Merge pull request #1166 from github/update-v1.1.18-2ca79b6f

Merge releases/v2 into releases/v1
Update checked-in dependencies
2025-12-09 01:08:10 +08:00 · 2022-08-03 12:25:21 -07:00 · 2022-08-03 17:59:40 +00:00 · 2022-08-03 17:48:10 +00:00 · 2022-08-03 17:48:06 +00:00 · 2022-08-03 17:48:06 +00:00
11620 changed files with 567272 additions and 1093247 deletions
--- a/.eslintignore
+++ b/.eslintignore
@@ -1,4 +1,5 @@
 **/webpack.config.js
 lib/**
 runner/dist/**
 src/testdata/**
 tests/**
--- a/.eslintrc.json
+++ b/.eslintrc.json
@@ -16,10 +16,7 @@
    "rules": {
        "filenames/match-regex": ["error", "^[a-z0-9-]+(\\.test)?$"],
        "i18n-text/no-en": "off",
-        "import/extensions": ["error", {
+        "import/extensions": "error",
            // Allow importing JSON files
            "json": {}
        }],
        "import/no-amd": "error",
        "import/no-commonjs": "error",
        "import/no-dynamic-require": "error",
@@ -33,12 +30,6 @@
            "alphabetize": {"order": "asc"},
            "newlines-between": "always"
        }],
        "max-len": ["error", {
            "code": 120,
            "ignoreUrls": true,
            "ignoreStrings": true,
            "ignoreTemplateLiterals": true
        }],
        "no-async-foreach/no-async-foreach": "error",
        "no-console": "off",
        "no-sequences": "error",
@@ -64,13 +55,5 @@
            "func-style": "off",
            "sort-imports": "off"
        }
-    }],
+    }]
    "settings": {
        "import/resolver": {
            "node": {
                "moduleDirectory": ["node_modules", "src"]
            },
            "typescript": {}
        }
    }
 }
--- a/.github/check-codescanning-config/action.yml
+++ b/.github/check-codescanning-config/action.yml
@@ -1,62 +0,0 @@
 name: Check Code-Scanning Config
 description: |
    Checks the code scanning configuration file generated by the
    action to ensure it contains the expected contents
 inputs:
  languages:
    required: false
    description: The languages field passed to the init action.
  packs:
    required: false
    description: The packs field passed to the init action.
  queries:
    required: false
    description: The queries field passed to the init action.
  config-file-test:
    required: false
    description: |
      The location of the config file to use. If empty,
      then no config file is used.
  expected-config-file-contents:
    required: true
    description: |
      A JSON string containing the exact contents of the config file.
  tools:
    required: true
    description: |
      The url of codeql to use.
 runs:
  using: composite
  steps:
    - uses: ./../action/init
      with:
        languages: ${{ inputs.languages }}
        config-file: ${{ inputs.config-file-test }}
        queries: ${{ inputs.queries }}
        packs: ${{ inputs.packs }}
        tools: ${{ inputs.tools }}
        db-location: ${{ runner.temp }}/codescanning-config-cli-test
      env:
        CODEQL_ACTION_TEST_MODE: 'true'
    - name: Install dependencies
      shell: bash
      run: npm install --location=global ts-node js-yaml
    - name: Check config
      working-directory: ${{ github.action_path }}
      shell: bash
      run: ts-node ./index.ts "${{ runner.temp }}/user-config.yaml" '${{ inputs.expected-config-file-contents }}'
    - name: Clean up
      shell: bash
      if: always()
      run: |
        rm -rf ${{ runner.temp }}/codescanning-config-cli-test
        rm -rf ${{ runner.temp }}/user-config.yaml
--- a/.github/check-codescanning-config/index.ts
+++ b/.github/check-codescanning-config/index.ts
@@ -1,39 +0,0 @@
 import * as core from '@actions/core'
 import * as yaml from 'js-yaml'
 import * as fs from 'fs'
 import * as assert from 'assert'
 const actualConfig = loadActualConfig()
 const rawExpectedConfig = process.argv[3].trim()
 if (!rawExpectedConfig) {
  core.info('No expected configuration provided')
 } else {
  core.startGroup('Expected generated user config')
  core.info(yaml.dump(JSON.parse(rawExpectedConfig)))
  core.endGroup()
 }
 const expectedConfig = rawExpectedConfig ? JSON.parse(rawExpectedConfig) : undefined;
 assert.deepStrictEqual(
  actualConfig,
  expectedConfig,
  'Expected configuration does not match actual configuration'
 );
 function loadActualConfig() {
  if (!fs.existsSync(process.argv[2])) {
    core.info('No configuration file found')
    return undefined
  } else {
    const rawActualConfig = fs.readFileSync(process.argv[2], 'utf8')
    core.startGroup('Actual generated user config')
    core.info(rawActualConfig)
    core.endGroup()
    return yaml.load(rawActualConfig)
  }
 }
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,17 +1,20 @@
 version: 2
 updates:
-  - package-ecosystem: npm
+  - package-ecosystem: "npm"
    directory: "/"
    schedule:
-      interval: weekly
+      interval: "weekly"
      day: "thursday" # Gives us a working day to merge this before our typical release
    labels:
-      - Update dependencies
+      - "Update dependencies"
    ignore:
      - dependency-name: "*"
-        update-types:
+        update-types: ["version-update:semver-minor", "version-update:semver-patch"]
-          - version-update:semver-minor
+  - package-ecosystem: "npm"
-          - version-update:semver-patch
+    directory: "/runner"
  - package-ecosystem: github-actions
    directory: "/"
    schedule:
-      interval: weekly
+      interval: "weekly"
      day: "thursday" # Gives us a working day to merge this before our typical release
    ignore:
      - dependency-name: "*"
        update-types: ["version-update:semver-minor", "version-update:semver-patch"]
--- a/.github/prepare-test/action.yml
+++ b/.github/prepare-test/action.yml
@@ -2,11 +2,9 @@ name: "Prepare test"
 description: Performs some preparation to run tests
 inputs:
  version:
    description: "The version of the CodeQL CLI to use. Can be 'latest', 'cached', 'nightly-latest', 'nightly-YYYY-MM-DD', or 'stable-YYYY-MM-DD'."
    required: true
 outputs:
  tools-url:
    description: "The value that should be passed as the 'tools' input of the 'init' step."
    value: ${{ steps.get-url.outputs.tools-url }}
 runs:
  using: composite
@@ -22,21 +20,19 @@ runs:
      name: Determine URL
      shell: bash
      run: |
        set -e # Fail this Action if `gh release list` fails.
        if [[ ${{ inputs.version }} == "nightly-latest" ]]; then
          export LATEST=`gh release list --repo dsp-testing/codeql-cli-nightlies -L 1 | cut -f 3`
-          echo "tools-url=https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/$LATEST/codeql-bundle.tar.gz" >> $GITHUB_OUTPUT
+          echo "::set-output name=tools-url::https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/$LATEST/codeql-bundle.tar.gz"
        elif [[ ${{ inputs.version }} == *"nightly"* ]]; then
          export VERSION=`echo ${{ inputs.version }} | sed -e 's/^.*\-//'`
-          echo "tools-url=https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-$VERSION-manual/codeql-bundle.tar.gz" >> $GITHUB_OUTPUT
+          echo "::set-output name=tools-url::https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-$VERSION-manual/codeql-bundle.tar.gz"
        elif [[ ${{ inputs.version }} == *"stable"* ]]; then
          export VERSION=`echo ${{ inputs.version }} | sed -e 's/^.*\-//'`
-          echo "tools-url=https://github.com/github/codeql-action/releases/download/codeql-bundle-$VERSION/codeql-bundle.tar.gz" >> $GITHUB_OUTPUT
+          echo "::set-output name=tools-url::https://github.com/github/codeql-action/releases/download/codeql-bundle-$VERSION/codeql-bundle.tar.gz"
        elif [[ ${{ inputs.version }} == "latest" ]]; then
-          echo "tools-url=latest" >> $GITHUB_OUTPUT
+          echo "::set-output name=tools-url::latest"
        elif [[ ${{ inputs.version }} == "cached" ]]; then
-          echo "tools-url=" >> $GITHUB_OUTPUT
+          echo "::set-output name=tools-url::"
        else
-          echo "::error::Unrecognized version specified!"
+          echo "::error Unrecognized version specified!"
          exit 1
        fi
--- a/.github/query-filter-test/action.yml
+++ b/.github/query-filter-test/action.yml
@@ -1,5 +1,5 @@
 name: Query Filter Test
-description: Runs a test of query filters using the check SARIF action
+description: Runs a test of query filters using the check sarif action
 inputs:
  sarif-file:
    required: true
@@ -34,15 +34,13 @@ runs:
        config-file: ${{ inputs.config-file }}
        tools: ${{ inputs.tools }}
        db-location: ${{ runner.temp }}/query-filter-test
      env:
        CODEQL_ACTION_TEST_MODE: "true"
    - uses: ./../action/analyze
      with:
        output: ${{ runner.temp }}/results
        upload-database: false
        upload: false
      env:
-        CODEQL_ACTION_TEST_MODE: "true"
+        TEST_MODE: "true"
    - name: Check SARIF
      uses: ./../action/.github/check-sarif
      with:
@@ -51,4 +49,4 @@ runs:
        queries-not-run: ${{ inputs.queries-not-run}}
    - name: Cleanup after test
      shell: bash
-      run: rm -rf "$RUNNER_TEMP/results" "$RUNNER_TEMP/query-filter-test"
+      run: rm -rf "$RUNNER_TEMP/results" "$RUNNER_TEMP//query-filter-test"
--- a/.github/setup-swift/action.yml
+++ b/.github/setup-swift/action.yml
@@ -1,32 +0,0 @@
 name: "Set up Swift"
 description: Performs necessary steps to set up appropriate Swift version.
 inputs:
  codeql-path:
    required: true
 runs:
  using: "composite"
  steps:
    - name: Get Swift version
      id: get_swift_version
      # We don't support Swift on Windows or prior versions of CLI.
      if: "(runner.os != 'Windows') && (matrix.version == 'cached' || matrix.version == 'latest' || matrix.version == 'nightly-latest')"
      shell: bash
      env: 
        CODEQL_PATH: ${{inputs.codeql-path}}
      run: |
        if [ $RUNNER_OS = "macOS" ]; then
          PLATFORM="osx64"
        else # We do not run this step on Windows.
          PLATFORM="linux64"
        fi 
        SWIFT_EXTRACTOR_DIR="$("$CODEQL_PATH" resolve languages --format json | jq -r '.swift[0]')"
        VERSION="$("$SWIFT_EXTRACTOR_DIR/tools/$PLATFORM/extractor" --version | awk '/version/ { print $3 }')"
        # Specify 5.7.0, otherwise setup Action will default to latest minor version. 
        if [ $VERSION = "5.7" ]; then
          VERSION="5.7.0"
        fi
        echo "version=$VERSION" | tee -a $GITHUB_OUTPUT
    - uses: swift-actions/setup-swift@194625b58a582570f61cc707c3b558086c26b723
      if: "(runner.os != 'Windows') && (matrix.version == 'cached' || matrix.version == 'latest' || matrix.version == 'nightly-latest')"
      with:
        swift-version: "${{steps.get_swift_version.outputs.version}}"
--- a/.github/update-release-branch.py
+++ b/.github/update-release-branch.py
@@ -5,7 +5,7 @@ import json
 import os
 import subprocess
-EMPTY_CHANGELOG = """# CodeQL Action Changelog
+EMPTY_CHANGELOG = """# CodeQL Action and CodeQL Runner Changelog
 ## [UNRELEASED]
@@ -13,8 +13,14 @@ No user facing changes.
 """
-SOURCE_BRANCH = 'main'
+# Value of the mode flag for a v1 release
-TARGET_BRANCH = 'releases/v2'
+V1_MODE = 'v1-release'
 # Value of the mode flag for a v2 release
 V2_MODE = 'v2-release'
 SOURCE_BRANCH_FOR_MODE = { V1_MODE: 'releases/v2', V2_MODE: 'main' }
 TARGET_BRANCH_FOR_MODE = { V1_MODE: 'releases/v1', V2_MODE: 'releases/v2' }
 # Name of the remote
 ORIGIN = 'origin'
@@ -26,7 +32,7 @@ def run_git(*args, allow_non_zero_exit_code=False):
  cmd = ['git', *args]
  p = subprocess.run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
  if not allow_non_zero_exit_code and p.returncode != 0:
-    raise Exception(f'Call to {" ".join(cmd)} exited with code {p.returncode} stderr: {p.stderr.decode("ascii")}.')
+    raise Exception('Call to ' + ' '.join(cmd) + ' exited with code ' + str(p.returncode) + ' stderr:' + p.stderr.decode('ascii'))
  return p.stdout.decode('ascii')
 # Returns true if the given branch exists on the origin remote
@@ -34,21 +40,23 @@ def branch_exists_on_remote(branch_name):
  return run_git('ls-remote', '--heads', ORIGIN, branch_name).strip() != ''
 # Opens a PR from the given branch to the target branch
-def open_pr(repo, all_commits, source_branch_short_sha, new_branch_name, conductor):
+def open_pr(
  repo, all_commits, source_branch_short_sha, new_branch_name, source_branch, target_branch,
  conductor, is_v2_release, labels, conflicted_files):
  # Sort the commits into the pull requests that introduced them,
  # and any commits that don't have a pull request
  pull_requests = []
  commits_without_pull_requests = []
  for commit in all_commits:
-    pr = get_pr_for_commit(commit)
+    pr = get_pr_for_commit(repo, commit)
    if pr is None:
      commits_without_pull_requests.append(commit)
    elif not any(p for p in pull_requests if p.number == pr.number):
      pull_requests.append(pr)
-  print(f'Found {len(pull_requests)} pull requests.')
+  print('Found ' + str(len(pull_requests)) + ' pull requests')
-  print(f'Found {len(commits_without_pull_requests)} commits not in a pull request.')
+  print('Found ' + str(len(commits_without_pull_requests)) + ' commits not in a pull request')
  # Sort PRs and commits by age
  pull_requests = sorted(pull_requests, key=lambda pr: pr.number)
@@ -56,10 +64,10 @@ def open_pr(repo, all_commits, source_branch_short_sha, new_branch_name, conduct
  # Start constructing the body text
  body = []
-  body.append(f'Merging {source_branch_short_sha} into {TARGET_BRANCH}.')
+  body.append('Merging ' + source_branch_short_sha + ' into ' + target_branch)
  body.append('')
-  body.append(f'Conductor for this PR is @{conductor}.')
+  body.append('Conductor for this PR is @' + conductor)
  # List all PRs merged
  if len(pull_requests) > 0:
@@ -67,45 +75,53 @@ def open_pr(repo, all_commits, source_branch_short_sha, new_branch_name, conduct
    body.append('Contains the following pull requests:')
    for pr in pull_requests:
      merger = get_merger_of_pr(repo, pr)
-      body.append(f'- #{pr.number} (@{merger})')
+      body.append('- #' + str(pr.number) + ' - ' + pr.title +' (@' + merger + ')')
  # List all commits not part of a PR
  if len(commits_without_pull_requests) > 0:
    body.append('')
    body.append('Contains the following commits not from a pull request:')
    for commit in commits_without_pull_requests:
-      author_description = f' (@{commit.author.login})' if commit.author is not None else ''
+      author_description = ' (@' + commit.author.login + ')' if commit.author is not None else ''
-      body.append(f'- {commit.sha} - {get_truncated_commit_message(commit)}{author_description}')
+      body.append('- ' + commit.sha + ' - ' + get_truncated_commit_message(commit) + author_description)
  body.append('')
-  body.append('Please do the following:')
+  body.append('Please review the following:')
-  body.append(' - [ ] Ensure the CHANGELOG displays the correct version and date.')
+  if len(conflicted_files) > 0:
-  body.append(' - [ ] Ensure the CHANGELOG includes all relevant, user-facing changes since the last release.')
+    body.append(' - [ ] You have added commits to this branch that resolve the merge conflicts ' +
-  body.append(f' - [ ] Check that there are not any unexpected commits being merged into the {TARGET_BRANCH} branch.')
+      'in the following files:')
-  body.append(' - [ ] Ensure the docs team is aware of any documentation changes that need to be released.')
+    body.extend([f'    - [ ] `{file}`' for file in conflicted_files])
-  body.append(' - [ ] Approve and merge this PR. Make sure `Create a merge commit` is selected rather than `Squash and merge` or `Rebase and merge`.')
+    body.append(' - [ ] Another maintainer has reviewed the additional commits you added to this ' +
-  body.append(' - [ ] Merge the mergeback PR that will automatically be created once this PR is merged.')
+      'branch to resolve the merge conflicts.')
  body.append(' - [ ] The CHANGELOG displays the correct version and date.')
  body.append(' - [ ] The CHANGELOG includes all relevant, user-facing changes since the last release.')
  body.append(' - [ ] There are no unexpected commits being merged into the ' + target_branch + ' branch.')
  body.append(' - [ ] The docs team is aware of any documentation changes that need to be released.')
  if is_v2_release:
    body.append(' - [ ] The mergeback PR is merged back into ' + source_branch + ' after this PR is merged.')
    body.append(' - [ ] The v1 release PR is merged after this PR is merged.')
-  title = f'Merge {SOURCE_BRANCH} into {TARGET_BRANCH}'
+  title = 'Merge ' + source_branch + ' into ' + target_branch
  # Create the pull request
  # PR checks won't be triggered on PRs created by Actions. Therefore mark the PR as draft so that
  # a maintainer can take the PR out of draft, thereby triggering the PR checks.
-  pr = repo.create_pull(title=title, body='\n'.join(body), head=new_branch_name, base=TARGET_BRANCH, draft=True)
+  pr = repo.create_pull(title=title, body='\n'.join(body), head=new_branch_name, base=target_branch, draft=True)
-  print(f'Created PR #{pr.number}')
+  pr.add_to_labels(*labels)
  print('Created PR #' + str(pr.number))
  # Assign the conductor
  pr.add_to_assignees(conductor)
-  print(f'Assigned PR to {conductor}')
+  print('Assigned PR to ' + conductor)
 # Gets a list of the SHAs of all commits that have happened on the source branch
 # since the last release to the target branch.
 # This will not include any commits that exist on the target branch
 # that aren't on the source branch.
-def get_commit_difference(repo):
+def get_commit_difference(repo, source_branch, target_branch):
  # Passing split nothing means that the empty string splits to nothing: compare `''.split() == []`
  # to `''.split('\n') == ['']`.
-  commits = run_git('log', '--pretty=format:%H', f'{ORIGIN}/{TARGET_BRANCH}..{ORIGIN}/{SOURCE_BRANCH}').strip().split()
+  commits = run_git('log', '--pretty=format:%H', ORIGIN + '/' + target_branch + '..' + ORIGIN + '/' + source_branch).strip().split()
  # Convert to full-fledged commit objects
  commits = [repo.get_commit(c) for c in commits]
@@ -121,13 +137,13 @@ def is_pr_merge_commit(commit):
 def get_truncated_commit_message(commit):
  message = commit.commit.message.split('\n')[0]
  if len(message) > 60:
-    return f'{message[:57]}...'
+    return message[:57] + '...'
  else:
    return message
 # Converts a commit into the PR that introduced it to the source branch.
 # Returns the PR object, or None if no PR could be found.
-def get_pr_for_commit(commit):
+def get_pr_for_commit(repo, commit):
  prs = commit.get_pulls()
  if prs.totalCount > 0:
@@ -161,7 +177,7 @@ def update_changelog(version):
  else:
    content = EMPTY_CHANGELOG
-  newContent = content.replace('[UNRELEASED]', f'{version} - {get_today_string()}', 1)
+  newContent = content.replace('[UNRELEASED]', version + ' - ' + get_today_string(), 1)
  with open('CHANGELOG.md', 'w') as f:
    f.write(newContent)
@@ -182,6 +198,16 @@ def main():
    required=True,
    help='The nwo of the repository, for example github/codeql-action.'
  )
  parser.add_argument(
    '--mode',
    type=str,
    required=True,
    choices=[V2_MODE, V1_MODE],
    help=f"Which release to perform. '{V2_MODE}' uses {SOURCE_BRANCH_FOR_MODE[V2_MODE]} as the source " +
      f"branch and {TARGET_BRANCH_FOR_MODE[V2_MODE]} as the target branch. " +
      f"'{V1_MODE}' uses {SOURCE_BRANCH_FOR_MODE[V1_MODE]} as the source branch and " +
      f"{TARGET_BRANCH_FOR_MODE[V1_MODE]} as the target branch."
  )
  parser.add_argument(
    '--conductor',
    type=str,
@@ -191,46 +217,110 @@ def main():
  args = parser.parse_args()
  source_branch = SOURCE_BRANCH_FOR_MODE[args.mode]
  target_branch = TARGET_BRANCH_FOR_MODE[args.mode]
  repo = Github(args.github_token).get_repo(args.repository_nwo)
  version = get_current_version()
  if args.mode == V1_MODE:
    # Change the version number to a v1 equivalent
    version = get_current_version()
    version = f'1{version[1:]}'
  # Print what we intend to go
-  print(f'Considering difference between {SOURCE_BRANCH} and {TARGET_BRANCH}...')
+  print('Considering difference between ' + source_branch + ' and ' + target_branch)
-  source_branch_short_sha = run_git('rev-parse', '--short', f'{ORIGIN}/{SOURCE_BRANCH}').strip()
+  source_branch_short_sha = run_git('rev-parse', '--short', ORIGIN + '/' + source_branch).strip()
-  print(f'Current head of {SOURCE_BRANCH} is {source_branch_short_sha}.')
+  print('Current head of ' + source_branch + ' is ' + source_branch_short_sha)
  # See if there are any commits to merge in
-  commits = get_commit_difference(repo=repo)
+  commits = get_commit_difference(repo=repo, source_branch=source_branch, target_branch=target_branch)
  if len(commits) == 0:
-    print(f'No commits to merge from {SOURCE_BRANCH} to {TARGET_BRANCH}.')
+    print('No commits to merge from ' + source_branch + ' to ' + target_branch)
    return
  # The branch name is based off of the name of branch being merged into
  # and the SHA of the branch being merged from. Thus if the branch already
  # exists we can assume we don't need to recreate it.
-  new_branch_name = f'update-v{version}-{source_branch_short_sha}'
+  new_branch_name = 'update-v' + version + '-' + source_branch_short_sha
-  print(f'Branch name is {new_branch_name}.')
+  print('Branch name is ' + new_branch_name)
  # Check if the branch already exists. If so we can abort as this script
  # has already run on this combination of branches.
  if branch_exists_on_remote(new_branch_name):
-    print(f'Branch {new_branch_name} already exists. Nothing to do.')
+    print('Branch ' + new_branch_name + ' already exists. Nothing to do.')
    return
  # Create the new branch and push it to the remote
-  print(f'Creating branch {new_branch_name}.')
+  print('Creating branch ' + new_branch_name)
-  # If we're performing a standard release, there won't be any new commits on the target branch,
+  # The process of creating the v1 release can run into merge conflicts. We commit the unresolved
-  # as these will have already been merged back into the source branch. Therefore we can just
+  # conflicts so a maintainer can easily resolve them (vs erroring and requiring maintainers to
-  # start from the source branch.
+  # reconstruct the release manually)
-  run_git('checkout', '-b', new_branch_name, f'{ORIGIN}/{SOURCE_BRANCH}')
+  conflicted_files = []
-  print('Updating changelog')
+  if args.mode == V1_MODE:
-  update_changelog(version)
+    # If we're performing a backport, start from the target branch
    print(f'Creating {new_branch_name} from the {ORIGIN}/{target_branch} branch')
    run_git('checkout', '-b', new_branch_name, f'{ORIGIN}/{target_branch}')
-  # Create a commit that updates the CHANGELOG
+    # Revert the commit that we made as part of the last release that updated the version number and
-  run_git('add', 'CHANGELOG.md')
+    # changelog to refer to 1.x.x variants. This avoids merge conflicts in the changelog and
-  run_git('commit', '-m', f'Update changelog for v{version}')
+    # package.json files when we merge in the v2 branch.
    # This commit will not exist the first time we release the v1 branch from the v2 branch, so we
    # use `git log --grep` to conditionally revert the commit.
    print('Reverting the 1.x.x version number and changelog updates from the last release to avoid conflicts')
    v1_update_commits = run_git('log', '--grep', '^Update version and changelog for v', '--format=%H').split()
    if len(v1_update_commits) > 0:
      print(f'  Reverting {v1_update_commits[0]}')
      # Only revert the newest commit as older ones will already have been reverted in previous
      # releases.
      run_git('revert', v1_update_commits[0], '--no-edit')
      # Also revert the "Update checked-in dependencies" commit created by Actions.
      update_dependencies_commit = run_git('log', '--grep', '^Update checked-in dependencies', '--format=%H').split()[0]
      print(f'  Reverting {update_dependencies_commit}')
      run_git('revert', update_dependencies_commit, '--no-edit')
    else:
      print('  Nothing to revert.')
    print(f'Merging {ORIGIN}/{source_branch} into the release prep branch')
    # Commit any conflicts (see the comment for `conflicted_files`)
    run_git('merge', f'{ORIGIN}/{source_branch}', allow_non_zero_exit_code=True)
    conflicted_files = run_git('diff', '--name-only', '--diff-filter', 'U').splitlines()
    if len(conflicted_files) > 0:
      run_git('add', '.')
      run_git('commit', '--no-edit')
    # Migrate the package version number from a v2 version number to a v1 version number
    print(f'Setting version number to {version}')
    subprocess.run(['npm', 'version', version, '--no-git-tag-version'])
    run_git('add', 'package.json', 'package-lock.json')
    # Migrate the changelog notes from v2 version numbers to v1 version numbers
    print('Migrating changelog notes from v2 to v1')
    subprocess.run(['sed', '-i', 's/^## 2\./## 1./g', 'CHANGELOG.md'])
    # Remove changelog notes from v2 that don't apply to v1
    subprocess.run(['sed', '-i', '/^- \[v2+ only\]/d', 'CHANGELOG.md'])
    # Amend the commit generated by `npm version` to update the CHANGELOG
    run_git('add', 'CHANGELOG.md')
    run_git('commit', '-m', f'Update version and changelog for v{version}')
  else:
    # If we're performing a standard release, there won't be any new commits on the target branch,
    # as these will have already been merged back into the source branch. Therefore we can just
    # start from the source branch.
    run_git('checkout', '-b', new_branch_name, f'{ORIGIN}/{source_branch}')
    print('Updating changelog')
    update_changelog(version)
    # Create a commit that updates the CHANGELOG
    run_git('add', 'CHANGELOG.md')
    run_git('commit', '-m', f'Update changelog for v{version}')
  run_git('push', ORIGIN, new_branch_name)
@@ -240,7 +330,12 @@ def main():
    commits,
    source_branch_short_sha,
    new_branch_name,
    source_branch=source_branch,
    target_branch=target_branch,
    conductor=args.conductor,
    is_v2_release=args.mode == V2_MODE,
    labels=['Update dependencies'] if args.mode == V1_MODE else [],
    conflicted_files=conflicted_files
  )
 if __name__ == '__main__':
--- a/.github/workflows/__analyze-ref-input.yml
+++ b/.github/workflows/__analyze-ref-input.yml
@@ -7,11 +7,11 @@ name: "PR Check - Analyze: 'ref' and 'sha' from inputs"
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -25,41 +25,45 @@ jobs:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: macos-latest
          version: stable-20211005
        - os: windows-2019
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
        - os: windows-2019
          version: stable-20220120
        - os: ubuntu-latest
-          version: stable-20220401
+          version: stable-20210308
        - os: macos-latest
-          version: stable-20220401
+          version: stable-20210308
-        - os: windows-latest
+        - os: windows-2019
-          version: stable-20220401
+          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: macos-latest
          version: stable-20210319
        - os: windows-2019
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: macos-latest
          version: stable-20210809
        - os: windows-2019
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
-        - os: windows-latest
+        - os: windows-2019
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
-        - os: windows-latest
+        - os: windows-2019
          version: latest
        - os: windows-2022
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
-        - os: windows-latest
+        - os: windows-2019
          version: nightly-latest
        - os: windows-2022
          version: nightly-latest
    name: "Analyze: 'ref' and 'sha' from inputs"
    timeout-minutes: 45
@@ -72,11 +76,6 @@ jobs:
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Set up Go
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      with:
        tools: ${{ steps.prepare-test.outputs.tools-url }}
@@ -90,5 +89,7 @@ jobs:
      with:
        ref: refs/heads/main
        sha: 5e235361806c361d4d3f8859e3c897658025a9a2
      env:
        TEST_MODE: true
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__autobuild-action.yml
+++ b/.github/workflows/__autobuild-action.yml
@@ -7,11 +7,11 @@ name: PR Check - autobuild-action
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -29,7 +29,9 @@ jobs:
          version: latest
        - os: macos-latest
          version: latest
-        - os: windows-latest
+        - os: windows-2019
          version: latest
        - os: windows-2022
          version: latest
    name: autobuild-action
    timeout-minutes: 45
@@ -56,6 +58,8 @@ jobs:
        CORECLR_PROFILER: ''
        CORECLR_PROFILER_PATH_64: ''
    - uses: ./../action/analyze
      env:
        TEST_MODE: true
    - name: Check database
      shell: bash
      run: |
@@ -65,4 +69,4 @@ jobs:
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__debug-artifacts.yml
+++ b/.github/workflows/__debug-artifacts.yml
@@ -0,0 +1,96 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: PR Check - Debug artifact upload
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  debug-artifacts:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: stable-20210308
        - os: macos-latest
          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: macos-latest
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: macos-latest
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
    name: Debug artifact upload
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - uses: ./../action/init
      with:
        tools: ${{ steps.prepare-test.outputs.tools-url }}
        debug: true
        debug-artifact-name: my-debug-artifacts
        debug-database-name: my-db
    - name: Build code
      shell: bash
      run: ./build.sh
    - uses: ./../action/analyze
      id: analysis
    - uses: actions/download-artifact@v3
      with:
        name: my-debug-artifacts-${{ matrix.os }}-${{ matrix.version }}
    - shell: bash
      run: |
        LANGUAGES="cpp csharp go java javascript python"
        for language in $LANGUAGES; do
          echo "Checking $language"
          if [[ ! -f "$language.sarif" ]] ; then
            echo "Missing a SARIF file for $language"
            exit 1
          fi
          if [[ ! -f "my-db-$language.zip" ]] ; then
            echo "Missing a database bundle for $language"
            exit 1
          fi
          if [[ ! -d "$language/log" ]] ; then
            echo "Missing logs for $language"
            exit 1
          fi
        done
    env:
      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__export-file-baseline-information.yml
+++ b/.github/workflows/__export-file-baseline-information.yml
@@ -1,88 +0,0 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: PR Check - Export file baseline information
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  export-file-baseline-information:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
        - os: windows-latest
          version: nightly-latest
    name: Export file baseline information
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - uses: ./../action/init
      id: init
      with:
        languages: javascript
        tools: ${{ steps.prepare-test.outputs.tools-url }}
      env:
        CODEQL_FILE_BASELINE_INFORMATION: true
    - uses: ./../action/.github/setup-swift
      with:
        codeql-path: ${{steps.init.outputs.codeql-path}}
    - name: Build code
      shell: bash
      run: ./build.sh
    - uses: ./../action/analyze
      with:
        output: ${{ runner.temp }}/results
      env:
        CODEQL_FILE_BASELINE_INFORMATION: true
    - name: Upload SARIF
      uses: actions/upload-artifact@v3
      with:
        name: with-baseline-information-${{ matrix.os }}-${{ matrix.version }}.sarif.json
        path: ${{ runner.temp }}/results/javascript.sarif
        retention-days: 7
    - name: Check results
      shell: bash
      run: |
        cd "$RUNNER_TEMP/results"
        expected_baseline_languages="cpp cs go java js py rb swift"
        for lang in ${expected_baseline_languages}; do
          rule_name="${lang}/baseline/expected-extracted-files"
          found_notification=$(jq --arg rule_name "${rule_name}" '[.runs[0].tool.driver.notifications |
            select(. != null) | flatten | .[].id] | any(. == $rule_name)' javascript.sarif)
          if [[ "${found_notification}" != "true" ]]; then
            echo "Expected SARIF output to contain notification '${rule_name}', but found no such notification."
            exit 1
          else
            echo "Found notification '${rule_name}'."
          fi
        done
    env:
      CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true # Remove when Swift is GA.
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__extractor-ram-threads.yml
+++ b/.github/workflows/__extractor-ram-threads.yml
@@ -7,11 +7,11 @@ name: PR Check - Extractor ram and threads options test
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -63,4 +63,4 @@ jobs:
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__go-custom-queries.yml
+++ b/.github/workflows/__go-custom-queries.yml
@@ -7,11 +7,11 @@ name: 'PR Check - Go: Custom queries'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -25,41 +25,45 @@ jobs:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: macos-latest
          version: stable-20211005
        - os: windows-2019
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
        - os: windows-2019
          version: stable-20220120
        - os: ubuntu-latest
-          version: stable-20220401
+          version: stable-20210308
        - os: macos-latest
-          version: stable-20220401
+          version: stable-20210308
-        - os: windows-latest
+        - os: windows-2019
-          version: stable-20220401
+          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: macos-latest
          version: stable-20210319
        - os: windows-2019
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: macos-latest
          version: stable-20210809
        - os: windows-2019
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
-        - os: windows-latest
+        - os: windows-2019
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
-        - os: windows-latest
+        - os: windows-2019
          version: latest
        - os: windows-2022
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
-        - os: windows-latest
+        - os: windows-2019
          version: nightly-latest
        - os: windows-2022
          version: nightly-latest
    name: 'Go: Custom queries'
    timeout-minutes: 45
@@ -72,9 +76,7 @@ jobs:
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
-    - name: Set up Go
+    - uses: actions/setup-go@v3
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
@@ -86,6 +88,7 @@ jobs:
      shell: bash
      run: ./build.sh
    - uses: ./../action/analyze
      env:
        TEST_MODE: true
    env:
-      DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false'
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__go-custom-tracing-autobuild.yml
+++ b/.github/workflows/__go-custom-tracing-autobuild.yml
@@ -0,0 +1,83 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: 'PR Check - Go: Autobuild custom tracing'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  go-custom-tracing-autobuild:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: stable-20210308
        - os: macos-latest
          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: macos-latest
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: macos-latest
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
    name: 'Go: Autobuild custom tracing'
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      with:
        languages: go
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - uses: ./../action/autobuild
    - uses: ./../action/analyze
      env:
        TEST_MODE: true
    - shell: bash
      run: |
        cd "$RUNNER_TEMP/codeql_databases"
        if [[ ! -d go ]]; then
          echo "Did not find a Go database"
          exit 1
        fi
    env:
      CODEQL_EXTRACTOR_GO_BUILD_TRACING: 'true'
      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__go-custom-tracing.yml
+++ b/.github/workflows/__go-custom-tracing.yml
@@ -0,0 +1,94 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: 'PR Check - Go: Custom tracing'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  go-custom-tracing:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: stable-20210308
        - os: macos-latest
          version: stable-20210308
        - os: windows-2019
          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: macos-latest
          version: stable-20210319
        - os: windows-2019
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: macos-latest
          version: stable-20210809
        - os: windows-2019
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: windows-2019
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: windows-2019
          version: latest
        - os: windows-2022
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
        - os: windows-2019
          version: nightly-latest
        - os: windows-2022
          version: nightly-latest
    name: 'Go: Custom tracing'
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      with:
        languages: go
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Build code
      shell: bash
      run: go build main.go
    - uses: ./../action/analyze
      env:
        TEST_MODE: true
    env:
      CODEQL_EXTRACTOR_GO_BUILD_TRACING: 'true'
      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__go-tracing-autobuilder.yml
+++ b/.github/workflows/__go-tracing-autobuilder.yml
@@ -1,88 +0,0 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: 'PR Check - Go: tracing with autobuilder step'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  go-tracing-autobuilder:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: macos-latest
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
        - os: ubuntu-latest
          version: stable-20220401
        - os: macos-latest
          version: stable-20220401
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
    name: 'Go: tracing with autobuilder step'
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Set up Go
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      with:
        languages: go
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - uses: ./../action/autobuild
    - uses: ./../action/analyze
    - shell: bash
      run: |
        if [[ "${CODEQL_ACTION_DID_AUTOBUILD_GOLANG}" != true ]]; then
          echo "Expected the Go autobuilder to be run, but the" \
            "CODEQL_ACTION_DID_AUTOBUILD_GOLANG environment variable was not true."
          exit 1
        fi
        cd "$RUNNER_TEMP/codeql_databases"
        if [[ ! -d go ]]; then
          echo "Did not find a Go database"
          exit 1
        fi
    env:
      DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false'
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__go-tracing-custom-build-steps.yml
+++ b/.github/workflows/__go-tracing-custom-build-steps.yml
@@ -1,92 +0,0 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: 'PR Check - Go: tracing with custom build steps'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  go-tracing-custom-build-steps:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: macos-latest
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
        - os: ubuntu-latest
          version: stable-20220401
        - os: macos-latest
          version: stable-20220401
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
    name: 'Go: tracing with custom build steps'
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Set up Go
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      with:
        languages: go
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Build code
      shell: bash
      run: go build main.go
    - uses: ./../action/analyze
    - shell: bash
      run: |
        # Once we start running Bash 4.2 in all environments, we can replace the
        # `! -z` flag with the more elegant `-v` which confirms that the variable
        # is actually unset and not potentially set to a blank value.
        if [[ ! -z "${CODEQL_ACTION_DID_AUTOBUILD_GOLANG}" ]]; then
          echo "Expected the Go autobuilder not to be run, but the" \
            "CODEQL_ACTION_DID_AUTOBUILD_GOLANG environment variable was set."
          exit 1
        fi
        cd "$RUNNER_TEMP/codeql_databases"
        if [[ ! -d go ]]; then
          echo "Did not find a Go database"
          exit 1
        fi
    env:
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__go-tracing-legacy-workflow.yml
+++ b/.github/workflows/__go-tracing-legacy-workflow.yml
@@ -1,82 +0,0 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: 'PR Check - Go: tracing with legacy workflow'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  go-tracing-legacy-workflow:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: macos-latest
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
        - os: ubuntu-latest
          version: stable-20220401
        - os: macos-latest
          version: stable-20220401
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
    name: 'Go: tracing with legacy workflow'
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Set up Go
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      with:
        languages: go
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - uses: ./../action/analyze
    - shell: bash
      run: |
        cd "$RUNNER_TEMP/codeql_databases"
        if [[ ! -d go ]]; then
          echo "Did not find a Go database"
          exit 1
        fi
    env:
      DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false'
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__init-with-registries.yml
+++ b/.github/workflows/__init-with-registries.yml
@@ -1,79 +0,0 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: 'PR Check - Packaging: Download using registries'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  init-with-registries:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
        - os: windows-latest
          version: nightly-latest
    name: 'Packaging: Download using registries'
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Init with registries
      uses: ./../action/init
      with:
        db-location: ${{ runner.temp }}/customDbLocation
        tools: ${{ steps.prepare-test.outputs.tools-url }}
        config-file: ./.github/codeql/codeql-config-registries.yml
        languages: javascript
        registries: |
          - url: "https://ghcr.io/v2/"
            packages: "*/*"
            token: "${{ secrets.GITHUB_TOKEN }}"
    - name: Verify packages installed
      shell: bash
      run: |
        PRIVATE_PACK="$HOME/.codeql/packages/dsp-testing/private-pack"
        CODEQL_PACK1="$HOME/.codeql/packages/dsp-testing/codeql-pack1"
        if [[ -d $PRIVATE_PACK ]]
        then
            echo "$PRIVATE_PACK was installed."
        else
            echo "::error $PRIVATE_PACK pack was not installed."
            exit 1
        fi
        if [[ -d $CODEQL_PACK1 ]]
        then
            echo "$CODEQL_PACK1 was installed."
        else
            echo "::error $CODEQL_PACK1 pack was not installed."
            exit 1
        fi
    env:
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__javascript-source-root.yml
+++ b/.github/workflows/__javascript-source-root.yml
@@ -7,11 +7,11 @@ name: PR Check - Custom source root
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -65,4 +65,4 @@ jobs:
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__ml-powered-queries.yml
+++ b/.github/workflows/__ml-powered-queries.yml
@@ -7,11 +7,11 @@ name: PR Check - ML-powered queries
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -25,11 +25,11 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-20.04
+        - os: ubuntu-latest
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
-        - os: windows-2019
+        - os: windows-latest
          version: stable-20220120
        - os: ubuntu-latest
          version: cached
@@ -60,11 +60,6 @@ jobs:
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Set up Go
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      with:
        languages: javascript
@@ -76,6 +71,8 @@ jobs:
      with:
        output: ${{ runner.temp }}/results
        upload-database: false
      env:
        TEST_MODE: true
    - name: Upload SARIF
      uses: actions/upload-artifact@v3
@@ -84,20 +81,17 @@ jobs:
        path: ${{ runner.temp }}/results/javascript.sarif
        retention-days: 7
    - name: Check sarif
      uses: ./../action/.github/check-sarif
    # Running on Windows requires CodeQL CLI 2.9.0+.
      if: "!(matrix.version == 'stable-20220120' && runner.os == 'Windows')"
      with:
        sarif-file: ${{ runner.temp }}/results/javascript.sarif
        queries-run: js/ml-powered/nosql-injection,js/ml-powered/path-injection,js/ml-powered/sql-injection,js/ml-powered/xss
        queries-not-run: foo,bar
    - name: Check results
    # Running ML-powered queries on Windows requires CodeQL CLI 2.9.0+. We don't run these checks
    # against Windows and `cached` while CodeQL CLI 2.9.0 makes its way into `cached` to avoid the
    # test starting to fail when the cached CodeQL Bundle gets updated. Once the CodeQL Bundle
    # containing CodeQL CLI 2.9.0 has been fully released, we can drop this line and start running
    # these checks on Windows and `cached`.
      if: matrix.os != 'windows-latest' || matrix.version != 'cached'
      env:
-      # Running on Windows requires CodeQL CLI 2.9.0+.
+      # Running on Windows requires CodeQL CLI 2.9.0+, which has so far only made it to 'latest'.
-        SHOULD_RUN_ML_POWERED_QUERIES: ${{ !(matrix.version == 'stable-20220120' &&
+        SHOULD_RUN_ML_POWERED_QUERIES: ${{ matrix.os != 'windows-latest' || matrix.version
-          runner.os == 'Windows') }}
+          == 'latest' || matrix.version == 'nightly-latest' }}
      shell: bash
      run: |
        echo "Expecting ML-powered queries to be run: ${SHOULD_RUN_ML_POWERED_QUERIES}"
@@ -132,4 +126,4 @@ jobs:
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__multi-language-autodetect.yml
+++ b/.github/workflows/__multi-language-autodetect.yml
@@ -7,11 +7,11 @@ name: PR Check - Multi-language repository
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -25,18 +25,18 @@ jobs:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: macos-latest
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
        - os: ubuntu-latest
-          version: stable-20220401
+          version: stable-20210308
        - os: macos-latest
-          version: stable-20220401
+          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: macos-latest
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: macos-latest
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
@@ -60,30 +60,18 @@ jobs:
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Set up Go
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      id: init
      with:
        db-location: ${{ runner.temp }}/customDbLocation
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - uses: ./../action/.github/setup-swift
      with:
        codeql-path: ${{steps.init.outputs.codeql-path}}
    - name: Build code
      shell: bash
      run: ./build.sh
    - uses: ./../action/analyze
      id: analysis
-
+      env:
-    - name: Check language autodetect for all languages excluding Ruby, Swift
+        TEST_MODE: true
-      shell: bash
+    - shell: bash
      run: |
        CPP_DB=${{ fromJson(steps.analysis.outputs.db-locations).cpp }}
        if [[ ! -d $CPP_DB ]] || [[ ! $CPP_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
@@ -115,28 +103,5 @@ jobs:
          echo "Did not create a database for Python, or created it in the wrong location."
          exit 1
        fi
    - name: Check language autodetect for Ruby
      if: (matrix.version == 'cached' || matrix.version == 'latest' || matrix.version
        == 'nightly-latest')
      shell: bash
      run: |
        RUBY_DB=${{ fromJson(steps.analysis.outputs.db-locations).ruby }}
        if [[ ! -d $RUBY_DB ]] || [[ ! $RUBY_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
          echo "Did not create a database for Ruby, or created it in the wrong location."
          exit 1
        fi
    - name: Check language autodetect for Swift
      if: (matrix.version == 'cached' || matrix.version == 'latest' || matrix.version
        == 'nightly-latest')
      shell: bash
      run: |
        SWIFT_DB=${{ fromJson(steps.analysis.outputs.db-locations).swift }}
        if [[ ! -d $SWIFT_DB ]] || [[ ! $SWIFT_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
          echo "Did not create a database for Swift, or created it in the wrong location."
          exit 1
        fi
    env:
-      CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: 'true' # Remove when Swift is GA.
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__packaging-codescanning-config-inputs-js.yml
+++ b/.github/workflows/__packaging-codescanning-config-inputs-js.yml
@@ -1,94 +0,0 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: 'PR Check - Packaging: Config and input passed to the CLI'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  packaging-codescanning-config-inputs-js:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: windows-latest
          version: latest
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: windows-latest
          version: cached
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
        - os: windows-latest
          version: nightly-latest
    name: 'Packaging: Config and input passed to the CLI'
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - uses: ./../action/init
      with:
        config-file: .github/codeql/codeql-config-packaging3.yml
        packs: +dsp-testing/codeql-pack1@1.0.0
        languages: javascript
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Build code
      shell: bash
      run: ./build.sh
    - uses: ./../action/analyze
      with:
        output: ${{ runner.temp }}/results
    - name: Check results
      uses: ./../action/.github/check-sarif
      with:
        sarif-file: ${{ runner.temp }}/results/javascript.sarif
        queries-run: javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
        queries-not-run: foo,bar
    - name: Assert Results
      shell: bash
      run: |
        cd "$RUNNER_TEMP/results"
        # We should have 4 hits from these rules
        EXPECTED_RULES="javascript/example/empty-or-one-block javascript/example/empty-or-one-block javascript/example/other-query-block javascript/example/two-block"
        # use tr to replace newlines with spaces and xargs to trim leading and trailing whitespace
        RULES="$(cat javascript.sarif | jq -r '.runs[0].results[].ruleId' | sort | tr "\n\r" " " | xargs)"
        echo "Found matching rules '$RULES'"
        if [ "$RULES" != "$EXPECTED_RULES" ]; then
          echo "Did not match expected rules '$EXPECTED_RULES'."
          exit 1
        fi
    env:
      CODEQL_PASS_CONFIG_TO_CLI: true
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__packaging-config-inputs-js.yml
+++ b/.github/workflows/__packaging-config-inputs-js.yml
@@ -7,11 +7,11 @@ name: 'PR Check - Packaging: Config and input'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -29,19 +29,23 @@ jobs:
          version: latest
        - os: macos-latest
          version: latest
-        - os: windows-latest
+        - os: windows-2019
          version: latest
        - os: windows-2022
          version: latest
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
-        - os: windows-latest
+        - os: windows-2019
          version: cached
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
-        - os: windows-latest
+        - os: windows-2019
          version: nightly-latest
        - os: windows-2022
          version: nightly-latest
    name: 'Packaging: Config and input'
    timeout-minutes: 45
@@ -66,14 +70,8 @@ jobs:
    - uses: ./../action/analyze
      with:
        output: ${{ runner.temp }}/results
-
+      env:
-    - name: Check results
+        TEST_MODE: true
      uses: ./../action/.github/check-sarif
      with:
        sarif-file: ${{ runner.temp }}/results/javascript.sarif
        queries-run: javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
        queries-not-run: foo,bar
    - name: Assert Results
      shell: bash
      run: |
@@ -89,4 +87,4 @@ jobs:
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__packaging-config-js.yml
+++ b/.github/workflows/__packaging-config-js.yml
@@ -7,11 +7,11 @@ name: 'PR Check - Packaging: Config file'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -29,19 +29,23 @@ jobs:
          version: latest
        - os: macos-latest
          version: latest
-        - os: windows-latest
+        - os: windows-2019
          version: latest
        - os: windows-2022
          version: latest
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
-        - os: windows-latest
+        - os: windows-2019
          version: cached
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
-        - os: windows-latest
+        - os: windows-2019
          version: nightly-latest
        - os: windows-2022
          version: nightly-latest
    name: 'Packaging: Config file'
    timeout-minutes: 45
@@ -65,14 +69,8 @@ jobs:
    - uses: ./../action/analyze
      with:
        output: ${{ runner.temp }}/results
-
+      env:
-    - name: Check results
+        TEST_MODE: true
      uses: ./../action/.github/check-sarif
      with:
        sarif-file: ${{ runner.temp }}/results/javascript.sarif
        queries-run: javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
        queries-not-run: foo,bar
    - name: Assert Results
      shell: bash
      run: |
@@ -88,4 +86,4 @@ jobs:
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__packaging-inputs-js.yml
+++ b/.github/workflows/__packaging-inputs-js.yml
@@ -7,11 +7,11 @@ name: 'PR Check - Packaging: Action input'
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -29,19 +29,23 @@ jobs:
          version: latest
        - os: macos-latest
          version: latest
-        - os: windows-latest
+        - os: windows-2019
          version: latest
        - os: windows-2022
          version: latest
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
-        - os: windows-latest
+        - os: windows-2019
          version: cached
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
-        - os: windows-latest
+        - os: windows-2019
          version: nightly-latest
        - os: windows-2022
          version: nightly-latest
    name: 'Packaging: Action input'
    timeout-minutes: 45
@@ -66,14 +70,8 @@ jobs:
    - uses: ./../action/analyze
      with:
        output: ${{ runner.temp }}/results
-
+      env:
-    - name: Check results
+        TEST_MODE: true
      uses: ./../action/.github/check-sarif
      with:
        sarif-file: ${{ runner.temp }}/results/javascript.sarif
        queries-run: javascript/example/empty-or-one-block,javascript/example/empty-or-one-block,javascript/example/other-query-block,javascript/example/two-block
        queries-not-run: foo,bar
    - name: Assert Results
      shell: bash
      run: |
@@ -89,4 +87,4 @@ jobs:
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__remote-config.yml
+++ b/.github/workflows/__remote-config.yml
@@ -7,11 +7,11 @@ name: PR Check - Remote config file
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -25,41 +25,45 @@ jobs:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: macos-latest
          version: stable-20211005
        - os: windows-2019
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
        - os: windows-2019
          version: stable-20220120
        - os: ubuntu-latest
-          version: stable-20220401
+          version: stable-20210308
        - os: macos-latest
-          version: stable-20220401
+          version: stable-20210308
-        - os: windows-latest
+        - os: windows-2019
-          version: stable-20220401
+          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: macos-latest
          version: stable-20210319
        - os: windows-2019
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: macos-latest
          version: stable-20210809
        - os: windows-2019
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
-        - os: windows-latest
+        - os: windows-2019
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
-        - os: windows-latest
+        - os: windows-2019
          version: latest
        - os: windows-2022
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
-        - os: windows-latest
+        - os: windows-2019
          version: nightly-latest
        - os: windows-2022
          version: nightly-latest
    name: Remote config file
    timeout-minutes: 45
@@ -72,11 +76,6 @@ jobs:
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Set up Go
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      with:
        tools: ${{ steps.prepare-test.outputs.tools-url }}
@@ -87,5 +86,7 @@ jobs:
      shell: bash
      run: ./build.sh
    - uses: ./../action/analyze
      env:
        TEST_MODE: true
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__rubocop-multi-language.yml
+++ b/.github/workflows/__rubocop-multi-language.yml
@@ -7,11 +7,11 @@ name: PR Check - RuboCop multi-language
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -25,8 +25,18 @@ jobs:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
    name: RuboCop multi-language
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
@@ -58,5 +68,7 @@ jobs:
    - uses: ./../action/upload-sarif
      with:
        sarif_file: rubocop.sarif
      env:
        TEST_MODE: true
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__ruby.yml
+++ b/.github/workflows/__ruby.yml
@@ -1,66 +0,0 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: PR Check - Ruby analysis
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  ruby:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
    name: Ruby analysis
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - uses: ./../action/init
      with:
        languages: ruby
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - uses: ./../action/analyze
      id: analysis
    - name: Check database
      shell: bash
      run: |
        RUBY_DB="${{ fromJson(steps.analysis.outputs.db-locations).ruby }}"
        if [[ ! -d "$RUBY_DB" ]]; then
          echo "Did not create a database for Ruby."
          exit 1
        fi
    env:
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__split-workflow.yml
+++ b/.github/workflows/__split-workflow.yml
@@ -7,11 +7,11 @@ name: PR Check - Split workflow
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -61,7 +61,8 @@ jobs:
      with:
        skip-queries: true
        output: ${{ runner.temp }}/results
-
+      env:
        TEST_MODE: true
    - name: Assert No Results
      shell: bash
      run: |
@@ -73,6 +74,8 @@ jobs:
      with:
        output: ${{ runner.temp }}/results
        upload-database: false
      env:
        TEST_MODE: true
    - name: Assert Results
      shell: bash
      run: |
@@ -88,4 +91,4 @@ jobs:
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__submit-sarif-failure.yml
+++ b/.github/workflows/__submit-sarif-failure.yml
@@ -1,72 +0,0 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: PR Check - Submit SARIF after failure
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  submit-sarif-failure:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: latest
        - os: ubuntu-latest
          version: cached
        - os: ubuntu-latest
          version: nightly-latest
    name: Submit SARIF after failure
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - uses: actions/checkout@v3
    - uses: ./init
      with:
        languages: javascript
    - name: Fail
    # We want this job to pass if the Action correctly uploads the SARIF file for
    # the failed run.
    # Setting this step to continue on error means that it is marked as completing
    # successfully, so will not fail the job.
      continue-on-error: true
      run: exit 1
    - uses: ./analyze
    # In a real workflow, this step wouldn't run. Since we used `continue-on-error`
    # above, we manually disable it with an `if` condition.
      if: false
      with:
        category: /test-codeql-version:${{ matrix.version }}
    env:
  # Internal-only environment variable used to indicate that the post-init Action
  # should expect to upload a SARIF file for the failed run.
      CODEQL_ACTION_EXPECT_UPLOAD_FAILED_SARIF: true
  # Make sure the uploading SARIF files feature is enabled.
      CODEQL_ACTION_UPLOAD_FAILED_SARIF: true
  # Upload the failed SARIF file as an integration test of the API endpoint.
      CODEQL_ACTION_TEST_MODE: false
  # Mark telemetry for this workflow so it can be treated separately.
      CODEQL_ACTION_TESTING_ENVIRONMENT: codeql-action-pr-checks
--- a/.github/workflows/__swift-autobuild.yml
+++ b/.github/workflows/__swift-autobuild.yml
@@ -1,70 +0,0 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: PR Check - Swift analysis using autobuild
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  swift-autobuild:
    strategy:
      matrix:
        include:
        - os: macos-latest
          version: latest
        - os: macos-latest
          version: cached
        - os: macos-latest
          version: nightly-latest
    name: Swift analysis using autobuild
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - uses: ./../action/init
      id: init
      with:
        languages: swift
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - uses: ./../action/.github/setup-swift
      with:
        codeql-path: ${{steps.init.outputs.codeql-path}}
    - name: Check working directory
      shell: bash
      run: pwd
    - uses: ./../action/autobuild
      timeout-minutes: 10
    - uses: ./../action/analyze
      id: analysis
    - name: Check database
      shell: bash
      run: |
        SWIFT_DB="${{ fromJson(steps.analysis.outputs.db-locations).swift }}"
        if [[ ! -d "$SWIFT_DB" ]]; then
          echo "Did not create a database for Swift."
          exit 1
        fi
    env:
      CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: 'true' # Remove when Swift is GA.
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__swift-custom-build.yml
+++ b/.github/workflows/__swift-custom-build.yml
@@ -1,78 +0,0 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: PR Check - Swift analysis using a custom build command
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  swift-custom-build:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
    name: Swift analysis using a custom build command
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - uses: ./../action/init
      id: init
      with:
        languages: swift
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - uses: ./../action/.github/setup-swift
      with:
        codeql-path: ${{steps.init.outputs.codeql-path}}
    - name: Check working directory
      shell: bash
      run: pwd
    - name: Build code
      shell: bash
      run: ./build.sh
    - uses: ./../action/analyze
      id: analysis
    - name: Check database
      shell: bash
      run: |
        SWIFT_DB="${{ fromJson(steps.analysis.outputs.db-locations).swift }}"
        if [[ ! -d "$SWIFT_DB" ]]; then
          echo "Did not create a database for Swift."
          exit 1
        fi
    env:
      CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: 'true' # Remove when Swift is GA.
      DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false'
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__test-autobuild-working-dir.yml
+++ b/.github/workflows/__test-autobuild-working-dir.yml
@@ -7,11 +7,11 @@ name: PR Check - Autobuild working directory
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -53,6 +53,8 @@ jobs:
      with:
        working-directory: autobuild-dir
    - uses: ./../action/analyze
      env:
        TEST_MODE: true
    - name: Check database
      shell: bash
      run: |
@@ -62,4 +64,4 @@ jobs:
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__test-local-codeql.yml
+++ b/.github/workflows/__test-local-codeql.yml
@@ -7,11 +7,11 @@ name: PR Check - Local CodeQL bundle
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -51,5 +51,7 @@ jobs:
      shell: bash
      run: ./build.sh
    - uses: ./../action/analyze
      env:
        TEST_MODE: true
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__test-proxy.yml
+++ b/.github/workflows/__test-proxy.yml
@@ -7,11 +7,11 @@ name: PR Check - Proxy test
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -43,14 +43,16 @@ jobs:
        languages: javascript
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - uses: ./../action/analyze
      env:
        TEST_MODE: true
    env:
      https_proxy: http://squid-proxy:3128
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
    container:
-      image: ubuntu:22.04
+      image: ubuntu:18.04
      options: --dns 127.0.0.1
    services:
      squid-proxy:
-        image: ubuntu/squid:latest
+        image: datadog/squid:latest
        ports:
        - 3128:3128
--- a/.github/workflows/__test-ruby.yml
+++ b/.github/workflows/__test-ruby.yml
@@ -0,0 +1,69 @@
 # Warning: This file is generated automatically, and should not be modified.
 # Instead, please modify the template in the pr-checks directory and run:
 #     pip install ruamel.yaml && python3 sync.py
 # to regenerate this file.
 name: PR Check - Ruby analysis
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  test-ruby:
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
    name: Ruby analysis
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - uses: ./../action/init
      with:
        languages: ruby
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - uses: ./../action/analyze
      id: analysis
      env:
        TEST_MODE: true
    - name: Check database
      shell: bash
      run: |
        RUBY_DB="${{ fromJson(steps.analysis.outputs.db-locations).ruby }}"
        if [[ ! -d "$RUBY_DB" ]]; then
          echo "Did not create a database for Ruby."
          exit 1
        fi
    env:
      CODEQL_ENABLE_EXPERIMENTAL_FEATURES: 'true'
      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__unset-environment.yml
+++ b/.github/workflows/__unset-environment.yml
@@ -7,11 +7,11 @@ name: PR Check - Test unsetting environment variables
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -25,12 +25,12 @@ jobs:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: ubuntu-latest
-          version: stable-20220401
+          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: ubuntu-latest
@@ -48,60 +48,48 @@ jobs:
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Set up Go
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      with:
        db-location: ${{ runner.temp }}/customDbLocation
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Build code
      shell: bash
-    # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a
+      run: env -i PATH="$PATH" HOME="$HOME" ./build.sh
    # workaround for our PR checks.
      run: env -i CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN=true PATH="$PATH" HOME="$HOME"
        ./build.sh
    - uses: ./../action/analyze
      id: analysis
      env:
        TEST_MODE: true
    - shell: bash
      run: |
-        CPP_DB="${{ fromJson(steps.analysis.outputs.db-locations).cpp }}"
+        CPP_DB=${{ fromJson(steps.analysis.outputs.db-locations).cpp }}
-        if [[ ! -d "$CPP_DB" ]] || [[ ! "$CPP_DB" == "${RUNNER_TEMP}/customDbLocation/cpp" ]]; then
+        if [[ ! -d $CPP_DB ]] || [[ ! $CPP_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
-          echo "::error::Did not create a database for CPP, or created it in the wrong location." \
+          echo "Did not create a database for CPP, or created it in the wrong location."
            "Expected location was '${RUNNER_TEMP}/customDbLocation/cpp' but actual was '${CPP_DB}'"
          exit 1
        fi
-        CSHARP_DB="${{ fromJson(steps.analysis.outputs.db-locations).csharp }}"
+        CSHARP_DB=${{ fromJson(steps.analysis.outputs.db-locations).csharp }}
-        if [[ ! -d "$CSHARP_DB" ]] || [[ ! "$CSHARP_DB" == "${RUNNER_TEMP}/customDbLocation/csharp" ]]; then
+        if [[ ! -d $CSHARP_DB ]] || [[ ! $CSHARP_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
-          echo "::error::Did not create a database for C Sharp, or created it in the wrong location." \
+          echo "Did not create a database for C Sharp, or created it in the wrong location."
            "Expected location was '${RUNNER_TEMP}/customDbLocation/csharp' but actual was '${CSHARP_DB}'"
          exit 1
        fi
-        GO_DB="${{ fromJson(steps.analysis.outputs.db-locations).go }}"
+        GO_DB=${{ fromJson(steps.analysis.outputs.db-locations).go }}
-        if [[ ! -d "$GO_DB" ]] || [[ ! "$GO_DB" == "${RUNNER_TEMP}/customDbLocation/go" ]]; then
+        if [[ ! -d $GO_DB ]] || [[ ! $GO_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
-          echo "::error::Did not create a database for Go, or created it in the wrong location." \
+          echo "Did not create a database for Go, or created it in the wrong location."
            "Expected location was '${RUNNER_TEMP}/customDbLocation/go' but actual was '${GO_DB}'"
          exit 1
        fi
-        JAVA_DB="${{ fromJson(steps.analysis.outputs.db-locations).java }}"
+        JAVA_DB=${{ fromJson(steps.analysis.outputs.db-locations).java }}
-        if [[ ! -d "$JAVA_DB" ]] || [[ ! "$JAVA_DB" == "${RUNNER_TEMP}/customDbLocation/java" ]]; then
+        if [[ ! -d $JAVA_DB ]] || [[ ! $JAVA_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
-          echo "::error::Did not create a database for Java, or created it in the wrong location." \
+          echo "Did not create a database for Java, or created it in the wrong location."
            "Expected location was '${RUNNER_TEMP}/customDbLocation/java' but actual was '${JAVA_DB}'"
          exit 1
        fi
-        JAVASCRIPT_DB="${{ fromJson(steps.analysis.outputs.db-locations).javascript }}"
+        JAVASCRIPT_DB=${{ fromJson(steps.analysis.outputs.db-locations).javascript }}
-        if [[ ! -d "$JAVASCRIPT_DB" ]] || [[ ! "$JAVASCRIPT_DB" == "${RUNNER_TEMP}/customDbLocation/javascript" ]]; then
+        if [[ ! -d $JAVASCRIPT_DB ]] || [[ ! $JAVASCRIPT_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
-          echo "::error::Did not create a database for Javascript, or created it in the wrong location." \
+          echo "Did not create a database for Javascript, or created it in the wrong location."
            "Expected location was '${RUNNER_TEMP}/customDbLocation/javascript' but actual was '${JAVASCRIPT_DB}'"
          exit 1
        fi
-        PYTHON_DB="${{ fromJson(steps.analysis.outputs.db-locations).python }}"
+        PYTHON_DB=${{ fromJson(steps.analysis.outputs.db-locations).python }}
-        if [[ ! -d "$PYTHON_DB" ]] || [[ ! "$PYTHON_DB" == "${RUNNER_TEMP}/customDbLocation/python" ]]; then
+        if [[ ! -d $PYTHON_DB ]] || [[ ! $PYTHON_DB == ${{ runner.temp }}/customDbLocation/* ]]; then
-          echo "::error::Did not create a database for Python, or created it in the wrong location." \
+          echo "Did not create a database for Python, or created it in the wrong location."
            "Expected location was '${RUNNER_TEMP}/customDbLocation/python' but actual was '${PYTHON_DB}'"
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__upload-ref-sha-input.yml
+++ b/.github/workflows/__upload-ref-sha-input.yml
@@ -7,11 +7,11 @@ name: "PR Check - Upload-sarif: 'ref' and 'sha' from inputs"
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -25,41 +25,45 @@ jobs:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: macos-latest
          version: stable-20211005
        - os: windows-2019
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
        - os: windows-2019
          version: stable-20220120
        - os: ubuntu-latest
-          version: stable-20220401
+          version: stable-20210308
        - os: macos-latest
-          version: stable-20220401
+          version: stable-20210308
-        - os: windows-latest
+        - os: windows-2019
-          version: stable-20220401
+          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: macos-latest
          version: stable-20210319
        - os: windows-2019
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: macos-latest
          version: stable-20210809
        - os: windows-2019
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
-        - os: windows-latest
+        - os: windows-2019
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
-        - os: windows-latest
+        - os: windows-2019
          version: latest
        - os: windows-2022
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
-        - os: windows-latest
+        - os: windows-2019
          version: nightly-latest
        - os: windows-2022
          version: nightly-latest
    name: "Upload-sarif: 'ref' and 'sha' from inputs"
    timeout-minutes: 45
@@ -72,11 +76,6 @@ jobs:
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Set up Go
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: ./../action/init
      with:
        tools: ${{ steps.prepare-test.outputs.tools-url }}
@@ -91,9 +90,13 @@ jobs:
        ref: refs/heads/main
        sha: 5e235361806c361d4d3f8859e3c897658025a9a2
        upload: false
      env:
        TEST_MODE: true
    - uses: ./../action/upload-sarif
      with:
        ref: refs/heads/main
        sha: 5e235361806c361d4d3f8859e3c897658025a9a2
      env:
        TEST_MODE: true
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/__with-checkout-path.yml
+++ b/.github/workflows/__with-checkout-path.yml
@@ -7,11 +7,11 @@ name: PR Check - Use a custom `checkout_path`
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GO111MODULE: auto
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -25,41 +25,45 @@ jobs:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: macos-latest
          version: stable-20211005
        - os: windows-2019
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
        - os: windows-2019
          version: stable-20220120
        - os: ubuntu-latest
-          version: stable-20220401
+          version: stable-20210308
        - os: macos-latest
-          version: stable-20220401
+          version: stable-20210308
-        - os: windows-latest
+        - os: windows-2019
-          version: stable-20220401
+          version: stable-20210308
        - os: ubuntu-latest
          version: stable-20210319
        - os: macos-latest
          version: stable-20210319
        - os: windows-2019
          version: stable-20210319
        - os: ubuntu-latest
          version: stable-20210809
        - os: macos-latest
          version: stable-20210809
        - os: windows-2019
          version: stable-20210809
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
-        - os: windows-latest
+        - os: windows-2019
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
-        - os: windows-latest
+        - os: windows-2019
          version: latest
        - os: windows-2022
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
-        - os: windows-latest
+        - os: windows-2019
          version: nightly-latest
        - os: windows-2022
          version: nightly-latest
    name: Use a custom `checkout_path`
    timeout-minutes: 45
@@ -72,11 +76,6 @@ jobs:
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Set up Go
      if: matrix.os == 'ubuntu-20.04' || matrix.os == 'windows-2019'
      uses: actions/setup-go@v3
      with:
        go-version: ^1.13.1
    - uses: actions/checkout@v3
      with:
        ref: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6
@@ -104,12 +103,16 @@ jobs:
        ref: v1.1.0
        sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6
        upload: false
      env:
        TEST_MODE: true
    - uses: ./../action/upload-sarif
      with:
        ref: v1.1.0
        sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6
        checkout_path: x/y/z/some-path/tests/multi-language-repo
      env:
        TEST_MODE: true
    - name: Verify SARIF after upload
      shell: bash
@@ -140,4 +143,4 @@ jobs:
          exit 1
        fi
    env:
-      CODEQL_ACTION_TEST_MODE: true
+      INTERNAL_CODEQL_ACTION_DEBUG_LOC: true
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -2,18 +2,12 @@ name: "CodeQL action"
 on:
  push:
-    branches: [main, releases/v2]
+    branches: [main, releases/v1, releases/v2]
  pull_request:
-    branches: [main, releases/v2]
+    branches: [main, releases/v1, releases/v2]
    # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
    # by other workflows.
    types: [opened, synchronize, reopened, ready_for_review]
  schedule:
    # Weekly on Sunday.
    - cron: '30 1 * * 0'
 env:
  CODEQL_ACTION_TESTING_ENVIRONMENT: codeql-action-pr-checks
 jobs:
  # Identify the CodeQL tool versions to use in the analysis job.
@@ -57,7 +51,7 @@ jobs:
        # be the same as `tools: null`. This allows us to make the job for each of the bundles a
        # required status check.
        #
-        # If we're running on push or schedule, then we can skip running with `tools: latest` when it would be
+        # If we're running on push, then we can skip running with `tools: latest` when it would be
        # the same as running with `tools: null`.
        if [[ "$GITHUB_EVENT_NAME" != "pull_request" && "$CODEQL_VERSION_DEFAULT" == "$CODEQL_VERSION_LATEST" ]]; then
          VERSIONS_JSON='[null]'
@@ -67,7 +61,7 @@ jobs:
        # Output a JSON-encoded list with the distinct versions to test against.
        echo "Suggested matrix config for analysis job: $VERSIONS_JSON"
-        echo "versions=${VERSIONS_JSON}" >> $GITHUB_OUTPUT
+        echo "::set-output name=versions::${VERSIONS_JSON}"
  build:
    needs: [check-codeql-versions]
@@ -81,10 +75,8 @@ jobs:
      security-events: write
    steps:
-    - name: Checkout
+    - uses: actions/checkout@v3
-      uses: actions/checkout@v3
+    - uses: ./init
    - name: Initialize CodeQL
      uses: ./init
      id: init
      with:
        languages: javascript
@@ -93,5 +85,4 @@ jobs:
    # confirm steps.init.outputs.codeql-path points to the codeql binary
    - name: Print CodeQL Version
      run: ${{steps.init.outputs.codeql-path}} version --format=json
-    - name: Perform CodeQL Analysis
+    - uses: ./analyze
      uses: ./analyze
--- a/.github/workflows/codescanning-config-cli.yml
+++ b/.github/workflows/codescanning-config-cli.yml
@@ -1,218 +0,0 @@
 # Tests that the generated code scanning config file contains the expected contents
 name: Code-Scanning config CLI tests
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  CODEQL_PASS_CONFIG_TO_CLI: true
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  code-scanning-config-tests:
    continue-on-error: true
    strategy:
      matrix:
        include:
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
    # Code-Scanning config not created because environment variable is not set
    name: Code Scanning Configuration tests
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: ${{ matrix.version }}
    - name: Empty file
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: "{}"
        languages: javascript
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Packs from input
      if: success() || failure()
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: |
          {
            "packs": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ]
          }
        languages: javascript
        packs: dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Packs from input with +
      if: success() || failure()
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: |
          {
            "packs": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ]
          }
        languages: javascript
        packs: + dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Queries from input
      if: success() || failure()
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: |
          {
            "queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" }]
          }
        languages: javascript
        queries: ./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Queries from input with +
      if: success() || failure()
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: |
          {
            "queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" }]
          }
        languages: javascript
        queries: + ./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Queries and packs from input with +
      if: success() || failure()
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: |
          {
            "queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" }],
            "packs": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ]
          }
        languages: javascript
        queries: + ./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql
        packs: + dsp-testing/codeql-pack1@1.0.0, dsp-testing/codeql-pack2
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Queries and packs from config
      if: success() || failure()
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: |
          {
            "queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/foo2/show_ifs.ql" }],
            "packs": {
              "javascript": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ]
            }
          }
        languages: javascript
        config-file-test: .github/codeql/queries-and-packs-config.yml
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Queries and packs from config overriden by input
      if: success() || failure()
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: |
          {
            "queries": [{ "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" }],
            "packs": ["codeql/javascript-queries"]
          }
        languages: javascript
        queries: ./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql
        packs: codeql/javascript-queries
        config-file-test: .github/codeql/queries-and-packs-config.yml
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Queries and packs from config merging with input
      if: success() || failure()
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: |
          {
            "queries": [
              { "uses": "./codeql-qlpacks/complex-javascript-qlpack/foo2/show_ifs.ql" },
              { "uses": "./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql" }
            ],
            "packs": {
              "javascript": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2", "codeql/javascript-queries" ]
            }
          }
        languages: javascript
        queries: + ./codeql-qlpacks/complex-javascript-qlpack/show_ifs.ql
        packs: + codeql/javascript-queries
        config-file-test: .github/codeql/queries-and-packs-config.yml
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Multi-language packs from config
      if: success() || failure()
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: |
          {
            "packs": {
              "javascript": ["dsp-testing/codeql-pack1@1.0.0", "dsp-testing/codeql-pack2" ],
              "ruby": ["codeql/ruby-queries"]
            },
            "queries": [
              { "uses": "./codeql-qlpacks/complex-javascript-qlpack/foo2/show_ifs.ql" }
            ]
          }
        languages: javascript,ruby
        config-file-test: .github/codeql/multi-language-packs-config.yml
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Other config properties
      if: success() || failure()
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: |
          {
            "name": "Config using all properties",
            "packs": ["codeql/javascript-queries" ],
            "disable-default-queries": true,
            "paths-ignore": ["xxx"],
            "paths": ["yyy"]
          }
        languages: javascript
        packs: + codeql/javascript-queries
        config-file-test: .github/codeql/other-config-properties.yml
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Config not generated when env var is not set
      if: success() || failure()
      env:
        CODEQL_PASS_CONFIG_TO_CLI: false
      uses: ./../action/.github/check-codescanning-config
      with:
        expected-config-file-contents: ""
        languages: javascript
        packs: + codeql/javascript-queries
        config-file-test: .github/codeql/other-config-properties.yml
        tools: ${{ steps.prepare-test.outputs.tools-url }}
--- a/.github/workflows/debug-artifacts-failure.yml
+++ b/.github/workflows/debug-artifacts-failure.yml
@@ -1,93 +0,0 @@
 # Checks logs, SARIF, and database bundle debug artifacts exist
 # when the analyze step fails.
 name: PR Check - Debug artifacts after failure
 env:
  # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a
  # workaround for our PR checks.
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: true
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  upload-artifacts:
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest]
    name: Upload debug artifacts after failure in analyze
    continue-on-error: true
    env:
      CODEQL_ACTION_TEST_MODE: true
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
      - name: Dump GitHub event
        run: cat "${GITHUB_EVENT_PATH}"
      - name: Check out repository
        uses: actions/checkout@v3
      - name: Prepare test
        id: prepare-test
        uses: ./.github/prepare-test
        with:
          version: latest
      - uses: actions/setup-go@v3
        with:
          go-version: ^1.13.1
      - uses: ./../action/init
        with:
          tools: ${{ steps.prepare-test.outputs.tools-url }}
          debug: true
          debug-artifact-name: my-debug-artifacts
          debug-database-name: my-db
      - name: Build code
        shell: bash
        run: ./build.sh
      - uses: ./../action/analyze
        id: analysis  
        with:
          expect-error: true
          ram: 1
  download-and-check-artifacts:
    name: Download and check debug artifacts after failure in analyze
    needs: upload-artifacts
    timeout-minutes: 45
    runs-on: ubuntu-latest
    steps:
      - name: Download all artifacts
        uses: actions/download-artifact@v3
      - name: Check expected artifacts exist
        shell: bash
        run: |
          OPERATING_SYSTEMS="ubuntu-latest macos-latest"
          LANGUAGES="cpp csharp go java javascript python"
          for os in $OPERATING_SYSTEMS; do
            pushd "./my-debug-artifacts-$os"
            echo "Artifacts from run on $os:"
            for language in $LANGUAGES; do
              echo "- Checking $language"
              if [[ ! -f "my-db-$language-partial.zip" ]] ; then
                echo "Missing a partial database bundle for $language"
                exit 1
              fi
              if [[ ! -d "log" ]] ; then
                echo "Missing database initialization logs"
                exit 1
              fi
              if [[ ! "$language" == "go" ]] && [[ ! -d "$language/log" ]] ; then
                echo "Missing logs for $language"
                exit 1
              fi
            done
            popd
          done
        env:
          GO111MODULE: auto
--- a/.github/workflows/debug-artifacts.yml
+++ b/.github/workflows/debug-artifacts.yml
@@ -1,119 +0,0 @@
 # Checks logs, SARIF, and database bundle debug artifacts exist.
 name: PR Check - Debug artifact upload
 env:
  # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a
  # workaround for our PR checks.
  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: true
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  upload-artifacts:
    strategy:
      matrix:
        include:
        - os: ubuntu-20.04
          version: stable-20211005
        - os: macos-latest
          version: stable-20211005
        - os: ubuntu-20.04
          version: stable-20220120
        - os: macos-latest
          version: stable-20220120
        - os: ubuntu-latest
          version: stable-20220401
        - os: macos-latest
          version: stable-20220401
        - os: ubuntu-latest
          version: cached
        - os: macos-latest
          version: cached
        - os: ubuntu-latest
          version: latest
        - os: macos-latest
          version: latest
        - os: ubuntu-latest
          version: nightly-latest
        - os: macos-latest
          version: nightly-latest
    name: Upload debug artifacts
    env:
      CODEQL_ACTION_TEST_MODE: true
    timeout-minutes: 45
    runs-on: ${{ matrix.os }}
    steps:
      - name: Check out repository
        uses: actions/checkout@v3
      - name: Prepare test
        id: prepare-test
        uses: ./.github/prepare-test
        with:
          version: ${{ matrix.version }}
      - uses: actions/setup-go@v3
        with:
          go-version: ^1.13.1
      - uses: ./../action/init
        with:
          tools: ${{ steps.prepare-test.outputs.tools-url }}
          debug: true
          debug-artifact-name: my-debug-artifacts
          debug-database-name: my-db
      - name: Build code
        shell: bash
        run: ./build.sh
      - uses: ./../action/analyze
        id: analysis  
  download-and-check-artifacts:
    name: Download and check debug artifacts
    needs: upload-artifacts
    timeout-minutes: 45
    runs-on: ubuntu-latest
    steps:
      - name: Download all artifacts
        uses: actions/download-artifact@v3
      - name: Check expected artifacts exist
        shell: bash
        run: |
          VERSIONS="stable-20211005 stable-20220120 stable-20220401 cached latest nightly-latest"
          LANGUAGES="cpp csharp go java javascript python"
          for version in $VERSIONS; do
            if [[ "$version" =~ stable-(20211005|20220120|20210809) ]]; then
              # Note the absence of the period in "ubuntu-2004": this is present in the image name
              # but not the artifact name
              OPERATING_SYSTEMS="ubuntu-2004 macos-latest"
            else
              OPERATING_SYSTEMS="ubuntu-latest macos-latest"
            fi
            for os in $OPERATING_SYSTEMS; do
              pushd "./my-debug-artifacts-$os-$version"
              echo "Artifacts from version $version on $os:"
              for language in $LANGUAGES; do
                echo "- Checking $language"
                if [[ ! -f "$language.sarif" ]] ; then
                  echo "Missing a SARIF file for $language"
                  exit 1
                fi
                if [[ ! -f "my-db-$language.zip" ]] ; then
                  echo "Missing a database bundle for $language"
                  exit 1
                fi
                if [[ ! -d "$language/log" ]] ; then
                  echo "Missing logs for $language"
                  exit 1
                fi
              done
              popd
            done
          done
        env:
          GO111MODULE: auto
--- a/.github/workflows/expected-queries-runs.yml
+++ b/.github/workflows/expected-queries-runs.yml
@@ -1,9 +1,12 @@
-name: Check queries that ran
+name: Expected queries runs
 env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 on:
  push:
    branches:
    - main
    - releases/v1
    - releases/v2
  pull_request:
    types:
@@ -16,8 +19,6 @@ on:
 jobs:
  expected-queries:
    name: Expected Queries Tests
    env:
      CODEQL_ACTION_TEST_MODE: true
    timeout-minutes: 45
    runs-on: ubuntu-latest
    steps:
@@ -37,6 +38,8 @@ jobs:
        output: ${{ runner.temp }}/results
        upload-database: false
        upload: false
      env:
        TEST_MODE: true
    - name: Check Sarif
      uses: ./../action/.github/check-sarif
--- a/.github/workflows/post-release-mergeback.yml
+++ b/.github/workflows/post-release-mergeback.yml
@@ -1,9 +1,8 @@
-# This workflow runs after a release of the action. It:
+# This workflow runs after a release of the action. For v2 releases, it merges any changes from the
-# 1. Merges any changes from the release back into the main branch. Typically, this is just a single
+# release back into the main branch. Typically, this is just a single commit that updates the
-#    commit that updates the changelog.
+# changelog. For v2 and v1 releases, it then (a) tags the merge commit on the release branch that
-# 2. Tags the merge commit on the release branch that represents the new release with an `v2.x.y`
+# represents the new release with an `vx.y.z` tag and (b) updates the `vx` tag to refer to this
-#    tag
+# commit.
 # 3. Updates the `v2` tag to refer to this merge commit.
 name: Tag release and merge back
 on:
@@ -16,6 +15,7 @@ on:
  push:
    branches:
      - releases/v1
      - releases/v2
 jobs:
@@ -47,10 +47,11 @@ jobs:
        id: getVersion
        run: |
          VERSION="v$(jq '.version' -r 'package.json')"
-          echo "version=${VERSION}" >> $GITHUB_OUTPUT
+          echo "::set-output name=version::${VERSION}"
          short_sha="${GITHUB_SHA:0:8}"
          NEW_BRANCH="mergeback/${VERSION}-to-${BASE_BRANCH}-${short_sha}"
-          echo "newBranch=${NEW_BRANCH}" >> $GITHUB_OUTPUT
+          echo "::set-output name=newBranch::${NEW_BRANCH}"
      - name: Dump branches
        env:
@@ -76,7 +77,7 @@ jobs:
          exists="$?"
          if [ "${exists}" -eq 0 ]; then
            echo "Tag ${VERSION} exists. Not going to re-release."
-            echo "exists=true" >> $GITHUB_OUTPUT
+            echo "::set-output name=exists::true"
          else
            echo "Tag ${VERSION} does not exist yet."
          fi
@@ -105,7 +106,7 @@ jobs:
          git push origin --atomic --force refs/tags/"${VERSION}" refs/tags/"${major_version_tag}"
      - name: Create mergeback branch
-        if: steps.check.outputs.exists != 'true'
+        if: steps.check.outputs.exists != 'true' && contains(github.ref, 'releases/v2')
        env:
          VERSION: "${{ steps.getVersion.outputs.version }}"
          NEW_BRANCH: "${{ steps.getVersion.outputs.newBranch }}"
@@ -113,18 +114,7 @@ jobs:
        run: |
          set -exu
          pr_title="Mergeback ${VERSION} ${HEAD_BRANCH} into ${BASE_BRANCH}"
-          pr_body=$(cat << EOF
+          pr_body="Updates version and changelog."
            This PR bumps the version number and updates the changelog after the ${VERSION} release.
            Please do the following:
            - [ ] Remove and re-add the "Update dependencies" label to the PR to trigger just this workflow.
            - [ ] Wait for the "Update dependencies" workflow to push a commit updating the dependencies.
            - [ ] Mark the PR as ready for review to trigger the full set of PR checks.
            - [ ] Approve and merge the PR. When merging the PR, make sure "Create a merge commit" is
                  selected rather than "Squash and merge" or "Rebase and merge".
          EOF
          )
          # Update the version number ready for the next release
          npm version patch --no-git-tag-version
@@ -144,5 +134,4 @@ jobs:
            --title "${pr_title}" \
            --label "Update dependencies" \
            --body "${pr_body}" \
            --assignee "${GITHUB_ACTOR}" \
            --draft
--- a/.github/workflows/pr-checks.yml
+++ b/.github/workflows/pr-checks.yml
@@ -2,7 +2,7 @@ name: PR Checks
 on:
  push:
-    branches: [main, releases/v2]
+    branches: [main, releases/v1, releases/v2]
  pull_request:
    # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
    # by other workflows.
@@ -15,6 +15,11 @@ jobs:
    runs-on: ubuntu-latest
    timeout-minutes: 45
    strategy:
      fail-fast: true
      matrix:
        node-types-version: [12.12, current]
    steps:
      - name: Checkout
        uses: actions/checkout@v3
@@ -22,6 +27,28 @@ jobs:
      - name: Lint
        run: npm run-script lint
      - name: Update version of @types/node
        if: matrix.node-types-version != 'current'
        env:
          NODE_TYPES_VERSION: ${{ matrix.node-types-version }}
        run: |
          # Export `NODE_TYPES_VERSION` so it's available to jq
          export NODE_TYPES_VERSION="${NODE_TYPES_VERSION}"
          contents=$(jq '.devDependencies."@types/node" = env.NODE_TYPES_VERSION' package.json)
          echo "${contents}" > package.json
          # Usually we run `npm install` on macOS to ensure that we pick up macOS-only dependencies.
          # However we're not checking in the updated lockfile here, so it's fine to run
          # `npm install` on Linux.
          npm install
          if [ ! -z "$(git status --porcelain)" ]; then
            git config --global user.email "github-actions@github.com"
            git config --global user.name "github-actions[bot]"
            # The period in `git add --all .` ensures that we stage deleted files too.
            git add --all .
            git commit -m "Use @types/node=${NODE_TYPES_VERSION}"
          fi
      - name: Check generated JS
        run: .github/workflows/script/check-js.sh
@@ -44,8 +71,25 @@ jobs:
      - name: Checkout
        uses: actions/checkout@v3
      # Checks for any conflict markers created by git. This check is primarily intended to validate that
      # any merge conflicts in the v2 -> v1 backport PR are fixed before the PR is merged.
      - name: Check for merge conflicts
        run: |
          # Use `|| true` since grep returns exit code 1 if there are no matches, and we don't want
          # this to fail the workflow.
          FILES_WITH_CONFLICTS=$(grep --extended-regexp --ignore-case --line-number --recursive \
            '^(<<<<<<<|>>>>>>>)' . || true)
          if [[ "${FILES_WITH_CONFLICTS}" ]]; then
            echo "Fail: Found merge conflict markers in the following files:"
            echo ""
            echo "${FILES_WITH_CONFLICTS}"
            exit 1
          else
            echo "Success: Found no merge conflict markers."
          fi
      - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v3
        with:
          python-version: 3.8
--- a/.github/workflows/python-deps.yml
+++ b/.github/workflows/python-deps.yml
@@ -1,8 +1,8 @@
-name: Test Python Package Installation
+name: Test Python Package Installation on Linux and Mac
 on:
  push:
-    branches: [main, releases/v2]
+    branches: [main, releases/v1, releases/v2]
  pull_request:
    # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
    # by other workflows.
@@ -26,9 +26,13 @@ jobs:
    strategy:
        fail-fast: false
        matrix:
-          os: [ubuntu-20.04, ubuntu-22.04, macos-latest]
+          os: [ubuntu-latest, macos-latest]
          python_deps_type: [pipenv, poetry, requirements, setup_py]
-          python_version: [3]
+          python_version: [2, 3]
          exclude:
            # Python2 and poetry are not supported. See https://github.com/actions/setup-python/issues/374
            - python_version: 2
              python_deps_type: poetry
    env:
@@ -55,8 +59,7 @@ jobs:
        cd $GITHUB_WORKSPACE/python-setup/tests/${PYTHON_DEPS_TYPE}/requests-${PYTHON_VERSION}
        case ${{ matrix.os }} in
-            ubuntu-20.04*)     basePath="/opt";;
+            ubuntu-latest*)     basePath="/opt";;
            ubuntu-22.04*)     basePath="/opt";;
            macos-latest*)    basePath="/Users/runner";;
        esac
        echo ${basePath}
@@ -80,7 +83,7 @@ jobs:
    strategy:
        fail-fast: false
        matrix:
-          os: [ubuntu-20.04, ubuntu-22.04, macos-latest]
+          os: [ubuntu-latest, macos-latest]
    steps:
    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
@@ -102,8 +105,7 @@ jobs:
        cd $GITHUB_WORKSPACE/python-setup/tests/requirements/non-standard-location
        case ${{ matrix.os }} in
-            ubuntu-20.04*)     basePath="/opt";;
+            ubuntu-latest*)     basePath="/opt";;
            ubuntu-22.04*)     basePath="/opt";;
            macos-latest*)    basePath="/Users/runner";;
        esac
        echo ${basePath}
@@ -128,10 +130,13 @@ jobs:
        fail-fast: false
        matrix:
          python_deps_type: [pipenv, poetry, requirements, setup_py]
-          python_version: [3]
+          python_version: [2, 3]
          exclude:
            # Python2 and poetry are not supported. See https://github.com/actions/setup-python/issues/374
            - python_version: 2
              python_deps_type: poetry
    env:
      CODEQL_ACTION_TEST_MODE: true
      PYTHON_DEPS_TYPE: ${{ matrix.python_deps_type }}
      PYTHON_VERSION: ${{ matrix.python_version }}
@@ -139,12 +144,11 @@ jobs:
    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
    - uses: actions/checkout@v3
-    - uses: actions/setup-python@v4
+    - uses: actions/setup-python@v3
      with:
        python-version: ${{ matrix.python_version }}
    - name: Initialize CodeQL
      id: init
      uses: ./init
      with:
        tools: latest
@@ -152,15 +156,15 @@ jobs:
        setup-python-dependencies: false
    - name: Test Auto Package Installation
      env:
        CODEQL_PATH: ${{ steps.init.outputs.codeql-path }}
      run: |
        $cmd = $Env:GITHUB_WORKSPACE + "\\python-setup\\install_tools.ps1"
        powershell -File $cmd
        cd $Env:GITHUB_WORKSPACE\\python-setup/tests/$Env:PYTHON_DEPS_TYPE/requests-$Env:PYTHON_VERSION
-        $codeql_dist = (get-item $Env:CODEQL_PATH).Directory.FullName
+        $DefaultsPath = Join-Path (Join-Path $Env:GITHUB_WORKSPACE "src") "defaults.json"
-        py -3 $Env:GITHUB_WORKSPACE\\python-setup\\auto_install_packages.py $codeql_dist
+        $CodeQLBundleName = (Get-Content -Raw -Path $DefaultsPath | ConvertFrom-Json).bundleVersion
        $CodeQLVersion = "0.0.0-" + $CodeQLBundleName.split("-")[-1]
        py -3 $Env:GITHUB_WORKSPACE\\python-setup\\auto_install_packages.py C:\\hostedtoolcache\\windows\\CodeQL\\$CodeQLVersion\\x64\\codeql
    - name: Setup for extractor
      run: |
--- a/.github/workflows/query-filters.yml
+++ b/.github/workflows/query-filters.yml
@@ -1,55 +0,0 @@
 name: Query filters tests
 on:
  push:
    branches:
    - main
    - releases/v2
  pull_request:
    types:
    - opened
    - synchronize
    - reopened
    - ready_for_review
  workflow_dispatch: {}
 jobs:
  query-filters:
    name: Query Filters Tests
    timeout-minutes: 45
    runs-on: ubuntu-latest
    steps:
    - name: Check out repository
      uses: actions/checkout@v3
    - name: Prepare test
      id: prepare-test
      uses: ./.github/prepare-test
      with:
        version: latest
    - name: Check SARIF for default queries with Single include, Single exclude
      uses: ./../action/.github/query-filter-test
      with:
        sarif-file:  ${{ runner.temp }}/results/javascript.sarif
        queries-run: js/zipslip
        queries-not-run: js/path-injection
        config-file: ./.github/codeql/codeql-config-query-filters1.yml
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Check SARIF for query packs with Single include, Single exclude
      uses: ./../action/.github/query-filter-test
      with:
        sarif-file:  ${{ runner.temp }}/results/javascript.sarif
        queries-run: js/zipslip,javascript/example/empty-or-one-block
        queries-not-run: js/path-injection
        config-file: ./.github/codeql/codeql-config-query-filters2.yml
        tools: ${{ steps.prepare-test.outputs.tools-url }}
    - name: Check SARIF for query packs and local queries with Single include, Single exclude
      uses: ./../action/.github/query-filter-test
      with:
        sarif-file:  ${{ runner.temp }}/results/javascript.sarif
        queries-run: js/zipslip,javascript/example/empty-or-one-block,inrepo-javascript-querypack/show-ifs
        queries-not-run: js/path-injection,complex-python-querypack/show-ifs,complex-python-querypack/foo/bar/show-ifs
        config-file: ./.github/codeql/codeql-config-query-filters3.yml
        tools: ${{ steps.prepare-test.outputs.tools-url }}
--- a/.github/workflows/runner-checks.yml
+++ b/.github/workflows/runner-checks.yml
@@ -0,0 +1,393 @@
 name: CodeQL Runner Checks
 on:
  push:
    branches: [main, releases/v1, releases/v2]
  pull_request:
    # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
    # by other workflows.
    types: [opened, synchronize, reopened, ready_for_review]
  workflow_dispatch:
 jobs:
  runner-analyze-javascript-ubuntu:
    name: Runner ubuntu JS analyze
    timeout-minutes: 45
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Build runner
        run: |
          cd runner
          npm install
          npm run build-runner
      - name: Run init
        run: |
          # Pass --config-file here, but not for other jobs in this workflow.
          # This means we're testing the config file parsing in the runner
          # but not slowing down all jobs unnecessarily as it doesn't add much
          # testing the parsing on different operating systems and languages.
          runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
      - name: Run analyze
        run: |
          runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
        env:
          TEST_MODE: true
  runner-analyze-javascript-windows:
    name: Runner windows JS analyze
    timeout-minutes: 45
    runs-on: windows-latest
    steps:
      - uses: actions/checkout@v3
      - name: Build runner
        run: |
          cd runner
          npm install
          npm run build-runner
      - name: Run init
        run: |
          runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
      - name: Run analyze
        run: |
          runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
        env:
          TEST_MODE: true
  runner-analyze-javascript-macos:
    name: Runner macos JS analyze
    timeout-minutes: 45
    runs-on: macos-latest
    steps:
      - uses: actions/checkout@v3
      - name: Build runner
        run: |
          cd runner
          npm install
          npm run build-runner
      - name: Run init
        run: |
          runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
      - name: Run analyze
        run: |
          runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
        env:
          TEST_MODE: true
  runner-analyze-csharp-ubuntu:
    name: Runner ubuntu C# analyze
    timeout-minutes: 45
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Move codeql-action
        shell: bash
        run: |
          mkdir ../action
          mv * .github ../action/
          mv ../action/tests/multi-language-repo/{*,.github} .
          mv ../action/.github/workflows .github
      - name: Build runner
        run: |
          cd ../action/runner
          npm install
          npm run build-runner
      - name: Run init
        run: |
          ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
      - name: Build code
        run: |
          . ./codeql-runner/codeql-env.sh
          $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
      - name: Run analyze
        run: |
          ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
        env:
          TEST_MODE: true
  runner-analyze-csharp-windows:
    name: Runner windows C# analyze
    # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of
    # `windows-latest`.
    timeout-minutes: 45
    runs-on: windows-2019
    steps:
      - uses: actions/checkout@v3
      - name: Move codeql-action
        shell: bash
        run: |
          mkdir ../action
          mv * .github ../action/
          mv ../action/tests/multi-language-repo/{*,.github} .
          mv ../action/.github/workflows .github
      - name: Build runner
        run: |
          cd ../action/runner
          npm install
          npm run build-runner
      - name: Run init
        run: |
          ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
      - name: Build code
        shell: powershell
        run: |
          cat ./codeql-runner/codeql-env.sh | Invoke-Expression
          $Env:CODEQL_EXTRACTOR_CSHARP_ROOT = "" # Unset an environment variable to make sure the tracer resists this
          & $Env:CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
      - name: Upload tracer logs
        uses: actions/upload-artifact@v3
        with:
          name: tracer-logs
          path: ./codeql-runner/compound-build-tracer.log
      - name: Run analyze
        run: |
          ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
        env:
          TEST_MODE: true
  runner-analyze-csharp-macos:
    name: Runner macos C# analyze
    timeout-minutes: 45
    runs-on: macos-latest
    steps:
      - uses: actions/checkout@v3
      - name: Move codeql-action
        shell: bash
        run: |
          mkdir ../action
          mv * .github ../action/
          mv ../action/tests/multi-language-repo/{*,.github} .
          mv ../action/.github/workflows .github
      - name: Build runner
        run: |
          cd ../action/runner
          npm install
          npm run build-runner
      - name: Run init
        run: |
          ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
      - name: Build code
        shell: bash
        run: |
          . ./codeql-runner/codeql-env.sh
          $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false
      - name: Run analyze
        run: |
          ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
        env:
          TEST_MODE: true
  runner-analyze-csharp-autobuild-ubuntu:
    name: Runner ubuntu autobuild C# analyze
    timeout-minutes: 45
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Move codeql-action
        shell: bash
        run: |
          mkdir ../action
          mv * .github ../action/
          mv ../action/tests/multi-language-repo/{*,.github} .
          mv ../action/.github/workflows .github
      - name: Build runner
        run: |
          cd ../action/runner
          npm install
          npm run build-runner
      - name: Run init
        run: |
          ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
      - name: Build code
        run: |
          ../action/runner/dist/codeql-runner-linux autobuild
      - name: Run analyze
        run: |
          ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
        env:
          TEST_MODE: true
  runner-analyze-csharp-autobuild-windows:
    timeout-minutes: 45
    name: Runner windows autobuild C# analyze
    # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of
    # `windows-latest`.
    runs-on: windows-2019
    steps:
      - uses: actions/checkout@v3
      - name: Move codeql-action
        shell: bash
        run: |
          mkdir ../action
          mv * .github ../action/
          mv ../action/tests/multi-language-repo/{*,.github} .
          mv ../action/.github/workflows .github
      - name: Build runner
        run: |
          cd ../action/runner
          npm install
          npm run build-runner
      - name: Run init
        run: |
          ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
      - name: Build code
        shell: powershell
        run: |
          ../action/runner/dist/codeql-runner-win.exe autobuild
      - name: Run analyze
        run: |
          ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }}
        env:
          TEST_MODE: true
  runner-analyze-csharp-autobuild-macos:
    name: Runner macos autobuild C# analyze
    runs-on: macos-latest
    timeout-minutes: 45
    steps:
      - uses: actions/checkout@v3
      - name: Move codeql-action
        shell: bash
        run: |
          mkdir ../action
          mv * .github ../action/
          mv ../action/tests/multi-language-repo/{*,.github} .
          mv ../action/.github/workflows .github
      - name: Build runner
        run: |
          cd ../action/runner
          npm install
          npm run build-runner
      - name: Run init
        run: |
          ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
      - name: Build code
        shell: bash
        run: |
          . codeql-runner/codeql-env.sh
          CODEQL_RUNNER="$(cat codeql-runner/codeql-env.json | jq -r '.CODEQL_RUNNER')"
          echo "$CODEQL_RUNNER"
          $CODEQL_RUNNER ../action/runner/dist/codeql-runner-macos autobuild
      - name: Run analyze
        run: |
          ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
        env:
          TEST_MODE: true
  runner-upload-sarif:
    name: Runner upload sarif
    runs-on: ubuntu-latest
    timeout-minutes: 45
    if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }}
    steps:
      - uses: actions/checkout@v3
      - name: Build runner
        run: |
          cd runner
          npm install
          npm run build-runner
      - name: Upload with runner
        run: |
          # Deliberately don't use TEST_MODE here. This is specifically testing
          # the compatibility with the API.
          runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
  runner-extractor-ram-threads-options:
    name: Runner ubuntu extractor RAM and threads options
    runs-on: ubuntu-latest
    timeout-minutes: 45
    steps:
      - uses: actions/checkout@v3
      - name: Build runner
        run: |
          cd runner
          npm install
          npm run build-runner
      - name: Run init
        run: |
          runner/dist/codeql-runner-linux init --ram=230 --threads=1 --repository $GITHUB_REPOSITORY --languages java --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }}
      - name: Assert Results
        shell: bash
        run: |
          . ./codeql-runner/codeql-env.sh
          if [ "${CODEQL_RAM}" != "230" ]; then
            echo "CODEQL_RAM is '${CODEQL_RAM}' instead of 230"
            exit 1
          fi
          if [ "${CODEQL_EXTRACTOR_JAVA_RAM}" != "230" ]; then
            echo "CODEQL_EXTRACTOR_JAVA_RAM is '${CODEQL_EXTRACTOR_JAVA_RAM}' instead of 230"
            exit 1
          fi
          if [ "${CODEQL_THREADS}" != "1" ]; then
            echo "CODEQL_THREADS is '${CODEQL_THREADS}' instead of 1"
            exit 1
          fi
          if [ "${CODEQL_EXTRACTOR_JAVA_THREADS}" != "1" ]; then
            echo "CODEQL_EXTRACTOR_JAVA_THREADS is '${CODEQL_EXTRACTOR_JAVA_THREADS}' instead of 1"
            exit 1
          fi
--- a/.github/workflows/script/check-node-modules.sh
+++ b/.github/workflows/script/check-node-modules.sh
@@ -7,9 +7,7 @@ if [ ! -z "$(git status --porcelain)" ]; then
    >&2 echo "Failed: Repo should be clean before testing!"
    exit 1
 fi
-# When updating this, make sure to update the npm version in
+sudo npm install --force -g npm@latest
 # `.github/workflows/update-dependencies.yml` too.
 sudo npm install --force -g npm@9.2.0
 # Reinstall modules and then clean to remove absolute paths
 # Use 'npm ci' instead of 'npm install' as this is intended to be reproducible
 npm ci
@@ -17,8 +15,8 @@ npm run removeNPMAbsolutePaths
 # Check that repo is still clean
 if [ ! -z "$(git status --porcelain)" ]; then
    # If we get a fail here then the PR needs attention
-    >&2 echo "Failed: node_modules are not up to date. Add the 'Update dependencies' label to your PR to update them. Note it is important that node modules are updated on macOS and not any other operating system as there is one dependency (fsevents) that is needed for macOS and may not be installed if dependencies are updated on a Windows or Linux machine."
+    >&2 echo "Failed: node_modules are not up to date. Run 'npm ci && npm run removeNPMAbsolutePaths' on a macOS machine to update. Note it is important this command is run on macOS and not any other operating system as there is one dependency (fsevents) that is needed for macOS and may not be installed if the command is run on a Windows or Linux machine."
    git status
    exit 1
 fi
-echo "Success: node_modules are up to date"
+echo "Success: node_modules are up to date"
--- a/.github/workflows/script/update-required-checks.sh
+++ b/.github/workflows/script/update-required-checks.sh
@@ -10,7 +10,7 @@ fi
 if [ "$#" -eq 1 ]; then
  # If we were passed an argument, use that as the SHA
-  GITHUB_SHA="$1"
+  GITHUB_SHA="$0"
 elif [ "$#" -gt 1 ]; then
  echo "Usage: $0 [SHA]"
  echo "Update the required checks based on the SHA, or main."
@@ -23,13 +23,13 @@ fi
 echo "Getting checks for $GITHUB_SHA"
 # Ignore any checks with "https://", CodeQL, LGTM, and Update checks.
-CHECKS="$(gh api repos/github/codeql-action/commits/"${GITHUB_SHA}"/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or . == "check-expected-release-files" or contains("Update") or contains("update") or contains("test-setup-python-scripts") | not)] | unique | sort')"
+CHECKS="$(gh api repos/github/codeql-action/commits/"${GITHUB_SHA}"/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") or contains("update") | not)] | unique | sort')"
 echo "$CHECKS" | jq
 echo "{\"contexts\": ${CHECKS}}" > checks.json
-for BRANCH in main releases/v2; do
+for BRANCH in main releases/v2 releases/v1; do
  echo "Updating $BRANCH"
  gh api --silent -X "PATCH" "repos/github/codeql-action/branches/$BRANCH/protection/required_status_checks" --input checks.json
 done
--- a/.github/workflows/update-dependencies.yml
+++ b/.github/workflows/update-dependencies.yml
@@ -27,9 +27,7 @@ jobs:
      run: |
        git fetch origin "$BRANCH" --depth=1
        git checkout "origin/$BRANCH"
-        # When updating this, make sure to update the npm version in
+        sudo npm install --force -g npm@latest
        # `.github/workflows/script/check-node-modules.sh` too.
        sudo npm install --force -g npm@9.2.0
        npm install
        npm ci
        npm run removeNPMAbsolutePaths
--- a/.github/workflows/update-release-branch.yml
+++ b/.github/workflows/update-release-branch.yml
@@ -4,6 +4,11 @@ on:
  # This will open a PR to update the v2 release branch.
  workflow_dispatch:
  # When the v2 release is complete, this workflow will open a PR to update the v1 release branch.
  push:
    branches:
      - releases/v2
 jobs:
  update:
    timeout-minutes: 45
@@ -24,7 +29,7 @@ jobs:
        fetch-depth: 0
    - name: Set up Python
-      uses: actions/setup-python@v4
+      uses: actions/setup-python@v3
      with:
        python-version: 3.8
@@ -38,9 +43,20 @@ jobs:
        git config --global user.email "github-actions@github.com"
        git config --global user.name "github-actions[bot]"
-    - name: Update release branch
+    - name: Update v2 release branch
      if: github.event_name == 'workflow_dispatch'
      run: |
        python .github/update-release-branch.py \
          --github-token ${{ secrets.GITHUB_TOKEN }} \
          --repository-nwo ${{ github.repository }} \
          --mode v2-release \
          --conductor ${GITHUB_ACTOR}
    - name: Update v1 release branch
      if: github.event_name == 'push'
      run: |
        python .github/update-release-branch.py \
          --github-token ${{ secrets.GITHUB_TOKEN }} \
          --repository-nwo ${{ github.repository }} \
          --mode v1-release \
          --conductor ${GITHUB_ACTOR}
--- a/.github/workflows/update-supported-enterprise-server-versions.yml
+++ b/.github/workflows/update-supported-enterprise-server-versions.yml
@@ -13,7 +13,7 @@ jobs:
    steps:
      - name: Setup Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v3
        with:
          python-version: "3.7"
      - name: Checkout CodeQL Action
@@ -35,7 +35,7 @@ jobs:
        env:
          ENTERPRISE_RELEASES_PATH: ${{ github.workspace }}/enterprise-releases/
      - name: Commit Changes
-        uses: peter-evans/create-pull-request@2b011faafdcbc9ceb11414d64d0573f37c774b04 # v4.2.3
+        uses: peter-evans/create-pull-request@c7f493a8000b8aeb17a1332e326ba76b57cb83eb # v3.4.1
        with:
          commit-message: Update supported GitHub Enterprise Server versions.
          title: Update supported GitHub Enterprise Server versions.
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,4 @@
 /runner/dist/
 /runner/node_modules/
 # Ignore for example failing-tests.json from AVA
 node_modules/.cache
--- a/.npmrc
+++ b/.npmrc
@@ -1 +0,0 @@
 lockfile-version=3
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,205 +1,63 @@
 # CodeQL Action Changelog
-## [UNRELEASED]
+## 1.1.18 - 03 Aug 2022
 No user facing changes.
 ## 2.2.4 - 10 Feb 2023
 No user facing changes.
 ## 2.2.3 - 08 Feb 2023
 - Update default CodeQL bundle version to 2.12.2. [#1518](https://github.com/github/codeql-action/pull/1518)
 ## 2.2.2 - 06 Feb 2023
 - Fix an issue where customers using the CodeQL Action with the [CodeQL Action sync tool](https://docs.github.com/en/enterprise-server@3.7/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access) would not be able to obtain the CodeQL tools. [#1517](https://github.com/github/codeql-action/pull/1517)
 ## 2.2.1 - 27 Jan 2023
 No user facing changes.
 ## 2.2.0 - 26 Jan 2023
 - Improve stability when choosing the default version of CodeQL to use in code scanning workflow runs on Actions on GitHub.com. [#1475](https://github.com/github/codeql-action/pull/1475)
  - This change addresses customer reports of code scanning alerts on GitHub.com being closed and reopened during the rollout of new versions of CodeQL in the GitHub Actions [runner images](https://github.com/actions/runner-images).
  - **No change is required for the majority of workflows**, including:
    - Workflows on GitHub.com hosted runners using the latest version (`v2`) of the CodeQL Action.
    - Workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action from `v2.2.0` onwards.
    - Workflows on GitHub Enterprise Server.
  - **A change may be required** for workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action before `v2.2.0` (e.g. `v2.1.32`):
    - Previously, these workflows would obtain the latest version of CodeQL from the Actions runner image.
    - Now, these workflows will download an older, compatible version of CodeQL from GitHub Releases. To use this older version, no change is required. To use the newest version of CodeQL, please update your workflows to reference the latest version of the CodeQL Action (`v2`).
  - **Internal changes**
    - These changes will not affect the majority of code scanning workflows. Continue reading only if your workflow uses [@actions/tool-cache](https://github.com/actions/toolkit/tree/main/packages/tool-cache) or relies on the precise location of CodeQL within the Actions tool cache.
    - The tool cache now contains **two** recent CodeQL versions (previously **one**).
    - Each CodeQL version is located under a directory named after the release date and version number, e.g. CodeQL 2.11.6 is now located under `CodeQL/2.11.6-20221211/x64/codeql` (previously `CodeQL/0.0.0-20221211/x64/codeql`).
 - The maximum number of [SARIF runs](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#run-object) per file has been increased from 15 to 20 for users uploading SARIF files to GitHub.com. This change will help ensure that Code Scanning can process SARIF files generated by third-party tools that have many runs. See the [GitHub API documentation](https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data) for a list of all the limits around uploading SARIF. This change will be released to GitHub Enterprise Server as part of GHES 3.9.
 - Update default CodeQL bundle version to 2.12.1. [#1498](https://github.com/github/codeql-action/pull/1498)
 - Fix a bug that forced the `init` Action to run for at least two minutes on JavaScript. [#1494](https://github.com/github/codeql-action/pull/1494)
 ## 2.1.39 - 18 Jan 2023
 - CodeQL Action v1 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see [this changelog post](https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/). [#1467](https://github.com/github/codeql-action/pull/1466)
 - Python automatic dependency installation will no longer fail for projects using Poetry that specify `virtualenvs.options.no-pip = true` in their `poetry.toml`. [#1431](https://github.com/github/codeql-action/pull/1431)
 - Avoid printing a stack trace and error message when the action fails to find the SHA at the
  current directory. This will happen in several non-error states and so we now avoid cluttering the
  log with this message. [#1485](https://github.com/github/codeql-action/pull/1485)
 ## 2.1.38 - 12 Jan 2023
 - Update default CodeQL bundle version to 2.12.0. [#1466](https://github.com/github/codeql-action/pull/1466)
 ## 2.1.37 - 14 Dec 2022
 - Update default CodeQL bundle version to 2.11.6. [#1433](https://github.com/github/codeql-action/pull/1433)
 ## 2.1.36 - 08 Dec 2022
 - Update default CodeQL bundle version to 2.11.5. [#1412](https://github.com/github/codeql-action/pull/1412)
 - Add a step that tries to upload a SARIF file for the workflow run when that workflow run fails. This will help better surface failed code scanning workflow runs. [#1393](https://github.com/github/codeql-action/pull/1393)
 - Python automatic dependency installation will no longer consider dependency code installed in venv as user-written, for projects using Poetry that specify `virtualenvs.in-project = true` in their `poetry.toml`. [#1419](https://github.com/github/codeql-action/pull/1419)
 ## 2.1.35 - 01 Dec 2022
 No user facing changes.
 ## 2.1.34 - 25 Nov 2022
 - Update default CodeQL bundle version to 2.11.4. [#1391](https://github.com/github/codeql-action/pull/1391)
 - Fixed a bug where some the `init` action and the `analyze` action would have different sets of experimental feature flags enabled. [#1384](https://github.com/github/codeql-action/pull/1384)
 ## 2.1.33 - 16 Nov 2022
 - Go is now analyzed in the same way as other compiled languages such as C/C++, C#, and Java. This completes the rollout of the feature described in [CodeQL Action version 2.1.27](#2127---06-oct-2022). [#1322](https://github.com/github/codeql-action/pull/1322)
 - Bump the minimum CodeQL bundle version to 2.6.3. [#1358](https://github.com/github/codeql-action/pull/1358)
 ## 2.1.32 - 14 Nov 2022
 - Update default CodeQL bundle version to 2.11.3. [#1348](https://github.com/github/codeql-action/pull/1348)
 - Update the ML-powered additional query pack for JavaScript to version 0.4.0. [#1351](https://github.com/github/codeql-action/pull/1351)
 ## 2.1.31 - 04 Nov 2022
 - The `rb/weak-cryptographic-algorithm` Ruby query has been updated to no longer report uses of hash functions such as `MD5` and `SHA1` even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. For more information, see the corresponding change in the [github/codeql repository](https://github.com/github/codeql/pull/11129). [#1344](https://github.com/github/codeql-action/pull/1344)
 ## 2.1.30 - 02 Nov 2022
 - Improve the error message when using CodeQL bundle version 2.7.2 and earlier in a workflow that runs on a runner image such as `ubuntu-22.04` that uses glibc version 2.34 and later. [#1334](https://github.com/github/codeql-action/pull/1334)
 ## 2.1.29 - 26 Oct 2022
 - Update default CodeQL bundle version to 2.11.2. [#1320](https://github.com/github/codeql-action/pull/1320)
 ## 2.1.28 - 18 Oct 2022
 - Update default CodeQL bundle version to 2.11.1. [#1294](https://github.com/github/codeql-action/pull/1294)
 - Replace uses of GitHub Actions command `set-output` because it is now deprecated. See more information in the [GitHub Changelog](https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/). [#1301](https://github.com/github/codeql-action/pull/1301)
 ## 2.1.27 - 06 Oct 2022
 - We are rolling out a feature of the CodeQL Action in October 2022 that changes the way that Go code is analyzed to be more consistent with other compiled languages like C/C++, C#, and Java. You do not need to alter your code scanning workflows. If you encounter any problems, please [file an issue](https://github.com/github/codeql-action/issues) or open a private ticket with GitHub Support and request an escalation to engineering.
 ## 2.1.26 - 29 Sep 2022
 - Update default CodeQL bundle version to 2.11.0. [#1267](https://github.com/github/codeql-action/pull/1267)
 ## 2.1.25 - 21 Sep 2022
 - We will soon be rolling out a feature of the CodeQL Action that stores some information used to make future runs faster in the GitHub Actions cache. Initially, this will only be enabled on JavaScript repositories, but we plan to add more languages to this soon. The new feature can be disabled by passing the `trap-caching: false` option to your workflow's `init` step, for example if you are already using the GitHub Actions cache for a different purpose and are near the storage limit for it.
 - Add support for Python automatic dependency installation with Poetry 1.2 [#1258](https://github.com/github/codeql-action/pull/1258)
 ## 2.1.24 - 16 Sep 2022
 No user facing changes.
 ## 2.1.23 - 14 Sep 2022
 - Allow CodeQL packs to be downloaded from GitHub Enterprise Server instances, using the new `registries` input for the `init` action.  [#1221](https://github.com/github/codeql-action/pull/1221)
 - Update default CodeQL bundle version to 2.10.5. [#1240](https://github.com/github/codeql-action/pull/1240)
 ## 2.1.22 - 01 Sep 2022
 - Downloading CodeQL packs has been moved to the `init` step. Previously, CodeQL packs were downloaded during the `analyze` step. [#1218](https://github.com/github/codeql-action/pull/1218)
 - Update default CodeQL bundle version to 2.10.4. [#1224](https://github.com/github/codeql-action/pull/1224)
 - The newly released [Poetry 1.2](https://python-poetry.org/blog/announcing-poetry-1.2.0) is not yet supported. In the most common case where the CodeQL Action is automatically installing Python dependencies, it will continue to install and use Poetry 1.1 on its own. However, in certain cases such as with self-hosted runners, you may need to ensure Poetry 1.1 is installed yourself.
 ## 2.1.21 - 25 Aug 2022
 - Improve error messages when the code scanning configuration file includes an invalid `queries` block or an invalid `query-filters` block. [#1208](https://github.com/github/codeql-action/pull/1208)
 - Fix a bug where Go build tracing could fail on Windows. [#1209](https://github.com/github/codeql-action/pull/1209)
 ## 2.1.20 - 22 Aug 2022
 No user facing changes.
 ## 2.1.19 - 17 Aug 2022
 - Add the ability to filter queries from a code scanning run by using the `query-filters` option in the code scanning configuration file. [#1098](https://github.com/github/codeql-action/pull/1098)
 - In debug mode, debug artifacts are now uploaded even if a step in the Actions workflow fails. [#1159](https://github.com/github/codeql-action/pull/1159)
 - Update default CodeQL bundle version to 2.10.3. [#1178](https://github.com/github/codeql-action/pull/1178)
 - The combination of python2 and Pipenv is no longer supported. [#1181](https://github.com/github/codeql-action/pull/1181)
 ## 2.1.18 - 03 Aug 2022
 - Update default CodeQL bundle version to 2.10.2.  [#1156](https://github.com/github/codeql-action/pull/1156)
-## 2.1.17 - 28 Jul 2022
+## 1.1.17 - 28 Jul 2022
 - Update default CodeQL bundle version to 2.10.1.  [#1143](https://github.com/github/codeql-action/pull/1143)
-## 2.1.16 - 13 Jul 2022
+## 1.1.16 - 13 Jul 2022
 - You can now quickly debug a job that uses the CodeQL Action by re-running the job from the GitHub UI and selecting the "Enable debug logging" option. [#1132](https://github.com/github/codeql-action/pull/1132)
 - You can now see diagnostic messages produced by the analysis in the logs of the `analyze` Action by enabling debug mode. To enable debug mode, pass `debug: true` to the `init` Action, or [enable step debug logging](https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging#enabling-step-debug-logging). This feature is available for CodeQL CLI version 2.10.0 and later. [#1133](https://github.com/github/codeql-action/pull/1133)
-## 2.1.15 - 28 Jun 2022
+## 1.1.15 - 28 Jun 2022
 - CodeQL query packs listed in the `packs` configuration field will be skipped if their target language is not being analyzed in the current Actions job. Previously, this would throw an error. [#1116](https://github.com/github/codeql-action/pull/1116)
- The combination of python2 and poetry is no longer supported. See <https://github.com/actions/setup-python/issues/374> for more details. [#1124](https://github.com/github/codeql-action/pull/1124)
+- The combination of python2 and poetry is no longer supported. See https://github.com/actions/setup-python/issues/374 for more details. [#1124](https://github.com/github/codeql-action/pull/1124)
 - Update default CodeQL bundle version to 2.10.0. [#1123](https://github.com/github/codeql-action/pull/1123)
-## 2.1.14 - 22 Jun 2022
+## 1.1.14 - 22 Jun 2022
 No user facing changes.
-## 2.1.13 - 21 Jun 2022
+## 1.1.13 - 21 Jun 2022
 - Update default CodeQL bundle version to 2.9.4. [#1100](https://github.com/github/codeql-action/pull/1100)
-## 2.1.12 - 01 Jun 2022
+## 1.1.12 - 01 Jun 2022
 - Update default CodeQL bundle version to 2.9.3. [#1084](https://github.com/github/codeql-action/pull/1084)
-## 2.1.11 - 17 May 2022
+## 1.1.11 - 17 May 2022
 - Update default CodeQL bundle version to 2.9.2. [#1074](https://github.com/github/codeql-action/pull/1074)
-## 2.1.10 - 10 May 2022
+## 1.1.10 - 10 May 2022
 - Update default CodeQL bundle version to 2.9.1. [#1056](https://github.com/github/codeql-action/pull/1056)
 - When `wait-for-processing` is enabled, the workflow will now fail if there were any errors that occurred during processing of the analysis results.
-## 2.1.9 - 27 Apr 2022
+## 1.1.9 - 27 Apr 2022
 - Add `working-directory` input to the `autobuild` action. [#1024](https://github.com/github/codeql-action/pull/1024)
 - The `analyze` and `upload-sarif` actions will now wait up to 2 minutes for processing to complete after they have uploaded the results so they can report any processing errors that occurred. This behavior can be disabled by setting the `wait-for-processing` action input to `"false"`. [#1007](https://github.com/github/codeql-action/pull/1007)
 - Update default CodeQL bundle version to 2.9.0.
 - Fix a bug where [status reporting fails on Windows](https://github.com/github/codeql-action/issues/1041). [#1042](https://github.com/github/codeql-action/pull/1042)
-## 2.1.8 - 08 Apr 2022
+## 1.1.8 - 08 Apr 2022
 - Update default CodeQL bundle version to 2.8.5. [#1014](https://github.com/github/codeql-action/pull/1014)
 - Fix error where the init action would fail due to a GitHub API request that was taking too long to complete [#1025](https://github.com/github/codeql-action/pull/1025)
-## 2.1.7 - 05 Apr 2022
+## 1.1.7 - 05 Apr 2022
 - A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. [#1018](https://github.com/github/codeql-action/pull/1018)
-## 2.1.6 - 30 Mar 2022
+## 1.1.6 - 30 Mar 2022
 - [v2+ only] The CodeQL Action now runs on Node.js v16. [#1000](https://github.com/github/codeql-action/pull/1000)
 - Update default CodeQL bundle version to 2.8.4. [#990](https://github.com/github/codeql-action/pull/990)
 - Fix a bug where an invalid `commit_oid` was being sent to code scanning when a custom checkout path was being used. [#956](https://github.com/github/codeql-action/pull/956)
@@ -360,7 +218,7 @@ No user facing changes.
 ## 1.0.4 - 28 Jun 2021
 - Fix `RUNNER_TEMP environment variable must be set` when using runner. [#594](https://github.com/github/codeql-action/pull/594)
- Fix counting of lines of code for C# projects. [#586](https://github.com/github/codeql-action/pull/586)
+- Fix couting of lines of code for C# projects. [#586](https://github.com/github/codeql-action/pull/586)
 ## 1.0.3 - 23 Jun 2021
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -38,6 +38,10 @@ To see the effect of your changes and to test them, push your changes in a branc
 As well as the unit tests (see _Common tasks_ above), there are integration tests, defined in `.github/workflows/integration-testing.yml`.  These are run by a CI check.  Depending on the change you’re making, you may want to add a test to this file or extend an existing one.
 ### Building the CodeQL runner
 Navigate to the `runner` directory and run `npm install` to install dependencies needed only for compiling the CodeQL runner. Run `npm run build-runner` to output files to the `runner/dist` directory.
 ## Submitting a pull request
 1. [Fork][fork] and clone the repository
@@ -67,8 +71,12 @@ Here are a few things you can do that will increase the likelihood of your pull
    This mergeback incorporates the changelog updates into `main`, tags the release using the merge commit of the "Merge main into releases/v2" pull request, and bumps the patch version of the CodeQL Action.
    Approve the mergeback PR and automerge it.
 1. When the "Merge main into releases/v2" pull request is merged into the `releases/v2` branch, the "Update release branch" workflow will create a "Merge releases/v2 into releases/v1" pull request to merge the changes since the last release into the `releases/v1` release branch.
    This ensures we keep both the `releases/v1` and `releases/v2` release branches up to date and fully supported.
-Once the mergeback has been merged to `main`, the release is complete.
+    Review the checklist items in the pull request description.
    Once you've checked off all the items, approve the PR and automerge it.
 1. Once the mergeback has been merged to `main` and the "Merge releases/v2 into releases/v1" PR has been merged to `releases/v1`, the release is complete.
 ## Keeping the PR checks up to date (admin access required)
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # CodeQL Action
-This action runs GitHub's industry-leading semantic code analysis engine, [CodeQL](https://codeql.github.com/), against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of [queries](https://github.com/github/codeql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code.
+This action runs GitHub's industry-leading semantic code analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of [queries](https://github.com/github/codeql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code.
 For a list of recent changes, see the CodeQL Action's [changelog](CHANGELOG.md).
@@ -59,9 +59,9 @@ jobs:
        uses: github/codeql-action/init@v2
        # Override language selection by uncommenting this and choosing your languages
        # with:
-        #   languages: go, javascript, csharp, python, cpp, java, ruby
+        #   languages: go, javascript, csharp, python, cpp, java
-      # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
+      # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
      # If this step fails, then you should remove it and run the build manually (see below).
      - name: Autobuild
        uses: github/codeql-action/autobuild@v2
--- a/analyze/action.yml
+++ b/analyze/action.yml
@@ -12,7 +12,6 @@ inputs:
  upload:
    description: Upload the SARIF file to Code Scanning
    required: false
    # If changing this, make sure to update workflow.ts accordingly.
    default: "true"
  cleanup-level:
    description: "Level of cleanup to perform on CodeQL databases at the end of the analyze step. This should either be 'none' to skip cleanup, or be a valid argument for the --mode flag of the CodeQL CLI command 'codeql database cleanup' as documented at https://codeql.github.com/docs/codeql-cli/manual/database-cleanup"
@@ -45,7 +44,6 @@ inputs:
  checkout_path:
    description: "The path at which the analyzed repository was checked out. Used to relativize any absolute paths in the uploaded SARIF file."
    required: false
    # If changing this, make sure to update workflow.ts accordingly.
    default: ${{ github.workspace }}
  ref:
    description: "The ref where results will be uploaded. If not provided, the Action will use the GITHUB_REF environment variable. If provided, the sha input must be provided as well. This input is not available in pull requests from forks."
@@ -68,16 +66,11 @@ inputs:
    default: ${{ github.token }}
  matrix:
    default: ${{ toJson(matrix) }}
  expect-error:
    description: "[Internal] It is an error to use this input outside of integration testing of the codeql-action."
    required: false
    default: "false"
 outputs:
  db-locations:
    description: A map from language to absolute path for each database created by CodeQL.
  sarif-id:
    description: The ID of the uploaded SARIF file.
 runs:
-  using: "node16"
+  using: "node12"
  main: "../lib/analyze-action.js"
  post: "../lib/analyze-action-post.js"
--- a/autobuild/action.yml
+++ b/autobuild/action.yml
@@ -13,5 +13,5 @@ inputs:
      $GITHUB_WORKSPACE as its working directory.
    required: false
 runs:
-  using: 'node16'
+  using: 'node12'
  main: '../lib/autobuild-action.js'
--- a/init/action.yml
+++ b/init/action.yml
@@ -10,34 +10,9 @@ inputs:
    description: The languages to be analysed
    required: false
  token:
    description: GitHub token to use for authenticating with this instance of GitHub. To download custom packs from multiple registries, use the registries input.
    default: ${{ github.token }}
    required: false
  registries:
    description: |
      Use this input only when you need to download CodeQL packages from another instance of GitHub. If you only need to download packages from this GitHub instance, use the token input instead.
      A YAML string that defines the list of GitHub container registries to use for downloading packs. The string is in the following form (the | is required on the first line):
      registries: |
          - url: https://containers.GHEHOSTNAME1/v2/
            packages:
              - my-company/*
              - my-company2/*
            token: \$\{{ secrets.GHEHOSTNAME1_TOKEN }}
          - url: https://ghcr.io/v2/
            packages: */*
            token: \$\{{ secrets.GHCR_TOKEN }}
      The `url` property contains the URL to the container registry you want to connect to.
      The `packages` property contains a single glob string or a list of glob strings, specifying which packages should be retrieved from this particular container registry. Order is important. Earlier entries will match before later entries.
      The `token` property contains a connection token for this registry.    required: false
  matrix:
    default: ${{ toJson(matrix) }}
    required: false
  config-file:
    description: Path of the config file to use
    required: false
@@ -57,7 +32,7 @@ inputs:
      analyses, you must specify packs in the codeql-config.yml file.
    required: false
  external-repository-token:
-    description: A token for fetching external config files and queries if they reside in a private repository in the same GitHub instance that is running this action.
+    description: A token for fetching external config files and queries if they reside in a private repository.
    required: false
  setup-python-dependencies:
    description: Try to auto-install your python dependencies
@@ -97,14 +72,9 @@ inputs:
      The name of the database uploaded to the debugging artifact.
      This is only used when debug mode is enabled.
    required: false
  trap-caching:
    description: >-
      Explicitly enable or disable TRAP caching rather than respecting the feature flag for it.
    required: false
 outputs:
  codeql-path:
    description: The path of the CodeQL binary used for analysis
 runs:
-  using: 'node16'
+  using: 'node12'
  main: '../lib/init-action.js'
  post: '../lib/init-action-post.js'
--- a/lib/actions-util.js
+++ b/lib/actions-util.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -23,24 +19,29 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.workflowEventName = exports.sendStatusReport = exports.createStatusReportBase = exports.getActionVersion = exports.getActionsStatus = exports.getRef = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
+exports.sanitizeArifactName = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.sendStatusReport = exports.createStatusReportBase = exports.getActionsStatus = exports.getRef = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.getWorkflowRunID = exports.getWorkflow = exports.formatWorkflowCause = exports.formatWorkflowErrors = exports.validateWorkflow = exports.getWorkflowErrors = exports.WorkflowErrors = exports.patternIsSuperset = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const safeWhich = __importStar(require("@chrisgavin/safe-which"));
 const yaml = __importStar(require("js-yaml"));
 const api = __importStar(require("./api-client"));
 const sharedEnv = __importStar(require("./shared-environment"));
 const util_1 = require("./util");
 const workflow_1 = require("./workflow");
 // eslint-disable-next-line import/no-commonjs
 const pkg = require("../package.json");
 /**
 * The utils in this module are meant to be run inside of the action only.
 * Code paths from the runner should not enter this module.
 */
 /**
 * Wrapper around core.getInput for inputs that always have a value.
 * Also see getOptionalInput.
 *
- * This allows us to get stronger type checking of required/optional inputs.
+ * This allows us to get stronger type checking of required/optional inputs
 * and make behaviour more consistent between actions and the runner.
 */
 function getRequiredInput(name) {
    return core.getInput(name, { required: true });
@@ -50,7 +51,8 @@ exports.getRequiredInput = getRequiredInput;
 * Wrapper around core.getInput that converts empty inputs to undefined.
 * Also see getRequiredInput.
 *
- * This allows us to get stronger type checking of required/optional inputs.
+ * This allows us to get stronger type checking of required/optional inputs
 * and make behaviour more consistent between actions and the runner.
 */
 const getOptionalInput = function (name) {
    const value = core.getInput(name);
@@ -92,9 +94,8 @@ const getCommitOid = async function (checkoutPath, ref = "HEAD") {
        return commitOid.trim();
    }
    catch (e) {
-        core.info("Could not determine current commit SHA using git. Continuing with data from user input or environment.");
+        core.info(`Failed to call git to get current commit. Continuing with data from environment or input: ${e}`);
-        core.debug(`Reason: ${e.message}`);
+        core.info(e.stack || "NO STACK");
        core.debug(e.stack || "NO STACK");
        return (0, exports.getOptionalInput)("sha") || (0, util_1.getRequiredEnvParam)("GITHUB_SHA");
    }
 };
@@ -104,7 +105,7 @@ exports.getCommitOid = getCommitOid;
 * Returns undefined if run by other triggers or the merge base cannot be determined.
 */
 const determineMergeBaseCommitOid = async function () {
-    if (workflowEventName() !== "pull_request") {
+    if (process.env.GITHUB_EVENT_NAME !== "pull_request") {
        return undefined;
    }
    const mergeSha = (0, util_1.getRequiredEnvParam)("GITHUB_SHA");
@@ -150,6 +151,225 @@ const determineMergeBaseCommitOid = async function () {
    }
 };
 exports.determineMergeBaseCommitOid = determineMergeBaseCommitOid;
 function isObject(o) {
    return o !== null && typeof o === "object";
 }
 const GLOB_PATTERN = new RegExp("(\\*\\*?)");
 function escapeRegExp(string) {
    return string.replace(/[.*+?^${}()|[\]\\]/g, "\\$&"); // $& means the whole matched string
 }
 function patternToRegExp(value) {
    return new RegExp(`^${value
        .toString()
        .split(GLOB_PATTERN)
        .reduce(function (arr, cur) {
        if (cur === "**") {
            arr.push(".*?");
        }
        else if (cur === "*") {
            arr.push("[^/]*?");
        }
        else if (cur) {
            arr.push(escapeRegExp(cur));
        }
        return arr;
    }, [])
        .join("")}$`);
 }
 // this function should return true if patternA is a superset of patternB
 // e.g: * is a superset of main-* but main-* is not a superset of *.
 function patternIsSuperset(patternA, patternB) {
    return patternToRegExp(patternA).test(patternB);
 }
 exports.patternIsSuperset = patternIsSuperset;
 function branchesToArray(branches) {
    if (typeof branches === "string") {
        return [branches];
    }
    if (Array.isArray(branches)) {
        if (branches.length === 0) {
            return "**";
        }
        return branches;
    }
    return "**";
 }
 function toCodedErrors(errors) {
    return Object.entries(errors).reduce((acc, [key, value]) => {
        acc[key] = { message: value, code: key };
        return acc;
    }, {});
 }
 // code to send back via status report
 // message to add as a warning annotation to the run
 exports.WorkflowErrors = toCodedErrors({
    MismatchedBranches: `Please make sure that every branch in on.pull_request is also in on.push so that Code Scanning can compare pull requests against the state of the base branch.`,
    MissingPushHook: `Please specify an on.push hook so that Code Scanning can compare pull requests against the state of the base branch.`,
    PathsSpecified: `Using on.push.paths can prevent Code Scanning annotating new alerts in your pull requests.`,
    PathsIgnoreSpecified: `Using on.push.paths-ignore can prevent Code Scanning annotating new alerts in your pull requests.`,
    CheckoutWrongHead: `git checkout HEAD^2 is no longer necessary. Please remove this step as Code Scanning recommends analyzing the merge commit for best results.`,
 });
 function getWorkflowErrors(doc) {
    var _a, _b, _c, _d, _e;
    const errors = [];
    const jobName = process.env.GITHUB_JOB;
    if (jobName) {
        const job = (_a = doc === null || doc === void 0 ? void 0 : doc.jobs) === null || _a === void 0 ? void 0 : _a[jobName];
        const steps = job === null || job === void 0 ? void 0 : job.steps;
        if (Array.isArray(steps)) {
            for (const step of steps) {
                // this was advice that we used to give in the README
                // we actually want to run the analysis on the merge commit
                // to produce results that are more inline with expectations
                // (i.e: this is what will happen if you merge this PR)
                // and avoid some race conditions
                if ((step === null || step === void 0 ? void 0 : step.run) === "git checkout HEAD^2") {
                    errors.push(exports.WorkflowErrors.CheckoutWrongHead);
                    break;
                }
            }
        }
    }
    let missingPush = false;
    if (doc.on === undefined) {
        // this is not a valid config
    }
    else if (typeof doc.on === "string") {
        if (doc.on === "pull_request") {
            missingPush = true;
        }
    }
    else if (Array.isArray(doc.on)) {
        const hasPush = doc.on.includes("push");
        const hasPullRequest = doc.on.includes("pull_request");
        if (hasPullRequest && !hasPush) {
            missingPush = true;
        }
    }
    else if (isObject(doc.on)) {
        const hasPush = Object.prototype.hasOwnProperty.call(doc.on, "push");
        const hasPullRequest = Object.prototype.hasOwnProperty.call(doc.on, "pull_request");
        if (!hasPush && hasPullRequest) {
            missingPush = true;
        }
        if (hasPush && hasPullRequest) {
            const paths = (_b = doc.on.push) === null || _b === void 0 ? void 0 : _b.paths;
            // if you specify paths or paths-ignore you can end up with commits that have no baseline
            // if they didn't change any files
            // currently we cannot go back through the history and find the most recent baseline
            if (Array.isArray(paths) && paths.length > 0) {
                errors.push(exports.WorkflowErrors.PathsSpecified);
            }
            const pathsIgnore = (_c = doc.on.push) === null || _c === void 0 ? void 0 : _c["paths-ignore"];
            if (Array.isArray(pathsIgnore) && pathsIgnore.length > 0) {
                errors.push(exports.WorkflowErrors.PathsIgnoreSpecified);
            }
        }
        // if doc.on.pull_request is null that means 'all branches'
        // if doc.on.pull_request is undefined that means 'off'
        // we only want to check for mismatched branches if pull_request is on.
        if (doc.on.pull_request !== undefined) {
            const push = branchesToArray((_d = doc.on.push) === null || _d === void 0 ? void 0 : _d.branches);
            if (push !== "**") {
                const pull_request = branchesToArray((_e = doc.on.pull_request) === null || _e === void 0 ? void 0 : _e.branches);
                if (pull_request !== "**") {
                    const difference = pull_request.filter((value) => !push.some((o) => patternIsSuperset(o, value)));
                    if (difference.length > 0) {
                        // there are branches in pull_request that may not have a baseline
                        // because we are not building them on push
                        errors.push(exports.WorkflowErrors.MismatchedBranches);
                    }
                }
                else if (push.length > 0) {
                    // push is set up to run on a subset of branches
                    // and you could open a PR against a branch with no baseline
                    errors.push(exports.WorkflowErrors.MismatchedBranches);
                }
            }
        }
    }
    if (missingPush) {
        errors.push(exports.WorkflowErrors.MissingPushHook);
    }
    return errors;
 }
 exports.getWorkflowErrors = getWorkflowErrors;
 async function validateWorkflow() {
    let workflow;
    try {
        workflow = await getWorkflow();
    }
    catch (e) {
        return `error: getWorkflow() failed: ${String(e)}`;
    }
    let workflowErrors;
    try {
        workflowErrors = getWorkflowErrors(workflow);
    }
    catch (e) {
        return `error: getWorkflowErrors() failed: ${String(e)}`;
    }
    if (workflowErrors.length > 0) {
        let message;
        try {
            message = formatWorkflowErrors(workflowErrors);
        }
        catch (e) {
            return `error: formatWorkflowErrors() failed: ${String(e)}`;
        }
        core.warning(message);
    }
    return formatWorkflowCause(workflowErrors);
 }
 exports.validateWorkflow = validateWorkflow;
 function formatWorkflowErrors(errors) {
    const issuesWere = errors.length === 1 ? "issue was" : "issues were";
    const errorsList = errors.map((e) => e.message).join(" ");
    return `${errors.length} ${issuesWere} detected with this workflow: ${errorsList}`;
 }
 exports.formatWorkflowErrors = formatWorkflowErrors;
 function formatWorkflowCause(errors) {
    if (errors.length === 0) {
        return undefined;
    }
    return errors.map((e) => e.code).join(",");
 }
 exports.formatWorkflowCause = formatWorkflowCause;
 async function getWorkflow() {
    const relativePath = await getWorkflowPath();
    const absolutePath = path.join((0, util_1.getRequiredEnvParam)("GITHUB_WORKSPACE"), relativePath);
    return yaml.load(fs.readFileSync(absolutePath, "utf-8"));
 }
 exports.getWorkflow = getWorkflow;
 /**
 * Get the path of the currently executing workflow.
 */
 async function getWorkflowPath() {
    const repo_nwo = (0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY").split("/");
    const owner = repo_nwo[0];
    const repo = repo_nwo[1];
    const run_id = Number((0, util_1.getRequiredEnvParam)("GITHUB_RUN_ID"));
    const apiClient = api.getActionsApiClient();
    const runsResponse = await apiClient.request("GET /repos/:owner/:repo/actions/runs/:run_id?exclude_pull_requests=true", {
        owner,
        repo,
        run_id,
    });
    const workflowUrl = runsResponse.data.workflow_url;
    const workflowResponse = await apiClient.request(`GET ${workflowUrl}`);
    return workflowResponse.data.path;
 }
 /**
 * Get the workflow run ID.
 */
 function getWorkflowRunID() {
    const workflowRunID = parseInt((0, util_1.getRequiredEnvParam)("GITHUB_RUN_ID"), 10);
    if (Number.isNaN(workflowRunID)) {
        throw new Error("GITHUB_RUN_ID must define a non NaN workflow run ID");
    }
    return workflowRunID;
 }
 exports.getWorkflowRunID = getWorkflowRunID;
 /**
 * Get the analysis key parameter for the current job.
 *
@@ -163,7 +383,7 @@ async function getAnalysisKey() {
    if (analysisKey !== undefined) {
        return analysisKey;
    }
-    const workflowPath = await (0, workflow_1.getWorkflowPath)();
+    const workflowPath = await getWorkflowPath();
    const jobName = (0, util_1.getRequiredEnvParam)("GITHUB_JOB");
    analysisKey = `${workflowPath}:${jobName}`;
    core.exportVariable(analysisKeyEnvVar, analysisKey);
@@ -178,10 +398,10 @@ async function getAutomationID() {
 exports.getAutomationID = getAutomationID;
 function computeAutomationID(analysis_key, environment) {
    let automationID = `${analysis_key}/`;
-    const matrix = (0, util_1.parseMatrixInput)(environment);
+    // the id has to be deterministic so we sort the fields
-    if (matrix !== undefined) {
+    if (environment !== undefined && environment !== "null") {
-        // the id has to be deterministic so we sort the fields
+        const environmentObject = JSON.parse(environment);
-        for (const entry of Object.entries(matrix).sort()) {
+        for (const entry of Object.entries(environmentObject).sort()) {
            if (typeof entry[1] === "string") {
                automationID += `${entry[0]}:${entry[1]}/`;
            }
@@ -212,7 +432,7 @@ async function getRef() {
    if ((hasRefInput || hasShaInput) && !(hasRefInput && hasShaInput)) {
        throw new Error("Both 'ref' and 'sha' are required if one of them is provided.");
    }
-    const ref = refInput || getRefFromEnv();
+    const ref = refInput || (0, util_1.getRequiredEnvParam)("GITHUB_REF");
    const sha = shaInput || (0, util_1.getRequiredEnvParam)("GITHUB_SHA");
    // If the ref is a user-provided input, we have to skip logic
    // and assume that it is really where they want to upload the results.
@@ -232,7 +452,7 @@ async function getRef() {
    // in actions/checkout@v1 this may not be true as it checks out the repository
    // using GITHUB_REF. There is a subtle race condition where
    // git rev-parse GITHUB_REF != GITHUB_SHA, so we must check
-    // git rev-parse GITHUB_REF == git rev-parse HEAD instead.
+    // git git-parse GITHUB_REF == git rev-parse HEAD instead.
    const hasChangedRef = sha !== head &&
        (await (0, exports.getCommitOid)(checkoutPath, ref.replace(/^refs\/pull\//, "refs/remotes/pull/"))) !== head;
    if (hasChangedRef) {
@@ -245,26 +465,6 @@ async function getRef() {
    }
 }
 exports.getRef = getRef;
 function getRefFromEnv() {
    // To workaround a limitation of Actions dynamic workflows not setting
    // the GITHUB_REF in some cases, we accept also the ref within the
    // CODE_SCANNING_REF variable. When possible, however, we prefer to use
    // the GITHUB_REF as that is a protected variable and cannot be overwritten.
    let refEnv;
    try {
        refEnv = (0, util_1.getRequiredEnvParam)("GITHUB_REF");
    }
    catch (e) {
        // If the GITHUB_REF is not set, we try to rescue by getting the
        // CODE_SCANNING_REF.
        const maybeRef = process.env["CODE_SCANNING_REF"];
        if (maybeRef === undefined || maybeRef.length === 0) {
            throw e;
        }
        refEnv = maybeRef;
    }
    return refEnv;
 }
 function getActionsStatus(error, otherFailureCause) {
    if (error || otherFailureCause) {
        return error instanceof util_1.UserError ? "user-error" : "failure";
@@ -274,10 +474,6 @@ function getActionsStatus(error, otherFailureCause) {
    }
 }
 exports.getActionsStatus = getActionsStatus;
 function getActionVersion() {
    return pkg.version;
 }
 exports.getActionVersion = getActionVersion;
 /**
 * Compose a StatusReport.
 *
@@ -305,13 +501,11 @@ async function createStatusReportBase(actionName, status, actionStartedAt, cause
    }
    const runnerOs = (0, util_1.getRequiredEnvParam)("RUNNER_OS");
    const codeQlCliVersion = (0, util_1.getCachedCodeQlVersion)();
-    const actionRef = process.env["GITHUB_ACTION_REF"];
+    // If running locally then the GITHUB_ACTION_REF cannot be trusted as it may be for the previous action
-    const testingEnvironment = process.env[sharedEnv.CODEQL_ACTION_TESTING_ENVIRONMENT] || "";
+    // See https://github.com/actions/runner/issues/803
-    // re-export the testing environment variable so that it is available to subsequent steps,
+    const actionRef = isRunningLocalAction()
-    // even if it was only set for this step
+        ? undefined
-    if (testingEnvironment !== "") {
+        : process.env["GITHUB_ACTION_REF"];
        core.exportVariable(sharedEnv.CODEQL_ACTION_TESTING_ENVIRONMENT, testingEnvironment);
    }
    const statusReport = {
        workflow_run_id: workflowRunID,
        workflow_name: workflowName,
@@ -325,9 +519,8 @@ async function createStatusReportBase(actionName, status, actionStartedAt, cause
        started_at: workflowStartedAt,
        action_started_at: actionStartedAt.toISOString(),
        status,
        testing_environment: testingEnvironment,
        runner_os: runnerOs,
-        action_version: getActionVersion(),
+        action_version: pkg.version,
    };
    // Add optional parameters
    if (cause) {
@@ -374,6 +567,13 @@ const INCOMPATIBLE_MSG = "CodeQL Action version is incompatible with the code sc
 * Returns whether sending the status report was successful of not.
 */
 async function sendStatusReport(statusReport) {
    const gitHubVersion = await api.getGitHubVersionActionsOnly();
    if ((0, util_1.isGitHubGhesVersionBelow)(gitHubVersion, "3.2.0")) {
        // GHES 3.1 and earlier versions reject unexpected properties, which means
        // that they will reject status reports with newly added properties.
        // Inhibiting status reporting for GHES < 3.2 avoids such failures.
        return true;
    }
    const statusReportJSON = JSON.stringify(statusReport);
    core.debug(`Sending status report: ${statusReportJSON}`);
    // If in test mode we don't want to upload the results
@@ -383,7 +583,7 @@ async function sendStatusReport(statusReport) {
    }
    const nwo = (0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY");
    const [owner, repo] = nwo.split("/");
-    const client = api.getApiClient();
+    const client = api.getActionsApiClient();
    try {
        await client.request("PUT /repos/:owner/:repo/code-scanning/analysis/status", {
            owner,
@@ -430,21 +630,9 @@ async function sendStatusReport(statusReport) {
    }
 }
 exports.sendStatusReport = sendStatusReport;
 function workflowEventName() {
    // If the original event is dynamic CODESCANNING_EVENT_NAME will contain the right info (push/pull_request)
    if (process.env["GITHUB_EVENT_NAME"] === "dynamic") {
        const value = process.env["CODESCANNING_EVENT_NAME"];
        if (value === undefined || value.length === 0) {
            return process.env["GITHUB_EVENT_NAME"];
        }
        return value;
    }
    return process.env["GITHUB_EVENT_NAME"];
 }
 exports.workflowEventName = workflowEventName;
 // Was the workflow run triggered by a `push` event, for example as opposed to a `pull_request` event.
 function workflowIsTriggeredByPushEvent() {
-    return workflowEventName() === "push";
+    return process.env["GITHUB_EVENT_NAME"] === "push";
 }
 // Is dependabot the actor that triggered the current workflow run.
 function isDependabotActor() {
@@ -475,50 +663,22 @@ function getWorkflowEvent() {
        throw new Error(`Unable to read workflow event JSON from ${eventJsonFile}: ${e}`);
    }
 }
 function removeRefsHeadsPrefix(ref) {
    return ref.startsWith("refs/heads/") ? ref.slice("refs/heads/".length) : ref;
 }
 // Is the version of the repository we are currently analyzing from the default branch,
 // or alternatively from another branch or a pull request.
 async function isAnalyzingDefaultBranch() {
    var _a;
    // Get the current ref and trim and refs/heads/ prefix
    let currentRef = await getRef();
-    currentRef = removeRefsHeadsPrefix(currentRef);
+    currentRef = currentRef.startsWith("refs/heads/")
        ? currentRef.slice("refs/heads/".length)
        : currentRef;
    const event = getWorkflowEvent();
-    let defaultBranch = event?.repository?.default_branch;
+    const defaultBranch = (_a = event === null || event === void 0 ? void 0 : event.repository) === null || _a === void 0 ? void 0 : _a.default_branch;
    if (process.env.GITHUB_EVENT_NAME === "schedule") {
        defaultBranch = removeRefsHeadsPrefix((0, util_1.getRequiredEnvParam)("GITHUB_REF"));
    }
    return currentRef === defaultBranch;
 }
 exports.isAnalyzingDefaultBranch = isAnalyzingDefaultBranch;
-async function printDebugLogs(config) {
+function sanitizeArifactName(name) {
-    for (const language of config.languages) {
+    return name.replace(/[^a-zA-Z0-9_\\-]+/g, "");
        const databaseDirectory = (0, util_1.getCodeQLDatabasePath)(config, language);
        const logsDirectory = path.join(databaseDirectory, "log");
        if (!(0, util_1.doesDirectoryExist)(logsDirectory)) {
            core.info(`Directory ${logsDirectory} does not exist.`);
            continue; // Skip this language database.
        }
        const walkLogFiles = (dir) => {
            const entries = fs.readdirSync(dir, { withFileTypes: true });
            if (entries.length === 0) {
                core.info(`No debug logs found at directory ${logsDirectory}.`);
            }
            for (const entry of entries) {
                if (entry.isFile()) {
                    const absolutePath = path.resolve(dir, entry.name);
                    core.startGroup(`CodeQL Debug Logs - ${language} - ${entry.name} from file at path ${absolutePath}`);
                    process.stdout.write(fs.readFileSync(absolutePath));
                    core.endGroup();
                }
                else if (entry.isDirectory()) {
                    walkLogFiles(path.resolve(dir, entry.name));
                }
            }
        };
        walkLogFiles(logsDirectory);
    }
 }
-exports.printDebugLogs = printDebugLogs;
+exports.sanitizeArifactName = sanitizeArifactName;
 //# sourceMappingURL=actions-util.js.map
--- a/lib/actions-util.js.map
+++ b/lib/actions-util.js.map
--- a/lib/actions-util.test.js
+++ b/lib/actions-util.test.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -29,10 +25,14 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const ava_1 = __importDefault(require("ava"));
 const yaml = __importStar(require("js-yaml"));
 const sinon = __importStar(require("sinon"));
 const actionsutil = __importStar(require("./actions-util"));
 const testing_utils_1 = require("./testing-utils");
 const util_1 = require("./util");
 function errorCodes(actual, expected) {
    return [actual.map(({ code }) => code), expected.map(({ code }) => code)];
 }
 (0, testing_utils_1.setupTests)(ava_1.default);
 (0, ava_1.default)("getRef() throws on the empty string", async (t) => {
    process.env["GITHUB_REF"] = "";
@@ -98,30 +98,6 @@ const util_1 = require("./util");
        getAdditionalInputStub.restore();
    });
 });
 (0, ava_1.default)("getRef() returns CODE_SCANNING_REF as a fallback for GITHUB_REF", async (t) => {
    await (0, util_1.withTmpDir)(async (tmpDir) => {
        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
        const expectedRef = "refs/pull/1/HEAD";
        const currentSha = "a".repeat(40);
        process.env["CODE_SCANNING_REF"] = expectedRef;
        process.env["GITHUB_REF"] = "";
        process.env["GITHUB_SHA"] = currentSha;
        const actualRef = await actionsutil.getRef();
        t.deepEqual(actualRef, expectedRef);
    });
 });
 (0, ava_1.default)("getRef() returns GITHUB_REF over CODE_SCANNING_REF if both are provided", async (t) => {
    await (0, util_1.withTmpDir)(async (tmpDir) => {
        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
        const expectedRef = "refs/pull/1/merge";
        const currentSha = "a".repeat(40);
        process.env["CODE_SCANNING_REF"] = "refs/pull/1/HEAD";
        process.env["GITHUB_REF"] = expectedRef;
        process.env["GITHUB_SHA"] = currentSha;
        const actualRef = await actionsutil.getRef();
        t.deepEqual(actualRef, expectedRef);
    });
 });
 (0, ava_1.default)("getRef() throws an error if only `ref` is provided as an input", async (t) => {
    await (0, util_1.withTmpDir)(async (tmpDir) => {
        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
@@ -167,9 +143,340 @@ const util_1 = require("./util");
    actualAutomationID = actionsutil.computeAutomationID(".github/workflows/codeql-analysis.yml:analyze", undefined);
    t.deepEqual(actualAutomationID, ".github/workflows/codeql-analysis.yml:analyze/");
 });
 (0, ava_1.default)("getWorkflowErrors() when on is empty", (t) => {
    const errors = actionsutil.getWorkflowErrors({ on: {} });
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push is an array missing pull_request", (t) => {
    const errors = actionsutil.getWorkflowErrors({ on: ["push"] });
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push is an array missing push", (t) => {
    const errors = actionsutil.getWorkflowErrors({ on: ["pull_request"] });
    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MissingPushHook]));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push is valid", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: ["push", "pull_request"],
    });
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push is a valid superset", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: ["push", "pull_request", "schedule"],
    });
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push should not have a path", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: {
            push: { branches: ["main"], paths: ["test/*"] },
            pull_request: { branches: ["main"] },
        },
    });
    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.PathsSpecified]));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push is a correct object", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: { push: { branches: ["main"] }, pull_request: { branches: ["main"] } },
    });
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.pull_requests is a string", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: { push: { branches: ["main"] }, pull_request: { branches: "*" } },
    });
    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MismatchedBranches]));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.pull_requests is a string and correct", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: { push: { branches: "*" }, pull_request: { branches: "*" } },
    });
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push is correct with empty objects", (t) => {
    const errors = actionsutil.getWorkflowErrors(yaml.load(`
 on:
  push:
  pull_request:
 `));
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push is mismatched", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: {
            push: { branches: ["main"] },
            pull_request: { branches: ["feature"] },
        },
    });
    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MismatchedBranches]));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push is not mismatched", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: {
            push: { branches: ["main", "feature"] },
            pull_request: { branches: ["main"] },
        },
    });
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push is mismatched for pull_request", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: {
            push: { branches: ["main"] },
            pull_request: { branches: ["main", "feature"] },
        },
    });
    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MismatchedBranches]));
 });
 (0, ava_1.default)("getWorkflowErrors() for a range of malformed workflows", (t) => {
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: {
            push: 1,
            pull_request: 1,
        },
    }), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: 1,
    }), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: 1,
        jobs: 1,
    }), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: 1,
        jobs: [1],
    }), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: 1,
        jobs: { 1: 1 },
    }), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: 1,
        jobs: { test: 1 },
    }), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: 1,
        jobs: { test: [1] },
    }), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: 1,
        jobs: { test: { steps: 1 } },
    }), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: 1,
        jobs: { test: { steps: [{ notrun: "git checkout HEAD^2" }] } },
    }), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: 1,
        jobs: { test: [undefined] },
    }), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(1), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
        on: {
            push: {
                branches: 1,
            },
            pull_request: {
                branches: 1,
            },
        },
    }), []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.pull_request for every branch but push specifies branches", (t) => {
    const errors = actionsutil.getWorkflowErrors(yaml.load(`
 name: "CodeQL"
 on:
  push:
    branches: ["main"]
  pull_request:
 `));
    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MismatchedBranches]));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.pull_request for wildcard branches", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: {
            push: { branches: ["feature/*"] },
            pull_request: { branches: "feature/moose" },
        },
    });
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.pull_request for mismatched wildcard branches", (t) => {
    const errors = actionsutil.getWorkflowErrors({
        on: {
            push: { branches: ["feature/moose"] },
            pull_request: { branches: "feature/*" },
        },
    });
    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MismatchedBranches]));
 });
 (0, ava_1.default)("getWorkflowErrors() when HEAD^2 is checked out", (t) => {
    process.env.GITHUB_JOB = "test";
    const errors = actionsutil.getWorkflowErrors({
        on: ["push", "pull_request"],
        jobs: { test: { steps: [{ run: "git checkout HEAD^2" }] } },
    });
    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.CheckoutWrongHead]));
 });
 (0, ava_1.default)("formatWorkflowErrors() when there is one error", (t) => {
    const message = actionsutil.formatWorkflowErrors([
        actionsutil.WorkflowErrors.CheckoutWrongHead,
    ]);
    t.true(message.startsWith("1 issue was detected with this workflow:"));
 });
 (0, ava_1.default)("formatWorkflowErrors() when there are multiple errors", (t) => {
    const message = actionsutil.formatWorkflowErrors([
        actionsutil.WorkflowErrors.CheckoutWrongHead,
        actionsutil.WorkflowErrors.PathsSpecified,
    ]);
    t.true(message.startsWith("2 issues were detected with this workflow:"));
 });
 (0, ava_1.default)("formatWorkflowCause() with no errors", (t) => {
    const message = actionsutil.formatWorkflowCause([]);
    t.deepEqual(message, undefined);
 });
 (0, ava_1.default)("formatWorkflowCause()", (t) => {
    const message = actionsutil.formatWorkflowCause([
        actionsutil.WorkflowErrors.CheckoutWrongHead,
        actionsutil.WorkflowErrors.PathsSpecified,
    ]);
    t.deepEqual(message, "CheckoutWrongHead,PathsSpecified");
    t.deepEqual(actionsutil.formatWorkflowCause([]), undefined);
 });
 (0, ava_1.default)("patternIsSuperset()", (t) => {
    t.false(actionsutil.patternIsSuperset("main-*", "main"));
    t.true(actionsutil.patternIsSuperset("*", "*"));
    t.true(actionsutil.patternIsSuperset("*", "main-*"));
    t.false(actionsutil.patternIsSuperset("main-*", "*"));
    t.false(actionsutil.patternIsSuperset("main-*", "main"));
    t.true(actionsutil.patternIsSuperset("main", "main"));
    t.false(actionsutil.patternIsSuperset("*", "feature/*"));
    t.true(actionsutil.patternIsSuperset("**", "feature/*"));
    t.false(actionsutil.patternIsSuperset("feature-*", "**"));
    t.false(actionsutil.patternIsSuperset("a/**/c", "a/**/d"));
    t.false(actionsutil.patternIsSuperset("a/**/c", "a/**"));
    t.true(actionsutil.patternIsSuperset("a/**", "a/**/c"));
    t.true(actionsutil.patternIsSuperset("a/**/c", "a/main-**/c"));
    t.false(actionsutil.patternIsSuperset("a/**/b/**/c", "a/**/d/**/c"));
    t.true(actionsutil.patternIsSuperset("a/**/b/**/c", "a/**/b/c/**/c"));
    t.true(actionsutil.patternIsSuperset("a/**/b/**/c", "a/**/b/d/**/c"));
    t.false(actionsutil.patternIsSuperset("a/**/c/d/**/c", "a/**/b/**/c"));
    t.false(actionsutil.patternIsSuperset("a/main-**/c", "a/**/c"));
    t.true(actionsutil.patternIsSuperset("/robin/*/release/*", "/robin/moose/release/goose"));
    t.false(actionsutil.patternIsSuperset("/robin/moose/release/goose", "/robin/*/release/*"));
 });
 (0, ava_1.default)("getWorkflowErrors() when branches contain dots", (t) => {
    const errors = actionsutil.getWorkflowErrors(yaml.load(`
  on:
    push:
      branches: [4.1, master]
    pull_request:
      # The branches below must be a subset of the branches above
      branches: [4.1, master]
 `));
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on.push has a trailing comma", (t) => {
    const errors = actionsutil.getWorkflowErrors(yaml.load(`
 name: "CodeQL"
 on:
  push:
    branches: [master, ]
  pull_request:
    # The branches below must be a subset of the branches above
    branches: [master]
 `));
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() should only report the current job's CheckoutWrongHead", (t) => {
    process.env.GITHUB_JOB = "test";
    const errors = actionsutil.getWorkflowErrors(yaml.load(`
 name: "CodeQL"
 on:
  push:
    branches: [master]
  pull_request:
    # The branches below must be a subset of the branches above
    branches: [master]
 jobs:
  test:
    steps:
      - run: "git checkout HEAD^2"
  test2:
    steps:
      - run: "git checkout HEAD^2"
  test3:
    steps: []
 `));
    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.CheckoutWrongHead]));
 });
 (0, ava_1.default)("getWorkflowErrors() should not report a different job's CheckoutWrongHead", (t) => {
    process.env.GITHUB_JOB = "test3";
    const errors = actionsutil.getWorkflowErrors(yaml.load(`
 name: "CodeQL"
 on:
  push:
    branches: [master]
  pull_request:
    # The branches below must be a subset of the branches above
    branches: [master]
 jobs:
  test:
    steps:
      - run: "git checkout HEAD^2"
  test2:
    steps:
      - run: "git checkout HEAD^2"
  test3:
    steps: []
 `));
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() when on is missing", (t) => {
    const errors = actionsutil.getWorkflowErrors(yaml.load(`
 name: "CodeQL"
 `));
    t.deepEqual(...errorCodes(errors, []));
 });
 (0, ava_1.default)("getWorkflowErrors() with a different on setup", (t) => {
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(yaml.load(`
 name: "CodeQL"
 on: "workflow_dispatch"
 `)), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(yaml.load(`
 name: "CodeQL"
 on: [workflow_dispatch]
 `)), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(yaml.load(`
 name: "CodeQL"
 on:
  workflow_dispatch: {}
 `)), []));
 });
 (0, ava_1.default)("getWorkflowErrors() should not report an error if PRs are totally unconfigured", (t) => {
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(yaml.load(`
 name: "CodeQL"
 on:
  push:
    branches: [master]
 `)), []));
    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(yaml.load(`
 name: "CodeQL"
 on: ["push"]
 `)), []));
 });
 (0, ava_1.default)("initializeEnvironment", (t) => {
-    (0, util_1.initializeEnvironment)("1.2.3");
+    (0, util_1.initializeEnvironment)(util_1.Mode.actions, "1.2.3");
    t.deepEqual((0, util_1.getMode)(), util_1.Mode.actions);
    t.deepEqual(process.env.CODEQL_ACTION_VERSION, "1.2.3");
    (0, util_1.initializeEnvironment)(util_1.Mode.runner, "4.5.6");
    t.deepEqual((0, util_1.getMode)(), util_1.Mode.runner);
    t.deepEqual(process.env.CODEQL_ACTION_VERSION, "4.5.6");
 });
 (0, ava_1.default)("isAnalyzingDefaultBranch()", async (t) => {
    await (0, util_1.withTmpDir)(async (tmpDir) => {
@@ -188,31 +495,12 @@ const util_1 = require("./util");
        t.deepEqual(await actionsutil.isAnalyzingDefaultBranch(), true);
        process.env["GITHUB_REF"] = "feature";
        t.deepEqual(await actionsutil.isAnalyzingDefaultBranch(), false);
        fs.writeFileSync(envFile, JSON.stringify({
            schedule: "0 0 * * *",
        }));
        process.env["GITHUB_EVENT_NAME"] = "schedule";
        process.env["GITHUB_REF"] = "refs/heads/main";
        t.deepEqual(await actionsutil.isAnalyzingDefaultBranch(), true);
        const getAdditionalInputStub = sinon.stub(actionsutil, "getOptionalInput");
        getAdditionalInputStub
            .withArgs("ref")
            .resolves("refs/heads/something-else");
        getAdditionalInputStub
            .withArgs("sha")
            .resolves("0000000000000000000000000000000000000000");
        process.env["GITHUB_EVENT_NAME"] = "schedule";
        process.env["GITHUB_REF"] = "refs/heads/main";
        t.deepEqual(await actionsutil.isAnalyzingDefaultBranch(), false);
        getAdditionalInputStub.restore();
    });
 });
-(0, ava_1.default)("workflowEventName()", async (t) => {
+(0, ava_1.default)("sanitizeArifactName", (t) => {
-    process.env["GITHUB_EVENT_NAME"] = "push";
+    t.deepEqual(actionsutil.sanitizeArifactName("hello-world_"), "hello-world_");
-    t.deepEqual(actionsutil.workflowEventName(), "push");
+    t.deepEqual(actionsutil.sanitizeArifactName("hello`world`"), "helloworld");
-    process.env["GITHUB_EVENT_NAME"] = "dynamic";
+    t.deepEqual(actionsutil.sanitizeArifactName("hello===123"), "hello123");
-    t.deepEqual(actionsutil.workflowEventName(), "dynamic");
+    t.deepEqual(actionsutil.sanitizeArifactName("*m)a&n^y%i££n+v!a:l[i]d"), "manyinvalid");
    process.env["CODESCANNING_EVENT_NAME"] = "push";
    t.deepEqual(actionsutil.workflowEventName(), "push");
 });
 //# sourceMappingURL=actions-util.test.js.map
--- a/lib/actions-util.test.js.map
+++ b/lib/actions-util.test.js.map
--- a/lib/analysis-paths.js
+++ b/lib/analysis-paths.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
--- a/lib/analysis-paths.js.map
+++ b/lib/analysis-paths.js.map
@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,CACL,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,MAAM,CAC1E,CAAC;AACJ,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,qEAAqE;IACrE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,mGAAmG,CACpG,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IACE,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC;QACvC,CAAC,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,EACvC;QACA,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AAjCD,wEAiCC"}
+{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,CACL,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,MAAM,CAC1E,CAAC;AACJ,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,qEAAqE;IACrE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,mGAAmG,CACpG,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IACE,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC;QACvC,CAAC,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,EACvC;QACA,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AAjCD,wEAiCC"}
--- a/lib/analysis-paths.test.js
+++ b/lib/analysis-paths.test.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -48,13 +44,7 @@ const util = __importStar(require("./util"));
            debugMode: false,
            debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
            debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
-            augmentationProperties: {
+            injectedMlQueries: false,
                injectedMlQueries: false,
                packsInputCombines: false,
                queriesInputCombines: false,
            },
            trapCaches: {},
            trapCacheDownloadTime: 0,
        };
        analysisPaths.includeAndExcludeAnalysisPaths(config);
        t.is(process.env["LGTM_INDEX_INCLUDE"], undefined);
@@ -78,13 +68,7 @@ const util = __importStar(require("./util"));
            debugMode: false,
            debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
            debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
-            augmentationProperties: {
+            injectedMlQueries: false,
                injectedMlQueries: false,
                packsInputCombines: false,
                queriesInputCombines: false,
            },
            trapCaches: {},
            trapCacheDownloadTime: 0,
        };
        analysisPaths.includeAndExcludeAnalysisPaths(config);
        t.is(process.env["LGTM_INDEX_INCLUDE"], "path1\npath2");
@@ -108,13 +92,7 @@ const util = __importStar(require("./util"));
        debugMode: false,
        debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
        debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
-        augmentationProperties: {
+        injectedMlQueries: false,
            injectedMlQueries: false,
            packsInputCombines: false,
            queriesInputCombines: false,
        },
        trapCaches: {},
        trapCacheDownloadTime: 0,
    };
    analysisPaths.includeAndExcludeAnalysisPaths(config);
    t.is(process.env["LGTM_INDEX_INCLUDE"], undefined);
--- a/lib/analysis-paths.test.js.map
+++ b/lib/analysis-paths.test.js.map
@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;YACD,UAAU,EAAE,EAAE;YACd,qBAAqB,EAAE,CAAC;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;YACD,UAAU,EAAE,EAAE;YACd,qBAAqB,EAAE,CAAC;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;QACX,WAAW,EAAE,EAAE;QACf,KAAK,EAAE,EAAE;QACT,iBAAiB,EAAE,EAAE;QACrB,OAAO;QACP,SAAS,EAAE,EAAE;QACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;QACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC;QACrD,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,KAAK;QAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,sBAAsB,EAAE;YACtB,iBAAiB,EAAE,KAAK;YACxB,kBAAkB,EAAE,KAAK;YACzB,oBAAoB,EAAE,KAAK;SAC5B;QACD,UAAU,EAAE,EAAE;QACd,qBAAqB,EAAE,CAAC;KACzB,CAAC;IACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;IACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;IAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,KAAK;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,KAAK;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;QACX,WAAW,EAAE,EAAE;QACf,KAAK,EAAE,EAAE;QACT,iBAAiB,EAAE,EAAE;QACrB,OAAO;QACP,SAAS,EAAE,EAAE;QACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;QACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC;QACrD,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,KAAK;QAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,iBAAiB,EAAE,KAAK;KACzB,CAAC;IACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;IACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;IAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC,CAAC,CAAC"}
--- a/lib/analyze-action-env.test.js
+++ b/lib/analyze-action-env.test.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -44,12 +40,10 @@ const util = __importStar(require("./util"));
    await util.withTmpDir(async (tmpDir) => {
        process.env["GITHUB_SERVER_URL"] = util.GITHUB_DOTCOM_URL;
        process.env["GITHUB_REPOSITORY"] = "github/codeql-action-fake-repository";
        process.env["GITHUB_API_URL"] = "https://api.github.com";
        sinon
            .stub(actionsUtil, "createStatusReportBase")
            .resolves({});
        sinon.stub(actionsUtil, "sendStatusReport").resolves(true);
        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
        const gitHubVersion = {
            type: util.GitHubVariant.DOTCOM,
        };
@@ -57,14 +51,12 @@ const util = __importStar(require("./util"));
            gitHubVersion,
            languages: [],
            packs: [],
            trapCaches: {},
        });
        const requiredInputStub = sinon.stub(actionsUtil, "getRequiredInput");
        requiredInputStub.withArgs("token").returns("fake-token");
        requiredInputStub.withArgs("upload-database").returns("false");
        const optionalInputStub = sinon.stub(actionsUtil, "getOptionalInput");
        optionalInputStub.withArgs("cleanup-level").returns("none");
        optionalInputStub.withArgs("expect-error").returns("false");
        sinon.stub(util, "getGitHubVersion").resolves(gitHubVersion);
        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
        (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, {});
--- a/lib/analyze-action-env.test.js.map
+++ b/lib/analyze-action-env.test.js.map
@@ -1 +1 @@
-{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEnE,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;SACuB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
--- a/lib/analyze-action-input.test.js
+++ b/lib/analyze-action-input.test.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -44,7 +40,6 @@ const util = __importStar(require("./util"));
    await util.withTmpDir(async (tmpDir) => {
        process.env["GITHUB_SERVER_URL"] = util.GITHUB_DOTCOM_URL;
        process.env["GITHUB_REPOSITORY"] = "github/codeql-action-fake-repository";
        process.env["GITHUB_API_URL"] = "https://api.github.com";
        sinon
            .stub(actionsUtil, "createStatusReportBase")
            .resolves({});
@@ -56,16 +51,13 @@ const util = __importStar(require("./util"));
            gitHubVersion,
            languages: [],
            packs: [],
            trapCaches: {},
        });
        const requiredInputStub = sinon.stub(actionsUtil, "getRequiredInput");
        requiredInputStub.withArgs("token").returns("fake-token");
        requiredInputStub.withArgs("upload-database").returns("false");
        const optionalInputStub = sinon.stub(actionsUtil, "getOptionalInput");
        optionalInputStub.withArgs("cleanup-level").returns("none");
        optionalInputStub.withArgs("expect-error").returns("false");
        sinon.stub(util, "getGitHubVersion").resolves(gitHubVersion);
        sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
        (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, {});
        process.env["CODEQL_THREADS"] = "1";
--- a/lib/analyze-action-input.test.js.map
+++ b/lib/analyze-action-input.test.js.map
@@ -1 +1 @@
-{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnE,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;SACuB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
--- a/lib/analyze-action-post-helper.js
+++ b/lib/analyze-action-post-helper.js
@@ -1,45 +0,0 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    var desc = Object.getOwnPropertyDescriptor(m, k);
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
 }));
 var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
    Object.defineProperty(o, "default", { enumerable: true, value: v });
 }) : function(o, v) {
    o["default"] = v;
 });
 var __importStar = (this && this.__importStar) || function (mod) {
    if (mod && mod.__esModule) return mod;
    var result = {};
    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
    __setModuleDefault(result, mod);
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.run = void 0;
 const core = __importStar(require("@actions/core"));
 const actionsUtil = __importStar(require("./actions-util"));
 const config_utils_1 = require("./config-utils");
 const logging_1 = require("./logging");
 async function run(uploadSarifDebugArtifact) {
    const logger = (0, logging_1.getActionsLogger)();
    const config = await (0, config_utils_1.getConfig)(actionsUtil.getTemporaryDirectory(), logger);
    if (config === undefined) {
        throw new Error("Config file could not be found at expected location. Did the 'init' action fail to start?");
    }
    // Upload Actions SARIF artifacts for debugging
    if (config?.debugMode) {
        core.info("Debug mode is on. Uploading available SARIF files as Actions debugging artifact...");
        const outputDir = actionsUtil.getRequiredInput("output");
        await uploadSarifDebugArtifact(config, outputDir);
    }
 }
 exports.run = run;
 //# sourceMappingURL=analyze-action-post-helper.js.map
--- a/lib/analyze-action-post-helper.js.map
+++ b/lib/analyze-action-post-helper.js.map
@@ -1 +0,0 @@
 {"version":3,"file":"analyze-action-post-helper.js","sourceRoot":"","sources":["../src/analyze-action-post-helper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,iDAA2C;AAC3C,uCAA6C;AAEtC,KAAK,UAAU,GAAG,CAAC,wBAAkC;IAC1D,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAElC,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAS,EAAC,WAAW,CAAC,qBAAqB,EAAE,EAAE,MAAM,CAAC,CAAC;IAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;QACxB,MAAM,IAAI,KAAK,CACb,2FAA2F,CAC5F,CAAC;KACH;IAED,+CAA+C;IAC/C,IAAI,MAAM,EAAE,SAAS,EAAE;QACrB,IAAI,CAAC,IAAI,CACP,oFAAoF,CACrF,CAAC;QACF,MAAM,SAAS,GAAG,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QACzD,MAAM,wBAAwB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;KACnD;AACH,CAAC;AAlBD,kBAkBC"}
--- a/lib/analyze-action-post-helper.test.js
+++ b/lib/analyze-action-post-helper.test.js
@@ -1,73 +0,0 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    var desc = Object.getOwnPropertyDescriptor(m, k);
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
 }));
 var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
    Object.defineProperty(o, "default", { enumerable: true, value: v });
 }) : function(o, v) {
    o["default"] = v;
 });
 var __importStar = (this && this.__importStar) || function (mod) {
    if (mod && mod.__esModule) return mod;
    var result = {};
    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
    __setModuleDefault(result, mod);
    return result;
 };
 var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const ava_1 = __importDefault(require("ava"));
 const sinon = __importStar(require("sinon"));
 const actionsUtil = __importStar(require("./actions-util"));
 const analyzeActionPostHelper = __importStar(require("./analyze-action-post-helper"));
 const configUtils = __importStar(require("./config-utils"));
 const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
 (0, testing_utils_1.setupTests)(ava_1.default);
 (0, ava_1.default)("post: analyze action with debug mode off", async (t) => {
    return await util.withTmpDir(async (tmpDir) => {
        process.env["RUNNER_TEMP"] = tmpDir;
        const gitHubVersion = {
            type: util.GitHubVariant.DOTCOM,
        };
        sinon.stub(configUtils, "getConfig").resolves({
            debugMode: false,
            gitHubVersion,
            languages: [],
            packs: [],
        });
        const uploadSarifSpy = sinon.spy();
        await analyzeActionPostHelper.run(uploadSarifSpy);
        t.assert(uploadSarifSpy.notCalled);
    });
 });
 (0, ava_1.default)("post: analyze action with debug mode on", async (t) => {
    return await util.withTmpDir(async (tmpDir) => {
        process.env["RUNNER_TEMP"] = tmpDir;
        const gitHubVersion = {
            type: util.GitHubVariant.DOTCOM,
        };
        sinon.stub(configUtils, "getConfig").resolves({
            debugMode: true,
            gitHubVersion,
            languages: [],
            packs: [],
        });
        const requiredInputStub = sinon.stub(actionsUtil, "getRequiredInput");
        requiredInputStub.withArgs("output").returns("fake-output-dir");
        const uploadSarifSpy = sinon.spy();
        await analyzeActionPostHelper.run(uploadSarifSpy);
        t.assert(uploadSarifSpy.called);
    });
 });
 //# sourceMappingURL=analyze-action-post-helper.test.js.map
--- a/lib/analyze-action-post-helper.test.js.map
+++ b/lib/analyze-action-post-helper.test.js.map
@@ -1 +0,0 @@
 {"version":3,"file":"analyze-action-post-helper.test.js","sourceRoot":"","sources":["../src/analyze-action-post-helper.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,sFAAwE;AACxE,4DAA8C;AAC9C,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,0CAA0C,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC3D,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC;QAEpC,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,SAAS,EAAE,KAAK;YAChB,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;SACuB,CAAC,CAAC;QAEpC,MAAM,cAAc,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC;QAEnC,MAAM,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAElD,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,yCAAyC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC1D,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC;QAEpC,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,SAAS,EAAE,IAAI;YACf,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;SACuB,CAAC,CAAC;QAEpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QAEhE,MAAM,cAAc,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC;QAEnC,MAAM,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAElD,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
--- a/lib/analyze-action-post.js
+++ b/lib/analyze-action-post.js
@@ -1,44 +0,0 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    var desc = Object.getOwnPropertyDescriptor(m, k);
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
 }));
 var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
    Object.defineProperty(o, "default", { enumerable: true, value: v });
 }) : function(o, v) {
    o["default"] = v;
 });
 var __importStar = (this && this.__importStar) || function (mod) {
    if (mod && mod.__esModule) return mod;
    var result = {};
    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
    __setModuleDefault(result, mod);
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 /**
 * This file is the entry point for the `post:` hook of `analyze-action.yml`.
 * It will run after the all steps in this job, in reverse order in relation to
 * other `post:` hooks.
 */
 const core = __importStar(require("@actions/core"));
 const analyzeActionPostHelper = __importStar(require("./analyze-action-post-helper"));
 const debugArtifacts = __importStar(require("./debug-artifacts"));
 async function runWrapper() {
    try {
        await analyzeActionPostHelper.run(debugArtifacts.uploadSarifDebugArtifact);
    }
    catch (error) {
        core.setFailed(`analyze post-action step failed: ${error}`);
        console.log(error);
    }
 }
 void runWrapper();
 //# sourceMappingURL=analyze-action-post.js.map
--- a/lib/analyze-action-post.js.map
+++ b/lib/analyze-action-post.js.map
@@ -1 +0,0 @@
 {"version":3,"file":"analyze-action-post.js","sourceRoot":"","sources":["../src/analyze-action-post.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;GAIG;AACH,oDAAsC;AAEtC,sFAAwE;AACxE,kEAAoD;AAEpD,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,wBAAwB,CAAC,CAAC;KAC5E;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,oCAAoC,KAAK,EAAE,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
--- a/lib/analyze-action.js
+++ b/lib/analyze-action.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -22,34 +18,29 @@ var __importStar = (this && this.__importStar) || function (mod) {
    __setModuleDefault(result, mod);
    return result;
 };
 var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.runPromise = exports.sendStatusReport = void 0;
 const fs = __importStar(require("fs"));
-const path_1 = __importDefault(require("path"));
+const path = __importStar(require("path"));
-const perf_hooks_1 = require("perf_hooks");
+const artifact = __importStar(require("@actions/artifact"));
 const core = __importStar(require("@actions/core"));
 const actionsUtil = __importStar(require("./actions-util"));
 const analyze_1 = require("./analyze");
 const api_client_1 = require("./api-client");
 const autobuild_1 = require("./autobuild");
 const codeql_1 = require("./codeql");
 const config_utils_1 = require("./config-utils");
 const database_upload_1 = require("./database-upload");
 const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
 const shared_environment_1 = require("./shared-environment");
 const trap_caching_1 = require("./trap-caching");
 const upload_lib = __importStar(require("./upload-lib"));
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
-async function sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger) {
+// eslint-disable-next-line import/no-commonjs
-    const status = actionsUtil.getActionsStatus(error, stats?.analyze_failure_language);
+const pkg = require("../package.json");
-    const statusReportBase = await actionsUtil.createStatusReportBase("finish", status, startedAt, error?.message, error?.stack);
+async function sendStatusReport(startedAt, config, stats, error) {
    const status = actionsUtil.getActionsStatus(error, stats === null || stats === void 0 ? void 0 : stats.analyze_failure_language);
    const statusReportBase = await actionsUtil.createStatusReportBase("finish", status, startedAt, error === null || error === void 0 ? void 0 : error.message, error === null || error === void 0 ? void 0 : error.stack);
    const statusReport = {
        ...statusReportBase,
        ...(config
@@ -58,115 +49,61 @@ async function sendStatusReport(startedAt, config, stats, error, trapCacheUpload
            }
            : {}),
        ...(stats || {}),
        ...(dbCreationTimings || {}),
    };
-    if (config && didUploadTrapCaches) {
+    await actionsUtil.sendStatusReport(statusReport);
        const trapCacheUploadStatusReport = {
            ...statusReport,
            trap_cache_upload_duration_ms: Math.round(trapCacheUploadTime || 0),
            trap_cache_upload_size_bytes: Math.round(await (0, trap_caching_1.getTotalCacheSize)(config.trapCaches, logger)),
        };
        await actionsUtil.sendStatusReport(trapCacheUploadStatusReport);
    }
    else {
        await actionsUtil.sendStatusReport(statusReport);
    }
 }
 exports.sendStatusReport = sendStatusReport;
 // `expect-error` should only be set to a non-false value by the CodeQL Action PR checks.
 function hasBadExpectErrorInput() {
    return (actionsUtil.getOptionalInput("expect-error") !== "false" &&
        !util.isInTestMode());
 }
 /**
 * Returns whether any TRAP files exist under the `db-go` folder,
 * indicating whether Go extraction has extracted at least one file.
 */
 function doesGoExtractionOutputExist(config) {
    const golangDbDirectory = util.getCodeQLDatabasePath(config, languages_1.Language.go);
    const trapDirectory = path_1.default.join(golangDbDirectory, "trap", languages_1.Language.go);
    return (fs.existsSync(trapDirectory) &&
        fs
            .readdirSync(trapDirectory)
            .some((fileName) => [
            ".trap",
            ".trap.gz",
            ".trap.br",
            ".trap.tar.gz",
            ".trap.tar.br",
            ".trap.tar",
        ].some((ext) => fileName.endsWith(ext))));
 }
 /**
 * We attempt to autobuild Go to preserve compatibility for users who have
 * set up Go using a legacy scanning style CodeQL workflow, i.e. one without
 * an autobuild step or manual build steps.
 *
 * - We detect whether an autobuild step is present by checking the
 * `util.DID_AUTOBUILD_GO_ENV_VAR_NAME` environment variable, which is set
 * when the autobuilder is invoked.
 * - We detect whether the Go database has already been finalized in case it
 * has been manually set in a prior Action step.
 * - We approximate whether manual build steps are present by looking at
 * whether any extraction output already exists for Go.
 */
 async function runAutobuildIfLegacyGoWorkflow(config, logger) {
    if (!config.languages.includes(languages_1.Language.go)) {
        return;
    }
    if (process.env[util.DID_AUTOBUILD_GO_ENV_VAR_NAME] === "true") {
        logger.debug("Won't run Go autobuild since it has already been run.");
        return;
    }
    if ((0, analyze_1.dbIsFinalized)(config, languages_1.Language.go, logger)) {
        logger.debug("Won't run Go autobuild since there is already a finalized database for Go.");
        return;
    }
    // This captures whether a user has added manual build steps for Go
    if (doesGoExtractionOutputExist(config)) {
        logger.debug("Won't run Go autobuild since at least one file of Go code has already been extracted.");
        // If the user has run the manual build step, and has set the `CODEQL_EXTRACTOR_GO_BUILD_TRACING`
        // variable, we suggest they remove it from their workflow.
        if ("CODEQL_EXTRACTOR_GO_BUILD_TRACING" in process.env) {
            logger.warning(`The CODEQL_EXTRACTOR_GO_BUILD_TRACING environment variable has no effect on workflows with manual build steps, so we recommend that you remove it from your workflow.`);
        }
        return;
    }
    await (0, autobuild_1.runAutobuild)(languages_1.Language.go, config, logger);
 }
 async function run() {
    const startedAt = new Date();
    let uploadResult = undefined;
    let runStats = undefined;
    let config = undefined;
-    let trapCacheUploadTime = undefined;
+    util.initializeEnvironment(util.Mode.actions, pkg.version);
-    let dbCreationTimings = undefined;
+    await util.checkActionVersion(pkg.version);
    let didUploadTrapCaches = false;
    util.initializeEnvironment(actionsUtil.getActionVersion());
    const logger = (0, logging_1.getActionsLogger)();
    try {
        if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("finish", "starting", startedAt)))) {
            return;
        }
        const logger = (0, logging_1.getActionsLogger)();
        config = await (0, config_utils_1.getConfig)(actionsUtil.getTemporaryDirectory(), logger);
        if (config === undefined) {
            throw new Error("Config file could not be found at expected location. Has the 'init' action been called?");
        }
-        if (hasBadExpectErrorInput()) {
+        await util.enrichEnvironment(util.Mode.actions, await (0, codeql_1.getCodeQL)(config.codeQLCmd));
-            throw new Error("`expect-error` input parameter is for internal use only. It should only be set by codeql-action or a fork.");
+        const apiDetails = {
-        }
+            auth: actionsUtil.getRequiredInput("token"),
-        await util.enrichEnvironment(await (0, codeql_1.getCodeQL)(config.codeQLCmd));
+            url: util.getRequiredEnvParam("GITHUB_SERVER_URL"),
-        const apiDetails = (0, api_client_1.getApiDetails)();
+        };
        const outputDir = actionsUtil.getRequiredInput("output");
        const threads = util.getThreadsFlag(actionsUtil.getOptionalInput("threads") || process.env["CODEQL_THREADS"], logger);
        const memory = util.getMemoryFlag(actionsUtil.getOptionalInput("ram") || process.env["CODEQL_RAM"]);
        const repositoryNwo = (0, repository_1.parseRepositoryNwo)(util.getRequiredEnvParam("GITHUB_REPOSITORY"));
-        const gitHubVersion = await (0, api_client_1.getGitHubVersion)();
+        const gitHubVersion = await (0, api_client_1.getGitHubVersionActionsOnly)();
-        const features = new feature_flags_1.Features(gitHubVersion, repositoryNwo, actionsUtil.getTemporaryDirectory(), logger);
+        const featureFlags = new feature_flags_1.GitHubFeatureFlags(gitHubVersion, apiDetails, repositoryNwo, logger);
-        await runAutobuildIfLegacyGoWorkflow(config, logger);
+        await (0, analyze_1.runFinalize)(outputDir, threads, memory, config, logger, featureFlags);
        dbCreationTimings = await (0, analyze_1.runFinalize)(outputDir, threads, memory, config, logger);
        if (actionsUtil.getRequiredInput("skip-queries") !== "true") {
-            runStats = await (0, analyze_1.runQueries)(outputDir, memory, util.getAddSnippetsFlag(actionsUtil.getRequiredInput("add-snippets")), threads, actionsUtil.getOptionalInput("category"), config, logger, features);
+            runStats = await (0, analyze_1.runQueries)(outputDir, memory, util.getAddSnippetsFlag(actionsUtil.getRequiredInput("add-snippets")), threads, actionsUtil.getOptionalInput("category"), config, logger);
            if (config.debugMode) {
                // Upload the SARIF files as an Actions artifact for debugging
                await uploadDebugArtifacts(config.languages.map((lang) => path.resolve(outputDir, `${lang}.sarif`)), outputDir, config.debugArtifactName);
            }
        }
        const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
        if (config.debugMode) {
            // Upload the logs as an Actions artifact for debugging
            let toUpload = [];
            for (const language of config.languages) {
                toUpload = toUpload.concat(listFolder(path.resolve(util.getCodeQLDatabasePath(config, language), "log")));
            }
            if (await (0, util_1.codeQlVersionAbove)(codeql, codeql_1.CODEQL_VERSION_NEW_TRACING)) {
                // Multilanguage tracing: there are additional logs in the root of the cluster
                toUpload = toUpload.concat(listFolder(path.resolve(config.dbLocation, "log")));
            }
            await uploadDebugArtifacts(toUpload, config.dbLocation, config.debugArtifactName);
            if (!(await (0, util_1.codeQlVersionAbove)(codeql, codeql_1.CODEQL_VERSION_NEW_TRACING))) {
                // Before multi-language tracing, we wrote a compound-build-tracer.log in the temp dir
                await uploadDebugArtifacts([path.resolve(config.tempDir, "compound-build-tracer.log")], config.tempDir, config.debugArtifactName);
            }
        }
        if (actionsUtil.getOptionalInput("cleanup-level") !== "none") {
            await (0, analyze_1.runCleanup)(config, actionsUtil.getOptionalInput("cleanup-level") || "brutal", logger);
@@ -177,7 +114,7 @@ async function run() {
        }
        core.setOutput("db-locations", dbLocations);
        if (runStats && actionsUtil.getRequiredInput("upload") === "true") {
-            uploadResult = await upload_lib.uploadFromActions(outputDir, actionsUtil.getRequiredInput("checkout_path"), actionsUtil.getOptionalInput("category"), logger);
+            uploadResult = await upload_lib.uploadFromActions(outputDir, config.gitHubVersion, apiDetails, logger);
            core.setOutput("sarif-id", uploadResult.sarifID);
        }
        else {
@@ -185,53 +122,99 @@ async function run() {
        }
        // Possibly upload the database bundles for remote queries
        await (0, database_upload_1.uploadDatabases)(repositoryNwo, config, apiDetails, logger);
        // Possibly upload the TRAP caches for later re-use
        const trapCacheUploadStartTime = perf_hooks_1.performance.now();
        const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
        didUploadTrapCaches = await (0, trap_caching_1.uploadTrapCaches)(codeql, config, logger);
        trapCacheUploadTime = perf_hooks_1.performance.now() - trapCacheUploadStartTime;
        // We don't upload results in test mode, so don't wait for processing
        if (util.isInTestMode()) {
            core.debug("In test mode. Waiting for processing is disabled.");
        }
        else if (uploadResult !== undefined &&
            actionsUtil.getRequiredInput("wait-for-processing") === "true") {
-            await upload_lib.waitForProcessing((0, repository_1.parseRepositoryNwo)(util.getRequiredEnvParam("GITHUB_REPOSITORY")), uploadResult.sarifID, (0, logging_1.getActionsLogger)());
+            await upload_lib.waitForProcessing((0, repository_1.parseRepositoryNwo)(util.getRequiredEnvParam("GITHUB_REPOSITORY")), uploadResult.sarifID, apiDetails, (0, logging_1.getActionsLogger)());
        }
        // If we did not throw an error yet here, but we expect one, throw it.
        if (actionsUtil.getOptionalInput("expect-error") === "true") {
            core.setFailed(`expect-error input was set to true but no error was thrown.`);
        }
        core.exportVariable(shared_environment_1.CODEQL_ACTION_ANALYZE_DID_COMPLETE_SUCCESSFULLY, "true");
    }
    catch (origError) {
        const error = origError instanceof Error ? origError : new Error(String(origError));
-        if (actionsUtil.getOptionalInput("expect-error") !== "true" ||
+        core.setFailed(error.message);
-            hasBadExpectErrorInput()) {
+        console.log(error);
            core.setFailed(error.message);
        }
        if (error instanceof analyze_1.CodeQLAnalysisError) {
            const stats = { ...error.queriesStatusReport };
-            await sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
+            await sendStatusReport(startedAt, config, stats, error);
        }
        else {
-            await sendStatusReport(startedAt, config, undefined, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
+            await sendStatusReport(startedAt, config, undefined, error);
        }
        return;
    }
    finally {
        if (config === null || config === void 0 ? void 0 : config.debugMode) {
            try {
                // Upload the database bundles as an Actions artifact for debugging
                const toUpload = [];
                for (const language of config.languages) {
                    toUpload.push(await (0, util_1.bundleDb)(config, language, await (0, codeql_1.getCodeQL)(config.codeQLCmd), `${config.debugDatabaseName}-${language}`));
                }
                await uploadDebugArtifacts(toUpload, config.dbLocation, config.debugArtifactName);
            }
            catch (error) {
                console.log(`Failed to upload database debug bundles: ${error}`);
            }
        }
        if (config === null || config === void 0 ? void 0 : config.debugMode) {
            core.info("Debug mode is on. Printing CodeQL debug logs...");
            for (const language of config.languages) {
                const databaseDirectory = util.getCodeQLDatabasePath(config, language);
                const logsDirectory = path.join(databaseDirectory, "log");
                const walkLogFiles = (dir) => {
                    const entries = fs.readdirSync(dir, { withFileTypes: true });
                    for (const entry of entries) {
                        if (entry.isFile()) {
                            core.startGroup(`CodeQL Debug Logs - ${language} - ${entry.name}`);
                            process.stdout.write(fs.readFileSync(path.resolve(dir, entry.name)));
                            core.endGroup();
                        }
                        else if (entry.isDirectory()) {
                            walkLogFiles(path.resolve(dir, entry.name));
                        }
                    }
                };
                walkLogFiles(logsDirectory);
            }
        }
    }
    if (runStats && uploadResult) {
        await sendStatusReport(startedAt, config, {
            ...runStats,
            ...uploadResult.statusReport,
-        }, undefined, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
+        });
    }
    else if (runStats) {
-        await sendStatusReport(startedAt, config, { ...runStats }, undefined, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
+        await sendStatusReport(startedAt, config, { ...runStats });
    }
    else {
-        await sendStatusReport(startedAt, config, undefined, undefined, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
+        await sendStatusReport(startedAt, config, undefined);
    }
 }
 async function uploadDebugArtifacts(toUpload, rootDir, artifactName) {
    let suffix = "";
    const matrix = actionsUtil.getRequiredInput("matrix");
    if (matrix !== undefined && matrix !== "null") {
        for (const entry of Object.entries(JSON.parse(matrix)).sort())
            suffix += `-${entry[1]}`;
    }
    await artifact.create().uploadArtifact(actionsUtil.sanitizeArifactName(`${artifactName}${suffix}`), toUpload.map((file) => path.normalize(file)), path.normalize(rootDir));
 }
 function listFolder(dir) {
    const entries = fs.readdirSync(dir, { withFileTypes: true });
    let files = [];
    for (const entry of entries) {
        if (entry.isFile()) {
            files.push(path.resolve(dir, entry.name));
        }
        else if (entry.isDirectory()) {
            files = files.concat(listFolder(path.resolve(dir, entry.name)));
        }
    }
    return files;
 }
 exports.runPromise = run();
 async function runWrapper() {
    try {
@@ -239,8 +222,8 @@ async function runWrapper() {
    }
    catch (error) {
        core.setFailed(`analyze action failed: ${error}`);
        console.log(error);
    }
    await (0, util_1.checkForTimeout)();
 }
 void runWrapper();
 //# sourceMappingURL=analyze-action.js.map
--- a/lib/analyze-action.js.map
+++ b/lib/analyze-action.js.map
--- a/lib/analyze.js
+++ b/lib/analyze.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -26,16 +22,15 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.validateQueryFilters = exports.runCleanup = exports.runFinalize = exports.createQuerySuiteContents = exports.convertPackToQuerySuiteEntry = exports.runQueries = exports.dbIsFinalized = exports.createdDBForScannedLanguages = exports.CodeQLAnalysisError = void 0;
+exports.runCleanup = exports.runFinalize = exports.runQueries = exports.createdDBForScannedLanguages = exports.CodeQLAnalysisError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const perf_hooks_1 = require("perf_hooks");
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const del_1 = __importDefault(require("del"));
 const yaml = __importStar(require("js-yaml"));
 const analysisPaths = __importStar(require("./analysis-paths"));
 const codeql_1 = require("./codeql");
-const configUtils = __importStar(require("./config-utils"));
+const count_loc_1 = require("./count-loc");
 const languages_1 = require("./languages");
 const sharedEnv = __importStar(require("./shared-environment"));
 const tracer_config_1 = require("./tracer-config");
@@ -54,7 +49,6 @@ async function setupPythonExtractor(logger) {
        // If CODEQL_PYTHON is not set, no dependencies were installed, so we don't need to do anything
        return;
    }
    const scriptsFolder = path.resolve(__dirname, "../python-setup");
    let output = "";
    const options = {
        listeners: {
@@ -63,7 +57,10 @@ async function setupPythonExtractor(logger) {
            },
        },
    };
-    await new toolrunner.ToolRunner(codeqlPython, [path.join(scriptsFolder, "find_site_packages.py")], options).exec();
+    await new toolrunner.ToolRunner(codeqlPython, [
        "-c",
        "import os; import pip; print(os.path.dirname(os.path.dirname(pip.__file__)))",
    ], options).exec();
    logger.info(`Setting LGTM_INDEX_IMPORT_PATH=${output}`);
    process.env["LGTM_INDEX_IMPORT_PATH"] = output;
    output = "";
@@ -71,7 +68,7 @@ async function setupPythonExtractor(logger) {
    logger.info(`Setting LGTM_PYTHON_SETUP_VERSION=${output}`);
    process.env["LGTM_PYTHON_SETUP_VERSION"] = output;
 }
-async function createdDBForScannedLanguages(codeql, config, logger) {
+async function createdDBForScannedLanguages(codeql, config, logger, featureFlags) {
    // Insert the LGTM_INDEX_X env vars at this point so they are set when
    // we extract any scanned languages.
    analysisPaths.includeAndExcludeAnalysisPaths(config);
@@ -82,7 +79,7 @@ async function createdDBForScannedLanguages(codeql, config, logger) {
            if (language === languages_1.Language.python) {
                await setupPythonExtractor(logger);
            }
-            await codeql.extractScannedLanguage(config, language);
+            await codeql.extractScannedLanguage(util.getCodeQLDatabasePath(config, language), language, featureFlags);
            logger.endGroup();
        }
    }
@@ -99,13 +96,9 @@ function dbIsFinalized(config, language, logger) {
        return false;
    }
 }
-exports.dbIsFinalized = dbIsFinalized;
+async function finalizeDatabaseCreation(config, threadsFlag, memoryFlag, logger, featureFlags) {
 async function finalizeDatabaseCreation(config, threadsFlag, memoryFlag, logger) {
    const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
-    const extractionStart = perf_hooks_1.performance.now();
+    await createdDBForScannedLanguages(codeql, config, logger, featureFlags);
    await createdDBForScannedLanguages(codeql, config, logger);
    const extractionTime = perf_hooks_1.performance.now() - extractionStart;
    const trapImportStart = perf_hooks_1.performance.now();
    for (const language of config.languages) {
        if (dbIsFinalized(config, language, logger)) {
            logger.info(`There is already a finalized database for ${language} at the location where the CodeQL Action places databases, so we did not create one.`);
@@ -116,89 +109,80 @@ async function finalizeDatabaseCreation(config, threadsFlag, memoryFlag, logger)
            logger.endGroup();
        }
    }
    const trapImportTime = perf_hooks_1.performance.now() - trapImportStart;
    return {
        scanned_language_extraction_duration_ms: Math.round(extractionTime),
        trap_import_duration_ms: Math.round(trapImportTime),
    };
 }
 // Runs queries and creates sarif files in the given folder
-async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag, automationDetailsId, config, logger, featureEnablement) {
+async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag, automationDetailsId, config, logger) {
    const statusReport = {};
-    const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
+    let locPromise = Promise.resolve({});
-    await util.logCodeScanningConfigInCli(codeql, featureEnablement, logger);
+    const cliCanCountBaseline = await cliCanCountLoC();
    const countLocDebugMode = process.env["INTERNAL_CODEQL_ACTION_DEBUG_LOC"] || config.debugMode;
    if (!cliCanCountBaseline || countLocDebugMode) {
        // count the number of lines in the background
        locPromise = (0, count_loc_1.countLoc)(path.resolve(), 
        // config.paths specifies external directories. the current
        // directory is included in the analysis by default. Replicate
        // that here.
        config.paths, config.pathsIgnore, config.languages, logger);
    }
    for (const language of config.languages) {
        const queries = config.queries[language];
        const queryFilters = validateQueryFilters(config.originalUserInput["query-filters"]);
        const packsWithVersion = config.packs[language] || [];
        const hasBuiltinQueries = (queries === null || queries === void 0 ? void 0 : queries.builtin.length) > 0;
        const hasCustomQueries = (queries === null || queries === void 0 ? void 0 : queries.custom.length) > 0;
        const hasPackWithCustomQueries = packsWithVersion.length > 0;
        if (!hasBuiltinQueries && !hasCustomQueries && !hasPackWithCustomQueries) {
            throw new Error(`Unable to analyse ${language} as no queries were selected for this language`);
        }
        const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
        try {
-            if (await util.useCodeScanningConfigInCli(codeql, featureEnablement)) {
+            if (hasPackWithCustomQueries) {
-                // If we are using the code scanning config in the CLI,
+                logger.info("Performing analysis with custom CodeQL Packs.");
-                // much of the work needed to generate the query suites
+                logger.startGroup(`Downloading custom packs for ${language}`);
-                // is done in the CLI. We just need to make a single
+                const results = await codeql.packDownload(packsWithVersion);
-                // call to run all the queries for each language and
+                logger.info(`Downloaded packs: ${results.packs
-                // another to interpret the results.
+                    .map((r) => `${r.name}@${r.version || "latest"}`)
-                logger.startGroup(`Running queries for ${language}`);
+                    .join(", ")}`);
                logger.endGroup();
            }
            logger.startGroup(`Running queries for ${language}`);
            const querySuitePaths = [];
            if (queries["builtin"].length > 0) {
                const startTimeBuiltIn = new Date().getTime();
-                await runQueryGroup(language, "all", undefined, undefined);
+                querySuitePaths.push(await runQueryGroup(language, "builtin", createQuerySuiteContents(queries["builtin"]), undefined));
                // TODO should not be using `builtin` here. We should be using `all` instead.
                // The status report does not support `all` yet.
                statusReport[`analyze_builtin_queries_${language}_duration_ms`] =
                    new Date().getTime() - startTimeBuiltIn;
                logger.startGroup(`Interpreting results for ${language}`);
                const startTimeInterpretResults = new Date().getTime();
                const sarifFile = path.join(sarifFolder, `${language}.sarif`);
                const analysisSummary = await runInterpretResults(language, undefined, sarifFile, config.debugMode);
                statusReport[`interpret_results_${language}_duration_ms`] =
                    new Date().getTime() - startTimeInterpretResults;
                logger.endGroup();
                logger.info(analysisSummary);
            }
-            else {
+            const startTimeCustom = new Date().getTime();
-                // config was generated by the action, so must be interpreted by the action.
+            let ranCustom = false;
-                const hasBuiltinQueries = queries?.builtin.length > 0;
+            for (let i = 0; i < queries["custom"].length; ++i) {
-                const hasCustomQueries = queries?.custom.length > 0;
+                if (queries["custom"][i].queries.length > 0) {
-                const hasPackWithCustomQueries = packsWithVersion.length > 0;
+                    querySuitePaths.push(await runQueryGroup(language, `custom-${i}`, createQuerySuiteContents(queries["custom"][i].queries), queries["custom"][i].searchPath));
                if (!hasBuiltinQueries &&
                    !hasCustomQueries &&
                    !hasPackWithCustomQueries) {
                    throw new Error(`Unable to analyze ${language} as no queries were selected for this language`);
                }
                logger.startGroup(`Running queries for ${language}`);
                const querySuitePaths = [];
                if (queries["builtin"].length > 0) {
                    const startTimeBuiltIn = new Date().getTime();
                    querySuitePaths.push((await runQueryGroup(language, "builtin", createQuerySuiteContents(queries["builtin"], queryFilters), undefined)));
                    statusReport[`analyze_builtin_queries_${language}_duration_ms`] =
                        new Date().getTime() - startTimeBuiltIn;
                }
                const startTimeCustom = new Date().getTime();
                let ranCustom = false;
                for (let i = 0; i < queries["custom"].length; ++i) {
                    if (queries["custom"][i].queries.length > 0) {
                        querySuitePaths.push((await runQueryGroup(language, `custom-${i}`, createQuerySuiteContents(queries["custom"][i].queries, queryFilters), queries["custom"][i].searchPath)));
                        ranCustom = true;
                    }
                }
                if (packsWithVersion.length > 0) {
                    querySuitePaths.push(await runQueryPacks(language, "packs", packsWithVersion, queryFilters));
                    ranCustom = true;
                }
                if (ranCustom) {
                    statusReport[`analyze_custom_queries_${language}_duration_ms`] =
                        new Date().getTime() - startTimeCustom;
                }
                logger.endGroup();
                logger.startGroup(`Interpreting results for ${language}`);
                const startTimeInterpretResults = new Date().getTime();
                const sarifFile = path.join(sarifFolder, `${language}.sarif`);
                const analysisSummary = await runInterpretResults(language, querySuitePaths, sarifFile, config.debugMode);
                statusReport[`interpret_results_${language}_duration_ms`] =
                    new Date().getTime() - startTimeInterpretResults;
                logger.endGroup();
                logger.info(analysisSummary);
            }
-            logger.info(await runPrintLinesOfCode(language));
+            if (packsWithVersion.length > 0) {
                querySuitePaths.push(...(await runQueryPacks(language, "packs", packsWithVersion, undefined)));
                ranCustom = true;
            }
            if (ranCustom) {
                statusReport[`analyze_custom_queries_${language}_duration_ms`] =
                    new Date().getTime() - startTimeCustom;
            }
            logger.endGroup();
            logger.startGroup(`Interpreting results for ${language}`);
            const startTimeInterpretResults = new Date().getTime();
            const sarifFile = path.join(sarifFolder, `${language}.sarif`);
            const analysisSummary = await runInterpretResults(language, querySuitePaths, sarifFile, config.debugMode);
            if (!cliCanCountBaseline)
                await injectLinesOfCode(sarifFile, language, locPromise);
            statusReport[`interpret_results_${language}_duration_ms`] =
                new Date().getTime() - startTimeInterpretResults;
            logger.endGroup();
            logger.info(analysisSummary);
            if (!cliCanCountBaseline || countLocDebugMode)
                printLinesOfCodeSummary(logger, language, await locPromise);
            if (cliCanCountBaseline)
                logger.info(await runPrintLinesOfCode(language));
        }
        catch (e) {
            logger.info(String(e));
@@ -212,71 +196,57 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
    return statusReport;
    async function runInterpretResults(language, queries, sarifFile, enableDebugLogging) {
        const databasePath = util.getCodeQLDatabasePath(config, language);
        const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
        return await codeql.databaseInterpretResults(databasePath, queries, sarifFile, addSnippetsFlag, threadsFlag, enableDebugLogging ? "-vv" : "-v", automationDetailsId);
    }
    async function cliCanCountLoC() {
        return await util.codeQlVersionAbove(await (0, codeql_1.getCodeQL)(config.codeQLCmd), codeql_1.CODEQL_VERSION_COUNTS_LINES);
    }
    async function runPrintLinesOfCode(language) {
        const databasePath = util.getCodeQLDatabasePath(config, language);
        const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
        return await codeql.databasePrintBaseline(databasePath);
    }
    async function runQueryGroup(language, type, querySuiteContents, searchPath) {
        const databasePath = util.getCodeQLDatabasePath(config, language);
        // Pass the queries to codeql using a file instead of using the command
        // line to avoid command line length restrictions, particularly on windows.
-        const querySuitePath = querySuiteContents
+        const querySuitePath = `${databasePath}-queries-${type}.qls`;
-            ? `${databasePath}-queries-${type}.qls`
+        fs.writeFileSync(querySuitePath, querySuiteContents);
-            : undefined;
+        logger.debug(`Query suite file for ${language}-${type}...\n${querySuiteContents}`);
-        if (querySuiteContents && querySuitePath) {
+        const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
            fs.writeFileSync(querySuitePath, querySuiteContents);
            logger.debug(`Query suite file for ${language}-${type}...\n${querySuiteContents}`);
        }
        await codeql.databaseRunQueries(databasePath, searchPath, querySuitePath, memoryFlag, threadsFlag);
        logger.debug(`BQRS results produced for ${language} (queries: ${type})"`);
        return querySuitePath;
    }
-    async function runQueryPacks(language, type, packs, queryFilters) {
+    async function runQueryPacks(language, type, packs, searchPath) {
        const databasePath = util.getCodeQLDatabasePath(config, language);
        // Run the queries individually instead of all at once to avoid command
        // line length restrictions, particularly on windows.
        for (const pack of packs) {
            logger.debug(`Running query pack for ${language}-${type}: ${pack}`);
            const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
            await codeql.databaseRunQueries(databasePath, searchPath, pack, memoryFlag, threadsFlag);
            logger.debug(`BQRS results produced for ${language} (queries: ${type})"`);
        }
-        // combine the list of packs into a query suite in order to run them all simultaneously.
+        return packs;
        const querySuite = packs.map(convertPackToQuerySuiteEntry).concat(queryFilters);
        const querySuitePath = `${databasePath}-queries-${type}.qls`;
        fs.writeFileSync(querySuitePath, yaml.dump(querySuite));
        logger.debug(`BQRS results produced for ${language} (queries: ${type})"`);
        await codeql.databaseRunQueries(databasePath, undefined, querySuitePath, memoryFlag, threadsFlag);
        return querySuitePath;
    }
 }
 exports.runQueries = runQueries;
-function convertPackToQuerySuiteEntry(packStr) {
+function createQuerySuiteContents(queries) {
-    const pack = configUtils.parsePacksSpecification(packStr);
+    return queries.map((q) => `- query: ${q}`).join("\n");
    return {
        qlpack: !pack.path ? pack.name : undefined,
        from: pack.path ? pack.name : undefined,
        version: pack.version,
        query: pack.path?.endsWith(".ql") ? pack.path : undefined,
        queries: !pack.path?.endsWith(".ql") && !pack.path?.endsWith(".qls")
            ? pack.path
            : undefined,
        apply: pack.path?.endsWith(".qls") ? pack.path : undefined,
    };
 }
-exports.convertPackToQuerySuiteEntry = convertPackToQuerySuiteEntry;
+async function runFinalize(outputDir, threadsFlag, memoryFlag, config, logger, featureFlags) {
 function createQuerySuiteContents(queries, queryFilters) {
    return yaml.dump(queries.map((q) => ({ query: q })).concat(queryFilters));
 }
 exports.createQuerySuiteContents = createQuerySuiteContents;
 async function runFinalize(outputDir, threadsFlag, memoryFlag, config, logger) {
    try {
        await (0, del_1.default)(outputDir, { force: true });
    }
    catch (error) {
-        if (error?.code !== "ENOENT") {
+        if ((error === null || error === void 0 ? void 0 : error.code) !== "ENOENT") {
            throw error;
        }
    }
    await fs.promises.mkdir(outputDir, { recursive: true });
-    const timings = await finalizeDatabaseCreation(config, threadsFlag, memoryFlag, logger);
+    await finalizeDatabaseCreation(config, threadsFlag, memoryFlag, logger, featureFlags);
    const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
    // WARNING: This does not _really_ end tracing, as the tracer will restore its
    // critical environment variables and it'll still be active for all processes
@@ -291,7 +261,6 @@ async function runFinalize(outputDir, threadsFlag, memoryFlag, config, logger) {
        // Delete the tracer config env var to avoid tracing ourselves
        delete process.env[sharedEnv.ODASA_TRACER_CONFIGURATION];
    }
    return timings;
 }
 exports.runFinalize = runFinalize;
 async function runCleanup(config, cleanupLevel, logger) {
@@ -304,28 +273,32 @@ async function runCleanup(config, cleanupLevel, logger) {
    logger.endGroup();
 }
 exports.runCleanup = runCleanup;
-// exported for testing
+async function injectLinesOfCode(sarifFile, language, locPromise) {
-function validateQueryFilters(queryFilters) {
+    var _a;
-    if (!queryFilters) {
+    const lineCounts = await locPromise;
-        return [];
+    if (language in lineCounts) {
-    }
+        const sarif = JSON.parse(fs.readFileSync(sarifFile, "utf8"));
-    if (!Array.isArray(queryFilters)) {
+        if (Array.isArray(sarif.runs)) {
-        throw new Error(`Query filters must be an array of "include" or "exclude" entries. Found ${typeof queryFilters}`);
+            for (const run of sarif.runs) {
-    }
+                run.properties = run.properties || {};
-    const errors = [];
+                run.properties.metricResults = run.properties.metricResults || [];
-    for (const qf of queryFilters) {
+                for (const metric of run.properties.metricResults) {
-        const keys = Object.keys(qf);
+                    // Baseline is inserted when matching rule has tag lines-of-code
-        if (keys.length !== 1) {
+                    if (metric.rule && metric.rule.toolComponent) {
-            errors.push(`Query filter must have exactly one key: ${JSON.stringify(qf)}`);
+                        const matchingRule = run.tool.extensions[metric.rule.toolComponent.index].rules[metric.rule.index];
-        }
+                        if ((_a = matchingRule.properties.tags) === null || _a === void 0 ? void 0 : _a.includes("lines-of-code")) {
-        if (!["exclude", "include"].includes(keys[0])) {
+                            metric.baseline = lineCounts[language];
-            errors.push(`Only "include" or "exclude" filters are allowed:\n${JSON.stringify(qf)}`);
+                        }
                    }
                }
            }
        }
        fs.writeFileSync(sarifFile, JSON.stringify(sarif));
    }
 }
 function printLinesOfCodeSummary(logger, language, lineCounts) {
    if (language in lineCounts) {
        logger.info(`Counted a baseline of ${lineCounts[language]} lines of code for ${language}.`);
    }
    if (errors.length) {
        throw new Error(`Invalid query filter.\n${errors.join("\n")}`);
    }
    return queryFilters;
 }
 exports.validateQueryFilters = validateQueryFilters;
 //# sourceMappingURL=analyze.js.map
--- a/lib/analyze.js.map
+++ b/lib/analyze.js.map
--- a/lib/analyze.test.js
+++ b/lib/analyze.test.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -30,8 +26,12 @@ const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const ava_1 = __importDefault(require("ava"));
 const yaml = __importStar(require("js-yaml"));
 const sinon = __importStar(require("sinon"));
 const analyze_1 = require("./analyze");
 const codeql_1 = require("./codeql");
 const codeql_test_1 = require("./codeql.test");
 const count = __importStar(require("./count-loc"));
 const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
@@ -41,6 +41,12 @@ const util = __importStar(require("./util"));
 // and correct case of builtin or custom. Also checks the correct search
 // paths are set in the database analyze invocation.
 (0, ava_1.default)("status report fields and search path setting", async (t) => {
    const mockLinesOfCode = Object.values(languages_1.Language).reduce((obj, lang, i) => {
        // use a different line count for each language
        obj[lang] = i + 1;
        return obj;
    }, {});
    sinon.stub(count, "countLoc").resolves(mockLinesOfCode);
    let searchPathsUsed = [];
    return await util.withTmpDir(async (tmpDir) => {
        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
@@ -94,7 +100,6 @@ const util = __importStar(require("./util"));
                    }));
                    return "";
                },
                databasePrintBaseline: async () => "",
            });
            searchPathsUsed = [];
            const config = {
@@ -113,13 +118,7 @@ const util = __importStar(require("./util"));
                debugMode: false,
                debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
                debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
-                augmentationProperties: {
+                injectedMlQueries: false,
                    injectedMlQueries: false,
                    packsInputCombines: false,
                    queriesInputCombines: false,
                },
                trapCaches: {},
                trapCacheDownloadTime: 0,
            };
            fs.mkdirSync(util.getCodeQLDatabasePath(config, language), {
                recursive: true,
@@ -128,7 +127,7 @@ const util = __importStar(require("./util"));
                builtin: ["foo.ql"],
                custom: [],
            };
-            const builtinStatusReport = await (0, analyze_1.runQueries)(tmpDir, memoryFlag, addSnippetsFlag, threadsFlag, undefined, config, (0, logging_1.getRunnerLogger)(true), (0, testing_utils_1.createFeatures)([]));
+            const builtinStatusReport = await (0, analyze_1.runQueries)(tmpDir, memoryFlag, addSnippetsFlag, threadsFlag, undefined, config, (0, logging_1.getRunnerLogger)(true));
            const hasPacks = language in packs;
            const statusReportKeys = Object.keys(builtinStatusReport).sort();
            if (hasPacks) {
@@ -154,7 +153,7 @@ const util = __importStar(require("./util"));
                    },
                ],
            };
-            const customStatusReport = await (0, analyze_1.runQueries)(tmpDir, memoryFlag, addSnippetsFlag, threadsFlag, undefined, config, (0, logging_1.getRunnerLogger)(true), (0, testing_utils_1.createFeatures)([]));
+            const customStatusReport = await (0, analyze_1.runQueries)(tmpDir, memoryFlag, addSnippetsFlag, threadsFlag, undefined, config, (0, logging_1.getRunnerLogger)(true));
            t.deepEqual(Object.keys(customStatusReport).length, 2);
            t.true(`analyze_custom_queries_${language}_duration_ms` in customStatusReport);
            const expectedSearchPathsUsed = hasPacks
@@ -163,8 +162,32 @@ const util = __importStar(require("./util"));
            t.deepEqual(searchPathsUsed, expectedSearchPathsUsed);
            t.true(`interpret_results_${language}_duration_ms` in customStatusReport);
        }
        verifyLineCounts(tmpDir);
        verifyQuerySuites(tmpDir);
    });
    function verifyLineCounts(tmpDir) {
        // eslint-disable-next-line github/array-foreach
        Object.keys(languages_1.Language).forEach((lang, i) => {
            verifyLineCountForFile(path.join(tmpDir, `${lang}.sarif`), i + 1);
        });
    }
    function verifyLineCountForFile(filePath, lineCount) {
        const sarif = JSON.parse(fs.readFileSync(filePath, "utf8"));
        t.deepEqual(sarif.runs[0].properties.metricResults, [
            {
                rule: {
                    index: 0,
                    toolComponent: {
                        index: 0,
                    },
                },
                value: 123,
                baseline: lineCount,
            },
        ]);
        // when the rule doesn't exist, it should not be added
        t.deepEqual(sarif.runs[1].properties.metricResults, []);
    }
    function verifyQuerySuites(tmpDir) {
        const qlsContent = [
            {
@@ -188,142 +211,71 @@ const util = __importStar(require("./util"));
        }
    }
 });
-(0, ava_1.default)("validateQueryFilters", (t) => {
+const stubConfig = {
-    t.notThrows(() => (0, analyze_1.validateQueryFilters)([]));
+    languages: [languages_1.Language.cpp, languages_1.Language.go],
-    t.notThrows(() => (0, analyze_1.validateQueryFilters)(undefined));
+    queries: {},
-    t.notThrows(() => {
+    pathsIgnore: [],
-        return (0, analyze_1.validateQueryFilters)([
+    paths: [],
-            {
+    originalUserInput: {},
-                exclude: {
+    tempDir: "",
-                    "problem.severity": "recommendation",
+    codeQLCmd: "",
-                },
+    gitHubVersion: {
-            },
+        type: util.GitHubVariant.DOTCOM,
-            {
+    },
-                exclude: {
+    dbLocation: "",
-                    "tags contain": ["foo", "bar"],
+    packs: {},
-                },
+    debugMode: false,
-            },
+    debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
-            {
+    debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
-                include: {
+    injectedMlQueries: false,
-                    "problem.severity": "something-to-think-about",
+};
-                },
+for (const options of [
-            },
+    {
-            {
+        name: "Lua feature flag enabled, but old CLI",
-                include: {
+        version: "2.9.0",
-                    "tags contain": ["baz", "bop"],
+        featureFlags: [feature_flags_1.FeatureFlag.LuaTracerConfigEnabled],
-                },
+        yesFlagSet: false,
-            },
+        noFlagSet: false,
-        ]);
+    },
    {
        name: "Lua feature flag disabled, with old CLI",
        version: "2.9.0",
        featureFlags: [],
        yesFlagSet: false,
        noFlagSet: false,
    },
    {
        name: "Lua feature flag enabled, with new CLI",
        version: "2.10.0",
        featureFlags: [feature_flags_1.FeatureFlag.LuaTracerConfigEnabled],
        yesFlagSet: true,
        noFlagSet: false,
    },
    {
        name: "Lua feature flag disabled, with new CLI",
        version: "2.10.0",
        featureFlags: [],
        yesFlagSet: false,
        noFlagSet: true,
    },
 ]) {
    (0, ava_1.default)(`createdDBForScannedLanguages() ${options.name}`, async (t) => {
        const runnerConstructorStub = (0, codeql_test_1.stubToolRunnerConstructor)();
        const codeqlObject = await (0, codeql_1.getCodeQLForTesting)("codeql/for-testing");
        sinon.stub(codeqlObject, "getVersion").resolves(options.version);
        const promise = (0, analyze_1.createdDBForScannedLanguages)(codeqlObject, stubConfig, (0, logging_1.getRunnerLogger)(true), (0, feature_flags_1.createFeatureFlags)(options.featureFlags));
        // call listener on `codeql resolve extractor`
        const mockToolRunner = runnerConstructorStub.getCall(0);
        mockToolRunner.args[2].listeners.stdout('"/path/to/extractor"');
        await promise;
        if (options.yesFlagSet)
            t.true(runnerConstructorStub.secondCall.args[1].includes("--internal-use-lua-tracing"), "--internal-use-lua-tracing should be present, but it is absent");
        else
            t.false(runnerConstructorStub.secondCall.args[1].includes("--internal-use-lua-tracing"), "--internal-use-lua-tracing should be absent, but it is present");
        if (options.noFlagSet)
            t.true(runnerConstructorStub.secondCall.args[1].includes("--no-internal-use-lua-tracing"), "--no-internal-use-lua-tracing should be present, but it is absent");
        else
            t.false(runnerConstructorStub.secondCall.args[1].includes("--no-internal-use-lua-tracing"), "--no-internal-use-lua-tracing should be absent, but it is present");
    });
-    t.throws(() => {
+}
        return (0, analyze_1.validateQueryFilters)([
            {
                exclude: {
                    "tags contain": ["foo", "bar"],
                },
                include: {
                    "tags contain": ["baz", "bop"],
                },
            },
        ]);
    }, { message: /Query filter must have exactly one key/ });
    t.throws(() => {
        return (0, analyze_1.validateQueryFilters)([{ xxx: "foo" }]);
    }, { message: /Only "include" or "exclude" filters are allowed/ });
    t.throws(() => {
        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
        return (0, analyze_1.validateQueryFilters)({ exclude: "foo" });
    }, {
        message: /Query filters must be an array of "include" or "exclude" entries/,
    });
 });
 const convertPackToQuerySuiteEntryMacro = ava_1.default.macro({
    exec: (t, packSpec, suiteEntry) => t.deepEqual((0, analyze_1.convertPackToQuerySuiteEntry)(packSpec), suiteEntry),
    title: (_providedTitle, packSpec) => `Query Suite Entry: ${packSpec}`,
 });
 (0, ava_1.default)(convertPackToQuerySuiteEntryMacro, "a/b", {
    qlpack: "a/b",
    from: undefined,
    version: undefined,
    query: undefined,
    queries: undefined,
    apply: undefined,
 });
 (0, ava_1.default)(convertPackToQuerySuiteEntryMacro, "a/b@~1.2.3", {
    qlpack: "a/b",
    from: undefined,
    version: "~1.2.3",
    query: undefined,
    queries: undefined,
    apply: undefined,
 });
 (0, ava_1.default)(convertPackToQuerySuiteEntryMacro, "a/b:my/path", {
    qlpack: undefined,
    from: "a/b",
    version: undefined,
    query: undefined,
    queries: "my/path",
    apply: undefined,
 });
 (0, ava_1.default)(convertPackToQuerySuiteEntryMacro, "a/b@~1.2.3:my/path", {
    qlpack: undefined,
    from: "a/b",
    version: "~1.2.3",
    query: undefined,
    queries: "my/path",
    apply: undefined,
 });
 (0, ava_1.default)(convertPackToQuerySuiteEntryMacro, "a/b:my/path/query.ql", {
    qlpack: undefined,
    from: "a/b",
    version: undefined,
    query: "my/path/query.ql",
    queries: undefined,
    apply: undefined,
 });
 (0, ava_1.default)(convertPackToQuerySuiteEntryMacro, "a/b@~1.2.3:my/path/query.ql", {
    qlpack: undefined,
    from: "a/b",
    version: "~1.2.3",
    query: "my/path/query.ql",
    queries: undefined,
    apply: undefined,
 });
 (0, ava_1.default)(convertPackToQuerySuiteEntryMacro, "a/b:my/path/suite.qls", {
    qlpack: undefined,
    from: "a/b",
    version: undefined,
    query: undefined,
    queries: undefined,
    apply: "my/path/suite.qls",
 });
 (0, ava_1.default)(convertPackToQuerySuiteEntryMacro, "a/b@~1.2.3:my/path/suite.qls", {
    qlpack: undefined,
    from: "a/b",
    version: "~1.2.3",
    query: undefined,
    queries: undefined,
    apply: "my/path/suite.qls",
 });
 (0, ava_1.default)("convertPackToQuerySuiteEntry Failure", (t) => {
    t.throws(() => (0, analyze_1.convertPackToQuerySuiteEntry)("this-is-not-a-pack"));
 });
 (0, ava_1.default)("createQuerySuiteContents", (t) => {
    const yamlResult = (0, analyze_1.createQuerySuiteContents)(["query1.ql", "query2.ql"], [
        {
            exclude: { "problem.severity": "recommendation" },
        },
        {
            include: { "problem.severity": "recommendation" },
        },
    ]);
    const expected = `- query: query1.ql
 - query: query2.ql
 - exclude:
    problem.severity: recommendation
 - include:
    problem.severity: recommendation
 `;
    t.deepEqual(yamlResult, expected);
 });
 //# sourceMappingURL=analyze.test.js.map
--- a/lib/analyze.test.js.map
+++ b/lib/analyze.test.js.map
--- a/lib/api-client.js
+++ b/lib/api-client.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -26,56 +22,72 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getGitHubVersion = exports.getApiClientWithExternalAuth = exports.getApiClient = exports.getApiDetails = exports.DisallowedAPIVersionReason = void 0;
+exports.getGitHubVersionActionsOnly = exports.getActionsApiClient = exports.getApiClient = exports.DisallowedAPIVersionReason = void 0;
 const path = __importStar(require("path"));
 const githubUtils = __importStar(require("@actions/github/lib/utils"));
 const retry = __importStar(require("@octokit/plugin-retry"));
 const console_log_level_1 = __importDefault(require("console-log-level"));
 const actions_util_1 = require("./actions-util");
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
 // eslint-disable-next-line import/no-commonjs
 const pkg = require("../package.json");
 var DisallowedAPIVersionReason;
 (function (DisallowedAPIVersionReason) {
    DisallowedAPIVersionReason[DisallowedAPIVersionReason["ACTION_TOO_OLD"] = 0] = "ACTION_TOO_OLD";
    DisallowedAPIVersionReason[DisallowedAPIVersionReason["ACTION_TOO_NEW"] = 1] = "ACTION_TOO_NEW";
 })(DisallowedAPIVersionReason = exports.DisallowedAPIVersionReason || (exports.DisallowedAPIVersionReason = {}));
-function createApiClientWithDetails(apiDetails, { allowExternal = false } = {}) {
+const getApiClient = function (apiDetails, { allowExternal = false } = {}) {
    const auth = (allowExternal && apiDetails.externalRepoAuth) || apiDetails.auth;
    const retryingOctokit = githubUtils.GitHub.plugin(retry.retry);
    return new retryingOctokit(githubUtils.getOctokitOptions(auth, {
-        baseUrl: apiDetails.apiURL,
+        baseUrl: getApiUrl(apiDetails.url),
-        userAgent: `CodeQL-Action/${(0, actions_util_1.getActionVersion)()}`,
+        userAgent: `CodeQL-${(0, util_1.getMode)()}/${pkg.version}`,
        log: (0, console_log_level_1.default)({ level: "debug" }),
    }));
 };
 exports.getApiClient = getApiClient;
 function getApiUrl(githubUrl) {
    const url = new URL(githubUrl);
    // If we detect this is trying to connect to github.com
    // then return with a fixed canonical URL.
    if (url.hostname === "github.com" || url.hostname === "api.github.com") {
        return "https://api.github.com";
    }
    // Add the /api/v3 API prefix
    url.pathname = path.join(url.pathname, "api", "v3");
    return url.toString();
 }
 function getApiDetails() {
    return {
        auth: (0, actions_util_1.getRequiredInput)("token"),
        url: (0, util_1.getRequiredEnvParam)("GITHUB_SERVER_URL"),
        apiURL: (0, util_1.getRequiredEnvParam)("GITHUB_API_URL"),
    };
 }
-exports.getApiDetails = getApiDetails;
+// Temporary function to aid in the transition to running on and off of github actions.
-function getApiClient() {
+// Once all code has been converted this function should be removed or made canonical
-    return createApiClientWithDetails(getApiDetails());
+// and called only from the action entrypoints.
 function getActionsApiClient() {
    return (0, exports.getApiClient)(getApiDetails());
 }
-exports.getApiClient = getApiClient;
+exports.getActionsApiClient = getActionsApiClient;
 function getApiClientWithExternalAuth(apiDetails) {
    return createApiClientWithDetails(apiDetails, { allowExternal: true });
 }
 exports.getApiClientWithExternalAuth = getApiClientWithExternalAuth;
 let cachedGitHubVersion = undefined;
 /**
 * Report the GitHub server version. This is a wrapper around
 * util.getGitHubVersion() that automatically supplies GitHub API details using
- * GitHub Action inputs.
+ * GitHub Action inputs. If you need to get the GitHub server version from the
 * Runner, please call util.getGitHubVersion() instead.
 *
 * @returns GitHub version
 */
-async function getGitHubVersion() {
+async function getGitHubVersionActionsOnly() {
    if (!util.isActions()) {
        throw new Error("getGitHubVersionActionsOnly() works only in an action");
    }
    if (cachedGitHubVersion === undefined) {
        cachedGitHubVersion = await util.getGitHubVersion(getApiDetails());
    }
    return cachedGitHubVersion;
 }
-exports.getGitHubVersion = getGitHubVersion;
+exports.getGitHubVersionActionsOnly = getGitHubVersionActionsOnly;
 //# sourceMappingURL=api-client.js.map
--- a/lib/api-client.js.map
+++ b/lib/api-client.js.map
@@ -1 +1 @@
-{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uEAAyD;AACzD,6DAA+C;AAC/C,0EAAgD;AAEhD,iDAAoE;AACpE,6CAA+B;AAC/B,iCAA4D;AAE5D,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,+FAAc,CAAA;IACd,+FAAc,CAAA;AAChB,CAAC,EAHW,0BAA0B,GAA1B,kCAA0B,KAA1B,kCAA0B,QAGrC;AAiBD,SAAS,0BAA0B,CACjC,UAAoC,EACpC,EAAE,aAAa,GAAG,KAAK,EAAE,GAAG,EAAE;IAE9B,MAAM,IAAI,GACR,CAAC,aAAa,IAAI,UAAU,CAAC,gBAAgB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC;IACpE,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/D,OAAO,IAAI,eAAe,CACxB,WAAW,CAAC,iBAAiB,CAAC,IAAI,EAAE;QAClC,OAAO,EAAE,UAAU,CAAC,MAAM;QAC1B,SAAS,EAAE,iBAAiB,IAAA,+BAAgB,GAAE,EAAE;QAChD,GAAG,EAAE,IAAA,2BAAe,EAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;KACzC,CAAC,CACH,CAAC;AACJ,CAAC;AAED,SAAgB,aAAa;IAC3B,OAAO;QACL,IAAI,EAAE,IAAA,+BAAgB,EAAC,OAAO,CAAC;QAC/B,GAAG,EAAE,IAAA,0BAAmB,EAAC,mBAAmB,CAAC;QAC7C,MAAM,EAAE,IAAA,0BAAmB,EAAC,gBAAgB,CAAC;KAC9C,CAAC;AACJ,CAAC;AAND,sCAMC;AAED,SAAgB,YAAY;IAC1B,OAAO,0BAA0B,CAAC,aAAa,EAAE,CAAC,CAAC;AACrD,CAAC;AAFD,oCAEC;AAED,SAAgB,4BAA4B,CAC1C,UAAoC;IAEpC,OAAO,0BAA0B,CAAC,UAAU,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;AACzE,CAAC;AAJD,oEAIC;AAED,IAAI,mBAAmB,GAA8B,SAAS,CAAC;AAE/D;;;;;;GAMG;AACI,KAAK,UAAU,gBAAgB;IACpC,IAAI,mBAAmB,KAAK,SAAS,EAAE;QACrC,mBAAmB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,EAAE,CAAC,CAAC;KACpE;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AALD,4CAKC"}
+{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,uEAAyD;AACzD,6DAA+C;AAC/C,0EAAgD;AAEhD,iDAAkD;AAClD,6CAA+B;AAC/B,iCAAqE;AAErE,8CAA8C;AAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEvC,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,+FAAc,CAAA;IACd,+FAAc,CAAA;AAChB,CAAC,EAHW,0BAA0B,GAA1B,kCAA0B,KAA1B,kCAA0B,QAGrC;AAeM,MAAM,YAAY,GAAG,UAC1B,UAAoC,EACpC,EAAE,aAAa,GAAG,KAAK,EAAE,GAAG,EAAE;IAE9B,MAAM,IAAI,GACR,CAAC,aAAa,IAAI,UAAU,CAAC,gBAAgB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC;IACpE,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/D,OAAO,IAAI,eAAe,CACxB,WAAW,CAAC,iBAAiB,CAAC,IAAI,EAAE;QAClC,OAAO,EAAE,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC;QAClC,SAAS,EAAE,UAAU,IAAA,cAAO,GAAE,IAAI,GAAG,CAAC,OAAO,EAAE;QAC/C,GAAG,EAAE,IAAA,2BAAe,EAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;KACzC,CAAC,CACH,CAAC;AACJ,CAAC,CAAC;AAdW,QAAA,YAAY,gBAcvB;AAEF,SAAS,SAAS,CAAC,SAAiB;IAClC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;IAE/B,uDAAuD;IACvD,0CAA0C;IAC1C,IAAI,GAAG,CAAC,QAAQ,KAAK,YAAY,IAAI,GAAG,CAAC,QAAQ,KAAK,gBAAgB,EAAE;QACtE,OAAO,wBAAwB,CAAC;KACjC;IAED,6BAA6B;IAC7B,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AAED,SAAS,aAAa;IACpB,OAAO;QACL,IAAI,EAAE,IAAA,+BAAgB,EAAC,OAAO,CAAC;QAC/B,GAAG,EAAE,IAAA,0BAAmB,EAAC,mBAAmB,CAAC;KAC9C,CAAC;AACJ,CAAC;AAED,uFAAuF;AACvF,qFAAqF;AACrF,+CAA+C;AAC/C,SAAgB,mBAAmB;IACjC,OAAO,IAAA,oBAAY,EAAC,aAAa,EAAE,CAAC,CAAC;AACvC,CAAC;AAFD,kDAEC;AAED,IAAI,mBAAmB,GAA8B,SAAS,CAAC;AAE/D;;;;;;;GAOG;AACI,KAAK,UAAU,2BAA2B;IAC/C,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE;QACrB,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;KAC1E;IACD,IAAI,mBAAmB,KAAK,SAAS,EAAE;QACrC,mBAAmB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,EAAE,CAAC,CAAC;KACpE;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AARD,kEAQC"}
--- a/lib/api-client.test.js
+++ b/lib/api-client.test.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -29,10 +25,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const githubUtils = __importStar(require("@actions/github/lib/utils"));
 const ava_1 = __importDefault(require("ava"));
 const sinon = __importStar(require("sinon"));
 const actionsUtil = __importStar(require("./actions-util"));
 const api_client_1 = require("./api-client");
 const testing_utils_1 = require("./testing-utils");
-const util = __importStar(require("./util"));
+const util_1 = require("./util");
 // eslint-disable-next-line import/no-commonjs
 const pkg = require("../package.json");
 (0, testing_utils_1.setupTests)(ava_1.default);
 let pluginStub;
 let githubStub;
@@ -40,23 +37,55 @@ ava_1.default.beforeEach(() => {
    pluginStub = sinon.stub(githubUtils.GitHub, "plugin");
    githubStub = sinon.stub();
    pluginStub.returns(githubStub);
-    util.initializeEnvironment(actionsUtil.getActionVersion());
+    (0, util_1.initializeEnvironment)(util_1.Mode.actions, pkg.version);
 });
-(0, ava_1.default)("getApiClient", async (t) => {
+(0, ava_1.default)("Get the client API", async (t) => {
-    sinon.stub(actionsUtil, "getRequiredInput").withArgs("token").returns("xyz");
+    doTest(t, {
-    const requiredEnvParamStub = sinon.stub(util, "getRequiredEnvParam");
+        auth: "xyz",
-    requiredEnvParamStub
+        externalRepoAuth: "abc",
-        .withArgs("GITHUB_SERVER_URL")
+        url: "http://hucairz",
-        .returns("http://github.localhost");
+    }, undefined, {
    requiredEnvParamStub
        .withArgs("GITHUB_API_URL")
        .returns("http://api.github.localhost");
    (0, api_client_1.getApiClient)();
    t.assert(githubStub.calledOnceWithExactly({
        auth: "token xyz",
-        baseUrl: "http://api.github.localhost",
+        baseUrl: "http://hucairz/api/v3",
-        log: sinon.match.any,
+        userAgent: `CodeQL-Action/${pkg.version}`,
-        userAgent: `CodeQL-Action/${actionsUtil.getActionVersion()}`,
+    });
    }));
 });
 (0, ava_1.default)("Get the client API external", async (t) => {
    doTest(t, {
        auth: "xyz",
        externalRepoAuth: "abc",
        url: "http://hucairz",
    }, { allowExternal: true }, {
        auth: "token abc",
        baseUrl: "http://hucairz/api/v3",
        userAgent: `CodeQL-Action/${pkg.version}`,
    });
 });
 (0, ava_1.default)("Get the client API external not present", async (t) => {
    doTest(t, {
        auth: "xyz",
        url: "http://hucairz",
    }, { allowExternal: true }, {
        auth: "token xyz",
        baseUrl: "http://hucairz/api/v3",
        userAgent: `CodeQL-Action/${pkg.version}`,
    });
 });
 (0, ava_1.default)("Get the client API with github url", async (t) => {
    doTest(t, {
        auth: "xyz",
        url: "https://github.com/some/invalid/url",
    }, undefined, {
        auth: "token xyz",
        baseUrl: "https://api.github.com",
        userAgent: `CodeQL-Action/${pkg.version}`,
    });
 });
 function doTest(t, clientArgs, clientOptions, expected) {
    (0, api_client_1.getApiClient)(clientArgs, clientOptions);
    const firstCallArgs = githubStub.args[0];
    // log is a function, so we don't need to test for equality of it
    delete firstCallArgs[0].log;
    t.deepEqual(firstCallArgs, [expected]);
 }
 //# sourceMappingURL=api-client.test.js.map
--- a/lib/api-client.test.js.map
+++ b/lib/api-client.test.js.map
@@ -1 +1 @@
-{"version":3,"file":"api-client.test.js","sourceRoot":"","sources":["../src/api-client.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uEAAyD;AACzD,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,6CAA4C;AAC5C,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAI,UAA2B,CAAC;AAChC,IAAI,UAA2B,CAAC;AAEhC,aAAI,CAAC,UAAU,CAAC,GAAG,EAAE;IACnB,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACtD,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC1B,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC/B,IAAI,CAAC,qBAAqB,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;AAC7D,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,cAAc,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/B,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAC7E,MAAM,oBAAoB,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC;IACrE,oBAAoB;SACjB,QAAQ,CAAC,mBAAmB,CAAC;SAC7B,OAAO,CAAC,yBAAyB,CAAC,CAAC;IACtC,oBAAoB;SACjB,QAAQ,CAAC,gBAAgB,CAAC;SAC1B,OAAO,CAAC,6BAA6B,CAAC,CAAC;IAE1C,IAAA,yBAAY,GAAE,CAAC;IAEf,CAAC,CAAC,MAAM,CACN,UAAU,CAAC,qBAAqB,CAAC;QAC/B,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,6BAA6B;QACtC,GAAG,EAAE,KAAK,CAAC,KAAK,CAAC,GAAG;QACpB,SAAS,EAAE,iBAAiB,WAAW,CAAC,gBAAgB,EAAE,EAAE;KAC7D,CAAC,CACH,CAAC;AACJ,CAAC,CAAC,CAAC"}
+{"version":3,"file":"api-client.test.js","sourceRoot":"","sources":["../src/api-client.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uEAAyD;AACzD,8CAA6C;AAC7C,6CAA+B;AAE/B,6CAA4C;AAC5C,mDAA6C;AAC7C,iCAAqD;AAErD,8CAA8C;AAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEvC,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAI,UAA2B,CAAC;AAChC,IAAI,UAA2B,CAAC;AAEhC,aAAI,CAAC,UAAU,CAAC,GAAG,EAAE;IACnB,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACtD,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC1B,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC/B,IAAA,4BAAqB,EAAC,WAAI,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;AACnD,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,oBAAoB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACrC,MAAM,CACJ,CAAC,EACD;QACE,IAAI,EAAE,KAAK;QACX,gBAAgB,EAAE,KAAK;QACvB,GAAG,EAAE,gBAAgB;KACtB,EACD,SAAS,EACT;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,uBAAuB;QAChC,SAAS,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;KAC1C,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,6BAA6B,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC9C,MAAM,CACJ,CAAC,EACD;QACE,IAAI,EAAE,KAAK;QACX,gBAAgB,EAAE,KAAK;QACvB,GAAG,EAAE,gBAAgB;KACtB,EACD,EAAE,aAAa,EAAE,IAAI,EAAE,EACvB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,uBAAuB;QAChC,SAAS,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;KAC1C,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,yCAAyC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC1D,MAAM,CACJ,CAAC,EACD;QACE,IAAI,EAAE,KAAK;QACX,GAAG,EAAE,gBAAgB;KACtB,EACD,EAAE,aAAa,EAAE,IAAI,EAAE,EACvB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,uBAAuB;QAChC,SAAS,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;KAC1C,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,oCAAoC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACrD,MAAM,CACJ,CAAC,EACD;QACE,IAAI,EAAE,KAAK;QACX,GAAG,EAAE,qCAAqC;KAC3C,EACD,SAAS,EACT;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,wBAAwB;QACjC,SAAS,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;KAC1C,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,SAAS,MAAM,CACb,CAA4B,EAC5B,UAAe,EACf,aAAkB,EAClB,QAAa;IAEb,IAAA,yBAAY,EAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IAExC,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACzC,iEAAiE;IACjE,OAAO,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC5B,CAAC,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;AACzC,CAAC"}
--- a/lib/api-compatibility.json
+++ b/lib/api-compatibility.json
@@ -1 +1 @@
-{ "maximumVersion": "3.8", "minimumVersion": "3.4" }
+{ "maximumVersion": "3.6", "minimumVersion": "3.2" }
--- a/lib/autobuild-action.js
+++ b/lib/autobuild-action.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -25,16 +21,16 @@ var __importStar = (this && this.__importStar) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const core = __importStar(require("@actions/core"));
 const actions_util_1 = require("./actions-util");
 const api_client_1 = require("./api-client");
 const autobuild_1 = require("./autobuild");
-const configUtils = __importStar(require("./config-utils"));
+const config_utils = __importStar(require("./config-utils"));
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const util_1 = require("./util");
 // eslint-disable-next-line import/no-commonjs
 const pkg = require("../package.json");
 async function sendCompletedStatusReport(startedAt, allLanguages, failingLanguage, cause) {
-    (0, util_1.initializeEnvironment)((0, actions_util_1.getActionVersion)());
+    (0, util_1.initializeEnvironment)(util_1.Mode.actions, pkg.version);
    const status = (0, actions_util_1.getActionsStatus)(cause, failingLanguage);
-    const statusReportBase = await (0, actions_util_1.createStatusReportBase)("autobuild", status, startedAt, cause?.message, cause?.stack);
+    const statusReportBase = await (0, actions_util_1.createStatusReportBase)("autobuild", status, startedAt, cause === null || cause === void 0 ? void 0 : cause.message, cause === null || cause === void 0 ? void 0 : cause.stack);
    const statusReport = {
        ...statusReportBase,
        autobuild_languages: allLanguages.join(","),
@@ -45,41 +41,33 @@ async function sendCompletedStatusReport(startedAt, allLanguages, failingLanguag
 async function run() {
    const startedAt = new Date();
    const logger = (0, logging_1.getActionsLogger)();
-    let currentLanguage = undefined;
+    await (0, util_1.checkActionVersion)(pkg.version);
-    let languages = undefined;
+    let language = undefined;
    try {
        if (!(await (0, actions_util_1.sendStatusReport)(await (0, actions_util_1.createStatusReportBase)("autobuild", "starting", startedAt)))) {
            return;
        }
-        const gitHubVersion = await (0, api_client_1.getGitHubVersion)();
+        const config = await config_utils.getConfig((0, actions_util_1.getTemporaryDirectory)(), logger);
        (0, util_1.checkGitHubVersionInRange)(gitHubVersion, logger);
        const config = await configUtils.getConfig((0, actions_util_1.getTemporaryDirectory)(), logger);
        if (config === undefined) {
            throw new Error("Config file could not be found at expected location. Has the 'init' action been called?");
        }
-        languages = await (0, autobuild_1.determineAutobuildLanguages)(config, logger);
+        language = (0, autobuild_1.determineAutobuildLanguage)(config, logger);
-        if (languages !== undefined) {
+        if (language !== undefined) {
            const workingDirectory = (0, actions_util_1.getOptionalInput)("working-directory");
            if (workingDirectory) {
                logger.info(`Changing autobuilder working directory to ${workingDirectory}`);
                process.chdir(workingDirectory);
            }
-            for (const language of languages) {
+            await (0, autobuild_1.runAutobuild)(language, config, logger);
                currentLanguage = language;
                await (0, autobuild_1.runAutobuild)(language, config, logger);
                if (language === languages_1.Language.go) {
                    core.exportVariable(util_1.DID_AUTOBUILD_GO_ENV_VAR_NAME, "true");
                }
            }
        }
    }
    catch (error) {
        core.setFailed(`We were unable to automatically build your code. Please replace the call to the autobuild action with your custom build steps.  ${error instanceof Error ? error.message : String(error)}`);
        console.log(error);
-        await sendCompletedStatusReport(startedAt, languages ?? [], currentLanguage, error instanceof Error ? error : new Error(String(error)));
+        await sendCompletedStatusReport(startedAt, language ? [language] : [], language, error instanceof Error ? error : new Error(String(error)));
        return;
    }
-    await sendCompletedStatusReport(startedAt, languages ?? []);
+    await sendCompletedStatusReport(startedAt, language ? [language] : []);
 }
 async function runWrapper() {
    try {
--- a/lib/autobuild-action.js.map
+++ b/lib/autobuild-action.js.map
@@ -1 +1 @@
-{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAQwB;AACxB,6CAAgD;AAChD,2CAAwE;AACxE,4DAA8C;AAC9C,2CAAuC;AACvC,uCAA6C;AAC7C,iCAIgB;AAShB,KAAK,UAAU,yBAAyB,CACtC,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;IAEb,IAAA,4BAAqB,EAAC,IAAA,+BAAgB,GAAE,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,qCAAsB,EACnD,WAAW,EACX,MAAM,EACN,SAAS,EACT,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAA0B;QAC1C,GAAG,gBAAgB;QACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,iBAAiB,EAAE,eAAe;KACnC,CAAC;IACF,MAAM,IAAA,+BAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,IAAI,eAAe,GAAyB,SAAS,CAAC;IACtD,IAAI,SAAS,GAA2B,SAAS,CAAC;IAClD,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,+BAAgB,EACtB,MAAM,IAAA,qCAAsB,EAAC,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC,CACjE,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,SAAS,GAAG,MAAM,IAAA,uCAA2B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,SAAS,KAAK,SAAS,EAAE;YAC3B,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,gBAAgB,EAAE;gBACpB,MAAM,CAAC,IAAI,CACT,6CAA6C,gBAAgB,EAAE,CAChE,CAAC;gBACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;aACjC;YACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;gBAChC,eAAe,GAAG,QAAQ,CAAC;gBAC3B,MAAM,IAAA,wBAAY,EAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;gBAC7C,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE;oBAC5B,IAAI,CAAC,cAAc,CAAC,oCAA6B,EAAE,MAAM,CAAC,CAAC;iBAC5D;aACF;SACF;KACF;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CACZ,mIACE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CACvD,EAAE,CACH,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,yBAAyB,CAC7B,SAAS,EACT,SAAS,IAAI,EAAE,EACf,eAAe,EACf,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;QACF,OAAO;KACR;IAED,MAAM,yBAAyB,CAAC,SAAS,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC;AAC9D,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,4BAA4B,KAAK,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAOwB;AACxB,2CAAuE;AACvE,6DAA+C;AAE/C,uCAA6C;AAC7C,iCAAyE;AAEzE,8CAA8C;AAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AASvC,KAAK,UAAU,yBAAyB,CACtC,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;IAEb,IAAA,4BAAqB,EAAC,WAAI,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;IAEjD,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,qCAAsB,EACnD,WAAW,EACX,MAAM,EACN,SAAS,EACT,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,EACd,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAA0B;QAC1C,GAAG,gBAAgB;QACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,iBAAiB,EAAE,eAAe;KACnC,CAAC;IACF,MAAM,IAAA,+BAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,IAAA,yBAAkB,EAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACtC,IAAI,QAAQ,GAAyB,SAAS,CAAC;IAC/C,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,+BAAgB,EACtB,MAAM,IAAA,qCAAsB,EAAC,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC,CACjE,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,CACzC,IAAA,oCAAqB,GAAE,EACvB,MAAM,CACP,CAAC;QACF,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QACD,QAAQ,GAAG,IAAA,sCAA0B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtD,IAAI,QAAQ,KAAK,SAAS,EAAE;YAC1B,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,gBAAgB,EAAE;gBACpB,MAAM,CAAC,IAAI,CACT,6CAA6C,gBAAgB,EAAE,CAChE,CAAC;gBACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;aACjC;YACD,MAAM,IAAA,wBAAY,EAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;SAC9C;KACF;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CACZ,mIACE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CACvD,EAAE,CACH,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,yBAAyB,CAC7B,SAAS,EACT,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,EAC1B,QAAQ,EACR,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;QACF,OAAO;KACR;IAED,MAAM,yBAAyB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;AACzE,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,4BAA4B,KAAK,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
--- a/lib/autobuild.js
+++ b/lib/autobuild.js
@@ -1,75 +1,28 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.runAutobuild = exports.determineAutobuildLanguages = void 0;
+exports.runAutobuild = exports.determineAutobuildLanguage = void 0;
 const codeql_1 = require("./codeql");
 const languages_1 = require("./languages");
-async function determineAutobuildLanguages(config, logger) {
+function determineAutobuildLanguage(config, logger) {
    // Attempt to find a language to autobuild
    // We want pick the dominant language in the repo from the ones we're able to build
    // The languages are sorted in order specified by user or by lines of code if we got
    // them from the GitHub API, so try to build the first language on the list.
-    const autobuildLanguages = config.languages.filter((l) => (0, languages_1.isTracedLanguage)(l));
+    const autobuildLanguages = config.languages.filter(languages_1.isTracedLanguage);
-    if (!autobuildLanguages) {
+    const language = autobuildLanguages[0];
    if (!language) {
        logger.info("None of the languages in this project require extra build steps");
        return undefined;
    }
-    /**
+    logger.debug(`Detected dominant traced language: ${language}`);
-     * Additionally autobuild Go in the autobuild Action to ensure backwards
+    if (autobuildLanguages.length > 1) {
-     * compatibility for users performing a multi-language build within a single
+        logger.warning(`We will only automatically build ${language} code. If you wish to scan ${autobuildLanguages
     * job.
     *
     * For example, consider a user with the following workflow file:
     *
     * ```yml
     * - uses: github/codeql-action/init@v2
     *   with:
     *     languages: go, java
     * - uses: github/codeql-action/autobuild@v2
     * - uses: github/codeql-action/analyze@v2
     * ```
     *
     * - With Go extraction disabled, we will run the Java autobuilder in the
     *   autobuild Action, ensuring we extract both Java and Go code.
     * - With Go extraction enabled, taking the previous behavior we'd run the Go
     *   autobuilder, since Go is first on the list of languages. We wouldn't run
     *   the Java autobuilder at all and so we'd only extract Go code.
     *
     * We therefore introduce a special case here such that we'll autobuild Go
     * in addition to the primary non-Go traced language in the autobuild Action.
     *
     * This special case behavior should be removed as part of the next major
     * version of the CodeQL Action.
     */
    const autobuildLanguagesWithoutGo = autobuildLanguages.filter((l) => l !== languages_1.Language.go);
    const languages = [];
    // First run the autobuilder for the first non-Go traced language, if one
    // exists.
    if (autobuildLanguagesWithoutGo[0] !== undefined) {
        languages.push(autobuildLanguagesWithoutGo[0]);
    }
    // If Go is requested, run the Go autobuilder last to ensure it doesn't
    // interfere with the other autobuilder.
    if (autobuildLanguages.length !== autobuildLanguagesWithoutGo.length) {
        languages.push(languages_1.Language.go);
    }
    logger.debug(`Will autobuild ${languages.join(" and ")}.`);
    // In general the autobuilders for other traced languages may conflict with
    // each other. Therefore if a user has requested more than one non-Go traced
    // language, we ask for manual build steps.
    // Matrixing the build would also work, but that would change the SARIF
    // categories, potentially leading to a "stale tips" situation where alerts
    // that should be fixed remain on a repo since they are linked to SARIF
    // categories that are no longer updated.
    if (autobuildLanguagesWithoutGo.length > 1) {
        logger.warning(`We will only automatically build ${languages.join(" and ")} code. If you wish to scan ${autobuildLanguagesWithoutGo
            .slice(1)
-            .join(" and ")}, you must replace the autobuild step of your workflow with custom build steps. ` +
+            .join(" and ")}, you must replace this call with custom build steps.`);
            "For more information, see " +
            "https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language");
    }
-    return languages;
+    return language;
 }
-exports.determineAutobuildLanguages = determineAutobuildLanguages;
+exports.determineAutobuildLanguage = determineAutobuildLanguage;
 async function runAutobuild(language, config, logger) {
    logger.startGroup(`Attempting to automatically build ${language} code`);
    const codeQL = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
--- a/lib/autobuild.js.map
+++ b/lib/autobuild.js.map
@@ -1 +1 @@
-{"version":3,"file":"autobuild.js","sourceRoot":"","sources":["../src/autobuild.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AAErC,2CAAyD;AAGlD,KAAK,UAAU,2BAA2B,CAC/C,MAA0B,EAC1B,MAAc;IAEd,0CAA0C;IAC1C,mFAAmF;IACnF,oFAAoF;IACpF,4EAA4E;IAC5E,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvD,IAAA,4BAAgB,EAAC,CAAC,CAAC,CACpB,CAAC;IAEF,IAAI,CAAC,kBAAkB,EAAE;QACvB,MAAM,CAAC,IAAI,CACT,iEAAiE,CAClE,CAAC;QACF,OAAO,SAAS,CAAC;KAClB;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,MAAM,2BAA2B,GAAG,kBAAkB,CAAC,MAAM,CAC3D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,oBAAQ,CAAC,EAAE,CACzB,CAAC;IAEF,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,yEAAyE;IACzE,UAAU;IACV,IAAI,2BAA2B,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE;QAChD,SAAS,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,CAAC;KAChD;IACD,uEAAuE;IACvE,wCAAwC;IACxC,IAAI,kBAAkB,CAAC,MAAM,KAAK,2BAA2B,CAAC,MAAM,EAAE;QACpE,SAAS,CAAC,IAAI,CAAC,oBAAQ,CAAC,EAAE,CAAC,CAAC;KAC7B;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAE3D,2EAA2E;IAC3E,4EAA4E;IAC5E,2CAA2C;IAC3C,uEAAuE;IACvE,2EAA2E;IAC3E,uEAAuE;IACvE,yCAAyC;IACzC,IAAI,2BAA2B,CAAC,MAAM,GAAG,CAAC,EAAE;QAC1C,MAAM,CAAC,OAAO,CACZ,oCAAoC,SAAS,CAAC,IAAI,CAChD,OAAO,CACR,8BAA8B,2BAA2B;aACvD,KAAK,CAAC,CAAC,CAAC;aACR,IAAI,CACH,OAAO,CACR,kFAAkF;YACnF,4BAA4B;YAC5B,0NAA0N,CAC7N,CAAC;KACH;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAtFD,kEAsFC;AAEM,KAAK,UAAU,YAAY,CAChC,QAAkB,EAClB,MAA0B,EAC1B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,qCAAqC,QAAQ,OAAO,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACjD,MAAM,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IACpC,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AATD,oCASC"}
+{"version":3,"file":"autobuild.js","sourceRoot":"","sources":["../src/autobuild.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AAErC,2CAAyD;AAGzD,SAAgB,0BAA0B,CACxC,MAA2B,EAC3B,MAAc;IAEd,0CAA0C;IAC1C,mFAAmF;IACnF,oFAAoF;IACpF,4EAA4E;IAC5E,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,4BAAgB,CAAC,CAAC;IACrE,MAAM,QAAQ,GAAG,kBAAkB,CAAC,CAAC,CAAC,CAAC;IAEvC,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,CAAC,IAAI,CACT,iEAAiE,CAClE,CAAC;QACF,OAAO,SAAS,CAAC;KAClB;IAED,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;IAE/D,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE;QACjC,MAAM,CAAC,OAAO,CACZ,oCAAoC,QAAQ,8BAA8B,kBAAkB;aACzF,KAAK,CAAC,CAAC,CAAC;aACR,IAAI,CAAC,OAAO,CAAC,uDAAuD,CACxE,CAAC;KACH;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AA7BD,gEA6BC;AAEM,KAAK,UAAU,YAAY,CAChC,QAAkB,EAClB,MAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,qCAAqC,QAAQ,OAAO,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACjD,MAAM,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IACpC,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AATD,oCASC"}
--- a/lib/codeql.js
+++ b/lib/codeql.js
@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
      desc = { enumerable: true, get: function() { return m[k]; } };
    }
    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
    if (k2 === undefined) k2 = k;
    o[k2] = m[k];
@@ -22,25 +18,33 @@ var __importStar = (this && this.__importStar) || function (mod) {
    __setModuleDefault(result, mod);
    return result;
 };
 var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_TRACING_GLIBC_2_34 = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
+exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.convertToSemVer = exports.getCodeQLURLVersion = exports.setupCodeQL = exports.getCodeQLActionRepository = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_ML_POWERED_QUERIES = exports.CODEQL_VERSION_COUNTS_LINES = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
-const yaml = __importStar(require("js-yaml"));
+const toolcache = __importStar(require("@actions/tool-cache"));
 const fast_deep_equal_1 = __importDefault(require("fast-deep-equal"));
 const query_string_1 = __importDefault(require("query-string"));
 const semver = __importStar(require("semver"));
 const uuid_1 = require("uuid");
 const actions_util_1 = require("./actions-util");
 const api = __importStar(require("./api-client"));
 const defaults = __importStar(require("./defaults.json")); // Referenced from codeql-action-sync-tool!
 const error_matcher_1 = require("./error-matcher");
 const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
 const setupCodeql = __importStar(require("./setup-codeql"));
 const toolrunner_error_catcher_1 = require("./toolrunner-error-catcher");
 const trap_caching_1 = require("./trap-caching");
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
 class CommandInvocationError extends Error {
-    constructor(cmd, args, exitCode, error, output) {
+    constructor(cmd, args, exitCode, error) {
        super(`Failure invoking ${cmd} with arguments ${args}.\n
      Exit code ${exitCode} and error was:\n
      ${error}`);
        this.output = output;
    }
 }
 exports.CommandInvocationError = CommandInvocationError;
@@ -49,25 +53,32 @@ exports.CommandInvocationError = CommandInvocationError;
 * Can be overridden in tests using `setCodeQL`.
 */
 let cachedCodeQL = undefined;
 const CODEQL_BUNDLE_VERSION = defaults.bundleVersion;
 const CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action";
 /**
 * The oldest version of CodeQL that the Action will run with. This should be
- * at least three minor versions behind the current version and must include the
+ * at least three minor versions behind the current version. The version flags
- * CLI versions shipped with each supported version of GHES.
+ * below can be used to conditionally enable certain features on versions newer
 * than this. Please record the reason we cannot support an older version.
 *
- * The version flags below can be used to conditionally enable certain features
+ * Reason: First version containing fix for the "We still have not reached
- * on versions newer than this.
+ * idleness" deadlock.
 */
-const CODEQL_MINIMUM_VERSION = "2.6.3";
+const CODEQL_MINIMUM_VERSION = "2.4.5";
 /**
 * Versions of CodeQL that version-flag certain functionality in the Action.
 * For convenience, please keep these in descending order. Once a version
 * flag is older than the oldest supported version above, it may be removed.
 */
 const CODEQL_VERSION_RAM_FINALIZE = "2.5.8";
 const CODEQL_VERSION_DIAGNOSTICS = "2.5.6";
 const CODEQL_VERSION_METRICS = "2.5.5";
 const CODEQL_VERSION_GROUP_RULES = "2.5.5";
 const CODEQL_VERSION_SARIF_GROUP = "2.5.3";
 exports.CODEQL_VERSION_COUNTS_LINES = "2.6.2";
 const CODEQL_VERSION_CUSTOM_QUERY_HELP = "2.7.1";
 exports.CODEQL_VERSION_ML_POWERED_QUERIES = "2.7.5";
 const CODEQL_VERSION_LUA_TRACER_CONFIG = "2.10.0";
 const CODEQL_VERSION_LUA_TRACING_GO_WINDOWS_FIXED = "2.10.4";
 exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = "2.10.4";
 const CODEQL_VERSION_FILE_BASELINE_INFORMATION = "2.11.3";
 /**
 * This variable controls using the new style of tracing from the CodeQL
 * CLI. In particular, with versions above this we will use both indirect
@@ -78,42 +89,197 @@ const CODEQL_VERSION_FILE_BASELINE_INFORMATION = "2.11.3";
 * versions above that.
 */
 exports.CODEQL_VERSION_NEW_TRACING = "2.7.0";
 /**
 * Versions 2.7.3+ of the CodeQL CLI support build tracing with glibc 2.34 on Linux. Versions before
 * this cannot perform build tracing when running on the Actions `ubuntu-22.04` runner image.
 */
 exports.CODEQL_VERSION_TRACING_GLIBC_2_34 = "2.7.3";
 /**
 * Versions 2.9.0+ of the CodeQL CLI run machine learning models from a temporary directory, which
 * resolves an issue on Windows where TensorFlow models are not correctly loaded due to the path of
 * some of their files being greater than MAX_PATH (260 characters).
 */
 exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = "2.9.0";
-/**
+function getCodeQLBundleName() {
- * Previous versions had the option already, but were missing the
+    let platform;
- * --extractor-options-verbosity that we need.
+    if (process.platform === "win32") {
- */
+        platform = "win64";
-exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = "2.10.3";
+    }
-/**
+    else if (process.platform === "linux") {
- * Versions 2.11.1+ of the CodeQL Bundle include a `security-experimental` built-in query suite for each language.
+        platform = "linux64";
- */
+    }
-exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = "2.12.1";
+    else if (process.platform === "darwin") {
        platform = "osx64";
    }
    else {
        return "codeql-bundle.tar.gz";
    }
    return `codeql-bundle-${platform}.tar.gz`;
 }
 function getCodeQLActionRepository(logger) {
    if (!util.isActions()) {
        return CODEQL_DEFAULT_ACTION_REPOSITORY;
    }
    else {
        return getActionsCodeQLActionRepository(logger);
    }
 }
 exports.getCodeQLActionRepository = getCodeQLActionRepository;
 function getActionsCodeQLActionRepository(logger) {
    if (process.env["GITHUB_ACTION_REPOSITORY"] !== undefined) {
        return process.env["GITHUB_ACTION_REPOSITORY"];
    }
    // The Actions Runner used with GitHub Enterprise Server 2.22 did not set the GITHUB_ACTION_REPOSITORY variable.
    // This fallback logic can be removed after the end-of-support for 2.22 on 2021-09-23.
    if ((0, actions_util_1.isRunningLocalAction)()) {
        // This handles the case where the Action does not come from an Action repository,
        // e.g. our integration tests which use the Action code from the current checkout.
        logger.info("The CodeQL Action is checked out locally. Using the default CodeQL Action repository.");
        return CODEQL_DEFAULT_ACTION_REPOSITORY;
    }
    logger.info("GITHUB_ACTION_REPOSITORY environment variable was not set. Falling back to legacy method of finding the GitHub Action.");
    const relativeScriptPathParts = (0, actions_util_1.getRelativeScriptPath)().split(path.sep);
    return `${relativeScriptPathParts[0]}/${relativeScriptPathParts[1]}`;
 }
 async function getCodeQLBundleDownloadURL(apiDetails, variant, logger) {
    const codeQLActionRepository = getCodeQLActionRepository(logger);
    const potentialDownloadSources = [
        // This GitHub instance, and this Action.
        [apiDetails.url, codeQLActionRepository],
        // This GitHub instance, and the canonical Action.
        [apiDetails.url, CODEQL_DEFAULT_ACTION_REPOSITORY],
        // GitHub.com, and the canonical Action.
        [util.GITHUB_DOTCOM_URL, CODEQL_DEFAULT_ACTION_REPOSITORY],
    ];
    // We now filter out any duplicates.
    // Duplicates will happen either because the GitHub instance is GitHub.com, or because the Action is not a fork.
    const uniqueDownloadSources = potentialDownloadSources.filter((source, index, self) => {
        return !self.slice(0, index).some((other) => (0, fast_deep_equal_1.default)(source, other));
    });
    const codeQLBundleName = getCodeQLBundleName();
    if (variant === util.GitHubVariant.GHAE) {
        try {
            const release = await api
                .getApiClient(apiDetails)
                .request("GET /enterprise/code-scanning/codeql-bundle/find/{tag}", {
                tag: CODEQL_BUNDLE_VERSION,
            });
            const assetID = release.data.assets[codeQLBundleName];
            if (assetID !== undefined) {
                const download = await api
                    .getApiClient(apiDetails)
                    .request("GET /enterprise/code-scanning/codeql-bundle/download/{asset_id}", { asset_id: assetID });
                const downloadURL = download.data.url;
                logger.info(`Found CodeQL bundle at GitHub AE endpoint with URL ${downloadURL}.`);
                return downloadURL;
            }
            else {
                logger.info(`Attempted to fetch bundle from GitHub AE endpoint but the bundle ${codeQLBundleName} was not found in the assets ${JSON.stringify(release.data.assets)}.`);
            }
        }
        catch (e) {
            logger.info(`Attempted to fetch bundle from GitHub AE endpoint but got error ${e}.`);
        }
    }
    for (const downloadSource of uniqueDownloadSources) {
        const [apiURL, repository] = downloadSource;
        // If we've reached the final case, short-circuit the API check since we know the bundle exists and is public.
        if (apiURL === util.GITHUB_DOTCOM_URL &&
            repository === CODEQL_DEFAULT_ACTION_REPOSITORY) {
            break;
        }
        const [repositoryOwner, repositoryName] = repository.split("/");
        try {
            const release = await api.getApiClient(apiDetails).repos.getReleaseByTag({
                owner: repositoryOwner,
                repo: repositoryName,
                tag: CODEQL_BUNDLE_VERSION,
            });
            for (const asset of release.data.assets) {
                if (asset.name === codeQLBundleName) {
                    logger.info(`Found CodeQL bundle in ${downloadSource[1]} on ${downloadSource[0]} with URL ${asset.url}.`);
                    return asset.url;
                }
            }
        }
        catch (e) {
            logger.info(`Looked for CodeQL bundle in ${downloadSource[1]} on ${downloadSource[0]} but got error ${e}.`);
        }
    }
    return `https://github.com/${CODEQL_DEFAULT_ACTION_REPOSITORY}/releases/download/${CODEQL_BUNDLE_VERSION}/${codeQLBundleName}`;
 }
 /**
 * Set up CodeQL CLI access.
 *
- * @param toolsInput
+ * @param codeqlURL
 * @param apiDetails
 * @param tempDir
 * @param variant
 * @param defaultCliVersion
 * @param logger
 * @param checkVersion Whether to check that CodeQL CLI meets the minimum
 *        version requirement. Must be set to true outside tests.
- * @returns a { CodeQL, toolsVersion } object.
+ * @returns
 */
-async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger, checkVersion) {
+async function setupCodeQL(codeqlURL, apiDetails, tempDir, variant, logger, checkVersion) {
    try {
-        const { codeqlFolder, toolsDownloadDurationMs, toolsSource, toolsVersion } = await setupCodeql.setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger);
+        // We use the special value of 'latest' to prioritize the version in the
        // defaults over any pinned cached version.
        const forceLatest = codeqlURL === "latest";
        if (forceLatest) {
            codeqlURL = undefined;
        }
        let codeqlFolder;
        let codeqlURLVersion;
        if (codeqlURL && !codeqlURL.startsWith("http")) {
            codeqlFolder = await toolcache.extractTar(codeqlURL);
            codeqlURLVersion = "local";
        }
        else {
            codeqlURLVersion = getCodeQLURLVersion(codeqlURL || `/${CODEQL_BUNDLE_VERSION}/`);
            const codeqlURLSemVer = convertToSemVer(codeqlURLVersion, logger);
            // If we find the specified version, we always use that.
            codeqlFolder = toolcache.find("CodeQL", codeqlURLSemVer);
            // If we don't find the requested version, in some cases we may allow a
            // different version to save download time if the version hasn't been
            // specified explicitly (in which case we always honor it).
            if (!codeqlFolder && !codeqlURL && !forceLatest) {
                const codeqlVersions = toolcache.findAllVersions("CodeQL");
                if (codeqlVersions.length === 1 && (0, util_1.isGoodVersion)(codeqlVersions[0])) {
                    const tmpCodeqlFolder = toolcache.find("CodeQL", codeqlVersions[0]);
                    if (fs.existsSync(path.join(tmpCodeqlFolder, "pinned-version"))) {
                        logger.debug(`CodeQL in cache overriding the default ${CODEQL_BUNDLE_VERSION}`);
                        codeqlFolder = tmpCodeqlFolder;
                    }
                }
            }
            if (codeqlFolder) {
                logger.debug(`CodeQL found in cache ${codeqlFolder}`);
            }
            else {
                if (!codeqlURL) {
                    codeqlURL = await getCodeQLBundleDownloadURL(apiDetails, variant, logger);
                }
                const parsedCodeQLURL = new URL(codeqlURL);
                const parsedQueryString = query_string_1.default.parse(parsedCodeQLURL.search);
                const headers = {
                    accept: "application/octet-stream",
                };
                // We only want to provide an authorization header if we are downloading
                // from the same GitHub instance the Action is running on.
                // This avoids leaking Enterprise tokens to dotcom.
                // We also don't want to send an authorization header if there's already a token provided in the URL.
                if (codeqlURL.startsWith(`${apiDetails.url}/`) &&
                    parsedQueryString["token"] === undefined) {
                    logger.debug("Downloading CodeQL bundle with token.");
                    headers.authorization = `token ${apiDetails.auth}`;
                }
                else {
                    logger.debug("Downloading CodeQL bundle without token.");
                }
                logger.info(`Downloading CodeQL tools from ${codeqlURL}. This may take a while.`);
                const dest = path.join(tempDir, (0, uuid_1.v4)());
                const finalHeaders = Object.assign({ "User-Agent": "CodeQL Action" }, headers);
                const codeqlPath = await toolcache.downloadTool(codeqlURL, dest, undefined, finalHeaders);
                logger.debug(`CodeQL bundle download to ${codeqlPath} complete.`);
                const codeqlExtracted = await toolcache.extractTar(codeqlPath);
                codeqlFolder = await toolcache.cacheDir(codeqlExtracted, "CodeQL", codeqlURLSemVer);
            }
        }
        let codeqlCmd = path.join(codeqlFolder, "codeql", "codeql");
        if (process.platform === "win32") {
            codeqlCmd += ".exe";
@@ -122,12 +288,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV
            throw new Error(`Unsupported platform: ${process.platform}`);
        }
        cachedCodeQL = await getCodeQLForCmd(codeqlCmd, checkVersion);
-        return {
+        return { codeql: cachedCodeQL, toolsVersion: codeqlURLVersion };
            codeql: cachedCodeQL,
            toolsDownloadDurationMs,
            toolsSource,
            toolsVersion,
        };
    }
    catch (e) {
        logger.error(e instanceof Error ? e : new Error(String(e)));
@@ -135,6 +296,26 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV
    }
 }
 exports.setupCodeQL = setupCodeQL;
 function getCodeQLURLVersion(url) {
    const match = url.match(/\/codeql-bundle-(.*)\//);
    if (match === null || match.length < 2) {
        throw new Error(`Malformed tools url: ${url}. Version could not be inferred`);
    }
    return match[1];
 }
 exports.getCodeQLURLVersion = getCodeQLURLVersion;
 function convertToSemVer(version, logger) {
    if (!semver.valid(version)) {
        logger.debug(`Bundle version ${version} is not in SemVer format. Will treat it as pre-release 0.0.0-${version}.`);
        version = `0.0.0-${version}`;
    }
    const s = semver.clean(version);
    if (!s) {
        throw new Error(`Bundle version ${version} is not in SemVer format.`);
    }
    return s;
 }
 exports.convertToSemVer = convertToSemVer;
 /**
 * Use the CodeQL executable located at the given path.
 */
@@ -175,7 +356,6 @@ function setCodeQL(partialCodeql) {
        extractScannedLanguage: resolveFunction(partialCodeql, "extractScannedLanguage"),
        finalizeDatabase: resolveFunction(partialCodeql, "finalizeDatabase"),
        resolveLanguages: resolveFunction(partialCodeql, "resolveLanguages"),
        betterResolveLanguages: resolveFunction(partialCodeql, "betterResolveLanguages"),
        resolveQueries: resolveFunction(partialCodeql, "resolveQueries"),
        packDownload: resolveFunction(partialCodeql, "packDownload"),
        databaseCleanup: resolveFunction(partialCodeql, "databaseCleanup"),
@@ -183,7 +363,6 @@ function setCodeQL(partialCodeql) {
        databaseRunQueries: resolveFunction(partialCodeql, "databaseRunQueries"),
        databaseInterpretResults: resolveFunction(partialCodeql, "databaseInterpretResults"),
        databasePrintBaseline: resolveFunction(partialCodeql, "databasePrintBaseline"),
        diagnosticsExport: resolveFunction(partialCodeql, "diagnosticsExport"),
    };
    return cachedCodeQL;
 }
@@ -264,32 +443,15 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            // action/runner has been implemented in `codeql database trace-command`
            // _and_ is present in the latest supported CLI release.)
            const envFile = path.resolve(databasePath, "working", "env.tmp");
-            try {
+            await runTool(cmd, [
-                await runTool(cmd, [
+                "database",
-                    "database",
+                "trace-command",
-                    "trace-command",
+                databasePath,
-                    databasePath,
+                ...getExtraOptionsFromEnv(["database", "trace-command"]),
-                    ...getExtraOptionsFromEnv(["database", "trace-command"]),
+                process.execPath,
-                    process.execPath,
+                tracerEnvJs,
-                    tracerEnvJs,
+                envFile,
-                    envFile,
+            ]);
                ]);
            }
            catch (e) {
                if (e instanceof CommandInvocationError &&
                    e.output.includes("undefined symbol: __libc_dlopen_mode, version GLIBC_PRIVATE") &&
                    process.platform === "linux" &&
                    !(await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_TRACING_GLIBC_2_34))) {
                    throw new util.UserError("The CodeQL CLI is incompatible with the version of glibc on your system. " +
                        `Please upgrade to CodeQL CLI version ${exports.CODEQL_VERSION_TRACING_GLIBC_2_34} or ` +
                        "later. If you cannot upgrade to a newer version of the CodeQL CLI, you can " +
                        `alternatively run your workflow on another runner image such as "ubuntu-20.04" ` +
                        "that has glibc 2.33 or earlier installed.");
                }
                else {
                    throw e;
                }
            }
            return JSON.parse(fs.readFileSync(envFile, "utf-8"));
        },
        async databaseInit(databasePath, language, sourceRoot) {
@@ -302,33 +464,26 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                ...getExtraOptionsFromEnv(["database", "init"]),
            ]);
        },
-        async databaseInitCluster(config, sourceRoot, processName, featureEnablement, logger) {
+        async databaseInitCluster(config, sourceRoot, processName, processLevel, featureFlags) {
            const extraArgs = config.languages.map((language) => `--language=${language}`);
-            if (config.languages.filter((l) => (0, languages_1.isTracedLanguage)(l)).length > 0) {
+            if (config.languages.filter(languages_1.isTracedLanguage).length > 0) {
                extraArgs.push("--begin-tracing");
-                extraArgs.push(...(await (0, trap_caching_1.getTrapCachingExtractorConfigArgs)(config)));
+                if (processName !== undefined) {
-                extraArgs.push(`--trace-process-name=${processName}`);
+                    extraArgs.push(`--trace-process-name=${processName}`);
                if (
                // There's a bug in Lua tracing for Go on Windows in versions earlier than
                // `CODEQL_VERSION_LUA_TRACING_GO_WINDOWS_FIXED`, so don't use Lua tracing
                // when tracing Go on Windows on these CodeQL versions.
                (await util.codeQlVersionAbove(this, CODEQL_VERSION_LUA_TRACER_CONFIG)) &&
                    config.languages.includes(languages_1.Language.go) &&
                    (0, languages_1.isTracedLanguage)(languages_1.Language.go) &&
                    process.platform === "win32" &&
                    !(await util.codeQlVersionAbove(this, CODEQL_VERSION_LUA_TRACING_GO_WINDOWS_FIXED))) {
                    extraArgs.push("--no-internal-use-lua-tracing");
                }
-            }
+                else {
-            // A config file is only generated if the CliConfigFileEnabled feature flag is enabled.
+                    // We default to 3 if no other arguments are provided since this was the default
-            const configLocation = await generateCodeScanningConfig(codeql, config, featureEnablement, logger);
+                    // behaviour of the Runner. Note this path never happens in the CodeQL Action
-            // Only pass external repository token if a config file is going to be parsed by the CLI.
+                    // because that always passes in a process name.
-            let externalRepositoryToken;
+                    extraArgs.push(`--trace-process-level=${processLevel || 3}`);
-            if (configLocation) {
+                }
-                extraArgs.push(`--codescanning-config=${configLocation}`);
+                if (await util.codeQlVersionAbove(this, CODEQL_VERSION_LUA_TRACER_CONFIG)) {
-                externalRepositoryToken = (0, actions_util_1.getOptionalInput)("external-repository-token");
+                    if (await featureFlags.getValue(feature_flags_1.FeatureFlag.LuaTracerConfigEnabled)) {
-                if (externalRepositoryToken) {
+                        extraArgs.push("--internal-use-lua-tracing");
-                    extraArgs.push("--external-repository-token-stdin");
+                    }
                    else {
                        extraArgs.push("--no-internal-use-lua-tracing");
                    }
                }
            }
            await runTool(cmd, [
@@ -339,13 +494,11 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                `--source-root=${sourceRoot}`,
                ...extraArgs,
                ...getExtraOptionsFromEnv(["database", "init"]),
-            ], { stdin: externalRepositoryToken });
+            ]);
        },
        async runAutobuild(language) {
            const cmdName = process.platform === "win32" ? "autobuild.cmd" : "autobuild.sh";
-            // The autobuilder for Swift is located in the experimental/ directory.
+            const autobuildCmd = path.join(path.dirname(cmd), language, "tools", cmdName);
            const possibleExperimentalDir = language === languages_1.Language.swift ? "experimental" : "";
            const autobuildCmd = path.join(path.dirname(cmd), possibleExperimentalDir, language, "tools", cmdName);
            // Update JAVA_TOOL_OPTIONS to contain '-Dhttp.keepAlive=false'
            // This is because of an issue with Azure pipelines timing out connections after 4 minutes
            // and Maven not properly handling closed connections
@@ -372,12 +525,8 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            // (https://github.com/actions/runner/pull/416).
            await runTool(autobuildCmd);
        },
-        async extractScannedLanguage(config, language) {
+        async extractScannedLanguage(databasePath, language, featureFlags) {
            const databasePath = util.getCodeQLDatabasePath(config, language);
            // Get extractor location
            //
            // Request it using `format=json` so we don't need to strip the trailing new line generated by
            // the CLI.
            let extractorPath = "";
            await new toolrunner.ToolRunner(cmd, [
                "resolve",
@@ -399,11 +548,20 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            // Set trace command
            const ext = process.platform === "win32" ? ".cmd" : ".sh";
            const traceCommand = path.resolve(JSON.parse(extractorPath), "tools", `autobuild${ext}`);
            const extraArgs = [];
            if (await util.codeQlVersionAbove(this, CODEQL_VERSION_LUA_TRACER_CONFIG)) {
                if (await featureFlags.getValue(feature_flags_1.FeatureFlag.LuaTracerConfigEnabled)) {
                    extraArgs.push("--internal-use-lua-tracing");
                }
                else {
                    extraArgs.push("--no-internal-use-lua-tracing");
                }
            }
            // Run trace command
            await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)(cmd, [
                "database",
                "trace-command",
-                ...(await (0, trap_caching_1.getTrapCachingExtractorConfigArgsForLang)(config, language)),
+                ...extraArgs,
                ...getExtraOptionsFromEnv(["database", "trace-command"]),
                databasePath,
                "--",
@@ -416,10 +574,11 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                "finalize",
                "--finalize-dataset",
                threadsFlag,
                memoryFlag,
                ...getExtraOptionsFromEnv(["database", "finalize"]),
                databasePath,
            ];
            if (await util.codeQlVersionAbove(this, CODEQL_VERSION_RAM_FINALIZE))
                args.push(memoryFlag);
            await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)(cmd, args, error_matcher_1.errorMatchers);
        },
        async resolveLanguages() {
@@ -437,22 +596,6 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                throw new Error(`Unexpected output from codeql resolve languages: ${e}`);
            }
        },
        async betterResolveLanguages() {
            const codeqlArgs = [
                "resolve",
                "languages",
                "--format=betterjson",
                "--extractor-options-verbosity=4",
                ...getExtraOptionsFromEnv(["resolve", "languages"]),
            ];
            const output = await runTool(cmd, codeqlArgs);
            try {
                return JSON.parse(output);
            }
            catch (e) {
                throw new Error(`Unexpected output from codeql resolve languages with --format=betterjson: ${e}`);
            }
        },
        async resolveQueries(queries, extraSearchPath) {
            const codeqlArgs = [
                "resolve",
@@ -486,10 +629,8 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            if (extraSearchPath !== undefined) {
                codeqlArgs.push("--additional-packs", extraSearchPath);
            }
-            if (querySuitePath) {
+            codeqlArgs.push(querySuitePath);
-                codeqlArgs.push(querySuitePath);
+            await runTool(cmd, codeqlArgs);
            }
            await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)(cmd, codeqlArgs, error_matcher_1.errorMatchers);
        },
        async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, automationDetailsId) {
            const codeqlArgs = [
@@ -500,26 +641,24 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                verbosityFlag,
                `--output=${sarifFile}`,
                addSnippetsFlag,
                "--print-diagnostics-summary",
                "--print-metrics-summary",
                "--sarif-group-rules-by-pack",
                ...getExtraOptionsFromEnv(["database", "interpret-results"]),
            ];
            if (await util.codeQlVersionAbove(this, CODEQL_VERSION_DIAGNOSTICS))
                codeqlArgs.push("--print-diagnostics-summary");
            if (await util.codeQlVersionAbove(this, CODEQL_VERSION_METRICS))
                codeqlArgs.push("--print-metrics-summary");
            if (await util.codeQlVersionAbove(this, CODEQL_VERSION_GROUP_RULES))
                codeqlArgs.push("--sarif-group-rules-by-pack");
            if (await util.codeQlVersionAbove(this, CODEQL_VERSION_CUSTOM_QUERY_HELP))
                codeqlArgs.push("--sarif-add-query-help");
-            if (automationDetailsId !== undefined) {
+            if (automationDetailsId !== undefined &&
                (await util.codeQlVersionAbove(this, CODEQL_VERSION_SARIF_GROUP))) {
                codeqlArgs.push("--sarif-category", automationDetailsId);
            }
            if (await util.codeQlVersionAbove(this, CODEQL_VERSION_FILE_BASELINE_INFORMATION)) {
                codeqlArgs.push("--sarif-add-baseline-file-info");
            }
            codeqlArgs.push(databasePath);
-            if (querySuitePaths) {
+            codeqlArgs.push(...querySuitePaths);
                codeqlArgs.push(...querySuitePaths);
            }
            // capture stdout, which contains analysis summaries
-            const returnState = await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)(cmd, codeqlArgs, error_matcher_1.errorMatchers);
+            return await runTool(cmd, codeqlArgs);
            return returnState.stdout;
        },
        async databasePrintBaseline(databasePath) {
            const codeqlArgs = [
@@ -539,18 +678,11 @@ async function getCodeQLForCmd(cmd, checkVersion) {
         * If no version is specified, then the latest version is
         * downloaded. The check to determine what the latest version is is done
         * each time this package is requested.
         *
         * Optionally, a `qlconfigFile` is included. If used, then this file
         * is used to determine which registry each pack is downloaded from.
         */
-        async packDownload(packs, qlconfigFile) {
+        async packDownload(packs) {
            const qlconfigArg = qlconfigFile
                ? [`--qlconfig-file=${qlconfigFile}`]
                : [];
            const codeqlArgs = [
                "pack",
                "download",
                ...qlconfigArg,
                "--format=json",
                "--resolve-query-specs",
                ...getExtraOptionsFromEnv(["pack", "download"]),
@@ -595,22 +727,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            ];
            await new toolrunner.ToolRunner(cmd, args).exec();
        },
        async diagnosticsExport(sarifFile, automationDetailsId) {
            const args = [
                "diagnostics",
                "export",
                "--format=sarif-latest",
                `--output=${sarifFile}`,
                ...getExtraOptionsFromEnv(["diagnostics", "export"]),
            ];
            if (automationDetailsId !== undefined) {
                args.push("--sarif-category", automationDetailsId);
            }
            await new toolrunner.ToolRunner(cmd, args).exec();
        },
    };
-    // To ensure that status reports include the CodeQL CLI version wherever
+    // To ensure that status reports include the CodeQL CLI version whereever
-    // possible, we want to call getVersion(), which populates the version value
+    // possbile, we want to call getVersion(), which populates the version value
    // used by status reporting, at the earliest opportunity. But invoking
    // getVersion() directly here breaks tests that only pretend to create a
    // CodeQL object. So instead we rely on the assumption that all non-test
@@ -623,7 +742,6 @@ async function getCodeQLForCmd(cmd, checkVersion) {
    }
    return codeql;
 }
 exports.getCodeQLForCmd = getCodeQLForCmd;
 /**
 * Gets the options for `path` of `options` as an array of extra option strings.
 */
@@ -662,10 +780,10 @@ function asExtraOptions(options, pathInfo) {
 * Exported for testing.
 */
 function getExtraOptions(options, paths, pathInfo) {
-    const all = asExtraOptions(options?.["*"], pathInfo.concat("*"));
+    const all = asExtraOptions(options === null || options === void 0 ? void 0 : options["*"], pathInfo.concat("*"));
    const specific = paths.length === 0
        ? asExtraOptions(options, pathInfo)
-        : getExtraOptions(options?.[paths[0]], paths?.slice(1), pathInfo.concat(paths[0]));
+        : getExtraOptions(options === null || options === void 0 ? void 0 : options[paths[0]], paths === null || paths === void 0 ? void 0 : paths.slice(1), pathInfo.concat(paths[0]));
    return all.concat(specific);
 }
 exports.getExtraOptions = getExtraOptions;
@@ -678,105 +796,23 @@ exports.getExtraOptions = getExtraOptions;
 *     status reports on GitHub.com.
 */
 const maxErrorSize = 20000;
-async function runTool(cmd, args = [], opts = {}) {
+async function runTool(cmd, args = []) {
    let output = "";
    let error = "";
    const exitCode = await new toolrunner.ToolRunner(cmd, args, {
        listeners: {
            stdout: (data) => {
-                output += data.toString("utf8");
+                output += data.toString();
            },
            stderr: (data) => {
-                let readStartIndex = 0;
+                const toRead = Math.min(maxErrorSize - error.length, data.length);
-                // If the error is too large, then we only take the last 20,000 characters
+                error += data.toString("utf8", 0, toRead);
                if (data.length - maxErrorSize > 0) {
                    // Eg: if we have 20,000 the start index should be 2.
                    readStartIndex = data.length - maxErrorSize + 1;
                }
                error += data.toString("utf8", readStartIndex);
            },
        },
        ignoreReturnCode: true,
        ...(opts.stdin ? { input: Buffer.from(opts.stdin || "") } : {}),
    }).exec();
    if (exitCode !== 0)
-        throw new CommandInvocationError(cmd, args, exitCode, error, output);
+        throw new CommandInvocationError(cmd, args, exitCode, error);
    return output;
 }
 /**
 * If appropriate, generates a code scanning configuration that is to be used for a scan.
 * If the configuration is not to be generated, returns undefined.
 *
 * @param codeql The CodeQL object to use.
 * @param config The configuration to use.
 * @returns the path to the generated user configuration file.
 */
 async function generateCodeScanningConfig(codeql, config, featureEnablement, logger) {
    if (!(await util.useCodeScanningConfigInCli(codeql, featureEnablement))) {
        return;
    }
    const configLocation = path.resolve(config.tempDir, "user-config.yaml");
    // make a copy so we can modify it
    const augmentedConfig = cloneObject(config.originalUserInput);
    // Inject the queries from the input
    if (config.augmentationProperties.queriesInput) {
        if (config.augmentationProperties.queriesInputCombines) {
            augmentedConfig.queries = (augmentedConfig.queries || []).concat(config.augmentationProperties.queriesInput);
        }
        else {
            augmentedConfig.queries = config.augmentationProperties.queriesInput;
        }
    }
    if (augmentedConfig.queries?.length === 0) {
        delete augmentedConfig.queries;
    }
    // Inject the packs from the input
    if (config.augmentationProperties.packsInput) {
        if (config.augmentationProperties.packsInputCombines) {
            // At this point, we already know that this is a single-language analysis
            if (Array.isArray(augmentedConfig.packs)) {
                augmentedConfig.packs = (augmentedConfig.packs || []).concat(config.augmentationProperties.packsInput);
            }
            else if (!augmentedConfig.packs) {
                augmentedConfig.packs = config.augmentationProperties.packsInput;
            }
            else {
                // At this point, we know there is only one language.
                // If there were more than one language, an error would already have been thrown.
                const language = Object.keys(augmentedConfig.packs)[0];
                augmentedConfig.packs[language] = augmentedConfig.packs[language].concat(config.augmentationProperties.packsInput);
            }
        }
        else {
            augmentedConfig.packs = config.augmentationProperties.packsInput;
        }
    }
    if (Array.isArray(augmentedConfig.packs) && !augmentedConfig.packs.length) {
        delete augmentedConfig.packs;
    }
    if (config.augmentationProperties.injectedMlQueries) {
        // We need to inject the ML queries into the original user input before
        // we pass this on to the CLI, to make sure these get run.
        const packString = await util.getMlPoweredJsQueriesPack(codeql);
        if (augmentedConfig.packs === undefined)
            augmentedConfig.packs = [];
        if (Array.isArray(augmentedConfig.packs)) {
            augmentedConfig.packs.push(packString);
        }
        else {
            if (!augmentedConfig.packs.javascript)
                augmentedConfig.packs["javascript"] = [];
            augmentedConfig.packs["javascript"].push(packString);
        }
    }
    logger.info(`Writing augmented user configuration file to ${configLocation}`);
    logger.startGroup("Augmented user configuration file contents");
    logger.info(yaml.dump(augmentedConfig));
    logger.endGroup();
    fs.writeFileSync(configLocation, yaml.dump(augmentedConfig));
    return configLocation;
 }
 function cloneObject(obj) {
    return JSON.parse(JSON.stringify(obj));
 }
 //# sourceMappingURL=codeql.js.map
--- a/lib/codeql.js.map
+++ b/lib/codeql.js.map
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Chuan-kai Lin	af35bd33fb	Merge pull request #1166 from github/update-v1.1.18-2ca79b6f Merge releases/v2 into releases/v1	2022-08-03 12:25:21 -07:00
github-actions[bot]	944b1f8c5c	Update checked-in dependencies	2022-08-03 17:59:40 +00:00
github-actions[bot]	0c10062e5e	Update version and changelog for v1.1.18	2022-08-03 17:48:10 +00:00
github-actions[bot]	c66efb35b1	Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.18-2ca79b6f	2022-08-03 17:48:06 +00:00
github-actions[bot]	ac911e9964	Revert "Update checked-in dependencies" This reverts commit `624285f8b2`.	2022-08-03 17:48:06 +00:00
github-actions[bot]	236b7c2b05	Revert "Update version and changelog for v1.1.17" This reverts commit `d8ed0a3afb`.	2022-08-03 17:48:06 +00:00
Aditya Sharad	5207709e29	Merge pull request #1155 from github/update-v1.1.17-0c670bbf Merge releases/v2 into releases/v1	2022-07-28 13:51:46 -07:00
github-actions[bot]	624285f8b2	Update checked-in dependencies	2022-07-28 18:07:54 +00:00
github-actions[bot]	d8ed0a3afb	Update version and changelog for v1.1.17	2022-07-28 17:47:43 +00:00
github-actions[bot]	9b044bf633	Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.17-0c670bbf	2022-07-28 17:47:41 +00:00
github-actions[bot]	97441a8bc4	Revert "Update checked-in dependencies" This reverts commit `ea16f0f943`.	2022-07-28 17:47:41 +00:00
github-actions[bot]	0f7d2dd330	Revert "Update version and changelog for v1.1.16" This reverts commit `0b90ea88eb`.	2022-07-28 17:47:41 +00:00
Cornelius Riemenschneider	f7b6c0021b	Merge pull request #1142 from github/update-v1.1.16-3e7e3b32 Merge releases/v2 into releases/v1	2022-07-13 14:43:54 +02:00
github-actions[bot]	ea16f0f943	Update checked-in dependencies	2022-07-13 11:48:41 +00:00
github-actions[bot]	0b90ea88eb	Update version and changelog for v1.1.16	2022-07-13 11:27:42 +00:00
github-actions[bot]	f695c53a17	Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.16-3e7e3b32	2022-07-13 11:27:41 +00:00
github-actions[bot]	2d5f20d706	Revert "Update checked-in dependencies" This reverts commit `eb9619301e`.	2022-07-13 11:27:41 +00:00
github-actions[bot]	e617b8972d	Revert "Update version and changelog for v1.1.15" This reverts commit `785cbf1898`.	2022-07-13 11:27:40 +00:00
Chuan-kai Lin	e41f8baf4a	Merge pull request #1131 from github/update-v1.1.15-3f62b754 Merge releases/v2 into releases/v1	2022-06-28 14:13:46 -07:00
github-actions[bot]	eb9619301e	Update checked-in dependencies	2022-06-28 19:39:17 +00:00
github-actions[bot]	785cbf1898	Update version and changelog for v1.1.15	2022-06-28 19:04:23 +00:00
github-actions[bot]	b7cbc0f8be	Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.15-3f62b754	2022-06-28 19:04:22 +00:00
github-actions[bot]	1fd3a8d1c7	Revert "Update checked-in dependencies" This reverts commit `98b2df478b`.	2022-06-28 19:04:22 +00:00
github-actions[bot]	269aa1746e	Revert "Update version and changelog for v1.1.14" This reverts commit `f4fb1cfb88`.	2022-06-28 19:04:22 +00:00
Andrew Eisenberg	714ec5a57d	Merge pull request #1117 from github/update-v1.1.14-41a4ada3 Merge releases/v2 into releases/v1	2022-06-22 19:15:29 -07:00
github-actions[bot]	98b2df478b	Update checked-in dependencies	2022-06-23 00:26:15 +00:00
github-actions[bot]	f4fb1cfb88	Update version and changelog for v1.1.14	2022-06-22 23:53:49 +00:00
github-actions[bot]	876c187c13	Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.14-41a4ada3	2022-06-22 23:53:49 +00:00
github-actions[bot]	fef25133ac	Revert "Update checked-in dependencies" This reverts commit `c053e94e7d`.	2022-06-22 23:53:49 +00:00
github-actions[bot]	a8d485f901	Revert "Update version and changelog for v1.1.13" This reverts commit `e47f040350`.	2022-06-22 23:53:48 +00:00
Edoardo Pirovano	614d63af76	Merge pull request #1109 from github/update-v1.1.13-d00e8c09 Merge releases/v2 into releases/v1	2022-06-21 12:58:19 +01:00
github-actions[bot]	c053e94e7d	Update checked-in dependencies	2022-06-21 10:38:03 +00:00
github-actions[bot]	e47f040350	Update version and changelog for v1.1.13	2022-06-21 09:43:36 +00:00
github-actions[bot]	4d013d7594	Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.13-d00e8c09	2022-06-21 09:43:35 +00:00
github-actions[bot]	3b2cf8914c	Revert "Update checked-in dependencies" This reverts commit `6efabfeaef`.	2022-06-21 09:43:35 +00:00
github-actions[bot]	9d650fdc1f	Revert "Update version and changelog for v1.1.12" This reverts commit `24d91cb4e9`.	2022-06-21 09:43:35 +00:00
Chuan-kai Lin	a6611b8691	Merge pull request #1090 from github/update-v1.1.12-27ea8f8f Merge releases/v2 into releases/v1	2022-06-01 12:47:07 -07:00
github-actions[bot]	6efabfeaef	Update checked-in dependencies	2022-06-01 18:30:51 +00:00
github-actions[bot]	24d91cb4e9	Update version and changelog for v1.1.12	2022-06-01 17:58:43 +00:00
github-actions[bot]	b6b48ceae3	Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.12-27ea8f8f	2022-06-01 17:58:28 +00:00
github-actions[bot]	af390c0075	Revert "Update checked-in dependencies" This reverts commit `459cf02690`.	2022-06-01 17:58:28 +00:00
github-actions[bot]	4c3af19a40	Revert "Update version and changelog for v1.1.11" This reverts commit `acc7a4bc97`.	2022-06-01 17:58:28 +00:00
Edoardo Pirovano	0e9acb6e5c	Merge pull request #1080 from github/update-v1.1.11-a3a6c128 Merge releases/v2 into releases/v1	2022-05-17 10:58:00 +01:00
github-actions[bot]	459cf02690	Update checked-in dependencies	2022-05-17 09:02:42 +00:00
github-actions[bot]	acc7a4bc97	Update version and changelog for v1.1.11	2022-05-17 08:23:48 +00:00
github-actions[bot]	d25b8aca1b	Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.11-a3a6c128	2022-05-17 08:23:47 +00:00
github-actions[bot]	c6fc792e04	Revert "Update checked-in dependencies" This reverts commit `ec7fba1280`.	2022-05-17 08:23:47 +00:00
github-actions[bot]	d28ac7880b	Revert "Update version and changelog for v1.1.10" This reverts commit `46d6a93dcc`.	2022-05-17 08:23:47 +00:00
Henry Mercer	5e59d8eec4	Merge pull request #1071 from github/update-v1.1.10-2f58583a Merge releases/v2 into releases/v1	2022-05-11 18:34:38 +01:00
github-actions[bot]	ec7fba1280	Update checked-in dependencies	2022-05-11 16:07:10 +00:00
github-actions[bot]	46d6a93dcc	Update version and changelog for v1.1.10	2022-05-11 15:52:27 +00:00
github-actions[bot]	ab69202a0b	Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.10-2f58583a	2022-05-11 15:52:26 +00:00
github-actions[bot]	93c20939ac	Revert "Update checked-in dependencies" This reverts commit `e3983ef751`.	2022-05-11 15:52:26 +00:00
github-actions[bot]	c1672e532f	Revert "Update version and changelog for v1.1.9" This reverts commit `e34f3ea243`.	2022-05-11 15:52:26 +00:00
Henning Makholm	6c3ae45f3a	Merge pull request #1048 from github/update-v1.1.9-7502d6e9 Merge releases/v2 into releases/v1	2022-04-27 22:39:57 +02:00
Henning Makholm	8371fda073	manually resolve conflict in favor of node12 for v1	2022-04-27 22:08:55 +02:00
github-actions[bot]	e3983ef751	Update checked-in dependencies	2022-04-27 18:36:25 +00:00
github-actions[bot]	e34f3ea243	Update version and changelog for v1.1.9	2022-04-27 18:21:56 +00:00
github-actions[bot]	d9937ad6ad	Merge remote-tracking branch 'origin/releases/v2' into update-v1.1.9-7502d6e9 # Conflicts: # autobuild/action.yml	2022-04-27 18:21:55 +00:00
github-actions[bot]	f703d1ca07	Revert "Update checked-in dependencies" This reverts commit `c7b049b347`.	2022-04-27 18:21:55 +00:00
github-actions[bot]	acf17f7547	Revert "Update version and changelog for v1.1.8" This reverts commit `f679ec9aa9`.	2022-04-27 18:21:55 +00:00
Edoardo Pirovano	e2cc7cc006	Merge pull request #1028 from github/update-v1.1.8-1ed14374 Merge v2 into v1	2022-04-08 10:55:32 +01:00
github-actions[bot]	c7b049b347	Update checked-in dependencies	2022-04-08 08:58:43 +00:00
github-actions[bot]	f679ec9aa9	Update version and changelog for v1.1.8	2022-04-08 08:46:06 +00:00
github-actions[bot]	d9f89b3dfd	Merge remote-tracking branch 'origin/v2' into update-v1.1.8-1ed14374	2022-04-08 08:46:06 +00:00
github-actions[bot]	0ab00f44cb	Revert "Update checked-in dependencies" This reverts commit `7eac76fcb4`.	2022-04-08 08:46:06 +00:00
github-actions[bot]	026ff35db0	Revert "Update version and changelog for v1.1.7" This reverts commit `3d10ffe493`.	2022-04-08 08:46:05 +00:00
Edoardo Pirovano	1fc1008278	Merge pull request #1021 from github/update-v1.1.7-0182a2c7 Merge v2 into v1	2022-04-05 10:38:59 -07:00
github-actions[bot]	7eac76fcb4	Update checked-in dependencies	2022-04-05 16:35:27 +00:00
github-actions[bot]	3d10ffe493	Update version and changelog for v1.1.7	2022-04-05 16:21:40 +00:00
github-actions[bot]	f5e5590fc8	Merge remote-tracking branch 'origin/v2' into update-v1.1.7-0182a2c7	2022-04-05 16:21:39 +00:00
github-actions[bot]	380041ed00	Revert "Update checked-in dependencies" This reverts commit `75743c96fc`.	2022-04-05 16:21:39 +00:00
github-actions[bot]	8165d30832	Revert "Update version and changelog for v1.1.6" This reverts commit `03a275bc11`.	2022-04-05 16:21:39 +00:00
Edoardo Pirovano	4c1021c504	Merge pull request #1006 from github/update-v1.1.6-28eead24 Merge v2 into v1	2022-03-30 15:28:29 +01:00
Edoardo Pirovano	9da34a6ec6	Avoid failure if `@types/node` is already 12.12	2022-03-30 14:00:43 +01:00
Edoardo Pirovano	f83be76fd8	Revert "Upgrade Node type definitions" This reverts commit `b949e494e4`.	2022-03-30 13:49:37 +01:00
Edoardo Pirovano	b45efc9e42	Revert "Use Node.js v16 in all Actions" This reverts commit `3d23aade46`.	2022-03-30 13:49:29 +01:00
github-actions[bot]	75743c96fc	Update checked-in dependencies	2022-03-30 12:20:06 +00:00
github-actions[bot]	03a275bc11	Update version and changelog for v1.1.6	2022-03-30 11:13:40 +00:00
		`@@ -1 +1 @@`
			{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,CACL,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,MAAM,CAC1E,CAAC;AACJ,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,qEAAqE;IACrE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,mGAAmG,CACpG,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IACE,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC;QACvC,CAAC,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,EACvC;QACA,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AAjCD,wEAiCC"}				{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,CACL,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,MAAM,CAC1E,CAAC;AACJ,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,qEAAqE;IACrE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,mGAAmG,CACpG,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IACE,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC;QACvC,CAAC,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,EACvC;QACA,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AAjCD,wEAiCC"}
		`@@ -1 +1 @@`
			{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;YACD,UAAU,EAAE,EAAE;YACd,qBAAqB,EAAE,CAAC;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;YACD,UAAU,EAAE,EAAE;YACd,qBAAqB,EAAE,CAAC;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;QACX,WAAW,EAAE,EAAE;QACf,KAAK,EAAE,EAAE;QACT,iBAAiB,EAAE,EAAE;QACrB,OAAO;QACP,SAAS,EAAE,EAAE;QACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;QACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC;QACrD,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,KAAK;QAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,sBAAsB,EAAE;YACtB,iBAAiB,EAAE,KAAK;YACxB,kBAAkB,EAAE,KAAK;YACzB,oBAAoB,EAAE,KAAK;SAC5B;QACD,UAAU,EAAE,EAAE;QACd,qBAAqB,EAAE,CAAC;KACzB,CAAC;IACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;IACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;IAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC,CAAC,CAAC"}				{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,KAAK;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,KAAK;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;QACX,WAAW,EAAE,EAAE;QACf,KAAK,EAAE,EAAE;QACT,iBAAiB,EAAE,EAAE;QACrB,OAAO;QACP,SAAS,EAAE,EAAE;QACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;QACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC;QACrD,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,KAAK;QAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,iBAAiB,EAAE,KAAK;KACzB,CAAC;IACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;IACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;IAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC,CAAC,CAAC"}
		`@@ -1 +1 @@`
			{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEnE,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}				{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;SACuB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
		`@@ -1 +1 @@`
			{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnE,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}				{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;SACuB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
		`@@ -1 +0,0 @@`
			{"version":3,"file":"analyze-action-post-helper.js","sourceRoot":"","sources":["../src/analyze-action-post-helper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,iDAA2C;AAC3C,uCAA6C;AAEtC,KAAK,UAAU,GAAG,CAAC,wBAAkC;IAC1D,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAElC,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAS,EAAC,WAAW,CAAC,qBAAqB,EAAE,EAAE,MAAM,CAAC,CAAC;IAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;QACxB,MAAM,IAAI,KAAK,CACb,2FAA2F,CAC5F,CAAC;KACH;IAED,+CAA+C;IAC/C,IAAI,MAAM,EAAE,SAAS,EAAE;QACrB,IAAI,CAAC,IAAI,CACP,oFAAoF,CACrF,CAAC;QACF,MAAM,SAAS,GAAG,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QACzD,MAAM,wBAAwB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;KACnD;AACH,CAAC;AAlBD,kBAkBC"}
		`@@ -1 +0,0 @@`
			`{"version":3,"file":"analyze-action-post.js","sourceRoot":"","sources":["../src/analyze-action-post.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;GAIG;AACH,oDAAsC;AAEtC,sFAAwE;AACxE,kEAAoD;AAEpD,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,wBAAwB,CAAC,CAAC;KAC5E;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,oCAAoC,KAAK,EAAE,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}`
		`@@ -1 +1 @@`
			{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uEAAyD;AACzD,6DAA+C;AAC/C,0EAAgD;AAEhD,iDAAoE;AACpE,6CAA+B;AAC/B,iCAA4D;AAE5D,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,+FAAc,CAAA;IACd,+FAAc,CAAA;AAChB,CAAC,EAHW,0BAA0B,GAA1B,kCAA0B,KAA1B,kCAA0B,QAGrC;AAiBD,SAAS,0BAA0B,CACjC,UAAoC,EACpC,EAAE,aAAa,GAAG,KAAK,EAAE,GAAG,EAAE;IAE9B,MAAM,IAAI,GACR,CAAC,aAAa,IAAI,UAAU,CAAC,gBAAgB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC;IACpE,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/D,OAAO,IAAI,eAAe,CACxB,WAAW,CAAC,iBAAiB,CAAC,IAAI,EAAE;QAClC,OAAO,EAAE,UAAU,CAAC,MAAM;QAC1B,SAAS,EAAE,iBAAiB,IAAA,+BAAgB,GAAE,EAAE;QAChD,GAAG,EAAE,IAAA,2BAAe,EAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;KACzC,CAAC,CACH,CAAC;AACJ,CAAC;AAED,SAAgB,aAAa;IAC3B,OAAO;QACL,IAAI,EAAE,IAAA,+BAAgB,EAAC,OAAO,CAAC;QAC/B,GAAG,EAAE,IAAA,0BAAmB,EAAC,mBAAmB,CAAC;QAC7C,MAAM,EAAE,IAAA,0BAAmB,EAAC,gBAAgB,CAAC;KAC9C,CAAC;AACJ,CAAC;AAND,sCAMC;AAED,SAAgB,YAAY;IAC1B,OAAO,0BAA0B,CAAC,aAAa,EAAE,CAAC,CAAC;AACrD,CAAC;AAFD,oCAEC;AAED,SAAgB,4BAA4B,CAC1C,UAAoC;IAEpC,OAAO,0BAA0B,CAAC,UAAU,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;AACzE,CAAC;AAJD,oEAIC;AAED,IAAI,mBAAmB,GAA8B,SAAS,CAAC;AAE/D;;;;;;GAMG;AACI,KAAK,UAAU,gBAAgB;IACpC,IAAI,mBAAmB,KAAK,SAAS,EAAE;QACrC,mBAAmB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,EAAE,CAAC,CAAC;KACpE;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AALD,4CAKC"}				{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,uEAAyD;AACzD,6DAA+C;AAC/C,0EAAgD;AAEhD,iDAAkD;AAClD,6CAA+B;AAC/B,iCAAqE;AAErE,8CAA8C;AAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEvC,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,+FAAc,CAAA;IACd,+FAAc,CAAA;AAChB,CAAC,EAHW,0BAA0B,GAA1B,kCAA0B,KAA1B,kCAA0B,QAGrC;AAeM,MAAM,YAAY,GAAG,UAC1B,UAAoC,EACpC,EAAE,aAAa,GAAG,KAAK,EAAE,GAAG,EAAE;IAE9B,MAAM,IAAI,GACR,CAAC,aAAa,IAAI,UAAU,CAAC,gBAAgB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC;IACpE,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/D,OAAO,IAAI,eAAe,CACxB,WAAW,CAAC,iBAAiB,CAAC,IAAI,EAAE;QAClC,OAAO,EAAE,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC;QAClC,SAAS,EAAE,UAAU,IAAA,cAAO,GAAE,IAAI,GAAG,CAAC,OAAO,EAAE;QAC/C,GAAG,EAAE,IAAA,2BAAe,EAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;KACzC,CAAC,CACH,CAAC;AACJ,CAAC,CAAC;AAdW,QAAA,YAAY,gBAcvB;AAEF,SAAS,SAAS,CAAC,SAAiB;IAClC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;IAE/B,uDAAuD;IACvD,0CAA0C;IAC1C,IAAI,GAAG,CAAC,QAAQ,KAAK,YAAY,IAAI,GAAG,CAAC,QAAQ,KAAK,gBAAgB,EAAE;QACtE,OAAO,wBAAwB,CAAC;KACjC;IAED,6BAA6B;IAC7B,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AAED,SAAS,aAAa;IACpB,OAAO;QACL,IAAI,EAAE,IAAA,+BAAgB,EAAC,OAAO,CAAC;QAC/B,GAAG,EAAE,IAAA,0BAAmB,EAAC,mBAAmB,CAAC;KAC9C,CAAC;AACJ,CAAC;AAED,uFAAuF;AACvF,qFAAqF;AACrF,+CAA+C;AAC/C,SAAgB,mBAAmB;IACjC,OAAO,IAAA,oBAAY,EAAC,aAAa,EAAE,CAAC,CAAC;AACvC,CAAC;AAFD,kDAEC;AAED,IAAI,mBAAmB,GAA8B,SAAS,CAAC;AAE/D;;;;;;;GAOG;AACI,KAAK,UAAU,2BAA2B;IAC/C,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE;QACrB,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;KAC1E;IACD,IAAI,mBAAmB,KAAK,SAAS,EAAE;QACrC,mBAAmB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,EAAE,CAAC,CAAC;KACpE;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AARD,kEAQC"}
		`@@ -1 +1 @@`
			{"version":3,"file":"api-client.test.js","sourceRoot":"","sources":["../src/api-client.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uEAAyD;AACzD,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,6CAA4C;AAC5C,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAI,UAA2B,CAAC;AAChC,IAAI,UAA2B,CAAC;AAEhC,aAAI,CAAC,UAAU,CAAC,GAAG,EAAE;IACnB,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACtD,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC1B,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC/B,IAAI,CAAC,qBAAqB,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;AAC7D,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,cAAc,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/B,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAC7E,MAAM,oBAAoB,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC;IACrE,oBAAoB;SACjB,QAAQ,CAAC,mBAAmB,CAAC;SAC7B,OAAO,CAAC,yBAAyB,CAAC,CAAC;IACtC,oBAAoB;SACjB,QAAQ,CAAC,gBAAgB,CAAC;SAC1B,OAAO,CAAC,6BAA6B,CAAC,CAAC;IAE1C,IAAA,yBAAY,GAAE,CAAC;IAEf,CAAC,CAAC,MAAM,CACN,UAAU,CAAC,qBAAqB,CAAC;QAC/B,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,6BAA6B;QACtC,GAAG,EAAE,KAAK,CAAC,KAAK,CAAC,GAAG;QACpB,SAAS,EAAE,iBAAiB,WAAW,CAAC,gBAAgB,EAAE,EAAE;KAC7D,CAAC,CACH,CAAC;AACJ,CAAC,CAAC,CAAC"}				{"version":3,"file":"api-client.test.js","sourceRoot":"","sources":["../src/api-client.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uEAAyD;AACzD,8CAA6C;AAC7C,6CAA+B;AAE/B,6CAA4C;AAC5C,mDAA6C;AAC7C,iCAAqD;AAErD,8CAA8C;AAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEvC,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAI,UAA2B,CAAC;AAChC,IAAI,UAA2B,CAAC;AAEhC,aAAI,CAAC,UAAU,CAAC,GAAG,EAAE;IACnB,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACtD,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC1B,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC/B,IAAA,4BAAqB,EAAC,WAAI,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;AACnD,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,oBAAoB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACrC,MAAM,CACJ,CAAC,EACD;QACE,IAAI,EAAE,KAAK;QACX,gBAAgB,EAAE,KAAK;QACvB,GAAG,EAAE,gBAAgB;KACtB,EACD,SAAS,EACT;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,uBAAuB;QAChC,SAAS,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;KAC1C,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,6BAA6B,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC9C,MAAM,CACJ,CAAC,EACD;QACE,IAAI,EAAE,KAAK;QACX,gBAAgB,EAAE,KAAK;QACvB,GAAG,EAAE,gBAAgB;KACtB,EACD,EAAE,aAAa,EAAE,IAAI,EAAE,EACvB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,uBAAuB;QAChC,SAAS,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;KAC1C,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,yCAAyC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC1D,MAAM,CACJ,CAAC,EACD;QACE,IAAI,EAAE,KAAK;QACX,GAAG,EAAE,gBAAgB;KACtB,EACD,EAAE,aAAa,EAAE,IAAI,EAAE,EACvB;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,uBAAuB;QAChC,SAAS,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;KAC1C,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,oCAAoC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACrD,MAAM,CACJ,CAAC,EACD;QACE,IAAI,EAAE,KAAK;QACX,GAAG,EAAE,qCAAqC;KAC3C,EACD,SAAS,EACT;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,wBAAwB;QACjC,SAAS,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;KAC1C,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,SAAS,MAAM,CACb,CAA4B,EAC5B,UAAe,EACf,aAAkB,EAClB,QAAa;IAEb,IAAA,yBAAY,EAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IAExC,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACzC,iEAAiE;IACjE,OAAO,aAAa,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC5B,CAAC,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;AACzC,CAAC"}
`@@ -1 +1 @@`
	`{ "maximumVersion": "3.8", "minimumVersion": "3.4" }`	`{ "maximumVersion": "3.6", "minimumVersion": "3.2" }`