Merge branch 'main' into redsun82/skip-sarif-upload

2025-12-23 07:40:10 +08:00 · 2025-10-07 17:17:13 +02:00
parent 1b09eb4ccc 2f11c17b09
commit df65651d4f
23 changed files with 1219 additions and 509 deletions
--- a/lib/upload-lib.js
+++ b/lib/upload-lib.js
@@ -26336,7 +26336,7 @@ var require_to_regex_range = __commonJS({
        stop = countZeros(max + 1, zeros) - 1;
      }
      stops = [...stops];
-      stops.sort(compare2);
+      stops.sort(compare3);
      return stops;
    }
    function rangeToPattern(start, stop, options) {
@@ -26408,7 +26408,7 @@ var require_to_regex_range = __commonJS({
      for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]);
      return arr;
    }
-    function compare2(a, b) {
+    function compare3(a, b) {
      return a > b ? 1 : b > a ? -1 : 0;
    }
    function contains(arr, key, val2) {
@@ -32267,8 +32267,8 @@ var require_compare = __commonJS({
  "node_modules/semver/functions/compare.js"(exports2, module2) {
    "use strict";
    var SemVer = require_semver();
-    var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
-    module2.exports = compare2;
+    var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
+    module2.exports = compare3;
  }
 });

@@ -32276,8 +32276,8 @@ var require_compare = __commonJS({
 var require_rcompare = __commonJS({
  "node_modules/semver/functions/rcompare.js"(exports2, module2) {
    "use strict";
-    var compare2 = require_compare();
-    var rcompare = (a, b, loose) => compare2(b, a, loose);
+    var compare3 = require_compare();
+    var rcompare = (a, b, loose) => compare3(b, a, loose);
    module2.exports = rcompare;
  }
 });
@@ -32286,8 +32286,8 @@ var require_rcompare = __commonJS({
 var require_compare_loose = __commonJS({
  "node_modules/semver/functions/compare-loose.js"(exports2, module2) {
    "use strict";
-    var compare2 = require_compare();
-    var compareLoose = (a, b) => compare2(a, b, true);
+    var compare3 = require_compare();
+    var compareLoose = (a, b) => compare3(a, b, true);
    module2.exports = compareLoose;
  }
 });
@@ -32330,8 +32330,8 @@ var require_rsort = __commonJS({
 var require_gt = __commonJS({
  "node_modules/semver/functions/gt.js"(exports2, module2) {
    "use strict";
-    var compare2 = require_compare();
-    var gt = (a, b, loose) => compare2(a, b, loose) > 0;
+    var compare3 = require_compare();
+    var gt = (a, b, loose) => compare3(a, b, loose) > 0;
    module2.exports = gt;
  }
 });
@@ -32340,8 +32340,8 @@ var require_gt = __commonJS({
 var require_lt = __commonJS({
  "node_modules/semver/functions/lt.js"(exports2, module2) {
    "use strict";
-    var compare2 = require_compare();
-    var lt = (a, b, loose) => compare2(a, b, loose) < 0;
+    var compare3 = require_compare();
+    var lt = (a, b, loose) => compare3(a, b, loose) < 0;
    module2.exports = lt;
  }
 });
@@ -32350,8 +32350,8 @@ var require_lt = __commonJS({
 var require_eq = __commonJS({
  "node_modules/semver/functions/eq.js"(exports2, module2) {
    "use strict";
-    var compare2 = require_compare();
-    var eq = (a, b, loose) => compare2(a, b, loose) === 0;
+    var compare3 = require_compare();
+    var eq = (a, b, loose) => compare3(a, b, loose) === 0;
    module2.exports = eq;
  }
 });
@@ -32360,8 +32360,8 @@ var require_eq = __commonJS({
 var require_neq = __commonJS({
  "node_modules/semver/functions/neq.js"(exports2, module2) {
    "use strict";
-    var compare2 = require_compare();
-    var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
+    var compare3 = require_compare();
+    var neq = (a, b, loose) => compare3(a, b, loose) !== 0;
    module2.exports = neq;
  }
 });
@@ -32370,8 +32370,8 @@ var require_neq = __commonJS({
 var require_gte = __commonJS({
  "node_modules/semver/functions/gte.js"(exports2, module2) {
    "use strict";
-    var compare2 = require_compare();
-    var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
+    var compare3 = require_compare();
+    var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0;
    module2.exports = gte5;
  }
 });
@@ -32380,8 +32380,8 @@ var require_gte = __commonJS({
 var require_lte = __commonJS({
  "node_modules/semver/functions/lte.js"(exports2, module2) {
    "use strict";
-    var compare2 = require_compare();
-    var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
+    var compare3 = require_compare();
+    var lte = (a, b, loose) => compare3(a, b, loose) <= 0;
    module2.exports = lte;
  }
 });
@@ -33277,12 +33277,12 @@ var require_simplify = __commonJS({
  "node_modules/semver/ranges/simplify.js"(exports2, module2) {
    "use strict";
    var satisfies2 = require_satisfies();
-    var compare2 = require_compare();
+    var compare3 = require_compare();
    module2.exports = (versions, range, options) => {
      const set2 = [];
      let first = null;
      let prev = null;
-      const v = versions.sort((a, b) => compare2(a, b, options));
+      const v = versions.sort((a, b) => compare3(a, b, options));
      for (const version of v) {
        const included = satisfies2(version, range, options);
        if (included) {
@@ -33330,7 +33330,7 @@ var require_subset = __commonJS({
    var Comparator = require_comparator();
    var { ANY } = Comparator;
    var satisfies2 = require_satisfies();
-    var compare2 = require_compare();
+    var compare3 = require_compare();
    var subset = (sub, dom, options = {}) => {
      if (sub === dom) {
        return true;
@@ -33390,7 +33390,7 @@ var require_subset = __commonJS({
      }
      let gtltComp;
      if (gt && lt) {
-        gtltComp = compare2(gt.semver, lt.semver, options);
+        gtltComp = compare3(gt.semver, lt.semver, options);
        if (gtltComp > 0) {
          return null;
        } else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) {
@@ -33470,14 +33470,14 @@ var require_subset = __commonJS({
      if (!a) {
        return b;
      }
-      const comp = compare2(a.semver, b.semver, options);
+      const comp = compare3(a.semver, b.semver, options);
      return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
    };
    var lowerLT = (a, b, options) => {
      if (!a) {
        return b;
      }
-      const comp = compare2(a.semver, b.semver, options);
+      const comp = compare3(a.semver, b.semver, options);
      return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
    };
    module2.exports = subset;
@@ -33501,7 +33501,7 @@ var require_semver2 = __commonJS({
    var minor = require_minor();
    var patch = require_patch();
    var prerelease = require_prerelease();
-    var compare2 = require_compare();
+    var compare3 = require_compare();
    var rcompare = require_rcompare();
    var compareLoose = require_compare_loose();
    var compareBuild = require_compare_build();
@@ -33539,7 +33539,7 @@ var require_semver2 = __commonJS({
      minor,
      patch,
      prerelease,
-      compare: compare2,
+      compare: compare3,
      rcompare,
      compareLoose,
      compareBuild,
@@ -37407,13 +37407,13 @@ var require_semver3 = __commonJS({
    function patch(a, loose) {
      return new SemVer(a, loose).patch;
    }
-    exports2.compare = compare2;
-    function compare2(a, b, loose) {
+    exports2.compare = compare3;
+    function compare3(a, b, loose) {
      return new SemVer(a, loose).compare(new SemVer(b, loose));
    }
    exports2.compareLoose = compareLoose;
    function compareLoose(a, b) {
-      return compare2(a, b, true);
+      return compare3(a, b, true);
    }
    exports2.compareBuild = compareBuild;
    function compareBuild(a, b, loose) {
@@ -37423,7 +37423,7 @@ var require_semver3 = __commonJS({
    }
    exports2.rcompare = rcompare;
    function rcompare(a, b, loose) {
-      return compare2(b, a, loose);
+      return compare3(b, a, loose);
    }
    exports2.sort = sort;
    function sort(list, loose) {
@@ -37439,27 +37439,27 @@ var require_semver3 = __commonJS({
    }
    exports2.gt = gt;
    function gt(a, b, loose) {
-      return compare2(a, b, loose) > 0;
+      return compare3(a, b, loose) > 0;
    }
    exports2.lt = lt;
    function lt(a, b, loose) {
-      return compare2(a, b, loose) < 0;
+      return compare3(a, b, loose) < 0;
    }
    exports2.eq = eq;
    function eq(a, b, loose) {
-      return compare2(a, b, loose) === 0;
+      return compare3(a, b, loose) === 0;
    }
    exports2.neq = neq;
    function neq(a, b, loose) {
-      return compare2(a, b, loose) !== 0;
+      return compare3(a, b, loose) !== 0;
    }
    exports2.gte = gte5;
    function gte5(a, b, loose) {
-      return compare2(a, b, loose) >= 0;
+      return compare3(a, b, loose) >= 0;
    }
    exports2.lte = lte;
    function lte(a, b, loose) {
-      return compare2(a, b, loose) <= 0;
+      return compare3(a, b, loose) <= 0;
    }
    exports2.cmp = cmp;
    function cmp(a, op, b, loose) {
@@ -88477,9 +88477,12 @@ function getWorkflowRunAttempt() {
  }
  return workflowRunAttempt;
 }
-function isDefaultSetup() {
+function isDynamicWorkflow() {
  return getWorkflowEventName() === "dynamic";
 }
+function isDefaultSetup() {
+  return isDynamicWorkflow();
+}
 function prettyPrintInvocation(cmd, args) {
  return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" ");
 }
@@ -89930,6 +89933,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing";
 var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies";
 var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"];
 var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"];
+var CODEQL_TOOLCACHE_INPUT = "toolcache";
 function getCodeQLBundleExtension(compressionMethod) {
  switch (compressionMethod) {
    case "gzip":
@@ -90108,6 +90112,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
        "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required."
      );
    }
+  } else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) {
+    let latestToolcacheVersion;
+    const allowToolcacheValue = isDynamicWorkflow() || isInTestMode();
+    if (allowToolcacheValue) {
+      logger.info(
+        `Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`
+      );
+      latestToolcacheVersion = getLatestToolcacheVersion(logger);
+      if (latestToolcacheVersion) {
+        cliVersion2 = latestToolcacheVersion;
+      }
+    }
+    if (latestToolcacheVersion === void 0) {
+      if (allowToolcacheValue) {
+        logger.info(
+          `Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`
+        );
+      } else {
+        logger.warning(
+          `Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`
+        );
+      }
+      cliVersion2 = defaultCliVersion.cliVersion;
+      tagName = defaultCliVersion.tagName;
+    }
  } else if (toolsInput !== void 0) {
    tagName = tryGetTagNameFromUrl(toolsInput, logger);
    url2 = toolsInput;
@@ -90414,8 +90443,24 @@ async function getNightlyToolsUrl(logger) {
    );
  }
 }
+function getLatestToolcacheVersion(logger) {
+  const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a));
+  logger.debug(
+    `Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify(
+      allVersions
+    )}.`
+  );
+  if (allVersions.length > 0) {
+    const latestToolcacheVersion = allVersions[0];
+    logger.info(
+      `CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`
+    );
+    return latestToolcacheVersion;
+  }
+  return void 0;
+}
 function isReservedToolsValue(tools) {
-  return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools);
+  return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT;
 }

 // src/tracer-config.ts
@@ -91602,7 +91647,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) {
 };
 LongPrototype.gte = LongPrototype.greaterThanOrEqual;
 LongPrototype.ge = LongPrototype.greaterThanOrEqual;
-LongPrototype.compare = function compare(other) {
+LongPrototype.compare = function compare2(other) {
  if (!isLong(other)) other = fromValue(other);
  if (this.eq(other)) return 0;
  var thisNeg = this.isNegative(), otherNeg = other.isNegative();
@@ -92368,12 +92413,12 @@ function getAutomationID2(category, analysis_key, environment) {
  }
  return computeAutomationID(analysis_key, environment);
 }
-async function uploadPayload(payload, repositoryNwo, logger, target) {
+async function uploadPayload(payload, repositoryNwo, logger, analysis) {
  logger.info("Uploading results");
  if (shouldSkipSarifUpload()) {
    const payloadSaveFile = path14.join(
      getTemporaryDirectory(),
-      "payload.json"
+      `payload-${analysis.kind}.json`
    );
    logger.info(
      `SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`
@@ -92384,7 +92429,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) {
  }
  const client = getApiClient();
  try {
-    const response = await client.request(target, {
+    const response = await client.request(analysis.target, {
      owner: repositoryNwo.owner,
      repo: repositoryNwo.repo,
      data: payload
@@ -92666,7 +92711,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
    payload,
    getRepositoryNwo(),
    logger,
-    uploadTarget.target
+    uploadTarget
  );
  logger.endGroup();
  return {