github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-23 15:50:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into redsun82/skip-sarif-upload

Browse Source
This commit is contained in:
Paolo Tranquilli
2025-10-07 17:17:13 +02:00
parent 1b09eb4ccc 2f11c17b09
commit df65651d4f
23 changed files with 1219 additions and 509 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/actions/prepare-test/action.yml vendored
View File

@@ -2,7 +2,7 @@ name: "Prepare test"
description: Performs some preparation to run tests
inputs:
version:
description: "The version of the CodeQL CLI to use. Can be 'linked', 'default', 'nightly', 'nightly-latest', 'nightly-YYYYMMDD', or 'stable-vX.Y.Z"
description: "The version of the CodeQL CLI to use. Can be 'linked', 'default', 'toolcache', 'nightly', 'nightly-latest', 'nightly-YYYYMMDD', or 'stable-vX.Y.Z"
required: true
use-all-platform-bundle:
description: "If true, we output a tools URL with codeql-bundle.tar.gz file rather than platform-specific URL"
@@ -41,6 +41,9 @@ runs:
elif [[ "$VERSION" == "linked" ]]; then
echo "tools-url=linked" >> "$GITHUB_OUTPUT"
exit 0
elif [[ "$VERSION" == "toolcache" ]]; then
echo "tools-url=toolcache" >> "$GITHUB_OUTPUT"
exit 0
elif [[ "$VERSION" == "default" ]]; then
echo "tools-url=" >> "$GITHUB_OUTPUT"
exit 0

49
.github/pull_request_template.md vendored
View File

@@ -1,4 +1,13 @@
<!-- For GitHub staff: Remember that this is a public repository. -->
<!--
For GitHub staff: Remember that this is a public repository. Do not link to internal resources.
If necessary, link to this PR from an internal issue and include further details there.
Everyone: Include a summary of the context of this change, what it aims to accomplish, and why you
chose the approach you did if applicable. Indicate any open questions you want to answer
during the review process and anything you want reviewers to pay particular attention to.
See https://github.com/github/codeql-action/blob/main/CONTRIBUTING.md for additional information.
-->
### Risk assessment
@@ -7,6 +16,44 @@ For internal use only. Please select the risk level of this change:
- **Low risk:** Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only.
- **High risk:** Changes are not fully under feature flags, have limited visibility and/or cannot be tested outside of production.
#### Which use cases does this change impact?
<!-- Delete options that don't apply. -->
- **Advanced setup** - Impacts users who have custom workflows.
- **Default setup** - Impacts users who use default setup.
- **Code Scanning** - Impacts Code Scanning (i.e. `analysis-kinds: code-scanning`).
- **Code Quality** - Impacts Code Quality (i.e. `analysis-kinds: code-quality`).
- **Third-party analyses** - Impacts third-party analyses (i.e. `upload-sarif`).
- **GHES** - Impacts GitHub Enterprise Server.
#### How did/will you validate this change?
<!-- Delete options that don't apply. -->
- **Test repository** - This change will be tested on a test repository before merging.
- **Unit tests** - I am depending on unit test coverage (i.e. tests in `.test.ts` files).
- **End-to-end tests** - I am depending on PR checks (i.e. tests in `pr-checks`).
- **Other** - Please provide details.
- **None** - I am not validating these changes.
#### If something goes wrong after this change is released, what are the mitigation and rollback strategies?
<!-- Delete strategies that don't apply. -->
- **Feature flags** - All new or changed code paths can be fully disabled with corresponding feature flags.
- **Rollback** - Change can only be disabled by rolling back the release or releasing a new version with a fix.
- **Other** - Please provide details.
#### How will you know if something goes wrong after this change is released?
<!-- Delete options that don't apply. -->
- **Telemetry** - I rely on existing telemetry or have made changes to the telemetry.
- **Dashboards** - I will watch relevant dashboards for issues after the release. Consider whether this requires this change to be released at a particular time rather than as part of a regular release.
- **Alerts** - New or existing monitors will trip if something goes wrong with this change.
- **Other** - Please provide details.
### Merge / deployment checklist
- Confirm this change is backwards compatible with existing workflows.

67
.github/workflows/__upload-quality-sarif.yml → .github/workflows/__bundle-from-toolcache.yml generated vendored
View File

@@ -3,7 +3,7 @@
# pr-checks/sync.sh
# to regenerate this file.
name: 'PR Check - Upload-sarif: code quality endpoint'
name: 'PR Check - Bundle: From toolcache'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GO111MODULE: auto
@@ -21,19 +21,9 @@ on:
schedule:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
inputs: {}
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
inputs: {}
defaults:
run:
shell: bash
@@ -41,14 +31,14 @@ concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
group: ${{ github.workflow }}-${{ github.ref }}
jobs:
upload-quality-sarif:
bundle-from-toolcache:
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-latest
version: default
name: 'Upload-sarif: code quality endpoint'
version: toolcache
name: 'Bundle: From toolcache'
if: github.triggering_actor != 'dependabot[bot]'
permissions:
contents: read
@@ -65,31 +55,32 @@ jobs:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
- name: Install @actions/tool-cache
run: npm install @actions/tool-cache
- name: Check toolcache contains CodeQL
continue-on-error: true
uses: actions/github-script@v8
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- uses: ./../action/init
script: |
const toolcache = require('@actions/tool-cache');
const allCodeqlVersions = toolcache.findAllVersions('CodeQL');
if (allCodeqlVersions.length === 0) {
throw new Error(`CodeQL could not be found in the toolcache`);
}
- id: init
uses: ./../action/init
with:
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
languages: csharp,java,javascript,python
analysis-kinds: code-quality
- name: Build code
run: ./build.sh
# Generate some SARIF we can upload with the upload-sarif step
- uses: ./../action/analyze
- name: Check CodeQL is installed within the toolcache
uses: actions/github-script@v8
with:
ref: refs/heads/main
sha: 5e235361806c361d4d3f8859e3c897658025a9a2
upload: never
- uses: ./../action/upload-sarif
id: upload-sarif
with:
ref: refs/heads/main
sha: 5e235361806c361d4d3f8859e3c897658025a9a2
- name: Check output from `upload-sarif` step
if: '!(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)'
run: exit 1
script: |
const toolcache = require('@actions/tool-cache');
const allCodeqlVersions = toolcache.findAllVersions('CodeQL');
console.log(`Found CodeQL versions: ${allCodeqlVersions}`);
if (allCodeqlVersions.length === 0) {
throw new Error('CodeQL not found in toolcache');
}
env:
CODEQL_ACTION_TEST_MODE: true

158
.github/workflows/__upload-sarif.yml generated vendored Normal file
View File

@@ -0,0 +1,158 @@
# Warning: This file is generated automatically, and should not be modified.
# Instead, please modify the template in the pr-checks directory and run:
# pr-checks/sync.sh
# to regenerate this file.
name: PR Check - Test different uses of `upload-sarif`
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GO111MODULE: auto
on:
push:
branches:
- main
- releases/v*
pull_request:
types:
- opened
- synchronize
- reopened
- ready_for_review
schedule:
- cron: '0 5 * * *'
workflow_dispatch:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
workflow_call:
inputs:
go-version:
type: string
description: The version of Go to install
required: false
default: '>=1.21.0'
defaults:
run:
shell: bash
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
group: ${{ github.workflow }}-${{ github.ref }}
jobs:
upload-sarif:
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-latest
version: default
analysis-kinds: code-scanning
- os: ubuntu-latest
version: default
analysis-kinds: code-quality
- os: ubuntu-latest
version: default
analysis-kinds: code-scanning,code-quality
name: Test different uses of `upload-sarif`
if: github.triggering_actor != 'dependabot[bot]'
permissions:
contents: read
security-events: read
timeout-minutes: 45
runs-on: ${{ matrix.os }}
steps:
- name: Check out repository
uses: actions/checkout@v5
- name: Prepare test
id: prepare-test
uses: ./.github/actions/prepare-test
with:
version: ${{ matrix.version }}
use-all-platform-bundle: 'false'
setup-kotlin: 'true'
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: ${{ inputs.go-version || '>=1.21.0' }}
cache: false
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}
languages: csharp,java,javascript,python
analysis-kinds: ${{ matrix.analysis-kinds }}
- name: Build code
run: ./build.sh
# Generate some SARIF we can upload with the upload-sarif step
- uses: ./../action/analyze
with:
ref: refs/heads/main
sha: 5e235361806c361d4d3f8859e3c897658025a9a2
upload: never
output: ${{ runner.temp }}/results
- name: |
Upload all SARIF files for `analysis-kinds: ${{ matrix.analysis-kinds }}`
uses: ./../action/upload-sarif
id: upload-sarif
with:
ref: refs/heads/main
sha: 5e235361806c361d4d3f8859e3c897658025a9a2
sarif_file: ${{ runner.temp }}/results
category: |
${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:all-files/
- name: Fail for missing output from `upload-sarif` step for `code-scanning`
if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning)
run: exit 1
- name: Fail for missing output from `upload-sarif` step for `code-quality`
if: contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)
run: exit 1
- name: Upload single SARIF file for Code Scanning
uses: ./../action/upload-sarif
id: upload-single-sarif-code-scanning
if: contains(matrix.analysis-kinds, 'code-scanning')
with:
ref: refs/heads/main
sha: 5e235361806c361d4d3f8859e3c897658025a9a2
sarif_file: ${{ runner.temp }}/results/javascript.sarif
category: |
${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-scanning/
- name: Fail for missing output from `upload-single-sarif-code-scanning` step
if: contains(matrix.analysis-kinds, 'code-scanning') &&
!(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning)
run: exit 1
- name: Upload single SARIF file for Code Quality
uses: ./../action/upload-sarif
id: upload-single-sarif-code-quality
if: contains(matrix.analysis-kinds, 'code-quality')
with:
ref: refs/heads/main
sha: 5e235361806c361d4d3f8859e3c897658025a9a2
sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif
category: |
${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-quality/
- name: Fail for missing output from `upload-single-sarif-code-quality` step
if: contains(matrix.analysis-kinds, 'code-quality') &&
!(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality)
run: exit 1
- name: Change SARIF file extension
if: contains(matrix.analysis-kinds, 'code-scanning')
run: mv ${{ runner.temp }}/results/javascript.sarif ${{ runner.temp }}/results/javascript.sarif.json
- name: Upload single non-`.sarif` file
uses: ./../action/upload-sarif
id: upload-single-non-sarif
if: contains(matrix.analysis-kinds, 'code-scanning')
with:
ref: refs/heads/main
sha: 5e235361806c361d4d3f8859e3c897658025a9a2
sarif_file: ${{ runner.temp }}/results/javascript.sarif.json
category: |
${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:non-sarif/
- name: Fail for missing output from `upload-single-non-sarif` step
if: contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning)
run: exit 1
env:
CODEQL_ACTION_TEST_MODE: true

13
.github/workflows/__with-checkout-path.yml generated vendored
View File

@@ -103,29 +103,30 @@ jobs:
- name: Verify SARIF after upload
run: |
PAYLOAD_FILE="$RUNNER_TEMP/payload-code-scanning.json"
EXPECTED_COMMIT_OID="474bbf07f9247ffe1856c6a0f94aeeb10e7afee6"
EXPECTED_REF="v1.1.0"
EXPECTED_CHECKOUT_URI_SUFFIX="/x/y/z/some-path/tests/multi-language-repo"
ACTUAL_COMMIT_OID="$(cat "$RUNNER_TEMP/payload.json" | jq -r .commit_oid)"
ACTUAL_REF="$(cat "$RUNNER_TEMP/payload.json" | jq -r .ref)"
ACTUAL_CHECKOUT_URI="$(cat "$RUNNER_TEMP/payload.json" | jq -r .checkout_uri)"
ACTUAL_COMMIT_OID="$(cat "$PAYLOAD_FILE" | jq -r .commit_oid)"
ACTUAL_REF="$(cat "$PAYLOAD_FILE" | jq -r .ref)"
ACTUAL_CHECKOUT_URI="$(cat "$PAYLOAD_FILE" | jq -r .checkout_uri)"
if [[ "$EXPECTED_COMMIT_OID" != "$ACTUAL_COMMIT_OID" ]]; then
echo "::error Invalid commit oid. Expected: $EXPECTED_COMMIT_OID Actual: $ACTUAL_COMMIT_OID"
echo "$RUNNER_TEMP/payload.json"
echo "$PAYLOAD_FILE"
exit 1
fi
if [[ "$EXPECTED_REF" != "$ACTUAL_REF" ]]; then
echo "::error Invalid ref. Expected: '$EXPECTED_REF' Actual: '$ACTUAL_REF'"
echo "$RUNNER_TEMP/payload.json"
echo "$PAYLOAD_FILE"
exit 1
fi
if [[ "$ACTUAL_CHECKOUT_URI" != *$EXPECTED_CHECKOUT_URI_SUFFIX ]]; then
echo "::error Invalid checkout URI suffix. Expected suffix: $EXPECTED_CHECKOUT_URI_SUFFIX Actual uri: $ACTUAL_CHECKOUT_URI"
echo "$RUNNER_TEMP/payload.json"
echo "$PAYLOAD_FILE"
exit 1
fi
env:

84
lib/analyze-action-post.js generated
View File

@@ -25121,8 +25121,8 @@ var require_compare = __commonJS({
"node_modules/semver/functions/compare.js"(exports2, module2) {
"use strict";
var SemVer = require_semver();
var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare;
var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare2;
}
});
@@ -25130,8 +25130,8 @@ var require_compare = __commonJS({
var require_rcompare = __commonJS({
"node_modules/semver/functions/rcompare.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var rcompare = (a, b, loose) => compare(b, a, loose);
var compare2 = require_compare();
var rcompare = (a, b, loose) => compare2(b, a, loose);
module2.exports = rcompare;
}
});
@@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({
var require_compare_loose = __commonJS({
"node_modules/semver/functions/compare-loose.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var compareLoose = (a, b) => compare(a, b, true);
var compare2 = require_compare();
var compareLoose = (a, b) => compare2(a, b, true);
module2.exports = compareLoose;
}
});
@@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({
var require_gt = __commonJS({
"node_modules/semver/functions/gt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gt = (a, b, loose) => compare(a, b, loose) > 0;
var compare2 = require_compare();
var gt = (a, b, loose) => compare2(a, b, loose) > 0;
module2.exports = gt;
}
});
@@ -25194,8 +25194,8 @@ var require_gt = __commonJS({
var require_lt = __commonJS({
"node_modules/semver/functions/lt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lt = (a, b, loose) => compare(a, b, loose) < 0;
var compare2 = require_compare();
var lt = (a, b, loose) => compare2(a, b, loose) < 0;
module2.exports = lt;
}
});
@@ -25204,8 +25204,8 @@ var require_lt = __commonJS({
var require_eq = __commonJS({
"node_modules/semver/functions/eq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var eq = (a, b, loose) => compare(a, b, loose) === 0;
var compare2 = require_compare();
var eq = (a, b, loose) => compare2(a, b, loose) === 0;
module2.exports = eq;
}
});
@@ -25214,8 +25214,8 @@ var require_eq = __commonJS({
var require_neq = __commonJS({
"node_modules/semver/functions/neq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var neq = (a, b, loose) => compare(a, b, loose) !== 0;
var compare2 = require_compare();
var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
module2.exports = neq;
}
});
@@ -25224,8 +25224,8 @@ var require_neq = __commonJS({
var require_gte = __commonJS({
"node_modules/semver/functions/gte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gte5 = (a, b, loose) => compare(a, b, loose) >= 0;
var compare2 = require_compare();
var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
module2.exports = gte5;
}
});
@@ -25234,8 +25234,8 @@ var require_gte = __commonJS({
var require_lte = __commonJS({
"node_modules/semver/functions/lte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lte = (a, b, loose) => compare(a, b, loose) <= 0;
var compare2 = require_compare();
var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
module2.exports = lte;
}
});
@@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({
"node_modules/semver/ranges/simplify.js"(exports2, module2) {
"use strict";
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
module2.exports = (versions, range, options) => {
const set2 = [];
let first = null;
let prev = null;
const v = versions.sort((a, b) => compare(a, b, options));
const v = versions.sort((a, b) => compare2(a, b, options));
for (const version of v) {
const included = satisfies2(version, range, options);
if (included) {
@@ -26184,7 +26184,7 @@ var require_subset = __commonJS({
var Comparator = require_comparator();
var { ANY } = Comparator;
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
var subset = (sub, dom, options = {}) => {
if (sub === dom) {
return true;
@@ -26244,7 +26244,7 @@ var require_subset = __commonJS({
}
let gtltComp;
if (gt && lt) {
gtltComp = compare(gt.semver, lt.semver, options);
gtltComp = compare2(gt.semver, lt.semver, options);
if (gtltComp > 0) {
return null;
} else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) {
@@ -26324,14 +26324,14 @@ var require_subset = __commonJS({
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
};
var lowerLT = (a, b, options) => {
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
};
module2.exports = subset;
@@ -26355,7 +26355,7 @@ var require_semver2 = __commonJS({
var minor = require_minor();
var patch = require_patch();
var prerelease = require_prerelease();
var compare = require_compare();
var compare2 = require_compare();
var rcompare = require_rcompare();
var compareLoose = require_compare_loose();
var compareBuild = require_compare_build();
@@ -26393,7 +26393,7 @@ var require_semver2 = __commonJS({
minor,
patch,
prerelease,
compare,
compare: compare2,
rcompare,
compareLoose,
compareBuild,
@@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({
function patch(a, loose) {
return new SemVer(a, loose).patch;
}
exports2.compare = compare;
function compare(a, b, loose) {
exports2.compare = compare2;
function compare2(a, b, loose) {
return new SemVer(a, loose).compare(new SemVer(b, loose));
}
exports2.compareLoose = compareLoose;
function compareLoose(a, b) {
return compare(a, b, true);
return compare2(a, b, true);
}
exports2.compareBuild = compareBuild;
function compareBuild(a, b, loose) {
@@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({
}
exports2.rcompare = rcompare;
function rcompare(a, b, loose) {
return compare(b, a, loose);
return compare2(b, a, loose);
}
exports2.sort = sort;
function sort(list, loose) {
@@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({
}
exports2.gt = gt;
function gt(a, b, loose) {
return compare(a, b, loose) > 0;
return compare2(a, b, loose) > 0;
}
exports2.lt = lt;
function lt(a, b, loose) {
return compare(a, b, loose) < 0;
return compare2(a, b, loose) < 0;
}
exports2.eq = eq;
function eq(a, b, loose) {
return compare(a, b, loose) === 0;
return compare2(a, b, loose) === 0;
}
exports2.neq = neq;
function neq(a, b, loose) {
return compare(a, b, loose) !== 0;
return compare2(a, b, loose) !== 0;
}
exports2.gte = gte5;
function gte5(a, b, loose) {
return compare(a, b, loose) >= 0;
return compare2(a, b, loose) >= 0;
}
exports2.lte = lte;
function lte(a, b, loose) {
return compare(a, b, loose) <= 0;
return compare2(a, b, loose) <= 0;
}
exports2.cmp = cmp;
function cmp(a, op, b, loose) {
@@ -95823,8 +95823,8 @@ var require_commonjs16 = __commonJS({
if (rootPath === this.root.name) {
return this.root;
}
for (const [compare, root] of Object.entries(this.roots)) {
if (this.sameRoot(rootPath, compare)) {
for (const [compare2, root] of Object.entries(this.roots)) {
if (this.sameRoot(rootPath, compare2)) {
return this.roots[rootPath] = root;
}
}
@@ -95833,9 +95833,9 @@ var require_commonjs16 = __commonJS({
/**
* @internal
*/
sameRoot(rootPath, compare = this.root.name) {
sameRoot(rootPath, compare2 = this.root.name) {
rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\");
return rootPath === compare;
return rootPath === compare2;
}
};
exports2.PathWin32 = PathWin32;
@@ -99854,7 +99854,7 @@ var require_b4a = __commonJS({
function byteLength(string, encoding) {
return Buffer.byteLength(string, encoding);
}
function compare(a, b) {
function compare2(a, b) {
return Buffer.compare(a, b);
}
function concat(buffers, totalLength) {
@@ -99955,7 +99955,7 @@ var require_b4a = __commonJS({
allocUnsafe,
allocUnsafeSlow,
byteLength,
compare,
compare: compare2,
concat,
copy,
equals,

135
lib/analyze-action.js generated
View File

@@ -25039,7 +25039,7 @@ var require_to_regex_range = __commonJS({
stop = countZeros(max + 1, zeros) - 1;
}
stops = [...stops];
stops.sort(compare2);
stops.sort(compare3);
return stops;
}
function rangeToPattern(start, stop, options) {
@@ -25111,7 +25111,7 @@ var require_to_regex_range = __commonJS({
for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]);
return arr;
}
function compare2(a, b) {
function compare3(a, b) {
return a > b ? 1 : b > a ? -1 : 0;
}
function contains(arr, key, val2) {
@@ -30970,8 +30970,8 @@ var require_compare = __commonJS({
"node_modules/semver/functions/compare.js"(exports2, module2) {
"use strict";
var SemVer = require_semver();
var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare2;
var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare3;
}
});
@@ -30979,8 +30979,8 @@ var require_compare = __commonJS({
var require_rcompare = __commonJS({
"node_modules/semver/functions/rcompare.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var rcompare = (a, b, loose) => compare2(b, a, loose);
var compare3 = require_compare();
var rcompare = (a, b, loose) => compare3(b, a, loose);
module2.exports = rcompare;
}
});
@@ -30989,8 +30989,8 @@ var require_rcompare = __commonJS({
var require_compare_loose = __commonJS({
"node_modules/semver/functions/compare-loose.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var compareLoose = (a, b) => compare2(a, b, true);
var compare3 = require_compare();
var compareLoose = (a, b) => compare3(a, b, true);
module2.exports = compareLoose;
}
});
@@ -31033,8 +31033,8 @@ var require_rsort = __commonJS({
var require_gt = __commonJS({
"node_modules/semver/functions/gt.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var gt = (a, b, loose) => compare2(a, b, loose) > 0;
var compare3 = require_compare();
var gt = (a, b, loose) => compare3(a, b, loose) > 0;
module2.exports = gt;
}
});
@@ -31043,8 +31043,8 @@ var require_gt = __commonJS({
var require_lt = __commonJS({
"node_modules/semver/functions/lt.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var lt = (a, b, loose) => compare2(a, b, loose) < 0;
var compare3 = require_compare();
var lt = (a, b, loose) => compare3(a, b, loose) < 0;
module2.exports = lt;
}
});
@@ -31053,8 +31053,8 @@ var require_lt = __commonJS({
var require_eq = __commonJS({
"node_modules/semver/functions/eq.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var eq = (a, b, loose) => compare2(a, b, loose) === 0;
var compare3 = require_compare();
var eq = (a, b, loose) => compare3(a, b, loose) === 0;
module2.exports = eq;
}
});
@@ -31063,8 +31063,8 @@ var require_eq = __commonJS({
var require_neq = __commonJS({
"node_modules/semver/functions/neq.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
var compare3 = require_compare();
var neq = (a, b, loose) => compare3(a, b, loose) !== 0;
module2.exports = neq;
}
});
@@ -31073,8 +31073,8 @@ var require_neq = __commonJS({
var require_gte = __commonJS({
"node_modules/semver/functions/gte.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
var compare3 = require_compare();
var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0;
module2.exports = gte5;
}
});
@@ -31083,8 +31083,8 @@ var require_gte = __commonJS({
var require_lte = __commonJS({
"node_modules/semver/functions/lte.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
var compare3 = require_compare();
var lte = (a, b, loose) => compare3(a, b, loose) <= 0;
module2.exports = lte;
}
});
@@ -31980,12 +31980,12 @@ var require_simplify = __commonJS({
"node_modules/semver/ranges/simplify.js"(exports2, module2) {
"use strict";
var satisfies2 = require_satisfies();
var compare2 = require_compare();
var compare3 = require_compare();
module2.exports = (versions, range, options) => {
const set2 = [];
let first = null;
let prev = null;
const v = versions.sort((a, b) => compare2(a, b, options));
const v = versions.sort((a, b) => compare3(a, b, options));
for (const version of v) {
const included = satisfies2(version, range, options);
if (included) {
@@ -32033,7 +32033,7 @@ var require_subset = __commonJS({
var Comparator = require_comparator();
var { ANY } = Comparator;
var satisfies2 = require_satisfies();
var compare2 = require_compare();
var compare3 = require_compare();
var subset = (sub, dom, options = {}) => {
if (sub === dom) {
return true;
@@ -32093,7 +32093,7 @@ var require_subset = __commonJS({
}
let gtltComp;
if (gt && lt) {
gtltComp = compare2(gt.semver, lt.semver, options);
gtltComp = compare3(gt.semver, lt.semver, options);
if (gtltComp > 0) {
return null;
} else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) {
@@ -32173,14 +32173,14 @@ var require_subset = __commonJS({
if (!a) {
return b;
}
const comp = compare2(a.semver, b.semver, options);
const comp = compare3(a.semver, b.semver, options);
return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
};
var lowerLT = (a, b, options) => {
if (!a) {
return b;
}
const comp = compare2(a.semver, b.semver, options);
const comp = compare3(a.semver, b.semver, options);
return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
};
module2.exports = subset;
@@ -32204,7 +32204,7 @@ var require_semver2 = __commonJS({
var minor = require_minor();
var patch = require_patch();
var prerelease = require_prerelease();
var compare2 = require_compare();
var compare3 = require_compare();
var rcompare = require_rcompare();
var compareLoose = require_compare_loose();
var compareBuild = require_compare_build();
@@ -32242,7 +32242,7 @@ var require_semver2 = __commonJS({
minor,
patch,
prerelease,
compare: compare2,
compare: compare3,
rcompare,
compareLoose,
compareBuild,
@@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({
function patch(a, loose) {
return new SemVer(a, loose).patch;
}
exports2.compare = compare2;
function compare2(a, b, loose) {
exports2.compare = compare3;
function compare3(a, b, loose) {
return new SemVer(a, loose).compare(new SemVer(b, loose));
}
exports2.compareLoose = compareLoose;
function compareLoose(a, b) {
return compare2(a, b, true);
return compare3(a, b, true);
}
exports2.compareBuild = compareBuild;
function compareBuild(a, b, loose) {
@@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({
}
exports2.rcompare = rcompare;
function rcompare(a, b, loose) {
return compare2(b, a, loose);
return compare3(b, a, loose);
}
exports2.sort = sort;
function sort(list, loose) {
@@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({
}
exports2.gt = gt;
function gt(a, b, loose) {
return compare2(a, b, loose) > 0;
return compare3(a, b, loose) > 0;
}
exports2.lt = lt;
function lt(a, b, loose) {
return compare2(a, b, loose) < 0;
return compare3(a, b, loose) < 0;
}
exports2.eq = eq;
function eq(a, b, loose) {
return compare2(a, b, loose) === 0;
return compare3(a, b, loose) === 0;
}
exports2.neq = neq;
function neq(a, b, loose) {
return compare2(a, b, loose) !== 0;
return compare3(a, b, loose) !== 0;
}
exports2.gte = gte5;
function gte5(a, b, loose) {
return compare2(a, b, loose) >= 0;
return compare3(a, b, loose) >= 0;
}
exports2.lte = lte;
function lte(a, b, loose) {
return compare2(a, b, loose) <= 0;
return compare3(a, b, loose) <= 0;
}
exports2.cmp = cmp;
function cmp(a, op, b, loose) {
@@ -90042,9 +90042,12 @@ function getWorkflowRunAttempt() {
function isSelfHostedRunner() {
return process.env.RUNNER_ENVIRONMENT === "self-hosted";
}
function isDefaultSetup() {
function isDynamicWorkflow() {
return getWorkflowEventName() === "dynamic";
}
function isDefaultSetup() {
return isDynamicWorkflow();
}
function prettyPrintInvocation(cmd, args) {
return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" ");
}
@@ -92114,6 +92117,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing";
var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies";
var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"];
var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"];
var CODEQL_TOOLCACHE_INPUT = "toolcache";
function getCodeQLBundleExtension(compressionMethod) {
switch (compressionMethod) {
case "gzip":
@@ -92292,6 +92296,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
"`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required."
);
}
} else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) {
let latestToolcacheVersion;
const allowToolcacheValue = isDynamicWorkflow() || isInTestMode();
if (allowToolcacheValue) {
logger.info(
`Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`
);
latestToolcacheVersion = getLatestToolcacheVersion(logger);
if (latestToolcacheVersion) {
cliVersion2 = latestToolcacheVersion;
}
}
if (latestToolcacheVersion === void 0) {
if (allowToolcacheValue) {
logger.info(
`Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`
);
} else {
logger.warning(
`Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`
);
}
cliVersion2 = defaultCliVersion.cliVersion;
tagName = defaultCliVersion.tagName;
}
} else if (toolsInput !== void 0) {
tagName = tryGetTagNameFromUrl(toolsInput, logger);
url2 = toolsInput;
@@ -92598,8 +92627,24 @@ async function getNightlyToolsUrl(logger) {
);
}
}
function getLatestToolcacheVersion(logger) {
const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a));
logger.debug(
`Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify(
allVersions
)}.`
);
if (allVersions.length > 0) {
const latestToolcacheVersion = allVersions[0];
logger.info(
`CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`
);
return latestToolcacheVersion;
}
return void 0;
}
function isReservedToolsValue(tools) {
return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools);
return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT;
}
// src/tracer-config.ts
@@ -94767,7 +94812,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) {
};
LongPrototype.gte = LongPrototype.greaterThanOrEqual;
LongPrototype.ge = LongPrototype.greaterThanOrEqual;
LongPrototype.compare = function compare(other) {
LongPrototype.compare = function compare2(other) {
if (!isLong(other)) other = fromValue(other);
if (this.eq(other)) return 0;
var thisNeg = this.isNegative(), otherNeg = other.isNegative();
@@ -95533,12 +95578,12 @@ function getAutomationID2(category, analysis_key, environment) {
}
return computeAutomationID(analysis_key, environment);
}
async function uploadPayload(payload, repositoryNwo, logger, target) {
async function uploadPayload(payload, repositoryNwo, logger, analysis) {
logger.info("Uploading results");
if (shouldSkipSarifUpload()) {
const payloadSaveFile = path18.join(
getTemporaryDirectory(),
"payload.json"
`payload-${analysis.kind}.json`
);
logger.info(
`SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`
@@ -95549,7 +95594,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) {
}
const client = getApiClient();
try {
const response = await client.request(target, {
const response = await client.request(analysis.target, {
owner: repositoryNwo.owner,
repo: repositoryNwo.repo,
data: payload
@@ -95783,7 +95828,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
payload,
getRepositoryNwo(),
logger,
uploadTarget.target
uploadTarget
);
logger.endGroup();
return {

72
lib/autobuild-action.js generated
View File

@@ -25121,8 +25121,8 @@ var require_compare = __commonJS({
"node_modules/semver/functions/compare.js"(exports2, module2) {
"use strict";
var SemVer = require_semver();
var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare;
var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare2;
}
});
@@ -25130,8 +25130,8 @@ var require_compare = __commonJS({
var require_rcompare = __commonJS({
"node_modules/semver/functions/rcompare.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var rcompare = (a, b, loose) => compare(b, a, loose);
var compare2 = require_compare();
var rcompare = (a, b, loose) => compare2(b, a, loose);
module2.exports = rcompare;
}
});
@@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({
var require_compare_loose = __commonJS({
"node_modules/semver/functions/compare-loose.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var compareLoose = (a, b) => compare(a, b, true);
var compare2 = require_compare();
var compareLoose = (a, b) => compare2(a, b, true);
module2.exports = compareLoose;
}
});
@@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({
var require_gt = __commonJS({
"node_modules/semver/functions/gt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gt = (a, b, loose) => compare(a, b, loose) > 0;
var compare2 = require_compare();
var gt = (a, b, loose) => compare2(a, b, loose) > 0;
module2.exports = gt;
}
});
@@ -25194,8 +25194,8 @@ var require_gt = __commonJS({
var require_lt = __commonJS({
"node_modules/semver/functions/lt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lt = (a, b, loose) => compare(a, b, loose) < 0;
var compare2 = require_compare();
var lt = (a, b, loose) => compare2(a, b, loose) < 0;
module2.exports = lt;
}
});
@@ -25204,8 +25204,8 @@ var require_lt = __commonJS({
var require_eq = __commonJS({
"node_modules/semver/functions/eq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var eq = (a, b, loose) => compare(a, b, loose) === 0;
var compare2 = require_compare();
var eq = (a, b, loose) => compare2(a, b, loose) === 0;
module2.exports = eq;
}
});
@@ -25214,8 +25214,8 @@ var require_eq = __commonJS({
var require_neq = __commonJS({
"node_modules/semver/functions/neq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var neq = (a, b, loose) => compare(a, b, loose) !== 0;
var compare2 = require_compare();
var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
module2.exports = neq;
}
});
@@ -25224,8 +25224,8 @@ var require_neq = __commonJS({
var require_gte = __commonJS({
"node_modules/semver/functions/gte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gte5 = (a, b, loose) => compare(a, b, loose) >= 0;
var compare2 = require_compare();
var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
module2.exports = gte5;
}
});
@@ -25234,8 +25234,8 @@ var require_gte = __commonJS({
var require_lte = __commonJS({
"node_modules/semver/functions/lte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lte = (a, b, loose) => compare(a, b, loose) <= 0;
var compare2 = require_compare();
var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
module2.exports = lte;
}
});
@@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({
"node_modules/semver/ranges/simplify.js"(exports2, module2) {
"use strict";
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
module2.exports = (versions, range, options) => {
const set2 = [];
let first = null;
let prev = null;
const v = versions.sort((a, b) => compare(a, b, options));
const v = versions.sort((a, b) => compare2(a, b, options));
for (const version of v) {
const included = satisfies2(version, range, options);
if (included) {
@@ -26184,7 +26184,7 @@ var require_subset = __commonJS({
var Comparator = require_comparator();
var { ANY } = Comparator;
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
var subset = (sub, dom, options = {}) => {
if (sub === dom) {
return true;
@@ -26244,7 +26244,7 @@ var require_subset = __commonJS({
}
let gtltComp;
if (gt && lt) {
gtltComp = compare(gt.semver, lt.semver, options);
gtltComp = compare2(gt.semver, lt.semver, options);
if (gtltComp > 0) {
return null;
} else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) {
@@ -26324,14 +26324,14 @@ var require_subset = __commonJS({
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
};
var lowerLT = (a, b, options) => {
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
};
module2.exports = subset;
@@ -26355,7 +26355,7 @@ var require_semver2 = __commonJS({
var minor = require_minor();
var patch = require_patch();
var prerelease = require_prerelease();
var compare = require_compare();
var compare2 = require_compare();
var rcompare = require_rcompare();
var compareLoose = require_compare_loose();
var compareBuild = require_compare_build();
@@ -26393,7 +26393,7 @@ var require_semver2 = __commonJS({
minor,
patch,
prerelease,
compare,
compare: compare2,
rcompare,
compareLoose,
compareBuild,
@@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({
function patch(a, loose) {
return new SemVer(a, loose).patch;
}
exports2.compare = compare;
function compare(a, b, loose) {
exports2.compare = compare2;
function compare2(a, b, loose) {
return new SemVer(a, loose).compare(new SemVer(b, loose));
}
exports2.compareLoose = compareLoose;
function compareLoose(a, b) {
return compare(a, b, true);
return compare2(a, b, true);
}
exports2.compareBuild = compareBuild;
function compareBuild(a, b, loose) {
@@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({
}
exports2.rcompare = rcompare;
function rcompare(a, b, loose) {
return compare(b, a, loose);
return compare2(b, a, loose);
}
exports2.sort = sort;
function sort(list, loose) {
@@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({
}
exports2.gt = gt;
function gt(a, b, loose) {
return compare(a, b, loose) > 0;
return compare2(a, b, loose) > 0;
}
exports2.lt = lt;
function lt(a, b, loose) {
return compare(a, b, loose) < 0;
return compare2(a, b, loose) < 0;
}
exports2.eq = eq;
function eq(a, b, loose) {
return compare(a, b, loose) === 0;
return compare2(a, b, loose) === 0;
}
exports2.neq = neq;
function neq(a, b, loose) {
return compare(a, b, loose) !== 0;
return compare2(a, b, loose) !== 0;
}
exports2.gte = gte5;
function gte5(a, b, loose) {
return compare(a, b, loose) >= 0;
return compare2(a, b, loose) >= 0;
}
exports2.lte = lte;
function lte(a, b, loose) {
return compare(a, b, loose) <= 0;
return compare2(a, b, loose) <= 0;
}
exports2.cmp = cmp;
function cmp(a, op, b, loose) {

147
lib/init-action-post.js generated
View File

@@ -25039,7 +25039,7 @@ var require_to_regex_range = __commonJS({
stop = countZeros(max + 1, zeros) - 1;
}
stops = [...stops];
stops.sort(compare2);
stops.sort(compare3);
return stops;
}
function rangeToPattern(start, stop, options) {
@@ -25111,7 +25111,7 @@ var require_to_regex_range = __commonJS({
for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]);
return arr;
}
function compare2(a, b) {
function compare3(a, b) {
return a > b ? 1 : b > a ? -1 : 0;
}
function contains(arr, key, val2) {
@@ -30970,8 +30970,8 @@ var require_compare = __commonJS({
"node_modules/semver/functions/compare.js"(exports2, module2) {
"use strict";
var SemVer = require_semver();
var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare2;
var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare3;
}
});
@@ -30979,8 +30979,8 @@ var require_compare = __commonJS({
var require_rcompare = __commonJS({
"node_modules/semver/functions/rcompare.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var rcompare = (a, b, loose) => compare2(b, a, loose);
var compare3 = require_compare();
var rcompare = (a, b, loose) => compare3(b, a, loose);
module2.exports = rcompare;
}
});
@@ -30989,8 +30989,8 @@ var require_rcompare = __commonJS({
var require_compare_loose = __commonJS({
"node_modules/semver/functions/compare-loose.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var compareLoose = (a, b) => compare2(a, b, true);
var compare3 = require_compare();
var compareLoose = (a, b) => compare3(a, b, true);
module2.exports = compareLoose;
}
});
@@ -31033,8 +31033,8 @@ var require_rsort = __commonJS({
var require_gt = __commonJS({
"node_modules/semver/functions/gt.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var gt = (a, b, loose) => compare2(a, b, loose) > 0;
var compare3 = require_compare();
var gt = (a, b, loose) => compare3(a, b, loose) > 0;
module2.exports = gt;
}
});
@@ -31043,8 +31043,8 @@ var require_gt = __commonJS({
var require_lt = __commonJS({
"node_modules/semver/functions/lt.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var lt = (a, b, loose) => compare2(a, b, loose) < 0;
var compare3 = require_compare();
var lt = (a, b, loose) => compare3(a, b, loose) < 0;
module2.exports = lt;
}
});
@@ -31053,8 +31053,8 @@ var require_lt = __commonJS({
var require_eq = __commonJS({
"node_modules/semver/functions/eq.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var eq = (a, b, loose) => compare2(a, b, loose) === 0;
var compare3 = require_compare();
var eq = (a, b, loose) => compare3(a, b, loose) === 0;
module2.exports = eq;
}
});
@@ -31063,8 +31063,8 @@ var require_eq = __commonJS({
var require_neq = __commonJS({
"node_modules/semver/functions/neq.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
var compare3 = require_compare();
var neq = (a, b, loose) => compare3(a, b, loose) !== 0;
module2.exports = neq;
}
});
@@ -31073,8 +31073,8 @@ var require_neq = __commonJS({
var require_gte = __commonJS({
"node_modules/semver/functions/gte.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
var compare3 = require_compare();
var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0;
module2.exports = gte5;
}
});
@@ -31083,8 +31083,8 @@ var require_gte = __commonJS({
var require_lte = __commonJS({
"node_modules/semver/functions/lte.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
var compare3 = require_compare();
var lte = (a, b, loose) => compare3(a, b, loose) <= 0;
module2.exports = lte;
}
});
@@ -31980,12 +31980,12 @@ var require_simplify = __commonJS({
"node_modules/semver/ranges/simplify.js"(exports2, module2) {
"use strict";
var satisfies2 = require_satisfies();
var compare2 = require_compare();
var compare3 = require_compare();
module2.exports = (versions, range, options) => {
const set2 = [];
let first = null;
let prev = null;
const v = versions.sort((a, b) => compare2(a, b, options));
const v = versions.sort((a, b) => compare3(a, b, options));
for (const version of v) {
const included = satisfies2(version, range, options);
if (included) {
@@ -32033,7 +32033,7 @@ var require_subset = __commonJS({
var Comparator = require_comparator();
var { ANY } = Comparator;
var satisfies2 = require_satisfies();
var compare2 = require_compare();
var compare3 = require_compare();
var subset = (sub, dom, options = {}) => {
if (sub === dom) {
return true;
@@ -32093,7 +32093,7 @@ var require_subset = __commonJS({
}
let gtltComp;
if (gt && lt) {
gtltComp = compare2(gt.semver, lt.semver, options);
gtltComp = compare3(gt.semver, lt.semver, options);
if (gtltComp > 0) {
return null;
} else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) {
@@ -32173,14 +32173,14 @@ var require_subset = __commonJS({
if (!a) {
return b;
}
const comp = compare2(a.semver, b.semver, options);
const comp = compare3(a.semver, b.semver, options);
return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
};
var lowerLT = (a, b, options) => {
if (!a) {
return b;
}
const comp = compare2(a.semver, b.semver, options);
const comp = compare3(a.semver, b.semver, options);
return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
};
module2.exports = subset;
@@ -32204,7 +32204,7 @@ var require_semver2 = __commonJS({
var minor = require_minor();
var patch = require_patch();
var prerelease = require_prerelease();
var compare2 = require_compare();
var compare3 = require_compare();
var rcompare = require_rcompare();
var compareLoose = require_compare_loose();
var compareBuild = require_compare_build();
@@ -32242,7 +32242,7 @@ var require_semver2 = __commonJS({
minor,
patch,
prerelease,
compare: compare2,
compare: compare3,
rcompare,
compareLoose,
compareBuild,
@@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({
function patch(a, loose) {
return new SemVer(a, loose).patch;
}
exports2.compare = compare2;
function compare2(a, b, loose) {
exports2.compare = compare3;
function compare3(a, b, loose) {
return new SemVer(a, loose).compare(new SemVer(b, loose));
}
exports2.compareLoose = compareLoose;
function compareLoose(a, b) {
return compare2(a, b, true);
return compare3(a, b, true);
}
exports2.compareBuild = compareBuild;
function compareBuild(a, b, loose) {
@@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({
}
exports2.rcompare = rcompare;
function rcompare(a, b, loose) {
return compare2(b, a, loose);
return compare3(b, a, loose);
}
exports2.sort = sort;
function sort(list, loose) {
@@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({
}
exports2.gt = gt;
function gt(a, b, loose) {
return compare2(a, b, loose) > 0;
return compare3(a, b, loose) > 0;
}
exports2.lt = lt;
function lt(a, b, loose) {
return compare2(a, b, loose) < 0;
return compare3(a, b, loose) < 0;
}
exports2.eq = eq;
function eq(a, b, loose) {
return compare2(a, b, loose) === 0;
return compare3(a, b, loose) === 0;
}
exports2.neq = neq;
function neq(a, b, loose) {
return compare2(a, b, loose) !== 0;
return compare3(a, b, loose) !== 0;
}
exports2.gte = gte5;
function gte5(a, b, loose) {
return compare2(a, b, loose) >= 0;
return compare3(a, b, loose) >= 0;
}
exports2.lte = lte;
function lte(a, b, loose) {
return compare2(a, b, loose) <= 0;
return compare3(a, b, loose) <= 0;
}
exports2.cmp = cmp;
function cmp(a, op, b, loose) {
@@ -101672,8 +101672,8 @@ var require_commonjs16 = __commonJS({
if (rootPath === this.root.name) {
return this.root;
}
for (const [compare2, root] of Object.entries(this.roots)) {
if (this.sameRoot(rootPath, compare2)) {
for (const [compare3, root] of Object.entries(this.roots)) {
if (this.sameRoot(rootPath, compare3)) {
return this.roots[rootPath] = root;
}
}
@@ -101682,9 +101682,9 @@ var require_commonjs16 = __commonJS({
/**
* @internal
*/
sameRoot(rootPath, compare2 = this.root.name) {
sameRoot(rootPath, compare3 = this.root.name) {
rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\");
return rootPath === compare2;
return rootPath === compare3;
}
};
exports2.PathWin32 = PathWin32;
@@ -105703,7 +105703,7 @@ var require_b4a = __commonJS({
function byteLength(string, encoding) {
return Buffer.byteLength(string, encoding);
}
function compare2(a, b) {
function compare3(a, b) {
return Buffer.compare(a, b);
}
function concat(buffers, totalLength) {
@@ -105804,7 +105804,7 @@ var require_b4a = __commonJS({
allocUnsafe,
allocUnsafeSlow,
byteLength,
compare: compare2,
compare: compare3,
concat,
copy,
equals: equals2,
@@ -128340,9 +128340,12 @@ function getWorkflowRunAttempt() {
function isSelfHostedRunner() {
return process.env.RUNNER_ENVIRONMENT === "self-hosted";
}
function isDefaultSetup() {
function isDynamicWorkflow() {
return getWorkflowEventName() === "dynamic";
}
function isDefaultSetup() {
return isDynamicWorkflow();
}
function prettyPrintInvocation(cmd, args) {
return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" ");
}
@@ -130096,6 +130099,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing";
var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies";
var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"];
var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"];
var CODEQL_TOOLCACHE_INPUT = "toolcache";
function getCodeQLBundleExtension(compressionMethod) {
switch (compressionMethod) {
case "gzip":
@@ -130274,6 +130278,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
"`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required."
);
}
} else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) {
let latestToolcacheVersion;
const allowToolcacheValue = isDynamicWorkflow() || isInTestMode();
if (allowToolcacheValue) {
logger.info(
`Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`
);
latestToolcacheVersion = getLatestToolcacheVersion(logger);
if (latestToolcacheVersion) {
cliVersion2 = latestToolcacheVersion;
}
}
if (latestToolcacheVersion === void 0) {
if (allowToolcacheValue) {
logger.info(
`Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`
);
} else {
logger.warning(
`Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`
);
}
cliVersion2 = defaultCliVersion.cliVersion;
tagName = defaultCliVersion.tagName;
}
} else if (toolsInput !== void 0) {
tagName = tryGetTagNameFromUrl(toolsInput, logger);
url2 = toolsInput;
@@ -130580,8 +130609,24 @@ async function getNightlyToolsUrl(logger) {
);
}
}
function getLatestToolcacheVersion(logger) {
const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a));
logger.debug(
`Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify(
allVersions
)}.`
);
if (allVersions.length > 0) {
const latestToolcacheVersion = allVersions[0];
logger.info(
`CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`
);
return latestToolcacheVersion;
}
return void 0;
}
function isReservedToolsValue(tools) {
return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools);
return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT;
}
// src/tracer-config.ts
@@ -132243,7 +132288,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) {
};
LongPrototype.gte = LongPrototype.greaterThanOrEqual;
LongPrototype.ge = LongPrototype.greaterThanOrEqual;
LongPrototype.compare = function compare(other) {
LongPrototype.compare = function compare2(other) {
if (!isLong(other)) other = fromValue(other);
if (this.eq(other)) return 0;
var thisNeg = this.isNegative(), otherNeg = other.isNegative();
@@ -133009,12 +133054,12 @@ function getAutomationID2(category, analysis_key, environment) {
}
return computeAutomationID(analysis_key, environment);
}
async function uploadPayload(payload, repositoryNwo, logger, target) {
async function uploadPayload(payload, repositoryNwo, logger, analysis) {
logger.info("Uploading results");
if (shouldSkipSarifUpload()) {
const payloadSaveFile = path17.join(
getTemporaryDirectory(),
"payload.json"
`payload-${analysis.kind}.json`
);
logger.info(
`SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`
@@ -133025,7 +133070,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) {
}
const client = getApiClient();
try {
const response = await client.request(target, {
const response = await client.request(analysis.target, {
owner: repositoryNwo.owner,
repo: repositoryNwo.repo,
data: payload
@@ -133259,7 +133304,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
payload,
getRepositoryNwo(),
logger,
uploadTarget.target
uploadTarget
);
logger.endGroup();
return {

125
lib/init-action.js generated
View File

@@ -20412,8 +20412,8 @@ var require_compare = __commonJS({
"node_modules/semver/functions/compare.js"(exports2, module2) {
"use strict";
var SemVer = require_semver();
var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare;
var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare2;
}
});
@@ -20421,8 +20421,8 @@ var require_compare = __commonJS({
var require_rcompare = __commonJS({
"node_modules/semver/functions/rcompare.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var rcompare = (a, b, loose) => compare(b, a, loose);
var compare2 = require_compare();
var rcompare = (a, b, loose) => compare2(b, a, loose);
module2.exports = rcompare;
}
});
@@ -20431,8 +20431,8 @@ var require_rcompare = __commonJS({
var require_compare_loose = __commonJS({
"node_modules/semver/functions/compare-loose.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var compareLoose = (a, b) => compare(a, b, true);
var compare2 = require_compare();
var compareLoose = (a, b) => compare2(a, b, true);
module2.exports = compareLoose;
}
});
@@ -20475,8 +20475,8 @@ var require_rsort = __commonJS({
var require_gt = __commonJS({
"node_modules/semver/functions/gt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gt = (a, b, loose) => compare(a, b, loose) > 0;
var compare2 = require_compare();
var gt = (a, b, loose) => compare2(a, b, loose) > 0;
module2.exports = gt;
}
});
@@ -20485,8 +20485,8 @@ var require_gt = __commonJS({
var require_lt = __commonJS({
"node_modules/semver/functions/lt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lt2 = (a, b, loose) => compare(a, b, loose) < 0;
var compare2 = require_compare();
var lt2 = (a, b, loose) => compare2(a, b, loose) < 0;
module2.exports = lt2;
}
});
@@ -20495,8 +20495,8 @@ var require_lt = __commonJS({
var require_eq = __commonJS({
"node_modules/semver/functions/eq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var eq = (a, b, loose) => compare(a, b, loose) === 0;
var compare2 = require_compare();
var eq = (a, b, loose) => compare2(a, b, loose) === 0;
module2.exports = eq;
}
});
@@ -20505,8 +20505,8 @@ var require_eq = __commonJS({
var require_neq = __commonJS({
"node_modules/semver/functions/neq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var neq = (a, b, loose) => compare(a, b, loose) !== 0;
var compare2 = require_compare();
var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
module2.exports = neq;
}
});
@@ -20515,8 +20515,8 @@ var require_neq = __commonJS({
var require_gte = __commonJS({
"node_modules/semver/functions/gte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gte5 = (a, b, loose) => compare(a, b, loose) >= 0;
var compare2 = require_compare();
var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
module2.exports = gte5;
}
});
@@ -20525,8 +20525,8 @@ var require_gte = __commonJS({
var require_lte = __commonJS({
"node_modules/semver/functions/lte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lte = (a, b, loose) => compare(a, b, loose) <= 0;
var compare2 = require_compare();
var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
module2.exports = lte;
}
});
@@ -21422,12 +21422,12 @@ var require_simplify = __commonJS({
"node_modules/semver/ranges/simplify.js"(exports2, module2) {
"use strict";
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
module2.exports = (versions, range, options) => {
const set2 = [];
let first = null;
let prev = null;
const v = versions.sort((a, b) => compare(a, b, options));
const v = versions.sort((a, b) => compare2(a, b, options));
for (const version of v) {
const included = satisfies2(version, range, options);
if (included) {
@@ -21475,7 +21475,7 @@ var require_subset = __commonJS({
var Comparator = require_comparator();
var { ANY } = Comparator;
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
var subset = (sub, dom, options = {}) => {
if (sub === dom) {
return true;
@@ -21535,7 +21535,7 @@ var require_subset = __commonJS({
}
let gtltComp;
if (gt && lt2) {
gtltComp = compare(gt.semver, lt2.semver, options);
gtltComp = compare2(gt.semver, lt2.semver, options);
if (gtltComp > 0) {
return null;
} else if (gtltComp === 0 && (gt.operator !== ">=" || lt2.operator !== "<=")) {
@@ -21615,14 +21615,14 @@ var require_subset = __commonJS({
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
};
var lowerLT = (a, b, options) => {
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
};
module2.exports = subset;
@@ -21646,7 +21646,7 @@ var require_semver2 = __commonJS({
var minor = require_minor();
var patch = require_patch();
var prerelease = require_prerelease();
var compare = require_compare();
var compare2 = require_compare();
var rcompare = require_rcompare();
var compareLoose = require_compare_loose();
var compareBuild = require_compare_build();
@@ -21684,7 +21684,7 @@ var require_semver2 = __commonJS({
minor,
patch,
prerelease,
compare,
compare: compare2,
rcompare,
compareLoose,
compareBuild,
@@ -26947,7 +26947,7 @@ var require_to_regex_range = __commonJS({
stop = countZeros(max + 1, zeros) - 1;
}
stops = [...stops];
stops.sort(compare);
stops.sort(compare2);
return stops;
}
function rangeToPattern(start, stop, options) {
@@ -27019,7 +27019,7 @@ var require_to_regex_range = __commonJS({
for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]);
return arr;
}
function compare(a, b) {
function compare2(a, b) {
return a > b ? 1 : b > a ? -1 : 0;
}
function contains(arr, key, val2) {
@@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({
function patch(a, loose) {
return new SemVer(a, loose).patch;
}
exports2.compare = compare;
function compare(a, b, loose) {
exports2.compare = compare2;
function compare2(a, b, loose) {
return new SemVer(a, loose).compare(new SemVer(b, loose));
}
exports2.compareLoose = compareLoose;
function compareLoose(a, b) {
return compare(a, b, true);
return compare2(a, b, true);
}
exports2.compareBuild = compareBuild;
function compareBuild(a, b, loose) {
@@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({
}
exports2.rcompare = rcompare;
function rcompare(a, b, loose) {
return compare(b, a, loose);
return compare2(b, a, loose);
}
exports2.sort = sort;
function sort(list, loose) {
@@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({
}
exports2.gt = gt;
function gt(a, b, loose) {
return compare(a, b, loose) > 0;
return compare2(a, b, loose) > 0;
}
exports2.lt = lt2;
function lt2(a, b, loose) {
return compare(a, b, loose) < 0;
return compare2(a, b, loose) < 0;
}
exports2.eq = eq;
function eq(a, b, loose) {
return compare(a, b, loose) === 0;
return compare2(a, b, loose) === 0;
}
exports2.neq = neq;
function neq(a, b, loose) {
return compare(a, b, loose) !== 0;
return compare2(a, b, loose) !== 0;
}
exports2.gte = gte5;
function gte5(a, b, loose) {
return compare(a, b, loose) >= 0;
return compare2(a, b, loose) >= 0;
}
exports2.lte = lte;
function lte(a, b, loose) {
return compare(a, b, loose) <= 0;
return compare2(a, b, loose) <= 0;
}
exports2.cmp = cmp;
function cmp(a, op, b, loose) {
@@ -85943,9 +85943,12 @@ var getFileType = async (filePath) => {
function isSelfHostedRunner() {
return process.env.RUNNER_ENVIRONMENT === "self-hosted";
}
function isDefaultSetup() {
function isDynamicWorkflow() {
return getWorkflowEventName() === "dynamic";
}
function isDefaultSetup() {
return isDynamicWorkflow();
}
function prettyPrintInvocation(cmd, args) {
return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" ");
}
@@ -88886,6 +88889,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing";
var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies";
var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"];
var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"];
var CODEQL_TOOLCACHE_INPUT = "toolcache";
function getCodeQLBundleExtension(compressionMethod) {
switch (compressionMethod) {
case "gzip":
@@ -89064,6 +89068,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
"`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required."
);
}
} else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) {
let latestToolcacheVersion;
const allowToolcacheValue = isDynamicWorkflow() || isInTestMode();
if (allowToolcacheValue) {
logger.info(
`Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`
);
latestToolcacheVersion = getLatestToolcacheVersion(logger);
if (latestToolcacheVersion) {
cliVersion2 = latestToolcacheVersion;
}
}
if (latestToolcacheVersion === void 0) {
if (allowToolcacheValue) {
logger.info(
`Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`
);
} else {
logger.warning(
`Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`
);
}
cliVersion2 = defaultCliVersion.cliVersion;
tagName = defaultCliVersion.tagName;
}
} else if (toolsInput !== void 0) {
tagName = tryGetTagNameFromUrl(toolsInput, logger);
url = toolsInput;
@@ -89370,8 +89399,24 @@ async function getNightlyToolsUrl(logger) {
);
}
}
function getLatestToolcacheVersion(logger) {
const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a));
logger.debug(
`Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify(
allVersions
)}.`
);
if (allVersions.length > 0) {
const latestToolcacheVersion = allVersions[0];
logger.info(
`CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`
);
return latestToolcacheVersion;
}
return void 0;
}
function isReservedToolsValue(tools) {
return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools);
return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT;
}
// src/tracer-config.ts

72
lib/resolve-environment-action.js generated
View File

@@ -25121,8 +25121,8 @@ var require_compare = __commonJS({
"node_modules/semver/functions/compare.js"(exports2, module2) {
"use strict";
var SemVer = require_semver();
var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare;
var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare2;
}
});
@@ -25130,8 +25130,8 @@ var require_compare = __commonJS({
var require_rcompare = __commonJS({
"node_modules/semver/functions/rcompare.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var rcompare = (a, b, loose) => compare(b, a, loose);
var compare2 = require_compare();
var rcompare = (a, b, loose) => compare2(b, a, loose);
module2.exports = rcompare;
}
});
@@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({
var require_compare_loose = __commonJS({
"node_modules/semver/functions/compare-loose.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var compareLoose = (a, b) => compare(a, b, true);
var compare2 = require_compare();
var compareLoose = (a, b) => compare2(a, b, true);
module2.exports = compareLoose;
}
});
@@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({
var require_gt = __commonJS({
"node_modules/semver/functions/gt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gt = (a, b, loose) => compare(a, b, loose) > 0;
var compare2 = require_compare();
var gt = (a, b, loose) => compare2(a, b, loose) > 0;
module2.exports = gt;
}
});
@@ -25194,8 +25194,8 @@ var require_gt = __commonJS({
var require_lt = __commonJS({
"node_modules/semver/functions/lt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lt = (a, b, loose) => compare(a, b, loose) < 0;
var compare2 = require_compare();
var lt = (a, b, loose) => compare2(a, b, loose) < 0;
module2.exports = lt;
}
});
@@ -25204,8 +25204,8 @@ var require_lt = __commonJS({
var require_eq = __commonJS({
"node_modules/semver/functions/eq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var eq = (a, b, loose) => compare(a, b, loose) === 0;
var compare2 = require_compare();
var eq = (a, b, loose) => compare2(a, b, loose) === 0;
module2.exports = eq;
}
});
@@ -25214,8 +25214,8 @@ var require_eq = __commonJS({
var require_neq = __commonJS({
"node_modules/semver/functions/neq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var neq = (a, b, loose) => compare(a, b, loose) !== 0;
var compare2 = require_compare();
var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
module2.exports = neq;
}
});
@@ -25224,8 +25224,8 @@ var require_neq = __commonJS({
var require_gte = __commonJS({
"node_modules/semver/functions/gte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gte5 = (a, b, loose) => compare(a, b, loose) >= 0;
var compare2 = require_compare();
var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
module2.exports = gte5;
}
});
@@ -25234,8 +25234,8 @@ var require_gte = __commonJS({
var require_lte = __commonJS({
"node_modules/semver/functions/lte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lte = (a, b, loose) => compare(a, b, loose) <= 0;
var compare2 = require_compare();
var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
module2.exports = lte;
}
});
@@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({
"node_modules/semver/ranges/simplify.js"(exports2, module2) {
"use strict";
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
module2.exports = (versions, range, options) => {
const set2 = [];
let first = null;
let prev = null;
const v = versions.sort((a, b) => compare(a, b, options));
const v = versions.sort((a, b) => compare2(a, b, options));
for (const version of v) {
const included = satisfies2(version, range, options);
if (included) {
@@ -26184,7 +26184,7 @@ var require_subset = __commonJS({
var Comparator = require_comparator();
var { ANY } = Comparator;
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
var subset = (sub, dom, options = {}) => {
if (sub === dom) {
return true;
@@ -26244,7 +26244,7 @@ var require_subset = __commonJS({
}
let gtltComp;
if (gt && lt) {
gtltComp = compare(gt.semver, lt.semver, options);
gtltComp = compare2(gt.semver, lt.semver, options);
if (gtltComp > 0) {
return null;
} else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) {
@@ -26324,14 +26324,14 @@ var require_subset = __commonJS({
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
};
var lowerLT = (a, b, options) => {
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
};
module2.exports = subset;
@@ -26355,7 +26355,7 @@ var require_semver2 = __commonJS({
var minor = require_minor();
var patch = require_patch();
var prerelease = require_prerelease();
var compare = require_compare();
var compare2 = require_compare();
var rcompare = require_rcompare();
var compareLoose = require_compare_loose();
var compareBuild = require_compare_build();
@@ -26393,7 +26393,7 @@ var require_semver2 = __commonJS({
minor,
patch,
prerelease,
compare,
compare: compare2,
rcompare,
compareLoose,
compareBuild,
@@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({
function patch(a, loose) {
return new SemVer(a, loose).patch;
}
exports2.compare = compare;
function compare(a, b, loose) {
exports2.compare = compare2;
function compare2(a, b, loose) {
return new SemVer(a, loose).compare(new SemVer(b, loose));
}
exports2.compareLoose = compareLoose;
function compareLoose(a, b) {
return compare(a, b, true);
return compare2(a, b, true);
}
exports2.compareBuild = compareBuild;
function compareBuild(a, b, loose) {
@@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({
}
exports2.rcompare = rcompare;
function rcompare(a, b, loose) {
return compare(b, a, loose);
return compare2(b, a, loose);
}
exports2.sort = sort;
function sort(list, loose) {
@@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({
}
exports2.gt = gt;
function gt(a, b, loose) {
return compare(a, b, loose) > 0;
return compare2(a, b, loose) > 0;
}
exports2.lt = lt;
function lt(a, b, loose) {
return compare(a, b, loose) < 0;
return compare2(a, b, loose) < 0;
}
exports2.eq = eq;
function eq(a, b, loose) {
return compare(a, b, loose) === 0;
return compare2(a, b, loose) === 0;
}
exports2.neq = neq;
function neq(a, b, loose) {
return compare(a, b, loose) !== 0;
return compare2(a, b, loose) !== 0;
}
exports2.gte = gte5;
function gte5(a, b, loose) {
return compare(a, b, loose) >= 0;
return compare2(a, b, loose) >= 0;
}
exports2.lte = lte;
function lte(a, b, loose) {
return compare(a, b, loose) <= 0;
return compare2(a, b, loose) <= 0;
}
exports2.cmp = cmp;
function cmp(a, op, b, loose) {

84
lib/start-proxy-action-post.js generated
View File

@@ -25121,8 +25121,8 @@ var require_compare = __commonJS({
"node_modules/semver/functions/compare.js"(exports2, module2) {
"use strict";
var SemVer = require_semver();
var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare;
var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare2;
}
});
@@ -25130,8 +25130,8 @@ var require_compare = __commonJS({
var require_rcompare = __commonJS({
"node_modules/semver/functions/rcompare.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var rcompare = (a, b, loose) => compare(b, a, loose);
var compare2 = require_compare();
var rcompare = (a, b, loose) => compare2(b, a, loose);
module2.exports = rcompare;
}
});
@@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({
var require_compare_loose = __commonJS({
"node_modules/semver/functions/compare-loose.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var compareLoose = (a, b) => compare(a, b, true);
var compare2 = require_compare();
var compareLoose = (a, b) => compare2(a, b, true);
module2.exports = compareLoose;
}
});
@@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({
var require_gt = __commonJS({
"node_modules/semver/functions/gt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gt = (a, b, loose) => compare(a, b, loose) > 0;
var compare2 = require_compare();
var gt = (a, b, loose) => compare2(a, b, loose) > 0;
module2.exports = gt;
}
});
@@ -25194,8 +25194,8 @@ var require_gt = __commonJS({
var require_lt = __commonJS({
"node_modules/semver/functions/lt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lt = (a, b, loose) => compare(a, b, loose) < 0;
var compare2 = require_compare();
var lt = (a, b, loose) => compare2(a, b, loose) < 0;
module2.exports = lt;
}
});
@@ -25204,8 +25204,8 @@ var require_lt = __commonJS({
var require_eq = __commonJS({
"node_modules/semver/functions/eq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var eq = (a, b, loose) => compare(a, b, loose) === 0;
var compare2 = require_compare();
var eq = (a, b, loose) => compare2(a, b, loose) === 0;
module2.exports = eq;
}
});
@@ -25214,8 +25214,8 @@ var require_eq = __commonJS({
var require_neq = __commonJS({
"node_modules/semver/functions/neq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var neq = (a, b, loose) => compare(a, b, loose) !== 0;
var compare2 = require_compare();
var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
module2.exports = neq;
}
});
@@ -25224,8 +25224,8 @@ var require_neq = __commonJS({
var require_gte = __commonJS({
"node_modules/semver/functions/gte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gte5 = (a, b, loose) => compare(a, b, loose) >= 0;
var compare2 = require_compare();
var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
module2.exports = gte5;
}
});
@@ -25234,8 +25234,8 @@ var require_gte = __commonJS({
var require_lte = __commonJS({
"node_modules/semver/functions/lte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lte = (a, b, loose) => compare(a, b, loose) <= 0;
var compare2 = require_compare();
var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
module2.exports = lte;
}
});
@@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({
"node_modules/semver/ranges/simplify.js"(exports2, module2) {
"use strict";
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
module2.exports = (versions, range, options) => {
const set2 = [];
let first = null;
let prev = null;
const v = versions.sort((a, b) => compare(a, b, options));
const v = versions.sort((a, b) => compare2(a, b, options));
for (const version of v) {
const included = satisfies2(version, range, options);
if (included) {
@@ -26184,7 +26184,7 @@ var require_subset = __commonJS({
var Comparator = require_comparator();
var { ANY } = Comparator;
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
var subset = (sub, dom, options = {}) => {
if (sub === dom) {
return true;
@@ -26244,7 +26244,7 @@ var require_subset = __commonJS({
}
let gtltComp;
if (gt && lt) {
gtltComp = compare(gt.semver, lt.semver, options);
gtltComp = compare2(gt.semver, lt.semver, options);
if (gtltComp > 0) {
return null;
} else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) {
@@ -26324,14 +26324,14 @@ var require_subset = __commonJS({
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
};
var lowerLT = (a, b, options) => {
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
};
module2.exports = subset;
@@ -26355,7 +26355,7 @@ var require_semver2 = __commonJS({
var minor = require_minor();
var patch = require_patch();
var prerelease = require_prerelease();
var compare = require_compare();
var compare2 = require_compare();
var rcompare = require_rcompare();
var compareLoose = require_compare_loose();
var compareBuild = require_compare_build();
@@ -26393,7 +26393,7 @@ var require_semver2 = __commonJS({
minor,
patch,
prerelease,
compare,
compare: compare2,
rcompare,
compareLoose,
compareBuild,
@@ -30261,13 +30261,13 @@ var require_semver3 = __commonJS({
function patch(a, loose) {
return new SemVer(a, loose).patch;
}
exports2.compare = compare;
function compare(a, b, loose) {
exports2.compare = compare2;
function compare2(a, b, loose) {
return new SemVer(a, loose).compare(new SemVer(b, loose));
}
exports2.compareLoose = compareLoose;
function compareLoose(a, b) {
return compare(a, b, true);
return compare2(a, b, true);
}
exports2.compareBuild = compareBuild;
function compareBuild(a, b, loose) {
@@ -30277,7 +30277,7 @@ var require_semver3 = __commonJS({
}
exports2.rcompare = rcompare;
function rcompare(a, b, loose) {
return compare(b, a, loose);
return compare2(b, a, loose);
}
exports2.sort = sort;
function sort(list, loose) {
@@ -30293,27 +30293,27 @@ var require_semver3 = __commonJS({
}
exports2.gt = gt;
function gt(a, b, loose) {
return compare(a, b, loose) > 0;
return compare2(a, b, loose) > 0;
}
exports2.lt = lt;
function lt(a, b, loose) {
return compare(a, b, loose) < 0;
return compare2(a, b, loose) < 0;
}
exports2.eq = eq;
function eq(a, b, loose) {
return compare(a, b, loose) === 0;
return compare2(a, b, loose) === 0;
}
exports2.neq = neq;
function neq(a, b, loose) {
return compare(a, b, loose) !== 0;
return compare2(a, b, loose) !== 0;
}
exports2.gte = gte5;
function gte5(a, b, loose) {
return compare(a, b, loose) >= 0;
return compare2(a, b, loose) >= 0;
}
exports2.lte = lte;
function lte(a, b, loose) {
return compare(a, b, loose) <= 0;
return compare2(a, b, loose) <= 0;
}
exports2.cmp = cmp;
function cmp(a, op, b, loose) {
@@ -94483,8 +94483,8 @@ var require_commonjs16 = __commonJS({
if (rootPath === this.root.name) {
return this.root;
}
for (const [compare, root] of Object.entries(this.roots)) {
if (this.sameRoot(rootPath, compare)) {
for (const [compare2, root] of Object.entries(this.roots)) {
if (this.sameRoot(rootPath, compare2)) {
return this.roots[rootPath] = root;
}
}
@@ -94493,9 +94493,9 @@ var require_commonjs16 = __commonJS({
/**
* @internal
*/
sameRoot(rootPath, compare = this.root.name) {
sameRoot(rootPath, compare2 = this.root.name) {
rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\");
return rootPath === compare;
return rootPath === compare2;
}
};
exports2.PathWin32 = PathWin32;
@@ -98514,7 +98514,7 @@ var require_b4a = __commonJS({
function byteLength(string, encoding) {
return Buffer.byteLength(string, encoding);
}
function compare(a, b) {
function compare2(a, b) {
return Buffer.compare(a, b);
}
function concat(buffers, totalLength) {
@@ -98615,7 +98615,7 @@ var require_b4a = __commonJS({
allocUnsafe,
allocUnsafeSlow,
byteLength,
compare,
compare: compare2,
concat,
copy,
equals,

135
lib/upload-lib.js generated
View File

@@ -26336,7 +26336,7 @@ var require_to_regex_range = __commonJS({
stop = countZeros(max + 1, zeros) - 1;
}
stops = [...stops];
stops.sort(compare2);
stops.sort(compare3);
return stops;
}
function rangeToPattern(start, stop, options) {
@@ -26408,7 +26408,7 @@ var require_to_regex_range = __commonJS({
for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]);
return arr;
}
function compare2(a, b) {
function compare3(a, b) {
return a > b ? 1 : b > a ? -1 : 0;
}
function contains(arr, key, val2) {
@@ -32267,8 +32267,8 @@ var require_compare = __commonJS({
"node_modules/semver/functions/compare.js"(exports2, module2) {
"use strict";
var SemVer = require_semver();
var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare2;
var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare3;
}
});
@@ -32276,8 +32276,8 @@ var require_compare = __commonJS({
var require_rcompare = __commonJS({
"node_modules/semver/functions/rcompare.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var rcompare = (a, b, loose) => compare2(b, a, loose);
var compare3 = require_compare();
var rcompare = (a, b, loose) => compare3(b, a, loose);
module2.exports = rcompare;
}
});
@@ -32286,8 +32286,8 @@ var require_rcompare = __commonJS({
var require_compare_loose = __commonJS({
"node_modules/semver/functions/compare-loose.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var compareLoose = (a, b) => compare2(a, b, true);
var compare3 = require_compare();
var compareLoose = (a, b) => compare3(a, b, true);
module2.exports = compareLoose;
}
});
@@ -32330,8 +32330,8 @@ var require_rsort = __commonJS({
var require_gt = __commonJS({
"node_modules/semver/functions/gt.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var gt = (a, b, loose) => compare2(a, b, loose) > 0;
var compare3 = require_compare();
var gt = (a, b, loose) => compare3(a, b, loose) > 0;
module2.exports = gt;
}
});
@@ -32340,8 +32340,8 @@ var require_gt = __commonJS({
var require_lt = __commonJS({
"node_modules/semver/functions/lt.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var lt = (a, b, loose) => compare2(a, b, loose) < 0;
var compare3 = require_compare();
var lt = (a, b, loose) => compare3(a, b, loose) < 0;
module2.exports = lt;
}
});
@@ -32350,8 +32350,8 @@ var require_lt = __commonJS({
var require_eq = __commonJS({
"node_modules/semver/functions/eq.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var eq = (a, b, loose) => compare2(a, b, loose) === 0;
var compare3 = require_compare();
var eq = (a, b, loose) => compare3(a, b, loose) === 0;
module2.exports = eq;
}
});
@@ -32360,8 +32360,8 @@ var require_eq = __commonJS({
var require_neq = __commonJS({
"node_modules/semver/functions/neq.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
var compare3 = require_compare();
var neq = (a, b, loose) => compare3(a, b, loose) !== 0;
module2.exports = neq;
}
});
@@ -32370,8 +32370,8 @@ var require_neq = __commonJS({
var require_gte = __commonJS({
"node_modules/semver/functions/gte.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
var compare3 = require_compare();
var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0;
module2.exports = gte5;
}
});
@@ -32380,8 +32380,8 @@ var require_gte = __commonJS({
var require_lte = __commonJS({
"node_modules/semver/functions/lte.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
var compare3 = require_compare();
var lte = (a, b, loose) => compare3(a, b, loose) <= 0;
module2.exports = lte;
}
});
@@ -33277,12 +33277,12 @@ var require_simplify = __commonJS({
"node_modules/semver/ranges/simplify.js"(exports2, module2) {
"use strict";
var satisfies2 = require_satisfies();
var compare2 = require_compare();
var compare3 = require_compare();
module2.exports = (versions, range, options) => {
const set2 = [];
let first = null;
let prev = null;
const v = versions.sort((a, b) => compare2(a, b, options));
const v = versions.sort((a, b) => compare3(a, b, options));
for (const version of v) {
const included = satisfies2(version, range, options);
if (included) {
@@ -33330,7 +33330,7 @@ var require_subset = __commonJS({
var Comparator = require_comparator();
var { ANY } = Comparator;
var satisfies2 = require_satisfies();
var compare2 = require_compare();
var compare3 = require_compare();
var subset = (sub, dom, options = {}) => {
if (sub === dom) {
return true;
@@ -33390,7 +33390,7 @@ var require_subset = __commonJS({
}
let gtltComp;
if (gt && lt) {
gtltComp = compare2(gt.semver, lt.semver, options);
gtltComp = compare3(gt.semver, lt.semver, options);
if (gtltComp > 0) {
return null;
} else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) {
@@ -33470,14 +33470,14 @@ var require_subset = __commonJS({
if (!a) {
return b;
}
const comp = compare2(a.semver, b.semver, options);
const comp = compare3(a.semver, b.semver, options);
return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
};
var lowerLT = (a, b, options) => {
if (!a) {
return b;
}
const comp = compare2(a.semver, b.semver, options);
const comp = compare3(a.semver, b.semver, options);
return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
};
module2.exports = subset;
@@ -33501,7 +33501,7 @@ var require_semver2 = __commonJS({
var minor = require_minor();
var patch = require_patch();
var prerelease = require_prerelease();
var compare2 = require_compare();
var compare3 = require_compare();
var rcompare = require_rcompare();
var compareLoose = require_compare_loose();
var compareBuild = require_compare_build();
@@ -33539,7 +33539,7 @@ var require_semver2 = __commonJS({
minor,
patch,
prerelease,
compare: compare2,
compare: compare3,
rcompare,
compareLoose,
compareBuild,
@@ -37407,13 +37407,13 @@ var require_semver3 = __commonJS({
function patch(a, loose) {
return new SemVer(a, loose).patch;
}
exports2.compare = compare2;
function compare2(a, b, loose) {
exports2.compare = compare3;
function compare3(a, b, loose) {
return new SemVer(a, loose).compare(new SemVer(b, loose));
}
exports2.compareLoose = compareLoose;
function compareLoose(a, b) {
return compare2(a, b, true);
return compare3(a, b, true);
}
exports2.compareBuild = compareBuild;
function compareBuild(a, b, loose) {
@@ -37423,7 +37423,7 @@ var require_semver3 = __commonJS({
}
exports2.rcompare = rcompare;
function rcompare(a, b, loose) {
return compare2(b, a, loose);
return compare3(b, a, loose);
}
exports2.sort = sort;
function sort(list, loose) {
@@ -37439,27 +37439,27 @@ var require_semver3 = __commonJS({
}
exports2.gt = gt;
function gt(a, b, loose) {
return compare2(a, b, loose) > 0;
return compare3(a, b, loose) > 0;
}
exports2.lt = lt;
function lt(a, b, loose) {
return compare2(a, b, loose) < 0;
return compare3(a, b, loose) < 0;
}
exports2.eq = eq;
function eq(a, b, loose) {
return compare2(a, b, loose) === 0;
return compare3(a, b, loose) === 0;
}
exports2.neq = neq;
function neq(a, b, loose) {
return compare2(a, b, loose) !== 0;
return compare3(a, b, loose) !== 0;
}
exports2.gte = gte5;
function gte5(a, b, loose) {
return compare2(a, b, loose) >= 0;
return compare3(a, b, loose) >= 0;
}
exports2.lte = lte;
function lte(a, b, loose) {
return compare2(a, b, loose) <= 0;
return compare3(a, b, loose) <= 0;
}
exports2.cmp = cmp;
function cmp(a, op, b, loose) {
@@ -88477,9 +88477,12 @@ function getWorkflowRunAttempt() {
}
return workflowRunAttempt;
}
function isDefaultSetup() {
function isDynamicWorkflow() {
return getWorkflowEventName() === "dynamic";
}
function isDefaultSetup() {
return isDynamicWorkflow();
}
function prettyPrintInvocation(cmd, args) {
return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" ");
}
@@ -89930,6 +89933,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing";
var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies";
var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"];
var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"];
var CODEQL_TOOLCACHE_INPUT = "toolcache";
function getCodeQLBundleExtension(compressionMethod) {
switch (compressionMethod) {
case "gzip":
@@ -90108,6 +90112,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
"`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required."
);
}
} else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) {
let latestToolcacheVersion;
const allowToolcacheValue = isDynamicWorkflow() || isInTestMode();
if (allowToolcacheValue) {
logger.info(
`Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`
);
latestToolcacheVersion = getLatestToolcacheVersion(logger);
if (latestToolcacheVersion) {
cliVersion2 = latestToolcacheVersion;
}
}
if (latestToolcacheVersion === void 0) {
if (allowToolcacheValue) {
logger.info(
`Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`
);
} else {
logger.warning(
`Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`
);
}
cliVersion2 = defaultCliVersion.cliVersion;
tagName = defaultCliVersion.tagName;
}
} else if (toolsInput !== void 0) {
tagName = tryGetTagNameFromUrl(toolsInput, logger);
url2 = toolsInput;
@@ -90414,8 +90443,24 @@ async function getNightlyToolsUrl(logger) {
);
}
}
function getLatestToolcacheVersion(logger) {
const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a));
logger.debug(
`Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify(
allVersions
)}.`
);
if (allVersions.length > 0) {
const latestToolcacheVersion = allVersions[0];
logger.info(
`CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`
);
return latestToolcacheVersion;
}
return void 0;
}
function isReservedToolsValue(tools) {
return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools);
return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT;
}
// src/tracer-config.ts
@@ -91602,7 +91647,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) {
};
LongPrototype.gte = LongPrototype.greaterThanOrEqual;
LongPrototype.ge = LongPrototype.greaterThanOrEqual;
LongPrototype.compare = function compare(other) {
LongPrototype.compare = function compare2(other) {
if (!isLong(other)) other = fromValue(other);
if (this.eq(other)) return 0;
var thisNeg = this.isNegative(), otherNeg = other.isNegative();
@@ -92368,12 +92413,12 @@ function getAutomationID2(category, analysis_key, environment) {
}
return computeAutomationID(analysis_key, environment);
}
async function uploadPayload(payload, repositoryNwo, logger, target) {
async function uploadPayload(payload, repositoryNwo, logger, analysis) {
logger.info("Uploading results");
if (shouldSkipSarifUpload()) {
const payloadSaveFile = path14.join(
getTemporaryDirectory(),
"payload.json"
`payload-${analysis.kind}.json`
);
logger.info(
`SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`
@@ -92384,7 +92429,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) {
}
const client = getApiClient();
try {
const response = await client.request(target, {
const response = await client.request(analysis.target, {
owner: repositoryNwo.owner,
repo: repositoryNwo.repo,
data: payload
@@ -92666,7 +92711,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
payload,
getRepositoryNwo(),
logger,
uploadTarget.target
uploadTarget
);
logger.endGroup();
return {

84
lib/upload-sarif-action-post.js generated
View File

@@ -25121,8 +25121,8 @@ var require_compare = __commonJS({
"node_modules/semver/functions/compare.js"(exports2, module2) {
"use strict";
var SemVer = require_semver();
var compare = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare;
var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare2;
}
});
@@ -25130,8 +25130,8 @@ var require_compare = __commonJS({
var require_rcompare = __commonJS({
"node_modules/semver/functions/rcompare.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var rcompare = (a, b, loose) => compare(b, a, loose);
var compare2 = require_compare();
var rcompare = (a, b, loose) => compare2(b, a, loose);
module2.exports = rcompare;
}
});
@@ -25140,8 +25140,8 @@ var require_rcompare = __commonJS({
var require_compare_loose = __commonJS({
"node_modules/semver/functions/compare-loose.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var compareLoose = (a, b) => compare(a, b, true);
var compare2 = require_compare();
var compareLoose = (a, b) => compare2(a, b, true);
module2.exports = compareLoose;
}
});
@@ -25184,8 +25184,8 @@ var require_rsort = __commonJS({
var require_gt = __commonJS({
"node_modules/semver/functions/gt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gt = (a, b, loose) => compare(a, b, loose) > 0;
var compare2 = require_compare();
var gt = (a, b, loose) => compare2(a, b, loose) > 0;
module2.exports = gt;
}
});
@@ -25194,8 +25194,8 @@ var require_gt = __commonJS({
var require_lt = __commonJS({
"node_modules/semver/functions/lt.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lt = (a, b, loose) => compare(a, b, loose) < 0;
var compare2 = require_compare();
var lt = (a, b, loose) => compare2(a, b, loose) < 0;
module2.exports = lt;
}
});
@@ -25204,8 +25204,8 @@ var require_lt = __commonJS({
var require_eq = __commonJS({
"node_modules/semver/functions/eq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var eq = (a, b, loose) => compare(a, b, loose) === 0;
var compare2 = require_compare();
var eq = (a, b, loose) => compare2(a, b, loose) === 0;
module2.exports = eq;
}
});
@@ -25214,8 +25214,8 @@ var require_eq = __commonJS({
var require_neq = __commonJS({
"node_modules/semver/functions/neq.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var neq = (a, b, loose) => compare(a, b, loose) !== 0;
var compare2 = require_compare();
var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
module2.exports = neq;
}
});
@@ -25224,8 +25224,8 @@ var require_neq = __commonJS({
var require_gte = __commonJS({
"node_modules/semver/functions/gte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var gte5 = (a, b, loose) => compare(a, b, loose) >= 0;
var compare2 = require_compare();
var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
module2.exports = gte5;
}
});
@@ -25234,8 +25234,8 @@ var require_gte = __commonJS({
var require_lte = __commonJS({
"node_modules/semver/functions/lte.js"(exports2, module2) {
"use strict";
var compare = require_compare();
var lte = (a, b, loose) => compare(a, b, loose) <= 0;
var compare2 = require_compare();
var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
module2.exports = lte;
}
});
@@ -26131,12 +26131,12 @@ var require_simplify = __commonJS({
"node_modules/semver/ranges/simplify.js"(exports2, module2) {
"use strict";
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
module2.exports = (versions, range, options) => {
const set2 = [];
let first = null;
let prev = null;
const v = versions.sort((a, b) => compare(a, b, options));
const v = versions.sort((a, b) => compare2(a, b, options));
for (const version of v) {
const included = satisfies2(version, range, options);
if (included) {
@@ -26184,7 +26184,7 @@ var require_subset = __commonJS({
var Comparator = require_comparator();
var { ANY } = Comparator;
var satisfies2 = require_satisfies();
var compare = require_compare();
var compare2 = require_compare();
var subset = (sub, dom, options = {}) => {
if (sub === dom) {
return true;
@@ -26244,7 +26244,7 @@ var require_subset = __commonJS({
}
let gtltComp;
if (gt && lt) {
gtltComp = compare(gt.semver, lt.semver, options);
gtltComp = compare2(gt.semver, lt.semver, options);
if (gtltComp > 0) {
return null;
} else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) {
@@ -26324,14 +26324,14 @@ var require_subset = __commonJS({
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
};
var lowerLT = (a, b, options) => {
if (!a) {
return b;
}
const comp = compare(a.semver, b.semver, options);
const comp = compare2(a.semver, b.semver, options);
return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
};
module2.exports = subset;
@@ -26355,7 +26355,7 @@ var require_semver2 = __commonJS({
var minor = require_minor();
var patch = require_patch();
var prerelease = require_prerelease();
var compare = require_compare();
var compare2 = require_compare();
var rcompare = require_rcompare();
var compareLoose = require_compare_loose();
var compareBuild = require_compare_build();
@@ -26393,7 +26393,7 @@ var require_semver2 = __commonJS({
minor,
patch,
prerelease,
compare,
compare: compare2,
rcompare,
compareLoose,
compareBuild,
@@ -88567,8 +88567,8 @@ var require_commonjs16 = __commonJS({
if (rootPath === this.root.name) {
return this.root;
}
for (const [compare, root] of Object.entries(this.roots)) {
if (this.sameRoot(rootPath, compare)) {
for (const [compare2, root] of Object.entries(this.roots)) {
if (this.sameRoot(rootPath, compare2)) {
return this.roots[rootPath] = root;
}
}
@@ -88577,9 +88577,9 @@ var require_commonjs16 = __commonJS({
/**
* @internal
*/
sameRoot(rootPath, compare = this.root.name) {
sameRoot(rootPath, compare2 = this.root.name) {
rootPath = rootPath.toUpperCase().replace(/\//g, "\\").replace(uncDriveRegexp, "$1\\");
return rootPath === compare;
return rootPath === compare2;
}
};
exports2.PathWin32 = PathWin32;
@@ -92598,7 +92598,7 @@ var require_b4a = __commonJS({
function byteLength(string, encoding) {
return Buffer.byteLength(string, encoding);
}
function compare(a, b) {
function compare2(a, b) {
return Buffer.compare(a, b);
}
function concat(buffers, totalLength) {
@@ -92699,7 +92699,7 @@ var require_b4a = __commonJS({
allocUnsafe,
allocUnsafeSlow,
byteLength,
compare,
compare: compare2,
concat,
copy,
equals,
@@ -108085,13 +108085,13 @@ var require_semver3 = __commonJS({
function patch(a, loose) {
return new SemVer(a, loose).patch;
}
exports2.compare = compare;
function compare(a, b, loose) {
exports2.compare = compare2;
function compare2(a, b, loose) {
return new SemVer(a, loose).compare(new SemVer(b, loose));
}
exports2.compareLoose = compareLoose;
function compareLoose(a, b) {
return compare(a, b, true);
return compare2(a, b, true);
}
exports2.compareBuild = compareBuild;
function compareBuild(a, b, loose) {
@@ -108101,7 +108101,7 @@ var require_semver3 = __commonJS({
}
exports2.rcompare = rcompare;
function rcompare(a, b, loose) {
return compare(b, a, loose);
return compare2(b, a, loose);
}
exports2.sort = sort;
function sort(list, loose) {
@@ -108117,27 +108117,27 @@ var require_semver3 = __commonJS({
}
exports2.gt = gt;
function gt(a, b, loose) {
return compare(a, b, loose) > 0;
return compare2(a, b, loose) > 0;
}
exports2.lt = lt;
function lt(a, b, loose) {
return compare(a, b, loose) < 0;
return compare2(a, b, loose) < 0;
}
exports2.eq = eq;
function eq(a, b, loose) {
return compare(a, b, loose) === 0;
return compare2(a, b, loose) === 0;
}
exports2.neq = neq;
function neq(a, b, loose) {
return compare(a, b, loose) !== 0;
return compare2(a, b, loose) !== 0;
}
exports2.gte = gte5;
function gte5(a, b, loose) {
return compare(a, b, loose) >= 0;
return compare2(a, b, loose) >= 0;
}
exports2.lte = lte;
function lte(a, b, loose) {
return compare(a, b, loose) <= 0;
return compare2(a, b, loose) <= 0;
}
exports2.cmp = cmp;
function cmp(a, op, b, loose) {

135
lib/upload-sarif-action.js generated
View File

@@ -25039,7 +25039,7 @@ var require_to_regex_range = __commonJS({
stop = countZeros(max + 1, zeros) - 1;
}
stops = [...stops];
stops.sort(compare2);
stops.sort(compare3);
return stops;
}
function rangeToPattern(start, stop, options) {
@@ -25111,7 +25111,7 @@ var require_to_regex_range = __commonJS({
for (let i = 0; i < a.length; i++) arr.push([a[i], b[i]]);
return arr;
}
function compare2(a, b) {
function compare3(a, b) {
return a > b ? 1 : b > a ? -1 : 0;
}
function contains(arr, key, val2) {
@@ -30970,8 +30970,8 @@ var require_compare = __commonJS({
"node_modules/semver/functions/compare.js"(exports2, module2) {
"use strict";
var SemVer = require_semver();
var compare2 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare2;
var compare3 = (a, b, loose) => new SemVer(a, loose).compare(new SemVer(b, loose));
module2.exports = compare3;
}
});
@@ -30979,8 +30979,8 @@ var require_compare = __commonJS({
var require_rcompare = __commonJS({
"node_modules/semver/functions/rcompare.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var rcompare = (a, b, loose) => compare2(b, a, loose);
var compare3 = require_compare();
var rcompare = (a, b, loose) => compare3(b, a, loose);
module2.exports = rcompare;
}
});
@@ -30989,8 +30989,8 @@ var require_rcompare = __commonJS({
var require_compare_loose = __commonJS({
"node_modules/semver/functions/compare-loose.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var compareLoose = (a, b) => compare2(a, b, true);
var compare3 = require_compare();
var compareLoose = (a, b) => compare3(a, b, true);
module2.exports = compareLoose;
}
});
@@ -31033,8 +31033,8 @@ var require_rsort = __commonJS({
var require_gt = __commonJS({
"node_modules/semver/functions/gt.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var gt = (a, b, loose) => compare2(a, b, loose) > 0;
var compare3 = require_compare();
var gt = (a, b, loose) => compare3(a, b, loose) > 0;
module2.exports = gt;
}
});
@@ -31043,8 +31043,8 @@ var require_gt = __commonJS({
var require_lt = __commonJS({
"node_modules/semver/functions/lt.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var lt = (a, b, loose) => compare2(a, b, loose) < 0;
var compare3 = require_compare();
var lt = (a, b, loose) => compare3(a, b, loose) < 0;
module2.exports = lt;
}
});
@@ -31053,8 +31053,8 @@ var require_lt = __commonJS({
var require_eq = __commonJS({
"node_modules/semver/functions/eq.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var eq = (a, b, loose) => compare2(a, b, loose) === 0;
var compare3 = require_compare();
var eq = (a, b, loose) => compare3(a, b, loose) === 0;
module2.exports = eq;
}
});
@@ -31063,8 +31063,8 @@ var require_eq = __commonJS({
var require_neq = __commonJS({
"node_modules/semver/functions/neq.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var neq = (a, b, loose) => compare2(a, b, loose) !== 0;
var compare3 = require_compare();
var neq = (a, b, loose) => compare3(a, b, loose) !== 0;
module2.exports = neq;
}
});
@@ -31073,8 +31073,8 @@ var require_neq = __commonJS({
var require_gte = __commonJS({
"node_modules/semver/functions/gte.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var gte5 = (a, b, loose) => compare2(a, b, loose) >= 0;
var compare3 = require_compare();
var gte5 = (a, b, loose) => compare3(a, b, loose) >= 0;
module2.exports = gte5;
}
});
@@ -31083,8 +31083,8 @@ var require_gte = __commonJS({
var require_lte = __commonJS({
"node_modules/semver/functions/lte.js"(exports2, module2) {
"use strict";
var compare2 = require_compare();
var lte = (a, b, loose) => compare2(a, b, loose) <= 0;
var compare3 = require_compare();
var lte = (a, b, loose) => compare3(a, b, loose) <= 0;
module2.exports = lte;
}
});
@@ -31980,12 +31980,12 @@ var require_simplify = __commonJS({
"node_modules/semver/ranges/simplify.js"(exports2, module2) {
"use strict";
var satisfies2 = require_satisfies();
var compare2 = require_compare();
var compare3 = require_compare();
module2.exports = (versions, range, options) => {
const set2 = [];
let first = null;
let prev = null;
const v = versions.sort((a, b) => compare2(a, b, options));
const v = versions.sort((a, b) => compare3(a, b, options));
for (const version of v) {
const included = satisfies2(version, range, options);
if (included) {
@@ -32033,7 +32033,7 @@ var require_subset = __commonJS({
var Comparator = require_comparator();
var { ANY } = Comparator;
var satisfies2 = require_satisfies();
var compare2 = require_compare();
var compare3 = require_compare();
var subset = (sub, dom, options = {}) => {
if (sub === dom) {
return true;
@@ -32093,7 +32093,7 @@ var require_subset = __commonJS({
}
let gtltComp;
if (gt && lt) {
gtltComp = compare2(gt.semver, lt.semver, options);
gtltComp = compare3(gt.semver, lt.semver, options);
if (gtltComp > 0) {
return null;
} else if (gtltComp === 0 && (gt.operator !== ">=" || lt.operator !== "<=")) {
@@ -32173,14 +32173,14 @@ var require_subset = __commonJS({
if (!a) {
return b;
}
const comp = compare2(a.semver, b.semver, options);
const comp = compare3(a.semver, b.semver, options);
return comp > 0 ? a : comp < 0 ? b : b.operator === ">" && a.operator === ">=" ? b : a;
};
var lowerLT = (a, b, options) => {
if (!a) {
return b;
}
const comp = compare2(a.semver, b.semver, options);
const comp = compare3(a.semver, b.semver, options);
return comp < 0 ? a : comp > 0 ? b : b.operator === "<" && a.operator === "<=" ? b : a;
};
module2.exports = subset;
@@ -32204,7 +32204,7 @@ var require_semver2 = __commonJS({
var minor = require_minor();
var patch = require_patch();
var prerelease = require_prerelease();
var compare2 = require_compare();
var compare3 = require_compare();
var rcompare = require_rcompare();
var compareLoose = require_compare_loose();
var compareBuild = require_compare_build();
@@ -32242,7 +32242,7 @@ var require_semver2 = __commonJS({
minor,
patch,
prerelease,
compare: compare2,
compare: compare3,
rcompare,
compareLoose,
compareBuild,
@@ -36110,13 +36110,13 @@ var require_semver3 = __commonJS({
function patch(a, loose) {
return new SemVer(a, loose).patch;
}
exports2.compare = compare2;
function compare2(a, b, loose) {
exports2.compare = compare3;
function compare3(a, b, loose) {
return new SemVer(a, loose).compare(new SemVer(b, loose));
}
exports2.compareLoose = compareLoose;
function compareLoose(a, b) {
return compare2(a, b, true);
return compare3(a, b, true);
}
exports2.compareBuild = compareBuild;
function compareBuild(a, b, loose) {
@@ -36126,7 +36126,7 @@ var require_semver3 = __commonJS({
}
exports2.rcompare = rcompare;
function rcompare(a, b, loose) {
return compare2(b, a, loose);
return compare3(b, a, loose);
}
exports2.sort = sort;
function sort(list, loose) {
@@ -36142,27 +36142,27 @@ var require_semver3 = __commonJS({
}
exports2.gt = gt;
function gt(a, b, loose) {
return compare2(a, b, loose) > 0;
return compare3(a, b, loose) > 0;
}
exports2.lt = lt;
function lt(a, b, loose) {
return compare2(a, b, loose) < 0;
return compare3(a, b, loose) < 0;
}
exports2.eq = eq;
function eq(a, b, loose) {
return compare2(a, b, loose) === 0;
return compare3(a, b, loose) === 0;
}
exports2.neq = neq;
function neq(a, b, loose) {
return compare2(a, b, loose) !== 0;
return compare3(a, b, loose) !== 0;
}
exports2.gte = gte5;
function gte5(a, b, loose) {
return compare2(a, b, loose) >= 0;
return compare3(a, b, loose) >= 0;
}
exports2.lte = lte;
function lte(a, b, loose) {
return compare2(a, b, loose) <= 0;
return compare3(a, b, loose) <= 0;
}
exports2.cmp = cmp;
function cmp(a, op, b, loose) {
@@ -88674,9 +88674,12 @@ function getWorkflowRunAttempt() {
function isSelfHostedRunner() {
return process.env.RUNNER_ENVIRONMENT === "self-hosted";
}
function isDefaultSetup() {
function isDynamicWorkflow() {
return getWorkflowEventName() === "dynamic";
}
function isDefaultSetup() {
return isDynamicWorkflow();
}
function prettyPrintInvocation(cmd, args) {
return [cmd, ...args].map((x) => x.includes(" ") ? `'${x}'` : x).join(" ");
}
@@ -90602,6 +90605,7 @@ var CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing";
var CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies";
var CODEQL_BUNDLE_VERSION_ALIAS = ["linked", "latest"];
var CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"];
var CODEQL_TOOLCACHE_INPUT = "toolcache";
function getCodeQLBundleExtension(compressionMethod) {
switch (compressionMethod) {
case "gzip":
@@ -90780,6 +90784,31 @@ async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, varian
"`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required."
);
}
} else if (toolsInput !== void 0 && toolsInput === CODEQL_TOOLCACHE_INPUT) {
let latestToolcacheVersion;
const allowToolcacheValue = isDynamicWorkflow() || isInTestMode();
if (allowToolcacheValue) {
logger.info(
`Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`
);
latestToolcacheVersion = getLatestToolcacheVersion(logger);
if (latestToolcacheVersion) {
cliVersion2 = latestToolcacheVersion;
}
}
if (latestToolcacheVersion === void 0) {
if (allowToolcacheValue) {
logger.info(
`Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`
);
} else {
logger.warning(
`Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`
);
}
cliVersion2 = defaultCliVersion.cliVersion;
tagName = defaultCliVersion.tagName;
}
} else if (toolsInput !== void 0) {
tagName = tryGetTagNameFromUrl(toolsInput, logger);
url2 = toolsInput;
@@ -91086,8 +91115,24 @@ async function getNightlyToolsUrl(logger) {
);
}
}
function getLatestToolcacheVersion(logger) {
const allVersions = toolcache3.findAllVersions("CodeQL").sort((a, b) => semver7.compare(b, a));
logger.debug(
`Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify(
allVersions
)}.`
);
if (allVersions.length > 0) {
const latestToolcacheVersion = allVersions[0];
logger.info(
`CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`
);
return latestToolcacheVersion;
}
return void 0;
}
function isReservedToolsValue(tools) {
return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools);
return CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) || CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) || tools === CODEQL_TOOLCACHE_INPUT;
}
// src/tracer-config.ts
@@ -92274,7 +92319,7 @@ LongPrototype.greaterThanOrEqual = function greaterThanOrEqual(other) {
};
LongPrototype.gte = LongPrototype.greaterThanOrEqual;
LongPrototype.ge = LongPrototype.greaterThanOrEqual;
LongPrototype.compare = function compare(other) {
LongPrototype.compare = function compare2(other) {
if (!isLong(other)) other = fromValue(other);
if (this.eq(other)) return 0;
var thisNeg = this.isNegative(), otherNeg = other.isNegative();
@@ -93040,12 +93085,12 @@ function getAutomationID2(category, analysis_key, environment) {
}
return computeAutomationID(analysis_key, environment);
}
async function uploadPayload(payload, repositoryNwo, logger, target) {
async function uploadPayload(payload, repositoryNwo, logger, analysis) {
logger.info("Uploading results");
if (shouldSkipSarifUpload()) {
const payloadSaveFile = path15.join(
getTemporaryDirectory(),
"payload.json"
`payload-${analysis.kind}.json`
);
logger.info(
`SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`
@@ -93056,7 +93101,7 @@ async function uploadPayload(payload, repositoryNwo, logger, target) {
}
const client = getApiClient();
try {
const response = await client.request(target, {
const response = await client.request(analysis.target, {
owner: repositoryNwo.owner,
repo: repositoryNwo.repo,
data: payload
@@ -93307,7 +93352,7 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
payload,
getRepositoryNwo(),
logger,
uploadTarget.target
uploadTarget
);
logger.endGroup();
return {

32
pr-checks/checks/bundle-from-toolcache.yml Normal file
View File

@@ -0,0 +1,32 @@
name: "Bundle: From toolcache"
description: "The CodeQL bundle should be cached within the toolcache"
versions:
- toolcache
steps:
- name: Install @actions/tool-cache
run: npm install @actions/tool-cache
- name: Check toolcache contains CodeQL
continue-on-error: true
uses: actions/github-script@v8
with:
script: |
const toolcache = require('@actions/tool-cache');
const allCodeqlVersions = toolcache.findAllVersions('CodeQL');
if (allCodeqlVersions.length === 0) {
throw new Error(`CodeQL could not be found in the toolcache`);
}
- id: init
uses: ./../action/init
with:
languages: javascript
tools: ${{ steps.prepare-test.outputs.tools-url }}
- name: Check CodeQL is installed within the toolcache
uses: actions/github-script@v8
with:
script: |
const toolcache = require('@actions/tool-cache');
const allCodeqlVersions = toolcache.findAllVersions('CodeQL');
console.log(`Found CodeQL versions: ${allCodeqlVersions}`);
if (allCodeqlVersions.length === 0) {
throw new Error('CodeQL not found in toolcache');
}

26
pr-checks/checks/upload-quality-sarif.yml
View File

@@ -1,26 +0,0 @@
name: "Upload-sarif: code quality endpoint"
description: "Checks that uploading SARIFs to the code quality endpoint works"
versions: ["default"]
installGo: true
steps:
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}
languages: csharp,java,javascript,python
analysis-kinds: code-quality
- name: Build code
run: ./build.sh
# Generate some SARIF we can upload with the upload-sarif step
- uses: ./../action/analyze
with:
ref: 'refs/heads/main'
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
upload: never
- uses: ./../action/upload-sarif
id: upload-sarif
with:
ref: 'refs/heads/main'
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
- name: "Check output from `upload-sarif` step"
if: '!(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)'
run: exit 1

81
pr-checks/checks/upload-sarif.yml Normal file
View File

@@ -0,0 +1,81 @@
name: "Test different uses of `upload-sarif`"
description: "Checks that uploading SARIFs to the code quality endpoint works"
versions: ["default"]
analysisKinds: ["code-scanning", "code-quality", "code-scanning,code-quality"]
installGo: true
steps:
- uses: ./../action/init
with:
tools: ${{ steps.prepare-test.outputs.tools-url }}
languages: csharp,java,javascript,python
analysis-kinds: ${{ matrix.analysis-kinds }}
- name: Build code
run: ./build.sh
# Generate some SARIF we can upload with the upload-sarif step
- uses: ./../action/analyze
with:
ref: 'refs/heads/main'
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
upload: never
output: ${{ runner.temp }}/results
- name: |
Upload all SARIF files for `analysis-kinds: ${{ matrix.analysis-kinds }}`
uses: ./../action/upload-sarif
id: upload-sarif
with:
ref: 'refs/heads/main'
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
sarif_file: ${{ runner.temp }}/results
category: |
${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:all-files/
- name: "Fail for missing output from `upload-sarif` step for `code-scanning`"
if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-scanning)"
run: exit 1
- name: "Fail for missing output from `upload-sarif` step for `code-quality`"
if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-sarif.outputs.sarif-ids).code-quality)"
run: exit 1
- name: Upload single SARIF file for Code Scanning
uses: ./../action/upload-sarif
id: upload-single-sarif-code-scanning
if: "contains(matrix.analysis-kinds, 'code-scanning')"
with:
ref: 'refs/heads/main'
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
sarif_file: ${{ runner.temp }}/results/javascript.sarif
category: |
${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-scanning/
- name: "Fail for missing output from `upload-single-sarif-code-scanning` step"
if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-sarif-code-scanning.outputs.sarif-ids).code-scanning)"
run: exit 1
- name: Upload single SARIF file for Code Quality
uses: ./../action/upload-sarif
id: upload-single-sarif-code-quality
if: "contains(matrix.analysis-kinds, 'code-quality')"
with:
ref: 'refs/heads/main'
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
sarif_file: ${{ runner.temp }}/results/javascript.quality.sarif
category: |
${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:single-code-quality/
- name: "Fail for missing output from `upload-single-sarif-code-quality` step"
if: "contains(matrix.analysis-kinds, 'code-quality') && !(fromJSON(steps.upload-single-sarif-code-quality.outputs.sarif-ids).code-quality)"
run: exit 1
- name: Change SARIF file extension
if: "contains(matrix.analysis-kinds, 'code-scanning')"
run: mv ${{ runner.temp }}/results/javascript.sarif ${{ runner.temp }}/results/javascript.sarif.json
- name: Upload single non-`.sarif` file
uses: ./../action/upload-sarif
id: upload-single-non-sarif
if: "contains(matrix.analysis-kinds, 'code-scanning')"
with:
ref: 'refs/heads/main'
sha: '5e235361806c361d4d3f8859e3c897658025a9a2'
sarif_file: ${{ runner.temp }}/results/javascript.sarif.json
category: |
${{ github.workflow }}:upload-sarif/analysis-kinds:${{ matrix.analysis-kinds }}/os:${{ matrix.os }}/version:${{ matrix.version }}/test:non-sarif/
- name: "Fail for missing output from `upload-single-non-sarif` step"
if: "contains(matrix.analysis-kinds, 'code-scanning') && !(fromJSON(steps.upload-single-non-sarif.outputs.sarif-ids).code-scanning)"
run: exit 1

13
pr-checks/checks/with-checkout-path.yml
View File

@@ -37,28 +37,29 @@ steps:
- name: Verify SARIF after upload
run: |
PAYLOAD_FILE="$RUNNER_TEMP/payload-code-scanning.json"
EXPECTED_COMMIT_OID="474bbf07f9247ffe1856c6a0f94aeeb10e7afee6"
EXPECTED_REF="v1.1.0"
EXPECTED_CHECKOUT_URI_SUFFIX="/x/y/z/some-path/tests/multi-language-repo"
ACTUAL_COMMIT_OID="$(cat "$RUNNER_TEMP/payload.json" | jq -r .commit_oid)"
ACTUAL_REF="$(cat "$RUNNER_TEMP/payload.json" | jq -r .ref)"
ACTUAL_CHECKOUT_URI="$(cat "$RUNNER_TEMP/payload.json" | jq -r .checkout_uri)"
ACTUAL_COMMIT_OID="$(cat "$PAYLOAD_FILE" | jq -r .commit_oid)"
ACTUAL_REF="$(cat "$PAYLOAD_FILE" | jq -r .ref)"
ACTUAL_CHECKOUT_URI="$(cat "$PAYLOAD_FILE" | jq -r .checkout_uri)"
if [[ "$EXPECTED_COMMIT_OID" != "$ACTUAL_COMMIT_OID" ]]; then
echo "::error Invalid commit oid. Expected: $EXPECTED_COMMIT_OID Actual: $ACTUAL_COMMIT_OID"
echo "$RUNNER_TEMP/payload.json"
echo "$PAYLOAD_FILE"
exit 1
fi
if [[ "$EXPECTED_REF" != "$ACTUAL_REF" ]]; then
echo "::error Invalid ref. Expected: '$EXPECTED_REF' Actual: '$ACTUAL_REF'"
echo "$RUNNER_TEMP/payload.json"
echo "$PAYLOAD_FILE"
exit 1
fi
if [[ "$ACTUAL_CHECKOUT_URI" != *$EXPECTED_CHECKOUT_URI_SUFFIX ]]; then
echo "::error Invalid checkout URI suffix. Expected suffix: $EXPECTED_CHECKOUT_URI_SUFFIX Actual uri: $ACTUAL_CHECKOUT_URI"
echo "$RUNNER_TEMP/payload.json"
echo "$PAYLOAD_FILE"
exit 1
fi

7
src/actions-util.ts
View File

@@ -247,9 +247,14 @@ export function isSelfHostedRunner() {
return process.env.RUNNER_ENVIRONMENT === "self-hosted";
}
/** Determines whether the workflow trigger is `dynamic`. */
export function isDynamicWorkflow(): boolean {
return getWorkflowEventName() === "dynamic";
}
/** Determines whether we are running in default setup. */
export function isDefaultSetup(): boolean {
return getWorkflowEventName() === "dynamic";
return isDynamicWorkflow();
}
export function prettyPrintInvocation(cmd: string, args: string[]): string {

124
src/setup-codeql.test.ts
View File

@@ -1,5 +1,6 @@
import * as path from "path";
import * as toolcache from "@actions/tool-cache";
import test from "ava";
import * as sinon from "sinon";
@@ -254,6 +255,117 @@ test("setupCodeQLBundle logs the CodeQL CLI version being used when asked to dow
});
});
test("getCodeQLSource correctly returns latest version from toolcache when tools == toolcache", async (t) => {
const loggedMessages: LoggedMessage[] = [];
const logger = getRecordingLogger(loggedMessages);
process.env["GITHUB_EVENT_NAME"] = "dynamic";
const latestToolcacheVersion = "3.2.1";
const latestVersionPath = "/path/to/latest";
const testVersions = ["2.3.1", latestToolcacheVersion, "1.2.3"];
const findAllVersionsStub = sinon
.stub(toolcache, "findAllVersions")
.returns(testVersions);
const findStub = sinon.stub(toolcache, "find");
findStub
.withArgs("CodeQL", latestToolcacheVersion)
.returns(latestVersionPath);
await withTmpDir(async (tmpDir) => {
setupActionsVars(tmpDir, tmpDir);
const source = await setupCodeql.getCodeQLSource(
"toolcache",
SAMPLE_DEFAULT_CLI_VERSION,
SAMPLE_DOTCOM_API_DETAILS,
GitHubVariant.DOTCOM,
false,
logger,
);
// Check that the toolcache functions were called with the expected arguments
t.assert(
findAllVersionsStub.calledOnceWith("CodeQL"),
`toolcache.findAllVersions("CodeQL") wasn't called`,
);
t.assert(
findStub.calledOnceWith("CodeQL", latestToolcacheVersion),
`toolcache.find("CodeQL", ${latestToolcacheVersion}) wasn't called`,
);
// Check that `sourceType` and `toolsVersion` match expectations.
t.is(source.sourceType, "toolcache");
t.is(source.toolsVersion, latestToolcacheVersion);
// Check that key messages we would expect to find in the log are present.
const expectedMessages: string[] = [
`Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: toolcache'.`,
`CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`,
`Using CodeQL CLI version ${latestToolcacheVersion} from toolcache at ${latestVersionPath}`,
];
for (const expectedMessage of expectedMessages) {
t.assert(
loggedMessages.some(
(msg) =>
typeof msg.message === "string" &&
msg.message.includes(expectedMessage),
),
`Expected '${expectedMessage}' in the logger output, but didn't find it.`,
);
}
});
});
test("getCodeQLSource falls back to downloading the CLI if the toolcache doesn't have a CodeQL CLI when tools == toolcache", async (t) => {
const loggedMessages: LoggedMessage[] = [];
const logger = getRecordingLogger(loggedMessages);
process.env["GITHUB_EVENT_NAME"] = "dynamic";
const testVersions = [];
const findAllVersionsStub = sinon
.stub(toolcache, "findAllVersions")
.returns(testVersions);
await withTmpDir(async (tmpDir) => {
setupActionsVars(tmpDir, tmpDir);
const source = await setupCodeql.getCodeQLSource(
"toolcache",
SAMPLE_DEFAULT_CLI_VERSION,
SAMPLE_DOTCOM_API_DETAILS,
GitHubVariant.DOTCOM,
false,
logger,
);
// Check that the toolcache functions were called with the expected arguments
t.assert(
findAllVersionsStub.calledWith("CodeQL"),
`toolcache.findAllVersions("CodeQL") wasn't called`,
);
// Check that `sourceType` and `toolsVersion` match expectations.
t.is(source.sourceType, "download");
t.is(source.toolsVersion, SAMPLE_DEFAULT_CLI_VERSION.cliVersion);
// Check that key messages we would expect to find in the log are present.
const expectedMessages: string[] = [
`Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: toolcache'.`,
`Found no CodeQL CLI in the toolcache, ignoring 'tools: toolcache'...`,
];
for (const expectedMessage of expectedMessages) {
t.assert(
loggedMessages.some(
(msg) =>
typeof msg.message === "string" &&
msg.message.includes(expectedMessage),
),
`Expected '${expectedMessage}' in the logger output, but didn't find it.`,
);
}
});
});
test('tryGetTagNameFromUrl extracts the right tag name for a repo name containing "codeql-bundle"', (t) => {
t.is(
setupCodeql.tryGetTagNameFromUrl(
@@ -263,3 +375,15 @@ test('tryGetTagNameFromUrl extracts the right tag name for a repo name containin
"codeql-bundle-v2.19.0",
);
});
test("getLatestToolcacheVersion returns undefined if there are no CodeQL CLIs in the toolcache", (t) => {
sinon.stub(toolcache, "findAllVersions").returns([]);
t.is(setupCodeql.getLatestToolcacheVersion(getRunnerLogger(true)), undefined);
});
test("getLatestToolcacheVersion returns latest version in the toolcache", (t) => {
const testVersions = ["2.3.1", "3.2.1", "1.2.3"];
sinon.stub(toolcache, "findAllVersions").returns(testVersions);
t.is(setupCodeql.getLatestToolcacheVersion(getRunnerLogger(true)), "3.2.1");
});

72
src/setup-codeql.ts
View File

@@ -7,7 +7,7 @@ import { default as deepEqual } from "fast-deep-equal";
import * as semver from "semver";
import { v4 as uuidV4 } from "uuid";
import { isRunningLocalAction } from "./actions-util";
import { isDynamicWorkflow, isRunningLocalAction } from "./actions-util";
import * as api from "./api-client";
import * as defaults from "./defaults.json";
import {
@@ -38,6 +38,7 @@ const CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies";
const CODEQL_BUNDLE_VERSION_ALIAS: string[] = ["linked", "latest"];
const CODEQL_NIGHTLY_TOOLS_INPUTS = ["nightly", "nightly-latest"];
const CODEQL_TOOLCACHE_INPUT = "toolcache";
function getCodeQLBundleExtension(
compressionMethod: tar.CompressionMethod,
@@ -346,6 +347,44 @@ export async function getCodeQLSource(
"`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required.",
);
}
} else if (
toolsInput !== undefined &&
toolsInput === CODEQL_TOOLCACHE_INPUT
) {
let latestToolcacheVersion: string | undefined;
// We only allow `toolsInput === "toolcache"` for `dynamic` events. In general, using `toolsInput === "toolcache"`
// can lead to alert wobble and so it shouldn't be used for an analysis where results are intended to be uploaded.
// We also allow this in test mode.
const allowToolcacheValue = isDynamicWorkflow() || util.isInTestMode();
if (allowToolcacheValue) {
// If `toolsInput === "toolcache"`, try to find the latest version of the CLI that's available in the toolcache
// and use that. We perform this check here since we can set `cliVersion` directly and don't want to default to
// the linked version.
logger.info(
`Attempting to use the latest CodeQL CLI version in the toolcache, as requested by 'tools: ${toolsInput}'.`,
);
latestToolcacheVersion = getLatestToolcacheVersion(logger);
if (latestToolcacheVersion) {
cliVersion = latestToolcacheVersion;
}
}
if (latestToolcacheVersion === undefined) {
if (allowToolcacheValue) {
logger.info(
`Found no CodeQL CLI in the toolcache, ignoring 'tools: ${toolsInput}'...`,
);
} else {
logger.warning(
`Ignoring 'tools: ${toolsInput}' because the workflow was not triggered dynamically.`,
);
}
cliVersion = defaultCliVersion.cliVersion;
tagName = defaultCliVersion.tagName;
}
} else if (toolsInput !== undefined) {
// If a tools URL was provided, then use that.
tagName = tryGetTagNameFromUrl(toolsInput, logger);
@@ -816,9 +855,38 @@ async function getNightlyToolsUrl(logger: Logger) {
}
}
/**
* Gets the latest version of the CodeQL CLI that is available in the toolcache, or `undefined`
* if no CodeQL CLI is available in the toolcache.
*
* @param logger The logger to use.
* @returns The latest version of the CodeQL CLI that is available in the toolcache, or `undefined` if there is none.
*/
export function getLatestToolcacheVersion(logger: Logger): string | undefined {
const allVersions = toolcache
.findAllVersions("CodeQL")
.sort((a, b) => semver.compare(b, a));
logger.debug(
`Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify(
allVersions,
)}.`,
);
if (allVersions.length > 0) {
const latestToolcacheVersion = allVersions[0];
logger.info(
`CLI version ${latestToolcacheVersion} is the latest version in the toolcache.`,
);
return latestToolcacheVersion;
}
return undefined;
}
function isReservedToolsValue(tools: string): boolean {
return (
CODEQL_BUNDLE_VERSION_ALIAS.includes(tools) ||
CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools)
CODEQL_NIGHTLY_TOOLS_INPUTS.includes(tools) ||
tools === CODEQL_TOOLCACHE_INPUT
);
}

8
src/upload-lib.ts
View File

@@ -352,14 +352,14 @@ async function uploadPayload(
payload: any,
repositoryNwo: RepositoryNwo,
logger: Logger,
target: analyses.SARIF_UPLOAD_ENDPOINT,
analysis: analyses.AnalysisConfig,
): Promise<string> {
logger.info("Uploading results");
if (util.shouldSkipSarifUpload()) {
const payloadSaveFile = path.join(
actionsUtil.getTemporaryDirectory(),
"payload.json",
`payload-${analysis.kind}.json`,
);
logger.info(
`SARIF upload disabled by an environment variable. Saving to ${payloadSaveFile}`,
@@ -372,7 +372,7 @@ async function uploadPayload(
const client = api.getApiClient();
try {
const response = await client.request(target, {
const response = await client.request(analysis.target, {
owner: repositoryNwo.owner,
repo: repositoryNwo.repo,
data: payload,
@@ -806,7 +806,7 @@ export async function uploadSpecifiedFiles(
payload,
getRepositoryNwo(),
logger,
uploadTarget.target,
uploadTarget,
);
logger.endGroup();