Merge branch 'main' into aeisenberg/fix-config-files

.github/workflows/pr-checks.yml

@@ -90,14 +90,18 @@ jobs:
     needs: [check-js, check-node-modules]
     strategy:
       matrix:
-        os: [ubuntu-latest, macos-latest]
+        os: [ubuntu-latest, macos-latest, windows-latest]
     runs-on: ${{ matrix.os }}
     timeout-minutes: 45
 
     steps:
       - uses: actions/checkout@v3
-      - name: npm run-script test
+      - name: npm test
-        run: npm run-script test
+        run: |
+          # Run any commands referenced in package.json using Bash, otherwise
+          # we won't be able to find them on Windows.
+          npm config set script-shell bash
+          npm test
 
   runner-analyze-javascript-ubuntu:
     name: Runner ubuntu JS analyze

.github/workflows/script/check-js.sh

@@ -14,8 +14,8 @@ npm run-script build
 # Check that repo is still clean
 if [ ! -z "$(git status --porcelain)" ]; then
     # If we get a fail here then the PR needs attention
-    >&2 echo "Failed: JavaScript files are not up to date. Run 'npm run-script build' to update"
+    >&2 echo "Failed: JavaScript files are not up to date. Run 'rm -rf lib && npm run-script build' to update"
     git status
     exit 1
 fi
-echo "Success: JavaScript files are up to date"
+echo "Success: JavaScript files are up to date"

.github/workflows/script/update-required-checks.sh

@@ -2,17 +2,19 @@
 # Update the required checks based on the current branch.
 # Typically, this will be main.
 
-if [ -z "$GITHUB_TOKEN" ]; then
+if ! gh auth status 2>/dev/null; then
-  echo "Failed: No GitHub token found. This script requires admin access to `github/codeql-action`."
+  gh auth status
+  echo "Failed: Not authorized. This script requires admin access to github/codeql-action through the gh CLI."
   exit 1
 fi
 
 if [ "$#" -eq 1 ]; then
-  # If we were passed an argument, pass it as a query to fzf
+  # If we were passed an argument, use that as the SHA
-  GITHUB_SHA="$@"
+  GITHUB_SHA="$0"
 elif [ "$#" -gt 1 ]; then
   echo "Usage: $0 [SHA]"
   echo "Update the required checks based on the SHA, or main."
+  exit 1
 elif [ -z "$GITHUB_SHA" ]; then
   # If we don't have a SHA, use main
   GITHUB_SHA="$(git rev-parse main)"
@@ -21,7 +23,7 @@ fi
 echo "Getting checks for $GITHUB_SHA"
 
 # Ignore any checks with "https://", CodeQL, LGTM, and Update checks.
-CHECKS="$(gh api repos/github/codeql-action/commits/${GITHUB_SHA}/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") or contains("update") | not)] | unique | sort')"
+CHECKS="$(gh api repos/github/codeql-action/commits/"${GITHUB_SHA}"/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") or contains("update") | not)] | unique | sort')"
 
 echo "$CHECKS" | jq
 

CHANGELOG.md

@@ -2,6 +2,15 @@
 
 ## [UNRELEASED]
 
+No user facing changes.
+
+## 2.1.16 - 13 Jul 2022
+
+- You can now quickly debug a job that uses the CodeQL Action by re-running the job from the GitHub UI and selecting the "Enable debug logging" option. [#1132](https://github.com/github/codeql-action/pull/1132)
+- You can now see diagnostic messages produced by the analysis in the logs of the `analyze` Action by enabling debug mode. To enable debug mode, pass `debug: true` to the `init` Action, or [enable step debug logging](https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging#enabling-step-debug-logging). This feature is available for CodeQL CLI version 2.10.0 and later. [#1133](https://github.com/github/codeql-action/pull/1133)
+
+## 2.1.15 - 28 Jun 2022
+
 - CodeQL query packs listed in the `packs` configuration field will be skipped if their target language is not being analyzed in the current Actions job. Previously, this would throw an error. [#1116](https://github.com/github/codeql-action/pull/1116)
 - The combination of python2 and poetry is no longer supported. See https://github.com/actions/setup-python/issues/374 for more details. [#1124](https://github.com/github/codeql-action/pull/1124)
 - Update default CodeQL bundle version to 2.10.0. [#1123](https://github.com/github/codeql-action/pull/1123)

init/action.yml

@@ -56,7 +56,10 @@ inputs:
       This input also sets the number of threads that can later be used by the "analyze" action.
     required: false
   debug:
-    description: Enable debugging mode. This will result in more output being produced which may be useful when debugging certain issues.
+    description: >-
+      Enable debugging mode.
+      This will result in more output being produced which may be useful when debugging certain issues.
+      Debugging mode is enabled automatically when step debug logging is turned on.
     required: false
     default: 'false'
   debug-artifact-name:

lib/actions-util.js

@@ -19,7 +19,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.sanitizeArifactName = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.sendStatusReport = exports.createStatusReportBase = exports.getActionsStatus = exports.getRef = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.getWorkflowRunID = exports.getWorkflow = exports.formatWorkflowCause = exports.formatWorkflowErrors = exports.validateWorkflow = exports.getWorkflowErrors = exports.WorkflowErrors = exports.patternIsSuperset = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getToolCacheDirectory = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
+exports.sanitizeArifactName = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.sendStatusReport = exports.createStatusReportBase = exports.getActionsStatus = exports.getRef = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.getWorkflowRunID = exports.getWorkflow = exports.formatWorkflowCause = exports.formatWorkflowErrors = exports.validateWorkflow = exports.getWorkflowErrors = exports.WorkflowErrors = exports.patternIsSuperset = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
@@ -66,13 +66,6 @@ function getTemporaryDirectory() {
         : (0, util_1.getRequiredEnvParam)("RUNNER_TEMP");
 }
 exports.getTemporaryDirectory = getTemporaryDirectory;
-function getToolCacheDirectory() {
-    const value = process.env["CODEQL_ACTION_TOOL_CACHE"];
-    return value !== undefined && value !== ""
-        ? value
-        : (0, util_1.getRequiredEnvParam)("RUNNER_TOOL_CACHE");
-}
-exports.getToolCacheDirectory = getToolCacheDirectory;
 /**
  * Gets the SHA of the commit that is currently checked out.
  */

lib/analysis-paths.js

@@ -58,14 +58,11 @@ function includeAndExcludeAnalysisPaths(config) {
     }
     // If the temporary or tools directory is in the working directory ignore that too.
     const tempRelativeToWorking = path.relative(process.cwd(), config.tempDir);
-    const toolsRelativeToWorking = path.relative(process.cwd(), config.toolCacheDir);
     let pathsIgnore = config.pathsIgnore;
-    if (!tempRelativeToWorking.startsWith("..")) {
+    if (!tempRelativeToWorking.startsWith("..") &&
+        !path.isAbsolute(tempRelativeToWorking)) {
         pathsIgnore = pathsIgnore.concat(tempRelativeToWorking);
     }
-    if (!toolsRelativeToWorking.startsWith("..")) {
-        pathsIgnore = pathsIgnore.concat(toolsRelativeToWorking);
-    }
     if (pathsIgnore.length !== 0) {
         process.env["LGTM_INDEX_EXCLUDE"] = buildIncludeExcludeEnvVar(pathsIgnore);
     }

lib/analysis-paths.js.map

@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,CACL,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,MAAM,CAC1E,CAAC;AACJ,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,qEAAqE;IACrE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,mGAAmG,CACpG,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,MAAM,sBAAsB,GAAG,IAAI,CAAC,QAAQ,CAC1C,OAAO,CAAC,GAAG,EAAE,EACb,MAAM,CAAC,YAAY,CACpB,CAAC;IACF,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IAAI,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;QAC3C,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;QAC5C,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;KAC1D;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AArCD,wEAqCC"}
+{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,CACL,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,MAAM,CAC1E,CAAC;AACJ,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,qEAAqE;IACrE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,mGAAmG,CACpG,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IACE,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC;QACvC,CAAC,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,EACvC;QACA,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AAjCD,wEAiCC"}

lib/analysis-paths.test.js

@@ -37,7 +37,6 @@ const util = __importStar(require("./util"));
             paths: [],
             originalUserInput: {},
             tempDir: tmpDir,
-            toolCacheDir: tmpDir,
             codeQLCmd: "",
             gitHubVersion: { type: util.GitHubVariant.DOTCOM },
             dbLocation: path.resolve(tmpDir, "codeql_databases"),
@@ -66,7 +65,6 @@ const util = __importStar(require("./util"));
             pathsIgnore: ["path4", "path5", "path6/**"],
             originalUserInput: {},
             tempDir: tmpDir,
-            toolCacheDir: tmpDir,
             codeQLCmd: "",
             gitHubVersion: { type: util.GitHubVariant.DOTCOM },
             dbLocation: path.resolve(tmpDir, "codeql_databases"),
@@ -87,33 +85,30 @@ const util = __importStar(require("./util"));
     });
 });
 (0, ava_1.default)("exclude temp dir", async (t) => {
-    return await util.withTmpDir(async (toolCacheDir) => {
+    const tempDir = path.join(process.cwd(), "codeql-runner-temp");
-        const tempDir = path.join(process.cwd(), "codeql-runner-temp");
+    const config = {
-        const config = {
+        languages: [],
-            languages: [],
+        queries: {},
-            queries: {},
+        pathsIgnore: [],
-            pathsIgnore: [],
+        paths: [],
-            paths: [],
+        originalUserInput: {},
-            originalUserInput: {},
+        tempDir,
-            tempDir,
+        codeQLCmd: "",
-            toolCacheDir,
+        gitHubVersion: { type: util.GitHubVariant.DOTCOM },
-            codeQLCmd: "",
+        dbLocation: path.resolve(tempDir, "codeql_databases"),
-            gitHubVersion: { type: util.GitHubVariant.DOTCOM },
+        packs: {},
-            dbLocation: path.resolve(tempDir, "codeql_databases"),
+        debugMode: false,
-            packs: {},
+        debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
-            debugMode: false,
+        debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
-            debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
+        augmentationProperties: {
-            debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
+            injectedMlQueries: false,
-            augmentationProperties: {
+            packsInputCombines: false,
-                injectedMlQueries: false,
+            queriesInputCombines: false,
-                packsInputCombines: false,
+        },
-                queriesInputCombines: false,
+    };
-            },
+    analysisPaths.includeAndExcludeAnalysisPaths(config);
-        };
+    t.is(process.env["LGTM_INDEX_INCLUDE"], undefined);
-        analysisPaths.includeAndExcludeAnalysisPaths(config);
+    t.is(process.env["LGTM_INDEX_EXCLUDE"], "codeql-runner-temp");
-        t.is(process.env["LGTM_INDEX_INCLUDE"], undefined);
+    t.is(process.env["LGTM_INDEX_FILTERS"], undefined);
-        t.is(process.env["LGTM_INDEX_EXCLUDE"], "codeql-runner-temp");
-        t.is(process.env["LGTM_INDEX_FILTERS"], undefined);
-    });
 });
 //# sourceMappingURL=analysis-paths.test.js.map

lib/analysis-paths.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;SACF,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;SACF,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;QAC/D,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO;YACP,YAAY;YACZ,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC;YACrD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;SACF,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;QAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;SACF,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;SACF,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;QACX,WAAW,EAAE,EAAE;QACf,KAAK,EAAE,EAAE;QACT,iBAAiB,EAAE,EAAE;QACrB,OAAO;QACP,SAAS,EAAE,EAAE;QACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;QACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC;QACrD,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,KAAK;QAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,sBAAsB,EAAE;YACtB,iBAAiB,EAAE,KAAK;YACxB,kBAAkB,EAAE,KAAK;YACzB,oBAAoB,EAAE,KAAK;SAC5B;KACF,CAAC;IACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;IACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;IAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC,CAAC,CAAC"}

lib/analyze-action.js

@@ -91,13 +91,13 @@ async function run() {
         const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
         if (config.debugMode) {
             // Upload the logs as an Actions artifact for debugging
-            const toUpload = [];
+            let toUpload = [];
             for (const language of config.languages) {
-                toUpload.push(...listFolder(path.resolve(util.getCodeQLDatabasePath(config, language), "log")));
+                toUpload = toUpload.concat(listFolder(path.resolve(util.getCodeQLDatabasePath(config, language), "log")));
             }
             if (await (0, util_1.codeQlVersionAbove)(codeql, codeql_1.CODEQL_VERSION_NEW_TRACING)) {
                 // Multilanguage tracing: there are additional logs in the root of the cluster
-                toUpload.push(...listFolder(path.resolve(config.dbLocation, "log")));
+                toUpload = toUpload.concat(listFolder(path.resolve(config.dbLocation, "log")));
             }
             await uploadDebugArtifacts(toUpload, config.dbLocation, config.debugArtifactName);
             if (!(await (0, util_1.codeQlVersionAbove)(codeql, codeql_1.CODEQL_VERSION_NEW_TRACING))) {
@@ -145,7 +145,7 @@ async function run() {
         return;
     }
     finally {
-        if (config !== undefined && config.debugMode) {
+        if (config === null || config === void 0 ? void 0 : config.debugMode) {
             try {
                 // Upload the database bundles as an Actions artifact for debugging
                 const toUpload = [];
@@ -158,7 +158,7 @@ async function run() {
                 console.log(`Failed to upload database debug bundles: ${error}`);
             }
         }
-        if (core.isDebug() && config !== undefined) {
+        if (config === null || config === void 0 ? void 0 : config.debugMode) {
             core.info("Debug mode is on. Printing CodeQL debug logs...");
             for (const language of config.languages) {
                 const databaseDirectory = util.getCodeQLDatabasePath(config, language);
@@ -204,13 +204,13 @@ async function uploadDebugArtifacts(toUpload, rootDir, artifactName) {
 }
 function listFolder(dir) {
     const entries = fs.readdirSync(dir, { withFileTypes: true });
-    const files = [];
+    let files = [];
     for (const entry of entries) {
         if (entry.isFile()) {
             files.push(path.resolve(dir, entry.name));
         }
         else if (entry.isDirectory()) {
-            files.push(...listFolder(path.resolve(dir, entry.name)));
+            files = files.concat(listFolder(path.resolve(dir, entry.name)));
         }
     }
     return files;

lib/analyze.js

@@ -115,10 +115,8 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
     const statusReport = {};
     let locPromise = Promise.resolve({});
     const cliCanCountBaseline = await cliCanCountLoC();
-    const debugMode = process.env["INTERNAL_CODEQL_ACTION_DEBUG_LOC"] ||
+    const countLocDebugMode = process.env["INTERNAL_CODEQL_ACTION_DEBUG_LOC"] || config.debugMode;
-        process.env["ACTIONS_RUNNER_DEBUG"] ||
+    if (!cliCanCountBaseline || countLocDebugMode) {
-        process.env["ACTIONS_STEP_DEBUG"];
-    if (!cliCanCountBaseline || debugMode) {
         // count the number of lines in the background
         locPromise = (0, count_loc_1.countLoc)(path.resolve(), 
         // config.paths specifies external directories. the current
@@ -153,7 +151,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
                 logger.startGroup(`Interpreting results for ${language}`);
                 const startTimeInterpretResults = new Date().getTime();
                 const sarifFile = path.join(sarifFolder, `${language}.sarif`);
-                const analysisSummary = await runInterpretResults(language, undefined, sarifFile);
+                const analysisSummary = await runInterpretResults(language, undefined, sarifFile, config.debugMode);
                 statusReport[`interpret_results_${language}_duration_ms`] =
                     new Date().getTime() - startTimeInterpretResults;
                 logger.endGroup();
@@ -197,7 +195,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
                 logger.startGroup(`Interpreting results for ${language}`);
                 const startTimeInterpretResults = new Date().getTime();
                 const sarifFile = path.join(sarifFolder, `${language}.sarif`);
-                const analysisSummary = await runInterpretResults(language, querySuitePaths, sarifFile);
+                const analysisSummary = await runInterpretResults(language, querySuitePaths, sarifFile, config.debugMode);
                 if (!cliCanCountBaseline) {
                     await injectLinesOfCode(sarifFile, language, locPromise);
                 }
@@ -206,7 +204,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
                 logger.endGroup();
                 logger.info(analysisSummary);
             }
-            if (!cliCanCountBaseline || debugMode) {
+            if (!cliCanCountBaseline || countLocDebugMode) {
                 printLinesOfCodeSummary(logger, language, await locPromise);
             }
             if (cliCanCountBaseline) {
@@ -223,9 +221,9 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
         }
     }
     return statusReport;
-    async function runInterpretResults(language, queries, sarifFile) {
+    async function runInterpretResults(language, queries, sarifFile, enableDebugLogging) {
         const databasePath = util.getCodeQLDatabasePath(config, language);
-        return await codeql.databaseInterpretResults(databasePath, queries, sarifFile, addSnippetsFlag, threadsFlag, automationDetailsId);
+        return await codeql.databaseInterpretResults(databasePath, queries, sarifFile, addSnippetsFlag, threadsFlag, enableDebugLogging ? "-vv" : "-v", automationDetailsId);
     }
     async function cliCanCountLoC() {
         return await util.codeQlVersionAbove(await (0, codeql_1.getCodeQL)(config.codeQLCmd), codeql_1.CODEQL_VERSION_COUNTS_LINES);
@@ -266,15 +264,6 @@ function createQuerySuiteContents(queries) {
     return queries.map((q) => `- query: ${q}`).join("\n");
 }
 async function runFinalize(outputDir, threadsFlag, memoryFlag, config, logger, featureFlags) {
-    const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
-    if (await util.codeQlVersionAbove(codeql, codeql_1.CODEQL_VERSION_NEW_TRACING)) {
-        // Delete variables as specified by the end-tracing script
-        await (0, tracer_config_1.endTracingForCluster)(config);
-    }
-    else {
-        // Delete the tracer config env var to avoid tracing ourselves
-        delete process.env[sharedEnv.ODASA_TRACER_CONFIGURATION];
-    }
     try {
         await (0, del_1.default)(outputDir, { force: true });
     }
@@ -285,6 +274,20 @@ async function runFinalize(outputDir, threadsFlag, memoryFlag, config, logger, f
     }
     await fs.promises.mkdir(outputDir, { recursive: true });
     await finalizeDatabaseCreation(config, threadsFlag, memoryFlag, logger, featureFlags);
+    const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
+    // WARNING: This does not _really_ end tracing, as the tracer will restore its
+    // critical environment variables and it'll still be active for all processes
+    // launched from this build step.
+    // However, it will stop tracing for all steps past the codeql-action/analyze
+    // step.
+    if (await util.codeQlVersionAbove(codeql, codeql_1.CODEQL_VERSION_NEW_TRACING)) {
+        // Delete variables as specified by the end-tracing script
+        await (0, tracer_config_1.endTracingForCluster)(config);
+    }
+    else {
+        // Delete the tracer config env var to avoid tracing ourselves
+        delete process.env[sharedEnv.ODASA_TRACER_CONFIGURATION];
+    }
 }
 exports.runFinalize = runFinalize;
 async function runCleanup(config, cleanupLevel, logger) {

lib/analyze.test.js

@@ -109,7 +109,6 @@ const util = __importStar(require("./util"));
                 paths: [],
                 originalUserInput: {},
                 tempDir: tmpDir,
-                toolCacheDir: tmpDir,
                 codeQLCmd: "",
                 gitHubVersion: {
                     type: util.GitHubVariant.DOTCOM,
@@ -223,7 +222,6 @@ const stubConfig = {
     paths: [],
     originalUserInput: {},
     tempDir: "",
-    toolCacheDir: "",
     codeQLCmd: "",
     gitHubVersion: {
         type: util.GitHubVariant.DOTCOM,

lib/codeql.js

@@ -26,17 +26,18 @@ exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
+const toolcache = __importStar(require("@actions/tool-cache"));
 const fast_deep_equal_1 = __importDefault(require("fast-deep-equal"));
 const yaml = __importStar(require("js-yaml"));
 const query_string_1 = __importDefault(require("query-string"));
 const semver = __importStar(require("semver"));
+const uuid_1 = require("uuid");
 const actions_util_1 = require("./actions-util");
 const api = __importStar(require("./api-client"));
 const defaults = __importStar(require("./defaults.json")); // Referenced from codeql-action-sync-tool!
 const error_matcher_1 = require("./error-matcher");
 const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
-const toolcache = __importStar(require("./toolcache"));
 const toolrunner_error_catcher_1 = require("./toolrunner-error-catcher");
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
@@ -210,14 +211,13 @@ async function getCodeQLBundleDownloadURL(apiDetails, variant, logger) {
  * @param codeqlURL
  * @param apiDetails
  * @param tempDir
- * @param toolCacheDir
  * @param variant
  * @param logger
  * @param checkVersion Whether to check that CodeQL CLI meets the minimum
  *        version requirement. Must be set to true outside tests.
  * @returns
  */
-async function setupCodeQL(codeqlURL, apiDetails, tempDir, toolCacheDir, variant, logger, checkVersion) {
+async function setupCodeQL(codeqlURL, apiDetails, tempDir, variant, logger, checkVersion) {
     try {
         // We use the special value of 'latest' to prioritize the version in the
         // defaults over any pinned cached version.
@@ -228,21 +228,21 @@ async function setupCodeQL(codeqlURL, apiDetails, tempDir, toolCacheDir, variant
         let codeqlFolder;
         let codeqlURLVersion;
         if (codeqlURL && !codeqlURL.startsWith("http")) {
-            codeqlFolder = await toolcache.extractTar(codeqlURL, tempDir, logger);
+            codeqlFolder = await toolcache.extractTar(codeqlURL);
             codeqlURLVersion = "local";
         }
         else {
             codeqlURLVersion = getCodeQLURLVersion(codeqlURL || `/${CODEQL_BUNDLE_VERSION}/`);
             const codeqlURLSemVer = convertToSemVer(codeqlURLVersion, logger);
             // If we find the specified version, we always use that.
-            codeqlFolder = toolcache.find("CodeQL", codeqlURLSemVer, toolCacheDir, logger);
+            codeqlFolder = toolcache.find("CodeQL", codeqlURLSemVer);
             // If we don't find the requested version, in some cases we may allow a
             // different version to save download time if the version hasn't been
             // specified explicitly (in which case we always honor it).
             if (!codeqlFolder && !codeqlURL && !forceLatest) {
-                const codeqlVersions = toolcache.findAllVersions("CodeQL", toolCacheDir, logger);
+                const codeqlVersions = toolcache.findAllVersions("CodeQL");
                 if (codeqlVersions.length === 1 && (0, util_1.isGoodVersion)(codeqlVersions[0])) {
-                    const tmpCodeqlFolder = toolcache.find("CodeQL", codeqlVersions[0], toolCacheDir, logger);
+                    const tmpCodeqlFolder = toolcache.find("CodeQL", codeqlVersions[0]);
                     if (fs.existsSync(path.join(tmpCodeqlFolder, "pinned-version"))) {
                         logger.debug(`CodeQL in cache overriding the default ${CODEQL_BUNDLE_VERSION}`);
                         codeqlFolder = tmpCodeqlFolder;
@@ -274,10 +274,12 @@ async function setupCodeQL(codeqlURL, apiDetails, tempDir, toolCacheDir, variant
                     logger.debug("Downloading CodeQL bundle without token.");
                 }
                 logger.info(`Downloading CodeQL tools from ${codeqlURL}. This may take a while.`);
-                const codeqlPath = await toolcache.downloadTool(codeqlURL, tempDir, headers);
+                const dest = path.join(tempDir, (0, uuid_1.v4)());
+                const finalHeaders = Object.assign({ "User-Agent": "CodeQL Action" }, headers);
+                const codeqlPath = await toolcache.downloadTool(codeqlURL, dest, undefined, finalHeaders);
                 logger.debug(`CodeQL bundle download to ${codeqlPath} complete.`);
-                const codeqlExtracted = await toolcache.extractTar(codeqlPath, tempDir, logger);
+                const codeqlExtracted = await toolcache.extractTar(codeqlPath);
-                codeqlFolder = await toolcache.cacheDir(codeqlExtracted, "CodeQL", codeqlURLSemVer, toolCacheDir, logger);
+                codeqlFolder = await toolcache.cacheDir(codeqlExtracted, "CodeQL", codeqlURLSemVer);
             }
         }
         let codeqlCmd = path.join(codeqlFolder, "codeql", "codeql");
@@ -625,13 +627,13 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             }
             await runTool(cmd, codeqlArgs);
         },
-        async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, automationDetailsId) {
+        async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, automationDetailsId) {
             const codeqlArgs = [
                 "database",
                 "interpret-results",
                 threadsFlag,
                 "--format=sarif-latest",
-                "-v",
+                verbosityFlag,
                 `--output=${sarifFile}`,
                 addSnippetsFlag,
                 ...getExtraOptionsFromEnv(["database", "interpret-results"]),

lib/codeql.test.js

@@ -59,7 +59,6 @@ ava_1.default.beforeEach(() => {
         paths: [],
         originalUserInput: {},
         tempDir: "",
-        toolCacheDir: "",
         codeQLCmd: "",
         gitHubVersion: {
             type: util.GitHubVariant.DOTCOM,
@@ -85,7 +84,7 @@ ava_1.default.beforeEach(() => {
             (0, nock_1.default)("https://example.com")
                 .get(`/download/codeql-bundle-${version}/codeql-bundle.tar.gz`)
                 .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
-            await codeql.setupCodeQL(`https://example.com/download/codeql-bundle-${version}/codeql-bundle.tar.gz`, sampleApiDetails, tmpDir, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
+            await codeql.setupCodeQL(`https://example.com/download/codeql-bundle-${version}/codeql-bundle.tar.gz`, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
             t.assert(toolcache.find("CodeQL", `0.0.0-${version}`));
         }
         const cachedVersions = toolcache.findAllVersions("CodeQL");
@@ -98,12 +97,12 @@ ava_1.default.beforeEach(() => {
         (0, nock_1.default)("https://example.com")
             .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
             .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
-        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
         t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
         (0, nock_1.default)("https://example.com")
             .get(`/download/codeql-bundle-20200610/codeql-bundle.tar.gz`)
             .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
-        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200610/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200610/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
         t.assert(toolcache.find("CodeQL", "0.0.0-20200610"));
     });
 });
@@ -113,9 +112,9 @@ ava_1.default.beforeEach(() => {
         (0, nock_1.default)("https://example.com")
             .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
             .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
-        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
         t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
-        await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
+        await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
         const cachedVersions = toolcache.findAllVersions("CodeQL");
         t.is(cachedVersions.length, 1);
     });
@@ -126,7 +125,7 @@ ava_1.default.beforeEach(() => {
         (0, nock_1.default)("https://example.com")
             .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
             .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
-        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
         t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
         const platform = process.platform === "win32"
             ? "win64"
@@ -136,7 +135,7 @@ ava_1.default.beforeEach(() => {
         (0, nock_1.default)("https://github.com")
             .get(`/github/codeql-action/releases/download/${defaults.bundleVersion}/codeql-bundle-${platform}.tar.gz`)
             .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
-        await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
+        await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
         const cachedVersions = toolcache.findAllVersions("CodeQL");
         t.is(cachedVersions.length, 2);
     });
@@ -147,7 +146,7 @@ ava_1.default.beforeEach(() => {
         (0, nock_1.default)("https://example.com")
             .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
             .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
-        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
         t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
         const platform = process.platform === "win32"
             ? "win64"
@@ -157,7 +156,7 @@ ava_1.default.beforeEach(() => {
         (0, nock_1.default)("https://github.com")
             .get(`/github/codeql-action/releases/download/${defaults.bundleVersion}/codeql-bundle-${platform}.tar.gz`)
             .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
-        await codeql.setupCodeQL("latest", sampleApiDetails, tmpDir, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
+        await codeql.setupCodeQL("latest", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, (0, logging_1.getRunnerLogger)(true), false);
         const cachedVersions = toolcache.findAllVersions("CodeQL");
         t.is(cachedVersions.length, 2);
     });
@@ -185,7 +184,7 @@ ava_1.default.beforeEach(() => {
         (0, nock_1.default)("https://example.githubenterprise.com")
             .get(`/github/codeql-action/releases/download/${defaults.bundleVersion}/${codeQLBundleName}`)
             .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
-        await codeql.setupCodeQL(undefined, sampleGHAEApiDetails, tmpDir, tmpDir, util.GitHubVariant.GHAE, (0, logging_1.getRunnerLogger)(true), false);
+        await codeql.setupCodeQL(undefined, sampleGHAEApiDetails, tmpDir, util.GitHubVariant.GHAE, (0, logging_1.getRunnerLogger)(true), false);
         const cachedVersions = toolcache.findAllVersions("CodeQL");
         t.is(cachedVersions.length, 1);
     });
@@ -253,14 +252,14 @@ ava_1.default.beforeEach(() => {
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
     sinon.stub(codeqlObject, "getVersion").resolves("2.7.0");
-    await codeqlObject.databaseInterpretResults("", [], "", "", "", "");
+    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
     t.false(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"), "--sarif-add-query-help should be absent, but it is present");
 });
 (0, ava_1.default)("databaseInterpretResults() sets --sarif-add-query-help for 2.7.1", async (t) => {
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
     sinon.stub(codeqlObject, "getVersion").resolves("2.7.1");
-    await codeqlObject.databaseInterpretResults("", [], "", "", "", "");
+    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
     t.true(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"), "--sarif-add-query-help should be present, but it is absent");
 });
 (0, ava_1.default)("databaseInitCluster() Lua feature flag enabled, but old CLI", async (t) => {
@@ -359,7 +358,7 @@ const injectedConfigMacro = ava_1.default.macro({
     queriesInputCombines: false,
     packsInputCombines: false,
 }, {}, {
-    packs: ["codeql/javascript-experimental-atm-queries@~0.1.0"],
+    packs: ["codeql/javascript-experimental-atm-queries@~0.3.0"],
 });
 (0, ava_1.default)("injected ML queries with existing packs", injectedConfigMacro, {
     injectedMlQueries: true,
@@ -373,7 +372,7 @@ const injectedConfigMacro = ava_1.default.macro({
     packs: {
         javascript: [
             "codeql/something-else",
-            "codeql/javascript-experimental-atm-queries@~0.1.0",
+            "codeql/javascript-experimental-atm-queries@~0.3.0",
         ],
     },
 });
@@ -388,7 +387,7 @@ const injectedConfigMacro = ava_1.default.macro({
 }, {
     packs: {
         cpp: ["codeql/something-else"],
-        javascript: ["codeql/javascript-experimental-atm-queries@~0.1.0"],
+        javascript: ["codeql/javascript-experimental-atm-queries@~0.3.0"],
     },
 });
 (0, ava_1.default)("injected packs from input", injectedConfigMacro, {
@@ -441,7 +440,7 @@ const injectedConfigMacro = ava_1.default.macro({
         },
     },
 }, {
-    packs: ["xxx", "yyy", "codeql/javascript-experimental-atm-queries@~0.1.0"],
+    packs: ["xxx", "yyy", "codeql/javascript-experimental-atm-queries@~0.3.0"],
 });
 // similar, but with queries
 (0, ava_1.default)("injected queries from input", injectedConfigMacro, {

lib/config-utils.js

@@ -462,7 +462,7 @@ function shouldAddConfigFileQueries(queriesInput) {
 /**
  * Get the default config for when the user has not supplied one.
  */
-async function getDefaultConfig(languagesInput, rawQueriesInput, rawPacksInput, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
+async function getDefaultConfig(languagesInput, rawQueriesInput, rawPacksInput, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
     const languages = await getLanguages(codeQL, languagesInput, repository, apiDetails, logger);
     const queries = {};
     for (const language of languages) {
@@ -490,7 +490,6 @@ async function getDefaultConfig(languagesInput, rawQueriesInput, rawPacksInput,
         packs,
         originalUserInput: {},
         tempDir,
-        toolCacheDir,
         codeQLCmd: codeQL.getPath(),
         gitHubVersion,
         dbLocation: dbLocationOrDefault(dbLocation, tempDir),
@@ -504,7 +503,7 @@ exports.getDefaultConfig = getDefaultConfig;
 /**
  * Load the config from the given file.
  */
-async function loadConfig(languagesInput, rawQueriesInput, rawPacksInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
+async function loadConfig(languagesInput, rawQueriesInput, rawPacksInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
     var _a;
     let parsedYAML;
     if (isLocal(configFile)) {
@@ -599,7 +598,6 @@ async function loadConfig(languagesInput, rawQueriesInput, rawPacksInput, config
         packs,
         originalUserInput: parsedYAML,
         tempDir,
-        toolCacheDir,
         codeQLCmd: codeQL.getPath(),
         gitHubVersion,
         dbLocation: dbLocationOrDefault(dbLocation, tempDir),
@@ -780,7 +778,13 @@ function validatePacksSpecification(packStr, configFile) {
         }
     }
     if (packPath &&
-        (path.isAbsolute(packPath) || path.normalize(packPath) !== packPath)) {
+        (path.isAbsolute(packPath) ||
+            // Permit using "/" instead of "\" on Windows
+            // Use `x.split(y).join(z)` as a polyfill for `x.replaceAll(y, z)` since
+            // if we used a regex we'd need to escape the path separator on Windows
+            // which seems more awkward.
+            path.normalize(packPath).split(path.sep).join("/") !==
+                packPath.split(path.sep).join("/"))) {
         throw new Error(getPacksStrInvalid(packStr, configFile));
     }
     if (!packPath && pathStart) {
@@ -839,16 +843,16 @@ function dbLocationOrDefault(dbLocation, tempDir) {
  * This will parse the config from the user input if present, or generate
  * a default config. The parsed config is then stored to a known location.
  */
-async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
+async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
     var _a, _b, _c;
     let config;
     // If no config file was provided create an empty one
     if (!configFile) {
         logger.debug("No configuration file was provided");
-        config = await getDefaultConfig(languagesInput, queriesInput, packsInput, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger);
+        config = await getDefaultConfig(languagesInput, queriesInput, packsInput, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger);
     }
     else {
-        config = await loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger);
+        config = await loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger);
     }
     // The list of queries should not be empty for any language. If it is then
     // it is a user configuration error.

lib/config-utils.test.js

@@ -88,8 +88,8 @@ function mockListLanguages(languages) {
                 };
             },
         });
-        const config = await configUtils.initConfig(languages, undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger);
+        const config = await configUtils.initConfig(languages, undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger);
-        t.deepEqual(config, await configUtils.getDefaultConfig(languages, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger));
+        t.deepEqual(config, await configUtils.getDefaultConfig(languages, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger));
     });
 });
 (0, ava_1.default)("loading config saves config", async (t) => {
@@ -111,7 +111,7 @@ function mockListLanguages(languages) {
         t.false(fs.existsSync(configUtils.getPathToParsedConfigFile(tmpDir)));
         // Sanity check that getConfig returns undefined before we have called initConfig
         t.deepEqual(await configUtils.getConfig(tmpDir, logger), undefined);
-        const config1 = await configUtils.initConfig("javascript,python", undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger);
+        const config1 = await configUtils.initConfig("javascript,python", undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger);
         // The saved config file should now exist
         t.true(fs.existsSync(configUtils.getPathToParsedConfigFile(tmpDir)));
         // And that same newly-initialised config should now be returned by getConfig
@@ -127,7 +127,7 @@ function mockListLanguages(languages) {
 (0, ava_1.default)("load input outside of workspace", async (t) => {
     return await util.withTmpDir(async (tmpDir) => {
         try {
-            await configUtils.initConfig(undefined, undefined, undefined, "../input", undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(undefined, undefined, undefined, "../input", undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -140,7 +140,7 @@ function mockListLanguages(languages) {
         // no filename given, just a repo
         const configFile = "octo-org/codeql-config@main";
         try {
-            await configUtils.initConfig(undefined, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(undefined, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -154,7 +154,7 @@ function mockListLanguages(languages) {
         const configFile = "input";
         t.false(fs.existsSync(path.join(tmpDir, configFile)));
         try {
-            await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -214,7 +214,6 @@ function mockListLanguages(languages) {
                 paths: ["c/d"],
             },
             tempDir: tmpDir,
-            toolCacheDir: tmpDir,
             codeQLCmd: codeQL.getPath(),
             gitHubVersion,
             dbLocation: path.resolve(tmpDir, "codeql_databases"),
@@ -232,7 +231,7 @@ function mockListLanguages(languages) {
         };
         const languages = "javascript";
         const configFilePath = createConfigFile(inputFileContents, tmpDir);
-        const actualConfig = await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, "my-artifact", "my-db", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+        const actualConfig = await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, "my-artifact", "my-db", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
         // Should exactly equal the object we constructed earlier
         t.deepEqual(actualConfig, expectedConfig);
     });
@@ -268,7 +267,7 @@ function mockListLanguages(languages) {
         fs.mkdirSync(path.join(tmpDir, "foo"));
         const languages = "javascript";
         const configFilePath = createConfigFile(inputFileContents, tmpDir);
-        await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+        await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
         // Check resolve queries was called correctly
         t.deepEqual(resolveQueriesArgs.length, 1);
         t.deepEqual(resolveQueriesArgs[0].queries, [
@@ -311,18 +310,18 @@ function queriesToResolvedQueryForm(queries) {
             },
         });
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
         // Check resolveQueries was called correctly
         // It'll be called once for the default queries
         // and once for `./foo` from the config file.
         t.deepEqual(resolveQueriesArgs.length, 2);
         t.deepEqual(resolveQueriesArgs[1].queries.length, 1);
-        t.regex(resolveQueriesArgs[1].queries[0], /.*\/foo$/);
+        t.true(resolveQueriesArgs[1].queries[0].endsWith(`${path.sep}foo`));
         // Now check that the end result contains the default queries and the query from config
         t.deepEqual(config.queries["javascript"].builtin.length, 1);
         t.deepEqual(config.queries["javascript"].custom.length, 1);
-        t.regex(config.queries["javascript"].builtin[0], /javascript-code-scanning.qls$/);
+        t.true(config.queries["javascript"].builtin[0].endsWith("javascript-code-scanning.qls"));
-        t.regex(config.queries["javascript"].custom[0].queries[0], /.*\/foo$/);
+        t.true(config.queries["javascript"].custom[0].queries[0].endsWith(`${path.sep}foo`));
     });
 });
 (0, ava_1.default)("Queries from config file can be overridden in workflow file", async (t) => {
@@ -344,18 +343,18 @@ function queriesToResolvedQueryForm(queries) {
             },
         });
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
         // Check resolveQueries was called correctly
         // It'll be called once for the default queries and once for `./override`,
         // but won't be called for './foo' from the config file.
         t.deepEqual(resolveQueriesArgs.length, 2);
         t.deepEqual(resolveQueriesArgs[1].queries.length, 1);
-        t.regex(resolveQueriesArgs[1].queries[0], /.*\/override$/);
+        t.true(resolveQueriesArgs[1].queries[0].endsWith(`${path.sep}override`));
         // Now check that the end result contains only the default queries and the override query
         t.deepEqual(config.queries["javascript"].builtin.length, 1);
         t.deepEqual(config.queries["javascript"].custom.length, 1);
-        t.regex(config.queries["javascript"].builtin[0], /javascript-code-scanning.qls$/);
+        t.true(config.queries["javascript"].builtin[0].endsWith("javascript-code-scanning.qls"));
-        t.regex(config.queries["javascript"].custom[0].queries[0], /.*\/override$/);
+        t.true(config.queries["javascript"].custom[0].queries[0].endsWith(`${path.sep}override`));
     });
 });
 (0, ava_1.default)("Queries in workflow file can be used in tandem with the 'disable default queries' option", async (t) => {
@@ -376,17 +375,17 @@ function queriesToResolvedQueryForm(queries) {
             },
         });
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
         // Check resolveQueries was called correctly
         // It'll be called once for `./workflow-query`,
         // but won't be called for the default one since that was disabled
         t.deepEqual(resolveQueriesArgs.length, 1);
         t.deepEqual(resolveQueriesArgs[0].queries.length, 1);
-        t.regex(resolveQueriesArgs[0].queries[0], /.*\/workflow-query$/);
+        t.true(resolveQueriesArgs[0].queries[0].endsWith(`${path.sep}workflow-query`));
         // Now check that the end result contains only the workflow query, and not the default one
         t.deepEqual(config.queries["javascript"].builtin.length, 0);
         t.deepEqual(config.queries["javascript"].custom.length, 1);
-        t.regex(config.queries["javascript"].custom[0].queries[0], /.*\/workflow-query$/);
+        t.true(config.queries["javascript"].custom[0].queries[0].endsWith(`${path.sep}workflow-query`));
     });
 });
 (0, ava_1.default)("Multiple queries can be specified in workflow file, no config file required", async (t) => {
@@ -402,21 +401,21 @@ function queriesToResolvedQueryForm(queries) {
             },
         });
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, testQueries, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, testQueries, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
         // Check resolveQueries was called correctly:
         // It'll be called once for the default queries,
         // and then once for each of the two queries from the workflow
         t.deepEqual(resolveQueriesArgs.length, 3);
         t.deepEqual(resolveQueriesArgs[1].queries.length, 1);
         t.deepEqual(resolveQueriesArgs[2].queries.length, 1);
-        t.regex(resolveQueriesArgs[1].queries[0], /.*\/override1$/);
+        t.true(resolveQueriesArgs[1].queries[0].endsWith(`${path.sep}override1`));
-        t.regex(resolveQueriesArgs[2].queries[0], /.*\/override2$/);
+        t.true(resolveQueriesArgs[2].queries[0].endsWith(`${path.sep}override2`));
         // Now check that the end result contains both the queries from the workflow, as well as the defaults
         t.deepEqual(config.queries["javascript"].builtin.length, 1);
         t.deepEqual(config.queries["javascript"].custom.length, 2);
-        t.regex(config.queries["javascript"].builtin[0], /javascript-code-scanning.qls$/);
+        t.true(config.queries["javascript"].builtin[0].endsWith("javascript-code-scanning.qls"));
-        t.regex(config.queries["javascript"].custom[0].queries[0], /.*\/override1$/);
+        t.true(config.queries["javascript"].custom[0].queries[0].endsWith(`${path.sep}override1`));
-        t.regex(config.queries["javascript"].custom[1].queries[0], /.*\/override2$/);
+        t.true(config.queries["javascript"].custom[1].queries[0].endsWith(`${path.sep}override2`));
     });
 });
 (0, ava_1.default)("Queries in workflow file can be added to the set of queries without overriding config file", async (t) => {
@@ -441,25 +440,25 @@ function queriesToResolvedQueryForm(queries) {
             },
         });
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
         // Check resolveQueries was called correctly
         // It'll be called once for the default queries,
         // once for each of additional1 and additional2,
         // and once for './foo' from the config file
         t.deepEqual(resolveQueriesArgs.length, 4);
         t.deepEqual(resolveQueriesArgs[1].queries.length, 1);
-        t.regex(resolveQueriesArgs[1].queries[0], /.*\/additional1$/);
+        t.true(resolveQueriesArgs[1].queries[0].endsWith(`${path.sep}additional1`));
         t.deepEqual(resolveQueriesArgs[2].queries.length, 1);
-        t.regex(resolveQueriesArgs[2].queries[0], /.*\/additional2$/);
+        t.true(resolveQueriesArgs[2].queries[0].endsWith(`${path.sep}additional2`));
         t.deepEqual(resolveQueriesArgs[3].queries.length, 1);
-        t.regex(resolveQueriesArgs[3].queries[0], /.*\/foo$/);
+        t.true(resolveQueriesArgs[3].queries[0].endsWith(`${path.sep}foo`));
         // Now check that the end result contains all the queries
         t.deepEqual(config.queries["javascript"].builtin.length, 1);
         t.deepEqual(config.queries["javascript"].custom.length, 3);
-        t.regex(config.queries["javascript"].builtin[0], /javascript-code-scanning.qls$/);
+        t.true(config.queries["javascript"].builtin[0].endsWith("javascript-code-scanning.qls"));
-        t.regex(config.queries["javascript"].custom[0].queries[0], /.*\/additional1$/);
+        t.true(config.queries["javascript"].custom[0].queries[0].endsWith(`${path.sep}additional1`));
-        t.regex(config.queries["javascript"].custom[1].queries[0], /.*\/additional2$/);
+        t.true(config.queries["javascript"].custom[1].queries[0].endsWith(`${path.sep}additional2`));
-        t.regex(config.queries["javascript"].custom[2].queries[0], /.*\/foo$/);
+        t.true(config.queries["javascript"].custom[2].queries[0].endsWith(`${path.sep}foo`));
     });
 });
 (0, ava_1.default)("Invalid queries in workflow file handled correctly", async (t) => {
@@ -480,7 +479,7 @@ function queriesToResolvedQueryForm(queries) {
             },
         });
         try {
-            await configUtils.initConfig(languages, queries, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(languages, queries, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
             t.fail("initConfig did not throw error");
         }
         catch (err) {
@@ -523,7 +522,7 @@ function queriesToResolvedQueryForm(queries) {
         fs.mkdirSync(path.join(tmpDir, "foo/bar/dev"), { recursive: true });
         const configFile = "octo-org/codeql-config/config.yaml@main";
         const languages = "javascript";
-        await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+        await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
         t.assert(spyGetContents.called);
     });
 });
@@ -533,7 +532,7 @@ function queriesToResolvedQueryForm(queries) {
         mockGetContents(dummyResponse);
         const repoReference = "octo-org/codeql-config/config.yaml@main";
         try {
-            await configUtils.initConfig(undefined, undefined, undefined, repoReference, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(undefined, undefined, undefined, repoReference, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -549,7 +548,7 @@ function queriesToResolvedQueryForm(queries) {
         mockGetContents(dummyResponse);
         const repoReference = "octo-org/codeql-config/config.yaml@main";
         try {
-            await configUtils.initConfig(undefined, undefined, undefined, repoReference, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(undefined, undefined, undefined, repoReference, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -566,7 +565,7 @@ function queriesToResolvedQueryForm(queries) {
             },
         });
         try {
-            await configUtils.initConfig(undefined, undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(undefined, undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -578,7 +577,7 @@ function queriesToResolvedQueryForm(queries) {
     return await util.withTmpDir(async (tmpDir) => {
         const languages = "rubbish,english";
         try {
-            await configUtils.initConfig(languages, undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(languages, undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -606,7 +605,7 @@ function queriesToResolvedQueryForm(queries) {
         const configFile = path.join(tmpDir, "codeql-config.yaml");
         fs.writeFileSync(configFile, inputFileContents);
         const languages = "javascript";
-        const { packs } = await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+        const { packs } = await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
         t.deepEqual(packs, {
             [languages_1.Language.javascript]: ["a/b@1.2.3"],
         });
@@ -640,7 +639,7 @@ function queriesToResolvedQueryForm(queries) {
         fs.writeFileSync(configFile, inputFileContents);
         fs.mkdirSync(path.join(tmpDir, "foo"));
         const languages = "javascript,python,cpp";
-        const { packs, queries } = await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example" }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+        const { packs, queries } = await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example" }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
         t.deepEqual(packs, {
             [languages_1.Language.javascript]: ["a/b@1.2.3"],
             [languages_1.Language.python]: ["c/d@1.2.3"],
@@ -683,7 +682,7 @@ function doInvalidInputTest(testName, inputFileContents, expectedErrorMessageGen
             const inputFile = path.join(tmpDir, configFile);
             fs.writeFileSync(inputFile, inputFileContents, "utf8");
             try {
-                await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
+                await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
                 throw new Error("initConfig did not throw error");
             }
             catch (err) {
@@ -900,7 +899,7 @@ const mlPoweredQueriesMacro = ava_1.default.macro({
                     };
                 },
             });
-            const { packs } = await configUtils.initConfig("javascript", queriesInput, packsInput, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)(isMlPoweredQueriesFlagEnabled
+            const { packs } = await configUtils.initConfig("javascript", queriesInput, packsInput, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)(isMlPoweredQueriesFlagEnabled
                 ? [feature_flags_1.FeatureFlag.MlPoweredQueriesEnabled]
                 : []), (0, logging_1.getRunnerLogger)(true));
             if (expectedVersionString !== undefined) {

lib/database-upload.test.js

@@ -50,7 +50,6 @@ function getTestConfig(tmpDir) {
         paths: [],
         originalUserInput: {},
         tempDir: tmpDir,
-        toolCacheDir: tmpDir,
         codeQLCmd: "foo",
         gitHubVersion: { type: util_1.GitHubVariant.DOTCOM },
         dbLocation: tmpDir,

lib/fingerprints.js

@@ -24,6 +24,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.addFingerprints = exports.resolveUriToFile = exports.hash = void 0;
 const fs = __importStar(require("fs"));
+const path_1 = __importDefault(require("path"));
 const long_1 = __importDefault(require("long"));
 const tab = "\t".charCodeAt(0);
 const space = " ".charCodeAt(0);
@@ -209,7 +210,7 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) {
     // Just assume a relative path is relative to the src root.
     // This is not necessarily true but should be a good approximation
     // and here we likely want to err on the side of handling more cases.
-    if (!uri.startsWith("/")) {
+    if (!path_1.default.isAbsolute(uri)) {
         uri = srcRootPrefix + uri;
     }
     // Check the file exists

lib/fingerprints.test.js

@@ -131,20 +131,22 @@ function testResolveUriToFile(uri, index, artifactsURIs) {
     return fingerprints.resolveUriToFile(location, artifacts, process.cwd(), (0, logging_1.getRunnerLogger)(true));
 }
 (0, ava_1.default)("resolveUriToFile", (t) => {
+    var _a, _b;
     // The resolveUriToFile method checks that the file exists and is in the right directory
     // so we need to give it real files to look at. We will use this file as an example.
     // For this to work we require the current working directory to be a parent, but this
     // should generally always be the case so this is fine.
-    const cwd = process.cwd();
+    const filepath = __filename.split(path.sep).join("/");
-    const filepath = __filename;
+    const relativeFilepath = path
-    t.true(filepath.startsWith(`${cwd}/`));
+        .relative(process.cwd(), __filename)
-    const relativeFilepath = filepath.substring(cwd.length + 1);
+        .split(path.sep)
+        .join("/");
     // Absolute paths are unmodified
     t.is(testResolveUriToFile(filepath, undefined, []), filepath);
     t.is(testResolveUriToFile(`file://${filepath}`, undefined, []), filepath);
     // Relative paths are made absolute
-    t.is(testResolveUriToFile(relativeFilepath, undefined, []), filepath);
+    t.is((_a = testResolveUriToFile(relativeFilepath, undefined, [])) === null || _a === void 0 ? void 0 : _a.split(path.sep).join("/"), filepath);
-    t.is(testResolveUriToFile(`file://${relativeFilepath}`, undefined, []), filepath);
+    t.is((_b = testResolveUriToFile(`file://${relativeFilepath}`, undefined, [])) === null || _b === void 0 ? void 0 : _b.split(path.sep).join("/"), filepath);
     // Absolute paths outside the src root are discarded
     t.is(testResolveUriToFile("/src/foo/bar.js", undefined, []), undefined);
     t.is(testResolveUriToFile("file:///src/foo/bar.js", undefined, []), undefined);

lib/init-action.js

@@ -89,11 +89,16 @@ async function run() {
         if (!(await (0, actions_util_1.sendStatusReport)(await (0, actions_util_1.createStatusReportBase)("init", "starting", startedAt, workflowErrors)))) {
             return;
         }
-        const initCodeQLResult = await (0, init_1.initCodeQL)((0, actions_util_1.getOptionalInput)("tools"), apiDetails, (0, actions_util_1.getTemporaryDirectory)(), (0, actions_util_1.getToolCacheDirectory)(), gitHubVersion.type, logger);
+        const initCodeQLResult = await (0, init_1.initCodeQL)((0, actions_util_1.getOptionalInput)("tools"), apiDetails, (0, actions_util_1.getTemporaryDirectory)(), gitHubVersion.type, logger);
         codeql = initCodeQLResult.codeql;
         toolsVersion = initCodeQLResult.toolsVersion;
         await (0, util_1.enrichEnvironment)(util_1.Mode.actions, codeql);
-        config = await (0, init_1.initConfig)((0, actions_util_1.getOptionalInput)("languages"), (0, actions_util_1.getOptionalInput)("queries"), (0, actions_util_1.getOptionalInput)("packs"), (0, actions_util_1.getOptionalInput)("config-file"), (0, actions_util_1.getOptionalInput)("db-location"), (0, actions_util_1.getOptionalInput)("debug") === "true", (0, actions_util_1.getOptionalInput)("debug-artifact-name") || util_1.DEFAULT_DEBUG_ARTIFACT_NAME, (0, actions_util_1.getOptionalInput)("debug-database-name") || util_1.DEFAULT_DEBUG_DATABASE_NAME, repositoryNwo, (0, actions_util_1.getTemporaryDirectory)(), (0, util_1.getRequiredEnvParam)("RUNNER_TOOL_CACHE"), codeql, (0, util_1.getRequiredEnvParam)("GITHUB_WORKSPACE"), gitHubVersion, apiDetails, featureFlags, logger);
+        config = await (0, init_1.initConfig)((0, actions_util_1.getOptionalInput)("languages"), (0, actions_util_1.getOptionalInput)("queries"), (0, actions_util_1.getOptionalInput)("packs"), (0, actions_util_1.getOptionalInput)("config-file"), (0, actions_util_1.getOptionalInput)("db-location"), 
+        // Debug mode is enabled if:
+        // - The `init` Action is passed `debug: true`.
+        // - Actions step debugging is enabled (e.g. by [enabling debug logging for a rerun](https://docs.github.com/en/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-all-the-jobs-in-a-workflow),
+        //   or by setting the `ACTIONS_STEP_DEBUG` secret to `true`).
+        (0, actions_util_1.getOptionalInput)("debug") === "true" || core.isDebug(), (0, actions_util_1.getOptionalInput)("debug-artifact-name") || util_1.DEFAULT_DEBUG_ARTIFACT_NAME, (0, actions_util_1.getOptionalInput)("debug-database-name") || util_1.DEFAULT_DEBUG_DATABASE_NAME, repositoryNwo, (0, actions_util_1.getTemporaryDirectory)(), codeql, (0, util_1.getRequiredEnvParam)("GITHUB_WORKSPACE"), gitHubVersion, apiDetails, featureFlags, logger);
         if (config.languages.includes(languages_1.Language.python) &&
             (0, actions_util_1.getRequiredInput)("setup-python-dependencies") === "true") {
             try {

lib/init.js

@@ -30,17 +30,17 @@ const configUtils = __importStar(require("./config-utils"));
 const tracer_config_1 = require("./tracer-config");
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
-async function initCodeQL(codeqlURL, apiDetails, tempDir, toolCacheDir, variant, logger) {
+async function initCodeQL(codeqlURL, apiDetails, tempDir, variant, logger) {
     logger.startGroup("Setup CodeQL tools");
-    const { codeql, toolsVersion } = await (0, codeql_1.setupCodeQL)(codeqlURL, apiDetails, tempDir, toolCacheDir, variant, logger, true);
+    const { codeql, toolsVersion } = await (0, codeql_1.setupCodeQL)(codeqlURL, apiDetails, tempDir, variant, logger, true);
     await codeql.printVersion();
     logger.endGroup();
     return { codeql, toolsVersion };
 }
 exports.initCodeQL = initCodeQL;
-async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
+async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
     logger.startGroup("Load language configuration");
-    const config = await configUtils.initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger);
+    const config = await configUtils.initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger);
     analysisPaths.printPathFiltersWarning(config, logger);
     logger.endGroup();
     return config;
@@ -179,12 +179,15 @@ async function installPythonDeps(codeql, logger) {
         if (process.platform === "win32") {
             await new toolrunner.ToolRunner(await safeWhich.safeWhich("py"), [
                 "-3",
+                "-B",
                 path.join(scriptsFolder, script),
                 path.dirname(codeql.getPath()),
             ]).exec();
         }
         else {
-            await new toolrunner.ToolRunner(path.join(scriptsFolder, script), [
+            await new toolrunner.ToolRunner(await safeWhich.safeWhich("python3"), [
+                "-B",
+                path.join(scriptsFolder, script),
                 path.dirname(codeql.getPath()),
             ]).exec();
         }

lib/init.js.map

@@ -1 +1 @@
-{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA2E;AAC3E,4DAA8C;AAI9C,mDAAwE;AACxE,6CAA+B;AAC/B,iCAA4C;AAErC,KAAK,UAAU,UAAU,CAC9B,SAA6B,EAC7B,UAA4B,EAC5B,OAAe,EACf,YAAoB,EACpB,OAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAA,oBAAW,EAChD,SAAS,EACT,UAAU,EACV,OAAO,EACP,YAAY,EACZ,OAAO,EACP,MAAM,EACN,IAAI,CACL,CAAC;IACF,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;AAClC,CAAC;AArBD,gCAqBC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,UAA8B,EAC9B,UAA8B,EAC9B,SAAkB,EAClB,iBAAyB,EACzB,iBAAyB,EACzB,UAAyB,EACzB,OAAe,EACf,YAAoB,EACpB,MAAc,EACd,aAAqB,EACrB,aAAiC,EACjC,UAAoC,EACpC,YAA0B,EAC1B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,UAAU,EACV,UAAU,EACV,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,UAAU,EACV,OAAO,EACP,YAAY,EACZ,MAAM,EACN,aAAa,EACb,aAAa,EACb,UAAU,EACV,YAAY,EACZ,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AA1CD,gCA0CC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B,EAC1B,UAAkB,EAClB,WAA+B,EAC/B,YAAgC,EAChC,YAA0B;;IAE1B,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAErD,IAAI;QACF,IAAI,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,mCAA0B,CAAC,EAAE;YAChE,0BAA0B;YAC1B,MAAM,MAAM,CAAC,mBAAmB,CAC9B,MAAM,EACN,UAAU,EACV,WAAW,EACX,YAAY,EACZ,YAAY,CACb,CAAC;SACH;aAAM;YACL,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;gBACvC,yBAAyB;gBACzB,MAAM,MAAM,CAAC,YAAY,CACvB,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAC5C,QAAQ,EACR,UAAU,CACX,CAAC;aACH;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,kDAAkD;QAClD,yCAAyC;QACzC,IACE,CAAC,YAAY,KAAK;aAClB,MAAA,CAAC,CAAC,OAAO,0CAAE,QAAQ,CAAC,8BAA8B,CAAC,CAAA;YACnD,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,uCAAuC,CAAC,EAC3D;YACA,MAAM,IAAI,IAAI,CAAC,SAAS,CACtB,sDAAsD,CAAC,CAAC,OAAO,EAAE,CAClE,CAAC;SACH;aAAM,IACL,CAAC,YAAY,KAAK;aAClB,MAAA,CAAC,CAAC,OAAO,0CAAE,QAAQ,CAAC,wCAAwC,CAAC,CAAA,EAC7D;YACA,MAAM,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;SACrC;aAAM;YACL,MAAM,CAAC,CAAC;SACT;KACF;IACD,OAAO,MAAM,IAAA,uCAAuB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AAnDD,0BAmDC;AAED,sEAAsE;AACtE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,+CAA+C;AACxC,KAAK,UAAU,mBAAmB,CACvC,WAA+B,EAC/B,YAAgC,EAChC,MAA0B,EAC1B,MAAc,EACd,YAA0B;IAE1B,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,KAAK,SAAS,EAAE;QAC7B,MAAM,GAAG;;;;;;;;;;;;uCAY0B,WAAW;;8BAEpB,WAAW;;;;;;;;gDAQO,CAAC;KAC9C;SAAM;QACL,oEAAoE;QACpE,mFAAmF;QACnF,+EAA+E;QAC/E,kFAAkF;QAClF,6EAA6E;QAC7E,oFAAoF;QACpF,6CAA6C;QAC7C,YAAY,GAAG,YAAY,IAAI,CAAC,CAAC;QACjC,MAAM,GAAG;;;;;;;;4BAQe,YAAY;;;;;;;;;;;;;;;;;;;;;gDAqBQ,CAAC;KAC9C;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IACxE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EACvC;QACE,kBAAkB;QAClB,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,IAAI,CAAC,OAAO,CACV,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EAC9B,OAAO,EACP,OAAO,EACP,YAAY,CACb;KACF,EACD,EAAE,GAAG,EAAE,EAAE,0BAA0B,EAAE,YAAY,CAAC,IAAI,EAAE,EAAE,CAC3D,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AA5FD,kDA4FC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,IAAI;QACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;gBACvE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC;aAC9C,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;SACV;QACD,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;gBAChE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,gFAAgF,CAAC,IAAI;YACnF,qGAAqG;YACrG,oGAAoG;YACpG,iDAAiD,CACpD,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAtCD,8CAsCC"}
+{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA2E;AAC3E,4DAA8C;AAI9C,mDAAwE;AACxE,6CAA+B;AAC/B,iCAA4C;AAErC,KAAK,UAAU,UAAU,CAC9B,SAA6B,EAC7B,UAA4B,EAC5B,OAAe,EACf,OAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAA,oBAAW,EAChD,SAAS,EACT,UAAU,EACV,OAAO,EACP,OAAO,EACP,MAAM,EACN,IAAI,CACL,CAAC;IACF,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;AAClC,CAAC;AAnBD,gCAmBC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,UAA8B,EAC9B,UAA8B,EAC9B,SAAkB,EAClB,iBAAyB,EACzB,iBAAyB,EACzB,UAAyB,EACzB,OAAe,EACf,MAAc,EACd,aAAqB,EACrB,aAAiC,EACjC,UAAoC,EACpC,YAA0B,EAC1B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,UAAU,EACV,UAAU,EACV,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,UAAU,EACV,OAAO,EACP,MAAM,EACN,aAAa,EACb,aAAa,EACb,UAAU,EACV,YAAY,EACZ,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AAxCD,gCAwCC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B,EAC1B,UAAkB,EAClB,WAA+B,EAC/B,YAAgC,EAChC,YAA0B;;IAE1B,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAErD,IAAI;QACF,IAAI,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,mCAA0B,CAAC,EAAE;YAChE,0BAA0B;YAC1B,MAAM,MAAM,CAAC,mBAAmB,CAC9B,MAAM,EACN,UAAU,EACV,WAAW,EACX,YAAY,EACZ,YAAY,CACb,CAAC;SACH;aAAM;YACL,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;gBACvC,yBAAyB;gBACzB,MAAM,MAAM,CAAC,YAAY,CACvB,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAC5C,QAAQ,EACR,UAAU,CACX,CAAC;aACH;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,kDAAkD;QAClD,yCAAyC;QACzC,IACE,CAAC,YAAY,KAAK;aAClB,MAAA,CAAC,CAAC,OAAO,0CAAE,QAAQ,CAAC,8BAA8B,CAAC,CAAA;YACnD,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,uCAAuC,CAAC,EAC3D;YACA,MAAM,IAAI,IAAI,CAAC,SAAS,CACtB,sDAAsD,CAAC,CAAC,OAAO,EAAE,CAClE,CAAC;SACH;aAAM,IACL,CAAC,YAAY,KAAK;aAClB,MAAA,CAAC,CAAC,OAAO,0CAAE,QAAQ,CAAC,wCAAwC,CAAC,CAAA,EAC7D;YACA,MAAM,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;SACrC;aAAM;YACL,MAAM,CAAC,CAAC;SACT;KACF;IACD,OAAO,MAAM,IAAA,uCAAuB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AAnDD,0BAmDC;AAED,sEAAsE;AACtE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,+CAA+C;AACxC,KAAK,UAAU,mBAAmB,CACvC,WAA+B,EAC/B,YAAgC,EAChC,MAA0B,EAC1B,MAAc,EACd,YAA0B;IAE1B,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,KAAK,SAAS,EAAE;QAC7B,MAAM,GAAG;;;;;;;;;;;;uCAY0B,WAAW;;8BAEpB,WAAW;;;;;;;;gDAQO,CAAC;KAC9C;SAAM;QACL,oEAAoE;QACpE,mFAAmF;QACnF,+EAA+E;QAC/E,kFAAkF;QAClF,6EAA6E;QAC7E,oFAAoF;QACpF,6CAA6C;QAC7C,YAAY,GAAG,YAAY,IAAI,CAAC,CAAC;QACjC,MAAM,GAAG;;;;;;;;4BAQe,YAAY;;;;;;;;;;;;;;;;;;;;;gDAqBQ,CAAC;KAC9C;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IACxE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EACvC;QACE,kBAAkB;QAClB,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,IAAI,CAAC,OAAO,CACV,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EAC9B,OAAO,EACP,OAAO,EACP,YAAY,CACb;KACF,EACD,EAAE,GAAG,EAAE,EAAE,0BAA0B,EAAE,YAAY,CAAC,IAAI,EAAE,EAAE,CAC3D,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AA5FD,kDA4FC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,IAAI;QACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;gBACvE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC;aAC9C,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;SACV;QACD,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE;gBACpE,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,gFAAgF,CAAC,IAAI;YACnF,qGAAqG;YACrG,oGAAoG;YACpG,iDAAiD,CACpD,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAzCD,8CAyCC"}

lib/runner.js

@@ -23,7 +23,6 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const fs = __importStar(require("fs"));
-const os = __importStar(require("os"));
 const path = __importStar(require("path"));
 const commander_1 = require("commander");
 const del_1 = __importDefault(require("del"));
@@ -51,13 +50,6 @@ function getTempDir(userInput) {
     }
     return tempDir;
 }
-function getToolsDir(userInput) {
-    const toolsDir = userInput || path.join(os.homedir(), "codeql-runner-tools");
-    if (!fs.existsSync(toolsDir)) {
-        fs.mkdirSync(toolsDir, { recursive: true });
-    }
-    return toolsDir;
-}
 const codeqlEnvJsonFilename = "codeql-env.json";
 function loadTracerEnvironment(config) {
     const jsonEnvFile = path.join(config.tempDir, codeqlEnvJsonFilename);
@@ -134,7 +126,6 @@ program
     const logger = (0, logging_1.getRunnerLogger)(cmd.debug);
     try {
         const tempDir = getTempDir(cmd.tempDir);
-        const toolsDir = getToolsDir(cmd.toolsDir);
         const checkoutPath = cmd.checkoutPath || process.cwd();
         // Wipe the temp dir
         logger.info(`Cleaning temp directory ${tempDir}`);
@@ -160,11 +151,11 @@ program
             codeql = await (0, codeql_1.getCodeQL)(cmd.codeqlPath);
         }
         else {
-            codeql = (await (0, init_1.initCodeQL)(undefined, apiDetails, tempDir, toolsDir, gitHubVersion.type, logger)).codeql;
+            codeql = (await (0, init_1.initCodeQL)(undefined, apiDetails, tempDir, gitHubVersion.type, logger)).codeql;
         }
         await (0, util_1.enrichEnvironment)(util_1.Mode.runner, codeql);
         const workspacePath = checkoutPath;
-        const config = await (0, init_1.initConfig)(cmd.languages, cmd.queries, cmd.packs, cmd.configFile, undefined, false, "", "", (0, repository_1.parseRepositoryNwo)(cmd.repository), tempDir, toolsDir, codeql, workspacePath, gitHubVersion, apiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger);
+        const config = await (0, init_1.initConfig)(cmd.languages, cmd.queries, cmd.packs, cmd.configFile, undefined, false, "", "", (0, repository_1.parseRepositoryNwo)(cmd.repository), tempDir, codeql, workspacePath, gitHubVersion, apiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger);
         const sourceRoot = checkoutPath;
         const tracerConfig = await (0, init_1.runInit)(codeql, config, sourceRoot, parseTraceProcessName(), parseTraceProcessLevel(), (0, feature_flags_1.createFeatureFlags)([]));
         if (tracerConfig === undefined) {

lib/testing-utils.js

@@ -64,6 +64,13 @@ function setupTests(test) {
         const processStderrWrite = process.stderr.write.bind(process.stderr);
         t.context.stderrWrite = processStderrWrite;
         process.stderr.write = wrapOutput(t.context);
+        // Workaround an issue in tests where the case insensitivity of the `$PATH`
+        // environment variable on Windows isn't preserved, i.e. `process.env.PATH`
+        // is not the same as `process.env.Path`.
+        const pathKeys = Object.keys(process.env).filter((k) => k.toLowerCase() === "path");
+        if (pathKeys.length > 0) {
+            process.env.PATH = process.env[pathKeys[0]];
+        }
         // Many tests modify environment variables. Take a copy now so that
         // we reset them after the test to keep tests independent of each other.
         // process.env only has strings fields, so a shallow copy is fine.

lib/testing-utils.js.map

@@ -1 +1 @@
-{"version":3,"file":"testing-utils.js","sourceRoot":"","sources":["../src/testing-utils.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,wDAA0C;AAE1C,6CAA+B;AAE/B,wDAA0C;AAC1C,iDAAmC;AAEnC,iCAAmC;AASnC,SAAS,UAAU,CAAC,OAAoB;IACtC,8CAA8C;IAC9C,gCAAgC;IAChC,2EAA2E;IAC3E,2FAA2F;IAC3F,OAAO,CACL,KAA0B,EAC1B,QAAiB,EACjB,EAA0B,EACjB,EAAE;QACX,2CAA2C;QAC3C,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE;YACtD,EAAE,GAAG,QAAQ,CAAC;YACd,QAAQ,GAAG,SAAS,CAAC;SACtB;QAED,oBAAoB;QACpB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;YAC7B,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;SAC7B;aAAM;YACL,OAAO,CAAC,UAAU,IAAI,IAAI,WAAW,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;SAC1E;QAED,iDAAiD;QACjD,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,EAAE,KAAK,UAAU,EAAE;YAChD,EAAE,EAAE,CAAC;SACN;QAED,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;AACJ,CAAC;AAED,SAAgB,UAAU,CAAC,IAAiB;IAC1C,MAAM,SAAS,GAAG,IAA2B,CAAC;IAE9C,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE;QACzB,gEAAgE;QAChE,0CAA0C;QAC1C,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAErB,iEAAiE;QACjE,CAAC,CAAC,OAAO,CAAC,UAAU,GAAG,EAAE,CAAC;QAC1B,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;QACpD,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;QAEpD,mEAAmE;QACnE,wEAAwE;QACxE,kEAAkE;QAClE,CAAC,CAAC,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC;QACnB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAC/B,4BAA4B;QAC5B,0DAA0D;QAC1D,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;SAC5C;QAED,uCAAuC;QACvC,KAAK,CAAC,OAAO,EAAE,CAAC;QAEhB,oCAAoC;QACpC,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IAC9B,CAAC,CAAC,CAAC;AACL,CAAC;AAvCD,gCAuCC;AAED,yEAAyE;AACzE,sDAAsD;AACtD,SAAgB,gBAAgB,CAAC,OAAe,EAAE,QAAgB;IAChE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,QAAQ,CAAC;IAC5C,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,GAAG,OAAO,CAAC;AAC5C,CAAC;AAJD,4CAIC;AAOD,SAAgB,kBAAkB,CAAC,QAAyB;IAC1D,OAAO;QACL,KAAK,EAAE,CAAC,OAAe,EAAE,EAAE;YACzB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QACD,IAAI,EAAE,CAAC,OAAe,EAAE,EAAE;YACxB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YACzC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;QACD,OAAO,EAAE,CAAC,OAAuB,EAAE,EAAE;YACnC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,CAAC;YAC5C,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;QACD,KAAK,EAAE,CAAC,OAAuB,EAAE,EAAE;YACjC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,GAAG,EAAE,CAAC,IAAI;QACnB,UAAU,EAAE,GAAG,EAAE,CAAC,SAAS;QAC3B,QAAQ,EAAE,GAAG,EAAE,CAAC,SAAS;KAC1B,CAAC;AACJ,CAAC;AAtBD,gDAsBC;AAED,0EAA0E;AAC1E,SAAgB,0BAA0B,CACxC,kBAA0B,EAC1B,QAAyC;IAEzC,kEAAkE;IAClE,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;IAExC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAEjD,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,CAClC,8DAA8D,CAC/D,CAAC;IACF,IAAI,kBAAkB,GAAG,GAAG,EAAE;QAC5B,QAAQ,CAAC,QAAQ,CAAC;YAChB,MAAM,EAAE,kBAAkB;YAC1B,IAAI,EAAE,QAAQ;YACd,OAAO,EAAE,EAAE;YACX,GAAG,EAAE,8DAA8D;SACpE,CAAC,CAAC;KACJ;SAAM;QACL,QAAQ,CAAC,MAAM,CAAC,IAAI,gBAAS,CAAC,oBAAoB,EAAE,kBAAkB,CAAC,CAAC,CAAC;KAC1E;IAED,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC;AAC5D,CAAC;AAxBD,gEAwBC"}
+{"version":3,"file":"testing-utils.js","sourceRoot":"","sources":["../src/testing-utils.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,wDAA0C;AAE1C,6CAA+B;AAE/B,wDAA0C;AAC1C,iDAAmC;AAEnC,iCAAmC;AASnC,SAAS,UAAU,CAAC,OAAoB;IACtC,8CAA8C;IAC9C,gCAAgC;IAChC,2EAA2E;IAC3E,2FAA2F;IAC3F,OAAO,CACL,KAA0B,EAC1B,QAAiB,EACjB,EAA0B,EACjB,EAAE;QACX,2CAA2C;QAC3C,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE;YACtD,EAAE,GAAG,QAAQ,CAAC;YACd,QAAQ,GAAG,SAAS,CAAC;SACtB;QAED,oBAAoB;QACpB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;YAC7B,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;SAC7B;aAAM;YACL,OAAO,CAAC,UAAU,IAAI,IAAI,WAAW,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;SAC1E;QAED,iDAAiD;QACjD,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,EAAE,KAAK,UAAU,EAAE;YAChD,EAAE,EAAE,CAAC;SACN;QAED,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;AACJ,CAAC;AAED,SAAgB,UAAU,CAAC,IAAiB;IAC1C,MAAM,SAAS,GAAG,IAA2B,CAAC;IAE9C,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE;QACzB,gEAAgE;QAChE,0CAA0C;QAC1C,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAErB,iEAAiE;QACjE,CAAC,CAAC,OAAO,CAAC,UAAU,GAAG,EAAE,CAAC;QAC1B,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;QACpD,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;QAEpD,2EAA2E;QAC3E,2EAA2E;QAC3E,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,CAC9C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,MAAM,CAClC,CAAC;QACF,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;YACvB,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;SAC7C;QAED,mEAAmE;QACnE,wEAAwE;QACxE,kEAAkE;QAClE,CAAC,CAAC,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC;QACnB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAC/B,4BAA4B;QAC5B,0DAA0D;QAC1D,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;SAC5C;QAED,uCAAuC;QACvC,KAAK,CAAC,OAAO,EAAE,CAAC;QAEhB,oCAAoC;QACpC,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IAC9B,CAAC,CAAC,CAAC;AACL,CAAC;AAjDD,gCAiDC;AAED,yEAAyE;AACzE,sDAAsD;AACtD,SAAgB,gBAAgB,CAAC,OAAe,EAAE,QAAgB;IAChE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,QAAQ,CAAC;IAC5C,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,GAAG,OAAO,CAAC;AAC5C,CAAC;AAJD,4CAIC;AAOD,SAAgB,kBAAkB,CAAC,QAAyB;IAC1D,OAAO;QACL,KAAK,EAAE,CAAC,OAAe,EAAE,EAAE;YACzB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QACD,IAAI,EAAE,CAAC,OAAe,EAAE,EAAE;YACxB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YACzC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;QACD,OAAO,EAAE,CAAC,OAAuB,EAAE,EAAE;YACnC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,CAAC;YAC5C,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;QACD,KAAK,EAAE,CAAC,OAAuB,EAAE,EAAE;YACjC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,GAAG,EAAE,CAAC,IAAI;QACnB,UAAU,EAAE,GAAG,EAAE,CAAC,SAAS;QAC3B,QAAQ,EAAE,GAAG,EAAE,CAAC,SAAS;KAC1B,CAAC;AACJ,CAAC;AAtBD,gDAsBC;AAED,0EAA0E;AAC1E,SAAgB,0BAA0B,CACxC,kBAA0B,EAC1B,QAAyC;IAEzC,kEAAkE;IAClE,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;IAExC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAEjD,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,CAClC,8DAA8D,CAC/D,CAAC;IACF,IAAI,kBAAkB,GAAG,GAAG,EAAE;QAC5B,QAAQ,CAAC,QAAQ,CAAC;YAChB,MAAM,EAAE,kBAAkB;YAC1B,IAAI,EAAE,QAAQ;YACd,OAAO,EAAE,EAAE;YACX,GAAG,EAAE,8DAA8D;SACpE,CAAC,CAAC;KACJ;SAAM;QACL,QAAQ,CAAC,MAAM,CAAC,IAAI,gBAAS,CAAC,oBAAoB,EAAE,kBAAkB,CAAC,CAAC,CAAC;KAC1E;IAED,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC;AAC5D,CAAC;AAxBD,gEAwBC"}

lib/toolcache.js

@@ -1,286 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.downloadTool = exports.findAllVersions = exports.find = exports.cacheDir = exports.extractTar = void 0;
-const fs = __importStar(require("fs"));
-const os = __importStar(require("os"));
-const path = __importStar(require("path"));
-const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
-const io = __importStar(require("@actions/io"));
-const actionsToolcache = __importStar(require("@actions/tool-cache"));
-const safeWhich = __importStar(require("@chrisgavin/safe-which"));
-const del_1 = __importDefault(require("del"));
-const semver = __importStar(require("semver"));
-const uuid_1 = require("uuid");
-const util_1 = require("./util");
-/*
- * This file acts as an interface to the functionality of the actions toolcache.
- * That library is not safe to use outside of actions as it makes assumptions about
- * the state of the filesystem and available environment variables.
- *
- * On actions we can just delegate to the toolcache library, however outside of
- * actions we provide our own implementation.
- */
-/**
- * Extract a compressed tar archive.
- *
- * See extractTar function from node_modules/@actions/tool-cache/lib/tool-cache.d.ts
- *
- * @param file           path to the tar
- * @param mode           should run the actions or runner implementation
- * @param tempDir        path to the temporary directory
- * @param logger         logger to use
- * @returns              path to the destination directory
- */
-async function extractTar(file, tempDir, logger) {
-    if ((0, util_1.isActions)()) {
-        return await actionsToolcache.extractTar(file);
-    }
-    else {
-        // Initial implementation copied from node_modules/@actions/tool-cache/lib/tool-cache.js
-        if (!file) {
-            throw new Error("parameter 'file' is required");
-        }
-        // Create dest
-        const dest = createExtractFolder(tempDir);
-        // Determine whether GNU tar
-        logger.debug("Checking tar --version");
-        let versionOutput = "";
-        await new toolrunner.ToolRunner(await safeWhich.safeWhich("tar"), ["--version"], {
-            ignoreReturnCode: true,
-            silent: true,
-            listeners: {
-                stdout: (data) => (versionOutput += data.toString()),
-                stderr: (data) => (versionOutput += data.toString()),
-            },
-        }).exec();
-        logger.debug(versionOutput.trim());
-        const isGnuTar = versionOutput.toUpperCase().includes("GNU TAR");
-        // Initialize args
-        const args = ["xz"];
-        if (logger.isDebug()) {
-            args.push("-v");
-        }
-        let destArg = dest;
-        let fileArg = file;
-        if (process.platform === "win32" && isGnuTar) {
-            args.push("--force-local");
-            destArg = dest.replace(/\\/g, "/");
-            // Technically only the dest needs to have `/` but for aesthetic consistency
-            // convert slashes in the file arg too.
-            fileArg = file.replace(/\\/g, "/");
-        }
-        if (isGnuTar) {
-            // Suppress warnings when using GNU tar to extract archives created by BSD tar
-            args.push("--warning=no-unknown-keyword");
-        }
-        args.push("-C", destArg, "-f", fileArg);
-        await new toolrunner.ToolRunner(`tar`, args).exec();
-        return dest;
-    }
-}
-exports.extractTar = extractTar;
-/**
- * Caches a directory and installs it into the tool cacheDir.
- *
- * Also see cacheDir function from node_modules/@actions/tool-cache/lib/tool-cache.d.ts
- *
- * @param sourceDir    the directory to cache into tools
- * @param tool         tool name
- * @param version      version of the tool.  semver format
- * @param mode           should run the actions or runner implementation
- * @param toolCacheDir   path to the tool cache directory
- * @param logger         logger to use
- */
-async function cacheDir(sourceDir, tool, version, toolCacheDir, logger) {
-    if ((0, util_1.isActions)()) {
-        return await actionsToolcache.cacheDir(sourceDir, tool, version);
-    }
-    else {
-        // Initial implementation copied from node_modules/@actions/tool-cache/lib/tool-cache.js
-        version = semver.clean(version) || version;
-        const arch = os.arch();
-        logger.debug(`Caching tool ${tool} ${version} ${arch}`);
-        logger.debug(`source dir: ${sourceDir}`);
-        if (!fs.statSync(sourceDir).isDirectory()) {
-            throw new Error("sourceDir is not a directory");
-        }
-        // Create the tool dir
-        const destPath = await createToolPath(tool, version, arch, toolCacheDir, logger);
-        // copy each child item. do not move. move can fail on Windows
-        // due to anti-virus software having an open handle on a file.
-        for (const itemName of fs.readdirSync(sourceDir)) {
-            const s = path.join(sourceDir, itemName);
-            await io.cp(s, destPath, { recursive: true });
-        }
-        // write .complete
-        completeToolPath(tool, version, arch, toolCacheDir, logger);
-        return destPath;
-    }
-}
-exports.cacheDir = cacheDir;
-/**
- * Finds the path to a tool version in the local installed tool cache.
- *
- * Also see find function from node_modules/@actions/tool-cache/lib/tool-cache.d.ts
- *
- * @param toolName      name of the tool
- * @param versionSpec   version of the tool
- * @param mode           should run the actions or runner implementation
- * @param toolCacheDir   path to the tool cache directory
- * @param logger         logger to use
- */
-function find(toolName, versionSpec, toolCacheDir, logger) {
-    if ((0, util_1.isActions)()) {
-        return actionsToolcache.find(toolName, versionSpec);
-    }
-    else {
-        // Initial implementation copied from node_modules/@actions/tool-cache/lib/tool-cache.js
-        if (!toolName) {
-            throw new Error("toolName parameter is required");
-        }
-        if (!versionSpec) {
-            throw new Error("versionSpec parameter is required");
-        }
-        const arch = os.arch();
-        // attempt to resolve an explicit version
-        if (!isExplicitVersion(versionSpec, logger)) {
-            const localVersions = findAllVersions(toolName, toolCacheDir, logger);
-            const match = evaluateVersions(localVersions, versionSpec, logger);
-            versionSpec = match;
-        }
-        // check for the explicit version in the cache
-        let toolPath = "";
-        if (versionSpec) {
-            versionSpec = semver.clean(versionSpec) || "";
-            const cachePath = path.join(toolCacheDir, toolName, versionSpec, arch);
-            logger.debug(`checking cache: ${cachePath}`);
-            if (fs.existsSync(cachePath) && fs.existsSync(`${cachePath}.complete`)) {
-                logger.debug(`Found tool in cache ${toolName} ${versionSpec} ${arch}`);
-                toolPath = cachePath;
-            }
-            else {
-                logger.debug("not found");
-            }
-        }
-        return toolPath;
-    }
-}
-exports.find = find;
-/**
- * Finds the paths to all versions of a tool that are installed in the local tool cache.
- *
- * Also see findAllVersions function from node_modules/@actions/tool-cache/lib/tool-cache.d.ts
- *
- * @param toolName  name of the tool
- * @param toolCacheDir   path to the tool cache directory
- * @param logger         logger to use
- */
-function findAllVersions(toolName, toolCacheDir, logger) {
-    if ((0, util_1.isActions)()) {
-        return actionsToolcache.findAllVersions(toolName);
-    }
-    else {
-        // Initial implementation copied from node_modules/@actions/tool-cache/lib/tool-cache.js
-        const versions = [];
-        const arch = os.arch();
-        const toolPath = path.join(toolCacheDir, toolName);
-        if (fs.existsSync(toolPath)) {
-            const children = fs.readdirSync(toolPath);
-            for (const child of children) {
-                if (isExplicitVersion(child, logger)) {
-                    const fullPath = path.join(toolPath, child, arch || "");
-                    if (fs.existsSync(fullPath) &&
-                        fs.existsSync(`${fullPath}.complete`)) {
-                        versions.push(child);
-                    }
-                }
-            }
-        }
-        return versions;
-    }
-}
-exports.findAllVersions = findAllVersions;
-async function downloadTool(url, tempDir, headers) {
-    const dest = path.join(tempDir, (0, uuid_1.v4)());
-    const finalHeaders = Object.assign({ "User-Agent": "CodeQL Action" }, headers);
-    return await actionsToolcache.downloadTool(url, dest, undefined, finalHeaders);
-}
-exports.downloadTool = downloadTool;
-function createExtractFolder(tempDir) {
-    // create a temp dir
-    const dest = path.join(tempDir, "toolcache-temp");
-    if (!fs.existsSync(dest)) {
-        fs.mkdirSync(dest);
-    }
-    return dest;
-}
-async function createToolPath(tool, version, arch, toolCacheDir, logger) {
-    const folderPath = path.join(toolCacheDir, tool, semver.clean(version) || version, arch || "");
-    logger.debug(`destination ${folderPath}`);
-    const markerPath = `${folderPath}.complete`;
-    await (0, del_1.default)(folderPath, { force: true });
-    await (0, del_1.default)(markerPath, { force: true });
-    fs.mkdirSync(folderPath, { recursive: true });
-    return folderPath;
-}
-function completeToolPath(tool, version, arch, toolCacheDir, logger) {
-    const folderPath = path.join(toolCacheDir, tool, semver.clean(version) || version, arch || "");
-    const markerPath = `${folderPath}.complete`;
-    fs.writeFileSync(markerPath, "");
-    logger.debug("finished caching tool");
-}
-function isExplicitVersion(versionSpec, logger) {
-    const c = semver.clean(versionSpec) || "";
-    logger.debug(`isExplicit: ${c}`);
-    const valid = semver.valid(c) != null;
-    logger.debug(`explicit? ${valid}`);
-    return valid;
-}
-function evaluateVersions(versions, versionSpec, logger) {
-    let version = "";
-    logger.debug(`evaluating ${versions.length} versions`);
-    versions = versions.sort((a, b) => {
-        if (semver.gt(a, b)) {
-            return 1;
-        }
-        return -1;
-    });
-    for (let i = versions.length - 1; i >= 0; i--) {
-        const potential = versions[i];
-        const satisfied = semver.satisfies(potential, versionSpec);
-        if (satisfied) {
-            version = potential;
-            break;
-        }
-    }
-    if (version) {
-        logger.debug(`matched: ${version}`);
-    }
-    else {
-        logger.debug("match not found");
-    }
-    return version;
-}
-//# sourceMappingURL=toolcache.js.map

lib/tracer-config.test.js

@@ -39,7 +39,6 @@ function getTestConfig(tmpDir) {
         paths: [],
         originalUserInput: {},
         tempDir: tmpDir,
-        toolCacheDir: tmpDir,
         codeQLCmd: "",
         gitHubVersion: { type: util.GitHubVariant.DOTCOM },
         dbLocation: path.resolve(tmpDir, "codeql_databases"),

lib/util.js

@@ -89,11 +89,7 @@ exports.getToolNames = getToolNames;
 // Mostly intended for use within tests.
 async function withTmpDir(body) {
     const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "codeql-action-"));
-    const realSubdir = path.join(tmpDir, "real");
+    const result = await body(tmpDir);
-    fs.mkdirSync(realSubdir);
-    const symlinkSubdir = path.join(tmpDir, "symlink");
-    fs.symlinkSync(realSubdir, symlinkSubdir, "dir");
-    const result = await body(symlinkSubdir);
     await (0, del_1.default)(tmpDir, { force: true });
     return result;
 }

lib/util.test.js

@@ -245,7 +245,6 @@ for (const [packs, expectedStatus] of ML_POWERED_JS_STATUS_TESTS) {
                 pathsIgnore: [],
                 originalUserInput: {},
                 tempDir: tmpDir,
-                toolCacheDir: tmpDir,
                 codeQLCmd: "",
                 gitHubVersion: {
                     type: util.GitHubVariant.DOTCOM,

node_modules/.package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.1.15",
+  "version": "2.1.17",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "codeql",
-  "version": "2.1.15",
+  "version": "2.1.17",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "codeql",
-      "version": "2.1.15",
+      "version": "2.1.17",
       "license": "MIT",
       "dependencies": {
         "@actions/artifact": "^1.0.0",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.1.15",
+  "version": "2.1.17",
   "private": true,
   "description": "CodeQL action",
   "scripts": {

src/actions-util.ts

@@ -57,13 +57,6 @@ export function getTemporaryDirectory(): string {
     : getRequiredEnvParam("RUNNER_TEMP");
 }
 
-export function getToolCacheDirectory(): string {
-  const value = process.env["CODEQL_ACTION_TOOL_CACHE"];
-  return value !== undefined && value !== ""
-    ? value
-    : getRequiredEnvParam("RUNNER_TOOL_CACHE");
-}
-
 /**
  * Gets the SHA of the commit that is currently checked out.
  */

src/analysis-paths.test.ts

@@ -17,7 +17,6 @@ test("emptyPaths", async (t) => {
       paths: [],
       originalUserInput: {},
       tempDir: tmpDir,
-      toolCacheDir: tmpDir,
       codeQLCmd: "",
       gitHubVersion: { type: util.GitHubVariant.DOTCOM } as util.GitHubVersion,
       dbLocation: path.resolve(tmpDir, "codeql_databases"),
@@ -47,7 +46,6 @@ test("nonEmptyPaths", async (t) => {
       pathsIgnore: ["path4", "path5", "path6/**"],
       originalUserInput: {},
       tempDir: tmpDir,
-      toolCacheDir: tmpDir,
       codeQLCmd: "",
       gitHubVersion: { type: util.GitHubVariant.DOTCOM } as util.GitHubVersion,
       dbLocation: path.resolve(tmpDir, "codeql_databases"),
@@ -72,32 +70,29 @@ test("nonEmptyPaths", async (t) => {
 });
 
 test("exclude temp dir", async (t) => {
-  return await util.withTmpDir(async (toolCacheDir) => {
+  const tempDir = path.join(process.cwd(), "codeql-runner-temp");
-    const tempDir = path.join(process.cwd(), "codeql-runner-temp");
+  const config = {
-    const config = {
+    languages: [],
-      languages: [],
+    queries: {},
-      queries: {},
+    pathsIgnore: [],
-      pathsIgnore: [],
+    paths: [],
-      paths: [],
+    originalUserInput: {},
-      originalUserInput: {},
+    tempDir,
-      tempDir,
+    codeQLCmd: "",
-      toolCacheDir,
+    gitHubVersion: { type: util.GitHubVariant.DOTCOM } as util.GitHubVersion,
-      codeQLCmd: "",
+    dbLocation: path.resolve(tempDir, "codeql_databases"),
-      gitHubVersion: { type: util.GitHubVariant.DOTCOM } as util.GitHubVersion,
+    packs: {},
-      dbLocation: path.resolve(tempDir, "codeql_databases"),
+    debugMode: false,
-      packs: {},
+    debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
-      debugMode: false,
+    debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
-      debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
+    augmentationProperties: {
-      debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
+      injectedMlQueries: false,
-      augmentationProperties: {
+      packsInputCombines: false,
-        injectedMlQueries: false,
+      queriesInputCombines: false,
-        packsInputCombines: false,
+    },
-        queriesInputCombines: false,
+  };
-      },
+  analysisPaths.includeAndExcludeAnalysisPaths(config);
-    };
+  t.is(process.env["LGTM_INDEX_INCLUDE"], undefined);
-    analysisPaths.includeAndExcludeAnalysisPaths(config);
+  t.is(process.env["LGTM_INDEX_EXCLUDE"], "codeql-runner-temp");
-    t.is(process.env["LGTM_INDEX_INCLUDE"], undefined);
+  t.is(process.env["LGTM_INDEX_FILTERS"], undefined);
-    t.is(process.env["LGTM_INDEX_EXCLUDE"], "codeql-runner-temp");
-    t.is(process.env["LGTM_INDEX_FILTERS"], undefined);
-  });
 });

src/analysis-paths.ts

@@ -54,17 +54,13 @@ export function includeAndExcludeAnalysisPaths(config: configUtils.Config) {
   }
   // If the temporary or tools directory is in the working directory ignore that too.
   const tempRelativeToWorking = path.relative(process.cwd(), config.tempDir);
-  const toolsRelativeToWorking = path.relative(
-    process.cwd(),
-    config.toolCacheDir
-  );
   let pathsIgnore = config.pathsIgnore;
-  if (!tempRelativeToWorking.startsWith("..")) {
+  if (
+    !tempRelativeToWorking.startsWith("..") &&
+    !path.isAbsolute(tempRelativeToWorking)
+  ) {
     pathsIgnore = pathsIgnore.concat(tempRelativeToWorking);
   }
-  if (!toolsRelativeToWorking.startsWith("..")) {
-    pathsIgnore = pathsIgnore.concat(toolsRelativeToWorking);
-  }
   if (pathsIgnore.length !== 0) {
     process.env["LGTM_INDEX_EXCLUDE"] = buildIncludeExcludeEnvVar(pathsIgnore);
   }

src/analyze-action.ts

@@ -151,17 +151,19 @@ async function run() {
 
     if (config.debugMode) {
       // Upload the logs as an Actions artifact for debugging
-      const toUpload: string[] = [];
+      let toUpload: string[] = [];
       for (const language of config.languages) {
-        toUpload.push(
+        toUpload = toUpload.concat(
-          ...listFolder(
+          listFolder(
             path.resolve(util.getCodeQLDatabasePath(config, language), "log")
           )
         );
       }
       if (await codeQlVersionAbove(codeql, CODEQL_VERSION_NEW_TRACING)) {
         // Multilanguage tracing: there are additional logs in the root of the cluster
-        toUpload.push(...listFolder(path.resolve(config.dbLocation, "log")));
+        toUpload = toUpload.concat(
+          listFolder(path.resolve(config.dbLocation, "log"))
+        );
       }
       await uploadDebugArtifacts(
         toUpload,
@@ -236,7 +238,7 @@ async function run() {
 
     return;
   } finally {
-    if (config !== undefined && config.debugMode) {
+    if (config?.debugMode) {
       try {
         // Upload the database bundles as an Actions artifact for debugging
         const toUpload: string[] = [];
@@ -260,7 +262,7 @@ async function run() {
       }
     }
 
-    if (core.isDebug() && config !== undefined) {
+    if (config?.debugMode) {
       core.info("Debug mode is on. Printing CodeQL debug logs...");
       for (const language of config.languages) {
         const databaseDirectory = util.getCodeQLDatabasePath(config, language);
@@ -319,12 +321,12 @@ async function uploadDebugArtifacts(
 
 function listFolder(dir: string): string[] {
   const entries = fs.readdirSync(dir, { withFileTypes: true });
-  const files: string[] = [];
+  let files: string[] = [];
   for (const entry of entries) {
     if (entry.isFile()) {
       files.push(path.resolve(dir, entry.name));
     } else if (entry.isDirectory()) {
-      files.push(...listFolder(path.resolve(dir, entry.name)));
+      files = files.concat(listFolder(path.resolve(dir, entry.name)));
     }
   }
   return files;

src/analyze.test.ts

@@ -103,7 +103,6 @@ test("status report fields and search path setting", async (t) => {
         paths: [],
         originalUserInput: {},
         tempDir: tmpDir,
-        toolCacheDir: tmpDir,
         codeQLCmd: "",
         gitHubVersion: {
           type: util.GitHubVariant.DOTCOM,
@@ -263,7 +262,6 @@ const stubConfig: Config = {
   paths: [],
   originalUserInput: {},
   tempDir: "",
-  toolCacheDir: "",
   codeQLCmd: "",
   gitHubVersion: {
     type: util.GitHubVariant.DOTCOM,

src/analyze.ts

@@ -209,11 +209,9 @@ export async function runQueries(
     {}
   );
   const cliCanCountBaseline = await cliCanCountLoC();
-  const debugMode =
+  const countLocDebugMode =
-    process.env["INTERNAL_CODEQL_ACTION_DEBUG_LOC"] ||
+    process.env["INTERNAL_CODEQL_ACTION_DEBUG_LOC"] || config.debugMode;
-    process.env["ACTIONS_RUNNER_DEBUG"] ||
+  if (!cliCanCountBaseline || countLocDebugMode) {
-    process.env["ACTIONS_STEP_DEBUG"];
-  if (!cliCanCountBaseline || debugMode) {
     // count the number of lines in the background
     locPromise = countLoc(
       path.resolve(),
@@ -263,7 +261,8 @@ export async function runQueries(
         const analysisSummary = await runInterpretResults(
           language,
           undefined,
-          sarifFile
+          sarifFile,
+          config.debugMode
         );
         statusReport[`interpret_results_${language}_duration_ms`] =
           new Date().getTime() - startTimeInterpretResults;
@@ -337,7 +336,8 @@ export async function runQueries(
         const analysisSummary = await runInterpretResults(
           language,
           querySuitePaths,
-          sarifFile
+          sarifFile,
+          config.debugMode
         );
         if (!cliCanCountBaseline) {
           await injectLinesOfCode(sarifFile, language, locPromise);
@@ -347,7 +347,7 @@ export async function runQueries(
         logger.endGroup();
         logger.info(analysisSummary);
       }
-      if (!cliCanCountBaseline || debugMode) {
+      if (!cliCanCountBaseline || countLocDebugMode) {
         printLinesOfCodeSummary(logger, language, await locPromise);
       }
       if (cliCanCountBaseline) {
@@ -371,7 +371,8 @@ export async function runQueries(
   async function runInterpretResults(
     language: Language,
     queries: string[] | undefined,
-    sarifFile: string
+    sarifFile: string,
+    enableDebugLogging: boolean
   ): Promise<string> {
     const databasePath = util.getCodeQLDatabasePath(config, language);
     return await codeql.databaseInterpretResults(
@@ -380,6 +381,7 @@ export async function runQueries(
       sarifFile,
       addSnippetsFlag,
       threadsFlag,
+      enableDebugLogging ? "-vv" : "-v",
       automationDetailsId
     );
   }
@@ -464,15 +466,6 @@ export async function runFinalize(
   logger: Logger,
   featureFlags: FeatureFlags
 ) {
-  const codeql = await getCodeQL(config.codeQLCmd);
-  if (await util.codeQlVersionAbove(codeql, CODEQL_VERSION_NEW_TRACING)) {
-    // Delete variables as specified by the end-tracing script
-    await endTracingForCluster(config);
-  } else {
-    // Delete the tracer config env var to avoid tracing ourselves
-    delete process.env[sharedEnv.ODASA_TRACER_CONFIGURATION];
-  }
-
   try {
     await del(outputDir, { force: true });
   } catch (error: any) {
@@ -489,6 +482,20 @@ export async function runFinalize(
     logger,
     featureFlags
   );
+
+  const codeql = await getCodeQL(config.codeQLCmd);
+  // WARNING: This does not _really_ end tracing, as the tracer will restore its
+  // critical environment variables and it'll still be active for all processes
+  // launched from this build step.
+  // However, it will stop tracing for all steps past the codeql-action/analyze
+  // step.
+  if (await util.codeQlVersionAbove(codeql, CODEQL_VERSION_NEW_TRACING)) {
+    // Delete variables as specified by the end-tracing script
+    await endTracingForCluster(config);
+  } else {
+    // Delete the tracer config env var to avoid tracing ourselves
+    delete process.env[sharedEnv.ODASA_TRACER_CONFIGURATION];
+  }
 }
 
 export async function runCleanup(

src/codeql.test.ts

@@ -43,7 +43,6 @@ test.beforeEach(() => {
     paths: [],
     originalUserInput: {},
     tempDir: "",
-    toolCacheDir: "",
     codeQLCmd: "",
     gitHubVersion: {
       type: util.GitHubVariant.DOTCOM,
@@ -81,7 +80,6 @@ test("download codeql bundle cache", async (t) => {
         `https://example.com/download/codeql-bundle-${version}/codeql-bundle.tar.gz`,
         sampleApiDetails,
         tmpDir,
-        tmpDir,
         util.GitHubVariant.DOTCOM,
         getRunnerLogger(true),
         false
@@ -111,7 +109,6 @@ test("download codeql bundle cache explicitly requested with pinned different ve
       "https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz",
       sampleApiDetails,
       tmpDir,
-      tmpDir,
       util.GitHubVariant.DOTCOM,
       getRunnerLogger(true),
       false
@@ -130,7 +127,6 @@ test("download codeql bundle cache explicitly requested with pinned different ve
       "https://example.com/download/codeql-bundle-20200610/codeql-bundle.tar.gz",
       sampleApiDetails,
       tmpDir,
-      tmpDir,
       util.GitHubVariant.DOTCOM,
       getRunnerLogger(true),
       false
@@ -155,7 +151,6 @@ test("don't download codeql bundle cache with pinned different version cached",
       "https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz",
       sampleApiDetails,
       tmpDir,
-      tmpDir,
       util.GitHubVariant.DOTCOM,
       getRunnerLogger(true),
       false
@@ -167,7 +162,6 @@ test("don't download codeql bundle cache with pinned different version cached",
       undefined,
       sampleApiDetails,
       tmpDir,
-      tmpDir,
       util.GitHubVariant.DOTCOM,
       getRunnerLogger(true),
       false
@@ -194,7 +188,6 @@ test("download codeql bundle cache with different version cached (not pinned)",
       "https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz",
       sampleApiDetails,
       tmpDir,
-      tmpDir,
       util.GitHubVariant.DOTCOM,
       getRunnerLogger(true),
       false
@@ -221,7 +214,6 @@ test("download codeql bundle cache with different version cached (not pinned)",
       undefined,
       sampleApiDetails,
       tmpDir,
-      tmpDir,
       util.GitHubVariant.DOTCOM,
       getRunnerLogger(true),
       false
@@ -248,7 +240,6 @@ test('download codeql bundle cache with pinned different version cached if "late
       "https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz",
       sampleApiDetails,
       tmpDir,
-      tmpDir,
       util.GitHubVariant.DOTCOM,
       getRunnerLogger(true),
       false
@@ -276,7 +267,6 @@ test('download codeql bundle cache with pinned different version cached if "late
       "latest",
       sampleApiDetails,
       tmpDir,
-      tmpDir,
       util.GitHubVariant.DOTCOM,
       getRunnerLogger(true),
       false
@@ -331,7 +321,6 @@ test("download codeql bundle from github ae endpoint", async (t) => {
       undefined,
       sampleGHAEApiDetails,
       tmpDir,
-      tmpDir,
       util.GitHubVariant.GHAE,
       getRunnerLogger(true),
       false
@@ -439,7 +428,7 @@ test("databaseInterpretResults() does not set --sarif-add-query-help for 2.7.0",
   const runnerConstructorStub = stubToolRunnerConstructor();
   const codeqlObject = await codeql.getCodeQLForTesting();
   sinon.stub(codeqlObject, "getVersion").resolves("2.7.0");
-  await codeqlObject.databaseInterpretResults("", [], "", "", "", "");
+  await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
   t.false(
     runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"),
     "--sarif-add-query-help should be absent, but it is present"
@@ -450,7 +439,7 @@ test("databaseInterpretResults() sets --sarif-add-query-help for 2.7.1", async (
   const runnerConstructorStub = stubToolRunnerConstructor();
   const codeqlObject = await codeql.getCodeQLForTesting();
   sinon.stub(codeqlObject, "getVersion").resolves("2.7.1");
-  await codeqlObject.databaseInterpretResults("", [], "", "", "", "");
+  await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
   t.true(
     runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"),
     "--sarif-add-query-help should be present, but it is absent"
@@ -658,7 +647,7 @@ test(
   },
   {},
   {
-    packs: ["codeql/javascript-experimental-atm-queries@~0.1.0"],
+    packs: ["codeql/javascript-experimental-atm-queries@~0.3.0"],
   }
 );
 
@@ -679,7 +668,7 @@ test(
     packs: {
       javascript: [
         "codeql/something-else",
-        "codeql/javascript-experimental-atm-queries@~0.1.0",
+        "codeql/javascript-experimental-atm-queries@~0.3.0",
       ],
     },
   }
@@ -701,7 +690,7 @@ test(
   {
     packs: {
       cpp: ["codeql/something-else"],
-      javascript: ["codeql/javascript-experimental-atm-queries@~0.1.0"],
+      javascript: ["codeql/javascript-experimental-atm-queries@~0.3.0"],
     },
   }
 );
@@ -782,7 +771,7 @@ test(
     },
   },
   {
-    packs: ["xxx", "yyy", "codeql/javascript-experimental-atm-queries@~0.1.0"],
+    packs: ["xxx", "yyy", "codeql/javascript-experimental-atm-queries@~0.3.0"],
   }
 );
 

src/codeql.ts

@@ -3,10 +3,12 @@ import { OutgoingHttpHeaders } from "http";
 import * as path from "path";
 
 import * as toolrunner from "@actions/exec/lib/toolrunner";
+import * as toolcache from "@actions/tool-cache";
 import { default as deepEqual } from "fast-deep-equal";
 import * as yaml from "js-yaml";
 import { default as queryString } from "query-string";
 import * as semver from "semver";
+import { v4 as uuidV4 } from "uuid";
 
 import { isRunningLocalAction, getRelativeScriptPath } from "./actions-util";
 import * as api from "./api-client";
@@ -16,7 +18,6 @@ import { errorMatchers } from "./error-matcher";
 import { FeatureFlags, FeatureFlag } from "./feature-flags";
 import { isTracedLanguage, Language } from "./languages";
 import { Logger } from "./logging";
-import * as toolcache from "./toolcache";
 import { toolrunnerErrorCatcher } from "./toolrunner-error-catcher";
 import * as util from "./util";
 import { isGoodVersion } from "./util";
@@ -157,6 +158,7 @@ export interface CodeQL {
     sarifFile: string,
     addSnippetsFlag: string,
     threadsFlag: string,
+    verbosityFlag: string | undefined,
     automationDetailsId: string | undefined
   ): Promise<string>;
   /**
@@ -387,7 +389,6 @@ async function getCodeQLBundleDownloadURL(
  * @param codeqlURL
  * @param apiDetails
  * @param tempDir
- * @param toolCacheDir
  * @param variant
  * @param logger
  * @param checkVersion Whether to check that CodeQL CLI meets the minimum
@@ -398,7 +399,6 @@ export async function setupCodeQL(
   codeqlURL: string | undefined,
   apiDetails: api.GitHubApiDetails,
   tempDir: string,
-  toolCacheDir: string,
   variant: util.GitHubVariant,
   logger: Logger,
   checkVersion: boolean
@@ -413,7 +413,7 @@ export async function setupCodeQL(
     let codeqlFolder: string;
     let codeqlURLVersion: string;
     if (codeqlURL && !codeqlURL.startsWith("http")) {
-      codeqlFolder = await toolcache.extractTar(codeqlURL, tempDir, logger);
+      codeqlFolder = await toolcache.extractTar(codeqlURL);
       codeqlURLVersion = "local";
     } else {
       codeqlURLVersion = getCodeQLURLVersion(
@@ -422,29 +422,15 @@ export async function setupCodeQL(
       const codeqlURLSemVer = convertToSemVer(codeqlURLVersion, logger);
 
       // If we find the specified version, we always use that.
-      codeqlFolder = toolcache.find(
+      codeqlFolder = toolcache.find("CodeQL", codeqlURLSemVer);
-        "CodeQL",
-        codeqlURLSemVer,
-        toolCacheDir,
-        logger
-      );
 
       // If we don't find the requested version, in some cases we may allow a
       // different version to save download time if the version hasn't been
       // specified explicitly (in which case we always honor it).
       if (!codeqlFolder && !codeqlURL && !forceLatest) {
-        const codeqlVersions = toolcache.findAllVersions(
+        const codeqlVersions = toolcache.findAllVersions("CodeQL");
-          "CodeQL",
-          toolCacheDir,
-          logger
-        );
         if (codeqlVersions.length === 1 && isGoodVersion(codeqlVersions[0])) {
-          const tmpCodeqlFolder = toolcache.find(
+          const tmpCodeqlFolder = toolcache.find("CodeQL", codeqlVersions[0]);
-            "CodeQL",
-            codeqlVersions[0],
-            toolCacheDir,
-            logger
-          );
           if (fs.existsSync(path.join(tmpCodeqlFolder, "pinned-version"))) {
             logger.debug(
               `CodeQL in cache overriding the default ${CODEQL_BUNDLE_VERSION}`
@@ -486,24 +472,25 @@ export async function setupCodeQL(
         logger.info(
           `Downloading CodeQL tools from ${codeqlURL}. This may take a while.`
         );
+
+        const dest = path.join(tempDir, uuidV4());
+        const finalHeaders = Object.assign(
+          { "User-Agent": "CodeQL Action" },
+          headers
+        );
         const codeqlPath = await toolcache.downloadTool(
           codeqlURL,
-          tempDir,
+          dest,
-          headers
+          undefined,
+          finalHeaders
         );
         logger.debug(`CodeQL bundle download to ${codeqlPath} complete.`);
 
-        const codeqlExtracted = await toolcache.extractTar(
+        const codeqlExtracted = await toolcache.extractTar(codeqlPath);
-          codeqlPath,
-          tempDir,
-          logger
-        );
         codeqlFolder = await toolcache.cacheDir(
           codeqlExtracted,
           "CodeQL",
-          codeqlURLSemVer,
+          codeqlURLSemVer
-          toolCacheDir,
-          logger
         );
       }
     }
@@ -952,6 +939,7 @@ async function getCodeQLForCmd(
       sarifFile: string,
       addSnippetsFlag: string,
       threadsFlag: string,
+      verbosityFlag: string,
       automationDetailsId: string | undefined
     ): Promise<string> {
       const codeqlArgs = [
@@ -959,7 +947,7 @@ async function getCodeQLForCmd(
         "interpret-results",
         threadsFlag,
         "--format=sarif-latest",
-        "-v",
+        verbosityFlag,
         `--output=${sarifFile}`,
         addSnippetsFlag,
         ...getExtraOptionsFromEnv(["database", "interpret-results"]),

src/config-utils.test.ts

@@ -90,7 +90,6 @@ test("load empty config", async (t) => {
       "",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -111,7 +110,6 @@ test("load empty config", async (t) => {
         "",
         { owner: "github", repo: "example " },
         tmpDir,
-        tmpDir,
         codeQL,
         tmpDir,
         gitHubVersion,
@@ -157,7 +155,6 @@ test("loading config saves config", async (t) => {
       "",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -194,7 +191,6 @@ test("load input outside of workspace", async (t) => {
         "",
         { owner: "github", repo: "example " },
         tmpDir,
-        tmpDir,
         getCachedCodeQL(),
         tmpDir,
         gitHubVersion,
@@ -233,7 +229,6 @@ test("load non-local input with invalid repo syntax", async (t) => {
         "",
         { owner: "github", repo: "example " },
         tmpDir,
-        tmpDir,
         getCachedCodeQL(),
         tmpDir,
         gitHubVersion,
@@ -273,7 +268,6 @@ test("load non-existent input", async (t) => {
         "",
         { owner: "github", repo: "example " },
         tmpDir,
-        tmpDir,
         getCachedCodeQL(),
         tmpDir,
         gitHubVersion,
@@ -350,7 +344,6 @@ test("load non-empty input", async (t) => {
         paths: ["c/d"],
       },
       tempDir: tmpDir,
-      toolCacheDir: tmpDir,
       codeQLCmd: codeQL.getPath(),
       gitHubVersion,
       dbLocation: path.resolve(tmpDir, "codeql_databases"),
@@ -381,7 +374,6 @@ test("load non-empty input", async (t) => {
       "my-db",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -448,7 +440,6 @@ test("Default queries are used", async (t) => {
       "",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -523,7 +514,6 @@ test("Queries can be specified in config file", async (t) => {
       "",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -537,16 +527,21 @@ test("Queries can be specified in config file", async (t) => {
     // and once for `./foo` from the config file.
     t.deepEqual(resolveQueriesArgs.length, 2);
     t.deepEqual(resolveQueriesArgs[1].queries.length, 1);
-    t.regex(resolveQueriesArgs[1].queries[0], /.*\/foo$/);
+    t.true(resolveQueriesArgs[1].queries[0].endsWith(`${path.sep}foo`));
 
     // Now check that the end result contains the default queries and the query from config
     t.deepEqual(config.queries["javascript"].builtin.length, 1);
     t.deepEqual(config.queries["javascript"].custom.length, 1);
-    t.regex(
+    t.true(
-      config.queries["javascript"].builtin[0],
+      config.queries["javascript"].builtin[0].endsWith(
-      /javascript-code-scanning.qls$/
+        "javascript-code-scanning.qls"
+      )
+    );
+    t.true(
+      config.queries["javascript"].custom[0].queries[0].endsWith(
+        `${path.sep}foo`
+      )
     );
-    t.regex(config.queries["javascript"].custom[0].queries[0], /.*\/foo$/);
   });
 });
 
@@ -592,7 +587,6 @@ test("Queries from config file can be overridden in workflow file", async (t) =>
       "",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -606,16 +600,21 @@ test("Queries from config file can be overridden in workflow file", async (t) =>
     // but won't be called for './foo' from the config file.
     t.deepEqual(resolveQueriesArgs.length, 2);
     t.deepEqual(resolveQueriesArgs[1].queries.length, 1);
-    t.regex(resolveQueriesArgs[1].queries[0], /.*\/override$/);
+    t.true(resolveQueriesArgs[1].queries[0].endsWith(`${path.sep}override`));
 
     // Now check that the end result contains only the default queries and the override query
     t.deepEqual(config.queries["javascript"].builtin.length, 1);
     t.deepEqual(config.queries["javascript"].custom.length, 1);
-    t.regex(
+    t.true(
-      config.queries["javascript"].builtin[0],
+      config.queries["javascript"].builtin[0].endsWith(
-      /javascript-code-scanning.qls$/
+        "javascript-code-scanning.qls"
+      )
+    );
+    t.true(
+      config.queries["javascript"].custom[0].queries[0].endsWith(
+        `${path.sep}override`
+      )
     );
-    t.regex(config.queries["javascript"].custom[0].queries[0], /.*\/override$/);
   });
 });
 
@@ -659,7 +658,6 @@ test("Queries in workflow file can be used in tandem with the 'disable default q
       "",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -673,14 +671,17 @@ test("Queries in workflow file can be used in tandem with the 'disable default q
     // but won't be called for the default one since that was disabled
     t.deepEqual(resolveQueriesArgs.length, 1);
     t.deepEqual(resolveQueriesArgs[0].queries.length, 1);
-    t.regex(resolveQueriesArgs[0].queries[0], /.*\/workflow-query$/);
+    t.true(
+      resolveQueriesArgs[0].queries[0].endsWith(`${path.sep}workflow-query`)
+    );
 
     // Now check that the end result contains only the workflow query, and not the default one
     t.deepEqual(config.queries["javascript"].builtin.length, 0);
     t.deepEqual(config.queries["javascript"].custom.length, 1);
-    t.regex(
+    t.true(
-      config.queries["javascript"].custom[0].queries[0],
+      config.queries["javascript"].custom[0].queries[0].endsWith(
-      /.*\/workflow-query$/
+        `${path.sep}workflow-query`
+      )
     );
   });
 });
@@ -719,7 +720,6 @@ test("Multiple queries can be specified in workflow file, no config file require
       "",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -734,23 +734,26 @@ test("Multiple queries can be specified in workflow file, no config file require
     t.deepEqual(resolveQueriesArgs.length, 3);
     t.deepEqual(resolveQueriesArgs[1].queries.length, 1);
     t.deepEqual(resolveQueriesArgs[2].queries.length, 1);
-    t.regex(resolveQueriesArgs[1].queries[0], /.*\/override1$/);
+    t.true(resolveQueriesArgs[1].queries[0].endsWith(`${path.sep}override1`));
-    t.regex(resolveQueriesArgs[2].queries[0], /.*\/override2$/);
+    t.true(resolveQueriesArgs[2].queries[0].endsWith(`${path.sep}override2`));
 
     // Now check that the end result contains both the queries from the workflow, as well as the defaults
     t.deepEqual(config.queries["javascript"].builtin.length, 1);
     t.deepEqual(config.queries["javascript"].custom.length, 2);
-    t.regex(
+    t.true(
-      config.queries["javascript"].builtin[0],
+      config.queries["javascript"].builtin[0].endsWith(
-      /javascript-code-scanning.qls$/
+        "javascript-code-scanning.qls"
+      )
     );
-    t.regex(
+    t.true(
-      config.queries["javascript"].custom[0].queries[0],
+      config.queries["javascript"].custom[0].queries[0].endsWith(
-      /.*\/override1$/
+        `${path.sep}override1`
+      )
     );
-    t.regex(
+    t.true(
-      config.queries["javascript"].custom[1].queries[0],
+      config.queries["javascript"].custom[1].queries[0].endsWith(
-      /.*\/override2$/
+        `${path.sep}override2`
+      )
     );
   });
 });
@@ -800,7 +803,6 @@ test("Queries in workflow file can be added to the set of queries without overri
       "",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -815,28 +817,35 @@ test("Queries in workflow file can be added to the set of queries without overri
     // and once for './foo' from the config file
     t.deepEqual(resolveQueriesArgs.length, 4);
     t.deepEqual(resolveQueriesArgs[1].queries.length, 1);
-    t.regex(resolveQueriesArgs[1].queries[0], /.*\/additional1$/);
+    t.true(resolveQueriesArgs[1].queries[0].endsWith(`${path.sep}additional1`));
     t.deepEqual(resolveQueriesArgs[2].queries.length, 1);
-    t.regex(resolveQueriesArgs[2].queries[0], /.*\/additional2$/);
+    t.true(resolveQueriesArgs[2].queries[0].endsWith(`${path.sep}additional2`));
     t.deepEqual(resolveQueriesArgs[3].queries.length, 1);
-    t.regex(resolveQueriesArgs[3].queries[0], /.*\/foo$/);
+    t.true(resolveQueriesArgs[3].queries[0].endsWith(`${path.sep}foo`));
 
     // Now check that the end result contains all the queries
     t.deepEqual(config.queries["javascript"].builtin.length, 1);
     t.deepEqual(config.queries["javascript"].custom.length, 3);
-    t.regex(
+    t.true(
-      config.queries["javascript"].builtin[0],
+      config.queries["javascript"].builtin[0].endsWith(
-      /javascript-code-scanning.qls$/
+        "javascript-code-scanning.qls"
+      )
     );
-    t.regex(
+    t.true(
-      config.queries["javascript"].custom[0].queries[0],
+      config.queries["javascript"].custom[0].queries[0].endsWith(
-      /.*\/additional1$/
+        `${path.sep}additional1`
+      )
     );
-    t.regex(
+    t.true(
-      config.queries["javascript"].custom[1].queries[0],
+      config.queries["javascript"].custom[1].queries[0].endsWith(
-      /.*\/additional2$/
+        `${path.sep}additional2`
+      )
+    );
+    t.true(
+      config.queries["javascript"].custom[2].queries[0].endsWith(
+        `${path.sep}foo`
+      )
     );
-    t.regex(config.queries["javascript"].custom[2].queries[0], /.*\/foo$/);
   });
 });
 
@@ -871,7 +880,6 @@ test("Invalid queries in workflow file handled correctly", async (t) => {
         "",
         { owner: "github", repo: "example " },
         tmpDir,
-        tmpDir,
         codeQL,
         tmpDir,
         gitHubVersion,
@@ -939,7 +947,6 @@ test("API client used when reading remote config", async (t) => {
       "",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -969,7 +976,6 @@ test("Remote config handles the case where a directory is provided", async (t) =
         "",
         { owner: "github", repo: "example " },
         tmpDir,
-        tmpDir,
         getCachedCodeQL(),
         tmpDir,
         gitHubVersion,
@@ -1007,7 +1013,6 @@ test("Invalid format of remote config handled correctly", async (t) => {
         "",
         { owner: "github", repo: "example " },
         tmpDir,
-        tmpDir,
         getCachedCodeQL(),
         tmpDir,
         gitHubVersion,
@@ -1046,7 +1051,6 @@ test("No detected languages", async (t) => {
         "",
         { owner: "github", repo: "example " },
         tmpDir,
-        tmpDir,
         codeQL,
         tmpDir,
         gitHubVersion,
@@ -1077,7 +1081,6 @@ test("Unknown languages", async (t) => {
         "",
         { owner: "github", repo: "example " },
         tmpDir,
-        tmpDir,
         getCachedCodeQL(),
         tmpDir,
         gitHubVersion,
@@ -1130,7 +1133,6 @@ test("Config specifies packages", async (t) => {
       "",
       { owner: "github", repo: "example " },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -1187,7 +1189,6 @@ test("Config specifies packages for multiple languages", async (t) => {
       "",
       { owner: "github", repo: "example" },
       tmpDir,
-      tmpDir,
       codeQL,
       tmpDir,
       gitHubVersion,
@@ -1255,7 +1256,6 @@ function doInvalidInputTest(
           "",
           { owner: "github", repo: "example " },
           tmpDir,
-          tmpDir,
           codeQL,
           tmpDir,
           gitHubVersion,
@@ -1785,7 +1785,6 @@ const mlPoweredQueriesMacro = test.macro({
         "",
         { owner: "github", repo: "example " },
         tmpDir,
-        tmpDir,
         codeQL,
         tmpDir,
         gitHubVersion,

src/config-utils.ts

@@ -114,11 +114,6 @@ export interface Config {
    * deleted at the end of the job.
    */
   tempDir: string;
-  /**
-   * Directory to use for the tool cache.
-   * This may be persisted between jobs but this is not guaranteed.
-   */
-  toolCacheDir: string;
   /**
    * Path of the CodeQL executable.
    */
@@ -921,7 +916,6 @@ export async function getDefaultConfig(
   debugDatabaseName: string,
   repository: RepositoryNwo,
   tempDir: string,
-  toolCacheDir: string,
   codeQL: CodeQL,
   workspacePath: string,
   gitHubVersion: GitHubVersion,
@@ -978,7 +972,6 @@ export async function getDefaultConfig(
     packs,
     originalUserInput: {},
     tempDir,
-    toolCacheDir,
     codeQLCmd: codeQL.getPath(),
     gitHubVersion,
     dbLocation: dbLocationOrDefault(dbLocation, tempDir),
@@ -1003,7 +996,6 @@ async function loadConfig(
   debugDatabaseName: string,
   repository: RepositoryNwo,
   tempDir: string,
-  toolCacheDir: string,
   codeQL: CodeQL,
   workspacePath: string,
   gitHubVersion: GitHubVersion,
@@ -1165,7 +1157,6 @@ async function loadConfig(
     packs,
     originalUserInput: parsedYAML,
     tempDir,
-    toolCacheDir,
     codeQLCmd: codeQL.getPath(),
     gitHubVersion,
     dbLocation: dbLocationOrDefault(dbLocation, tempDir),
@@ -1404,7 +1395,13 @@ export function validatePacksSpecification(
 
   if (
     packPath &&
-    (path.isAbsolute(packPath) || path.normalize(packPath) !== packPath)
+    (path.isAbsolute(packPath) ||
+      // Permit using "/" instead of "\" on Windows
+      // Use `x.split(y).join(z)` as a polyfill for `x.replaceAll(y, z)` since
+      // if we used a regex we'd need to escape the path separator on Windows
+      // which seems more awkward.
+      path.normalize(packPath).split(path.sep).join("/") !==
+        packPath.split(path.sep).join("/"))
   ) {
     throw new Error(getPacksStrInvalid(packStr, configFile));
   }
@@ -1503,7 +1500,6 @@ export async function initConfig(
   debugDatabaseName: string,
   repository: RepositoryNwo,
   tempDir: string,
-  toolCacheDir: string,
   codeQL: CodeQL,
   workspacePath: string,
   gitHubVersion: GitHubVersion,
@@ -1526,7 +1522,6 @@ export async function initConfig(
       debugDatabaseName,
       repository,
       tempDir,
-      toolCacheDir,
       codeQL,
       workspacePath,
       gitHubVersion,
@@ -1546,7 +1541,6 @@ export async function initConfig(
       debugDatabaseName,
       repository,
       tempDir,
-      toolCacheDir,
       codeQL,
       workspacePath,
       gitHubVersion,

src/database-upload.test.ts

@@ -48,7 +48,6 @@ function getTestConfig(tmpDir: string): Config {
     paths: [],
     originalUserInput: {},
     tempDir: tmpDir,
-    toolCacheDir: tmpDir,
     codeQLCmd: "foo",
     gitHubVersion: { type: GitHubVariant.DOTCOM },
     dbLocation: tmpDir,

src/fingerprints.test.ts

@@ -139,19 +139,27 @@ test("resolveUriToFile", (t) => {
   // so we need to give it real files to look at. We will use this file as an example.
   // For this to work we require the current working directory to be a parent, but this
   // should generally always be the case so this is fine.
-  const cwd = process.cwd();
+  const filepath = __filename.split(path.sep).join("/");
-  const filepath = __filename;
+  const relativeFilepath = path
-  t.true(filepath.startsWith(`${cwd}/`));
+    .relative(process.cwd(), __filename)
-  const relativeFilepath = filepath.substring(cwd.length + 1);
+    .split(path.sep)
+    .join("/");
 
   // Absolute paths are unmodified
   t.is(testResolveUriToFile(filepath, undefined, []), filepath);
   t.is(testResolveUriToFile(`file://${filepath}`, undefined, []), filepath);
 
   // Relative paths are made absolute
-  t.is(testResolveUriToFile(relativeFilepath, undefined, []), filepath);
   t.is(
-    testResolveUriToFile(`file://${relativeFilepath}`, undefined, []),
+    testResolveUriToFile(relativeFilepath, undefined, [])
+      ?.split(path.sep)
+      .join("/"),
+    filepath
+  );
+  t.is(
+    testResolveUriToFile(`file://${relativeFilepath}`, undefined, [])
+      ?.split(path.sep)
+      .join("/"),
     filepath
   );
 

src/fingerprints.ts

@@ -1,4 +1,5 @@
 import * as fs from "fs";
+import path from "path";
 
 import Long from "long";
 
@@ -226,7 +227,7 @@ export function resolveUriToFile(
   // Just assume a relative path is relative to the src root.
   // This is not necessarily true but should be a good approximation
   // and here we likely want to err on the side of handling more cases.
-  if (!uri.startsWith("/")) {
+  if (!path.isAbsolute(uri)) {
     uri = srcRootPrefix + uri;
   }
 

src/init-action.ts

@@ -8,7 +8,6 @@ import {
   getOptionalInput,
   getRequiredInput,
   getTemporaryDirectory,
-  getToolCacheDirectory,
   sendStatusReport,
   StatusReportBase,
   validateWorkflow,
@@ -171,7 +170,6 @@ async function run() {
       getOptionalInput("tools"),
       apiDetails,
       getTemporaryDirectory(),
-      getToolCacheDirectory(),
       gitHubVersion.type,
       logger
     );
@@ -185,12 +183,15 @@ async function run() {
       getOptionalInput("packs"),
       getOptionalInput("config-file"),
       getOptionalInput("db-location"),
-      getOptionalInput("debug") === "true",
+      // Debug mode is enabled if:
+      // - The `init` Action is passed `debug: true`.
+      // - Actions step debugging is enabled (e.g. by [enabling debug logging for a rerun](https://docs.github.com/en/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-all-the-jobs-in-a-workflow),
+      //   or by setting the `ACTIONS_STEP_DEBUG` secret to `true`).
+      getOptionalInput("debug") === "true" || core.isDebug(),
       getOptionalInput("debug-artifact-name") || DEFAULT_DEBUG_ARTIFACT_NAME,
       getOptionalInput("debug-database-name") || DEFAULT_DEBUG_DATABASE_NAME,
       repositoryNwo,
       getTemporaryDirectory(),
-      getRequiredEnvParam("RUNNER_TOOL_CACHE"),
       codeql,
       getRequiredEnvParam("GITHUB_WORKSPACE"),
       gitHubVersion,

src/init.ts

@@ -19,7 +19,6 @@ export async function initCodeQL(
   codeqlURL: string | undefined,
   apiDetails: GitHubApiDetails,
   tempDir: string,
-  toolCacheDir: string,
   variant: util.GitHubVariant,
   logger: Logger
 ): Promise<{ codeql: CodeQL; toolsVersion: string }> {
@@ -28,7 +27,6 @@ export async function initCodeQL(
     codeqlURL,
     apiDetails,
     tempDir,
-    toolCacheDir,
     variant,
     logger,
     true
@@ -49,7 +47,6 @@ export async function initConfig(
   debugDatabaseName: string,
   repository: RepositoryNwo,
   tempDir: string,
-  toolCacheDir: string,
   codeQL: CodeQL,
   workspacePath: string,
   gitHubVersion: util.GitHubVersion,
@@ -69,7 +66,6 @@ export async function initConfig(
     debugDatabaseName,
     repository,
     tempDir,
-    toolCacheDir,
     codeQL,
     workspacePath,
     gitHubVersion,
@@ -253,11 +249,14 @@ export async function installPythonDeps(codeql: CodeQL, logger: Logger) {
     if (process.platform === "win32") {
       await new toolrunner.ToolRunner(await safeWhich.safeWhich("py"), [
         "-3",
+        "-B",
         path.join(scriptsFolder, script),
         path.dirname(codeql.getPath()),
       ]).exec();
     } else {
-      await new toolrunner.ToolRunner(path.join(scriptsFolder, script), [
+      await new toolrunner.ToolRunner(await safeWhich.safeWhich("python3"), [
+        "-B",
+        path.join(scriptsFolder, script),
         path.dirname(codeql.getPath()),
       ]).exec();
     }

src/runner.ts

@@ -1,5 +1,4 @@
 import * as fs from "fs";
-import * as os from "os";
 import * as path from "path";
 
 import { Command } from "commander";
@@ -47,14 +46,6 @@ function getTempDir(userInput: string | undefined): string {
   return tempDir;
 }
 
-function getToolsDir(userInput: string | undefined): string {
-  const toolsDir = userInput || path.join(os.homedir(), "codeql-runner-tools");
-  if (!fs.existsSync(toolsDir)) {
-    fs.mkdirSync(toolsDir, { recursive: true });
-  }
-  return toolsDir;
-}
-
 const codeqlEnvJsonFilename = "codeql-env.json";
 
 function loadTracerEnvironment(config: Config): { [name: string]: string } {
@@ -194,7 +185,6 @@ program
 
     try {
       const tempDir = getTempDir(cmd.tempDir);
-      const toolsDir = getToolsDir(cmd.toolsDir);
       const checkoutPath = cmd.checkoutPath || process.cwd();
 
       // Wipe the temp dir
@@ -237,7 +227,6 @@ program
             undefined,
             apiDetails,
             tempDir,
-            toolsDir,
             gitHubVersion.type,
             logger
           )
@@ -256,7 +245,6 @@ program
         "",
         parseRepositoryNwo(cmd.repository),
         tempDir,
-        toolsDir,
         codeql,
         workspacePath,
         gitHubVersion,

src/testing-utils.ts

@@ -63,6 +63,16 @@ export function setupTests(test: TestFn<any>) {
     t.context.stderrWrite = processStderrWrite;
     process.stderr.write = wrapOutput(t.context) as any;
 
+    // Workaround an issue in tests where the case insensitivity of the `$PATH`
+    // environment variable on Windows isn't preserved, i.e. `process.env.PATH`
+    // is not the same as `process.env.Path`.
+    const pathKeys = Object.keys(process.env).filter(
+      (k) => k.toLowerCase() === "path"
+    );
+    if (pathKeys.length > 0) {
+      process.env.PATH = process.env[pathKeys[0]];
+    }
+
     // Many tests modify environment variables. Take a copy now so that
     // we reset them after the test to keep tests independent of each other.
     // process.env only has strings fields, so a shallow copy is fine.

src/toolcache.ts

@@ -1,337 +0,0 @@
-import * as fs from "fs";
-import { OutgoingHttpHeaders } from "http";
-import * as os from "os";
-import * as path from "path";
-
-import * as toolrunner from "@actions/exec/lib/toolrunner";
-import * as io from "@actions/io";
-import * as actionsToolcache from "@actions/tool-cache";
-import * as safeWhich from "@chrisgavin/safe-which";
-import del from "del";
-import * as semver from "semver";
-import { v4 as uuidV4 } from "uuid";
-
-import { Logger } from "./logging";
-import { isActions } from "./util";
-
-/*
- * This file acts as an interface to the functionality of the actions toolcache.
- * That library is not safe to use outside of actions as it makes assumptions about
- * the state of the filesystem and available environment variables.
- *
- * On actions we can just delegate to the toolcache library, however outside of
- * actions we provide our own implementation.
- */
-
-/**
- * Extract a compressed tar archive.
- *
- * See extractTar function from node_modules/@actions/tool-cache/lib/tool-cache.d.ts
- *
- * @param file           path to the tar
- * @param mode           should run the actions or runner implementation
- * @param tempDir        path to the temporary directory
- * @param logger         logger to use
- * @returns              path to the destination directory
- */
-export async function extractTar(
-  file: string,
-  tempDir: string,
-  logger: Logger
-): Promise<string> {
-  if (isActions()) {
-    return await actionsToolcache.extractTar(file);
-  } else {
-    // Initial implementation copied from node_modules/@actions/tool-cache/lib/tool-cache.js
-
-    if (!file) {
-      throw new Error("parameter 'file' is required");
-    }
-    // Create dest
-    const dest = createExtractFolder(tempDir);
-    // Determine whether GNU tar
-    logger.debug("Checking tar --version");
-    let versionOutput = "";
-    await new toolrunner.ToolRunner(
-      await safeWhich.safeWhich("tar"),
-      ["--version"],
-      {
-        ignoreReturnCode: true,
-        silent: true,
-        listeners: {
-          stdout: (data) => (versionOutput += data.toString()),
-          stderr: (data) => (versionOutput += data.toString()),
-        },
-      }
-    ).exec();
-    logger.debug(versionOutput.trim());
-    const isGnuTar = versionOutput.toUpperCase().includes("GNU TAR");
-    // Initialize args
-    const args = ["xz"];
-    if (logger.isDebug()) {
-      args.push("-v");
-    }
-    let destArg = dest;
-    let fileArg = file;
-    if (process.platform === "win32" && isGnuTar) {
-      args.push("--force-local");
-      destArg = dest.replace(/\\/g, "/");
-      // Technically only the dest needs to have `/` but for aesthetic consistency
-      // convert slashes in the file arg too.
-      fileArg = file.replace(/\\/g, "/");
-    }
-    if (isGnuTar) {
-      // Suppress warnings when using GNU tar to extract archives created by BSD tar
-      args.push("--warning=no-unknown-keyword");
-    }
-    args.push("-C", destArg, "-f", fileArg);
-    await new toolrunner.ToolRunner(`tar`, args).exec();
-    return dest;
-  }
-}
-
-/**
- * Caches a directory and installs it into the tool cacheDir.
- *
- * Also see cacheDir function from node_modules/@actions/tool-cache/lib/tool-cache.d.ts
- *
- * @param sourceDir    the directory to cache into tools
- * @param tool         tool name
- * @param version      version of the tool.  semver format
- * @param mode           should run the actions or runner implementation
- * @param toolCacheDir   path to the tool cache directory
- * @param logger         logger to use
- */
-export async function cacheDir(
-  sourceDir: string,
-  tool: string,
-  version: string,
-  toolCacheDir: string,
-  logger: Logger
-): Promise<string> {
-  if (isActions()) {
-    return await actionsToolcache.cacheDir(sourceDir, tool, version);
-  } else {
-    // Initial implementation copied from node_modules/@actions/tool-cache/lib/tool-cache.js
-
-    version = semver.clean(version) || version;
-    const arch = os.arch();
-    logger.debug(`Caching tool ${tool} ${version} ${arch}`);
-    logger.debug(`source dir: ${sourceDir}`);
-    if (!fs.statSync(sourceDir).isDirectory()) {
-      throw new Error("sourceDir is not a directory");
-    }
-    // Create the tool dir
-    const destPath = await createToolPath(
-      tool,
-      version,
-      arch,
-      toolCacheDir,
-      logger
-    );
-    // copy each child item. do not move. move can fail on Windows
-    // due to anti-virus software having an open handle on a file.
-    for (const itemName of fs.readdirSync(sourceDir)) {
-      const s = path.join(sourceDir, itemName);
-      await io.cp(s, destPath, { recursive: true });
-    }
-    // write .complete
-    completeToolPath(tool, version, arch, toolCacheDir, logger);
-    return destPath;
-  }
-}
-
-/**
- * Finds the path to a tool version in the local installed tool cache.
- *
- * Also see find function from node_modules/@actions/tool-cache/lib/tool-cache.d.ts
- *
- * @param toolName      name of the tool
- * @param versionSpec   version of the tool
- * @param mode           should run the actions or runner implementation
- * @param toolCacheDir   path to the tool cache directory
- * @param logger         logger to use
- */
-export function find(
-  toolName: string,
-  versionSpec: string,
-  toolCacheDir: string,
-  logger: Logger
-): string {
-  if (isActions()) {
-    return actionsToolcache.find(toolName, versionSpec);
-  } else {
-    // Initial implementation copied from node_modules/@actions/tool-cache/lib/tool-cache.js
-
-    if (!toolName) {
-      throw new Error("toolName parameter is required");
-    }
-    if (!versionSpec) {
-      throw new Error("versionSpec parameter is required");
-    }
-    const arch = os.arch();
-    // attempt to resolve an explicit version
-    if (!isExplicitVersion(versionSpec, logger)) {
-      const localVersions = findAllVersions(toolName, toolCacheDir, logger);
-      const match = evaluateVersions(localVersions, versionSpec, logger);
-      versionSpec = match;
-    }
-    // check for the explicit version in the cache
-    let toolPath = "";
-    if (versionSpec) {
-      versionSpec = semver.clean(versionSpec) || "";
-      const cachePath = path.join(toolCacheDir, toolName, versionSpec, arch);
-      logger.debug(`checking cache: ${cachePath}`);
-      if (fs.existsSync(cachePath) && fs.existsSync(`${cachePath}.complete`)) {
-        logger.debug(`Found tool in cache ${toolName} ${versionSpec} ${arch}`);
-        toolPath = cachePath;
-      } else {
-        logger.debug("not found");
-      }
-    }
-    return toolPath;
-  }
-}
-
-/**
- * Finds the paths to all versions of a tool that are installed in the local tool cache.
- *
- * Also see findAllVersions function from node_modules/@actions/tool-cache/lib/tool-cache.d.ts
- *
- * @param toolName  name of the tool
- * @param toolCacheDir   path to the tool cache directory
- * @param logger         logger to use
- */
-export function findAllVersions(
-  toolName: string,
-  toolCacheDir: string,
-  logger: Logger
-): string[] {
-  if (isActions()) {
-    return actionsToolcache.findAllVersions(toolName);
-  } else {
-    // Initial implementation copied from node_modules/@actions/tool-cache/lib/tool-cache.js
-
-    const versions: string[] = [];
-    const arch = os.arch();
-    const toolPath = path.join(toolCacheDir, toolName);
-    if (fs.existsSync(toolPath)) {
-      const children = fs.readdirSync(toolPath);
-      for (const child of children) {
-        if (isExplicitVersion(child, logger)) {
-          const fullPath = path.join(toolPath, child, arch || "");
-          if (
-            fs.existsSync(fullPath) &&
-            fs.existsSync(`${fullPath}.complete`)
-          ) {
-            versions.push(child);
-          }
-        }
-      }
-    }
-    return versions;
-  }
-}
-
-export async function downloadTool(
-  url: string,
-  tempDir: string,
-  headers: OutgoingHttpHeaders
-): Promise<string> {
-  const dest = path.join(tempDir, uuidV4());
-  const finalHeaders = Object.assign(
-    { "User-Agent": "CodeQL Action" },
-    headers
-  );
-  return await actionsToolcache.downloadTool(
-    url,
-    dest,
-    undefined,
-    finalHeaders
-  );
-}
-
-function createExtractFolder(tempDir: string): string {
-  // create a temp dir
-  const dest = path.join(tempDir, "toolcache-temp");
-  if (!fs.existsSync(dest)) {
-    fs.mkdirSync(dest);
-  }
-  return dest;
-}
-
-async function createToolPath(
-  tool: string,
-  version: string,
-  arch: string,
-  toolCacheDir: string,
-  logger: Logger
-): Promise<string> {
-  const folderPath = path.join(
-    toolCacheDir,
-    tool,
-    semver.clean(version) || version,
-    arch || ""
-  );
-  logger.debug(`destination ${folderPath}`);
-  const markerPath = `${folderPath}.complete`;
-  await del(folderPath, { force: true });
-  await del(markerPath, { force: true });
-  fs.mkdirSync(folderPath, { recursive: true });
-  return folderPath;
-}
-
-function completeToolPath(
-  tool: string,
-  version: string,
-  arch: string,
-  toolCacheDir: string,
-  logger: Logger
-) {
-  const folderPath = path.join(
-    toolCacheDir,
-    tool,
-    semver.clean(version) || version,
-    arch || ""
-  );
-  const markerPath = `${folderPath}.complete`;
-  fs.writeFileSync(markerPath, "");
-  logger.debug("finished caching tool");
-}
-
-function isExplicitVersion(versionSpec: string, logger: Logger) {
-  const c = semver.clean(versionSpec) || "";
-  logger.debug(`isExplicit: ${c}`);
-  const valid = semver.valid(c) != null;
-  logger.debug(`explicit? ${valid}`);
-  return valid;
-}
-
-function evaluateVersions(
-  versions: string[],
-  versionSpec: string,
-  logger: Logger
-): string {
-  let version = "";
-  logger.debug(`evaluating ${versions.length} versions`);
-  versions = versions.sort((a, b) => {
-    if (semver.gt(a, b)) {
-      return 1;
-    }
-    return -1;
-  });
-  for (let i = versions.length - 1; i >= 0; i--) {
-    const potential = versions[i];
-    const satisfied = semver.satisfies(potential, versionSpec);
-    if (satisfied) {
-      version = potential;
-      break;
-    }
-  }
-  if (version) {
-    logger.debug(`matched: ${version}`);
-  } else {
-    logger.debug("match not found");
-  }
-  return version;
-}

src/tracer-config.test.ts

@@ -24,7 +24,6 @@ function getTestConfig(tmpDir: string): configUtils.Config {
     paths: [],
     originalUserInput: {},
     tempDir: tmpDir,
-    toolCacheDir: tmpDir,
     codeQLCmd: "",
     gitHubVersion: { type: util.GitHubVariant.DOTCOM } as util.GitHubVersion,
     dbLocation: path.resolve(tmpDir, "codeql_databases"),

src/util.test.ts

@@ -335,7 +335,6 @@ for (const [packs, expectedStatus] of ML_POWERED_JS_STATUS_TESTS) {
         pathsIgnore: [],
         originalUserInput: {},
         tempDir: tmpDir,
-        toolCacheDir: tmpDir,
         codeQLCmd: "",
         gitHubVersion: {
           type: util.GitHubVariant.DOTCOM,

src/util.ts

@@ -116,11 +116,7 @@ export async function withTmpDir<T>(
   body: (tmpDir: string) => Promise<T>
 ): Promise<T> {
   const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "codeql-action-"));
-  const realSubdir = path.join(tmpDir, "real");
+  const result = await body(tmpDir);
-  fs.mkdirSync(realSubdir);
-  const symlinkSubdir = path.join(tmpDir, "symlink");
-  fs.symlinkSync(realSubdir, symlinkSubdir, "dir");
-  const result = await body(symlinkSubdir);
   await del(tmpDir, { force: true });
   return result;
 }