diff --git a/.github/actions/prepare-test/action.yml b/.github/actions/prepare-test/action.yml index ecabaa69f..5e2b5028f 100644 --- a/.github/actions/prepare-test/action.yml +++ b/.github/actions/prepare-test/action.yml @@ -2,7 +2,7 @@ name: "Prepare test" description: Performs some preparation to run tests inputs: version: - description: "The version of the CodeQL CLI to use. Can be 'linked', 'default', 'nightly', 'nightly-latest', 'nightly-YYYYMMDD', or 'stable-vX.Y.Z" + description: "The version of the CodeQL CLI to use. Can be 'linked', 'default', 'toolcache', 'nightly', 'nightly-latest', 'nightly-YYYYMMDD', or 'stable-vX.Y.Z" required: true use-all-platform-bundle: description: "If true, we output a tools URL with codeql-bundle.tar.gz file rather than platform-specific URL" @@ -41,6 +41,9 @@ runs: elif [[ "$VERSION" == "linked" ]]; then echo "tools-url=linked" >> "$GITHUB_OUTPUT" exit 0 + elif [[ "$VERSION" == "toolcache" ]]; then + echo "tools-url=toolcache" >> "$GITHUB_OUTPUT" + exit 0 elif [[ "$VERSION" == "default" ]]; then echo "tools-url=" >> "$GITHUB_OUTPUT" exit 0 diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 96e7f52f6..3b632d8f3 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,4 +1,13 @@ - + ### Risk assessment @@ -7,6 +16,44 @@ For internal use only. Please select the risk level of this change: - **Low risk:** Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only. - **High risk:** Changes are not fully under feature flags, have limited visibility and/or cannot be tested outside of production. +#### Which use cases does this change impact? + + + +- **Advanced setup** - Impacts users who have custom workflows. +- **Default setup** - Impacts users who use default setup. +- **Code Scanning** - Impacts Code Scanning (i.e. `analysis-kinds: code-scanning`). +- **Code Quality** - Impacts Code Quality (i.e. `analysis-kinds: code-quality`). +- **Third-party analyses** - Impacts third-party analyses (i.e. `upload-sarif`). +- **GHES** - Impacts GitHub Enterprise Server. + +#### How did/will you validate this change? + + + +- **Test repository** - This change will be tested on a test repository before merging. +- **Unit tests** - I am depending on unit test coverage (i.e. tests in `.test.ts` files). +- **End-to-end tests** - I am depending on PR checks (i.e. tests in `pr-checks`). +- **Other** - Please provide details. +- **None** - I am not validating these changes. + +#### If something goes wrong after this change is released, what are the mitigation and rollback strategies? + + + +- **Feature flags** - All new or changed code paths can be fully disabled with corresponding feature flags. +- **Rollback** - Change can only be disabled by rolling back the release or releasing a new version with a fix. +- **Other** - Please provide details. + +#### How will you know if something goes wrong after this change is released? + + + +- **Telemetry** - I rely on existing telemetry or have made changes to the telemetry. + - **Dashboards** - I will watch relevant dashboards for issues after the release. Consider whether this requires this change to be released at a particular time rather than as part of a regular release. + - **Alerts** - New or existing monitors will trip if something goes wrong with this change. +- **Other** - Please provide details. + ### Merge / deployment checklist - Confirm this change is backwards compatible with existing workflows. diff --git a/.github/workflows/__upload-quality-sarif.yml b/.github/workflows/__bundle-from-toolcache.yml similarity index 51% rename from .github/workflows/__upload-quality-sarif.yml rename to .github/workflows/__bundle-from-toolcache.yml index 9e1dceafc..c8957ac58 100644 --- a/.github/workflows/__upload-quality-sarif.yml +++ b/.github/workflows/__bundle-from-toolcache.yml @@ -3,7 +3,7 @@ # pr-checks/sync.sh # to regenerate this file. -name: 'PR Check - Upload-sarif: code quality endpoint' +name: 'PR Check - Bundle: From toolcache' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GO111MODULE: auto @@ -21,19 +21,9 @@ on: schedule: - cron: '0 5 * * *' workflow_dispatch: - inputs: - go-version: - type: string - description: The version of Go to install - required: false - default: '>=1.21.0' + inputs: {} workflow_call: - inputs: - go-version: - type: string - description: The version of Go to install - required: false - default: '>=1.21.0' + inputs: {} defaults: run: shell: bash @@ -41,14 +31,14 @@ concurrency: cancel-in-progress: ${{ github.event_name == 'pull_request' }} group: ${{ github.workflow }}-${{ github.ref }} jobs: - upload-quality-sarif: + bundle-from-toolcache: strategy: fail-fast: false matrix: include: - os: ubuntu-latest - version: default - name: 'Upload-sarif: code quality endpoint' + version: toolcache + name: 'Bundle: From toolcache' if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read @@ -65,31 +55,32 @@ jobs: version: ${{ matrix.version }} use-all-platform-bundle: 'false' setup-kotlin: 'true' - - name: Install Go - uses: actions/setup-go@v6 + - name: Install @actions/tool-cache + run: npm install @actions/tool-cache + - name: Check toolcache contains CodeQL + continue-on-error: true + uses: actions/github-script@v8 with: - go-version: ${{ inputs.go-version || '>=1.21.0' }} - cache: false - - uses: ./../action/init + script: | + const toolcache = require('@actions/tool-cache'); + const allCodeqlVersions = toolcache.findAllVersions('CodeQL'); + if (allCodeqlVersions.length === 0) { + throw new Error(`CodeQL could not be found in the toolcache`); + } + - id: init + uses: ./../action/init with: + languages: javascript tools: ${{ steps.prepare-test.outputs.tools-url }} - languages: csharp,java,javascript,python - analysis-kinds: code-quality - - name: Build code - run: ./build.sh - # Generate some SARIF we can upload with the upload-sarif step - - uses: ./../action/analyze + - name: Check CodeQL is installed within the toolcache + uses: actions/github-script@v8 with: - ref: refs/heads/main - sha: 5e235361806c361d4d3f8859e3c897658025a9a2 - upload: never - - uses: ./../action/upload-sarif - id: upload-sarif - with: - ref: refs/heads/main - sha: 5e235361806c361d4d3f8859e3c897658025a9a2 - - name: Check output from `upload-sarif` step - if: '!(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)' - run: exit 1 + script: | + const toolcache = require('@actions/tool-cache'); + const allCodeqlVersions = toolcache.findAllVersions('CodeQL'); + console.log(`Found CodeQL versions: ${allCodeqlVersions}`); + if (allCodeqlVersions.length === 0) { + throw new Error('CodeQL not found in toolcache'); + } env: CODEQL_ACTION_TEST_MODE: true diff --git a/.github/workflows/__upload-sarif.yml b/.github/workflows/__upload-sarif.yml new file mode 100644 index 000000000..91a1af5e0 --- /dev/null +++ b/.github/workflows/__upload-sarif.yml @@ -0,0 +1,158 @@ +# Warning: This file is generated automatically, and should not be modified. +# Instead, please modify the template in the pr-checks directory and run: +# pr-checks/sync.sh +# to regenerate this file. + +name: PR Check - Test different uses of `upload-sarif` +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GO111MODULE: auto +on: + push: + branches: + - main + - releases/v* + pull_request: + types: + - opened + - synchronize + - reopened + - ready_for_review + schedule: + - cron: '0 5 * * *' + workflow_dispatch: + inputs: + go-version: + type: string + description: The version of Go to install + required: false + default: '>=1.21.0' + workflow_call: + inputs: + go-version: + type: string + description: The version of Go to install + required: false + default: '>=1.21.0' +defaults: + run: + shell: bash +concurrency: + cancel-in-progress: ${{ github.event_name == 'pull_request' }} + group: ${{ github.workflow }}-${{ github.ref }} +jobs: + upload-sarif: + strategy: + fail-fast: false + matrix: + include: + - os: ubuntu-latest + version: default + analysis-kinds: code-scanning + - os: ubuntu-latest + version: default + analysis-kinds: code-quality + - os: ubuntu-latest + version: default + analysis-kinds: code-scanning,code-quality + name: Test different uses of `upload-sarif` + if: github.triggering_actor != 'dependabot[bot]' + permissions: + contents: read + security-events: read + timeout-minutes: 45 + runs-on: ${{ matrix.os }} + steps: + - name: Check out repository + uses: actions/checkout@v5 + - name: Prepare test + id: prepare-test + uses: ./.github/actions/prepare-test + with: + version: ${{ matrix.version }} + use-all-platform-bundle: 'false' + setup-kotlin: 'true' + - name: Install Go + uses: actions/setup-go@v6 + with: + go-version: ${{ inputs.go-version || '>=1.21.0' }} + cache: false + - uses: ./../action/init + with: + tools: ${{ steps.prepare-test.outputs.tools-url }} + languages: csharp,java,javascript,python + analysis-kinds: ${{ matrix.analysis-kinds }} + - name: Build code + run: ./build.sh + # Generate some SARIF we can upload with the upload-sarif step + - uses: ./../action/analyze + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + upload: never + output: ${{ runner.temp }}/results + + - name: | + Upload all SARIF files for `analysis-kinds: ${{ matrix.analysis-kinds }}` + uses: ./../action/upload-sarif + id: upload-sarif + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:all-files/ + - name: Fail for missing output from `upload-sarif` step for `code-scanning` + if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning) + run: exit 1 + - name: Fail for missing output from `upload-sarif` step for `code-quality` + if: contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality) + run: exit 1 + + - name: Upload single SARIF file for Code Scanning + uses: ./../action/upload-sarif + id: upload-single-sarif-code-scanning + if: contains(matrix.analysis-kinds, 'code-scanning') + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results/javascript.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-scanning/ + - name: Fail for missing output from `upload-single-sarif-code-scanning` step + if: contains(matrix.analysis-kinds, 'code-scanning') && + !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning) + run: exit 1 + - name: Upload single SARIF file for Code Quality + uses: ./../action/upload-sarif + id: upload-single-sarif-code-quality + if: contains(matrix.analysis-kinds, 'code-quality') + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-quality/ + - name: Fail for missing output from `upload-single-sarif-code-quality` step + if: contains(matrix.analysis-kinds, 'code-quality') && + !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality) + run: exit 1 + + - name: Change SARIF file extension + if: contains(matrix.analysis-kinds, 'code-scanning') + run: mv ${{ runner.temp }}/results/javascript.sarif ${{ runner.temp }}/results/javascript.sarif.json + - name: Upload single non-`.sarif` file + uses: ./../action/upload-sarif + id: upload-single-non-sarif + if: contains(matrix.analysis-kinds, 'code-scanning') + with: + ref: refs/heads/main + sha: 5e235361806c361d4d3f8859e3c897658025a9a2 + sarif_file: ${{ runner.temp }}/results/javascript.sarif.json + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:non-sarif/ + - name: Fail for missing output from `upload-single-non-sarif` step + if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning) + run: exit 1 + env: + CODEQL_ACTION_TEST_MODE: true diff --git a/.github/workflows/__with-checkout-path.yml b/.github/workflows/__with-checkout-path.yml index e12c9846a..e706b5d39 100644 --- a/.github/workflows/__with-checkout-path.yml +++ b/.github/workflows/__with-checkout-path.yml @@ -103,29 +103,30 @@ jobs: - name: Verify SARIF after upload run: | + PAYLOAD_FILE="$RUNNER_TEMP/payload-code-scanning.json" EXPECTED_COMMIT_OID="474bbf07f9247ffe1856c6a0f94aeeb10e7afee6" EXPECTED_REF="v1.1.0" EXPECTED_CHECKOUT_URI_SUFFIX="/x/y/z/some-path/tests/multi-language-repo" - ACTUAL_COMMIT_OID="$(cat "$RUNNER_TEMP/payload.json" | jq -r .commit_oid)" - ACTUAL_REF="$(cat "$RUNNER_TEMP/payload.json" | jq -r .ref)" - ACTUAL_CHECKOUT_URI="$(cat "$RUNNER_TEMP/payload.json" | jq -r .checkout_uri)" + ACTUAL_COMMIT_OID="$(cat "$PAYLOAD_FILE" | jq -r .commit_oid)" + ACTUAL_REF="$(cat "$PAYLOAD_FILE" | jq -r .ref)" + ACTUAL_CHECKOUT_URI="$(cat "$PAYLOAD_FILE" | jq -r .checkout_uri)" if [[ "$EXPECTED_COMMIT_OID" != "$ACTUAL_COMMIT_OID" ]]; then echo "::error Invalid commit oid. Expected: $EXPECTED_COMMIT_OID Actual: $ACTUAL_COMMIT_OID" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$EXPECTED_REF" != "$ACTUAL_REF" ]]; then echo "::error Invalid ref. Expected: '$EXPECTED_REF' Actual: '$ACTUAL_REF'" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$ACTUAL_CHECKOUT_URI" != *$EXPECTED_CHECKOUT_URI_SUFFIX ]]; then echo "::error Invalid checkout URI suffix. Expected suffix: $EXPECTED_CHECKOUT_URI_SUFFIX Actual uri: $ACTUAL_CHECKOUT_URI" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi env: diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index 65e57fef3..983b67d68 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -25121,8 +25121,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -25130,8 +25130,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -25194,8 +25194,8 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt = (a, b, loose) => compare(a, b, loose) < 0; + var compare2 = require_compare(); + var lt = (a, b, loose) => compare2(a, b, loose) < 0; module2.exports = lt; } }); @@ -25204,8 +25204,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -25214,8 +25214,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -25224,8 +25224,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -25234,8 +25234,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -26184,7 +26184,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -26244,7 +26244,7 @@ var require_subset = __commonJS({ } let gtltComp; if (gt && lt) { - gtltComp = compare(gt.semver, lt.semver, options); + gtltComp = compare2(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { @@ -26324,14 +26324,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -26355,7 +26355,7 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); @@ -26393,7 +26393,7 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, @@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } exports2.lt = lt; function lt(a, b, loose) { - return compare(a, b, loose) < 0; + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -95823,8 +95823,8 @@ var require_commonjs16 = __commonJS({ if (rootPath === this.root.name) { return this.root; } - for (const [compare, root] of Object.entries(this.roots)) { - if (this.sameRoot(rootPath, compare)) { + for (const [compare2, root] of Object.entries(this.roots)) { + if (this.sameRoot(rootPath, compare2)) { return this.roots[rootPath] = root; } } @@ -95833,9 +95833,9 @@ var require_commonjs16 = __commonJS({ /** * @internal */ - sameRoot(rootPath, compare = this.root.name) { + sameRoot(rootPath, compare2 = this.root.name) { rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\"); - return rootPath === compare; + return rootPath === compare2; } }; exports2.PathWin32 = PathWin32; @@ -99854,7 +99854,7 @@ var require_b4a = __commonJS({ function byteLength(string, encoding) { return Buffer.byteLength(string, encoding); } - function compare(a, b) { + function compare2(a, b) { return Buffer.compare(a, b); } function concat(buffers, totalLength) { @@ -99955,7 +99955,7 @@ var require_b4a = __commonJS({ allocUnsafe, allocUnsafeSlow, byteLength, - compare, + compare: compare2, concat, copy, equals, diff --git a/lib/analyze-action.js b/lib/analyze-action.js index d7bddb852..92257f31f 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -25039,7 +25039,7 @@ var require_to_regex_range = __commonJS({ stop = countZeros(max + 1, zeros) - 1; } stops = [...stops]; - stops.sort(compare2); + stops.sort(compare3); return stops; } function rangeToPattern(start, stop, options) { @@ -25111,7 +25111,7 @@ var require_to_regex_range = __commonJS({ for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]); return arr; } - function compare2(a, b) { + function compare3(a, b) { return a > b ? 1 : b > a ? -1 : 0; } function contains(arr, key, val2) { @@ -30970,8 +30970,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare2; + var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare3; } }); @@ -30979,8 +30979,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); + var compare3 = require_compare(); + var rcompare = (a, b, loose) => compare3(b, a, loose); module2.exports = rcompare; } }); @@ -30989,8 +30989,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var compareLoose = (a, b) => compare2(a, b, true); + var compare3 = require_compare(); + var compareLoose = (a, b) => compare3(a, b, true); module2.exports = compareLoose; } }); @@ -31033,8 +31033,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gt = (a, b, loose) => compare2(a, b, loose) > 0; + var compare3 = require_compare(); + var gt = (a, b, loose) => compare3(a, b, loose) > 0; module2.exports = gt; } }); @@ -31043,8 +31043,8 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lt = (a, b, loose) => compare2(a, b, loose) < 0; + var compare3 = require_compare(); + var lt = (a, b, loose) => compare3(a, b, loose) < 0; module2.exports = lt; } }); @@ -31053,8 +31053,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var eq = (a, b, loose) => compare2(a, b, loose) === 0; + var compare3 = require_compare(); + var eq = (a, b, loose) => compare3(a, b, loose) === 0; module2.exports = eq; } }); @@ -31063,8 +31063,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var neq = (a, b, loose) => compare2(a, b, loose) !== 0; + var compare3 = require_compare(); + var neq = (a, b, loose) => compare3(a, b, loose) !== 0; module2.exports = neq; } }); @@ -31073,8 +31073,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; + var compare3 = require_compare(); + var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -31083,8 +31083,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lte = (a, b, loose) => compare2(a, b, loose) <= 0; + var compare3 = require_compare(); + var lte = (a, b, loose) => compare3(a, b, loose) <= 0; module2.exports = lte; } }); @@ -31980,12 +31980,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare2(a, b, options)); + const v = versions.sort((a, b) => compare3(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -32033,7 +32033,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -32093,7 +32093,7 @@ var require_subset = __commonJS({ } let gtltComp; if (gt && lt) { - gtltComp = compare2(gt.semver, lt.semver, options); + gtltComp = compare3(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { @@ -32173,14 +32173,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -32204,7 +32204,7 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare2 = require_compare(); + var compare3 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); @@ -32242,7 +32242,7 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare: compare2, + compare: compare3, rcompare, compareLoose, compareBuild, @@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare2; - function compare2(a, b, loose) { + exports2.compare = compare3; + function compare3(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare2(a, b, true); + return compare3(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare2(b, a, loose); + return compare3(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare2(a, b, loose) > 0; + return compare3(a, b, loose) > 0; } exports2.lt = lt; function lt(a, b, loose) { - return compare2(a, b, loose) < 0; + return compare3(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare2(a, b, loose) === 0; + return compare3(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare2(a, b, loose) !== 0; + return compare3(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare2(a, b, loose) >= 0; + return compare3(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare2(a, b, loose) <= 0; + return compare3(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -90042,9 +90042,12 @@ function getWorkflowRunAttempt() { function isSelfHostedRunner() { return process.env.RUNNER_ENVIRONMENT === "self-hosted"; } -function isDefaultSetup() { +function isDynamicWorkflow() { return getWorkflowEventName() === "dynamic"; } +function isDefaultSetup() { + return isDynamicWorkflow(); +} function prettyPrintInvocation(cmd, args) { return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" "); } @@ -92114,6 +92117,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"]; var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +var CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension(compressionMethod) { switch (compressionMethod) { case "gzip": @@ -92292,6 +92296,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required." ); } + } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { + let latestToolcacheVersion; + const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + if (allowToolcacheValue) { + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` + ); + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } + } + if (latestToolcacheVersion === void 0) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } + cliVersion2 = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); url2 = toolsInput; @@ -92598,8 +92627,24 @@ async function getNightlyToolsUrl(logger) { ); } } +function getLatestToolcacheVersion(logger) { + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a)); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions + )}.` + ); + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.` + ); + return latestToolcacheVersion; + } + return void 0; +} function isReservedToolsValue(tools) { - return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools); + return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT; } // src/tracer-config.ts @@ -94767,7 +94812,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) { }; LongPrototype.gte = LongPrototype.greaterThanOrEqual; LongPrototype.ge = LongPrototype.greaterThanOrEqual; -LongPrototype.compare = function compare(other) { +LongPrototype.compare = function compare2(other) { if (!isLong(other)) other = fromValue(other); if (this.eq(other)) return 0; var thisNeg = this.isNegative(), otherNeg = other.isNegative(); @@ -95533,12 +95578,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (shouldSkipSarifUpload()) { const payloadSaveFile = path18.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}` @@ -95549,7 +95594,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -95783,7 +95828,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 965b2519a..8ffe26946 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -25121,8 +25121,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -25130,8 +25130,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -25194,8 +25194,8 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt = (a, b, loose) => compare(a, b, loose) < 0; + var compare2 = require_compare(); + var lt = (a, b, loose) => compare2(a, b, loose) < 0; module2.exports = lt; } }); @@ -25204,8 +25204,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -25214,8 +25214,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -25224,8 +25224,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -25234,8 +25234,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -26184,7 +26184,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -26244,7 +26244,7 @@ var require_subset = __commonJS({ } let gtltComp; if (gt && lt) { - gtltComp = compare(gt.semver, lt.semver, options); + gtltComp = compare2(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { @@ -26324,14 +26324,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -26355,7 +26355,7 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); @@ -26393,7 +26393,7 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, @@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } exports2.lt = lt; function lt(a, b, loose) { - return compare(a, b, loose) < 0; + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index cf52eb88a..bf4bce9c5 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -25039,7 +25039,7 @@ var require_to_regex_range = __commonJS({ stop = countZeros(max + 1, zeros) - 1; } stops = [...stops]; - stops.sort(compare2); + stops.sort(compare3); return stops; } function rangeToPattern(start, stop, options) { @@ -25111,7 +25111,7 @@ var require_to_regex_range = __commonJS({ for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]); return arr; } - function compare2(a, b) { + function compare3(a, b) { return a > b ? 1 : b > a ? -1 : 0; } function contains(arr, key, val2) { @@ -30970,8 +30970,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare2; + var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare3; } }); @@ -30979,8 +30979,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); + var compare3 = require_compare(); + var rcompare = (a, b, loose) => compare3(b, a, loose); module2.exports = rcompare; } }); @@ -30989,8 +30989,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var compareLoose = (a, b) => compare2(a, b, true); + var compare3 = require_compare(); + var compareLoose = (a, b) => compare3(a, b, true); module2.exports = compareLoose; } }); @@ -31033,8 +31033,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gt = (a, b, loose) => compare2(a, b, loose) > 0; + var compare3 = require_compare(); + var gt = (a, b, loose) => compare3(a, b, loose) > 0; module2.exports = gt; } }); @@ -31043,8 +31043,8 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lt = (a, b, loose) => compare2(a, b, loose) < 0; + var compare3 = require_compare(); + var lt = (a, b, loose) => compare3(a, b, loose) < 0; module2.exports = lt; } }); @@ -31053,8 +31053,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var eq = (a, b, loose) => compare2(a, b, loose) === 0; + var compare3 = require_compare(); + var eq = (a, b, loose) => compare3(a, b, loose) === 0; module2.exports = eq; } }); @@ -31063,8 +31063,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var neq = (a, b, loose) => compare2(a, b, loose) !== 0; + var compare3 = require_compare(); + var neq = (a, b, loose) => compare3(a, b, loose) !== 0; module2.exports = neq; } }); @@ -31073,8 +31073,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; + var compare3 = require_compare(); + var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -31083,8 +31083,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lte = (a, b, loose) => compare2(a, b, loose) <= 0; + var compare3 = require_compare(); + var lte = (a, b, loose) => compare3(a, b, loose) <= 0; module2.exports = lte; } }); @@ -31980,12 +31980,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare2(a, b, options)); + const v = versions.sort((a, b) => compare3(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -32033,7 +32033,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -32093,7 +32093,7 @@ var require_subset = __commonJS({ } let gtltComp; if (gt && lt) { - gtltComp = compare2(gt.semver, lt.semver, options); + gtltComp = compare3(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { @@ -32173,14 +32173,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -32204,7 +32204,7 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare2 = require_compare(); + var compare3 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); @@ -32242,7 +32242,7 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare: compare2, + compare: compare3, rcompare, compareLoose, compareBuild, @@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare2; - function compare2(a, b, loose) { + exports2.compare = compare3; + function compare3(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare2(a, b, true); + return compare3(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare2(b, a, loose); + return compare3(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare2(a, b, loose) > 0; + return compare3(a, b, loose) > 0; } exports2.lt = lt; function lt(a, b, loose) { - return compare2(a, b, loose) < 0; + return compare3(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare2(a, b, loose) === 0; + return compare3(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare2(a, b, loose) !== 0; + return compare3(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare2(a, b, loose) >= 0; + return compare3(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare2(a, b, loose) <= 0; + return compare3(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -101672,8 +101672,8 @@ var require_commonjs16 = __commonJS({ if (rootPath === this.root.name) { return this.root; } - for (const [compare2, root] of Object.entries(this.roots)) { - if (this.sameRoot(rootPath, compare2)) { + for (const [compare3, root] of Object.entries(this.roots)) { + if (this.sameRoot(rootPath, compare3)) { return this.roots[rootPath] = root; } } @@ -101682,9 +101682,9 @@ var require_commonjs16 = __commonJS({ /** * @internal */ - sameRoot(rootPath, compare2 = this.root.name) { + sameRoot(rootPath, compare3 = this.root.name) { rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\"); - return rootPath === compare2; + return rootPath === compare3; } }; exports2.PathWin32 = PathWin32; @@ -105703,7 +105703,7 @@ var require_b4a = __commonJS({ function byteLength(string, encoding) { return Buffer.byteLength(string, encoding); } - function compare2(a, b) { + function compare3(a, b) { return Buffer.compare(a, b); } function concat(buffers, totalLength) { @@ -105804,7 +105804,7 @@ var require_b4a = __commonJS({ allocUnsafe, allocUnsafeSlow, byteLength, - compare: compare2, + compare: compare3, concat, copy, equals: equals2, @@ -128340,9 +128340,12 @@ function getWorkflowRunAttempt() { function isSelfHostedRunner() { return process.env.RUNNER_ENVIRONMENT === "self-hosted"; } -function isDefaultSetup() { +function isDynamicWorkflow() { return getWorkflowEventName() === "dynamic"; } +function isDefaultSetup() { + return isDynamicWorkflow(); +} function prettyPrintInvocation(cmd, args) { return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" "); } @@ -130096,6 +130099,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"]; var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +var CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension(compressionMethod) { switch (compressionMethod) { case "gzip": @@ -130274,6 +130278,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required." ); } + } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { + let latestToolcacheVersion; + const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + if (allowToolcacheValue) { + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` + ); + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } + } + if (latestToolcacheVersion === void 0) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } + cliVersion2 = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); url2 = toolsInput; @@ -130580,8 +130609,24 @@ async function getNightlyToolsUrl(logger) { ); } } +function getLatestToolcacheVersion(logger) { + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a)); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions + )}.` + ); + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.` + ); + return latestToolcacheVersion; + } + return void 0; +} function isReservedToolsValue(tools) { - return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools); + return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT; } // src/tracer-config.ts @@ -132243,7 +132288,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) { }; LongPrototype.gte = LongPrototype.greaterThanOrEqual; LongPrototype.ge = LongPrototype.greaterThanOrEqual; -LongPrototype.compare = function compare(other) { +LongPrototype.compare = function compare2(other) { if (!isLong(other)) other = fromValue(other); if (this.eq(other)) return 0; var thisNeg = this.isNegative(), otherNeg = other.isNegative(); @@ -133009,12 +133054,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (shouldSkipSarifUpload()) { const payloadSaveFile = path17.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}` @@ -133025,7 +133070,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -133259,7 +133304,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/lib/init-action.js b/lib/init-action.js index cb8a02bf4..2c7de3d12 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -20412,8 +20412,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -20421,8 +20421,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -20431,8 +20431,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -20475,8 +20475,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -20485,8 +20485,8 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt2 = (a, b, loose) => compare(a, b, loose) < 0; + var compare2 = require_compare(); + var lt2 = (a, b, loose) => compare2(a, b, loose) < 0; module2.exports = lt2; } }); @@ -20495,8 +20495,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -20505,8 +20505,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -20515,8 +20515,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -20525,8 +20525,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -21422,12 +21422,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -21475,7 +21475,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -21535,7 +21535,7 @@ var require_subset = __commonJS({ } let gtltComp; if (gt && lt2) { - gtltComp = compare(gt.semver, lt2.semver, options); + gtltComp = compare2(gt.semver, lt2.semver, options); if (gtltComp > 0) { return null; } else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) { @@ -21615,14 +21615,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -21646,7 +21646,7 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); @@ -21684,7 +21684,7 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, @@ -26947,7 +26947,7 @@ var require_to_regex_range = __commonJS({ stop = countZeros(max + 1, zeros) - 1; } stops = [...stops]; - stops.sort(compare); + stops.sort(compare2); return stops; } function rangeToPattern(start, stop, options) { @@ -27019,7 +27019,7 @@ var require_to_regex_range = __commonJS({ for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]); return arr; } - function compare(a, b) { + function compare2(a, b) { return a > b ? 1 : b > a ? -1 : 0; } function contains(arr, key, val2) { @@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } exports2.lt = lt2; function lt2(a, b, loose) { - return compare(a, b, loose) < 0; + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -85943,9 +85943,12 @@ var getFileType = async (filePath) => { function isSelfHostedRunner() { return process.env.RUNNER_ENVIRONMENT === "self-hosted"; } -function isDefaultSetup() { +function isDynamicWorkflow() { return getWorkflowEventName() === "dynamic"; } +function isDefaultSetup() { + return isDynamicWorkflow(); +} function prettyPrintInvocation(cmd, args) { return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" "); } @@ -88886,6 +88889,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"]; var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +var CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension(compressionMethod) { switch (compressionMethod) { case "gzip": @@ -89064,6 +89068,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required." ); } + } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { + let latestToolcacheVersion; + const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + if (allowToolcacheValue) { + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` + ); + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } + } + if (latestToolcacheVersion === void 0) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } + cliVersion2 = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); url = toolsInput; @@ -89370,8 +89399,24 @@ async function getNightlyToolsUrl(logger) { ); } } +function getLatestToolcacheVersion(logger) { + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a)); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions + )}.` + ); + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.` + ); + return latestToolcacheVersion; + } + return void 0; +} function isReservedToolsValue(tools) { - return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools); + return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT; } // src/tracer-config.ts diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index c227a906d..17ff683ca 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -25121,8 +25121,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -25130,8 +25130,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -25194,8 +25194,8 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt = (a, b, loose) => compare(a, b, loose) < 0; + var compare2 = require_compare(); + var lt = (a, b, loose) => compare2(a, b, loose) < 0; module2.exports = lt; } }); @@ -25204,8 +25204,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -25214,8 +25214,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -25224,8 +25224,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -25234,8 +25234,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -26184,7 +26184,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -26244,7 +26244,7 @@ var require_subset = __commonJS({ } let gtltComp; if (gt && lt) { - gtltComp = compare(gt.semver, lt.semver, options); + gtltComp = compare2(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { @@ -26324,14 +26324,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -26355,7 +26355,7 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); @@ -26393,7 +26393,7 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, @@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } exports2.lt = lt; function lt(a, b, loose) { - return compare(a, b, loose) < 0; + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 54bb2ea21..d69dbbf58 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -25121,8 +25121,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -25130,8 +25130,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -25194,8 +25194,8 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt = (a, b, loose) => compare(a, b, loose) < 0; + var compare2 = require_compare(); + var lt = (a, b, loose) => compare2(a, b, loose) < 0; module2.exports = lt; } }); @@ -25204,8 +25204,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -25214,8 +25214,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -25224,8 +25224,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -25234,8 +25234,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -26184,7 +26184,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -26244,7 +26244,7 @@ var require_subset = __commonJS({ } let gtltComp; if (gt && lt) { - gtltComp = compare(gt.semver, lt.semver, options); + gtltComp = compare2(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { @@ -26324,14 +26324,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -26355,7 +26355,7 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); @@ -26393,7 +26393,7 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, @@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } exports2.lt = lt; function lt(a, b, loose) { - return compare(a, b, loose) < 0; + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -94483,8 +94483,8 @@ var require_commonjs16 = __commonJS({ if (rootPath === this.root.name) { return this.root; } - for (const [compare, root] of Object.entries(this.roots)) { - if (this.sameRoot(rootPath, compare)) { + for (const [compare2, root] of Object.entries(this.roots)) { + if (this.sameRoot(rootPath, compare2)) { return this.roots[rootPath] = root; } } @@ -94493,9 +94493,9 @@ var require_commonjs16 = __commonJS({ /** * @internal */ - sameRoot(rootPath, compare = this.root.name) { + sameRoot(rootPath, compare2 = this.root.name) { rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\"); - return rootPath === compare; + return rootPath === compare2; } }; exports2.PathWin32 = PathWin32; @@ -98514,7 +98514,7 @@ var require_b4a = __commonJS({ function byteLength(string, encoding) { return Buffer.byteLength(string, encoding); } - function compare(a, b) { + function compare2(a, b) { return Buffer.compare(a, b); } function concat(buffers, totalLength) { @@ -98615,7 +98615,7 @@ var require_b4a = __commonJS({ allocUnsafe, allocUnsafeSlow, byteLength, - compare, + compare: compare2, concat, copy, equals, diff --git a/lib/upload-lib.js b/lib/upload-lib.js index 83ee93767..3f6f2a29f 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -26336,7 +26336,7 @@ var require_to_regex_range = __commonJS({ stop = countZeros(max + 1, zeros) - 1; } stops = [...stops]; - stops.sort(compare2); + stops.sort(compare3); return stops; } function rangeToPattern(start, stop, options) { @@ -26408,7 +26408,7 @@ var require_to_regex_range = __commonJS({ for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]); return arr; } - function compare2(a, b) { + function compare3(a, b) { return a > b ? 1 : b > a ? -1 : 0; } function contains(arr, key, val2) { @@ -32267,8 +32267,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare2; + var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare3; } }); @@ -32276,8 +32276,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); + var compare3 = require_compare(); + var rcompare = (a, b, loose) => compare3(b, a, loose); module2.exports = rcompare; } }); @@ -32286,8 +32286,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var compareLoose = (a, b) => compare2(a, b, true); + var compare3 = require_compare(); + var compareLoose = (a, b) => compare3(a, b, true); module2.exports = compareLoose; } }); @@ -32330,8 +32330,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gt = (a, b, loose) => compare2(a, b, loose) > 0; + var compare3 = require_compare(); + var gt = (a, b, loose) => compare3(a, b, loose) > 0; module2.exports = gt; } }); @@ -32340,8 +32340,8 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lt = (a, b, loose) => compare2(a, b, loose) < 0; + var compare3 = require_compare(); + var lt = (a, b, loose) => compare3(a, b, loose) < 0; module2.exports = lt; } }); @@ -32350,8 +32350,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var eq = (a, b, loose) => compare2(a, b, loose) === 0; + var compare3 = require_compare(); + var eq = (a, b, loose) => compare3(a, b, loose) === 0; module2.exports = eq; } }); @@ -32360,8 +32360,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var neq = (a, b, loose) => compare2(a, b, loose) !== 0; + var compare3 = require_compare(); + var neq = (a, b, loose) => compare3(a, b, loose) !== 0; module2.exports = neq; } }); @@ -32370,8 +32370,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; + var compare3 = require_compare(); + var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -32380,8 +32380,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lte = (a, b, loose) => compare2(a, b, loose) <= 0; + var compare3 = require_compare(); + var lte = (a, b, loose) => compare3(a, b, loose) <= 0; module2.exports = lte; } }); @@ -33277,12 +33277,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare2(a, b, options)); + const v = versions.sort((a, b) => compare3(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -33330,7 +33330,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -33390,7 +33390,7 @@ var require_subset = __commonJS({ } let gtltComp; if (gt && lt) { - gtltComp = compare2(gt.semver, lt.semver, options); + gtltComp = compare3(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { @@ -33470,14 +33470,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -33501,7 +33501,7 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare2 = require_compare(); + var compare3 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); @@ -33539,7 +33539,7 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare: compare2, + compare: compare3, rcompare, compareLoose, compareBuild, @@ -37407,13 +37407,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare2; - function compare2(a, b, loose) { + exports2.compare = compare3; + function compare3(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare2(a, b, true); + return compare3(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -37423,7 +37423,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare2(b, a, loose); + return compare3(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -37439,27 +37439,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare2(a, b, loose) > 0; + return compare3(a, b, loose) > 0; } exports2.lt = lt; function lt(a, b, loose) { - return compare2(a, b, loose) < 0; + return compare3(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare2(a, b, loose) === 0; + return compare3(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare2(a, b, loose) !== 0; + return compare3(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare2(a, b, loose) >= 0; + return compare3(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare2(a, b, loose) <= 0; + return compare3(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -88477,9 +88477,12 @@ function getWorkflowRunAttempt() { } return workflowRunAttempt; } -function isDefaultSetup() { +function isDynamicWorkflow() { return getWorkflowEventName() === "dynamic"; } +function isDefaultSetup() { + return isDynamicWorkflow(); +} function prettyPrintInvocation(cmd, args) { return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" "); } @@ -89930,6 +89933,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"]; var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +var CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension(compressionMethod) { switch (compressionMethod) { case "gzip": @@ -90108,6 +90112,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required." ); } + } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { + let latestToolcacheVersion; + const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + if (allowToolcacheValue) { + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` + ); + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } + } + if (latestToolcacheVersion === void 0) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } + cliVersion2 = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); url2 = toolsInput; @@ -90414,8 +90443,24 @@ async function getNightlyToolsUrl(logger) { ); } } +function getLatestToolcacheVersion(logger) { + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a)); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions + )}.` + ); + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.` + ); + return latestToolcacheVersion; + } + return void 0; +} function isReservedToolsValue(tools) { - return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools); + return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT; } // src/tracer-config.ts @@ -91602,7 +91647,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) { }; LongPrototype.gte = LongPrototype.greaterThanOrEqual; LongPrototype.ge = LongPrototype.greaterThanOrEqual; -LongPrototype.compare = function compare(other) { +LongPrototype.compare = function compare2(other) { if (!isLong(other)) other = fromValue(other); if (this.eq(other)) return 0; var thisNeg = this.isNegative(), otherNeg = other.isNegative(); @@ -92368,12 +92413,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (shouldSkipSarifUpload()) { const payloadSaveFile = path14.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}` @@ -92384,7 +92429,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -92666,7 +92711,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 1fa6d3d70..48a864733 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -25121,8 +25121,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare; + var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare2; } }); @@ -25130,8 +25130,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var rcompare = (a, b, loose) => compare(b, a, loose); + var compare2 = require_compare(); + var rcompare = (a, b, loose) => compare2(b, a, loose); module2.exports = rcompare; } }); @@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var compareLoose = (a, b) => compare(a, b, true); + var compare2 = require_compare(); + var compareLoose = (a, b) => compare2(a, b, true); module2.exports = compareLoose; } }); @@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gt = (a, b, loose) => compare(a, b, loose) > 0; + var compare2 = require_compare(); + var gt = (a, b, loose) => compare2(a, b, loose) > 0; module2.exports = gt; } }); @@ -25194,8 +25194,8 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lt = (a, b, loose) => compare(a, b, loose) < 0; + var compare2 = require_compare(); + var lt = (a, b, loose) => compare2(a, b, loose) < 0; module2.exports = lt; } }); @@ -25204,8 +25204,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var eq = (a, b, loose) => compare(a, b, loose) === 0; + var compare2 = require_compare(); + var eq = (a, b, loose) => compare2(a, b, loose) === 0; module2.exports = eq; } }); @@ -25214,8 +25214,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var neq = (a, b, loose) => compare(a, b, loose) !== 0; + var compare2 = require_compare(); + var neq = (a, b, loose) => compare2(a, b, loose) !== 0; module2.exports = neq; } }); @@ -25224,8 +25224,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var gte5 = (a, b, loose) => compare(a, b, loose) >= 0; + var compare2 = require_compare(); + var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -25234,8 +25234,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare = require_compare(); - var lte = (a, b, loose) => compare(a, b, loose) <= 0; + var compare2 = require_compare(); + var lte = (a, b, loose) => compare2(a, b, loose) <= 0; module2.exports = lte; } }); @@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare(a, b, options)); + const v = versions.sort((a, b) => compare2(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -26184,7 +26184,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare = require_compare(); + var compare2 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -26244,7 +26244,7 @@ var require_subset = __commonJS({ } let gtltComp; if (gt && lt) { - gtltComp = compare(gt.semver, lt.semver, options); + gtltComp = compare2(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { @@ -26324,14 +26324,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare(a.semver, b.semver, options); + const comp = compare2(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -26355,7 +26355,7 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare = require_compare(); + var compare2 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); @@ -26393,7 +26393,7 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare, + compare: compare2, rcompare, compareLoose, compareBuild, @@ -88567,8 +88567,8 @@ var require_commonjs16 = __commonJS({ if (rootPath === this.root.name) { return this.root; } - for (const [compare, root] of Object.entries(this.roots)) { - if (this.sameRoot(rootPath, compare)) { + for (const [compare2, root] of Object.entries(this.roots)) { + if (this.sameRoot(rootPath, compare2)) { return this.roots[rootPath] = root; } } @@ -88577,9 +88577,9 @@ var require_commonjs16 = __commonJS({ /** * @internal */ - sameRoot(rootPath, compare = this.root.name) { + sameRoot(rootPath, compare2 = this.root.name) { rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\"); - return rootPath === compare; + return rootPath === compare2; } }; exports2.PathWin32 = PathWin32; @@ -92598,7 +92598,7 @@ var require_b4a = __commonJS({ function byteLength(string, encoding) { return Buffer.byteLength(string, encoding); } - function compare(a, b) { + function compare2(a, b) { return Buffer.compare(a, b); } function concat(buffers, totalLength) { @@ -92699,7 +92699,7 @@ var require_b4a = __commonJS({ allocUnsafe, allocUnsafeSlow, byteLength, - compare, + compare: compare2, concat, copy, equals, @@ -108085,13 +108085,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare; - function compare(a, b, loose) { + exports2.compare = compare2; + function compare2(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare(a, b, true); + return compare2(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -108101,7 +108101,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare(b, a, loose); + return compare2(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -108117,27 +108117,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare(a, b, loose) > 0; + return compare2(a, b, loose) > 0; } exports2.lt = lt; function lt(a, b, loose) { - return compare(a, b, loose) < 0; + return compare2(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare(a, b, loose) === 0; + return compare2(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare(a, b, loose) !== 0; + return compare2(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare(a, b, loose) >= 0; + return compare2(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare(a, b, loose) <= 0; + return compare2(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 0df214836..db2147a25 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -25039,7 +25039,7 @@ var require_to_regex_range = __commonJS({ stop = countZeros(max + 1, zeros) - 1; } stops = [...stops]; - stops.sort(compare2); + stops.sort(compare3); return stops; } function rangeToPattern(start, stop, options) { @@ -25111,7 +25111,7 @@ var require_to_regex_range = __commonJS({ for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]); return arr; } - function compare2(a, b) { + function compare3(a, b) { return a > b ? 1 : b > a ? -1 : 0; } function contains(arr, key, val2) { @@ -30970,8 +30970,8 @@ var require_compare = __commonJS({ "node_modules/semver/functions/compare.js"(exports2, module2) { "use strict"; var SemVer = require_semver(); - var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); - module2.exports = compare2; + var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose)); + module2.exports = compare3; } }); @@ -30979,8 +30979,8 @@ var require_compare = __commonJS({ var require_rcompare = __commonJS({ "node_modules/semver/functions/rcompare.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var rcompare = (a, b, loose) => compare2(b, a, loose); + var compare3 = require_compare(); + var rcompare = (a, b, loose) => compare3(b, a, loose); module2.exports = rcompare; } }); @@ -30989,8 +30989,8 @@ var require_rcompare = __commonJS({ var require_compare_loose = __commonJS({ "node_modules/semver/functions/compare-loose.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var compareLoose = (a, b) => compare2(a, b, true); + var compare3 = require_compare(); + var compareLoose = (a, b) => compare3(a, b, true); module2.exports = compareLoose; } }); @@ -31033,8 +31033,8 @@ var require_rsort = __commonJS({ var require_gt = __commonJS({ "node_modules/semver/functions/gt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gt = (a, b, loose) => compare2(a, b, loose) > 0; + var compare3 = require_compare(); + var gt = (a, b, loose) => compare3(a, b, loose) > 0; module2.exports = gt; } }); @@ -31043,8 +31043,8 @@ var require_gt = __commonJS({ var require_lt = __commonJS({ "node_modules/semver/functions/lt.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lt = (a, b, loose) => compare2(a, b, loose) < 0; + var compare3 = require_compare(); + var lt = (a, b, loose) => compare3(a, b, loose) < 0; module2.exports = lt; } }); @@ -31053,8 +31053,8 @@ var require_lt = __commonJS({ var require_eq = __commonJS({ "node_modules/semver/functions/eq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var eq = (a, b, loose) => compare2(a, b, loose) === 0; + var compare3 = require_compare(); + var eq = (a, b, loose) => compare3(a, b, loose) === 0; module2.exports = eq; } }); @@ -31063,8 +31063,8 @@ var require_eq = __commonJS({ var require_neq = __commonJS({ "node_modules/semver/functions/neq.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var neq = (a, b, loose) => compare2(a, b, loose) !== 0; + var compare3 = require_compare(); + var neq = (a, b, loose) => compare3(a, b, loose) !== 0; module2.exports = neq; } }); @@ -31073,8 +31073,8 @@ var require_neq = __commonJS({ var require_gte = __commonJS({ "node_modules/semver/functions/gte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0; + var compare3 = require_compare(); + var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0; module2.exports = gte5; } }); @@ -31083,8 +31083,8 @@ var require_gte = __commonJS({ var require_lte = __commonJS({ "node_modules/semver/functions/lte.js"(exports2, module2) { "use strict"; - var compare2 = require_compare(); - var lte = (a, b, loose) => compare2(a, b, loose) <= 0; + var compare3 = require_compare(); + var lte = (a, b, loose) => compare3(a, b, loose) <= 0; module2.exports = lte; } }); @@ -31980,12 +31980,12 @@ var require_simplify = __commonJS({ "node_modules/semver/ranges/simplify.js"(exports2, module2) { "use strict"; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); module2.exports = (versions, range, options) => { const set2 = []; let first = null; let prev = null; - const v = versions.sort((a, b) => compare2(a, b, options)); + const v = versions.sort((a, b) => compare3(a, b, options)); for (const version of v) { const included = satisfies2(version, range, options); if (included) { @@ -32033,7 +32033,7 @@ var require_subset = __commonJS({ var Comparator = require_comparator(); var { ANY } = Comparator; var satisfies2 = require_satisfies(); - var compare2 = require_compare(); + var compare3 = require_compare(); var subset = (sub, dom, options = {}) => { if (sub === dom) { return true; @@ -32093,7 +32093,7 @@ var require_subset = __commonJS({ } let gtltComp; if (gt && lt) { - gtltComp = compare2(gt.semver, lt.semver, options); + gtltComp = compare3(gt.semver, lt.semver, options); if (gtltComp > 0) { return null; } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) { @@ -32173,14 +32173,14 @@ var require_subset = __commonJS({ if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a; }; var lowerLT = (a, b, options) => { if (!a) { return b; } - const comp = compare2(a.semver, b.semver, options); + const comp = compare3(a.semver, b.semver, options); return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a; }; module2.exports = subset; @@ -32204,7 +32204,7 @@ var require_semver2 = __commonJS({ var minor = require_minor(); var patch = require_patch(); var prerelease = require_prerelease(); - var compare2 = require_compare(); + var compare3 = require_compare(); var rcompare = require_rcompare(); var compareLoose = require_compare_loose(); var compareBuild = require_compare_build(); @@ -32242,7 +32242,7 @@ var require_semver2 = __commonJS({ minor, patch, prerelease, - compare: compare2, + compare: compare3, rcompare, compareLoose, compareBuild, @@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({ function patch(a, loose) { return new SemVer(a, loose).patch; } - exports2.compare = compare2; - function compare2(a, b, loose) { + exports2.compare = compare3; + function compare3(a, b, loose) { return new SemVer(a, loose).compare(new SemVer(b, loose)); } exports2.compareLoose = compareLoose; function compareLoose(a, b) { - return compare2(a, b, true); + return compare3(a, b, true); } exports2.compareBuild = compareBuild; function compareBuild(a, b, loose) { @@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({ } exports2.rcompare = rcompare; function rcompare(a, b, loose) { - return compare2(b, a, loose); + return compare3(b, a, loose); } exports2.sort = sort; function sort(list, loose) { @@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({ } exports2.gt = gt; function gt(a, b, loose) { - return compare2(a, b, loose) > 0; + return compare3(a, b, loose) > 0; } exports2.lt = lt; function lt(a, b, loose) { - return compare2(a, b, loose) < 0; + return compare3(a, b, loose) < 0; } exports2.eq = eq; function eq(a, b, loose) { - return compare2(a, b, loose) === 0; + return compare3(a, b, loose) === 0; } exports2.neq = neq; function neq(a, b, loose) { - return compare2(a, b, loose) !== 0; + return compare3(a, b, loose) !== 0; } exports2.gte = gte5; function gte5(a, b, loose) { - return compare2(a, b, loose) >= 0; + return compare3(a, b, loose) >= 0; } exports2.lte = lte; function lte(a, b, loose) { - return compare2(a, b, loose) <= 0; + return compare3(a, b, loose) <= 0; } exports2.cmp = cmp; function cmp(a, op, b, loose) { @@ -88674,9 +88674,12 @@ function getWorkflowRunAttempt() { function isSelfHostedRunner() { return process.env.RUNNER_ENVIRONMENT === "self-hosted"; } -function isDefaultSetup() { +function isDynamicWorkflow() { return getWorkflowEventName() === "dynamic"; } +function isDefaultSetup() { + return isDynamicWorkflow(); +} function prettyPrintInvocation(cmd, args) { return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" "); } @@ -90602,6 +90605,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"]; var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +var CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension(compressionMethod) { switch (compressionMethod) { case "gzip": @@ -90780,6 +90784,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required." ); } + } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) { + let latestToolcacheVersion; + const allowToolcacheValue = isDynamicWorkflow() || isInTestMode(); + if (allowToolcacheValue) { + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.` + ); + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion2 = latestToolcacheVersion; + } + } + if (latestToolcacheVersion === void 0) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...` + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.` + ); + } + cliVersion2 = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== void 0) { tagName = tryGetTagNameFromUrl(toolsInput, logger); url2 = toolsInput; @@ -91086,8 +91115,24 @@ async function getNightlyToolsUrl(logger) { ); } } +function getLatestToolcacheVersion(logger) { + const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a)); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions + )}.` + ); + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.` + ); + return latestToolcacheVersion; + } + return void 0; +} function isReservedToolsValue(tools) { - return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools); + return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT; } // src/tracer-config.ts @@ -92274,7 +92319,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) { }; LongPrototype.gte = LongPrototype.greaterThanOrEqual; LongPrototype.ge = LongPrototype.greaterThanOrEqual; -LongPrototype.compare = function compare(other) { +LongPrototype.compare = function compare2(other) { if (!isLong(other)) other = fromValue(other); if (this.eq(other)) return 0; var thisNeg = this.isNegative(), otherNeg = other.isNegative(); @@ -93040,12 +93085,12 @@ function getAutomationID2(category, analysis_key, environment) { } return computeAutomationID(analysis_key, environment); } -async function uploadPayload(payload, repositoryNwo, logger, target) { +async function uploadPayload(payload, repositoryNwo, logger, analysis) { logger.info("Uploading results"); if (shouldSkipSarifUpload()) { const payloadSaveFile = path15.join( getTemporaryDirectory(), - "payload.json" + `payload-${analysis.kind}.json` ); logger.info( `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}` @@ -93056,7 +93101,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) { } const client = getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload @@ -93307,7 +93352,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features payload, getRepositoryNwo(), logger, - uploadTarget.target + uploadTarget ); logger.endGroup(); return { diff --git a/pr-checks/checks/bundle-from-toolcache.yml b/pr-checks/checks/bundle-from-toolcache.yml new file mode 100644 index 000000000..5a53ec12d --- /dev/null +++ b/pr-checks/checks/bundle-from-toolcache.yml @@ -0,0 +1,32 @@ +name: "Bundle: From toolcache" +description: "The CodeQL bundle should be cached within the toolcache" +versions: + - toolcache +steps: + - name: Install @actions/tool-cache + run: npm install @actions/tool-cache + - name: Check toolcache contains CodeQL + continue-on-error: true + uses: actions/github-script@v8 + with: + script: | + const toolcache = require('@actions/tool-cache'); + const allCodeqlVersions = toolcache.findAllVersions('CodeQL'); + if (allCodeqlVersions.length === 0) { + throw new Error(`CodeQL could not be found in the toolcache`); + } + - id: init + uses: ./../action/init + with: + languages: javascript + tools: ${{ steps.prepare-test.outputs.tools-url }} + - name: Check CodeQL is installed within the toolcache + uses: actions/github-script@v8 + with: + script: | + const toolcache = require('@actions/tool-cache'); + const allCodeqlVersions = toolcache.findAllVersions('CodeQL'); + console.log(`Found CodeQL versions: ${allCodeqlVersions}`); + if (allCodeqlVersions.length === 0) { + throw new Error('CodeQL not found in toolcache'); + } diff --git a/pr-checks/checks/upload-quality-sarif.yml b/pr-checks/checks/upload-quality-sarif.yml deleted file mode 100644 index 1d4dd9d28..000000000 --- a/pr-checks/checks/upload-quality-sarif.yml +++ /dev/null @@ -1,26 +0,0 @@ -name: "Upload-sarif: code quality endpoint" -description: "Checks that uploading SARIFs to the code quality endpoint works" -versions: ["default"] -installGo: true -steps: - - uses: ./../action/init - with: - tools: ${{ steps.prepare-test.outputs.tools-url }} - languages: csharp,java,javascript,python - analysis-kinds: code-quality - - name: Build code - run: ./build.sh - # Generate some SARIF we can upload with the upload-sarif step - - uses: ./../action/analyze - with: - ref: 'refs/heads/main' - sha: '5e235361806c361d4d3f8859e3c897658025a9a2' - upload: never - - uses: ./../action/upload-sarif - id: upload-sarif - with: - ref: 'refs/heads/main' - sha: '5e235361806c361d4d3f8859e3c897658025a9a2' - - name: "Check output from `upload-sarif` step" - if: '!(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)' - run: exit 1 diff --git a/pr-checks/checks/upload-sarif.yml b/pr-checks/checks/upload-sarif.yml new file mode 100644 index 000000000..1801a2740 --- /dev/null +++ b/pr-checks/checks/upload-sarif.yml @@ -0,0 +1,81 @@ +name: "Test different uses of `upload-sarif`" +description: "Checks that uploading SARIFs to the code quality endpoint works" +versions: ["default"] +analysisKinds: ["code-scanning", "code-quality", "code-scanning,code-quality"] +installGo: true +steps: + - uses: ./../action/init + with: + tools: ${{ steps.prepare-test.outputs.tools-url }} + languages: csharp,java,javascript,python + analysis-kinds: ${{ matrix.analysis-kinds }} + - name: Build code + run: ./build.sh + # Generate some SARIF we can upload with the upload-sarif step + - uses: ./../action/analyze + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + upload: never + output: ${{ runner.temp }}/results + + - name: | + Upload all SARIF files for `analysis-kinds: ${{ matrix.analysis-kinds }}` + uses: ./../action/upload-sarif + id: upload-sarif + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:all-files/ + - name: "Fail for missing output from `upload-sarif` step for `code-scanning`" + if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning)" + run: exit 1 + - name: "Fail for missing output from `upload-sarif` step for `code-quality`" + if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)" + run: exit 1 + + - name: Upload single SARIF file for Code Scanning + uses: ./../action/upload-sarif + id: upload-single-sarif-code-scanning + if: "contains(matrix.analysis-kinds, 'code-scanning')" + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results/javascript.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-scanning/ + - name: "Fail for missing output from `upload-single-sarif-code-scanning` step" + if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning)" + run: exit 1 + - name: Upload single SARIF file for Code Quality + uses: ./../action/upload-sarif + id: upload-single-sarif-code-quality + if: "contains(matrix.analysis-kinds, 'code-quality')" + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-quality/ + - name: "Fail for missing output from `upload-single-sarif-code-quality` step" + if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality)" + run: exit 1 + + - name: Change SARIF file extension + if: "contains(matrix.analysis-kinds, 'code-scanning')" + run: mv ${{ runner.temp }}/results/javascript.sarif ${{ runner.temp }}/results/javascript.sarif.json + - name: Upload single non-`.sarif` file + uses: ./../action/upload-sarif + id: upload-single-non-sarif + if: "contains(matrix.analysis-kinds, 'code-scanning')" + with: + ref: 'refs/heads/main' + sha: '5e235361806c361d4d3f8859e3c897658025a9a2' + sarif_file: ${{ runner.temp }}/results/javascript.sarif.json + category: | + ${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:non-sarif/ + - name: "Fail for missing output from `upload-single-non-sarif` step" + if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning)" + run: exit 1 diff --git a/pr-checks/checks/with-checkout-path.yml b/pr-checks/checks/with-checkout-path.yml index 641dcf220..d0662be01 100644 --- a/pr-checks/checks/with-checkout-path.yml +++ b/pr-checks/checks/with-checkout-path.yml @@ -37,28 +37,29 @@ steps: - name: Verify SARIF after upload run: | + PAYLOAD_FILE="$RUNNER_TEMP/payload-code-scanning.json" EXPECTED_COMMIT_OID="474bbf07f9247ffe1856c6a0f94aeeb10e7afee6" EXPECTED_REF="v1.1.0" EXPECTED_CHECKOUT_URI_SUFFIX="/x/y/z/some-path/tests/multi-language-repo" - ACTUAL_COMMIT_OID="$(cat "$RUNNER_TEMP/payload.json" | jq -r .commit_oid)" - ACTUAL_REF="$(cat "$RUNNER_TEMP/payload.json" | jq -r .ref)" - ACTUAL_CHECKOUT_URI="$(cat "$RUNNER_TEMP/payload.json" | jq -r .checkout_uri)" + ACTUAL_COMMIT_OID="$(cat "$PAYLOAD_FILE" | jq -r .commit_oid)" + ACTUAL_REF="$(cat "$PAYLOAD_FILE" | jq -r .ref)" + ACTUAL_CHECKOUT_URI="$(cat "$PAYLOAD_FILE" | jq -r .checkout_uri)" if [[ "$EXPECTED_COMMIT_OID" != "$ACTUAL_COMMIT_OID" ]]; then echo "::error Invalid commit oid. Expected: $EXPECTED_COMMIT_OID Actual: $ACTUAL_COMMIT_OID" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$EXPECTED_REF" != "$ACTUAL_REF" ]]; then echo "::error Invalid ref. Expected: '$EXPECTED_REF' Actual: '$ACTUAL_REF'" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi if [[ "$ACTUAL_CHECKOUT_URI" != *$EXPECTED_CHECKOUT_URI_SUFFIX ]]; then echo "::error Invalid checkout URI suffix. Expected suffix: $EXPECTED_CHECKOUT_URI_SUFFIX Actual uri: $ACTUAL_CHECKOUT_URI" - echo "$RUNNER_TEMP/payload.json" + echo "$PAYLOAD_FILE" exit 1 fi diff --git a/src/actions-util.ts b/src/actions-util.ts index 8058e5772..a2d691b42 100644 --- a/src/actions-util.ts +++ b/src/actions-util.ts @@ -247,9 +247,14 @@ export function isSelfHostedRunner() { return process.env.RUNNER_ENVIRONMENT === "self-hosted"; } +/** Determines whether the workflow trigger is `dynamic`. */ +export function isDynamicWorkflow(): boolean { + return getWorkflowEventName() === "dynamic"; +} + /** Determines whether we are running in default setup. */ export function isDefaultSetup(): boolean { - return getWorkflowEventName() === "dynamic"; + return isDynamicWorkflow(); } export function prettyPrintInvocation(cmd: string, args: string[]): string { diff --git a/src/setup-codeql.test.ts b/src/setup-codeql.test.ts index 6e4a1dc07..4e65c6edf 100644 --- a/src/setup-codeql.test.ts +++ b/src/setup-codeql.test.ts @@ -1,5 +1,6 @@ import * as path from "path"; +import * as toolcache from "@actions/tool-cache"; import test from "ava"; import * as sinon from "sinon"; @@ -254,6 +255,117 @@ test("setupCodeQLBundle logs the CodeQL CLI version being used when asked to dow }); }); +test("getCodeQLSource correctly returns latest version from toolcache when tools == toolcache", async (t) => { + const loggedMessages: LoggedMessage[] = []; + const logger = getRecordingLogger(loggedMessages); + + process.env["GITHUB_EVENT_NAME"] = "dynamic"; + + const latestToolcacheVersion = "3.2.1"; + const latestVersionPath = "/path/to/latest"; + const testVersions = ["2.3.1", latestToolcacheVersion, "1.2.3"]; + const findAllVersionsStub = sinon + .stub(toolcache, "findAllVersions") + .returns(testVersions); + const findStub = sinon.stub(toolcache, "find"); + findStub + .withArgs("CodeQL", latestToolcacheVersion) + .returns(latestVersionPath); + + await withTmpDir(async (tmpDir) => { + setupActionsVars(tmpDir, tmpDir); + const source = await setupCodeql.getCodeQLSource( + "toolcache", + SAMPLE_DEFAULT_CLI_VERSION, + SAMPLE_DOTCOM_API_DETAILS, + GitHubVariant.DOTCOM, + false, + logger, + ); + + // Check that the toolcache functions were called with the expected arguments + t.assert( + findAllVersionsStub.calledOnceWith("CodeQL"), + `toolcache.findAllVersions("CodeQL") wasn't called`, + ); + t.assert( + findStub.calledOnceWith("CodeQL", latestToolcacheVersion), + `toolcache.find("CodeQL", ${latestToolcacheVersion}) wasn't called`, + ); + + // Check that `sourceType` and `toolsVersion` match expectations. + t.is(source.sourceType, "toolcache"); + t.is(source.toolsVersion, latestToolcacheVersion); + + // Check that key messages we would expect to find in the log are present. + const expectedMessages: string[] = [ + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: toolcache'.`, + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`, + `Using CodeQL CLI version ${latestToolcacheVersion} from toolcache at ${latestVersionPath}`, + ]; + for (const expectedMessage of expectedMessages) { + t.assert( + loggedMessages.some( + (msg) => + typeof msg.message === "string" && + msg.message.includes(expectedMessage), + ), + `Expected '${expectedMessage}' in the logger output, but didn't find it.`, + ); + } + }); +}); + +test("getCodeQLSource falls back to downloading the CLI if the toolcache doesn't have a CodeQL CLI when tools == toolcache", async (t) => { + const loggedMessages: LoggedMessage[] = []; + const logger = getRecordingLogger(loggedMessages); + + process.env["GITHUB_EVENT_NAME"] = "dynamic"; + + const testVersions = []; + const findAllVersionsStub = sinon + .stub(toolcache, "findAllVersions") + .returns(testVersions); + + await withTmpDir(async (tmpDir) => { + setupActionsVars(tmpDir, tmpDir); + const source = await setupCodeql.getCodeQLSource( + "toolcache", + SAMPLE_DEFAULT_CLI_VERSION, + SAMPLE_DOTCOM_API_DETAILS, + GitHubVariant.DOTCOM, + false, + logger, + ); + + // Check that the toolcache functions were called with the expected arguments + t.assert( + findAllVersionsStub.calledWith("CodeQL"), + `toolcache.findAllVersions("CodeQL") wasn't called`, + ); + + // Check that `sourceType` and `toolsVersion` match expectations. + t.is(source.sourceType, "download"); + t.is(source.toolsVersion, SAMPLE_DEFAULT_CLI_VERSION.cliVersion); + + // Check that key messages we would expect to find in the log are present. + const expectedMessages: string[] = [ + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: toolcache'.`, + `Found no CodeQL CLI in the toolcache, ignoring 'tools: toolcache'...`, + ]; + for (const expectedMessage of expectedMessages) { + t.assert( + loggedMessages.some( + (msg) => + typeof msg.message === "string" && + msg.message.includes(expectedMessage), + ), + `Expected '${expectedMessage}' in the logger output, but didn't find it.`, + ); + } + }); +}); + test('tryGetTagNameFromUrl extracts the right tag name for a repo name containing "codeql-bundle"', (t) => { t.is( setupCodeql.tryGetTagNameFromUrl( @@ -263,3 +375,15 @@ test('tryGetTagNameFromUrl extracts the right tag name for a repo name containin "codeql-bundle-v2.19.0", ); }); + +test("getLatestToolcacheVersion returns undefined if there are no CodeQL CLIs in the toolcache", (t) => { + sinon.stub(toolcache, "findAllVersions").returns([]); + t.is(setupCodeql.getLatestToolcacheVersion(getRunnerLogger(true)), undefined); +}); + +test("getLatestToolcacheVersion returns latest version in the toolcache", (t) => { + const testVersions = ["2.3.1", "3.2.1", "1.2.3"]; + sinon.stub(toolcache, "findAllVersions").returns(testVersions); + + t.is(setupCodeql.getLatestToolcacheVersion(getRunnerLogger(true)), "3.2.1"); +}); diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index 127bb1b93..e01037223 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -7,7 +7,7 @@ import { default as deepEqual } from "fast-deep-equal"; import * as semver from "semver"; import { v4 as uuidV4 } from "uuid"; -import { isRunningLocalAction } from "./actions-util"; +import { isDynamicWorkflow, isRunningLocalAction } from "./actions-util"; import * as api from "./api-client"; import * as defaults from "./defaults.json"; import { @@ -38,6 +38,7 @@ const CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; const CODEQL_BUNDLE_VERSION_ALIAS: string[] = ["linked", "latest"]; const CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"]; +const CODEQL_TOOLCACHE_INPUT = "toolcache"; function getCodeQLBundleExtension( compressionMethod: tar.CompressionMethod, @@ -346,6 +347,44 @@ export async function getCodeQLSource( "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required.", ); } + } else if ( + toolsInput !== undefined && + toolsInput === CODEQL_TOOLCACHE_INPUT + ) { + let latestToolcacheVersion: string | undefined; + + // We only allow `toolsInput === "toolcache"` for `dynamic` events. In general, using `toolsInput === "toolcache"` + // can lead to alert wobble and so it shouldn't be used for an analysis where results are intended to be uploaded. + // We also allow this in test mode. + const allowToolcacheValue = isDynamicWorkflow() || util.isInTestMode(); + if (allowToolcacheValue) { + // If `toolsInput === "toolcache"`, try to find the latest version of the CLI that's available in the toolcache + // and use that. We perform this check here since we can set `cliVersion` directly and don't want to default to + // the linked version. + logger.info( + `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`, + ); + + latestToolcacheVersion = getLatestToolcacheVersion(logger); + if (latestToolcacheVersion) { + cliVersion = latestToolcacheVersion; + } + } + + if (latestToolcacheVersion === undefined) { + if (allowToolcacheValue) { + logger.info( + `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`, + ); + } else { + logger.warning( + `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`, + ); + } + + cliVersion = defaultCliVersion.cliVersion; + tagName = defaultCliVersion.tagName; + } } else if (toolsInput !== undefined) { // If a tools URL was provided, then use that. tagName = tryGetTagNameFromUrl(toolsInput, logger); @@ -816,9 +855,38 @@ async function getNightlyToolsUrl(logger: Logger) { } } +/** + * Gets the latest version of the CodeQL CLI that is available in the toolcache, or `undefined` + * if no CodeQL CLI is available in the toolcache. + * + * @param logger The logger to use. + * @returns The latest version of the CodeQL CLI that is available in the toolcache, or `undefined` if there is none. + */ +export function getLatestToolcacheVersion(logger: Logger): string | undefined { + const allVersions = toolcache + .findAllVersions("CodeQL") + .sort((a, b) => semver.compare(b, a)); + logger.debug( + `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify( + allVersions, + )}.`, + ); + + if (allVersions.length > 0) { + const latestToolcacheVersion = allVersions[0]; + logger.info( + `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`, + ); + return latestToolcacheVersion; + } + + return undefined; +} + function isReservedToolsValue(tools: string): boolean { return ( CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || - CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) + CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || + tools === CODEQL_TOOLCACHE_INPUT ); } diff --git a/src/upload-lib.ts b/src/upload-lib.ts index f3db97194..7c630204b 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -352,14 +352,14 @@ async function uploadPayload( payload: any, repositoryNwo: RepositoryNwo, logger: Logger, - target: analyses.SARIF_UPLOAD_ENDPOINT, + analysis: analyses.AnalysisConfig, ): Promise { logger.info("Uploading results"); if (util.shouldSkipSarifUpload()) { const payloadSaveFile = path.join( actionsUtil.getTemporaryDirectory(), - "payload.json", + `payload-${analysis.kind}.json`, ); logger.info( `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`, @@ -372,7 +372,7 @@ async function uploadPayload( const client = api.getApiClient(); try { - const response = await client.request(target, { + const response = await client.request(analysis.target, { owner: repositoryNwo.owner, repo: repositoryNwo.repo, data: payload, @@ -806,7 +806,7 @@ export async function uploadSpecifiedFiles( payload, getRepositoryNwo(), logger, - uploadTarget.target, + uploadTarget, ); logger.endGroup();