github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-29 02:30:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into mario-campos/node24

Browse Source
This commit is contained in:
Henry Mercer
2025-10-02 12:36:53 +01:00
committed by GitHub
parent 3adb1ff7b8 10feb5d2a2
commit d899b2ed98
27 changed files with 47561 additions and 1214 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/analyze-action-post.js generated
View File

@@ -118671,7 +118671,7 @@ async function uploadCombinedSarifArtifacts(logger, gitHubVariant, codeQlVersion
if (fs5.existsSync(baseTempDir)) {
const outputDirs = fs5.readdirSync(baseTempDir);
for (const outputDir of outputDirs) {
const sarifFiles = fs5.readdirSync(path5.resolve(baseTempDir, outputDir)).filter((f) => f.endsWith(".sarif"));
const sarifFiles = fs5.readdirSync(path5.resolve(baseTempDir, outputDir)).filter((f) => path5.extname(f) === ".sarif");
for (const sarifFile of sarifFiles) {
toUpload.push(path5.resolve(baseTempDir, outputDir, sarifFile));
}

21
lib/analyze-action.js generated
View File

@@ -28149,11 +28149,11 @@ var require_out = __commonJS({
async.read(path20, getSettings(optionsOrSettingsOrCallback), callback);
}
exports2.stat = stat;
function statSync3(path20, optionsOrSettings) {
function statSync4(path20, optionsOrSettings) {
const settings = getSettings(optionsOrSettings);
return sync.read(path20, settings);
}
exports2.statSync = statSync3;
exports2.statSync = statSync4;
function getSettings(settingsOrOptions = {}) {
if (settingsOrOptions instanceof settings_1.default) {
return settingsOrOptions;
@@ -90167,6 +90167,7 @@ var CodeScanning = {
target: "PUT /repos/:owner/:repo/code-scanning/analysis" /* CODE_SCANNING */,
sarifExtension: ".sarif",
sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name),
fixCategory: (_, category) => category,
sentinelPrefix: "CODEQL_UPLOAD_SARIF_"
};
var CodeQuality = {
@@ -90175,6 +90176,7 @@ var CodeQuality = {
target: "PUT /repos/:owner/:repo/code-quality/analysis" /* CODE_QUALITY */,
sarifExtension: ".quality.sarif",
sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension),
fixCategory: fixCodeQualityCategory,
sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_"
};
@@ -90634,8 +90636,8 @@ var path8 = __toESM(require("path"));
var semver4 = __toESM(require_semver2());
// src/defaults.json
var bundleVersion = "codeql-bundle-v2.23.1";
var cliVersion = "2.23.1";
var bundleVersion = "codeql-bundle-v2.23.2";
var cliVersion = "2.23.2";
// src/overlay-database-utils.ts
var crypto = __toESM(require("crypto"));
@@ -93839,7 +93841,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
logger.info(`Interpreting ${analysis.name} results for ${language}`);
let category = automationDetailsId;
if (analysis.kind === "code-quality" /* CodeQuality */) {
category = fixCodeQualityCategory(logger, automationDetailsId);
category = analysis.fixCategory(logger, automationDetailsId);
}
const sarifFile = path16.join(
sarifFolder,
@@ -95712,6 +95714,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
logger.info(`Processing sarif files: ${JSON.stringify(sarifPaths)}`);
const gitHubVersion = await getGitHubVersion();
let sarif;
category = uploadTarget.fixCategory(logger, category);
if (sarifPaths.length > 1) {
for (const sarifPath of sarifPaths) {
const parsedSarif = readSarifFile(sarifPath);
@@ -96161,16 +96164,14 @@ async function run() {
core14.setOutput("sarif-id", uploadResult.sarifID);
}
if (isCodeQualityEnabled(config)) {
const analysis = CodeQuality;
const qualityUploadResult = await uploadFiles(
outputDir,
getRequiredInput("checkout_path"),
fixCodeQualityCategory(
logger,
getOptionalInput("category")
),
getOptionalInput("category"),
features,
logger,
CodeQuality
analysis
);
core14.setOutput("quality-sarif-id", qualityUploadResult.sarifID);
}

4
lib/autobuild-action.js generated
View File

@@ -78295,8 +78295,8 @@ var path3 = __toESM(require("path"));
var semver4 = __toESM(require_semver2());
// src/defaults.json
var bundleVersion = "codeql-bundle-v2.23.1";
var cliVersion = "2.23.1";
var bundleVersion = "codeql-bundle-v2.23.2";
var cliVersion = "2.23.2";
// src/overlay-database-utils.ts
var fs2 = __toESM(require("fs"));

8
lib/defaults.json
View File

@@ -1,6 +1,6 @@
{
"bundleVersion": "codeql-bundle-v2.23.1",
"cliVersion": "2.23.1",
"priorBundleVersion": "codeql-bundle-v2.23.0",
"priorCliVersion": "2.23.0"
"bundleVersion": "codeql-bundle-v2.23.2",
"cliVersion": "2.23.2",
"priorBundleVersion": "codeql-bundle-v2.23.1",
"priorCliVersion": "2.23.1"
}

38
lib/init-action-post.js generated
View File

@@ -28149,11 +28149,11 @@ var require_out = __commonJS({
async.read(path19, getSettings(optionsOrSettingsOrCallback), callback);
}
exports2.stat = stat;
function statSync2(path19, optionsOrSettings) {
function statSync3(path19, optionsOrSettings) {
const settings = getSettings(optionsOrSettings);
return sync.read(path19, settings);
}
exports2.statSync = statSync2;
exports2.statSync = statSync3;
function getSettings(settingsOrOptions = {}) {
if (settingsOrOptions instanceof settings_1.default) {
return settingsOrOptions;
@@ -128337,6 +128337,9 @@ function getWorkflowRunAttempt() {
function isSelfHostedRunner() {
return process.env.RUNNER_ENVIRONMENT === "self-hosted";
}
function isDefaultSetup() {
return getWorkflowEventName() === "dynamic";
}
function prettyPrintInvocation(cmd, args) {
return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" ");
}
@@ -128402,6 +128405,30 @@ var restoreInputs = function() {
}
}
};
var qualityCategoryMapping = {
"c#": "csharp",
cpp: "c-cpp",
c: "c-cpp",
"c++": "c-cpp",
java: "java-kotlin",
javascript: "javascript-typescript",
typescript: "javascript-typescript",
kotlin: "java-kotlin"
};
function fixCodeQualityCategory(logger, category) {
if (category !== void 0 && isDefaultSetup() && category.startsWith("/language:")) {
const language = category.substring("/language:".length);
const mappedLanguage = qualityCategoryMapping[language];
if (mappedLanguage) {
const newCategory = `/language:${mappedLanguage}`;
logger.info(
`Adjusted category for Code Quality from '${category}' to '${newCategory}'.`
);
return newCategory;
}
}
return category;
}
// src/api-client.ts
var core5 = __toESM(require_core());
@@ -128822,6 +128849,7 @@ var CodeScanning = {
target: "PUT /repos/:owner/:repo/code-scanning/analysis" /* CODE_SCANNING */,
sarifExtension: ".sarif",
sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name),
fixCategory: (_2, category) => category,
sentinelPrefix: "CODEQL_UPLOAD_SARIF_"
};
var CodeQuality = {
@@ -128830,6 +128858,7 @@ var CodeQuality = {
target: "PUT /repos/:owner/:repo/code-quality/analysis" /* CODE_QUALITY */,
sarifExtension: ".quality.sarif",
sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension),
fixCategory: fixCodeQualityCategory,
sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_"
};
@@ -128852,8 +128881,8 @@ var path8 = __toESM(require("path"));
var semver4 = __toESM(require_semver2());
// src/defaults.json
var bundleVersion = "codeql-bundle-v2.23.1";
var cliVersion = "2.23.1";
var bundleVersion = "codeql-bundle-v2.23.2";
var cliVersion = "2.23.2";
// src/overlay-database-utils.ts
var fs6 = __toESM(require("fs"));
@@ -133161,6 +133190,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
logger.info(`Processing sarif files: ${JSON.stringify(sarifPaths)}`);
const gitHubVersion = await getGitHubVersion();
let sarif;
category = uploadTarget.fixCategory(logger, category);
if (sarifPaths.length > 1) {
for (const sarifPath of sarifPaths) {
const parsedSarif = readSarifFile(sarifPath);

4
lib/init-action.js generated
View File

@@ -86563,8 +86563,8 @@ var path9 = __toESM(require("path"));
var semver4 = __toESM(require_semver2());
// src/defaults.json
var bundleVersion = "codeql-bundle-v2.23.1";
var cliVersion = "2.23.1";
var bundleVersion = "codeql-bundle-v2.23.2";
var cliVersion = "2.23.2";
// src/overlay-database-utils.ts
var crypto = __toESM(require("crypto"));

47530
lib/start-proxy-action.js generated
View File

File diff suppressed because it is too large Load Diff

121
lib/upload-lib.js generated
View File

@@ -29446,11 +29446,11 @@ var require_out = __commonJS({
async.read(path15, getSettings(optionsOrSettingsOrCallback), callback);
}
exports2.stat = stat;
function statSync2(path15, optionsOrSettings) {
function statSync3(path15, optionsOrSettings) {
const settings = getSettings(optionsOrSettings);
return sync.read(path15, settings);
}
exports2.statSync = statSync2;
exports2.statSync = statSync3;
function getSettings(settingsOrOptions = {}) {
if (settingsOrOptions instanceof settings_1.default) {
return settingsOrOptions;
@@ -84821,6 +84821,7 @@ __export(upload_lib_exports, {
InvalidSarifUploadError: () => InvalidSarifUploadError,
buildPayload: () => buildPayload,
findSarifFilesInDir: () => findSarifFilesInDir,
getGroupedSarifFilePaths: () => getGroupedSarifFilePaths,
getSarifFilePaths: () => getSarifFilePaths,
populateRunAutomationDetails: () => populateRunAutomationDetails,
readSarifFile: () => readSarifFile,
@@ -88473,6 +88474,9 @@ function getWorkflowRunAttempt() {
}
return workflowRunAttempt;
}
function isDefaultSetup() {
return getWorkflowEventName() === "dynamic";
}
function prettyPrintInvocation(cmd, args) {
return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" ");
}
@@ -88529,6 +88533,57 @@ async function runTool(cmd, args = [], opts = {}) {
}
return stdout;
}
var qualityCategoryMapping = {
"c#": "csharp",
cpp: "c-cpp",
c: "c-cpp",
"c++": "c-cpp",
java: "java-kotlin",
javascript: "javascript-typescript",
typescript: "javascript-typescript",
kotlin: "java-kotlin"
};
function fixCodeQualityCategory(logger, category) {
if (category !== void 0 && isDefaultSetup() && category.startsWith("/language:")) {
const language = category.substring("/language:".length);
const mappedLanguage = qualityCategoryMapping[language];
if (mappedLanguage) {
const newCategory = `/language:${mappedLanguage}`;
logger.info(
`Adjusted category for Code Quality from '${category}' to '${newCategory}'.`
);
return newCategory;
}
}
return category;
}
// src/analyses.ts
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
AnalysisKind2["CodeScanning"] = "code-scanning";
AnalysisKind2["CodeQuality"] = "code-quality";
return AnalysisKind2;
})(AnalysisKind || {});
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
var CodeScanning = {
kind: "code-scanning" /* CodeScanning */,
name: "code scanning",
target: "PUT /repos/:owner/:repo/code-scanning/analysis" /* CODE_SCANNING */,
sarifExtension: ".sarif",
sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name),
fixCategory: (_, category) => category,
sentinelPrefix: "CODEQL_UPLOAD_SARIF_"
};
var CodeQuality = {
kind: "code-quality" /* CodeQuality */,
name: "code quality",
target: "PUT /repos/:owner/:repo/code-quality/analysis" /* CODE_QUALITY */,
sarifExtension: ".quality.sarif",
sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension),
fixCategory: fixCodeQualityCategory,
sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_"
};
var SarifScanOrder = [CodeQuality, CodeScanning];
// src/api-client.ts
var core5 = __toESM(require_core());
@@ -88921,14 +88976,6 @@ function wrapCliConfigurationError(cliError) {
var fs7 = __toESM(require("fs"));
var path9 = __toESM(require("path"));
// src/analyses.ts
var AnalysisKind = /* @__PURE__ */ ((AnalysisKind2) => {
AnalysisKind2["CodeScanning"] = "code-scanning";
AnalysisKind2["CodeQuality"] = "code-quality";
return AnalysisKind2;
})(AnalysisKind || {});
var supportedAnalysisKinds = new Set(Object.values(AnalysisKind));
// src/caching-utils.ts
var core6 = __toESM(require_core());
@@ -88949,8 +88996,8 @@ var path8 = __toESM(require("path"));
var semver4 = __toESM(require_semver2());
// src/defaults.json
var bundleVersion = "codeql-bundle-v2.23.1";
var cliVersion = "2.23.1";
var bundleVersion = "codeql-bundle-v2.23.2";
var cliVersion = "2.23.2";
// src/overlay-database-utils.ts
var fs5 = __toESM(require("fs"));
@@ -92391,6 +92438,54 @@ function getSarifFilePaths(sarifPath, isSarif) {
}
return sarifFiles;
}
async function getGroupedSarifFilePaths(logger, sarifPath) {
const stats = fs13.statSync(sarifPath, { throwIfNoEntry: false });
if (stats === void 0) {
throw new ConfigurationError(`Path does not exist: ${sarifPath}`);
}
const results = {};
if (stats.isDirectory()) {
let unassignedSarifFiles = findSarifFilesInDir(
sarifPath,
(name) => path14.extname(name) === ".sarif"
);
logger.debug(
`Found the following .sarif files in ${sarifPath}: ${unassignedSarifFiles.join(", ")}`
);
for (const analysisConfig of SarifScanOrder) {
const filesForCurrentAnalysis = unassignedSarifFiles.filter(
analysisConfig.sarifPredicate
);
if (filesForCurrentAnalysis.length > 0) {
logger.debug(
`The following SARIF files are for ${analysisConfig.name}: ${filesForCurrentAnalysis.join(", ")}`
);
unassignedSarifFiles = unassignedSarifFiles.filter(
(name) => !analysisConfig.sarifPredicate(name)
);
results[analysisConfig.kind] = filesForCurrentAnalysis;
} else {
logger.debug(`Found no SARIF files for ${analysisConfig.name}`);
}
}
if (unassignedSarifFiles.length !== 0) {
logger.warning(
`Found files in ${sarifPath} which do not belong to any analysis: ${unassignedSarifFiles.join(", ")}`
);
}
} else {
for (const analysisConfig of SarifScanOrder) {
if (analysisConfig.kind === "code-scanning" /* CodeScanning */ || analysisConfig.sarifPredicate(sarifPath)) {
logger.debug(
`Using '${sarifPath}' as a SARIF file for ${analysisConfig.name}.`
);
results[analysisConfig.kind] = [sarifPath];
break;
}
}
}
return results;
}
function countResultsInSarif(sarif) {
let numResults = 0;
const parsedSarif = JSON.parse(sarif);
@@ -92505,6 +92600,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
logger.info(`Processing sarif files: ${JSON.stringify(sarifPaths)}`);
const gitHubVersion = await getGitHubVersion();
let sarif;
category = uploadTarget.fixCategory(logger, category);
if (sarifPaths.length > 1) {
for (const sarifPath of sarifPaths) {
const parsedSarif = readSarifFile(sarifPath);
@@ -92750,6 +92846,7 @@ function filterAlertsByDiffRange(logger, sarif) {
InvalidSarifUploadError,
buildPayload,
findSarifFilesInDir,
getGroupedSarifFilePaths,
getSarifFilePaths,
populateRunAutomationDetails,
readSarifFile,

2
lib/upload-sarif-action-post.js generated
View File

@@ -117619,7 +117619,7 @@ async function uploadCombinedSarifArtifacts(logger, gitHubVariant, codeQlVersion
if (fs.existsSync(baseTempDir)) {
const outputDirs = fs.readdirSync(baseTempDir);
for (const outputDir of outputDirs) {
const sarifFiles = fs.readdirSync(path.resolve(baseTempDir, outputDir)).filter((f) => f.endsWith(".sarif"));
const sarifFiles = fs.readdirSync(path.resolve(baseTempDir, outputDir)).filter((f) => path.extname(f) === ".sarif");
for (const sarifFile of sarifFiles) {
toUpload.push(path.resolve(baseTempDir, outputDir, sarifFile));
}

281
lib/upload-sarif-action.js generated
View File

@@ -185,7 +185,7 @@ var require_file_command = __commonJS({
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.prepareKeyValueMessage = exports2.issueFileCommand = void 0;
var crypto = __importStar4(require("crypto"));
var fs16 = __importStar4(require("fs"));
var fs15 = __importStar4(require("fs"));
var os3 = __importStar4(require("os"));
var utils_1 = require_utils();
function issueFileCommand(command, message) {
@@ -193,10 +193,10 @@ var require_file_command = __commonJS({
if (!filePath) {
throw new Error(`Unable to find environment variable for file command ${command}`);
}
if (!fs16.existsSync(filePath)) {
if (!fs15.existsSync(filePath)) {
throw new Error(`Missing file at path: ${filePath}`);
}
fs16.appendFileSync(filePath, `${(0, utils_1.toCommandValue)(message)}${os3.EOL}`, {
fs15.appendFileSync(filePath, `${(0, utils_1.toCommandValue)(message)}${os3.EOL}`, {
encoding: "utf8"
});
}
@@ -18513,12 +18513,12 @@ var require_io_util = __commonJS({
var _a;
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.getCmdPath = exports2.tryGetExecutablePath = exports2.isRooted = exports2.isDirectory = exports2.exists = exports2.READONLY = exports2.UV_FS_O_EXLOCK = exports2.IS_WINDOWS = exports2.unlink = exports2.symlink = exports2.stat = exports2.rmdir = exports2.rm = exports2.rename = exports2.readlink = exports2.readdir = exports2.open = exports2.mkdir = exports2.lstat = exports2.copyFile = exports2.chmod = void 0;
var fs16 = __importStar4(require("fs"));
var fs15 = __importStar4(require("fs"));
var path16 = __importStar4(require("path"));
_a = fs16.promises, exports2.chmod = _a.chmod, exports2.copyFile = _a.copyFile, exports2.lstat = _a.lstat, exports2.mkdir = _a.mkdir, exports2.open = _a.open, exports2.readdir = _a.readdir, exports2.readlink = _a.readlink, exports2.rename = _a.rename, exports2.rm = _a.rm, exports2.rmdir = _a.rmdir, exports2.stat = _a.stat, exports2.symlink = _a.symlink, exports2.unlink = _a.unlink;
_a = fs15.promises, exports2.chmod = _a.chmod, exports2.copyFile = _a.copyFile, exports2.lstat = _a.lstat, exports2.mkdir = _a.mkdir, exports2.open = _a.open, exports2.readdir = _a.readdir, exports2.readlink = _a.readlink, exports2.rename = _a.rename, exports2.rm = _a.rm, exports2.rmdir = _a.rmdir, exports2.stat = _a.stat, exports2.symlink = _a.symlink, exports2.unlink = _a.unlink;
exports2.IS_WINDOWS = process.platform === "win32";
exports2.UV_FS_O_EXLOCK = 268435456;
exports2.READONLY = fs16.constants.O_RDONLY;
exports2.READONLY = fs15.constants.O_RDONLY;
function exists(fsPath) {
return __awaiter4(this, void 0, void 0, function* () {
try {
@@ -27907,8 +27907,8 @@ var require_utils7 = __commonJS({
exports2.array = array;
var errno = require_errno();
exports2.errno = errno;
var fs16 = require_fs();
exports2.fs = fs16;
var fs15 = require_fs();
exports2.fs = fs15;
var path16 = require_path();
exports2.path = path16;
var pattern = require_pattern();
@@ -28092,12 +28092,12 @@ var require_fs2 = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.createFileSystemAdapter = exports2.FILE_SYSTEM_ADAPTER = void 0;
var fs16 = require("fs");
var fs15 = require("fs");
exports2.FILE_SYSTEM_ADAPTER = {
lstat: fs16.lstat,
stat: fs16.stat,
lstatSync: fs16.lstatSync,
statSync: fs16.statSync
lstat: fs15.lstat,
stat: fs15.stat,
lstatSync: fs15.lstatSync,
statSync: fs15.statSync
};
function createFileSystemAdapter(fsMethods) {
if (fsMethods === void 0) {
@@ -28114,12 +28114,12 @@ var require_settings = __commonJS({
"node_modules/@nodelib/fs.stat/out/settings.js"(exports2) {
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
var fs16 = require_fs2();
var fs15 = require_fs2();
var Settings = class {
constructor(_options = {}) {
this._options = _options;
this.followSymbolicLink = this._getValue(this._options.followSymbolicLink, true);
this.fs = fs16.createFileSystemAdapter(this._options.fs);
this.fs = fs15.createFileSystemAdapter(this._options.fs);
this.markSymbolicLink = this._getValue(this._options.markSymbolicLink, false);
this.throwErrorOnBrokenSymbolicLink = this._getValue(this._options.throwErrorOnBrokenSymbolicLink, true);
}
@@ -28149,11 +28149,11 @@ var require_out = __commonJS({
async.read(path16, getSettings(optionsOrSettingsOrCallback), callback);
}
exports2.stat = stat;
function statSync2(path16, optionsOrSettings) {
function statSync3(path16, optionsOrSettings) {
const settings = getSettings(optionsOrSettings);
return sync.read(path16, settings);
}
exports2.statSync = statSync2;
exports2.statSync = statSync3;
function getSettings(settingsOrOptions = {}) {
if (settingsOrOptions instanceof settings_1.default) {
return settingsOrOptions;
@@ -28274,8 +28274,8 @@ var require_utils8 = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.fs = void 0;
var fs16 = require_fs3();
exports2.fs = fs16;
var fs15 = require_fs3();
exports2.fs = fs15;
}
});
@@ -28470,14 +28470,14 @@ var require_fs4 = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.createFileSystemAdapter = exports2.FILE_SYSTEM_ADAPTER = void 0;
var fs16 = require("fs");
var fs15 = require("fs");
exports2.FILE_SYSTEM_ADAPTER = {
lstat: fs16.lstat,
stat: fs16.stat,
lstatSync: fs16.lstatSync,
statSync: fs16.statSync,
readdir: fs16.readdir,
readdirSync: fs16.readdirSync
lstat: fs15.lstat,
stat: fs15.stat,
lstatSync: fs15.lstatSync,
statSync: fs15.statSync,
readdir: fs15.readdir,
readdirSync: fs15.readdirSync
};
function createFileSystemAdapter(fsMethods) {
if (fsMethods === void 0) {
@@ -28496,12 +28496,12 @@ var require_settings2 = __commonJS({
Object.defineProperty(exports2, "__esModule", { value: true });
var path16 = require("path");
var fsStat = require_out();
var fs16 = require_fs4();
var fs15 = require_fs4();
var Settings = class {
constructor(_options = {}) {
this._options = _options;
this.followSymbolicLinks = this._getValue(this._options.followSymbolicLinks, false);
this.fs = fs16.createFileSystemAdapter(this._options.fs);
this.fs = fs15.createFileSystemAdapter(this._options.fs);
this.pathSegmentSeparator = this._getValue(this._options.pathSegmentSeparator, path16.sep);
this.stats = this._getValue(this._options.stats, false);
this.throwErrorOnBrokenSymbolicLink = this._getValue(this._options.throwErrorOnBrokenSymbolicLink, true);
@@ -29762,16 +29762,16 @@ var require_settings4 = __commonJS({
"use strict";
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.DEFAULT_FILE_SYSTEM_ADAPTER = void 0;
var fs16 = require("fs");
var fs15 = require("fs");
var os3 = require("os");
var CPU_COUNT = Math.max(os3.cpus().length, 1);
exports2.DEFAULT_FILE_SYSTEM_ADAPTER = {
lstat: fs16.lstat,
lstatSync: fs16.lstatSync,
stat: fs16.stat,
statSync: fs16.statSync,
readdir: fs16.readdir,
readdirSync: fs16.readdirSync
lstat: fs15.lstat,
lstatSync: fs15.lstatSync,
stat: fs15.stat,
statSync: fs15.statSync,
readdir: fs15.readdir,
readdirSync: fs15.readdirSync
};
var Settings = class {
constructor(_options = {}) {
@@ -35465,7 +35465,7 @@ var require_internal_globber = __commonJS({
Object.defineProperty(exports2, "__esModule", { value: true });
exports2.DefaultGlobber = void 0;
var core14 = __importStar4(require_core());
var fs16 = __importStar4(require("fs"));
var fs15 = __importStar4(require("fs"));
var globOptionsHelper = __importStar4(require_internal_glob_options_helper());
var path16 = __importStar4(require("path"));
var patternHelper = __importStar4(require_internal_pattern_helper());
@@ -35517,7 +35517,7 @@ var require_internal_globber = __commonJS({
for (const searchPath of patternHelper.getSearchPaths(patterns)) {
core14.debug(`Search path '${searchPath}'`);
try {
yield __await4(fs16.promises.lstat(searchPath));
yield __await4(fs15.promises.lstat(searchPath));
} catch (err) {
if (err.code === "ENOENT") {
continue;
@@ -35548,7 +35548,7 @@ var require_internal_globber = __commonJS({
continue;
}
const childLevel = item.level + 1;
const childItems = (yield __await4(fs16.promises.readdir(item.path))).map((x) => new internal_search_state_1.SearchState(path16.join(item.path, x), childLevel));
const childItems = (yield __await4(fs15.promises.readdir(item.path))).map((x) => new internal_search_state_1.SearchState(path16.join(item.path, x), childLevel));
stack.push(...childItems.reverse());
} else if (match & internal_match_kind_1.MatchKind.File) {
yield yield __await4(item.path);
@@ -35583,7 +35583,7 @@ var require_internal_globber = __commonJS({
let stats;
if (options.followSymbolicLinks) {
try {
stats = yield fs16.promises.stat(item.path);
stats = yield fs15.promises.stat(item.path);
} catch (err) {
if (err.code === "ENOENT") {
if (options.omitBrokenSymbolicLinks) {
@@ -35595,10 +35595,10 @@ var require_internal_globber = __commonJS({
throw err;
}
} else {
stats = yield fs16.promises.lstat(item.path);
stats = yield fs15.promises.lstat(item.path);
}
if (stats.isDirectory() && options.followSymbolicLinks) {
const realPath = yield fs16.promises.realpath(item.path);
const realPath = yield fs15.promises.realpath(item.path);
while (traversalChain.length >= item.level) {
traversalChain.pop();
}
@@ -36932,7 +36932,7 @@ var require_cacheUtils = __commonJS({
var glob = __importStar4(require_glob());
var io6 = __importStar4(require_io());
var crypto = __importStar4(require("crypto"));
var fs16 = __importStar4(require("fs"));
var fs15 = __importStar4(require("fs"));
var path16 = __importStar4(require("path"));
var semver8 = __importStar4(require_semver3());
var util = __importStar4(require("util"));
@@ -36962,7 +36962,7 @@ var require_cacheUtils = __commonJS({
}
exports2.createTempDirectory = createTempDirectory;
function getArchiveFileSizeInBytes(filePath) {
return fs16.statSync(filePath).size;
return fs15.statSync(filePath).size;
}
exports2.getArchiveFileSizeInBytes = getArchiveFileSizeInBytes;
function resolvePaths(patterns) {
@@ -37002,7 +37002,7 @@ var require_cacheUtils = __commonJS({
exports2.resolvePaths = resolvePaths;
function unlinkFile(filePath) {
return __awaiter4(this, void 0, void 0, function* () {
return util.promisify(fs16.unlink)(filePath);
return util.promisify(fs15.unlink)(filePath);
});
}
exports2.unlinkFile = unlinkFile;
@@ -37047,7 +37047,7 @@ var require_cacheUtils = __commonJS({
exports2.getCacheFileName = getCacheFileName;
function getGnuTarPathOnWindows() {
return __awaiter4(this, void 0, void 0, function* () {
if (fs16.existsSync(constants_1.GnuTarPathOnWindows)) {
if (fs15.existsSync(constants_1.GnuTarPathOnWindows)) {
return constants_1.GnuTarPathOnWindows;
}
const versionOutput = yield getVersion("tar");
@@ -48820,7 +48820,7 @@ var require_dist7 = __commonJS({
var stream2 = require("stream");
var coreLro = require_dist6();
var events = require("events");
var fs16 = require("fs");
var fs15 = require("fs");
var util = require("util");
var buffer = require("buffer");
function _interopNamespaceDefault(e) {
@@ -48843,7 +48843,7 @@ var require_dist7 = __commonJS({
}
var coreHttpCompat__namespace = /* @__PURE__ */ _interopNamespaceDefault(coreHttpCompat);
var coreClient__namespace = /* @__PURE__ */ _interopNamespaceDefault(coreClient);
var fs__namespace = /* @__PURE__ */ _interopNamespaceDefault(fs16);
var fs__namespace = /* @__PURE__ */ _interopNamespaceDefault(fs15);
var util__namespace = /* @__PURE__ */ _interopNamespaceDefault(util);
var logger = logger$1.createClientLogger("storage-blob");
var BaseRequestPolicy = class {
@@ -72691,7 +72691,7 @@ var require_downloadUtils = __commonJS({
var http_client_1 = require_lib();
var storage_blob_1 = require_dist7();
var buffer = __importStar4(require("buffer"));
var fs16 = __importStar4(require("fs"));
var fs15 = __importStar4(require("fs"));
var stream2 = __importStar4(require("stream"));
var util = __importStar4(require("util"));
var utils = __importStar4(require_cacheUtils());
@@ -72802,7 +72802,7 @@ var require_downloadUtils = __commonJS({
exports2.DownloadProgress = DownloadProgress;
function downloadCacheHttpClient(archiveLocation, archivePath) {
return __awaiter4(this, void 0, void 0, function* () {
const writeStream = fs16.createWriteStream(archivePath);
const writeStream = fs15.createWriteStream(archivePath);
const httpClient = new http_client_1.HttpClient("actions/cache");
const downloadResponse = yield (0, requestUtils_1.retryHttpClientResponse)("downloadCache", () => __awaiter4(this, void 0, void 0, function* () {
return httpClient.get(archiveLocation);
@@ -72828,7 +72828,7 @@ var require_downloadUtils = __commonJS({
function downloadCacheHttpClientConcurrent(archiveLocation, archivePath, options) {
var _a;
return __awaiter4(this, void 0, void 0, function* () {
const archiveDescriptor = yield fs16.promises.open(archivePath, "w");
const archiveDescriptor = yield fs15.promises.open(archivePath, "w");
const httpClient = new http_client_1.HttpClient("actions/cache", void 0, {
socketTimeout: options.timeoutInMs,
keepAlive: true
@@ -72945,7 +72945,7 @@ var require_downloadUtils = __commonJS({
} else {
const maxSegmentSize = Math.min(134217728, buffer.constants.MAX_LENGTH);
const downloadProgress = new DownloadProgress(contentLength);
const fd = fs16.openSync(archivePath, "w");
const fd = fs15.openSync(archivePath, "w");
try {
downloadProgress.startDisplayTimer();
const controller = new abort_controller_1.AbortController();
@@ -72963,12 +72963,12 @@ var require_downloadUtils = __commonJS({
controller.abort();
throw new Error("Aborting cache download as the download time exceeded the timeout.");
} else if (Buffer.isBuffer(result)) {
fs16.writeFileSync(fd, result);
fs15.writeFileSync(fd, result);
}
}
} finally {
downloadProgress.stopDisplayTimer();
fs16.closeSync(fd);
fs15.closeSync(fd);
}
}
});
@@ -73267,7 +73267,7 @@ var require_cacheHttpClient = __commonJS({
var core14 = __importStar4(require_core());
var http_client_1 = require_lib();
var auth_1 = require_auth();
var fs16 = __importStar4(require("fs"));
var fs15 = __importStar4(require("fs"));
var url_1 = require("url");
var utils = __importStar4(require_cacheUtils());
var uploadUtils_1 = require_uploadUtils();
@@ -73405,7 +73405,7 @@ Other caches with similar key:`);
return __awaiter4(this, void 0, void 0, function* () {
const fileSize = utils.getArchiveFileSizeInBytes(archivePath);
const resourceUrl = getCacheApiUrl(`caches/${cacheId.toString()}`);
const fd = fs16.openSync(archivePath, "r");
const fd = fs15.openSync(archivePath, "r");
const uploadOptions = (0, options_1.getUploadOptions)(options);
const concurrency = utils.assertDefined("uploadConcurrency", uploadOptions.uploadConcurrency);
const maxChunkSize = utils.assertDefined("uploadChunkSize", uploadOptions.uploadChunkSize);
@@ -73419,7 +73419,7 @@ Other caches with similar key:`);
const start = offset;
const end = offset + chunkSize - 1;
offset += maxChunkSize;
yield uploadChunk(httpClient, resourceUrl, () => fs16.createReadStream(archivePath, {
yield uploadChunk(httpClient, resourceUrl, () => fs15.createReadStream(archivePath, {
fd,
start,
end,
@@ -73430,7 +73430,7 @@ Other caches with similar key:`);
}
})));
} finally {
fs16.closeSync(fd);
fs15.closeSync(fd);
}
return;
});
@@ -80643,7 +80643,7 @@ var require_manifest = __commonJS({
var core_1 = require_core();
var os3 = require("os");
var cp = require("child_process");
var fs16 = require("fs");
var fs15 = require("fs");
function _findMatch(versionSpec, stable, candidates, archFilter) {
return __awaiter4(this, void 0, void 0, function* () {
const platFilter = os3.platform();
@@ -80707,10 +80707,10 @@ var require_manifest = __commonJS({
const lsbReleaseFile = "/etc/lsb-release";
const osReleaseFile = "/etc/os-release";
let contents = "";
if (fs16.existsSync(lsbReleaseFile)) {
contents = fs16.readFileSync(lsbReleaseFile).toString();
} else if (fs16.existsSync(osReleaseFile)) {
contents = fs16.readFileSync(osReleaseFile).toString();
if (fs15.existsSync(lsbReleaseFile)) {
contents = fs15.readFileSync(lsbReleaseFile).toString();
} else if (fs15.existsSync(osReleaseFile)) {
contents = fs15.readFileSync(osReleaseFile).toString();
}
return contents;
}
@@ -80887,7 +80887,7 @@ var require_tool_cache = __commonJS({
var core14 = __importStar4(require_core());
var io6 = __importStar4(require_io());
var crypto = __importStar4(require("crypto"));
var fs16 = __importStar4(require("fs"));
var fs15 = __importStar4(require("fs"));
var mm = __importStar4(require_manifest());
var os3 = __importStar4(require("os"));
var path16 = __importStar4(require("path"));
@@ -80934,7 +80934,7 @@ var require_tool_cache = __commonJS({
exports2.downloadTool = downloadTool2;
function downloadToolAttempt(url2, dest, auth, headers) {
return __awaiter4(this, void 0, void 0, function* () {
if (fs16.existsSync(dest)) {
if (fs15.existsSync(dest)) {
throw new Error(`Destination file path ${dest} already exists`);
}
const http = new httpm.HttpClient(userAgent, [], {
@@ -80958,7 +80958,7 @@ var require_tool_cache = __commonJS({
const readStream = responseMessageFactory();
let succeeded = false;
try {
yield pipeline(readStream, fs16.createWriteStream(dest));
yield pipeline(readStream, fs15.createWriteStream(dest));
core14.debug("download complete");
succeeded = true;
return dest;
@@ -81170,11 +81170,11 @@ var require_tool_cache = __commonJS({
arch2 = arch2 || os3.arch();
core14.debug(`Caching tool ${tool} ${version} ${arch2}`);
core14.debug(`source dir: ${sourceDir}`);
if (!fs16.statSync(sourceDir).isDirectory()) {
if (!fs15.statSync(sourceDir).isDirectory()) {
throw new Error("sourceDir is not a directory");
}
const destPath = yield _createToolPath(tool, version, arch2);
for (const itemName of fs16.readdirSync(sourceDir)) {
for (const itemName of fs15.readdirSync(sourceDir)) {
const s = path16.join(sourceDir, itemName);
yield io6.cp(s, destPath, { recursive: true });
}
@@ -81189,7 +81189,7 @@ var require_tool_cache = __commonJS({
arch2 = arch2 || os3.arch();
core14.debug(`Caching tool ${tool} ${version} ${arch2}`);
core14.debug(`source file: ${sourceFile}`);
if (!fs16.statSync(sourceFile).isFile()) {
if (!fs15.statSync(sourceFile).isFile()) {
throw new Error("sourceFile is not a file");
}
const destFolder = yield _createToolPath(tool, version, arch2);
@@ -81219,7 +81219,7 @@ var require_tool_cache = __commonJS({
versionSpec = semver8.clean(versionSpec) || "";
const cachePath = path16.join(_getCacheDirectory(), toolName, versionSpec, arch2);
core14.debug(`checking cache: ${cachePath}`);
if (fs16.existsSync(cachePath) && fs16.existsSync(`${cachePath}.complete`)) {
if (fs15.existsSync(cachePath) && fs15.existsSync(`${cachePath}.complete`)) {
core14.debug(`Found tool in cache ${toolName} ${versionSpec} ${arch2}`);
toolPath = cachePath;
} else {
@@ -81233,12 +81233,12 @@ var require_tool_cache = __commonJS({
const versions = [];
arch2 = arch2 || os3.arch();
const toolPath = path16.join(_getCacheDirectory(), toolName);
if (fs16.existsSync(toolPath)) {
const children = fs16.readdirSync(toolPath);
if (fs15.existsSync(toolPath)) {
const children = fs15.readdirSync(toolPath);
for (const child of children) {
if (isExplicitVersion(child)) {
const fullPath = path16.join(toolPath, child, arch2 || "");
if (fs16.existsSync(fullPath) && fs16.existsSync(`${fullPath}.complete`)) {
if (fs15.existsSync(fullPath) && fs15.existsSync(`${fullPath}.complete`)) {
versions.push(child);
}
}
@@ -81312,7 +81312,7 @@ var require_tool_cache = __commonJS({
function _completeToolPath(tool, version, arch2) {
const folderPath = path16.join(_getCacheDirectory(), tool, semver8.clean(version) || version, arch2 || "");
const markerPath = `${folderPath}.complete`;
fs16.writeFileSync(markerPath, "");
fs15.writeFileSync(markerPath, "");
core14.debug("finished caching tool");
}
function isExplicitVersion(versionSpec) {
@@ -85706,21 +85706,21 @@ async function getFolderSize(itemPath, options) {
getFolderSize.loose = async (itemPath, options) => await core(itemPath, options);
getFolderSize.strict = async (itemPath, options) => await core(itemPath, options, { strict: true });
async function core(rootItemPath, options = {}, returnType = {}) {
const fs16 = options.fs || await import("node:fs/promises");
const fs15 = options.fs || await import("node:fs/promises");
let folderSize = 0n;
const foundInos = /* @__PURE__ */ new Set();
const errors = [];
await processItem(rootItemPath);
async function processItem(itemPath) {
if (options.ignore?.test(itemPath)) return;
const stats = returnType.strict ? await fs16.lstat(itemPath, { bigint: true }) : await fs16.lstat(itemPath, { bigint: true }).catch((error2) => errors.push(error2));
const stats = returnType.strict ? await fs15.lstat(itemPath, { bigint: true }) : await fs15.lstat(itemPath, { bigint: true }).catch((error2) => errors.push(error2));
if (typeof stats !== "object") return;
if (!foundInos.has(stats.ino)) {
foundInos.add(stats.ino);
folderSize += stats.size;
}
if (stats.isDirectory()) {
const directoryItems = returnType.strict ? await fs16.readdir(itemPath) : await fs16.readdir(itemPath).catch((error2) => errors.push(error2));
const directoryItems = returnType.strict ? await fs15.readdir(itemPath) : await fs15.readdir(itemPath).catch((error2) => errors.push(error2));
if (typeof directoryItems !== "object") return;
await Promise.all(
directoryItems.map(
@@ -88590,6 +88590,11 @@ async function asyncSome(array, predicate) {
const results = await Promise.all(array.map(predicate));
return results.some((result) => result);
}
function unsafeEntriesInvariant(object) {
return Object.entries(object).filter(
([_, val2]) => val2 !== void 0
);
}
// src/actions-util.ts
var pkg = require_package();
@@ -88770,6 +88775,7 @@ var CodeScanning = {
target: "PUT /repos/:owner/:repo/code-scanning/analysis" /* CODE_SCANNING */,
sarifExtension: ".sarif",
sarifPredicate: (name) => name.endsWith(CodeScanning.sarifExtension) && !CodeQuality.sarifPredicate(name),
fixCategory: (_, category) => category,
sentinelPrefix: "CODEQL_UPLOAD_SARIF_"
};
var CodeQuality = {
@@ -88778,8 +88784,18 @@ var CodeQuality = {
target: "PUT /repos/:owner/:repo/code-quality/analysis" /* CODE_QUALITY */,
sarifExtension: ".quality.sarif",
sarifPredicate: (name) => name.endsWith(CodeQuality.sarifExtension),
fixCategory: fixCodeQualityCategory,
sentinelPrefix: "CODEQL_UPLOAD_QUALITY_SARIF_"
};
function getAnalysisConfig(kind) {
switch (kind) {
case "code-scanning" /* CodeScanning */:
return CodeScanning;
case "code-quality" /* CodeQuality */:
return CodeQuality;
}
}
var SarifScanOrder = [CodeQuality, CodeScanning];
// src/api-client.ts
var core5 = __toESM(require_core());
@@ -88931,8 +88947,8 @@ var path8 = __toESM(require("path"));
var semver3 = __toESM(require_semver2());
// src/defaults.json
var bundleVersion = "codeql-bundle-v2.23.1";
var cliVersion = "2.23.1";
var bundleVersion = "codeql-bundle-v2.23.2";
var cliVersion = "2.23.2";
// src/overlay-database-utils.ts
var fs5 = __toESM(require("fs"));
@@ -93074,6 +93090,54 @@ function findSarifFilesInDir(sarifPath, isSarif) {
walkSarifFiles(sarifPath);
return sarifFiles;
}
async function getGroupedSarifFilePaths(logger, sarifPath) {
const stats = fs14.statSync(sarifPath, { throwIfNoEntry: false });
if (stats === void 0) {
throw new ConfigurationError(`Path does not exist: ${sarifPath}`);
}
const results = {};
if (stats.isDirectory()) {
let unassignedSarifFiles = findSarifFilesInDir(
sarifPath,
(name) => path15.extname(name) === ".sarif"
);
logger.debug(
`Found the following .sarif files in ${sarifPath}: ${unassignedSarifFiles.join(", ")}`
);
for (const analysisConfig of SarifScanOrder) {
const filesForCurrentAnalysis = unassignedSarifFiles.filter(
analysisConfig.sarifPredicate
);
if (filesForCurrentAnalysis.length > 0) {
logger.debug(
`The following SARIF files are for ${analysisConfig.name}: ${filesForCurrentAnalysis.join(", ")}`
);
unassignedSarifFiles = unassignedSarifFiles.filter(
(name) => !analysisConfig.sarifPredicate(name)
);
results[analysisConfig.kind] = filesForCurrentAnalysis;
} else {
logger.debug(`Found no SARIF files for ${analysisConfig.name}`);
}
}
if (unassignedSarifFiles.length !== 0) {
logger.warning(
`Found files in ${sarifPath} which do not belong to any analysis: ${unassignedSarifFiles.join(", ")}`
);
}
} else {
for (const analysisConfig of SarifScanOrder) {
if (analysisConfig.kind === "code-scanning" /* CodeScanning */ || analysisConfig.sarifPredicate(sarifPath)) {
logger.debug(
`Using '${sarifPath}' as a SARIF file for ${analysisConfig.name}.`
);
results[analysisConfig.kind] = [sarifPath];
break;
}
}
}
return results;
}
function countResultsInSarif(sarif) {
let numResults = 0;
const parsedSarif = JSON.parse(sarif);
@@ -93174,6 +93238,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
logger.info(`Processing sarif files: ${JSON.stringify(sarifPaths)}`);
const gitHubVersion = await getGitHubVersion();
let sarif;
category = uploadTarget.fixCategory(logger, category);
if (sarifPaths.length > 1) {
for (const sarifPath of sarifPaths) {
const parsedSarif = readSarifFile(sarifPath);
@@ -93416,61 +93481,25 @@ function filterAlertsByDiffRange(logger, sarif) {
}
// src/upload-sarif.ts
var fs15 = __toESM(require("fs"));
async function findAndUpload(logger, features, sarifPath, pathStats, checkoutPath, analysis, category) {
let sarifFiles;
if (pathStats.isDirectory()) {
sarifFiles = findSarifFilesInDir(
sarifPath,
analysis.sarifPredicate
);
} else if (pathStats.isFile() && (analysis.sarifPredicate(sarifPath) || analysis.kind === "code-scanning" /* CodeScanning */ && !CodeQuality.sarifPredicate(sarifPath))) {
sarifFiles = [sarifPath];
} else {
return void 0;
}
if (sarifFiles.length !== 0) {
return await uploadSpecifiedFiles(
async function uploadSarif(logger, features, checkoutPath, sarifPath, category) {
const sarifGroups = await getGroupedSarifFilePaths(
logger,
sarifPath
);
const uploadResults = {};
for (const [analysisKind, sarifFiles] of unsafeEntriesInvariant(
sarifGroups
)) {
const analysisConfig = getAnalysisConfig(analysisKind);
uploadResults[analysisKind] = await uploadSpecifiedFiles(
sarifFiles,
checkoutPath,
category,
features,
logger,
analysis
analysisConfig
);
}
return void 0;
}
async function uploadSarif(logger, features, checkoutPath, sarifPath, category) {
const pathStats = fs15.lstatSync(sarifPath, { throwIfNoEntry: false });
if (pathStats === void 0) {
throw new ConfigurationError(`Path does not exist: ${sarifPath}.`);
}
const uploadResults = {};
const uploadResult = await findAndUpload(
logger,
features,
sarifPath,
pathStats,
checkoutPath,
CodeScanning,
category
);
if (uploadResult !== void 0) {
uploadResults["code-scanning" /* CodeScanning */] = uploadResult;
}
const qualityUploadResult = await findAndUpload(
logger,
features,
sarifPath,
pathStats,
checkoutPath,
CodeQuality,
fixCodeQualityCategory(logger, category)
);
if (qualityUploadResult !== void 0) {
uploadResults["code-quality" /* CodeQuality */] = qualityUploadResult;
}
return uploadResults;
}