === CODEQL_TOOLCACHE_INPUT ) { - // If `toolsInput === "toolcache"`, try to find the latest version of the CLI that's available in the toolcache - // and use that. We perform this check here since we can set `cliVersion` directly and don't want to default to - // the linked version. - logger.info( - `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`, - ); - - const latestToolcacheVersion = getLatestToolcacheVersion(logger); - if (latestToolcacheVersion) { - cliVersion = latestToolcacheVersion; - } else { + let latestToolcacheVersion: string | undefined; + + // We only allow `toolsInput === "toolcache"` for `dynamic` events. In general, using `toolsInput === "toolcache"` + // can lead to alert wobble and so it shouldn't be used for an analysis where results are intended to be uploaded. + // We also allow this in test mode. + const allowToolcacheValue = isDynamicWorkflow() || util.isInTestMode(); + if (allowToolcacheValue) { + // If `toolsInput === "toolcache"`, try to find the latest version of the CLI that's available in the toolcache + // and use that. We perform this check here since we can set `cliVersion` directly and don't want to default to + // the linked version. logger.info( - `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`, + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`, ); + + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion = latestToolcacheVersion; + } + } + + if (latestToolcacheVersion === undefined) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`, + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`, + ); + } + cliVersion = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; } From e0b9da7b0a10d6ed880ead85f0d223ed1e631bc8 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Mon, 6 Oct 2025 14:38:32 +0200 Subject: [PATCH 10/59] Introduce `CODEQL_ACTION_SKIP_SARIF_UPLOAD` This triggers a subset of the behavior of `CODEQL_ACTION_TEST_MODE`, specifically just skipping the SARIF upload step. This is required for our internal testing where we want the SARIF file (via `CODEQL_ACTION_DUMP_SARIF_DIR`) but don't want to actually upload it, but we don't want the rest of the behaviour of `CODEQL_ACTION_TEST_MODE` that is specific for `codeql-action` own CI checks. --- lib/analyze-action.js | 11 ++++++----- lib/init-action-post.js | 13 +++++++------ lib/upload-lib.js | 11 ++++++----- lib/upload-sarif-action.js | 15 ++++++++------- src/environment.ts | 6 ++++++ src/init-action-post-helper.ts | 4 ++-- src/upload-lib.ts | 10 ++++------ src/upload-sarif-action.ts | 6 +++--- src/util.ts | 9 ++++++++- 9 files changed, 50 insertions(+), 35 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index c2788900b3..18725b2fa8 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -89773,6 +89773,9 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } +function shouldSkipSarifUpload() { + return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; +} function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; if (testingEnvironment === "") { @@ -95532,17 +95535,15 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - if (isInTestMode()) { + if (shouldSkipSarifUpload()) { const payloadSaveFile = path18.join( getTemporaryDirectory(), "payload.json" ); - logger.info( - `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` - ); + logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs18.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); - return "test-mode-sarif-id"; + return "dummy-sarif-id"; } const client = getApiClient(); try { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index e138420a3e..71c2588094 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -128072,6 +128072,9 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } +function shouldSkipSarifUpload() { + return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; +} function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; if (testingEnvironment === "") { @@ -133008,17 +133011,15 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - if (isInTestMode()) { + if (shouldSkipSarifUpload()) { const payloadSaveFile = path17.join( getTemporaryDirectory(), "payload.json" ); - logger.info( - `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` - ); + logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs17.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); - return "test-mode-sarif-id"; + return "dummy-sarif-id"; } const client = getApiClient(); try { @@ -133585,7 +133586,7 @@ async function maybeUploadFailedSarif(config, repositoryNwo, features, logger) { const shouldUpload = getUploadInputOrThrow(workflow, jobName, matrix); if (!["always", "failure-only"].includes( getUploadValue(shouldUpload) - ) || isInTestMode()) { + ) || shouldSkipSarifUpload()) { return { upload_failed_run_skipped_because: "SARIF upload is disabled" }; } const category = getCategoryInputOrThrow(workflow, jobName, matrix); diff --git a/lib/upload-lib.js b/lib/upload-lib.js index a6342ff212..e8db57e5f6 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -88340,6 +88340,9 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } +function shouldSkipSarifUpload() { + return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; +} function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; if (testingEnvironment === "") { @@ -92367,17 +92370,15 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - if (isInTestMode()) { + if (shouldSkipSarifUpload()) { const payloadSaveFile = path14.join( getTemporaryDirectory(), "payload.json" ); - logger.info( - `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` - ); + logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs13.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); - return "test-mode-sarif-id"; + return "dummy-sarif-id"; } const client = getApiClient(); try { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 7ad72583b5..e768a7fe9a 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -88457,6 +88457,9 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } +function shouldSkipSarifUpload() { + return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; +} function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; if (testingEnvironment === "") { @@ -93039,17 +93042,15 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - if (isInTestMode()) { + if (shouldSkipSarifUpload()) { const payloadSaveFile = path15.join( getTemporaryDirectory(), "payload.json" ); - logger.info( - `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` - ); + logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs14.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); - return "test-mode-sarif-id"; + return "dummy-sarif-id"; } const client = getApiClient(); try { @@ -93570,8 +93571,8 @@ async function run() { core13.setOutput("sarif-id", codeScanningResult.sarifID); } core13.setOutput("sarif-ids", JSON.stringify(uploadResults)); - if (isInTestMode()) { - core13.debug("In test mode. Waiting for processing is disabled."); + if (shouldSkipSarifUpload()) { + core13.debug("SARIF upload disabled. Waiting for processing is disabled."); } else if (getRequiredInput("wait-for-processing") === "true") { if (codeScanningResult !== void 0) { await waitForProcessing( diff --git a/src/environment.ts b/src/environment.ts index e1daeedc2d..59922c8418 100644 --- a/src/environment.ts +++ b/src/environment.ts @@ -128,4 +128,10 @@ export enum EnvVar { * whether the upload is disabled. This is intended for testing and debugging purposes. */ SARIF_DUMP_DIR = "CODEQL_ACTION_SARIF_DUMP_DIR", + + /** + * Whether to skip uploading SARIF results to GitHub. Intended for testing purposes. + * This setting is implied but is more specific than `CODEQL_ACTION_TEST_MODE`. + */ + SKIP_SARIF_UPLOAD = "CODEQL_ACTION_SKIP_SARIF_UPLOAD", } diff --git a/src/init-action-post-helper.ts b/src/init-action-post-helper.ts index 97bf21adac..7d46095e91 100644 --- a/src/init-action-post-helper.ts +++ b/src/init-action-post-helper.ts @@ -19,8 +19,8 @@ import { delay, getErrorMessage, getRequiredEnvParam, - isInTestMode, parseMatrixInput, + shouldSkipSarifUpload, wrapError, } from "./util"; import { @@ -81,7 +81,7 @@ async function maybeUploadFailedSarif( !["always", "failure-only"].includes( actionsUtil.getUploadValue(shouldUpload), ) || - isInTestMode() + shouldSkipSarifUpload() ) { return { upload_failed_run_skipped_because: "SARIF upload is disabled" }; } diff --git a/src/upload-lib.ts b/src/upload-lib.ts index cfa362b678..98d8439ecf 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -356,18 +356,16 @@ async function uploadPayload( ): Promise { logger.info("Uploading results"); - // If in test mode we don't want to upload the results - if (util.isInTestMode()) { + // If in test mode we don't want to upload the results, + if (util.shouldSkipSarifUpload()) { const payloadSaveFile = path.join( actionsUtil.getTemporaryDirectory(), "payload.json", ); - logger.info( - `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`, - ); + logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); - return "test-mode-sarif-id"; + return "dummy-sarif-id"; } const client = api.getApiClient(); diff --git a/src/upload-sarif-action.ts b/src/upload-sarif-action.ts index b9eced9d39..5e6897adad 100644 --- a/src/upload-sarif-action.ts +++ b/src/upload-sarif-action.ts @@ -23,7 +23,7 @@ import { checkDiskUsage, getErrorMessage, initializeEnvironment, - isInTestMode, + shouldSkipSarifUpload, wrapError, } from "./util"; @@ -113,8 +113,8 @@ async function run() { core.setOutput("sarif-ids", JSON.stringify(uploadResults)); // We don't upload results in test mode, so don't wait for processing - if (isInTestMode()) { - core.debug("In test mode. Waiting for processing is disabled."); + if (shouldSkipSarifUpload()) { + core.debug("SARIF upload disabled. Waiting for processing is disabled."); } else if (actionsUtil.getRequiredInput("wait-for-processing") === "true") { if (codeScanningResult !== undefined) { await upload_lib.waitForProcessing( diff --git a/src/util.ts b/src/util.ts index e7c29ed12e..9dc9a7d247 100644 --- a/src/util.ts +++ b/src/util.ts @@ -764,12 +764,19 @@ export function isGoodVersion(versionSpec: string) { /** * Returns whether we are in test mode. This is used by CodeQL Action PR checks. * - * In test mode, we don't upload SARIF results or status reports to the GitHub API. + * In test mode, we several uploads (SARIF results, status reports, DBs, ...). */ export function isInTestMode(): boolean { return process.env[EnvVar.TEST_MODE] === "true"; } +/** + * Returns whether we specifically want to skip uploading SARIF files. + */ +export function shouldSkipSarifUpload(): boolean { + return isInTestMode() || process.env[EnvVar.SKIP_SARIF_UPLOAD] === "true"; +} + /** * Get the testing environment. * From 9b3ade946d34bbaaada8d43f8f902886b7e9c020 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 13:50:21 +0100 Subject: [PATCH 11/59] Rename `upload-quality-sarif.yml` workflow --- .../{__upload-quality-sarif.yml => __upload-sarif.yml} | 6 +++--- .../checks/{upload-quality-sarif.yml => upload-sarif.yml} | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) rename .github/workflows/{__upload-quality-sarif.yml => __upload-sarif.yml} (95%) rename pr-checks/checks/{upload-quality-sarif.yml => upload-sarif.yml} (94%) diff --git a/.github/workflows/__upload-quality-sarif.yml b/.github/workflows/__upload-sarif.yml similarity index 95% rename from .github/workflows/__upload-quality-sarif.yml rename to .github/workflows/__upload-sarif.yml index 9e1dceafc5..ed92f095ef 100644 --- a/.github/workflows/__upload-quality-sarif.yml +++ b/.github/workflows/__upload-sarif.yml @@ -3,7 +3,7 @@ # pr-checks/sync.sh # to regenerate this file. -name: 'PR Check - Upload-sarif: code quality endpoint' +name: PR Check - Test different uses of `upload-sarif` env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto @@ -41,14 +41,14 @@ concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' }} group: ${{ github.workflow }}-${{ github.ref }} jobs: - upload-quality-sarif: + upload-sarif: strategy: fail-fast: false matrix: include: - os: ubuntu-latest version: default - name: 'Upload-sarif: code quality endpoint' + name: Test different uses of `upload-sarif` if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read diff --git a/pr-checks/checks/upload-quality-sarif.yml b/pr-checks/checks/upload-sarif.yml similarity index 94% rename from pr-checks/checks/upload-quality-sarif.yml rename to pr-checks/checks/upload-sarif.yml index 1d4dd9d28d..7f68e5507a 100644 --- a/pr-checks/checks/upload-quality-sarif.yml +++ b/pr-checks/checks/upload-sarif.yml @@ -1,4 +1,4 @@ -name: "Upload-sarif: code quality endpoint" +name: "Test different uses of `upload-sarif`" description: "Checks that uploading SARIFs to the code quality endpoint works" versions: ["default"] installGo: true From 6bdf5d3d00fd477b954432761e4dcd9d3cf02b72 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 13:56:19 +0100 Subject: [PATCH 12/59] Run `upload-sarif` check for all `analysis-kinds` values --- .github/workflows/__upload-sarif.yml | 21 +++++++++++++++++---- pr-checks/checks/upload-sarif.yml | 15 +++++++++++---- 2 files changed, 28 insertions(+), 8 deletions(-) diff --git a/.github/workflows/__upload-sarif.yml b/.github/workflows/__upload-sarif.yml index ed92f095ef..fd98b8d64b 100644 --- a/.github/workflows/__upload-sarif.yml +++ b/.github/workflows/__upload-sarif.yml @@ -48,6 +48,13 @@ jobs: include: - os: ubuntu-latest version: default + analysis-kinds: code-scanning + - os: ubuntu-latest + version: default + analysis-kinds: code-quality + - os: ubuntu-latest + version: default + analysis-kinds: code-scanning,code-quality name: Test different uses of `upload-sarif` if: github.triggering_actor != 'dependabot[bot]' permissions: @@ -74,7 +81,7 @@ jobs: with: tools: ${{ steps.prepare-test.outputs.tools-url }} languages: csharp,java,javascript,python - analysis-kinds: code-quality + analysis-kinds: ${{ matrix.analysis-kinds }} - name: Build code run: ./build.sh # Generate some SARIF we can upload with the upload-sarif step @@ -83,13 +90,19 @@ jobs: ref: refs/heads/main sha: 5e235361806c361d4d3f8859e3c897658025a9a2 upload: never - - uses: ./../action/upload-sarif + + - name: | + Upload all SARIF files for `analysis-kinds: ${{ matrix.analysis-kinds }}` + uses: ./../action/upload-sarif id: upload-sarif with: ref: refs/heads/main sha: 5e235361806c361d4d3f8859e3c897658025a9a2 - - name: Check output from `upload-sarif` step - if: '!(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)' + - name: Check output from `upload-sarif` step for `code-scanning` + if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning) + run: exit 1 + - name: Check output from `upload-sarif` step for `code-quality` + if: contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality) run: exit 1 env: CODEQL_ACTION_TEST_MODE: true diff --git a/pr-checks/checks/upload-sarif.yml b/pr-checks/checks/upload-sarif.yml index 7f68e5507a..f40cb67946 100644 --- a/pr-checks/checks/upload-sarif.yml +++ b/pr-checks/checks/upload-sarif.yml @@ -1,13 +1,14 @@ name: "Test different uses of `upload-sarif`" description: "Checks that uploading SARIFs to the code quality endpoint works" versions: ["default"] +analysisKinds: ["code-scanning", "code-quality", "code-scanning,code-quality"] installGo: true steps: - uses: ./../action/init with: tools: ${{ steps.prepare-test.outputs.tools-url }} languages: csharp,java,javascript,python - analysis-kinds: code-quality + analysis-kinds: ${{ matrix.analysis-kinds }} - name: Build code run: ./build.sh # Generate some SARIF we can upload with the upload-sarif step @@ -16,11 +17,17 @@ steps: ref: 'refs/heads/main' sha: '5e235361806c361d4d3f8859e3c897658025a9a2' upload: never - - uses: ./../action/upload-sarif + + - name: | + Upload all SARIF files for `analysis-kinds: ${{ matrix.analysis-kinds }}` + uses: ./../action/upload-sarif id: upload-sarif with: ref: 'refs/heads/main' sha: '5e235361806c361d4d3f8859e3c897658025a9a2' - - name: "Check output from `upload-sarif` step" - if: '!(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)' + - name: "Check output from `upload-sarif` step for `code-scanning`" + if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning)" + run: exit 1 + - name: "Check output from `upload-sarif` step for `code-quality`" + if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)" run: exit 1 From 6f964b7776696bb9ff2cebad990817c49ecf449f Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 14:10:49 +0100 Subject: [PATCH 13/59] Cover more cases in `upload-sarif` check --- .github/workflows/__upload-sarif.yml | 42 ++++++++++++++++++++++++++++ pr-checks/checks/upload-sarif.yml | 40 ++++++++++++++++++++++++++ 2 files changed, 82 insertions(+) diff --git a/.github/workflows/__upload-sarif.yml b/.github/workflows/__upload-sarif.yml index fd98b8d64b..7bf239e519 100644 --- a/.github/workflows/__upload-sarif.yml +++ b/.github/workflows/__upload-sarif.yml @@ -90,6 +90,7 @@ jobs: ref: refs/heads/main sha: 5e235361806c361d4d3f8859e3c897658025a9a2 upload: never + output: ${{ runner.temp }}/results - name: | Upload all SARIF files for `analysis-kinds: ${{ matrix.analysis-kinds }}` @@ -98,11 +99,52 @@ jobs: with: ref: refs/heads/main sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results - name: Check output from `upload-sarif` step for `code-scanning` if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning) run: exit 1 - name: Check output from `upload-sarif` step for `code-quality` if: contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality) run: exit 1 + + - name: Upload single SARIF file for Code Scanning + uses: ./../action/upload-sarif + id: upload-single-sarif-code-scanning + if: contains(matrix.analysis-kinds, 'code-scanning') + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results/javascript.sarif + - name: Check output from `upload-single-sarif-code-scanning` step + if: contains(matrix.analysis-kinds, 'code-scanning') && + !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning) + run: exit 1 + - name: Upload single SARIF file for Code Scanning + uses: ./../action/upload-sarif + id: upload-single-sarif-code-quality + if: contains(matrix.analysis-kinds, 'code-quality') + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif + - name: Check output from `upload-single-sarif-code-quality` step + if: contains(matrix.analysis-kinds, 'code-quality') && + !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality) + run: exit 1 + + - name: Change SARIF file extension + if: contains(matrix.analysis-kinds, 'code-scanning') + run: mv ${{ runner.temp }}/results/javascript.sarif ${{ runner.temp }}/results/javascript.sarif.json + - name: Upload single non-`.sarif` file + uses: ./../action/upload-sarif + id: upload-single-non-sarif + if: contains(matrix.analysis-kinds, 'code-scanning') + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results/javascript.sarif.json + - name: Check output from `upload-single-non-sarif` step + if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning) + run: exit 1 env: CODEQL_ACTION_TEST_MODE: true diff --git a/pr-checks/checks/upload-sarif.yml b/pr-checks/checks/upload-sarif.yml index f40cb67946..9401c49e8e 100644 --- a/pr-checks/checks/upload-sarif.yml +++ b/pr-checks/checks/upload-sarif.yml @@ -17,6 +17,7 @@ steps: ref: 'refs/heads/main' sha: '5e235361806c361d4d3f8859e3c897658025a9a2' upload: never + output: ${{ runner.temp }}/results - name: | Upload all SARIF files for `analysis-kinds: ${{ matrix.analysis-kinds }}` @@ -25,9 +26,48 @@ steps: with: ref: 'refs/heads/main' sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results - name: "Check output from `upload-sarif` step for `code-scanning`" if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning)" run: exit 1 - name: "Check output from `upload-sarif` step for `code-quality`" if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)" run: exit 1 + + - name: Upload single SARIF file for Code Scanning + uses: ./../action/upload-sarif + id: upload-single-sarif-code-scanning + if: "contains(matrix.analysis-kinds, 'code-scanning')" + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results/javascript.sarif + - name: "Check output from `upload-single-sarif-code-scanning` step" + if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning)" + run: exit 1 + - name: Upload single SARIF file for Code Scanning + uses: ./../action/upload-sarif + id: upload-single-sarif-code-quality + if: "contains(matrix.analysis-kinds, 'code-quality')" + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif + - name: "Check output from `upload-single-sarif-code-quality` step" + if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality)" + run: exit 1 + + - name: Change SARIF file extension + if: "contains(matrix.analysis-kinds, 'code-scanning')" + run: mv ${{ runner.temp }}/results/javascript.sarif ${{ runner.temp }}/results/javascript.sarif.json + - name: Upload single non-`.sarif` file + uses: ./../action/upload-sarif + id: upload-single-non-sarif + if: "contains(matrix.analysis-kinds, 'code-scanning')" + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results/javascript.sarif.json + - name: "Check output from `upload-single-non-sarif` step" + if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning)" + run: exit 1 From 882667e383f6770feee4a7f18c5cedadec673c35 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Mon, 6 Oct 2025 15:22:34 +0200 Subject: [PATCH 14/59] Update src/util.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- src/util.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/util.ts b/src/util.ts index 9dc9a7d247..e1f7a15ecc 100644 --- a/src/util.ts +++ b/src/util.ts @@ -764,7 +764,7 @@ export function isGoodVersion(versionSpec: string) { /** * Returns whether we are in test mode. This is used by CodeQL Action PR checks. * - * In test mode, we several uploads (SARIF results, status reports, DBs, ...). + * In test mode, we skip several uploads (SARIF results, status reports, DBs, ...). */ export function isInTestMode(): boolean { return process.env[EnvVar.TEST_MODE] === "true"; From 11e40344144d49f1ba9441e1c8cbbe2e0d526142 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Mon, 6 Oct 2025 15:23:18 +0200 Subject: [PATCH 15/59] Clarify comment about SKIP_SARIF_UPLOAD setting --- src/environment.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/environment.ts b/src/environment.ts index 59922c8418..d9b66b67d9 100644 --- a/src/environment.ts +++ b/src/environment.ts @@ -131,7 +131,7 @@ export enum EnvVar { /** * Whether to skip uploading SARIF results to GitHub. Intended for testing purposes. - * This setting is implied but is more specific than `CODEQL_ACTION_TEST_MODE`. + * This setting is implied by but is more specific than `CODEQL_ACTION_TEST_MODE`. */ SKIP_SARIF_UPLOAD = "CODEQL_ACTION_SKIP_SARIF_UPLOAD", } From 22aba57acf39c63a1b4963298698fb3f7a991e17 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 14:30:30 +0100 Subject: [PATCH 16/59] Include analysis kind in `payloadSaveFile` path in `uploadPayload` --- lib/analyze-action.js | 8 ++++---- lib/init-action-post.js | 8 ++++---- lib/upload-lib.js | 8 ++++---- lib/upload-sarif-action.js | 8 ++++---- src/upload-lib.ts | 8 ++++---- 5 files changed, 20 insertions(+), 20 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index c2788900b3..77f1e6f14a 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -95530,12 +95530,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (isInTestMode()) { const payloadSaveFile = path18.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` @@ -95546,7 +95546,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -95780,7 +95780,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index e138420a3e..6c4eb38d91 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -133006,12 +133006,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (isInTestMode()) { const payloadSaveFile = path17.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` @@ -133022,7 +133022,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -133256,7 +133256,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index a6342ff212..44a52209d1 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -92365,12 +92365,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (isInTestMode()) { const payloadSaveFile = path14.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` @@ -92381,7 +92381,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -92663,7 +92663,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 7ad72583b5..bc7a2c0ac6 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -93037,12 +93037,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (isInTestMode()) { const payloadSaveFile = path15.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}` @@ -93053,7 +93053,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -93304,7 +93304,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/src/upload-lib.ts b/src/upload-lib.ts index cfa362b678..2559cd7ad1 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -352,7 +352,7 @@ async function uploadPayload( payload: any, repositoryNwo: RepositoryNwo, logger: Logger, - target: analyses.SARIF_UPLOAD_ENDPOINT, + analysis: analyses.AnalysisConfig, ): Promise { logger.info("Uploading results"); @@ -360,7 +360,7 @@ async function uploadPayload( if (util.isInTestMode()) { const payloadSaveFile = path.join( actionsUtil.getTemporaryDirectory(), - "payload.json", + `payload-${analysis.kind}.json`, ); logger.info( `In test mode. Results are not uploaded. Saving to ${payloadSaveFile}`, @@ -373,7 +373,7 @@ async function uploadPayload( const client = api.getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload, @@ -807,7 +807,7 @@ export async function uploadSpecifiedFiles( payload, getRepositoryNwo(), logger, - uploadTarget.target, + uploadTarget, ); logger.endGroup(); From 680b07003d39978a705d23d22a2efc5f62a0e924 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Mon, 6 Oct 2025 15:39:29 +0200 Subject: [PATCH 17/59] Specify reason for skipping SARIF upload in logs --- lib/analyze-action.js | 15 +++++++++++---- lib/init-action-post.js | 21 ++++++++++++++++----- lib/upload-lib.js | 15 +++++++++++---- lib/upload-sarif-action.js | 20 ++++++++++++++------ src/environment.ts | 2 +- src/init-action-post-helper.ts | 9 ++++++--- src/upload-lib.ts | 5 +++-- src/upload-sarif-action.ts | 7 ++++--- src/util.ts | 12 +++++++++--- 9 files changed, 75 insertions(+), 31 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 18725b2fa8..5e8fe46fe1 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -89773,8 +89773,14 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } -function shouldSkipSarifUpload() { - return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; +function getSarifUploadSkipReason() { + if (isInTestMode()) { + return `SARIF upload is disabled via ${"CODEQL_ACTION_TEST_MODE" /* TEST_MODE */}`; + } + if (process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true") { + return `SARIF upload is disabled via ${"CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */}`; + } + return null; } function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; @@ -95535,12 +95541,13 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - if (shouldSkipSarifUpload()) { + const skipReason = getSarifUploadSkipReason(); + if (skipReason) { const payloadSaveFile = path18.join( getTemporaryDirectory(), "payload.json" ); - logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); + logger.info(`${skipReason}. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs18.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 71c2588094..b12435b4d6 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -128072,8 +128072,14 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } -function shouldSkipSarifUpload() { - return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; +function getSarifUploadSkipReason() { + if (isInTestMode()) { + return `SARIF upload is disabled via ${"CODEQL_ACTION_TEST_MODE" /* TEST_MODE */}`; + } + if (process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true") { + return `SARIF upload is disabled via ${"CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */}`; + } + return null; } function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; @@ -133011,12 +133017,13 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - if (shouldSkipSarifUpload()) { + const skipReason = getSarifUploadSkipReason(); + if (skipReason) { const payloadSaveFile = path17.join( getTemporaryDirectory(), "payload.json" ); - logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); + logger.info(`${skipReason}. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs17.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; @@ -133586,9 +133593,13 @@ async function maybeUploadFailedSarif(config, repositoryNwo, features, logger) { const shouldUpload = getUploadInputOrThrow(workflow, jobName, matrix); if (!["always", "failure-only"].includes( getUploadValue(shouldUpload) - ) || shouldSkipSarifUpload()) { + )) { return { upload_failed_run_skipped_because: "SARIF upload is disabled" }; } + const skipReason = getSarifUploadSkipReason(); + if (skipReason) { + return { upload_failed_run_skipped_because: skipReason }; + } const category = getCategoryInputOrThrow(workflow, jobName, matrix); const checkoutPath = getCheckoutPathInputOrThrow(workflow, jobName, matrix); const databasePath = config.dbLocation; diff --git a/lib/upload-lib.js b/lib/upload-lib.js index e8db57e5f6..d35b895ce8 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -88340,8 +88340,14 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } -function shouldSkipSarifUpload() { - return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; +function getSarifUploadSkipReason() { + if (isInTestMode()) { + return `SARIF upload is disabled via ${"CODEQL_ACTION_TEST_MODE" /* TEST_MODE */}`; + } + if (process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true") { + return `SARIF upload is disabled via ${"CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */}`; + } + return null; } function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; @@ -92370,12 +92376,13 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - if (shouldSkipSarifUpload()) { + const skipReason = getSarifUploadSkipReason(); + if (skipReason) { const payloadSaveFile = path14.join( getTemporaryDirectory(), "payload.json" ); - logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); + logger.info(`${skipReason}. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs13.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index e768a7fe9a..7bf15775ac 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -88457,8 +88457,14 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } -function shouldSkipSarifUpload() { - return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; +function getSarifUploadSkipReason() { + if (isInTestMode()) { + return `SARIF upload is disabled via ${"CODEQL_ACTION_TEST_MODE" /* TEST_MODE */}`; + } + if (process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true") { + return `SARIF upload is disabled via ${"CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */}`; + } + return null; } function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; @@ -93042,12 +93048,13 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - if (shouldSkipSarifUpload()) { + const skipReason = getSarifUploadSkipReason(); + if (skipReason) { const payloadSaveFile = path15.join( getTemporaryDirectory(), "payload.json" ); - logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); + logger.info(`${skipReason}. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs14.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; @@ -93571,8 +93578,9 @@ async function run() { core13.setOutput("sarif-id", codeScanningResult.sarifID); } core13.setOutput("sarif-ids", JSON.stringify(uploadResults)); - if (shouldSkipSarifUpload()) { - core13.debug("SARIF upload disabled. Waiting for processing is disabled."); + const skipReason = getSarifUploadSkipReason(); + if (skipReason) { + core13.debug(`${skipReason}. Waiting for processing is disabled.`); } else if (getRequiredInput("wait-for-processing") === "true") { if (codeScanningResult !== void 0) { await waitForProcessing( diff --git a/src/environment.ts b/src/environment.ts index d9b66b67d9..6713f57e60 100644 --- a/src/environment.ts +++ b/src/environment.ts @@ -131,7 +131,7 @@ export enum EnvVar { /** * Whether to skip uploading SARIF results to GitHub. Intended for testing purposes. - * This setting is implied by but is more specific than `CODEQL_ACTION_TEST_MODE`. + * This setting is implied by `CODEQL_ACTION_TEST_MODE`, but is more specific. */ SKIP_SARIF_UPLOAD = "CODEQL_ACTION_SKIP_SARIF_UPLOAD", } diff --git a/src/init-action-post-helper.ts b/src/init-action-post-helper.ts index 7d46095e91..f084e64151 100644 --- a/src/init-action-post-helper.ts +++ b/src/init-action-post-helper.ts @@ -20,7 +20,7 @@ import { getErrorMessage, getRequiredEnvParam, parseMatrixInput, - shouldSkipSarifUpload, + getSarifUploadSkipReason, wrapError, } from "./util"; import { @@ -80,11 +80,14 @@ async function maybeUploadFailedSarif( if ( !["always", "failure-only"].includes( actionsUtil.getUploadValue(shouldUpload), - ) || - shouldSkipSarifUpload() + ) ) { return { upload_failed_run_skipped_because: "SARIF upload is disabled" }; } + const skipReason = getSarifUploadSkipReason(); + if (skipReason) { + return { upload_failed_run_skipped_because: skipReason }; + } const category = getCategoryInputOrThrow(workflow, jobName, matrix); const checkoutPath = getCheckoutPathInputOrThrow(workflow, jobName, matrix); const databasePath = config.dbLocation; diff --git a/src/upload-lib.ts b/src/upload-lib.ts index 98d8439ecf..ac87b296f7 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -357,12 +357,13 @@ async function uploadPayload( logger.info("Uploading results"); // If in test mode we don't want to upload the results, - if (util.shouldSkipSarifUpload()) { + const skipReason = util.getSarifUploadSkipReason(); + if (skipReason) { const payloadSaveFile = path.join( actionsUtil.getTemporaryDirectory(), "payload.json", ); - logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); + logger.info(`${skipReason}. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; diff --git a/src/upload-sarif-action.ts b/src/upload-sarif-action.ts index 5e6897adad..60d18c8767 100644 --- a/src/upload-sarif-action.ts +++ b/src/upload-sarif-action.ts @@ -23,7 +23,7 @@ import { checkDiskUsage, getErrorMessage, initializeEnvironment, - shouldSkipSarifUpload, + getSarifUploadSkipReason, wrapError, } from "./util"; @@ -113,8 +113,9 @@ async function run() { core.setOutput("sarif-ids", JSON.stringify(uploadResults)); // We don't upload results in test mode, so don't wait for processing - if (shouldSkipSarifUpload()) { - core.debug("SARIF upload disabled. Waiting for processing is disabled."); + const skipReason = getSarifUploadSkipReason(); + if (skipReason) { + core.debug(`${skipReason}. Waiting for processing is disabled.`); } else if (actionsUtil.getRequiredInput("wait-for-processing") === "true") { if (codeScanningResult !== undefined) { await upload_lib.waitForProcessing( diff --git a/src/util.ts b/src/util.ts index e1f7a15ecc..1a27bb6903 100644 --- a/src/util.ts +++ b/src/util.ts @@ -771,10 +771,16 @@ export function isInTestMode(): boolean { } /** - * Returns whether we specifically want to skip uploading SARIF files. + * Returns whether we specifically want to skip uploading SARIF files, and if so, why. */ -export function shouldSkipSarifUpload(): boolean { - return isInTestMode() || process.env[EnvVar.SKIP_SARIF_UPLOAD] === "true"; +export function getSarifUploadSkipReason(): string | null { + if (isInTestMode()) { + return `SARIF upload is disabled via ${EnvVar.TEST_MODE}`; + } + if (process.env[EnvVar.SKIP_SARIF_UPLOAD] === "true") { + return `SARIF upload is disabled via ${EnvVar.SKIP_SARIF_UPLOAD}`; + } + return null; } /** From 380e002752dd3ae10c718f81ac27a53db40a2769 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 15:15:43 +0100 Subject: [PATCH 18/59] Add explicit `category` values --- .github/workflows/__upload-sarif.yml | 8 ++++++++ pr-checks/checks/upload-sarif.yml | 8 ++++++++ 2 files changed, 16 insertions(+) diff --git a/.github/workflows/__upload-sarif.yml b/.github/workflows/__upload-sarif.yml index 7bf239e519..20b059f398 100644 --- a/.github/workflows/__upload-sarif.yml +++ b/.github/workflows/__upload-sarif.yml @@ -100,6 +100,8 @@ jobs: ref: refs/heads/main sha: 5e235361806c361d4d3f8859e3c897658025a9a2 sarif_file: ${{ runner.temp }}/results + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:all-files/ - name: Check output from `upload-sarif` step for `code-scanning` if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning) run: exit 1 @@ -115,6 +117,8 @@ jobs: ref: refs/heads/main sha: 5e235361806c361d4d3f8859e3c897658025a9a2 sarif_file: ${{ runner.temp }}/results/javascript.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-scanning/ - name: Check output from `upload-single-sarif-code-scanning` step if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning) @@ -127,6 +131,8 @@ jobs: ref: refs/heads/main sha: 5e235361806c361d4d3f8859e3c897658025a9a2 sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-quality/ - name: Check output from `upload-single-sarif-code-quality` step if: contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality) @@ -143,6 +149,8 @@ jobs: ref: refs/heads/main sha: 5e235361806c361d4d3f8859e3c897658025a9a2 sarif_file: ${{ runner.temp }}/results/javascript.sarif.json + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:non-sarif/ - name: Check output from `upload-single-non-sarif` step if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning) run: exit 1 diff --git a/pr-checks/checks/upload-sarif.yml b/pr-checks/checks/upload-sarif.yml index 9401c49e8e..840e765011 100644 --- a/pr-checks/checks/upload-sarif.yml +++ b/pr-checks/checks/upload-sarif.yml @@ -27,6 +27,8 @@ steps: ref: 'refs/heads/main' sha: '5e235361806c361d4d3f8859e3c897658025a9a2' sarif_file: ${{ runner.temp }}/results + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:all-files/ - name: "Check output from `upload-sarif` step for `code-scanning`" if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning)" run: exit 1 @@ -42,6 +44,8 @@ steps: ref: 'refs/heads/main' sha: '5e235361806c361d4d3f8859e3c897658025a9a2' sarif_file: ${{ runner.temp }}/results/javascript.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-scanning/ - name: "Check output from `upload-single-sarif-code-scanning` step" if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning)" run: exit 1 @@ -53,6 +57,8 @@ steps: ref: 'refs/heads/main' sha: '5e235361806c361d4d3f8859e3c897658025a9a2' sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-quality/ - name: "Check output from `upload-single-sarif-code-quality` step" if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality)" run: exit 1 @@ -68,6 +74,8 @@ steps: ref: 'refs/heads/main' sha: '5e235361806c361d4d3f8859e3c897658025a9a2' sarif_file: ${{ runner.temp }}/results/javascript.sarif.json + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:non-sarif/ - name: "Check output from `upload-single-non-sarif` step" if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning)" run: exit 1 From 14c5d77032ee3effd4fd42710395800466c8d7cb Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 15:28:40 +0100 Subject: [PATCH 19/59] Fix: Update `payload.json` path in `with-checkout-path` test --- .github/workflows/__with-checkout-path.yml | 13 +++++++------ pr-checks/checks/with-checkout-path.yml | 13 +++++++------ 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/.github/workflows/__with-checkout-path.yml b/.github/workflows/__with-checkout-path.yml index e12c9846a3..e706b5d391 100644 --- a/.github/workflows/__with-checkout-path.yml +++ b/.github/workflows/__with-checkout-path.yml @@ -103,29 +103,30 @@ jobs: - name: Verify SARIF after upload run: | + PAYLOAD_FILE="$RUNNER_TEMP/payload-code-scanning.json" EXPECTED_COMMIT_OID="474bbf07f9247ffe1856c6a0f94aeeb10e7afee6" EXPECTED_REF="v1.1.0" EXPECTED_CHECKOUT_URI_SUFFIX="/x/y/z/some-path/tests/multi-language-repo" - ACTUAL_COMMIT_OID="$(cat "$RUNNER_TEMP/payload.json" | jq -r .commit_oid)" - ACTUAL_REF="$(cat "$RUNNER_TEMP/payload.json" | jq -r .ref)" - ACTUAL_CHECKOUT_URI="$(cat "$RUNNER_TEMP/payload.json" | jq -r .checkout_uri)" + ACTUAL_COMMIT_OID="$(cat "$PAYLOAD_FILE" | jq -r .commit_oid)" + ACTUAL_REF="$(cat "$PAYLOAD_FILE" | jq -r .ref)" + ACTUAL_CHECKOUT_URI="$(cat "$PAYLOAD_FILE" | jq -r .checkout_uri)" if [[ "$EXPECTED_COMMIT_OID" != "$ACTUAL_COMMIT_OID" ]]; then echo "::error Invalid commit oid. Expected: $EXPECTED_COMMIT_OID Actual: $ACTUAL_COMMIT_OID" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$EXPECTED_REF" != "$ACTUAL_REF" ]]; then echo "::error Invalid ref. Expected: '$EXPECTED_REF' Actual: '$ACTUAL_REF'" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$ACTUAL_CHECKOUT_URI" != *$EXPECTED_CHECKOUT_URI_SUFFIX ]]; then echo "::error Invalid checkout URI suffix. Expected suffix: $EXPECTED_CHECKOUT_URI_SUFFIX Actual uri: $ACTUAL_CHECKOUT_URI" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi env: diff --git a/pr-checks/checks/with-checkout-path.yml b/pr-checks/checks/with-checkout-path.yml index 641dcf2205..d0662be010 100644 --- a/pr-checks/checks/with-checkout-path.yml +++ b/pr-checks/checks/with-checkout-path.yml @@ -37,28 +37,29 @@ steps: - name: Verify SARIF after upload run: | + PAYLOAD_FILE="$RUNNER_TEMP/payload-code-scanning.json" EXPECTED_COMMIT_OID="474bbf07f9247ffe1856c6a0f94aeeb10e7afee6" EXPECTED_REF="v1.1.0" EXPECTED_CHECKOUT_URI_SUFFIX="/x/y/z/some-path/tests/multi-language-repo" - ACTUAL_COMMIT_OID="$(cat "$RUNNER_TEMP/payload.json" | jq -r .commit_oid)" - ACTUAL_REF="$(cat "$RUNNER_TEMP/payload.json" | jq -r .ref)" - ACTUAL_CHECKOUT_URI="$(cat "$RUNNER_TEMP/payload.json" | jq -r .checkout_uri)" + ACTUAL_COMMIT_OID="$(cat "$PAYLOAD_FILE" | jq -r .commit_oid)" + ACTUAL_REF="$(cat "$PAYLOAD_FILE" | jq -r .ref)" + ACTUAL_CHECKOUT_URI="$(cat "$PAYLOAD_FILE" | jq -r .checkout_uri)" if [[ "$EXPECTED_COMMIT_OID" != "$ACTUAL_COMMIT_OID" ]]; then echo "::error Invalid commit oid. Expected: $EXPECTED_COMMIT_OID Actual: $ACTUAL_COMMIT_OID" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$EXPECTED_REF" != "$ACTUAL_REF" ]]; then echo "::error Invalid ref. Expected: '$EXPECTED_REF' Actual: '$ACTUAL_REF'" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$ACTUAL_CHECKOUT_URI" != *$EXPECTED_CHECKOUT_URI_SUFFIX ]]; then echo "::error Invalid checkout URI suffix. Expected suffix: $EXPECTED_CHECKOUT_URI_SUFFIX Actual uri: $ACTUAL_CHECKOUT_URI" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi From dabf6fc57806f7dec50430fd9193732fbdd276c5 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Mon, 6 Oct 2025 15:40:35 +0100 Subject: [PATCH 20/59] Adjust step names to be clearer --- .github/workflows/__upload-sarif.yml | 12 ++++++------ pr-checks/checks/upload-sarif.yml | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/__upload-sarif.yml b/.github/workflows/__upload-sarif.yml index 20b059f398..91a1af5e05 100644 --- a/.github/workflows/__upload-sarif.yml +++ b/.github/workflows/__upload-sarif.yml @@ -102,10 +102,10 @@ jobs: sarif_file: ${{ runner.temp }}/results category: | ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:all-files/ - - name: Check output from `upload-sarif` step for `code-scanning` + - name: Fail for missing output from `upload-sarif` step for `code-scanning` if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning) run: exit 1 - - name: Check output from `upload-sarif` step for `code-quality` + - name: Fail for missing output from `upload-sarif` step for `code-quality` if: contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality) run: exit 1 @@ -119,11 +119,11 @@ jobs: sarif_file: ${{ runner.temp }}/results/javascript.sarif category: | ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-scanning/ - - name: Check output from `upload-single-sarif-code-scanning` step + - name: Fail for missing output from `upload-single-sarif-code-scanning` step if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning) run: exit 1 - - name: Upload single SARIF file for Code Scanning + - name: Upload single SARIF file for Code Quality uses: ./../action/upload-sarif id: upload-single-sarif-code-quality if: contains(matrix.analysis-kinds, 'code-quality') @@ -133,7 +133,7 @@ jobs: sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif category: | ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-quality/ - - name: Check output from `upload-single-sarif-code-quality` step + - name: Fail for missing output from `upload-single-sarif-code-quality` step if: contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality) run: exit 1 @@ -151,7 +151,7 @@ jobs: sarif_file: ${{ runner.temp }}/results/javascript.sarif.json category: | ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:non-sarif/ - - name: Check output from `upload-single-non-sarif` step + - name: Fail for missing output from `upload-single-non-sarif` step if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning) run: exit 1 env: diff --git a/pr-checks/checks/upload-sarif.yml b/pr-checks/checks/upload-sarif.yml index 840e765011..1801a27407 100644 --- a/pr-checks/checks/upload-sarif.yml +++ b/pr-checks/checks/upload-sarif.yml @@ -29,10 +29,10 @@ steps: sarif_file: ${{ runner.temp }}/results category: | ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:all-files/ - - name: "Check output from `upload-sarif` step for `code-scanning`" + - name: "Fail for missing output from `upload-sarif` step for `code-scanning`" if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning)" run: exit 1 - - name: "Check output from `upload-sarif` step for `code-quality`" + - name: "Fail for missing output from `upload-sarif` step for `code-quality`" if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)" run: exit 1 @@ -46,10 +46,10 @@ steps: sarif_file: ${{ runner.temp }}/results/javascript.sarif category: | ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-scanning/ - - name: "Check output from `upload-single-sarif-code-scanning` step" + - name: "Fail for missing output from `upload-single-sarif-code-scanning` step" if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning)" run: exit 1 - - name: Upload single SARIF file for Code Scanning + - name: Upload single SARIF file for Code Quality uses: ./../action/upload-sarif id: upload-single-sarif-code-quality if: "contains(matrix.analysis-kinds, 'code-quality')" @@ -59,7 +59,7 @@ steps: sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif category: | ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-quality/ - - name: "Check output from `upload-single-sarif-code-quality` step" + - name: "Fail for missing output from `upload-single-sarif-code-quality` step" if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality)" run: exit 1 @@ -76,6 +76,6 @@ steps: sarif_file: ${{ runner.temp }}/results/javascript.sarif.json category: | ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:non-sarif/ - - name: "Check output from `upload-single-non-sarif` step" + - name: "Fail for missing output from `upload-single-non-sarif` step" if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning)" run: exit 1 From 25c8db918a216a2a632b6646e28c958333175433 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Mon, 6 Oct 2025 16:59:45 +0200 Subject: [PATCH 21/59] Revert "Specify reason for skipping SARIF upload in logs" This reverts commit 680b07003d39978a705d23d22a2efc5f62a0e924. --- lib/analyze-action.js | 15 ++++----------- lib/init-action-post.js | 21 +++++---------------- lib/upload-lib.js | 15 ++++----------- lib/upload-sarif-action.js | 20 ++++++-------------- src/environment.ts | 2 +- src/init-action-post-helper.ts | 9 +++------ src/upload-lib.ts | 5 ++--- src/upload-sarif-action.ts | 7 +++---- src/util.ts | 12 +++--------- 9 files changed, 31 insertions(+), 75 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 5e8fe46fe1..18725b2fa8 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -89773,14 +89773,8 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } -function getSarifUploadSkipReason() { - if (isInTestMode()) { - return `SARIF upload is disabled via ${"CODEQL_ACTION_TEST_MODE" /* TEST_MODE */}`; - } - if (process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true") { - return `SARIF upload is disabled via ${"CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */}`; - } - return null; +function shouldSkipSarifUpload() { + return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; } function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; @@ -95541,13 +95535,12 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - const skipReason = getSarifUploadSkipReason(); - if (skipReason) { + if (shouldSkipSarifUpload()) { const payloadSaveFile = path18.join( getTemporaryDirectory(), "payload.json" ); - logger.info(`${skipReason}. Saving to ${payloadSaveFile}`); + logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs18.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; diff --git a/lib/init-action-post.js b/lib/init-action-post.js index b12435b4d6..71c2588094 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -128072,14 +128072,8 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } -function getSarifUploadSkipReason() { - if (isInTestMode()) { - return `SARIF upload is disabled via ${"CODEQL_ACTION_TEST_MODE" /* TEST_MODE */}`; - } - if (process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true") { - return `SARIF upload is disabled via ${"CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */}`; - } - return null; +function shouldSkipSarifUpload() { + return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; } function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; @@ -133017,13 +133011,12 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - const skipReason = getSarifUploadSkipReason(); - if (skipReason) { + if (shouldSkipSarifUpload()) { const payloadSaveFile = path17.join( getTemporaryDirectory(), "payload.json" ); - logger.info(`${skipReason}. Saving to ${payloadSaveFile}`); + logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs17.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; @@ -133593,13 +133586,9 @@ async function maybeUploadFailedSarif(config, repositoryNwo, features, logger) { const shouldUpload = getUploadInputOrThrow(workflow, jobName, matrix); if (!["always", "failure-only"].includes( getUploadValue(shouldUpload) - )) { + ) || shouldSkipSarifUpload()) { return { upload_failed_run_skipped_because: "SARIF upload is disabled" }; } - const skipReason = getSarifUploadSkipReason(); - if (skipReason) { - return { upload_failed_run_skipped_because: skipReason }; - } const category = getCategoryInputOrThrow(workflow, jobName, matrix); const checkoutPath = getCheckoutPathInputOrThrow(workflow, jobName, matrix); const databasePath = config.dbLocation; diff --git a/lib/upload-lib.js b/lib/upload-lib.js index d35b895ce8..e8db57e5f6 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -88340,14 +88340,8 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } -function getSarifUploadSkipReason() { - if (isInTestMode()) { - return `SARIF upload is disabled via ${"CODEQL_ACTION_TEST_MODE" /* TEST_MODE */}`; - } - if (process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true") { - return `SARIF upload is disabled via ${"CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */}`; - } - return null; +function shouldSkipSarifUpload() { + return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; } function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; @@ -92376,13 +92370,12 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - const skipReason = getSarifUploadSkipReason(); - if (skipReason) { + if (shouldSkipSarifUpload()) { const payloadSaveFile = path14.join( getTemporaryDirectory(), "payload.json" ); - logger.info(`${skipReason}. Saving to ${payloadSaveFile}`); + logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs13.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 7bf15775ac..e768a7fe9a 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -88457,14 +88457,8 @@ function isGoodVersion(versionSpec) { function isInTestMode() { return process.env["CODEQL_ACTION_TEST_MODE" /* TEST_MODE */] === "true"; } -function getSarifUploadSkipReason() { - if (isInTestMode()) { - return `SARIF upload is disabled via ${"CODEQL_ACTION_TEST_MODE" /* TEST_MODE */}`; - } - if (process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true") { - return `SARIF upload is disabled via ${"CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */}`; - } - return null; +function shouldSkipSarifUpload() { + return isInTestMode() || process.env["CODEQL_ACTION_SKIP_SARIF_UPLOAD" /* SKIP_SARIF_UPLOAD */] === "true"; } function getTestingEnvironment() { const testingEnvironment = process.env["CODEQL_ACTION_TESTING_ENVIRONMENT" /* TESTING_ENVIRONMENT */] || ""; @@ -93048,13 +93042,12 @@ function getAutomationID2(category, analysis_key, environment) { } async function uploadPayload(payload, repositoryNwo, logger, target) { logger.info("Uploading results"); - const skipReason = getSarifUploadSkipReason(); - if (skipReason) { + if (shouldSkipSarifUpload()) { const payloadSaveFile = path15.join( getTemporaryDirectory(), "payload.json" ); - logger.info(`${skipReason}. Saving to ${payloadSaveFile}`); + logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs14.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; @@ -93578,9 +93571,8 @@ async function run() { core13.setOutput("sarif-id", codeScanningResult.sarifID); } core13.setOutput("sarif-ids", JSON.stringify(uploadResults)); - const skipReason = getSarifUploadSkipReason(); - if (skipReason) { - core13.debug(`${skipReason}. Waiting for processing is disabled.`); + if (shouldSkipSarifUpload()) { + core13.debug("SARIF upload disabled. Waiting for processing is disabled."); } else if (getRequiredInput("wait-for-processing") === "true") { if (codeScanningResult !== void 0) { await waitForProcessing( diff --git a/src/environment.ts b/src/environment.ts index 6713f57e60..d9b66b67d9 100644 --- a/src/environment.ts +++ b/src/environment.ts @@ -131,7 +131,7 @@ export enum EnvVar { /** * Whether to skip uploading SARIF results to GitHub. Intended for testing purposes. - * This setting is implied by `CODEQL_ACTION_TEST_MODE`, but is more specific. + * This setting is implied by but is more specific than `CODEQL_ACTION_TEST_MODE`. */ SKIP_SARIF_UPLOAD = "CODEQL_ACTION_SKIP_SARIF_UPLOAD", } diff --git a/src/init-action-post-helper.ts b/src/init-action-post-helper.ts index f084e64151..7d46095e91 100644 --- a/src/init-action-post-helper.ts +++ b/src/init-action-post-helper.ts @@ -20,7 +20,7 @@ import { getErrorMessage, getRequiredEnvParam, parseMatrixInput, - getSarifUploadSkipReason, + shouldSkipSarifUpload, wrapError, } from "./util"; import { @@ -80,14 +80,11 @@ async function maybeUploadFailedSarif( if ( !["always", "failure-only"].includes( actionsUtil.getUploadValue(shouldUpload), - ) + ) || + shouldSkipSarifUpload() ) { return { upload_failed_run_skipped_because: "SARIF upload is disabled" }; } - const skipReason = getSarifUploadSkipReason(); - if (skipReason) { - return { upload_failed_run_skipped_because: skipReason }; - } const category = getCategoryInputOrThrow(workflow, jobName, matrix); const checkoutPath = getCheckoutPathInputOrThrow(workflow, jobName, matrix); const databasePath = config.dbLocation; diff --git a/src/upload-lib.ts b/src/upload-lib.ts index ac87b296f7..98d8439ecf 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -357,13 +357,12 @@ async function uploadPayload( logger.info("Uploading results"); // If in test mode we don't want to upload the results, - const skipReason = util.getSarifUploadSkipReason(); - if (skipReason) { + if (util.shouldSkipSarifUpload()) { const payloadSaveFile = path.join( actionsUtil.getTemporaryDirectory(), "payload.json", ); - logger.info(`${skipReason}. Saving to ${payloadSaveFile}`); + logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; diff --git a/src/upload-sarif-action.ts b/src/upload-sarif-action.ts index 60d18c8767..5e6897adad 100644 --- a/src/upload-sarif-action.ts +++ b/src/upload-sarif-action.ts @@ -23,7 +23,7 @@ import { checkDiskUsage, getErrorMessage, initializeEnvironment, - getSarifUploadSkipReason, + shouldSkipSarifUpload, wrapError, } from "./util"; @@ -113,9 +113,8 @@ async function run() { core.setOutput("sarif-ids", JSON.stringify(uploadResults)); // We don't upload results in test mode, so don't wait for processing - const skipReason = getSarifUploadSkipReason(); - if (skipReason) { - core.debug(`${skipReason}. Waiting for processing is disabled.`); + if (shouldSkipSarifUpload()) { + core.debug("SARIF upload disabled. Waiting for processing is disabled."); } else if (actionsUtil.getRequiredInput("wait-for-processing") === "true") { if (codeScanningResult !== undefined) { await upload_lib.waitForProcessing( diff --git a/src/util.ts b/src/util.ts index 1a27bb6903..e1f7a15ecc 100644 --- a/src/util.ts +++ b/src/util.ts @@ -771,16 +771,10 @@ export function isInTestMode(): boolean { } /** - * Returns whether we specifically want to skip uploading SARIF files, and if so, why. + * Returns whether we specifically want to skip uploading SARIF files. */ -export function getSarifUploadSkipReason(): string | null { - if (isInTestMode()) { - return `SARIF upload is disabled via ${EnvVar.TEST_MODE}`; - } - if (process.env[EnvVar.SKIP_SARIF_UPLOAD] === "true") { - return `SARIF upload is disabled via ${EnvVar.SKIP_SARIF_UPLOAD}`; - } - return null; +export function shouldSkipSarifUpload(): boolean { + return isInTestMode() || process.env[EnvVar.SKIP_SARIF_UPLOAD] === "true"; } /** From 00a6e13cbfc3c235afc298030cf9b1728b498130 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Mon, 6 Oct 2025 17:01:42 +0200 Subject: [PATCH 22/59] Tweak SARIF skipping logs --- lib/analyze-action.js | 4 +++- lib/init-action-post.js | 4 +++- lib/upload-lib.js | 4 +++- lib/upload-sarif-action.js | 8 ++++++-- src/upload-lib.ts | 4 +++- src/upload-sarif-action.ts | 4 +++- 6 files changed, 21 insertions(+), 7 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 18725b2fa8..b943c7bd1b 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -95540,7 +95540,9 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { getTemporaryDirectory(), "payload.json" ); - logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); + logger.info( + `SARIF upload disabled via environment variable. Saving to ${payloadSaveFile}` + ); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs18.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 71c2588094..380a1df2dc 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -133016,7 +133016,9 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { getTemporaryDirectory(), "payload.json" ); - logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); + logger.info( + `SARIF upload disabled via environment variable. Saving to ${payloadSaveFile}` + ); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs17.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; diff --git a/lib/upload-lib.js b/lib/upload-lib.js index e8db57e5f6..b7c52233ad 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -92375,7 +92375,9 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { getTemporaryDirectory(), "payload.json" ); - logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); + logger.info( + `SARIF upload disabled via environment variable. Saving to ${payloadSaveFile}` + ); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs13.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index e768a7fe9a..08a236c5e6 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -93047,7 +93047,9 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { getTemporaryDirectory(), "payload.json" ); - logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); + logger.info( + `SARIF upload disabled via environment variable. Saving to ${payloadSaveFile}` + ); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs14.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; @@ -93572,7 +93574,9 @@ async function run() { } core13.setOutput("sarif-ids", JSON.stringify(uploadResults)); if (shouldSkipSarifUpload()) { - core13.debug("SARIF upload disabled. Waiting for processing is disabled."); + core13.debug( + "SARIF upload disabled via environment variable. Waiting for processing is disabled." + ); } else if (getRequiredInput("wait-for-processing") === "true") { if (codeScanningResult !== void 0) { await waitForProcessing( diff --git a/src/upload-lib.ts b/src/upload-lib.ts index 98d8439ecf..8393ddba9f 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -362,7 +362,9 @@ async function uploadPayload( actionsUtil.getTemporaryDirectory(), "payload.json", ); - logger.info(`SARIF upload disabled. Saving to ${payloadSaveFile}`); + logger.info( + `SARIF upload disabled via environment variable. Saving to ${payloadSaveFile}`, + ); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); return "dummy-sarif-id"; diff --git a/src/upload-sarif-action.ts b/src/upload-sarif-action.ts index 5e6897adad..fdc365488f 100644 --- a/src/upload-sarif-action.ts +++ b/src/upload-sarif-action.ts @@ -114,7 +114,9 @@ async function run() { // We don't upload results in test mode, so don't wait for processing if (shouldSkipSarifUpload()) { - core.debug("SARIF upload disabled. Waiting for processing is disabled."); + core.debug( + "SARIF upload disabled via environment variable. Waiting for processing is disabled.", + ); } else if (actionsUtil.getRequiredInput("wait-for-processing") === "true") { if (codeScanningResult !== undefined) { await upload_lib.waitForProcessing( From ff23a55f4d15e7dc85b3c07d33dd1bdf88fe8fad Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Oct 2025 17:02:21 +0000 Subject: [PATCH 23/59] Bump the npm group with 4 updates Bumps the npm group with 4 updates: [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [typescript](https://github.com/microsoft/TypeScript). Updates `@eslint/js` from 9.36.0 to 9.37.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/commits/v9.37.0/packages/js) Updates `@typescript-eslint/eslint-plugin` from 8.44.1 to 8.45.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.45.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.44.1 to 8.45.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.45.0/packages/parser) Updates `typescript` from 5.9.2 to 5.9.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release-publish.yml) - [Commits](https://github.com/microsoft/TypeScript/compare/v5.9.2...v5.9.3) --- updated-dependencies: - dependency-name: "@eslint/js" dependency-version: 9.37.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.45.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@typescript-eslint/parser" dependency-version: 8.45.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: typescript dependency-version: 5.9.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm ... Signed-off-by: dependabot[bot] --- package-lock.json | 220 +++++++++++++++++++++++----------------------- package.json | 6 +- 2 files changed, 113 insertions(+), 113 deletions(-) diff --git a/package-lock.json b/package-lock.json index 911e99ad4d..99ac038b95 100644 --- a/package-lock.json +++ b/package-lock.json @@ -40,7 +40,7 @@ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -51,7 +51,7 @@ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", "ava": "^6.4.1", "esbuild": "^0.25.10", @@ -64,7 +64,7 @@ "glob": "^11.0.3", "nock": "^14.0.10", "sinon": "^21.0.0", - "typescript": "^5.9.2" + "typescript": "^5.9.3" } }, "node_modules/@aashutoshrathi/word-wrap": { @@ -1346,9 +1346,9 @@ } }, "node_modules/@eslint/js": { - "version": "9.36.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.36.0.tgz", - "integrity": "sha512-uhCbYtYynH30iZErszX78U+nR3pJU3RHGQ57NXy5QupD4SBVwDeU8TNBy+MjMngc1UyIW9noKqsRqfjQTBU2dw==", + "version": "9.37.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.37.0.tgz", + "integrity": "sha512-jaS+NJ+hximswBG6pjNX0uEJZkrT0zwpVi3BA3vX22aFGjJjmgSTSmPpZCRKmoBL5VY/M6p0xsSJx7rk7sy5gg==", "dev": true, "license": "MIT", "engines": { @@ -2712,17 +2712,17 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.44.1.tgz", - "integrity": "sha512-molgphGqOBT7t4YKCSkbasmu1tb1MgrZ2szGzHbclF7PNmOkSTQVHy+2jXOSnxvR3+Xe1yySHFZoqMpz3TfQsw==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.45.0.tgz", + "integrity": "sha512-HC3y9CVuevvWCl/oyZuI47dOeDF9ztdMEfMH8/DW/Mhwa9cCLnK1oD7JoTVGW/u7kFzNZUKUoyJEqkaJh5y3Wg==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.44.1", - "@typescript-eslint/type-utils": "8.44.1", - "@typescript-eslint/utils": "8.44.1", - "@typescript-eslint/visitor-keys": "8.44.1", + "@typescript-eslint/scope-manager": "8.45.0", + "@typescript-eslint/type-utils": "8.45.0", + "@typescript-eslint/utils": "8.45.0", + "@typescript-eslint/visitor-keys": "8.45.0", "graphemer": "^1.4.0", "ignore": "^7.0.0", "natural-compare": "^1.4.0", @@ -2736,20 +2736,20 @@ "url": "https://opencollective.com/typescript-eslint" }, "peerDependencies": { - "@typescript-eslint/parser": "^8.44.1", + "@typescript-eslint/parser": "^8.45.0", "eslint": "^8.57.0 || ^9.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.44.1.tgz", - "integrity": "sha512-NdhWHgmynpSvyhchGLXh+w12OMT308Gm25JoRIyTZqEbApiBiQHD/8xgb6LqCWCFcxFtWwaVdFsLPQI3jvhywg==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.45.0.tgz", + "integrity": "sha512-clmm8XSNj/1dGvJeO6VGH7EUSeA0FMs+5au/u3lrA3KfG8iJ4u8ym9/j2tTEoacAffdW1TVUzXO30W1JTJS7dA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.44.1", - "@typescript-eslint/visitor-keys": "8.44.1" + "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/visitor-keys": "8.45.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -2760,9 +2760,9 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.44.1.tgz", - "integrity": "sha512-Lk7uj7y9uQUOEguiDIDLYLJOrYHQa7oBiURYVFqIpGxclAFQ78f6VUOM8lI2XEuNOKNB7XuvM2+2cMXAoq4ALQ==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.45.0.tgz", + "integrity": "sha512-WugXLuOIq67BMgQInIxxnsSyRLFxdkJEJu8r4ngLR56q/4Q5LrbfkFRH27vMTjxEK8Pyz7QfzuZe/G15qQnVRA==", "dev": true, "license": "MIT", "engines": { @@ -2774,16 +2774,16 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.44.1.tgz", - "integrity": "sha512-qnQJ+mVa7szevdEyvfItbO5Vo+GfZ4/GZWWDRRLjrxYPkhM+6zYB2vRYwCsoJLzqFCdZT4mEqyJoyzkunsZ96A==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.45.0.tgz", + "integrity": "sha512-GfE1NfVbLam6XQ0LcERKwdTTPlLvHvXXhOeUGC1OXi4eQBoyy1iVsW+uzJ/J9jtCz6/7GCQ9MtrQ0fml/jWCnA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/project-service": "8.44.1", - "@typescript-eslint/tsconfig-utils": "8.44.1", - "@typescript-eslint/types": "8.44.1", - "@typescript-eslint/visitor-keys": "8.44.1", + "@typescript-eslint/project-service": "8.45.0", + "@typescript-eslint/tsconfig-utils": "8.45.0", + "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/visitor-keys": "8.45.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -2803,16 +2803,16 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/utils": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.44.1.tgz", - "integrity": "sha512-DpX5Fp6edTlocMCwA+mHY8Mra+pPjRZ0TfHkXI8QFelIKcbADQz1LUPNtzOFUriBB2UYqw4Pi9+xV4w9ZczHFg==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.45.0.tgz", + "integrity": "sha512-bxi1ht+tLYg4+XV2knz/F7RVhU0k6VrSMc9sb8DQ6fyCTrGQLHfo7lDtN0QJjZjKkLA2ThrKuCdHEvLReqtIGg==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.7.0", - "@typescript-eslint/scope-manager": "8.44.1", - "@typescript-eslint/types": "8.44.1", - "@typescript-eslint/typescript-estree": "8.44.1" + "@typescript-eslint/scope-manager": "8.45.0", + "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/typescript-estree": "8.45.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -2827,13 +2827,13 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.44.1.tgz", - "integrity": "sha512-576+u0QD+Jp3tZzvfRfxon0EA2lzcDt3lhUbsC6Lgzy9x2VR4E+JUiNyGHi5T8vk0TV+fpJ5GLG1JsJuWCaKhw==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.45.0.tgz", + "integrity": "sha512-qsaFBA3e09MIDAGFUrTk+dzqtfv1XPVz8t8d1f0ybTzrCY7BKiMC5cjrl1O/P7UmHsNyW90EYSkU/ZWpmXelag==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.44.1", + "@typescript-eslint/types": "8.45.0", "eslint-visitor-keys": "^4.2.1" }, "engines": { @@ -2906,16 +2906,16 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.44.1.tgz", - "integrity": "sha512-EHrrEsyhOhxYt8MTg4zTF+DJMuNBzWwgvvOYNj/zm1vnaD/IC5zCXFehZv94Piqa2cRFfXrTFxIvO95L7Qc/cw==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.45.0.tgz", + "integrity": "sha512-TGf22kon8KW+DeKaUmOibKWktRY8b2NSAZNdtWh798COm1NWx8+xJ6iFBtk3IvLdv6+LGLJLRlyhrhEDZWargQ==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/scope-manager": "8.44.1", - "@typescript-eslint/types": "8.44.1", - "@typescript-eslint/typescript-estree": "8.44.1", - "@typescript-eslint/visitor-keys": "8.44.1", + "@typescript-eslint/scope-manager": "8.45.0", + "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/typescript-estree": "8.45.0", + "@typescript-eslint/visitor-keys": "8.45.0", "debug": "^4.3.4" }, "engines": { @@ -2931,14 +2931,14 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/scope-manager": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.44.1.tgz", - "integrity": "sha512-NdhWHgmynpSvyhchGLXh+w12OMT308Gm25JoRIyTZqEbApiBiQHD/8xgb6LqCWCFcxFtWwaVdFsLPQI3jvhywg==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.45.0.tgz", + "integrity": "sha512-clmm8XSNj/1dGvJeO6VGH7EUSeA0FMs+5au/u3lrA3KfG8iJ4u8ym9/j2tTEoacAffdW1TVUzXO30W1JTJS7dA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.44.1", - "@typescript-eslint/visitor-keys": "8.44.1" + "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/visitor-keys": "8.45.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -2949,9 +2949,9 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/types": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.44.1.tgz", - "integrity": "sha512-Lk7uj7y9uQUOEguiDIDLYLJOrYHQa7oBiURYVFqIpGxclAFQ78f6VUOM8lI2XEuNOKNB7XuvM2+2cMXAoq4ALQ==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.45.0.tgz", + "integrity": "sha512-WugXLuOIq67BMgQInIxxnsSyRLFxdkJEJu8r4ngLR56q/4Q5LrbfkFRH27vMTjxEK8Pyz7QfzuZe/G15qQnVRA==", "dev": true, "license": "MIT", "engines": { @@ -2963,16 +2963,16 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.44.1.tgz", - "integrity": "sha512-qnQJ+mVa7szevdEyvfItbO5Vo+GfZ4/GZWWDRRLjrxYPkhM+6zYB2vRYwCsoJLzqFCdZT4mEqyJoyzkunsZ96A==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.45.0.tgz", + "integrity": "sha512-GfE1NfVbLam6XQ0LcERKwdTTPlLvHvXXhOeUGC1OXi4eQBoyy1iVsW+uzJ/J9jtCz6/7GCQ9MtrQ0fml/jWCnA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/project-service": "8.44.1", - "@typescript-eslint/tsconfig-utils": "8.44.1", - "@typescript-eslint/types": "8.44.1", - "@typescript-eslint/visitor-keys": "8.44.1", + "@typescript-eslint/project-service": "8.45.0", + "@typescript-eslint/tsconfig-utils": "8.45.0", + "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/visitor-keys": "8.45.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -2992,13 +2992,13 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.44.1.tgz", - "integrity": "sha512-576+u0QD+Jp3tZzvfRfxon0EA2lzcDt3lhUbsC6Lgzy9x2VR4E+JUiNyGHi5T8vk0TV+fpJ5GLG1JsJuWCaKhw==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.45.0.tgz", + "integrity": "sha512-qsaFBA3e09MIDAGFUrTk+dzqtfv1XPVz8t8d1f0ybTzrCY7BKiMC5cjrl1O/P7UmHsNyW90EYSkU/ZWpmXelag==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.44.1", + "@typescript-eslint/types": "8.45.0", "eslint-visitor-keys": "^4.2.1" }, "engines": { @@ -3062,14 +3062,14 @@ } }, "node_modules/@typescript-eslint/project-service": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.44.1.tgz", - "integrity": "sha512-ycSa60eGg8GWAkVsKV4E6Nz33h+HjTXbsDT4FILyL8Obk5/mx4tbvCNsLf9zret3ipSumAOG89UcCs/KRaKYrA==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.45.0.tgz", + "integrity": "sha512-3pcVHwMG/iA8afdGLMuTibGR7pDsn9RjDev6CCB+naRsSYs2pns5QbinF4Xqw6YC/Sj3lMrm/Im0eMfaa61WUg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/tsconfig-utils": "^8.44.1", - "@typescript-eslint/types": "^8.44.1", + "@typescript-eslint/tsconfig-utils": "^8.45.0", + "@typescript-eslint/types": "^8.45.0", "debug": "^4.3.4" }, "engines": { @@ -3084,9 +3084,9 @@ } }, "node_modules/@typescript-eslint/project-service/node_modules/@typescript-eslint/types": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.44.1.tgz", - "integrity": "sha512-Lk7uj7y9uQUOEguiDIDLYLJOrYHQa7oBiURYVFqIpGxclAFQ78f6VUOM8lI2XEuNOKNB7XuvM2+2cMXAoq4ALQ==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.45.0.tgz", + "integrity": "sha512-WugXLuOIq67BMgQInIxxnsSyRLFxdkJEJu8r4ngLR56q/4Q5LrbfkFRH27vMTjxEK8Pyz7QfzuZe/G15qQnVRA==", "dev": true, "license": "MIT", "engines": { @@ -3116,9 +3116,9 @@ } }, "node_modules/@typescript-eslint/tsconfig-utils": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.44.1.tgz", - "integrity": "sha512-B5OyACouEjuIvof3o86lRMvyDsFwZm+4fBOqFHccIctYgBjqR3qT39FBYGN87khcgf0ExpdCBeGKpKRhSFTjKQ==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.45.0.tgz", + "integrity": "sha512-aFdr+c37sc+jqNMGhH+ajxPXwjv9UtFZk79k8pLoJ6p4y0snmYpPA52GuWHgt2ZF4gRRW6odsEj41uZLojDt5w==", "dev": true, "license": "MIT", "engines": { @@ -3133,15 +3133,15 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.44.1.tgz", - "integrity": "sha512-KdEerZqHWXsRNKjF9NYswNISnFzXfXNDfPxoTh7tqohU/PRIbwTmsjGK6V9/RTYWau7NZvfo52lgVk+sJh0K3g==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.45.0.tgz", + "integrity": "sha512-bpjepLlHceKgyMEPglAeULX1vixJDgaKocp0RVJ5u4wLJIMNuKtUXIczpJCPcn2waII0yuvks/5m5/h3ZQKs0A==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.44.1", - "@typescript-eslint/typescript-estree": "8.44.1", - "@typescript-eslint/utils": "8.44.1", + "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/typescript-estree": "8.45.0", + "@typescript-eslint/utils": "8.45.0", "debug": "^4.3.4", "ts-api-utils": "^2.1.0" }, @@ -3158,14 +3158,14 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/scope-manager": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.44.1.tgz", - "integrity": "sha512-NdhWHgmynpSvyhchGLXh+w12OMT308Gm25JoRIyTZqEbApiBiQHD/8xgb6LqCWCFcxFtWwaVdFsLPQI3jvhywg==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.45.0.tgz", + "integrity": "sha512-clmm8XSNj/1dGvJeO6VGH7EUSeA0FMs+5au/u3lrA3KfG8iJ4u8ym9/j2tTEoacAffdW1TVUzXO30W1JTJS7dA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.44.1", - "@typescript-eslint/visitor-keys": "8.44.1" + "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/visitor-keys": "8.45.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3176,9 +3176,9 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/types": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.44.1.tgz", - "integrity": "sha512-Lk7uj7y9uQUOEguiDIDLYLJOrYHQa7oBiURYVFqIpGxclAFQ78f6VUOM8lI2XEuNOKNB7XuvM2+2cMXAoq4ALQ==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.45.0.tgz", + "integrity": "sha512-WugXLuOIq67BMgQInIxxnsSyRLFxdkJEJu8r4ngLR56q/4Q5LrbfkFRH27vMTjxEK8Pyz7QfzuZe/G15qQnVRA==", "dev": true, "license": "MIT", "engines": { @@ -3190,16 +3190,16 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.44.1.tgz", - "integrity": "sha512-qnQJ+mVa7szevdEyvfItbO5Vo+GfZ4/GZWWDRRLjrxYPkhM+6zYB2vRYwCsoJLzqFCdZT4mEqyJoyzkunsZ96A==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.45.0.tgz", + "integrity": "sha512-GfE1NfVbLam6XQ0LcERKwdTTPlLvHvXXhOeUGC1OXi4eQBoyy1iVsW+uzJ/J9jtCz6/7GCQ9MtrQ0fml/jWCnA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/project-service": "8.44.1", - "@typescript-eslint/tsconfig-utils": "8.44.1", - "@typescript-eslint/types": "8.44.1", - "@typescript-eslint/visitor-keys": "8.44.1", + "@typescript-eslint/project-service": "8.45.0", + "@typescript-eslint/tsconfig-utils": "8.45.0", + "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/visitor-keys": "8.45.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -3219,16 +3219,16 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/utils": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.44.1.tgz", - "integrity": "sha512-DpX5Fp6edTlocMCwA+mHY8Mra+pPjRZ0TfHkXI8QFelIKcbADQz1LUPNtzOFUriBB2UYqw4Pi9+xV4w9ZczHFg==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.45.0.tgz", + "integrity": "sha512-bxi1ht+tLYg4+XV2knz/F7RVhU0k6VrSMc9sb8DQ6fyCTrGQLHfo7lDtN0QJjZjKkLA2ThrKuCdHEvLReqtIGg==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.7.0", - "@typescript-eslint/scope-manager": "8.44.1", - "@typescript-eslint/types": "8.44.1", - "@typescript-eslint/typescript-estree": "8.44.1" + "@typescript-eslint/scope-manager": "8.45.0", + "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/typescript-estree": "8.45.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3243,13 +3243,13 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.44.1", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.44.1.tgz", - "integrity": "sha512-576+u0QD+Jp3tZzvfRfxon0EA2lzcDt3lhUbsC6Lgzy9x2VR4E+JUiNyGHi5T8vk0TV+fpJ5GLG1JsJuWCaKhw==", + "version": "8.45.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.45.0.tgz", + "integrity": "sha512-qsaFBA3e09MIDAGFUrTk+dzqtfv1XPVz8t8d1f0ybTzrCY7BKiMC5cjrl1O/P7UmHsNyW90EYSkU/ZWpmXelag==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.44.1", + "@typescript-eslint/types": "8.45.0", "eslint-visitor-keys": "^4.2.1" }, "engines": { @@ -9043,9 +9043,9 @@ } }, "node_modules/typescript": { - "version": "5.9.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.2.tgz", - "integrity": "sha512-CWBzXQrc/qOkhidw1OzBTQuYRbfyxDXJMVJ1XNwUHGROVmuaeiEm3OslpZ1RV96d7SKKjZKrSJu3+t/xlw3R9A==", + "version": "5.9.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz", + "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==", "dev": true, "license": "Apache-2.0", "bin": { diff --git a/package.json b/package.json index 32b427bb41..de76813dcf 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -66,7 +66,7 @@ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", "ava": "^6.4.1", "esbuild": "^0.25.10", @@ -79,7 +79,7 @@ "glob": "^11.0.3", "nock": "^14.0.10", "sinon": "^21.0.0", - "typescript": "^5.9.2" + "typescript": "^5.9.3" }, "overrides": { "@actions/tool-cache": { From 6877465dc11a53252c0a744b3aa89611fd96f555 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 6 Oct 2025 17:03:52 +0000 Subject: [PATCH 24/59] Rebuild --- lib/analyze-action-post.js | 6 +++--- lib/analyze-action.js | 6 +++--- lib/autobuild-action.js | 6 +++--- lib/init-action-post.js | 6 +++--- lib/init-action.js | 6 +++--- lib/resolve-environment-action.js | 6 +++--- lib/start-proxy-action-post.js | 6 +++--- lib/start-proxy-action.js | 6 +++--- lib/upload-lib.js | 6 +++--- lib/upload-sarif-action-post.js | 6 +++--- lib/upload-sarif-action.js | 6 +++--- 11 files changed, 33 insertions(+), 33 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index a9b163bc16..78ce6d189b 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -26493,7 +26493,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -26504,7 +26504,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -26517,7 +26517,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { diff --git a/lib/analyze-action.js b/lib/analyze-action.js index c2788900b3..35469b85ab 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -32342,7 +32342,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -32353,7 +32353,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -32366,7 +32366,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 4cde47d65b..38dd5f0f76 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -26493,7 +26493,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -26504,7 +26504,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -26517,7 +26517,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index e138420a3e..dc60421745 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -32342,7 +32342,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -32353,7 +32353,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -32366,7 +32366,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { diff --git a/lib/init-action.js b/lib/init-action.js index 2f509ad0ee..b30c464bd7 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -32342,7 +32342,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -32353,7 +32353,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -32366,7 +32366,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 67cb394e74..564b992c83 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -26493,7 +26493,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -26504,7 +26504,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -26517,7 +26517,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index a52eadfc51..49d4a5dfde 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -26493,7 +26493,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -26504,7 +26504,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -26517,7 +26517,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index f262402cf9..6c2f32a56a 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -45029,7 +45029,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -45040,7 +45040,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -45053,7 +45053,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index a6342ff212..5ad15cbbd5 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -33639,7 +33639,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -33650,7 +33650,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -33663,7 +33663,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 233b73d473..f696a04eab 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -26493,7 +26493,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -26504,7 +26504,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -26517,7 +26517,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 7ad72583b5..b46f9ad391 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -32342,7 +32342,7 @@ var require_package = __commonJS({ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.4.0", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.36.0", + "@eslint/js": "^9.37.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@octokit/types": "^15.0.0", "@types/archiver": "^6.0.3", @@ -32353,7 +32353,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.44.1", + "@typescript-eslint/eslint-plugin": "^8.45.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", @@ -32366,7 +32366,7 @@ var require_package = __commonJS({ glob: "^11.0.3", nock: "^14.0.10", sinon: "^21.0.0", - typescript: "^5.9.2" + typescript: "^5.9.3" }, overrides: { "@actions/tool-cache": { From 86b2ad66467bec6e0e45071af0ff547052830425 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 7 Oct 2025 10:36:45 +0200 Subject: [PATCH 25/59] Remove unneeded comment --- src/upload-lib.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/src/upload-lib.ts b/src/upload-lib.ts index 8393ddba9f..68e2004d86 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -356,7 +356,6 @@ async function uploadPayload( ): Promise { logger.info("Uploading results"); - // If in test mode we don't want to upload the results, if (util.shouldSkipSarifUpload()) { const payloadSaveFile = path.join( actionsUtil.getTemporaryDirectory(), From 1b09eb4cccffa2e41a48a47920632069b9896201 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 7 Oct 2025 17:16:28 +0200 Subject: [PATCH 26/59] Address review --- lib/analyze-action.js | 2 +- lib/init-action-post.js | 2 +- lib/upload-lib.js | 2 +- lib/upload-sarif-action.js | 4 ++-- src/upload-lib.ts | 2 +- src/upload-sarif-action.ts | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 8f2d4578ab..d7bddb8524 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -95541,7 +95541,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { "payload.json" ); logger.info( - `SARIF upload disabled via environment variable. Saving to ${payloadSaveFile}` + `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}` ); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs18.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 007d941af2..cf52eb88a1 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -133017,7 +133017,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { "payload.json" ); logger.info( - `SARIF upload disabled via environment variable. Saving to ${payloadSaveFile}` + `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}` ); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs17.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 295f777e81..83ee93767d 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -92376,7 +92376,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { "payload.json" ); logger.info( - `SARIF upload disabled via environment variable. Saving to ${payloadSaveFile}` + `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}` ); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs13.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 3c0b78c980..0df2148364 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -93048,7 +93048,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { "payload.json" ); logger.info( - `SARIF upload disabled via environment variable. Saving to ${payloadSaveFile}` + `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}` ); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs14.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); @@ -93575,7 +93575,7 @@ async function run() { core13.setOutput("sarif-ids", JSON.stringify(uploadResults)); if (shouldSkipSarifUpload()) { core13.debug( - "SARIF upload disabled via environment variable. Waiting for processing is disabled." + "SARIF upload disabled by an environment variable. Waiting for processing is disabled." ); } else if (getRequiredInput("wait-for-processing") === "true") { if (codeScanningResult !== void 0) { diff --git a/src/upload-lib.ts b/src/upload-lib.ts index 68e2004d86..f3db971941 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -362,7 +362,7 @@ async function uploadPayload( "payload.json", ); logger.info( - `SARIF upload disabled via environment variable. Saving to ${payloadSaveFile}`, + `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`, ); logger.info(`Payload: ${JSON.stringify(payload, null, 2)}`); fs.writeFileSync(payloadSaveFile, JSON.stringify(payload, null, 2)); diff --git a/src/upload-sarif-action.ts b/src/upload-sarif-action.ts index fdc365488f..a2ef43eb44 100644 --- a/src/upload-sarif-action.ts +++ b/src/upload-sarif-action.ts @@ -115,7 +115,7 @@ async function run() { // We don't upload results in test mode, so don't wait for processing if (shouldSkipSarifUpload()) { core.debug( - "SARIF upload disabled via environment variable. Waiting for processing is disabled.", + "SARIF upload disabled by an environment variable. Waiting for processing is disabled.", ); } else if (actionsUtil.getRequiredInput("wait-for-processing") === "true") { if (codeScanningResult !== undefined) { From 074940162c06b3f860d5f16878dffaf19c4e3d1a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 7 Oct 2025 15:22:00 +0000 Subject: [PATCH 27/59] Update changelog and version after v4.30.7 --- CHANGELOG.md | 4 ++++ package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 692c42bf3b..ca3d59c6eb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. +## [UNRELEASED] + +No user facing changes. + ## 4.30.7 - 06 Oct 2025 - [v4+ only] The CodeQL Action now runs on Node.js v24. [#3169](https://github.com/github/codeql-action/pull/3169) diff --git a/package-lock.json b/package-lock.json index e4854d5dd5..823bd7cf86 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "4.30.7", + "version": "4.30.8", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "4.30.7", + "version": "4.30.8", "license": "MIT", "dependencies": { "@actions/artifact": "^2.3.1", diff --git a/package.json b/package.json index 9dc0420b3f..c38dceb582 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "4.30.7", + "version": "4.30.8", "private": true, "description": "CodeQL action", "scripts": { From d95a3b53f835a6da022a62f657318fb1174ccf09 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 7 Oct 2025 16:01:48 +0000 Subject: [PATCH 28/59] Rebuild --- lib/analyze-action-post.js | 2 +- lib/analyze-action.js | 2 +- lib/autobuild-action.js | 2 +- lib/init-action-post.js | 2 +- lib/init-action.js | 2 +- lib/resolve-environment-action.js | 2 +- lib/start-proxy-action-post.js | 2 +- lib/start-proxy-action.js | 2 +- lib/upload-lib.js | 2 +- lib/upload-sarif-action-post.js | 2 +- lib/upload-sarif-action.js | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index 983b67d687..cff080b239 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -26438,7 +26438,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 559095bb95..87a384900d 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -32287,7 +32287,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 8ffe26946e..acdcdd44d0 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -26438,7 +26438,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 7bb815261a..29ec24c684 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -32287,7 +32287,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action.js b/lib/init-action.js index 2c7de3d12e..bdd8c5d8c4 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -32287,7 +32287,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 17ff683ca6..af32f15fac 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -26438,7 +26438,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index d69dbbf58d..c24e017da2 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -26438,7 +26438,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 2bc7948530..a315dd2577 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -44974,7 +44974,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 6aa122acab..80bd932d72 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -33584,7 +33584,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 48a864733b..45d172ab90 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -26438,7 +26438,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 7579272b8b..a3b11393ff 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -32287,7 +32287,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.7", + version: "4.30.8", private: true, description: "CodeQL action", scripts: { From 7892cb23624826b766a794f0b556f535be85ce12 Mon Sep 17 00:00:00 2001 From: Nick Rolfe Date: Tue, 7 Oct 2025 11:54:12 +0100 Subject: [PATCH 29/59] Overlays: allow any build mode for Go We have a check that a traced language can only run overlay analysis with build-mode: none, but Go does not currently declare support for BMN, even though it has a similar autobuild mode that will work for overlay analysis. This commit adds a hard-coded exception to that check, allowing any build mode for Go. This is intended as a short-term solution until Go declares BMN support. It should be safe, since we can choose not to enable the feature flag for Go repos using traced builds. --- lib/init-action.js | 8 +++++++- src/config-utils.ts | 9 ++++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/lib/init-action.js b/lib/init-action.js index 2f509ad0ee..c7419b09a3 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -87860,7 +87860,13 @@ async function getOverlayDatabaseMode(codeql, repository, features, languages, s return nonOverlayAnalysis; } if (buildMode !== "none" /* None */ && (await Promise.all( - languages.map(async (l) => await codeql.isTracedLanguage(l)) + languages.map( + async (l) => l !== "go" /* go */ && // Workaround to allow overlay analysis for Go with any build + // mode, since it does not yet support BMN. The Go autobuilder and/or extractor will + // ensure that overlay-base databases are only created for supported Go build setups, + // and that we'll fall back to full databases in other cases. + await codeql.isTracedLanguage(l) + ) )).some(Boolean)) { logger.warning( `Cannot build an ${overlayDatabaseMode} database because build-mode is set to "${buildMode}" instead of "none". Falling back to creating a normal full database instead.` diff --git a/src/config-utils.ts b/src/config-utils.ts index fe4b392ab2..e6c87bf5a6 100644 --- a/src/config-utils.ts +++ b/src/config-utils.ts @@ -723,7 +723,14 @@ export async function getOverlayDatabaseMode( buildMode !== BuildMode.None && ( await Promise.all( - languages.map(async (l) => await codeql.isTracedLanguage(l)), + languages.map( + async (l) => + l !== KnownLanguage.go && // Workaround to allow overlay analysis for Go with any build + // mode, since it does not yet support BMN. The Go autobuilder and/or extractor will + // ensure that overlay-base databases are only created for supported Go build setups, + // and that we'll fall back to full databases in other cases. + (await codeql.isTracedLanguage(l)), + ), ) ).some(Boolean) ) { From d05f2255a087b7661ba811697734d364a4001eae Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Wed, 8 Oct 2025 09:33:02 +0200 Subject: [PATCH 30/59] Tweak comment --- src/environment.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/environment.ts b/src/environment.ts index d9b66b67d9..7f554c7627 100644 --- a/src/environment.ts +++ b/src/environment.ts @@ -131,7 +131,7 @@ export enum EnvVar { /** * Whether to skip uploading SARIF results to GitHub. Intended for testing purposes. - * This setting is implied by but is more specific than `CODEQL_ACTION_TEST_MODE`. + * This setting is more specific than `CODEQL_ACTION_TEST_MODE`, which implies this option. */ SKIP_SARIF_UPLOAD = "CODEQL_ACTION_SKIP_SARIF_UPLOAD", } From 4489a63a9d3dd91540663e818372716c94e09163 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 7 Oct 2025 11:33:54 +0200 Subject: [PATCH 31/59] Add unit tests for uploadSpecifiedFiles --- src/upload-lib.test.ts | 455 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 441 insertions(+), 14 deletions(-) diff --git a/src/upload-lib.test.ts b/src/upload-lib.test.ts index a1fdf218e1..640338f083 100644 --- a/src/upload-lib.test.ts +++ b/src/upload-lib.test.ts @@ -1,13 +1,26 @@ import * as fs from "fs"; import * as path from "path"; +import zlib from "zlib"; import test from "ava"; +import * as sinon from "sinon"; +import * as actionsUtil from "./actions-util"; import { AnalysisKind, CodeQuality, CodeScanning } from "./analyses"; +import * as api from "./api-client"; +import * as codeqlModule from "./codeql"; +import * as configUtils from "./config-utils"; +import * as fingerprints from "./fingerprints"; +import * as gitUtils from "./git-utils"; import { getRunnerLogger, Logger } from "./logging"; -import { setupTests } from "./testing-utils"; +import { createFeatures, setupTests } from "./testing-utils"; import * as uploadLib from "./upload-lib"; -import { GitHubVariant, initializeEnvironment, withTmpDir } from "./util"; +import { + GitHubVariant, + initializeEnvironment, + SarifFile, + withTmpDir, +} from "./util"; setupTests(test); @@ -851,19 +864,433 @@ test("shouldConsiderInvalidRequest returns correct recognises processing errors" t.false(uploadLib.shouldConsiderInvalidRequest(error3)); }); +// Helper function to set up common environment variables for upload tests +function setupUploadEnvironment( + tmpDir: string, + extraVars?: Record, +) { + const originalEnv: Record = {}; + + // Define all environment variables we might set + const envVars = { + RUNNER_TEMP: tmpDir, + GITHUB_EVENT_NAME: "push", + GITHUB_WORKFLOW: "test-workflow", + GITHUB_REPOSITORY: "owner/repo", + GITHUB_RUN_ID: "123", + GITHUB_RUN_ATTEMPT: "1", + ...extraVars, + }; + + // Save original values and set new ones + for (const [key, value] of Object.entries(envVars)) { + originalEnv[key] = process.env[key]; + process.env[key] = value; + } + + // Return a cleanup function that restores the original environment + return () => { + for (const [key, originalValue] of Object.entries(originalEnv)) { + if (originalValue === undefined) { + delete process.env[key]; + } else { + process.env[key] = originalValue; + } + } + }; +} + +// Helper function to stub common external dependencies for upload tests +function stubUploadDependencies() { + sinon.stub(api, "getGitHubVersion").resolves({ + type: GitHubVariant.DOTCOM, + }); + sinon.stub(api, "getAnalysisKey").resolves("test-key"); + sinon.stub(actionsUtil, "getRequiredInput").returns("{}"); + const addFingerprintsStub = sinon + .stub(fingerprints, "addFingerprints") + .resolvesArg(0); + sinon.stub(gitUtils, "getCommitOid").resolves("abc123"); + sinon.stub(gitUtils, "getRef").resolves("refs/heads/main"); + sinon.stub(gitUtils, "determineBaseBranchHeadCommitOid").resolves(undefined); + + return { addFingerprintsStub }; +} + +test("uploadSpecifiedFiles - single SARIF file", async (t) => { + await withTmpDir(async (tmpDir) => { + const logger = getRunnerLogger(true); + const features = createFeatures([]); + const sarifPath = path.join(tmpDir, "test.sarif"); + const checkoutPath = tmpDir; + + // Create a valid SARIF file + const mockSarif = createMockSarif("test-id", "TestTool"); + fs.writeFileSync(sarifPath, JSON.stringify(mockSarif)); + + const cleanupEnv = setupUploadEnvironment(tmpDir, { + CODEQL_ACTION_SKIP_SARIF_UPLOAD: "true", + }); + const { addFingerprintsStub } = stubUploadDependencies(); + + try { + const result = await uploadLib.uploadSpecifiedFiles( + [sarifPath], + checkoutPath, + "test-category", + features, + logger, + CodeScanning, + ); + + // Verify the result + t.is(result.sarifID, "dummy-sarif-id"); + t.truthy(result.statusReport.raw_upload_size_bytes); + t.truthy(result.statusReport.zipped_upload_size_bytes); + t.is(result.statusReport.num_results_in_sarif, 0); + + // Verify external dependencies were called + t.true(addFingerprintsStub.calledOnce); + } finally { + sinon.restore(); + cleanupEnv(); + } + }); +}); + +test("uploadSpecifiedFiles - multiple SARIF files", async (t) => { + await withTmpDir(async (tmpDir) => { + const logger = getRunnerLogger(true); + const features = createFeatures([]); + const sarifPath1 = path.join(tmpDir, "test1.sarif"); + const sarifPath2 = path.join(tmpDir, "test2.sarif"); + const checkoutPath = tmpDir; + + // Create valid SARIF files with CodeQL as the tool name to trigger CLI merge + const mockSarif1 = createMockSarif("test-id-1", "CodeQL"); + const mockSarif2 = createMockSarif("test-id-2", "CodeQL"); + fs.writeFileSync(sarifPath1, JSON.stringify(mockSarif1)); + fs.writeFileSync(sarifPath2, JSON.stringify(mockSarif2)); + + // Set up environment WITHOUT skip flags to perform actual upload + const cleanupEnv = setupUploadEnvironment(tmpDir); + stubUploadDependencies(); + + // Create a mock combined SARIF that will be "returned" by mergeResults + const mockCombinedSarif = createMockSarif("combined-id", "CombinedTool"); + + // Mock CodeQL CLI with a spy to verify inputs + const mergeResultsStub = sinon + .stub() + .callsFake(async (_inputs: string[], output: string) => { + // Write the mock combined SARIF to the output file + fs.writeFileSync(output, JSON.stringify(mockCombinedSarif)); + }); + + sinon.stub(codeqlModule, "getCodeQL").resolves({ + supportsFeature: async () => true, + mergeResults: mergeResultsStub, + } as unknown as codeqlModule.CodeQL); + + // Mock getConfig to return a config with our mocked CodeQL + sinon.stub(configUtils, "getConfig").resolves({ + codeQLCmd: "/fake/codeql", + tempDir: tmpDir, + } as unknown as configUtils.Config); + + // Mock the API client to capture the upload request + const mockApiClient = { + request: sinon.stub().resolves({ + status: 200, + data: { id: "combined-sarif-id-456" }, + }), + }; + // eslint-disable-next-line @typescript-eslint/no-unsafe-argument + sinon.stub(api, "getApiClient").returns(mockApiClient as any); + + try { + const result = await uploadLib.uploadSpecifiedFiles( + [sarifPath1, sarifPath2], + checkoutPath, + "test-category", + features, + logger, + CodeScanning, + ); + + // Verify the result uses the uploaded ID + t.is(result.sarifID, "combined-sarif-id-456"); + t.truthy(result.statusReport.raw_upload_size_bytes); + + // Verify the API was called + t.true(mockApiClient.request.calledOnce); + + // Verify the uploaded payload contains the combined SARIF from our mock + const uploadCall = mockApiClient.request.getCall(0); + const uploadPayload = uploadCall.args[1]; + + // Decode and verify the uploaded SARIF matches what our mock produced + const uploadedSarifBase64 = uploadPayload.data.sarif as string; + const uploadedSarifGzipped = Buffer.from(uploadedSarifBase64, "base64"); + const uploadedSarifJson = zlib + .gunzipSync(uploadedSarifGzipped) + .toString(); + const uploadedSarif = JSON.parse(uploadedSarifJson) as SarifFile; + + // Verify it contains the combined SARIF data from our CodeQL mock + t.is(uploadedSarif.runs[0].automationDetails?.id, "combined-id"); + t.is(uploadedSarif.runs[0].tool?.driver?.name, "CombinedTool"); + + // Verify mergeResults was called with the correct input files + t.true(mergeResultsStub.calledOnce); + const mergeCall = mergeResultsStub.getCall(0); + const inputPaths = mergeCall.args[0]; + t.deepEqual(inputPaths, [sarifPath1, sarifPath2]); + } finally { + sinon.restore(); + cleanupEnv(); + } + }); +}); + +test("uploadSpecifiedFiles - category is fixed by upload target on quality sarif", async (t) => { + await withTmpDir(async (tmpDir) => { + const logger = getRunnerLogger(true); + const features = createFeatures([]); + const sarifPath = path.join(tmpDir, "test.quality.sarif"); + const checkoutPath = tmpDir; + + // Create a SARIF without automationDetails so the category will be applied + const mockSarif = createMockSarif(undefined, "QualityTool"); + fs.writeFileSync(sarifPath, JSON.stringify(mockSarif)); + + // Set up environment WITHOUT skip flags to perform actual upload + // Set GITHUB_EVENT_NAME to "dynamic" to enable isDefaultSetup() check + const cleanupEnv = setupUploadEnvironment(tmpDir, { + GITHUB_EVENT_NAME: "dynamic", + }); + stubUploadDependencies(); + + // Mock the API client to capture the upload request + const mockApiClient = { + request: sinon.stub().resolves({ + status: 200, + data: { id: "quality-sarif-id-789" }, + }), + }; + sinon.stub(api, "getApiClient").returns( + // eslint-disable-next-line @typescript-eslint/no-unsafe-argument + mockApiClient as any, + ); + + try { + const result = await uploadLib.uploadSpecifiedFiles( + [sarifPath], + checkoutPath, + "/language:c#", + features, + logger, + CodeQuality, + ); + + // Verify actual upload happened + t.is(result.sarifID, "quality-sarif-id-789"); + t.true(mockApiClient.request.calledOnce); + + // Verify the category was fixed from /language:c# to /language:csharp + const uploadCall = mockApiClient.request.getCall(0); + const uploadPayload = uploadCall.args[1]; + + // Decode and verify the uploaded SARIF contains the fixed category + const uploadedSarifBase64 = uploadPayload.data.sarif as string; + const uploadedSarifGzipped = Buffer.from(uploadedSarifBase64, "base64"); + const uploadedSarifJson = zlib + .gunzipSync(uploadedSarifGzipped) + .toString(); + const uploadedSarif = JSON.parse(uploadedSarifJson) as SarifFile; + + // The automation details id should have been updated to use csharp instead of c# + t.is(uploadedSarif.runs[0].automationDetails?.id, "/language:csharp/"); + } finally { + sinon.restore(); + cleanupEnv(); + } + }); +}); + +test("uploadSpecifiedFiles - dumps SARIF when SARIF_DUMP_DIR is set", async (t) => { + await withTmpDir(async (tmpDir) => { + const logger = getRunnerLogger(true); + const features = createFeatures([]); + const sarifPath = path.join(tmpDir, "test.sarif"); + const dumpDir = path.join(tmpDir, "dump"); + const checkoutPath = tmpDir; + + fs.mkdirSync(dumpDir); + const mockSarif = createMockSarif("test-id", "TestTool"); + fs.writeFileSync(sarifPath, JSON.stringify(mockSarif)); + + const cleanupEnv = setupUploadEnvironment(tmpDir, { + CODEQL_ACTION_SARIF_DUMP_DIR: dumpDir, + CODEQL_ACTION_SKIP_SARIF_UPLOAD: "true", + }); + stubUploadDependencies(); + + try { + await uploadLib.uploadSpecifiedFiles( + [sarifPath], + checkoutPath, + "test-category", + features, + logger, + CodeScanning, + ); + + // Verify SARIF was dumped + const dumpedFile = path.join( + dumpDir, + `upload${CodeScanning.sarifExtension}`, + ); + t.true(fs.existsSync(dumpedFile)); + } finally { + sinon.restore(); + cleanupEnv(); + } + }); +}); + +test("uploadSpecifiedFiles - performs actual upload when skip flags are not set", async (t) => { + await withTmpDir(async (tmpDir) => { + const logger = getRunnerLogger(true); + const features = createFeatures([]); + const sarifPath = path.join(tmpDir, "test.sarif"); + const checkoutPath = tmpDir; + + const mockSarif = createMockSarif("test-id", "TestTool"); + fs.writeFileSync(sarifPath, JSON.stringify(mockSarif)); + + // Set up environment WITHOUT skip flags + const cleanupEnv = setupUploadEnvironment(tmpDir); + stubUploadDependencies(); + + // Mock the API client to capture the upload request + const mockApiClient = { + request: sinon.stub().resolves({ + status: 200, + data: { id: "real-sarif-id-123" }, + }), + }; + sinon.stub(api, "getApiClient").returns( + // eslint-disable-next-line @typescript-eslint/no-unsafe-argument + mockApiClient as any, + ); + + try { + const result = await uploadLib.uploadSpecifiedFiles( + [sarifPath], + checkoutPath, + "test-category", + features, + logger, + CodeScanning, + ); + + // Verify actual upload happened + t.is(result.sarifID, "real-sarif-id-123"); + t.true(mockApiClient.request.calledOnce); + + // Verify the upload target was correct + const uploadCall = mockApiClient.request.getCall(0); + t.is(uploadCall.args[0], CodeScanning.target); + + // Verify payload structure + const uploadPayload = uploadCall.args[1]; + t.truthy(uploadPayload.data.sarif); + t.is(uploadPayload.data.commit_oid, "abc123"); + t.is(uploadPayload.data.ref, "refs/heads/main"); + } finally { + sinon.restore(); + cleanupEnv(); + } + }); +}); + +test("uploadSpecifiedFiles - skips upload when CODEQL_ACTION_TEST_MODE is set", async (t) => { + await withTmpDir(async (tmpDir) => { + const logger = getRunnerLogger(true); + const features = createFeatures([]); + const sarifPath = path.join(tmpDir, "test.sarif"); + const checkoutPath = tmpDir; + + const mockSarif = createMockSarif("test-id", "TestTool"); + fs.writeFileSync(sarifPath, JSON.stringify(mockSarif)); + + // Set up environment with TEST_MODE instead of SKIP_SARIF_UPLOAD + const cleanupEnv = setupUploadEnvironment(tmpDir, { + CODEQL_ACTION_TEST_MODE: "true", + }); + stubUploadDependencies(); + + // Mock the API client - this should NOT be called + const mockApiClient = { + request: sinon.stub().resolves({ + status: 200, + data: { id: "should-not-be-used" }, + }), + }; + sinon.stub(api, "getApiClient").returns( + // eslint-disable-next-line @typescript-eslint/no-unsafe-argument + mockApiClient as any, + ); + + try { + const result = await uploadLib.uploadSpecifiedFiles( + [sarifPath], + checkoutPath, + "test-category", + features, + logger, + CodeScanning, + ); + + // Verify upload was skipped + t.is(result.sarifID, "dummy-sarif-id"); + t.false( + mockApiClient.request.called, + "API request should not be called when in test mode", + ); + + // Verify payload was saved to file instead + const payloadFile = path.join(tmpDir, "payload.json"); + t.true(fs.existsSync(payloadFile)); + + const savedPayload = JSON.parse(fs.readFileSync(payloadFile, "utf8")); + t.truthy(savedPayload.sarif); + t.is(savedPayload.commit_oid, "abc123"); + } finally { + sinon.restore(); + cleanupEnv(); + } + }); +}); + function createMockSarif(id?: string, tool?: string) { - return { - runs: [ - { - automationDetails: { - id, - }, - tool: { - driver: { - name: tool, - }, - }, + const run: any = { + tool: { + driver: { + name: tool, }, - ], + }, + results: [], + }; + + // Only include automationDetails if id is provided + if (id !== undefined) { + run.automationDetails = { id }; + } + + return { + version: "2.1.0", + runs: [run], }; } From a57997f2d225266d6c3e3a9a2dc598b9e0db048a Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 7 Oct 2025 17:22:05 +0200 Subject: [PATCH 32/59] Fix test after rebase --- src/upload-lib.test.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/upload-lib.test.ts b/src/upload-lib.test.ts index 640338f083..8117c08160 100644 --- a/src/upload-lib.test.ts +++ b/src/upload-lib.test.ts @@ -1053,7 +1053,7 @@ test("uploadSpecifiedFiles - multiple SARIF files", async (t) => { }); }); -test("uploadSpecifiedFiles - category is fixed by upload target on quality sarif", async (t) => { +test("uploadSpecifiedFiles - category is mapped when doing code quality", async (t) => { await withTmpDir(async (tmpDir) => { const logger = getRunnerLogger(true); const features = createFeatures([]); @@ -1261,7 +1261,7 @@ test("uploadSpecifiedFiles - skips upload when CODEQL_ACTION_TEST_MODE is set", ); // Verify payload was saved to file instead - const payloadFile = path.join(tmpDir, "payload.json"); + const payloadFile = path.join(tmpDir, "payload-code-scanning.json"); t.true(fs.existsSync(payloadFile)); const savedPayload = JSON.parse(fs.readFileSync(payloadFile, "utf8")); From 621809b2392b9cfd88a6dcb318a8447b9508d080 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Wed, 8 Oct 2025 12:24:49 +0200 Subject: [PATCH 33/59] Address copilot review --- src/upload-lib.test.ts | 81 +++++++++++++++++------------------------- 1 file changed, 33 insertions(+), 48 deletions(-) diff --git a/src/upload-lib.test.ts b/src/upload-lib.test.ts index 8117c08160..bccdb0140d 100644 --- a/src/upload-lib.test.ts +++ b/src/upload-lib.test.ts @@ -1,10 +1,14 @@ +// Node.js built-in modules import * as fs from "fs"; import * as path from "path"; import zlib from "zlib"; +// External dependencies +import * as github from "@actions/github"; import test from "ava"; import * as sinon from "sinon"; +// Internal modules import * as actionsUtil from "./actions-util"; import { AnalysisKind, CodeQuality, CodeScanning } from "./analyses"; import * as api from "./api-client"; @@ -917,6 +921,21 @@ function stubUploadDependencies() { return { addFingerprintsStub }; } +// Helper function to stub the API client for upload tests +function stubApiClientForUpload(sarifId: string) { + const mockApiClient = github.getOctokit("123"); + const requestStub = sinon + .stub(mockApiClient, "request") + // eslint-disable-next-line @typescript-eslint/no-unsafe-argument + .resolves({ + status: 200, + data: { id: sarifId }, + } as any); + sinon.stub(api, "getApiClient").value(() => mockApiClient); + + return { requestStub }; +} + test("uploadSpecifiedFiles - single SARIF file", async (t) => { await withTmpDir(async (tmpDir) => { const logger = getRunnerLogger(true); @@ -999,14 +1018,7 @@ test("uploadSpecifiedFiles - multiple SARIF files", async (t) => { } as unknown as configUtils.Config); // Mock the API client to capture the upload request - const mockApiClient = { - request: sinon.stub().resolves({ - status: 200, - data: { id: "combined-sarif-id-456" }, - }), - }; - // eslint-disable-next-line @typescript-eslint/no-unsafe-argument - sinon.stub(api, "getApiClient").returns(mockApiClient as any); + const { requestStub } = stubApiClientForUpload("combined-sarif-id-456"); try { const result = await uploadLib.uploadSpecifiedFiles( @@ -1023,11 +1035,11 @@ test("uploadSpecifiedFiles - multiple SARIF files", async (t) => { t.truthy(result.statusReport.raw_upload_size_bytes); // Verify the API was called - t.true(mockApiClient.request.calledOnce); + t.true(requestStub.calledOnce); // Verify the uploaded payload contains the combined SARIF from our mock - const uploadCall = mockApiClient.request.getCall(0); - const uploadPayload = uploadCall.args[1]; + const uploadCall = requestStub.getCall(0); + const uploadPayload = uploadCall.args[1] as any; // Decode and verify the uploaded SARIF matches what our mock produced const uploadedSarifBase64 = uploadPayload.data.sarif as string; @@ -1072,16 +1084,7 @@ test("uploadSpecifiedFiles - category is mapped when doing code quality", async stubUploadDependencies(); // Mock the API client to capture the upload request - const mockApiClient = { - request: sinon.stub().resolves({ - status: 200, - data: { id: "quality-sarif-id-789" }, - }), - }; - sinon.stub(api, "getApiClient").returns( - // eslint-disable-next-line @typescript-eslint/no-unsafe-argument - mockApiClient as any, - ); + const { requestStub } = stubApiClientForUpload("quality-sarif-id-789"); try { const result = await uploadLib.uploadSpecifiedFiles( @@ -1095,11 +1098,11 @@ test("uploadSpecifiedFiles - category is mapped when doing code quality", async // Verify actual upload happened t.is(result.sarifID, "quality-sarif-id-789"); - t.true(mockApiClient.request.calledOnce); + t.true(requestStub.calledOnce); // Verify the category was fixed from /language:c# to /language:csharp - const uploadCall = mockApiClient.request.getCall(0); - const uploadPayload = uploadCall.args[1]; + const uploadCall = requestStub.getCall(0); + const uploadPayload = uploadCall.args[1] as any; // Decode and verify the uploaded SARIF contains the fixed category const uploadedSarifBase64 = uploadPayload.data.sarif as string; @@ -1174,16 +1177,7 @@ test("uploadSpecifiedFiles - performs actual upload when skip flags are not set" stubUploadDependencies(); // Mock the API client to capture the upload request - const mockApiClient = { - request: sinon.stub().resolves({ - status: 200, - data: { id: "real-sarif-id-123" }, - }), - }; - sinon.stub(api, "getApiClient").returns( - // eslint-disable-next-line @typescript-eslint/no-unsafe-argument - mockApiClient as any, - ); + const { requestStub } = stubApiClientForUpload("real-sarif-id-123"); try { const result = await uploadLib.uploadSpecifiedFiles( @@ -1197,14 +1191,14 @@ test("uploadSpecifiedFiles - performs actual upload when skip flags are not set" // Verify actual upload happened t.is(result.sarifID, "real-sarif-id-123"); - t.true(mockApiClient.request.calledOnce); + t.true(requestStub.calledOnce); // Verify the upload target was correct - const uploadCall = mockApiClient.request.getCall(0); + const uploadCall = requestStub.getCall(0); t.is(uploadCall.args[0], CodeScanning.target); // Verify payload structure - const uploadPayload = uploadCall.args[1]; + const uploadPayload = uploadCall.args[1] as any; t.truthy(uploadPayload.data.sarif); t.is(uploadPayload.data.commit_oid, "abc123"); t.is(uploadPayload.data.ref, "refs/heads/main"); @@ -1232,16 +1226,7 @@ test("uploadSpecifiedFiles - skips upload when CODEQL_ACTION_TEST_MODE is set", stubUploadDependencies(); // Mock the API client - this should NOT be called - const mockApiClient = { - request: sinon.stub().resolves({ - status: 200, - data: { id: "should-not-be-used" }, - }), - }; - sinon.stub(api, "getApiClient").returns( - // eslint-disable-next-line @typescript-eslint/no-unsafe-argument - mockApiClient as any, - ); + const { requestStub } = stubApiClientForUpload("should-not-be-used"); try { const result = await uploadLib.uploadSpecifiedFiles( @@ -1256,7 +1241,7 @@ test("uploadSpecifiedFiles - skips upload when CODEQL_ACTION_TEST_MODE is set", // Verify upload was skipped t.is(result.sarifID, "dummy-sarif-id"); t.false( - mockApiClient.request.called, + requestStub.called, "API request should not be called when in test mode", ); From 527501d15daa18cf28340a6052d3e4b378b78fe1 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Wed, 8 Oct 2025 12:50:16 +0100 Subject: [PATCH 34/59] Allow `createStatusReportBase` to accept a `Partial` --- lib/analyze-action.js | 4 +-- lib/autobuild-action.js | 4 +-- lib/init-action-post.js | 4 +-- lib/init-action.js | 4 +-- lib/resolve-environment-action.js | 4 +-- lib/start-proxy-action.js | 4 +-- lib/upload-sarif-action.js | 4 +-- src/status-report.test.ts | 43 +++++++++++++++++++++++++++++++ src/status-report.ts | 6 ++--- 9 files changed, 60 insertions(+), 17 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 182230563a..3e29b6c2c1 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -94111,7 +94111,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi action_ref: actionRef, action_started_at: actionStartedAt.toISOString(), action_version: getActionVersion(), - analysis_kinds: config?.analysisKinds.join(","), + analysis_kinds: config?.analysisKinds?.join(","), analysis_key, build_mode: config?.buildMode, commit_oid: commitOid, @@ -94134,7 +94134,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi logger.warning(`Could not determine the workflow event name: ${e}.`); } if (config) { - statusReport.languages = config.languages.join(","); + statusReport.languages = config.languages?.join(","); } if (diskInfo) { statusReport.runner_available_disk_space_bytes = diskInfo.numAvailableBytes; diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index acdcdd44d0..376db2e4de 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -79812,7 +79812,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi action_ref: actionRef, action_started_at: actionStartedAt.toISOString(), action_version: getActionVersion(), - analysis_kinds: config?.analysisKinds.join(","), + analysis_kinds: config?.analysisKinds?.join(","), analysis_key, build_mode: config?.buildMode, commit_oid: commitOid, @@ -79835,7 +79835,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi logger.warning(`Could not determine the workflow event name: ${e}.`); } if (config) { - statusReport.languages = config.languages.join(","); + statusReport.languages = config.languages?.join(","); } if (diskInfo) { statusReport.runner_available_disk_space_bytes = diskInfo.numAvailableBytes; diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 3795e4c5d4..9f480cf7a8 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -131587,7 +131587,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi action_ref: actionRef, action_started_at: actionStartedAt.toISOString(), action_version: getActionVersion(), - analysis_kinds: config?.analysisKinds.join(","), + analysis_kinds: config?.analysisKinds?.join(","), analysis_key, build_mode: config?.buildMode, commit_oid: commitOid, @@ -131610,7 +131610,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi logger.warning(`Could not determine the workflow event name: ${e}.`); } if (config) { - statusReport.languages = config.languages.join(","); + statusReport.languages = config.languages?.join(","); } if (diskInfo) { statusReport.runner_available_disk_space_bytes = diskInfo.numAvailableBytes; diff --git a/lib/init-action.js b/lib/init-action.js index cc78a9e14c..5c1a810de9 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -90265,7 +90265,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi action_ref: actionRef, action_started_at: actionStartedAt.toISOString(), action_version: getActionVersion(), - analysis_kinds: config?.analysisKinds.join(","), + analysis_kinds: config?.analysisKinds?.join(","), analysis_key, build_mode: config?.buildMode, commit_oid: commitOid, @@ -90288,7 +90288,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi logger.warning(`Could not determine the workflow event name: ${e}.`); } if (config) { - statusReport.languages = config.languages.join(","); + statusReport.languages = config.languages?.join(","); } if (diskInfo) { statusReport.runner_available_disk_space_bytes = diskInfo.numAvailableBytes; diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index af32f15fac..d3dcf7a8eb 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -79439,7 +79439,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi action_ref: actionRef, action_started_at: actionStartedAt.toISOString(), action_version: getActionVersion(), - analysis_kinds: config?.analysisKinds.join(","), + analysis_kinds: config?.analysisKinds?.join(","), analysis_key, build_mode: config?.buildMode, commit_oid: commitOid, @@ -79462,7 +79462,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi logger.warning(`Could not determine the workflow event name: ${e}.`); } if (config) { - statusReport.languages = config.languages.join(","); + statusReport.languages = config.languages?.join(","); } if (diskInfo) { statusReport.runner_available_disk_space_bytes = diskInfo.numAvailableBytes; diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index a315dd2577..8eb3177068 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -95589,7 +95589,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi action_ref: actionRef, action_started_at: actionStartedAt.toISOString(), action_version: getActionVersion(), - analysis_kinds: config?.analysisKinds.join(","), + analysis_kinds: config?.analysisKinds?.join(","), analysis_key, build_mode: config?.buildMode, commit_oid: commitOid, @@ -95612,7 +95612,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi logger.warning(`Could not determine the workflow event name: ${e}.`); } if (config) { - statusReport.languages = config.languages.join(","); + statusReport.languages = config.languages?.join(","); } if (diskInfo) { statusReport.runner_available_disk_space_bytes = diskInfo.numAvailableBytes; diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 77c8baf84d..c9888f0965 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -89856,7 +89856,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi action_ref: actionRef, action_started_at: actionStartedAt.toISOString(), action_version: getActionVersion(), - analysis_kinds: config?.analysisKinds.join(","), + analysis_kinds: config?.analysisKinds?.join(","), analysis_key, build_mode: config?.buildMode, commit_oid: commitOid, @@ -89879,7 +89879,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, confi logger.warning(`Could not determine the workflow event name: ${e}.`); } if (config) { - statusReport.languages = config.languages.join(","); + statusReport.languages = config.languages?.join(","); } if (diskInfo) { statusReport.runner_available_disk_space_bytes = diskInfo.numAvailableBytes; diff --git a/src/status-report.test.ts b/src/status-report.test.ts index b535ef2126..8421dcceef 100644 --- a/src/status-report.test.ts +++ b/src/status-report.test.ts @@ -92,6 +92,49 @@ test("createStatusReportBase", async (t) => { }); }); +test("createStatusReportBase - empty configuration", async (t) => { + await withTmpDir(async (tmpDir: string) => { + setupEnvironmentAndStub(tmpDir); + + const statusReport = await createStatusReportBase( + ActionName.StartProxy, + "success", + new Date("May 19, 2023 05:19:00"), + {}, + { numAvailableBytes: 100, numTotalBytes: 500 }, + getRunnerLogger(false), + ); + + if (t.truthy(statusReport)) { + t.is(statusReport.action_name, ActionName.StartProxy); + t.is(statusReport.status, "success"); + } + }); +}); + +test("createStatusReportBase - partial configuration", async (t) => { + await withTmpDir(async (tmpDir: string) => { + setupEnvironmentAndStub(tmpDir); + + const statusReport = await createStatusReportBase( + ActionName.StartProxy, + "success", + new Date("May 19, 2023 05:19:00"), + { + languages: ["go"], + }, + { numAvailableBytes: 100, numTotalBytes: 500 }, + getRunnerLogger(false), + ); + + if (t.truthy(statusReport)) { + t.is(statusReport.action_name, ActionName.StartProxy); + t.is(statusReport.status, "success"); + t.is(statusReport.languages, "go"); + } + }); +}); + test("createStatusReportBase_firstParty", async (t) => { await withTmpDir(async (tmpDir: string) => { setupEnvironmentAndStub(tmpDir); diff --git a/src/status-report.ts b/src/status-report.ts index 9bfd14677d..46b16a5ef1 100644 --- a/src/status-report.ts +++ b/src/status-report.ts @@ -260,7 +260,7 @@ export async function createStatusReportBase( actionName: ActionName, status: ActionStatus, actionStartedAt: Date, - config: Config | undefined, + config: Partial | undefined, diskInfo: DiskUsage | undefined, logger: Logger, cause?: string, @@ -299,7 +299,7 @@ export async function createStatusReportBase( action_ref: actionRef, action_started_at: actionStartedAt.toISOString(), action_version: getActionVersion(), - analysis_kinds: config?.analysisKinds.join(","), + analysis_kinds: config?.analysisKinds?.join(","), analysis_key, build_mode: config?.buildMode, commit_oid: commitOid, @@ -324,7 +324,7 @@ export async function createStatusReportBase( } if (config) { - statusReport.languages = config.languages.join(","); + statusReport.languages = config.languages?.join(","); } if (diskInfo) { From 2ff418f28a66dd71cd80701e95ec26db12875f15 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Wed, 8 Oct 2025 12:54:49 +0100 Subject: [PATCH 35/59] Parse `language` before calling `getCredentials` --- lib/start-proxy-action.js | 7 ++++--- src/start-proxy-action.ts | 5 ++++- src/start-proxy.test.ts | 4 ++-- src/start-proxy.ts | 3 +-- 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 8eb3177068..7ac17694fc 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -95087,8 +95087,7 @@ var LANGUAGE_TO_REGISTRY_TYPE = { rust: ["cargo_registry"], go: ["goproxy_server", "git_source"] }; -function getCredentials(logger, registrySecrets, registriesCredentials, languageString) { - const language = languageString ? parseLanguage(languageString) : void 0; +function getCredentials(logger, registrySecrets, registriesCredentials, language) { const registryTypeForLanguage = language ? LANGUAGE_TO_REGISTRY_TYPE[language] : void 0; let credentialsStr; if (registriesCredentials !== void 0) { @@ -95780,11 +95779,13 @@ async function runWrapper() { const tempDir = getTemporaryDirectory(); const proxyLogFilePath = path.resolve(tempDir, "proxy.log"); core11.saveState("proxy-log-file", proxyLogFilePath); + const languageInput = getOptionalInput("language"); + const language = languageInput ? parseLanguage(languageInput) : void 0; const credentials = getCredentials( logger, getOptionalInput("registry_secrets"), getOptionalInput("registries_credentials"), - getOptionalInput("language") + language ); if (credentials.length === 0) { logger.info("No credentials found, skipping proxy setup."); diff --git a/src/start-proxy-action.ts b/src/start-proxy-action.ts index 966c954b44..3de5e358b9 100644 --- a/src/start-proxy-action.ts +++ b/src/start-proxy-action.ts @@ -12,6 +12,7 @@ import { Credential, getCredentials, getDownloadUrl, + parseLanguage, UPDATEJOB_PROXY, } from "./start-proxy"; import { @@ -133,11 +134,13 @@ async function runWrapper() { core.saveState("proxy-log-file", proxyLogFilePath); // Get the configuration options + const languageInput = actionsUtil.getOptionalInput("language"); + const language = languageInput ? parseLanguage(languageInput) : undefined; const credentials = getCredentials( logger, actionsUtil.getOptionalInput("registry_secrets"), actionsUtil.getOptionalInput("registries_credentials"), - actionsUtil.getOptionalInput("language"), + language, ); if (credentials.length === 0) { diff --git a/src/start-proxy.test.ts b/src/start-proxy.test.ts index dfd55d72fc..edd1377c00 100644 --- a/src/start-proxy.test.ts +++ b/src/start-proxy.test.ts @@ -109,7 +109,7 @@ test("getCredentials filters by language when specified", async (t) => { getRunnerLogger(true), undefined, toEncodedJSON(mixedCredentials), - "java", + KnownLanguage.java, ); t.is(credentials.length, 1); t.is(credentials[0].type, "maven_repository"); @@ -120,7 +120,7 @@ test("getCredentials returns all for a language when specified", async (t) => { getRunnerLogger(true), undefined, toEncodedJSON(mixedCredentials), - "go", + KnownLanguage.go, ); t.is(credentials.length, 2); diff --git a/src/start-proxy.ts b/src/start-proxy.ts index dd1e443b76..2888e1a58d 100644 --- a/src/start-proxy.ts +++ b/src/start-proxy.ts @@ -79,9 +79,8 @@ export function getCredentials( logger: Logger, registrySecrets: string | undefined, registriesCredentials: string | undefined, - languageString: string | undefined, + language: KnownLanguage | undefined, ): Credential[] { - const language = languageString ? parseLanguage(languageString) : undefined; const registryTypeForLanguage = language ? LANGUAGE_TO_REGISTRY_TYPE[language] : undefined; From fb148789ab863424b005147b4b018fe5691e5ccc Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Wed, 8 Oct 2025 13:01:25 +0100 Subject: [PATCH 36/59] Include `languages` in `start-proxy` telemetry --- lib/start-proxy-action.js | 7 +++++-- src/start-proxy-action.ts | 7 ++++++- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 7ac17694fc..becc30c810 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -95754,12 +95754,12 @@ function generateCertificateAuthority() { const key = import_node_forge.pki.privateKeyToPem(keys.privateKey); return { cert: pem, key }; } -async function sendSuccessStatusReport(startedAt, registry_types, logger) { +async function sendSuccessStatusReport(startedAt, config, registry_types, logger) { const statusReportBase = await createStatusReportBase( "start-proxy" /* StartProxy */, "success", startedAt, - void 0, + config, await checkDiskUsage(logger), logger ); @@ -95804,6 +95804,9 @@ async function runWrapper() { await startProxy(proxyBin, proxyConfig, proxyLogFilePath, logger); await sendSuccessStatusReport( startedAt, + { + languages: language ? [language] : [] + }, proxyConfig.all_credentials.map((c) => c.type), logger ); diff --git a/src/start-proxy-action.ts b/src/start-proxy-action.ts index 3de5e358b9..7cdd8e45db 100644 --- a/src/start-proxy-action.ts +++ b/src/start-proxy-action.ts @@ -7,6 +7,7 @@ import { pki } from "node-forge"; import * as actionsUtil from "./actions-util"; import { getApiDetails, getAuthorizationHeaderFor } from "./api-client"; +import { Config } from "./config-utils"; import { getActionsLogger, Logger } from "./logging"; import { Credential, @@ -99,6 +100,7 @@ interface StartProxyStatus extends StatusReportBase { async function sendSuccessStatusReport( startedAt: Date, + config: Partial, registry_types: string[], logger: Logger, ) { @@ -106,7 +108,7 @@ async function sendSuccessStatusReport( ActionName.StartProxy, "success", startedAt, - undefined, + config, await util.checkDiskUsage(logger), logger, ); @@ -168,6 +170,9 @@ async function runWrapper() { // Report success if we have reached this point. await sendSuccessStatusReport( startedAt, + { + languages: language ? [language] : [], + }, proxyConfig.all_credentials.map((c) => c.type), logger, ); From bdd2cdf891a0a89c6680bd54c9ba63c80e440f75 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Wed, 8 Oct 2025 13:06:22 +0100 Subject: [PATCH 37/59] Also include `language` in error status report for `start-proxy`, if available --- lib/start-proxy-action.js | 9 ++++++--- src/start-proxy-action.ts | 10 +++++++--- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index becc30c810..1437fef44d 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -95775,12 +95775,13 @@ async function runWrapper() { const startedAt = /* @__PURE__ */ new Date(); persistInputs(); const logger = getActionsLogger(); + let language; try { const tempDir = getTemporaryDirectory(); const proxyLogFilePath = path.resolve(tempDir, "proxy.log"); core11.saveState("proxy-log-file", proxyLogFilePath); const languageInput = getOptionalInput("language"); - const language = languageInput ? parseLanguage(languageInput) : void 0; + language = languageInput ? parseLanguage(languageInput) : void 0; const credentials = getCredentials( logger, getOptionalInput("registry_secrets"), @@ -95805,7 +95806,7 @@ async function runWrapper() { await sendSuccessStatusReport( startedAt, { - languages: language ? [language] : [] + languages: language && [language] }, proxyConfig.all_credentials.map((c) => c.type), logger @@ -95817,7 +95818,9 @@ async function runWrapper() { "start-proxy" /* StartProxy */, getActionsStatus(error2), startedAt, - void 0, + { + languages: language && [language] + }, await checkDiskUsage(logger), logger ); diff --git a/src/start-proxy-action.ts b/src/start-proxy-action.ts index 7cdd8e45db..013382716b 100644 --- a/src/start-proxy-action.ts +++ b/src/start-proxy-action.ts @@ -8,6 +8,7 @@ import { pki } from "node-forge"; import * as actionsUtil from "./actions-util"; import { getApiDetails, getAuthorizationHeaderFor } from "./api-client"; import { Config } from "./config-utils"; +import { KnownLanguage } from "./languages"; import { getActionsLogger, Logger } from "./logging"; import { Credential, @@ -128,6 +129,7 @@ async function runWrapper() { actionsUtil.persistInputs(); const logger = getActionsLogger(); + let language: KnownLanguage | undefined; try { // Setup logging for the proxy @@ -137,7 +139,7 @@ async function runWrapper() { // Get the configuration options const languageInput = actionsUtil.getOptionalInput("language"); - const language = languageInput ? parseLanguage(languageInput) : undefined; + language = languageInput ? parseLanguage(languageInput) : undefined; const credentials = getCredentials( logger, actionsUtil.getOptionalInput("registry_secrets"), @@ -171,7 +173,7 @@ async function runWrapper() { await sendSuccessStatusReport( startedAt, { - languages: language ? [language] : [], + languages: language && [language], }, proxyConfig.all_credentials.map((c) => c.type), logger, @@ -186,7 +188,9 @@ async function runWrapper() { ActionName.StartProxy, getActionsStatus(error), startedAt, - undefined, + { + languages: language && [language], + }, await util.checkDiskUsage(logger), logger, ); From 98abb870dcd6421594724ae220643e13baf90298 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Wed, 8 Oct 2025 14:43:54 +0100 Subject: [PATCH 38/59] Add configuration error for rate limited CodeQL download --- lib/analyze-action-post.js | 1 + lib/analyze-action.js | 83 +++++++++++++++++++++-------- lib/autobuild-action.js | 1 + lib/init-action-post.js | 87 +++++++++++++++++++++++-------- lib/init-action.js | 83 +++++++++++++++++++++-------- lib/resolve-environment-action.js | 1 + lib/start-proxy-action-post.js | 1 + lib/start-proxy-action.js | 1 + lib/upload-lib.js | 83 +++++++++++++++++++++-------- lib/upload-sarif-action-post.js | 1 + lib/upload-sarif-action.js | 83 +++++++++++++++++++++-------- package-lock.json | 27 +++------- package.json | 1 + src/codeql.ts | 4 +- 14 files changed, 328 insertions(+), 129 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index cff080b239..19c987905e 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -26473,6 +26473,7 @@ var require_package = __commonJS({ "@actions/io": "^1.1.3", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", + "@octokit/request-error": "^7.0.1", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "check-disk-space": "^3.4.0", diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 182230563a..2994732104 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -20602,14 +20602,14 @@ var require_dist_node4 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -20701,7 +20701,7 @@ var require_dist_node5 = __commonJS({ const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor; return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value); } - var import_request_error = require_dist_node4(); + var import_request_error2 = require_dist_node4(); function getBufferResponse(response) { return response.arrayBuffer(); } @@ -20753,7 +20753,7 @@ var require_dist_node5 = __commonJS({ if (status < 400) { return; } - throw new import_request_error.RequestError(response.statusText, status, { + throw new import_request_error2.RequestError(response.statusText, status, { response: { url: url2, status, @@ -20764,7 +20764,7 @@ var require_dist_node5 = __commonJS({ }); } if (status === 304) { - throw new import_request_error.RequestError("Not modified", status, { + throw new import_request_error2.RequestError("Not modified", status, { response: { url: url2, status, @@ -20776,7 +20776,7 @@ var require_dist_node5 = __commonJS({ } if (status >= 400) { const data = await getResponseData(response); - const error2 = new import_request_error.RequestError(toErrorMessage(data), status, { + const error2 = new import_request_error2.RequestError(toErrorMessage(data), status, { response: { url: url2, status, @@ -20796,7 +20796,7 @@ var require_dist_node5 = __commonJS({ data }; }).catch((error2) => { - if (error2 instanceof import_request_error.RequestError) + if (error2 instanceof import_request_error2.RequestError) throw error2; else if (error2.name === "AbortError") throw error2; @@ -20808,7 +20808,7 @@ var require_dist_node5 = __commonJS({ message = error2.cause; } } - throw new import_request_error.RequestError(message, 500, { + throw new import_request_error2.RequestError(message, 500, { request: requestOptions }); }); @@ -21250,14 +21250,14 @@ var require_dist_node7 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -21349,7 +21349,7 @@ var require_dist_node8 = __commonJS({ const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor; return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value); } - var import_request_error = require_dist_node7(); + var import_request_error2 = require_dist_node7(); function getBufferResponse(response) { return response.arrayBuffer(); } @@ -21401,7 +21401,7 @@ var require_dist_node8 = __commonJS({ if (status < 400) { return; } - throw new import_request_error.RequestError(response.statusText, status, { + throw new import_request_error2.RequestError(response.statusText, status, { response: { url: url2, status, @@ -21412,7 +21412,7 @@ var require_dist_node8 = __commonJS({ }); } if (status === 304) { - throw new import_request_error.RequestError("Not modified", status, { + throw new import_request_error2.RequestError("Not modified", status, { response: { url: url2, status, @@ -21424,7 +21424,7 @@ var require_dist_node8 = __commonJS({ } if (status >= 400) { const data = await getResponseData(response); - const error2 = new import_request_error.RequestError(toErrorMessage(data), status, { + const error2 = new import_request_error2.RequestError(toErrorMessage(data), status, { response: { url: url2, status, @@ -21444,7 +21444,7 @@ var require_dist_node8 = __commonJS({ data }; }).catch((error2) => { - if (error2 instanceof import_request_error.RequestError) + if (error2 instanceof import_request_error2.RequestError) throw error2; else if (error2.name === "AbortError") throw error2; @@ -21456,7 +21456,7 @@ var require_dist_node8 = __commonJS({ message = error2.cause; } } - throw new import_request_error.RequestError(message, 500, { + throw new import_request_error2.RequestError(message, 500, { request: requestOptions }); }); @@ -32322,6 +32322,7 @@ var require_package = __commonJS({ "@actions/io": "^1.1.3", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", + "@octokit/request-error": "^7.0.1", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "check-disk-space": "^3.4.0", @@ -33745,14 +33746,14 @@ var require_dist_node14 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -33854,7 +33855,7 @@ var require_dist_node15 = __commonJS({ throw error2; } var import_light = __toESM2(require_light()); - var import_request_error = require_dist_node14(); + var import_request_error2 = require_dist_node14(); async function wrapRequest(state, octokit, request, options) { const limiter = new import_light.default(); limiter.on("failed", function(error2, info4) { @@ -33875,7 +33876,7 @@ var require_dist_node15 = __commonJS({ if (response.data && response.data.errors && response.data.errors.length > 0 && /Something went wrong while executing your query/.test( response.data.errors[0].message )) { - const error2 = new import_request_error.RequestError(response.data.errors[0].message, 500, { + const error2 = new import_request_error2.RequestError(response.data.errors[0].message, 500, { request: options, response }); @@ -90370,6 +90371,45 @@ var path14 = __toESM(require("path")); var core10 = __toESM(require_core()); var toolrunner3 = __toESM(require_toolrunner()); +// node_modules/@octokit/request-error/dist-src/index.js +var RequestError = class extends Error { + name; + /** + * http status code + */ + status; + /** + * Request options that lead to the error. + */ + request; + /** + * Response object if a response was received + */ + response; + constructor(message, statusCode, options) { + super(message); + this.name = "HttpError"; + this.status = Number.parseInt(statusCode); + if (Number.isNaN(this.status)) { + this.status = 0; + } + if ("response" in options) { + this.response = options.response; + } + const requestCopy = Object.assign({}, options.request); + if (options.request.headers.authorization) { + requestCopy.headers = Object.assign({}, options.request.headers, { + authorization: options.request.headers.authorization.replace( + /(? __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -20701,7 +20701,7 @@ var require_dist_node5 = __commonJS({ const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor; return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value); } - var import_request_error = require_dist_node4(); + var import_request_error2 = require_dist_node4(); function getBufferResponse(response) { return response.arrayBuffer(); } @@ -20753,7 +20753,7 @@ var require_dist_node5 = __commonJS({ if (status < 400) { return; } - throw new import_request_error.RequestError(response.statusText, status, { + throw new import_request_error2.RequestError(response.statusText, status, { response: { url: url2, status, @@ -20764,7 +20764,7 @@ var require_dist_node5 = __commonJS({ }); } if (status === 304) { - throw new import_request_error.RequestError("Not modified", status, { + throw new import_request_error2.RequestError("Not modified", status, { response: { url: url2, status, @@ -20776,7 +20776,7 @@ var require_dist_node5 = __commonJS({ } if (status >= 400) { const data = await getResponseData(response); - const error2 = new import_request_error.RequestError(toErrorMessage(data), status, { + const error2 = new import_request_error2.RequestError(toErrorMessage(data), status, { response: { url: url2, status, @@ -20796,7 +20796,7 @@ var require_dist_node5 = __commonJS({ data }; }).catch((error2) => { - if (error2 instanceof import_request_error.RequestError) + if (error2 instanceof import_request_error2.RequestError) throw error2; else if (error2.name === "AbortError") throw error2; @@ -20808,7 +20808,7 @@ var require_dist_node5 = __commonJS({ message = error2.cause; } } - throw new import_request_error.RequestError(message, 500, { + throw new import_request_error2.RequestError(message, 500, { request: requestOptions }); }); @@ -21250,14 +21250,14 @@ var require_dist_node7 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -21349,7 +21349,7 @@ var require_dist_node8 = __commonJS({ const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor; return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value); } - var import_request_error = require_dist_node7(); + var import_request_error2 = require_dist_node7(); function getBufferResponse(response) { return response.arrayBuffer(); } @@ -21401,7 +21401,7 @@ var require_dist_node8 = __commonJS({ if (status < 400) { return; } - throw new import_request_error.RequestError(response.statusText, status, { + throw new import_request_error2.RequestError(response.statusText, status, { response: { url: url2, status, @@ -21412,7 +21412,7 @@ var require_dist_node8 = __commonJS({ }); } if (status === 304) { - throw new import_request_error.RequestError("Not modified", status, { + throw new import_request_error2.RequestError("Not modified", status, { response: { url: url2, status, @@ -21424,7 +21424,7 @@ var require_dist_node8 = __commonJS({ } if (status >= 400) { const data = await getResponseData(response); - const error2 = new import_request_error.RequestError(toErrorMessage(data), status, { + const error2 = new import_request_error2.RequestError(toErrorMessage(data), status, { response: { url: url2, status, @@ -21444,7 +21444,7 @@ var require_dist_node8 = __commonJS({ data }; }).catch((error2) => { - if (error2 instanceof import_request_error.RequestError) + if (error2 instanceof import_request_error2.RequestError) throw error2; else if (error2.name === "AbortError") throw error2; @@ -21456,7 +21456,7 @@ var require_dist_node8 = __commonJS({ message = error2.cause; } } - throw new import_request_error.RequestError(message, 500, { + throw new import_request_error2.RequestError(message, 500, { request: requestOptions }); }); @@ -32322,6 +32322,7 @@ var require_package = __commonJS({ "@actions/io": "^1.1.3", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", + "@octokit/request-error": "^7.0.1", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "check-disk-space": "^3.4.0", @@ -33745,14 +33746,14 @@ var require_dist_node14 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -33854,7 +33855,7 @@ var require_dist_node15 = __commonJS({ throw error2; } var import_light = __toESM2(require_light()); - var import_request_error = require_dist_node14(); + var import_request_error2 = require_dist_node14(); async function wrapRequest(state, octokit, request, options) { const limiter = new import_light.default(); limiter.on("failed", function(error2, info5) { @@ -33875,7 +33876,7 @@ var require_dist_node15 = __commonJS({ if (response.data && response.data.errors && response.data.errors.length > 0 && /Something went wrong while executing your query/.test( response.data.errors[0].message )) { - const error2 = new import_request_error.RequestError(response.data.errors[0].message, 500, { + const error2 = new import_request_error2.RequestError(response.data.errors[0].message, 500, { request: options, response }); @@ -111944,7 +111945,7 @@ var require_dist_node17 = __commonJS({ var once2 = _interopDefault(require_once()); var logOnceCode = once2((deprecation2) => console.warn(deprecation2)); var logOnceHeaders = once2((deprecation2) => console.warn(deprecation2)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -111982,7 +111983,7 @@ var require_dist_node17 = __commonJS({ }); } }; - exports2.RequestError = RequestError; + exports2.RequestError = RequestError2; } }); @@ -128601,6 +128602,45 @@ var path13 = __toESM(require("path")); var core10 = __toESM(require_core()); var toolrunner3 = __toESM(require_toolrunner()); +// node_modules/@octokit/request-error/dist-src/index.js +var RequestError = class extends Error { + name; + /** + * http status code + */ + status; + /** + * Request options that lead to the error. + */ + request; + /** + * Response object if a response was received + */ + response; + constructor(message, statusCode, options) { + super(message); + this.name = "HttpError"; + this.status = Number.parseInt(statusCode); + if (Number.isNaN(this.status)) { + this.status = 0; + } + if ("response" in options) { + this.response = options.response; + } + const requestCopy = Object.assign({}, options.request); + if (options.request.headers.authorization) { + requestCopy.headers = Object.assign({}, options.request.headers, { + authorization: options.request.headers.authorization.replace( + /(? __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -22609,7 +22609,7 @@ var require_dist_node5 = __commonJS({ const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor; return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value); } - var import_request_error = require_dist_node4(); + var import_request_error2 = require_dist_node4(); function getBufferResponse(response) { return response.arrayBuffer(); } @@ -22661,7 +22661,7 @@ var require_dist_node5 = __commonJS({ if (status < 400) { return; } - throw new import_request_error.RequestError(response.statusText, status, { + throw new import_request_error2.RequestError(response.statusText, status, { response: { url, status, @@ -22672,7 +22672,7 @@ var require_dist_node5 = __commonJS({ }); } if (status === 304) { - throw new import_request_error.RequestError("Not modified", status, { + throw new import_request_error2.RequestError("Not modified", status, { response: { url, status, @@ -22684,7 +22684,7 @@ var require_dist_node5 = __commonJS({ } if (status >= 400) { const data = await getResponseData(response); - const error2 = new import_request_error.RequestError(toErrorMessage(data), status, { + const error2 = new import_request_error2.RequestError(toErrorMessage(data), status, { response: { url, status, @@ -22704,7 +22704,7 @@ var require_dist_node5 = __commonJS({ data }; }).catch((error2) => { - if (error2 instanceof import_request_error.RequestError) + if (error2 instanceof import_request_error2.RequestError) throw error2; else if (error2.name === "AbortError") throw error2; @@ -22716,7 +22716,7 @@ var require_dist_node5 = __commonJS({ message = error2.cause; } } - throw new import_request_error.RequestError(message, 500, { + throw new import_request_error2.RequestError(message, 500, { request: requestOptions }); }); @@ -23158,14 +23158,14 @@ var require_dist_node7 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -23257,7 +23257,7 @@ var require_dist_node8 = __commonJS({ const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor; return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value); } - var import_request_error = require_dist_node7(); + var import_request_error2 = require_dist_node7(); function getBufferResponse(response) { return response.arrayBuffer(); } @@ -23309,7 +23309,7 @@ var require_dist_node8 = __commonJS({ if (status < 400) { return; } - throw new import_request_error.RequestError(response.statusText, status, { + throw new import_request_error2.RequestError(response.statusText, status, { response: { url, status, @@ -23320,7 +23320,7 @@ var require_dist_node8 = __commonJS({ }); } if (status === 304) { - throw new import_request_error.RequestError("Not modified", status, { + throw new import_request_error2.RequestError("Not modified", status, { response: { url, status, @@ -23332,7 +23332,7 @@ var require_dist_node8 = __commonJS({ } if (status >= 400) { const data = await getResponseData(response); - const error2 = new import_request_error.RequestError(toErrorMessage(data), status, { + const error2 = new import_request_error2.RequestError(toErrorMessage(data), status, { response: { url, status, @@ -23352,7 +23352,7 @@ var require_dist_node8 = __commonJS({ data }; }).catch((error2) => { - if (error2 instanceof import_request_error.RequestError) + if (error2 instanceof import_request_error2.RequestError) throw error2; else if (error2.name === "AbortError") throw error2; @@ -23364,7 +23364,7 @@ var require_dist_node8 = __commonJS({ message = error2.cause; } } - throw new import_request_error.RequestError(message, 500, { + throw new import_request_error2.RequestError(message, 500, { request: requestOptions }); }); @@ -32322,6 +32322,7 @@ var require_package = __commonJS({ "@actions/io": "^1.1.3", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", + "@octokit/request-error": "^7.0.1", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "check-disk-space": "^3.4.0", @@ -33745,14 +33746,14 @@ var require_dist_node14 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -33854,7 +33855,7 @@ var require_dist_node15 = __commonJS({ throw error2; } var import_light = __toESM2(require_light()); - var import_request_error = require_dist_node14(); + var import_request_error2 = require_dist_node14(); async function wrapRequest(state, octokit, request, options) { const limiter = new import_light.default(); limiter.on("failed", function(error2, info4) { @@ -33875,7 +33876,7 @@ var require_dist_node15 = __commonJS({ if (response.data && response.data.errors && response.data.errors.length > 0 && /Something went wrong while executing your query/.test( response.data.errors[0].message )) { - const error2 = new import_request_error.RequestError(response.data.errors[0].message, 500, { + const error2 = new import_request_error2.RequestError(response.data.errors[0].message, 500, { request: options, response }); @@ -88333,6 +88334,45 @@ var path16 = __toESM(require("path")); var core10 = __toESM(require_core()); var toolrunner3 = __toESM(require_toolrunner()); +// node_modules/@octokit/request-error/dist-src/index.js +var RequestError = class extends Error { + name; + /** + * http status code + */ + status; + /** + * Request options that lead to the error. + */ + request; + /** + * Response object if a response was received + */ + response; + constructor(message, statusCode, options) { + super(message); + this.name = "HttpError"; + this.status = Number.parseInt(statusCode); + if (Number.isNaN(this.status)) { + this.status = 0; + } + if ("response" in options) { + this.response = options.response; + } + const requestCopy = Object.assign({}, options.request); + if (options.request.headers.authorization) { + requestCopy.headers = Object.assign({}, options.request.headers, { + authorization: options.request.headers.authorization.replace( + /(? __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -21998,7 +21998,7 @@ var require_dist_node5 = __commonJS({ const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor; return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value); } - var import_request_error = require_dist_node4(); + var import_request_error2 = require_dist_node4(); function getBufferResponse(response) { return response.arrayBuffer(); } @@ -22050,7 +22050,7 @@ var require_dist_node5 = __commonJS({ if (status < 400) { return; } - throw new import_request_error.RequestError(response.statusText, status, { + throw new import_request_error2.RequestError(response.statusText, status, { response: { url: url2, status, @@ -22061,7 +22061,7 @@ var require_dist_node5 = __commonJS({ }); } if (status === 304) { - throw new import_request_error.RequestError("Not modified", status, { + throw new import_request_error2.RequestError("Not modified", status, { response: { url: url2, status, @@ -22073,7 +22073,7 @@ var require_dist_node5 = __commonJS({ } if (status >= 400) { const data = await getResponseData(response); - const error2 = new import_request_error.RequestError(toErrorMessage(data), status, { + const error2 = new import_request_error2.RequestError(toErrorMessage(data), status, { response: { url: url2, status, @@ -22093,7 +22093,7 @@ var require_dist_node5 = __commonJS({ data }; }).catch((error2) => { - if (error2 instanceof import_request_error.RequestError) + if (error2 instanceof import_request_error2.RequestError) throw error2; else if (error2.name === "AbortError") throw error2; @@ -22105,7 +22105,7 @@ var require_dist_node5 = __commonJS({ message = error2.cause; } } - throw new import_request_error.RequestError(message, 500, { + throw new import_request_error2.RequestError(message, 500, { request: requestOptions }); }); @@ -22547,14 +22547,14 @@ var require_dist_node7 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -22646,7 +22646,7 @@ var require_dist_node8 = __commonJS({ const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor; return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value); } - var import_request_error = require_dist_node7(); + var import_request_error2 = require_dist_node7(); function getBufferResponse(response) { return response.arrayBuffer(); } @@ -22698,7 +22698,7 @@ var require_dist_node8 = __commonJS({ if (status < 400) { return; } - throw new import_request_error.RequestError(response.statusText, status, { + throw new import_request_error2.RequestError(response.statusText, status, { response: { url: url2, status, @@ -22709,7 +22709,7 @@ var require_dist_node8 = __commonJS({ }); } if (status === 304) { - throw new import_request_error.RequestError("Not modified", status, { + throw new import_request_error2.RequestError("Not modified", status, { response: { url: url2, status, @@ -22721,7 +22721,7 @@ var require_dist_node8 = __commonJS({ } if (status >= 400) { const data = await getResponseData(response); - const error2 = new import_request_error.RequestError(toErrorMessage(data), status, { + const error2 = new import_request_error2.RequestError(toErrorMessage(data), status, { response: { url: url2, status, @@ -22741,7 +22741,7 @@ var require_dist_node8 = __commonJS({ data }; }).catch((error2) => { - if (error2 instanceof import_request_error.RequestError) + if (error2 instanceof import_request_error2.RequestError) throw error2; else if (error2.name === "AbortError") throw error2; @@ -22753,7 +22753,7 @@ var require_dist_node8 = __commonJS({ message = error2.cause; } } - throw new import_request_error.RequestError(message, 500, { + throw new import_request_error2.RequestError(message, 500, { request: requestOptions }); }); @@ -33619,6 +33619,7 @@ var require_package = __commonJS({ "@actions/io": "^1.1.3", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", + "@octokit/request-error": "^7.0.1", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "check-disk-space": "^3.4.0", @@ -35042,14 +35043,14 @@ var require_dist_node14 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -35151,7 +35152,7 @@ var require_dist_node15 = __commonJS({ throw error2; } var import_light = __toESM2(require_light()); - var import_request_error = require_dist_node14(); + var import_request_error2 = require_dist_node14(); async function wrapRequest(state, octokit, request, options) { const limiter = new import_light.default(); limiter.on("failed", function(error2, info4) { @@ -35172,7 +35173,7 @@ var require_dist_node15 = __commonJS({ if (response.data && response.data.errors && response.data.errors.length > 0 && /Something went wrong while executing your query/.test( response.data.errors[0].message )) { - const error2 = new import_request_error.RequestError(response.data.errors[0].message, 500, { + const error2 = new import_request_error2.RequestError(response.data.errors[0].message, 500, { request: options, response }); @@ -88741,6 +88742,45 @@ var path12 = __toESM(require("path")); var core10 = __toESM(require_core()); var toolrunner3 = __toESM(require_toolrunner()); +// node_modules/@octokit/request-error/dist-src/index.js +var RequestError = class extends Error { + name; + /** + * http status code + */ + status; + /** + * Request options that lead to the error. + */ + request; + /** + * Response object if a response was received + */ + response; + constructor(message, statusCode, options) { + super(message); + this.name = "HttpError"; + this.status = Number.parseInt(statusCode); + if (Number.isNaN(this.status)) { + this.status = 0; + } + if ("response" in options) { + this.response = options.response; + } + const requestCopy = Object.assign({}, options.request); + if (options.request.headers.authorization) { + requestCopy.headers = Object.assign({}, options.request.headers, { + authorization: options.request.headers.authorization.replace( + /(? __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -20701,7 +20701,7 @@ var require_dist_node5 = __commonJS({ const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor; return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value); } - var import_request_error = require_dist_node4(); + var import_request_error2 = require_dist_node4(); function getBufferResponse(response) { return response.arrayBuffer(); } @@ -20753,7 +20753,7 @@ var require_dist_node5 = __commonJS({ if (status < 400) { return; } - throw new import_request_error.RequestError(response.statusText, status, { + throw new import_request_error2.RequestError(response.statusText, status, { response: { url: url2, status, @@ -20764,7 +20764,7 @@ var require_dist_node5 = __commonJS({ }); } if (status === 304) { - throw new import_request_error.RequestError("Not modified", status, { + throw new import_request_error2.RequestError("Not modified", status, { response: { url: url2, status, @@ -20776,7 +20776,7 @@ var require_dist_node5 = __commonJS({ } if (status >= 400) { const data = await getResponseData(response); - const error2 = new import_request_error.RequestError(toErrorMessage(data), status, { + const error2 = new import_request_error2.RequestError(toErrorMessage(data), status, { response: { url: url2, status, @@ -20796,7 +20796,7 @@ var require_dist_node5 = __commonJS({ data }; }).catch((error2) => { - if (error2 instanceof import_request_error.RequestError) + if (error2 instanceof import_request_error2.RequestError) throw error2; else if (error2.name === "AbortError") throw error2; @@ -20808,7 +20808,7 @@ var require_dist_node5 = __commonJS({ message = error2.cause; } } - throw new import_request_error.RequestError(message, 500, { + throw new import_request_error2.RequestError(message, 500, { request: requestOptions }); }); @@ -21250,14 +21250,14 @@ var require_dist_node7 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -21349,7 +21349,7 @@ var require_dist_node8 = __commonJS({ const Ctor = Object.prototype.hasOwnProperty.call(proto, "constructor") && proto.constructor; return typeof Ctor === "function" && Ctor instanceof Ctor && Function.prototype.call(Ctor) === Function.prototype.call(value); } - var import_request_error = require_dist_node7(); + var import_request_error2 = require_dist_node7(); function getBufferResponse(response) { return response.arrayBuffer(); } @@ -21401,7 +21401,7 @@ var require_dist_node8 = __commonJS({ if (status < 400) { return; } - throw new import_request_error.RequestError(response.statusText, status, { + throw new import_request_error2.RequestError(response.statusText, status, { response: { url: url2, status, @@ -21412,7 +21412,7 @@ var require_dist_node8 = __commonJS({ }); } if (status === 304) { - throw new import_request_error.RequestError("Not modified", status, { + throw new import_request_error2.RequestError("Not modified", status, { response: { url: url2, status, @@ -21424,7 +21424,7 @@ var require_dist_node8 = __commonJS({ } if (status >= 400) { const data = await getResponseData(response); - const error2 = new import_request_error.RequestError(toErrorMessage(data), status, { + const error2 = new import_request_error2.RequestError(toErrorMessage(data), status, { response: { url: url2, status, @@ -21444,7 +21444,7 @@ var require_dist_node8 = __commonJS({ data }; }).catch((error2) => { - if (error2 instanceof import_request_error.RequestError) + if (error2 instanceof import_request_error2.RequestError) throw error2; else if (error2.name === "AbortError") throw error2; @@ -21456,7 +21456,7 @@ var require_dist_node8 = __commonJS({ message = error2.cause; } } - throw new import_request_error.RequestError(message, 500, { + throw new import_request_error2.RequestError(message, 500, { request: requestOptions }); }); @@ -32322,6 +32322,7 @@ var require_package = __commonJS({ "@actions/io": "^1.1.3", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", + "@octokit/request-error": "^7.0.1", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "check-disk-space": "^3.4.0", @@ -33745,14 +33746,14 @@ var require_dist_node14 = __commonJS({ var __toCommonJS2 = (mod) => __copyProps2(__defProp2({}, "__esModule", { value: true }), mod); var dist_src_exports = {}; __export2(dist_src_exports, { - RequestError: () => RequestError + RequestError: () => RequestError2 }); module2.exports = __toCommonJS2(dist_src_exports); var import_deprecation = require_dist_node3(); var import_once = __toESM2(require_once()); var logOnceCode = (0, import_once.default)((deprecation) => console.warn(deprecation)); var logOnceHeaders = (0, import_once.default)((deprecation) => console.warn(deprecation)); - var RequestError = class extends Error { + var RequestError2 = class extends Error { constructor(message, statusCode, options) { super(message); if (Error.captureStackTrace) { @@ -33854,7 +33855,7 @@ var require_dist_node15 = __commonJS({ throw error2; } var import_light = __toESM2(require_light()); - var import_request_error = require_dist_node14(); + var import_request_error2 = require_dist_node14(); async function wrapRequest(state, octokit, request, options) { const limiter = new import_light.default(); limiter.on("failed", function(error2, info4) { @@ -33875,7 +33876,7 @@ var require_dist_node15 = __commonJS({ if (response.data && response.data.errors && response.data.errors.length > 0 && /Something went wrong while executing your query/.test( response.data.errors[0].message )) { - const error2 = new import_request_error.RequestError(response.data.errors[0].message, 500, { + const error2 = new import_request_error2.RequestError(response.data.errors[0].message, 500, { request: options, response }); @@ -89989,6 +89990,45 @@ var path13 = __toESM(require("path")); var core11 = __toESM(require_core()); var toolrunner3 = __toESM(require_toolrunner()); +// node_modules/@octokit/request-error/dist-src/index.js +var RequestError = class extends Error { + name; + /** + * http status code + */ + status; + /** + * Request options that lead to the error. + */ + request; + /** + * Response object if a response was received + */ + response; + constructor(message, statusCode, options) { + super(message); + this.name = "HttpError"; + this.status = Number.parseInt(statusCode); + if (Number.isNaN(this.status)) { + this.status = 0; + } + if ("response" in options) { + this.response = options.response; + } + const requestCopy = Object.assign({}, options.request); + if (options.request.headers.authorization) { + requestCopy.headers = Object.assign({}, options.request.headers, { + authorization: options.request.headers.authorization.replace( + /(?= 20" } }, - "node_modules/@octokit/request-error/node_modules/@octokit/openapi-types": { - "version": "25.1.0", - "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-25.1.0.tgz", - "integrity": "sha512-idsIggNXUKkk0+BExUn1dQ92sfysJrje03Q0bv0e+KPLrvyqZF8MnBpFz8UNfYDwB3Ie7Z0TByjWfzxt7vseaA==", - "license": "MIT" - }, - "node_modules/@octokit/request-error/node_modules/@octokit/types": { - "version": "14.1.0", - "resolved": "https://registry.npmjs.org/@octokit/types/-/types-14.1.0.tgz", - "integrity": "sha512-1y6DgTy8Jomcpu33N+p5w58l6xyt55Ar2I91RPiIA0xCJBXyUAhXCcmZaDWSANiha7R9a6qJJ2CRomGPZ6f46g==", - "license": "MIT", - "dependencies": { - "@octokit/openapi-types": "^25.1.0" - } - }, "node_modules/@octokit/request/node_modules/@octokit/openapi-types": { "version": "25.1.0", "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-25.1.0.tgz", @@ -2348,7 +2334,6 @@ "version": "15.0.0", "resolved": "https://registry.npmjs.org/@octokit/types/-/types-15.0.0.tgz", "integrity": "sha512-8o6yDfmoGJUIeR9OfYU0/TUJTnMPG2r68+1yEdUeG2Fdqpj8Qetg0ziKIgcBm0RW/j29H41WP37CYCEhp6GoHQ==", - "dev": true, "license": "MIT", "dependencies": { "@octokit/openapi-types": "^26.0.0" diff --git a/package.json b/package.json index 2c7737ce46..8e6cccfb07 100644 --- a/package.json +++ b/package.json @@ -35,6 +35,7 @@ "@actions/io": "^1.1.3", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", + "@octokit/request-error": "^7.0.1", "@schemastore/package": "0.0.10", "archiver": "^7.0.1", "check-disk-space": "^3.4.0", diff --git a/src/codeql.ts b/src/codeql.ts index 16b105a3df..5241ff2476 100644 --- a/src/codeql.ts +++ b/src/codeql.ts @@ -3,6 +3,7 @@ import * as path from "path"; import * as core from "@actions/core"; import * as toolrunner from "@actions/exec/lib/toolrunner"; +import { RequestError } from "@octokit/request-error"; import * as yaml from "js-yaml"; import { @@ -370,7 +371,8 @@ export async function setupCodeQL( } catch (e) { const ErrorClass = e instanceof util.ConfigurationError || - (e instanceof Error && e.message.includes("ENOSPC")) // out of disk space + (e instanceof Error && e.message.includes("ENOSPC")) || // out of disk space + (e instanceof RequestError && e.status === 429) // rate limited ? util.ConfigurationError : Error; From a841c540b73bac7685691a2f930006ba52db3645 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 9 Oct 2025 12:18:14 +0200 Subject: [PATCH 39/59] Scratch `uploadSpecifiedFiles` tests, make `uploadPayload` tests instead --- lib/upload-lib.js | 2 + src/upload-lib.test.ts | 534 ++++++++++------------------------------- src/upload-lib.ts | 9 +- 3 files changed, 132 insertions(+), 413 deletions(-) diff --git a/lib/upload-lib.js b/lib/upload-lib.js index e7c0bb5ecd..508e16a109 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -84831,6 +84831,7 @@ __export(upload_lib_exports, { shouldShowCombineSarifFilesDeprecationWarning: () => shouldShowCombineSarifFilesDeprecationWarning, throwIfCombineSarifFilesDisabled: () => throwIfCombineSarifFilesDisabled, uploadFiles: () => uploadFiles, + uploadPayload: () => uploadPayload, uploadSpecifiedFiles: () => uploadSpecifiedFiles, validateSarifFileSchema: () => validateSarifFileSchema, validateUniqueCategory: () => validateUniqueCategory, @@ -92944,6 +92945,7 @@ function filterAlertsByDiffRange(logger, sarif) { shouldShowCombineSarifFilesDeprecationWarning, throwIfCombineSarifFilesDisabled, uploadFiles, + uploadPayload, uploadSpecifiedFiles, validateSarifFileSchema, validateUniqueCategory, diff --git a/src/upload-lib.test.ts b/src/upload-lib.test.ts index bccdb0140d..6e78bcf355 100644 --- a/src/upload-lib.test.ts +++ b/src/upload-lib.test.ts @@ -1,30 +1,18 @@ -// Node.js built-in modules import * as fs from "fs"; import * as path from "path"; -import zlib from "zlib"; -// External dependencies import * as github from "@actions/github"; -import test from "ava"; +import { HTTPError } from "@actions/tool-cache"; +import test, { ExecutionContext } from "ava"; import * as sinon from "sinon"; -// Internal modules -import * as actionsUtil from "./actions-util"; +import * as analyses from "./analyses"; import { AnalysisKind, CodeQuality, CodeScanning } from "./analyses"; import * as api from "./api-client"; -import * as codeqlModule from "./codeql"; -import * as configUtils from "./config-utils"; -import * as fingerprints from "./fingerprints"; -import * as gitUtils from "./git-utils"; import { getRunnerLogger, Logger } from "./logging"; -import { createFeatures, setupTests } from "./testing-utils"; +import { setupTests } from "./testing-utils"; import * as uploadLib from "./upload-lib"; -import { - GitHubVariant, - initializeEnvironment, - SarifFile, - withTmpDir, -} from "./util"; +import { GitHubVariant, initializeEnvironment, withTmpDir } from "./util"; setupTests(test); @@ -868,414 +856,140 @@ test("shouldConsiderInvalidRequest returns correct recognises processing errors" t.false(uploadLib.shouldConsiderInvalidRequest(error3)); }); -// Helper function to set up common environment variables for upload tests -function setupUploadEnvironment( - tmpDir: string, - extraVars?: Record, -) { - const originalEnv: Record = {}; - - // Define all environment variables we might set - const envVars = { - RUNNER_TEMP: tmpDir, - GITHUB_EVENT_NAME: "push", - GITHUB_WORKFLOW: "test-workflow", - GITHUB_REPOSITORY: "owner/repo", - GITHUB_RUN_ID: "123", - GITHUB_RUN_ATTEMPT: "1", - ...extraVars, - }; - - // Save original values and set new ones - for (const [key, value] of Object.entries(envVars)) { - originalEnv[key] = process.env[key]; - process.env[key] = value; - } - - // Return a cleanup function that restores the original environment - return () => { - for (const [key, originalValue] of Object.entries(originalEnv)) { - if (originalValue === undefined) { - delete process.env[key]; - } else { - process.env[key] = originalValue; - } - } +function createMockSarif(id?: string, tool?: string) { + return { + runs: [ + { + automationDetails: { + id, + }, + tool: { + driver: { + name: tool, + }, + }, + }, + ], }; } -// Helper function to stub common external dependencies for upload tests -function stubUploadDependencies() { - sinon.stub(api, "getGitHubVersion").resolves({ - type: GitHubVariant.DOTCOM, - }); - sinon.stub(api, "getAnalysisKey").resolves("test-key"); - sinon.stub(actionsUtil, "getRequiredInput").returns("{}"); - const addFingerprintsStub = sinon - .stub(fingerprints, "addFingerprints") - .resolvesArg(0); - sinon.stub(gitUtils, "getCommitOid").resolves("abc123"); - sinon.stub(gitUtils, "getRef").resolves("refs/heads/main"); - sinon.stub(gitUtils, "determineBaseBranchHeadCommitOid").resolves(undefined); - - return { addFingerprintsStub }; -} - -// Helper function to stub the API client for upload tests -function stubApiClientForUpload(sarifId: string) { - const mockApiClient = github.getOctokit("123"); - const requestStub = sinon - .stub(mockApiClient, "request") - // eslint-disable-next-line @typescript-eslint/no-unsafe-argument - .resolves({ - status: 200, - data: { id: sarifId }, - } as any); - sinon.stub(api, "getApiClient").value(() => mockApiClient); - - return { requestStub }; -} - -test("uploadSpecifiedFiles - single SARIF file", async (t) => { - await withTmpDir(async (tmpDir) => { - const logger = getRunnerLogger(true); - const features = createFeatures([]); - const sarifPath = path.join(tmpDir, "test.sarif"); - const checkoutPath = tmpDir; - - // Create a valid SARIF file - const mockSarif = createMockSarif("test-id", "TestTool"); - fs.writeFileSync(sarifPath, JSON.stringify(mockSarif)); - - const cleanupEnv = setupUploadEnvironment(tmpDir, { - CODEQL_ACTION_SKIP_SARIF_UPLOAD: "true", - }); - const { addFingerprintsStub } = stubUploadDependencies(); - - try { - const result = await uploadLib.uploadSpecifiedFiles( - [sarifPath], - checkoutPath, - "test-category", - features, - logger, - CodeScanning, - ); - - // Verify the result - t.is(result.sarifID, "dummy-sarif-id"); - t.truthy(result.statusReport.raw_upload_size_bytes); - t.truthy(result.statusReport.zipped_upload_size_bytes); - t.is(result.statusReport.num_results_in_sarif, 0); - - // Verify external dependencies were called - t.true(addFingerprintsStub.calledOnce); - } finally { - sinon.restore(); - cleanupEnv(); - } - }); -}); - -test("uploadSpecifiedFiles - multiple SARIF files", async (t) => { - await withTmpDir(async (tmpDir) => { - const logger = getRunnerLogger(true); - const features = createFeatures([]); - const sarifPath1 = path.join(tmpDir, "test1.sarif"); - const sarifPath2 = path.join(tmpDir, "test2.sarif"); - const checkoutPath = tmpDir; - - // Create valid SARIF files with CodeQL as the tool name to trigger CLI merge - const mockSarif1 = createMockSarif("test-id-1", "CodeQL"); - const mockSarif2 = createMockSarif("test-id-2", "CodeQL"); - fs.writeFileSync(sarifPath1, JSON.stringify(mockSarif1)); - fs.writeFileSync(sarifPath2, JSON.stringify(mockSarif2)); - - // Set up environment WITHOUT skip flags to perform actual upload - const cleanupEnv = setupUploadEnvironment(tmpDir); - stubUploadDependencies(); - - // Create a mock combined SARIF that will be "returned" by mergeResults - const mockCombinedSarif = createMockSarif("combined-id", "CombinedTool"); - - // Mock CodeQL CLI with a spy to verify inputs - const mergeResultsStub = sinon - .stub() - .callsFake(async (_inputs: string[], output: string) => { - // Write the mock combined SARIF to the output file - fs.writeFileSync(output, JSON.stringify(mockCombinedSarif)); - }); - - sinon.stub(codeqlModule, "getCodeQL").resolves({ - supportsFeature: async () => true, - mergeResults: mergeResultsStub, - } as unknown as codeqlModule.CodeQL); - - // Mock getConfig to return a config with our mocked CodeQL - sinon.stub(configUtils, "getConfig").resolves({ - codeQLCmd: "/fake/codeql", - tempDir: tmpDir, - } as unknown as configUtils.Config); - - // Mock the API client to capture the upload request - const { requestStub } = stubApiClientForUpload("combined-sarif-id-456"); - - try { - const result = await uploadLib.uploadSpecifiedFiles( - [sarifPath1, sarifPath2], - checkoutPath, - "test-category", - features, - logger, - CodeScanning, - ); - - // Verify the result uses the uploaded ID - t.is(result.sarifID, "combined-sarif-id-456"); - t.truthy(result.statusReport.raw_upload_size_bytes); - - // Verify the API was called - t.true(requestStub.calledOnce); - - // Verify the uploaded payload contains the combined SARIF from our mock - const uploadCall = requestStub.getCall(0); - const uploadPayload = uploadCall.args[1] as any; - - // Decode and verify the uploaded SARIF matches what our mock produced - const uploadedSarifBase64 = uploadPayload.data.sarif as string; - const uploadedSarifGzipped = Buffer.from(uploadedSarifBase64, "base64"); - const uploadedSarifJson = zlib - .gunzipSync(uploadedSarifGzipped) - .toString(); - const uploadedSarif = JSON.parse(uploadedSarifJson) as SarifFile; - - // Verify it contains the combined SARIF data from our CodeQL mock - t.is(uploadedSarif.runs[0].automationDetails?.id, "combined-id"); - t.is(uploadedSarif.runs[0].tool?.driver?.name, "CombinedTool"); - - // Verify mergeResults was called with the correct input files - t.true(mergeResultsStub.calledOnce); - const mergeCall = mergeResultsStub.getCall(0); - const inputPaths = mergeCall.args[0]; - t.deepEqual(inputPaths, [sarifPath1, sarifPath2]); - } finally { - sinon.restore(); - cleanupEnv(); - } - }); -}); +const uploadPayloadMacro = test.macro({ + exec: async ( + t: ExecutionContext, + options: { + analysis: analyses.AnalysisConfig; + envVars?: Record; + body: ( + t: ExecutionContext, + upload: () => Promise, + tmpDir: string, + requestStub: sinon.SinonStub, + mockData: { + payload: { sarif: string; commit_sha: string }; + repositoryNwo: { owner: string; repo: string }; + response: { + status: number; + data: { id: string }; + headers: any; + url: string; + }; + }, + ) => void | Promise; + }, + ) => { + await withTmpDir(async (tmpDir) => { + process.env.RUNNER_TEMP = tmpDir; + for (const [key, value] of Object.entries(options.envVars ?? {})) { + process.env[key] = value; + } -test("uploadSpecifiedFiles - category is mapped when doing code quality", async (t) => { - await withTmpDir(async (tmpDir) => { - const logger = getRunnerLogger(true); - const features = createFeatures([]); - const sarifPath = path.join(tmpDir, "test.quality.sarif"); - const checkoutPath = tmpDir; - - // Create a SARIF without automationDetails so the category will be applied - const mockSarif = createMockSarif(undefined, "QualityTool"); - fs.writeFileSync(sarifPath, JSON.stringify(mockSarif)); - - // Set up environment WITHOUT skip flags to perform actual upload - // Set GITHUB_EVENT_NAME to "dynamic" to enable isDefaultSetup() check - const cleanupEnv = setupUploadEnvironment(tmpDir, { - GITHUB_EVENT_NAME: "dynamic", - }); - stubUploadDependencies(); - - // Mock the API client to capture the upload request - const { requestStub } = stubApiClientForUpload("quality-sarif-id-789"); - - try { - const result = await uploadLib.uploadSpecifiedFiles( - [sarifPath], - checkoutPath, - "/language:c#", - features, - logger, - CodeQuality, - ); + const mockData = { + payload: { sarif: "base64data", commit_sha: "abc123" }, + repositoryNwo: { owner: "test-owner", repo: "test-repo" }, + response: { + status: 200, + data: { id: "uploaded-sarif-id" }, + headers: {}, + url: options.analysis.target, + }, + }; - // Verify actual upload happened - t.is(result.sarifID, "quality-sarif-id-789"); - t.true(requestStub.calledOnce); + const client = github.getOctokit("123"); + sinon.stub(api, "getApiClient").value(() => client); + const requestStub = sinon.stub(client, "request"); - // Verify the category was fixed from /language:c# to /language:csharp - const uploadCall = requestStub.getCall(0); - const uploadPayload = uploadCall.args[1] as any; - - // Decode and verify the uploaded SARIF contains the fixed category - const uploadedSarifBase64 = uploadPayload.data.sarif as string; - const uploadedSarifGzipped = Buffer.from(uploadedSarifBase64, "base64"); - const uploadedSarifJson = zlib - .gunzipSync(uploadedSarifGzipped) - .toString(); - const uploadedSarif = JSON.parse(uploadedSarifJson) as SarifFile; - - // The automation details id should have been updated to use csharp instead of c# - t.is(uploadedSarif.runs[0].automationDetails?.id, "/language:csharp/"); - } finally { - sinon.restore(); - cleanupEnv(); - } - }); -}); + const upload = async () => + uploadLib.uploadPayload( + mockData.payload, + mockData.repositoryNwo, + getRunnerLogger(true), + options.analysis, + ); -test("uploadSpecifiedFiles - dumps SARIF when SARIF_DUMP_DIR is set", async (t) => { - await withTmpDir(async (tmpDir) => { - const logger = getRunnerLogger(true); - const features = createFeatures([]); - const sarifPath = path.join(tmpDir, "test.sarif"); - const dumpDir = path.join(tmpDir, "dump"); - const checkoutPath = tmpDir; - - fs.mkdirSync(dumpDir); - const mockSarif = createMockSarif("test-id", "TestTool"); - fs.writeFileSync(sarifPath, JSON.stringify(mockSarif)); - - const cleanupEnv = setupUploadEnvironment(tmpDir, { - CODEQL_ACTION_SARIF_DUMP_DIR: dumpDir, - CODEQL_ACTION_SKIP_SARIF_UPLOAD: "true", + await options.body(t, upload, tmpDir, requestStub, mockData); }); - stubUploadDependencies(); - - try { - await uploadLib.uploadSpecifiedFiles( - [sarifPath], - checkoutPath, - "test-category", - features, - logger, - CodeScanning, - ); - - // Verify SARIF was dumped - const dumpedFile = path.join( - dumpDir, - `upload${CodeScanning.sarifExtension}`, - ); - t.true(fs.existsSync(dumpedFile)); - } finally { - sinon.restore(); - cleanupEnv(); - } - }); -}); - -test("uploadSpecifiedFiles - performs actual upload when skip flags are not set", async (t) => { - await withTmpDir(async (tmpDir) => { - const logger = getRunnerLogger(true); - const features = createFeatures([]); - const sarifPath = path.join(tmpDir, "test.sarif"); - const checkoutPath = tmpDir; - - const mockSarif = createMockSarif("test-id", "TestTool"); - fs.writeFileSync(sarifPath, JSON.stringify(mockSarif)); - - // Set up environment WITHOUT skip flags - const cleanupEnv = setupUploadEnvironment(tmpDir); - stubUploadDependencies(); - - // Mock the API client to capture the upload request - const { requestStub } = stubApiClientForUpload("real-sarif-id-123"); - - try { - const result = await uploadLib.uploadSpecifiedFiles( - [sarifPath], - checkoutPath, - "test-category", - features, - logger, - CodeScanning, - ); - - // Verify actual upload happened - t.is(result.sarifID, "real-sarif-id-123"); + }, + title: (providedTitle = "", options: { analysis: analyses.AnalysisConfig }) => + `uploadPayload - ${options.analysis.name} - ${providedTitle}`, +}); + +for (const analysis of [CodeScanning, CodeQuality]) { + test("successful upload", uploadPayloadMacro, { + analysis, + body: async (t, upload, _tmpDir, requestStub, mockData) => { + requestStub + .withArgs(analysis.target, { + owner: mockData.repositoryNwo.owner, + repo: mockData.repositoryNwo.repo, + data: mockData.payload, + }) + .onFirstCall() + .returns(Promise.resolve(mockData.response)); + const result = await upload(); + t.is(result, mockData.response.data.id); t.true(requestStub.calledOnce); - - // Verify the upload target was correct - const uploadCall = requestStub.getCall(0); - t.is(uploadCall.args[0], CodeScanning.target); - - // Verify payload structure - const uploadPayload = uploadCall.args[1] as any; - t.truthy(uploadPayload.data.sarif); - t.is(uploadPayload.data.commit_oid, "abc123"); - t.is(uploadPayload.data.ref, "refs/heads/main"); - } finally { - sinon.restore(); - cleanupEnv(); - } + }, }); -}); -test("uploadSpecifiedFiles - skips upload when CODEQL_ACTION_TEST_MODE is set", async (t) => { - await withTmpDir(async (tmpDir) => { - const logger = getRunnerLogger(true); - const features = createFeatures([]); - const sarifPath = path.join(tmpDir, "test.sarif"); - const checkoutPath = tmpDir; + for (const envVar of [ + "CODEQL_ACTION_SKIP_SARIF_UPLOAD", + "CODEQL_ACTION_TEST_MODE", + ]) { + test(`skips upload when ${envVar} is set`, uploadPayloadMacro, { + analysis, + envVars: { + [envVar]: "true", + }, + body: async (t, upload, tmpDir, requestStub, mockData) => { + const result = await upload(); + t.is(result, "dummy-sarif-id"); + t.false(requestStub.called); - const mockSarif = createMockSarif("test-id", "TestTool"); - fs.writeFileSync(sarifPath, JSON.stringify(mockSarif)); + const payloadFile = path.join(tmpDir, `payload-${analysis.kind}.json`); + t.true(fs.existsSync(payloadFile)); - // Set up environment with TEST_MODE instead of SKIP_SARIF_UPLOAD - const cleanupEnv = setupUploadEnvironment(tmpDir, { - CODEQL_ACTION_TEST_MODE: "true", + const savedPayload = JSON.parse(fs.readFileSync(payloadFile, "utf8")); + t.deepEqual(savedPayload, mockData.payload); + }, }); - stubUploadDependencies(); - - // Mock the API client - this should NOT be called - const { requestStub } = stubApiClientForUpload("should-not-be-used"); - - try { - const result = await uploadLib.uploadSpecifiedFiles( - [sarifPath], - checkoutPath, - "test-category", - features, - logger, - CodeScanning, - ); + } - // Verify upload was skipped - t.is(result.sarifID, "dummy-sarif-id"); - t.false( - requestStub.called, - "API request should not be called when in test mode", + test("handles error", uploadPayloadMacro, { + analysis, + body: async (t, upload, _tmpDir, requestStub, _mockData) => { + const wrapApiConfigurationErrorStub = sinon.stub( + api, + "wrapApiConfigurationError", ); - - // Verify payload was saved to file instead - const payloadFile = path.join(tmpDir, "payload-code-scanning.json"); - t.true(fs.existsSync(payloadFile)); - - const savedPayload = JSON.parse(fs.readFileSync(payloadFile, "utf8")); - t.truthy(savedPayload.sarif); - t.is(savedPayload.commit_oid, "abc123"); - } finally { - sinon.restore(); - cleanupEnv(); - } - }); -}); - -function createMockSarif(id?: string, tool?: string) { - const run: any = { - tool: { - driver: { - name: tool, - }, + const originalError = new HTTPError(404); + const wrappedError = new Error("Wrapped error message"); + requestStub.rejects(originalError); + wrapApiConfigurationErrorStub + .withArgs(originalError) + .returns(wrappedError); + await t.throwsAsync(upload, { + is: wrappedError, + }); }, - results: [], - }; - - // Only include automationDetails if id is provided - if (id !== undefined) { - run.automationDetails = { id }; - } - - return { - version: "2.1.0", - runs: [run], - }; + }); } diff --git a/src/upload-lib.ts b/src/upload-lib.ts index 7c630204bc..90f0342de5 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -346,9 +346,12 @@ function getAutomationID( return api.computeAutomationID(analysis_key, environment); } -// Upload the given payload. -// If the request fails then this will retry a small number of times. -async function uploadPayload( +/** + * Upload the given payload. + * If the request fails then this will retry a small number of times. + * This is exported for testing purposes only. + */ +export async function uploadPayload( payload: any, repositoryNwo: RepositoryNwo, logger: Logger, From ff2fc66cc18ceec24743397252b8fc50b0708654 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 9 Oct 2025 12:29:27 +0200 Subject: [PATCH 40/59] Simplify `uploadPayload` tests --- src/upload-lib.test.ts | 101 ++++++++++++++++++++--------------------- 1 file changed, 50 insertions(+), 51 deletions(-) diff --git a/src/upload-lib.test.ts b/src/upload-lib.test.ts index 6e78bcf355..b5a4da7580 100644 --- a/src/upload-lib.test.ts +++ b/src/upload-lib.test.ts @@ -878,15 +878,14 @@ const uploadPayloadMacro = test.macro({ t: ExecutionContext, options: { analysis: analyses.AnalysisConfig; - envVars?: Record; body: ( t: ExecutionContext, upload: () => Promise, - tmpDir: string, requestStub: sinon.SinonStub, mockData: { payload: { sarif: string; commit_sha: string }; - repositoryNwo: { owner: string; repo: string }; + owner: string; + repo: string; response: { status: number; data: { id: string }; @@ -897,50 +896,47 @@ const uploadPayloadMacro = test.macro({ ) => void | Promise; }, ) => { - await withTmpDir(async (tmpDir) => { - process.env.RUNNER_TEMP = tmpDir; - for (const [key, value] of Object.entries(options.envVars ?? {})) { - process.env[key] = value; - } - - const mockData = { - payload: { sarif: "base64data", commit_sha: "abc123" }, - repositoryNwo: { owner: "test-owner", repo: "test-repo" }, - response: { - status: 200, - data: { id: "uploaded-sarif-id" }, - headers: {}, - url: options.analysis.target, + const mockData = { + payload: { sarif: "base64data", commit_sha: "abc123" }, + owner: "test-owner", + repo: "test-repo", + response: { + status: 200, + data: { id: "uploaded-sarif-id" }, + headers: {}, + url: options.analysis.target, + }, + }; + + const client = github.getOctokit("123"); + sinon.stub(api, "getApiClient").value(() => client); + const requestStub = sinon.stub(client, "request"); + + const upload = async () => + uploadLib.uploadPayload( + mockData.payload, + { + owner: mockData.owner, + repo: mockData.repo, }, - }; - - const client = github.getOctokit("123"); - sinon.stub(api, "getApiClient").value(() => client); - const requestStub = sinon.stub(client, "request"); - - const upload = async () => - uploadLib.uploadPayload( - mockData.payload, - mockData.repositoryNwo, - getRunnerLogger(true), - options.analysis, - ); + getRunnerLogger(true), + options.analysis, + ); - await options.body(t, upload, tmpDir, requestStub, mockData); - }); + await options.body(t, upload, requestStub, mockData); }, title: (providedTitle = "", options: { analysis: analyses.AnalysisConfig }) => `uploadPayload - ${options.analysis.name} - ${providedTitle}`, }); for (const analysis of [CodeScanning, CodeQuality]) { - test("successful upload", uploadPayloadMacro, { + test("uploads successfully", uploadPayloadMacro, { analysis, - body: async (t, upload, _tmpDir, requestStub, mockData) => { + body: async (t, upload, requestStub, mockData) => { requestStub .withArgs(analysis.target, { - owner: mockData.repositoryNwo.owner, - repo: mockData.repositoryNwo.repo, + owner: mockData.owner, + repo: mockData.repo, data: mockData.payload, }) .onFirstCall() @@ -957,26 +953,29 @@ for (const analysis of [CodeScanning, CodeQuality]) { ]) { test(`skips upload when ${envVar} is set`, uploadPayloadMacro, { analysis, - envVars: { - [envVar]: "true", - }, - body: async (t, upload, tmpDir, requestStub, mockData) => { - const result = await upload(); - t.is(result, "dummy-sarif-id"); - t.false(requestStub.called); - - const payloadFile = path.join(tmpDir, `payload-${analysis.kind}.json`); - t.true(fs.existsSync(payloadFile)); - - const savedPayload = JSON.parse(fs.readFileSync(payloadFile, "utf8")); - t.deepEqual(savedPayload, mockData.payload); - }, + body: async (t, upload, requestStub, mockData) => + withTmpDir(async (tmpDir) => { + process.env.RUNNER_TEMP = tmpDir; + process.env[envVar] = "true"; + const result = await upload(); + t.is(result, "dummy-sarif-id"); + t.false(requestStub.called); + + const payloadFile = path.join( + tmpDir, + `payload-${analysis.kind}.json`, + ); + t.true(fs.existsSync(payloadFile)); + + const savedPayload = JSON.parse(fs.readFileSync(payloadFile, "utf8")); + t.deepEqual(savedPayload, mockData.payload); + }), }); } test("handles error", uploadPayloadMacro, { analysis, - body: async (t, upload, _tmpDir, requestStub, _mockData) => { + body: async (t, upload, requestStub) => { const wrapApiConfigurationErrorStub = sinon.stub( api, "wrapApiConfigurationError", From 610c7c68e37196cc9fa91a01b93112e77c0a82b8 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 9 Oct 2025 15:24:02 +0200 Subject: [PATCH 41/59] Address review --- src/upload-lib.test.ts | 176 +++++++++++++++++------------------------ 1 file changed, 72 insertions(+), 104 deletions(-) diff --git a/src/upload-lib.test.ts b/src/upload-lib.test.ts index b5a4da7580..7a5be6382f 100644 --- a/src/upload-lib.test.ts +++ b/src/upload-lib.test.ts @@ -3,7 +3,7 @@ import * as path from "path"; import * as github from "@actions/github"; import { HTTPError } from "@actions/tool-cache"; -import test, { ExecutionContext } from "ava"; +import test from "ava"; import * as sinon from "sinon"; import * as analyses from "./analyses"; @@ -873,122 +873,90 @@ function createMockSarif(id?: string, tool?: string) { }; } -const uploadPayloadMacro = test.macro({ - exec: async ( - t: ExecutionContext, - options: { - analysis: analyses.AnalysisConfig; - body: ( - t: ExecutionContext, - upload: () => Promise, - requestStub: sinon.SinonStub, - mockData: { - payload: { sarif: string; commit_sha: string }; - owner: string; - repo: string; - response: { - status: number; - data: { id: string }; - headers: any; - url: string; - }; - }, - ) => void | Promise; +function uploadPayloadFixtures(analysis: analyses.AnalysisConfig) { + const mockData = { + payload: { sarif: "base64data", commit_sha: "abc123" }, + owner: "test-owner", + repo: "test-repo", + response: { + status: 200, + data: { id: "uploaded-sarif-id" }, + headers: {}, + url: analysis.target, }, - ) => { - const mockData = { - payload: { sarif: "base64data", commit_sha: "abc123" }, - owner: "test-owner", - repo: "test-repo", - response: { - status: 200, - data: { id: "uploaded-sarif-id" }, - headers: {}, - url: options.analysis.target, + }; + const client = github.getOctokit("123"); + sinon.stub(api, "getApiClient").value(() => client); + const requestStub = sinon.stub(client, "request"); + + const upload = async () => + uploadLib.uploadPayload( + mockData.payload, + { + owner: mockData.owner, + repo: mockData.repo, }, - }; - - const client = github.getOctokit("123"); - sinon.stub(api, "getApiClient").value(() => client); - const requestStub = sinon.stub(client, "request"); - - const upload = async () => - uploadLib.uploadPayload( - mockData.payload, - { - owner: mockData.owner, - repo: mockData.repo, - }, - getRunnerLogger(true), - options.analysis, - ); + getRunnerLogger(true), + analysis, + ); - await options.body(t, upload, requestStub, mockData); - }, - title: (providedTitle = "", options: { analysis: analyses.AnalysisConfig }) => - `uploadPayload - ${options.analysis.name} - ${providedTitle}`, -}); + return { + upload, + requestStub, + mockData, + }; +} for (const analysis of [CodeScanning, CodeQuality]) { - test("uploads successfully", uploadPayloadMacro, { - analysis, - body: async (t, upload, requestStub, mockData) => { - requestStub - .withArgs(analysis.target, { - owner: mockData.owner, - repo: mockData.repo, - data: mockData.payload, - }) - .onFirstCall() - .returns(Promise.resolve(mockData.response)); - const result = await upload(); - t.is(result, mockData.response.data.id); - t.true(requestStub.calledOnce); - }, + test(`uploadPayload on ${analysis.name} uploads successfully`, async (t) => { + const { upload, requestStub, mockData } = uploadPayloadFixtures(analysis); + requestStub + .withArgs(analysis.target, { + owner: mockData.owner, + repo: mockData.repo, + data: mockData.payload, + }) + .onFirstCall() + .returns(Promise.resolve(mockData.response)); + const result = await upload(); + t.is(result, mockData.response.data.id); + t.true(requestStub.calledOnce); }); for (const envVar of [ "CODEQL_ACTION_SKIP_SARIF_UPLOAD", "CODEQL_ACTION_TEST_MODE", ]) { - test(`skips upload when ${envVar} is set`, uploadPayloadMacro, { - analysis, - body: async (t, upload, requestStub, mockData) => - withTmpDir(async (tmpDir) => { - process.env.RUNNER_TEMP = tmpDir; - process.env[envVar] = "true"; - const result = await upload(); - t.is(result, "dummy-sarif-id"); - t.false(requestStub.called); - - const payloadFile = path.join( - tmpDir, - `payload-${analysis.kind}.json`, - ); - t.true(fs.existsSync(payloadFile)); - - const savedPayload = JSON.parse(fs.readFileSync(payloadFile, "utf8")); - t.deepEqual(savedPayload, mockData.payload); - }), + test(`uploadPayload on ${analysis.name} skips upload when ${envVar} is set`, async (t) => { + const { upload, requestStub, mockData } = uploadPayloadFixtures(analysis); + await withTmpDir(async (tmpDir) => { + process.env.RUNNER_TEMP = tmpDir; + process.env[envVar] = "true"; + const result = await upload(); + t.is(result, "dummy-sarif-id"); + t.false(requestStub.called); + + const payloadFile = path.join(tmpDir, `payload-${analysis.kind}.json`); + t.true(fs.existsSync(payloadFile)); + + const savedPayload = JSON.parse(fs.readFileSync(payloadFile, "utf8")); + t.deepEqual(savedPayload, mockData.payload); + }); }); } - test("handles error", uploadPayloadMacro, { - analysis, - body: async (t, upload, requestStub) => { - const wrapApiConfigurationErrorStub = sinon.stub( - api, - "wrapApiConfigurationError", - ); - const originalError = new HTTPError(404); - const wrappedError = new Error("Wrapped error message"); - requestStub.rejects(originalError); - wrapApiConfigurationErrorStub - .withArgs(originalError) - .returns(wrappedError); - await t.throwsAsync(upload, { - is: wrappedError, - }); - }, + test(`uploadPayload on ${analysis.name} wraps request errors using wrapApiConfigurationError`, async (t) => { + const { upload, requestStub } = uploadPayloadFixtures(analysis); + const wrapApiConfigurationErrorStub = sinon.stub( + api, + "wrapApiConfigurationError", + ); + const originalError = new HTTPError(404); + const wrappedError = new Error("Wrapped error message"); + requestStub.rejects(originalError); + wrapApiConfigurationErrorStub.withArgs(originalError).returns(wrappedError); + await t.throwsAsync(upload, { + is: wrappedError, + }); }); } From 62f0f21c3cf729521f1b7c6610048be4eb0cbea9 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 10 Oct 2025 13:27:50 +0100 Subject: [PATCH 42/59] Add `AllowToolcacheInput` feature --- lib/analyze-action-post.js | 5 +++++ lib/analyze-action.js | 5 +++++ lib/autobuild-action.js | 5 +++++ lib/init-action-post.js | 5 +++++ lib/init-action.js | 5 +++++ lib/resolve-environment-action.js | 5 +++++ lib/start-proxy-action-post.js | 5 +++++ lib/start-proxy-action.js | 5 +++++ lib/upload-lib.js | 5 +++++ lib/upload-sarif-action-post.js | 5 +++++ lib/upload-sarif-action.js | 5 +++++ src/feature-flags.ts | 8 +++++++- 12 files changed, 62 insertions(+), 1 deletion(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index 19c987905e..a118f067ee 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -117806,6 +117806,11 @@ function isSafeArtifactUpload(codeQlVersion) { // src/feature-flags.ts var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/lib/analyze-action.js b/lib/analyze-action.js index af3fb58319..aec886409e 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -91095,6 +91095,11 @@ var DEFAULT_VERSION_FEATURE_FLAG_PREFIX = "default_codeql_version_"; var DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled"; var CODEQL_VERSION_ZSTD_BUNDLE = "2.19.0"; var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index adf440738a..ef95f3e146 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -78544,6 +78544,11 @@ function isSupportedToolsFeature(versionInfo, feature) { var DEFAULT_VERSION_FEATURE_FLAG_PREFIX = "default_codeql_version_"; var DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled"; var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 08c8449012..ab441ee67b 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -129233,6 +129233,11 @@ var DEFAULT_VERSION_FEATURE_FLAG_PREFIX = "default_codeql_version_"; var DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled"; var CODEQL_VERSION_ZSTD_BUNDLE = "2.19.0"; var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/lib/init-action.js b/lib/init-action.js index 5481ab1e8f..8a1c1455b4 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -86981,6 +86981,11 @@ var DEFAULT_VERSION_FEATURE_FLAG_PREFIX = "default_codeql_version_"; var DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled"; var CODEQL_VERSION_ZSTD_BUNDLE = "2.19.0"; var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 4d1cdf81af..8c583694c1 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -78535,6 +78535,11 @@ function isSupportedToolsFeature(versionInfo, feature) { // src/feature-flags.ts var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 2b468746ba..be478338a6 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -117215,6 +117215,11 @@ var semver3 = __toESM(require_semver2()); // src/feature-flags.ts var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 29aea7357a..77de29490a 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -95329,6 +95329,11 @@ var semver3 = __toESM(require_semver2()); // src/feature-flags.ts var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 508e16a109..3a783a2a0f 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -89332,6 +89332,11 @@ function isSupportedToolsFeature(versionInfo, feature) { // src/feature-flags.ts var CODEQL_VERSION_ZSTD_BUNDLE = "2.19.0"; var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 6f9835b144..f4eda54fb3 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -117378,6 +117378,11 @@ function isSafeArtifactUpload(codeQlVersion) { // src/feature-flags.ts var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index ecdb515e3f..5d09915245 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -89248,6 +89248,11 @@ var DEFAULT_VERSION_FEATURE_FLAG_PREFIX = "default_codeql_version_"; var DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled"; var CODEQL_VERSION_ZSTD_BUNDLE = "2.19.0"; var featureConfig = { + ["allow_toolcache_input" /* AllowToolcacheInput */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: void 0 + }, ["cleanup_trap_caches" /* CleanupTrapCaches */]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", diff --git a/src/feature-flags.ts b/src/feature-flags.ts index 2938f5108c..3a548ffa1a 100644 --- a/src/feature-flags.ts +++ b/src/feature-flags.ts @@ -43,6 +43,7 @@ export interface FeatureEnablement { * Legacy features should end with `_enabled`. */ export enum Feature { + AllowToolcacheInput = "allow_toolcache_input", CleanupTrapCaches = "cleanup_trap_caches", CppDependencyInstallation = "cpp_dependency_installation_enabled", DiffInformedQueries = "diff_informed_queries", @@ -73,9 +74,9 @@ export enum Feature { OverlayAnalysisRust = "overlay_analysis_rust", OverlayAnalysisSwift = "overlay_analysis_swift", PythonDefaultIsToNotExtractStdlib = "python_default_is_to_not_extract_stdlib", - UseRepositoryProperties = "use_repository_properties", QaTelemetryEnabled = "qa_telemetry_enabled", ResolveSupportedLanguagesUsingCli = "resolve_supported_languages_using_cli", + UseRepositoryProperties = "use_repository_properties", } export const featureConfig: Record< @@ -109,6 +110,11 @@ export const featureConfig: Record< toolsFeature?: ToolsFeature; } > = { + [Feature.AllowToolcacheInput]: { + defaultValue: false, + envVar: "CODEQL_ACTION_ALLOW_TOOLCACHE_INPUT", + minimumVersion: undefined, + }, [Feature.CleanupTrapCaches]: { defaultValue: false, envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES", From a512fe0868dad020a7936ebc957e18cb421aaba9 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 10 Oct 2025 13:49:06 +0100 Subject: [PATCH 43/59] Gate `tools: toolcache` behind FF Mainly to allow us to disable it, if needed. --- lib/analyze-action.js | 29 +++++++++++++++++++++-------- lib/init-action-post.js | 29 +++++++++++++++++++++-------- lib/init-action.js | 29 +++++++++++++++++++++-------- lib/upload-lib.js | 29 +++++++++++++++++++++-------- lib/upload-sarif-action.js | 29 +++++++++++++++++++++-------- src/codeql.test.ts | 28 ++++++++++++++++++++++++++++ src/codeql.ts | 3 +++ src/init-action.ts | 1 + src/init.ts | 4 +++- src/setup-codeql.test.ts | 17 +++++++++++++++++ src/setup-codeql.ts | 23 +++++++++++++++++++---- src/upload-lib.ts | 1 + 12 files changed, 177 insertions(+), 45 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index aec886409e..c94a9e3843 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -92304,7 +92304,7 @@ async function findOverridingToolsInCache(humanReadableVersion, logger) { } return void 0; } -async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, tarSupportsZstd, logger) { +async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, tarSupportsZstd, features, logger) { if (toolsInput && !isReservedToolsValue(toolsInput) && !toolsInput.startsWith("http")) { logger.info(`Using CodeQL CLI from local path ${toolsInput}`); const compressionMethod2 = inferCompressionMethod(toolsInput); @@ -92343,7 +92343,10 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { let latestToolcacheVersion; - const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + const allowToolcacheValueFF = await features.getValue( + "allow_toolcache_input" /* AllowToolcacheInput */ + ); + const allowToolcacheValue = allowToolcacheValueFF && (isDynamicWorkflow() || isInTestMode()); if (allowToolcacheValue) { logger.info( `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` @@ -92359,9 +92362,15 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` ); } else { - logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` - ); + if (allowToolcacheValueFF) { + logger.info( + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } } cliVersion2 = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; @@ -92574,7 +92583,7 @@ function getCanonicalToolcacheVersion(cliVersion2, bundleVersion2, logger) { } return cliVersion2; } -async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) { +async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger) { if (!await isBinaryAccessible("tar", logger)) { throw new ConfigurationError( "Could not find tar in PATH, so unable to extract CodeQL bundle." @@ -92587,6 +92596,7 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defau apiDetails, variant, zstdAvailability.available, + features, logger ); let codeqlFolder; @@ -92744,7 +92754,7 @@ var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; var CODEQL_VERSION_CACHE_CLEANUP = "2.17.1"; -async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger, checkVersion) { +async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { const { codeqlFolder, @@ -92758,6 +92768,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV tempDir, variant, defaultCliVersion, + features, logger ); logger.debug( @@ -95409,7 +95420,7 @@ async function addFingerprints(sarif, sourceRoot, logger) { // src/init.ts var toolrunner4 = __toESM(require_toolrunner()); var io6 = __toESM(require_io()); -async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) { +async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger) { logger.startGroup("Setup CodeQL tools"); const { codeql, @@ -95423,6 +95434,7 @@ async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVe tempDir, variant, defaultCliVersion, + features, logger, true ); @@ -95569,6 +95581,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo tempDir, gitHubVersion.type, codeQLDefaultVersionInfo, + features, logger ); codeQL = initCodeQLResult.codeql; diff --git a/lib/init-action-post.js b/lib/init-action-post.js index ab441ee67b..cc3b6a9d2c 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -130286,7 +130286,7 @@ async function findOverridingToolsInCache(humanReadableVersion, logger) { } return void 0; } -async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, tarSupportsZstd, logger) { +async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, tarSupportsZstd, features, logger) { if (toolsInput && !isReservedToolsValue(toolsInput) && !toolsInput.startsWith("http")) { logger.info(`Using CodeQL CLI from local path ${toolsInput}`); const compressionMethod2 = inferCompressionMethod(toolsInput); @@ -130325,7 +130325,10 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { let latestToolcacheVersion; - const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + const allowToolcacheValueFF = await features.getValue( + "allow_toolcache_input" /* AllowToolcacheInput */ + ); + const allowToolcacheValue = allowToolcacheValueFF && (isDynamicWorkflow() || isInTestMode()); if (allowToolcacheValue) { logger.info( `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` @@ -130341,9 +130344,15 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` ); } else { - logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` - ); + if (allowToolcacheValueFF) { + logger.info( + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } } cliVersion2 = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; @@ -130556,7 +130565,7 @@ function getCanonicalToolcacheVersion(cliVersion2, bundleVersion2, logger) { } return cliVersion2; } -async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) { +async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger) { if (!await isBinaryAccessible("tar", logger)) { throw new ConfigurationError( "Could not find tar in PATH, so unable to extract CodeQL bundle." @@ -130569,6 +130578,7 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defau apiDetails, variant, zstdAvailability.available, + features, logger ); let codeqlFolder; @@ -130693,7 +130703,7 @@ var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; var CODEQL_VERSION_CACHE_CLEANUP = "2.17.1"; -async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger, checkVersion) { +async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { const { codeqlFolder, @@ -130707,6 +130717,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV tempDir, variant, defaultCliVersion, + features, logger ); logger.debug( @@ -132885,7 +132896,7 @@ async function addFingerprints(sarif, sourceRoot, logger) { // src/init.ts var toolrunner4 = __toESM(require_toolrunner()); var io6 = __toESM(require_io()); -async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) { +async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger) { logger.startGroup("Setup CodeQL tools"); const { codeql, @@ -132899,6 +132910,7 @@ async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVe tempDir, variant, defaultCliVersion, + features, logger, true ); @@ -133045,6 +133057,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo tempDir, gitHubVersion.type, codeQLDefaultVersionInfo, + features, logger ); codeQL = initCodeQLResult.codeql; diff --git a/lib/init-action.js b/lib/init-action.js index 8a1c1455b4..c1009d393f 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -89082,7 +89082,7 @@ async function findOverridingToolsInCache(humanReadableVersion, logger) { } return void 0; } -async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, tarSupportsZstd, logger) { +async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, tarSupportsZstd, features, logger) { if (toolsInput && !isReservedToolsValue(toolsInput) && !toolsInput.startsWith("http")) { logger.info(`Using CodeQL CLI from local path ${toolsInput}`); const compressionMethod2 = inferCompressionMethod(toolsInput); @@ -89121,7 +89121,10 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { let latestToolcacheVersion; - const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + const allowToolcacheValueFF = await features.getValue( + "allow_toolcache_input" /* AllowToolcacheInput */ + ); + const allowToolcacheValue = allowToolcacheValueFF && (isDynamicWorkflow() || isInTestMode()); if (allowToolcacheValue) { logger.info( `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` @@ -89137,9 +89140,15 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` ); } else { - logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` - ); + if (allowToolcacheValueFF) { + logger.info( + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } } cliVersion2 = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; @@ -89352,7 +89361,7 @@ function getCanonicalToolcacheVersion(cliVersion2, bundleVersion2, logger) { } return cliVersion2; } -async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) { +async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger) { if (!await isBinaryAccessible("tar", logger)) { throw new ConfigurationError( "Could not find tar in PATH, so unable to extract CodeQL bundle." @@ -89365,6 +89374,7 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defau apiDetails, variant, zstdAvailability.available, + features, logger ); let codeqlFolder; @@ -89511,7 +89521,7 @@ var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; var CODEQL_VERSION_CACHE_CLEANUP = "2.17.1"; -async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger, checkVersion) { +async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { const { codeqlFolder, @@ -89525,6 +89535,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV tempDir, variant, defaultCliVersion, + features, logger ); logger.debug( @@ -90098,7 +90109,7 @@ async function getJobRunUuidSarifOptions(codeql) { } // src/init.ts -async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) { +async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger) { logger.startGroup("Setup CodeQL tools"); const { codeql, @@ -90112,6 +90123,7 @@ async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVe tempDir, variant, defaultCliVersion, + features, logger, true ); @@ -90760,6 +90772,7 @@ async function run() { getTemporaryDirectory(), gitHubVersion.type, codeQLDefaultVersionInfo, + features, logger ); codeql = initCodeQLResult.codeql; diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 3a783a2a0f..f820544aa9 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -90121,7 +90121,7 @@ async function findOverridingToolsInCache(humanReadableVersion, logger) { } return void 0; } -async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, tarSupportsZstd, logger) { +async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, tarSupportsZstd, features, logger) { if (toolsInput && !isReservedToolsValue(toolsInput) && !toolsInput.startsWith("http")) { logger.info(`Using CodeQL CLI from local path ${toolsInput}`); const compressionMethod2 = inferCompressionMethod(toolsInput); @@ -90160,7 +90160,10 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { let latestToolcacheVersion; - const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + const allowToolcacheValueFF = await features.getValue( + "allow_toolcache_input" /* AllowToolcacheInput */ + ); + const allowToolcacheValue = allowToolcacheValueFF && (isDynamicWorkflow() || isInTestMode()); if (allowToolcacheValue) { logger.info( `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` @@ -90176,9 +90179,15 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` ); } else { - logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` - ); + if (allowToolcacheValueFF) { + logger.info( + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } } cliVersion2 = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; @@ -90391,7 +90400,7 @@ function getCanonicalToolcacheVersion(cliVersion2, bundleVersion2, logger) { } return cliVersion2; } -async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) { +async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger) { if (!await isBinaryAccessible("tar", logger)) { throw new ConfigurationError( "Could not find tar in PATH, so unable to extract CodeQL bundle." @@ -90404,6 +90413,7 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defau apiDetails, variant, zstdAvailability.available, + features, logger ); let codeqlFolder; @@ -90528,7 +90538,7 @@ var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; var CODEQL_VERSION_CACHE_CLEANUP = "2.17.1"; -async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger, checkVersion) { +async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { const { codeqlFolder, @@ -90542,6 +90552,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV tempDir, variant, defaultCliVersion, + features, logger ); logger.debug( @@ -92245,7 +92256,7 @@ async function addFingerprints(sarif, sourceRoot, logger) { // src/init.ts var toolrunner4 = __toESM(require_toolrunner()); var io5 = __toESM(require_io()); -async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) { +async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger) { logger.startGroup("Setup CodeQL tools"); const { codeql, @@ -92259,6 +92270,7 @@ async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVe tempDir, variant, defaultCliVersion, + features, logger, true ); @@ -92405,6 +92417,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo tempDir, gitHubVersion.type, codeQLDefaultVersionInfo, + features, logger ); codeQL = initCodeQLResult.codeql; diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 5d09915245..efd8fe7e88 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -90792,7 +90792,7 @@ async function findOverridingToolsInCache(humanReadableVersion, logger) { } return void 0; } -async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, tarSupportsZstd, logger) { +async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, tarSupportsZstd, features, logger) { if (toolsInput && !isReservedToolsValue(toolsInput) && !toolsInput.startsWith("http")) { logger.info(`Using CodeQL CLI from local path ${toolsInput}`); const compressionMethod2 = inferCompressionMethod(toolsInput); @@ -90831,7 +90831,10 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { let latestToolcacheVersion; - const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + const allowToolcacheValueFF = await features.getValue( + "allow_toolcache_input" /* AllowToolcacheInput */ + ); + const allowToolcacheValue = allowToolcacheValueFF && (isDynamicWorkflow() || isInTestMode()); if (allowToolcacheValue) { logger.info( `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` @@ -90847,9 +90850,15 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` ); } else { - logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` - ); + if (allowToolcacheValueFF) { + logger.info( + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } } cliVersion2 = defaultCliVersion.cliVersion; tagName = defaultCliVersion.tagName; @@ -91062,7 +91071,7 @@ function getCanonicalToolcacheVersion(cliVersion2, bundleVersion2, logger) { } return cliVersion2; } -async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) { +async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger) { if (!await isBinaryAccessible("tar", logger)) { throw new ConfigurationError( "Could not find tar in PATH, so unable to extract CodeQL bundle." @@ -91075,6 +91084,7 @@ async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defau apiDetails, variant, zstdAvailability.available, + features, logger ); let codeqlFolder; @@ -91199,7 +91209,7 @@ var GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; var GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; var EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; var CODEQL_VERSION_CACHE_CLEANUP = "2.17.1"; -async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger, checkVersion) { +async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger, checkVersion) { try { const { codeqlFolder, @@ -91213,6 +91223,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV tempDir, variant, defaultCliVersion, + features, logger ); logger.debug( @@ -92916,7 +92927,7 @@ async function addFingerprints(sarif, sourceRoot, logger) { // src/init.ts var toolrunner4 = __toESM(require_toolrunner()); var io5 = __toESM(require_io()); -async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) { +async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, features, logger) { logger.startGroup("Setup CodeQL tools"); const { codeql, @@ -92930,6 +92941,7 @@ async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVe tempDir, variant, defaultCliVersion, + features, logger, true ); @@ -93076,6 +93088,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo tempDir, gitHubVersion.type, codeQLDefaultVersionInfo, + features, logger ); codeQL = initCodeQLResult.codeql; diff --git a/src/codeql.test.ts b/src/codeql.test.ts index a5422b1e38..24d88069b8 100644 --- a/src/codeql.test.ts +++ b/src/codeql.test.ts @@ -74,6 +74,7 @@ async function installIntoToolcache({ cliVersion !== undefined ? { cliVersion, tagName } : SAMPLE_DEFAULT_CLI_VERSION, + createFeatures([]), getRunnerLogger(true), false, ); @@ -122,6 +123,8 @@ async function stubCodeql(): Promise { } test("downloads and caches explicitly requested bundles that aren't in the toolcache", async (t) => { + const features = createFeatures([]); + await util.withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); @@ -140,6 +143,7 @@ test("downloads and caches explicitly requested bundles that aren't in the toolc tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, + features, getRunnerLogger(true), false, ); @@ -154,6 +158,8 @@ test("downloads and caches explicitly requested bundles that aren't in the toolc }); test("caches semantically versioned bundles using their semantic version number", async (t) => { + const features = createFeatures([]); + await util.withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); const url = mockBundleDownloadApi({ @@ -166,6 +172,7 @@ test("caches semantically versioned bundles using their semantic version number" tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, + features, getRunnerLogger(true), false, ); @@ -181,6 +188,8 @@ test("caches semantically versioned bundles using their semantic version number" }); test("downloads an explicitly requested bundle even if a different version is cached", async (t) => { + const features = createFeatures([]); + await util.withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); @@ -199,6 +208,7 @@ test("downloads an explicitly requested bundle even if a different version is ca tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, + features, getRunnerLogger(true), false, ); @@ -227,6 +237,8 @@ for (const { expectedToolcacheVersion, } of EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES) { test(`caches explicitly requested bundle ${tagName} as ${expectedToolcacheVersion}`, async (t) => { + const features = createFeatures([]); + await util.withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); @@ -243,6 +255,7 @@ for (const { tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, + features, getRunnerLogger(true), false, ); @@ -266,6 +279,8 @@ for (const toolcacheVersion of [ `uses tools from toolcache when ${SAMPLE_DEFAULT_CLI_VERSION.cliVersion} is requested and ` + `${toolcacheVersion} is installed`, async (t) => { + const features = createFeatures([]); + await util.withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); @@ -281,6 +296,7 @@ for (const toolcacheVersion of [ tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, + features, getRunnerLogger(true), false, ); @@ -295,6 +311,8 @@ for (const toolcacheVersion of [ } test(`uses a cached bundle when no tools input is given on GHES`, async (t) => { + const features = createFeatures([]); + await util.withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); @@ -313,6 +331,7 @@ test(`uses a cached bundle when no tools input is given on GHES`, async (t) => { cliVersion: defaults.cliVersion, tagName: defaults.bundleVersion, }, + features, getRunnerLogger(true), false, ); @@ -328,6 +347,8 @@ test(`uses a cached bundle when no tools input is given on GHES`, async (t) => { }); test(`downloads bundle if only an unpinned version is cached on GHES`, async (t) => { + const features = createFeatures([]); + await util.withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); @@ -349,6 +370,7 @@ test(`downloads bundle if only an unpinned version is cached on GHES`, async (t) cliVersion: defaults.cliVersion, tagName: defaults.bundleVersion, }, + features, getRunnerLogger(true), false, ); @@ -364,6 +386,8 @@ test(`downloads bundle if only an unpinned version is cached on GHES`, async (t) }); test('downloads bundle if "latest" tools specified but not cached', async (t) => { + const features = createFeatures([]); + await util.withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); @@ -382,6 +406,7 @@ test('downloads bundle if "latest" tools specified but not cached', async (t) => tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, + features, getRunnerLogger(true), false, ); @@ -397,6 +422,8 @@ test('downloads bundle if "latest" tools specified but not cached', async (t) => }); test("bundle URL from another repo is cached as 0.0.0-bundleVersion", async (t) => { + const features = createFeatures([]); + await util.withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); @@ -417,6 +444,7 @@ test("bundle URL from another repo is cached as 0.0.0-bundleVersion", async (t) tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, + features, getRunnerLogger(true), false, ); diff --git a/src/codeql.ts b/src/codeql.ts index 5241ff2476..ccb7be08da 100644 --- a/src/codeql.ts +++ b/src/codeql.ts @@ -309,6 +309,7 @@ const CODEQL_VERSION_CACHE_CLEANUP = "2.17.1"; * @param tempDir * @param variant * @param defaultCliVersion + * @param features Information about the features that are enabled. * @param logger * @param checkVersion Whether to check that CodeQL CLI meets the minimum * version requirement. Must be set to true outside tests. @@ -320,6 +321,7 @@ export async function setupCodeQL( tempDir: string, variant: util.GitHubVariant, defaultCliVersion: CodeQLDefaultVersionInfo, + features: FeatureEnablement, logger: Logger, checkVersion: boolean, ): Promise<{ @@ -342,6 +344,7 @@ export async function setupCodeQL( tempDir, variant, defaultCliVersion, + features, logger, ); diff --git a/src/init-action.ts b/src/init-action.ts index 114ad6cab1..0dbe957a76 100644 --- a/src/init-action.ts +++ b/src/init-action.ts @@ -248,6 +248,7 @@ async function run() { getTemporaryDirectory(), gitHubVersion.type, codeQLDefaultVersionInfo, + features, logger, ); codeql = initCodeQLResult.codeql; diff --git a/src/init.ts b/src/init.ts index 687afc1227..7ca6a3e39d 100644 --- a/src/init.ts +++ b/src/init.ts @@ -9,7 +9,7 @@ import { getOptionalInput, isSelfHostedRunner } from "./actions-util"; import { GitHubApiDetails } from "./api-client"; import { CodeQL, setupCodeQL } from "./codeql"; import * as configUtils from "./config-utils"; -import { CodeQLDefaultVersionInfo } from "./feature-flags"; +import { CodeQLDefaultVersionInfo, FeatureEnablement } from "./feature-flags"; import { KnownLanguage, Language } from "./languages"; import { Logger, withGroupAsync } from "./logging"; import { ToolsSource } from "./setup-codeql"; @@ -23,6 +23,7 @@ export async function initCodeQL( tempDir: string, variant: util.GitHubVariant, defaultCliVersion: CodeQLDefaultVersionInfo, + features: FeatureEnablement, logger: Logger, ): Promise<{ codeql: CodeQL; @@ -44,6 +45,7 @@ export async function initCodeQL( tempDir, variant, defaultCliVersion, + features, logger, true, ); diff --git a/src/setup-codeql.test.ts b/src/setup-codeql.test.ts index 4e65c6edf4..561dfb4e58 100644 --- a/src/setup-codeql.test.ts +++ b/src/setup-codeql.test.ts @@ -13,6 +13,7 @@ import { LoggedMessage, SAMPLE_DEFAULT_CLI_VERSION, SAMPLE_DOTCOM_API_DETAILS, + createFeatures, getRecordingLogger, initializeFeatures, mockBundleDownloadApi, @@ -91,6 +92,8 @@ test("getCodeQLActionRepository", (t) => { }); test("getCodeQLSource sets CLI version for a semver tagged bundle", async (t) => { + const features = createFeatures([]); + await withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); const tagName = "codeql-bundle-v1.2.3"; @@ -101,6 +104,7 @@ test("getCodeQLSource sets CLI version for a semver tagged bundle", async (t) => SAMPLE_DOTCOM_API_DETAILS, GitHubVariant.DOTCOM, false, + features, getRunnerLogger(true), ); @@ -110,6 +114,8 @@ test("getCodeQLSource sets CLI version for a semver tagged bundle", async (t) => }); test("getCodeQLSource correctly returns bundled CLI version when tools == linked", async (t) => { + const features = createFeatures([]); + await withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); const source = await setupCodeql.getCodeQLSource( @@ -118,6 +124,7 @@ test("getCodeQLSource correctly returns bundled CLI version when tools == linked SAMPLE_DOTCOM_API_DETAILS, GitHubVariant.DOTCOM, false, + features, getRunnerLogger(true), ); @@ -129,6 +136,7 @@ test("getCodeQLSource correctly returns bundled CLI version when tools == linked test("getCodeQLSource correctly returns bundled CLI version when tools == latest", async (t) => { const loggedMessages: LoggedMessage[] = []; const logger = getRecordingLogger(loggedMessages); + const features = createFeatures([]); await withTmpDir(async (tmpDir) => { setupActionsVars(tmpDir, tmpDir); @@ -138,6 +146,7 @@ test("getCodeQLSource correctly returns bundled CLI version when tools == latest SAMPLE_DOTCOM_API_DETAILS, GitHubVariant.DOTCOM, false, + features, logger, ); @@ -162,6 +171,7 @@ test("getCodeQLSource correctly returns bundled CLI version when tools == latest test("setupCodeQLBundle logs the CodeQL CLI version being used when asked to use linked tools", async (t) => { const loggedMessages: LoggedMessage[] = []; const logger = getRecordingLogger(loggedMessages); + const features = createFeatures([]); // Stub the downloadCodeQL function to prevent downloading artefacts // during testing from being called. @@ -186,6 +196,7 @@ test("setupCodeQLBundle logs the CodeQL CLI version being used when asked to use "tmp/codeql_action_test/", GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, + features, logger, ); @@ -208,6 +219,7 @@ test("setupCodeQLBundle logs the CodeQL CLI version being used when asked to use test("setupCodeQLBundle logs the CodeQL CLI version being used when asked to download a non-default bundle", async (t) => { const loggedMessages: LoggedMessage[] = []; const logger = getRecordingLogger(loggedMessages); + const features = createFeatures([]); const bundleUrl = "https://github.com/github/codeql-action/releases/download/codeql-bundle-v2.16.0/codeql-bundle-linux64.tar.gz"; @@ -236,6 +248,7 @@ test("setupCodeQLBundle logs the CodeQL CLI version being used when asked to dow "tmp/codeql_action_test/", GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, + features, logger, ); @@ -258,6 +271,7 @@ test("setupCodeQLBundle logs the CodeQL CLI version being used when asked to dow test("getCodeQLSource correctly returns latest version from toolcache when tools == toolcache", async (t) => { const loggedMessages: LoggedMessage[] = []; const logger = getRecordingLogger(loggedMessages); + const features = createFeatures([Feature.AllowToolcacheInput]); process.env["GITHUB_EVENT_NAME"] = "dynamic"; @@ -280,6 +294,7 @@ test("getCodeQLSource correctly returns latest version from toolcache when tools SAMPLE_DOTCOM_API_DETAILS, GitHubVariant.DOTCOM, false, + features, logger, ); @@ -319,6 +334,7 @@ test("getCodeQLSource correctly returns latest version from toolcache when tools test("getCodeQLSource falls back to downloading the CLI if the toolcache doesn't have a CodeQL CLI when tools == toolcache", async (t) => { const loggedMessages: LoggedMessage[] = []; const logger = getRecordingLogger(loggedMessages); + const features = createFeatures([Feature.AllowToolcacheInput]); process.env["GITHUB_EVENT_NAME"] = "dynamic"; @@ -335,6 +351,7 @@ test("getCodeQLSource falls back to downloading the CLI if the toolcache doesn't SAMPLE_DOTCOM_API_DETAILS, GitHubVariant.DOTCOM, false, + features, logger, ); diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index e01037223a..35b831f560 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -13,6 +13,8 @@ import * as defaults from "./defaults.json"; import { CODEQL_VERSION_ZSTD_BUNDLE, CodeQLDefaultVersionInfo, + Feature, + FeatureEnablement, } from "./feature-flags"; import { Logger } from "./logging"; import * as tar from "./tar"; @@ -276,6 +278,7 @@ export async function getCodeQLSource( apiDetails: api.GitHubApiDetails, variant: util.GitHubVariant, tarSupportsZstd: boolean, + features: FeatureEnablement, logger: Logger, ): Promise { if ( @@ -356,7 +359,11 @@ export async function getCodeQLSource( // We only allow `toolsInput === "toolcache"` for `dynamic` events. In general, using `toolsInput === "toolcache"` // can lead to alert wobble and so it shouldn't be used for an analysis where results are intended to be uploaded. // We also allow this in test mode. - const allowToolcacheValue = isDynamicWorkflow() || util.isInTestMode(); + const allowToolcacheValueFF = await features.getValue( + Feature.AllowToolcacheInput, + ); + const allowToolcacheValue = + allowToolcacheValueFF && (isDynamicWorkflow() || util.isInTestMode()); if (allowToolcacheValue) { // If `toolsInput === "toolcache"`, try to find the latest version of the CLI that's available in the toolcache // and use that. We perform this check here since we can set `cliVersion` directly and don't want to default to @@ -377,9 +384,15 @@ export async function getCodeQLSource( `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`, ); } else { - logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`, - ); + if (allowToolcacheValueFF) { + logger.info( + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.`, + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`, + ); + } } cliVersion = defaultCliVersion.cliVersion; @@ -735,6 +748,7 @@ export async function setupCodeQLBundle( tempDir: string, variant: util.GitHubVariant, defaultCliVersion: CodeQLDefaultVersionInfo, + features: FeatureEnablement, logger: Logger, ) { if (!(await util.isBinaryAccessible("tar", logger))) { @@ -750,6 +764,7 @@ export async function setupCodeQLBundle( apiDetails, variant, zstdAvailability.available, + features, logger, ); diff --git a/src/upload-lib.ts b/src/upload-lib.ts index 90f0342de5..26ae88f32f 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -262,6 +262,7 @@ async function combineSarifFilesUsingCLI( tempDir, gitHubVersion.type, codeQLDefaultVersionInfo, + features, logger, ); From 524b9a00e8f3b89d9e8a0803bd0a3646261829ea Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 10 Oct 2025 14:04:39 +0100 Subject: [PATCH 44/59] Fix log message swap --- lib/analyze-action.js | 4 ++-- lib/init-action-post.js | 4 ++-- lib/init-action.js | 4 ++-- lib/upload-lib.js | 4 ++-- lib/upload-sarif-action.js | 4 ++-- src/setup-codeql.ts | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index c94a9e3843..8b30d734f4 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -92364,11 +92364,11 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } else { if (allowToolcacheValueFF) { logger.info( - `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` ); } else { logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` ); } } diff --git a/lib/init-action-post.js b/lib/init-action-post.js index cc3b6a9d2c..553b7d150a 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -130346,11 +130346,11 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } else { if (allowToolcacheValueFF) { logger.info( - `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` ); } else { logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` ); } } diff --git a/lib/init-action.js b/lib/init-action.js index c1009d393f..e3f3ddacd8 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -89142,11 +89142,11 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } else { if (allowToolcacheValueFF) { logger.info( - `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` ); } else { logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` ); } } diff --git a/lib/upload-lib.js b/lib/upload-lib.js index f820544aa9..9697d2eea0 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -90181,11 +90181,11 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } else { if (allowToolcacheValueFF) { logger.info( - `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` ); } else { logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` ); } } diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index efd8fe7e88..41b14acad1 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -90852,11 +90852,11 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian } else { if (allowToolcacheValueFF) { logger.info( - `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` ); } else { logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` ); } } diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index 35b831f560..1a938ca891 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -386,11 +386,11 @@ export async function getCodeQLSource( } else { if (allowToolcacheValueFF) { logger.info( - `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.`, + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`, ); } else { logger.warning( - `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`, + `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.`, ); } } From e74435a1dab914f38f7e92c09c5413bcf21cda7f Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Fri, 10 Oct 2025 14:28:32 +0100 Subject: [PATCH 45/59] Dependabot: Only group minor and patch updates Major updates are likely to include breaking changes and are worth reviewing individually. --- .github/dependabot.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8953919b9f..432b44289a 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -16,9 +16,12 @@ updates: - dependency-name: "eslint-plugin-import" versions: [">=2.30.0"] groups: - npm: + npm-minor: patterns: - "*" + update-types: + - "minor" + - "patch" - package-ecosystem: github-actions directories: - "/.github/workflows" @@ -28,6 +31,9 @@ updates: labels: - Rebuild groups: - actions: + actions-minor: patterns: - "*" + update-types: + - "minor" + - "patch" From 5c752c85dd2b8139dd3f3a8be1c0a35ffb4b82c4 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 10 Oct 2025 14:15:08 +0100 Subject: [PATCH 46/59] Add test macro for fallback tests --- src/setup-codeql.test.ts | 113 +++++++++++++++++++++++---------------- 1 file changed, 66 insertions(+), 47 deletions(-) diff --git a/src/setup-codeql.test.ts b/src/setup-codeql.test.ts index 561dfb4e58..d02bf59e6e 100644 --- a/src/setup-codeql.test.ts +++ b/src/setup-codeql.test.ts @@ -1,7 +1,7 @@ import * as path from "path"; import * as toolcache from "@actions/tool-cache"; -import test from "ava"; +import test, { ExecutionContext } from "ava"; import * as sinon from "sinon"; import * as actionsUtil from "./actions-util"; @@ -331,58 +331,77 @@ test("getCodeQLSource correctly returns latest version from toolcache when tools }); }); -test("getCodeQLSource falls back to downloading the CLI if the toolcache doesn't have a CodeQL CLI when tools == toolcache", async (t) => { - const loggedMessages: LoggedMessage[] = []; - const logger = getRecordingLogger(loggedMessages); - const features = createFeatures([Feature.AllowToolcacheInput]); - - process.env["GITHUB_EVENT_NAME"] = "dynamic"; - - const testVersions = []; - const findAllVersionsStub = sinon - .stub(toolcache, "findAllVersions") - .returns(testVersions); - - await withTmpDir(async (tmpDir) => { - setupActionsVars(tmpDir, tmpDir); - const source = await setupCodeql.getCodeQLSource( - "toolcache", - SAMPLE_DEFAULT_CLI_VERSION, - SAMPLE_DOTCOM_API_DETAILS, - GitHubVariant.DOTCOM, - false, - features, - logger, - ); - - // Check that the toolcache functions were called with the expected arguments - t.assert( - findAllVersionsStub.calledWith("CodeQL"), - `toolcache.findAllVersions("CodeQL") wasn't called`, - ); +const toolcacheInputFallbackMacro = test.macro({ + exec: async ( + t: ExecutionContext, + featureList: Feature[], + environment: Record, + testVersions: string[], + expectedMessages: string[], + ) => { + const loggedMessages: LoggedMessage[] = []; + const logger = getRecordingLogger(loggedMessages); + const features = createFeatures(featureList); + + for (const [k, v] of Object.entries(environment)) { + process.env[k] = v; + } - // Check that `sourceType` and `toolsVersion` match expectations. - t.is(source.sourceType, "download"); - t.is(source.toolsVersion, SAMPLE_DEFAULT_CLI_VERSION.cliVersion); + const findAllVersionsStub = sinon + .stub(toolcache, "findAllVersions") + .returns(testVersions); + + await withTmpDir(async (tmpDir) => { + setupActionsVars(tmpDir, tmpDir); + const source = await setupCodeql.getCodeQLSource( + "toolcache", + SAMPLE_DEFAULT_CLI_VERSION, + SAMPLE_DOTCOM_API_DETAILS, + GitHubVariant.DOTCOM, + false, + features, + logger, + ); - // Check that key messages we would expect to find in the log are present. - const expectedMessages: string[] = [ - `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: toolcache'.`, - `Found no CodeQL CLI in the toolcache, ignoring 'tools: toolcache'...`, - ]; - for (const expectedMessage of expectedMessages) { + // Check that the toolcache functions were called with the expected arguments t.assert( - loggedMessages.some( - (msg) => - typeof msg.message === "string" && - msg.message.includes(expectedMessage), - ), - `Expected '${expectedMessage}' in the logger output, but didn't find it.`, + findAllVersionsStub.calledWith("CodeQL"), + `toolcache.findAllVersions("CodeQL") wasn't called`, ); - } - }); + + // Check that `sourceType` and `toolsVersion` match expectations. + t.is(source.sourceType, "download"); + t.is(source.toolsVersion, SAMPLE_DEFAULT_CLI_VERSION.cliVersion); + + // Check that key messages we would expect to find in the log are present. + for (const expectedMessage of expectedMessages) { + t.assert( + loggedMessages.some( + (msg) => + typeof msg.message === "string" && + msg.message.includes(expectedMessage), + ), + `Expected '${expectedMessage}' in the logger output, but didn't find it.`, + ); + } + }); + }, + title: (providedTitle = "") => + `getCodeQLSource falls back to downloading the CLI if ${providedTitle}`, }); +test( + "the toolcache doesn't have a CodeQL CLI when tools == toolcache", + toolcacheInputFallbackMacro, + [Feature.AllowToolcacheInput], + { GITHUB_EVENT_NAME: "dynamic" }, + [], + [ + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: toolcache'.`, + `Found no CodeQL CLI in the toolcache, ignoring 'tools: toolcache'...`, + ], +); + test('tryGetTagNameFromUrl extracts the right tag name for a repo name containing "codeql-bundle"', (t) => { t.is( setupCodeql.tryGetTagNameFromUrl( From dc2ced8385fe206c30e6accdd2d900759080cadf Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 10 Oct 2025 14:20:51 +0100 Subject: [PATCH 47/59] Add tests for scenarios where the feature is unavailable --- src/setup-codeql.test.ts | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/src/setup-codeql.test.ts b/src/setup-codeql.test.ts index d02bf59e6e..3046b6ff56 100644 --- a/src/setup-codeql.test.ts +++ b/src/setup-codeql.test.ts @@ -325,7 +325,7 @@ test("getCodeQLSource correctly returns latest version from toolcache when tools typeof msg.message === "string" && msg.message.includes(expectedMessage), ), - `Expected '${expectedMessage}' in the logger output, but didn't find it.`, + `Expected '${expectedMessage}' in the logger output, but didn't find it in:\n ${loggedMessages.map((m) => ` - '${m.message}'`).join("\n")}`, ); } }); @@ -381,7 +381,7 @@ const toolcacheInputFallbackMacro = test.macro({ typeof msg.message === "string" && msg.message.includes(expectedMessage), ), - `Expected '${expectedMessage}' in the logger output, but didn't find it.`, + `Expected '${expectedMessage}' in the logger output, but didn't find it in:\n ${loggedMessages.map((m) => ` - '${m.message}'`).join("\n")}`, ); } }); @@ -402,6 +402,26 @@ test( ], ); +test( + "the workflow trigger is not `dynamic`", + toolcacheInputFallbackMacro, + [Feature.AllowToolcacheInput], + { GITHUB_EVENT_NAME: "pull_request" }, + [], + [ + `Ignoring 'tools: toolcache' because the workflow was not triggered dynamically.`, + ], +); + +test( + "the feature flag is not enabled", + toolcacheInputFallbackMacro, + [], + { GITHUB_EVENT_NAME: "dynamic" }, + [], + [`Ignoring 'tools: toolcache' because the feature is not enabled.`], +); + test('tryGetTagNameFromUrl extracts the right tag name for a repo name containing "codeql-bundle"', (t) => { t.is( setupCodeql.tryGetTagNameFromUrl( From 4704ab18691cbc020ec00ac79ac5eb698ad192bc Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 10 Oct 2025 14:42:09 +0100 Subject: [PATCH 48/59] Fix swapped log levels --- lib/analyze-action.js | 4 ++-- lib/init-action-post.js | 4 ++-- lib/init-action.js | 4 ++-- lib/upload-lib.js | 4 ++-- lib/upload-sarif-action.js | 4 ++-- src/setup-codeql.ts | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 8b30d734f4..0f0e38d97a 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -92363,11 +92363,11 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } else { if (allowToolcacheValueFF) { - logger.info( + logger.warning( `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` ); } else { - logger.warning( + logger.info( `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` ); } diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 553b7d150a..8b283fbe66 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -130345,11 +130345,11 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } else { if (allowToolcacheValueFF) { - logger.info( + logger.warning( `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` ); } else { - logger.warning( + logger.info( `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` ); } diff --git a/lib/init-action.js b/lib/init-action.js index e3f3ddacd8..d47e42a785 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -89141,11 +89141,11 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } else { if (allowToolcacheValueFF) { - logger.info( + logger.warning( `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` ); } else { - logger.warning( + logger.info( `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` ); } diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 9697d2eea0..65b0566031 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -90180,11 +90180,11 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } else { if (allowToolcacheValueFF) { - logger.info( + logger.warning( `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` ); } else { - logger.warning( + logger.info( `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` ); } diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 41b14acad1..7be0ff8b11 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -90851,11 +90851,11 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian ); } else { if (allowToolcacheValueFF) { - logger.info( + logger.warning( `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` ); } else { - logger.warning( + logger.info( `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.` ); } diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index 1a938ca891..9ee0c4b82a 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -385,11 +385,11 @@ export async function getCodeQLSource( ); } else { if (allowToolcacheValueFF) { - logger.info( + logger.warning( `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`, ); } else { - logger.warning( + logger.info( `Ignoring 'tools: ${toolsInput}' because the feature is not enabled.`, ); } From b516b1d4bc3e0a5d8c81118bc70f5e79005da643 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 13:46:16 +0000 Subject: [PATCH 49/59] Bump the npm-minor group with 3 updates Bumps the npm-minor group with 3 updates: [semver](https://github.com/npm/node-semver), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser). Updates `semver` from 7.7.2 to 7.7.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/node-semver/compare/v7.7.2...v7.7.3) Updates `@typescript-eslint/eslint-plugin` from 8.45.0 to 8.46.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.46.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.45.0 to 8.46.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.46.0/packages/parser) --- updated-dependencies: - dependency-name: semver dependency-version: 7.7.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-minor - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.46.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-minor - dependency-name: "@typescript-eslint/parser" dependency-version: 8.46.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-minor ... Signed-off-by: dependabot[bot] --- package-lock.json | 213 +++++++++++++++++++++++----------------------- package.json | 4 +- 2 files changed, 109 insertions(+), 108 deletions(-) diff --git a/package-lock.json b/package-lock.json index dbe42b1836..ccb4f9ad53 100644 --- a/package-lock.json +++ b/package-lock.json @@ -34,7 +34,7 @@ "long": "^5.3.2", "node-forge": "^1.3.1", "octokit": "^5.0.3", - "semver": "^7.7.2", + "semver": "^7.7.3", "uuid": "^13.0.0" }, "devDependencies": { @@ -52,7 +52,7 @@ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", "ava": "^6.4.1", "esbuild": "^0.25.10", @@ -2697,17 +2697,17 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.45.0.tgz", - "integrity": "sha512-HC3y9CVuevvWCl/oyZuI47dOeDF9ztdMEfMH8/DW/Mhwa9cCLnK1oD7JoTVGW/u7kFzNZUKUoyJEqkaJh5y3Wg==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.46.0.tgz", + "integrity": "sha512-hA8gxBq4ukonVXPy0OKhiaUh/68D0E88GSmtC1iAEnGaieuDi38LhS7jdCHRLi6ErJBNDGCzvh5EnzdPwUc0DA==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.45.0", - "@typescript-eslint/type-utils": "8.45.0", - "@typescript-eslint/utils": "8.45.0", - "@typescript-eslint/visitor-keys": "8.45.0", + "@typescript-eslint/scope-manager": "8.46.0", + "@typescript-eslint/type-utils": "8.46.0", + "@typescript-eslint/utils": "8.46.0", + "@typescript-eslint/visitor-keys": "8.46.0", "graphemer": "^1.4.0", "ignore": "^7.0.0", "natural-compare": "^1.4.0", @@ -2721,20 +2721,20 @@ "url": "https://opencollective.com/typescript-eslint" }, "peerDependencies": { - "@typescript-eslint/parser": "^8.45.0", + "@typescript-eslint/parser": "^8.46.0", "eslint": "^8.57.0 || ^9.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.45.0.tgz", - "integrity": "sha512-clmm8XSNj/1dGvJeO6VGH7EUSeA0FMs+5au/u3lrA3KfG8iJ4u8ym9/j2tTEoacAffdW1TVUzXO30W1JTJS7dA==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.46.0.tgz", + "integrity": "sha512-lWETPa9XGcBes4jqAMYD9fW0j4n6hrPtTJwWDmtqgFO/4HF4jmdH/Q6wggTw5qIT5TXjKzbt7GsZUBnWoO3dqw==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.45.0", - "@typescript-eslint/visitor-keys": "8.45.0" + "@typescript-eslint/types": "8.46.0", + "@typescript-eslint/visitor-keys": "8.46.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -2745,9 +2745,9 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.45.0.tgz", - "integrity": "sha512-WugXLuOIq67BMgQInIxxnsSyRLFxdkJEJu8r4ngLR56q/4Q5LrbfkFRH27vMTjxEK8Pyz7QfzuZe/G15qQnVRA==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.46.0.tgz", + "integrity": "sha512-bHGGJyVjSE4dJJIO5yyEWt/cHyNwga/zXGJbJJ8TiO01aVREK6gCTu3L+5wrkb1FbDkQ+TKjMNe9R/QQQP9+rA==", "dev": true, "license": "MIT", "engines": { @@ -2759,16 +2759,16 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.45.0.tgz", - "integrity": "sha512-GfE1NfVbLam6XQ0LcERKwdTTPlLvHvXXhOeUGC1OXi4eQBoyy1iVsW+uzJ/J9jtCz6/7GCQ9MtrQ0fml/jWCnA==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.46.0.tgz", + "integrity": "sha512-ekDCUfVpAKWJbRfm8T1YRrCot1KFxZn21oV76v5Fj4tr7ELyk84OS+ouvYdcDAwZL89WpEkEj2DKQ+qg//+ucg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/project-service": "8.45.0", - "@typescript-eslint/tsconfig-utils": "8.45.0", - "@typescript-eslint/types": "8.45.0", - "@typescript-eslint/visitor-keys": "8.45.0", + "@typescript-eslint/project-service": "8.46.0", + "@typescript-eslint/tsconfig-utils": "8.46.0", + "@typescript-eslint/types": "8.46.0", + "@typescript-eslint/visitor-keys": "8.46.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -2788,16 +2788,16 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/utils": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.45.0.tgz", - "integrity": "sha512-bxi1ht+tLYg4+XV2knz/F7RVhU0k6VrSMc9sb8DQ6fyCTrGQLHfo7lDtN0QJjZjKkLA2ThrKuCdHEvLReqtIGg==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.46.0.tgz", + "integrity": "sha512-nD6yGWPj1xiOm4Gk0k6hLSZz2XkNXhuYmyIrOWcHoPuAhjT9i5bAG+xbWPgFeNR8HPHHtpNKdYUXJl/D3x7f5g==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.7.0", - "@typescript-eslint/scope-manager": "8.45.0", - "@typescript-eslint/types": "8.45.0", - "@typescript-eslint/typescript-estree": "8.45.0" + "@typescript-eslint/scope-manager": "8.46.0", + "@typescript-eslint/types": "8.46.0", + "@typescript-eslint/typescript-estree": "8.46.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -2812,13 +2812,13 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.45.0.tgz", - "integrity": "sha512-qsaFBA3e09MIDAGFUrTk+dzqtfv1XPVz8t8d1f0ybTzrCY7BKiMC5cjrl1O/P7UmHsNyW90EYSkU/ZWpmXelag==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.46.0.tgz", + "integrity": "sha512-FrvMpAK+hTbFy7vH5j1+tMYHMSKLE6RzluFJlkFNKD0p9YsUT75JlBSmr5so3QRzvMwU5/bIEdeNrxm8du8l3Q==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/types": "8.46.0", "eslint-visitor-keys": "^4.2.1" }, "engines": { @@ -2891,16 +2891,16 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.45.0.tgz", - "integrity": "sha512-TGf22kon8KW+DeKaUmOibKWktRY8b2NSAZNdtWh798COm1NWx8+xJ6iFBtk3IvLdv6+LGLJLRlyhrhEDZWargQ==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.46.0.tgz", + "integrity": "sha512-n1H6IcDhmmUEG7TNVSspGmiHHutt7iVKtZwRppD7e04wha5MrkV1h3pti9xQLcCMt6YWsncpoT0HMjkH1FNwWQ==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/scope-manager": "8.45.0", - "@typescript-eslint/types": "8.45.0", - "@typescript-eslint/typescript-estree": "8.45.0", - "@typescript-eslint/visitor-keys": "8.45.0", + "@typescript-eslint/scope-manager": "8.46.0", + "@typescript-eslint/types": "8.46.0", + "@typescript-eslint/typescript-estree": "8.46.0", + "@typescript-eslint/visitor-keys": "8.46.0", "debug": "^4.3.4" }, "engines": { @@ -2916,14 +2916,14 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/scope-manager": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.45.0.tgz", - "integrity": "sha512-clmm8XSNj/1dGvJeO6VGH7EUSeA0FMs+5au/u3lrA3KfG8iJ4u8ym9/j2tTEoacAffdW1TVUzXO30W1JTJS7dA==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.46.0.tgz", + "integrity": "sha512-lWETPa9XGcBes4jqAMYD9fW0j4n6hrPtTJwWDmtqgFO/4HF4jmdH/Q6wggTw5qIT5TXjKzbt7GsZUBnWoO3dqw==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.45.0", - "@typescript-eslint/visitor-keys": "8.45.0" + "@typescript-eslint/types": "8.46.0", + "@typescript-eslint/visitor-keys": "8.46.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -2934,9 +2934,9 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/types": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.45.0.tgz", - "integrity": "sha512-WugXLuOIq67BMgQInIxxnsSyRLFxdkJEJu8r4ngLR56q/4Q5LrbfkFRH27vMTjxEK8Pyz7QfzuZe/G15qQnVRA==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.46.0.tgz", + "integrity": "sha512-bHGGJyVjSE4dJJIO5yyEWt/cHyNwga/zXGJbJJ8TiO01aVREK6gCTu3L+5wrkb1FbDkQ+TKjMNe9R/QQQP9+rA==", "dev": true, "license": "MIT", "engines": { @@ -2948,16 +2948,16 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.45.0.tgz", - "integrity": "sha512-GfE1NfVbLam6XQ0LcERKwdTTPlLvHvXXhOeUGC1OXi4eQBoyy1iVsW+uzJ/J9jtCz6/7GCQ9MtrQ0fml/jWCnA==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.46.0.tgz", + "integrity": "sha512-ekDCUfVpAKWJbRfm8T1YRrCot1KFxZn21oV76v5Fj4tr7ELyk84OS+ouvYdcDAwZL89WpEkEj2DKQ+qg//+ucg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/project-service": "8.45.0", - "@typescript-eslint/tsconfig-utils": "8.45.0", - "@typescript-eslint/types": "8.45.0", - "@typescript-eslint/visitor-keys": "8.45.0", + "@typescript-eslint/project-service": "8.46.0", + "@typescript-eslint/tsconfig-utils": "8.46.0", + "@typescript-eslint/types": "8.46.0", + "@typescript-eslint/visitor-keys": "8.46.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -2977,13 +2977,13 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.45.0.tgz", - "integrity": "sha512-qsaFBA3e09MIDAGFUrTk+dzqtfv1XPVz8t8d1f0ybTzrCY7BKiMC5cjrl1O/P7UmHsNyW90EYSkU/ZWpmXelag==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.46.0.tgz", + "integrity": "sha512-FrvMpAK+hTbFy7vH5j1+tMYHMSKLE6RzluFJlkFNKD0p9YsUT75JlBSmr5so3QRzvMwU5/bIEdeNrxm8du8l3Q==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/types": "8.46.0", "eslint-visitor-keys": "^4.2.1" }, "engines": { @@ -3047,14 +3047,14 @@ } }, "node_modules/@typescript-eslint/project-service": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.45.0.tgz", - "integrity": "sha512-3pcVHwMG/iA8afdGLMuTibGR7pDsn9RjDev6CCB+naRsSYs2pns5QbinF4Xqw6YC/Sj3lMrm/Im0eMfaa61WUg==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.46.0.tgz", + "integrity": "sha512-OEhec0mH+U5Je2NZOeK1AbVCdm0ChyapAyTeXVIYTPXDJ3F07+cu87PPXcGoYqZ7M9YJVvFnfpGg1UmCIqM+QQ==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/tsconfig-utils": "^8.45.0", - "@typescript-eslint/types": "^8.45.0", + "@typescript-eslint/tsconfig-utils": "^8.46.0", + "@typescript-eslint/types": "^8.46.0", "debug": "^4.3.4" }, "engines": { @@ -3069,9 +3069,9 @@ } }, "node_modules/@typescript-eslint/project-service/node_modules/@typescript-eslint/types": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.45.0.tgz", - "integrity": "sha512-WugXLuOIq67BMgQInIxxnsSyRLFxdkJEJu8r4ngLR56q/4Q5LrbfkFRH27vMTjxEK8Pyz7QfzuZe/G15qQnVRA==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.46.0.tgz", + "integrity": "sha512-bHGGJyVjSE4dJJIO5yyEWt/cHyNwga/zXGJbJJ8TiO01aVREK6gCTu3L+5wrkb1FbDkQ+TKjMNe9R/QQQP9+rA==", "dev": true, "license": "MIT", "engines": { @@ -3101,9 +3101,9 @@ } }, "node_modules/@typescript-eslint/tsconfig-utils": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.45.0.tgz", - "integrity": "sha512-aFdr+c37sc+jqNMGhH+ajxPXwjv9UtFZk79k8pLoJ6p4y0snmYpPA52GuWHgt2ZF4gRRW6odsEj41uZLojDt5w==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.46.0.tgz", + "integrity": "sha512-WrYXKGAHY836/N7zoK/kzi6p8tXFhasHh8ocFL9VZSAkvH956gfeRfcnhs3xzRy8qQ/dq3q44v1jvQieMFg2cw==", "dev": true, "license": "MIT", "engines": { @@ -3118,15 +3118,15 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.45.0.tgz", - "integrity": "sha512-bpjepLlHceKgyMEPglAeULX1vixJDgaKocp0RVJ5u4wLJIMNuKtUXIczpJCPcn2waII0yuvks/5m5/h3ZQKs0A==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.46.0.tgz", + "integrity": "sha512-hy+lvYV1lZpVs2jRaEYvgCblZxUoJiPyCemwbQZ+NGulWkQRy0HRPYAoef/CNSzaLt+MLvMptZsHXHlkEilaeg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.45.0", - "@typescript-eslint/typescript-estree": "8.45.0", - "@typescript-eslint/utils": "8.45.0", + "@typescript-eslint/types": "8.46.0", + "@typescript-eslint/typescript-estree": "8.46.0", + "@typescript-eslint/utils": "8.46.0", "debug": "^4.3.4", "ts-api-utils": "^2.1.0" }, @@ -3143,14 +3143,14 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/scope-manager": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.45.0.tgz", - "integrity": "sha512-clmm8XSNj/1dGvJeO6VGH7EUSeA0FMs+5au/u3lrA3KfG8iJ4u8ym9/j2tTEoacAffdW1TVUzXO30W1JTJS7dA==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.46.0.tgz", + "integrity": "sha512-lWETPa9XGcBes4jqAMYD9fW0j4n6hrPtTJwWDmtqgFO/4HF4jmdH/Q6wggTw5qIT5TXjKzbt7GsZUBnWoO3dqw==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.45.0", - "@typescript-eslint/visitor-keys": "8.45.0" + "@typescript-eslint/types": "8.46.0", + "@typescript-eslint/visitor-keys": "8.46.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3161,9 +3161,9 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/types": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.45.0.tgz", - "integrity": "sha512-WugXLuOIq67BMgQInIxxnsSyRLFxdkJEJu8r4ngLR56q/4Q5LrbfkFRH27vMTjxEK8Pyz7QfzuZe/G15qQnVRA==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.46.0.tgz", + "integrity": "sha512-bHGGJyVjSE4dJJIO5yyEWt/cHyNwga/zXGJbJJ8TiO01aVREK6gCTu3L+5wrkb1FbDkQ+TKjMNe9R/QQQP9+rA==", "dev": true, "license": "MIT", "engines": { @@ -3175,16 +3175,16 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.45.0.tgz", - "integrity": "sha512-GfE1NfVbLam6XQ0LcERKwdTTPlLvHvXXhOeUGC1OXi4eQBoyy1iVsW+uzJ/J9jtCz6/7GCQ9MtrQ0fml/jWCnA==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.46.0.tgz", + "integrity": "sha512-ekDCUfVpAKWJbRfm8T1YRrCot1KFxZn21oV76v5Fj4tr7ELyk84OS+ouvYdcDAwZL89WpEkEj2DKQ+qg//+ucg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/project-service": "8.45.0", - "@typescript-eslint/tsconfig-utils": "8.45.0", - "@typescript-eslint/types": "8.45.0", - "@typescript-eslint/visitor-keys": "8.45.0", + "@typescript-eslint/project-service": "8.46.0", + "@typescript-eslint/tsconfig-utils": "8.46.0", + "@typescript-eslint/types": "8.46.0", + "@typescript-eslint/visitor-keys": "8.46.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -3204,16 +3204,16 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/utils": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.45.0.tgz", - "integrity": "sha512-bxi1ht+tLYg4+XV2knz/F7RVhU0k6VrSMc9sb8DQ6fyCTrGQLHfo7lDtN0QJjZjKkLA2ThrKuCdHEvLReqtIGg==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.46.0.tgz", + "integrity": "sha512-nD6yGWPj1xiOm4Gk0k6hLSZz2XkNXhuYmyIrOWcHoPuAhjT9i5bAG+xbWPgFeNR8HPHHtpNKdYUXJl/D3x7f5g==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.7.0", - "@typescript-eslint/scope-manager": "8.45.0", - "@typescript-eslint/types": "8.45.0", - "@typescript-eslint/typescript-estree": "8.45.0" + "@typescript-eslint/scope-manager": "8.46.0", + "@typescript-eslint/types": "8.46.0", + "@typescript-eslint/typescript-estree": "8.46.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3228,13 +3228,13 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.45.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.45.0.tgz", - "integrity": "sha512-qsaFBA3e09MIDAGFUrTk+dzqtfv1XPVz8t8d1f0ybTzrCY7BKiMC5cjrl1O/P7UmHsNyW90EYSkU/ZWpmXelag==", + "version": "8.46.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.46.0.tgz", + "integrity": "sha512-FrvMpAK+hTbFy7vH5j1+tMYHMSKLE6RzluFJlkFNKD0p9YsUT75JlBSmr5so3QRzvMwU5/bIEdeNrxm8du8l3Q==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.45.0", + "@typescript-eslint/types": "8.46.0", "eslint-visitor-keys": "^4.2.1" }, "engines": { @@ -8210,9 +8210,10 @@ "license": "ISC" }, "node_modules/semver": { - "version": "7.7.2", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz", - "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==", + "version": "7.7.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.3.tgz", + "integrity": "sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q==", + "license": "ISC", "bin": { "semver": "bin/semver.js" }, diff --git a/package.json b/package.json index 8e6cccfb07..b8ddcc205f 100644 --- a/package.json +++ b/package.json @@ -49,7 +49,7 @@ "long": "^5.3.2", "node-forge": "^1.3.1", "octokit": "^5.0.3", - "semver": "^7.7.2", + "semver": "^7.7.3", "uuid": "^13.0.0" }, "devDependencies": { @@ -67,7 +67,7 @@ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", "ava": "^6.4.1", "esbuild": "^0.25.10", From e1257b6fda873a6eba14d2dab41d637243c40d97 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 13:47:47 +0000 Subject: [PATCH 50/59] Rebuild --- lib/analyze-action-post.js | 28 +++++++++++++++++++++++++--- lib/analyze-action.js | 28 +++++++++++++++++++++++++--- lib/autobuild-action.js | 28 +++++++++++++++++++++++++--- lib/init-action-post.js | 28 +++++++++++++++++++++++++--- lib/init-action.js | 28 +++++++++++++++++++++++++--- lib/resolve-environment-action.js | 28 +++++++++++++++++++++++++--- lib/start-proxy-action-post.js | 28 +++++++++++++++++++++++++--- lib/start-proxy-action.js | 28 +++++++++++++++++++++++++--- lib/upload-lib.js | 28 +++++++++++++++++++++++++--- lib/upload-sarif-action-post.js | 28 +++++++++++++++++++++++++--- lib/upload-sarif-action.js | 28 +++++++++++++++++++++++++--- 11 files changed, 275 insertions(+), 33 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index 19c987905e..aeb533ace8 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -24680,6 +24680,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -24786,7 +24789,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -25547,6 +25568,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug2("comp", comp, options); comp = replaceCarets(comp, options); debug2("caret", comp); @@ -26487,7 +26509,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -26505,7 +26527,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", diff --git a/lib/analyze-action.js b/lib/analyze-action.js index af3fb58319..f555b07a0f 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -30529,6 +30529,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -30635,7 +30638,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -31396,6 +31417,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug3("comp", comp, options); comp = replaceCarets(comp, options); debug3("caret", comp); @@ -32336,7 +32358,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -32354,7 +32376,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index adf440738a..7bc12042b3 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -24680,6 +24680,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -24786,7 +24789,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -25547,6 +25568,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug3("comp", comp, options); comp = replaceCarets(comp, options); debug3("caret", comp); @@ -26487,7 +26509,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -26505,7 +26527,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 08c8449012..578b93b9c8 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -30529,6 +30529,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -30635,7 +30638,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -31396,6 +31417,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug3("comp", comp, options); comp = replaceCarets(comp, options); debug3("caret", comp); @@ -32336,7 +32358,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -32354,7 +32376,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", diff --git a/lib/init-action.js b/lib/init-action.js index 5481ab1e8f..272ca50ee4 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -19971,6 +19971,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -20077,7 +20080,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -20838,6 +20859,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug3("comp", comp, options); comp = replaceCarets(comp, options); debug3("caret", comp); @@ -32336,7 +32358,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -32354,7 +32376,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 4d1cdf81af..cbc4bcec5c 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -24680,6 +24680,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -24786,7 +24789,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -25547,6 +25568,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug3("comp", comp, options); comp = replaceCarets(comp, options); debug3("caret", comp); @@ -26487,7 +26509,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -26505,7 +26527,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 2b468746ba..c2e8323a6a 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -24680,6 +24680,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -24786,7 +24789,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -25547,6 +25568,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug2("comp", comp, options); comp = replaceCarets(comp, options); debug2("caret", comp); @@ -26487,7 +26509,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -26505,7 +26527,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 29aea7357a..f48200f1a8 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -19971,6 +19971,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -20077,7 +20080,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -20838,6 +20859,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug3("comp", comp, options); comp = replaceCarets(comp, options); debug3("caret", comp); @@ -45023,7 +45045,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -45041,7 +45063,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 508e16a109..016a8bb1ec 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -31826,6 +31826,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -31932,7 +31935,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -32693,6 +32714,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug2("comp", comp, options); comp = replaceCarets(comp, options); debug2("caret", comp); @@ -33633,7 +33655,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -33651,7 +33673,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 6f9835b144..caa3b73c5c 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -24680,6 +24680,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -24786,7 +24789,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -25547,6 +25568,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug2("comp", comp, options); comp = replaceCarets(comp, options); debug2("caret", comp); @@ -26487,7 +26509,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -26505,7 +26527,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index ecdb515e3f..50ba79a0c9 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -30529,6 +30529,9 @@ var require_identifiers = __commonJS({ "use strict"; var numeric = /^[0-9]+$/; var compareIdentifiers = (a, b) => { + if (typeof a === "number" && typeof b === "number") { + return a === b ? 0 : a < b ? -1 : 1; + } const anum = numeric.test(a); const bnum = numeric.test(b); if (anum && bnum) { @@ -30635,7 +30638,25 @@ var require_semver = __commonJS({ if (!(other instanceof _SemVer)) { other = new _SemVer(other, this.options); } - return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch); + if (this.major < other.major) { + return -1; + } + if (this.major > other.major) { + return 1; + } + if (this.minor < other.minor) { + return -1; + } + if (this.minor > other.minor) { + return 1; + } + if (this.patch < other.patch) { + return -1; + } + if (this.patch > other.patch) { + return 1; + } + return 0; } comparePre(other) { if (!(other instanceof _SemVer)) { @@ -31396,6 +31417,7 @@ var require_range = __commonJS({ return result; }; var parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], ""); debug4("comp", comp, options); comp = replaceCarets(comp, options); debug4("caret", comp); @@ -32336,7 +32358,7 @@ var require_package = __commonJS({ long: "^5.3.2", "node-forge": "^1.3.1", octokit: "^5.0.3", - semver: "^7.7.2", + semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { @@ -32354,7 +32376,7 @@ var require_package = __commonJS({ "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", "@types/sinon": "^17.0.4", - "@typescript-eslint/eslint-plugin": "^8.45.0", + "@typescript-eslint/eslint-plugin": "^8.46.0", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.25.10", From eadf14bf6efa3061e98bdfbfd3487878f08af99c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 13:48:07 +0000 Subject: [PATCH 51/59] Bump ruby/setup-ruby Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `ruby/setup-ruby` from 1.263.0 to 1.265.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/0481980f17b760ef6bca5e8c55809102a0af1e5a...ab177d40ee5483edb974554986f56b33477e21d0) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.265.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/__rubocop-multi-language.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/__rubocop-multi-language.yml b/.github/workflows/__rubocop-multi-language.yml index 48694e902c..7875144b62 100644 --- a/.github/workflows/__rubocop-multi-language.yml +++ b/.github/workflows/__rubocop-multi-language.yml @@ -56,7 +56,7 @@ jobs: use-all-platform-bundle: 'false' setup-kotlin: 'true' - name: Set up Ruby - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + uses: ruby/setup-ruby@ab177d40ee5483edb974554986f56b33477e21d0 # v1.265.0 with: ruby-version: 2.6 - name: Install Code Scanning integration From 452186448a7a7dd9f635cd74bf6a5df3bac6a795 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 13:48:11 +0000 Subject: [PATCH 52/59] Bump github/codeql-action from 3 to 4 in /.github/workflows Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pr-checks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index 376730e386..5bae25a631 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -73,7 +73,7 @@ jobs: run: npm run lint-ci - name: Upload sarif - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 if: matrix.os == 'ubuntu-latest' && matrix.node-version == 24 with: sarif_file: eslint.sarif From 413a4a4df19c643ceab05ebad65b0d90532c778a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 13:49:43 +0000 Subject: [PATCH 53/59] Rebuild --- pr-checks/checks/rubocop-multi-language.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pr-checks/checks/rubocop-multi-language.yml b/pr-checks/checks/rubocop-multi-language.yml index 27bcf070db..c3299de08d 100644 --- a/pr-checks/checks/rubocop-multi-language.yml +++ b/pr-checks/checks/rubocop-multi-language.yml @@ -4,7 +4,7 @@ description: "Tests using RuboCop to analyze a multi-language repository and the versions: ["default"] steps: - name: Set up Ruby - uses: ruby/setup-ruby@0481980f17b760ef6bca5e8c55809102a0af1e5a # v1.263.0 + uses: ruby/setup-ruby@ab177d40ee5483edb974554986f56b33477e21d0 # v1.265.0 with: ruby-version: 2.6 - name: Install Code Scanning integration From 7a2cb623ed691b64b58c7fa6bd6d90f62b322c65 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 14:34:56 +0000 Subject: [PATCH 54/59] Update changelog for v4.30.8 --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ca3d59c6eb..df9a5c660b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. -## [UNRELEASED] +## 4.30.8 - 10 Oct 2025 No user facing changes. From c8765c966b096c7deefc1635026f91854dcc2fb1 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Fri, 10 Oct 2025 17:23:02 +0100 Subject: [PATCH 55/59] Revert "Rebuild" commit rather than "Update dependencies" --- .github/update-release-branch.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/update-release-branch.py b/.github/update-release-branch.py index ce5c336d80..0ea816b8a9 100644 --- a/.github/update-release-branch.py +++ b/.github/update-release-branch.py @@ -371,10 +371,10 @@ def main(): # releases. run_git('revert', vOlder_update_commits[0], '--no-edit') - # Also revert the "Update checked-in dependencies" commit created by Actions. - update_dependencies_commit = run_git('log', '--grep', '^Update checked-in dependencies', '--format=%H').split()[0] - print(f' Reverting {update_dependencies_commit}') - run_git('revert', update_dependencies_commit, '--no-edit') + # Also revert the "Rebuild" commit created by Actions. + rebuild_commit = run_git('log', '--grep', '^Rebuild$', '--format=%H').split()[0] + print(f' Reverting {rebuild_commit}') + run_git('revert', rebuild_commit, '--no-edit') else: print(' Nothing to revert.') From bd1ac56295bc848e711c7e8968c68718eb795278 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 16:50:12 +0000 Subject: [PATCH 56/59] Revert "Update version and changelog for v3.30.7" This reverts commit b264e152591cf9e60453d86f7644cc602e2d2770. --- CHANGELOG.md | 11 +++++++++-- package.json | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b28a41390c..692c42bf3b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,9 +2,9 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. -## 3.30.7 - 06 Oct 2025 +## 4.30.7 - 06 Oct 2025 -No user facing changes. +- [v4+ only] The CodeQL Action now runs on Node.js v24. [#3169](https://github.com/github/codeql-action/pull/3169) ## 3.30.6 - 02 Oct 2025 @@ -240,13 +240,17 @@ No user facing changes. ## 3.26.12 - 07 Oct 2024 - _Upcoming breaking change_: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. [#2520](https://github.com/github/codeql-action/pull/2520) + - If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. + - Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace `github/codeql-action/*@v3` by `github/codeql-action/*@v3.26.11` and `github/codeql-action/*@v2` by `github/codeql-action/*@v2.26.11` in your code scanning workflow to ensure you continue using this version of the CodeQL Action. ## 3.26.11 - 03 Oct 2024 - _Upcoming breaking change_: Add support for using `actions/download-artifact@v4` to programmatically consume CodeQL Action debug artifacts. + Starting November 30, 2024, GitHub.com customers will [no longer be able to use `actions/download-artifact@v3`](https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/). Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the `CODEQL_ACTION_ARTIFACT_V4_UPGRADE` environment variable to `true` and bump `actions/download-artifact@v3` to `actions/download-artifact@v4` in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped `actions/download-artifact@v3` to `actions/download-artifact@v4` will begin failing then. + This change is currently unavailable for GitHub Enterprise Server customers, as `actions/upload-artifact@v4` and `actions/download-artifact@v4` are not yet compatible with GHES. - Update default CodeQL bundle version to 2.19.1. [#2519](https://github.com/github/codeql-action/pull/2519) @@ -369,9 +373,12 @@ No user facing changes. ## 3.25.0 - 15 Apr 2024 - The deprecated feature for extracting dependencies for a Python analysis has been removed. [#2224](https://github.com/github/codeql-action/pull/2224) + As a result, the following inputs and environment variables are now ignored: + - The `setup-python-dependencies` input to the `init` Action - The `CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION` environment variable + We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0. - Automatically overwrite an existing database if found on the filesystem. [#2229](https://github.com/github/codeql-action/pull/2229) - Bump the minimum CodeQL bundle version to 2.12.6. [#2232](https://github.com/github/codeql-action/pull/2232) diff --git a/package.json b/package.json index 32b427bb41..9dc0420b3f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "3.30.7", + "version": "4.30.7", "private": true, "description": "CodeQL action", "scripts": { From 319796f085830b5c0d837e8b7f796a7e43a9dca9 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 16:50:12 +0000 Subject: [PATCH 57/59] Revert "Rebuild" This reverts commit c551c503105c15d89f503684e412da27997aa8e7. --- lib/analyze-action-post.js | 2 +- lib/analyze-action.js | 2 +- lib/autobuild-action.js | 2 +- lib/init-action-post.js | 2 +- lib/init-action.js | 2 +- lib/resolve-environment-action.js | 2 +- lib/start-proxy-action-post.js | 2 +- lib/start-proxy-action.js | 2 +- lib/upload-lib.js | 2 +- lib/upload-sarif-action-post.js | 2 +- lib/upload-sarif-action.js | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index a9b163bc16..387d267412 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -26438,7 +26438,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/analyze-action.js b/lib/analyze-action.js index c2788900b3..f79eb441ee 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -32287,7 +32287,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 4cde47d65b..eaf12707cb 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -26438,7 +26438,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index e138420a3e..80a42870fe 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -32287,7 +32287,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action.js b/lib/init-action.js index 2f509ad0ee..878d7dacae 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -32287,7 +32287,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 67cb394e74..8cd476ad47 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -26438,7 +26438,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index a52eadfc51..8b7af1f861 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -26438,7 +26438,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index f262402cf9..973e6bda1a 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -44974,7 +44974,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index a6342ff212..df30877d4a 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -33584,7 +33584,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 233b73d473..ea63c44749 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -26438,7 +26438,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 7ad72583b5..78a21eff3b 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -32287,7 +32287,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "3.30.7", + version: "4.30.7", private: true, description: "CodeQL action", scripts: { From a37add20d4631475090a3b406e09cbcfd4de3915 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 16:50:13 +0000 Subject: [PATCH 58/59] Update version and changelog for v3.30.8 --- CHANGELOG.md | 13 +++---------- package.json | 2 +- 2 files changed, 4 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index df9a5c660b..ea14fb687e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,13 +2,13 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. -## 4.30.8 - 10 Oct 2025 +## 3.30.8 - 10 Oct 2025 No user facing changes. -## 4.30.7 - 06 Oct 2025 +## 3.30.7 - 06 Oct 2025 -- [v4+ only] The CodeQL Action now runs on Node.js v24. [#3169](https://github.com/github/codeql-action/pull/3169) +No user facing changes. ## 3.30.6 - 02 Oct 2025 @@ -244,17 +244,13 @@ No user facing changes. ## 3.26.12 - 07 Oct 2024 - _Upcoming breaking change_: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. [#2520](https://github.com/github/codeql-action/pull/2520) - - If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. - - Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace `github/codeql-action/*@v3` by `github/codeql-action/*@v3.26.11` and `github/codeql-action/*@v2` by `github/codeql-action/*@v2.26.11` in your code scanning workflow to ensure you continue using this version of the CodeQL Action. ## 3.26.11 - 03 Oct 2024 - _Upcoming breaking change_: Add support for using `actions/download-artifact@v4` to programmatically consume CodeQL Action debug artifacts. - Starting November 30, 2024, GitHub.com customers will [no longer be able to use `actions/download-artifact@v3`](https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/). Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the `CODEQL_ACTION_ARTIFACT_V4_UPGRADE` environment variable to `true` and bump `actions/download-artifact@v3` to `actions/download-artifact@v4` in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped `actions/download-artifact@v3` to `actions/download-artifact@v4` will begin failing then. - This change is currently unavailable for GitHub Enterprise Server customers, as `actions/upload-artifact@v4` and `actions/download-artifact@v4` are not yet compatible with GHES. - Update default CodeQL bundle version to 2.19.1. [#2519](https://github.com/github/codeql-action/pull/2519) @@ -377,12 +373,9 @@ No user facing changes. ## 3.25.0 - 15 Apr 2024 - The deprecated feature for extracting dependencies for a Python analysis has been removed. [#2224](https://github.com/github/codeql-action/pull/2224) - As a result, the following inputs and environment variables are now ignored: - - The `setup-python-dependencies` input to the `init` Action - The `CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION` environment variable - We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0. - Automatically overwrite an existing database if found on the filesystem. [#2229](https://github.com/github/codeql-action/pull/2229) - Bump the minimum CodeQL bundle version to 2.12.6. [#2232](https://github.com/github/codeql-action/pull/2232) diff --git a/package.json b/package.json index b8ddcc205f..8ef86904b7 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "4.30.8", + "version": "3.30.8", "private": true, "description": "CodeQL action", "scripts": { From 948223fe012c199f4322d8cdbb9ba59cb2dbff03 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 16:56:34 +0000 Subject: [PATCH 59/59] Rebuild --- lib/analyze-action-post.js | 2 +- lib/analyze-action.js | 2 +- lib/autobuild-action.js | 2 +- lib/init-action-post.js | 2 +- lib/init-action.js | 2 +- lib/resolve-environment-action.js | 2 +- lib/start-proxy-action-post.js | 2 +- lib/start-proxy-action.js | 2 +- lib/upload-lib.js | 2 +- lib/upload-sarif-action-post.js | 2 +- lib/upload-sarif-action.js | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index bdeb7f0086..6ae2e40c27 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -26460,7 +26460,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 79ea7886cc..83d82ea52a 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -32309,7 +32309,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 268cca109e..35874c7473 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -26460,7 +26460,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index b816da46a4..99e28442fa 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -32309,7 +32309,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action.js b/lib/init-action.js index c8a5a07903..d3436e53ff 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -32309,7 +32309,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index 67ca84e633..729c498f43 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -26460,7 +26460,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 4e3bc7058d..e404379014 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -26460,7 +26460,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 6d3712bb36..97da96bd7a 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -44996,7 +44996,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index d4bcd84035..cfe7beee2d 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -33606,7 +33606,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 64f1c69f20..67ac3d11f6 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -26460,7 +26460,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 1572ada22a..291a37ba21 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -32309,7 +32309,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.30.8", + version: "3.30.8", private: true, description: "CodeQL action", scripts: {