Merge pull request #1539 from github/aeisenberg/unref-delay

Avoid unref-ing timer while awaiting status upload

.eslintrc.json

@@ -33,6 +33,12 @@
             "alphabetize": {"order": "asc"},
             "newlines-between": "always"
         }],
+        "max-len": ["error", {
+            "code": 120,
+            "ignoreUrls": true,
+            "ignoreStrings": true,
+            "ignoreTemplateLiterals": true
+        }],
         "no-async-foreach/no-async-foreach": "error",
         "no-console": "off",
         "no-sequences": "error",

.github/prepare-test/action.yml

@@ -2,9 +2,11 @@ name: "Prepare test"
 description: Performs some preparation to run tests
 inputs:
   version:
+    description: "The version of the CodeQL CLI to use. Can be 'latest', 'cached', 'nightly-latest', 'nightly-YYYY-MM-DD', or 'stable-YYYY-MM-DD'."
     required: true
 outputs:
   tools-url:
+    description: "The value that should be passed as the 'tools' input of the 'init' step."
     value: ${{ steps.get-url.outputs.tools-url }}
 runs:
   using: composite
@@ -20,6 +22,7 @@ runs:
       name: Determine URL
       shell: bash
       run: |
+        set -e # Fail this Action if `gh release list` fails.
         if [[ ${{ inputs.version }} == "nightly-latest" ]]; then
           export LATEST=`gh release list --repo dsp-testing/codeql-cli-nightlies -L 1 | cut -f 3`
           echo "tools-url=https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/$LATEST/codeql-bundle.tar.gz" >> $GITHUB_OUTPUT
@@ -34,5 +37,6 @@ runs:
         elif [[ ${{ inputs.version }} == "cached" ]]; then
           echo "tools-url=" >> $GITHUB_OUTPUT
         else
-          echo "::error Unrecognized version specified!"
+          echo "::error::Unrecognized version specified!"
+          exit 1
         fi

.github/update-release-branch.py

@@ -161,7 +161,7 @@ def update_changelog(version):
   else:
     content = EMPTY_CHANGELOG
 
-  newContent = content.replace('[UNRELEASED]', f'${version} - {get_today_string()}', 1)
+  newContent = content.replace('[UNRELEASED]', f'{version} - {get_today_string()}', 1)
 
   with open('CHANGELOG.md', 'w') as f:
     f.write(newContent)

.github/workflows/__swift-autobuild.yml

@@ -54,6 +54,7 @@ jobs:
       shell: bash
       run: pwd
     - uses: ./../action/autobuild
+      timeout-minutes: 10
     - uses: ./../action/analyze
       id: analysis
     - name: Check database

.github/workflows/python-deps.yml

@@ -1,4 +1,4 @@
-name: Test Python Package Installation on Linux and Mac
+name: Test Python Package Installation
 
 on:
   push:
@@ -144,6 +144,7 @@ jobs:
         python-version: ${{ matrix.python_version }}
 
     - name: Initialize CodeQL
+      id: init
       uses: ./init
       with:
         tools: latest
@@ -151,15 +152,15 @@ jobs:
         setup-python-dependencies: false
 
     - name: Test Auto Package Installation
+      env:
+        CODEQL_PATH: ${{ steps.init.outputs.codeql-path }}
       run: |
         $cmd = $Env:GITHUB_WORKSPACE + "\\python-setup\\install_tools.ps1"
         powershell -File $cmd
 
         cd $Env:GITHUB_WORKSPACE\\python-setup/tests/$Env:PYTHON_DEPS_TYPE/requests-$Env:PYTHON_VERSION
-        $DefaultsPath = Join-Path (Join-Path $Env:GITHUB_WORKSPACE "src") "defaults.json"
-        $CodeQLBundleName = (Get-Content -Raw -Path $DefaultsPath | ConvertFrom-Json).bundleVersion
-        $CodeQLVersion = "0.0.0-" + $CodeQLBundleName.split("-")[-1]
-        py -3 $Env:GITHUB_WORKSPACE\\python-setup\\auto_install_packages.py C:\\hostedtoolcache\\windows\\CodeQL\\$CodeQLVersion\\x64\\codeql
+        $codeql_dist = (get-item $Env:CODEQL_PATH).Directory.FullName
+        py -3 $Env:GITHUB_WORKSPACE\\python-setup\\auto_install_packages.py $codeql_dist
 
     - name: Setup for extractor
       run: |

.github/workflows/script/check-node-modules.sh

@@ -7,10 +7,9 @@ if [ ! -z "$(git status --porcelain)" ]; then
     >&2 echo "Failed: Repo should be clean before testing!"
     exit 1
 fi
-# Pin npm to v8 since v9 doesn't support Node 12.
 # When updating this, make sure to update the npm version in
 # `.github/workflows/update-dependencies.yml` too.
-sudo npm install --force -g npm@^8.19.3
+sudo npm install --force -g npm@9.2.0
 # Reinstall modules and then clean to remove absolute paths
 # Use 'npm ci' instead of 'npm install' as this is intended to be reproducible
 npm ci

.github/workflows/update-dependencies.yml

@@ -27,10 +27,9 @@ jobs:
       run: |
         git fetch origin "$BRANCH" --depth=1
         git checkout "origin/$BRANCH"
-        # Pin npm to v8 since v9 doesn't support Node 12.
         # When updating this, make sure to update the npm version in
         # `.github/workflows/script/check-node-modules.sh` too.
-        sudo npm install --force -g npm@^8.19.3
+        sudo npm install --force -g npm@9.2.0
         npm install
         npm ci
         npm run removeNPMAbsolutePaths

CHANGELOG.md

@@ -2,6 +2,26 @@
 
 ## [UNRELEASED]
 
+No user facing changes.
+
+## 2.2.4 - 10 Feb 2023
+
+No user facing changes.
+
+## 2.2.3 - 08 Feb 2023
+
+- Update default CodeQL bundle version to 2.12.2. [#1518](https://github.com/github/codeql-action/pull/1518)
+
+## 2.2.2 - 06 Feb 2023
+
+- Fix an issue where customers using the CodeQL Action with the [CodeQL Action sync tool](https://docs.github.com/en/enterprise-server@3.7/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access) would not be able to obtain the CodeQL tools. [#1517](https://github.com/github/codeql-action/pull/1517)
+
+## 2.2.1 - 27 Jan 2023
+
+No user facing changes.
+
+## 2.2.0 - 26 Jan 2023
+
 - Improve stability when choosing the default version of CodeQL to use in code scanning workflow runs on Actions on GitHub.com. [#1475](https://github.com/github/codeql-action/pull/1475)
   - This change addresses customer reports of code scanning alerts on GitHub.com being closed and reopened during the rollout of new versions of CodeQL in the GitHub Actions [runner images](https://github.com/actions/runner-images).
   - **No change is required for the majority of workflows**, including:
@@ -15,6 +35,8 @@
     - These changes will not affect the majority of code scanning workflows. Continue reading only if your workflow uses [@actions/tool-cache](https://github.com/actions/toolkit/tree/main/packages/tool-cache) or relies on the precise location of CodeQL within the Actions tool cache.
     - The tool cache now contains **two** recent CodeQL versions (previously **one**).
     - Each CodeQL version is located under a directory named after the release date and version number, e.g. CodeQL 2.11.6 is now located under `CodeQL/2.11.6-20221211/x64/codeql` (previously `CodeQL/0.0.0-20221211/x64/codeql`).
+- The maximum number of [SARIF runs](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#run-object) per file has been increased from 15 to 20 for users uploading SARIF files to GitHub.com. This change will help ensure that Code Scanning can process SARIF files generated by third-party tools that have many runs. See the [GitHub API documentation](https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data) for a list of all the limits around uploading SARIF. This change will be released to GitHub Enterprise Server as part of GHES 3.9.
+- Update default CodeQL bundle version to 2.12.1. [#1498](https://github.com/github/codeql-action/pull/1498)
 - Fix a bug that forced the `init` Action to run for at least two minutes on JavaScript. [#1494](https://github.com/github/codeql-action/pull/1494)
 
 ## 2.1.39 - 18 Jan 2023

CONTRIBUTING.md

@@ -67,12 +67,8 @@ Here are a few things you can do that will increase the likelihood of your pull
     This mergeback incorporates the changelog updates into `main`, tags the release using the merge commit of the "Merge main into releases/v2" pull request, and bumps the patch version of the CodeQL Action.
 
     Approve the mergeback PR and automerge it.
-1. When the "Merge main into releases/v2" pull request is merged into the `releases/v2` branch, the "Update release branch" workflow will create a "Merge releases/v2 into releases/v1" pull request to merge the changes since the last release into the `releases/v1` release branch.
-    This ensures we keep both the `releases/v1` and `releases/v2` release branches up to date and fully supported.
 
-    Review the checklist items in the pull request description.
-    Once you've checked off all the items, approve the PR and automerge it.
-1. Once the mergeback has been merged to `main` and the "Merge releases/v2 into releases/v1" PR has been merged to `releases/v1`, the release is complete.
+Once the mergeback has been merged to `main`, the release is complete.
 
 ## Keeping the PR checks up to date (admin access required)
 

README.md

@@ -1,6 +1,6 @@
 # CodeQL Action
 
-This action runs GitHub's industry-leading semantic code analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of [queries](https://github.com/github/codeql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code.
+This action runs GitHub's industry-leading semantic code analysis engine, [CodeQL](https://codeql.github.com/), against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of [queries](https://github.com/github/codeql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code.
 
 For a list of recent changes, see the CodeQL Action's [changelog](CHANGELOG.md).
 

lib/analyze-action.js

@@ -29,7 +29,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.runPromise = exports.sendStatusReport = void 0;
 const fs = __importStar(require("fs"));
 const path_1 = __importDefault(require("path"));
-// We need to import `performance` on Node 12
 const perf_hooks_1 = require("perf_hooks");
 const core = __importStar(require("@actions/core"));
 const actionsUtil = __importStar(require("./actions-util"));

lib/analyze.js

@@ -29,7 +29,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.validateQueryFilters = exports.runCleanup = exports.runFinalize = exports.createQuerySuiteContents = exports.convertPackToQuerySuiteEntry = exports.runQueries = exports.dbIsFinalized = exports.createdDBForScannedLanguages = exports.CodeQLAnalysisError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
-const perf_hooks_1 = require("perf_hooks"); // We need to import `performance` on Node 12
+const perf_hooks_1 = require("perf_hooks");
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const del_1 = __importDefault(require("del"));
 const yaml = __importStar(require("js-yaml"));

lib/codeql.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_TRACING_GLIBC_2_34 = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
+exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_TRACING_GLIBC_2_34 = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
@@ -94,6 +94,10 @@ exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = "2.9.0";
  * --extractor-options-verbosity that we need.
  */
 exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = "2.10.3";
+/**
+ * Versions 2.11.1+ of the CodeQL Bundle include a `security-experimental` built-in query suite for each language.
+ */
+exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = "2.12.1";
 /**
  * Set up CodeQL CLI access.
  *
@@ -101,16 +105,15 @@ exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = "2.10.3";
  * @param apiDetails
  * @param tempDir
  * @param variant
- * @param bypassToolcache
  * @param defaultCliVersion
  * @param logger
  * @param checkVersion Whether to check that CodeQL CLI meets the minimum
  *        version requirement. Must be set to true outside tests.
  * @returns a { CodeQL, toolsVersion } object.
  */
-async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, bypassToolcache, defaultCliVersion, logger, checkVersion) {
+async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger, checkVersion) {
     try {
-        const { codeqlFolder, toolsVersion } = await setupCodeql.setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, bypassToolcache, defaultCliVersion, logger);
+        const { codeqlFolder, toolsDownloadDurationMs, toolsSource, toolsVersion } = await setupCodeql.setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger);
         let codeqlCmd = path.join(codeqlFolder, "codeql", "codeql");
         if (process.platform === "win32") {
             codeqlCmd += ".exe";
@@ -119,7 +122,12 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, bypassToolc
             throw new Error(`Unsupported platform: ${process.platform}`);
         }
         cachedCodeQL = await getCodeQLForCmd(codeqlCmd, checkVersion);
-        return { codeql: cachedCodeQL, toolsVersion };
+        return {
+            codeql: cachedCodeQL,
+            toolsDownloadDurationMs,
+            toolsSource,
+            toolsVersion,
+        };
     }
     catch (e) {
         logger.error(e instanceof Error ? e : new Error(String(e)));

lib/codeql.test.js

@@ -42,6 +42,7 @@ const api = __importStar(require("./api-client"));
 const codeql = __importStar(require("./codeql"));
 const defaults = __importStar(require("./defaults.json"));
 const feature_flags_1 = require("./feature-flags");
+const init_1 = require("./init");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
@@ -96,7 +97,7 @@ ava_1.default.beforeEach(() => {
  * @returns the download URL for the bundle. This can be passed to the tools parameter of
  * `codeql.setupCodeQL`.
  */
-function mockDownloadApi({ apiDetails = sampleApiDetails, isPinned, tagName, }) {
+function mockDownloadApi({ apiDetails = sampleApiDetails, isPinned, repo = "github/codeql-action", platformSpecific = true, tagName, }) {
     const platform = process.platform === "win32"
         ? "win64"
         : process.platform === "linux"
@@ -104,7 +105,7 @@ function mockDownloadApi({ apiDetails = sampleApiDetails, isPinned, tagName, })
             : "osx64";
     const baseUrl = apiDetails?.url ?? "https://example.com";
     const relativeUrl = apiDetails
-        ? `/github/codeql-action/releases/download/${tagName}/codeql-bundle-${platform}.tar.gz`
+        ? `/${repo}/releases/download/${tagName}/codeql-bundle${platformSpecific ? `-${platform}` : ""}.tar.gz`
         : `/download/${tagName}/codeql-bundle.tar.gz`;
     (0, nock_1.default)(baseUrl)
         .get(relativeUrl)
@@ -113,7 +114,7 @@ function mockDownloadApi({ apiDetails = sampleApiDetails, isPinned, tagName, })
 }
 async function installIntoToolcache({ apiDetails = sampleApiDetails, cliVersion, isPinned, tagName, tmpDir, }) {
     const url = mockDownloadApi({ apiDetails, isPinned, tagName });
-    await codeql.setupCodeQL(cliVersion !== undefined ? undefined : url, apiDetails, tmpDir, util.GitHubVariant.GHES, false, cliVersion !== undefined
+    await codeql.setupCodeQL(cliVersion !== undefined ? undefined : url, apiDetails, tmpDir, util.GitHubVariant.GHES, cliVersion !== undefined
         ? { cliVersion, tagName, variant: util.GitHubVariant.GHES }
         : SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
 }
@@ -152,9 +153,11 @@ function mockApiDetails(apiDetails) {
                 tagName: `codeql-bundle-${version}`,
                 isPinned: false,
             });
-            const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
+            const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
             t.assert(toolcache.find("CodeQL", `0.0.0-${version}`));
             t.is(result.toolsVersion, `0.0.0-${version}`);
+            t.is(result.toolsSource, init_1.ToolsSource.Download);
+            t.assert(Number.isInteger(result.toolsDownloadDurationMs));
         }
         t.is(toolcache.findAllVersions("CodeQL").length, 2);
     });
@@ -170,9 +173,11 @@ function mockApiDetails(apiDetails) {
         const url = mockDownloadApi({
             tagName: "codeql-bundle-20200610",
         });
-        const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
+        const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
         t.assert(toolcache.find("CodeQL", "0.0.0-20200610"));
         t.deepEqual(result.toolsVersion, "0.0.0-20200610");
+        t.is(result.toolsSource, init_1.ToolsSource.Download);
+        t.assert(Number.isInteger(result.toolsDownloadDurationMs));
     });
 });
 const EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES = [
@@ -202,65 +207,59 @@ for (const { cliVersion, expectedToolcacheVersion, } of EXPLICITLY_REQUESTED_BUN
             const url = mockDownloadApi({
                 tagName: "codeql-bundle-20200610",
             });
-            const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
+            const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
             t.assert(releaseApiMock.isDone(), "Releases API should have been called");
             t.assert(toolcache.find("CodeQL", expectedToolcacheVersion));
             t.deepEqual(result.toolsVersion, cliVersion);
+            t.is(result.toolsSource, init_1.ToolsSource.Download);
+            t.assert(Number.isInteger(result.toolsDownloadDurationMs));
         });
     });
 }
-for (const { isCached, tagName, toolcacheCliVersion } of [
+for (const { githubReleases, toolcacheVersion } of [
+    // Test that we use the tools from the toolcache when `SAMPLE_DEFAULT_CLI_VERSION` is requested
+    // and `SAMPLE_DEFAULT_CLI_VERSION-` is in the toolcache.
     {
-        isCached: true,
-        tagName: "codeql-bundle-20230101",
-        toolcacheCliVersion: SAMPLE_DEFAULT_CLI_VERSION.cliVersion,
+        toolcacheVersion: SAMPLE_DEFAULT_CLI_VERSION.cliVersion,
     },
     {
-        isCached: true,
-        // By leaving toolcacheCliVersion undefined, the bundle will be installed
-        // into the toolcache as `${SAMPLE_DEFAULT_CLI_VERSION.cliVersion}-20230101`.
-        // This lets us test that `x.y.z-yyyymmdd` toolcache versions are used if an
-        // `x.y.z` version isn't in the toolcache.
-        tagName: `codeql-bundle-${SAMPLE_DEFAULT_CLI_VERSION.cliVersion}-20230101`,
+        githubReleases: {
+            "codeql-bundle-20230101": `cli-version-${SAMPLE_DEFAULT_CLI_VERSION.cliVersion}.txt`,
+        },
+        toolcacheVersion: "0.0.0-20230101",
     },
     {
-        isCached: false,
-        tagName: "codeql-bundle-20230101",
+        toolcacheVersion: `${SAMPLE_DEFAULT_CLI_VERSION.cliVersion}-20230101`,
     },
 ]) {
-    (0, ava_1.default)(`uses default version on Dotcom when default version bundle ${tagName} is ${isCached ? "" : "not "}cached`, async (t) => {
+    (0, ava_1.default)(`uses tools from toolcache when ${SAMPLE_DEFAULT_CLI_VERSION.cliVersion} is requested and ` +
+        `${toolcacheVersion} is installed`, async (t) => {
         await util.withTmpDir(async (tmpDir) => {
             (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-            if (isCached) {
-                await installIntoToolcache({
-                    cliVersion: toolcacheCliVersion,
-                    tagName,
-                    isPinned: true,
-                    tmpDir,
-                });
-            }
-            else {
-                mockDownloadApi({
-                    tagName,
-                });
+            sinon
+                .stub(toolcache, "find")
+                .withArgs("CodeQL", toolcacheVersion)
+                .returns("path/to/cached/codeql");
+            sinon.stub(toolcache, "findAllVersions").returns([toolcacheVersion]);
+            if (githubReleases) {
                 sinon.stub(api, "getApiClient").value(() => ({
                     repos: {
                         listReleases: sinon.stub().resolves(undefined),
                     },
-                    paginate: sinon.stub().resolves([
-                        {
-                            assets: [
-                                {
-                                    name: "cli-version-2.0.0.txt",
-                                },
-                            ],
-                            tag_name: tagName,
-                        },
-                    ]),
+                    paginate: sinon.stub().resolves(Object.entries(githubReleases).map(([releaseTagName, cliVersionMarkerFile]) => ({
+                        assets: [
+                            {
+                                name: cliVersionMarkerFile,
+                            },
+                        ],
+                        tag_name: releaseTagName,
+                    }))),
                 }));
             }
-            const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
+            const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
             t.is(result.toolsVersion, SAMPLE_DEFAULT_CLI_VERSION.cliVersion);
+            t.is(result.toolsSource, init_1.ToolsSource.Toolcache);
+            t.is(result.toolsDownloadDurationMs, undefined);
         });
     });
 }
@@ -273,12 +272,14 @@ for (const variant of [util.GitHubVariant.GHAE, util.GitHubVariant.GHES]) {
                 isPinned: true,
                 tmpDir,
             });
-            const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, variant, false, {
+            const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, variant, {
                 cliVersion: defaults.cliVersion,
                 tagName: defaults.bundleVersion,
                 variant,
             }, (0, logging_1.getRunnerLogger)(true), false);
             t.deepEqual(result.toolsVersion, "0.0.0-20200601");
+            t.is(result.toolsSource, init_1.ToolsSource.Toolcache);
+            t.is(result.toolsDownloadDurationMs, undefined);
             const cachedVersions = toolcache.findAllVersions("CodeQL");
             t.is(cachedVersions.length, 1);
         });
@@ -294,12 +295,14 @@ for (const variant of [util.GitHubVariant.GHAE, util.GitHubVariant.GHES]) {
             mockDownloadApi({
                 tagName: defaults.bundleVersion,
             });
-            const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, variant, false, {
+            const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, variant, {
                 cliVersion: defaults.cliVersion,
                 tagName: defaults.bundleVersion,
                 variant,
             }, (0, logging_1.getRunnerLogger)(true), false);
             t.deepEqual(result.toolsVersion, defaults.cliVersion);
+            t.is(result.toolsSource, init_1.ToolsSource.Download);
+            t.assert(Number.isInteger(result.toolsDownloadDurationMs));
             const cachedVersions = toolcache.findAllVersions("CodeQL");
             t.is(cachedVersions.length, 2);
         });
@@ -316,45 +319,81 @@ for (const variant of [util.GitHubVariant.GHAE, util.GitHubVariant.GHES]) {
         mockDownloadApi({
             tagName: defaults.bundleVersion,
         });
-        const result = await codeql.setupCodeQL("latest", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
+        const result = await codeql.setupCodeQL("latest", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
         t.deepEqual(result.toolsVersion, defaults.cliVersion);
+        t.is(result.toolsSource, init_1.ToolsSource.Download);
+        t.assert(Number.isInteger(result.toolsDownloadDurationMs));
         const cachedVersions = toolcache.findAllVersions("CodeQL");
         t.is(cachedVersions.length, 2);
     });
 });
-(0, ava_1.default)("download codeql bundle from github ae endpoint", async (t) => {
+for (const isBundleVersionInUrl of [true, false]) {
+    const inclusionString = isBundleVersionInUrl
+        ? "includes"
+        : "does not include";
+    (0, ava_1.default)(`download codeql bundle from github ae endpoint (URL ${inclusionString} bundle version)`, async (t) => {
+        await util.withTmpDir(async (tmpDir) => {
+            (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
+            const bundleAssetID = 10;
+            const platform = process.platform === "win32"
+                ? "win64"
+                : process.platform === "linux"
+                    ? "linux64"
+                    : "osx64";
+            const codeQLBundleName = `codeql-bundle-${platform}.tar.gz`;
+            const eventualDownloadUrl = isBundleVersionInUrl
+                ? `https://example.githubenterprise.com/github/codeql-action/releases/download/${defaults.bundleVersion}/${codeQLBundleName}`
+                : `https://example.githubenterprise.com/api/v3/repos/github/codeql-action/releases/assets/${bundleAssetID}`;
+            (0, nock_1.default)("https://example.githubenterprise.com")
+                .get(`/api/v3/enterprise/code-scanning/codeql-bundle/find/${defaults.bundleVersion}`)
+                .reply(200, {
+                assets: { [codeQLBundleName]: bundleAssetID },
+            });
+            (0, nock_1.default)("https://example.githubenterprise.com")
+                .get(`/api/v3/enterprise/code-scanning/codeql-bundle/download/${bundleAssetID}`)
+                .reply(200, {
+                url: eventualDownloadUrl,
+            });
+            (0, nock_1.default)("https://example.githubenterprise.com")
+                .get(eventualDownloadUrl.replace("https://example.githubenterprise.com", ""))
+                .replyWithFile(200, path_1.default.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
+            mockApiDetails(sampleGHAEApiDetails);
+            sinon.stub(actionsUtil, "isRunningLocalAction").returns(false);
+            process.env["GITHUB_ACTION_REPOSITORY"] = "github/codeql-action";
+            const result = await codeql.setupCodeQL(undefined, sampleGHAEApiDetails, tmpDir, util.GitHubVariant.GHAE, {
+                cliVersion: defaults.cliVersion,
+                tagName: defaults.bundleVersion,
+                variant: util.GitHubVariant.GHAE,
+            }, (0, logging_1.getRunnerLogger)(true), false);
+            t.is(result.toolsSource, init_1.ToolsSource.Download);
+            t.assert(Number.isInteger(result.toolsDownloadDurationMs));
+            const cachedVersions = toolcache.findAllVersions("CodeQL");
+            t.is(cachedVersions.length, 1);
+        });
+    });
+}
+(0, ava_1.default)("bundle URL from another repo is cached as 0.0.0-bundleVersion", async (t) => {
     await util.withTmpDir(async (tmpDir) => {
         (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-        const bundleAssetID = 10;
-        const platform = process.platform === "win32"
-            ? "win64"
-            : process.platform === "linux"
-                ? "linux64"
-                : "osx64";
-        const codeQLBundleName = `codeql-bundle-${platform}.tar.gz`;
-        (0, nock_1.default)("https://example.githubenterprise.com")
-            .get(`/api/v3/enterprise/code-scanning/codeql-bundle/find/${defaults.bundleVersion}`)
-            .reply(200, {
-            assets: { [codeQLBundleName]: bundleAssetID },
+        mockApiDetails(sampleApiDetails);
+        sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
+        const releasesApiMock = mockReleaseApi({
+            assetNames: ["cli-version-2.12.2.txt"],
+            tagName: "codeql-bundle-20230203",
         });
-        (0, nock_1.default)("https://example.githubenterprise.com")
-            .get(`/api/v3/enterprise/code-scanning/codeql-bundle/download/${bundleAssetID}`)
-            .reply(200, {
-            url: `https://example.githubenterprise.com/github/codeql-action/releases/download/${defaults.bundleVersion}/${codeQLBundleName}`,
+        mockDownloadApi({
+            repo: "dsp-testing/codeql-cli-nightlies",
+            platformSpecific: false,
+            tagName: "codeql-bundle-20230203",
         });
-        (0, nock_1.default)("https://example.githubenterprise.com")
-            .get(`/github/codeql-action/releases/download/${defaults.bundleVersion}/${codeQLBundleName}`)
-            .replyWithFile(200, path_1.default.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
-        mockApiDetails(sampleGHAEApiDetails);
-        sinon.stub(actionsUtil, "isRunningLocalAction").returns(false);
-        process.env["GITHUB_ACTION_REPOSITORY"] = "github/codeql-action";
-        await codeql.setupCodeQL(undefined, sampleGHAEApiDetails, tmpDir, util.GitHubVariant.GHAE, false, {
-            cliVersion: defaults.cliVersion,
-            tagName: defaults.bundleVersion,
-            variant: util.GitHubVariant.GHAE,
-        }, (0, logging_1.getRunnerLogger)(true), false);
+        const result = await codeql.setupCodeQL("https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-20230203/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
+        t.is(result.toolsVersion, "0.0.0-20230203");
+        t.is(result.toolsSource, init_1.ToolsSource.Download);
+        t.true(Number.isInteger(result.toolsDownloadDurationMs));
         const cachedVersions = toolcache.findAllVersions("CodeQL");
         t.is(cachedVersions.length, 1);
+        t.is(cachedVersions[0], "0.0.0-20230203");
+        t.false(releasesApiMock.isDone());
     });
 });
 (0, ava_1.default)("getExtraOptions works for explicit paths", (t) => {

lib/config-utils.js

@@ -26,7 +26,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.downloadPacks = exports.getConfig = exports.getPathToParsedConfigFile = exports.initConfig = exports.parsePacks = exports.validatePackSpecification = exports.prettyPrintPack = exports.parsePacksSpecification = exports.parsePacksFromConfig = exports.calculateAugmentation = exports.getDefaultConfig = exports.getRawLanguages = exports.getLanguages = exports.getLanguagesInRepo = exports.getUnknownLanguagesError = exports.getNoLanguagesError = exports.getConfigFileDirectoryGivenMessage = exports.getConfigFileFormatInvalidMessage = exports.getConfigFileRepoFormatInvalidMessage = exports.getConfigFileDoesNotExistErrorMessage = exports.getConfigFileOutsideWorkspaceErrorMessage = exports.getLocalPathDoesNotExist = exports.getLocalPathOutsideOfRepository = exports.getPacksStrInvalid = exports.getPacksInvalid = exports.getPacksInvalidSplit = exports.getPathsInvalid = exports.getPathsIgnoreInvalid = exports.getQueryUsesInvalid = exports.getQueriesMissingUses = exports.getQueriesInvalid = exports.getDisableDefaultQueriesInvalid = exports.getNameInvalid = exports.validateAndSanitisePath = exports.defaultAugmentationProperties = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
-// We need to import `performance` on Node 12
 const perf_hooks_1 = require("perf_hooks");
 const yaml = __importStar(require("js-yaml"));
 const semver = __importStar(require("semver"));
@@ -132,7 +131,11 @@ async function addDefaultQueries(codeQL, languages, resultMap) {
     await runResolveQueries(codeQL, resultMap, suites, undefined);
 }
 // The set of acceptable values for built-in suites from the codeql bundle
-const builtinSuites = ["security-extended", "security-and-quality"];
+const builtinSuites = [
+    "security-experimental",
+    "security-extended",
+    "security-and-quality",
+];
 /**
  * Determine the set of queries associated with suiteName's suites and add them to resultMap.
  * Throws an error if suiteName is not a valid builtin suite.
@@ -144,6 +147,12 @@ async function addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, suite
     if (!found) {
         throw new Error(getQueryUsesInvalid(configFile, suiteName));
     }
+    if (suiteName === "security-experimental" &&
+        !(await (0, util_1.codeQlVersionAbove)(codeQL, codeql_1.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE))) {
+        throw new Error(`The 'security-experimental' suite is not supported on CodeQL CLI versions earlier than 
+      ${codeql_1.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE}. Please upgrade to CodeQL CLI version
+      ${codeql_1.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE} or later.`);
+    }
     // If we're running the JavaScript security-extended analysis (or a superset of it), the repo is
     // opted into the ML-powered queries beta, and a user hasn't already added the ML-powered query
     // pack, then add the ML-powered query pack so that we run ML-powered queries.
@@ -152,7 +161,9 @@ async function addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, suite
     (process.platform !== "win32" ||
         (await (0, util_1.codeQlVersionAbove)(codeQL, codeql_1.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS))) &&
         languages.includes("javascript") &&
-        (found === "security-extended" || found === "security-and-quality") &&
+        (found === "security-experimental" ||
+            found === "security-extended" ||
+            found === "security-and-quality") &&
         !packs.javascript?.some(isMlPoweredJsQueriesPack) &&
         (await featureEnablement.getValue(feature_flags_1.Feature.MlPoweredQueriesEnabled, codeQL))) {
         if (!packs.javascript) {
@@ -894,7 +905,8 @@ exports.parsePacks = parsePacks;
  * Without a '+', an input value will override the corresponding value in the config file.
  *
  * @param inputValue The input value to process.
- * @returns true if the input value should replace the corresponding value in the config file, false if it should be appended.
+ * @returns true if the input value should replace the corresponding value in the config file,
+ *          false if it should be appended.
  */
 function shouldCombine(inputValue) {
     return !!inputValue?.trim().startsWith("+");

lib/config-utils.test.js

@@ -1014,7 +1014,7 @@ const mlPoweredQueriesMacro = ava_1.default.macro({
 // Test that the ~0.1.0 version of ML-powered queries is run on v2.8.3 of the CLI.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.8.3", true, undefined, "security-extended", process.platform === "win32" ? undefined : "~0.1.0");
 // Test that ML-powered queries aren't run when the user hasn't specified that we should run the
-// `security-extended` or `security-and-quality` query suite.
+//  `security-extended`, `security-and-quality`, or `security-experimental` query suite.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, undefined, undefined, undefined);
 // Test that ML-powered queries are run on non-Windows platforms running `security-extended` on
 // versions of the CodeQL CLI prior to 2.9.0.
@@ -1042,6 +1042,9 @@ const mlPoweredQueriesMacro = ava_1.default.macro({
 // Test that ML-powered queries are run on all platforms running `security-and-quality` on CodeQL
 // CLI 2.11.3+.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.11.3", true, undefined, "security-and-quality", "~0.4.0");
+// Test that ML-powered queries are run on all platforms running `security-experimental` on CodeQL
+// CLI 2.12.1+.
+(0, ava_1.default)(mlPoweredQueriesMacro, "2.12.1", true, undefined, "security-experimental", "~0.4.0");
 const calculateAugmentationMacro = ava_1.default.macro({
     exec: async (t, _title, rawPacksInput, rawQueriesInput, languages, expectedAugmentationProperties) => {
         const actualAugmentationProperties = configUtils.calculateAugmentation(rawPacksInput, rawQueriesInput, languages);

lib/defaults.json

@@ -1,6 +1,6 @@
 {
-    "bundleVersion": "codeql-bundle-20230105",
-    "cliVersion": "2.12.0",
-    "priorBundleVersion": "codeql-bundle-20221211",
-    "priorCliVersion": "2.11.6"
+    "bundleVersion": "codeql-bundle-20230207",
+    "cliVersion": "2.12.2",
+    "priorBundleVersion": "codeql-bundle-20230120",
+    "priorCliVersion": "2.12.1"
 }

lib/feature-flags.js

@@ -32,30 +32,14 @@ const defaults = __importStar(require("./defaults.json"));
 const util = __importStar(require("./util"));
 const DEFAULT_VERSION_FEATURE_FLAG_PREFIX = "default_codeql_version_";
 const DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled";
-const MINIMUM_ENABLED_CODEQL_VERSION = "2.11.6";
 var Feature;
 (function (Feature) {
-    Feature["BypassToolcacheEnabled"] = "bypass_toolcache_enabled";
-    Feature["BypassToolcacheKotlinSwiftEnabled"] = "bypass_toolcache_kotlin_swift_enabled";
     Feature["CliConfigFileEnabled"] = "cli_config_file_enabled";
     Feature["DisableKotlinAnalysisEnabled"] = "disable_kotlin_analysis_enabled";
     Feature["MlPoweredQueriesEnabled"] = "ml_powered_queries_enabled";
-    Feature["TrapCachingEnabled"] = "trap_caching_enabled";
     Feature["UploadFailedSarifEnabled"] = "upload_failed_sarif_enabled";
 })(Feature = exports.Feature || (exports.Feature = {}));
 exports.featureConfig = {
-    [Feature.BypassToolcacheEnabled]: {
-        envVar: "CODEQL_BYPASS_TOOLCACHE",
-        // Cannot specify a minimum version because this flag is checked before we have
-        // access to the CodeQL instance.
-        minimumVersion: undefined,
-    },
-    [Feature.BypassToolcacheKotlinSwiftEnabled]: {
-        envVar: "CODEQL_BYPASS_TOOLCACHE_KOTLIN_SWIFT",
-        // Cannot specify a minimum version because this flag is checked before we have
-        // access to the CodeQL instance.
-        minimumVersion: undefined,
-    },
     [Feature.DisableKotlinAnalysisEnabled]: {
         envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
         minimumVersion: undefined,
@@ -68,10 +52,6 @@ exports.featureConfig = {
         envVar: "CODEQL_ML_POWERED_QUERIES",
         minimumVersion: "2.7.5",
     },
-    [Feature.TrapCachingEnabled]: {
-        envVar: "CODEQL_TRAP_CACHING",
-        minimumVersion: undefined,
-    },
     [Feature.UploadFailedSarifEnabled]: {
         envVar: "CODEQL_ACTION_UPLOAD_FAILED_SARIF",
         minimumVersion: "2.11.3",
@@ -106,10 +86,6 @@ class Features {
         if (!codeql && exports.featureConfig[feature].minimumVersion) {
             throw new Error(`Internal error: A minimum version is specified for feature ${feature}, but no instance of CodeQL was provided.`);
         }
-        // Bypassing the toolcache is disabled in test mode.
-        if (feature === Feature.BypassToolcacheEnabled && util.isInTestMode()) {
-            return false;
-        }
         const envVar = (process.env[exports.featureConfig[feature].envVar] || "").toLocaleLowerCase();
         // Do not use this feature if user explicitly disables it via an environment variable.
         if (envVar === "false") {
@@ -137,7 +113,7 @@ class GitHubFeatureFlags {
         this.repositoryNwo = repositoryNwo;
         this.featureFlagsFile = featureFlagsFile;
         this.logger = logger;
-        /**/
+        this.hasAccessedRemoteFeatureFlags = false; // Not accessed by default.
     }
     getCliVersionFromFeatureFlag(f) {
         if (!f.startsWith(DEFAULT_VERSION_FEATURE_FLAG_PREFIX) ||
@@ -155,8 +131,12 @@ class GitHubFeatureFlags {
     }
     async getDefaultCliVersion(variant) {
         if (variant === util.GitHubVariant.DOTCOM) {
+            const defaultDotComCliVersion = await this.getDefaultDotcomCliVersion();
             return {
-                cliVersion: await this.getDefaultDotcomCliVersion(),
+                cliVersion: defaultDotComCliVersion.version,
+                toolsFeatureFlagsValid: this.hasAccessedRemoteFeatureFlags
+                    ? defaultDotComCliVersion.toolsFeatureFlagsValid
+                    : undefined,
                 variant,
             };
         }
@@ -173,13 +153,28 @@ class GitHubFeatureFlags {
             .filter((f) => f !== undefined)
             .map((f) => f);
         if (enabledFeatureFlagCliVersions.length === 0) {
-            this.logger.debug("Feature flags do not specify a default CLI version. Falling back to CLI version " +
-                `${MINIMUM_ENABLED_CODEQL_VERSION}.`);
-            return MINIMUM_ENABLED_CODEQL_VERSION;
+            // We expect at least one default CLI version to be enabled on Dotcom at any time. However if
+            // the feature flags are misconfigured, rather than crashing, we fall back to the CLI version
+            // shipped with the Action in defaults.json. This has the effect of immediately rolling out
+            // new CLI versions to all users running the latest Action.
+            //
+            // A drawback of this approach relates to the small number of users that run old versions of
+            // the Action on Dotcom. As a result of this approach, if we misconfigure the feature flags
+            // then these users will experience some alert churn. This is because the CLI version in the
+            // defaults.json shipped with an old version of the Action is likely older than the CLI
+            // version that would have been specified by the feature flags before they were misconfigured.
+            this.logger.warning("Feature flags do not specify a default CLI version. Falling back to the CLI version " +
+                `shipped with the Action. This is ${defaults.cliVersion}.`);
+            return {
+                version: defaults.cliVersion,
+                toolsFeatureFlagsValid: this.hasAccessedRemoteFeatureFlags
+                    ? false
+                    : undefined,
+            };
         }
         const maxCliVersion = enabledFeatureFlagCliVersions.reduce((maxVersion, currentVersion) => currentVersion > maxVersion ? currentVersion : maxVersion, enabledFeatureFlagCliVersions[0]);
         this.logger.debug(`Derived default CLI version of ${maxCliVersion} from feature flags.`);
-        return maxCliVersion;
+        return { version: maxCliVersion, toolsFeatureFlagsValid: true };
     }
     async getValue(feature) {
         const response = await this.getAllFeatures();
@@ -241,6 +236,7 @@ class GitHubFeatureFlags {
         // Do nothing when not running against github.com
         if (this.gitHubVersion.type !== util.GitHubVariant.DOTCOM) {
             this.logger.debug("Not running against github.com. Disabling all toggleable features.");
+            this.hasAccessedRemoteFeatureFlags = false;
             return {};
         }
         try {
@@ -251,6 +247,7 @@ class GitHubFeatureFlags {
             const remoteFlags = response.data;
             this.logger.debug("Loaded the following default values for the feature flags from the Code Scanning API: " +
                 `${JSON.stringify(remoteFlags)}`);
+            this.hasAccessedRemoteFeatureFlags = true;
             return remoteFlags;
         }
         catch (e) {
@@ -259,6 +256,7 @@ class GitHubFeatureFlags {
                     "As a result, it will not be opted into any experimental features. " +
                     "This could be because the Action is running on a pull request from a fork. If not, " +
                     `please ensure the Action has the 'security-events: write' permission. Details: ${e}`);
+                this.hasAccessedRemoteFeatureFlags = false;
                 return {};
             }
             else {
@@ -269,7 +267,6 @@ class GitHubFeatureFlags {
                 throw new Error(`Encountered an error while trying to determine feature enablement: ${e}`);
             }
         }
-        return {};
     }
 }
 //# sourceMappingURL=feature-flags.js.map

lib/feature-flags.test.js

@@ -217,7 +217,8 @@ for (const variant of [util_1.GitHubVariant.GHAE, util_1.GitHubVariant.GHES]) {
     (0, ava_1.default)(`selects CLI from defaults.json on ${util_1.GitHubVariant[variant]}`, async (t) => {
         await (0, util_1.withTmpDir)(async (tmpDir) => {
             const features = setUpFeatureFlagTests(tmpDir);
-            t.deepEqual(await features.getDefaultCliVersion(variant), {
+            const defaultCliVersion = await features.getDefaultCliVersion(variant);
+            t.deepEqual(defaultCliVersion, {
                 cliVersion: defaults.cliVersion,
                 tagName: defaults.bundleVersion,
                 variant,
@@ -236,19 +237,23 @@ for (const variant of [util_1.GitHubVariant.GHAE, util_1.GitHubVariant.GHES]) {
         expectedFeatureEnablement["default_codeql_version_2_12_4_enabled"] = false;
         expectedFeatureEnablement["default_codeql_version_2_12_5_enabled"] = false;
         (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, expectedFeatureEnablement);
-        t.deepEqual(await featureEnablement.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM), {
+        const defaultCliVersion = await featureEnablement.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM);
+        t.deepEqual(defaultCliVersion, {
             cliVersion: "2.12.1",
+            toolsFeatureFlagsValid: true,
             variant: util_1.GitHubVariant.DOTCOM,
         });
     });
 });
-(0, ava_1.default)(`selects CLI v2.11.6 on Dotcom when no default version feature flags are enabled`, async (t) => {
+(0, ava_1.default)(`selects CLI from defaults.json on Dotcom when no default version feature flags are enabled`, async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {
         const featureEnablement = setUpFeatureFlagTests(tmpDir);
         const expectedFeatureEnablement = initializeFeatures(true);
         (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, expectedFeatureEnablement);
-        t.deepEqual(await featureEnablement.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM), {
-            cliVersion: "2.11.6",
+        const defaultCliVersion = await featureEnablement.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM);
+        t.deepEqual(defaultCliVersion, {
+            cliVersion: defaults.cliVersion,
+            toolsFeatureFlagsValid: false,
             variant: util_1.GitHubVariant.DOTCOM,
         });
     });
@@ -263,8 +268,10 @@ for (const variant of [util_1.GitHubVariant.GHAE, util_1.GitHubVariant.GHES]) {
         expectedFeatureEnablement["default_codeql_version_2_12_invalid_enabled"] =
             true;
         (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, expectedFeatureEnablement);
-        t.deepEqual(await featureEnablement.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM), {
+        const defaultCliVersion = await featureEnablement.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM);
+        t.deepEqual(defaultCliVersion, {
             cliVersion: "2.12.1",
+            toolsFeatureFlagsValid: true,
             variant: util_1.GitHubVariant.DOTCOM,
         });
         t.assert(loggedMessages.find((v) => v.type === "warning" &&

lib/init-action.js

@@ -36,42 +36,63 @@ const repository_1 = require("./repository");
 const trap_caching_1 = require("./trap-caching");
 const util_1 = require("./util");
 const workflow_1 = require("./workflow");
-async function sendSuccessStatusReport(startedAt, config, toolsVersion, logger) {
-    const statusReportBase = await (0, actions_util_1.createStatusReportBase)("init", "success", startedAt);
-    const languages = config.languages.join(",");
+async function sendInitStatusReport(actionStatus, startedAt, config, toolsDownloadDurationMs, toolsFeatureFlagsValid, toolsSource, toolsVersion, logger) {
+    const statusReportBase = await (0, actions_util_1.createStatusReportBase)("init", actionStatus, startedAt);
     const workflowLanguages = (0, actions_util_1.getOptionalInput)("languages");
-    const paths = (config.originalUserInput.paths || []).join(",");
-    const pathsIgnore = (config.originalUserInput["paths-ignore"] || []).join(",");
-    const disableDefaultQueries = config.originalUserInput["disable-default-queries"]
-        ? languages
-        : "";
-    const queries = [];
-    let queriesInput = (0, actions_util_1.getOptionalInput)("queries")?.trim();
-    if (queriesInput === undefined || queriesInput.startsWith("+")) {
-        queries.push(...(config.originalUserInput.queries || []).map((q) => q.uses));
-    }
-    if (queriesInput !== undefined) {
-        queriesInput = queriesInput.startsWith("+")
-            ? queriesInput.slice(1)
-            : queriesInput;
-        queries.push(...queriesInput.split(","));
-    }
-    const statusReport = {
+    const initStatusReport = {
         ...statusReportBase,
-        disable_default_queries: disableDefaultQueries,
-        languages,
-        ml_powered_javascript_queries: (0, util_1.getMlPoweredJsQueriesStatus)(config),
-        paths,
-        paths_ignore: pathsIgnore,
-        queries: queries.join(","),
         tools_input: (0, actions_util_1.getOptionalInput)("tools") || "",
         tools_resolved_version: toolsVersion,
+        tools_source: toolsSource || init_1.ToolsSource.Unknown,
         workflow_languages: workflowLanguages || "",
-        trap_cache_languages: Object.keys(config.trapCaches).join(","),
-        trap_cache_download_size_bytes: Math.round(await (0, trap_caching_1.getTotalCacheSize)(config.trapCaches, logger)),
-        trap_cache_download_duration_ms: Math.round(config.trapCacheDownloadTime),
     };
-    await (0, actions_util_1.sendStatusReport)(statusReport);
+    const initToolsDownloadFields = {};
+    if (toolsDownloadDurationMs !== undefined) {
+        initToolsDownloadFields.tools_download_duration_ms =
+            toolsDownloadDurationMs;
+    }
+    if (toolsFeatureFlagsValid !== undefined) {
+        initToolsDownloadFields.tools_feature_flags_valid = toolsFeatureFlagsValid;
+    }
+    if (config !== undefined) {
+        const languages = config.languages.join(",");
+        const paths = (config.originalUserInput.paths || []).join(",");
+        const pathsIgnore = (config.originalUserInput["paths-ignore"] || []).join(",");
+        const disableDefaultQueries = config.originalUserInput["disable-default-queries"]
+            ? languages
+            : "";
+        const queries = [];
+        let queriesInput = (0, actions_util_1.getOptionalInput)("queries")?.trim();
+        if (queriesInput === undefined || queriesInput.startsWith("+")) {
+            queries.push(...(config.originalUserInput.queries || []).map((q) => q.uses));
+        }
+        if (queriesInput !== undefined) {
+            queriesInput = queriesInput.startsWith("+")
+                ? queriesInput.slice(1)
+                : queriesInput;
+            queries.push(...queriesInput.split(","));
+        }
+        // Append fields that are dependent on `config`
+        const initWithConfigStatusReport = {
+            ...initStatusReport,
+            disable_default_queries: disableDefaultQueries,
+            languages,
+            ml_powered_javascript_queries: (0, util_1.getMlPoweredJsQueriesStatus)(config),
+            paths,
+            paths_ignore: pathsIgnore,
+            queries: queries.join(","),
+            trap_cache_languages: Object.keys(config.trapCaches).join(","),
+            trap_cache_download_size_bytes: Math.round(await (0, trap_caching_1.getTotalCacheSize)(config.trapCaches, logger)),
+            trap_cache_download_duration_ms: Math.round(config.trapCacheDownloadTime),
+        };
+        await (0, actions_util_1.sendStatusReport)({
+            ...initWithConfigStatusReport,
+            ...initToolsDownloadFields,
+        });
+    }
+    else {
+        await (0, actions_util_1.sendStatusReport)({ ...initStatusReport, ...initToolsDownloadFields });
+    }
 }
 async function run() {
     const startedAt = new Date();
@@ -79,6 +100,9 @@ async function run() {
     (0, util_1.initializeEnvironment)((0, actions_util_1.getActionVersion)());
     let config;
     let codeql;
+    let toolsDownloadDurationMs;
+    let toolsFeatureFlagsValid;
+    let toolsSource;
     let toolsVersion;
     const apiDetails = {
         auth: (0, actions_util_1.getRequiredInput)("token"),
@@ -95,12 +119,17 @@ async function run() {
         if (!(await (0, actions_util_1.sendStatusReport)(await (0, actions_util_1.createStatusReportBase)("init", "starting", startedAt, workflowErrors)))) {
             return;
         }
-        const defaultCliVersion = await features.getDefaultCliVersion(gitHubVersion.type);
-        const initCodeQLResult = await (0, init_1.initCodeQL)((0, actions_util_1.getOptionalInput)("tools"), apiDetails, (0, actions_util_1.getTemporaryDirectory)(), gitHubVersion.type, await (0, util_1.shouldBypassToolcache)(features, (0, actions_util_1.getOptionalInput)("tools"), (0, actions_util_1.getOptionalInput)("languages"), repositoryNwo, logger), defaultCliVersion, logger);
+        const codeQLDefaultVersionInfo = await features.getDefaultCliVersion(gitHubVersion.type);
+        if (codeQLDefaultVersionInfo.variant === util_1.GitHubVariant.DOTCOM) {
+            toolsFeatureFlagsValid = codeQLDefaultVersionInfo.toolsFeatureFlagsValid;
+        }
+        const initCodeQLResult = await (0, init_1.initCodeQL)((0, actions_util_1.getOptionalInput)("tools"), apiDetails, (0, actions_util_1.getTemporaryDirectory)(), gitHubVersion.type, codeQLDefaultVersionInfo, logger);
         codeql = initCodeQLResult.codeql;
+        toolsDownloadDurationMs = initCodeQLResult.toolsDownloadDurationMs;
         toolsVersion = initCodeQLResult.toolsVersion;
+        toolsSource = initCodeQLResult.toolsSource;
         await (0, util_1.enrichEnvironment)(codeql);
-        config = await (0, init_1.initConfig)((0, actions_util_1.getOptionalInput)("languages"), (0, actions_util_1.getOptionalInput)("queries"), (0, actions_util_1.getOptionalInput)("packs"), (0, actions_util_1.getOptionalInput)("registries"), (0, actions_util_1.getOptionalInput)("config-file"), (0, actions_util_1.getOptionalInput)("db-location"), await getTrapCachingEnabled(features), 
+        config = await (0, init_1.initConfig)((0, actions_util_1.getOptionalInput)("languages"), (0, actions_util_1.getOptionalInput)("queries"), (0, actions_util_1.getOptionalInput)("packs"), (0, actions_util_1.getOptionalInput)("registries"), (0, actions_util_1.getOptionalInput)("config-file"), (0, actions_util_1.getOptionalInput)("db-location"), getTrapCachingEnabled(), 
         // Debug mode is enabled if:
         // - The `init` Action is passed `debug: true`.
         // - Actions step debugging is enabled (e.g. by [enabling debug logging for a rerun](https://docs.github.com/en/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-all-the-jobs-in-a-workflow),
@@ -159,12 +188,12 @@ async function run() {
     catch (error) {
         core.setFailed(String(error));
         console.log(error);
-        await (0, actions_util_1.sendStatusReport)(await (0, actions_util_1.createStatusReportBase)("init", (0, actions_util_1.getActionsStatus)(error), startedAt, String(error), error instanceof Error ? error.stack : undefined));
+        await sendInitStatusReport((0, actions_util_1.getActionsStatus)(error), startedAt, config, toolsDownloadDurationMs, toolsFeatureFlagsValid, toolsSource, toolsVersion, logger);
         return;
     }
-    await sendSuccessStatusReport(startedAt, config, toolsVersion, logger);
+    await sendInitStatusReport("success", startedAt, config, toolsDownloadDurationMs, toolsFeatureFlagsValid, toolsSource, toolsVersion, logger);
 }
-async function getTrapCachingEnabled(featureEnablement) {
+function getTrapCachingEnabled() {
     // If the workflow specified something always respect that
     const trapCaching = (0, actions_util_1.getOptionalInput)("trap-caching");
     if (trapCaching !== undefined)
@@ -172,8 +201,8 @@ async function getTrapCachingEnabled(featureEnablement) {
     // On self-hosted runners which may have slow network access, disable TRAP caching by default
     if (!(0, util_1.isHostedRunner)())
         return false;
-    // On hosted runners, respect the feature flag
-    return await featureEnablement.getValue(feature_flags_1.Feature.TrapCachingEnabled);
+    // On hosted runners, enable TRAP caching by default
+    return true;
 }
 async function runWrapper() {
     try {

lib/init.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.installPythonDeps = exports.injectWindowsTracer = exports.runInit = exports.initConfig = exports.initCodeQL = void 0;
+exports.installPythonDeps = exports.injectWindowsTracer = exports.runInit = exports.initConfig = exports.initCodeQL = exports.ToolsSource = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
@@ -34,12 +34,19 @@ const configUtils = __importStar(require("./config-utils"));
 const tracer_config_1 = require("./tracer-config");
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
-async function initCodeQL(toolsInput, apiDetails, tempDir, variant, bypassToolcache, defaultCliVersion, logger) {
+var ToolsSource;
+(function (ToolsSource) {
+    ToolsSource["Unknown"] = "UNKNOWN";
+    ToolsSource["Local"] = "LOCAL";
+    ToolsSource["Toolcache"] = "TOOLCACHE";
+    ToolsSource["Download"] = "DOWNLOAD";
+})(ToolsSource = exports.ToolsSource || (exports.ToolsSource = {}));
+async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) {
     logger.startGroup("Setup CodeQL tools");
-    const { codeql, toolsVersion } = await (0, codeql_1.setupCodeQL)(toolsInput, apiDetails, tempDir, variant, bypassToolcache, defaultCliVersion, logger, true);
+    const { codeql, toolsDownloadDurationMs, toolsSource, toolsVersion } = await (0, codeql_1.setupCodeQL)(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger, true);
     await codeql.printVersion();
     logger.endGroup();
-    return { codeql, toolsVersion };
+    return { codeql, toolsDownloadDurationMs, toolsSource, toolsVersion };
 }
 exports.initCodeQL = initCodeQL;
 async function initConfig(languagesInput, queriesInput, packsInput, registriesInput, configFile, dbLocation, trapCachingEnabled, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureEnablement, logger) {

lib/init.js.map

@@ -1 +1 @@
-{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA2E;AAC3E,4DAA8C;AAI9C,mDAAwE;AACxE,6CAA+B;AAC/B,iCAA4C;AAErC,KAAK,UAAU,UAAU,CAC9B,UAA8B,EAC9B,UAA4B,EAC5B,OAAe,EACf,OAA2B,EAC3B,eAAwB,EACxB,iBAA2C,EAC3C,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,IAAA,oBAAW,EAChD,UAAU,EACV,UAAU,EACV,OAAO,EACP,OAAO,EACP,eAAe,EACf,iBAAiB,EACjB,MAAM,EACN,IAAI,CACL,CAAC;IACF,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;AAClC,CAAC;AAvBD,gCAuBC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,eAAmC,EACnC,UAA8B,EAC9B,UAA8B,EAC9B,kBAA2B,EAC3B,SAAkB,EAClB,iBAAyB,EACzB,iBAAyB,EACzB,UAAyB,EACzB,OAAe,EACf,MAAc,EACd,aAAqB,EACrB,aAAiC,EACjC,UAAoC,EACpC,iBAAoC,EACpC,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,eAAe,EACf,UAAU,EACV,UAAU,EACV,kBAAkB,EAClB,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,UAAU,EACV,OAAO,EACP,MAAM,EACN,aAAa,EACb,aAAa,EACb,UAAU,EACV,iBAAiB,EACjB,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AA5CD,gCA4CC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B,EAC1B,UAAkB,EAClB,WAA+B,EAC/B,iBAAoC,EACpC,MAAc;IAEd,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAErD,IAAI;QACF,IAAI,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,mCAA0B,CAAC,EAAE;YAChE,0BAA0B;YAC1B,MAAM,MAAM,CAAC,mBAAmB,CAC9B,MAAM,EACN,UAAU,EACV,WAAW,EACX,iBAAiB,EACjB,MAAM,CACP,CAAC;SACH;aAAM;YACL,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;gBACvC,yBAAyB;gBACzB,MAAM,MAAM,CAAC,YAAY,CACvB,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAC5C,QAAQ,EACR,UAAU,CACX,CAAC;aACH;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,YAAY,CAAC,CAAC,CAAC,CAAC;KACvB;IACD,OAAO,MAAM,IAAA,uCAAuB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AAlCD,0BAkCC;AAED;;;;;;;;GAQG;AACH,SAAS,YAAY,CAAC,CAAM;IAC1B,IAAI,CAAC,CAAC,CAAC,YAAY,KAAK,CAAC,EAAE;QACzB,OAAO,CAAC,CAAC;KACV;IAED;IACE,2BAA2B;IAC3B,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,8BAA8B,CAAC;QACnD,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,uCAAuC,CAAC,EAC5D;QACA,OAAO,IAAI,IAAI,CAAC,SAAS,CACvB,sDAAsD,CAAC,CAAC,OAAO,EAAE,CAClE,CAAC;KACH;IAED;IACE,+EAA+E;IAC/E,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,wCAAwC,CAAC;QAC7D,gEAAgE;QAChE,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,qBAAqB,CAAC,EAC1C;QACA,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;KACtC;IAED,OAAO,CAAC,CAAC;AACX,CAAC;AAED,sEAAsE;AACtE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,+CAA+C;AACxC,KAAK,UAAU,mBAAmB,CACvC,WAA+B,EAC/B,YAAgC,EAChC,MAA0B,EAC1B,MAAc,EACd,YAA0B;IAE1B,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,KAAK,SAAS,EAAE;QAC7B,MAAM,GAAG;;;;;;;;;;;;uCAY0B,WAAW;;8BAEpB,WAAW;;;;;;;;gDAQO,CAAC;KAC9C;SAAM;QACL,oEAAoE;QACpE,mFAAmF;QACnF,+EAA+E;QAC/E,kFAAkF;QAClF,6EAA6E;QAC7E,oFAAoF;QACpF,6CAA6C;QAC7C,YAAY,GAAG,YAAY,IAAI,CAAC,CAAC;QACjC,MAAM,GAAG;;;;;;;;4BAQe,YAAY;;;;;;;;;;;;;;;;;;;;;gDAqBQ,CAAC;KAC9C;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IACxE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EACvC;QACE,kBAAkB;QAClB,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,IAAI,CAAC,OAAO,CACV,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EAC9B,OAAO,EACP,OAAO,EACP,YAAY,CACb;KACF,EACD,EAAE,GAAG,EAAE,EAAE,0BAA0B,EAAE,YAAY,CAAC,IAAI,EAAE,EAAE,CAC3D,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AA5FD,kDA4FC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,IAAI;QACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;gBACvE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC;aAC9C,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;SACV;QACD,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE;gBACpE,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,gFAAgF,CAAC,IAAI;YACnF,qGAAqG;YACrG,oGAAoG;YACpG,iDAAiD,CACpD,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAzCD,8CAyCC"}
+{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA2E;AAC3E,4DAA8C;AAI9C,mDAAwE;AACxE,6CAA+B;AAC/B,iCAA4C;AAE5C,IAAY,WAKX;AALD,WAAY,WAAW;IACrB,kCAAmB,CAAA;IACnB,8BAAe,CAAA;IACf,sCAAuB,CAAA;IACvB,oCAAqB,CAAA;AACvB,CAAC,EALW,WAAW,GAAX,mBAAW,KAAX,mBAAW,QAKtB;AAEM,KAAK,UAAU,UAAU,CAC9B,UAA8B,EAC9B,UAA4B,EAC5B,OAAe,EACf,OAA2B,EAC3B,iBAA2C,EAC3C,MAAc;IAOd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,uBAAuB,EAAE,WAAW,EAAE,YAAY,EAAE,GAClE,MAAM,IAAA,oBAAW,EACf,UAAU,EACV,UAAU,EACV,OAAO,EACP,OAAO,EACP,iBAAiB,EACjB,MAAM,EACN,IAAI,CACL,CAAC;IACJ,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,uBAAuB,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;AACxE,CAAC;AA3BD,gCA2BC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,eAAmC,EACnC,UAA8B,EAC9B,UAA8B,EAC9B,kBAA2B,EAC3B,SAAkB,EAClB,iBAAyB,EACzB,iBAAyB,EACzB,UAAyB,EACzB,OAAe,EACf,MAAc,EACd,aAAqB,EACrB,aAAiC,EACjC,UAAoC,EACpC,iBAAoC,EACpC,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,eAAe,EACf,UAAU,EACV,UAAU,EACV,kBAAkB,EAClB,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,UAAU,EACV,OAAO,EACP,MAAM,EACN,aAAa,EACb,aAAa,EACb,UAAU,EACV,iBAAiB,EACjB,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AA5CD,gCA4CC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B,EAC1B,UAAkB,EAClB,WAA+B,EAC/B,iBAAoC,EACpC,MAAc;IAEd,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAErD,IAAI;QACF,IAAI,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,mCAA0B,CAAC,EAAE;YAChE,0BAA0B;YAC1B,MAAM,MAAM,CAAC,mBAAmB,CAC9B,MAAM,EACN,UAAU,EACV,WAAW,EACX,iBAAiB,EACjB,MAAM,CACP,CAAC;SACH;aAAM;YACL,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;gBACvC,yBAAyB;gBACzB,MAAM,MAAM,CAAC,YAAY,CACvB,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAC5C,QAAQ,EACR,UAAU,CACX,CAAC;aACH;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,YAAY,CAAC,CAAC,CAAC,CAAC;KACvB;IACD,OAAO,MAAM,IAAA,uCAAuB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AAlCD,0BAkCC;AAED;;;;;;;;GAQG;AACH,SAAS,YAAY,CAAC,CAAM;IAC1B,IAAI,CAAC,CAAC,CAAC,YAAY,KAAK,CAAC,EAAE;QACzB,OAAO,CAAC,CAAC;KACV;IAED;IACE,2BAA2B;IAC3B,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,8BAA8B,CAAC;QACnD,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,uCAAuC,CAAC,EAC5D;QACA,OAAO,IAAI,IAAI,CAAC,SAAS,CACvB,sDAAsD,CAAC,CAAC,OAAO,EAAE,CAClE,CAAC;KACH;IAED;IACE,+EAA+E;IAC/E,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,wCAAwC,CAAC;QAC7D,gEAAgE;QAChE,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,qBAAqB,CAAC,EAC1C;QACA,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;KACtC;IAED,OAAO,CAAC,CAAC;AACX,CAAC;AAED,sEAAsE;AACtE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,+CAA+C;AACxC,KAAK,UAAU,mBAAmB,CACvC,WAA+B,EAC/B,YAAgC,EAChC,MAA0B,EAC1B,MAAc,EACd,YAA0B;IAE1B,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,KAAK,SAAS,EAAE;QAC7B,MAAM,GAAG;;;;;;;;;;;;uCAY0B,WAAW;;8BAEpB,WAAW;;;;;;;;gDAQO,CAAC;KAC9C;SAAM;QACL,oEAAoE;QACpE,mFAAmF;QACnF,+EAA+E;QAC/E,kFAAkF;QAClF,6EAA6E;QAC7E,oFAAoF;QACpF,6CAA6C;QAC7C,YAAY,GAAG,YAAY,IAAI,CAAC,CAAC;QACjC,MAAM,GAAG;;;;;;;;4BAQe,YAAY;;;;;;;;;;;;;;;;;;;;;gDAqBQ,CAAC;KAC9C;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IACxE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EACvC;QACE,kBAAkB;QAClB,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,IAAI,CAAC,OAAO,CACV,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EAC9B,OAAO,EACP,OAAO,EACP,YAAY,CACb;KACF,EACD,EAAE,GAAG,EAAE,EAAE,0BAA0B,EAAE,YAAY,CAAC,IAAI,EAAE,EAAE,CAC3D,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AA5FD,kDA4FC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,IAAI;QACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;gBACvE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC;aAC9C,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;SACV;QACD,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE;gBACpE,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,gFAAgF,CAAC,IAAI;YACnF,qGAAqG;YACrG,oGAAoG;YACpG,iDAAiD,CACpD,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAzCD,8CAyCC"}

lib/languages.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isScannedLanguage = exports.isTracedLanguage = exports.parseLanguage = exports.resolveAlias = exports.KOTLIN_SWIFT_BYPASS = exports.LANGUAGE_ALIASES = exports.Language = void 0;
+exports.isScannedLanguage = exports.isTracedLanguage = exports.parseLanguage = exports.resolveAlias = exports.LANGUAGE_ALIASES = exports.Language = void 0;
 // All the languages supported by CodeQL
 var Language;
 (function (Language) {
@@ -21,7 +21,6 @@ exports.LANGUAGE_ALIASES = {
     kotlin: Language.java,
     typescript: Language.javascript,
 };
-exports.KOTLIN_SWIFT_BYPASS = ["kotlin", "swift"];
 function resolveAlias(lang) {
     return exports.LANGUAGE_ALIASES[lang] || lang;
 }

lib/languages.js.map

@@ -1 +1 @@
-{"version":3,"file":"languages.js","sourceRoot":"","sources":["../src/languages.ts"],"names":[],"mappings":";;;AAAA,wCAAwC;AACxC,IAAY,QASX;AATD,WAAY,QAAQ;IAClB,6BAAiB,CAAA;IACjB,uBAAW,CAAA;IACX,qBAAS,CAAA;IACT,yBAAa,CAAA;IACb,qCAAyB,CAAA;IACzB,6BAAiB,CAAA;IACjB,yBAAa,CAAA;IACb,2BAAe,CAAA;AACjB,CAAC,EATW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QASnB;AAED,iCAAiC;AACpB,QAAA,gBAAgB,GAAiC;IAC5D,CAAC,EAAE,QAAQ,CAAC,GAAG;IACf,KAAK,EAAE,QAAQ,CAAC,GAAG;IACnB,IAAI,EAAE,QAAQ,CAAC,MAAM;IACrB,MAAM,EAAE,QAAQ,CAAC,IAAI;IACrB,UAAU,EAAE,QAAQ,CAAC,UAAU;CAChC,CAAC;AAIW,QAAA,mBAAmB,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAEvD,SAAgB,YAAY,CAAC,IAAqB;IAChD,OAAO,wBAAgB,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;AACxC,CAAC;AAFD,oCAEC;AAED;;;;;;;;;GASG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,0BAA0B;IAC1B,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAEzC,6BAA6B;IAC7B,IAAI,QAAQ,IAAI,QAAQ,EAAE;QACxB,OAAO,QAAoB,CAAC;KAC7B;IAED,iEAAiE;IACjE,oCAAoC;IACpC,IAAI,QAAQ,IAAI,wBAAgB,EAAE;QAChC,OAAO,QAAQ,CAAC;KACjB;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAhBD,sCAgBC;AAED,SAAgB,gBAAgB,CAAC,QAAkB;IACjD,OAAO;QACL,QAAQ,CAAC,GAAG;QACZ,QAAQ,CAAC,MAAM;QACf,QAAQ,CAAC,EAAE;QACX,QAAQ,CAAC,IAAI;QACb,QAAQ,CAAC,KAAK;KACf,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACvB,CAAC;AARD,4CAQC;AAED,SAAgB,iBAAiB,CAAC,QAAkB;IAClD,OAAO,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC;AAFD,8CAEC"}
+{"version":3,"file":"languages.js","sourceRoot":"","sources":["../src/languages.ts"],"names":[],"mappings":";;;AAAA,wCAAwC;AACxC,IAAY,QASX;AATD,WAAY,QAAQ;IAClB,6BAAiB,CAAA;IACjB,uBAAW,CAAA;IACX,qBAAS,CAAA;IACT,yBAAa,CAAA;IACb,qCAAyB,CAAA;IACzB,6BAAiB,CAAA;IACjB,yBAAa,CAAA;IACb,2BAAe,CAAA;AACjB,CAAC,EATW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QASnB;AAED,iCAAiC;AACpB,QAAA,gBAAgB,GAAiC;IAC5D,CAAC,EAAE,QAAQ,CAAC,GAAG;IACf,KAAK,EAAE,QAAQ,CAAC,GAAG;IACnB,IAAI,EAAE,QAAQ,CAAC,MAAM;IACrB,MAAM,EAAE,QAAQ,CAAC,IAAI;IACrB,UAAU,EAAE,QAAQ,CAAC,UAAU;CAChC,CAAC;AAIF,SAAgB,YAAY,CAAC,IAAqB;IAChD,OAAO,wBAAgB,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;AACxC,CAAC;AAFD,oCAEC;AAED;;;;;;;;;GASG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,0BAA0B;IAC1B,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAEzC,6BAA6B;IAC7B,IAAI,QAAQ,IAAI,QAAQ,EAAE;QACxB,OAAO,QAAoB,CAAC;KAC7B;IAED,iEAAiE;IACjE,oCAAoC;IACpC,IAAI,QAAQ,IAAI,wBAAgB,EAAE;QAChC,OAAO,QAAQ,CAAC;KACjB;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAhBD,sCAgBC;AAED,SAAgB,gBAAgB,CAAC,QAAkB;IACjD,OAAO;QACL,QAAQ,CAAC,GAAG;QACZ,QAAQ,CAAC,MAAM;QACf,QAAQ,CAAC,EAAE;QACX,QAAQ,CAAC,IAAI;QACb,QAAQ,CAAC,KAAK;KACf,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACvB,CAAC;AARD,4CAQC;AAED,SAAgB,iBAAiB,CAAC,QAAkB;IAClD,OAAO,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC;AAFD,8CAEC"}

lib/setup-codeql.js

@@ -26,9 +26,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.setupCodeQLBundle = exports.getCodeQLURLVersion = exports.downloadCodeQL = exports.getCodeQLSource = exports.convertToSemVer = exports.getBundleVersionFromUrl = exports.tryFindCliVersionDotcomOnly = exports.findCodeQLBundleTagDotcomOnly = exports.getCodeQLActionRepository = exports.CODEQL_DEFAULT_ACTION_REPOSITORY = void 0;
+exports.setupCodeQLBundle = exports.getCodeQLURLVersion = exports.downloadCodeQL = exports.tryGetFallbackToolcacheVersion = exports.getCodeQLSource = exports.convertToSemVer = exports.tryGetBundleVersionFromUrl = exports.tryFindCliVersionDotcomOnly = exports.findCodeQLBundleTagDotcomOnly = exports.getCodeQLActionRepository = exports.CODEQL_DEFAULT_ACTION_REPOSITORY = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
+const perf_hooks_1 = require("perf_hooks");
 const toolcache = __importStar(require("@actions/tool-cache"));
 const fast_deep_equal_1 = __importDefault(require("fast-deep-equal"));
 const semver = __importStar(require("semver"));
@@ -39,6 +40,7 @@ const api = __importStar(require("./api-client"));
 // creation scripts. Ensure that any changes to the format of this file are compatible with both of
 // these dependents.
 const defaults = __importStar(require("./defaults.json"));
+const init_1 = require("./init");
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
 exports.CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action";
@@ -209,14 +211,30 @@ async function getCodeQLBundleDownloadURL(tagName, apiDetails, variant, logger)
     }
     return `https://github.com/${exports.CODEQL_DEFAULT_ACTION_REPOSITORY}/releases/download/${tagName}/${codeQLBundleName}`;
 }
-function getBundleVersionFromUrl(url) {
-    const match = url.match(/\/codeql-bundle-(.*)\//);
+function tryGetBundleVersionFromTagName(tagName, logger) {
+    const match = tagName.match(/^codeql-bundle-(.*)$/);
     if (match === null || match.length < 2) {
-        throw new Error(`Malformed tools url: ${url}. Bundle version could not be inferred`);
+        logger.debug(`Could not determine bundle version from tag ${tagName}.`);
+        return undefined;
     }
     return match[1];
 }
-exports.getBundleVersionFromUrl = getBundleVersionFromUrl;
+function tryGetTagNameFromUrl(url, logger) {
+    const match = url.match(/\/(codeql-bundle-.*)\//);
+    if (match === null || match.length < 2) {
+        logger.debug(`Could not determine tag name for URL ${url}.`);
+        return undefined;
+    }
+    return match[1];
+}
+function tryGetBundleVersionFromUrl(url, logger) {
+    const tagName = tryGetTagNameFromUrl(url, logger);
+    if (tagName === undefined) {
+        return undefined;
+    }
+    return tryGetBundleVersionFromTagName(tagName, logger);
+}
+exports.tryGetBundleVersionFromUrl = tryGetBundleVersionFromUrl;
 function convertToSemVer(version, logger) {
     if (!semver.valid(version)) {
         logger.debug(`Bundle version ${version} is not in SemVer format. Will treat it as pre-release 0.0.0-${version}.`);
@@ -229,18 +247,10 @@ function convertToSemVer(version, logger) {
     return s;
 }
 exports.convertToSemVer = convertToSemVer;
-async function getOrFindBundleTagName(version, logger) {
-    if (version.variant === util.GitHubVariant.DOTCOM) {
-        return await findCodeQLBundleTagDotcomOnly(version.cliVersion, logger);
-    }
-    else {
-        return version.tagName;
-    }
-}
 /**
  * Look for a version of the CodeQL tools in the cache which could override the requested CLI version.
  */
-async function findOverridingToolsInCache(requestedCliVersion, logger) {
+async function findOverridingToolsInCache(humanReadableVersion, logger) {
     const candidates = toolcache
         .findAllVersions("CodeQL")
         .filter(util_1.isGoodVersion)
@@ -251,7 +261,7 @@ async function findOverridingToolsInCache(requestedCliVersion, logger) {
         .filter(({ folder }) => fs.existsSync(path.join(folder, "pinned-version")));
     if (candidates.length === 1) {
         const candidate = candidates[0];
-        logger.debug(`CodeQL tools version ${candidate.version} in toolcache overriding version ${requestedCliVersion}.`);
+        logger.debug(`CodeQL tools version ${candidate.version} in toolcache overriding version ${humanReadableVersion}.`);
         return {
             codeqlFolder: candidate.folder,
             sourceType: "toolcache",
@@ -267,7 +277,7 @@ async function findOverridingToolsInCache(requestedCliVersion, logger) {
     }
     return undefined;
 }
-async function getCodeQLSource(toolsInput, bypassToolcache, defaultCliVersion, apiDetails, variant, logger) {
+async function getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, logger) {
     if (toolsInput && toolsInput !== "latest" && !toolsInput.startsWith("http")) {
         return {
             codeqlTarPath: toolsInput,
@@ -275,124 +285,166 @@ async function getCodeQLSource(toolsInput, bypassToolcache, defaultCliVersion, a
             toolsVersion: "local",
         };
     }
-    const forceLatestReason = 
-    // We use the special value of 'latest' to prioritize the version in the
-    // defaults over any pinned cached version.
-    toolsInput === "latest"
-        ? '"tools: latest" was requested'
-        : // If the user hasn't requested a particular CodeQL version, then bypass
-            // the toolcache when the appropriate feature is enabled. This
-            // allows us to quickly rollback a broken bundle that has made its way
-            // into the toolcache.
-            toolsInput === undefined && bypassToolcache
-                ? "a specific version of the CodeQL tools was not requested and the bypass toolcache feature is enabled"
-                : undefined;
-    const forceLatest = forceLatestReason !== undefined;
-    if (forceLatest) {
-        logger.debug(`Forcing the latest version of the CodeQL tools since ${forceLatestReason}.`);
-    }
     /**
-     * The requested version is:
+     * Whether the tools shipped with the Action, i.e. those in `defaults.json`, have been forced.
      *
-     * 1. The one in `defaults.json`, if forceLatest is true.
-     * 2. The version specified by the tools input URL, if one was provided.
-     * 3. The default CLI version, otherwise.
-    
-     * We include a `variant` property to let us verify using the type system that
-     * `tagName` is only undefined when the variant is Dotcom. This lets us ensure
-     * that we can always compute `tagName`, either by using the existing tag name
-     * on enterprise instances, or calling `findCodeQLBundleTagDotcomOnly` on
-     * Dotcom.
+     * We use the special value of 'latest' to prioritize the version in `defaults.json` over the
+     * version specified by the feature flags on Dotcom and over any pinned cached version on
+     * Enterprise Server.
      */
-    const requestedVersion = forceLatest
-        ? // case 1
-            {
-                cliVersion: defaults.cliVersion,
-                syntheticCliVersion: defaults.cliVersion,
-                tagName: defaults.bundleVersion,
-                variant,
-            }
-        : toolsInput !== undefined
-            ? // case 2
-                {
-                    syntheticCliVersion: convertToSemVer(getBundleVersionFromUrl(toolsInput), logger),
-                    tagName: `codeql-bundle-${getBundleVersionFromUrl(toolsInput)}`,
-                    url: toolsInput,
-                    variant,
-                }
-            : // case 3
-                {
-                    ...defaultCliVersion,
-                    syntheticCliVersion: defaultCliVersion.cliVersion,
-                };
-    // If we find the specified version, we always use that.
-    let codeqlFolder = toolcache.find("CodeQL", requestedVersion.syntheticCliVersion);
-    let tagName = requestedVersion["tagName"];
-    if (!codeqlFolder) {
-        logger.debug("Didn't find a version of the CodeQL tools in the toolcache with a version number " +
-            `exactly matching ${requestedVersion.syntheticCliVersion}.`);
-        if (requestedVersion.cliVersion) {
+    const forceShippedTools = toolsInput === "latest";
+    if (forceShippedTools) {
+        logger.info("Overriding the version of the CodeQL tools by the version shipped with the Action since " +
+            `"tools: latest" was requested.`);
+    }
+    /** CLI version number, for example 2.12.1. */
+    let cliVersion;
+    /** Tag name of the CodeQL bundle, for example `codeql-bundle-20230120`. */
+    let tagName;
+    /**
+     * URL of the CodeQL bundle.
+     *
+     * This does not always include a tag name.
+     */
+    let url;
+    if (forceShippedTools) {
+        cliVersion = defaults.cliVersion;
+        tagName = defaults.bundleVersion;
+    }
+    else if (toolsInput !== undefined) {
+        // If a tools URL was provided, then use that.
+        tagName = tryGetTagNameFromUrl(toolsInput, logger);
+        url = toolsInput;
+    }
+    else {
+        // Otherwise, use the default CLI version passed in.
+        cliVersion = defaultCliVersion.cliVersion;
+        tagName = defaultCliVersion["tagName"];
+    }
+    const bundleVersion = tagName && tryGetBundleVersionFromTagName(tagName, logger);
+    const humanReadableVersion = cliVersion ??
+        (bundleVersion && convertToSemVer(bundleVersion, logger)) ??
+        tagName ??
+        url ??
+        "unknown";
+    logger.debug("Attempting to obtain CodeQL tools. " +
+        `CLI version: ${cliVersion ?? "unknown"}, ` +
+        `bundle tag name: ${tagName ?? "unknown"}, ` +
+        `URL: ${url ?? "unspecified"}.`);
+    let codeqlFolder;
+    if (cliVersion) {
+        // If we find the specified CLI version, we always use that.
+        codeqlFolder = toolcache.find("CodeQL", cliVersion);
+        // Fall back to matching `x.y.z-<tagName>`.
+        if (!codeqlFolder) {
+            logger.debug("Didn't find a version of the CodeQL tools in the toolcache with a version number " +
+                `exactly matching ${cliVersion}.`);
             const allVersions = toolcache.findAllVersions("CodeQL");
             logger.debug(`Found the following versions of the CodeQL tools in the toolcache: ${JSON.stringify(allVersions)}.`);
             // If there is exactly one version of the CodeQL tools in the toolcache, and that version is
             // the form `x.y.z-<tagName>`, then use it.
-            const candidateVersions = allVersions.filter((version) => version.startsWith(`${requestedVersion.cliVersion}-`));
+            const candidateVersions = allVersions.filter((version) => version.startsWith(`${cliVersion}-`));
             if (candidateVersions.length === 1) {
-                logger.debug("Exactly one candidate version found, using that.");
+                logger.debug(`Exactly one version of the CodeQL tools starting with ${cliVersion} found in the ` +
+                    "toolcache, using that.");
                 codeqlFolder = toolcache.find("CodeQL", candidateVersions[0]);
             }
+            else if (candidateVersions.length === 0) {
+                logger.debug(`Didn't find any versions of the CodeQL tools starting with ${cliVersion} ` +
+                    `in the toolcache. Trying next fallback method.`);
+            }
             else {
-                logger.debug("Did not find exactly one version of the CodeQL tools starting with the requested version.");
+                logger.warning(`Found ${candidateVersions.length} versions of the CodeQL tools starting with ` +
+                    `${cliVersion} in the toolcache, but at most one was expected.`);
+                logger.debug("Trying next fallback method.");
             }
         }
     }
-    if (!codeqlFolder && requestedVersion.cliVersion) {
-        // Fall back to accepting a `0.0.0-<tagName>` version if we didn't find the
-        // `x.y.z` version. This is to support old versions of the toolcache.
-        //
-        // If we are on Dotcom, we will make an HTTP request to the Releases API here
-        // to find the tag name for the requested version.
-        tagName =
-            tagName || (await getOrFindBundleTagName(requestedVersion, logger));
-        const fallbackVersion = convertToSemVer(tagName, logger);
-        logger.debug(`Computed a fallback toolcache version number of ${fallbackVersion} for CodeQL tools version ` +
-            `${requestedVersion.cliVersion}.`);
-        codeqlFolder = toolcache.find("CodeQL", fallbackVersion);
+    // Fall back to matching `0.0.0-<bundleVersion>`.
+    if (!codeqlFolder && (cliVersion || tagName)) {
+        if (cliVersion || tagName) {
+            const fallbackVersion = await tryGetFallbackToolcacheVersion(cliVersion, tagName, variant, logger);
+            if (fallbackVersion) {
+                codeqlFolder = toolcache.find("CodeQL", fallbackVersion);
+            }
+            else {
+                logger.debug("Could not determine a fallback toolcache version number for CodeQL tools version " +
+                    `${humanReadableVersion}.`);
+            }
+        }
+        else {
+            logger.debug("Both the CLI version and the bundle version are unknown, so we will not be able to find " +
+                "the requested version of the CodeQL tools in the toolcache.");
+        }
+    }
+    if (codeqlFolder) {
+        logger.info(`Found CodeQL tools version ${humanReadableVersion} in the toolcache.`);
+    }
+    else {
+        logger.info(`Did not find CodeQL tools version ${humanReadableVersion} in the toolcache.`);
     }
     if (codeqlFolder) {
         return {
             codeqlFolder,
             sourceType: "toolcache",
-            toolsVersion: requestedVersion.syntheticCliVersion,
+            toolsVersion: cliVersion ?? humanReadableVersion,
         };
     }
-    logger.debug(`Did not find CodeQL tools version ${requestedVersion.syntheticCliVersion} in the toolcache.`);
     // If we don't find the requested version on Enterprise, we may allow a
     // different version to save download time if the version hasn't been
     // specified explicitly (in which case we always honor it).
-    if (variant !== util.GitHubVariant.DOTCOM && !forceLatest && !toolsInput) {
-        const result = await findOverridingToolsInCache(requestedVersion.syntheticCliVersion, logger);
+    if (variant !== util.GitHubVariant.DOTCOM &&
+        !forceShippedTools &&
+        !toolsInput) {
+        const result = await findOverridingToolsInCache(humanReadableVersion, logger);
         if (result !== undefined) {
             return result;
         }
     }
+    if (!url) {
+        if (!tagName && cliVersion && variant === util.GitHubVariant.DOTCOM) {
+            tagName = await findCodeQLBundleTagDotcomOnly(cliVersion, logger);
+        }
+        else if (!tagName) {
+            throw new Error(`Could not obtain the requested version (${humanReadableVersion}) of the CodeQL tools ` +
+                "since we could not compute the tag name.");
+        }
+        url = await getCodeQLBundleDownloadURL(tagName, apiDetails, variant, logger);
+    }
     return {
-        cliVersion: requestedVersion.cliVersion || undefined,
-        codeqlURL: requestedVersion["url"] ||
-            (await getCodeQLBundleDownloadURL(tagName ||
-                // The check on `requestedVersion.tagName` is redundant but lets us
-                // use the property that if we don't know `requestedVersion.tagName`,
-                // then we must know `requestedVersion.cliVersion`. This property is
-                // required by the type of `getOrFindBundleTagName`.
-                (requestedVersion.tagName !== undefined
-                    ? requestedVersion.tagName
-                    : await getOrFindBundleTagName(requestedVersion, logger)), apiDetails, variant, logger)),
+        bundleVersion: tagName && tryGetBundleVersionFromTagName(tagName, logger),
+        cliVersion,
+        codeqlURL: url,
         sourceType: "download",
-        toolsVersion: requestedVersion.syntheticCliVersion,
+        toolsVersion: cliVersion ?? humanReadableVersion,
     };
 }
 exports.getCodeQLSource = getCodeQLSource;
-async function downloadCodeQL(codeqlURL, maybeCliVersion, apiDetails, variant, tempDir, logger) {
+/**
+ * Gets a fallback version number to use when looking for CodeQL in the toolcache if we didn't find
+ * the `x.y.z` version. This is to support old versions of the toolcache.
+ */
+async function tryGetFallbackToolcacheVersion(cliVersion, tagName, variant, logger) {
+    //
+    // If we are on Dotcom, we will make an HTTP request to the Releases API here
+    // to find the tag name for the requested version.
+    if (cliVersion && !tagName && variant === util.GitHubVariant.DOTCOM) {
+        tagName = await findCodeQLBundleTagDotcomOnly(cliVersion, logger);
+    }
+    if (!tagName) {
+        return undefined;
+    }
+    const bundleVersion = tryGetBundleVersionFromTagName(tagName, logger);
+    if (!bundleVersion) {
+        return undefined;
+    }
+    const fallbackVersion = convertToSemVer(bundleVersion, logger);
+    logger.debug(`Computed a fallback toolcache version number of ${fallbackVersion} for CodeQL version ` +
+        `${cliVersion ?? tagName}.`);
+    return fallbackVersion;
+}
+exports.tryGetFallbackToolcacheVersion = tryGetFallbackToolcacheVersion;
+async function downloadCodeQL(codeqlURL, maybeBundleVersion, maybeCliVersion, apiDetails, variant, tempDir, logger) {
     const parsedCodeQLURL = new URL(codeqlURL);
     const searchParams = new URLSearchParams(parsedCodeQLURL.search);
     const headers = {
@@ -402,12 +454,13 @@ async function downloadCodeQL(codeqlURL, maybeCliVersion, apiDetails, variant, t
     // from the same GitHub instance the Action is running on.
     // This avoids leaking Enterprise tokens to dotcom.
     // We also don't want to send an authorization header if there's already a token provided in the URL.
+    let authorization = undefined;
     if (searchParams.has("token")) {
         logger.debug("CodeQL tools URL contains an authorization token.");
     }
     else if (codeqlURL.startsWith(`${apiDetails.url}/`)) {
         logger.debug("Providing an authorization token to download CodeQL tools.");
-        headers.authorization = `token ${apiDetails.auth}`;
+        authorization = `token ${apiDetails.auth}`;
     }
     else {
         logger.debug("Downloading CodeQL tools without an authorization token.");
@@ -415,15 +468,27 @@ async function downloadCodeQL(codeqlURL, maybeCliVersion, apiDetails, variant, t
     logger.info(`Downloading CodeQL tools from ${codeqlURL}. This may take a while.`);
     const dest = path.join(tempDir, (0, uuid_1.v4)());
     const finalHeaders = Object.assign({ "User-Agent": "CodeQL Action" }, headers);
-    const codeqlPath = await toolcache.downloadTool(codeqlURL, dest, undefined, finalHeaders);
+    const toolsDownloadStart = perf_hooks_1.performance.now();
+    const codeqlPath = await toolcache.downloadTool(codeqlURL, dest, authorization, finalHeaders);
+    const toolsDownloadDurationMs = Math.round(perf_hooks_1.performance.now() - toolsDownloadStart);
     logger.debug(`CodeQL bundle download to ${codeqlPath} complete.`);
     const codeqlExtracted = await toolcache.extractTar(codeqlPath);
-    const bundleVersion = getBundleVersionFromUrl(codeqlURL);
+    const bundleVersion = maybeBundleVersion ?? tryGetBundleVersionFromUrl(codeqlURL, logger);
+    if (bundleVersion === undefined) {
+        logger.debug("Could not cache CodeQL tools because we could not determine the bundle version from the " +
+            `URL ${codeqlURL}.`);
+        return {
+            toolsVersion: maybeCliVersion ?? "unknown",
+            codeqlFolder: codeqlExtracted,
+            toolsDownloadDurationMs,
+        };
+    }
     // Try to compute the CLI version for this bundle
-    const cliVersion = maybeCliVersion ||
-        (variant === util.GitHubVariant.DOTCOM &&
-            (await tryFindCliVersionDotcomOnly(`codeql-bundle-${bundleVersion}`, logger))) ||
-        undefined;
+    if (maybeCliVersion === undefined &&
+        variant === util.GitHubVariant.DOTCOM &&
+        codeqlURL.includes(`/${exports.CODEQL_DEFAULT_ACTION_REPOSITORY}/`)) {
+        maybeCliVersion = await tryFindCliVersionDotcomOnly(`codeql-bundle-${bundleVersion}`, logger);
+    }
     // Include both the CLI version and the bundle version in the toolcache version number. That way
     // if the user requests the same URL again, we can get it from the cache without having to call
     // any of the Releases API.
@@ -433,12 +498,13 @@ async function downloadCodeQL(codeqlURL, maybeCliVersion, apiDetails, variant, t
     // CLI release. In principle, it should be enough to just check that the CLI version isn't a
     // pre-release, but the version numbers of CodeQL nightlies have the format `x.y.z+<timestamp>`,
     // and we don't want these nightlies to override stable CLI versions in the toolcache.
-    const toolcacheVersion = cliVersion && cliVersion.match(/^[0-9]+\.[0-9]+\.[0-9]+$/)
-        ? `${cliVersion}-${bundleVersion}`
+    const toolcacheVersion = maybeCliVersion?.match(/^[0-9]+\.[0-9]+\.[0-9]+$/)
+        ? `${maybeCliVersion}-${bundleVersion}`
         : convertToSemVer(bundleVersion, logger);
     return {
-        toolsVersion: cliVersion || toolcacheVersion,
+        toolsVersion: maybeCliVersion ?? toolcacheVersion,
         codeqlFolder: await toolcache.cacheDir(codeqlExtracted, "CodeQL", toolcacheVersion),
+        toolsDownloadDurationMs,
     };
 }
 exports.downloadCodeQL = downloadCodeQL;
@@ -457,35 +523,40 @@ exports.getCodeQLURLVersion = getCodeQLURLVersion;
  * @param apiDetails
  * @param tempDir
  * @param variant
- * @param bypassToolcache
  * @param defaultCliVersion
  * @param logger
  * @param checkVersion Whether to check that CodeQL CLI meets the minimum
  *        version requirement. Must be set to true outside tests.
  * @returns the path to the extracted bundle, and the version of the tools
  */
-async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, bypassToolcache, defaultCliVersion, logger) {
-    const source = await getCodeQLSource(toolsInput, bypassToolcache, defaultCliVersion, apiDetails, variant, logger);
+async function setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) {
+    const source = await getCodeQLSource(toolsInput, defaultCliVersion, apiDetails, variant, logger);
     let codeqlFolder;
     let toolsVersion = source.toolsVersion;
+    let toolsDownloadDurationMs;
+    let toolsSource;
     switch (source.sourceType) {
         case "local":
             codeqlFolder = await toolcache.extractTar(source.codeqlTarPath);
+            toolsSource = init_1.ToolsSource.Local;
             break;
         case "toolcache":
             codeqlFolder = source.codeqlFolder;
             logger.debug(`CodeQL found in cache ${codeqlFolder}`);
+            toolsSource = init_1.ToolsSource.Toolcache;
             break;
         case "download": {
-            const result = await downloadCodeQL(source.codeqlURL, source.cliVersion, apiDetails, variant, tempDir, logger);
+            const result = await downloadCodeQL(source.codeqlURL, source.bundleVersion, source.cliVersion, apiDetails, variant, tempDir, logger);
             toolsVersion = result.toolsVersion;
             codeqlFolder = result.codeqlFolder;
+            toolsDownloadDurationMs = result.toolsDownloadDurationMs;
+            toolsSource = init_1.ToolsSource.Download;
             break;
         }
         default:
             util.assertNever(source);
     }
-    return { codeqlFolder, toolsVersion };
+    return { codeqlFolder, toolsDownloadDurationMs, toolsSource, toolsVersion };
 }
 exports.setupCodeQLBundle = setupCodeQLBundle;
 //# sourceMappingURL=setup-codeql.js.map

lib/upload-lib.js

@@ -293,7 +293,8 @@ async function waitForProcessing(repositoryNwo, sarifID, logger, options = {
             if (Date.now() >
                 statusCheckingStarted + STATUS_CHECK_TIMEOUT_MILLISECONDS) {
                 // If the analysis hasn't finished processing in the allotted time, we continue anyway rather than failing.
-                // It's possible the analysis will eventually finish processing, but it's not worth spending more Actions time waiting.
+                // It's possible the analysis will eventually finish processing, but it's not worth spending more
+                // Actions time waiting.
                 logger.warning("Timed out waiting for analysis to finish processing. Continuing.");
                 break;
             }
@@ -329,7 +330,9 @@ async function waitForProcessing(repositoryNwo, sarifID, logger, options = {
             else {
                 util.assertNever(status);
             }
-            await util.delay(STATUS_CHECK_FREQUENCY_MILLISECONDS);
+            await util.delay(STATUS_CHECK_FREQUENCY_MILLISECONDS, {
+                allowProcessExit: false,
+            });
         }
     }
     finally {

lib/util.js

@@ -26,7 +26,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.parseMatrixInput = exports.shouldBypassToolcache = exports.isHostedRunner = exports.checkForTimeout = exports.withTimeout = exports.tryGetFolderBytes = exports.listFolder = exports.doesDirectoryExist = exports.logCodeScanningConfigInCli = exports.useCodeScanningConfigInCli = exports.isInTestMode = exports.getMlPoweredJsQueriesStatus = exports.getMlPoweredJsQueriesPack = exports.ML_POWERED_JS_QUERIES_PACK_NAME = exports.isGoodVersion = exports.delay = exports.bundleDb = exports.codeQlVersionAbove = exports.getCachedCodeQlVersion = exports.cacheCodeQlVersion = exports.isHTTPError = exports.UserError = exports.HTTPError = exports.getRequiredEnvParam = exports.enrichEnvironment = exports.initializeEnvironment = exports.EnvVar = exports.assertNever = exports.apiVersionInRange = exports.DisallowedAPIVersionReason = exports.checkGitHubVersionInRange = exports.getGitHubVersion = exports.GitHubVariant = exports.parseGitHubUrl = exports.getCodeQLDatabasePath = exports.getThreadsFlag = exports.getThreadsFlagValue = exports.getAddSnippetsFlag = exports.getMemoryFlag = exports.getMemoryFlagValue = exports.withTmpDir = exports.getToolNames = exports.getExtraOptionsEnvParam = exports.DID_AUTOBUILD_GO_ENV_VAR_NAME = exports.DEFAULT_DEBUG_DATABASE_NAME = exports.DEFAULT_DEBUG_ARTIFACT_NAME = exports.GITHUB_DOTCOM_URL = void 0;
+exports.parseMatrixInput = exports.isHostedRunner = exports.checkForTimeout = exports.withTimeout = exports.tryGetFolderBytes = exports.listFolder = exports.doesDirectoryExist = exports.logCodeScanningConfigInCli = exports.useCodeScanningConfigInCli = exports.isInTestMode = exports.getMlPoweredJsQueriesStatus = exports.getMlPoweredJsQueriesPack = exports.ML_POWERED_JS_QUERIES_PACK_NAME = exports.isGoodVersion = exports.delay = exports.bundleDb = exports.codeQlVersionAbove = exports.getCachedCodeQlVersion = exports.cacheCodeQlVersion = exports.isHTTPError = exports.UserError = exports.HTTPError = exports.getRequiredEnvParam = exports.enrichEnvironment = exports.initializeEnvironment = exports.EnvVar = exports.assertNever = exports.apiVersionInRange = exports.DisallowedAPIVersionReason = exports.checkGitHubVersionInRange = exports.getGitHubVersion = exports.GitHubVariant = exports.parseGitHubUrl = exports.getCodeQLDatabasePath = exports.getThreadsFlag = exports.getThreadsFlagValue = exports.getAddSnippetsFlag = exports.getMemoryFlag = exports.getMemoryFlagValue = exports.withTmpDir = exports.getToolNames = exports.getExtraOptionsEnvParam = exports.DID_AUTOBUILD_GO_ENV_VAR_NAME = exports.DEFAULT_DEBUG_DATABASE_NAME = exports.DEFAULT_DEBUG_ARTIFACT_NAME = exports.GITHUB_DOTCOM_URL = void 0;
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
@@ -40,7 +40,6 @@ const apiCompatibility = __importStar(require("./api-compatibility.json"));
 const codeql_1 = require("./codeql");
 const config_utils_1 = require("./config-utils");
 const feature_flags_1 = require("./feature-flags");
-const languages_1 = require("./languages");
 const shared_environment_1 = require("./shared-environment");
 /**
  * Specifies bundle versions that are known to be broken
@@ -456,10 +455,20 @@ async function bundleDb(config, language, codeql, dbName) {
     return databaseBundlePath;
 }
 exports.bundleDb = bundleDb;
-async function delay(milliseconds) {
-    // Immediately `unref` the timer such that it only prevents the process from exiting if the
-    // surrounding promise is being awaited.
-    return new Promise((resolve) => setTimeout(resolve, milliseconds).unref());
+/**
+ * @param milliseconds time to delay
+ * @param opts options
+ * @param opts.allowProcessExit if true, the timer will not prevent the process from exiting
+ */
+async function delay(milliseconds, { allowProcessExit }) {
+    return new Promise((resolve) => {
+        const timer = setTimeout(resolve, milliseconds);
+        if (allowProcessExit) {
+            // Immediately `unref` the timer such that it only prevents the process from exiting if the
+            // surrounding promise is being awaited.
+            timer.unref();
+        }
+    });
 }
 exports.delay = delay;
 function isGoodVersion(versionSpec) {
@@ -637,7 +646,7 @@ async function withTimeout(timeoutMs, promise, onTimeout) {
         return result;
     };
     const timeoutTask = async () => {
-        await delay(timeoutMs);
+        await delay(timeoutMs, { allowProcessExit: true });
         if (!finished) {
             // Workaround: While the promise racing below will allow the main code
             // to continue, the process won't normally exit until the asynchronous
@@ -660,7 +669,7 @@ exports.withTimeout = withTimeout;
 async function checkForTimeout() {
     if (hadTimeout === true) {
         core.info("A timeout occurred, force exiting the process after 30 seconds to prevent hanging.");
-        await delay(30000);
+        await delay(30000, { allowProcessExit: true });
         process.exit();
     }
 }
@@ -685,45 +694,6 @@ function isHostedRunner() {
         process.env["RUNNER_TOOL_CACHE"]?.includes("hostedtoolcache"));
 }
 exports.isHostedRunner = isHostedRunner;
-/**
- *
- * @param featuresEnablement The features enabled for the current run
- * @param languagesInput Languages input from the workflow
- * @param repository The owner/name of the repository
- * @param logger A logger
- * @returns A boolean indicating whether or not the toolcache should be bypassed and the latest codeql should be downloaded.
- */
-async function shouldBypassToolcache(featuresEnablement, codeqlUrl, languagesInput, repository, logger) {
-    // An explicit codeql url is specified, that means the toolcache will not be used.
-    if (codeqlUrl) {
-        return true;
-    }
-    // Check if the toolcache is disabled for all languages
-    if (await featuresEnablement.getValue(feature_flags_1.Feature.BypassToolcacheEnabled)) {
-        return true;
-    }
-    // Check if the toolcache is disabled for kotlin and swift.
-    if (!(await featuresEnablement.getValue(feature_flags_1.Feature.BypassToolcacheKotlinSwiftEnabled))) {
-        return false;
-    }
-    // Now check to see if kotlin or swift is one of the languages being analyzed.
-    const { rawLanguages, autodetected } = await (0, config_utils_1.getRawLanguages)(languagesInput, repository, logger);
-    let bypass = rawLanguages.some((lang) => languages_1.KOTLIN_SWIFT_BYPASS.includes(lang));
-    if (bypass) {
-        logger.info(`Bypassing toolcache for kotlin or swift. Languages: ${rawLanguages}`);
-    }
-    else if (!autodetected && rawLanguages.includes(languages_1.Language.java)) {
-        // special case: java was explicitly specified, but there might be
-        // some kotlin in the repository, so we need to make a request for that.
-        const langsInRepo = await (0, config_utils_1.getLanguagesInRepo)(repository, logger);
-        if (langsInRepo.includes("kotlin")) {
-            logger.info(`Bypassing toolcache for kotlin.`);
-            bypass = true;
-        }
-    }
-    return bypass;
-}
-exports.shouldBypassToolcache = shouldBypassToolcache;
 function parseMatrixInput(matrixInput) {
     if (matrixInput === undefined || matrixInput === "null") {
         return undefined;

lib/util.test.js

@@ -33,9 +33,7 @@ const github = __importStar(require("@actions/github"));
 const ava_1 = __importDefault(require("ava"));
 const sinon = __importStar(require("sinon"));
 const api = __importStar(require("./api-client"));
-const feature_flags_1 = require("./feature-flags");
 const logging_1 = require("./logging");
-const repository_1 = require("./repository");
 const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
 (0, testing_utils_1.setupTests)(ava_1.default);
@@ -325,117 +323,4 @@ const shortTime = 10;
     t.deepEqual(shortTaskTimedOut, false);
     t.deepEqual(result, 99);
 });
-const mockRepositoryNwo = (0, repository_1.parseRepositoryNwo)("owner/repo");
-// eslint-disable-next-line github/array-foreach
-[
-    {
-        name: "disabled",
-        features: [],
-        hasCustomCodeQL: false,
-        languagesInput: undefined,
-        languagesInRepository: [],
-        expected: false,
-        expectedApiCall: false,
-    },
-    {
-        name: "disabled even though swift kotlin bypassed",
-        features: [feature_flags_1.Feature.BypassToolcacheKotlinSwiftEnabled],
-        hasCustomCodeQL: false,
-        languagesInput: undefined,
-        languagesInRepository: [],
-        expected: false,
-        expectedApiCall: true,
-    },
-    {
-        name: "disabled even though swift kotlin analyzed",
-        features: [],
-        hasCustomCodeQL: false,
-        languagesInput: " sWiFt , KoTlIn ",
-        languagesInRepository: [],
-        expected: false,
-        expectedApiCall: false,
-    },
-    {
-        name: "toolcache bypass all",
-        features: [feature_flags_1.Feature.BypassToolcacheEnabled],
-        hasCustomCodeQL: false,
-        languagesInput: undefined,
-        languagesInRepository: [],
-        expected: true,
-        expectedApiCall: false,
-    },
-    {
-        name: "custom CodeQL",
-        features: [],
-        hasCustomCodeQL: true,
-        languagesInput: undefined,
-        languagesInRepository: [],
-        expected: true,
-        expectedApiCall: false,
-    },
-    {
-        name: "bypass swift",
-        features: [feature_flags_1.Feature.BypassToolcacheKotlinSwiftEnabled],
-        hasCustomCodeQL: false,
-        languagesInput: " sWiFt ,other",
-        languagesInRepository: [],
-        expected: true,
-        expectedApiCall: false,
-    },
-    {
-        name: "bypass kotlin",
-        features: [feature_flags_1.Feature.BypassToolcacheKotlinSwiftEnabled],
-        hasCustomCodeQL: false,
-        languagesInput: "other, KoTlIn ",
-        languagesInRepository: [],
-        expected: true,
-        expectedApiCall: false,
-    },
-    {
-        name: "bypass kotlin language from repository",
-        features: [feature_flags_1.Feature.BypassToolcacheKotlinSwiftEnabled],
-        hasCustomCodeQL: false,
-        languagesInput: "",
-        languagesInRepository: ["KoTlIn", "other"],
-        expected: true,
-        expectedApiCall: true,
-    },
-    {
-        name: "bypass swift language from repository",
-        features: [feature_flags_1.Feature.BypassToolcacheKotlinSwiftEnabled],
-        hasCustomCodeQL: false,
-        languagesInput: "",
-        languagesInRepository: ["SwiFt", "other"],
-        expected: true,
-        expectedApiCall: true,
-    },
-    {
-        name: "bypass java from input if there is kotlin in repository",
-        features: [feature_flags_1.Feature.BypassToolcacheKotlinSwiftEnabled],
-        hasCustomCodeQL: false,
-        languagesInput: "java",
-        languagesInRepository: ["kotlin", "other"],
-        expected: true,
-        expectedApiCall: true,
-    },
-    {
-        name: "don't bypass java from input if there is no kotlin in repository",
-        features: [feature_flags_1.Feature.BypassToolcacheKotlinSwiftEnabled],
-        hasCustomCodeQL: false,
-        languagesInput: "java",
-        languagesInRepository: ["java", "other"],
-        expected: false,
-        expectedApiCall: true,
-    },
-].forEach((args) => {
-    (0, ava_1.default)(`shouldBypassToolcache: ${args.name}`, async (t) => {
-        const mockRequest = (0, testing_utils_1.mockLanguagesInRepo)(args.languagesInRepository);
-        const mockLogger = (0, logging_1.getRunnerLogger)(true);
-        const featureEnablement = (0, testing_utils_1.createFeatures)(args.features);
-        const codeqlUrl = args.hasCustomCodeQL ? "custom-codeql-url" : undefined;
-        const actual = await util.shouldBypassToolcache(featureEnablement, codeqlUrl, args.languagesInput, mockRepositoryNwo, mockLogger);
-        t.deepEqual(actual, args.expected);
-        t.deepEqual(mockRequest.called, args.expectedApiCall);
-    });
-});
 //# sourceMappingURL=util.test.js.map

node_modules/.package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.2.0",
+  "version": "2.2.5",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
@@ -557,9 +557,9 @@
       }
     },
     "node_modules/@octokit/openapi-types": {
-      "version": "14.0.0",
-      "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-14.0.0.tgz",
-      "integrity": "sha512-HNWisMYlR8VCnNurDU6os2ikx0s0VyEjDYHNS/h4cgb8DeOxQ0n72HyinUtdDVxJhFy3FWLGl0DJhfEWk3P5Iw=="
+      "version": "16.0.0",
+      "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-16.0.0.tgz",
+      "integrity": "sha512-JbFWOqTJVLHZSUUoF4FzAZKYtqdxWu9Z5m2QQnOyEa04fOFljvyh7D3GYKbfuaSWisqehImiVIMG4eyJeP5VEA=="
     },
     "node_modules/@octokit/plugin-paginate-rest": {
       "version": "2.4.0",
@@ -596,25 +596,18 @@
       }
     },
     "node_modules/@octokit/plugin-retry": {
-      "version": "3.0.9",
-      "resolved": "https://registry.npmjs.org/@octokit/plugin-retry/-/plugin-retry-3.0.9.tgz",
-      "integrity": "sha512-r+fArdP5+TG6l1Rv/C9hVoty6tldw6cE2pRHNGmFPdyfrc696R6JjrQ3d7HdVqGwuzfyrcaLAKD7K8TX8aehUQ==",
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/@octokit/plugin-retry/-/plugin-retry-4.0.4.tgz",
+      "integrity": "sha512-d7qGFLR3AH+WbNEDUvBPgMc7wRCxU40FZyNXFFqs8ISw75ZYS5/P3ScggzU13dCoY0aywYDxKugGstQTwNgppA==",
       "dependencies": {
-        "@octokit/types": "^6.0.3",
+        "@octokit/types": "^9.0.0",
         "bottleneck": "^2.15.3"
-      }
-    },
-    "node_modules/@octokit/plugin-retry/node_modules/@octokit/openapi-types": {
-      "version": "12.11.0",
-      "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-12.11.0.tgz",
-      "integrity": "sha512-VsXyi8peyRq9PqIz/tpqiL2w3w80OgVMwBHltTml3LmVvXiphgeqmY9mvBw9Wu7e0QWk/fqD37ux8yP5uVekyQ=="
-    },
-    "node_modules/@octokit/plugin-retry/node_modules/@octokit/types": {
-      "version": "6.41.0",
-      "resolved": "https://registry.npmjs.org/@octokit/types/-/types-6.41.0.tgz",
-      "integrity": "sha512-eJ2jbzjdijiL3B4PrSQaSjuF2sPEQPVCPzBvTHJD9Nz+9dw2SGH4K4xeQJ77YfTq5bRQ+bD8wT11JbeDPmxmGg==",
-      "dependencies": {
-        "@octokit/openapi-types": "^12.11.0"
+      },
+      "engines": {
+        "node": ">= 14"
+      },
+      "peerDependencies": {
+        "@octokit/core": ">=3"
       }
     },
     "node_modules/@octokit/request": {
@@ -657,11 +650,11 @@
       }
     },
     "node_modules/@octokit/types": {
-      "version": "8.0.0",
-      "resolved": "https://registry.npmjs.org/@octokit/types/-/types-8.0.0.tgz",
-      "integrity": "sha512-65/TPpOJP1i3K4lBJMnWqPUJ6zuOtzhtagDvydAWbEXpbFYA0oMKKyLb95NFZZP0lSh/4b6K+DQlzvYQJQQePg==",
+      "version": "9.0.0",
+      "resolved": "https://registry.npmjs.org/@octokit/types/-/types-9.0.0.tgz",
+      "integrity": "sha512-LUewfj94xCMH2rbD5YJ+6AQ4AVjFYTgpp6rboWM5T7N3IsIF65SBEOVcYMGAEzO/kKNiNaW4LoWtoThOhH06gw==",
       "dependencies": {
-        "@octokit/openapi-types": "^14.0.0"
+        "@octokit/openapi-types": "^16.0.0"
       }
     },
     "node_modules/@opentelemetry/api": {

node_modules/@octokit/openapi-types/package.json

@@ -9,12 +9,12 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "14.0.0",
+  "version": "16.0.0",
   "main": "",
   "types": "types.d.ts",
   "author": "Gregor Martynus (https://twitter.com/gr2m)",
   "license": "MIT",
   "octokit": {
-    "openapi-version": "8.0.0"
+    "openapi-version": "10.0.0"
   }
 }

node_modules/@octokit/plugin-retry/README.md

@@ -1,6 +1,6 @@
 # plugin-retry.js
 
-> Retries requests for server 4xx/5xx responses except `400`, `401`, `403` and `404`.
+> Retries requests for server 4xx/5xx responses except `400`, `401`, `403`, `404`, and `422`.
 
 [![@latest](https://img.shields.io/npm/v/@octokit/plugin-retry.svg)](https://www.npmjs.com/package/@octokit/plugin-retry)
 [![Build Status](https://github.com/octokit/plugin-retry.js/workflows/Test/badge.svg)](https://github.com/octokit/plugin-retry.js/actions?workflow=Test)
@@ -76,7 +76,7 @@ const octokit = new MyOctokit({
 });
 ```
 
-You can manually ask for retries for any request by passing `{ request: { retries: numRetries, retryAfter: delayInSeconds }}`
+You can manually ask for retries for any request by passing `{ request: { retries: numRetries, retryAfter: delayInSeconds }}`. Note that the `doNotRetry` option from the constructor is ignored in this case, requests will be retried no matter their response code.
 
 ```js
 octokit

node_modules/@octokit/plugin-retry/dist-node/index.js

@@ -11,29 +11,26 @@ async function errorRequest(octokit, state, error, options) {
   if (!error.request || !error.request.request) {
     // address https://github.com/octokit/plugin-retry.js/issues/8
     throw error;
-  } // retry all >= 400 && not doNotRetry
-
-
+  }
+  // retry all >= 400 && not doNotRetry
   if (error.status >= 400 && !state.doNotRetry.includes(error.status)) {
     const retries = options.request.retries != null ? options.request.retries : state.retries;
     const retryAfter = Math.pow((options.request.retryCount || 0) + 1, 2);
     throw octokit.retry.retryRequest(error, retries, retryAfter);
-  } // Maybe eventually there will be more cases here
-
-
+  }
+  // Maybe eventually there will be more cases here
   throw error;
 }
 
 // @ts-ignore
-
+// @ts-ignore
 async function wrapRequest(state, request, options) {
-  const limiter = new Bottleneck(); // @ts-ignore
-
+  const limiter = new Bottleneck();
+  // @ts-ignore
   limiter.on("failed", function (error, info) {
     const maxRetries = ~~error.request.request.retries;
     const after = ~~error.request.request.retryAfter;
     options.request.retryCount = info.retryCount + 1;
-
     if (maxRetries > info.retryCount) {
       // Returning a number instructs the limiter to retry
       // the request after that number of milliseconds have passed
@@ -43,7 +40,7 @@ async function wrapRequest(state, request, options) {
   return limiter.schedule(request, options);
 }
 
-const VERSION = "3.0.9";
+const VERSION = "4.0.4";
 function retry(octokit, octokitOptions) {
   const state = Object.assign({
     enabled: true,
@@ -51,12 +48,10 @@ function retry(octokit, octokitOptions) {
     doNotRetry: [400, 401, 403, 404, 422],
     retries: 3
   }, octokitOptions.retry);
-
   if (state.enabled) {
     octokit.hook.error("request", errorRequest.bind(null, octokit, state));
     octokit.hook.wrap("request", wrapRequest.bind(null, state));
   }
-
   return {
     retry: {
       retryRequest: (error, retries, retryAfter) => {

node_modules/@octokit/plugin-retry/dist-src/version.js

@@ -1 +1 @@
-export const VERSION = "3.0.9";
+export const VERSION = "4.0.4";

node_modules/@octokit/plugin-retry/dist-types/version.d.ts

@@ -1 +1 @@
-export declare const VERSION = "3.0.9";
+export declare const VERSION = "4.0.4";

node_modules/@octokit/plugin-retry/dist-web/index.js

@@ -34,7 +34,7 @@ async function wrapRequest(state, request, options) {
     return limiter.schedule(request, options);
 }
 
-const VERSION = "3.0.9";
+const VERSION = "4.0.4";
 function retry(octokit, octokitOptions) {
     const state = Object.assign({
         enabled: true,

node_modules/@octokit/plugin-retry/dist-web/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sources":["../dist-src/error-request.js","../dist-src/wrap-request.js","../dist-src/index.js"],"sourcesContent":["// @ts-ignore\nexport async function errorRequest(octokit, state, error, options) {\n    if (!error.request || !error.request.request) {\n        // address https://github.com/octokit/plugin-retry.js/issues/8\n        throw error;\n    }\n    // retry all >= 400 && not doNotRetry\n    if (error.status >= 400 && !state.doNotRetry.includes(error.status)) {\n        const retries = options.request.retries != null ? options.request.retries : state.retries;\n        const retryAfter = Math.pow((options.request.retryCount || 0) + 1, 2);\n        throw octokit.retry.retryRequest(error, retries, retryAfter);\n    }\n    // Maybe eventually there will be more cases here\n    throw error;\n}\n","// @ts-ignore\nimport Bottleneck from \"bottleneck/light\";\n// @ts-ignore\nexport async function wrapRequest(state, request, options) {\n    const limiter = new Bottleneck();\n    // @ts-ignore\n    limiter.on(\"failed\", function (error, info) {\n        const maxRetries = ~~error.request.request.retries;\n        const after = ~~error.request.request.retryAfter;\n        options.request.retryCount = info.retryCount + 1;\n        if (maxRetries > info.retryCount) {\n            // Returning a number instructs the limiter to retry\n            // the request after that number of milliseconds have passed\n            return after * state.retryAfterBaseValue;\n        }\n    });\n    return limiter.schedule(request, options);\n}\n","import { errorRequest } from \"./error-request\";\nimport { wrapRequest } from \"./wrap-request\";\nexport const VERSION = \"3.0.9\";\nexport function retry(octokit, octokitOptions) {\n    const state = Object.assign({\n        enabled: true,\n        retryAfterBaseValue: 1000,\n        doNotRetry: [400, 401, 403, 404, 422],\n        retries: 3,\n    }, octokitOptions.retry);\n    if (state.enabled) {\n        octokit.hook.error(\"request\", errorRequest.bind(null, octokit, state));\n        octokit.hook.wrap(\"request\", wrapRequest.bind(null, state));\n    }\n    return {\n        retry: {\n            retryRequest: (error, retries, retryAfter) => {\n                error.request.request = Object.assign({}, error.request.request, {\n                    retries: retries,\n                    retryAfter: retryAfter,\n                });\n                return error;\n            },\n        },\n    };\n}\nretry.VERSION = VERSION;\n"],"names":[],"mappings":";;AAAA;AACO,eAAe,YAAY,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE;AACnE,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE;AAClD;AACA,QAAQ,MAAM,KAAK,CAAC;AACpB,KAAK;AACL;AACA,IAAI,IAAI,KAAK,CAAC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;AACzE,QAAQ,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,IAAI,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;AAClG,QAAQ,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9E,QAAQ,MAAM,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,KAAK,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;AACrE,KAAK;AACL;AACA,IAAI,MAAM,KAAK,CAAC;AAChB;;ACdA;AACA,AACA;AACA,AAAO,eAAe,WAAW,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE;AAC3D,IAAI,MAAM,OAAO,GAAG,IAAI,UAAU,EAAE,CAAC;AACrC;AACA,IAAI,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,UAAU,KAAK,EAAE,IAAI,EAAE;AAChD,QAAQ,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;AAC3D,QAAQ,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC;AACzD,QAAQ,OAAO,CAAC,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;AACzD,QAAQ,IAAI,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE;AAC1C;AACA;AACA,YAAY,OAAO,KAAK,GAAG,KAAK,CAAC,mBAAmB,CAAC;AACrD,SAAS;AACT,KAAK,CAAC,CAAC;AACP,IAAI,OAAO,OAAO,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;AAC9C,CAAC;;ACfW,MAAC,OAAO,GAAG,mBAAmB,CAAC;AAC3C,AAAO,SAAS,KAAK,CAAC,OAAO,EAAE,cAAc,EAAE;AAC/C,IAAI,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC;AAChC,QAAQ,OAAO,EAAE,IAAI;AACrB,QAAQ,mBAAmB,EAAE,IAAI;AACjC,QAAQ,UAAU,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;AAC7C,QAAQ,OAAO,EAAE,CAAC;AAClB,KAAK,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC;AAC7B,IAAI,IAAI,KAAK,CAAC,OAAO,EAAE;AACvB,QAAQ,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAC/E,QAAQ,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;AACpE,KAAK;AACL,IAAI,OAAO;AACX,QAAQ,KAAK,EAAE;AACf,YAAY,YAAY,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,UAAU,KAAK;AAC1D,gBAAgB,KAAK,CAAC,OAAO,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE;AACjF,oBAAoB,OAAO,EAAE,OAAO;AACpC,oBAAoB,UAAU,EAAE,UAAU;AAC1C,iBAAiB,CAAC,CAAC;AACnB,gBAAgB,OAAO,KAAK,CAAC;AAC7B,aAAa;AACb,SAAS;AACT,KAAK,CAAC;AACN,CAAC;AACD,KAAK,CAAC,OAAO,GAAG,OAAO,CAAC;;;;"}
+{"version":3,"file":"index.js","sources":["../dist-src/error-request.js","../dist-src/wrap-request.js","../dist-src/index.js"],"sourcesContent":["// @ts-ignore\nexport async function errorRequest(octokit, state, error, options) {\n    if (!error.request || !error.request.request) {\n        // address https://github.com/octokit/plugin-retry.js/issues/8\n        throw error;\n    }\n    // retry all >= 400 && not doNotRetry\n    if (error.status >= 400 && !state.doNotRetry.includes(error.status)) {\n        const retries = options.request.retries != null ? options.request.retries : state.retries;\n        const retryAfter = Math.pow((options.request.retryCount || 0) + 1, 2);\n        throw octokit.retry.retryRequest(error, retries, retryAfter);\n    }\n    // Maybe eventually there will be more cases here\n    throw error;\n}\n","// @ts-ignore\nimport Bottleneck from \"bottleneck/light\";\n// @ts-ignore\nexport async function wrapRequest(state, request, options) {\n    const limiter = new Bottleneck();\n    // @ts-ignore\n    limiter.on(\"failed\", function (error, info) {\n        const maxRetries = ~~error.request.request.retries;\n        const after = ~~error.request.request.retryAfter;\n        options.request.retryCount = info.retryCount + 1;\n        if (maxRetries > info.retryCount) {\n            // Returning a number instructs the limiter to retry\n            // the request after that number of milliseconds have passed\n            return after * state.retryAfterBaseValue;\n        }\n    });\n    return limiter.schedule(request, options);\n}\n","import { errorRequest } from \"./error-request\";\nimport { wrapRequest } from \"./wrap-request\";\nexport const VERSION = \"4.0.4\";\nexport function retry(octokit, octokitOptions) {\n    const state = Object.assign({\n        enabled: true,\n        retryAfterBaseValue: 1000,\n        doNotRetry: [400, 401, 403, 404, 422],\n        retries: 3,\n    }, octokitOptions.retry);\n    if (state.enabled) {\n        octokit.hook.error(\"request\", errorRequest.bind(null, octokit, state));\n        octokit.hook.wrap(\"request\", wrapRequest.bind(null, state));\n    }\n    return {\n        retry: {\n            retryRequest: (error, retries, retryAfter) => {\n                error.request.request = Object.assign({}, error.request.request, {\n                    retries: retries,\n                    retryAfter: retryAfter,\n                });\n                return error;\n            },\n        },\n    };\n}\nretry.VERSION = VERSION;\n"],"names":[],"mappings":";;AAAA;AACO,eAAe,YAAY,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE;AACnE,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE;AAClD;AACA,QAAQ,MAAM,KAAK,CAAC;AACpB,KAAK;AACL;AACA,IAAI,IAAI,KAAK,CAAC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;AACzE,QAAQ,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,IAAI,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;AAClG,QAAQ,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9E,QAAQ,MAAM,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,KAAK,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;AACrE,KAAK;AACL;AACA,IAAI,MAAM,KAAK,CAAC;AAChB;;ACdA;AACA,AACA;AACA,AAAO,eAAe,WAAW,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE;AAC3D,IAAI,MAAM,OAAO,GAAG,IAAI,UAAU,EAAE,CAAC;AACrC;AACA,IAAI,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,UAAU,KAAK,EAAE,IAAI,EAAE;AAChD,QAAQ,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;AAC3D,QAAQ,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC;AACzD,QAAQ,OAAO,CAAC,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;AACzD,QAAQ,IAAI,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE;AAC1C;AACA;AACA,YAAY,OAAO,KAAK,GAAG,KAAK,CAAC,mBAAmB,CAAC;AACrD,SAAS;AACT,KAAK,CAAC,CAAC;AACP,IAAI,OAAO,OAAO,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;AAC9C,CAAC;;ACfW,MAAC,OAAO,GAAG,mBAAmB,CAAC;AAC3C,AAAO,SAAS,KAAK,CAAC,OAAO,EAAE,cAAc,EAAE;AAC/C,IAAI,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC;AAChC,QAAQ,OAAO,EAAE,IAAI;AACrB,QAAQ,mBAAmB,EAAE,IAAI;AACjC,QAAQ,UAAU,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;AAC7C,QAAQ,OAAO,EAAE,CAAC;AAClB,KAAK,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC;AAC7B,IAAI,IAAI,KAAK,CAAC,OAAO,EAAE;AACvB,QAAQ,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAC/E,QAAQ,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;AACpE,KAAK;AACL,IAAI,OAAO;AACX,QAAQ,KAAK,EAAE;AACf,YAAY,YAAY,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,UAAU,KAAK;AAC1D,gBAAgB,KAAK,CAAC,OAAO,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE;AACjF,oBAAoB,OAAO,EAAE,OAAO;AACpC,oBAAoB,UAAU,EAAE,UAAU;AAC1C,iBAAiB,CAAC,CAAC;AACnB,gBAAgB,OAAO,KAAK,CAAC;AAC7B,aAAa;AACb,SAAS;AACT,KAAK,CAAC;AACN,CAAC;AACD,KAAK,CAAC,OAAO,GAAG,OAAO,CAAC;;;;"}

node_modules/@octokit/plugin-retry/node_modules/@octokit/openapi-types/LICENSE

@@ -1,7 +0,0 @@
-Copyright 2020 Gregor Martynus
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

node_modules/@octokit/plugin-retry/node_modules/@octokit/openapi-types/README.md

@@ -1,17 +0,0 @@
-# @octokit/openapi-types
-
-> Generated TypeScript definitions based on GitHub's OpenAPI spec
-
-This package is continously updated based on [GitHub's OpenAPI specification](https://github.com/github/rest-api-description/)
-
-## Usage
-
-```ts
-import { components } from "@octokit/openapi-types";
-
-type Repository = components["schemas"]["full-repository"];
-```
-
-## License
-
-[MIT](LICENSE)

node_modules/@octokit/plugin-retry/node_modules/@octokit/openapi-types/package.json

@@ -1,20 +0,0 @@
-{
-  "name": "@octokit/openapi-types",
-  "description": "Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/octokit/openapi-types.ts.git",
-    "directory": "packages/openapi-types"
-  },
-  "publishConfig": {
-    "access": "public"
-  },
-  "version": "12.11.0",
-  "main": "",
-  "types": "types.d.ts",
-  "author": "Gregor Martynus (https://twitter.com/gr2m)",
-  "license": "MIT",
-  "octokit": {
-    "openapi-version": "6.8.0"
-  }
-}

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/LICENSE

@@ -1,7 +0,0 @@
-MIT License Copyright (c) 2019 Octokit contributors
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice (including the next paragraph) shall be included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/README.md

@@ -1,65 +0,0 @@
-# types.ts
-
-> Shared TypeScript definitions for Octokit projects
-
-[![@latest](https://img.shields.io/npm/v/@octokit/types.svg)](https://www.npmjs.com/package/@octokit/types)
-[![Build Status](https://github.com/octokit/types.ts/workflows/Test/badge.svg)](https://github.com/octokit/types.ts/actions?workflow=Test)
-
-<!-- toc -->
-
-- [Usage](#usage)
-- [Examples](#examples)
-  - [Get parameter and response data types for a REST API endpoint](#get-parameter-and-response-data-types-for-a-rest-api-endpoint)
-  - [Get response types from endpoint methods](#get-response-types-from-endpoint-methods)
-- [Contributing](#contributing)
-- [License](#license)
-
-<!-- tocstop -->
-
-## Usage
-
-See all exported types at https://octokit.github.io/types.ts
-
-## Examples
-
-### Get parameter and response data types for a REST API endpoint
-
-```ts
-import { Endpoints } from "@octokit/types";
-
-type listUserReposParameters =
-  Endpoints["GET /repos/{owner}/{repo}"]["parameters"];
-type listUserReposResponse = Endpoints["GET /repos/{owner}/{repo}"]["response"];
-
-async function listRepos(
-  options: listUserReposParameters
-): listUserReposResponse["data"] {
-  // ...
-}
-```
-
-### Get response types from endpoint methods
-
-```ts
-import {
-  GetResponseTypeFromEndpointMethod,
-  GetResponseDataTypeFromEndpointMethod,
-} from "@octokit/types";
-import { Octokit } from "@octokit/rest";
-
-const octokit = new Octokit();
-type CreateLabelResponseType = GetResponseTypeFromEndpointMethod<
-  typeof octokit.issues.createLabel
->;
-type CreateLabelResponseDataType = GetResponseDataTypeFromEndpointMethod<
-  typeof octokit.issues.createLabel
->;
-```
-
-## Contributing
-
-See [CONTRIBUTING.md](CONTRIBUTING.md)
-
-## License
-
-[MIT](LICENSE)

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-node/index.js

@@ -1,8 +0,0 @@
-'use strict';
-
-Object.defineProperty(exports, '__esModule', { value: true });
-
-const VERSION = "6.41.0";
-
-exports.VERSION = VERSION;
-//# sourceMappingURL=index.js.map

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-node/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sources":["../dist-src/VERSION.js"],"sourcesContent":["export const VERSION = \"0.0.0-development\";\n"],"names":["VERSION"],"mappings":";;;;MAAaA,OAAO,GAAG;;;;"}

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/AuthInterface.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/EndpointDefaults.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/EndpointInterface.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/EndpointOptions.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/Fetch.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/GetResponseTypeFromEndpointMethod.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/OctokitResponse.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/RequestError.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/RequestHeaders.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/RequestInterface.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/RequestMethod.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/RequestOptions.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/RequestParameters.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/RequestRequestOptions.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/ResponseHeaders.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/Route.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/Signal.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/StrategyInterface.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/Url.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/VERSION.js

@@ -1 +0,0 @@
-export const VERSION = "6.41.0";

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/generated/Endpoints.js

@@ -1 +0,0 @@
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-src/index.js

@@ -1,21 +0,0 @@
-export * from "./AuthInterface";
-export * from "./EndpointDefaults";
-export * from "./EndpointInterface";
-export * from "./EndpointOptions";
-export * from "./Fetch";
-export * from "./OctokitResponse";
-export * from "./RequestError";
-export * from "./RequestHeaders";
-export * from "./RequestInterface";
-export * from "./RequestMethod";
-export * from "./RequestOptions";
-export * from "./RequestParameters";
-export * from "./RequestRequestOptions";
-export * from "./ResponseHeaders";
-export * from "./Route";
-export * from "./Signal";
-export * from "./StrategyInterface";
-export * from "./Url";
-export * from "./VERSION";
-export * from "./GetResponseTypeFromEndpointMethod";
-export * from "./generated/Endpoints";

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/AuthInterface.d.ts

@@ -1,31 +0,0 @@
-import { EndpointOptions } from "./EndpointOptions";
-import { OctokitResponse } from "./OctokitResponse";
-import { RequestInterface } from "./RequestInterface";
-import { RequestParameters } from "./RequestParameters";
-import { Route } from "./Route";
-/**
- * Interface to implement complex authentication strategies for Octokit.
- * An object Implementing the AuthInterface can directly be passed as the
- * `auth` option in the Octokit constructor.
- *
- * For the official implementations of the most common authentication
- * strategies, see https://github.com/octokit/auth.js
- */
-export interface AuthInterface<AuthOptions extends any[], Authentication extends any> {
-    (...args: AuthOptions): Promise<Authentication>;
-    hook: {
-        /**
-         * Sends a request using the passed `request` instance
-         *
-         * @param {object} endpoint Must set `method` and `url`. Plus URL, query or body parameters, as well as `headers`, `mediaType.{format|previews}`, `request`, or `baseUrl`.
-         */
-        <T = any>(request: RequestInterface, options: EndpointOptions): Promise<OctokitResponse<T>>;
-        /**
-         * Sends a request using the passed `request` instance
-         *
-         * @param {string} route Request method + URL. Example: `'GET /orgs/{org}'`
-         * @param {object} [parameters] URL, query or body parameters, as well as `headers`, `mediaType.{format|previews}`, `request`, or `baseUrl`.
-         */
-        <T = any>(request: RequestInterface, route: Route, parameters?: RequestParameters): Promise<OctokitResponse<T>>;
-    };
-}

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/EndpointDefaults.d.ts

@@ -1,21 +0,0 @@
-import { RequestHeaders } from "./RequestHeaders";
-import { RequestMethod } from "./RequestMethod";
-import { RequestParameters } from "./RequestParameters";
-import { Url } from "./Url";
-/**
- * The `.endpoint()` method is guaranteed to set all keys defined by RequestParameters
- * as well as the method property.
- */
-export declare type EndpointDefaults = RequestParameters & {
-    baseUrl: Url;
-    method: RequestMethod;
-    url?: Url;
-    headers: RequestHeaders & {
-        accept: string;
-        "user-agent": string;
-    };
-    mediaType: {
-        format: string;
-        previews: string[];
-    };
-};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/EndpointInterface.d.ts

@@ -1,65 +0,0 @@
-import { EndpointDefaults } from "./EndpointDefaults";
-import { RequestOptions } from "./RequestOptions";
-import { RequestParameters } from "./RequestParameters";
-import { Route } from "./Route";
-import { Endpoints } from "./generated/Endpoints";
-export interface EndpointInterface<D extends object = object> {
-    /**
-     * Transforms a GitHub REST API endpoint into generic request options
-     *
-     * @param {object} endpoint Must set `url` unless it's set defaults. Plus URL, query or body parameters, as well as `headers`, `mediaType.{format|previews}`, `request`, or `baseUrl`.
-     */
-    <O extends RequestParameters = RequestParameters>(options: O & {
-        method?: string;
-    } & ("url" extends keyof D ? {
-        url?: string;
-    } : {
-        url: string;
-    })): RequestOptions & Pick<D & O, keyof RequestOptions>;
-    /**
-     * Transforms a GitHub REST API endpoint into generic request options
-     *
-     * @param {string} route Request method + URL. Example: `'GET /orgs/{org}'`
-     * @param {object} [parameters] URL, query or body parameters, as well as `headers`, `mediaType.{format|previews}`, `request`, or `baseUrl`.
-     */
-    <R extends Route, P extends RequestParameters = R extends keyof Endpoints ? Endpoints[R]["parameters"] & RequestParameters : RequestParameters>(route: keyof Endpoints | R, parameters?: P): (R extends keyof Endpoints ? Endpoints[R]["request"] : RequestOptions) & Pick<P, keyof RequestOptions>;
-    /**
-     * Object with current default route and parameters
-     */
-    DEFAULTS: D & EndpointDefaults;
-    /**
-     * Returns a new `endpoint` interface with new defaults
-     */
-    defaults: <O extends RequestParameters = RequestParameters>(newDefaults: O) => EndpointInterface<D & O>;
-    merge: {
-        /**
-         * Merges current endpoint defaults with passed route and parameters,
-         * without transforming them into request options.
-         *
-         * @param {string} route Request method + URL. Example: `'GET /orgs/{org}'`
-         * @param {object} [parameters] URL, query or body parameters, as well as `headers`, `mediaType.{format|previews}`, `request`, or `baseUrl`.
-         *
-         */
-        <R extends Route, P extends RequestParameters = R extends keyof Endpoints ? Endpoints[R]["parameters"] & RequestParameters : RequestParameters>(route: keyof Endpoints | R, parameters?: P): D & (R extends keyof Endpoints ? Endpoints[R]["request"] & Endpoints[R]["parameters"] : EndpointDefaults) & P;
-        /**
-         * Merges current endpoint defaults with passed route and parameters,
-         * without transforming them into request options.
-         *
-         * @param {object} endpoint Must set `method` and `url`. Plus URL, query or body parameters, as well as `headers`, `mediaType.{format|previews}`, `request`, or `baseUrl`.
-         */
-        <P extends RequestParameters = RequestParameters>(options: P): EndpointDefaults & D & P;
-        /**
-         * Returns current default options.
-         *
-         * @deprecated use endpoint.DEFAULTS instead
-         */
-        (): D & EndpointDefaults;
-    };
-    /**
-     * Stateless method to turn endpoint options into request options.
-     * Calling `endpoint(options)` is the same as calling `endpoint.parse(endpoint.merge(options))`.
-     *
-     * @param {object} options `method`, `url`. Plus URL, query or body parameters, as well as `headers`, `mediaType.{format|previews}`, `request`, or `baseUrl`.
-     */
-    parse: <O extends EndpointDefaults = EndpointDefaults>(options: O) => RequestOptions & Pick<O, keyof RequestOptions>;
-}

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/EndpointOptions.d.ts

@@ -1,7 +0,0 @@
-import { RequestMethod } from "./RequestMethod";
-import { Url } from "./Url";
-import { RequestParameters } from "./RequestParameters";
-export declare type EndpointOptions = RequestParameters & {
-    method: RequestMethod;
-    url: Url;
-};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/Fetch.d.ts

@@ -1,4 +0,0 @@
-/**
- * Browser's fetch method (or compatible such as fetch-mock)
- */
-export declare type Fetch = any;

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/GetResponseTypeFromEndpointMethod.d.ts

@@ -1,5 +0,0 @@
-declare type Unwrap<T> = T extends Promise<infer U> ? U : T;
-declare type AnyFunction = (...args: any[]) => any;
-export declare type GetResponseTypeFromEndpointMethod<T extends AnyFunction> = Unwrap<ReturnType<T>>;
-export declare type GetResponseDataTypeFromEndpointMethod<T extends AnyFunction> = Unwrap<ReturnType<T>>["data"];
-export {};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/OctokitResponse.d.ts

@@ -1,17 +0,0 @@
-import { ResponseHeaders } from "./ResponseHeaders";
-import { Url } from "./Url";
-export declare type OctokitResponse<T, S extends number = number> = {
-    headers: ResponseHeaders;
-    /**
-     * http response code
-     */
-    status: S;
-    /**
-     * URL of response after all redirects
-     */
-    url: Url;
-    /**
-     * Response data as documented in the REST API reference documentation at https://docs.github.com/rest/reference
-     */
-    data: T;
-};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/RequestError.d.ts

@@ -1,11 +0,0 @@
-export declare type RequestError = {
-    name: string;
-    status: number;
-    documentation_url: string;
-    errors?: Array<{
-        resource: string;
-        code: string;
-        field: string;
-        message?: string;
-    }>;
-};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/RequestHeaders.d.ts

@@ -1,15 +0,0 @@
-export declare type RequestHeaders = {
-    /**
-     * Avoid setting `headers.accept`, use `mediaType.{format|previews}` option instead.
-     */
-    accept?: string;
-    /**
-     * Use `authorization` to send authenticated request, remember `token ` / `bearer ` prefixes. Example: `token 1234567890abcdef1234567890abcdef12345678`
-     */
-    authorization?: string;
-    /**
-     * `user-agent` is set do a default and can be overwritten as needed.
-     */
-    "user-agent"?: string;
-    [header: string]: string | number | undefined;
-};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/RequestInterface.d.ts

@@ -1,34 +0,0 @@
-import { EndpointInterface } from "./EndpointInterface";
-import { OctokitResponse } from "./OctokitResponse";
-import { RequestParameters } from "./RequestParameters";
-import { Route } from "./Route";
-import { Endpoints } from "./generated/Endpoints";
-export interface RequestInterface<D extends object = object> {
-    /**
-     * Sends a request based on endpoint options
-     *
-     * @param {object} endpoint Must set `method` and `url`. Plus URL, query or body parameters, as well as `headers`, `mediaType.{format|previews}`, `request`, or `baseUrl`.
-     */
-    <T = any, O extends RequestParameters = RequestParameters>(options: O & {
-        method?: string;
-    } & ("url" extends keyof D ? {
-        url?: string;
-    } : {
-        url: string;
-    })): Promise<OctokitResponse<T>>;
-    /**
-     * Sends a request based on endpoint options
-     *
-     * @param {string} route Request method + URL. Example: `'GET /orgs/{org}'`
-     * @param {object} [parameters] URL, query or body parameters, as well as `headers`, `mediaType.{format|previews}`, `request`, or `baseUrl`.
-     */
-    <R extends Route>(route: keyof Endpoints | R, options?: R extends keyof Endpoints ? Endpoints[R]["parameters"] & RequestParameters : RequestParameters): R extends keyof Endpoints ? Promise<Endpoints[R]["response"]> : Promise<OctokitResponse<any>>;
-    /**
-     * Returns a new `request` with updated route and parameters
-     */
-    defaults: <O extends RequestParameters = RequestParameters>(newDefaults: O) => RequestInterface<D & O>;
-    /**
-     * Octokit endpoint API, see {@link https://github.com/octokit/endpoint.js|@octokit/endpoint}
-     */
-    endpoint: EndpointInterface<D>;
-}

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/RequestMethod.d.ts

@@ -1,4 +0,0 @@
-/**
- * HTTP Verb supported by GitHub's REST API
- */
-export declare type RequestMethod = "DELETE" | "GET" | "HEAD" | "PATCH" | "POST" | "PUT";

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/RequestOptions.d.ts

@@ -1,14 +0,0 @@
-import { RequestHeaders } from "./RequestHeaders";
-import { RequestMethod } from "./RequestMethod";
-import { RequestRequestOptions } from "./RequestRequestOptions";
-import { Url } from "./Url";
-/**
- * Generic request options as they are returned by the `endpoint()` method
- */
-export declare type RequestOptions = {
-    method: RequestMethod;
-    url: Url;
-    headers: RequestHeaders;
-    body?: any;
-    request?: RequestRequestOptions;
-};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/RequestParameters.d.ts

@@ -1,45 +0,0 @@
-import { RequestRequestOptions } from "./RequestRequestOptions";
-import { RequestHeaders } from "./RequestHeaders";
-import { Url } from "./Url";
-/**
- * Parameters that can be passed into `request(route, parameters)` or `endpoint(route, parameters)` methods
- */
-export declare type RequestParameters = {
-    /**
-     * Base URL to be used when a relative URL is passed, such as `/orgs/{org}`.
-     * If `baseUrl` is `https://enterprise.acme-inc.com/api/v3`, then the request
-     * will be sent to `https://enterprise.acme-inc.com/api/v3/orgs/{org}`.
-     */
-    baseUrl?: Url;
-    /**
-     * HTTP headers. Use lowercase keys.
-     */
-    headers?: RequestHeaders;
-    /**
-     * Media type options, see {@link https://developer.github.com/v3/media/|GitHub Developer Guide}
-     */
-    mediaType?: {
-        /**
-         * `json` by default. Can be `raw`, `text`, `html`, `full`, `diff`, `patch`, `sha`, `base64`. Depending on endpoint
-         */
-        format?: string;
-        /**
-         * Custom media type names of {@link https://developer.github.com/v3/media/|API Previews} without the `-preview` suffix.
-         * Example for single preview: `['squirrel-girl']`.
-         * Example for multiple previews: `['squirrel-girl', 'mister-fantastic']`.
-         */
-        previews?: string[];
-    };
-    /**
-     * Pass custom meta information for the request. The `request` object will be returned as is.
-     */
-    request?: RequestRequestOptions;
-    /**
-     * Any additional parameter will be passed as follows
-     * 1. URL parameter if `':parameter'` or `{parameter}` is part of `url`
-     * 2. Query parameter if `method` is `'GET'` or `'HEAD'`
-     * 3. Request body if `parameter` is `'data'`
-     * 4. JSON in the request body in the form of `body[parameter]` unless `parameter` key is `'data'`
-     */
-    [parameter: string]: unknown;
-};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/RequestRequestOptions.d.ts

@@ -1,26 +0,0 @@
-import { Fetch } from "./Fetch";
-import { Signal } from "./Signal";
-/**
- * Octokit-specific request options which are ignored for the actual request, but can be used by Octokit or plugins to manipulate how the request is sent or how a response is handled
- */
-export declare type RequestRequestOptions = {
-    /**
-     * Node only. Useful for custom proxy, certificate, or dns lookup.
-     *
-     * @see https://nodejs.org/api/http.html#http_class_http_agent
-     */
-    agent?: unknown;
-    /**
-     * Custom replacement for built-in fetch method. Useful for testing or request hooks.
-     */
-    fetch?: Fetch;
-    /**
-     * Use an `AbortController` instance to cancel a request. In node you can only cancel streamed requests.
-     */
-    signal?: Signal;
-    /**
-     * Node only. Request/response timeout in ms, it resets on redirect. 0 to disable (OS limit applies). `options.request.signal` is recommended instead.
-     */
-    timeout?: number;
-    [option: string]: any;
-};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/ResponseHeaders.d.ts

@@ -1,20 +0,0 @@
-export declare type ResponseHeaders = {
-    "cache-control"?: string;
-    "content-length"?: number;
-    "content-type"?: string;
-    date?: string;
-    etag?: string;
-    "last-modified"?: string;
-    link?: string;
-    location?: string;
-    server?: string;
-    status?: string;
-    vary?: string;
-    "x-github-mediatype"?: string;
-    "x-github-request-id"?: string;
-    "x-oauth-scopes"?: string;
-    "x-ratelimit-limit"?: string;
-    "x-ratelimit-remaining"?: string;
-    "x-ratelimit-reset"?: string;
-    [header: string]: string | number | undefined;
-};

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/Route.d.ts

@@ -1,4 +0,0 @@
-/**
- * String consisting of an optional HTTP method and relative path or absolute URL. Examples: `'/orgs/{org}'`, `'PUT /orgs/{org}'`, `GET https://example.com/foo/bar`
- */
-export declare type Route = string;

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/Signal.d.ts

@@ -1,6 +0,0 @@
-/**
- * Abort signal
- *
- * @see https://developer.mozilla.org/en-US/docs/Web/API/AbortSignal
- */
-export declare type Signal = any;

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/StrategyInterface.d.ts

@@ -1,4 +0,0 @@
-import { AuthInterface } from "./AuthInterface";
-export interface StrategyInterface<StrategyOptions extends any[], AuthOptions extends any[], Authentication extends object> {
-    (...args: StrategyOptions): AuthInterface<AuthOptions, Authentication>;
-}

node_modules/@octokit/plugin-retry/node_modules/@octokit/types/dist-types/Url.d.ts

@@ -1,4 +0,0 @@
-/**
- * Relative or absolute URL. Examples: `'/orgs/{org}'`, `https://example.com/foo/bar`
- */
-export declare type Url = string;