* Stop checking disk usage for MacOS ARM with SIP disabled
On MacOS ARM machines where SIP is disabled, after the build tracer is initialized in the `init` Action, we receive warnings when we run send status reports due to the `df` binary. This change will make it so that we no longer run `df` for those machines.
* PR Checks: use `macos-12` runners for CLI v. < 2.15.1
Prior to CLI v2.15.1, MacOS ARM runners were not supported by the build tracer. "macos-latest" is now an ARM runner, so we run these tests on the old CLIs on Intel runners instead.
* Log a warning if SIP is disabled and CLI is < 2.15.1
* Add changenote for SIP-disabled support on old CLI versions
* Set up Python 3.11 for all MacOS checks
Refactor the existing classes of configuration errors into their own file; consolidate the place we check for configuration errors into `codeql.ts`, where the actual command invocations happen.
Also, rename the `UserError` type to `ConfigurationError` to standardize on a single term.
* Check `setsCodeqlRunnerEnvVar` is set in the CLI with `ToolsFeatures`
* Stop setting `CODEQL_RUNNER` env var when CLI does
* Add optional `features` parameter in test utils
* Test that `CODEQL_RUNNER` is not set if CLI sets it
The python extractor does not yet support 3.12. Check for this and
instead make sure we run python 3.11. Only need to check on windows
since we are extremely unlikely to be running 3.12 on linux or macos.
- We can now use the default bundle version feature flags to remediate a
bad bundle update.
- Controlled switchover ensures that a repo consistently gets the same
bundle version, so we no longer have alert churn concerns with Kotlin
and Swift.
Previously, with the config parsing in the cli feature flag turned on,
the CLI was not able to download packs from other registries. This PR
adds the codeql-action changes required for this. The CLI changes will
be in a separate, internal PR.
This works by moving the logic to check for toolcache bypass out of
creating the codeql instance. The logic now _may_ perform an API request
in order to check what languages are in the repository. This check is
redundant because the same call is being made later in the action when
the actual list of languages is calculated.
