github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-24 08:10:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

Extract check for combine SARIF files deprecation warning

Browse Source
This commit is contained in:
Koen Vlaswinkel
2024-04-26 14:26:57 +02:00
parent 24acd7711e
commit a5e49d1544
3 changed files with 20 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/upload-lib.js generated
View File

@@ -109,6 +109,11 @@ function areAllRunsUnique(sarifObjects) {
}
return true;
}
function showCombineSarifFilesDeprecationWarning(sarifObjects) {
// Only give a deprecation warning when not all runs are unique
return (!areAllRunsUnique(sarifObjects) &&
!process.env.CODEQL_MERGE_SARIF_DEPRECATION_WARNING);
}
// Takes a list of paths to sarif files and combines them together using the
// CLI `github merge-results` command when all SARIF files are produced by
// CodeQL. Otherwise, it will fall back to combining the files in the action.
@@ -123,9 +128,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo
});
if (!areAllRunsProducedByCodeQL(sarifObjects)) {
logger.debug("Not all SARIF files were produced by CodeQL. Merging files in the action.");
// Only give a deprecation warning when not all runs are unique
if (!areAllRunsUnique(sarifObjects) &&
!process.env.CODEQL_MERGE_SARIF_DEPRECATION_WARNING) {
if (showCombineSarifFilesDeprecationWarning(sarifObjects)) {
logger.warning("Uploading multiple SARIF runs with the same category is deprecated and will be removed on June 4, 2025. Please update your workflow to upload a single run per category. For more information, see https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-deprecation-notice");
core.exportVariable("CODEQL_MERGE_SARIF_DEPRECATION_WARNING", "true");
}
@@ -156,8 +159,7 @@ async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, lo
}
if (!(await codeQL.supportsFeature(tools_features_1.ToolsFeature.SarifMergeRunsFromEqualCategory))) {
logger.warning("The CodeQL CLI does not support merging SARIF files. Merging files in the action.");
if (!areAllRunsUnique(sarifObjects) &&
!process.env.CODEQL_MERGE_SARIF_DEPRECATION_WARNING) {
if (showCombineSarifFilesDeprecationWarning(sarifObjects)) {
logger.warning("Uploading multiple CodeQL runs with the same category is deprecated and will be removed on June 4, 2025. Please update your CodeQL CLI version or update your workflow to set a distinct category for each CodeQL run. For more information, see https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-deprecation-notice");
core.exportVariable("CODEQL_MERGE_SARIF_DEPRECATION_WARNING", "true");
}