Merge pull request #899 from github/update-v1.0.31-3a741b6c

Merge main into v1
1.0.31
2025-12-10 17:54:36 +08:00 · 2022-01-31 08:40:43 -08:00 · 2022-01-31 16:08:02 +00:00 · 2022-01-31 15:48:18 +00:00 · 2022-01-31 14:51:48 +00:00 · 2022-01-31 14:51:33 +00:00
245 changed files with 23543 additions and 33004 deletions
--- a/.github/prepare-test/action.yml
+++ b/.github/prepare-test/action.yml
@@ -28,7 +28,6 @@ runs:
          echo "::set-output name=tools-url::https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-$VERSION-manual/codeql-bundle.tar.gz"
        elif [[ ${{ inputs.version }} == *"stable"* ]]; then
          export VERSION=`echo ${{ inputs.version }} | sed -e 's/^.*\-//'`
-          echo "Hello $VERSION"
          echo "::set-output name=tools-url::https://github.com/github/codeql-action/releases/download/codeql-bundle-$VERSION/codeql-bundle.tar.gz"
        elif [[ ${{ inputs.version }} == "latest" ]]; then
          echo "::set-output name=tools-url::latest"
--- a/.github/workflows/__debug-artifacts.yml
+++ b/.github/workflows/__debug-artifacts.yml
@@ -0,0 +1,77 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - Debug artifact upload
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  debug-artifacts:
+    strategy:
+      matrix:
+        version:
+        - stable-20201028
+        - stable-20210319
+        - stable-20210809
+        - cached
+        - latest
+        - nightly-latest
+        os: [ubuntu-latest, macos-latest]
+    name: Debug artifact upload
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+        debug: true
+        debug-artifact-name: my-debug-artifacts
+        debug-database-name: my-db
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      id: analysis
+    - uses: actions/download-artifact@v2
+      with:
+        name: my-debug-artifacts-${{ matrix.os }}-${{ matrix.version }}
+    - shell: bash
+      run: |
+        LANGUAGES="cpp csharp go java javascript python"
+        for language in $LANGUAGES; do
+          echo "Checking $language"
+          if [[ ! -f "$language.sarif" ]] ; then
+            echo "Missing a SARIF file for $language"
+            exit 1
+          fi
+          if [[ ! -f "my-db-$language.zip" ]] ; then
+            echo "Missing a database bundle for $language"
+            exit 1
+          fi
+          if [[ ! -d "$language/log" ]] ; then
+            echo "Missing logs for $language"
+            exit 1
+          fi
+        done
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__extractor-ram-threads.yml
+++ b/.github/workflows/__extractor-ram-threads.yml
@@ -0,0 +1,63 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - Extractor ram and threads options test
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  extractor-ram-threads:
+    strategy:
+      matrix:
+        version: [latest]
+        os: [ubuntu-latest]
+    name: Extractor ram and threads options test
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        languages: java
+        ram: 230
+        threads: 1
+    - name: Assert Results
+      shell: bash
+      run: |
+        if [ "${CODEQL_RAM}" != "230" ]; then
+          echo "CODEQL_RAM is '${CODEQL_RAM}' instead of 230"
+          exit 1
+        fi
+        if [ "${CODEQL_EXTRACTOR_JAVA_RAM}" != "230" ]; then
+          echo "CODEQL_EXTRACTOR_JAVA_RAM is '${CODEQL_EXTRACTOR_JAVA_RAM}' instead of 230"
+          exit 1
+        fi
+        if [ "${CODEQL_THREADS}" != "1" ]; then
+          echo "CODEQL_THREADS is '${CODEQL_THREADS}' instead of 1"
+          exit 1
+        fi
+        if [ "${CODEQL_EXTRACTOR_JAVA_THREADS}" != "1" ]; then
+          echo "CODEQL_EXTRACTOR_JAVA_THREADS is '${CODEQL_EXTRACTOR_JAVA_THREADS}' instead of 1"
+          exit 1
+        fi
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__go-custom-queries.yml
+++ b/.github/workflows/__go-custom-queries.yml
@@ -0,0 +1,62 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: 'PR Check - Go: Custom queries'
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  go-custom-queries:
+    strategy:
+      matrix:
+        version:
+        - stable-20201028
+        - stable-20210319
+        - stable-20210809
+        - cached
+        - latest
+        - nightly-latest
+        os:
+        - ubuntu-latest
+        - macos-latest
+        - windows-latest
+    name: 'Go: Custom queries'
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: actions/setup-go@v2
+      with:
+        go-version: ^1.13.1
+    - uses: ./../action/init
+      with:
+        languages: go
+        config-file: ./.github/codeql/custom-queries.yml
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      env:
+        TEST_MODE: true
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__go-custom-tracing-autobuild.yml
+++ b/.github/workflows/__go-custom-tracing-autobuild.yml
@@ -0,0 +1,64 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: 'PR Check - Go: Autobuild custom tracing'
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  go-custom-tracing-autobuild:
+    strategy:
+      matrix:
+        version:
+        - stable-20201028
+        - stable-20210319
+        - stable-20210809
+        - cached
+        - latest
+        - nightly-latest
+        os: [ubuntu-latest, macos-latest]
+    name: 'Go: Autobuild custom tracing'
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: actions/setup-go@v2
+      with:
+        go-version: ^1.13.1
+    - uses: ./../action/init
+      with:
+        languages: go
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - uses: ./../action/autobuild
+    - uses: ./../action/analyze
+      env:
+        TEST_MODE: true
+    - shell: bash
+      run: |
+        cd "$RUNNER_TEMP/codeql_databases"
+        if [[ ! -d go ]]; then
+          echo "Did not find a Go database"
+          exit 1
+        fi
+    env:
+      CODEQL_EXTRACTOR_GO_BUILD_TRACING: 'true'
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__go-custom-tracing.yml
+++ b/.github/workflows/__go-custom-tracing.yml
@@ -0,0 +1,62 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: 'PR Check - Go: Custom tracing'
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  go-custom-tracing:
+    strategy:
+      matrix:
+        version:
+        - stable-20201028
+        - stable-20210319
+        - stable-20210809
+        - cached
+        - latest
+        - nightly-latest
+        os:
+        - ubuntu-latest
+        - macos-latest
+        - windows-latest
+    name: 'Go: Custom tracing'
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: actions/setup-go@v2
+      with:
+        go-version: ^1.13.1
+    - uses: ./../action/init
+      with:
+        languages: go
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - name: Build code
+      shell: bash
+      run: go build main.go
+    - uses: ./../action/analyze
+      env:
+        TEST_MODE: true
+    env:
+      CODEQL_EXTRACTOR_GO_BUILD_TRACING: 'true'
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__javascript-source-root.yml
+++ b/.github/workflows/__javascript-source-root.yml
@@ -0,0 +1,61 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - Custom source root
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  javascript-source-root:
+    strategy:
+      matrix:
+        version: [latest, cached, nightly-latest] # This feature is not compatible with old CLIs
+        os: [ubuntu-latest]
+    name: Custom source root
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - name: Move codeql-action
+      shell: bash
+      run: |
+        mkdir ../new-source-root
+        mv * ../new-source-root
+    - uses: ./../action/init
+      with:
+        languages: javascript
+        source-root: ../new-source-root
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - uses: ./../action/analyze
+      with:
+        skip-queries: true
+        upload: false
+    - name: Assert database exists
+      shell: bash
+      run: |
+        cd "$RUNNER_TEMP/codeql_databases"
+        if [[ ! -d javascript ]]; then
+          echo "Did not find a JavaScript database"
+          exit 1
+        fi
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__multi-language-autodetect.yml
+++ b/.github/workflows/__multi-language-autodetect.yml
@@ -0,0 +1,88 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - Multi-language repository
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  multi-language-autodetect:
+    strategy:
+      matrix:
+        version:
+        - stable-20201028
+        - stable-20210319
+        - stable-20210809
+        - cached
+        - latest
+        - nightly-latest
+        os: [ubuntu-latest, macos-latest]
+    name: Multi-language repository
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        db-location: ${{ runner.temp }}/customDbLocation
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      id: analysis
+      env:
+        TEST_MODE: true
+    - shell: bash
+      run: |
+        CPP_DB=${{ fromJson(steps.analysis.outputs.db-locations).cpp }}
+        if [[ ! -d $CPP_DB ]] || [[ ! $CPP_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for CPP, or created it in the wrong location."
+          exit 1
+        fi
+        CSHARP_DB=${{ fromJson(steps.analysis.outputs.db-locations).csharp }}
+        if [[ ! -d $CSHARP_DB ]] || [[ ! $CSHARP_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for C Sharp, or created it in the wrong location."
+          exit 1
+        fi
+        GO_DB=${{ fromJson(steps.analysis.outputs.db-locations).go }}
+        if [[ ! -d $GO_DB ]] || [[ ! $GO_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for Go, or created it in the wrong location."
+          exit 1
+        fi
+        JAVA_DB=${{ fromJson(steps.analysis.outputs.db-locations).java }}
+        if [[ ! -d $JAVA_DB ]] || [[ ! $JAVA_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for Java, or created it in the wrong location."
+          exit 1
+        fi
+        JAVASCRIPT_DB=${{ fromJson(steps.analysis.outputs.db-locations).javascript }}
+        if [[ ! -d $JAVASCRIPT_DB ]] || [[ ! $JAVASCRIPT_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for Javascript, or created it in the wrong location."
+          exit 1
+        fi
+        PYTHON_DB=${{ fromJson(steps.analysis.outputs.db-locations).python }}
+        if [[ ! -d $PYTHON_DB ]] || [[ ! $PYTHON_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for Python, or created it in the wrong location."
+          exit 1
+        fi
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__packaging-config-inputs-js.yml
+++ b/.github/workflows/__packaging-config-inputs-js.yml
@@ -0,0 +1,67 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: 'PR Check - Packaging: Config and input'
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  packaging-config-inputs-js:
+    strategy:
+      matrix:
+        version: [nightly-20210831] # This CLI version is known to work with package used in this test
+        os: [ubuntu-latest, macos-latest]
+    name: 'Packaging: Config and input'
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        config-file: .github/codeql/codeql-config-packaging3.yml
+        packs: +dsp-testing/codeql-pack1@0.1.0
+        languages: javascript
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      with:
+        output: ${{ runner.temp }}/results
+      env:
+        TEST_MODE: true
+    - name: Assert Results
+      shell: bash
+      run: |
+        cd "$RUNNER_TEMP/results"
+        # We should have 3 hits from these rules
+        EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/two-block"
+
+        # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | xargs)"
+        echo "Found matching rules '$RULES'"
+        if [ "$RULES" != "$EXPECTED_RULES" ]; then
+          echo "Did not match expected rules '$EXPECTED_RULES'."
+          exit 1
+        fi
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__packaging-config-js.yml
+++ b/.github/workflows/__packaging-config-js.yml
@@ -0,0 +1,66 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: 'PR Check - Packaging: Config file'
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  packaging-config-js:
+    strategy:
+      matrix:
+        version: [nightly-20210831] # This CLI version is known to work with package used in this test
+        os: [ubuntu-latest, macos-latest]
+    name: 'Packaging: Config file'
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        config-file: .github/codeql/codeql-config-packaging.yml
+        languages: javascript
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      with:
+        output: ${{ runner.temp }}/results
+      env:
+        TEST_MODE: true
+    - name: Assert Results
+      shell: bash
+      run: |
+        cd "$RUNNER_TEMP/results"
+        # We should have 3 hits from these rules
+        EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/two-block"
+
+        # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | xargs)"
+        echo "Found matching rules '$RULES'"
+        if [ "$RULES" != "$EXPECTED_RULES" ]; then
+          echo "Did not match expected rules '$EXPECTED_RULES'."
+          exit 1
+        fi
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__packaging-inputs-js.yml
+++ b/.github/workflows/__packaging-inputs-js.yml
@@ -0,0 +1,67 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: 'PR Check - Packaging: Action input'
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  packaging-inputs-js:
+    strategy:
+      matrix:
+        version: [nightly-20210831] # This CLI version is known to work with package used in this test
+        os: [ubuntu-latest, macos-latest]
+    name: 'Packaging: Action input'
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        config-file: .github/codeql/codeql-config-packaging2.yml
+        languages: javascript
+        packs: dsp-testing/codeql-pack1@0.1.0, dsp-testing/codeql-pack2
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      with:
+        output: ${{ runner.temp }}/results
+      env:
+        TEST_MODE: true
+    - name: Assert Results
+      shell: bash
+      run: |
+        cd "$RUNNER_TEMP/results"
+        # We should have 3 hits from these rules
+        EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/two-block"
+
+        # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | xargs)"
+        echo "Found matching rules '$RULES'"
+        if [ "$RULES" != "$EXPECTED_RULES" ]; then
+          echo "Did not match expected rules '$EXPECTED_RULES'."
+          exit 1
+        fi
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__remote-config.yml
+++ b/.github/workflows/__remote-config.yml
@@ -0,0 +1,60 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - Remote config file
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  remote-config:
+    strategy:
+      matrix:
+        version:
+        - stable-20201028
+        - stable-20210319
+        - stable-20210809
+        - cached
+        - latest
+        - nightly-latest
+        os:
+        - ubuntu-latest
+        - macos-latest
+        - windows-latest
+    name: Remote config file
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+        languages: cpp,csharp,java,javascript,python
+        config-file: github/codeql-action/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{
+          github.sha }}
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      env:
+        TEST_MODE: true
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__rubocop-multi-language.yml
+++ b/.github/workflows/__rubocop-multi-language.yml
@@ -0,0 +1,67 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - RuboCop multi-language
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  rubocop-multi-language:
+    strategy:
+      matrix:
+        version:
+        - stable-20201028
+        - stable-20210319
+        - stable-20210809
+        - cached
+        - latest
+        - nightly-latest
+        os: [ubuntu-latest]
+    name: RuboCop multi-language
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: 2.6
+    - name: Install Code Scanning integration
+      shell: bash
+      run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install
+    - name: Install dependencies
+      shell: bash
+      run: bundle install
+    - name: RuboCop run
+      shell: bash
+      run: |
+        bash -c "
+          bundle exec rubocop --require code_scanning --format CodeScanning::SarifFormatter -o rubocop.sarif
+          [[ $? -ne 2 ]]
+        "
+    - uses: ./../action/upload-sarif
+      with:
+        sarif_file: rubocop.sarif
+      env:
+        TEST_MODE: true
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__split-workflow.yml
+++ b/.github/workflows/__split-workflow.yml
@@ -0,0 +1,81 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - Split workflow
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  split-workflow:
+    strategy:
+      matrix:
+        version: [nightly-20210831] # This CLI version is known to work with package used in this test
+        os: [ubuntu-latest, macos-latest]
+    name: Split workflow
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        config-file: .github/codeql/codeql-config-packaging3.yml
+        packs: +dsp-testing/codeql-pack1@0.1.0
+        languages: javascript
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      with:
+        skip-queries: true
+        output: ${{ runner.temp }}/results
+      env:
+        TEST_MODE: true
+    - name: Assert No Results
+      shell: bash
+      run: |
+        if [ "$(ls -A $RUNNER_TEMP/results)" ]; then
+          echo "Expected results directory to be empty after skipping query execution!"
+          exit 1
+        fi
+    - uses: ./../action/analyze
+      with:
+        output: ${{ runner.temp }}/results
+        upload-database: false
+      env:
+        TEST_MODE: true
+    - name: Assert Results
+      shell: bash
+      run: |
+        cd "$RUNNER_TEMP/results"
+        # We should have 3 hits from these rules
+        EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/two-block"
+
+        # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
+        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n" " " | xargs)"
+        echo "Found matching rules '$RULES'"
+        if [ "$RULES" != "$EXPECTED_RULES" ]; then
+          echo "Did not match expected rules '$EXPECTED_RULES'."
+          exit 1
+        fi
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__test-local-codeql.yml
+++ b/.github/workflows/__test-local-codeql.yml
@@ -0,0 +1,54 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - Local CodeQL bundle
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  test-local-codeql:
+    strategy:
+      matrix:
+        version: [nightly-latest]
+        os: [ubuntu-latest]
+    name: Local CodeQL bundle
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - name: Fetch a CodeQL bundle
+      shell: bash
+      env:
+        CODEQL_URL: ${{ steps.prepare-test.outputs.tools-url }}
+      run: |
+        wget "$CODEQL_URL"
+    - uses: ./../action/init
+      with:
+        tools: ./codeql-bundle.tar.gz
+    - name: Build code
+      shell: bash
+      run: ./build.sh
+    - uses: ./../action/analyze
+      env:
+        TEST_MODE: true
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__test-proxy.yml
+++ b/.github/workflows/__test-proxy.yml
@@ -0,0 +1,55 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - Proxy test
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  test-proxy:
+    strategy:
+      matrix:
+        version: [latest]
+        os: [ubuntu-latest]
+    name: Proxy test
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        languages: javascript
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - uses: ./../action/analyze
+      env:
+        TEST_MODE: true
+    env:
+      https_proxy: http://squid-proxy:3128
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
+    container:
+      image: ubuntu:18.04
+      options: --dns 127.0.0.1
+    services:
+      squid-proxy:
+        image: datadog/squid:latest
+        ports:
+        - 3128:3128
--- a/.github/workflows/__test-ruby.yml
+++ b/.github/workflows/__test-ruby.yml
@@ -0,0 +1,56 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - Ruby analysis
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  test-ruby:
+    strategy:
+      matrix:
+        version: [latest, cached, nightly-latest]
+        os: [ubuntu-latest, macos-latest]
+    name: Ruby analysis
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        languages: ruby
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - uses: ./../action/analyze
+      id: analysis
+      env:
+        TEST_MODE: true
+    - name: Check database
+      shell: bash
+      run: |
+        RUBY_DB="${{ fromJson(steps.analysis.outputs.db-locations).ruby }}"
+        if [[ ! -d "$RUBY_DB" ]]; then
+          echo "Did not create a database for Ruby."
+          exit 1
+        fi
+    env:
+      CODEQL_ENABLE_EXPERIMENTAL_FEATURES: 'true'
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__unset-environment.yml
+++ b/.github/workflows/__unset-environment.yml
@@ -0,0 +1,88 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     pip install ruamel.yaml && python3 sync.py
+# to regenerate this file.
+
+name: PR Check - Test unsetting environment variables
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+    - main
+    - v1
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  unset-environment:
+    strategy:
+      matrix:
+        version:
+        - stable-20201028
+        - stable-20210319
+        - stable-20210809
+        - cached
+        - latest
+        - nightly-latest
+        os: [ubuntu-latest]
+    name: Test unsetting environment variables
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v2
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/prepare-test
+      with:
+        version: ${{ matrix.version }}
+    - uses: ./../action/init
+      with:
+        db-location: ${{ runner.temp }}/customDbLocation
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - name: Build code
+      shell: bash
+      run: env -i PATH="$PATH" HOME="$HOME" ./build.sh
+    - uses: ./../action/analyze
+      id: analysis
+      env:
+        TEST_MODE: true
+    - shell: bash
+      run: |
+        CPP_DB=${{ fromJson(steps.analysis.outputs.db-locations).cpp }}
+        if [[ ! -d $CPP_DB ]] || [[ ! $CPP_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for CPP, or created it in the wrong location."
+          exit 1
+        fi
+        CSHARP_DB=${{ fromJson(steps.analysis.outputs.db-locations).csharp }}
+        if [[ ! -d $CSHARP_DB ]] || [[ ! $CSHARP_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for C Sharp, or created it in the wrong location."
+          exit 1
+        fi
+        GO_DB=${{ fromJson(steps.analysis.outputs.db-locations).go }}
+        if [[ ! -d $GO_DB ]] || [[ ! $GO_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for Go, or created it in the wrong location."
+          exit 1
+        fi
+        JAVA_DB=${{ fromJson(steps.analysis.outputs.db-locations).java }}
+        if [[ ! -d $JAVA_DB ]] || [[ ! $JAVA_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for Java, or created it in the wrong location."
+          exit 1
+        fi
+        JAVASCRIPT_DB=${{ fromJson(steps.analysis.outputs.db-locations).javascript }}
+        if [[ ! -d $JAVASCRIPT_DB ]] || [[ ! $JAVASCRIPT_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for Javascript, or created it in the wrong location."
+          exit 1
+        fi
+        PYTHON_DB=${{ fromJson(steps.analysis.outputs.db-locations).python }}
+        if [[ ! -d $PYTHON_DB ]] || [[ ! $PYTHON_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
+          echo "Did not create a database for Python, or created it in the wrong location."
+          exit 1
+        fi
+    env:
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/check-expected-release-files.yml
+++ b/.github/workflows/check-expected-release-files.yml
@@ -0,0 +1,25 @@
+name: Check Expected Release Files
+
+on:
+  pull_request:
+    paths:
+      - .github/workflows/check-expected-release-files.yml
+      - src/defaults.json
+    # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
+    # by other workflows.
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  check-expected-release-files:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout CodeQL Action
+        uses: actions/checkout@v2
+      - name: Check Expected Release Files
+        run: |
+          bundle_version="$(cat "./src/defaults.json" | jq -r ".bundleVersion")"
+          set -x
+          for expected_file in "codeql-bundle.tar.gz" "codeql-bundle-linux64.tar.gz" "codeql-bundle-osx64.tar.gz" "codeql-bundle-win64.tar.gz" "codeql-runner-linux" "codeql-runner-macos" "codeql-runner-win.exe"; do
+            curl --location --fail --head --request GET "https://github.com/github/codeql-action/releases/download/$bundle_version/$expected_file" > /dev/null
+          done
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,88 @@
+name: "CodeQL action"
+
+on:
+  push:
+    branches: [main, v1]
+  pull_request:
+    branches: [main, v1]
+    # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
+    # by other workflows.
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  # Identify the CodeQL tool versions to use in the analysis job.
+  check-codeql-versions:
+    runs-on: ubuntu-latest
+    outputs:
+      versions: ${{ steps.compare.outputs.versions }}
+
+    permissions:
+      security-events: write
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Init with default CodeQL bundle from the VM image
+      id: init-default
+      uses: ./init
+      with:
+        languages: javascript
+    - name: Remove empty database
+      # allows us to run init a second time
+      run: |
+        rm -rf "$RUNNER_TEMP/codeql_databases"
+    - name: Init with latest CodeQL bundle
+      id: init-latest
+      uses: ./init
+      with:
+        tools: latest
+        languages: javascript
+    - name: Compare default and latest CodeQL bundle versions
+      id: compare
+      env:
+        CODEQL_DEFAULT: ${{ steps.init-default.outputs.codeql-path }}
+        CODEQL_LATEST: ${{ steps.init-latest.outputs.codeql-path }}
+      run: |
+        CODEQL_VERSION_DEFAULT="$("$CODEQL_DEFAULT" version --format terse)"
+        CODEQL_VERSION_LATEST="$("$CODEQL_LATEST" version --format terse)"
+        echo "Default CodeQL bundle version is $CODEQL_VERSION_DEFAULT"
+        echo "Latest CodeQL bundle version is $CODEQL_VERSION_LATEST"
+
+        # If we're running on a pull request, run with both bundles, even if `tools: latest` would
+        # be the same as `tools: null`. This allows us to make the job for each of the bundles a
+        # required status check.
+        #
+        # If we're running on push, then we can skip running with `tools: latest` when it would be
+        # the same as running with `tools: null`.
+        if [[ "$GITHUB_EVENT_NAME" != "pull_request" && "$CODEQL_VERSION_DEFAULT" == "$CODEQL_VERSION_LATEST" ]]; then
+          VERSIONS_JSON='[null]'
+        else
+          VERSIONS_JSON='[null, "latest"]'
+        fi
+
+        # Output a JSON-encoded list with the distinct versions to test against.
+        echo "Suggested matrix config for analysis job: $VERSIONS_JSON"
+        echo "::set-output name=versions::${VERSIONS_JSON}"
+
+  build:
+    needs: [check-codeql-versions]
+    strategy:
+      matrix:
+        os: [ubuntu-latest,windows-latest,macos-latest]
+        tools: ${{ fromJson(needs.check-codeql-versions.outputs.versions) }}
+    runs-on: ${{ matrix.os }}
+
+    permissions:
+      security-events: write
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: ./init
+      id: init
+      with:
+        languages: javascript
+        config-file: ./.github/codeql/codeql-config.yml
+        tools: ${{ matrix.tools }}
+    # confirm steps.init.outputs.codeql-path points to the codeql binary
+    - name: Print CodeQL Version
+      run: ${{steps.init.outputs.codeql-path}} version --format=json
+    - uses: ./analyze
--- a/.github/workflows/post-release-mergeback.yml
+++ b/.github/workflows/post-release-mergeback.yml
@@ -0,0 +1,119 @@
+# This workflow runs after a release of the action.
+# It merges any changes from the release back into the
+# main branch. Typically, this is just a single commit
+# that updates the changelog.
+name: Tag release and merge back
+
+on:
+  workflow_dispatch:
+    inputs:
+      baseBranch:
+        description: 'The base branch to merge into'
+        default: main
+        required: false
+
+  push:
+    branches:
+      - v1
+
+jobs:
+  merge-back:
+    runs-on: ubuntu-latest
+    if: github.repository == 'github/codeql-action'
+    env:
+      BASE_BRANCH: "${{ github.event.inputs.baseBranch || 'main' }}"
+      HEAD_BRANCH: "${{ github.head_ref || github.ref }}"
+
+    steps:
+      - name: Dump GitHub Event context
+        env:
+          GITHUB_EVENT_CONTEXT: "${{ toJson(github.event) }}"
+        run: echo "$GITHUB_EVENT_CONTEXT"
+
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+
+      - name: Update git config
+        run: |
+          git config --global user.email "github-actions@github.com"
+          git config --global user.name "github-actions[bot]"
+
+      - name: Get version and new branch
+        id: getVersion
+        run: |
+          VERSION="v$(jq '.version' -r 'package.json')"
+          SHORT_SHA="${GITHUB_SHA:0:8}"
+          echo "::set-output name=version::$VERSION"
+          NEW_BRANCH="mergeback/${VERSION}-to-${BASE_BRANCH}-${SHORT_SHA}"
+          echo "::set-output name=newBranch::$NEW_BRANCH"
+
+
+      - name: Dump branches
+        env:
+          NEW_BRANCH: "${{ steps.getVersion.outputs.newBranch }}"
+        run: |
+          echo "BASE_BRANCH $BASE_BRANCH"
+          echo "HEAD_BRANCH $HEAD_BRANCH"
+          echo "NEW_BRANCH $NEW_BRANCH"
+
+      - name: Create mergeback branch
+        env:
+          NEW_BRANCH: "${{ steps.getVersion.outputs.newBranch }}"
+        run: |
+          git checkout -b "$NEW_BRANCH"
+
+      - name: Check for tag
+        id: check
+        env:
+          VERSION: "${{ steps.getVersion.outputs.version }}"
+        run: |
+          set +e # don't fail on an errored command
+          git ls-remote --tags origin | grep "$VERSION"
+          EXISTS="$?"
+          if [ "$EXISTS" -eq 0 ]; then
+            echo "Tag $TAG exists. Not going to re-release."
+            echo "::set-output name=exists::true"
+          else
+            echo "Tag $TAG does not exist yet."
+          fi
+
+      # we didn't tag the release during the update-release-branch workflow because the
+      # commit that actually makes it to the release branch is a merge commit,
+      # and not yet known during the first workflow. We tag now because we know the correct commit.
+      - name: Tag release
+        if: steps.check.outputs.exists != 'true'
+        env:
+          VERSION: ${{ steps.getVersion.outputs.version }}
+        run: |
+          git tag -a "$VERSION" -m "$VERSION"
+          git fetch --unshallow  # unshallow the repo in order to allow pushes
+          git push origin --follow-tags "$VERSION"
+
+      - name: Create mergeback branch
+        if: steps.check.outputs.exists != 'true'
+        env:
+          VERSION: "${{ steps.getVersion.outputs.version }}"
+          NEW_BRANCH: "${{ steps.getVersion.outputs.newBranch }}"
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+        run: |
+          set -exu
+          PR_TITLE="Mergeback $VERSION $HEAD_BRANCH into $BASE_BRANCH"
+          PR_BODY="Updates version and changelog."
+
+          # Update the changelog
+          perl -i -pe 's/^/## \[UNRELEASED\]\n\nNo user facing changes.\n\n/ if($.==3)' CHANGELOG.md
+          git add .
+          git commit -m "Update changelog and version after $VERSION"
+          npm version patch
+
+          git push origin "$NEW_BRANCH"
+
+          # PR checks won't be triggered on PRs created by Actions. Therefore mark the PR as draft
+          # so that a maintainer can take the PR out of draft, thereby triggering the PR checks.
+          gh pr create \
+            --head "$NEW_BRANCH" \
+            --base "$BASE_BRANCH" \
+            --title "$PR_TITLE" \
+            --label "Update dependencies" \
+            --body "$PR_BODY" \
+            --draft
--- a/.github/workflows/pr-checks.yml
+++ b/.github/workflows/pr-checks.yml
@@ -10,8 +10,223 @@ on:
  workflow_dispatch:

 jobs:
-  runner-analyze-csharp-autobuild-macos:
-    name: Runner macos autobuild C# analyze
+  lint-js:
+    name: Lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Run Lint
+        run: npm run-script lint
+
+  check-js:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Check generated JS
+        run: .github/workflows/script/check-js.sh
+
+  check-node-modules:
+    name: Check modules up to date
+    runs-on: macos-latest
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Check node modules up to date
+        run: .github/workflows/script/check-node-modules.sh
+
+  verify-pr-checks:
+    name: Verify PR checks up to date
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.8
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install ruamel.yaml
+      - name: Verify PR checks up to date
+        run: .github/workflows/script/verify-pr-checks.sh
+
+  npm-test:
+    name: Unit Test
+    needs: [check-js, check-node-modules]
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest]
+    runs-on: ${{ matrix.os }}
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: npm run-script test
+        run: npm run-script test
+
+  runner-analyze-javascript-ubuntu:
+    name: Runner ubuntu JS analyze
+    needs: [check-js, check-node-modules]
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build runner
+        run: |
+          cd runner
+          npm install
+          npm run build-runner
+
+      - name: Run init
+        run: |
+          # Pass --config-file here, but not for other jobs in this workflow.
+          # This means we're testing the config file parsing in the runner
+          # but not slowing down all jobs unnecessarily as it doesn't add much
+          # testing the parsing on different operating systems and languages.
+          runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+      - name: Run analyze
+        run: |
+          runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+        env:
+          TEST_MODE: true
+
+  runner-analyze-javascript-windows:
+    name: Runner windows JS analyze
+    needs: [check-js, check-node-modules]
+    runs-on: windows-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build runner
+        run: |
+          cd runner
+          npm install
+          npm run build-runner
+
+      - name: Run init
+        run: |
+          runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+      - name: Run analyze
+        run: |
+          runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+        env:
+          TEST_MODE: true
+
+  runner-analyze-javascript-macos:
+    name: Runner macos JS analyze
+    needs: [check-js, check-node-modules]
+    runs-on: macos-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build runner
+        run: |
+          cd runner
+          npm install
+          npm run build-runner
+
+      - name: Run init
+        run: |
+          runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+      - name: Run analyze
+        run: |
+          runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+        env:
+          TEST_MODE: true
+
+  runner-analyze-csharp-ubuntu:
+    name: Runner ubuntu C# analyze
+    needs: [check-js, check-node-modules]
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Move codeql-action
+        shell: bash
+        run: |
+          mkdir ../action
+          mv * .github ../action/
+          mv ../action/tests/multi-language-repo/{*,.github} .
+          mv ../action/.github/workflows .github
+
+      - name: Build runner
+        run: |
+          cd ../action/runner
+          npm install
+          npm run build-runner
+
+      - name: Run init
+        run: |
+          ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+      - name: Build code
+        run: |
+          . ./codeql-runner/codeql-env.sh
+          $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
+
+      - name: Run analyze
+        run: |
+          ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+        env:
+          TEST_MODE: true
+
+  runner-analyze-csharp-windows:
+    name: Runner windows C# analyze
+    needs: [check-js, check-node-modules]
+    runs-on: windows-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Move codeql-action
+        shell: bash
+        run: |
+          mkdir ../action
+          mv * .github ../action/
+          mv ../action/tests/multi-language-repo/{*,.github} .
+          mv ../action/.github/workflows .github
+
+      - name: Build runner
+        run: |
+          cd ../action/runner
+          npm install
+          npm run build-runner
+
+      - name: Run init
+        run: |
+          ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+      - name: Build code
+        shell: powershell
+        run: |
+          cat ./codeql-runner/codeql-env.sh | Invoke-Expression
+          $Env:CODEQL_EXTRACTOR_CSHARP_ROOT = "" # Unset an environment variable to make sure the tracer resists this
+          & $Env:CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
+
+      - name: Upload tracer logs
+        uses: actions/upload-artifact@v2
+        with:
+          name: tracer-logs
+          path: ./codeql-runner/compound-build-tracer.log
+
+      - name: Run analyze
+        run: |
+          ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+        env:
+          TEST_MODE: true
+
+  runner-analyze-csharp-macos:
+    name: Runner macos C# analyze
+    needs: [check-js, check-node-modules]
    runs-on: macos-latest

    steps:
@@ -31,8 +246,116 @@ jobs:
          npm install
          npm run build-runner

-      - name: Initialize dotnet
-        run: dotnet restore
+      - name: Run init
+        run: |
+          ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+      - name: Build code
+        shell: bash
+        run: |
+          . ./codeql-runner/codeql-env.sh
+          $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
+
+      - name: Run analyze
+        run: |
+          ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+        env:
+          TEST_MODE: true
+
+  runner-analyze-csharp-autobuild-ubuntu:
+    name: Runner ubuntu autobuild C# analyze
+    needs: [check-js, check-node-modules]
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Move codeql-action
+        shell: bash
+        run: |
+          mkdir ../action
+          mv * .github ../action/
+          mv ../action/tests/multi-language-repo/{*,.github} .
+          mv ../action/.github/workflows .github
+
+      - name: Build runner
+        run: |
+          cd ../action/runner
+          npm install
+          npm run build-runner
+
+      - name: Run init
+        run: |
+          ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+      - name: Build code
+        run: |
+          ../action/runner/dist/codeql-runner-linux autobuild
+
+      - name: Run analyze
+        run: |
+          ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+        env:
+          TEST_MODE: true
+
+  runner-analyze-csharp-autobuild-windows:
+    name: Runner windows autobuild C# analyze
+    needs: [check-js, check-node-modules]
+    runs-on: windows-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Move codeql-action
+        shell: bash
+        run: |
+          mkdir ../action
+          mv * .github ../action/
+          mv ../action/tests/multi-language-repo/{*,.github} .
+          mv ../action/.github/workflows .github
+
+      - name: Build runner
+        run: |
+          cd ../action/runner
+          npm install
+          npm run build-runner
+
+      - name: Run init
+        run: |
+          ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+      - name: Build code
+        shell: powershell
+        run: |
+          ../action/runner/dist/codeql-runner-win.exe autobuild
+
+      - name: Run analyze
+        run: |
+          ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
+        env:
+          TEST_MODE: true
+
+  runner-analyze-csharp-autobuild-macos:
+    name: Runner macos autobuild C# analyze
+    needs: [check-js, check-node-modules]
+    runs-on: macos-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Move codeql-action
+        shell: bash
+        run: |
+          mkdir ../action
+          mv * .github ../action/
+          mv ../action/tests/multi-language-repo/{*,.github} .
+          mv ../action/.github/workflows .github
+
+      - name: Build runner
+        run: |
+          cd ../action/runner
+          npm install
+          npm run build-runner

      - name: Run init
        run: |
@@ -41,7 +364,6 @@ jobs:
      - name: Build code
        shell: bash
        run: |
-          rm build.sh
          ../action/runner/dist/codeql-runner-macos autobuild

      - name: Run analyze
@@ -50,10 +372,63 @@ jobs:
        env:
          TEST_MODE: true

-      - uses: actions/upload-artifact@v2
-        if: always()
-        with:
-          name: my-artifact
-          path: |
-            bin
-            obj
+  runner-upload-sarif:
+    name: Runner upload sarif
+    needs: [check-js, check-node-modules]
+    runs-on: ubuntu-latest
+
+    if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }}
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build runner
+        run: |
+          cd runner
+          npm install
+          npm run build-runner
+
+      - name: Upload with runner
+        run: |
+          # Deliberately don't use TEST_MODE here. This is specifically testing
+          # the compatibility with the API.
+          runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+  runner-extractor-ram-threads-options:
+    name: Runner ubuntu extractor RAM and threads options
+    needs: [check-js, check-node-modules]
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build runner
+        run: |
+          cd runner
+          npm install
+          npm run build-runner
+
+      - name: Run init
+        run: |
+          runner/dist/codeql-runner-linux init --ram=230 --threads=1 --repository $GITHUB_REPOSITORY --languages java --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
+
+      - name: Assert Results
+        shell: bash
+        run: |
+          . ./codeql-runner/codeql-env.sh
+          if [ "${CODEQL_RAM}" != "230" ]; then
+            echo "CODEQL_RAM is '${CODEQL_RAM}' instead of 230"
+            exit 1
+          fi
+          if [ "${CODEQL_EXTRACTOR_JAVA_RAM}" != "230" ]; then
+            echo "CODEQL_EXTRACTOR_JAVA_RAM is '${CODEQL_EXTRACTOR_JAVA_RAM}' instead of 230"
+            exit 1
+          fi
+          if [ "${CODEQL_THREADS}" != "1" ]; then
+            echo "CODEQL_THREADS is '${CODEQL_THREADS}' instead of 1"
+            exit 1
+          fi
+          if [ "${CODEQL_EXTRACTOR_JAVA_THREADS}" != "1" ]; then
+            echo "CODEQL_EXTRACTOR_JAVA_THREADS is '${CODEQL_EXTRACTOR_JAVA_THREADS}' instead of 1"
+            exit 1
+          fi
--- a/.github/workflows/python-deps.yml
+++ b/.github/workflows/python-deps.yml
@@ -0,0 +1,157 @@
+name: Test Python Package Installation on Linux and Mac
+
+on:
+  push:
+    branches: [main, v1]
+  pull_request:
+    # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
+    # by other workflows.
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  test-setup-python-scripts:
+    runs-on: ${{ matrix.os }}
+    strategy:
+        fail-fast: false
+        matrix:
+          os: [ubuntu-latest, macos-latest]
+          python_deps_type: [pipenv, poetry, requirements, setup_py]
+          python_version: [2, 3]
+
+    env:
+      PYTHON_DEPS_TYPE: ${{ matrix.python_deps_type }}
+      PYTHON_VERSION: ${{ matrix.python_version }}
+
+    steps:
+    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+    - uses: actions/checkout@v2
+
+    - name: Initialize CodeQL
+      uses: ./init
+      id: init
+      with:
+        tools: latest
+        languages: python
+        setup-python-dependencies: false
+
+    - name: Test Auto Package Installation
+      run: |
+        set -x
+        $GITHUB_WORKSPACE/python-setup/install_tools.sh
+
+        cd $GITHUB_WORKSPACE/python-setup/tests/${PYTHON_DEPS_TYPE}/requests-${PYTHON_VERSION}
+
+        case ${{ matrix.os }} in
+            ubuntu-latest*)     basePath="/opt";;
+            macos-latest*)    basePath="/Users/runner";;
+        esac
+        echo ${basePath}
+
+        $GITHUB_WORKSPACE/python-setup/auto_install_packages.py "$(dirname ${{steps.init.outputs.codeql-path}})"
+    - name: Setup for extractor
+      run: |
+        echo $CODEQL_PYTHON
+        # only run if $CODEQL_PYTHON is set
+        if [ ! -z $CODEQL_PYTHON ]; then
+            $GITHUB_WORKSPACE/python-setup/tests/from_python_exe.py $CODEQL_PYTHON;
+        fi
+
+    - name: Verify packages installed
+      run: |
+        $GITHUB_WORKSPACE/python-setup/tests/check_requests_2_26_0.sh ${PYTHON_VERSION}
+
+  # This one shouldn't fail, but also won't install packages
+  test-setup-python-scripts-non-standard-location:
+    runs-on: ${{ matrix.os }}
+    strategy:
+        fail-fast: false
+        matrix:
+          os: [ubuntu-latest, macos-latest]
+
+    steps:
+    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+    - uses: actions/checkout@v2
+
+    - name: Initialize CodeQL
+      uses: ./init
+      id: init
+      with:
+        tools: latest
+        languages: python
+        setup-python-dependencies: false
+
+    - name: Test Auto Package Installation
+      run: |
+        set -x
+        $GITHUB_WORKSPACE/python-setup/install_tools.sh
+
+        cd $GITHUB_WORKSPACE/python-setup/tests/requirements/non-standard-location
+
+        case ${{ matrix.os }} in
+            ubuntu-latest*)     basePath="/opt";;
+            macos-latest*)    basePath="/Users/runner";;
+        esac
+        echo ${basePath}
+
+        $GITHUB_WORKSPACE/python-setup/auto_install_packages.py "$(dirname ${{steps.init.outputs.codeql-path}})"
+
+    - name: Setup for extractor
+      run: |
+        echo $CODEQL_PYTHON
+        # only run if $CODEQL_PYTHON is set
+        if [ ! -z $CODEQL_PYTHON ]; then
+            $GITHUB_WORKSPACE/python-setup/tests/from_python_exe.py $CODEQL_PYTHON;
+        fi
+
+    - name: Verify packages installed
+      run: |
+        test -z $LGTM_INDEX_IMPORT_PATH
+
+  test-setup-python-scripts-windows:
+    runs-on: windows-latest
+    strategy:
+        fail-fast: false
+        matrix:
+          python_deps_type: [pipenv, poetry, requirements, setup_py]
+          python_version: [2, 3]
+
+    env:
+      PYTHON_DEPS_TYPE: ${{ matrix.python_deps_type }}
+      PYTHON_VERSION: ${{ matrix.python_version }}
+
+    steps:
+    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+    - uses: actions/checkout@v2
+
+    - uses: actions/setup-python@v2
+      with:
+        python-version: ${{ matrix.python-version }}
+
+    - name: Initialize CodeQL
+      uses: ./init
+      with:
+        tools: latest
+        languages: python
+        setup-python-dependencies: false
+
+    - name: Test Auto Package Installation
+      run: |
+        $cmd = $Env:GITHUB_WORKSPACE + "\\python-setup\\install_tools.ps1"
+        powershell -File $cmd
+
+        cd $Env:GITHUB_WORKSPACE\\python-setup/tests/$Env:PYTHON_DEPS_TYPE/requests-$Env:PYTHON_VERSION
+        $DefaultsPath = Join-Path (Join-Path $Env:GITHUB_WORKSPACE "src") "defaults.json"
+        $CodeQLBundleName = (Get-Content -Raw -Path $DefaultsPath | ConvertFrom-Json).bundleVersion
+        $CodeQLVersion = "0.0.0-" + $CodeQLBundleName.split("-")[-1]
+        py -3 $Env:GITHUB_WORKSPACE\\python-setup\\auto_install_packages.py C:\\hostedtoolcache\\windows\\CodeQL\\$CodeQLVersion\\x64\\codeql
+
+    - name: Setup for extractor
+      run: |
+        echo $Env:CODEQL_PYTHON
+
+        py -3 $Env:GITHUB_WORKSPACE\\python-setup\\tests\\from_python_exe.py $Env:CODEQL_PYTHON
+
+    - name: Verify packages installed
+      run: |
+        $cmd = $Env:GITHUB_WORKSPACE + "\\python-setup\\tests\\check_requests_2_26_0.ps1"
+        powershell -File $cmd $Env:PYTHON_VERSION
--- a/.github/workflows/release-runner.yml
+++ b/.github/workflows/release-runner.yml
@@ -0,0 +1,54 @@
+name: Release runner
+
+on:
+  workflow_dispatch:
+    inputs:
+      bundle-tag:
+        description: 'Tag of the bundle release (e.g., "codeql-bundle-20200826")'
+        required: false
+
+jobs:
+  release-runner:
+    runs-on: ubuntu-latest
+    env:
+      RELEASE_TAG: "${{ github.event.inputs.bundle-tag }}"
+
+    strategy:
+      matrix:
+        extension: ["linux", "macos", "win.exe"]
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build runner
+        run: |
+          cd runner
+          npm install
+          npm run build-runner
+
+      - uses: actions/upload-artifact@v2
+        with:
+          name: codeql-runner-${{matrix.extension}}
+          path: runner/dist/codeql-runner-${{matrix.extension}}
+
+      - name: Resolve Upload URL for the release
+        if: ${{ github.event.inputs.bundle-tag != null }}
+        id: save_url
+        run: |
+          UPLOAD_URL=$(curl -sS \
+                "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/tags/${RELEASE_TAG}" \
+                -H "Accept: application/json" \
+                -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" | jq .upload_url | sed s/\"//g)
+          echo ${UPLOAD_URL}
+          echo "::set-output name=upload_url::${UPLOAD_URL}"
+
+      - name: Upload Platform Package
+        if: ${{ github.event.inputs.bundle-tag != null }}
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.save_url.outputs.upload_url }}
+          asset_path: runner/dist/codeql-runner-${{matrix.extension}}
+          asset_name: codeql-runner-${{matrix.extension}}
+          asset_content_type: application/octet-stream
--- a/.github/workflows/split.yml
+++ b/.github/workflows/split.yml
@@ -0,0 +1,73 @@
+#
+# Split the CodeQL Bundle into platform bundles
+#
+# Instructions:
+#  1. Upload the new codeql-bundle (codeql-bundle.tar.gz) as an asset of the
+#     release (codeql-bundle-20200826)
+#  2. Take note of the CLI Release used by the bundle (e.g., v2.2.5)
+#  3. Manually launch this workflow file (via the Actions UI) specifying
+#     - The CLI Release (e.g., v2.2.5)
+#     - The release tag (e.g., codeql-bundle-20200826)
+#  4. If everything succeeds you should see 3 new assets.
+#
+
+name: Split Bundle
+
+on:
+ workflow_dispatch:
+    inputs:
+      cli-release:
+        description: 'CodeQL CLI Release (e.g., "v2.2.5")'
+        required: true
+      bundle-tag:
+        description: 'Tag of the bundle release (e.g., "codeql-bundle-20200826")'
+        required: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    env:
+      CLI_RELEASE: "${{ github.event.inputs.cli-release }}"
+      RELEASE_TAG: "${{ github.event.inputs.bundle-tag }}"
+
+    strategy:
+      fail-fast: false
+      matrix:
+        platform: ["linux64", "osx64", "win64"]
+
+    steps:
+      - name: Resolve Upload URL for the release
+        id: save_url
+        run: |
+          UPLOAD_URL=$(curl -sS \
+               "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/tags/${RELEASE_TAG}" \
+               -H "Accept: application/json" \
+               -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" | jq .upload_url | sed s/\"//g)
+          echo ${UPLOAD_URL}
+          echo "::set-output name=upload_url::${UPLOAD_URL}"
+
+      - name: Download CodeQL CLI and Bundle
+        run: |
+          wget --no-verbose "https://github.com/${GITHUB_REPOSITORY}/releases/download/${RELEASE_TAG}/codeql-bundle.tar.gz"
+          wget --no-verbose "https://github.com/github/codeql-cli-binaries/releases/download/${CLI_RELEASE}/codeql-${{matrix.platform}}.zip"
+
+      - name: Create Platform Package
+        # Replace the codeql-binaries with the platform specific ones
+        run: |
+          gunzip codeql-bundle.tar.gz
+          tar -f codeql-bundle.tar --delete codeql
+          unzip -q codeql-${{matrix.platform}}.zip
+          tar -f codeql-bundle.tar --append codeql
+          gzip codeql-bundle.tar
+          mv codeql-bundle.tar.gz codeql-bundle-${{matrix.platform}}.tar.gz
+          du -sh codeql-bundle-${{matrix.platform}}.tar.gz
+
+      - name: Upload Platform Package
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.save_url.outputs.upload_url }}
+          asset_path: ./codeql-bundle-${{matrix.platform}}.tar.gz
+          asset_name: codeql-bundle-${{matrix.platform}}.tar.gz
+          asset_content_type: application/tar+gzip
--- a/.github/workflows/update-dependencies.yml
+++ b/.github/workflows/update-dependencies.yml
@@ -0,0 +1,39 @@
+name: Update dependencies
+on:
+  pull_request_target:
+    types: [opened, synchronize, reopened, ready_for_review, labeled]
+
+jobs:
+  update:
+    name: Update dependencies
+    runs-on: macos-latest
+    if: contains(github.event.pull_request.labels.*.name, 'Update dependencies') && (github.event.pull_request.head.repo.full_name == 'github/codeql-action')
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    - name: Remove PR label
+      env:
+        REPOSITORY: '${{ github.repository }}'
+        PR_NUMBER: '${{ github.event.pull_request.number }}'
+        GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
+      run: |
+        gh api "repos/$REPOSITORY/issues/$PR_NUMBER/labels/Update%20dependencies" -X DELETE
+
+    - name: Push updated dependencies
+      env:
+        BRANCH: '${{ github.head_ref }}'
+      run: |
+        git fetch origin "$BRANCH" --depth=1
+        git checkout "origin/$BRANCH"
+        sudo npm install --force -g npm@latest
+        npm install
+        npm ci
+        npm run removeNPMAbsolutePaths
+        if [ ! -z "$(git status --porcelain)" ]; then
+          git config --global user.email "github-actions@github.com"
+          git config --global user.name "github-actions[bot]"
+          git add node_modules
+          git commit -am "Update checked-in dependencies"
+          git push origin "HEAD:$BRANCH"
+        fi
--- a/.github/workflows/update-release-branch.yml
+++ b/.github/workflows/update-release-branch.yml
@@ -0,0 +1,36 @@
+name: Update release branch
+on:
+  repository_dispatch:
+    # Example of how to trigger this:
+    # curl -H "Authorization: Bearer <token>" -X POST https://api.github.com/repos/github/codeql-action/dispatches -d '{"event_type":"update-release-branch"}'
+    # Replace <token> with a personal access token from this page: https://github.com/settings/tokens
+    types: [update-release-branch]
+  workflow_dispatch:
+
+jobs:
+  update:
+    runs-on: ubuntu-latest
+    if: ${{ github.repository == 'github/codeql-action' }}
+    steps:
+    - uses: actions/checkout@v2
+      with:
+        # Need full history so we calculate diffs
+        fetch-depth: 0
+
+    - name: Set up Python
+      uses: actions/setup-python@v2
+      with:
+        python-version: 3.8
+
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install PyGithub==1.55 requests
+
+    - name: Update git config
+      run: |
+        git config --global user.email "github-actions@github.com"
+        git config --global user.name "github-actions[bot]"
+
+    - name: Update release branch
+      run: python .github/update-release-branch.py ${{ secrets.GITHUB_TOKEN }} ${{ github.repository }}
--- a/.github/workflows/update-supported-enterprise-server-versions.yml
+++ b/.github/workflows/update-supported-enterprise-server-versions.yml
@@ -0,0 +1,44 @@
+name: Update Supported Enterprise Server Versions
+
+on:
+  schedule:
+    - cron: "0 0 * * *"
+
+jobs:
+  update-supported-enterprise-server-versions:
+    runs-on: ubuntu-latest
+    if: ${{ github.repository == 'github/codeql-action' }}
+
+    steps:
+      - name: Setup Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: "3.7"
+      - name: Checkout CodeQL Action
+        uses: actions/checkout@v2
+      - name: Checkout Enterprise Releases
+        uses: actions/checkout@v2
+        with:
+          repository: github/enterprise-releases
+          ssh-key: ${{ secrets.ENTERPRISE_RELEASES_SSH_KEY }}
+          path: ${{ github.workspace }}/enterprise-releases/
+      - name: Update Supported Enterprise Server Versions
+        run: |
+          cd ./.github/workflows/update-supported-enterprise-server-versions/
+          python3 -m pip install pipenv
+          pipenv install
+          pipenv run ./update.py
+          rm --recursive "$ENTERPRISE_RELEASES_PATH"
+          npm run build
+        env:
+          ENTERPRISE_RELEASES_PATH: ${{ github.workspace }}/enterprise-releases/
+      - name: Commit Changes
+        uses: peter-evans/create-pull-request@c7f493a8000b8aeb17a1332e326ba76b57cb83eb # v3.4.1
+        with:
+          commit-message: Update supported GitHub Enterprise Server versions.
+          title: Update supported GitHub Enterprise Server versions.
+          body: ""
+          author: GitHub <noreply@github.com>
+          branch: update-supported-enterprise-server-versions
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,8 +1,31 @@
 # CodeQL Action and CodeQL Runner Changelog

-## [UNRELEASED]
+## 1.0.31 - 31 Jan 2022

- Update default CodeQL bundle version to 2.7.3. [#837](https://github.com/github/codeql-action/pull/837)
+- Remove `experimental` message when using custom CodeQL packages. [#888](https://github.com/github/codeql-action/pull/888)
+- Add a better warning message stating that experimental features will be disabled if the workflow has been triggered by a pull request from a fork or the `security-events: write` permission is not present. [#882](https://github.com/github/codeql-action/pull/882)
+
+## 1.0.30 - 24 Jan 2022
+
+- Display a better error message when encountering a workflow that runs the `codeql-action/init` action multiple times. [#876](https://github.com/github/codeql-action/pull/876)
+- Update default CodeQL bundle version to 2.7.6. [#877](https://github.com/github/codeql-action/pull/877)
+
+## 1.0.29 - 21 Jan 2022
+
+- The feature to wait for SARIF processing to complete after upload has been disabled by default due to a bug in its interaction with pull requests from forks.
+
+## 1.0.28 - 18 Jan 2022
+
+- Update default CodeQL bundle version to 2.7.5. [#866](https://github.com/github/codeql-action/pull/866)
+- Fix a bug where SARIF files were failing upload due to an invalid test for unique categories. [#872](https://github.com/github/codeql-action/pull/872)
+
+## 1.0.27 - 11 Jan 2022
+
+- The `analyze` and `upload-sarif` actions will now wait up to 2 minutes for processing to complete after they have uploaded the results so they can report any processing errors that occurred. This behavior can be disabled by setting the `wait-for-processing` action input to `"false"`. [#855](https://github.com/github/codeql-action/pull/855)
+
+## 1.0.26 - 10 Dec 2021
+
+- Update default CodeQL bundle version to 2.7.3. [#842](https://github.com/github/codeql-action/pull/842)

 ## 1.0.25 - 06 Dec 2021

--- a/init/action.yml
+++ b/init/action.yml
@@ -59,6 +59,16 @@ inputs:
    description: Enable debugging mode. This will result in more output being produced which may be useful when debugging certain issues.
    required: false
    default: 'false'
+  debug-artifact-name:
+    description: >-
+      The name of the artifact to store debugging information in.
+      This is only used when debug mode is enabled.
+    required: false
+  debug-database-name:
+    description: >-
+      The name of the database uploaded to the debugging artifact.
+      This is only used when debug mode is enabled.
+    required: false
 outputs:
  codeql-path:
    description: The path of the CodeQL binary used for analysis
--- a/lib/analysis-paths.js
+++ b/lib/analysis-paths.js
@@ -37,11 +37,11 @@ function buildIncludeExcludeEnvVar(paths) {
    return paths.join("\n");
 }
 function printPathFiltersWarning(config, logger) {
-    // Index include/exclude/filters only work in javascript and python.
+    // Index include/exclude/filters only work in javascript/python/ruby.
    // If any other languages are detected/configured then show a warning.
    if ((config.paths.length !== 0 || config.pathsIgnore.length !== 0) &&
        !config.languages.every(isInterpretedLanguage)) {
-        logger.warning('The "paths"/"paths-ignore" fields of the config only have effect for JavaScript and Python');
+        logger.warning('The "paths"/"paths-ignore" fields of the config only have effect for JavaScript, Python, and Ruby');
    }
 }
 exports.printPathFiltersWarning = printPathFiltersWarning;
--- a/lib/analysis-paths.js.map
+++ b/lib/analysis-paths.js.map
@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,CACL,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,MAAM,CAC1E,CAAC;AACJ,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,oEAAoE;IACpE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,4FAA4F,CAC7F,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,MAAM,sBAAsB,GAAG,IAAI,CAAC,QAAQ,CAC1C,OAAO,CAAC,GAAG,EAAE,EACb,MAAM,CAAC,YAAY,CACpB,CAAC;IACF,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IAAI,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;QAC3C,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;QAC5C,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;KAC1D;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AArCD,wEAqCC"}
+{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,CACL,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,MAAM,CAC1E,CAAC;AACJ,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,qEAAqE;IACrE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,mGAAmG,CACpG,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,MAAM,sBAAsB,GAAG,IAAI,CAAC,QAAQ,CAC1C,OAAO,CAAC,GAAG,EAAE,EACb,MAAM,CAAC,YAAY,CACpB,CAAC;IACF,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IAAI,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;QAC3C,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;QAC5C,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;KAC1D;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AArCD,wEAqCC"}
--- a/lib/analysis-paths.test.js
+++ b/lib/analysis-paths.test.js
@@ -43,6 +43,8 @@ const util = __importStar(require("./util"));
            dbLocation: path.resolve(tmpDir, "codeql_databases"),
            packs: {},
            debugMode: false,
+            debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
+            debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
        };
        analysisPaths.includeAndExcludeAnalysisPaths(config);
        t.is(process.env["LGTM_INDEX_INCLUDE"], undefined);
@@ -65,6 +67,8 @@ const util = __importStar(require("./util"));
            dbLocation: path.resolve(tmpDir, "codeql_databases"),
            packs: {},
            debugMode: false,
+            debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
+            debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
        };
        analysisPaths.includeAndExcludeAnalysisPaths(config);
        t.is(process.env["LGTM_INDEX_INCLUDE"], "path1\npath2");
@@ -88,6 +92,8 @@ const util = __importStar(require("./util"));
            dbLocation: path.resolve(tempDir, "codeql_databases"),
            packs: {},
            debugMode: false,
+            debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
+            debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
        };
        analysisPaths.includeAndExcludeAnalysisPaths(config);
        t.is(process.env["LGTM_INDEX_INCLUDE"], undefined);
--- a/lib/analysis-paths.test.js.map
+++ b/lib/analysis-paths.test.js.map
@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;SACjB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;SACjB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;QAC/D,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO;YACP,YAAY;YACZ,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC;YACrD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;SACjB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;QAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;SACpD,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;SACpD,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;QAC/D,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO;YACP,YAAY;YACZ,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC;YACrD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;SACpD,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;QAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
--- a/lib/analyze-action-env.test.js
+++ b/lib/analyze-action-env.test.js
@@ -45,6 +45,7 @@ const util = __importStar(require("./util"));
            .resolves({});
        sinon.stub(actionsUtil, "sendStatusReport").resolves(true);
        sinon.stub(configUtils, "getConfig").resolves({
+            gitHubVersion: { type: util.GitHubVariant.DOTCOM },
            languages: [],
        });
        const requiredInputStub = sinon.stub(actionsUtil, "getRequiredInput");
@@ -53,6 +54,7 @@ const util = __importStar(require("./util"));
        const optionalInputStub = sinon.stub(actionsUtil, "getOptionalInput");
        optionalInputStub.withArgs("cleanup-level").returns("none");
        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
+        (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, {});
        // When there are no action inputs for RAM and threads, the action uses
        // environment variables (passed down from the init action) to set RAM and
        // threads usage.
--- a/lib/analyze-action-env.test.js.map
+++ b/lib/analyze-action-env.test.js.map
@@ -1 +1 @@
-{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAA+D;AAC/D,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC;QACrD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,SAAS,EAAE,EAAE;SACmB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC;QACrD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;YAClD,SAAS,EAAE,EAAE;SACmB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
--- a/lib/analyze-action-input.test.js
+++ b/lib/analyze-action-input.test.js
@@ -45,6 +45,7 @@ const util = __importStar(require("./util"));
            .resolves({});
        sinon.stub(actionsUtil, "sendStatusReport").resolves(true);
        sinon.stub(configUtils, "getConfig").resolves({
+            gitHubVersion: { type: util.GitHubVariant.DOTCOM },
            languages: [],
        });
        const requiredInputStub = sinon.stub(actionsUtil, "getRequiredInput");
@@ -53,6 +54,7 @@ const util = __importStar(require("./util"));
        const optionalInputStub = sinon.stub(actionsUtil, "getOptionalInput");
        optionalInputStub.withArgs("cleanup-level").returns("none");
        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
+        (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, {});
        process.env["CODEQL_THREADS"] = "1";
        process.env["CODEQL_RAM"] = "4992";
        // Action inputs have precedence over environment variables.
--- a/lib/analyze-action-input.test.js.map
+++ b/lib/analyze-action-input.test.js.map
@@ -1 +1 @@
-{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAA+D;AAC/D,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC;QACrD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,SAAS,EAAE,EAAE;SACmB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC;QACrD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;YAClD,SAAS,EAAE,EAAE;SACmB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
--- a/lib/analyze-action.js
+++ b/lib/analyze-action.js
@@ -29,6 +29,7 @@ const analyze_1 = require("./analyze");
 const codeql_1 = require("./codeql");
 const config_utils_1 = require("./config-utils");
 const database_upload_1 = require("./database-upload");
+const feature_flags_1 = require("./feature-flags");
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
 const upload_lib = __importStar(require("./upload-lib"));
@@ -71,12 +72,14 @@ async function run() {
        const outputDir = actionsUtil.getRequiredInput("output");
        const threads = util.getThreadsFlag(actionsUtil.getOptionalInput("threads") || process.env["CODEQL_THREADS"], logger);
        const memory = util.getMemoryFlag(actionsUtil.getOptionalInput("ram") || process.env["CODEQL_RAM"]);
+        const repositoryNwo = (0, repository_1.parseRepositoryNwo)(util.getRequiredEnvParam("GITHUB_REPOSITORY"));
+        const featureFlags = new feature_flags_1.GitHubFeatureFlags(config.gitHubVersion, apiDetails, repositoryNwo, logger);
        await (0, analyze_1.runFinalize)(outputDir, threads, memory, config, logger);
        if (actionsUtil.getRequiredInput("skip-queries") !== "true") {
            runStats = await (0, analyze_1.runQueries)(outputDir, memory, util.getAddSnippetsFlag(actionsUtil.getRequiredInput("add-snippets")), threads, actionsUtil.getOptionalInput("category"), config, logger);
            if (config.debugMode) {
                // Upload the SARIF files as an Actions artifact for debugging
-                await uploadDebugArtifacts(config.languages.map((lang) => path.resolve(outputDir, `${lang}.sarif`)), outputDir);
+                await uploadDebugArtifacts(config.languages.map((lang) => path.resolve(outputDir, `${lang}.sarif`)), outputDir, config.debugArtifactName);
            }
        }
        const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
@@ -90,10 +93,10 @@ async function run() {
                // Multilanguage tracing: there are additional logs in the root of the cluster
                toUpload.push(...listFolder(path.resolve(config.dbLocation, "log")));
            }
-            await uploadDebugArtifacts(toUpload, config.dbLocation);
+            await uploadDebugArtifacts(toUpload, config.dbLocation, config.debugArtifactName);
            if (!(await (0, util_1.codeQlVersionAbove)(codeql, codeql_1.CODEQL_VERSION_NEW_TRACING))) {
                // Before multi-language tracing, we wrote a compound-build-tracer.log in the temp dir
-                await uploadDebugArtifacts([path.resolve(config.tempDir, "compound-build-tracer.log")], config.tempDir);
+                await uploadDebugArtifacts([path.resolve(config.tempDir, "compound-build-tracer.log")], config.tempDir, config.debugArtifactName);
            }
        }
        if (actionsUtil.getOptionalInput("cleanup-level") !== "none") {
@@ -110,19 +113,12 @@ async function run() {
        else {
            logger.info("Not uploading results");
        }
-        const repositoryNwo = (0, repository_1.parseRepositoryNwo)(util.getRequiredEnvParam("GITHUB_REPOSITORY"));
-        await (0, database_upload_1.uploadDatabases)(repositoryNwo, config, apiDetails, logger); // Possibly upload the database bundles for remote queries
+        // Possibly upload the database bundles for remote queries
+        await (0, database_upload_1.uploadDatabases)(repositoryNwo, config, featureFlags, apiDetails, logger);
        if (uploadResult !== undefined &&
            actionsUtil.getRequiredInput("wait-for-processing") === "true") {
            await upload_lib.waitForProcessing((0, repository_1.parseRepositoryNwo)(util.getRequiredEnvParam("GITHUB_REPOSITORY")), uploadResult.sarifID, apiDetails, (0, logging_1.getActionsLogger)());
        }
-        if (config.debugMode) {
-            // Upload the database bundles as an Actions artifact for debugging
-            const toUpload = [];
-            for (const language of config.languages)
-                toUpload.push(await (0, util_1.bundleDb)(config, language, codeql));
-            await uploadDebugArtifacts(toUpload, config.dbLocation);
-        }
    }
    catch (origError) {
        const error = origError instanceof Error ? origError : new Error(String(origError));
@@ -138,6 +134,19 @@ async function run() {
        return;
    }
    finally {
+        if (config !== undefined && config.debugMode) {
+            try {
+                // Upload the database bundles as an Actions artifact for debugging
+                const toUpload = [];
+                for (const language of config.languages) {
+                    toUpload.push(await (0, util_1.bundleDb)(config, language, await (0, codeql_1.getCodeQL)(config.codeQLCmd), `${config.debugDatabaseName}-${language}`));
+                }
+                await uploadDebugArtifacts(toUpload, config.dbLocation, config.debugArtifactName);
+            }
+            catch (error) {
+                console.log(`Failed to upload database debug bundles: ${error}`);
+            }
+        }
        if (core.isDebug() && config !== undefined) {
            core.info("Debug mode is on. Printing CodeQL debug logs...");
            for (const language of config.languages) {
@@ -173,14 +182,14 @@ async function run() {
        await sendStatusReport(startedAt, undefined);
    }
 }
-async function uploadDebugArtifacts(toUpload, rootDir) {
+async function uploadDebugArtifacts(toUpload, rootDir, artifactName) {
    let suffix = "";
    const matrix = actionsUtil.getRequiredInput("matrix");
    if (matrix !== undefined && matrix !== "null") {
        for (const entry of Object.entries(JSON.parse(matrix)).sort())
            suffix += `-${entry[1]}`;
    }
-    await artifact.create().uploadArtifact(actionsUtil.sanitizeArifactName(`${util_1.DEBUG_ARTIFACT_NAME}${suffix}`), toUpload.map((file) => path.normalize(file)), path.normalize(rootDir));
+    await artifact.create().uploadArtifact(actionsUtil.sanitizeArifactName(`${artifactName}${suffix}`), toUpload.map((file) => path.normalize(file)), path.normalize(rootDir));
 }
 function listFolder(dir) {
    const entries = fs.readdirSync(dir, { withFileTypes: true });
--- a/lib/analyze-action.js.map
+++ b/lib/analyze-action.js.map
--- a/lib/analyze.js
+++ b/lib/analyze.js
@@ -132,10 +132,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
        }
        try {
            if (hasPackWithCustomQueries) {
-                logger.info("*************");
-                logger.info("Performing analysis with custom QL Packs. QL Packs are an experimental feature.");
-                logger.info("And should not be used in production yet.");
-                logger.info("*************");
+                logger.info("Performing analysis with custom CodeQL Packs.");
                logger.startGroup(`Downloading custom packs for ${language}`);
                const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
                const results = await codeql.packDownload(packsWithVersion);
--- a/lib/analyze.js.map
+++ b/lib/analyze.js.map
--- a/lib/analyze.test.js
+++ b/lib/analyze.test.js
@@ -126,6 +126,8 @@ const util = __importStar(require("./util"));
                dbLocation: path.resolve(tmpDir, "codeql_databases"),
                packs,
                debugMode: false,
+                debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
+                debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
            };
            fs.mkdirSync(util.getCodeQLDatabasePath(config, language), {
                recursive: true,
--- a/lib/analyze.test.js.map
+++ b/lib/analyze.test.js.map
--- a/lib/api-compatibility.json
+++ b/lib/api-compatibility.json
@@ -1 +1 @@
-{ "maximumVersion": "3.3", "minimumVersion": "3.0" }
+{ "maximumVersion": "3.4", "minimumVersion": "3.0" }
--- a/lib/codeql.js
+++ b/lib/codeql.js
@@ -22,7 +22,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.convertToSemVer = exports.getCodeQLURLVersion = exports.setupCodeQL = exports.getCodeQLActionRepository = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_COUNTS_LINES = exports.CommandInvocationError = void 0;
+exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.convertToSemVer = exports.getCodeQLURLVersion = exports.setupCodeQL = exports.getCodeQLActionRepository = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_ML_POWERED_QUERIES = exports.CODEQL_VERSION_COUNTS_LINES = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
@@ -37,6 +37,7 @@ const languages_1 = require("./languages");
 const toolcache = __importStar(require("./toolcache"));
 const toolrunner_error_catcher_1 = require("./toolrunner-error-catcher");
 const util = __importStar(require("./util"));
+const util_1 = require("./util");
 class CommandInvocationError extends Error {
    constructor(cmd, args, exitCode, error) {
        super(`Failure invoking ${cmd} with arguments ${args}.\n
@@ -73,6 +74,7 @@ const CODEQL_VERSION_GROUP_RULES = "2.5.5";
 const CODEQL_VERSION_SARIF_GROUP = "2.5.3";
 exports.CODEQL_VERSION_COUNTS_LINES = "2.6.2";
 const CODEQL_VERSION_CUSTOM_QUERY_HELP = "2.7.1";
+exports.CODEQL_VERSION_ML_POWERED_QUERIES = "2.7.5";
 /**
 * This variable controls using the new style of tracing from the CodeQL
 * CLI. In particular, with versions above this we will use both indirect
@@ -215,7 +217,7 @@ async function setupCodeQL(codeqlURL, apiDetails, tempDir, toolCacheDir, variant
            // specified explicitly (in which case we always honor it).
            if (!codeqlFolder && !codeqlURL && !forceLatest) {
                const codeqlVersions = toolcache.findAllVersions("CodeQL", toolCacheDir, logger);
-                if (codeqlVersions.length === 1) {
+                if (codeqlVersions.length === 1 && (0, util_1.isGoodVersion)(codeqlVersions[0])) {
                    const tmpCodeqlFolder = toolcache.find("CodeQL", codeqlVersions[0], toolCacheDir, logger);
                    if (fs.existsSync(path.join(tmpCodeqlFolder, "pinned-version"))) {
                        logger.debug(`CodeQL in cache overriding the default ${CODEQL_BUNDLE_VERSION}`);
@@ -510,7 +512,12 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)(cmd, args, error_matcher_1.errorMatchers);
        },
        async resolveLanguages() {
-            const codeqlArgs = ["resolve", "languages", "--format=json"];
+            const codeqlArgs = [
+                "resolve",
+                "languages",
+                "--format=json",
+                ...getExtraOptionsFromEnv(["resolve", "languages"]),
+            ];
            const output = await runTool(cmd, codeqlArgs);
            try {
                return JSON.parse(output);
@@ -633,15 +640,18 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                "cleanup",
                databasePath,
                `--mode=${cleanupLevel}`,
+                ...getExtraOptionsFromEnv(["database", "cleanup"]),
            ];
            await runTool(cmd, codeqlArgs);
        },
-        async databaseBundle(databasePath, outputFilePath) {
+        async databaseBundle(databasePath, outputFilePath, databaseName) {
            const args = [
                "database",
                "bundle",
                databasePath,
                `--output=${outputFilePath}`,
+                `--name=${databaseName}`,
+                ...getExtraOptionsFromEnv(["database", "bundle"]),
            ];
            await new toolrunner.ToolRunner(cmd, args).exec();
        },
--- a/lib/codeql.js.map
+++ b/lib/codeql.js.map
--- a/lib/config-utils.js
+++ b/lib/config-utils.js
@@ -25,8 +25,11 @@ const path = __importStar(require("path"));
 const yaml = __importStar(require("js-yaml"));
 const semver = __importStar(require("semver"));
 const api = __importStar(require("./api-client"));
+const codeql_1 = require("./codeql");
 const externalQueries = __importStar(require("./external-queries"));
+const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
+const util_1 = require("./util");
 // Property names from the user-supplied config file.
 const NAME_PROPERTY = "name";
 const DISABLE_DEFAULT_QUERIES_PROPERTY = "disable-default-queries";
@@ -116,11 +119,26 @@ const builtinSuites = ["security-extended", "security-and-quality"];
 * Determine the set of queries associated with suiteName's suites and add them to resultMap.
 * Throws an error if suiteName is not a valid builtin suite.
 */
-async function addBuiltinSuiteQueries(languages, codeQL, resultMap, suiteName, configFile) {
+async function addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, suiteName, featureFlags, configFile) {
    const found = builtinSuites.find((suite) => suite === suiteName);
    if (!found) {
        throw new Error(getQueryUsesInvalid(configFile, suiteName));
    }
+    // If we're running the JavaScript security-extended analysis (or a superset of it) and the repo
+    // is opted into the ML-powered queries beta, then add the ML-powered query pack so that we run
+    // the ML-powered queries.
+    if (languages.includes("javascript") &&
+        (found === "security-extended" || found === "security-and-quality") &&
+        (await featureFlags.getValue(feature_flags_1.FeatureFlag.MlPoweredQueriesEnabled)) &&
+        (await (0, util_1.codeQlVersionAbove)(codeQL, codeql_1.CODEQL_VERSION_ML_POWERED_QUERIES))) {
+        if (!packs.javascript) {
+            packs.javascript = [];
+        }
+        packs.javascript.push({
+            packName: "codeql/javascript-experimental-atm-queries",
+            version: "~0.0.2",
+        });
+    }
    const suites = languages.map((l) => `${l}-${suiteName}.qls`);
    await runResolveQueries(codeQL, resultMap, suites, undefined);
 }
@@ -180,7 +198,7 @@ async function addRemoteQueries(codeQL, resultMap, queryUses, tempDir, apiDetail
 * local paths starting with './', or references to remote repos, or
 * a finite set of hardcoded terms for builtin suites.
 */
-async function parseQueryUses(languages, codeQL, resultMap, queryUses, tempDir, workspacePath, apiDetails, logger, configFile) {
+async function parseQueryUses(languages, codeQL, resultMap, packs, queryUses, tempDir, workspacePath, apiDetails, featureFlags, logger, configFile) {
    queryUses = queryUses.trim();
    if (queryUses === "") {
        throw new Error(getQueryUsesInvalid(configFile));
@@ -192,7 +210,7 @@ async function parseQueryUses(languages, codeQL, resultMap, queryUses, tempDir,
    }
    // Check for one of the builtin suites
    if (queryUses.indexOf("/") === -1 && queryUses.indexOf("@") === -1) {
-        await addBuiltinSuiteQueries(languages, codeQL, resultMap, queryUses, configFile);
+        await addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, queryUses, featureFlags, configFile);
        return;
    }
    // Otherwise, must be a reference to another repo
@@ -404,12 +422,12 @@ async function getLanguages(codeQL, languagesInput, repository, apiDetails, logg
    }
    return parsedLanguages;
 }
-async function addQueriesFromWorkflow(codeQL, queriesInput, languages, resultMap, tempDir, workspacePath, apiDetails, logger) {
+async function addQueriesAndPacksFromWorkflow(codeQL, queriesInput, languages, resultMap, packs, tempDir, workspacePath, apiDetails, featureFlags, logger) {
    queriesInput = queriesInput.trim();
    // "+" means "don't override config file" - see shouldAddConfigFileQueries
    queriesInput = queriesInput.replace(/^\+/, "");
    for (const query of queriesInput.split(",")) {
-        await parseQueryUses(languages, codeQL, resultMap, query, tempDir, workspacePath, apiDetails, logger);
+        await parseQueryUses(languages, codeQL, resultMap, packs, query, tempDir, workspacePath, apiDetails, featureFlags, logger);
    }
 }
 // Returns true if either no queries were provided in the workflow.
@@ -425,7 +443,7 @@ function shouldAddConfigFileQueries(queriesInput) {
 /**
 * Get the default config for when the user has not supplied one.
 */
-async function getDefaultConfig(languagesInput, queriesInput, packsInput, dbLocation, debugMode, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger) {
+async function getDefaultConfig(languagesInput, queriesInput, packsInput, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
    var _a;
    const languages = await getLanguages(codeQL, languagesInput, repository, apiDetails, logger);
    const queries = {};
@@ -436,10 +454,10 @@ async function getDefaultConfig(languagesInput, queriesInput, packsInput, dbLoca
        };
    }
    await addDefaultQueries(codeQL, languages, queries);
-    if (queriesInput) {
-        await addQueriesFromWorkflow(codeQL, queriesInput, languages, queries, tempDir, workspacePath, apiDetails, logger);
-    }
    const packs = (_a = parsePacksFromInput(packsInput, languages)) !== null && _a !== void 0 ? _a : {};
+    if (queriesInput) {
+        await addQueriesAndPacksFromWorkflow(codeQL, queriesInput, languages, queries, packs, tempDir, workspacePath, apiDetails, featureFlags, logger);
+    }
    return {
        languages,
        queries,
@@ -453,13 +471,15 @@ async function getDefaultConfig(languagesInput, queriesInput, packsInput, dbLoca
        gitHubVersion,
        dbLocation: dbLocationOrDefault(dbLocation, tempDir),
        debugMode,
+        debugArtifactName,
+        debugDatabaseName,
    };
 }
 exports.getDefaultConfig = getDefaultConfig;
 /**
 * Load the config from the given file.
 */
-async function loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger) {
+async function loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
    var _a;
    let parsedYAML;
    if (isLocal(configFile)) {
@@ -500,12 +520,13 @@ async function loadConfig(languagesInput, queriesInput, packsInput, configFile,
    if (!disableDefaultQueries) {
        await addDefaultQueries(codeQL, languages, queries);
    }
+    const packs = parsePacks((_a = parsedYAML[PACKS_PROPERTY]) !== null && _a !== void 0 ? _a : {}, packsInput, languages, configFile);
    // If queries were provided using `with` in the action configuration,
    // they should take precedence over the queries in the config file
    // unless they're prefixed with "+", in which case they supplement those
    // in the config file.
    if (queriesInput) {
-        await addQueriesFromWorkflow(codeQL, queriesInput, languages, queries, tempDir, workspacePath, apiDetails, logger);
+        await addQueriesAndPacksFromWorkflow(codeQL, queriesInput, languages, queries, packs, tempDir, workspacePath, apiDetails, featureFlags, logger);
    }
    if (shouldAddConfigFileQueries(queriesInput) &&
        QUERIES_PROPERTY in parsedYAML) {
@@ -518,7 +539,7 @@ async function loadConfig(languagesInput, queriesInput, packsInput, configFile,
                typeof query[QUERIES_USES_PROPERTY] !== "string") {
                throw new Error(getQueryUsesInvalid(configFile));
            }
-            await parseQueryUses(languages, codeQL, queries, query[QUERIES_USES_PROPERTY], tempDir, workspacePath, apiDetails, logger, configFile);
+            await parseQueryUses(languages, codeQL, queries, packs, query[QUERIES_USES_PROPERTY], tempDir, workspacePath, apiDetails, featureFlags, logger, configFile);
        }
    }
    if (PATHS_IGNORE_PROPERTY in parsedYAML) {
@@ -543,7 +564,6 @@ async function loadConfig(languagesInput, queriesInput, packsInput, configFile,
            paths.push(validateAndSanitisePath(includePath, PATHS_PROPERTY, configFile, logger));
        }
    }
-    const packs = parsePacks((_a = parsedYAML[PACKS_PROPERTY]) !== null && _a !== void 0 ? _a : {}, packsInput, languages, configFile);
    return {
        languages,
        queries,
@@ -557,6 +577,8 @@ async function loadConfig(languagesInput, queriesInput, packsInput, configFile,
        gitHubVersion,
        dbLocation: dbLocationOrDefault(dbLocation, tempDir),
        debugMode,
+        debugArtifactName,
+        debugDatabaseName,
    };
 }
 /**
@@ -682,16 +704,16 @@ function dbLocationOrDefault(dbLocation, tempDir) {
 * This will parse the config from the user input if present, or generate
 * a default config. The parsed config is then stored to a known location.
 */
-async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger) {
+async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
    var _a, _b, _c;
    let config;
    // If no config file was provided create an empty one
    if (!configFile) {
        logger.debug("No configuration file was provided");
-        config = await getDefaultConfig(languagesInput, queriesInput, packsInput, dbLocation, debugMode, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger);
+        config = await getDefaultConfig(languagesInput, queriesInput, packsInput, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger);
    }
    else {
-        config = await loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger);
+        config = await loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger);
    }
    // The list of queries should not be empty for any language. If it is then
    // it is a user configuration error.
--- a/lib/config-utils.js.map
+++ b/lib/config-utils.js.map
--- a/lib/config-utils.test.js
+++ b/lib/config-utils.test.js
@@ -31,6 +31,7 @@ const sinon = __importStar(require("sinon"));
 const api = __importStar(require("./api-client"));
 const codeql_1 = require("./codeql");
 const configUtils = __importStar(require("./config-utils"));
+const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
@@ -88,8 +89,8 @@ function mockListLanguages(languages) {
                };
            },
        });
-        const config = await configUtils.initConfig(languages, undefined, undefined, undefined, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, logger);
-        t.deepEqual(config, await configUtils.getDefaultConfig(languages, undefined, undefined, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, logger));
+        const config = await configUtils.initConfig(languages, undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger);
+        t.deepEqual(config, await configUtils.getDefaultConfig(languages, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger));
    });
 });
 (0, ava_1.default)("loading config saves config", async (t) => {
@@ -111,7 +112,7 @@ function mockListLanguages(languages) {
        t.false(fs.existsSync(configUtils.getPathToParsedConfigFile(tmpDir)));
        // Sanity check that getConfig returns undefined before we have called initConfig
        t.deepEqual(await configUtils.getConfig(tmpDir, logger), undefined);
-        const config1 = await configUtils.initConfig("javascript,python", undefined, undefined, undefined, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, logger);
+        const config1 = await configUtils.initConfig("javascript,python", undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger);
        // The saved config file should now exist
        t.true(fs.existsSync(configUtils.getPathToParsedConfigFile(tmpDir)));
        // And that same newly-initialised config should now be returned by getConfig
@@ -122,7 +123,7 @@ function mockListLanguages(languages) {
 (0, ava_1.default)("load input outside of workspace", async (t) => {
    return await util.withTmpDir(async (tmpDir) => {
        try {
-            await configUtils.initConfig(undefined, undefined, undefined, "../input", undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(undefined, undefined, undefined, "../input", undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
            throw new Error("initConfig did not throw error");
        }
        catch (err) {
@@ -135,7 +136,7 @@ function mockListLanguages(languages) {
        // no filename given, just a repo
        const configFile = "octo-org/codeql-config@main";
        try {
-            await configUtils.initConfig(undefined, undefined, undefined, configFile, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(undefined, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
            throw new Error("initConfig did not throw error");
        }
        catch (err) {
@@ -149,7 +150,7 @@ function mockListLanguages(languages) {
        const configFile = "input";
        t.false(fs.existsSync(path.join(tmpDir, configFile)));
        try {
-            await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
            throw new Error("initConfig did not throw error");
        }
        catch (err) {
@@ -215,10 +216,12 @@ function mockListLanguages(languages) {
            dbLocation: path.resolve(tmpDir, "codeql_databases"),
            packs: {},
            debugMode: false,
+            debugArtifactName: "my-artifact",
+            debugDatabaseName: "my-db",
        };
        const languages = "javascript";
        const configFilePath = createConfigFile(inputFileContents, tmpDir);
-        const actualConfig = await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+        const actualConfig = await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, "my-artifact", "my-db", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
        // Should exactly equal the object we constructed earlier
        t.deepEqual(actualConfig, expectedConfig);
    });
@@ -254,7 +257,7 @@ function mockListLanguages(languages) {
        fs.mkdirSync(path.join(tmpDir, "foo"));
        const languages = "javascript";
        const configFilePath = createConfigFile(inputFileContents, tmpDir);
-        await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+        await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
        // Check resolve queries was called correctly
        t.deepEqual(resolveQueriesArgs.length, 1);
        t.deepEqual(resolveQueriesArgs[0].queries, [
@@ -297,7 +300,7 @@ function queriesToResolvedQueryForm(queries) {
            },
        });
        const languages = "javascript";
-        const config = await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, undefined, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
        // Check resolveQueries was called correctly
        // It'll be called once for the default queries
        // and once for `./foo` from the config file.
@@ -330,7 +333,7 @@ function queriesToResolvedQueryForm(queries) {
            },
        });
        const languages = "javascript";
-        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
        // Check resolveQueries was called correctly
        // It'll be called once for the default queries and once for `./override`,
        // but won't be called for './foo' from the config file.
@@ -362,7 +365,7 @@ function queriesToResolvedQueryForm(queries) {
            },
        });
        const languages = "javascript";
-        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
        // Check resolveQueries was called correctly
        // It'll be called once for `./workflow-query`,
        // but won't be called for the default one since that was disabled
@@ -388,7 +391,7 @@ function queriesToResolvedQueryForm(queries) {
            },
        });
        const languages = "javascript";
-        const config = await configUtils.initConfig(languages, testQueries, undefined, undefined, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, testQueries, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
        // Check resolveQueries was called correctly:
        // It'll be called once for the default queries,
        // and then once for each of the two queries from the workflow
@@ -427,7 +430,7 @@ function queriesToResolvedQueryForm(queries) {
            },
        });
        const languages = "javascript";
-        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+        const config = await configUtils.initConfig(languages, testQueries, undefined, configFilePath, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
        // Check resolveQueries was called correctly
        // It'll be called once for the default queries,
        // once for each of additional1 and additional2,
@@ -466,7 +469,7 @@ function queriesToResolvedQueryForm(queries) {
            },
        });
        try {
-            await configUtils.initConfig(languages, queries, undefined, undefined, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(languages, queries, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
            t.fail("initConfig did not throw error");
        }
        catch (err) {
@@ -509,7 +512,7 @@ function queriesToResolvedQueryForm(queries) {
        fs.mkdirSync(path.join(tmpDir, "foo/bar/dev"), { recursive: true });
        const configFile = "octo-org/codeql-config/config.yaml@main";
        const languages = "javascript";
-        await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+        await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
        t.assert(spyGetContents.called);
    });
 });
@@ -519,7 +522,7 @@ function queriesToResolvedQueryForm(queries) {
        mockGetContents(dummyResponse);
        const repoReference = "octo-org/codeql-config/config.yaml@main";
        try {
-            await configUtils.initConfig(undefined, undefined, undefined, repoReference, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(undefined, undefined, undefined, repoReference, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
            throw new Error("initConfig did not throw error");
        }
        catch (err) {
@@ -535,7 +538,7 @@ function queriesToResolvedQueryForm(queries) {
        mockGetContents(dummyResponse);
        const repoReference = "octo-org/codeql-config/config.yaml@main";
        try {
-            await configUtils.initConfig(undefined, undefined, undefined, repoReference, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(undefined, undefined, undefined, repoReference, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
            throw new Error("initConfig did not throw error");
        }
        catch (err) {
@@ -552,7 +555,7 @@ function queriesToResolvedQueryForm(queries) {
            },
        });
        try {
-            await configUtils.initConfig(undefined, undefined, undefined, undefined, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(undefined, undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
            throw new Error("initConfig did not throw error");
        }
        catch (err) {
@@ -564,7 +567,7 @@ function queriesToResolvedQueryForm(queries) {
    return await util.withTmpDir(async (tmpDir) => {
        const languages = "rubbish,english";
        try {
-            await configUtils.initConfig(languages, undefined, undefined, undefined, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+            await configUtils.initConfig(languages, undefined, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, (0, codeql_1.getCachedCodeQL)(), tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
            throw new Error("initConfig did not throw error");
        }
        catch (err) {
@@ -592,7 +595,7 @@ function queriesToResolvedQueryForm(queries) {
        const configFile = path.join(tmpDir, "codeql-config.yaml");
        fs.writeFileSync(configFile, inputFileContents);
        const languages = "javascript";
-        const { packs } = await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+        const { packs } = await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
        t.deepEqual(packs, {
            [languages_1.Language.javascript]: [
                {
@@ -631,7 +634,7 @@ function queriesToResolvedQueryForm(queries) {
        fs.writeFileSync(configFile, inputFileContents);
        fs.mkdirSync(path.join(tmpDir, "foo"));
        const languages = "javascript,python,cpp";
-        const { packs, queries } = await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, { owner: "github", repo: "example" }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+        const { packs, queries } = await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example" }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
        t.deepEqual(packs, {
            [languages_1.Language.javascript]: [
                {
@@ -684,7 +687,7 @@ function doInvalidInputTest(testName, inputFileContents, expectedErrorMessageGen
            const inputFile = path.join(tmpDir, configFile);
            fs.writeFileSync(inputFile, inputFileContents, "utf8");
            try {
-                await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, logging_1.getRunnerLogger)(true));
+                await configUtils.initConfig(languages, undefined, undefined, configFile, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)([]), (0, logging_1.getRunnerLogger)(true));
                throw new Error("initConfig did not throw error");
            }
            catch (err) {
@@ -867,6 +870,50 @@ parseInputAndConfigErrorMacro.title = (providedTitle) => `Parse Packs input and
 (0, ava_1.default)("input with two languages", parseInputAndConfigErrorMacro, {}, "c/d", [languages_1.Language.cpp, languages_1.Language.csharp], /multi-language analysis/);
 (0, ava_1.default)("input with + only", parseInputAndConfigErrorMacro, {}, " + ", [languages_1.Language.cpp], /remove the '\+'/);
 (0, ava_1.default)("input with invalid pack name", parseInputAndConfigErrorMacro, {}, " xxx", [languages_1.Language.cpp], /"xxx" is not a valid pack/);
-// errors
-// input w invalid pack name
+async function mlPoweredQueriesMacro(t, codeQLVersion, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries) {
+    return await util.withTmpDir(async (tmpDir) => {
+        const codeQL = (0, codeql_1.setCodeQL)({
+            async getVersion() {
+                return codeQLVersion;
+            },
+            async resolveQueries() {
+                return {
+                    byLanguage: {
+                        javascript: { "fake-query.ql": {} },
+                    },
+                    noDeclaredLanguage: {},
+                    multipleDeclaredLanguages: {},
+                };
+            },
+        });
+        const { packs } = await configUtils.initConfig("javascript", queriesInput, undefined, undefined, undefined, false, "", "", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, feature_flags_1.createFeatureFlags)(isMlPoweredQueriesFlagEnabled
+            ? [feature_flags_1.FeatureFlag.MlPoweredQueriesEnabled]
+            : []), (0, logging_1.getRunnerLogger)(true));
+        if (shouldRunMlPoweredQueries) {
+            t.deepEqual(packs, {
+                [languages_1.Language.javascript]: [
+                    {
+                        packName: "codeql/javascript-experimental-atm-queries",
+                        version: "~0.0.2",
+                    },
+                ],
+            });
+        }
+        else {
+            t.deepEqual(packs, {});
+        }
+    });
+}
+mlPoweredQueriesMacro.title = (_providedTitle, codeQLVersion, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries) => {
+    const queriesInputDescription = queriesInput
+        ? `'queries: ${queriesInput}'`
+        : "default config";
+    return `ML-powered queries ${shouldRunMlPoweredQueries ? "are" : "aren't"} loaded for ${queriesInputDescription} using CLI v${codeQLVersion} when feature flag is ${isMlPoweredQueriesFlagEnabled ? "enabled" : "disabled"}`;
+};
+// macro, isMlPoweredQueriesFlagEnabled, queriesInput, shouldRunMlPoweredQueries
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.4", true, "security-extended", false);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", false, "security-extended", false);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, undefined, false);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, "security-extended", true);
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, "security-and-quality", true);
 //# sourceMappingURL=config-utils.test.js.map
--- a/lib/config-utils.test.js.map
+++ b/lib/config-utils.test.js.map
--- a/lib/database-upload.js
+++ b/lib/database-upload.js
@@ -24,9 +24,10 @@ const fs = __importStar(require("fs"));
 const actionsUtil = __importStar(require("./actions-util"));
 const api_client_1 = require("./api-client");
 const codeql_1 = require("./codeql");
+const feature_flags_1 = require("./feature-flags");
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
-async function uploadDatabases(repositoryNwo, config, apiDetails, logger) {
+async function uploadDatabases(repositoryNwo, config, featureFlags, apiDetails, logger) {
    if (actionsUtil.getRequiredInput("upload-database") !== "true") {
        logger.debug("Database upload disabled in workflow. Skipping upload.");
        return;
@@ -41,53 +42,30 @@ async function uploadDatabases(repositoryNwo, config, apiDetails, logger) {
        logger.debug("Not analyzing default branch. Skipping upload.");
        return;
    }
-    const client = (0, api_client_1.getApiClient)(apiDetails);
-    let useUploadDomain;
-    try {
-        const response = await client.request("GET /repos/:owner/:repo/code-scanning/codeql/databases", {
-            owner: repositoryNwo.owner,
-            repo: repositoryNwo.repo,
-        });
-        useUploadDomain = response.data["uploads_domain_enabled"];
-    }
-    catch (e) {
-        if (util.isHTTPError(e) && e.status === 404) {
-            logger.debug("Repository is not opted in to database uploads. Skipping upload.");
-        }
-        else {
-            console.log(e);
-            logger.info(`Skipping database upload due to unknown error: ${e}`);
-        }
+    if (!(await featureFlags.getValue(feature_flags_1.FeatureFlag.DatabaseUploadsEnabled))) {
+        logger.debug("Repository is not opted in to database uploads. Skipping upload.");
        return;
    }
+    const client = (0, api_client_1.getApiClient)(apiDetails);
    const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
    for (const language of config.languages) {
        // Upload the database bundle.
        // Although we are uploading arbitrary file contents to the API, it's worth
        // noting that it's the API's job to validate that the contents is acceptable.
        // This API method is available to anyone with write access to the repo.
-        const payload = fs.readFileSync(await (0, util_1.bundleDb)(config, language, codeql));
+        const payload = fs.readFileSync(await (0, util_1.bundleDb)(config, language, codeql, language));
        try {
-            if (useUploadDomain) {
-                await client.request(`POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, {
-                    owner: repositoryNwo.owner,
-                    repo: repositoryNwo.repo,
-                    language,
-                    name: `${language}-database`,
-                    data: payload,
-                    headers: {
-                        authorization: `token ${apiDetails.auth}`,
-                    },
-                });
-            }
-            else {
-                await client.request(`PUT /repos/:owner/:repo/code-scanning/codeql/databases/:language`, {
-                    owner: repositoryNwo.owner,
-                    repo: repositoryNwo.repo,
-                    language,
-                    data: payload,
-                });
-            }
+            await client.request(`POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, {
+                owner: repositoryNwo.owner,
+                repo: repositoryNwo.repo,
+                language,
+                name: `${language}-database`,
+                data: payload,
+                headers: {
+                    authorization: `token ${apiDetails.auth}`,
+                    "Content-Type": "application/zip",
+                },
+            });
            logger.debug(`Successfully uploaded database for ${language}`);
        }
        catch (e) {
--- a/lib/database-upload.js.map
+++ b/lib/database-upload.js.map
@@ -1 +1 @@
-{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE;QAC9D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;KACR;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;QAC3D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE;QACnD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;KACR;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,EAAC,UAAU,CAAC,CAAC;IACxC,IAAI,eAAwB,CAAC;IAC7B,IAAI;QACF,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,OAAO,CACnC,wDAAwD,EACxD;YACE,KAAK,EAAE,aAAa,CAAC,KAAK;YAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;SACzB,CACF,CAAC;QACF,eAAe,GAAG,QAAQ,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;KAC3D;IAAC,OAAO,CAAC,EAAE;QACV,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,EAAE;YAC3C,MAAM,CAAC,KAAK,CACV,kEAAkE,CACnE,CAAC;SACH;aAAM;YACL,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,MAAM,CAAC,IAAI,CAAC,kDAAkD,CAAC,EAAE,CAAC,CAAC;SACpE;QACD,OAAO;KACR;IAED,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,8BAA8B;QAC9B,2EAA2E;QAC3E,8EAA8E;QAC9E,wEAAwE;QACxE,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;QAC1E,IAAI;YACF,IAAI,eAAe,EAAE;gBACnB,MAAM,MAAM,CAAC,OAAO,CAClB,wGAAwG,EACxG;oBACE,KAAK,EAAE,aAAa,CAAC,KAAK;oBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;oBACxB,QAAQ;oBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;oBAC5B,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE;wBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;qBAC1C;iBACF,CACF,CAAC;aACH;iBAAM;gBACL,MAAM,MAAM,CAAC,OAAO,CAClB,kEAAkE,EAClE;oBACE,KAAK,EAAE,aAAa,CAAC,KAAK;oBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;oBACxB,QAAQ;oBACR,IAAI,EAAE,OAAO;iBACd,CACF,CAAC;aACH;YACD,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;SAChE;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;SACnE;KACF;AACH,CAAC;AAtFD,0CAsFC"}
+{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAErC,mDAA4D;AAG5D,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,YAA0B,EAC1B,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE;QAC9D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;KACR;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;QAC3D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE;QACnD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,QAAQ,CAAC,2BAAW,CAAC,sBAAsB,CAAC,CAAC,EAAE;QACtE,MAAM,CAAC,KAAK,CACV,kEAAkE,CACnE,CAAC;QACF,OAAO;KACR;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,EAAC,UAAU,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,8BAA8B;QAC9B,2EAA2E;QAC3E,8EAA8E;QAC9E,wEAAwE;QACxE,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAC7B,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CACnD,CAAC;QACF,IAAI;YACF,MAAM,MAAM,CAAC,OAAO,CAClB,wGAAwG,EACxG;gBACE,KAAK,EAAE,aAAa,CAAC,KAAK;gBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;gBACxB,QAAQ;gBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;gBAC5B,IAAI,EAAE,OAAO;gBACb,OAAO,EAAE;oBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;oBACzC,cAAc,EAAE,iBAAiB;iBAClC;aACF,CACF,CAAC;YACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;SAChE;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;SACnE;KACF;AACH,CAAC;AAhED,0CAgEC"}
--- a/lib/database-upload.test.js
+++ b/lib/database-upload.test.js
@@ -30,6 +30,7 @@ const actionsUtil = __importStar(require("./actions-util"));
 const apiClient = __importStar(require("./api-client"));
 const codeql_1 = require("./codeql");
 const database_upload_1 = require("./database-upload");
+const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
 const testing_utils_1 = require("./testing-utils");
 const util_1 = require("./util");
@@ -37,6 +38,9 @@ const util_1 = require("./util");
 ava_1.default.beforeEach(() => {
    (0, util_1.initializeEnvironment)(util_1.Mode.actions, "1.2.3");
 });
+const uploadToUploadsDomainFlags = (0, feature_flags_1.createFeatureFlags)([
+    feature_flags_1.FeatureFlag.DatabaseUploadsEnabled,
+]);
 const testRepoName = { owner: "github", repo: "example" };
 const testApiDetails = {
    auth: "1234",
@@ -56,60 +60,21 @@ function getTestConfig(tmpDir) {
        dbLocation: tmpDir,
        packs: {},
        debugMode: false,
+        debugArtifactName: util_1.DEFAULT_DEBUG_ARTIFACT_NAME,
+        debugDatabaseName: util_1.DEFAULT_DEBUG_DATABASE_NAME,
    };
 }
-function getRecordingLogger(messages) {
-    return {
-        debug: (message) => {
-            messages.push({ type: "debug", message });
-            console.debug(message);
-        },
-        info: (message) => {
-            messages.push({ type: "info", message });
-            console.info(message);
-        },
-        warning: (message) => {
-            messages.push({ type: "warning", message });
-            console.warn(message);
-        },
-        error: (message) => {
-            messages.push({ type: "error", message });
-            console.error(message);
-        },
-        isDebug: () => true,
-        startGroup: () => undefined,
-        endGroup: () => undefined,
-    };
-}
-function mockHttpRequests(optInStatusCode, useUploadDomain, databaseUploadStatusCode) {
+async function mockHttpRequests(databaseUploadStatusCode) {
    // Passing an auth token is required, so we just use a dummy value
    const client = github.getOctokit("123");
    const requestSpy = sinon.stub(client, "request");
-    const optInSpy = requestSpy.withArgs("GET /repos/:owner/:repo/code-scanning/codeql/databases");
-    if (optInStatusCode < 300) {
-        optInSpy.resolves({
-            status: optInStatusCode,
-            data: {
-                useUploadDomain,
-            },
-            headers: {},
-            url: "GET /repos/:owner/:repo/code-scanning/codeql/databases",
-        });
+    const url = "POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name";
+    const databaseUploadSpy = requestSpy.withArgs(url);
+    if (databaseUploadStatusCode < 300) {
+        databaseUploadSpy.resolves(undefined);
    }
    else {
-        optInSpy.throws(new util_1.HTTPError("some error message", optInStatusCode));
-    }
-    if (databaseUploadStatusCode !== undefined) {
-        const url = useUploadDomain
-            ? "POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name"
-            : "PUT /repos/:owner/:repo/code-scanning/codeql/databases/:language";
-        const databaseUploadSpy = requestSpy.withArgs(url);
-        if (databaseUploadStatusCode < 300) {
-            databaseUploadSpy.resolves(undefined);
-        }
-        else {
-            databaseUploadSpy.throws(new util_1.HTTPError("some error message", databaseUploadStatusCode));
-        }
+        databaseUploadSpy.throws(new util_1.HTTPError("some error message", databaseUploadStatusCode));
    }
    sinon.stub(apiClient, "getApiClient").value(() => client);
 }
@@ -122,7 +87,7 @@ function mockHttpRequests(optInStatusCode, useUploadDomain, databaseUploadStatus
            .returns("false");
        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
        const loggedMessages = [];
-        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), testApiDetails, getRecordingLogger(loggedMessages));
+        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), uploadToUploadsDomainFlags, testApiDetails, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
        t.assert(loggedMessages.find((v) => v.type === "debug" &&
            v.message === "Database upload disabled in workflow. Skipping upload.") !== undefined);
    });
@@ -138,7 +103,7 @@ function mockHttpRequests(optInStatusCode, useUploadDomain, databaseUploadStatus
        const config = getTestConfig(tmpDir);
        config.gitHubVersion = { type: util_1.GitHubVariant.GHES, version: "3.0" };
        const loggedMessages = [];
-        await (0, database_upload_1.uploadDatabases)(testRepoName, config, testApiDetails, getRecordingLogger(loggedMessages));
+        await (0, database_upload_1.uploadDatabases)(testRepoName, config, (0, feature_flags_1.createFeatureFlags)([]), testApiDetails, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
        t.assert(loggedMessages.find((v) => v.type === "debug" &&
            v.message === "Not running against github.com. Skipping upload.") !== undefined);
    });
@@ -154,7 +119,7 @@ function mockHttpRequests(optInStatusCode, useUploadDomain, databaseUploadStatus
        const config = getTestConfig(tmpDir);
        config.gitHubVersion = { type: util_1.GitHubVariant.GHAE };
        const loggedMessages = [];
-        await (0, database_upload_1.uploadDatabases)(testRepoName, config, testApiDetails, getRecordingLogger(loggedMessages));
+        await (0, database_upload_1.uploadDatabases)(testRepoName, config, (0, feature_flags_1.createFeatureFlags)([]), testApiDetails, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
        t.assert(loggedMessages.find((v) => v.type === "debug" &&
            v.message === "Not running against github.com. Skipping upload.") !== undefined);
    });
@@ -168,12 +133,12 @@ function mockHttpRequests(optInStatusCode, useUploadDomain, databaseUploadStatus
            .returns("true");
        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(false);
        const loggedMessages = [];
-        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), testApiDetails, getRecordingLogger(loggedMessages));
+        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), uploadToUploadsDomainFlags, testApiDetails, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
        t.assert(loggedMessages.find((v) => v.type === "debug" &&
            v.message === "Not analyzing default branch. Skipping upload.") !== undefined);
    });
 });
-(0, ava_1.default)("Abort database upload if opt-in request returns 404", async (t) => {
+(0, ava_1.default)("Abort database upload if feature flag is disabled", async (t) => {
    await (0, util_1.withTmpDir)(async (tmpDir) => {
        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
        sinon
@@ -181,40 +146,18 @@ function mockHttpRequests(optInStatusCode, useUploadDomain, databaseUploadStatus
            .withArgs("upload-database")
            .returns("true");
        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
-        mockHttpRequests(404);
        (0, codeql_1.setCodeQL)({
            async databaseBundle() {
                return;
            },
        });
        const loggedMessages = [];
-        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), testApiDetails, getRecordingLogger(loggedMessages));
+        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), (0, feature_flags_1.createFeatureFlags)([]), testApiDetails, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
        t.assert(loggedMessages.find((v) => v.type === "debug" &&
            v.message ===
                "Repository is not opted in to database uploads. Skipping upload.") !== undefined);
    });
 });
-(0, ava_1.default)("Abort database upload if opt-in request fails with something other than 404", async (t) => {
-    await (0, util_1.withTmpDir)(async (tmpDir) => {
-        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-        sinon
-            .stub(actionsUtil, "getRequiredInput")
-            .withArgs("upload-database")
-            .returns("true");
-        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
-        mockHttpRequests(500);
-        (0, codeql_1.setCodeQL)({
-            async databaseBundle() {
-                return;
-            },
-        });
-        const loggedMessages = [];
-        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), testApiDetails, getRecordingLogger(loggedMessages));
-        t.assert(loggedMessages.find((v) => v.type === "info" &&
-            v.message ===
-                "Skipping database upload due to unknown error: Error: some error message") !== undefined);
-    });
-});
 (0, ava_1.default)("Don't crash if uploading a database fails", async (t) => {
    await (0, util_1.withTmpDir)(async (tmpDir) => {
        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
@@ -223,14 +166,17 @@ function mockHttpRequests(optInStatusCode, useUploadDomain, databaseUploadStatus
            .withArgs("upload-database")
            .returns("true");
        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
-        mockHttpRequests(200, false, 500);
+        const featureFlags = (0, feature_flags_1.createFeatureFlags)([
+            feature_flags_1.FeatureFlag.DatabaseUploadsEnabled,
+        ]);
+        await mockHttpRequests(500);
        (0, codeql_1.setCodeQL)({
            async databaseBundle(_, outputFilePath) {
                fs.writeFileSync(outputFilePath, "");
            },
        });
        const loggedMessages = [];
-        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), testApiDetails, getRecordingLogger(loggedMessages));
+        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), featureFlags, testApiDetails, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
        t.assert(loggedMessages.find((v) => v.type === "warning" &&
            v.message ===
                "Failed to upload database for javascript: Error: some error message") !== undefined);
@@ -244,14 +190,14 @@ function mockHttpRequests(optInStatusCode, useUploadDomain, databaseUploadStatus
            .withArgs("upload-database")
            .returns("true");
        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
-        mockHttpRequests(200, false, 201);
+        await mockHttpRequests(201);
        (0, codeql_1.setCodeQL)({
            async databaseBundle(_, outputFilePath) {
                fs.writeFileSync(outputFilePath, "");
            },
        });
        const loggedMessages = [];
-        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), testApiDetails, getRecordingLogger(loggedMessages));
+        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), uploadToUploadsDomainFlags, testApiDetails, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
        t.assert(loggedMessages.find((v) => v.type === "debug" &&
            v.message === "Successfully uploaded database for javascript") !== undefined);
    });
@@ -264,14 +210,14 @@ function mockHttpRequests(optInStatusCode, useUploadDomain, databaseUploadStatus
            .withArgs("upload-database")
            .returns("true");
        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
-        mockHttpRequests(200, true, 201);
+        await mockHttpRequests(201);
        (0, codeql_1.setCodeQL)({
            async databaseBundle(_, outputFilePath) {
                fs.writeFileSync(outputFilePath, "");
            },
        });
        const loggedMessages = [];
-        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), testApiDetails, getRecordingLogger(loggedMessages));
+        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), uploadToUploadsDomainFlags, testApiDetails, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
        t.assert(loggedMessages.find((v) => v.type === "debug" &&
            v.message === "Successfully uploaded database for javascript") !== undefined);
    });
--- a/lib/database-upload.test.js.map
+++ b/lib/database-upload.test.js.map
--- a/lib/defaults.json
+++ b/lib/defaults.json
@@ -1,3 +1,3 @@
 {
-    "bundleVersion": "codeql-bundle-20211207"
+    "bundleVersion": "codeql-bundle-20220120"
 }
--- a/lib/feature-flags.js
+++ b/lib/feature-flags.js
@@ -0,0 +1,95 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createFeatureFlags = exports.GitHubFeatureFlags = exports.FeatureFlag = void 0;
+const api_client_1 = require("./api-client");
+const util = __importStar(require("./util"));
+var FeatureFlag;
+(function (FeatureFlag) {
+    FeatureFlag["DatabaseUploadsEnabled"] = "database_uploads_enabled";
+    FeatureFlag["MlPoweredQueriesEnabled"] = "ml_powered_queries_enabled";
+})(FeatureFlag = exports.FeatureFlag || (exports.FeatureFlag = {}));
+class GitHubFeatureFlags {
+    constructor(gitHubVersion, apiDetails, repositoryNwo, logger) {
+        this.gitHubVersion = gitHubVersion;
+        this.apiDetails = apiDetails;
+        this.repositoryNwo = repositoryNwo;
+        this.logger = logger;
+    }
+    async getValue(flag) {
+        const response = (await this.getApiResponse())[flag];
+        if (response === undefined) {
+            this.logger.debug(`Feature flag '${flag}' undefined in API response, considering it disabled.`);
+            return false;
+        }
+        return response;
+    }
+    async getApiResponse() {
+        const loadApiResponse = async () => {
+            // Do nothing when not running against github.com
+            if (this.gitHubVersion.type !== util.GitHubVariant.DOTCOM) {
+                this.logger.debug("Not running against github.com. Disabling all feature flags.");
+                return {};
+            }
+            const client = (0, api_client_1.getApiClient)(this.apiDetails);
+            try {
+                const response = await client.request("GET /repos/:owner/:repo/code-scanning/codeql-action/features", {
+                    owner: this.repositoryNwo.owner,
+                    repo: this.repositoryNwo.repo,
+                });
+                return response.data;
+            }
+            catch (e) {
+                if (util.isHTTPError(e) && e.status === 403) {
+                    this.logger.warning("This run of the CodeQL Action does not have permission to access Code Scanning API endpoints. " +
+                        "As a result, it will not be opted into any experimental features. " +
+                        "This could be because the Action is running on a pull request from a fork. If not, " +
+                        `please ensure the Action has the 'security-events: write' permission. Details: ${e}`);
+                }
+                else {
+                    // Some feature flags, such as `ml_powered_queries_enabled` affect the produced alerts.
+                    // Considering these feature flags disabled in the event of a transient error could
+                    // therefore lead to alert churn. As a result, we crash if we cannot determine the value of
+                    // the feature flags.
+                    throw new Error(`Encountered an error while trying to load feature flags: ${e}`);
+                }
+            }
+        };
+        const apiResponse = this.cachedApiResponse || (await loadApiResponse());
+        this.cachedApiResponse = apiResponse;
+        return apiResponse;
+    }
+}
+exports.GitHubFeatureFlags = GitHubFeatureFlags;
+/**
+ * Create a feature flags instance with the specified set of enabled flags.
+ *
+ * This should be only used within tests.
+ */
+function createFeatureFlags(enabledFlags) {
+    return {
+        getValue: async (flag) => {
+            return enabledFlags.includes(flag);
+        },
+    };
+}
+exports.createFeatureFlags = createFeatureFlags;
+//# sourceMappingURL=feature-flags.js.map
--- a/lib/feature-flags.js.map
+++ b/lib/feature-flags.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"feature-flags.js","sourceRoot":"","sources":["../src/feature-flags.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,6CAA8D;AAG9D,6CAA+B;AAM/B,IAAY,WAGX;AAHD,WAAY,WAAW;IACrB,kEAAmD,CAAA;IACnD,qEAAsD,CAAA;AACxD,CAAC,EAHW,WAAW,GAAX,mBAAW,KAAX,mBAAW,QAGtB;AAUD,MAAa,kBAAkB;IAG7B,YACU,aAAiC,EACjC,UAA4B,EAC5B,aAA4B,EAC5B,MAAc;QAHd,kBAAa,GAAb,aAAa,CAAoB;QACjC,eAAU,GAAV,UAAU,CAAkB;QAC5B,kBAAa,GAAb,aAAa,CAAe;QAC5B,WAAM,GAAN,MAAM,CAAQ;IACrB,CAAC;IAEJ,KAAK,CAAC,QAAQ,CAAC,IAAiB;QAC9B,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QACrD,IAAI,QAAQ,KAAK,SAAS,EAAE;YAC1B,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,iBAAiB,IAAI,uDAAuD,CAC7E,CAAC;YACF,OAAO,KAAK,CAAC;SACd;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,cAAc;QAC1B,MAAM,eAAe,GAAG,KAAK,IAAI,EAAE;YACjC,iDAAiD;YACjD,IAAI,IAAI,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;gBACzD,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,8DAA8D,CAC/D,CAAC;gBACF,OAAO,EAAE,CAAC;aACX;YACD,MAAM,MAAM,GAAG,IAAA,yBAAY,EAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC7C,IAAI;gBACF,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,OAAO,CACnC,8DAA8D,EAC9D;oBACE,KAAK,EAAE,IAAI,CAAC,aAAa,CAAC,KAAK;oBAC/B,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,IAAI;iBAC9B,CACF,CAAC;gBACF,OAAO,QAAQ,CAAC,IAAI,CAAC;aACtB;YAAC,OAAO,CAAC,EAAE;gBACV,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,EAAE;oBAC3C,IAAI,CAAC,MAAM,CAAC,OAAO,CACjB,gGAAgG;wBAC9F,oEAAoE;wBACpE,qFAAqF;wBACrF,kFAAkF,CAAC,EAAE,CACxF,CAAC;iBACH;qBAAM;oBACL,uFAAuF;oBACvF,mFAAmF;oBACnF,2FAA2F;oBAC3F,qBAAqB;oBACrB,MAAM,IAAI,KAAK,CACb,4DAA4D,CAAC,EAAE,CAChE,CAAC;iBACH;aACF;QACH,CAAC,CAAC;QAEF,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,IAAI,CAAC,MAAM,eAAe,EAAE,CAAC,CAAC;QACxE,IAAI,CAAC,iBAAiB,GAAG,WAAW,CAAC;QACrC,OAAO,WAAW,CAAC;IACrB,CAAC;CACF;AAhED,gDAgEC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAAC,YAA2B;IAC5D,OAAO;QACL,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;YACvB,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACrC,CAAC;KACF,CAAC;AACJ,CAAC;AAND,gDAMC"}
--- a/lib/feature-flags.test.js
+++ b/lib/feature-flags.test.js
@@ -0,0 +1,95 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const ava_1 = __importDefault(require("ava"));
+const feature_flags_1 = require("./feature-flags");
+const logging_1 = require("./logging");
+const repository_1 = require("./repository");
+const testing_utils_1 = require("./testing-utils");
+const util_1 = require("./util");
+(0, testing_utils_1.setupTests)(ava_1.default);
+ava_1.default.beforeEach(() => {
+    (0, util_1.initializeEnvironment)(util_1.Mode.actions, "1.2.3");
+});
+const testApiDetails = {
+    auth: "1234",
+    url: "https://github.com",
+};
+const testRepositoryNwo = (0, repository_1.parseRepositoryNwo)("github/example");
+const ALL_FEATURE_FLAGS_DISABLED_VARIANTS = [
+    {
+        description: "GHES",
+        gitHubVersion: { type: util_1.GitHubVariant.GHES, version: "3.0.0" },
+    },
+    { description: "GHAE", gitHubVersion: { type: util_1.GitHubVariant.GHAE } },
+];
+for (const variant of ALL_FEATURE_FLAGS_DISABLED_VARIANTS) {
+    (0, ava_1.default)(`All feature flags are disabled if running against ${variant.description}`, async (t) => {
+        await (0, util_1.withTmpDir)(async (tmpDir) => {
+            (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
+            const loggedMessages = [];
+            const featureFlags = new feature_flags_1.GitHubFeatureFlags(variant.gitHubVersion, testApiDetails, testRepositoryNwo, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
+            for (const flag of Object.values(feature_flags_1.FeatureFlag)) {
+                t.assert((await featureFlags.getValue(flag)) === false);
+            }
+            t.assert(loggedMessages.find((v) => v.type === "debug" &&
+                v.message ===
+                    "Not running against github.com. Disabling all feature flags.") !== undefined);
+        });
+    });
+}
+(0, ava_1.default)("Feature flags are disabled if they're not returned in API response", async (t) => {
+    await (0, util_1.withTmpDir)(async (tmpDir) => {
+        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
+        const loggedMessages = [];
+        const featureFlags = new feature_flags_1.GitHubFeatureFlags({ type: util_1.GitHubVariant.DOTCOM }, testApiDetails, testRepositoryNwo, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
+        (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, {});
+        for (const flag of Object.values(feature_flags_1.FeatureFlag)) {
+            t.assert((await featureFlags.getValue(flag)) === false);
+        }
+        for (const featureFlag of [
+            "database_uploads_enabled",
+            "ml_powered_queries_enabled",
+        ]) {
+            t.assert(loggedMessages.find((v) => v.type === "debug" &&
+                v.message ===
+                    `Feature flag '${featureFlag}' undefined in API response, considering it disabled.`) !== undefined);
+        }
+    });
+});
+(0, ava_1.default)("Feature flags exception is propagated if the API request errors", async (t) => {
+    await (0, util_1.withTmpDir)(async (tmpDir) => {
+        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
+        const featureFlags = new feature_flags_1.GitHubFeatureFlags({ type: util_1.GitHubVariant.DOTCOM }, testApiDetails, testRepositoryNwo, (0, logging_1.getRunnerLogger)(true));
+        (0, testing_utils_1.mockFeatureFlagApiEndpoint)(500, {});
+        await t.throwsAsync(async () => featureFlags.getValue(feature_flags_1.FeatureFlag.DatabaseUploadsEnabled), {
+            message: "Encountered an error while trying to load feature flags: Error: some error message",
+        });
+    });
+});
+const FEATURE_FLAGS = [
+    "database_uploads_enabled",
+    "ml_powered_queries_enabled",
+];
+for (const featureFlag of FEATURE_FLAGS) {
+    (0, ava_1.default)(`Feature flag '${featureFlag}' is enabled if enabled in the API response`, async (t) => {
+        await (0, util_1.withTmpDir)(async (tmpDir) => {
+            (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
+            const featureFlags = new feature_flags_1.GitHubFeatureFlags({ type: util_1.GitHubVariant.DOTCOM }, testApiDetails, testRepositoryNwo, (0, logging_1.getRunnerLogger)(true));
+            const expectedFeatureFlags = {};
+            for (const f of FEATURE_FLAGS) {
+                expectedFeatureFlags[f] = false;
+            }
+            expectedFeatureFlags[featureFlag] = true;
+            (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, expectedFeatureFlags);
+            const actualFeatureFlags = {
+                database_uploads_enabled: await featureFlags.getValue(feature_flags_1.FeatureFlag.DatabaseUploadsEnabled),
+                ml_powered_queries_enabled: await featureFlags.getValue(feature_flags_1.FeatureFlag.MlPoweredQueriesEnabled),
+            };
+            t.deepEqual(actualFeatureFlags, expectedFeatureFlags);
+        });
+    });
+}
+//# sourceMappingURL=feature-flags.test.js.map
--- a/lib/feature-flags.test.js.map
+++ b/lib/feature-flags.test.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"feature-flags.test.js","sourceRoot":"","sources":["../src/feature-flags.test.ts"],"names":[],"mappings":";;;;;AAAA,8CAAuB;AAGvB,mDAAkE;AAClE,uCAA4C;AAC5C,6CAAkD;AAClD,mDAMyB;AAEzB,iCAAgF;AAEhF,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,aAAI,CAAC,UAAU,CAAC,GAAG,EAAE;IACnB,IAAA,4BAAqB,EAAC,WAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;AAC/C,CAAC,CAAC,CAAC;AAEH,MAAM,cAAc,GAAqB;IACvC,IAAI,EAAE,MAAM;IACZ,GAAG,EAAE,oBAAoB;CAC1B,CAAC;AAEF,MAAM,iBAAiB,GAAG,IAAA,+BAAkB,EAAC,gBAAgB,CAAC,CAAC;AAE/D,MAAM,mCAAmC,GAGpC;IACH;QACE,WAAW,EAAE,MAAM;QACnB,aAAa,EAAE,EAAE,IAAI,EAAE,oBAAa,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE;KAC9D;IACD,EAAE,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,oBAAa,CAAC,IAAI,EAAE,EAAE;CACrE,CAAC;AAEF,KAAK,MAAM,OAAO,IAAI,mCAAmC,EAAE;IACzD,IAAA,aAAI,EAAC,qDAAqD,OAAO,CAAC,WAAW,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC3F,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAM,EAAE,EAAE;YAChC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAEjC,MAAM,cAAc,GAAG,EAAE,CAAC;YAC1B,MAAM,YAAY,GAAG,IAAI,kCAAkB,CACzC,OAAO,CAAC,aAAa,EACrB,cAAc,EACd,iBAAiB,EACjB,IAAA,kCAAkB,EAAC,cAAc,CAAC,CACnC,CAAC;YAEF,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,2BAAW,CAAC,EAAE;gBAC7C,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC;aACzD;YAED,CAAC,CAAC,MAAM,CACN,cAAc,CAAC,IAAI,CACjB,CAAC,CAAgB,EAAE,EAAE,CACnB,CAAC,CAAC,IAAI,KAAK,OAAO;gBAClB,CAAC,CAAC,OAAO;oBACP,8DAA8D,CACnE,KAAK,SAAS,CAChB,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;CACJ;AAED,IAAA,aAAI,EAAC,oEAAoE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACrF,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAChC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,MAAM,cAAc,GAAG,EAAE,CAAC;QAC1B,MAAM,YAAY,GAAG,IAAI,kCAAkB,CACzC,EAAE,IAAI,EAAE,oBAAa,CAAC,MAAM,EAAE,EAC9B,cAAc,EACd,iBAAiB,EACjB,IAAA,kCAAkB,EAAC,cAAc,CAAC,CACnC,CAAC;QAEF,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,2BAAW,CAAC,EAAE;YAC7C,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC;SACzD;QAED,KAAK,MAAM,WAAW,IAAI;YACxB,0BAA0B;YAC1B,4BAA4B;SAC7B,EAAE;YACD,CAAC,CAAC,MAAM,CACN,cAAc,CAAC,IAAI,CACjB,CAAC,CAAgB,EAAE,EAAE,CACnB,CAAC,CAAC,IAAI,KAAK,OAAO;gBAClB,CAAC,CAAC,OAAO;oBACP,iBAAiB,WAAW,uDAAuD,CACxF,KAAK,SAAS,CAChB,CAAC;SACH;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,iEAAiE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAClF,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAChC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,MAAM,YAAY,GAAG,IAAI,kCAAkB,CACzC,EAAE,IAAI,EAAE,oBAAa,CAAC,MAAM,EAAE,EAC9B,cAAc,EACd,iBAAiB,EACjB,IAAA,yBAAe,EAAC,IAAI,CAAC,CACtB,CAAC;QAEF,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,MAAM,CAAC,CAAC,WAAW,CACjB,KAAK,IAAI,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,2BAAW,CAAC,sBAAsB,CAAC,EACrE;YACE,OAAO,EACL,oFAAoF;SACvF,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG;IACpB,0BAA0B;IAC1B,4BAA4B;CAC7B,CAAC;AAEF,KAAK,MAAM,WAAW,IAAI,aAAa,EAAE;IACvC,IAAA,aAAI,EAAC,iBAAiB,WAAW,6CAA6C,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC1F,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAM,EAAE,EAAE;YAChC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAEjC,MAAM,YAAY,GAAG,IAAI,kCAAkB,CACzC,EAAE,IAAI,EAAE,oBAAa,CAAC,MAAM,EAAE,EAC9B,cAAc,EACd,iBAAiB,EACjB,IAAA,yBAAe,EAAC,IAAI,CAAC,CACtB,CAAC;YAEF,MAAM,oBAAoB,GAAG,EAAE,CAAC;YAChC,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE;gBAC7B,oBAAoB,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;aACjC;YACD,oBAAoB,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC;YACzC,IAAA,0CAA0B,EAAC,GAAG,EAAE,oBAAoB,CAAC,CAAC;YAEtD,MAAM,kBAAkB,GAAG;gBACzB,wBAAwB,EAAE,MAAM,YAAY,CAAC,QAAQ,CACnD,2BAAW,CAAC,sBAAsB,CACnC;gBACD,0BAA0B,EAAE,MAAM,YAAY,CAAC,QAAQ,CACrD,2BAAW,CAAC,uBAAuB,CACpC;aACF,CAAC;YAEF,CAAC,CAAC,SAAS,CAAC,kBAAkB,EAAE,oBAAoB,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;CACJ"}
--- a/lib/fingerprints.js
+++ b/lib/fingerprints.js
@@ -226,9 +226,8 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) {
 exports.resolveUriToFile = resolveUriToFile;
 // Compute fingerprints for results in the given sarif file
 // and return an updated sarif file contents.
-async function addFingerprints(sarifContents, sourceRoot, logger) {
+async function addFingerprints(sarif, sourceRoot, logger) {
    var _a, _b, _c;
-    const sarif = JSON.parse(sarifContents);
    // Gather together results for the same file and construct
    // callbacks to accept hashes for that file and update the location
    const callbacksByFile = {};
@@ -266,7 +265,7 @@ async function addFingerprints(sarifContents, sourceRoot, logger) {
        };
        await hash(teeCallback, filepath);
    }
-    return JSON.stringify(sarif);
+    return sarif;
 }
 exports.addFingerprints = addFingerprints;
 //# sourceMappingURL=fingerprints.js.map
--- a/lib/fingerprints.js.map
+++ b/lib/fingerprints.js.map
--- a/lib/fingerprints.test.js
+++ b/lib/fingerprints.test.js
@@ -169,30 +169,24 @@ function testResolveUriToFile(uri, index, artifactsURIs) {
 });
 (0, ava_1.default)("addFingerprints", async (t) => {
    // Run an end-to-end test on a test file
-    let input = fs
+    const input = JSON.parse(fs
        .readFileSync(`${__dirname}/../src/testdata/fingerprinting.input.sarif`)
-        .toString();
-    let expected = fs
+        .toString());
+    const expected = JSON.parse(fs
        .readFileSync(`${__dirname}/../src/testdata/fingerprinting.expected.sarif`)
-        .toString();
-    // The test files are stored prettified, but addFingerprints outputs condensed JSON
-    input = JSON.stringify(JSON.parse(input));
-    expected = JSON.stringify(JSON.parse(expected));
+        .toString());
    // The URIs in the SARIF files resolve to files in the testdata directory
    const sourceRoot = path.normalize(`${__dirname}/../src/testdata`);
    t.deepEqual(await fingerprints.addFingerprints(input, sourceRoot, (0, logging_1.getRunnerLogger)(true)), expected);
 });
 (0, ava_1.default)("missingRegions", async (t) => {
    // Run an end-to-end test on a test file
-    let input = fs
+    const input = JSON.parse(fs
        .readFileSync(`${__dirname}/../src/testdata/fingerprinting2.input.sarif`)
-        .toString();
-    let expected = fs
+        .toString());
+    const expected = JSON.parse(fs
        .readFileSync(`${__dirname}/../src/testdata/fingerprinting2.expected.sarif`)
-        .toString();
-    // The test files are stored prettified, but addFingerprints outputs condensed JSON
-    input = JSON.stringify(JSON.parse(input));
-    expected = JSON.stringify(JSON.parse(expected));
+        .toString());
    // The URIs in the SARIF files resolve to files in the testdata directory
    const sourceRoot = path.normalize(`${__dirname}/../src/testdata`);
    t.deepEqual(await fingerprints.addFingerprints(input, sourceRoot, (0, logging_1.getRunnerLogger)(true)), expected);
--- a/lib/fingerprints.test.js.map
+++ b/lib/fingerprints.test.js.map
--- a/lib/init-action.js
+++ b/lib/init-action.js
@@ -23,6 +23,7 @@ const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
 const actions_util_1 = require("./actions-util");
 const codeql_1 = require("./codeql");
+const feature_flags_1 = require("./feature-flags");
 const init_1 = require("./init");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
@@ -78,6 +79,8 @@ async function run() {
    };
    const gitHubVersion = await (0, util_1.getGitHubVersion)(apiDetails);
    (0, util_1.checkGitHubVersionInRange)(gitHubVersion, logger, util_1.Mode.actions);
+    const repositoryNwo = (0, repository_1.parseRepositoryNwo)((0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY"));
+    const featureFlags = new feature_flags_1.GitHubFeatureFlags(gitHubVersion, apiDetails, repositoryNwo, logger);
    try {
        const workflowErrors = await (0, actions_util_1.validateWorkflow)();
        if (!(await (0, actions_util_1.sendStatusReport)(await (0, actions_util_1.createStatusReportBase)("init", "starting", startedAt, workflowErrors)))) {
@@ -87,7 +90,11 @@ async function run() {
        codeql = initCodeQLResult.codeql;
        toolsVersion = initCodeQLResult.toolsVersion;
        await (0, util_1.enrichEnvironment)(util_1.Mode.actions, codeql);
-        config = await (0, init_1.initConfig)((0, actions_util_1.getOptionalInput)("languages"), (0, actions_util_1.getOptionalInput)("queries"), (0, actions_util_1.getOptionalInput)("packs"), (0, actions_util_1.getOptionalInput)("config-file"), (0, actions_util_1.getOptionalInput)("db-location"), (0, actions_util_1.getOptionalInput)("debug") === "true", (0, repository_1.parseRepositoryNwo)((0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY")), (0, actions_util_1.getTemporaryDirectory)(), (0, util_1.getRequiredEnvParam)("RUNNER_TOOL_CACHE"), codeql, (0, util_1.getRequiredEnvParam)("GITHUB_WORKSPACE"), gitHubVersion, apiDetails, logger);
+        config = await (0, init_1.initConfig)((0, actions_util_1.getOptionalInput)("languages"), (0, actions_util_1.getOptionalInput)("queries"), (0, actions_util_1.getOptionalInput)("packs"), (0, actions_util_1.getOptionalInput)("config-file"), (0, actions_util_1.getOptionalInput)("db-location"), (0, actions_util_1.getOptionalInput)("debug") === "true", (0, actions_util_1.getOptionalInput)("debug-artifact-name") || util_1.DEFAULT_DEBUG_ARTIFACT_NAME, (0, actions_util_1.getOptionalInput)("debug-database-name") || util_1.DEFAULT_DEBUG_DATABASE_NAME, repositoryNwo, (0, actions_util_1.getTemporaryDirectory)(), (0, util_1.getRequiredEnvParam)("RUNNER_TOOL_CACHE"), codeql, (0, util_1.getRequiredEnvParam)("GITHUB_WORKSPACE"), gitHubVersion, apiDetails, featureFlags, logger);
+        if (config.languages.some(languages_1.isTracedLanguage)) {
+            // We currently do not support tracing on Windows 11 and Windows Server 2022
+            (0, util_1.checkNotWindows11)();
+        }
        if (config.languages.includes(languages_1.Language.python) &&
            (0, actions_util_1.getRequiredInput)("setup-python-dependencies") === "true") {
            try {
--- a/lib/init-action.js.map
+++ b/lib/init-action.js.map
--- a/lib/init.js
+++ b/lib/init.js
@@ -38,24 +38,39 @@ async function initCodeQL(codeqlURL, apiDetails, tempDir, toolCacheDir, variant,
    return { codeql, toolsVersion };
 }
 exports.initCodeQL = initCodeQL;
-async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger) {
+async function initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger) {
    logger.startGroup("Load language configuration");
-    const config = await configUtils.initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, logger);
+    const config = await configUtils.initConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, toolCacheDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureFlags, logger);
    analysisPaths.printPathFiltersWarning(config, logger);
    logger.endGroup();
    return config;
 }
 exports.initConfig = initConfig;
 async function runInit(codeql, config, sourceRoot, processName, processLevel) {
+    var _a;
    fs.mkdirSync(config.dbLocation, { recursive: true });
-    if (await (0, util_1.codeQlVersionAbove)(codeql, codeql_1.CODEQL_VERSION_NEW_TRACING)) {
-        // Init a database cluster
-        await codeql.databaseInitCluster(config.dbLocation, config.languages, sourceRoot, processName, processLevel);
+    try {
+        if (await (0, util_1.codeQlVersionAbove)(codeql, codeql_1.CODEQL_VERSION_NEW_TRACING)) {
+            // Init a database cluster
+            await codeql.databaseInitCluster(config.dbLocation, config.languages, sourceRoot, processName, processLevel);
+        }
+        else {
+            for (const language of config.languages) {
+                // Init language database
+                await codeql.databaseInit(util.getCodeQLDatabasePath(config, language), language, sourceRoot);
+            }
+        }
    }
-    else {
-        for (const language of config.languages) {
-            // Init language database
-            await codeql.databaseInit(util.getCodeQLDatabasePath(config, language), language, sourceRoot);
+    catch (e) {
+        // Handle the situation where init is called twice
+        // for the same database in the same job.
+        if (e instanceof Error &&
+            ((_a = e.message) === null || _a === void 0 ? void 0 : _a.includes("Refusing to create databases")) &&
+            e.message.includes("exists and is not an empty directory.")) {
+            throw new Error(`Is the "init" action called twice in the same job? ${e.message}`);
+        }
+        else {
+            throw e;
        }
    }
    return await (0, tracer_config_1.getCombinedTracerConfig)(config, codeql);
--- a/lib/init.js.map
+++ b/lib/init.js.map
@@ -1 +1 @@
-{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA2E;AAC3E,4DAA8C;AAG9C,mDAAwE;AACxE,6CAA+B;AAC/B,iCAA4C;AAErC,KAAK,UAAU,UAAU,CAC9B,SAA6B,EAC7B,UAA4B,EAC5B,OAAe,EACf,YAAoB,EACpB,OAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAA,oBAAW,EAChD,SAAS,EACT,UAAU,EACV,OAAO,EACP,YAAY,EACZ,OAAO,EACP,MAAM,EACN,IAAI,CACL,CAAC;IACF,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;AAClC,CAAC;AArBD,gCAqBC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,UAA8B,EAC9B,UAA8B,EAC9B,SAAkB,EAClB,UAAyB,EACzB,OAAe,EACf,YAAoB,EACpB,MAAc,EACd,aAAqB,EACrB,aAAiC,EACjC,UAAoC,EACpC,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,UAAU,EACV,UAAU,EACV,SAAS,EACT,UAAU,EACV,OAAO,EACP,YAAY,EACZ,MAAM,EACN,aAAa,EACb,aAAa,EACb,UAAU,EACV,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AApCD,gCAoCC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B,EAC1B,UAAkB,EAClB,WAA+B,EAC/B,YAAgC;IAEhC,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAErD,IAAI,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,mCAA0B,CAAC,EAAE;QAChE,0BAA0B;QAC1B,MAAM,MAAM,CAAC,mBAAmB,CAC9B,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,SAAS,EAChB,UAAU,EACV,WAAW,EACX,YAAY,CACb,CAAC;KACH;SAAM;QACL,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;YACvC,yBAAyB;YACzB,MAAM,MAAM,CAAC,YAAY,CACvB,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAC5C,QAAQ,EACR,UAAU,CACX,CAAC;SACH;KACF;IAED,OAAO,MAAM,IAAA,uCAAuB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AA9BD,0BA8BC;AAED,sEAAsE;AACtE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,+CAA+C;AACxC,KAAK,UAAU,mBAAmB,CACvC,WAA+B,EAC/B,YAAgC,EAChC,MAA0B,EAC1B,MAAc,EACd,YAA0B;IAE1B,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,KAAK,SAAS,EAAE;QAC7B,MAAM,GAAG;;;;;;;;;;;;uCAY0B,WAAW;;8BAEpB,WAAW;;;;;;;;gDAQO,CAAC;KAC9C;SAAM;QACL,oEAAoE;QACpE,mFAAmF;QACnF,+EAA+E;QAC/E,kFAAkF;QAClF,6EAA6E;QAC7E,oFAAoF;QACpF,6CAA6C;QAC7C,YAAY,GAAG,YAAY,IAAI,CAAC,CAAC;QACjC,MAAM,GAAG;;;;;;;;4BAQe,YAAY;;;;;;;;;;;;;;;;;;;;;gDAqBQ,CAAC;KAC9C;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IACxE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EACvC;QACE,kBAAkB;QAClB,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,IAAI,CAAC,OAAO,CACV,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EAC9B,OAAO,EACP,OAAO,EACP,YAAY,CACb;KACF,EACD,EAAE,GAAG,EAAE,EAAE,0BAA0B,EAAE,YAAY,CAAC,IAAI,EAAE,EAAE,CAC3D,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AA5FD,kDA4FC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,IAAI;QACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;gBACvE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC;aAC9C,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;SACV;QACD,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;gBAChE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,gFAAgF,CAAC,IAAI;YACnF,qGAAqG;YACrG,oGAAoG;YACpG,iDAAiD,CACpD,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAtCD,8CAsCC"}
+{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA2E;AAC3E,4DAA8C;AAI9C,mDAAwE;AACxE,6CAA+B;AAC/B,iCAA4C;AAErC,KAAK,UAAU,UAAU,CAC9B,SAA6B,EAC7B,UAA4B,EAC5B,OAAe,EACf,YAAoB,EACpB,OAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAA,oBAAW,EAChD,SAAS,EACT,UAAU,EACV,OAAO,EACP,YAAY,EACZ,OAAO,EACP,MAAM,EACN,IAAI,CACL,CAAC;IACF,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;AAClC,CAAC;AArBD,gCAqBC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,UAA8B,EAC9B,UAA8B,EAC9B,SAAkB,EAClB,iBAAyB,EACzB,iBAAyB,EACzB,UAAyB,EACzB,OAAe,EACf,YAAoB,EACpB,MAAc,EACd,aAAqB,EACrB,aAAiC,EACjC,UAAoC,EACpC,YAA0B,EAC1B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,UAAU,EACV,UAAU,EACV,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,UAAU,EACV,OAAO,EACP,YAAY,EACZ,MAAM,EACN,aAAa,EACb,aAAa,EACb,UAAU,EACV,YAAY,EACZ,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AA1CD,gCA0CC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B,EAC1B,UAAkB,EAClB,WAA+B,EAC/B,YAAgC;;IAEhC,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAErD,IAAI;QACF,IAAI,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,mCAA0B,CAAC,EAAE;YAChE,0BAA0B;YAC1B,MAAM,MAAM,CAAC,mBAAmB,CAC9B,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,SAAS,EAChB,UAAU,EACV,WAAW,EACX,YAAY,CACb,CAAC;SACH;aAAM;YACL,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;gBACvC,yBAAyB;gBACzB,MAAM,MAAM,CAAC,YAAY,CACvB,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAC5C,QAAQ,EACR,UAAU,CACX,CAAC;aACH;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,kDAAkD;QAClD,yCAAyC;QACzC,IACE,CAAC,YAAY,KAAK;aAClB,MAAA,CAAC,CAAC,OAAO,0CAAE,QAAQ,CAAC,8BAA8B,CAAC,CAAA;YACnD,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,uCAAuC,CAAC,EAC3D;YACA,MAAM,IAAI,KAAK,CACb,sDAAsD,CAAC,CAAC,OAAO,EAAE,CAClE,CAAC;SACH;aAAM;YACL,MAAM,CAAC,CAAC;SACT;KACF;IACD,OAAO,MAAM,IAAA,uCAAuB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AA7CD,0BA6CC;AAED,sEAAsE;AACtE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,+CAA+C;AACxC,KAAK,UAAU,mBAAmB,CACvC,WAA+B,EAC/B,YAAgC,EAChC,MAA0B,EAC1B,MAAc,EACd,YAA0B;IAE1B,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,KAAK,SAAS,EAAE;QAC7B,MAAM,GAAG;;;;;;;;;;;;uCAY0B,WAAW;;8BAEpB,WAAW;;;;;;;;gDAQO,CAAC;KAC9C;SAAM;QACL,oEAAoE;QACpE,mFAAmF;QACnF,+EAA+E;QAC/E,kFAAkF;QAClF,6EAA6E;QAC7E,oFAAoF;QACpF,6CAA6C;QAC7C,YAAY,GAAG,YAAY,IAAI,CAAC,CAAC;QACjC,MAAM,GAAG;;;;;;;;4BAQe,YAAY;;;;;;;;;;;;;;;;;;;;;gDAqBQ,CAAC;KAC9C;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IACxE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EACvC;QACE,kBAAkB;QAClB,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,IAAI,CAAC,OAAO,CACV,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EAC9B,OAAO,EACP,OAAO,EACP,YAAY,CACb;KACF,EACD,EAAE,GAAG,EAAE,EAAE,0BAA0B,EAAE,YAAY,CAAC,IAAI,EAAE,EAAE,CAC3D,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AA5FD,kDA4FC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,IAAI;QACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;gBACvE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC;aAC9C,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;SACV;QACD,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;gBAChE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,gFAAgF,CAAC,IAAI;YACnF,qGAAqG;YACrG,oGAAoG;YACpG,iDAAiD,CACpD,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAtCD,8CAsCC"}
--- a/lib/runner.js
+++ b/lib/runner.js
@@ -18,15 +18,20 @@ var __importStar = (this && this.__importStar) || function (mod) {
    __setModuleDefault(result, mod);
    return result;
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
 const commander_1 = require("commander");
+const del_1 = __importDefault(require("del"));
 const analyze_1 = require("./analyze");
 const autobuild_1 = require("./autobuild");
 const codeql_1 = require("./codeql");
 const config_utils_1 = require("./config-utils");
+const feature_flags_1 = require("./feature-flags");
 const init_1 = require("./init");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
@@ -133,7 +138,7 @@ program
        const checkoutPath = cmd.checkoutPath || process.cwd();
        // Wipe the temp dir
        logger.info(`Cleaning temp directory ${tempDir}`);
-        fs.rmSync(tempDir, { recursive: true, force: true });
+        await (0, del_1.default)(tempDir, { force: true });
        fs.mkdirSync(tempDir, { recursive: true });
        const auth = await (0, util_1.getGitHubAuth)(logger, cmd.githubAuth, cmd.githubAuthStdin);
        const apiDetails = {
@@ -159,7 +164,7 @@ program
        }
        await (0, util_1.enrichEnvironment)(util_1.Mode.runner, codeql);
        const workspacePath = checkoutPath;
-        const config = await (0, init_1.initConfig)(cmd.languages, cmd.queries, cmd.packs, cmd.configFile, undefined, false, (0, repository_1.parseRepositoryNwo)(cmd.repository), tempDir, toolsDir, codeql, workspacePath, gitHubVersion, apiDetails, logger);
+        const config = await (0, init_1.initConfig)(cmd.languages, cmd.queries, cmd.packs, cmd.configFile, undefined, false, "", "", (0, repository_1.parseRepositoryNwo)(cmd.repository), tempDir, toolsDir, codeql, workspacePath, gitHubVersion, apiDetails, (0, feature_flags_1.createFeatureFlags)([]), logger);
        const sourceRoot = checkoutPath;
        const tracerConfig = await (0, init_1.runInit)(codeql, config, sourceRoot, parseTraceProcessName(), parseTraceProcessLevel());
        if (tracerConfig === undefined) {
--- a/lib/runner.js.map
+++ b/lib/runner.js.map
--- a/lib/testing-utils.js
+++ b/lib/testing-utils.js
@@ -19,9 +19,12 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.setupActionsVars = exports.setupTests = void 0;
+exports.mockFeatureFlagApiEndpoint = exports.getRecordingLogger = exports.setupActionsVars = exports.setupTests = void 0;
+const github = __importStar(require("@actions/github"));
 const sinon = __importStar(require("sinon"));
+const apiClient = __importStar(require("./api-client"));
 const CodeQL = __importStar(require("./codeql"));
+const util_1 = require("./util");
 function wrapOutput(context) {
    // Function signature taken from Socket.write.
    // Note there are two overloads:
@@ -89,4 +92,48 @@ function setupActionsVars(tempDir, toolsDir) {
    process.env["RUNNER_TOOL_CACHE"] = toolsDir;
 }
 exports.setupActionsVars = setupActionsVars;
+function getRecordingLogger(messages) {
+    return {
+        debug: (message) => {
+            messages.push({ type: "debug", message });
+            console.debug(message);
+        },
+        info: (message) => {
+            messages.push({ type: "info", message });
+            console.info(message);
+        },
+        warning: (message) => {
+            messages.push({ type: "warning", message });
+            console.warn(message);
+        },
+        error: (message) => {
+            messages.push({ type: "error", message });
+            console.error(message);
+        },
+        isDebug: () => true,
+        startGroup: () => undefined,
+        endGroup: () => undefined,
+    };
+}
+exports.getRecordingLogger = getRecordingLogger;
+/** Mock the HTTP request to the feature flags enablement API endpoint. */
+function mockFeatureFlagApiEndpoint(responseStatusCode, response) {
+    // Passing an auth token is required, so we just use a dummy value
+    const client = github.getOctokit("123");
+    const requestSpy = sinon.stub(client, "request");
+    const optInSpy = requestSpy.withArgs("GET /repos/:owner/:repo/code-scanning/codeql-action/features");
+    if (responseStatusCode < 300) {
+        optInSpy.resolves({
+            status: responseStatusCode,
+            data: response,
+            headers: {},
+            url: "GET /repos/:owner/:repo/code-scanning/codeql-action/features",
+        });
+    }
+    else {
+        optInSpy.throws(new util_1.HTTPError("some error message", responseStatusCode));
+    }
+    sinon.stub(apiClient, "getApiClient").value(() => client);
+}
+exports.mockFeatureFlagApiEndpoint = mockFeatureFlagApiEndpoint;
 //# sourceMappingURL=testing-utils.js.map
--- a/lib/testing-utils.js.map
+++ b/lib/testing-utils.js.map
@@ -1 +1 @@
-{"version":3,"file":"testing-utils.js","sourceRoot":"","sources":["../src/testing-utils.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AACA,6CAA+B;AAE/B,iDAAmC;AASnC,SAAS,UAAU,CAAC,OAAoB;IACtC,8CAA8C;IAC9C,gCAAgC;IAChC,2EAA2E;IAC3E,2FAA2F;IAC3F,OAAO,CACL,KAA0B,EAC1B,QAAiB,EACjB,EAA0B,EACjB,EAAE;QACX,2CAA2C;QAC3C,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE;YACtD,EAAE,GAAG,QAAQ,CAAC;YACd,QAAQ,GAAG,SAAS,CAAC;SACtB;QAED,oBAAoB;QACpB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;YAC7B,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;SAC7B;aAAM;YACL,OAAO,CAAC,UAAU,IAAI,IAAI,WAAW,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;SAC1E;QAED,iDAAiD;QACjD,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,EAAE,KAAK,UAAU,EAAE;YAChD,EAAE,EAAE,CAAC;SACN;QAED,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;AACJ,CAAC;AAED,SAAgB,UAAU,CAAC,IAAwB;IACjD,MAAM,SAAS,GAAG,IAAkC,CAAC;IAErD,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE;QACzB,gEAAgE;QAChE,0CAA0C;QAC1C,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAErB,iEAAiE;QACjE,CAAC,CAAC,OAAO,CAAC,UAAU,GAAG,EAAE,CAAC;QAC1B,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;QACpD,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;QAEpD,mEAAmE;QACnE,wEAAwE;QACxE,kEAAkE;QAClE,CAAC,CAAC,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC;QACnB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAC/B,4BAA4B;QAC5B,0DAA0D;QAC1D,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;SAC5C;QAED,uCAAuC;QACvC,KAAK,CAAC,OAAO,EAAE,CAAC;QAEhB,oCAAoC;QACpC,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IAC9B,CAAC,CAAC,CAAC;AACL,CAAC;AAvCD,gCAuCC;AAED,yEAAyE;AACzE,sDAAsD;AACtD,SAAgB,gBAAgB,CAAC,OAAe,EAAE,QAAgB;IAChE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,QAAQ,CAAC;AAC9C,CAAC;AAHD,4CAGC"}
+{"version":3,"file":"testing-utils.js","sourceRoot":"","sources":["../src/testing-utils.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,wDAA0C;AAE1C,6CAA+B;AAE/B,wDAA0C;AAC1C,iDAAmC;AAEnC,iCAAmC;AASnC,SAAS,UAAU,CAAC,OAAoB;IACtC,8CAA8C;IAC9C,gCAAgC;IAChC,2EAA2E;IAC3E,2FAA2F;IAC3F,OAAO,CACL,KAA0B,EAC1B,QAAiB,EACjB,EAA0B,EACjB,EAAE;QACX,2CAA2C;QAC3C,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE;YACtD,EAAE,GAAG,QAAQ,CAAC;YACd,QAAQ,GAAG,SAAS,CAAC;SACtB;QAED,oBAAoB;QACpB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;YAC7B,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC;SAC7B;aAAM;YACL,OAAO,CAAC,UAAU,IAAI,IAAI,WAAW,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;SAC1E;QAED,iDAAiD;QACjD,IAAI,EAAE,KAAK,SAAS,IAAI,OAAO,EAAE,KAAK,UAAU,EAAE;YAChD,EAAE,EAAE,CAAC;SACN;QAED,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;AACJ,CAAC;AAED,SAAgB,UAAU,CAAC,IAAwB;IACjD,MAAM,SAAS,GAAG,IAAkC,CAAC;IAErD,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE;QACzB,gEAAgE;QAChE,0CAA0C;QAC1C,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAErB,iEAAiE;QACjE,CAAC,CAAC,OAAO,CAAC,UAAU,GAAG,EAAE,CAAC;QAC1B,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;QACpD,MAAM,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrE,CAAC,CAAC,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC;QAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAQ,CAAC;QAEpD,mEAAmE;QACnE,wEAAwE;QACxE,kEAAkE;QAClE,CAAC,CAAC,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC;QACnB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAC/B,4BAA4B;QAC5B,0DAA0D;QAC1D,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;SAC5C;QAED,uCAAuC;QACvC,KAAK,CAAC,OAAO,EAAE,CAAC;QAEhB,oCAAoC;QACpC,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC;IAC9B,CAAC,CAAC,CAAC;AACL,CAAC;AAvCD,gCAuCC;AAED,yEAAyE;AACzE,sDAAsD;AACtD,SAAgB,gBAAgB,CAAC,OAAe,EAAE,QAAgB;IAChE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,QAAQ,CAAC;AAC9C,CAAC;AAHD,4CAGC;AAOD,SAAgB,kBAAkB,CAAC,QAAyB;IAC1D,OAAO;QACL,KAAK,EAAE,CAAC,OAAe,EAAE,EAAE;YACzB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QACD,IAAI,EAAE,CAAC,OAAe,EAAE,EAAE;YACxB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YACzC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;QACD,OAAO,EAAE,CAAC,OAAuB,EAAE,EAAE;YACnC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,CAAC;YAC5C,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;QACD,KAAK,EAAE,CAAC,OAAuB,EAAE,EAAE;YACjC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,GAAG,EAAE,CAAC,IAAI;QACnB,UAAU,EAAE,GAAG,EAAE,CAAC,SAAS;QAC3B,QAAQ,EAAE,GAAG,EAAE,CAAC,SAAS;KAC1B,CAAC;AACJ,CAAC;AAtBD,gDAsBC;AAED,0EAA0E;AAC1E,SAAgB,0BAA0B,CACxC,kBAA0B,EAC1B,QAAyC;IAEzC,kEAAkE;IAClE,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;IAExC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAEjD,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,CAClC,8DAA8D,CAC/D,CAAC;IACF,IAAI,kBAAkB,GAAG,GAAG,EAAE;QAC5B,QAAQ,CAAC,QAAQ,CAAC;YAChB,MAAM,EAAE,kBAAkB;YAC1B,IAAI,EAAE,QAAQ;YACd,OAAO,EAAE,EAAE;YACX,GAAG,EAAE,8DAA8D;SACpE,CAAC,CAAC;KACJ;SAAM;QACL,QAAQ,CAAC,MAAM,CAAC,IAAI,gBAAS,CAAC,oBAAoB,EAAE,kBAAkB,CAAC,CAAC,CAAC;KAC1E;IAED,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC;AAC5D,CAAC;AAxBD,gEAwBC"}
--- a/lib/toolcache.js
+++ b/lib/toolcache.js
@@ -18,6 +18,9 @@ var __importStar = (this && this.__importStar) || function (mod) {
    __setModuleDefault(result, mod);
    return result;
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.downloadTool = exports.findAllVersions = exports.find = exports.cacheDir = exports.extractTar = void 0;
 const fs = __importStar(require("fs"));
@@ -27,6 +30,7 @@ const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const io = __importStar(require("@actions/io"));
 const actionsToolcache = __importStar(require("@actions/tool-cache"));
 const safeWhich = __importStar(require("@chrisgavin/safe-which"));
+const del_1 = __importDefault(require("del"));
 const semver = __importStar(require("semver"));
 const uuid_1 = require("uuid");
 const util_1 = require("./util");
@@ -123,7 +127,7 @@ async function cacheDir(sourceDir, tool, version, toolCacheDir, logger) {
            throw new Error("sourceDir is not a directory");
        }
        // Create the tool dir
-        const destPath = createToolPath(tool, version, arch, toolCacheDir, logger);
+        const destPath = await createToolPath(tool, version, arch, toolCacheDir, logger);
        // copy each child item. do not move. move can fail on Windows
        // due to anti-virus software having an open handle on a file.
        for (const itemName of fs.readdirSync(sourceDir)) {
@@ -232,12 +236,12 @@ function createExtractFolder(tempDir) {
    }
    return dest;
 }
-function createToolPath(tool, version, arch, toolCacheDir, logger) {
+async function createToolPath(tool, version, arch, toolCacheDir, logger) {
    const folderPath = path.join(toolCacheDir, tool, semver.clean(version) || version, arch || "");
    logger.debug(`destination ${folderPath}`);
    const markerPath = `${folderPath}.complete`;
-    fs.rmSync(folderPath, { recursive: true, force: true });
-    fs.rmSync(markerPath, { recursive: true, force: true });
+    await (0, del_1.default)(folderPath, { force: true });
+    await (0, del_1.default)(markerPath, { force: true });
    fs.mkdirSync(folderPath, { recursive: true });
    return folderPath;
 }
--- a/lib/toolcache.js.map
+++ b/lib/toolcache.js.map
--- a/lib/toolrunner-error-catcher.js
+++ b/lib/toolrunner-error-catcher.js
@@ -44,10 +44,6 @@ async function toolrunnerErrorCatcher(commandLine, args, matchers, options) {
            if (((_a = options === null || options === void 0 ? void 0 : options.listeners) === null || _a === void 0 ? void 0 : _a.stdout) !== undefined) {
                options.listeners.stdout(data);
            }
-            else {
-                // if no stdout listener was originally defined then we match default behavior of Toolrunner
-                process.stdout.write(data);
-            }
        },
        stderr: (data) => {
            var _a;
@@ -55,10 +51,6 @@ async function toolrunnerErrorCatcher(commandLine, args, matchers, options) {
            if (((_a = options === null || options === void 0 ? void 0 : options.listeners) === null || _a === void 0 ? void 0 : _a.stderr) !== undefined) {
                options.listeners.stderr(data);
            }
-            else {
-                // if no stderr listener was originally defined then we match default behavior of Toolrunner
-                process.stderr.write(data);
-            }
        },
    };
    // we capture the original return code or error so that if no match is found we can duplicate the behavior
--- a/lib/toolrunner-error-catcher.js.map
+++ b/lib/toolrunner-error-catcher.js.map
@@ -1 +1 @@
-{"version":3,"file":"toolrunner-error-catcher.js","sourceRoot":"","sources":["../src/toolrunner-error-catcher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AACA,yEAA2D;AAC3D,kEAAoD;AAIpD;;;;;;;;;;GAUG;AACI,KAAK,UAAU,sBAAsB,CAC1C,WAAmB,EACnB,IAAe,EACf,QAAyB,EACzB,OAAwB;;IAExB,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,MAAM,SAAS,GAAG;QAChB,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;iBAAM;gBACL,4FAA4F;gBAC5F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;aAC5B;QACH,CAAC;QACD,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;iBAAM;gBACL,4FAA4F;gBAC5F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;aAC5B;QACH,CAAC;KACF,CAAC;IAEF,0GAA0G;IAC1G,IAAI,WAA2B,CAAC;IAChC,IAAI;QACF,WAAW,GAAG,MAAM,IAAI,UAAU,CAAC,UAAU,CAC3C,MAAM,SAAS,CAAC,SAAS,CAAC,WAAW,CAAC,EACtC,IAAI,EACJ;YACE,GAAG,OAAO;YACV,SAAS;YACT,gBAAgB,EAAE,IAAI,EAAE,wDAAwD;SACjF,CACF,CAAC,IAAI,EAAE,CAAC;KACV;IAAC,OAAO,CAAC,EAAE;QACV,WAAW,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;KAC7D;IAED,mEAAmE;IACnE,IAAI,WAAW,KAAK,CAAC;QAAE,OAAO,WAAW,CAAC;IAE1C,IAAI,QAAQ,EAAE;QACZ,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;YAC9B,IACE,OAAO,CAAC,QAAQ,KAAK,WAAW;iBAChC,MAAA,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,CAAC,CAAA;iBACjC,MAAA,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,CAAC,CAAA,EACjC;gBACA,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;aAClC;SACF;KACF;IAED,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE;QACnC,qFAAqF;QACrF,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gBAAgB,EAAE;YAC7B,OAAO,WAAW,CAAC;SACpB;aAAM;YACL,MAAM,IAAI,KAAK,CACb,gBAAgB,WAAW,2BAA2B,WAAW,EAAE,CACpE,CAAC;SACH;KACF;SAAM;QACL,MAAM,WAAW,CAAC;KACnB;AACH,CAAC;AAzED,wDAyEC"}
+{"version":3,"file":"toolrunner-error-catcher.js","sourceRoot":"","sources":["../src/toolrunner-error-catcher.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AACA,yEAA2D;AAC3D,kEAAoD;AAIpD;;;;;;;;;;GAUG;AACI,KAAK,UAAU,sBAAsB,CAC1C,WAAmB,EACnB,IAAe,EACf,QAAyB,EACzB,OAAwB;;IAExB,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,MAAM,SAAS,GAAG;QAChB,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;QACH,CAAC;QACD,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;QACH,CAAC;KACF,CAAC;IAEF,0GAA0G;IAC1G,IAAI,WAA2B,CAAC;IAChC,IAAI;QACF,WAAW,GAAG,MAAM,IAAI,UAAU,CAAC,UAAU,CAC3C,MAAM,SAAS,CAAC,SAAS,CAAC,WAAW,CAAC,EACtC,IAAI,EACJ;YACE,GAAG,OAAO;YACV,SAAS;YACT,gBAAgB,EAAE,IAAI,EAAE,wDAAwD;SACjF,CACF,CAAC,IAAI,EAAE,CAAC;KACV;IAAC,OAAO,CAAC,EAAE;QACV,WAAW,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;KAC7D;IAED,mEAAmE;IACnE,IAAI,WAAW,KAAK,CAAC;QAAE,OAAO,WAAW,CAAC;IAE1C,IAAI,QAAQ,EAAE;QACZ,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;YAC9B,IACE,OAAO,CAAC,QAAQ,KAAK,WAAW;iBAChC,MAAA,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,CAAC,CAAA;iBACjC,MAAA,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,CAAC,CAAA,EACjC;gBACA,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;aAClC;SACF;KACF;IAED,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE;QACnC,qFAAqF;QACrF,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gBAAgB,EAAE;YAC7B,OAAO,WAAW,CAAC;SACpB;aAAM;YACL,MAAM,IAAI,KAAK,CACb,gBAAgB,WAAW,2BAA2B,WAAW,EAAE,CACpE,CAAC;SACH;KACF;SAAM;QACL,MAAM,WAAW,CAAC;KACnB;AACH,CAAC;AAnED,wDAmEC"}
--- a/lib/tracer-config.test.js
+++ b/lib/tracer-config.test.js
@@ -45,6 +45,8 @@ function getTestConfig(tmpDir) {
        dbLocation: path.resolve(tmpDir, "codeql_databases"),
        packs: {},
        debugMode: false,
+        debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
+        debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
    };
 }
 // A very minimal setup
--- a/lib/tracer-config.test.js.map
+++ b/lib/tracer-config.test.js.map
--- a/lib/upload-lib.js
+++ b/lib/upload-lib.js
@@ -54,25 +54,24 @@ function combineSarifFiles(sarifFiles) {
        }
        combinedSarif.runs.push(...sarifObject.runs);
    }
-    return JSON.stringify(combinedSarif);
+    return combinedSarif;
 }
 exports.combineSarifFiles = combineSarifFiles;
 // Populates the run.automationDetails.id field using the analysis_key and environment
 // and return an updated sarif file contents.
-function populateRunAutomationDetails(sarifContents, category, analysis_key, environment) {
-    if (analysis_key === undefined) {
-        return sarifContents;
-    }
+function populateRunAutomationDetails(sarif, category, analysis_key, environment) {
    const automationID = getAutomationID(category, analysis_key, environment);
-    const sarif = JSON.parse(sarifContents);
-    for (const run of sarif.runs || []) {
-        if (run.automationDetails === undefined) {
-            run.automationDetails = {
-                id: automationID,
-            };
+    if (automationID !== undefined) {
+        for (const run of sarif.runs || []) {
+            if (run.automationDetails === undefined) {
+                run.automationDetails = {
+                    id: automationID,
+                };
+            }
        }
+        return sarif;
    }
-    return JSON.stringify(sarif);
+    return sarif;
 }
 exports.populateRunAutomationDetails = populateRunAutomationDetails;
 function getAutomationID(category, analysis_key, environment) {
@@ -83,7 +82,11 @@ function getAutomationID(category, analysis_key, environment) {
        }
        return automationID;
    }
-    return actionsUtil.computeAutomationID(analysis_key, environment);
+    // analysis_key is undefined for the runner.
+    if (analysis_key !== undefined) {
+        return actionsUtil.computeAutomationID(analysis_key, environment);
+    }
+    return undefined;
 }
 // Upload the given payload.
 // If the request fails then this will retry a small number of times.
@@ -244,17 +247,18 @@ exports.buildPayload = buildPayload;
 async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKey, category, analysisName, workflowRunID, sourceRoot, environment, gitHubVersion, apiDetails, logger) {
    logger.startGroup("Uploading results");
    logger.info(`Processing sarif files: ${JSON.stringify(sarifFiles)}`);
-    validateUniqueCategory(category);
    // Validate that the files we were asked to upload are all valid SARIF files
    for (const file of sarifFiles) {
        validateSarifFileSchema(file, logger);
    }
-    let sarifPayload = combineSarifFiles(sarifFiles);
-    sarifPayload = await fingerprints.addFingerprints(sarifPayload, sourceRoot, logger);
-    sarifPayload = populateRunAutomationDetails(sarifPayload, category, analysisKey, environment);
+    let sarif = combineSarifFiles(sarifFiles);
+    sarif = await fingerprints.addFingerprints(sarif, sourceRoot, logger);
+    sarif = populateRunAutomationDetails(sarif, category, analysisKey, environment);
+    const toolNames = util.getToolNames(sarif);
+    validateUniqueCategory(sarif);
+    const sarifPayload = JSON.stringify(sarif);
    const zippedSarif = zlib_1.default.gzipSync(sarifPayload).toString("base64");
    const checkoutURI = (0, file_url_1.default)(sourceRoot);
-    const toolNames = util.getToolNames(sarifPayload);
    const payload = buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, checkoutURI, environment, toolNames, gitHubVersion);
    // Log some useful debug info about the info
    const rawUploadSizeBytes = sarifPayload.length;
@@ -325,16 +329,28 @@ async function waitForProcessing(repositoryNwo, sarifID, apiDetails, logger) {
    logger.endGroup();
 }
 exports.waitForProcessing = waitForProcessing;
-function validateUniqueCategory(category) {
+function validateUniqueCategory(sarif) {
+    var _a, _b, _c;
+    // This check only works on actions as env vars don't persist between calls to the runner
    if (util.isActions()) {
-        // This check only works on actions as env vars don't persist between calls to the runner
-        const sentinelEnvVar = `CODEQL_UPLOAD_SARIF${category ? `_${sanitize(category)}` : ""}`;
-        if (process.env[sentinelEnvVar]) {
-            throw new Error("Aborting upload: only one run of the codeql/analyze or codeql/upload-sarif actions is allowed per job per category. " +
-                "Please specify a unique `category` to call this action multiple times. " +
-                `Category: ${category ? category : "(none)"}`);
+        // duplicate categories are allowed in the same sarif file
+        // but not across multiple sarif files
+        const categories = {};
+        for (const run of sarif.runs) {
+            const id = (_a = run === null || run === void 0 ? void 0 : run.automationDetails) === null || _a === void 0 ? void 0 : _a.id;
+            const tool = (_c = (_b = run.tool) === null || _b === void 0 ? void 0 : _b.driver) === null || _c === void 0 ? void 0 : _c.name;
+            const category = `${sanitize(id)}_${sanitize(tool)}`;
+            categories[category] = { id, tool };
+        }
+        for (const [category, { id, tool }] of Object.entries(categories)) {
+            const sentinelEnvVar = `CODEQL_UPLOAD_SARIF_${category}`;
+            if (process.env[sentinelEnvVar]) {
+                throw new Error("Aborting upload: only one run of the codeql/analyze or codeql/upload-sarif actions is allowed per job per tool/category. " +
+                    "The easiest fix is to specify a unique value for the `category` input. " +
+                    `Category: (${id ? id : "none"}) Tool: (${tool ? tool : "none"})`);
+            }
+            core.exportVariable(sentinelEnvVar, sentinelEnvVar);
        }
-        core.exportVariable(sentinelEnvVar, sentinelEnvVar);
    }
 }
 exports.validateUniqueCategory = validateUniqueCategory;
@@ -348,6 +364,6 @@ exports.validateUniqueCategory = validateUniqueCategory;
 * @param str the initial value to sanitize
 */
 function sanitize(str) {
-    return str.replace(/[^a-zA-Z0-9_]/g, "_");
+    return (str !== null && str !== void 0 ? str : "_").replace(/[^a-zA-Z0-9_]/g, "_").toLocaleUpperCase();
 }
 //# sourceMappingURL=upload-lib.js.map
--- a/lib/upload-lib.js.map
+++ b/lib/upload-lib.js.map
--- a/lib/upload-lib.test.js
+++ b/lib/upload-lib.test.js
@@ -98,9 +98,13 @@ ava_1.default.beforeEach(() => {
    });
 });
 (0, ava_1.default)("populateRunAutomationDetails", (t) => {
-    let sarif = '{"runs": [{}]}';
+    let sarif = {
+        runs: [{}],
+    };
    const analysisKey = ".github/workflows/codeql-analysis.yml:analyze";
-    let expectedSarif = '{"runs":[{"automationDetails":{"id":"language:javascript/os:linux/"}}]}';
+    let expectedSarif = {
+        runs: [{ automationDetails: { id: "language:javascript/os:linux/" } }],
+    };
    // Category has priority over analysis_key/environment
    let modifiedSarif = uploadLib.populateRunAutomationDetails(sarif, "language:javascript/os:linux", analysisKey, '{"language": "other", "os": "other"}');
    t.deepEqual(modifiedSarif, expectedSarif);
@@ -108,25 +112,99 @@ ava_1.default.beforeEach(() => {
    modifiedSarif = uploadLib.populateRunAutomationDetails(sarif, "language:javascript/os:linux/", analysisKey, "");
    t.deepEqual(modifiedSarif, expectedSarif);
    // check that the automation details doesn't get overwritten
-    sarif = '{"runs":[{"automationDetails":{"id":"my_id"}}]}';
-    expectedSarif = '{"runs":[{"automationDetails":{"id":"my_id"}}]}';
+    sarif = { runs: [{ automationDetails: { id: "my_id" } }] };
+    expectedSarif = { runs: [{ automationDetails: { id: "my_id" } }] };
+    modifiedSarif = uploadLib.populateRunAutomationDetails(sarif, undefined, analysisKey, '{"os": "linux", "language": "javascript"}');
+    t.deepEqual(modifiedSarif, expectedSarif);
+    // check multiple runs
+    sarif = { runs: [{ automationDetails: { id: "my_id" } }, {}] };
+    expectedSarif = {
+        runs: [
+            { automationDetails: { id: "my_id" } },
+            {
+                automationDetails: {
+                    id: ".github/workflows/codeql-analysis.yml:analyze/language:javascript/os:linux/",
+                },
+            },
+        ],
+    };
    modifiedSarif = uploadLib.populateRunAutomationDetails(sarif, undefined, analysisKey, '{"os": "linux", "language": "javascript"}');
    t.deepEqual(modifiedSarif, expectedSarif);
 });
-(0, ava_1.default)("validateUniqueCategory", (t) => {
-    t.notThrows(() => uploadLib.validateUniqueCategory(undefined));
-    t.throws(() => uploadLib.validateUniqueCategory(undefined));
-    t.notThrows(() => uploadLib.validateUniqueCategory("abc"));
-    t.throws(() => uploadLib.validateUniqueCategory("abc"));
-    t.notThrows(() => uploadLib.validateUniqueCategory("def"));
-    t.throws(() => uploadLib.validateUniqueCategory("def"));
+(0, ava_1.default)("validateUniqueCategory when empty", (t) => {
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif()));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif()));
+});
+(0, ava_1.default)("validateUniqueCategory for automation details id", (t) => {
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("abc")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("abc")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("AbC")));
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("def")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("def")));
    // Our category sanitization is not perfect. Here are some examples
    // of where we see false clashes
-    t.notThrows(() => uploadLib.validateUniqueCategory("abc/def"));
-    t.throws(() => uploadLib.validateUniqueCategory("abc@def"));
-    t.throws(() => uploadLib.validateUniqueCategory("abc_def"));
-    t.throws(() => uploadLib.validateUniqueCategory("abc def"));
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("abc/def")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("abc@def")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("abc_def")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("abc def")));
    // this one is fine
-    t.notThrows(() => uploadLib.validateUniqueCategory("abc_ def"));
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("abc_ def")));
 });
+(0, ava_1.default)("validateUniqueCategory for tool name", (t) => {
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif(undefined, "abc")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif(undefined, "abc")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif(undefined, "AbC")));
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif(undefined, "def")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif(undefined, "def")));
+    // Our category sanitization is not perfect. Here are some examples
+    // of where we see false clashes
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif(undefined, "abc/def")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif(undefined, "abc@def")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif(undefined, "abc_def")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif(undefined, "abc def")));
+    // this one is fine
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("abc_ def")));
+});
+(0, ava_1.default)("validateUniqueCategory for automation details id and tool name", (t) => {
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("abc", "abc")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("abc", "abc")));
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("abc_", "def")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("abc_", "def")));
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("ghi", "_jkl")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("ghi", "_jkl")));
+    // Our category sanitization is not perfect. Here are some examples
+    // of where we see false clashes
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("abc")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("abc", "_")));
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("abc", "def__")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("abc_def")));
+    t.notThrows(() => uploadLib.validateUniqueCategory(createMockSarif("mno_", "pqr")));
+    t.throws(() => uploadLib.validateUniqueCategory(createMockSarif("mno", "_pqr")));
+});
+(0, ava_1.default)("validateUniqueCategory for multiple runs", (t) => {
+    const sarif1 = createMockSarif("abc", "def");
+    const sarif2 = createMockSarif("ghi", "jkl");
+    // duplicate categories are allowed within the same sarif file
+    const multiSarif = { runs: [sarif1.runs[0], sarif1.runs[0], sarif2.runs[0]] };
+    t.notThrows(() => uploadLib.validateUniqueCategory(multiSarif));
+    // should throw if there are duplicate categories in separate validations
+    t.throws(() => uploadLib.validateUniqueCategory(sarif1));
+    t.throws(() => uploadLib.validateUniqueCategory(sarif2));
+});
+function createMockSarif(id, tool) {
+    return {
+        runs: [
+            {
+                automationDetails: {
+                    id,
+                },
+                tool: {
+                    driver: {
+                        name: tool,
+                    },
+                },
+            },
+        ],
+    };
+}
 //# sourceMappingURL=upload-lib.test.js.map
--- a/lib/upload-lib.test.js.map
+++ b/lib/upload-lib.test.js.map
--- a/lib/util.js
+++ b/lib/util.js
@@ -18,24 +18,37 @@ var __importStar = (this && this.__importStar) || function (mod) {
    __setModuleDefault(result, mod);
    return result;
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.delay = exports.bundleDb = exports.codeQlVersionAbove = exports.isHTTPError = exports.HTTPError = exports.getRequiredEnvParam = exports.isActions = exports.getMode = exports.enrichEnvironment = exports.initializeEnvironment = exports.Mode = exports.assertNever = exports.getGitHubAuth = exports.apiVersionInRange = exports.DisallowedAPIVersionReason = exports.checkGitHubVersionInRange = exports.getGitHubVersion = exports.GitHubVariant = exports.parseGitHubUrl = exports.getCodeQLDatabasePath = exports.getThreadsFlag = exports.getThreadsFlagValue = exports.getAddSnippetsFlag = exports.getMemoryFlag = exports.getMemoryFlagValue = exports.withTmpDir = exports.getToolNames = exports.getExtraOptionsEnvParam = exports.DEBUG_ARTIFACT_NAME = exports.GITHUB_DOTCOM_URL = void 0;
+exports.checkNotWindows11 = exports.isGoodVersion = exports.delay = exports.bundleDb = exports.codeQlVersionAbove = exports.isHTTPError = exports.HTTPError = exports.getRequiredEnvParam = exports.isActions = exports.getMode = exports.enrichEnvironment = exports.initializeEnvironment = exports.Mode = exports.assertNever = exports.getGitHubAuth = exports.apiVersionInRange = exports.DisallowedAPIVersionReason = exports.checkGitHubVersionInRange = exports.getGitHubVersion = exports.GitHubVariant = exports.parseGitHubUrl = exports.getCodeQLDatabasePath = exports.getThreadsFlag = exports.getThreadsFlagValue = exports.getAddSnippetsFlag = exports.getMemoryFlag = exports.getMemoryFlagValue = exports.withTmpDir = exports.getToolNames = exports.getExtraOptionsEnvParam = exports.DEFAULT_DEBUG_DATABASE_NAME = exports.DEFAULT_DEBUG_ARTIFACT_NAME = exports.GITHUB_DOTCOM_URL = void 0;
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
+const del_1 = __importDefault(require("del"));
 const semver = __importStar(require("semver"));
 const api_client_1 = require("./api-client");
 const apiCompatibility = __importStar(require("./api-compatibility.json"));
 const codeql_1 = require("./codeql");
+/**
+ * Specifies bundle versions that are known to be broken
+ * and will not be used if found in the toolcache.
+ */
+const BROKEN_VERSIONS = ["0.0.0-20211207"];
 /**
 * The URL for github.com.
 */
 exports.GITHUB_DOTCOM_URL = "https://github.com";
 /**
- * Name of the debugging artifact.
+ * Default name of the debugging artifact.
 */
-exports.DEBUG_ARTIFACT_NAME = "debug-artifacts";
+exports.DEFAULT_DEBUG_ARTIFACT_NAME = "debug-artifacts";
+/**
+ * Default name of the database in the debugging artifact.
+ */
+exports.DEFAULT_DEBUG_DATABASE_NAME = "db";
 /**
 * Get the extra options for the codeql commands.
 */
@@ -59,8 +72,7 @@ exports.getExtraOptionsEnvParam = getExtraOptionsEnvParam;
 *
 * Returns an array of unique string tool names.
 */
-function getToolNames(sarifContents) {
-    const sarif = JSON.parse(sarifContents);
+function getToolNames(sarif) {
    const toolNames = {};
    for (const run of sarif.runs || []) {
        const tool = run.tool || {};
@@ -81,7 +93,7 @@ async function withTmpDir(body) {
    const symlinkSubdir = path.join(tmpDir, "symlink");
    fs.symlinkSync(realSubdir, symlinkSubdir, "dir");
    const result = await body(symlinkSubdir);
-    fs.rmSync(tmpDir, { recursive: true, force: true });
+    await (0, del_1.default)(tmpDir, { force: true });
    return result;
 }
 exports.withTmpDir = withTmpDir;
@@ -483,18 +495,18 @@ async function codeQlVersionAbove(codeql, requiredVersion) {
 }
 exports.codeQlVersionAbove = codeQlVersionAbove;
 // Create a bundle for the given DB, if it doesn't already exist
-async function bundleDb(config, language, codeql) {
+async function bundleDb(config, language, codeql, dbName) {
    const databasePath = getCodeQLDatabasePath(config, language);
-    const databaseBundlePath = path.resolve(config.dbLocation, `${databasePath}.zip`);
+    const databaseBundlePath = path.resolve(config.dbLocation, `${dbName}.zip`);
    // For a tiny bit of added safety, delete the file if it exists.
    // The file is probably from an earlier call to this function, either
    // as part of this action step or a previous one, but it could also be
    // from somewhere else or someone trying to make the action upload a
    // non-database file.
    if (fs.existsSync(databaseBundlePath)) {
-        fs.rmSync(databaseBundlePath, { recursive: true });
+        await (0, del_1.default)(databaseBundlePath, { force: true });
    }
-    await codeql.databaseBundle(databasePath, databaseBundlePath);
+    await codeql.databaseBundle(databasePath, databaseBundlePath, dbName);
    return databaseBundlePath;
 }
 exports.bundleDb = bundleDb;
@@ -502,4 +514,14 @@ async function delay(milliseconds) {
    return new Promise((resolve) => setTimeout(resolve, milliseconds));
 }
 exports.delay = delay;
+function isGoodVersion(versionSpec) {
+    return !BROKEN_VERSIONS.includes(versionSpec);
+}
+exports.isGoodVersion = isGoodVersion;
+function checkNotWindows11() {
+    if (os.platform() === "win32" && semver.gte(os.release(), "10.0.20348")) {
+        throw new Error("Tracing builds with CodeQL is currently not supported on Windows 11 and Windows Server 2022. Please modify your Actions workflow to use an earlier version of Windows for this job, for example by setting `runs-on: windows-2019`.");
+    }
+}
+exports.checkNotWindows11 = checkNotWindows11;
 //# sourceMappingURL=util.js.map
--- a/lib/util.js.map
+++ b/lib/util.js.map
--- a/lib/util.test.js
+++ b/lib/util.test.js
@@ -35,7 +35,7 @@ const util = __importStar(require("./util"));
 (0, testing_utils_1.setupTests)(ava_1.default);
 (0, ava_1.default)("getToolNames", (t) => {
    const input = fs.readFileSync(`${__dirname}/../src/testdata/tool-names.sarif`, "utf8");
-    const toolNames = util.getToolNames(input);
+    const toolNames = util.getToolNames(JSON.parse(input));
    t.deepEqual(toolNames, ["CodeQL command-line toolchain", "ESLint"]);
 });
 (0, ava_1.default)("getMemoryFlag() should return the correct --ram flag", (t) => {
--- a/lib/util.test.js.map
+++ b/lib/util.test.js.map
--- a/node_modules/.package-lock.json
+++ b/node_modules/.package-lock.json
@@ -1,6 +1,6 @@
 {
  "name": "codeql",
-  "version": "1.0.26",
+  "version": "1.0.31",
  "lockfileVersion": 2,
  "requires": true,
  "packages": {
@@ -253,7 +253,6 @@
    "node_modules/@nodelib/fs.scandir": {
      "version": "2.1.3",
      "integrity": "sha512-eGmwYQn3gxo4r7jdQnkrrN6bY478C3P+a/y72IJukF8LjB6ZHeB3c+Ehacj3sYeSmUXGlnA67/PmbM9CVwL7Dw==",
-      "dev": true,
      "dependencies": {
        "@nodelib/fs.stat": "2.0.3",
        "run-parallel": "^1.1.9"
@@ -265,7 +264,6 @@
    "node_modules/@nodelib/fs.stat": {
      "version": "2.0.3",
      "integrity": "sha512-bQBFruR2TAwoevBEd/NWMoAAtNGzTRgdrqnYCc7dhzfoNvqPzLyqlEQnzZ3kVnNrSp25iyxE00/3h2fqGAGArA==",
-      "dev": true,
      "engines": {
        "node": ">= 8"
      }
@@ -273,7 +271,6 @@
    "node_modules/@nodelib/fs.walk": {
      "version": "1.2.4",
      "integrity": "sha512-1V9XOY4rDW0rehzbrcqAmHnz8e7SKvX27gh8Gt2WgB0+pdzdiLV83p72kZPU+jvMbS1qU5mauP2iOvO8rhmurQ==",
-      "dev": true,
      "dependencies": {
        "@nodelib/fs.scandir": "2.1.3",
        "fastq": "^1.6.0"
@@ -474,9 +471,9 @@
      }
    },
    "node_modules/@sinonjs/samsam": {
-      "version": "6.0.2",
-      "resolved": "https://registry.npmjs.org/@sinonjs/samsam/-/samsam-6.0.2.tgz",
-      "integrity": "sha512-jxPRPp9n93ci7b8hMfJOFDPRLFYadN6FSpeROFTR4UNF4i5b+EK6m4QXPO46BDhFgRy1JuS87zAnFOzCUwMJcQ==",
+      "version": "6.1.1",
+      "resolved": "https://registry.npmjs.org/@sinonjs/samsam/-/samsam-6.1.1.tgz",
+      "integrity": "sha512-cZ7rKJTLiE7u7Wi/v9Hc2fs3Ucc3jrWeMgPHbbTCeVAB2S0wOBbYlkJVeNSL04i7fdhT8wIbDq1zhC/PXTD2SA==",
      "dev": true,
      "dependencies": {
        "@sinonjs/commons": "^1.6.0",
@@ -507,6 +504,16 @@
      "integrity": "sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==",
      "dev": true
    },
+    "node_modules/@types/del": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/@types/del/-/del-4.0.0.tgz",
+      "integrity": "sha512-LDE5atstX5kKnTobWknpmGHC52DH/tp8pIVsD2SSxaOFqW3AQr0EpdzYIfkZ331xe7l9Vn9NlJsBG6viU3mjBA==",
+      "deprecated": "This is a stub types definition. del provides its own type definitions, so you do not need this installed.",
+      "dev": true,
+      "dependencies": {
+        "del": "*"
+      }
+    },
    "node_modules/@types/json-schema": {
      "version": "7.0.8",
      "resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.8.tgz",
@@ -544,9 +551,9 @@
      }
    },
    "node_modules/@types/node": {
-      "version": "16.4.6",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-16.4.6.tgz",
-      "integrity": "sha512-FKyawK3o5KL16AwbeFajen8G4K3mmqUrQsehn5wNKs8IzlKHE8TfnSmILXVMVziAEcnB23u1RCFU1NT6hSyr7Q=="
+      "version": "12.12.70",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-12.12.70.tgz",
+      "integrity": "sha512-i5y7HTbvhonZQE+GnUM2rz1Bi8QkzxdQmEv1LKOv4nWyaQk/gdeiTApuQR3PDJHX7WomAbpx2wlWSEpxXGZ/UQ=="
    },
    "node_modules/@types/normalize-package-data": {
      "version": "2.4.0",
@@ -862,7 +869,6 @@
    "node_modules/aggregate-error": {
      "version": "3.0.1",
      "integrity": "sha512-quoaXsZ9/BLNae5yiNoUz+Nhkwz83GhWwtYFglcjEQB2NDHCIpApbqXxIFnm4Pq/Nvhrsq5sYJFyohrrxnTGAA==",
-      "dev": true,
      "dependencies": {
        "clean-stack": "^2.0.0",
        "indent-string": "^4.0.0"
@@ -1376,7 +1382,6 @@
    "node_modules/braces": {
      "version": "3.0.2",
      "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
-      "dev": true,
      "dependencies": {
        "fill-range": "^7.0.1"
      },
@@ -1557,7 +1562,6 @@
    "node_modules/clean-stack": {
      "version": "2.2.0",
      "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==",
-      "dev": true,
      "engines": {
        "node": ">=6"
      }
@@ -1887,7 +1891,6 @@
      "version": "6.0.0",
      "resolved": "https://registry.npmjs.org/del/-/del-6.0.0.tgz",
      "integrity": "sha512-1shh9DQ23L16oXSZKB2JxpL7iMy2E0S9d517ptA1P8iw0alkPtQcrKH7ru31rYtKwF499HkTu+DRzq3TCKDFRQ==",
-      "dev": true,
      "dependencies": {
        "globby": "^11.0.1",
        "graceful-fs": "^4.2.4",
@@ -1921,7 +1924,6 @@
    "node_modules/dir-glob": {
      "version": "3.0.1",
      "integrity": "sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA==",
-      "dev": true,
      "dependencies": {
        "path-type": "^4.0.0"
      },
@@ -2909,7 +2911,6 @@
    "node_modules/fast-glob": {
      "version": "3.2.2",
      "integrity": "sha512-UDV82o4uQyljznxwMxyVRJgZZt3O5wENYojjzbaGEGZgeOxkLFf+V4cnUD+krzb2F72E18RhamkMZ7AdeggF7A==",
-      "dev": true,
      "dependencies": {
        "@nodelib/fs.stat": "^2.0.2",
        "@nodelib/fs.walk": "^1.2.3",
@@ -2936,7 +2937,6 @@
    "node_modules/fastq": {
      "version": "1.8.0",
      "integrity": "sha512-SMIZoZdLh/fgofivvIkmknUXyPnvxRE3DhtZ5Me3Mrsk5gyPL42F0xr51TdRXskBxHfMp+07bcYzfsYEsSQA9Q==",
-      "dev": true,
      "dependencies": {
        "reusify": "^1.0.4"
      }
@@ -2977,7 +2977,6 @@
    "node_modules/fill-range": {
      "version": "7.0.1",
      "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
-      "dev": true,
      "dependencies": {
        "to-regex-range": "^5.0.1"
      },
@@ -3163,7 +3162,6 @@
      "version": "5.1.2",
      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
      "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
-      "dev": true,
      "dependencies": {
        "is-glob": "^4.0.1"
      },
@@ -3205,7 +3203,6 @@
      "version": "11.0.4",
      "resolved": "https://registry.npmjs.org/globby/-/globby-11.0.4.tgz",
      "integrity": "sha512-9O4MVG9ioZJ08ffbcyVYyLOJLk5JQ688pJ4eMGLpdWLHq/Wr1D9BlriLQyL0E+jbkuePVZXYFj47QM/v093wHg==",
-      "dev": true,
      "dependencies": {
        "array-union": "^2.1.0",
        "dir-glob": "^3.0.1",
@@ -3340,7 +3337,6 @@
    "node_modules/ignore": {
      "version": "5.1.4",
      "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==",
-      "dev": true,
      "engines": {
        "node": ">= 4"
      }
@@ -3420,7 +3416,6 @@
    "node_modules/indent-string": {
      "version": "4.0.0",
      "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==",
-      "dev": true,
      "engines": {
        "node": ">=8"
      }
@@ -3555,7 +3550,6 @@
    "node_modules/is-extglob": {
      "version": "2.1.1",
      "integrity": "sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=",
-      "dev": true,
      "engines": {
        "node": ">=0.10.0"
      }
@@ -3571,7 +3565,6 @@
    "node_modules/is-glob": {
      "version": "4.0.1",
      "integrity": "sha512-5G0tKtBTFImOqDnLB2hG6Bp2qcKEFduo4tZu9MT/H6NQv/ghhy30o55ufafxJ/LdH79LLs2Kfrn85TLKyA7BUg==",
-      "dev": true,
      "dependencies": {
        "is-extglob": "^2.1.1"
      },
@@ -3631,7 +3624,6 @@
    "node_modules/is-number": {
      "version": "7.0.0",
      "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
-      "dev": true,
      "engines": {
        "node": ">=0.12.0"
      }
@@ -3661,7 +3653,6 @@
      "version": "2.2.0",
      "resolved": "https://registry.npmjs.org/is-path-cwd/-/is-path-cwd-2.2.0.tgz",
      "integrity": "sha512-w942bTcih8fdJPJmQHFzkS76NEP8Kzzvmw92cXsazb8intwLqPibPPdXf4ANdKV3rYMuuQYGIWtvz9JilB3NFQ==",
-      "dev": true,
      "engines": {
        "node": ">=6"
      }
@@ -3670,7 +3661,6 @@
      "version": "3.0.3",
      "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz",
      "integrity": "sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==",
-      "dev": true,
      "engines": {
        "node": ">=8"
      }
@@ -4245,7 +4235,6 @@
    "node_modules/merge2": {
      "version": "1.3.0",
      "integrity": "sha512-2j4DAdlBOkiSZIsaXk4mTE3sRS02yBHAtfy127xRV3bQUFqXkjHCHLW6Scv7DwNRbIWNHH8zpnz9zMaKXIdvYw==",
-      "dev": true,
      "engines": {
        "node": ">= 6"
      }
@@ -4254,7 +4243,6 @@
      "version": "4.0.4",
      "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.4.tgz",
      "integrity": "sha512-pRmzw/XUcwXGpD9aI9q/0XOwLNygjETJ8y0ao0wdqprrzDa4YnxLcz7fQRZr8voh8V10kGhABbNcHVk5wHgWwg==",
-      "dev": true,
      "dependencies": {
        "braces": "^3.0.1",
        "picomatch": "^2.2.3"
@@ -4334,10 +4322,22 @@
      }
    },
    "node_modules/node-fetch": {
-      "version": "2.6.1",
-      "integrity": "sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==",
+      "version": "2.6.7",
+      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz",
+      "integrity": "sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==",
+      "dependencies": {
+        "whatwg-url": "^5.0.0"
+      },
      "engines": {
        "node": "4.x || >=6.0.0"
+      },
+      "peerDependencies": {
+        "encoding": "^0.1.0"
+      },
+      "peerDependenciesMeta": {
+        "encoding": {
+          "optional": true
+        }
      }
    },
    "node_modules/normalize-package-data": {
@@ -4638,7 +4638,6 @@
    "node_modules/p-map": {
      "version": "4.0.0",
      "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==",
-      "dev": true,
      "dependencies": {
        "aggregate-error": "^3.0.0"
      },
@@ -4782,7 +4781,6 @@
    "node_modules/path-type": {
      "version": "4.0.0",
      "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==",
-      "dev": true,
      "engines": {
        "node": ">=8"
      }
@@ -4791,7 +4789,6 @@
      "version": "2.3.0",
      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.0.tgz",
      "integrity": "sha512-lY1Q/PiJGC2zOv/z391WOTD+Z02bCgsFfvxoXXf6h7kv9o+WmsmzYqrAwY63sNgOxE4xEdq0WyUnXfKeBrSvYw==",
-      "dev": true,
      "engines": {
        "node": ">=8.6"
      },
@@ -5433,7 +5430,6 @@
    "node_modules/reusify": {
      "version": "1.0.4",
      "integrity": "sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==",
-      "dev": true,
      "engines": {
        "iojs": ">=1.0.0",
        "node": ">=0.10.0"
@@ -5442,7 +5438,6 @@
    "node_modules/rimraf": {
      "version": "3.0.2",
      "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
-      "dev": true,
      "dependencies": {
        "glob": "^7.1.3"
      },
@@ -5455,8 +5450,7 @@
    },
    "node_modules/run-parallel": {
      "version": "1.1.9",
-      "integrity": "sha512-DEqnSRTDw/Tc3FXf49zedI638Z9onwUotBMiUFKmrO2sdFKIbXamXGQ3Axd4qgphxKB4kw/qP1w5kTxnfU1B9Q==",
-      "dev": true
+      "integrity": "sha512-DEqnSRTDw/Tc3FXf49zedI638Z9onwUotBMiUFKmrO2sdFKIbXamXGQ3Axd4qgphxKB4kw/qP1w5kTxnfU1B9Q=="
    },
    "node_modules/safe-buffer": {
      "version": "5.1.2",
@@ -5562,14 +5556,14 @@
      "dev": true
    },
    "node_modules/sinon": {
-      "version": "11.1.2",
-      "resolved": "https://registry.npmjs.org/sinon/-/sinon-11.1.2.tgz",
-      "integrity": "sha512-59237HChms4kg7/sXhiRcUzdSkKuydDeTiamT/jesUVHshBgL8XAmhgFo0GfK6RruMDM/iRSij1EybmMog9cJw==",
+      "version": "13.0.0",
+      "resolved": "https://registry.npmjs.org/sinon/-/sinon-13.0.0.tgz",
+      "integrity": "sha512-3tjMDB/tY04b06Bnb4aMKQfNrau2C9HET+R4HVWfv2KegDVLGg4wnBqjVepvxR7S7R1GTwDZzEv52tpFipt6yA==",
      "dev": true,
      "dependencies": {
        "@sinonjs/commons": "^1.8.3",
-        "@sinonjs/fake-timers": "^7.1.2",
-        "@sinonjs/samsam": "^6.0.2",
+        "@sinonjs/fake-timers": "^9.0.0",
+        "@sinonjs/samsam": "^6.1.1",
        "diff": "^5.0.0",
        "nise": "^5.1.0",
        "supports-color": "^7.2.0"
@@ -5579,6 +5573,15 @@
        "url": "https://opencollective.com/sinon"
      }
    },
+    "node_modules/sinon/node_modules/@sinonjs/fake-timers": {
+      "version": "9.0.0",
+      "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-9.0.0.tgz",
+      "integrity": "sha512-+shXA2X7KNP7H7qNbQTJ3SA+NQc0pZDSBrdvFSRwF8sAo/ohw+ZQFD8Moc+gnz51+1eRXtEQBpKWPiQ4jsRC/w==",
+      "dev": true,
+      "dependencies": {
+        "@sinonjs/commons": "^1.7.0"
+      }
+    },
    "node_modules/sinon/node_modules/has-flag": {
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz",
@@ -5603,7 +5606,6 @@
    "node_modules/slash": {
      "version": "3.0.0",
      "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==",
-      "dev": true,
      "engines": {
        "node": ">=8"
      }
@@ -6030,7 +6032,6 @@
    "node_modules/to-regex-range": {
      "version": "5.0.1",
      "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
-      "dev": true,
      "dependencies": {
        "is-number": "^7.0.0"
      },
@@ -6038,6 +6039,11 @@
        "node": ">=8.0"
      }
    },
+    "node_modules/tr46": {
+      "version": "0.0.3",
+      "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
+      "integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o="
+    },
    "node_modules/trim-off-newlines": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/trim-off-newlines/-/trim-off-newlines-1.0.2.tgz",
@@ -6333,6 +6339,11 @@
        "defaults": "^1.0.3"
      }
    },
+    "node_modules/webidl-conversions": {
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
+      "integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE="
+    },
    "node_modules/well-known-symbols": {
      "version": "2.0.0",
      "resolved": "https://registry.npmjs.org/well-known-symbols/-/well-known-symbols-2.0.0.tgz",
@@ -6342,6 +6353,15 @@
        "node": ">=6"
      }
    },
+    "node_modules/whatwg-url": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz",
+      "integrity": "sha1-lmRU6HZUYuN2RNNib2dCzotwll0=",
+      "dependencies": {
+        "tr46": "~0.0.3",
+        "webidl-conversions": "^3.0.0"
+      }
+    },
    "node_modules/which": {
      "version": "2.0.2",
      "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz",
--- a/node_modules/@sinonjs/samsam/CHANGES.md
+++ b/node_modules/@sinonjs/samsam/CHANGES.md
@@ -1,226 +0,0 @@
-# Changes
-
-## 6.0.2
-
- [`144204d`](https://github.com/sinonjs/samsam/commit/144204d505526d5c382cb2f3dc2c2dd1378fe12d)
-  Fix deep equal comparison between promises (#217) (David G. Miguel)
-
-_Released on 2021-05-24._
-
-## 6.0.1
-
- [`decfafe`](https://github.com/sinonjs/samsam/commit/decfafe72d8b2d159cfc49440a8f4af6d3e9c574)
-  Bump y18n from 4.0.0 to 4.0.1 (dependabot[bot])
-    >
-    > Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
-    > - [Release notes](https://github.com/yargs/y18n/releases)
-    > - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
-    > - [Commits](https://github.com/yargs/y18n/commits)
-    >
-    > Signed-off-by: dependabot[bot] <support@github.com>
-
-_Released on 2021-04-08._
-
-## 6.0.0
-
- [`95d1dce`](https://github.com/sinonjs/samsam/commit/95d1dce07f47b7bbb84111c42f44ecd9466dc2c8)
-  Use @sinonjs/eslint-config (Morgan Roderick)
-    >
-    > This drops support for legacy runtimes like IE11, legacy Edge, Safari 9 and the like
-
-_Released on 2021-03-30._
-
-## 5.3.1
-
- [`04e0faa`](https://github.com/sinonjs/samsam/commit/04e0faa88d8a08325c6d70febed9dad4e7eeabfe)
-  Distribute package as source (Morgan Roderick)
-    >
-    > This library is not meant for writing end user applications or even for
-    > being used directly when writing tests. It is not meant to be loaded
-    > directly by browsers.
-    >
-    > Consumers of this package are assumed to use their own bundlers, should
-    > they need to bundle code for use in browsers or workers.
-    >
-    > Therefore, it is safe to distribute the package as source files and not
-    > bundle them up.
-    >
-    > This allows us to remove the bundler and its transitive dependencies,
-    > which reduces the maintenance burden of managing the library.
-    >
-
-_Released on 2021-01-13._
-
-## 5.3.0
-
- [`fd8aabd`](https://github.com/sinonjs/samsam/commit/fd8aabd3768c199abc717dc6d793ef136419be72)
-  Generate .d.ts from JSDoc (Morgan Roderick)
-    >
-    > See https://humanwhocodes.com/snippets/2020/10/create-typescript-declarations-from-javascript-jsdoc/
-    >
-
-_Released on 2020-11-16._
-
-## 5.2.0
-
- [`f27b87c`](https://github.com/sinonjs/samsam/commit/f27b87cbd493a09e4a3181cf36f503facbbb23fb)
-  Add match.json (Maximilian Antoni)
-
-_Released by [Maximilian Antoni](https://github.com/mantoni) on 2020-10-06._
-
-## 5.1.0
-
- [`820c296`](https://github.com/sinonjs/samsam/commit/820c2961f70208367e1c072ae9a581eefd0d8d18)
-  Evaluate symbol keys for object matchers (#206) (Joel Bradshaw)
-    >
-    > * Make match() work for objects with symbol keys
-
-_Released on 2020-08-11._
-
-## 5.0.3
-
- [`9d2add0`](https://github.com/sinonjs/samsam/commit/9d2add01eba85eb17ddb91ac22404fb6c23e8d39)
-  Remove unused @sinonjs/formatio (Morgan Roderick)
-    >
-    > As can be seen with searching the codebase, @sinonjs/formatio is never
-    > imported, and is thus not a direct dependency of @sinonjs/samsam.
-    >
-
-_Released on 2020-02-28._
-
-## 5.0.2
-
- [`f9e845a`](https://github.com/sinonjs/samsam/commit/f9e845a52ba50916df91335d2003a81a808a4ade)
-  Bump formatio to latest major (Morgan Roderick)
-    >
-    > This will remove some duplication in Sinon, see https://github.com/sinonjs/sinon/issues/2224
-    >
-
-_Released on 2020-02-20._
-
-## 5.0.1
-
- [`fe5d035`](https://github.com/sinonjs/samsam/commit/fe5d03532ea6cdbec857c49d18392d668cca8ef2)
-  Bump jsdom from 15.2.1 to 16.2.0 (dependabot-preview[bot])
-    >
-    > Bumps [jsdom](https://github.com/jsdom/jsdom) from 15.2.1 to 16.2.0.
-    > - [Release notes](https://github.com/jsdom/jsdom/releases)
-    > - [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md)
-    > - [Commits](https://github.com/jsdom/jsdom/compare/15.2.1...16.2.0)
-    >
-    > Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
- [`910af18`](https://github.com/sinonjs/samsam/commit/910af18be1bd57c6237399ca04cbef91d994a38a)
-  Remove maintenance junk from CHANGES.md (Morgan Roderick)
-
-_Released on 2020-02-18._
-
-## 5.0.0
-
- [`f288430`](https://github.com/sinonjs/samsam/commit/f2884309c9bf68b02ecfda3bd1df8d7a7a31686b)
-  Drop support for Node 8 (Morgan Roderick)
-    >
-    > As can be seen at https://github.com/nodejs/Release, Node 8 reached
-    > "end" of life on 2019-12-31, and is no longer actively supported.
-    >
-    > We will stop testing in Node 8 and start testing in Node 13, which will
-    > become the next LTS release from April 2020.
-    >
-
-_Released on 2020-02-18._
-
-## 4.2.2
-
- [`c600d6c`](https://github.com/sinonjs/samsam/commit/c600d6cb6c1bec8d65bc718bd9268311204597bc)
-  Fix issue with nested array matching (Jay Merrifield)
- [`8b37566`](https://github.com/sinonjs/samsam/commit/8b37566ea73bee512fbc4203c07678288f906bda)
-  Bump eslint from 6.7.2 to 6.8.0 (dependabot-preview[bot])
-    >
-    > Bumps [eslint](https://github.com/eslint/eslint) from 6.7.2 to 6.8.0.
-    > - [Release notes](https://github.com/eslint/eslint/releases)
-    > - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
-    > - [Commits](https://github.com/eslint/eslint/compare/v6.7.2...v6.8.0)
-    >
-    > Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
- [`b7c5db9`](https://github.com/sinonjs/samsam/commit/b7c5db9e7847204188c112843bb193248d0b5156)
-  Bump eslint-plugin-prettier from 3.1.1 to 3.1.2 (dependabot-preview[bot])
-    >
-    > Bumps [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) from 3.1.1 to 3.1.2.
-    > - [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases)
-    > - [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/master/CHANGELOG.md)
-    > - [Commits](https://github.com/prettier/eslint-plugin-prettier/compare/v3.1.1...v3.1.2)
-    >
-    > Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
- [`8965384`](https://github.com/sinonjs/samsam/commit/8965384818697b7b36537619922b3c378bfd0b42)
-  Bump eslint-plugin-mocha from 6.1.1 to 6.2.2 (dependabot-preview[bot])
-    >
-    > Bumps [eslint-plugin-mocha](https://github.com/lo1tuma/eslint-plugin-mocha) from 6.1.1 to 6.2.2.
-    > - [Release notes](https://github.com/lo1tuma/eslint-plugin-mocha/releases)
-    > - [Changelog](https://github.com/lo1tuma/eslint-plugin-mocha/blob/master/CHANGELOG.md)
-    > - [Commits](https://github.com/lo1tuma/eslint-plugin-mocha/compare/6.1.1...6.2.2)
-    >
-    > Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
- [`8661610`](https://github.com/sinonjs/samsam/commit/866161044e212b4df56a207e55ab3e449346abf5)
-  Bump eslint-config-prettier from 6.7.0 to 6.9.0 (dependabot-preview[bot])
-    >
-    > Bumps [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) from 6.7.0 to 6.9.0.
-    > - [Release notes](https://github.com/prettier/eslint-config-prettier/releases)
-    > - [Changelog](https://github.com/prettier/eslint-config-prettier/blob/master/CHANGELOG.md)
-    > - [Commits](https://github.com/prettier/eslint-config-prettier/commits/v6.9.0)
-    >
-    > Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
- [`7d91124`](https://github.com/sinonjs/samsam/commit/7d91124a9fa95c462c1e714d86405d6cb99e3363)
-  Bump rollup from 1.23.0 to 1.27.14 (dependabot-preview[bot])
-    >
-    > Bumps [rollup](https://github.com/rollup/rollup) from 1.23.0 to 1.27.14.
-    > - [Release notes](https://github.com/rollup/rollup/releases)
-    > - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
-    > - [Commits](https://github.com/rollup/rollup/compare/v1.23.0...v1.27.14)
-    >
-    > Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
- [`31c616a`](https://github.com/sinonjs/samsam/commit/31c616ab278e05071138e18d6e5aea8f2c250c2a)
-  Bump nyc from 14.1.1 to 15.0.0 (dependabot-preview[bot])
-    >
-    > Bumps [nyc](https://github.com/istanbuljs/nyc) from 14.1.1 to 15.0.0.
-    > - [Release notes](https://github.com/istanbuljs/nyc/releases)
-    > - [Changelog](https://github.com/istanbuljs/nyc/blob/master/CHANGELOG.md)
-    > - [Commits](https://github.com/istanbuljs/nyc/compare/v14.1.1...v15.0.0)
-    >
-    > Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
- [`e82dbcf`](https://github.com/sinonjs/samsam/commit/e82dbcf9af6a052b1d466e476a7315e047324256)
-  Bump @sinonjs/referee from 3.2.0 to 4.0.0 (dependabot-preview[bot])
-    >
-    > Bumps [@sinonjs/referee](https://github.com/sinonjs/referee) from 3.2.0 to 4.0.0.
-    > - [Release notes](https://github.com/sinonjs/referee/releases)
-    > - [Changelog](https://github.com/sinonjs/referee/blob/master/CHANGES.md)
-    > - [Commits](https://github.com/sinonjs/referee/compare/v3.2.0...v4.0.0)
-    >
-    > Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
- [`b089354`](https://github.com/sinonjs/samsam/commit/b089354118a6f64139ca64906d8b8a9f282bc376)
-  Bump eslint-plugin-jsdoc from 18.4.3 to 19.2.0 (dependabot-preview[bot])
-    >
-    > Bumps [eslint-plugin-jsdoc](https://github.com/gajus/eslint-plugin-jsdoc) from 18.4.3 to 19.2.0.
-    > - [Release notes](https://github.com/gajus/eslint-plugin-jsdoc/releases)
-    > - [Commits](https://github.com/gajus/eslint-plugin-jsdoc/compare/v18.4.3...v19.2.0)
-    >
-    > Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
- [`bba8c44`](https://github.com/sinonjs/samsam/commit/bba8c441914cd3b07b505b4d917a042d16412c9e)
-  Bump @sinonjs/commons from 1.6.0 to 1.7.0 (dependabot-preview[bot])
-    >
-    > Bumps [@sinonjs/commons](https://github.com/sinonjs/commons) from 1.6.0 to 1.7.0.
-    > - [Release notes](https://github.com/sinonjs/commons/releases)
-    > - [Commits](https://github.com/sinonjs/commons/compare/v1.6.0...v1.7.0)
-    >
-    > Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
- [`5915960`](https://github.com/sinonjs/samsam/commit/5915960fab257e27564c544da45b419c360bc8fb)
-  Publish using public access (Morgan Roderick)
- [`28ffc83`](https://github.com/sinonjs/samsam/commit/28ffc83556274b025d1fc62b52d2ff8ea25743a4)
-  4.2.1 (Morgan Roderick)
-
-_Released by [Maximilian Antoni](https://github.com/mantoni) on 2020-01-09._
-
-## 4.2.1
-
- [`8987966`](https://github.com/sinonjs/samsam/commit/898796645000b88f1a4045213355bed29085f46c)
-  re-introduce bound deepEqual (#160) (James Garbutt)
-
-_Released on 2019-12-30._
--- a/node_modules/@sinonjs/samsam/lib/deep-equal.js
+++ b/node_modules/@sinonjs/samsam/lib/deep-equal.js
@@ -10,8 +10,10 @@ var mapForEach = require("@sinonjs/commons").prototypes.map.forEach;
 var getClass = require("./get-class");
 var identical = require("./identical");
 var isArguments = require("./is-arguments");
+var isArrayType = require("./is-array-type");
 var isDate = require("./is-date");
 var isElement = require("./is-element");
+var isIterable = require("./is-iterable");
 var isMap = require("./is-map");
 var isNaN = require("./is-nan");
 var isObject = require("./is-object");
@@ -189,6 +191,31 @@ function deepEqualCyclic(actual, expectation, match) {
            return mapsDeeplyEqual;
        }

+        var isActualNonArrayIterable =
+            isIterable(actualObj) &&
+            !isArrayType(actualObj) &&
+            !isArguments(actualObj);
+        var isExpectationNonArrayIterable =
+            isIterable(expectation) &&
+            !isArrayType(expectation) &&
+            !isArguments(expectation);
+        if (isActualNonArrayIterable || isExpectationNonArrayIterable) {
+            var actualArray = Array.from(actualObj);
+            var expectationArray = Array.from(expectation);
+            if (actualArray.length !== expectationArray.length) {
+                return false;
+            }
+
+            var arrayDeeplyEquals = true;
+            every(actualArray, function (key) {
+                arrayDeeplyEquals =
+                    arrayDeeplyEquals &&
+                    deepEqualCyclic(actualArray[key], expectationArray[key]);
+            });
+
+            return arrayDeeplyEquals;
+        }
+
        return every(expectationKeysAndSymbols, function (key) {
            if (!hasOwnProperty(actualObj, key)) {
                return false;
--- a/node_modules/@sinonjs/samsam/lib/is-iterable.js
+++ b/node_modules/@sinonjs/samsam/lib/is-iterable.js
@@ -0,0 +1,18 @@
+"use strict";
+
+/**
+ * Returns `true` when the argument is an iterable, `false` otherwise
+ *
+ * @alias module:samsam.isIterable
+ * @param  {*}  val - A value to examine
+ * @returns {boolean} Returns `true` when the argument is an iterable, `false` otherwise
+ */
+function isIterable(val) {
+    // checks for null and undefined
+    if (typeof val !== "object") {
+        return false;
+    }
+    return typeof val[Symbol.iterator] === "function";
+}
+
+module.exports = isIterable;
--- a/node_modules/@sinonjs/samsam/package.json
+++ b/node_modules/@sinonjs/samsam/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@sinonjs/samsam",
-  "version": "6.0.2",
+  "version": "6.1.1",
  "description": "Value identification and comparison functions",
  "homepage": "http://sinonjs.github.io/samsam/",
  "author": "Christian Johansen",
@@ -28,7 +28,7 @@
    "test-headless": "mochify --no-detect-globals --recursive -R dot --plugin [ proxyquire-universal ] \"./lib/*.test.js\"",
    "prettier:check": "prettier --check '**/*.{js,css,md}'",
    "prettier:write": "prettier --write '**/*.{js,css,md}'",
-    "preversion": "npm run test-check-coverage",
+    "preversion": "./check-external-dependencies.sh && npm run test-check-coverage",
    "version": "changes --commits --footer",
    "postversion": "git push --follow-tags && npm publish --access public"
  },
--- a/node_modules/@sinonjs/samsam/types/is-iterable.d.ts
+++ b/node_modules/@sinonjs/samsam/types/is-iterable.d.ts
@@ -0,0 +1,9 @@
+export = isIterable;
+/**
+ * Returns `true` when the argument is an iterable, `false` otherwise
+ *
+ * @alias module:samsam.isIterable
+ * @param  {*}  val - A value to examine
+ * @returns {boolean} Returns `true` when the argument is an iterable, `false` otherwise
+ */
+declare function isIterable(val: any): boolean;
--- a/node_modules/@types/del/LICENSE
+++ b/node_modules/@types/del/LICENSE
@@ -0,0 +1,21 @@
+    MIT License
+
+    Copyright (c) Microsoft Corporation. All rights reserved.
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE
--- a/node_modules/@types/del/README.md
+++ b/node_modules/@types/del/README.md
@@ -0,0 +1,3 @@
+This is a stub types definition for del (https://github.com/sindresorhus/del).
+
+del provides its own type definitions, so you don't need @types/del installed!
--- a/node_modules/@types/del/package.json
+++ b/node_modules/@types/del/package.json
@@ -0,0 +1,14 @@
+{
+  "name": "@types/del",
+  "version": "4.0.0",
+  "typings": null,
+  "description": "Stub TypeScript definitions entry for del, which provides its own types definitions",
+  "main": "",
+  "scripts": {},
+  "author": "",
+  "repository": "https://github.com/sindresorhus/del",
+  "license": "MIT",
+  "dependencies": {
+    "del": "*"
+  }
+}
--- a/node_modules/@types/node/LICENSE
+++ b/node_modules/@types/node/LICENSE
--- a/node_modules/@types/node/README.md
+++ b/node_modules/@types/node/README.md
@@ -5,12 +5,12 @@
 This package contains type definitions for Node.js (http://nodejs.org/).

 # Details
-Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node.
+Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node/v12.

 ### Additional Details
- * Last updated: Wed, 28 Jul 2021 19:31:18 GMT
+ * Last updated: Wed, 21 Oct 2020 17:47:46 GMT
 * Dependencies: none
- * Global values: `AbortController`, `AbortSignal`, `__dirname`, `__filename`, `console`, `exports`, `gc`, `global`, `module`, `process`, `require`
+ * Global values: `Buffer`, `NodeJS`, `__dirname`, `__filename`, `clearImmediate`, `clearInterval`, `clearTimeout`, `console`, `exports`, `global`, `module`, `process`, `queueMicrotask`, `require`, `setImmediate`, `setInterval`, `setTimeout`

 # Credits
-These definitions were written by [Microsoft TypeScript](https://github.com/Microsoft), [DefinitelyTyped](https://github.com/DefinitelyTyped), [Alberto Schiabel](https://github.com/jkomyno), [Alvis HT Tang](https://github.com/alvis), [Andrew Makarov](https://github.com/r3nya), [Benjamin Toueg](https://github.com/btoueg), [Chigozirim C.](https://github.com/smac89), [David Junger](https://github.com/touffy), [Deividas Bakanas](https://github.com/DeividasBakanas), [Eugene Y. Q. Shen](https://github.com/eyqs), [Hannes Magnusson](https://github.com/Hannes-Magnusson-CK), [Hoàng Văn Khải](https://github.com/KSXGitHub), [Huw](https://github.com/hoo29), [Kelvin Jin](https://github.com/kjin), [Klaus Meinhardt](https://github.com/ajafff), [Lishude](https://github.com/islishude), [Mariusz Wiktorczyk](https://github.com/mwiktorczyk), [Mohsen Azimi](https://github.com/mohsen1), [Nicolas Even](https://github.com/n-e), [Nikita Galkin](https://github.com/galkin), [Parambir Singh](https://github.com/parambirs), [Sebastian Silbermann](https://github.com/eps1lon), [Simon Schick](https://github.com/SimonSchick), [Thomas den Hollander](https://github.com/ThomasdenH), [Wilco Bakker](https://github.com/WilcoBakker), [wwwy3y3](https://github.com/wwwy3y3), [Samuel Ainsworth](https://github.com/samuela), [Kyle Uehlein](https://github.com/kuehlein), [Thanik Bhongbhibhat](https://github.com/bhongy), [Marcin Kopacz](https://github.com/chyzwar), [Trivikram Kamat](https://github.com/trivikr), [Minh Son Nguyen](https://github.com/nguymin4), [Junxiao Shi](https://github.com/yoursunny), [Ilia Baryshnikov](https://github.com/qwelias), [ExE Boss](https://github.com/ExE-Boss), [Surasak Chaisurin](https://github.com/Ryan-Willpower), [Piotr Błażejewicz](https://github.com/peterblazejewicz), [Anna Henningsen](https://github.com/addaleax), [Jason Kwok](https://github.com/JasonHK), [Victor Perin](https://github.com/victorperin), [Yongsheng Zhang](https://github.com/ZYSzys), and [NodeJS Contributors](https://github.com/NodeJS).
+These definitions were written by [Microsoft TypeScript](https://github.com/Microsoft), [DefinitelyTyped](https://github.com/DefinitelyTyped), [Alberto Schiabel](https://github.com/jkomyno), [Alexander T.](https://github.com/a-tarasyuk), [Alvis HT Tang](https://github.com/alvis), [Andrew Makarov](https://github.com/r3nya), [Benjamin Toueg](https://github.com/btoueg), [Bruno Scheufler](https://github.com/brunoscheufler), [Chigozirim C.](https://github.com/smac89), [David Junger](https://github.com/touffy), [Deividas Bakanas](https://github.com/DeividasBakanas), [Eugene Y. Q. Shen](https://github.com/eyqs), [Flarna](https://github.com/Flarna), [Hannes Magnusson](https://github.com/Hannes-Magnusson-CK), [Hoàng Văn Khải](https://github.com/KSXGitHub), [Huw](https://github.com/hoo29), [Kelvin Jin](https://github.com/kjin), [Klaus Meinhardt](https://github.com/ajafff), [Lishude](https://github.com/islishude), [Mariusz Wiktorczyk](https://github.com/mwiktorczyk), [Mohsen Azimi](https://github.com/mohsen1), [Nicolas Even](https://github.com/n-e), [Nikita Galkin](https://github.com/galkin), [Parambir Singh](https://github.com/parambirs), [Sebastian Silbermann](https://github.com/eps1lon), [Simon Schick](https://github.com/SimonSchick), [Thomas den Hollander](https://github.com/ThomasdenH), [Wilco Bakker](https://github.com/WilcoBakker), [wwwy3y3](https://github.com/wwwy3y3), [Zane Hannan AU](https://github.com/ZaneHannanAU), [Samuel Ainsworth](https://github.com/samuela), [Kyle Uehlein](https://github.com/kuehlein), [Jordi Oliveras Rovira](https://github.com/j-oliveras), [Thanik Bhongbhibhat](https://github.com/bhongy), [Marcin Kopacz](https://github.com/chyzwar), [Trivikram Kamat](https://github.com/trivikr), [Minh Son Nguyen](https://github.com/nguymin4), [Junxiao Shi](https://github.com/yoursunny), [Ilia Baryshnikov](https://github.com/qwelias), [ExE Boss](https://github.com/ExE-Boss), and [Jason Kwok](https://github.com/JasonHK).
--- a/node_modules/@types/node/assert.d.ts
+++ b/node_modules/@types/node/assert.d.ts
--- a/node_modules/@types/node/assert/strict.d.ts
+++ b/node_modules/@types/node/assert/strict.d.ts
@@ -1,8 +0,0 @@
-declare module 'assert/strict' {
-    import { strict } from 'node:assert';
-    export = strict;
-}
-declare module 'node:assert/strict' {
-    import { strict } from 'node:assert';
-    export = strict;
-}
--- a/node_modules/@types/node/async_hooks.d.ts
+++ b/node_modules/@types/node/async_hooks.d.ts
@@ -1,47 +1,16 @@
 /**
- * The `async_hooks` module provides an API to track asynchronous resources. It
- * can be accessed using:
- *
- * ```js
- * const async_hooks = require('async_hooks');
- * ```
- * @experimental
- * @see [source](https://github.com/nodejs/node/blob/v16.4.2/lib/async_hooks.js)
+ * Async Hooks module: https://nodejs.org/api/async_hooks.html
 */
-declare module 'async_hooks' {
+declare module "async_hooks" {
    /**
-     * ```js
-     * const async_hooks = require('async_hooks');
-     *
-     * console.log(async_hooks.executionAsyncId());  // 1 - bootstrap
-     * fs.open(path, 'r', (err, fd) => {
-     *   console.log(async_hooks.executionAsyncId());  // 6 - open()
-     * });
-     * ```
-     *
-     * The ID returned from `executionAsyncId()` is related to execution timing, not
-     * causality (which is covered by `triggerAsyncId()`):
-     *
-     * ```js
-     * const server = net.createServer((conn) => {
-     *   // Returns the ID of the server, not of the new connection, because the
-     *   // callback runs in the execution scope of the server's MakeCallback().
-     *   async_hooks.executionAsyncId();
-     *
-     * }).listen(port, () => {
-     *   // Returns the ID of a TickObject (process.nextTick()) because all
-     *   // callbacks passed to .listen() are wrapped in a nextTick().
-     *   async_hooks.executionAsyncId();
-     * });
-     * ```
-     *
-     * Promise contexts may not get precise `executionAsyncIds` by default.
-     * See the section on `promise execution tracking`.
-     * @since v8.1.0
-     * @return The `asyncId` of the current execution context. Useful to track when something calls.
+     * Returns the asyncId of the current execution context.
     */
    function executionAsyncId(): number;
+
    /**
+     * The resource representing the current execution.
+     *  Useful to store data within the resource.
+     *
     * Resource objects returned by `executionAsyncResource()` are most often internal
     * Node.js handle objects with undocumented APIs. Using any functions or properties
     * on the object is likely to crash your application and should be avoided.
@@ -49,70 +18,14 @@ declare module 'async_hooks' {
     * Using `executionAsyncResource()` in the top-level execution context will
     * return an empty object as there is no handle or request object to use,
     * but having an object representing the top-level can be helpful.
-     *
-     * ```js
-     * const { open } = require('fs');
-     * const { executionAsyncId, executionAsyncResource } = require('async_hooks');
-     *
-     * console.log(executionAsyncId(), executionAsyncResource());  // 1 {}
-     * open(__filename, 'r', (err, fd) => {
-     *   console.log(executionAsyncId(), executionAsyncResource());  // 7 FSReqWrap
-     * });
-     * ```
-     *
-     * This can be used to implement continuation local storage without the
-     * use of a tracking `Map` to store the metadata:
-     *
-     * ```js
-     * const { createServer } = require('http');
-     * const {
-     *   executionAsyncId,
-     *   executionAsyncResource,
-     *   createHook
-     * } = require('async_hooks');
-     * const sym = Symbol('state'); // Private symbol to avoid pollution
-     *
-     * createHook({
-     *   init(asyncId, type, triggerAsyncId, resource) {
-     *     const cr = executionAsyncResource();
-     *     if (cr) {
-     *       resource[sym] = cr[sym];
-     *     }
-     *   }
-     * }).enable();
-     *
-     * const server = createServer((req, res) => {
-     *   executionAsyncResource()[sym] = { state: req.url };
-     *   setTimeout(function() {
-     *     res.end(JSON.stringify(executionAsyncResource()[sym]));
-     *   }, 100);
-     * }).listen(3000);
-     * ```
-     * @since v13.9.0, v12.17.0
-     * @return The resource representing the current execution. Useful to store data within the resource.
     */
    function executionAsyncResource(): object;
+
    /**
-     * ```js
-     * const server = net.createServer((conn) => {
-     *   // The resource that caused (or triggered) this callback to be called
-     *   // was that of the new connection. Thus the return value of triggerAsyncId()
-     *   // is the asyncId of "conn".
-     *   async_hooks.triggerAsyncId();
-     *
-     * }).listen(port, () => {
-     *   // Even though all callbacks passed to .listen() are wrapped in a nextTick()
-     *   // the callback itself exists because the call to the server's .listen()
-     *   // was made. So the return value would be the ID of the server.
-     *   async_hooks.triggerAsyncId();
-     * });
-     * ```
-     *
-     * Promise contexts may not get valid `triggerAsyncId`s by default. See
-     * the section on `promise execution tracking`.
-     * @return The ID of the resource responsible for calling the callback that is currently being executed.
+     * Returns the ID of the resource responsible for calling the callback that is currently being executed.
     */
    function triggerAsyncId(): number;
+
    interface HookCallbacks {
        /**
         * Called when a class is constructed that has the possibility to emit an asynchronous event.
@@ -122,133 +35,73 @@ declare module 'async_hooks' {
         * @param resource reference to the resource representing the async operation, needs to be released during destroy
         */
        init?(asyncId: number, type: string, triggerAsyncId: number, resource: object): void;
+
        /**
         * When an asynchronous operation is initiated or completes a callback is called to notify the user.
         * The before callback is called just before said callback is executed.
         * @param asyncId the unique identifier assigned to the resource about to execute the callback.
         */
        before?(asyncId: number): void;
+
        /**
         * Called immediately after the callback specified in before is completed.
         * @param asyncId the unique identifier assigned to the resource which has executed the callback.
         */
        after?(asyncId: number): void;
+
        /**
         * Called when a promise has resolve() called. This may not be in the same execution id
         * as the promise itself.
         * @param asyncId the unique id for the promise that was resolve()d.
         */
        promiseResolve?(asyncId: number): void;
+
        /**
         * Called after the resource corresponding to asyncId is destroyed
         * @param asyncId a unique ID for the async resource
         */
        destroy?(asyncId: number): void;
    }
+
    interface AsyncHook {
        /**
         * Enable the callbacks for a given AsyncHook instance. If no callbacks are provided enabling is a noop.
         */
        enable(): this;
+
        /**
         * Disable the callbacks for a given AsyncHook instance from the global pool of AsyncHook callbacks to be executed. Once a hook has been disabled it will not be called again until enabled.
         */
        disable(): this;
    }
+
    /**
-     * Registers functions to be called for different lifetime events of each async
-     * operation.
-     *
-     * The callbacks `init()`/`before()`/`after()`/`destroy()` are called for the
-     * respective asynchronous event during a resource's lifetime.
-     *
-     * All callbacks are optional. For example, if only resource cleanup needs to
-     * be tracked, then only the `destroy` callback needs to be passed. The
-     * specifics of all functions that can be passed to `callbacks` is in the `Hook Callbacks` section.
-     *
-     * ```js
-     * const async_hooks = require('async_hooks');
-     *
-     * const asyncHook = async_hooks.createHook({
-     *   init(asyncId, type, triggerAsyncId, resource) { },
-     *   destroy(asyncId) { }
-     * });
-     * ```
-     *
-     * The callbacks will be inherited via the prototype chain:
-     *
-     * ```js
-     * class MyAsyncCallbacks {
-     *   init(asyncId, type, triggerAsyncId, resource) { }
-     *   destroy(asyncId) {}
-     * }
-     *
-     * class MyAddedCallbacks extends MyAsyncCallbacks {
-     *   before(asyncId) { }
-     *   after(asyncId) { }
-     * }
-     *
-     * const asyncHook = async_hooks.createHook(new MyAddedCallbacks());
-     * ```
-     *
-     * Because promises are asynchronous resources whose lifecycle is tracked
-     * via the async hooks mechanism, the `init()`, `before()`, `after()`, and`destroy()` callbacks _must not_ be async functions that return promises.
-     * @since v8.1.0
-     * @param callbacks The `Hook Callbacks` to register
-     * @return Instance used for disabling and enabling hooks
+     * Registers functions to be called for different lifetime events of each async operation.
+     * @param options the callbacks to register
+     * @return an AsyncHooks instance used for disabling and enabling hooks
     */
-    function createHook(callbacks: HookCallbacks): AsyncHook;
+    function createHook(options: HookCallbacks): AsyncHook;
+
    interface AsyncResourceOptions {
-        /**
-         * The ID of the execution context that created this async event.
-         * @default executionAsyncId()
-         */
-        triggerAsyncId?: number | undefined;
-        /**
-         * Disables automatic `emitDestroy` when the object is garbage collected.
-         * This usually does not need to be set (even if `emitDestroy` is called
-         * manually), unless the resource's `asyncId` is retrieved and the
-         * sensitive API's `emitDestroy` is called with it.
-         * @default false
-         */
-        requireManualDestroy?: boolean | undefined;
+      /**
+       * The ID of the execution context that created this async event.
+       * Default: `executionAsyncId()`
+       */
+      triggerAsyncId?: number;
+
+      /**
+       * Disables automatic `emitDestroy` when the object is garbage collected.
+       * This usually does not need to be set (even if `emitDestroy` is called
+       * manually), unless the resource's `asyncId` is retrieved and the
+       * sensitive API's `emitDestroy` is called with it.
+       * Default: `false`
+       */
+      requireManualDestroy?: boolean;
    }
+
    /**
-     * The class `AsyncResource` is designed to be extended by the embedder's async
-     * resources. Using this, users can easily trigger the lifetime events of their
-     * own resources.
-     *
-     * The `init` hook will trigger when an `AsyncResource` is instantiated.
-     *
-     * The following is an overview of the `AsyncResource` API.
-     *
-     * ```js
-     * const { AsyncResource, executionAsyncId } = require('async_hooks');
-     *
-     * // AsyncResource() is meant to be extended. Instantiating a
-     * // new AsyncResource() also triggers init. If triggerAsyncId is omitted then
-     * // async_hook.executionAsyncId() is used.
-     * const asyncResource = new AsyncResource(
-     *   type, { triggerAsyncId: executionAsyncId(), requireManualDestroy: false }
-     * );
-     *
-     * // Run a function in the execution context of the resource. This will
-     * // * establish the context of the resource
-     * // * trigger the AsyncHooks before callbacks
-     * // * call the provided function `fn` with the supplied arguments
-     * // * trigger the AsyncHooks after callbacks
-     * // * restore the original execution context
-     * asyncResource.runInAsyncScope(fn, thisArg, ...args);
-     *
-     * // Call AsyncHooks destroy callbacks.
-     * asyncResource.emitDestroy();
-     *
-     * // Return the unique ID assigned to the AsyncResource instance.
-     * asyncResource.asyncId();
-     *
-     * // Return the trigger ID for the AsyncResource instance.
-     * asyncResource.triggerAsyncId();
-     * ```
+     * The class AsyncResource was designed to be extended by the embedder's async resources.
+     * Using this users can easily trigger the lifetime events of their own resources.
     */
    class AsyncResource {
        /**
@@ -260,238 +113,135 @@ declare module 'async_hooks' {
         *   this async event (default: `executionAsyncId()`), or an
         *   AsyncResourceOptions object (since 9.3)
         */
-        constructor(type: string, triggerAsyncId?: number | AsyncResourceOptions);
+        constructor(type: string, triggerAsyncId?: number|AsyncResourceOptions);
+
        /**
-         * Binds the given function to the current execution context.
-         *
-         * The returned function will have an `asyncResource` property referencing
-         * the `AsyncResource` to which the function is bound.
-         * @since v14.8.0, v12.19.0
-         * @param fn The function to bind to the current execution context.
-         * @param type An optional name to associate with the underlying `AsyncResource`.
-         */
-        static bind<Func extends (this: ThisArg, ...args: any[]) => any, ThisArg>(
-            fn: Func,
-            type?: string,
-            thisArg?: ThisArg
-        ): Func & {
-            asyncResource: AsyncResource;
-        };
-        /**
-         * Binds the given function to execute to this `AsyncResource`'s scope.
-         *
-         * The returned function will have an `asyncResource` property referencing
-         * the `AsyncResource` to which the function is bound.
-         * @since v14.8.0, v12.19.0
-         * @param fn The function to bind to the current `AsyncResource`.
-         */
-        bind<Func extends (...args: any[]) => any>(
-            fn: Func
-        ): Func & {
-            asyncResource: AsyncResource;
-        };
-        /**
-         * Call the provided function with the provided arguments in the execution context
-         * of the async resource. This will establish the context, trigger the AsyncHooks
-         * before callbacks, call the function, trigger the AsyncHooks after callbacks, and
-         * then restore the original execution context.
-         * @since v9.6.0
-         * @param fn The function to call in the execution context of this async resource.
+         * Call the provided function with the provided arguments in the
+         * execution context of the async resource. This will establish the
+         * context, trigger the AsyncHooks before callbacks, call the function,
+         * trigger the AsyncHooks after callbacks, and then restore the original
+         * execution context.
+         * @param fn The function to call in the execution context of this
+         *   async resource.
         * @param thisArg The receiver to be used for the function call.
         * @param args Optional arguments to pass to the function.
         */
        runInAsyncScope<This, Result>(fn: (this: This, ...args: any[]) => Result, thisArg?: This, ...args: any[]): Result;
+
        /**
-         * Call all `destroy` hooks. This should only ever be called once. An error will
-         * be thrown if it is called more than once. This **must** be manually called. If
-         * the resource is left to be collected by the GC then the `destroy` hooks will
-         * never be called.
-         * @return A reference to `asyncResource`.
+         * Call AsyncHooks destroy callbacks.
         */
-        emitDestroy(): this;
+        emitDestroy(): void;
+
        /**
-         * @return The unique `asyncId` assigned to the resource.
+         * @return the unique ID assigned to this AsyncResource instance.
         */
        asyncId(): number;
+
        /**
-         *
-         * @return The same `triggerAsyncId` that is passed to the `AsyncResource` constructor.
+         * @return the trigger ID for this AsyncResource instance.
         */
        triggerAsyncId(): number;
    }
+
    /**
-     * This class creates stores that stay coherent through asynchronous operations.
-     *
-     * While you can create your own implementation on top of the `async_hooks` module,`AsyncLocalStorage` should be preferred as it is a performant and memory safe
-     * implementation that involves significant optimizations that are non-obvious to
-     * implement.
-     *
-     * The following example uses `AsyncLocalStorage` to build a simple logger
-     * that assigns IDs to incoming HTTP requests and includes them in messages
-     * logged within each request.
-     *
-     * ```js
-     * const http = require('http');
-     * const { AsyncLocalStorage } = require('async_hooks');
-     *
-     * const asyncLocalStorage = new AsyncLocalStorage();
-     *
-     * function logWithId(msg) {
-     *   const id = asyncLocalStorage.getStore();
-     *   console.log(`${id !== undefined ? id : '-'}:`, msg);
-     * }
-     *
-     * let idSeq = 0;
-     * http.createServer((req, res) => {
-     *   asyncLocalStorage.run(idSeq++, () => {
-     *     logWithId('start');
-     *     // Imagine any chain of async operations here
-     *     setImmediate(() => {
-     *       logWithId('finish');
-     *       res.end();
-     *     });
-     *   });
-     * }).listen(8080);
-     *
-     * http.get('http://localhost:8080');
-     * http.get('http://localhost:8080');
-     * // Prints:
-     * //   0: start
-     * //   1: start
-     * //   0: finish
-     * //   1: finish
-     * ```
-     *
-     * Each instance of `AsyncLocalStorage` maintains an independent storage context.
-     * Multiple instances can safely exist simultaneously without risk of interfering
-     * with each other data.
-     * @since v13.10.0, v12.17.0
+     * When having multiple instances of `AsyncLocalStorage`, they are independent
+     * from each other. It is safe to instantiate this class multiple times.
     */
    class AsyncLocalStorage<T> {
        /**
-         * Disables the instance of `AsyncLocalStorage`. All subsequent calls
-         * to `asyncLocalStorage.getStore()` will return `undefined` until`asyncLocalStorage.run()` or `asyncLocalStorage.enterWith()` is called again.
+         * This method disables the instance of `AsyncLocalStorage`. All subsequent calls
+         * to `asyncLocalStorage.getStore()` will return `undefined` until
+         * `asyncLocalStorage.run()` or `asyncLocalStorage.runSyncAndReturn()`
+         * is called again.
         *
         * When calling `asyncLocalStorage.disable()`, all current contexts linked to the
         * instance will be exited.
         *
-         * Calling `asyncLocalStorage.disable()` is required before the`asyncLocalStorage` can be garbage collected. This does not apply to stores
+         * Calling `asyncLocalStorage.disable()` is required before the
+         * `asyncLocalStorage` can be garbage collected. This does not apply to stores
         * provided by the `asyncLocalStorage`, as those objects are garbage collected
         * along with the corresponding async resources.
         *
-         * Use this method when the `asyncLocalStorage` is not in use anymore
+         * This method is to be used when the `asyncLocalStorage` is not in use anymore
         * in the current process.
-         * @since v13.10.0, v12.17.0
-         * @experimental
         */
        disable(): void;
+
        /**
-         * Returns the current store.
-         * If called outside of an asynchronous context initialized by
-         * calling `asyncLocalStorage.run()` or `asyncLocalStorage.enterWith()`, it
-         * returns `undefined`.
-         * @since v13.10.0, v12.17.0
+         * This method returns the current store.
+         * If this method is called outside of an asynchronous context initialized by
+         * calling `asyncLocalStorage.run` or `asyncLocalStorage.runAndReturn`, it will
+         * return `undefined`.
         */
        getStore(): T | undefined;
+
        /**
-         * Runs a function synchronously within a context and returns its
+         * Calling `asyncLocalStorage.run(callback)` will create a new asynchronous
+         * context.
+         * Within the callback function and the asynchronous operations from the callback,
+         * `asyncLocalStorage.getStore()` will return an instance of `Map` known as
+         * "the store". This store will be persistent through the following
+         * asynchronous calls.
+         *
+         * The callback will be ran asynchronously. Optionally, arguments can be passed
+         * to the function. They will be passed to the callback function.
+         *
+         * If an error is thrown by the callback function, it will not be caught by
+         * a `try/catch` block as the callback is ran in a new asynchronous resource.
+         * Also, the stacktrace will be impacted by the asynchronous call.
+         */
+        // TODO: Apply generic vararg once available
+        run(store: T, callback: (...args: any[]) => void, ...args: any[]): void;
+
+        /**
+         * Calling `asyncLocalStorage.exit(callback)` will create a new asynchronous
+         * context.
+         * Within the callback function and the asynchronous operations from the callback,
+         * `asyncLocalStorage.getStore()` will return `undefined`.
+         *
+         * The callback will be ran asynchronously. Optionally, arguments can be passed
+         * to the function. They will be passed to the callback function.
+         *
+         * If an error is thrown by the callback function, it will not be caught by
+         * a `try/catch` block as the callback is ran in a new asynchronous resource.
+         * Also, the stacktrace will be impacted by the asynchronous call.
+         */
+        exit(callback: (...args: any[]) => void, ...args: any[]): void;
+
+        /**
+         * This methods runs a function synchronously within a context and return its
         * return value. The store is not accessible outside of the callback function or
         * the asynchronous operations created within the callback.
         *
-         * The optional `args` are passed to the callback function.
+         * Optionally, arguments can be passed to the function. They will be passed to
+         * the callback function.
         *
-         * If the callback function throws an error, the error is thrown by `run()` too.
-         * The stacktrace is not impacted by this call and the context is exited.
-         *
-         * Example:
-         *
-         * ```js
-         * const store = { id: 2 };
-         * try {
-         *   asyncLocalStorage.run(store, () => {
-         *     asyncLocalStorage.getStore(); // Returns the store object
-         *     throw new Error();
-         *   });
-         * } catch (e) {
-         *   asyncLocalStorage.getStore(); // Returns undefined
-         *   // The error will be caught here
-         * }
-         * ```
-         * @since v13.10.0, v12.17.0
+         * If the callback function throws an error, it will be thrown by
+         * `runSyncAndReturn` too. The stacktrace will not be impacted by this call and
+         * the context will be exited.
         */
-        run<R, TArgs extends any[]>(store: T, callback: (...args: TArgs) => R, ...args: TArgs): R;
+        runSyncAndReturn<R>(store: T, callback: (...args: any[]) => R, ...args: any[]): R;
+
        /**
-         * Runs a function synchronously outside of a context and returns its
+         * This methods runs a function synchronously outside of a context and return its
         * return value. The store is not accessible within the callback function or
-         * the asynchronous operations created within the callback. Any `getStore()`call done within the callback function will always return `undefined`.
+         * the asynchronous operations created within the callback.
         *
-         * The optional `args` are passed to the callback function.
+         * Optionally, arguments can be passed to the function. They will be passed to
+         * the callback function.
         *
-         * If the callback function throws an error, the error is thrown by `exit()` too.
-         * The stacktrace is not impacted by this call and the context is re-entered.
-         *
-         * Example:
-         *
-         * ```js
-         * // Within a call to run
-         * try {
-         *   asyncLocalStorage.getStore(); // Returns the store object or value
-         *   asyncLocalStorage.exit(() => {
-         *     asyncLocalStorage.getStore(); // Returns undefined
-         *     throw new Error();
-         *   });
-         * } catch (e) {
-         *   asyncLocalStorage.getStore(); // Returns the same object or value
-         *   // The error will be caught here
-         * }
-         * ```
-         * @since v13.10.0, v12.17.0
-         * @experimental
+         * If the callback function throws an error, it will be thrown by
+         * `exitSyncAndReturn` too. The stacktrace will not be impacted by this call and
+         * the context will be re-entered.
         */
-        exit<R, TArgs extends any[]>(callback: (...args: TArgs) => R, ...args: TArgs): R;
+        exitSyncAndReturn<R>(callback: (...args: any[]) => R, ...args: any[]): R;
+
        /**
-         * Transitions into the context for the remainder of the current
-         * synchronous execution and then persists the store through any following
-         * asynchronous calls.
-         *
-         * Example:
-         *
-         * ```js
-         * const store = { id: 1 };
-         * // Replaces previous store with the given store object
-         * asyncLocalStorage.enterWith(store);
-         * asyncLocalStorage.getStore(); // Returns the store object
-         * someAsyncOperation(() => {
-         *   asyncLocalStorage.getStore(); // Returns the same object
-         * });
-         * ```
-         *
-         * This transition will continue for the _entire_ synchronous execution.
-         * This means that if, for example, the context is entered within an event
-         * handler subsequent event handlers will also run within that context unless
-         * specifically bound to another context with an `AsyncResource`. That is why`run()` should be preferred over `enterWith()` unless there are strong reasons
-         * to use the latter method.
-         *
-         * ```js
-         * const store = { id: 1 };
-         *
-         * emitter.on('my-event', () => {
-         *   asyncLocalStorage.enterWith(store);
-         * });
-         * emitter.on('my-event', () => {
-         *   asyncLocalStorage.getStore(); // Returns the same object
-         * });
-         *
-         * asyncLocalStorage.getStore(); // Returns undefined
-         * emitter.emit('my-event');
-         * asyncLocalStorage.getStore(); // Returns the same object
-         * ```
-         * @since v13.11.0, v12.17.0
-         * @experimental
+         * Calling `asyncLocalStorage.enterWith(store)` will transition into the context
+         * for the remainder of the current synchronous execution and will persist
+         * through any following asynchronous calls.
         */
        enterWith(store: T): void;
    }
 }
-declare module 'node:async_hooks' {
-    export * from 'async_hooks';
-}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Andrew Eisenberg	1a927e9307	Merge pull request #899 from github/update-v1.0.31-3a741b6c Merge main into v1	2022-01-31 08:40:43 -08:00
github-actions[bot]	bbb9c53c65	1.0.31	2022-01-31 16:08:02 +00:00
Henry Mercer	3a741b6cf5	Merge pull request #892 from github/dependabot/npm_and_yarn/node-fetch-2.6.7 Bump node-fetch from 2.6.1 to 2.6.7	2022-01-31 15:48:18 +00:00
Henry Mercer	1498bce660	Merge branch 'main' into dependabot/npm_and_yarn/node-fetch-2.6.7	2022-01-31 14:51:48 +00:00
Henry Mercer	c260382f36	Merge pull request #894 from github/dependabot/npm_and_yarn/sinon-13.0.0 Bump sinon from 11.1.2 to 13.0.0	2022-01-31 14:51:33 +00:00
github-actions[bot]	6410c0691e	Update checked-in dependencies	2022-01-29 01:49:46 +00:00
github-actions[bot]	c337e5f2f3	Update checked-in dependencies	2022-01-29 01:21:58 +00:00
dependabot[bot]	9673b562d9	Bump sinon from 11.1.2 to 13.0.0 Bumps [sinon](https://github.com/sinonjs/sinon) from 11.1.2 to 13.0.0. - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/master/docs/changelog.md) - [Commits](https://github.com/sinonjs/sinon/compare/v11.1.2...v13.0.0) --- updated-dependencies: - dependency-name: sinon dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-01-29 01:16:14 +00:00
dependabot[bot]	bc4366e948	Bump node-fetch from 2.6.1 to 2.6.7 Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7. - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.1...v2.6.7) --- updated-dependencies: - dependency-name: node-fetch dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2022-01-29 01:15:47 +00:00
Andrew Eisenberg	3b831aafd9	Merge pull request #885 from github/dependabot/npm_and_yarn/runner/node-fetch-2.6.7 Bump node-fetch from 2.6.1 to 2.6.7 in /runner	2022-01-28 17:15:15 -08:00
Andrew Eisenberg	14b1fecf33	Merge branch 'main' into dependabot/npm_and_yarn/runner/node-fetch-2.6.7	2022-01-28 15:42:46 -08:00
Robin Neatherway	5e23536180	Merge pull request #887 from github/rneatherway/content-type Set contentType for database uploads	2022-01-25 18:40:57 +00:00
Robin Neatherway	5f30e2466f	Merge branch 'rneatherway/content-type' of github.com:github/codeql-action into rneatherway/content-type	2022-01-25 17:17:21 +00:00
Andrew Eisenberg	05981c5829	Merge branch 'main' into dependabot/npm_and_yarn/runner/node-fetch-2.6.7	2022-01-25 08:57:02 -08:00
Robin Neatherway	486633d442	Try string literal key	2022-01-25 16:33:09 +00:00
Robin Neatherway	d6360c9075	Merge branch 'main' into rneatherway/content-type	2022-01-25 15:21:13 +00:00
Robin Neatherway	d3a0787934	Merge pull request #886 from github/rneatherway/remove-old-upload-path Remove old upload path	2022-01-25 14:08:16 +00:00
Robin Neatherway	e13c8bbfb7	Merge branch 'main' into rneatherway/remove-old-upload-path	2022-01-25 12:36:23 +00:00
Andrew Eisenberg	1c9a1f5d01	Merge pull request #888 from github/aeisenberg/remove-experiemental-message Remove `experimental` warning message for custom packs	2022-01-24 17:03:09 -08:00
Andrew Eisenberg	1f7dab4ba2	Merge branch 'main' into aeisenberg/remove-experiemental-message	2022-01-24 13:30:45 -08:00
Andrew Eisenberg	8a36468d11	Merge pull request #882 from github/aeisenberg/better-error Ensure loadApiError is caught	2022-01-24 12:05:09 -08:00
Andrew Eisenberg	f8c38c1af3	Update changelog	2022-01-24 09:54:17 -08:00
Robin Neatherway	10249d1591	Update tests to remove feature flag	2022-01-24 17:53:09 +00:00
Andrew Eisenberg	e6bcd71529	Remove `experimental` warning message for custom packs	2022-01-24 09:40:46 -08:00
Andrew Eisenberg	806fc12eb2	Reword changelog entry and add back test	2022-01-24 09:25:52 -08:00
Andrew Eisenberg	ba352d365b	Merge branch 'main' into aeisenberg/better-error	2022-01-24 08:56:14 -08:00
Robin Neatherway	751af2a9e3	Set contentType for database uploads	2022-01-24 15:54:46 +00:00
Robin Neatherway	1a686e7d76	Remove old upload path The `useUploadDomain` approach is now fully enabled	2022-01-24 15:47:08 +00:00
dependabot[bot]	0479586f61	Bump node-fetch from 2.6.1 to 2.6.7 in /runner Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7. - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Changelog](https://github.com/node-fetch/node-fetch/blob/main/docs/CHANGELOG.md) - [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.1...v2.6.7) --- updated-dependencies: - dependency-name: node-fetch dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2022-01-24 13:34:40 +00:00
Edoardo Pirovano	708446c6e4	Merge pull request #884 from github/mergeback/v1.0.30-to-main-8b37404d Mergeback v1.0.30 refs/heads/v1 into main	2022-01-24 13:33:55 +00:00
github-actions[bot]	392316b555	Update checked-in dependencies	2022-01-24 13:16:43 +00:00
github-actions[bot]	5604c0a3ad	1.0.31	2022-01-24 13:01:42 +00:00
github-actions[bot]	7d8ca8fa93	Update changelog and version after v1.0.30	2022-01-24 13:01:40 +00:00
Edoardo Pirovano	8b37404d56	Merge pull request #883 from github/update-v1.0.30-a7adbce2 Merge main into v1	2022-01-24 13:00:42 +00:00
github-actions[bot]	c180f23bb1	1.0.30	2022-01-24 11:30:41 +00:00
Edoardo Pirovano	a7adbce22c	Merge pull request #877 from github/codeql-cli-2.7.6 Update default CodeQL version to 2.7.6	2022-01-24 11:18:52 +00:00
Edoardo Pirovano	3b4e4d44dc	Update default CodeQL version to 2.7.6	2022-01-24 09:45:48 +00:00
Andrew Eisenberg	f18151cc59	Update error message and remove feature flag preloading Discussion here https://github.com/github/codeql-action/pull/882#discussion_r789924177 shows that properly handling preloading feature flag errors is complex and the benefit we get from it does not offset the complexity.	2022-01-21 11:20:48 -08:00
Andrew Eisenberg	e175dea369	Update changelog	2022-01-21 10:05:52 -08:00
Andrew Eisenberg	752ae5743f	Ensure loadApiError is caught And add a better error message. By using `void` instead of `await`, any error thrown is not caught by surrounding try-catch blocks. I could continue to use `void` and explicitly handle any thrown errors by using `.catch`, but most likely the time savings is minimal and this makes the code more complex.	2022-01-21 10:04:08 -08:00
Andrew Eisenberg	0dabead789	Merge pull request #876 from github/aeisenberg/multi-init Include better error message	2022-01-21 08:42:06 -08:00
Andrew Eisenberg	5e69ce82f8	Merge branch 'main' into aeisenberg/multi-init	2022-01-21 08:04:13 -08:00
Edoardo Pirovano	fdb92bbffe	Merge pull request #881 from github/edoardo/respect-env Respect extra options in a few `codeql` calls	2022-01-21 14:02:21 +00:00
Edoardo Pirovano	14b4839253	Respect extra options in a few `codeql` calls	2022-01-21 13:44:52 +00:00
Edoardo Pirovano	d76304cd8e	Merge pull request #880 from github/mergeback/v1.0.29-to-main-384cfc42 Mergeback v1.0.29 refs/heads/v1 into main	2022-01-21 11:53:08 +00:00
github-actions[bot]	57c4e974c2	Update checked-in dependencies	2022-01-21 11:23:59 +00:00
github-actions[bot]	c2fb041dc1	1.0.30	2022-01-21 11:12:16 +00:00
github-actions[bot]	ac9d34fbc6	Update changelog and version after v1.0.29	2022-01-21 11:12:14 +00:00
Edoardo Pirovano	384cfc42b2	Merge pull request #879 from github/update-v1.0.29-67c0353a Merge main into v1	2022-01-21 11:11:07 +00:00
github-actions[bot]	5a1e31dc6a	1.0.29	2022-01-21 10:47:33 +00:00
Edoardo Pirovano	67c0353a8c	Merge pull request #878 from github/revert-wait-for-processing Revert "Start waiting for processing by default."	2022-01-21 10:45:30 +00:00
Chris Gavin	7ec25e02e3	Add a changelog note.	2022-01-21 10:26:18 +00:00
Chris Gavin	713eacdf6c	Revert "Start waiting for processing by default." This reverts commit `b661ef1697`.	2022-01-21 10:25:57 +00:00
Andrew Eisenberg	c8290d07f0	Update changelog Add a line item for using a better error message. Also, add a link for an entry that didn't have one before.	2022-01-20 10:31:43 -08:00
Andrew Eisenberg	51126e5cd1	Include better error message When users call init multiple times.	2022-01-20 10:28:11 -08:00
Edoardo Pirovano	c0b507e521	Merge pull request #875 from github/mergeback/v1.0.28-to-main-8a4b243f Mergeback v1.0.28 refs/heads/v1 into main	2022-01-18 22:21:27 +00:00
github-actions[bot]	d563b098d7	Update checked-in dependencies	2022-01-18 21:54:31 +00:00
github-actions[bot]	fca047627b	1.0.29	2022-01-18 21:35:32 +00:00
github-actions[bot]	28fe8e7028	Update changelog and version after v1.0.28	2022-01-18 21:35:30 +00:00
Andrew Eisenberg	8a4b243fbf	Merge pull request #874 from github/update-v1.0.28-b31df3ff Merge main into v1	2022-01-18 13:33:47 -08:00
Andrew Eisenberg	19970ae6b5	Update changelog Add an entry and move an entry.	2022-01-18 12:44:43 -08:00
github-actions[bot]	ec1b16574e	1.0.28	2022-01-18 19:13:38 +00:00
Henning Makholm	b31df3ff95	Merge pull request #866 from github/hmakholm/pr/2.7.5 Bump CodeQL version to 2.7.5	2022-01-17 19:45:58 +01:00
Henning Makholm	776db51d2e	Merge remote-tracking branch 'origin/main' into hmakholm/pr/2.7.5	2022-01-17 18:27:39 +01:00
Andrew Eisenberg	b886234637	Merge pull request #872 from github/aeisenberg/category-with-tool Change category uniqueness test	2022-01-17 09:19:39 -08:00
Henning Makholm	9913c9bfa5	Merge remote-tracking branch 'origin/main' into hmakholm/pr/2.7.5	2022-01-17 18:06:10 +01:00
Andrew Eisenberg	8de62beb50	Merge branch 'main' into aeisenberg/category-with-tool	2022-01-17 09:00:14 -08:00
Andrew Eisenberg	b6fbccaba1	Merge pull request #873 from github/nickrolfe/ruby Update warning about interpreted languages to mention Ruby	2022-01-14 09:05:50 -08:00
Nick Rolfe	df0c306daf	Update warning about interpreted languages to mention Ruby	2022-01-14 11:57:29 +00:00
Andrew Eisenberg	ab1f709732	Allow duplicate categories in the same validation step A single SARIF file should be allowed to have duplicated categories.	2022-01-13 10:35:03 -08:00
Andrew Eisenberg	8454e21c9c	Change category uniqueness test Turboscan only allows a single combination of tool name and automation details id for testing category uniqueness. Previously, the check in the action was not entirely correct since it only looked at the _category_ and not the combination of the category and the tool name. It's even more precise now since it is looking at the actual, computed value of the automation details id, rather than an inputted value of the category. This change also includes a refactoring where the action is now avoiding multiple parsing/stringifying of the sarif files. Instead, sarif is parsed once at the start of the process and stringified once, after sarif processing is completely finished.	2022-01-12 15:26:34 -08:00
Henning Makholm	d85c3e58ec	Bump CodeQL version to 2.7.5	2022-01-12 19:36:20 +01:00
Edoardo Pirovano	cbabe47a0b	Merge pull request #871 from github/mergeback/v1.0.27-to-main-cd783c8a Mergeback v1.0.27 refs/heads/v1 into main	2022-01-11 22:22:02 +00:00
github-actions[bot]	f8a48f464d	Update checked-in dependencies	2022-01-11 21:57:25 +00:00
github-actions[bot]	f6f23f8671	1.0.28	2022-01-11 21:43:35 +00:00
github-actions[bot]	c2a7379048	Update changelog and version after v1.0.27	2022-01-11 21:43:33 +00:00
Edoardo Pirovano	cd783c8a29	Merge pull request #870 from github/update-v1.0.27-faa9ba73 Merge main into v1	2022-01-11 21:42:44 +00:00
github-actions[bot]	300c8b6dcb	1.0.27	2022-01-11 20:35:30 +00:00
Edoardo Pirovano	faa9ba7363	Merge pull request #869 from github/edoardo/windows-11-error Refuse to run on Windows 11	2022-01-11 20:34:11 +00:00
Edoardo Pirovano	d2a0fc83dc	Refuse to run on Windows 11	2022-01-11 18:34:33 +00:00
Edoardo Pirovano	71112ab35d	Merge pull request #868 from edoardopirovano/debug-artifact-name Make name of debugging artifact and DB within it configurable	2022-01-07 17:54:41 +00:00
Edoardo Pirovano	e677af3fd0	Make name of debugging artifact and DB within it configurable	2022-01-07 15:10:26 +00:00
Henry Mercer	848e5140d4	Merge pull request #857 from github/henrymercer/ml-powered-queries Add support for running ML-powered queries for JS `security-extended` behind `ml_powered_queries` feature flag	2022-01-06 17:55:06 +00:00
Henry Mercer	e7fe6da378	Allow patch version of ML-powered queries pack to be bumped	2022-01-06 11:58:03 +00:00
Henry Mercer	2159631658	Only run ML-powered queries with v2.7.5 or newer of the CLI	2022-01-06 11:58:03 +00:00
Henry Mercer	9de1702400	Document use of redundant feature flag API call	2022-01-06 11:58:02 +00:00
Henry Mercer	efded22908	Bump the version of the ATM query pack to 0.0.2	2022-01-06 11:57:33 +00:00
Henry Mercer	5602bd50bf	Test loading of ML-powered queries	2022-01-06 11:57:33 +00:00
Henry Mercer	2f4be8e34b	Run ML-powered queries for JS security-extended behind feature flag	2022-01-06 11:57:33 +00:00
Edoardo Pirovano	9763bdd6ec	Merge pull request #860 from edoardopirovano/always-upload-db Always upload DB when in debug mode	2022-01-04 18:25:33 +00:00
Edoardo Pirovano	00d4d60204	Always upload DB when in debug mode	2022-01-04 16:49:31 +00:00
Edoardo Pirovano	e5d84de18b	Merge pull request #861 from github/remove-debug-output Remove debugging output	2022-01-02 10:05:46 +00:00
Edoardo Pirovano	ea1acc573a	Merge branch 'main' into remove-debug-output	2022-01-02 09:41:49 +00:00
Edoardo Pirovano	79ea6d6a7c	Merge pull request #862 from github/aeisenberg/fix-python-tests Force virtualenv version	2022-01-02 09:41:38 +00:00
Andrew Eisenberg	3e50d096f8	Force virtualenv version Force the virtualenv version to be 20.11 or less. The 20.12 version is failing for python 2 right now.	2022-01-01 19:13:10 -08:00
Edoardo Pirovano	cca1cfdacf	Remove debugging output	2021-12-31 16:32:08 +00:00
Edoardo Pirovano	cdea582765	Merge pull request #859 from github/update-supported-enterprise-server-versions Update supported GitHub Enterprise Server versions.	2021-12-29 09:39:28 +00:00
GitHub	3e59dee9e2	Update supported GitHub Enterprise Server versions.	2021-12-29 00:07:19 +00:00
Henry Mercer	249c7ffce1	Merge pull request #856 from github/henrymercer/feature-flagging Feature flagging via the GitHub API	2021-12-16 16:18:46 +00:00
Henry Mercer	254816c2d2	Stub feature flag API endpoint in tests	2021-12-16 13:39:18 +00:00
Henry Mercer	6d62c245ec	Represent feature flags using an enum Replaces the previous string literal type	2021-12-16 13:38:34 +00:00
Henry Mercer	5e87034b3b	Explicitly pass repository to feature flags constructor As suggested in review: The `GITHUB_REPOSITORY` environment variable is only available on Actions. Passing it in explicitly avoids potentially crashing if this code is called from the runner.	2021-12-15 17:03:43 +00:00
Henry Mercer	621e0794ac	Throw an error if the feature flag API request errors	2021-12-15 16:34:26 +00:00
Henry Mercer	d6499fad61	Use new feature flag architecture when uploading databases	2021-12-15 13:17:05 +00:00
Henry Mercer	04671efa1d	Add support for feature flagging via the GitHub API	2021-12-15 13:16:33 +00:00
Andrew Eisenberg	e1f05902cd	Merge pull request #855 from github/correct-changelog Move changelog entry into correct place	2021-12-14 11:06:40 -08:00
Thomas Horstmeyer	f9e96fa857	Move changelog entry into correct place	2021-12-14 13:49:52 +00:00
Andrew Eisenberg	14a5537e13	Merge pull request #853 from github/aeisenberg/remove-scheduled Remove scheduled releases	2021-12-13 19:14:37 -08:00
Andrew Eisenberg	d3eb4974a3	Merge branch 'main' into aeisenberg/remove-scheduled	2021-12-13 18:37:38 -08:00
Edoardo Pirovano	39216d10d3	Merge pull request #854 from edoardopirovano/remove-dotnet-restore Remove `dotnet restore` calls from CI checks	2021-12-13 23:29:58 +00:00
Edoardo Pirovano	265a7db16a	Remove `dotnet restore` calls from CI checks	2021-12-13 18:04:46 +00:00
Andrew Eisenberg	f623d4cec3	Remove scheduled releases The action will be released roughly every two weeks along with the CodeQL CLI release process.	2021-12-13 09:34:53 -08:00
Chris Gavin	eacec3646a	Merge pull request #843 from github/wait-for-processing-by-default Start waiting for processing by default.	2021-12-13 12:19:11 +00:00
Chris Gavin	e0e2abc1a5	Merge branch 'main' into wait-for-processing-by-default	2021-12-13 12:04:22 +00:00
Chris Gavin	716b5980cd	Merge pull request #844 from github/duplicated-output Stop printing all output twice.	2021-12-13 11:57:11 +00:00
Chris Gavin	1d83f2a0bc	Merge branch 'main' into duplicated-output	2021-12-13 11:44:22 +00:00
Andrew Eisenberg	ce77f88627	Merge pull request #849 from github/mergeback/v1.0.26-to-main-5f532563 Mergeback v1.0.26 refs/heads/v1 into main	2021-12-10 13:41:53 -08:00
github-actions[bot]	a777b51ef7	Update checked-in dependencies	2021-12-10 19:09:21 +00:00
github-actions[bot]	88fbabe21d	1.0.27	2021-12-10 18:40:13 +00:00
github-actions[bot]	eeb215b041	Update changelog and version after v1.0.26	2021-12-10 18:40:11 +00:00
Andrew Eisenberg	5f53256358	Merge pull request #848 from github/update-v1.0.26-07825549 Merge main into v1	2021-12-10 10:39:01 -08:00
github-actions[bot]	25a5103778	1.0.26	2021-12-10 18:20:01 +00:00
Edoardo Pirovano	0782554948	Merge pull request #845 from github/refuse-broken-versions Refuse to use broken versions in the toolcache	2021-12-09 16:53:57 +00:00
Edoardo Pirovano	705f634a1d	Refuse to use broken versions in the toolcache	2021-12-09 13:43:57 +00:00
Chris Gavin	b7b7607959	Stop printing all output twice.	2021-12-09 13:21:32 +00:00
Chris Gavin	7bcc6564d4	Add more context to a change note. Co-authored-by: Thomas Horstmeyer <73262256+cannist@users.noreply.github.com>	2021-12-09 12:53:20 +00:00
Chris Gavin	b661ef1697	Start waiting for processing by default.	2021-12-09 10:21:34 +00:00
Andrew Eisenberg	6ad00fd084	Merge pull request #842 from github/aeisenberg/cli-2.7.3 Prepare for the CodeQL 2.7.3 release	2021-12-08 17:46:32 -08:00
Andrew Eisenberg	fccdee04ba	Prepare for the CodeQL 2.7.3 release	2021-12-08 17:18:05 -08:00
Andrew Eisenberg	e694ca6192	Merge pull request #841 from github/aeisenberg/fix-del Always use `force: true` for del	2021-12-08 16:01:45 -08:00
Andrew Eisenberg	67d11b5928	Always use `force: true` for del	2021-12-08 15:37:43 -08:00
Aditya Sharad	924a64d2e0	Merge pull request #840 from github/aeisenberg/fix-rm Remove rmDir references	2021-12-08 15:08:58 -08:00
Andrew Eisenberg	45dc27d3c1	Remove rmDir references `rmDir` is not available on the node version used by the actions runner. Instead, use the `del` package. It is safe, well-tested, and cross-platform.	2021-12-08 12:11:31 -08:00
Andrew Eisenberg	cbed0358c6	Merge pull request #839 from github/revert-837-aeisenberg/cli-2.7.3 Revert "Bump default CodeQL version to 2.7.3"	2021-12-08 10:58:53 -08:00
Andrew Eisenberg	a8cf6f42c2	Revert "Bump default CodeQL version to 2.7.3"	2021-12-08 10:07:10 -08:00
Andrew Eisenberg	eebe7c46f1	Merge pull request #837 from github/aeisenberg/cli-2.7.3 Bump default CodeQL version to 2.7.3	2021-12-08 09:02:37 -08:00
Edoardo Pirovano	dc32d5448f	Add a workflow step to do `dotnet restore`	2021-12-08 14:47:42 +00:00
Andrew Eisenberg	fac22de4f9	Autobuild: Prefix invocations with CODEQL_RUNNER Co-authored-by: Aditya Sharad <6874315+adityasharad@users.noreply.github.com>	2021-12-07 20:50:17 -08:00
				`@@ -0,0 +1 @@`
				{"version":3,"file":"feature-flags.js","sourceRoot":"","sources":["../src/feature-flags.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,6CAA8D;AAG9D,6CAA+B;AAM/B,IAAY,WAGX;AAHD,WAAY,WAAW;IACrB,kEAAmD,CAAA;IACnD,qEAAsD,CAAA;AACxD,CAAC,EAHW,WAAW,GAAX,mBAAW,KAAX,mBAAW,QAGtB;AAUD,MAAa,kBAAkB;IAG7B,YACU,aAAiC,EACjC,UAA4B,EAC5B,aAA4B,EAC5B,MAAc;QAHd,kBAAa,GAAb,aAAa,CAAoB;QACjC,eAAU,GAAV,UAAU,CAAkB;QAC5B,kBAAa,GAAb,aAAa,CAAe;QAC5B,WAAM,GAAN,MAAM,CAAQ;IACrB,CAAC;IAEJ,KAAK,CAAC,QAAQ,CAAC,IAAiB;QAC9B,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QACrD,IAAI,QAAQ,KAAK,SAAS,EAAE;YAC1B,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,iBAAiB,IAAI,uDAAuD,CAC7E,CAAC;YACF,OAAO,KAAK,CAAC;SACd;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,cAAc;QAC1B,MAAM,eAAe,GAAG,KAAK,IAAI,EAAE;YACjC,iDAAiD;YACjD,IAAI,IAAI,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;gBACzD,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,8DAA8D,CAC/D,CAAC;gBACF,OAAO,EAAE,CAAC;aACX;YACD,MAAM,MAAM,GAAG,IAAA,yBAAY,EAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC7C,IAAI;gBACF,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,OAAO,CACnC,8DAA8D,EAC9D;oBACE,KAAK,EAAE,IAAI,CAAC,aAAa,CAAC,KAAK;oBAC/B,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,IAAI;iBAC9B,CACF,CAAC;gBACF,OAAO,QAAQ,CAAC,IAAI,CAAC;aACtB;YAAC,OAAO,CAAC,EAAE;gBACV,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,GAAG,EAAE;oBAC3C,IAAI,CAAC,MAAM,CAAC,OAAO,CACjB,gGAAgG;wBAC9F,oEAAoE;wBACpE,qFAAqF;wBACrF,kFAAkF,CAAC,EAAE,CACxF,CAAC;iBACH;qBAAM;oBACL,uFAAuF;oBACvF,mFAAmF;oBACnF,2FAA2F;oBAC3F,qBAAqB;oBACrB,MAAM,IAAI,KAAK,CACb,4DAA4D,CAAC,EAAE,CAChE,CAAC;iBACH;aACF;QACH,CAAC,CAAC;QAEF,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,IAAI,CAAC,MAAM,eAAe,EAAE,CAAC,CAAC;QACxE,IAAI,CAAC,iBAAiB,GAAG,WAAW,CAAC;QACrC,OAAO,WAAW,CAAC;IACrB,CAAC;CACF;AAhED,gDAgEC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAAC,YAA2B;IAC5D,OAAO;QACL,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;YACvB,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACrC,CAAC;KACF,CAAC;AACJ,CAAC;AAND,gDAMC"}
				`@@ -0,0 +1 @@`
				{"version":3,"file":"feature-flags.test.js","sourceRoot":"","sources":["../src/feature-flags.test.ts"],"names":[],"mappings":";;;;;AAAA,8CAAuB;AAGvB,mDAAkE;AAClE,uCAA4C;AAC5C,6CAAkD;AAClD,mDAMyB;AAEzB,iCAAgF;AAEhF,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,aAAI,CAAC,UAAU,CAAC,GAAG,EAAE;IACnB,IAAA,4BAAqB,EAAC,WAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;AAC/C,CAAC,CAAC,CAAC;AAEH,MAAM,cAAc,GAAqB;IACvC,IAAI,EAAE,MAAM;IACZ,GAAG,EAAE,oBAAoB;CAC1B,CAAC;AAEF,MAAM,iBAAiB,GAAG,IAAA,+BAAkB,EAAC,gBAAgB,CAAC,CAAC;AAE/D,MAAM,mCAAmC,GAGpC;IACH;QACE,WAAW,EAAE,MAAM;QACnB,aAAa,EAAE,EAAE,IAAI,EAAE,oBAAa,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE;KAC9D;IACD,EAAE,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,oBAAa,CAAC,IAAI,EAAE,EAAE;CACrE,CAAC;AAEF,KAAK,MAAM,OAAO,IAAI,mCAAmC,EAAE;IACzD,IAAA,aAAI,EAAC,qDAAqD,OAAO,CAAC,WAAW,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC3F,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAM,EAAE,EAAE;YAChC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAEjC,MAAM,cAAc,GAAG,EAAE,CAAC;YAC1B,MAAM,YAAY,GAAG,IAAI,kCAAkB,CACzC,OAAO,CAAC,aAAa,EACrB,cAAc,EACd,iBAAiB,EACjB,IAAA,kCAAkB,EAAC,cAAc,CAAC,CACnC,CAAC;YAEF,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,2BAAW,CAAC,EAAE;gBAC7C,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC;aACzD;YAED,CAAC,CAAC,MAAM,CACN,cAAc,CAAC,IAAI,CACjB,CAAC,CAAgB,EAAE,EAAE,CACnB,CAAC,CAAC,IAAI,KAAK,OAAO;gBAClB,CAAC,CAAC,OAAO;oBACP,8DAA8D,CACnE,KAAK,SAAS,CAChB,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;CACJ;AAED,IAAA,aAAI,EAAC,oEAAoE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACrF,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAChC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,MAAM,cAAc,GAAG,EAAE,CAAC;QAC1B,MAAM,YAAY,GAAG,IAAI,kCAAkB,CACzC,EAAE,IAAI,EAAE,oBAAa,CAAC,MAAM,EAAE,EAC9B,cAAc,EACd,iBAAiB,EACjB,IAAA,kCAAkB,EAAC,cAAc,CAAC,CACnC,CAAC;QAEF,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,MAAM,CAAC,2BAAW,CAAC,EAAE;YAC7C,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC;SACzD;QAED,KAAK,MAAM,WAAW,IAAI;YACxB,0BAA0B;YAC1B,4BAA4B;SAC7B,EAAE;YACD,CAAC,CAAC,MAAM,CACN,cAAc,CAAC,IAAI,CACjB,CAAC,CAAgB,EAAE,EAAE,CACnB,CAAC,CAAC,IAAI,KAAK,OAAO;gBAClB,CAAC,CAAC,OAAO;oBACP,iBAAiB,WAAW,uDAAuD,CACxF,KAAK,SAAS,CAChB,CAAC;SACH;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,iEAAiE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAClF,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAChC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,MAAM,YAAY,GAAG,IAAI,kCAAkB,CACzC,EAAE,IAAI,EAAE,oBAAa,CAAC,MAAM,EAAE,EAC9B,cAAc,EACd,iBAAiB,EACjB,IAAA,yBAAe,EAAC,IAAI,CAAC,CACtB,CAAC;QAEF,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,MAAM,CAAC,CAAC,WAAW,CACjB,KAAK,IAAI,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,2BAAW,CAAC,sBAAsB,CAAC,EACrE;YACE,OAAO,EACL,oFAAoF;SACvF,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG;IACpB,0BAA0B;IAC1B,4BAA4B;CAC7B,CAAC;AAEF,KAAK,MAAM,WAAW,IAAI,aAAa,EAAE;IACvC,IAAA,aAAI,EAAC,iBAAiB,WAAW,6CAA6C,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC1F,MAAM,IAAA,iBAAU,EAAC,KAAK,EAAE,MAAM,EAAE,EAAE;YAChC,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAEjC,MAAM,YAAY,GAAG,IAAI,kCAAkB,CACzC,EAAE,IAAI,EAAE,oBAAa,CAAC,MAAM,EAAE,EAC9B,cAAc,EACd,iBAAiB,EACjB,IAAA,yBAAe,EAAC,IAAI,CAAC,CACtB,CAAC;YAEF,MAAM,oBAAoB,GAAG,EAAE,CAAC;YAChC,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE;gBAC7B,oBAAoB,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;aACjC;YACD,oBAAoB,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC;YACzC,IAAA,0CAA0B,EAAC,GAAG,EAAE,oBAAoB,CAAC,CAAC;YAEtD,MAAM,kBAAkB,GAAG;gBACzB,wBAAwB,EAAE,MAAM,YAAY,CAAC,QAAQ,CACnD,2BAAW,CAAC,sBAAsB,CACnC;gBACD,0BAA0B,EAAE,MAAM,YAAY,CAAC,QAAQ,CACrD,2BAAW,CAAC,uBAAuB,CACpC;aACF,CAAC;YAEF,CAAC,CAAC,SAAS,CAAC,kBAAkB,EAAE,oBAAoB,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;CACJ"}