Refactor the existing classes of configuration errors into their own file; consolidate the place we check for configuration errors into `codeql.ts`, where the actual command invocations happen.
Also, rename the `UserError` type to `ConfigurationError` to standardize on a single term.
The recent update of jsonschema inadvertently caused extra validation of
`uri-reference` formatted properties. This change ensures that these
errors are converted to warnings.
Note that we cannot revert the change to jsonschema since the old
version does not handle `uniqueItems` correctly.
* Refactor status report upload logic
Previously we had duplicated the logic to check `GITHUB_RUN_ID`. We now call the `getWorkflowRunID()` method for the status report upload method, and move the logic for the run attempt to `getWorkflowRunAttempt()`
* Add `workflow_run_attempt` to analysis payload
* Stop allowing `undefined` run IDs and attempts
Because we already throw an error if the ID or attempt aren't numbers, we don't have to allow `undefined` values into the payload.
We had a problem where `waitForProcessing` was not completing before
the node process ends. This is because using `unref` would allow the
node process to end without having the `delay` function complete.
This commit also adds a new integration check to verify this.
When running in test mode, payloads will not be uploaded. Instead, they
will be saved to disk so that they can be inspected later.
Turboscan only allows a single combination of tool name and automation
details id for testing category uniqueness.
Previously, the check in the action was not entirely correct since it
only looked at the _category_ and not the combination of the category
and the tool name.
It's even more precise now since it is looking at the actual, computed
value of the automation details id, rather than an inputted value of
the category.
This change also includes a refactoring where the action is now avoiding
multiple parsing/stringifying of the sarif files. Instead, sarif is
parsed once at the start of the process and stringified once, after
sarif processing is completely finished.
