Merge pull request #1408 from github/update-v1.1.35-b2a92eb5

Merge releases/v2 into releases/v1

.eslintrc.json

@@ -16,10 +16,7 @@
     "rules": {
         "filenames/match-regex": ["error", "^[a-z0-9-]+(\\.test)?$"],
         "i18n-text/no-en": "off",
-        "import/extensions": ["error", {
-            // Allow importing JSON files
-            "json": {}
-        }],
+        "import/extensions": "error",
         "import/no-amd": "error",
         "import/no-commonjs": "error",
         "import/no-dynamic-require": "error",
@@ -33,12 +30,6 @@
             "alphabetize": {"order": "asc"},
             "newlines-between": "always"
         }],
-        "max-len": ["error", {
-            "code": 120,
-            "ignoreUrls": true,
-            "ignoreStrings": true,
-            "ignoreTemplateLiterals": true
-        }],
         "no-async-foreach/no-async-foreach": "error",
         "no-console": "off",
         "no-sequences": "error",
@@ -64,13 +55,5 @@
             "func-style": "off",
             "sort-imports": "off"
         }
-    }],
-    "settings": {
-        "import/resolver": {
-            "node": {
-                "moduleDirectory": ["node_modules", "src"]
-            },
-            "typescript": {}
-        }
-    }
+    }]
 }

.github/dependabot.yml

@@ -1,17 +1,20 @@
 version: 2
 updates:
-  - package-ecosystem: npm
+  - package-ecosystem: "npm"
     directory: "/"
     schedule:
-      interval: weekly
+      interval: "weekly"
+      day: "thursday" # Gives us a working day to merge this before our typical release
     labels:
-      - Update dependencies
+      - "Update dependencies"
     ignore:
       - dependency-name: "*"
-        update-types:
-          - version-update:semver-minor
-          - version-update:semver-patch
-  - package-ecosystem: github-actions
-    directory: "/"
+        update-types: ["version-update:semver-minor", "version-update:semver-patch"]
+  - package-ecosystem: "npm"
+    directory: "/runner"
     schedule:
-      interval: weekly
+      interval: "weekly"
+      day: "thursday" # Gives us a working day to merge this before our typical release
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-minor", "version-update:semver-patch"]

.github/prepare-test/action.yml

@@ -2,11 +2,9 @@ name: "Prepare test"
 description: Performs some preparation to run tests
 inputs:
   version:
-    description: "The version of the CodeQL CLI to use. Can be 'latest', 'cached', 'nightly-latest', 'nightly-YYYY-MM-DD', or 'stable-YYYY-MM-DD'."
     required: true
 outputs:
   tools-url:
-    description: "The value that should be passed as the 'tools' input of the 'init' step."
     value: ${{ steps.get-url.outputs.tools-url }}
 runs:
   using: composite
@@ -22,7 +20,6 @@ runs:
       name: Determine URL
       shell: bash
       run: |
-        set -e # Fail this Action if `gh release list` fails.
         if [[ ${{ inputs.version }} == "nightly-latest" ]]; then
           export LATEST=`gh release list --repo dsp-testing/codeql-cli-nightlies -L 1 | cut -f 3`
           echo "tools-url=https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/$LATEST/codeql-bundle.tar.gz" >> $GITHUB_OUTPUT
@@ -37,6 +34,5 @@ runs:
         elif [[ ${{ inputs.version }} == "cached" ]]; then
           echo "tools-url=" >> $GITHUB_OUTPUT
         else
-          echo "::error::Unrecognized version specified!"
-          exit 1
+          echo "::error Unrecognized version specified!"
         fi

.github/setup-swift/action.yml

@@ -1,32 +0,0 @@
-name: "Set up Swift"
-description: Performs necessary steps to set up appropriate Swift version.
-inputs:
-  codeql-path:
-    required: true
-runs:
-  using: "composite"
-  steps:
-    - name: Get Swift version
-      id: get_swift_version
-      # We don't support Swift on Windows or prior versions of CLI.
-      if: "(runner.os != 'Windows') && (matrix.version == 'cached' || matrix.version == 'latest' || matrix.version == 'nightly-latest')"
-      shell: bash
-      env: 
-        CODEQL_PATH: ${{inputs.codeql-path}}
-      run: |
-        if [ $RUNNER_OS = "macOS" ]; then
-          PLATFORM="osx64"
-        else # We do not run this step on Windows.
-          PLATFORM="linux64"
-        fi 
-        SWIFT_EXTRACTOR_DIR="$("$CODEQL_PATH" resolve languages --format json | jq -r '.swift[0]')"
-        VERSION="$("$SWIFT_EXTRACTOR_DIR/tools/$PLATFORM/extractor" --version | awk '/version/ { print $3 }')"
-        # Specify 5.7.0, otherwise setup Action will default to latest minor version. 
-        if [ $VERSION = "5.7" ]; then
-          VERSION="5.7.0"
-        fi
-        echo "version=$VERSION" | tee -a $GITHUB_OUTPUT
-    - uses: swift-actions/setup-swift@194625b58a582570f61cc707c3b558086c26b723
-      if: "(runner.os != 'Windows') && (matrix.version == 'cached' || matrix.version == 'latest' || matrix.version == 'nightly-latest')"
-      with:
-        swift-version: "${{steps.get_swift_version.outputs.version}}"

.github/update-release-branch.py

@@ -13,8 +13,14 @@ No user facing changes.
 
 """
 
-SOURCE_BRANCH = 'main'
-TARGET_BRANCH = 'releases/v2'
+# Value of the mode flag for a v1 release
+V1_MODE = 'v1-release'
+
+# Value of the mode flag for a v2 release
+V2_MODE = 'v2-release'
+
+SOURCE_BRANCH_FOR_MODE = { V1_MODE: 'releases/v2', V2_MODE: 'main' }
+TARGET_BRANCH_FOR_MODE = { V1_MODE: 'releases/v1', V2_MODE: 'releases/v2' }
 
 # Name of the remote
 ORIGIN = 'origin'
@@ -26,7 +32,7 @@ def run_git(*args, allow_non_zero_exit_code=False):
   cmd = ['git', *args]
   p = subprocess.run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
   if not allow_non_zero_exit_code and p.returncode != 0:
-    raise Exception(f'Call to {" ".join(cmd)} exited with code {p.returncode} stderr: {p.stderr.decode("ascii")}.')
+    raise Exception('Call to ' + ' '.join(cmd) + ' exited with code ' + str(p.returncode) + ' stderr:' + p.stderr.decode('ascii'))
   return p.stdout.decode('ascii')
 
 # Returns true if the given branch exists on the origin remote
@@ -34,21 +40,23 @@ def branch_exists_on_remote(branch_name):
   return run_git('ls-remote', '--heads', ORIGIN, branch_name).strip() != ''
 
 # Opens a PR from the given branch to the target branch
-def open_pr(repo, all_commits, source_branch_short_sha, new_branch_name, conductor):
+def open_pr(
+  repo, all_commits, source_branch_short_sha, new_branch_name, source_branch, target_branch,
+  conductor, is_v2_release, labels, conflicted_files):
   # Sort the commits into the pull requests that introduced them,
   # and any commits that don't have a pull request
   pull_requests = []
   commits_without_pull_requests = []
   for commit in all_commits:
-    pr = get_pr_for_commit(commit)
+    pr = get_pr_for_commit(repo, commit)
 
     if pr is None:
       commits_without_pull_requests.append(commit)
     elif not any(p for p in pull_requests if p.number == pr.number):
       pull_requests.append(pr)
 
-  print(f'Found {len(pull_requests)} pull requests.')
-  print(f'Found {len(commits_without_pull_requests)} commits not in a pull request.')
+  print('Found ' + str(len(pull_requests)) + ' pull requests')
+  print('Found ' + str(len(commits_without_pull_requests)) + ' commits not in a pull request')
 
   # Sort PRs and commits by age
   pull_requests = sorted(pull_requests, key=lambda pr: pr.number)
@@ -56,7 +64,7 @@ def open_pr(repo, all_commits, source_branch_short_sha, new_branch_name, conduct
 
   # Start constructing the body text
   body = []
-  body.append(f'Merging {source_branch_short_sha} into {TARGET_BRANCH}.')
+  body.append('Merging ' + source_branch_short_sha + ' into ' + target_branch)
 
   body.append('')
   body.append(f'Conductor for this PR is @{conductor}.')
@@ -79,33 +87,50 @@ def open_pr(repo, all_commits, source_branch_short_sha, new_branch_name, conduct
 
   body.append('')
   body.append('Please do the following:')
+  if len(conflicted_files) > 0:
+    body.append(' - [ ] Ensure `package.json` file contains the correct version.')
+    body.append(' - [ ] Add commits to this branch to resolve the merge conflicts ' +
+      'in the following files:')
+    body.extend([f'    - [ ] `{file}`' for file in conflicted_files])
+    body.append(' - [ ] Ensure another maintainer has reviewed the additional commits you added to this ' +
+      'branch to resolve the merge conflicts.')
   body.append(' - [ ] Ensure the CHANGELOG displays the correct version and date.')
   body.append(' - [ ] Ensure the CHANGELOG includes all relevant, user-facing changes since the last release.')
-  body.append(f' - [ ] Check that there are not any unexpected commits being merged into the {TARGET_BRANCH} branch.')
+  body.append(' - [ ] Check that there are not any unexpected commits being merged into the ' + target_branch + ' branch.')
   body.append(' - [ ] Ensure the docs team is aware of any documentation changes that need to be released.')
-  body.append(' - [ ] Approve and merge this PR. Make sure `Create a merge commit` is selected rather than `Squash and merge` or `Rebase and merge`.')
-  body.append(' - [ ] Merge the mergeback PR that will automatically be created once this PR is merged.')
 
-  title = f'Merge {SOURCE_BRANCH} into {TARGET_BRANCH}'
+  if not is_v2_release:
+    body.append(' - [ ] Remove and re-add the "Update dependencies" label to the PR to trigger just this workflow.')
+    body.append(' - [ ] Wait for the "Update dependencies" workflow to push a commit updating the dependencies.')
+    body.append(' - [ ] Mark the PR as ready for review to trigger the full set of PR checks.')
+
+  body.append(' - [ ] Approve and merge this PR. Make sure `Create a merge commit` is selected rather than `Squash and merge` or `Rebase and merge`.')
+
+  if is_v2_release:
+    body.append(' - [ ] Merge the mergeback PR that will automatically be created once this PR is merged.')
+    body.append(' - [ ] Merge the v1 release PR that will automatically be created once this PR is merged.')
+
+  title = 'Merge ' + source_branch + ' into ' + target_branch
 
   # Create the pull request
   # PR checks won't be triggered on PRs created by Actions. Therefore mark the PR as draft so that
   # a maintainer can take the PR out of draft, thereby triggering the PR checks.
-  pr = repo.create_pull(title=title, body='\n'.join(body), head=new_branch_name, base=TARGET_BRANCH, draft=True)
-  print(f'Created PR #{pr.number}')
+  pr = repo.create_pull(title=title, body='\n'.join(body), head=new_branch_name, base=target_branch, draft=True)
+  pr.add_to_labels(*labels)
+  print('Created PR #' + str(pr.number))
 
   # Assign the conductor
   pr.add_to_assignees(conductor)
-  print(f'Assigned PR to {conductor}')
+  print('Assigned PR to ' + conductor)
 
 # Gets a list of the SHAs of all commits that have happened on the source branch
 # since the last release to the target branch.
 # This will not include any commits that exist on the target branch
 # that aren't on the source branch.
-def get_commit_difference(repo):
+def get_commit_difference(repo, source_branch, target_branch):
   # Passing split nothing means that the empty string splits to nothing: compare `''.split() == []`
   # to `''.split('\n') == ['']`.
-  commits = run_git('log', '--pretty=format:%H', f'{ORIGIN}/{TARGET_BRANCH}..{ORIGIN}/{SOURCE_BRANCH}').strip().split()
+  commits = run_git('log', '--pretty=format:%H', ORIGIN + '/' + target_branch + '..' + ORIGIN + '/' + source_branch).strip().split()
 
   # Convert to full-fledged commit objects
   commits = [repo.get_commit(c) for c in commits]
@@ -121,13 +146,13 @@ def is_pr_merge_commit(commit):
 def get_truncated_commit_message(commit):
   message = commit.commit.message.split('\n')[0]
   if len(message) > 60:
-    return f'{message[:57]}...'
+    return message[:57] + '...'
   else:
     return message
 
 # Converts a commit into the PR that introduced it to the source branch.
 # Returns the PR object, or None if no PR could be found.
-def get_pr_for_commit(commit):
+def get_pr_for_commit(repo, commit):
   prs = commit.get_pulls()
 
   if prs.totalCount > 0:
@@ -161,7 +186,7 @@ def update_changelog(version):
   else:
     content = EMPTY_CHANGELOG
 
-  newContent = content.replace('[UNRELEASED]', f'{version} - {get_today_string()}', 1)
+  newContent = content.replace('[UNRELEASED]', version + ' - ' + get_today_string(), 1)
 
   with open('CHANGELOG.md', 'w') as f:
     f.write(newContent)
@@ -182,6 +207,16 @@ def main():
     required=True,
     help='The nwo of the repository, for example github/codeql-action.'
   )
+  parser.add_argument(
+    '--mode',
+    type=str,
+    required=True,
+    choices=[V2_MODE, V1_MODE],
+    help=f"Which release to perform. '{V2_MODE}' uses {SOURCE_BRANCH_FOR_MODE[V2_MODE]} as the source " +
+      f"branch and {TARGET_BRANCH_FOR_MODE[V2_MODE]} as the target branch. " +
+      f"'{V1_MODE}' uses {SOURCE_BRANCH_FOR_MODE[V1_MODE]} as the source branch and " +
+      f"{TARGET_BRANCH_FOR_MODE[V1_MODE]} as the target branch."
+  )
   parser.add_argument(
     '--conductor',
     type=str,
@@ -191,46 +226,110 @@ def main():
 
   args = parser.parse_args()
 
+  source_branch = SOURCE_BRANCH_FOR_MODE[args.mode]
+  target_branch = TARGET_BRANCH_FOR_MODE[args.mode]
+
   repo = Github(args.github_token).get_repo(args.repository_nwo)
   version = get_current_version()
 
+  if args.mode == V1_MODE:
+    # Change the version number to a v1 equivalent
+    version = get_current_version()
+    version = f'1{version[1:]}'
+
   # Print what we intend to go
-  print(f'Considering difference between {SOURCE_BRANCH} and {TARGET_BRANCH}...')
-  source_branch_short_sha = run_git('rev-parse', '--short', f'{ORIGIN}/{SOURCE_BRANCH}').strip()
-  print(f'Current head of {SOURCE_BRANCH} is {source_branch_short_sha}.')
+  print('Considering difference between ' + source_branch + ' and ' + target_branch)
+  source_branch_short_sha = run_git('rev-parse', '--short', ORIGIN + '/' + source_branch).strip()
+  print('Current head of ' + source_branch + ' is ' + source_branch_short_sha)
 
   # See if there are any commits to merge in
-  commits = get_commit_difference(repo=repo)
+  commits = get_commit_difference(repo=repo, source_branch=source_branch, target_branch=target_branch)
   if len(commits) == 0:
-    print(f'No commits to merge from {SOURCE_BRANCH} to {TARGET_BRANCH}.')
+    print('No commits to merge from ' + source_branch + ' to ' + target_branch)
     return
 
   # The branch name is based off of the name of branch being merged into
   # and the SHA of the branch being merged from. Thus if the branch already
   # exists we can assume we don't need to recreate it.
-  new_branch_name = f'update-v{version}-{source_branch_short_sha}'
-  print(f'Branch name is {new_branch_name}.')
+  new_branch_name = 'update-v' + version + '-' + source_branch_short_sha
+  print('Branch name is ' + new_branch_name)
 
   # Check if the branch already exists. If so we can abort as this script
   # has already run on this combination of branches.
   if branch_exists_on_remote(new_branch_name):
-    print(f'Branch {new_branch_name} already exists. Nothing to do.')
+    print('Branch ' + new_branch_name + ' already exists. Nothing to do.')
     return
 
   # Create the new branch and push it to the remote
-  print(f'Creating branch {new_branch_name}.')
+  print('Creating branch ' + new_branch_name)
 
-  # If we're performing a standard release, there won't be any new commits on the target branch,
-  # as these will have already been merged back into the source branch. Therefore we can just
-  # start from the source branch.
-  run_git('checkout', '-b', new_branch_name, f'{ORIGIN}/{SOURCE_BRANCH}')
+  # The process of creating the v1 release can run into merge conflicts. We commit the unresolved
+  # conflicts so a maintainer can easily resolve them (vs erroring and requiring maintainers to
+  # reconstruct the release manually)
+  conflicted_files = []
 
-  print('Updating changelog')
-  update_changelog(version)
+  if args.mode == V1_MODE:
+    # If we're performing a backport, start from the target branch
+    print(f'Creating {new_branch_name} from the {ORIGIN}/{target_branch} branch')
+    run_git('checkout', '-b', new_branch_name, f'{ORIGIN}/{target_branch}')
 
-  # Create a commit that updates the CHANGELOG
-  run_git('add', 'CHANGELOG.md')
-  run_git('commit', '-m', f'Update changelog for v{version}')
+    # Revert the commit that we made as part of the last release that updated the version number and
+    # changelog to refer to 1.x.x variants. This avoids merge conflicts in the changelog and
+    # package.json files when we merge in the v2 branch.
+    # This commit will not exist the first time we release the v1 branch from the v2 branch, so we
+    # use `git log --grep` to conditionally revert the commit.
+    print('Reverting the 1.x.x version number and changelog updates from the last release to avoid conflicts')
+    v1_update_commits = run_git('log', '--grep', '^Update version and changelog for v', '--format=%H').split()
+
+    if len(v1_update_commits) > 0:
+      print(f'  Reverting {v1_update_commits[0]}')
+      # Only revert the newest commit as older ones will already have been reverted in previous
+      # releases.
+      run_git('revert', v1_update_commits[0], '--no-edit')
+
+      # Also revert the "Update checked-in dependencies" commit created by Actions.
+      update_dependencies_commit = run_git('log', '--grep', '^Update checked-in dependencies', '--format=%H').split()[0]
+      print(f'  Reverting {update_dependencies_commit}')
+      run_git('revert', update_dependencies_commit, '--no-edit')
+
+    else:
+      print('  Nothing to revert.')
+
+    print(f'Merging {ORIGIN}/{source_branch} into the release prep branch')
+    # Commit any conflicts (see the comment for `conflicted_files`)
+    run_git('merge', f'{ORIGIN}/{source_branch}', allow_non_zero_exit_code=True)
+    conflicted_files = run_git('diff', '--name-only', '--diff-filter', 'U').splitlines()
+    if len(conflicted_files) > 0:
+      run_git('add', '.')
+      run_git('commit', '--no-edit')
+
+    # Migrate the package version number from a v2 version number to a v1 version number
+    print(f'Setting version number to {version}')
+    subprocess.check_output(['npm', 'version', version, '--no-git-tag-version'])
+    run_git('add', 'package.json', 'package-lock.json')
+
+    # Migrate the changelog notes from v2 version numbers to v1 version numbers
+    print('Migrating changelog notes from v2 to v1')
+    subprocess.check_output(['sed', '-i', 's/^## 2\./## 1./g', 'CHANGELOG.md'])
+
+    # Remove changelog notes from v2 that don't apply to v1
+    subprocess.check_output(['sed', '-i', '/^- \[v2+ only\]/d', 'CHANGELOG.md'])
+
+    # Amend the commit generated by `npm version` to update the CHANGELOG
+    run_git('add', 'CHANGELOG.md')
+    run_git('commit', '-m', f'Update version and changelog for v{version}')
+  else:
+    # If we're performing a standard release, there won't be any new commits on the target branch,
+    # as these will have already been merged back into the source branch. Therefore we can just
+    # start from the source branch.
+    run_git('checkout', '-b', new_branch_name, f'{ORIGIN}/{source_branch}')
+
+    print('Updating changelog')
+    update_changelog(version)
+
+    # Create a commit that updates the CHANGELOG
+    run_git('add', 'CHANGELOG.md')
+    run_git('commit', '-m', f'Update changelog for v{version}')
 
   run_git('push', ORIGIN, new_branch_name)
 
@@ -240,7 +339,12 @@ def main():
     commits,
     source_branch_short_sha,
     new_branch_name,
+    source_branch=source_branch,
+    target_branch=target_branch,
     conductor=args.conductor,
+    is_v2_release=args.mode == V2_MODE,
+    labels=['Update dependencies'] if args.mode == V1_MODE else [],
+    conflicted_files=conflicted_files
   )
 
 if __name__ == '__main__':

.github/workflows/__analyze-ref-input.yml

@@ -7,11 +7,11 @@ name: "PR Check - Analyze: 'ref' and 'sha' from inputs"
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__autobuild-action.yml

@@ -7,11 +7,11 @@ name: PR Check - autobuild-action
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__export-file-baseline-information.yml

@@ -7,11 +7,11 @@ name: PR Check - Export file baseline information
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:
@@ -42,16 +42,18 @@ jobs:
       uses: ./.github/prepare-test
       with:
         version: ${{ matrix.version }}
+    - uses: swift-actions/setup-swift@5cdaa9161ad1f55ae39a5ea1784ef96de72f95d9
+    # Windows doesn't support Swift, and only macOS latest and nightly-latest support Swift 5.7.1.
+      if: runner.os == 'Linux' || (runner.os == 'macOS' && matrix.version == 'cached')
+      with:
+        swift-version: '5.7'
     - uses: ./../action/init
-      id: init
       with:
         languages: javascript
         tools: ${{ steps.prepare-test.outputs.tools-url }}
       env:
         CODEQL_FILE_BASELINE_INFORMATION: true
-    - uses: ./../action/.github/setup-swift
-      with:
-        codeql-path: ${{steps.init.outputs.codeql-path}}
+        CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true
     - name: Build code
       shell: bash
       run: ./build.sh
@@ -60,6 +62,7 @@ jobs:
         output: ${{ runner.temp }}/results
       env:
         CODEQL_FILE_BASELINE_INFORMATION: true
+        CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true
     - name: Upload SARIF
       uses: actions/upload-artifact@v3
       with:
@@ -84,5 +87,4 @@ jobs:
           fi
         done
     env:
-      CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true # Remove when Swift is GA.
       CODEQL_ACTION_TEST_MODE: true

.github/workflows/__extractor-ram-threads.yml

@@ -7,11 +7,11 @@ name: PR Check - Extractor ram and threads options test
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__go-custom-queries.yml

@@ -7,11 +7,11 @@ name: 'PR Check - Go: Custom queries'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__go-tracing-autobuilder.yml

@@ -7,11 +7,11 @@ name: 'PR Check - Go: tracing with autobuilder step'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__go-tracing-custom-build-steps.yml

@@ -7,11 +7,11 @@ name: 'PR Check - Go: tracing with custom build steps'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__go-tracing-legacy-workflow.yml

@@ -7,11 +7,11 @@ name: 'PR Check - Go: tracing with legacy workflow'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__init-with-registries.yml

@@ -7,11 +7,11 @@ name: 'PR Check - Packaging: Download using registries'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__javascript-source-root.yml

@@ -7,11 +7,11 @@ name: PR Check - Custom source root
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__ml-powered-queries.yml

@@ -7,11 +7,11 @@ name: PR Check - ML-powered queries
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__multi-language-autodetect.yml

@@ -7,11 +7,11 @@ name: PR Check - Multi-language repository
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:
@@ -65,16 +65,17 @@ jobs:
       uses: actions/setup-go@v3
       with:
         go-version: ^1.13.1
+    - uses: swift-actions/setup-swift@5cdaa9161ad1f55ae39a5ea1784ef96de72f95d9
+    # Only macOS latest and nightly-latest support Swift 5.7.1
+      if: runner.os == 'Linux' || matrix.version == 'cached'
+      with:
+        swift-version: '5.7'
+
     - uses: ./../action/init
-      id: init
       with:
         db-location: ${{ runner.temp }}/customDbLocation
         tools: ${{ steps.prepare-test.outputs.tools-url }}
 
-    - uses: ./../action/.github/setup-swift
-      with:
-        codeql-path: ${{steps.init.outputs.codeql-path}}
-
     - name: Build code
       shell: bash
       run: ./build.sh
@@ -128,8 +129,8 @@ jobs:
         fi
 
     - name: Check language autodetect for Swift
-      if: (matrix.version == 'cached' || matrix.version == 'latest' || matrix.version
-        == 'nightly-latest')
+      if: "!startsWith(matrix.os, 'windows') && (matrix.version == 'cached' || matrix.version\
+        \ == 'latest' || matrix.version == 'nightly-latest')"
       shell: bash
       run: |
         SWIFT_DB=${{ fromJson(steps.analysis.outputs.db-locations).swift }}

.github/workflows/__packaging-codescanning-config-inputs-js.yml

@@ -7,11 +7,11 @@ name: 'PR Check - Packaging: Config and input passed to the CLI'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__packaging-config-inputs-js.yml

@@ -7,11 +7,11 @@ name: 'PR Check - Packaging: Config and input'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__packaging-config-js.yml

@@ -7,11 +7,11 @@ name: 'PR Check - Packaging: Config file'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__packaging-inputs-js.yml

@@ -7,11 +7,11 @@ name: 'PR Check - Packaging: Action input'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__remote-config.yml

@@ -7,11 +7,11 @@ name: PR Check - Remote config file
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__rubocop-multi-language.yml

@@ -7,11 +7,11 @@ name: PR Check - RuboCop multi-language
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__ruby.yml

@@ -7,11 +7,11 @@ name: PR Check - Ruby analysis
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__split-workflow.yml

@@ -7,11 +7,11 @@ name: PR Check - Split workflow
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__submit-sarif-failure.yml

@@ -1,72 +0,0 @@
-# Warning: This file is generated automatically, and should not be modified.
-# Instead, please modify the template in the pr-checks directory and run:
-#     pip install ruamel.yaml && python3 sync.py
-# to regenerate this file.
-
-name: PR Check - Submit SARIF after failure
-env:
-  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-  GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
-on:
-  push:
-    branches:
-    - main
-    - releases/v2
-  pull_request:
-    types:
-    - opened
-    - synchronize
-    - reopened
-    - ready_for_review
-  workflow_dispatch: {}
-jobs:
-  submit-sarif-failure:
-    strategy:
-      matrix:
-        include:
-        - os: ubuntu-latest
-          version: latest
-        - os: ubuntu-latest
-          version: cached
-        - os: ubuntu-latest
-          version: nightly-latest
-    name: Submit SARIF after failure
-    timeout-minutes: 45
-    runs-on: ${{ matrix.os }}
-    steps:
-    - name: Check out repository
-      uses: actions/checkout@v3
-    - name: Prepare test
-      id: prepare-test
-      uses: ./.github/prepare-test
-      with:
-        version: ${{ matrix.version }}
-    - uses: actions/checkout@v3
-    - uses: ./init
-      with:
-        languages: javascript
-    - name: Fail
-    # We want this job to pass if the Action correctly uploads the SARIF file for
-    # the failed run.
-    # Setting this step to continue on error means that it is marked as completing
-    # successfully, so will not fail the job.
-      continue-on-error: true
-      run: exit 1
-    - uses: ./analyze
-    # In a real workflow, this step wouldn't run. Since we used `continue-on-error`
-    # above, we manually disable it with an `if` condition.
-      if: false
-      with:
-        category: /test-codeql-version:${{ matrix.version }}
-    env:
-  # Internal-only environment variable used to indicate that the post-init Action
-  # should expect to upload a SARIF file for the failed run.
-      CODEQL_ACTION_EXPECT_UPLOAD_FAILED_SARIF: true
-  # Make sure the uploading SARIF files feature is enabled.
-      CODEQL_ACTION_UPLOAD_FAILED_SARIF: true
-  # Upload the failed SARIF file as an integration test of the API endpoint.
-      CODEQL_ACTION_TEST_MODE: false
-  # Mark telemetry for this workflow so it can be treated separately.
-      CODEQL_ACTION_TESTING_ENVIRONMENT: codeql-action-pr-checks
-

.github/workflows/__swift-autobuild.yml

@@ -7,11 +7,11 @@ name: PR Check - Swift analysis using autobuild
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:
@@ -42,19 +42,16 @@ jobs:
       uses: ./.github/prepare-test
       with:
         version: ${{ matrix.version }}
+    - uses: swift-actions/setup-swift@5cdaa9161ad1f55ae39a5ea1784ef96de72f95d9
+    # Only macOS latest and nightly-latest support Swift 5.7.1
+      if: runner.os == 'Linux' || matrix.version == 'cached'
+      with:
+        swift-version: '5.7'
     - uses: ./../action/init
-      id: init
       with:
         languages: swift
         tools: ${{ steps.prepare-test.outputs.tools-url }}
-    - uses: ./../action/.github/setup-swift
-      with:
-        codeql-path: ${{steps.init.outputs.codeql-path}}
-    - name: Check working directory
-      shell: bash
-      run: pwd
     - uses: ./../action/autobuild
-      timeout-minutes: 10
     - uses: ./../action/analyze
       id: analysis
     - name: Check database
@@ -66,5 +63,5 @@ jobs:
           exit 1
         fi
     env:
-      CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: 'true' # Remove when Swift is GA.
+      CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: 'true'
       CODEQL_ACTION_TEST_MODE: true

.github/workflows/__swift-custom-build.yml

@@ -7,11 +7,11 @@ name: PR Check - Swift analysis using a custom build command
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:
@@ -48,17 +48,15 @@ jobs:
       uses: ./.github/prepare-test
       with:
         version: ${{ matrix.version }}
+    - uses: swift-actions/setup-swift@5cdaa9161ad1f55ae39a5ea1784ef96de72f95d9
+    # Only macOS latest and nightly-latest support Swift 5.7.1
+      if: runner.os == 'Linux' || matrix.version == 'cached'
+      with:
+        swift-version: '5.7'
     - uses: ./../action/init
-      id: init
       with:
         languages: swift
         tools: ${{ steps.prepare-test.outputs.tools-url }}
-    - uses: ./../action/.github/setup-swift
-      with:
-        codeql-path: ${{steps.init.outputs.codeql-path}}
-    - name: Check working directory
-      shell: bash
-      run: pwd
     - name: Build code
       shell: bash
       run: ./build.sh
@@ -73,6 +71,6 @@ jobs:
           exit 1
         fi
     env:
-      CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: 'true' # Remove when Swift is GA.
+      CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: 'true'
       DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false'
       CODEQL_ACTION_TEST_MODE: true

.github/workflows/__test-autobuild-working-dir.yml

@@ -7,11 +7,11 @@ name: PR Check - Autobuild working directory
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__test-local-codeql.yml

@@ -7,11 +7,11 @@ name: PR Check - Local CodeQL bundle
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__test-proxy.yml

@@ -7,11 +7,11 @@ name: PR Check - Proxy test
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__unset-environment.yml

@@ -7,11 +7,11 @@ name: PR Check - Test unsetting environment variables
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:
@@ -59,10 +59,7 @@ jobs:
         tools: ${{ steps.prepare-test.outputs.tools-url }}
     - name: Build code
       shell: bash
-    # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a
-    # workaround for our PR checks.
-      run: env -i CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN=true PATH="$PATH" HOME="$HOME"
-        ./build.sh
+      run: env -i PATH="$PATH" HOME="$HOME" ./build.sh
     - uses: ./../action/analyze
       id: analysis
     - shell: bash

.github/workflows/__upload-ref-sha-input.yml

@@ -7,11 +7,11 @@ name: "PR Check - Upload-sarif: 'ref' and 'sha' from inputs"
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/__with-checkout-path.yml

@@ -7,11 +7,11 @@ name: PR Check - Use a custom `checkout_path`
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/codeql.yml

@@ -2,15 +2,12 @@ name: "CodeQL action"
 
 on:
   push:
-    branches: [main, releases/v2]
+    branches: [main, releases/v1, releases/v2]
   pull_request:
-    branches: [main, releases/v2]
+    branches: [main, releases/v1, releases/v2]
     # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
     # by other workflows.
     types: [opened, synchronize, reopened, ready_for_review]
-  schedule:
-    # Weekly on Sunday.
-    - cron: '30 1 * * 0'
 
 env:
   CODEQL_ACTION_TESTING_ENVIRONMENT: codeql-action-pr-checks
@@ -57,7 +54,7 @@ jobs:
         # be the same as `tools: null`. This allows us to make the job for each of the bundles a
         # required status check.
         #
-        # If we're running on push or schedule, then we can skip running with `tools: latest` when it would be
+        # If we're running on push, then we can skip running with `tools: latest` when it would be
         # the same as running with `tools: null`.
         if [[ "$GITHUB_EVENT_NAME" != "pull_request" && "$CODEQL_VERSION_DEFAULT" == "$CODEQL_VERSION_LATEST" ]]; then
           VERSIONS_JSON='[null]'
@@ -81,10 +78,8 @@ jobs:
       security-events: write
 
     steps:
-    - name: Checkout
-      uses: actions/checkout@v3
-    - name: Initialize CodeQL
-      uses: ./init
+    - uses: actions/checkout@v3
+    - uses: ./init
       id: init
       with:
         languages: javascript
@@ -93,5 +88,4 @@ jobs:
     # confirm steps.init.outputs.codeql-path points to the codeql binary
     - name: Print CodeQL Version
       run: ${{steps.init.outputs.codeql-path}} version --format=json
-    - name: Perform CodeQL Analysis
-      uses: ./analyze
+    - uses: ./analyze

.github/workflows/codescanning-config-cli.yml

@@ -9,6 +9,7 @@ on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/debug-artifacts-failure.yml

@@ -2,14 +2,12 @@
 # when the analyze step fails.
 name: PR Check - Debug artifacts after failure
 env:
-  # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a
-  # workaround for our PR checks.
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: true
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/debug-artifacts.yml

@@ -1,14 +1,12 @@
 # Checks logs, SARIF, and database bundle debug artifacts exist.
 name: PR Check - Debug artifact upload
 env:
-  # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a
-  # workaround for our PR checks.
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: true
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/expected-queries-runs.yml

@@ -4,6 +4,7 @@ on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/post-release-mergeback.yml

@@ -1,9 +1,8 @@
-# This workflow runs after a release of the action. It:
-# 1. Merges any changes from the release back into the main branch. Typically, this is just a single
-#    commit that updates the changelog.
-# 2. Tags the merge commit on the release branch that represents the new release with an `v2.x.y`
-#    tag
-# 3. Updates the `v2` tag to refer to this merge commit.
+# This workflow runs after a release of the action. For v2 releases, it merges any changes from the
+# release back into the main branch. Typically, this is just a single commit that updates the
+# changelog. For v2 and v1 releases, it then (a) tags the merge commit on the release branch that
+# represents the new release with an `vx.y.z` tag and (b) updates the `vx` tag to refer to this
+# commit.
 name: Tag release and merge back
 
 on:
@@ -16,6 +15,7 @@ on:
 
   push:
     branches:
+      - releases/v1
       - releases/v2
 
 jobs:
@@ -105,7 +105,7 @@ jobs:
           git push origin --atomic --force refs/tags/"${VERSION}" refs/tags/"${major_version_tag}"
 
       - name: Create mergeback branch
-        if: steps.check.outputs.exists != 'true'
+        if: steps.check.outputs.exists != 'true' && contains(github.ref, 'releases/v2')
         env:
           VERSION: "${{ steps.getVersion.outputs.version }}"
           NEW_BRANCH: "${{ steps.getVersion.outputs.newBranch }}"

.github/workflows/pr-checks.yml

@@ -2,7 +2,7 @@ name: PR Checks
 
 on:
   push:
-    branches: [main, releases/v2]
+    branches: [main, releases/v1, releases/v2]
   pull_request:
     # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
     # by other workflows.
@@ -15,6 +15,10 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 45
 
+    strategy:
+      matrix:
+        node-types-version: [12.12, current]
+
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -22,6 +26,28 @@ jobs:
       - name: Lint
         run: npm run-script lint
 
+      - name: Update version of @types/node
+        if: matrix.node-types-version != 'current'
+        env:
+          NODE_TYPES_VERSION: ${{ matrix.node-types-version }}
+        run: |
+          # Export `NODE_TYPES_VERSION` so it's available to jq
+          export NODE_TYPES_VERSION="${NODE_TYPES_VERSION}"
+          contents=$(jq '.devDependencies."@types/node" = env.NODE_TYPES_VERSION' package.json)
+          echo "${contents}" > package.json
+          # Usually we run `npm install` on macOS to ensure that we pick up macOS-only dependencies.
+          # However we're not checking in the updated lockfile here, so it's fine to run
+          # `npm install` on Linux.
+          npm install
+
+          if [ ! -z "$(git status --porcelain)" ]; then
+            git config --global user.email "github-actions@github.com"
+            git config --global user.name "github-actions[bot]"
+            # The period in `git add --all .` ensures that we stage deleted files too.
+            git add --all .
+            git commit -m "Use @types/node=${NODE_TYPES_VERSION}"
+          fi
+
       - name: Check generated JS
         run: .github/workflows/script/check-js.sh
 
@@ -44,8 +70,25 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v3
 
+      # Checks for any conflict markers created by git. This check is primarily intended to validate that
+      # any merge conflicts in the v2 -> v1 backport PR are fixed before the PR is merged.
+      - name: Check for merge conflicts
+        run: |
+          # Use `|| true` since grep returns exit code 1 if there are no matches, and we don't want
+          # this to fail the workflow.
+          FILES_WITH_CONFLICTS=$(grep --extended-regexp --ignore-case --line-number --recursive \
+            '^(<<<<<<<|>>>>>>>)' . || true)
+          if [[ "${FILES_WITH_CONFLICTS}" ]]; then
+            echo "Fail: Found merge conflict markers in the following files:"
+            echo ""
+            echo "${FILES_WITH_CONFLICTS}"
+            exit 1
+          else
+            echo "Success: Found no merge conflict markers."
+          fi
+
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v3
         with:
           python-version: 3.8
 

.github/workflows/python-deps.yml

@@ -1,8 +1,8 @@
-name: Test Python Package Installation
+name: Test Python Package Installation on Linux and Mac
 
 on:
   push:
-    branches: [main, releases/v2]
+    branches: [main, releases/v1, releases/v2]
   pull_request:
     # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
     # by other workflows.
@@ -28,7 +28,17 @@ jobs:
         matrix:
           os: [ubuntu-20.04, ubuntu-22.04, macos-latest]
           python_deps_type: [pipenv, poetry, requirements, setup_py]
-          python_version: [3]
+          python_version: [2, 3]
+          exclude:
+            # Python2 and poetry are not supported. See https://github.com/actions/setup-python/issues/374
+            - python_version: 2
+              python_deps_type: poetry
+            # Python2 and pipenv are not supported since pipenv v2021.11.5
+            - python_version: 2
+              python_deps_type: pipenv
+            # Python2 is not available on ubuntu-22.04 by default -- see https://github.com/github/codeql-action/pull/1257
+            - python_version: 2
+              os: ubuntu-22.04
 
 
     env:
@@ -128,7 +138,14 @@ jobs:
         fail-fast: false
         matrix:
           python_deps_type: [pipenv, poetry, requirements, setup_py]
-          python_version: [3]
+          python_version: [2, 3]
+          exclude:
+            # Python2 and poetry are not supported. See https://github.com/actions/setup-python/issues/374
+            - python_version: 2
+              python_deps_type: poetry
+            # Python2 and pipenv are not supported since pipenv v2021.11.5
+            - python_version: 2
+              python_deps_type: pipenv
 
     env:
       CODEQL_ACTION_TEST_MODE: true
@@ -139,12 +156,11 @@ jobs:
     # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
     - uses: actions/checkout@v3
 
-    - uses: actions/setup-python@v4
+    - uses: actions/setup-python@v3
       with:
         python-version: ${{ matrix.python_version }}
 
     - name: Initialize CodeQL
-      id: init
       uses: ./init
       with:
         tools: latest
@@ -152,15 +168,15 @@ jobs:
         setup-python-dependencies: false
 
     - name: Test Auto Package Installation
-      env:
-        CODEQL_PATH: ${{ steps.init.outputs.codeql-path }}
       run: |
         $cmd = $Env:GITHUB_WORKSPACE + "\\python-setup\\install_tools.ps1"
         powershell -File $cmd
 
         cd $Env:GITHUB_WORKSPACE\\python-setup/tests/$Env:PYTHON_DEPS_TYPE/requests-$Env:PYTHON_VERSION
-        $codeql_dist = (get-item $Env:CODEQL_PATH).Directory.FullName
-        py -3 $Env:GITHUB_WORKSPACE\\python-setup\\auto_install_packages.py $codeql_dist
+        $DefaultsPath = Join-Path (Join-Path $Env:GITHUB_WORKSPACE "src") "defaults.json"
+        $CodeQLBundleName = (Get-Content -Raw -Path $DefaultsPath | ConvertFrom-Json).bundleVersion
+        $CodeQLVersion = "0.0.0-" + $CodeQLBundleName.split("-")[-1]
+        py -3 $Env:GITHUB_WORKSPACE\\python-setup\\auto_install_packages.py C:\\hostedtoolcache\\windows\\CodeQL\\$CodeQLVersion\\x64\\codeql
 
     - name: Setup for extractor
       run: |

.github/workflows/query-filters.yml

@@ -4,6 +4,7 @@ on:
   push:
     branches:
     - main
+    - releases/v1
     - releases/v2
   pull_request:
     types:

.github/workflows/script/check-node-modules.sh

@@ -7,9 +7,10 @@ if [ ! -z "$(git status --porcelain)" ]; then
     >&2 echo "Failed: Repo should be clean before testing!"
     exit 1
 fi
+# Pin npm to v8 since v9 doesn't support Node 12.
 # When updating this, make sure to update the npm version in
 # `.github/workflows/update-dependencies.yml` too.
-sudo npm install --force -g npm@9.2.0
+sudo npm install --force -g npm@^8.19.3
 # Reinstall modules and then clean to remove absolute paths
 # Use 'npm ci' instead of 'npm install' as this is intended to be reproducible
 npm ci

.github/workflows/script/update-required-checks.sh

@@ -10,7 +10,7 @@ fi
 
 if [ "$#" -eq 1 ]; then
   # If we were passed an argument, use that as the SHA
-  GITHUB_SHA="$1"
+  GITHUB_SHA="$0"
 elif [ "$#" -gt 1 ]; then
   echo "Usage: $0 [SHA]"
   echo "Update the required checks based on the SHA, or main."
@@ -23,13 +23,13 @@ fi
 echo "Getting checks for $GITHUB_SHA"
 
 # Ignore any checks with "https://", CodeQL, LGTM, and Update checks.
-CHECKS="$(gh api repos/github/codeql-action/commits/"${GITHUB_SHA}"/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or . == "check-expected-release-files" or contains("Update") or contains("update") or contains("test-setup-python-scripts") | not)] | unique | sort')"
+CHECKS="$(gh api repos/github/codeql-action/commits/"${GITHUB_SHA}"/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "LGTM.com" or contains("Update") or contains("update") or contains("test-setup-python-scripts") | not)] | unique | sort')"
 
 echo "$CHECKS" | jq
 
 echo "{\"contexts\": ${CHECKS}}" > checks.json
 
-for BRANCH in main releases/v2; do
+for BRANCH in main releases/v2 releases/v1; do
   echo "Updating $BRANCH"
   gh api --silent -X "PATCH" "repos/github/codeql-action/branches/$BRANCH/protection/required_status_checks" --input checks.json
 done

.github/workflows/update-dependencies.yml

@@ -27,9 +27,10 @@ jobs:
       run: |
         git fetch origin "$BRANCH" --depth=1
         git checkout "origin/$BRANCH"
+        # Pin npm to v8 since v9 doesn't support Node 12.
         # When updating this, make sure to update the npm version in
         # `.github/workflows/script/check-node-modules.sh` too.
-        sudo npm install --force -g npm@9.2.0
+        sudo npm install --force -g npm@^8.19.3
         npm install
         npm ci
         npm run removeNPMAbsolutePaths

.github/workflows/update-release-branch.yml

@@ -4,6 +4,11 @@ on:
   # This will open a PR to update the v2 release branch.
   workflow_dispatch:
 
+  # When the v2 release is complete, this workflow will open a PR to update the v1 release branch.
+  push:
+    branches:
+      - releases/v2
+
 jobs:
   update:
     timeout-minutes: 45
@@ -24,7 +29,7 @@ jobs:
         fetch-depth: 0
 
     - name: Set up Python
-      uses: actions/setup-python@v4
+      uses: actions/setup-python@v3
       with:
         python-version: 3.8
 
@@ -38,9 +43,20 @@ jobs:
         git config --global user.email "github-actions@github.com"
         git config --global user.name "github-actions[bot]"
 
-    - name: Update release branch
+    - name: Update v2 release branch
+      if: github.event_name == 'workflow_dispatch'
       run: |
         python .github/update-release-branch.py \
           --github-token ${{ secrets.GITHUB_TOKEN }} \
           --repository-nwo ${{ github.repository }} \
+          --mode v2-release \
+          --conductor ${GITHUB_ACTOR}
+
+    - name: Update v1 release branch
+      if: github.event_name == 'push'
+      run: |
+        python .github/update-release-branch.py \
+          --github-token ${{ secrets.GITHUB_TOKEN }} \
+          --repository-nwo ${{ github.repository }} \
+          --mode v1-release \
           --conductor ${GITHUB_ACTOR}

.github/workflows/update-supported-enterprise-server-versions.yml

@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Setup Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v3
         with:
           python-version: "3.7"
       - name: Checkout CodeQL Action
@@ -35,7 +35,7 @@ jobs:
         env:
           ENTERPRISE_RELEASES_PATH: ${{ github.workspace }}/enterprise-releases/
       - name: Commit Changes
-        uses: peter-evans/create-pull-request@2b011faafdcbc9ceb11414d64d0573f37c774b04 # v4.2.3
+        uses: peter-evans/create-pull-request@c7f493a8000b8aeb17a1332e326ba76b57cb83eb # v3.4.1
         with:
           commit-message: Update supported GitHub Enterprise Server versions.
           title: Update supported GitHub Enterprise Server versions.

CHANGELOG.md

@@ -1,205 +1,143 @@
 # CodeQL Action Changelog
 
-## [UNRELEASED]
+## 1.1.35 - 01 Dec 2022
 
 No user facing changes.
 
-## 2.2.4 - 10 Feb 2023
-
-No user facing changes.
-
-## 2.2.3 - 08 Feb 2023
-
-- Update default CodeQL bundle version to 2.12.2. [#1518](https://github.com/github/codeql-action/pull/1518)
-
-## 2.2.2 - 06 Feb 2023
-
-- Fix an issue where customers using the CodeQL Action with the [CodeQL Action sync tool](https://docs.github.com/en/enterprise-server@3.7/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access) would not be able to obtain the CodeQL tools. [#1517](https://github.com/github/codeql-action/pull/1517)
-
-## 2.2.1 - 27 Jan 2023
-
-No user facing changes.
-
-## 2.2.0 - 26 Jan 2023
-
-- Improve stability when choosing the default version of CodeQL to use in code scanning workflow runs on Actions on GitHub.com. [#1475](https://github.com/github/codeql-action/pull/1475)
-  - This change addresses customer reports of code scanning alerts on GitHub.com being closed and reopened during the rollout of new versions of CodeQL in the GitHub Actions [runner images](https://github.com/actions/runner-images).
-  - **No change is required for the majority of workflows**, including:
-    - Workflows on GitHub.com hosted runners using the latest version (`v2`) of the CodeQL Action.
-    - Workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action from `v2.2.0` onwards.
-    - Workflows on GitHub Enterprise Server.
-  - **A change may be required** for workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action before `v2.2.0` (e.g. `v2.1.32`):
-    - Previously, these workflows would obtain the latest version of CodeQL from the Actions runner image.
-    - Now, these workflows will download an older, compatible version of CodeQL from GitHub Releases. To use this older version, no change is required. To use the newest version of CodeQL, please update your workflows to reference the latest version of the CodeQL Action (`v2`).
-  - **Internal changes**
-    - These changes will not affect the majority of code scanning workflows. Continue reading only if your workflow uses [@actions/tool-cache](https://github.com/actions/toolkit/tree/main/packages/tool-cache) or relies on the precise location of CodeQL within the Actions tool cache.
-    - The tool cache now contains **two** recent CodeQL versions (previously **one**).
-    - Each CodeQL version is located under a directory named after the release date and version number, e.g. CodeQL 2.11.6 is now located under `CodeQL/2.11.6-20221211/x64/codeql` (previously `CodeQL/0.0.0-20221211/x64/codeql`).
-- The maximum number of [SARIF runs](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#run-object) per file has been increased from 15 to 20 for users uploading SARIF files to GitHub.com. This change will help ensure that Code Scanning can process SARIF files generated by third-party tools that have many runs. See the [GitHub API documentation](https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data) for a list of all the limits around uploading SARIF. This change will be released to GitHub Enterprise Server as part of GHES 3.9.
-- Update default CodeQL bundle version to 2.12.1. [#1498](https://github.com/github/codeql-action/pull/1498)
-- Fix a bug that forced the `init` Action to run for at least two minutes on JavaScript. [#1494](https://github.com/github/codeql-action/pull/1494)
-
-## 2.1.39 - 18 Jan 2023
-
-- CodeQL Action v1 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see [this changelog post](https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/). [#1467](https://github.com/github/codeql-action/pull/1466)
-- Python automatic dependency installation will no longer fail for projects using Poetry that specify `virtualenvs.options.no-pip = true` in their `poetry.toml`. [#1431](https://github.com/github/codeql-action/pull/1431)
-- Avoid printing a stack trace and error message when the action fails to find the SHA at the
-  current directory. This will happen in several non-error states and so we now avoid cluttering the
-  log with this message. [#1485](https://github.com/github/codeql-action/pull/1485)
-
-## 2.1.38 - 12 Jan 2023
-
-- Update default CodeQL bundle version to 2.12.0. [#1466](https://github.com/github/codeql-action/pull/1466)
-
-## 2.1.37 - 14 Dec 2022
-
-- Update default CodeQL bundle version to 2.11.6. [#1433](https://github.com/github/codeql-action/pull/1433)
-
-## 2.1.36 - 08 Dec 2022
-
-- Update default CodeQL bundle version to 2.11.5. [#1412](https://github.com/github/codeql-action/pull/1412)
-- Add a step that tries to upload a SARIF file for the workflow run when that workflow run fails. This will help better surface failed code scanning workflow runs. [#1393](https://github.com/github/codeql-action/pull/1393)
-- Python automatic dependency installation will no longer consider dependency code installed in venv as user-written, for projects using Poetry that specify `virtualenvs.in-project = true` in their `poetry.toml`. [#1419](https://github.com/github/codeql-action/pull/1419)
-
-## 2.1.35 - 01 Dec 2022
-
-No user facing changes.
-
-## 2.1.34 - 25 Nov 2022
+## 1.1.34 - 25 Nov 2022
 
 - Update default CodeQL bundle version to 2.11.4. [#1391](https://github.com/github/codeql-action/pull/1391)
 - Fixed a bug where some the `init` action and the `analyze` action would have different sets of experimental feature flags enabled. [#1384](https://github.com/github/codeql-action/pull/1384)
 
-## 2.1.33 - 16 Nov 2022
+## 1.1.33 - 16 Nov 2022
 
 - Go is now analyzed in the same way as other compiled languages such as C/C++, C#, and Java. This completes the rollout of the feature described in [CodeQL Action version 2.1.27](#2127---06-oct-2022). [#1322](https://github.com/github/codeql-action/pull/1322)
 - Bump the minimum CodeQL bundle version to 2.6.3. [#1358](https://github.com/github/codeql-action/pull/1358)
 
-## 2.1.32 - 14 Nov 2022
+## 1.1.32 - 14 Nov 2022
 
 - Update default CodeQL bundle version to 2.11.3. [#1348](https://github.com/github/codeql-action/pull/1348)
 - Update the ML-powered additional query pack for JavaScript to version 0.4.0. [#1351](https://github.com/github/codeql-action/pull/1351)
 
-## 2.1.31 - 04 Nov 2022
+## 1.1.31 - 04 Nov 2022
 
 - The `rb/weak-cryptographic-algorithm` Ruby query has been updated to no longer report uses of hash functions such as `MD5` and `SHA1` even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. For more information, see the corresponding change in the [github/codeql repository](https://github.com/github/codeql/pull/11129). [#1344](https://github.com/github/codeql-action/pull/1344)
 
-## 2.1.30 - 02 Nov 2022
+## 1.1.30 - 02 Nov 2022
 
 - Improve the error message when using CodeQL bundle version 2.7.2 and earlier in a workflow that runs on a runner image such as `ubuntu-22.04` that uses glibc version 2.34 and later. [#1334](https://github.com/github/codeql-action/pull/1334)
 
-## 2.1.29 - 26 Oct 2022
+## 1.1.29 - 26 Oct 2022
 
 - Update default CodeQL bundle version to 2.11.2. [#1320](https://github.com/github/codeql-action/pull/1320)
 
-## 2.1.28 - 18 Oct 2022
+## 1.1.28 - 18 Oct 2022
 
 - Update default CodeQL bundle version to 2.11.1. [#1294](https://github.com/github/codeql-action/pull/1294)
 - Replace uses of GitHub Actions command `set-output` because it is now deprecated. See more information in the [GitHub Changelog](https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/). [#1301](https://github.com/github/codeql-action/pull/1301)
 
-## 2.1.27 - 06 Oct 2022
+## 1.1.27 - 06 Oct 2022
 
 - We are rolling out a feature of the CodeQL Action in October 2022 that changes the way that Go code is analyzed to be more consistent with other compiled languages like C/C++, C#, and Java. You do not need to alter your code scanning workflows. If you encounter any problems, please [file an issue](https://github.com/github/codeql-action/issues) or open a private ticket with GitHub Support and request an escalation to engineering.
 
-## 2.1.26 - 29 Sep 2022
+## 1.1.26 - 29 Sep 2022
 
 - Update default CodeQL bundle version to 2.11.0. [#1267](https://github.com/github/codeql-action/pull/1267)
 
-## 2.1.25 - 21 Sep 2022
+## 1.1.25 - 21 Sep 2022
 
 - We will soon be rolling out a feature of the CodeQL Action that stores some information used to make future runs faster in the GitHub Actions cache. Initially, this will only be enabled on JavaScript repositories, but we plan to add more languages to this soon. The new feature can be disabled by passing the `trap-caching: false` option to your workflow's `init` step, for example if you are already using the GitHub Actions cache for a different purpose and are near the storage limit for it.
-- Add support for Python automatic dependency installation with Poetry 1.2 [#1258](https://github.com/github/codeql-action/pull/1258)
+- Add support for Python automatic dependency installation with Poetry 1.2 [#1258](https://github.com/github/codeql-action/pull/1258).
 
-## 2.1.24 - 16 Sep 2022
+## 1.1.24 - 16 Sep 2022
 
 No user facing changes.
 
-## 2.1.23 - 14 Sep 2022
+## 1.1.23 - 14 Sep 2022
 
 - Allow CodeQL packs to be downloaded from GitHub Enterprise Server instances, using the new `registries` input for the `init` action.  [#1221](https://github.com/github/codeql-action/pull/1221)
 - Update default CodeQL bundle version to 2.10.5. [#1240](https://github.com/github/codeql-action/pull/1240)
 
-## 2.1.22 - 01 Sep 2022
+## 1.1.22 - 01 Sep 2022
 
 - Downloading CodeQL packs has been moved to the `init` step. Previously, CodeQL packs were downloaded during the `analyze` step. [#1218](https://github.com/github/codeql-action/pull/1218)
 - Update default CodeQL bundle version to 2.10.4. [#1224](https://github.com/github/codeql-action/pull/1224)
 - The newly released [Poetry 1.2](https://python-poetry.org/blog/announcing-poetry-1.2.0) is not yet supported. In the most common case where the CodeQL Action is automatically installing Python dependencies, it will continue to install and use Poetry 1.1 on its own. However, in certain cases such as with self-hosted runners, you may need to ensure Poetry 1.1 is installed yourself.
 
-## 2.1.21 - 25 Aug 2022
+## 1.1.21 - 25 Aug 2022
 
 - Improve error messages when the code scanning configuration file includes an invalid `queries` block or an invalid `query-filters` block. [#1208](https://github.com/github/codeql-action/pull/1208)
 - Fix a bug where Go build tracing could fail on Windows. [#1209](https://github.com/github/codeql-action/pull/1209)
 
-## 2.1.20 - 22 Aug 2022
+## 1.1.20 - 22 Aug 2022
 
 No user facing changes.
 
-## 2.1.19 - 17 Aug 2022
+## 1.1.19 - 17 Aug 2022
 
 - Add the ability to filter queries from a code scanning run by using the `query-filters` option in the code scanning configuration file. [#1098](https://github.com/github/codeql-action/pull/1098)
 - In debug mode, debug artifacts are now uploaded even if a step in the Actions workflow fails. [#1159](https://github.com/github/codeql-action/pull/1159)
 - Update default CodeQL bundle version to 2.10.3. [#1178](https://github.com/github/codeql-action/pull/1178)
 - The combination of python2 and Pipenv is no longer supported. [#1181](https://github.com/github/codeql-action/pull/1181)
 
-## 2.1.18 - 03 Aug 2022
+## 1.1.18 - 03 Aug 2022
 
 - Update default CodeQL bundle version to 2.10.2.  [#1156](https://github.com/github/codeql-action/pull/1156)
 
-## 2.1.17 - 28 Jul 2022
+## 1.1.17 - 28 Jul 2022
 
 - Update default CodeQL bundle version to 2.10.1.  [#1143](https://github.com/github/codeql-action/pull/1143)
 
-## 2.1.16 - 13 Jul 2022
+## 1.1.16 - 13 Jul 2022
 
 - You can now quickly debug a job that uses the CodeQL Action by re-running the job from the GitHub UI and selecting the "Enable debug logging" option. [#1132](https://github.com/github/codeql-action/pull/1132)
 - You can now see diagnostic messages produced by the analysis in the logs of the `analyze` Action by enabling debug mode. To enable debug mode, pass `debug: true` to the `init` Action, or [enable step debug logging](https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging#enabling-step-debug-logging). This feature is available for CodeQL CLI version 2.10.0 and later. [#1133](https://github.com/github/codeql-action/pull/1133)
 
-## 2.1.15 - 28 Jun 2022
+## 1.1.15 - 28 Jun 2022
 
 - CodeQL query packs listed in the `packs` configuration field will be skipped if their target language is not being analyzed in the current Actions job. Previously, this would throw an error. [#1116](https://github.com/github/codeql-action/pull/1116)
 - The combination of python2 and poetry is no longer supported. See <https://github.com/actions/setup-python/issues/374> for more details. [#1124](https://github.com/github/codeql-action/pull/1124)
 - Update default CodeQL bundle version to 2.10.0. [#1123](https://github.com/github/codeql-action/pull/1123)
 
-## 2.1.14 - 22 Jun 2022
+## 1.1.14 - 22 Jun 2022
 
 No user facing changes.
 
-## 2.1.13 - 21 Jun 2022
+## 1.1.13 - 21 Jun 2022
 
 - Update default CodeQL bundle version to 2.9.4. [#1100](https://github.com/github/codeql-action/pull/1100)
 
-## 2.1.12 - 01 Jun 2022
+## 1.1.12 - 01 Jun 2022
 
 - Update default CodeQL bundle version to 2.9.3. [#1084](https://github.com/github/codeql-action/pull/1084)
 
-## 2.1.11 - 17 May 2022
+## 1.1.11 - 17 May 2022
 
 - Update default CodeQL bundle version to 2.9.2. [#1074](https://github.com/github/codeql-action/pull/1074)
 
-## 2.1.10 - 10 May 2022
+## 1.1.10 - 10 May 2022
 
 - Update default CodeQL bundle version to 2.9.1. [#1056](https://github.com/github/codeql-action/pull/1056)
 - When `wait-for-processing` is enabled, the workflow will now fail if there were any errors that occurred during processing of the analysis results.
 
-## 2.1.9 - 27 Apr 2022
+## 1.1.9 - 27 Apr 2022
 
 - Add `working-directory` input to the `autobuild` action. [#1024](https://github.com/github/codeql-action/pull/1024)
 - The `analyze` and `upload-sarif` actions will now wait up to 2 minutes for processing to complete after they have uploaded the results so they can report any processing errors that occurred. This behavior can be disabled by setting the `wait-for-processing` action input to `"false"`. [#1007](https://github.com/github/codeql-action/pull/1007)
 - Update default CodeQL bundle version to 2.9.0.
 - Fix a bug where [status reporting fails on Windows](https://github.com/github/codeql-action/issues/1041). [#1042](https://github.com/github/codeql-action/pull/1042)
 
-## 2.1.8 - 08 Apr 2022
+## 1.1.8 - 08 Apr 2022
 
 - Update default CodeQL bundle version to 2.8.5. [#1014](https://github.com/github/codeql-action/pull/1014)
 - Fix error where the init action would fail due to a GitHub API request that was taking too long to complete [#1025](https://github.com/github/codeql-action/pull/1025)
 
-## 2.1.7 - 05 Apr 2022
+## 1.1.7 - 05 Apr 2022
 
 - A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. [#1018](https://github.com/github/codeql-action/pull/1018)
 
-## 2.1.6 - 30 Mar 2022
+## 1.1.6 - 30 Mar 2022
 
-- [v2+ only] The CodeQL Action now runs on Node.js v16. [#1000](https://github.com/github/codeql-action/pull/1000)
 - Update default CodeQL bundle version to 2.8.4. [#990](https://github.com/github/codeql-action/pull/990)
 - Fix a bug where an invalid `commit_oid` was being sent to code scanning when a custom checkout path was being used. [#956](https://github.com/github/codeql-action/pull/956)
 
@@ -360,7 +298,7 @@ No user facing changes.
 ## 1.0.4 - 28 Jun 2021
 
 - Fix `RUNNER_TEMP environment variable must be set` when using runner. [#594](https://github.com/github/codeql-action/pull/594)
-- Fix counting of lines of code for C# projects. [#586](https://github.com/github/codeql-action/pull/586)
+- Fix couting of lines of code for C# projects. [#586](https://github.com/github/codeql-action/pull/586)
 
 ## 1.0.3 - 23 Jun 2021
 

CONTRIBUTING.md

@@ -67,8 +67,12 @@ Here are a few things you can do that will increase the likelihood of your pull
     This mergeback incorporates the changelog updates into `main`, tags the release using the merge commit of the "Merge main into releases/v2" pull request, and bumps the patch version of the CodeQL Action.
 
     Approve the mergeback PR and automerge it.
+1. When the "Merge main into releases/v2" pull request is merged into the `releases/v2` branch, the "Update release branch" workflow will create a "Merge releases/v2 into releases/v1" pull request to merge the changes since the last release into the `releases/v1` release branch.
+    This ensures we keep both the `releases/v1` and `releases/v2` release branches up to date and fully supported.
 
-Once the mergeback has been merged to `main`, the release is complete.
+    Review the checklist items in the pull request description.
+    Once you've checked off all the items, approve the PR and automerge it.
+1. Once the mergeback has been merged to `main` and the "Merge releases/v2 into releases/v1" PR has been merged to `releases/v1`, the release is complete.
 
 ## Keeping the PR checks up to date (admin access required)
 

README.md

@@ -1,6 +1,6 @@
 # CodeQL Action
 
-This action runs GitHub's industry-leading semantic code analysis engine, [CodeQL](https://codeql.github.com/), against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of [queries](https://github.com/github/codeql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code.
+This action runs GitHub's industry-leading semantic code analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of [queries](https://github.com/github/codeql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code.
 
 For a list of recent changes, see the CodeQL Action's [changelog](CHANGELOG.md).
 

analyze/action.yml

@@ -12,7 +12,6 @@ inputs:
   upload:
     description: Upload the SARIF file to Code Scanning
     required: false
-    # If changing this, make sure to update workflow.ts accordingly.
     default: "true"
   cleanup-level:
     description: "Level of cleanup to perform on CodeQL databases at the end of the analyze step. This should either be 'none' to skip cleanup, or be a valid argument for the --mode flag of the CodeQL CLI command 'codeql database cleanup' as documented at https://codeql.github.com/docs/codeql-cli/manual/database-cleanup"
@@ -45,7 +44,6 @@ inputs:
   checkout_path:
     description: "The path at which the analyzed repository was checked out. Used to relativize any absolute paths in the uploaded SARIF file."
     required: false
-    # If changing this, make sure to update workflow.ts accordingly.
     default: ${{ github.workspace }}
   ref:
     description: "The ref where results will be uploaded. If not provided, the Action will use the GITHUB_REF environment variable. If provided, the sha input must be provided as well. This input is not available in pull requests from forks."
@@ -78,6 +76,6 @@ outputs:
   sarif-id:
     description: The ID of the uploaded SARIF file.
 runs:
-  using: "node16"
+  using: "node12"
   main: "../lib/analyze-action.js"
   post: "../lib/analyze-action-post.js"

autobuild/action.yml

@@ -13,5 +13,5 @@ inputs:
       $GITHUB_WORKSPACE as its working directory.
     required: false
 runs:
-  using: 'node16'
+  using: 'node12'
   main: '../lib/autobuild-action.js'

init/action.yml

@@ -105,6 +105,6 @@ outputs:
   codeql-path:
     description: The path of the CodeQL binary used for analysis
 runs:
-  using: 'node16'
+  using: 'node12'
   main: '../lib/init-action.js'
   post: '../lib/init-action-post.js'

lib/actions-util.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -23,17 +19,17 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.workflowEventName = exports.sendStatusReport = exports.createStatusReportBase = exports.getActionVersion = exports.getActionsStatus = exports.getRef = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
+exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.workflowEventName = exports.sendStatusReport = exports.createStatusReportBase = exports.getActionsStatus = exports.getRef = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.getWorkflowRunID = exports.getWorkflow = exports.formatWorkflowCause = exports.formatWorkflowErrors = exports.validateWorkflow = exports.getWorkflowErrors = exports.WorkflowErrors = exports.patternIsSuperset = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const safeWhich = __importStar(require("@chrisgavin/safe-which"));
+const yaml = __importStar(require("js-yaml"));
 const api = __importStar(require("./api-client"));
 const sharedEnv = __importStar(require("./shared-environment"));
 const util_1 = require("./util");
-const workflow_1 = require("./workflow");
 // eslint-disable-next-line import/no-commonjs
 const pkg = require("../package.json");
 /**
@@ -92,9 +88,8 @@ const getCommitOid = async function (checkoutPath, ref = "HEAD") {
         return commitOid.trim();
     }
     catch (e) {
-        core.info("Could not determine current commit SHA using git. Continuing with data from user input or environment.");
-        core.debug(`Reason: ${e.message}`);
-        core.debug(e.stack || "NO STACK");
+        core.info(`Failed to call git to get current commit. Continuing with data from environment or input: ${e}`);
+        core.info(e.stack || "NO STACK");
         return (0, exports.getOptionalInput)("sha") || (0, util_1.getRequiredEnvParam)("GITHUB_SHA");
     }
 };
@@ -150,6 +145,225 @@ const determineMergeBaseCommitOid = async function () {
     }
 };
 exports.determineMergeBaseCommitOid = determineMergeBaseCommitOid;
+function isObject(o) {
+    return o !== null && typeof o === "object";
+}
+const GLOB_PATTERN = new RegExp("(\\*\\*?)");
+function escapeRegExp(string) {
+    return string.replace(/[.*+?^${}()|[\]\\]/g, "\\$&"); // $& means the whole matched string
+}
+function patternToRegExp(value) {
+    return new RegExp(`^${value
+        .toString()
+        .split(GLOB_PATTERN)
+        .reduce(function (arr, cur) {
+        if (cur === "**") {
+            arr.push(".*?");
+        }
+        else if (cur === "*") {
+            arr.push("[^/]*?");
+        }
+        else if (cur) {
+            arr.push(escapeRegExp(cur));
+        }
+        return arr;
+    }, [])
+        .join("")}$`);
+}
+// this function should return true if patternA is a superset of patternB
+// e.g: * is a superset of main-* but main-* is not a superset of *.
+function patternIsSuperset(patternA, patternB) {
+    return patternToRegExp(patternA).test(patternB);
+}
+exports.patternIsSuperset = patternIsSuperset;
+function branchesToArray(branches) {
+    if (typeof branches === "string") {
+        return [branches];
+    }
+    if (Array.isArray(branches)) {
+        if (branches.length === 0) {
+            return "**";
+        }
+        return branches;
+    }
+    return "**";
+}
+function toCodedErrors(errors) {
+    return Object.entries(errors).reduce((acc, [key, value]) => {
+        acc[key] = { message: value, code: key };
+        return acc;
+    }, {});
+}
+// code to send back via status report
+// message to add as a warning annotation to the run
+exports.WorkflowErrors = toCodedErrors({
+    MismatchedBranches: `Please make sure that every branch in on.pull_request is also in on.push so that Code Scanning can compare pull requests against the state of the base branch.`,
+    MissingPushHook: `Please specify an on.push hook so that Code Scanning can compare pull requests against the state of the base branch.`,
+    PathsSpecified: `Using on.push.paths can prevent Code Scanning annotating new alerts in your pull requests.`,
+    PathsIgnoreSpecified: `Using on.push.paths-ignore can prevent Code Scanning annotating new alerts in your pull requests.`,
+    CheckoutWrongHead: `git checkout HEAD^2 is no longer necessary. Please remove this step as Code Scanning recommends analyzing the merge commit for best results.`,
+});
+function getWorkflowErrors(doc) {
+    var _a, _b, _c, _d, _e;
+    const errors = [];
+    const jobName = process.env.GITHUB_JOB;
+    if (jobName) {
+        const job = (_a = doc === null || doc === void 0 ? void 0 : doc.jobs) === null || _a === void 0 ? void 0 : _a[jobName];
+        const steps = job === null || job === void 0 ? void 0 : job.steps;
+        if (Array.isArray(steps)) {
+            for (const step of steps) {
+                // this was advice that we used to give in the README
+                // we actually want to run the analysis on the merge commit
+                // to produce results that are more inline with expectations
+                // (i.e: this is what will happen if you merge this PR)
+                // and avoid some race conditions
+                if ((step === null || step === void 0 ? void 0 : step.run) === "git checkout HEAD^2") {
+                    errors.push(exports.WorkflowErrors.CheckoutWrongHead);
+                    break;
+                }
+            }
+        }
+    }
+    let missingPush = false;
+    if (doc.on === undefined) {
+        // this is not a valid config
+    }
+    else if (typeof doc.on === "string") {
+        if (doc.on === "pull_request") {
+            missingPush = true;
+        }
+    }
+    else if (Array.isArray(doc.on)) {
+        const hasPush = doc.on.includes("push");
+        const hasPullRequest = doc.on.includes("pull_request");
+        if (hasPullRequest && !hasPush) {
+            missingPush = true;
+        }
+    }
+    else if (isObject(doc.on)) {
+        const hasPush = Object.prototype.hasOwnProperty.call(doc.on, "push");
+        const hasPullRequest = Object.prototype.hasOwnProperty.call(doc.on, "pull_request");
+        if (!hasPush && hasPullRequest) {
+            missingPush = true;
+        }
+        if (hasPush && hasPullRequest) {
+            const paths = (_b = doc.on.push) === null || _b === void 0 ? void 0 : _b.paths;
+            // if you specify paths or paths-ignore you can end up with commits that have no baseline
+            // if they didn't change any files
+            // currently we cannot go back through the history and find the most recent baseline
+            if (Array.isArray(paths) && paths.length > 0) {
+                errors.push(exports.WorkflowErrors.PathsSpecified);
+            }
+            const pathsIgnore = (_c = doc.on.push) === null || _c === void 0 ? void 0 : _c["paths-ignore"];
+            if (Array.isArray(pathsIgnore) && pathsIgnore.length > 0) {
+                errors.push(exports.WorkflowErrors.PathsIgnoreSpecified);
+            }
+        }
+        // if doc.on.pull_request is null that means 'all branches'
+        // if doc.on.pull_request is undefined that means 'off'
+        // we only want to check for mismatched branches if pull_request is on.
+        if (doc.on.pull_request !== undefined) {
+            const push = branchesToArray((_d = doc.on.push) === null || _d === void 0 ? void 0 : _d.branches);
+            if (push !== "**") {
+                const pull_request = branchesToArray((_e = doc.on.pull_request) === null || _e === void 0 ? void 0 : _e.branches);
+                if (pull_request !== "**") {
+                    const difference = pull_request.filter((value) => !push.some((o) => patternIsSuperset(o, value)));
+                    if (difference.length > 0) {
+                        // there are branches in pull_request that may not have a baseline
+                        // because we are not building them on push
+                        errors.push(exports.WorkflowErrors.MismatchedBranches);
+                    }
+                }
+                else if (push.length > 0) {
+                    // push is set up to run on a subset of branches
+                    // and you could open a PR against a branch with no baseline
+                    errors.push(exports.WorkflowErrors.MismatchedBranches);
+                }
+            }
+        }
+    }
+    if (missingPush) {
+        errors.push(exports.WorkflowErrors.MissingPushHook);
+    }
+    return errors;
+}
+exports.getWorkflowErrors = getWorkflowErrors;
+async function validateWorkflow() {
+    let workflow;
+    try {
+        workflow = await getWorkflow();
+    }
+    catch (e) {
+        return `error: getWorkflow() failed: ${String(e)}`;
+    }
+    let workflowErrors;
+    try {
+        workflowErrors = getWorkflowErrors(workflow);
+    }
+    catch (e) {
+        return `error: getWorkflowErrors() failed: ${String(e)}`;
+    }
+    if (workflowErrors.length > 0) {
+        let message;
+        try {
+            message = formatWorkflowErrors(workflowErrors);
+        }
+        catch (e) {
+            return `error: formatWorkflowErrors() failed: ${String(e)}`;
+        }
+        core.warning(message);
+    }
+    return formatWorkflowCause(workflowErrors);
+}
+exports.validateWorkflow = validateWorkflow;
+function formatWorkflowErrors(errors) {
+    const issuesWere = errors.length === 1 ? "issue was" : "issues were";
+    const errorsList = errors.map((e) => e.message).join(" ");
+    return `${errors.length} ${issuesWere} detected with this workflow: ${errorsList}`;
+}
+exports.formatWorkflowErrors = formatWorkflowErrors;
+function formatWorkflowCause(errors) {
+    if (errors.length === 0) {
+        return undefined;
+    }
+    return errors.map((e) => e.code).join(",");
+}
+exports.formatWorkflowCause = formatWorkflowCause;
+async function getWorkflow() {
+    const relativePath = await getWorkflowPath();
+    const absolutePath = path.join((0, util_1.getRequiredEnvParam)("GITHUB_WORKSPACE"), relativePath);
+    return yaml.load(fs.readFileSync(absolutePath, "utf-8"));
+}
+exports.getWorkflow = getWorkflow;
+/**
+ * Get the path of the currently executing workflow.
+ */
+async function getWorkflowPath() {
+    const repo_nwo = (0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY").split("/");
+    const owner = repo_nwo[0];
+    const repo = repo_nwo[1];
+    const run_id = Number((0, util_1.getRequiredEnvParam)("GITHUB_RUN_ID"));
+    const apiClient = api.getApiClient();
+    const runsResponse = await apiClient.request("GET /repos/:owner/:repo/actions/runs/:run_id?exclude_pull_requests=true", {
+        owner,
+        repo,
+        run_id,
+    });
+    const workflowUrl = runsResponse.data.workflow_url;
+    const workflowResponse = await apiClient.request(`GET ${workflowUrl}`);
+    return workflowResponse.data.path;
+}
+/**
+ * Get the workflow run ID.
+ */
+function getWorkflowRunID() {
+    const workflowRunID = parseInt((0, util_1.getRequiredEnvParam)("GITHUB_RUN_ID"), 10);
+    if (Number.isNaN(workflowRunID)) {
+        throw new Error("GITHUB_RUN_ID must define a non NaN workflow run ID");
+    }
+    return workflowRunID;
+}
+exports.getWorkflowRunID = getWorkflowRunID;
 /**
  * Get the analysis key parameter for the current job.
  *
@@ -163,7 +377,7 @@ async function getAnalysisKey() {
     if (analysisKey !== undefined) {
         return analysisKey;
     }
-    const workflowPath = await (0, workflow_1.getWorkflowPath)();
+    const workflowPath = await getWorkflowPath();
     const jobName = (0, util_1.getRequiredEnvParam)("GITHUB_JOB");
     analysisKey = `${workflowPath}:${jobName}`;
     core.exportVariable(analysisKeyEnvVar, analysisKey);
@@ -178,10 +392,10 @@ async function getAutomationID() {
 exports.getAutomationID = getAutomationID;
 function computeAutomationID(analysis_key, environment) {
     let automationID = `${analysis_key}/`;
-    const matrix = (0, util_1.parseMatrixInput)(environment);
-    if (matrix !== undefined) {
-        // the id has to be deterministic so we sort the fields
-        for (const entry of Object.entries(matrix).sort()) {
+    // the id has to be deterministic so we sort the fields
+    if (environment !== undefined && environment !== "null") {
+        const environmentObject = JSON.parse(environment);
+        for (const entry of Object.entries(environmentObject).sort()) {
             if (typeof entry[1] === "string") {
                 automationID += `${entry[0]}:${entry[1]}/`;
             }
@@ -274,10 +488,6 @@ function getActionsStatus(error, otherFailureCause) {
     }
 }
 exports.getActionsStatus = getActionsStatus;
-function getActionVersion() {
-    return pkg.version;
-}
-exports.getActionVersion = getActionVersion;
 /**
  * Compose a StatusReport.
  *
@@ -327,7 +537,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, cause
         status,
         testing_environment: testingEnvironment,
         runner_os: runnerOs,
-        action_version: getActionVersion(),
+        action_version: pkg.version,
     };
     // Add optional parameters
     if (cause) {
@@ -481,11 +691,12 @@ function removeRefsHeadsPrefix(ref) {
 // Is the version of the repository we are currently analyzing from the default branch,
 // or alternatively from another branch or a pull request.
 async function isAnalyzingDefaultBranch() {
+    var _a;
     // Get the current ref and trim and refs/heads/ prefix
     let currentRef = await getRef();
     currentRef = removeRefsHeadsPrefix(currentRef);
     const event = getWorkflowEvent();
-    let defaultBranch = event?.repository?.default_branch;
+    let defaultBranch = (_a = event === null || event === void 0 ? void 0 : event.repository) === null || _a === void 0 ? void 0 : _a.default_branch;
     if (process.env.GITHUB_EVENT_NAME === "schedule") {
         defaultBranch = removeRefsHeadsPrefix((0, util_1.getRequiredEnvParam)("GITHUB_REF"));
     }

lib/actions-util.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -29,10 +25,14 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const ava_1 = __importDefault(require("ava"));
+const yaml = __importStar(require("js-yaml"));
 const sinon = __importStar(require("sinon"));
 const actionsutil = __importStar(require("./actions-util"));
 const testing_utils_1 = require("./testing-utils");
 const util_1 = require("./util");
+function errorCodes(actual, expected) {
+    return [actual.map(({ code }) => code), expected.map(({ code }) => code)];
+}
 (0, testing_utils_1.setupTests)(ava_1.default);
 (0, ava_1.default)("getRef() throws on the empty string", async (t) => {
     process.env["GITHUB_REF"] = "";
@@ -98,30 +98,6 @@ const util_1 = require("./util");
         getAdditionalInputStub.restore();
     });
 });
-(0, ava_1.default)("getRef() returns CODE_SCANNING_REF as a fallback for GITHUB_REF", async (t) => {
-    await (0, util_1.withTmpDir)(async (tmpDir) => {
-        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-        const expectedRef = "refs/pull/1/HEAD";
-        const currentSha = "a".repeat(40);
-        process.env["CODE_SCANNING_REF"] = expectedRef;
-        process.env["GITHUB_REF"] = "";
-        process.env["GITHUB_SHA"] = currentSha;
-        const actualRef = await actionsutil.getRef();
-        t.deepEqual(actualRef, expectedRef);
-    });
-});
-(0, ava_1.default)("getRef() returns GITHUB_REF over CODE_SCANNING_REF if both are provided", async (t) => {
-    await (0, util_1.withTmpDir)(async (tmpDir) => {
-        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-        const expectedRef = "refs/pull/1/merge";
-        const currentSha = "a".repeat(40);
-        process.env["CODE_SCANNING_REF"] = "refs/pull/1/HEAD";
-        process.env["GITHUB_REF"] = expectedRef;
-        process.env["GITHUB_SHA"] = currentSha;
-        const actualRef = await actionsutil.getRef();
-        t.deepEqual(actualRef, expectedRef);
-    });
-});
 (0, ava_1.default)("getRef() throws an error if only `ref` is provided as an input", async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {
         (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
@@ -167,6 +143,333 @@ const util_1 = require("./util");
     actualAutomationID = actionsutil.computeAutomationID(".github/workflows/codeql-analysis.yml:analyze", undefined);
     t.deepEqual(actualAutomationID, ".github/workflows/codeql-analysis.yml:analyze/");
 });
+(0, ava_1.default)("getWorkflowErrors() when on is empty", (t) => {
+    const errors = actionsutil.getWorkflowErrors({ on: {} });
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push is an array missing pull_request", (t) => {
+    const errors = actionsutil.getWorkflowErrors({ on: ["push"] });
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push is an array missing push", (t) => {
+    const errors = actionsutil.getWorkflowErrors({ on: ["pull_request"] });
+    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MissingPushHook]));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push is valid", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: ["push", "pull_request"],
+    });
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push is a valid superset", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: ["push", "pull_request", "schedule"],
+    });
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push should not have a path", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: {
+            push: { branches: ["main"], paths: ["test/*"] },
+            pull_request: { branches: ["main"] },
+        },
+    });
+    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.PathsSpecified]));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push is a correct object", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: { push: { branches: ["main"] }, pull_request: { branches: ["main"] } },
+    });
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.pull_requests is a string", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: { push: { branches: ["main"] }, pull_request: { branches: "*" } },
+    });
+    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MismatchedBranches]));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.pull_requests is a string and correct", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: { push: { branches: "*" }, pull_request: { branches: "*" } },
+    });
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push is correct with empty objects", (t) => {
+    const errors = actionsutil.getWorkflowErrors(yaml.load(`
+on:
+  push:
+  pull_request:
+`));
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push is mismatched", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: {
+            push: { branches: ["main"] },
+            pull_request: { branches: ["feature"] },
+        },
+    });
+    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MismatchedBranches]));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push is not mismatched", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: {
+            push: { branches: ["main", "feature"] },
+            pull_request: { branches: ["main"] },
+        },
+    });
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push is mismatched for pull_request", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: {
+            push: { branches: ["main"] },
+            pull_request: { branches: ["main", "feature"] },
+        },
+    });
+    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MismatchedBranches]));
+});
+(0, ava_1.default)("getWorkflowErrors() for a range of malformed workflows", (t) => {
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: {
+            push: 1,
+            pull_request: 1,
+        },
+    }), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: 1,
+    }), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: 1,
+        jobs: 1,
+    }), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: 1,
+        jobs: [1],
+    }), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: 1,
+        jobs: { 1: 1 },
+    }), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: 1,
+        jobs: { test: 1 },
+    }), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: 1,
+        jobs: { test: [1] },
+    }), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: 1,
+        jobs: { test: { steps: 1 } },
+    }), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: 1,
+        jobs: { test: { steps: [{ notrun: "git checkout HEAD^2" }] } },
+    }), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: 1,
+        jobs: { test: [undefined] },
+    }), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(1), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors({
+        on: {
+            push: {
+                branches: 1,
+            },
+            pull_request: {
+                branches: 1,
+            },
+        },
+    }), []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.pull_request for every branch but push specifies branches", (t) => {
+    const errors = actionsutil.getWorkflowErrors(yaml.load(`
+name: "CodeQL"
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+`));
+    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MismatchedBranches]));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.pull_request for wildcard branches", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: {
+            push: { branches: ["feature/*"] },
+            pull_request: { branches: "feature/moose" },
+        },
+    });
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.pull_request for mismatched wildcard branches", (t) => {
+    const errors = actionsutil.getWorkflowErrors({
+        on: {
+            push: { branches: ["feature/moose"] },
+            pull_request: { branches: "feature/*" },
+        },
+    });
+    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.MismatchedBranches]));
+});
+(0, ava_1.default)("getWorkflowErrors() when HEAD^2 is checked out", (t) => {
+    process.env.GITHUB_JOB = "test";
+    const errors = actionsutil.getWorkflowErrors({
+        on: ["push", "pull_request"],
+        jobs: { test: { steps: [{ run: "git checkout HEAD^2" }] } },
+    });
+    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.CheckoutWrongHead]));
+});
+(0, ava_1.default)("formatWorkflowErrors() when there is one error", (t) => {
+    const message = actionsutil.formatWorkflowErrors([
+        actionsutil.WorkflowErrors.CheckoutWrongHead,
+    ]);
+    t.true(message.startsWith("1 issue was detected with this workflow:"));
+});
+(0, ava_1.default)("formatWorkflowErrors() when there are multiple errors", (t) => {
+    const message = actionsutil.formatWorkflowErrors([
+        actionsutil.WorkflowErrors.CheckoutWrongHead,
+        actionsutil.WorkflowErrors.PathsSpecified,
+    ]);
+    t.true(message.startsWith("2 issues were detected with this workflow:"));
+});
+(0, ava_1.default)("formatWorkflowCause() with no errors", (t) => {
+    const message = actionsutil.formatWorkflowCause([]);
+    t.deepEqual(message, undefined);
+});
+(0, ava_1.default)("formatWorkflowCause()", (t) => {
+    const message = actionsutil.formatWorkflowCause([
+        actionsutil.WorkflowErrors.CheckoutWrongHead,
+        actionsutil.WorkflowErrors.PathsSpecified,
+    ]);
+    t.deepEqual(message, "CheckoutWrongHead,PathsSpecified");
+    t.deepEqual(actionsutil.formatWorkflowCause([]), undefined);
+});
+(0, ava_1.default)("patternIsSuperset()", (t) => {
+    t.false(actionsutil.patternIsSuperset("main-*", "main"));
+    t.true(actionsutil.patternIsSuperset("*", "*"));
+    t.true(actionsutil.patternIsSuperset("*", "main-*"));
+    t.false(actionsutil.patternIsSuperset("main-*", "*"));
+    t.false(actionsutil.patternIsSuperset("main-*", "main"));
+    t.true(actionsutil.patternIsSuperset("main", "main"));
+    t.false(actionsutil.patternIsSuperset("*", "feature/*"));
+    t.true(actionsutil.patternIsSuperset("**", "feature/*"));
+    t.false(actionsutil.patternIsSuperset("feature-*", "**"));
+    t.false(actionsutil.patternIsSuperset("a/**/c", "a/**/d"));
+    t.false(actionsutil.patternIsSuperset("a/**/c", "a/**"));
+    t.true(actionsutil.patternIsSuperset("a/**", "a/**/c"));
+    t.true(actionsutil.patternIsSuperset("a/**/c", "a/main-**/c"));
+    t.false(actionsutil.patternIsSuperset("a/**/b/**/c", "a/**/d/**/c"));
+    t.true(actionsutil.patternIsSuperset("a/**/b/**/c", "a/**/b/c/**/c"));
+    t.true(actionsutil.patternIsSuperset("a/**/b/**/c", "a/**/b/d/**/c"));
+    t.false(actionsutil.patternIsSuperset("a/**/c/d/**/c", "a/**/b/**/c"));
+    t.false(actionsutil.patternIsSuperset("a/main-**/c", "a/**/c"));
+    t.true(actionsutil.patternIsSuperset("/robin/*/release/*", "/robin/moose/release/goose"));
+    t.false(actionsutil.patternIsSuperset("/robin/moose/release/goose", "/robin/*/release/*"));
+});
+(0, ava_1.default)("getWorkflowErrors() when branches contain dots", (t) => {
+    const errors = actionsutil.getWorkflowErrors(yaml.load(`
+  on:
+    push:
+      branches: [4.1, master]
+    pull_request:
+      # The branches below must be a subset of the branches above
+      branches: [4.1, master]
+`));
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on.push has a trailing comma", (t) => {
+    const errors = actionsutil.getWorkflowErrors(yaml.load(`
+name: "CodeQL"
+on:
+  push:
+    branches: [master, ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
+`));
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() should only report the current job's CheckoutWrongHead", (t) => {
+    process.env.GITHUB_JOB = "test";
+    const errors = actionsutil.getWorkflowErrors(yaml.load(`
+name: "CodeQL"
+on:
+  push:
+    branches: [master]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
+jobs:
+  test:
+    steps:
+      - run: "git checkout HEAD^2"
+
+  test2:
+    steps:
+      - run: "git checkout HEAD^2"
+
+  test3:
+    steps: []
+`));
+    t.deepEqual(...errorCodes(errors, [actionsutil.WorkflowErrors.CheckoutWrongHead]));
+});
+(0, ava_1.default)("getWorkflowErrors() should not report a different job's CheckoutWrongHead", (t) => {
+    process.env.GITHUB_JOB = "test3";
+    const errors = actionsutil.getWorkflowErrors(yaml.load(`
+name: "CodeQL"
+on:
+  push:
+    branches: [master]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
+jobs:
+  test:
+    steps:
+      - run: "git checkout HEAD^2"
+
+  test2:
+    steps:
+      - run: "git checkout HEAD^2"
+
+  test3:
+    steps: []
+`));
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() when on is missing", (t) => {
+    const errors = actionsutil.getWorkflowErrors(yaml.load(`
+name: "CodeQL"
+`));
+    t.deepEqual(...errorCodes(errors, []));
+});
+(0, ava_1.default)("getWorkflowErrors() with a different on setup", (t) => {
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(yaml.load(`
+name: "CodeQL"
+on: "workflow_dispatch"
+`)), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(yaml.load(`
+name: "CodeQL"
+on: [workflow_dispatch]
+`)), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(yaml.load(`
+name: "CodeQL"
+on:
+  workflow_dispatch: {}
+`)), []));
+});
+(0, ava_1.default)("getWorkflowErrors() should not report an error if PRs are totally unconfigured", (t) => {
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(yaml.load(`
+name: "CodeQL"
+on:
+  push:
+    branches: [master]
+`)), []));
+    t.deepEqual(...errorCodes(actionsutil.getWorkflowErrors(yaml.load(`
+name: "CodeQL"
+on: ["push"]
+`)), []));
+});
 (0, ava_1.default)("initializeEnvironment", (t) => {
     (0, util_1.initializeEnvironment)("1.2.3");
     t.deepEqual(process.env.CODEQL_ACTION_VERSION, "1.2.3");

lib/analysis-paths.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

lib/analysis-paths.js.map

@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,CACL,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,MAAM,CAC1E,CAAC;AACJ,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,qEAAqE;IACrE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,mGAAmG,CACpG,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IACE,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC;QACvC,CAAC,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,EACvC;QACA,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AAjCD,wEAiCC"}
+{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,CACL,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,MAAM,CAC1E,CAAC;AACJ,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,qEAAqE;IACrE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,mGAAmG,CACpG,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IACE,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC;QACvC,CAAC,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,EACvC;QACA,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AAjCD,wEAiCC"}

lib/analysis-paths.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

lib/analysis-paths.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;YACD,UAAU,EAAE,EAAE;YACd,qBAAqB,EAAE,CAAC;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;YACD,UAAU,EAAE,EAAE;YACd,qBAAqB,EAAE,CAAC;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;QACX,WAAW,EAAE,EAAE;QACf,KAAK,EAAE,EAAE;QACT,iBAAiB,EAAE,EAAE;QACrB,OAAO;QACP,SAAS,EAAE,EAAE;QACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;QACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC;QACrD,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,KAAK;QAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,sBAAsB,EAAE;YACtB,iBAAiB,EAAE,KAAK;YACxB,kBAAkB,EAAE,KAAK;YACzB,oBAAoB,EAAE,KAAK;SAC5B;QACD,UAAU,EAAE,EAAE;QACd,qBAAqB,EAAE,CAAC;KACzB,CAAC;IACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;IACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;IAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;YACD,UAAU,EAAE,EAAE;YACd,qBAAqB,EAAE,CAAC;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,EAAE;YACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;YACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,KAAK;YAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;YACnD,sBAAsB,EAAE;gBACtB,iBAAiB,EAAE,KAAK;gBACxB,kBAAkB,EAAE,KAAK;gBACzB,oBAAoB,EAAE,KAAK;aAC5B;YACD,UAAU,EAAE,EAAE;YACd,qBAAqB,EAAE,CAAC;SACzB,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;QACX,WAAW,EAAE,EAAE;QACf,KAAK,EAAE,EAAE;QACT,iBAAiB,EAAE,EAAE;QACrB,OAAO;QACP,SAAS,EAAE,EAAE;QACb,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,EAAwB;QACxE,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC;QACrD,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,KAAK;QAChB,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,iBAAiB,EAAE,IAAI,CAAC,2BAA2B;QACnD,sBAAsB,EAAE;YACtB,iBAAiB,EAAE,KAAK;YACxB,kBAAkB,EAAE,KAAK;YACzB,oBAAoB,EAAE,KAAK;SAC5B;QACD,UAAU,EAAE,EAAE;QACd,qBAAqB,EAAE,CAAC;KACzB,CAAC;IACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;IACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;IAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC,CAAC,CAAC"}

lib/analyze-action-env.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

lib/analyze-action-env.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEnE,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEnE,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/analyze-action-input.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

lib/analyze-action-input.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnE,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,4DAA8C;AAC9C,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC;aAC3C,QAAQ,CAAC,EAAkC,CAAC,CAAC;QAChD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC3D,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnE,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/analyze-action-post-helper.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -35,7 +31,7 @@ async function run(uploadSarifDebugArtifact) {
         throw new Error("Config file could not be found at expected location. Did the 'init' action fail to start?");
     }
     // Upload Actions SARIF artifacts for debugging
-    if (config?.debugMode) {
+    if (config === null || config === void 0 ? void 0 : config.debugMode) {
         core.info("Debug mode is on. Uploading available SARIF files as Actions debugging artifact...");
         const outputDir = actionsUtil.getRequiredInput("output");
         await uploadSarifDebugArtifact(config, outputDir);

lib/analyze-action-post-helper.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-post-helper.js","sourceRoot":"","sources":["../src/analyze-action-post-helper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,iDAA2C;AAC3C,uCAA6C;AAEtC,KAAK,UAAU,GAAG,CAAC,wBAAkC;IAC1D,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAElC,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAS,EAAC,WAAW,CAAC,qBAAqB,EAAE,EAAE,MAAM,CAAC,CAAC;IAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;QACxB,MAAM,IAAI,KAAK,CACb,2FAA2F,CAC5F,CAAC;KACH;IAED,+CAA+C;IAC/C,IAAI,MAAM,EAAE,SAAS,EAAE;QACrB,IAAI,CAAC,IAAI,CACP,oFAAoF,CACrF,CAAC;QACF,MAAM,SAAS,GAAG,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QACzD,MAAM,wBAAwB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;KACnD;AACH,CAAC;AAlBD,kBAkBC"}
+{"version":3,"file":"analyze-action-post-helper.js","sourceRoot":"","sources":["../src/analyze-action-post-helper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,iDAA2C;AAC3C,uCAA6C;AAEtC,KAAK,UAAU,GAAG,CAAC,wBAAkC;IAC1D,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAElC,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAS,EAAC,WAAW,CAAC,qBAAqB,EAAE,EAAE,MAAM,CAAC,CAAC;IAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;QACxB,MAAM,IAAI,KAAK,CACb,2FAA2F,CAC5F,CAAC;KACH;IAED,+CAA+C;IAC/C,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE;QACrB,IAAI,CAAC,IAAI,CACP,oFAAoF,CACrF,CAAC;QACF,MAAM,SAAS,GAAG,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QACzD,MAAM,wBAAwB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;KACnD;AACH,CAAC;AAlBD,kBAkBC"}

lib/analyze-action-post-helper.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

lib/analyze-action-post-helper.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-post-helper.test.js","sourceRoot":"","sources":["../src/analyze-action-post-helper.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,sFAAwE;AACxE,4DAA8C;AAC9C,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,0CAA0C,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC3D,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC;QAEpC,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,SAAS,EAAE,KAAK;YAChB,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;SACuB,CAAC,CAAC;QAEpC,MAAM,cAAc,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC;QAEnC,MAAM,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAElD,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,yCAAyC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC1D,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC;QAEpC,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,SAAS,EAAE,IAAI;YACf,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;SACuB,CAAC,CAAC;QAEpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QAEhE,MAAM,cAAc,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC;QAEnC,MAAM,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAElD,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-post-helper.test.js","sourceRoot":"","sources":["../src/analyze-action-post-helper.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,sFAAwE;AACxE,4DAA8C;AAC9C,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,0CAA0C,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC3D,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC;QAEpC,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,SAAS,EAAE,KAAK;YAChB,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;SACuB,CAAC,CAAC;QAEpC,MAAM,cAAc,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC;QAEnC,MAAM,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAElD,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,yCAAyC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC1D,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,MAAM,CAAC;QAEpC,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,SAAS,EAAE,IAAI;YACf,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;SACuB,CAAC,CAAC;QAEpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QAEhE,MAAM,cAAc,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC;QAEnC,MAAM,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAElD,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/analyze-action-post.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

lib/analyze-action-post.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-post.js","sourceRoot":"","sources":["../src/analyze-action-post.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;GAIG;AACH,oDAAsC;AAEtC,sFAAwE;AACxE,kEAAoD;AAEpD,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,wBAAwB,CAAC,CAAC;KAC5E;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,oCAAoC,KAAK,EAAE,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"analyze-action-post.js","sourceRoot":"","sources":["../src/analyze-action-post.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA;;;;GAIG;AACH,oDAAsC;AAEtC,sFAAwE;AACxE,kEAAoD;AAEpD,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,wBAAwB,CAAC,CAAC;KAC5E;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,oCAAoC,KAAK,EAAE,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

lib/analyze-action.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -29,6 +25,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.runPromise = exports.sendStatusReport = void 0;
 const fs = __importStar(require("fs"));
 const path_1 = __importDefault(require("path"));
+// We need to import `performance` on Node 12
 const perf_hooks_1 = require("perf_hooks");
 const core = __importStar(require("@actions/core"));
 const actionsUtil = __importStar(require("./actions-util"));
@@ -42,14 +39,15 @@ const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
-const shared_environment_1 = require("./shared-environment");
 const trap_caching_1 = require("./trap-caching");
 const upload_lib = __importStar(require("./upload-lib"));
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
+// eslint-disable-next-line import/no-commonjs
+const pkg = require("../package.json");
 async function sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger) {
-    const status = actionsUtil.getActionsStatus(error, stats?.analyze_failure_language);
-    const statusReportBase = await actionsUtil.createStatusReportBase("finish", status, startedAt, error?.message, error?.stack);
+    const status = actionsUtil.getActionsStatus(error, stats === null || stats === void 0 ? void 0 : stats.analyze_failure_language);
+    const statusReportBase = await actionsUtil.createStatusReportBase("finish", status, startedAt, error === null || error === void 0 ? void 0 : error.message, error === null || error === void 0 ? void 0 : error.stack);
     const statusReport = {
         ...statusReportBase,
         ...(config
@@ -142,7 +140,8 @@ async function run() {
     let trapCacheUploadTime = undefined;
     let dbCreationTimings = undefined;
     let didUploadTrapCaches = false;
-    util.initializeEnvironment(actionsUtil.getActionVersion());
+    util.initializeEnvironment(pkg.version);
+    await util.checkActionVersion(pkg.version);
     const logger = (0, logging_1.getActionsLogger)();
     try {
         if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("finish", "starting", startedAt)))) {
@@ -177,7 +176,7 @@ async function run() {
         }
         core.setOutput("db-locations", dbLocations);
         if (runStats && actionsUtil.getRequiredInput("upload") === "true") {
-            uploadResult = await upload_lib.uploadFromActions(outputDir, actionsUtil.getRequiredInput("checkout_path"), actionsUtil.getOptionalInput("category"), logger);
+            uploadResult = await upload_lib.uploadFromActions(outputDir, logger);
             core.setOutput("sarif-id", uploadResult.sarifID);
         }
         else {
@@ -202,7 +201,6 @@ async function run() {
         if (actionsUtil.getOptionalInput("expect-error") === "true") {
             core.setFailed(`expect-error input was set to true but no error was thrown.`);
         }
-        core.exportVariable(shared_environment_1.CODEQL_ACTION_ANALYZE_DID_COMPLETE_SUCCESSFULLY, "true");
     }
     catch (origError) {
         const error = origError instanceof Error ? origError : new Error(String(origError));
@@ -210,6 +208,7 @@ async function run() {
             hasBadExpectErrorInput()) {
             core.setFailed(error.message);
         }
+        console.log(error);
         if (error instanceof analyze_1.CodeQLAnalysisError) {
             const stats = { ...error.queriesStatusReport };
             await sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
@@ -239,6 +238,7 @@ async function runWrapper() {
     }
     catch (error) {
         core.setFailed(`analyze action failed: ${error}`);
+        console.log(error);
     }
     await (0, util_1.checkForTimeout)();
 }

lib/analyze.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -29,7 +25,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.validateQueryFilters = exports.runCleanup = exports.runFinalize = exports.createQuerySuiteContents = exports.convertPackToQuerySuiteEntry = exports.runQueries = exports.dbIsFinalized = exports.createdDBForScannedLanguages = exports.CodeQLAnalysisError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
-const perf_hooks_1 = require("perf_hooks");
+const perf_hooks_1 = require("perf_hooks"); // We need to import `performance` on Node 12
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const del_1 = __importDefault(require("del"));
 const yaml = __importStar(require("js-yaml"));
@@ -54,7 +50,6 @@ async function setupPythonExtractor(logger) {
         // If CODEQL_PYTHON is not set, no dependencies were installed, so we don't need to do anything
         return;
     }
-    const scriptsFolder = path.resolve(__dirname, "../python-setup");
     let output = "";
     const options = {
         listeners: {
@@ -63,7 +58,10 @@ async function setupPythonExtractor(logger) {
             },
         },
     };
-    await new toolrunner.ToolRunner(codeqlPython, [path.join(scriptsFolder, "find_site_packages.py")], options).exec();
+    await new toolrunner.ToolRunner(codeqlPython, [
+        "-c",
+        "import os; import pip; print(os.path.dirname(os.path.dirname(pip.__file__)))",
+    ], options).exec();
     logger.info(`Setting LGTM_INDEX_IMPORT_PATH=${output}`);
     process.env["LGTM_INDEX_IMPORT_PATH"] = output;
     output = "";
@@ -131,6 +129,12 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
         const queries = config.queries[language];
         const queryFilters = validateQueryFilters(config.originalUserInput["query-filters"]);
         const packsWithVersion = config.packs[language] || [];
+        const hasBuiltinQueries = (queries === null || queries === void 0 ? void 0 : queries.builtin.length) > 0;
+        const hasCustomQueries = (queries === null || queries === void 0 ? void 0 : queries.custom.length) > 0;
+        const hasPackWithCustomQueries = packsWithVersion.length > 0;
+        if (!hasBuiltinQueries && !hasCustomQueries && !hasPackWithCustomQueries) {
+            throw new Error(`Unable to analyze ${language} as no queries were selected for this language`);
+        }
         try {
             if (await util.useCodeScanningConfigInCli(codeql, featureEnablement)) {
                 // If we are using the code scanning config in the CLI,
@@ -155,15 +159,6 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
                 logger.info(analysisSummary);
             }
             else {
-                // config was generated by the action, so must be interpreted by the action.
-                const hasBuiltinQueries = queries?.builtin.length > 0;
-                const hasCustomQueries = queries?.custom.length > 0;
-                const hasPackWithCustomQueries = packsWithVersion.length > 0;
-                if (!hasBuiltinQueries &&
-                    !hasCustomQueries &&
-                    !hasPackWithCustomQueries) {
-                    throw new Error(`Unable to analyze ${language} as no queries were selected for this language`);
-                }
                 logger.startGroup(`Running queries for ${language}`);
                 const querySuitePaths = [];
                 if (queries["builtin"].length > 0) {
@@ -212,7 +207,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
     return statusReport;
     async function runInterpretResults(language, queries, sarifFile, enableDebugLogging) {
         const databasePath = util.getCodeQLDatabasePath(config, language);
-        return await codeql.databaseInterpretResults(databasePath, queries, sarifFile, addSnippetsFlag, threadsFlag, enableDebugLogging ? "-vv" : "-v", automationDetailsId);
+        return await codeql.databaseInterpretResults(databasePath, queries, sarifFile, addSnippetsFlag, threadsFlag, enableDebugLogging ? "-vv" : "-v", automationDetailsId, featureEnablement);
     }
     async function runPrintLinesOfCode(language) {
         const databasePath = util.getCodeQLDatabasePath(config, language);
@@ -249,16 +244,17 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
 }
 exports.runQueries = runQueries;
 function convertPackToQuerySuiteEntry(packStr) {
+    var _a, _b, _c, _d;
     const pack = configUtils.parsePacksSpecification(packStr);
     return {
         qlpack: !pack.path ? pack.name : undefined,
         from: pack.path ? pack.name : undefined,
         version: pack.version,
-        query: pack.path?.endsWith(".ql") ? pack.path : undefined,
-        queries: !pack.path?.endsWith(".ql") && !pack.path?.endsWith(".qls")
+        query: ((_a = pack.path) === null || _a === void 0 ? void 0 : _a.endsWith(".ql")) ? pack.path : undefined,
+        queries: !((_b = pack.path) === null || _b === void 0 ? void 0 : _b.endsWith(".ql")) && !((_c = pack.path) === null || _c === void 0 ? void 0 : _c.endsWith(".qls"))
             ? pack.path
             : undefined,
-        apply: pack.path?.endsWith(".qls") ? pack.path : undefined,
+        apply: ((_d = pack.path) === null || _d === void 0 ? void 0 : _d.endsWith(".qls")) ? pack.path : undefined,
     };
 }
 exports.convertPackToQuerySuiteEntry = convertPackToQuerySuiteEntry;
@@ -271,7 +267,7 @@ async function runFinalize(outputDir, threadsFlag, memoryFlag, config, logger) {
         await (0, del_1.default)(outputDir, { force: true });
     }
     catch (error) {
-        if (error?.code !== "ENOENT") {
+        if ((error === null || error === void 0 ? void 0 : error.code) !== "ENOENT") {
             throw error;
         }
     }

lib/analyze.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -231,7 +227,6 @@ const util = __importStar(require("./util"));
         return (0, analyze_1.validateQueryFilters)([{ xxx: "foo" }]);
     }, { message: /Only "include" or "exclude" filters are allowed/ });
     t.throws(() => {
-        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
         return (0, analyze_1.validateQueryFilters)({ exclude: "foo" });
     }, {
         message: /Query filters must be an array of "include" or "exclude" entries/,

lib/api-client.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -33,6 +29,8 @@ const console_log_level_1 = __importDefault(require("console-log-level"));
 const actions_util_1 = require("./actions-util");
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
+// eslint-disable-next-line import/no-commonjs
+const pkg = require("../package.json");
 var DisallowedAPIVersionReason;
 (function (DisallowedAPIVersionReason) {
     DisallowedAPIVersionReason[DisallowedAPIVersionReason["ACTION_TOO_OLD"] = 0] = "ACTION_TOO_OLD";
@@ -43,7 +41,7 @@ function createApiClientWithDetails(apiDetails, { allowExternal = false } = {})
     const retryingOctokit = githubUtils.GitHub.plugin(retry.retry);
     return new retryingOctokit(githubUtils.getOctokitOptions(auth, {
         baseUrl: apiDetails.apiURL,
-        userAgent: `CodeQL-Action/${(0, actions_util_1.getActionVersion)()}`,
+        userAgent: `CodeQL-Action/${pkg.version}`,
         log: (0, console_log_level_1.default)({ level: "debug" }),
     }));
 }

lib/api-client.js.map

@@ -1 +1 @@
-{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uEAAyD;AACzD,6DAA+C;AAC/C,0EAAgD;AAEhD,iDAAoE;AACpE,6CAA+B;AAC/B,iCAA4D;AAE5D,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,+FAAc,CAAA;IACd,+FAAc,CAAA;AAChB,CAAC,EAHW,0BAA0B,GAA1B,kCAA0B,KAA1B,kCAA0B,QAGrC;AAiBD,SAAS,0BAA0B,CACjC,UAAoC,EACpC,EAAE,aAAa,GAAG,KAAK,EAAE,GAAG,EAAE;IAE9B,MAAM,IAAI,GACR,CAAC,aAAa,IAAI,UAAU,CAAC,gBAAgB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC;IACpE,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/D,OAAO,IAAI,eAAe,CACxB,WAAW,CAAC,iBAAiB,CAAC,IAAI,EAAE;QAClC,OAAO,EAAE,UAAU,CAAC,MAAM;QAC1B,SAAS,EAAE,iBAAiB,IAAA,+BAAgB,GAAE,EAAE;QAChD,GAAG,EAAE,IAAA,2BAAe,EAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;KACzC,CAAC,CACH,CAAC;AACJ,CAAC;AAED,SAAgB,aAAa;IAC3B,OAAO;QACL,IAAI,EAAE,IAAA,+BAAgB,EAAC,OAAO,CAAC;QAC/B,GAAG,EAAE,IAAA,0BAAmB,EAAC,mBAAmB,CAAC;QAC7C,MAAM,EAAE,IAAA,0BAAmB,EAAC,gBAAgB,CAAC;KAC9C,CAAC;AACJ,CAAC;AAND,sCAMC;AAED,SAAgB,YAAY;IAC1B,OAAO,0BAA0B,CAAC,aAAa,EAAE,CAAC,CAAC;AACrD,CAAC;AAFD,oCAEC;AAED,SAAgB,4BAA4B,CAC1C,UAAoC;IAEpC,OAAO,0BAA0B,CAAC,UAAU,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;AACzE,CAAC;AAJD,oEAIC;AAED,IAAI,mBAAmB,GAA8B,SAAS,CAAC;AAE/D;;;;;;GAMG;AACI,KAAK,UAAU,gBAAgB;IACpC,IAAI,mBAAmB,KAAK,SAAS,EAAE;QACrC,mBAAmB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,EAAE,CAAC,CAAC;KACpE;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AALD,4CAKC"}
+{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uEAAyD;AACzD,6DAA+C;AAC/C,0EAAgD;AAEhD,iDAAkD;AAClD,6CAA+B;AAC/B,iCAA4D;AAE5D,8CAA8C;AAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEvC,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,+FAAc,CAAA;IACd,+FAAc,CAAA;AAChB,CAAC,EAHW,0BAA0B,GAA1B,kCAA0B,KAA1B,kCAA0B,QAGrC;AAiBD,SAAS,0BAA0B,CACjC,UAAoC,EACpC,EAAE,aAAa,GAAG,KAAK,EAAE,GAAG,EAAE;IAE9B,MAAM,IAAI,GACR,CAAC,aAAa,IAAI,UAAU,CAAC,gBAAgB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC;IACpE,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/D,OAAO,IAAI,eAAe,CACxB,WAAW,CAAC,iBAAiB,CAAC,IAAI,EAAE;QAClC,OAAO,EAAE,UAAU,CAAC,MAAM;QAC1B,SAAS,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;QACzC,GAAG,EAAE,IAAA,2BAAe,EAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;KACzC,CAAC,CACH,CAAC;AACJ,CAAC;AAED,SAAgB,aAAa;IAC3B,OAAO;QACL,IAAI,EAAE,IAAA,+BAAgB,EAAC,OAAO,CAAC;QAC/B,GAAG,EAAE,IAAA,0BAAmB,EAAC,mBAAmB,CAAC;QAC7C,MAAM,EAAE,IAAA,0BAAmB,EAAC,gBAAgB,CAAC;KAC9C,CAAC;AACJ,CAAC;AAND,sCAMC;AAED,SAAgB,YAAY;IAC1B,OAAO,0BAA0B,CAAC,aAAa,EAAE,CAAC,CAAC;AACrD,CAAC;AAFD,oCAEC;AAED,SAAgB,4BAA4B,CAC1C,UAAoC;IAEpC,OAAO,0BAA0B,CAAC,UAAU,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;AACzE,CAAC;AAJD,oEAIC;AAED,IAAI,mBAAmB,GAA8B,SAAS,CAAC;AAE/D;;;;;;GAMG;AACI,KAAK,UAAU,gBAAgB;IACpC,IAAI,mBAAmB,KAAK,SAAS,EAAE;QACrC,mBAAmB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,EAAE,CAAC,CAAC;KACpE;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AALD,4CAKC"}

lib/api-client.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -33,6 +29,8 @@ const actionsUtil = __importStar(require("./actions-util"));
 const api_client_1 = require("./api-client");
 const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
+// eslint-disable-next-line import/no-commonjs
+const pkg = require("../package.json");
 (0, testing_utils_1.setupTests)(ava_1.default);
 let pluginStub;
 let githubStub;
@@ -40,7 +38,7 @@ ava_1.default.beforeEach(() => {
     pluginStub = sinon.stub(githubUtils.GitHub, "plugin");
     githubStub = sinon.stub();
     pluginStub.returns(githubStub);
-    util.initializeEnvironment(actionsUtil.getActionVersion());
+    util.initializeEnvironment(pkg.version);
 });
 (0, ava_1.default)("getApiClient", async (t) => {
     sinon.stub(actionsUtil, "getRequiredInput").withArgs("token").returns("xyz");
@@ -56,7 +54,7 @@ ava_1.default.beforeEach(() => {
         auth: "token xyz",
         baseUrl: "http://api.github.localhost",
         log: sinon.match.any,
-        userAgent: `CodeQL-Action/${actionsUtil.getActionVersion()}`,
+        userAgent: `CodeQL-Action/${pkg.version}`,
     }));
 });
 //# sourceMappingURL=api-client.test.js.map

lib/api-client.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"api-client.test.js","sourceRoot":"","sources":["../src/api-client.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uEAAyD;AACzD,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,6CAA4C;AAC5C,mDAA6C;AAC7C,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAI,UAA2B,CAAC;AAChC,IAAI,UAA2B,CAAC;AAEhC,aAAI,CAAC,UAAU,CAAC,GAAG,EAAE;IACnB,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACtD,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC1B,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC/B,IAAI,CAAC,qBAAqB,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAC,CAAC;AAC7D,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,cAAc,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/B,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAC7E,MAAM,oBAAoB,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC;IACrE,oBAAoB;SACjB,QAAQ,CAAC,mBAAmB,CAAC;SAC7B,OAAO,CAAC,yBAAyB,CAAC,CAAC;IACtC,oBAAoB;SACjB,QAAQ,CAAC,gBAAgB,CAAC;SAC1B,OAAO,CAAC,6BAA6B,CAAC,CAAC;IAE1C,IAAA,yBAAY,GAAE,CAAC;IAEf,CAAC,CAAC,MAAM,CACN,UAAU,CAAC,qBAAqB,CAAC;QAC/B,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,6BAA6B;QACtC,GAAG,EAAE,KAAK,CAAC,KAAK,CAAC,GAAG;QACpB,SAAS,EAAE,iBAAiB,WAAW,CAAC,gBAAgB,EAAE,EAAE;KAC7D,CAAC,CACH,CAAC;AACJ,CAAC,CAAC,CAAC"}
+{"version":3,"file":"api-client.test.js","sourceRoot":"","sources":["../src/api-client.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uEAAyD;AACzD,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,6CAA4C;AAC5C,mDAA6C;AAC7C,6CAA+B;AAE/B,8CAA8C;AAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEvC,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAI,UAA2B,CAAC;AAChC,IAAI,UAA2B,CAAC;AAEhC,aAAI,CAAC,UAAU,CAAC,GAAG,EAAE;IACnB,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACtD,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC1B,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC/B,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AAC1C,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,cAAc,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/B,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAC7E,MAAM,oBAAoB,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC;IACrE,oBAAoB;SACjB,QAAQ,CAAC,mBAAmB,CAAC;SAC7B,OAAO,CAAC,yBAAyB,CAAC,CAAC;IACtC,oBAAoB;SACjB,QAAQ,CAAC,gBAAgB,CAAC;SAC1B,OAAO,CAAC,6BAA6B,CAAC,CAAC;IAE1C,IAAA,yBAAY,GAAE,CAAC;IAEf,CAAC,CAAC,MAAM,CACN,UAAU,CAAC,qBAAqB,CAAC;QAC/B,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,6BAA6B;QACtC,GAAG,EAAE,KAAK,CAAC,KAAK,CAAC,GAAG;QACpB,SAAS,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;KAC1C,CAAC,CACH,CAAC;AACJ,CAAC,CAAC,CAAC"}

lib/api-compatibility.json

@@ -1 +1 @@
-{ "maximumVersion": "3.8", "minimumVersion": "3.4" }
+{ "maximumVersion": "3.8", "minimumVersion": "3.3" }

lib/autobuild-action.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -31,10 +27,12 @@ const configUtils = __importStar(require("./config-utils"));
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const util_1 = require("./util");
+// eslint-disable-next-line import/no-commonjs
+const pkg = require("../package.json");
 async function sendCompletedStatusReport(startedAt, allLanguages, failingLanguage, cause) {
-    (0, util_1.initializeEnvironment)((0, actions_util_1.getActionVersion)());
+    (0, util_1.initializeEnvironment)(pkg.version);
     const status = (0, actions_util_1.getActionsStatus)(cause, failingLanguage);
-    const statusReportBase = await (0, actions_util_1.createStatusReportBase)("autobuild", status, startedAt, cause?.message, cause?.stack);
+    const statusReportBase = await (0, actions_util_1.createStatusReportBase)("autobuild", status, startedAt, cause === null || cause === void 0 ? void 0 : cause.message, cause === null || cause === void 0 ? void 0 : cause.stack);
     const statusReport = {
         ...statusReportBase,
         autobuild_languages: allLanguages.join(","),
@@ -45,6 +43,7 @@ async function sendCompletedStatusReport(startedAt, allLanguages, failingLanguag
 async function run() {
     const startedAt = new Date();
     const logger = (0, logging_1.getActionsLogger)();
+    await (0, util_1.checkActionVersion)(pkg.version);
     let currentLanguage = undefined;
     let languages = undefined;
     try {
@@ -76,10 +75,10 @@ async function run() {
     catch (error) {
         core.setFailed(`We were unable to automatically build your code. Please replace the call to the autobuild action with your custom build steps.  ${error instanceof Error ? error.message : String(error)}`);
         console.log(error);
-        await sendCompletedStatusReport(startedAt, languages ?? [], currentLanguage, error instanceof Error ? error : new Error(String(error)));
+        await sendCompletedStatusReport(startedAt, languages !== null && languages !== void 0 ? languages : [], currentLanguage, error instanceof Error ? error : new Error(String(error)));
         return;
     }
-    await sendCompletedStatusReport(startedAt, languages ?? []);
+    await sendCompletedStatusReport(startedAt, languages !== null && languages !== void 0 ? languages : []);
 }
 async function runWrapper() {
     try {

lib/autobuild-action.js.map

@@ -1 +1 @@
-{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAQwB;AACxB,6CAAgD;AAChD,2CAAwE;AACxE,4DAA8C;AAC9C,2CAAuC;AACvC,uCAA6C;AAC7C,iCAIgB;AAShB,KAAK,UAAU,yBAAyB,CACtC,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;IAEb,IAAA,4BAAqB,EAAC,IAAA,+BAAgB,GAAE,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,qCAAsB,EACnD,WAAW,EACX,MAAM,EACN,SAAS,EACT,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAA0B;QAC1C,GAAG,gBAAgB;QACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,iBAAiB,EAAE,eAAe;KACnC,CAAC;IACF,MAAM,IAAA,+BAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,IAAI,eAAe,GAAyB,SAAS,CAAC;IACtD,IAAI,SAAS,GAA2B,SAAS,CAAC;IAClD,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,+BAAgB,EACtB,MAAM,IAAA,qCAAsB,EAAC,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC,CACjE,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,SAAS,GAAG,MAAM,IAAA,uCAA2B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,SAAS,KAAK,SAAS,EAAE;YAC3B,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,gBAAgB,EAAE;gBACpB,MAAM,CAAC,IAAI,CACT,6CAA6C,gBAAgB,EAAE,CAChE,CAAC;gBACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;aACjC;YACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;gBAChC,eAAe,GAAG,QAAQ,CAAC;gBAC3B,MAAM,IAAA,wBAAY,EAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;gBAC7C,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE;oBAC5B,IAAI,CAAC,cAAc,CAAC,oCAA6B,EAAE,MAAM,CAAC,CAAC;iBAC5D;aACF;SACF;KACF;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CACZ,mIACE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CACvD,EAAE,CACH,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,yBAAyB,CAC7B,SAAS,EACT,SAAS,IAAI,EAAE,EACf,eAAe,EACf,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;QACF,OAAO;KACR;IAED,MAAM,yBAAyB,CAAC,SAAS,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC;AAC9D,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,4BAA4B,KAAK,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAOwB;AACxB,6CAAgD;AAChD,2CAAwE;AACxE,4DAA8C;AAC9C,2CAAuC;AACvC,uCAA6C;AAC7C,iCAKgB;AAEhB,8CAA8C;AAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AASvC,KAAK,UAAU,yBAAyB,CACtC,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;IAEb,IAAA,4BAAqB,EAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAEnC,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,qCAAsB,EACnD,WAAW,EACX,MAAM,EACN,SAAS,EACT,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,EACd,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAA0B;QAC1C,GAAG,gBAAgB;QACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,iBAAiB,EAAE,eAAe;KACnC,CAAC;IACF,MAAM,IAAA,+BAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,IAAA,yBAAkB,EAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACtC,IAAI,eAAe,GAAyB,SAAS,CAAC;IACtD,IAAI,SAAS,GAA2B,SAAS,CAAC;IAClD,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,+BAAgB,EACtB,MAAM,IAAA,qCAAsB,EAAC,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC,CACjE,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,SAAS,GAAG,MAAM,IAAA,uCAA2B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,SAAS,KAAK,SAAS,EAAE;YAC3B,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,gBAAgB,EAAE;gBACpB,MAAM,CAAC,IAAI,CACT,6CAA6C,gBAAgB,EAAE,CAChE,CAAC;gBACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;aACjC;YACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;gBAChC,eAAe,GAAG,QAAQ,CAAC;gBAC3B,MAAM,IAAA,wBAAY,EAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;gBAC7C,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE;oBAC5B,IAAI,CAAC,cAAc,CAAC,oCAA6B,EAAE,MAAM,CAAC,CAAC;iBAC5D;aACF;SACF;KACF;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CACZ,mIACE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CACvD,EAAE,CACH,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,yBAAyB,CAC7B,SAAS,EACT,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,EAAE,EACf,eAAe,EACf,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;QACF,OAAO;KACR;IAED,MAAM,yBAAyB,CAAC,SAAS,EAAE,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,EAAE,CAAC,CAAC;AAC9D,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,4BAA4B,KAAK,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

lib/codeql.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -22,19 +18,30 @@ var __importStar = (this && this.__importStar) || function (mod) {
     __setModuleDefault(result, mod);
     return result;
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_TRACING_GLIBC_2_34 = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
+exports.getExtraOptions = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.convertToSemVer = exports.getCodeQLURLVersion = exports.setupCodeQL = exports.getCodeQLActionRepository = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = exports.CODEQL_VERSION_TRACING_GLIBC_2_34 = exports.CODEQL_VERSION_NEW_TRACING = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CODEQL_VERSION_CONFIG_FILES = exports.CODEQL_DEFAULT_ACTION_REPOSITORY = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
+const toolcache = __importStar(require("@actions/tool-cache"));
+const fast_deep_equal_1 = __importDefault(require("fast-deep-equal"));
 const yaml = __importStar(require("js-yaml"));
+const query_string_1 = __importDefault(require("query-string"));
+const semver = __importStar(require("semver"));
+const uuid_1 = require("uuid");
 const actions_util_1 = require("./actions-util");
+const api = __importStar(require("./api-client"));
+const defaults = __importStar(require("./defaults.json")); // Referenced from codeql-action-sync-tool!
 const error_matcher_1 = require("./error-matcher");
+const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
-const setupCodeql = __importStar(require("./setup-codeql"));
 const toolrunner_error_catcher_1 = require("./toolrunner-error-catcher");
 const trap_caching_1 = require("./trap-caching");
 const util = __importStar(require("./util"));
+const util_1 = require("./util");
 class CommandInvocationError extends Error {
     constructor(cmd, args, exitCode, error, output) {
         super(`Failure invoking ${cmd} with arguments ${args}.\n
@@ -49,6 +56,8 @@ exports.CommandInvocationError = CommandInvocationError;
  * Can be overridden in tests using `setCodeQL`.
  */
 let cachedCodeQL = undefined;
+const CODEQL_BUNDLE_VERSION = defaults.bundleVersion;
+exports.CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action";
 /**
  * The oldest version of CodeQL that the Action will run with. This should be
  * at least three minor versions behind the current version and must include the
@@ -65,9 +74,9 @@ const CODEQL_MINIMUM_VERSION = "2.6.3";
  */
 const CODEQL_VERSION_CUSTOM_QUERY_HELP = "2.7.1";
 const CODEQL_VERSION_LUA_TRACER_CONFIG = "2.10.0";
+exports.CODEQL_VERSION_CONFIG_FILES = "2.10.1";
 const CODEQL_VERSION_LUA_TRACING_GO_WINDOWS_FIXED = "2.10.4";
 exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = "2.10.4";
-const CODEQL_VERSION_FILE_BASELINE_INFORMATION = "2.11.3";
 /**
  * This variable controls using the new style of tracing from the CodeQL
  * CLI. In particular, with versions above this we will use both indirect
@@ -94,26 +103,190 @@ exports.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS = "2.9.0";
  * --extractor-options-verbosity that we need.
  */
 exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = "2.10.3";
-/**
- * Versions 2.11.1+ of the CodeQL Bundle include a `security-experimental` built-in query suite for each language.
- */
-exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = "2.12.1";
+function getCodeQLBundleName() {
+    let platform;
+    if (process.platform === "win32") {
+        platform = "win64";
+    }
+    else if (process.platform === "linux") {
+        platform = "linux64";
+    }
+    else if (process.platform === "darwin") {
+        platform = "osx64";
+    }
+    else {
+        return "codeql-bundle.tar.gz";
+    }
+    return `codeql-bundle-${platform}.tar.gz`;
+}
+function getCodeQLActionRepository(logger) {
+    if ((0, actions_util_1.isRunningLocalAction)()) {
+        // This handles the case where the Action does not come from an Action repository,
+        // e.g. our integration tests which use the Action code from the current checkout.
+        // In these cases, the GITHUB_ACTION_REPOSITORY environment variable is not set.
+        logger.info("The CodeQL Action is checked out locally. Using the default CodeQL Action repository.");
+        return exports.CODEQL_DEFAULT_ACTION_REPOSITORY;
+    }
+    return util.getRequiredEnvParam("GITHUB_ACTION_REPOSITORY");
+}
+exports.getCodeQLActionRepository = getCodeQLActionRepository;
+async function getCodeQLBundleDownloadURL(apiDetails, variant, logger) {
+    const codeQLActionRepository = getCodeQLActionRepository(logger);
+    const potentialDownloadSources = [
+        // This GitHub instance, and this Action.
+        [apiDetails.url, codeQLActionRepository],
+        // This GitHub instance, and the canonical Action.
+        [apiDetails.url, exports.CODEQL_DEFAULT_ACTION_REPOSITORY],
+        // GitHub.com, and the canonical Action.
+        [util.GITHUB_DOTCOM_URL, exports.CODEQL_DEFAULT_ACTION_REPOSITORY],
+    ];
+    // We now filter out any duplicates.
+    // Duplicates will happen either because the GitHub instance is GitHub.com, or because the Action is not a fork.
+    const uniqueDownloadSources = potentialDownloadSources.filter((source, index, self) => {
+        return !self.slice(0, index).some((other) => (0, fast_deep_equal_1.default)(source, other));
+    });
+    const codeQLBundleName = getCodeQLBundleName();
+    if (variant === util.GitHubVariant.GHAE) {
+        try {
+            const release = await api
+                .getApiClient()
+                .request("GET /enterprise/code-scanning/codeql-bundle/find/{tag}", {
+                tag: CODEQL_BUNDLE_VERSION,
+            });
+            const assetID = release.data.assets[codeQLBundleName];
+            if (assetID !== undefined) {
+                const download = await api
+                    .getApiClient()
+                    .request("GET /enterprise/code-scanning/codeql-bundle/download/{asset_id}", { asset_id: assetID });
+                const downloadURL = download.data.url;
+                logger.info(`Found CodeQL bundle at GitHub AE endpoint with URL ${downloadURL}.`);
+                return downloadURL;
+            }
+            else {
+                logger.info(`Attempted to fetch bundle from GitHub AE endpoint but the bundle ${codeQLBundleName} was not found in the assets ${JSON.stringify(release.data.assets)}.`);
+            }
+        }
+        catch (e) {
+            logger.info(`Attempted to fetch bundle from GitHub AE endpoint but got error ${e}.`);
+        }
+    }
+    for (const downloadSource of uniqueDownloadSources) {
+        const [apiURL, repository] = downloadSource;
+        // If we've reached the final case, short-circuit the API check since we know the bundle exists and is public.
+        if (apiURL === util.GITHUB_DOTCOM_URL &&
+            repository === exports.CODEQL_DEFAULT_ACTION_REPOSITORY) {
+            break;
+        }
+        const [repositoryOwner, repositoryName] = repository.split("/");
+        try {
+            const release = await api.getApiClient().repos.getReleaseByTag({
+                owner: repositoryOwner,
+                repo: repositoryName,
+                tag: CODEQL_BUNDLE_VERSION,
+            });
+            for (const asset of release.data.assets) {
+                if (asset.name === codeQLBundleName) {
+                    logger.info(`Found CodeQL bundle in ${downloadSource[1]} on ${downloadSource[0]} with URL ${asset.url}.`);
+                    return asset.url;
+                }
+            }
+        }
+        catch (e) {
+            logger.info(`Looked for CodeQL bundle in ${downloadSource[1]} on ${downloadSource[0]} but got error ${e}.`);
+        }
+    }
+    return `https://github.com/${exports.CODEQL_DEFAULT_ACTION_REPOSITORY}/releases/download/${CODEQL_BUNDLE_VERSION}/${codeQLBundleName}`;
+}
 /**
  * Set up CodeQL CLI access.
  *
- * @param toolsInput
+ * @param codeqlURL
  * @param apiDetails
  * @param tempDir
  * @param variant
- * @param defaultCliVersion
+ * @param features
  * @param logger
  * @param checkVersion Whether to check that CodeQL CLI meets the minimum
  *        version requirement. Must be set to true outside tests.
  * @returns a { CodeQL, toolsVersion } object.
  */
-async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger, checkVersion) {
+async function setupCodeQL(codeqlURL, apiDetails, tempDir, variant, bypassToolcache, logger, checkVersion) {
     try {
-        const { codeqlFolder, toolsDownloadDurationMs, toolsSource, toolsVersion } = await setupCodeql.setupCodeQLBundle(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger);
+        const forceLatestReason = 
+        // We use the special value of 'latest' to prioritize the version in the
+        // defaults over any pinned cached version.
+        codeqlURL === "latest"
+            ? '"tools: latest" was requested'
+            : // If the user hasn't requested a particular CodeQL version, then bypass
+                // the toolcache when the appropriate feature is enabled. This
+                // allows us to quickly rollback a broken bundle that has made its way
+                // into the toolcache.
+                codeqlURL === undefined && bypassToolcache
+                    ? "a specific version of CodeQL was not requested and the bypass toolcache feature is enabled"
+                    : undefined;
+        const forceLatest = forceLatestReason !== undefined;
+        if (forceLatest) {
+            logger.debug(`Forcing the latest version of the CodeQL tools since ${forceLatestReason}.`);
+            codeqlURL = undefined;
+        }
+        let codeqlFolder;
+        let codeqlURLVersion;
+        if (codeqlURL && !codeqlURL.startsWith("http")) {
+            codeqlFolder = await toolcache.extractTar(codeqlURL);
+            codeqlURLVersion = "local";
+        }
+        else {
+            codeqlURLVersion = getCodeQLURLVersion(codeqlURL || `/${CODEQL_BUNDLE_VERSION}/`);
+            const codeqlURLSemVer = convertToSemVer(codeqlURLVersion, logger);
+            // If we find the specified version, we always use that.
+            codeqlFolder = toolcache.find("CodeQL", codeqlURLSemVer);
+            // If we don't find the requested version, in some cases we may allow a
+            // different version to save download time if the version hasn't been
+            // specified explicitly (in which case we always honor it).
+            if (!codeqlFolder && !codeqlURL && !forceLatest) {
+                const codeqlVersions = toolcache.findAllVersions("CodeQL");
+                if (codeqlVersions.length === 1 && (0, util_1.isGoodVersion)(codeqlVersions[0])) {
+                    const tmpCodeqlFolder = toolcache.find("CodeQL", codeqlVersions[0]);
+                    if (fs.existsSync(path.join(tmpCodeqlFolder, "pinned-version"))) {
+                        logger.debug(`CodeQL in cache overriding the default ${CODEQL_BUNDLE_VERSION}`);
+                        codeqlFolder = tmpCodeqlFolder;
+                        codeqlURLVersion = codeqlVersions[0];
+                    }
+                }
+            }
+            if (codeqlFolder) {
+                logger.debug(`CodeQL found in cache ${codeqlFolder}`);
+            }
+            else {
+                if (!codeqlURL) {
+                    codeqlURL = await getCodeQLBundleDownloadURL(apiDetails, variant, logger);
+                }
+                const parsedCodeQLURL = new URL(codeqlURL);
+                const parsedQueryString = query_string_1.default.parse(parsedCodeQLURL.search);
+                const headers = {
+                    accept: "application/octet-stream",
+                };
+                // We only want to provide an authorization header if we are downloading
+                // from the same GitHub instance the Action is running on.
+                // This avoids leaking Enterprise tokens to dotcom.
+                // We also don't want to send an authorization header if there's already a token provided in the URL.
+                if (codeqlURL.startsWith(`${apiDetails.url}/`) &&
+                    parsedQueryString["token"] === undefined) {
+                    logger.debug("Downloading CodeQL bundle with token.");
+                    headers.authorization = `token ${apiDetails.auth}`;
+                }
+                else {
+                    logger.debug("Downloading CodeQL bundle without token.");
+                }
+                logger.info(`Downloading CodeQL tools from ${codeqlURL}. This may take a while.`);
+                const dest = path.join(tempDir, (0, uuid_1.v4)());
+                const finalHeaders = Object.assign({ "User-Agent": "CodeQL Action" }, headers);
+                const codeqlPath = await toolcache.downloadTool(codeqlURL, dest, undefined, finalHeaders);
+                logger.debug(`CodeQL bundle download to ${codeqlPath} complete.`);
+                const codeqlExtracted = await toolcache.extractTar(codeqlPath);
+                codeqlFolder = await toolcache.cacheDir(codeqlExtracted, "CodeQL", codeqlURLSemVer);
+            }
+        }
         let codeqlCmd = path.join(codeqlFolder, "codeql", "codeql");
         if (process.platform === "win32") {
             codeqlCmd += ".exe";
@@ -122,12 +295,7 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV
             throw new Error(`Unsupported platform: ${process.platform}`);
         }
         cachedCodeQL = await getCodeQLForCmd(codeqlCmd, checkVersion);
-        return {
-            codeql: cachedCodeQL,
-            toolsDownloadDurationMs,
-            toolsSource,
-            toolsVersion,
-        };
+        return { codeql: cachedCodeQL, toolsVersion: codeqlURLVersion };
     }
     catch (e) {
         logger.error(e instanceof Error ? e : new Error(String(e)));
@@ -135,6 +303,26 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV
     }
 }
 exports.setupCodeQL = setupCodeQL;
+function getCodeQLURLVersion(url) {
+    const match = url.match(/\/codeql-bundle-(.*)\//);
+    if (match === null || match.length < 2) {
+        throw new Error(`Malformed tools url: ${url}. Version could not be inferred`);
+    }
+    return match[1];
+}
+exports.getCodeQLURLVersion = getCodeQLURLVersion;
+function convertToSemVer(version, logger) {
+    if (!semver.valid(version)) {
+        logger.debug(`Bundle version ${version} is not in SemVer format. Will treat it as pre-release 0.0.0-${version}.`);
+        version = `0.0.0-${version}`;
+    }
+    const s = semver.clean(version);
+    if (!s) {
+        throw new Error(`Bundle version ${version} is not in SemVer format.`);
+    }
+    return s;
+}
+exports.convertToSemVer = convertToSemVer;
 /**
  * Use the CodeQL executable located at the given path.
  */
@@ -183,7 +371,6 @@ function setCodeQL(partialCodeql) {
         databaseRunQueries: resolveFunction(partialCodeql, "databaseRunQueries"),
         databaseInterpretResults: resolveFunction(partialCodeql, "databaseInterpretResults"),
         databasePrintBaseline: resolveFunction(partialCodeql, "databasePrintBaseline"),
-        diagnosticsExport: resolveFunction(partialCodeql, "diagnosticsExport"),
     };
     return cachedCodeQL;
 }
@@ -302,7 +489,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 ...getExtraOptionsFromEnv(["database", "init"]),
             ]);
         },
-        async databaseInitCluster(config, sourceRoot, processName, featureEnablement, logger) {
+        async databaseInitCluster(config, sourceRoot, processName, featureEnablement) {
             const extraArgs = config.languages.map((language) => `--language=${language}`);
             if (config.languages.filter((l) => (0, languages_1.isTracedLanguage)(l)).length > 0) {
                 extraArgs.push("--begin-tracing");
@@ -320,16 +507,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                     extraArgs.push("--no-internal-use-lua-tracing");
                 }
             }
-            // A config file is only generated if the CliConfigFileEnabled feature flag is enabled.
-            const configLocation = await generateCodeScanningConfig(codeql, config, featureEnablement, logger);
-            // Only pass external repository token if a config file is going to be parsed by the CLI.
-            let externalRepositoryToken;
+            const configLocation = await generateCodeScanningConfig(codeql, config, featureEnablement);
             if (configLocation) {
                 extraArgs.push(`--codescanning-config=${configLocation}`);
-                externalRepositoryToken = (0, actions_util_1.getOptionalInput)("external-repository-token");
-                if (externalRepositoryToken) {
-                    extraArgs.push("--external-repository-token-stdin");
-                }
             }
             await runTool(cmd, [
                 "database",
@@ -339,7 +519,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 `--source-root=${sourceRoot}`,
                 ...extraArgs,
                 ...getExtraOptionsFromEnv(["database", "init"]),
-            ], { stdin: externalRepositoryToken });
+            ]);
         },
         async runAutobuild(language) {
             const cmdName = process.platform === "win32" ? "autobuild.cmd" : "autobuild.sh";
@@ -375,9 +555,6 @@ async function getCodeQLForCmd(cmd, checkVersion) {
         async extractScannedLanguage(config, language) {
             const databasePath = util.getCodeQLDatabasePath(config, language);
             // Get extractor location
-            //
-            // Request it using `format=json` so we don't need to strip the trailing new line generated by
-            // the CLI.
             let extractorPath = "";
             await new toolrunner.ToolRunner(cmd, [
                 "resolve",
@@ -489,9 +666,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             if (querySuitePath) {
                 codeqlArgs.push(querySuitePath);
             }
-            await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)(cmd, codeqlArgs, error_matcher_1.errorMatchers);
+            await runTool(cmd, codeqlArgs);
         },
-        async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, automationDetailsId) {
+        async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, automationDetailsId, featureEnablement) {
             const codeqlArgs = [
                 "database",
                 "interpret-results",
@@ -510,7 +687,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             if (automationDetailsId !== undefined) {
                 codeqlArgs.push("--sarif-category", automationDetailsId);
             }
-            if (await util.codeQlVersionAbove(this, CODEQL_VERSION_FILE_BASELINE_INFORMATION)) {
+            if (await featureEnablement.getValue(feature_flags_1.Feature.FileBaselineInformationEnabled, this)) {
                 codeqlArgs.push("--sarif-add-baseline-file-info");
             }
             codeqlArgs.push(databasePath);
@@ -518,8 +695,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 codeqlArgs.push(...querySuitePaths);
             }
             // capture stdout, which contains analysis summaries
-            const returnState = await (0, toolrunner_error_catcher_1.toolrunnerErrorCatcher)(cmd, codeqlArgs, error_matcher_1.errorMatchers);
-            return returnState.stdout;
+            return await runTool(cmd, codeqlArgs);
         },
         async databasePrintBaseline(databasePath) {
             const codeqlArgs = [
@@ -595,19 +771,6 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             ];
             await new toolrunner.ToolRunner(cmd, args).exec();
         },
-        async diagnosticsExport(sarifFile, automationDetailsId) {
-            const args = [
-                "diagnostics",
-                "export",
-                "--format=sarif-latest",
-                `--output=${sarifFile}`,
-                ...getExtraOptionsFromEnv(["diagnostics", "export"]),
-            ];
-            if (automationDetailsId !== undefined) {
-                args.push("--sarif-category", automationDetailsId);
-            }
-            await new toolrunner.ToolRunner(cmd, args).exec();
-        },
     };
     // To ensure that status reports include the CodeQL CLI version wherever
     // possible, we want to call getVersion(), which populates the version value
@@ -623,7 +786,6 @@ async function getCodeQLForCmd(cmd, checkVersion) {
     }
     return codeql;
 }
-exports.getCodeQLForCmd = getCodeQLForCmd;
 /**
  * Gets the options for `path` of `options` as an array of extra option strings.
  */
@@ -662,10 +824,10 @@ function asExtraOptions(options, pathInfo) {
  * Exported for testing.
  */
 function getExtraOptions(options, paths, pathInfo) {
-    const all = asExtraOptions(options?.["*"], pathInfo.concat("*"));
+    const all = asExtraOptions(options === null || options === void 0 ? void 0 : options["*"], pathInfo.concat("*"));
     const specific = paths.length === 0
         ? asExtraOptions(options, pathInfo)
-        : getExtraOptions(options?.[paths[0]], paths?.slice(1), pathInfo.concat(paths[0]));
+        : getExtraOptions(options === null || options === void 0 ? void 0 : options[paths[0]], paths === null || paths === void 0 ? void 0 : paths.slice(1), pathInfo.concat(paths[0]));
     return all.concat(specific);
 }
 exports.getExtraOptions = getExtraOptions;
@@ -678,26 +840,20 @@ exports.getExtraOptions = getExtraOptions;
  *     status reports on GitHub.com.
  */
 const maxErrorSize = 20000;
-async function runTool(cmd, args = [], opts = {}) {
+async function runTool(cmd, args = []) {
     let output = "";
     let error = "";
     const exitCode = await new toolrunner.ToolRunner(cmd, args, {
         listeners: {
             stdout: (data) => {
-                output += data.toString("utf8");
+                output += data.toString();
             },
             stderr: (data) => {
-                let readStartIndex = 0;
-                // If the error is too large, then we only take the last 20,000 characters
-                if (data.length - maxErrorSize > 0) {
-                    // Eg: if we have 20,000 the start index should be 2.
-                    readStartIndex = data.length - maxErrorSize + 1;
-                }
-                error += data.toString("utf8", readStartIndex);
+                const toRead = Math.min(maxErrorSize - error.length, data.length);
+                error += data.toString("utf8", 0, toRead);
             },
         },
         ignoreReturnCode: true,
-        ...(opts.stdin ? { input: Buffer.from(opts.stdin || "") } : {}),
     }).exec();
     if (exitCode !== 0)
         throw new CommandInvocationError(cmd, args, exitCode, error, output);
@@ -711,7 +867,8 @@ async function runTool(cmd, args = [], opts = {}) {
  * @param config The configuration to use.
  * @returns the path to the generated user configuration file.
  */
-async function generateCodeScanningConfig(codeql, config, featureEnablement, logger) {
+async function generateCodeScanningConfig(codeql, config, featureEnablement) {
+    var _a;
     if (!(await util.useCodeScanningConfigInCli(codeql, featureEnablement))) {
         return;
     }
@@ -727,7 +884,7 @@ async function generateCodeScanningConfig(codeql, config, featureEnablement, log
             augmentedConfig.queries = config.augmentationProperties.queriesInput;
         }
     }
-    if (augmentedConfig.queries?.length === 0) {
+    if (((_a = augmentedConfig.queries) === null || _a === void 0 ? void 0 : _a.length) === 0) {
         delete augmentedConfig.queries;
     }
     // Inject the packs from the input
@@ -769,10 +926,6 @@ async function generateCodeScanningConfig(codeql, config, featureEnablement, log
             augmentedConfig.packs["javascript"].push(packString);
         }
     }
-    logger.info(`Writing augmented user configuration file to ${configLocation}`);
-    logger.startGroup("Augmented user configuration file contents");
-    logger.info(yaml.dump(augmentedConfig));
-    logger.endGroup();
     fs.writeFileSync(configLocation, yaml.dump(augmentedConfig));
     return configLocation;
 }

lib/codeql.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -28,21 +24,18 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.stubToolRunnerConstructor = void 0;
 const fs = __importStar(require("fs"));
-const path_1 = __importDefault(require("path"));
+const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const toolcache = __importStar(require("@actions/tool-cache"));
-const safeWhich = __importStar(require("@chrisgavin/safe-which"));
 const ava_1 = __importDefault(require("ava"));
 const del_1 = __importDefault(require("del"));
 const yaml = __importStar(require("js-yaml"));
 const nock_1 = __importDefault(require("nock"));
 const sinon = __importStar(require("sinon"));
 const actionsUtil = __importStar(require("./actions-util"));
-const api = __importStar(require("./api-client"));
 const codeql = __importStar(require("./codeql"));
 const defaults = __importStar(require("./defaults.json"));
 const feature_flags_1 = require("./feature-flags");
-const init_1 = require("./init");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
@@ -52,16 +45,14 @@ const util_1 = require("./util");
 const sampleApiDetails = {
     auth: "token",
     url: "https://github.com",
-    apiURL: "https://api.github.com",
+    apiURL: undefined,
+    registriesAuthTokens: undefined,
 };
 const sampleGHAEApiDetails = {
     auth: "token",
     url: "https://example.githubenterprise.com",
-    apiURL: "https://example.githubenterprise.com/api/v3",
-};
-const SAMPLE_DEFAULT_CLI_VERSION = {
-    cliVersion: "2.0.0",
-    variant: util.GitHubVariant.DOTCOM,
+    apiURL: undefined,
+    registriesAuthTokens: undefined,
 };
 let stubConfig;
 ava_1.default.beforeEach(() => {
@@ -91,311 +82,192 @@ ava_1.default.beforeEach(() => {
         trapCacheDownloadTime: 0,
     };
 });
-/**
- * Mocks the API for downloading the bundle tagged `tagName`.
- *
- * @returns the download URL for the bundle. This can be passed to the tools parameter of
- * `codeql.setupCodeQL`.
- */
-function mockDownloadApi({ apiDetails = sampleApiDetails, isPinned, repo = "github/codeql-action", platformSpecific = true, tagName, }) {
+async function mockApiAndSetupCodeQL({ apiDetails, bypassToolcache, isPinned, tmpDir, toolsInput, version, }) {
+    var _a;
     const platform = process.platform === "win32"
         ? "win64"
         : process.platform === "linux"
             ? "linux64"
             : "osx64";
-    const baseUrl = apiDetails?.url ?? "https://example.com";
+    const baseUrl = (_a = apiDetails === null || apiDetails === void 0 ? void 0 : apiDetails.url) !== null && _a !== void 0 ? _a : "https://example.com";
     const relativeUrl = apiDetails
-        ? `/${repo}/releases/download/${tagName}/codeql-bundle${platformSpecific ? `-${platform}` : ""}.tar.gz`
-        : `/download/${tagName}/codeql-bundle.tar.gz`;
+        ? `/github/codeql-action/releases/download/${version}/codeql-bundle-${platform}.tar.gz`
+        : `/download/codeql-bundle-${version}/codeql-bundle.tar.gz`;
     (0, nock_1.default)(baseUrl)
         .get(relativeUrl)
-        .replyWithFile(200, path_1.default.join(__dirname, `/../src/testdata/codeql-bundle${isPinned ? "-pinned" : ""}.tar.gz`));
-    return `${baseUrl}${relativeUrl}`;
+        .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle${isPinned ? "-pinned" : ""}.tar.gz`));
+    return await codeql.setupCodeQL(toolsInput ? toolsInput.input : `${baseUrl}${relativeUrl}`, apiDetails !== null && apiDetails !== void 0 ? apiDetails : sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, !!bypassToolcache, (0, logging_1.getRunnerLogger)(true), false);
 }
-async function installIntoToolcache({ apiDetails = sampleApiDetails, cliVersion, isPinned, tagName, tmpDir, }) {
-    const url = mockDownloadApi({ apiDetails, isPinned, tagName });
-    await codeql.setupCodeQL(cliVersion !== undefined ? undefined : url, apiDetails, tmpDir, util.GitHubVariant.GHES, cliVersion !== undefined
-        ? { cliVersion, tagName, variant: util.GitHubVariant.GHES }
-        : SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
-}
-function mockReleaseApi({ apiDetails = sampleApiDetails, assetNames, tagName, }) {
-    return (0, nock_1.default)(apiDetails.apiURL)
-        .get(`/repos/github/codeql-action/releases/tags/${tagName}`)
-        .reply(200, {
-        assets: assetNames.map((name) => ({
-            name,
-        })),
-        tag_name: tagName,
-    });
-}
-function mockApiDetails(apiDetails) {
-    // This is a workaround to mock `api.getApiDetails()` since it doesn't seem to be possible to
-    // mock this directly. The difficulty is that `getApiDetails()` is called locally in
-    // `api-client.ts`, but `sinon.stub(api, "getApiDetails")` only affects calls to
-    // `getApiDetails()` via an imported `api` module.
-    sinon
-        .stub(actionsUtil, "getRequiredInput")
-        .withArgs("token")
-        .returns(apiDetails.auth);
-    const requiredEnvParamStub = sinon.stub(util, "getRequiredEnvParam");
-    requiredEnvParamStub.withArgs("GITHUB_SERVER_URL").returns(apiDetails.url);
-    requiredEnvParamStub
-        .withArgs("GITHUB_API_URL")
-        .returns(apiDetails.apiURL || "");
-}
-(0, ava_1.default)("downloads and caches explicitly requested bundles that aren't in the toolcache", async (t) => {
+(0, ava_1.default)("download codeql bundle cache", async (t) => {
     await util.withTmpDir(async (tmpDir) => {
         (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
         const versions = ["20200601", "20200610"];
         for (let i = 0; i < versions.length; i++) {
             const version = versions[i];
-            const url = mockDownloadApi({
-                tagName: `codeql-bundle-${version}`,
-                isPinned: false,
-            });
-            const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
+            const codeQLConfig = await mockApiAndSetupCodeQL({ version, tmpDir });
             t.assert(toolcache.find("CodeQL", `0.0.0-${version}`));
-            t.is(result.toolsVersion, `0.0.0-${version}`);
-            t.is(result.toolsSource, init_1.ToolsSource.Download);
-            t.assert(Number.isInteger(result.toolsDownloadDurationMs));
+            t.deepEqual(codeQLConfig.toolsVersion, version);
         }
         t.is(toolcache.findAllVersions("CodeQL").length, 2);
     });
 });
-(0, ava_1.default)("downloads an explicitly requested bundle even if a different version is cached", async (t) => {
+(0, ava_1.default)("download codeql bundle cache explicitly requested with pinned different version cached", async (t) => {
     await util.withTmpDir(async (tmpDir) => {
         (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-        await installIntoToolcache({
-            tagName: "codeql-bundle-20200601",
+        const pinnedCodeQLConfig = await mockApiAndSetupCodeQL({
+            version: "20200601",
             isPinned: true,
             tmpDir,
         });
-        const url = mockDownloadApi({
-            tagName: "codeql-bundle-20200610",
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        t.deepEqual(pinnedCodeQLConfig.toolsVersion, "20200601");
+        const unpinnedCodeQLConfig = await mockApiAndSetupCodeQL({
+            version: "20200610",
+            tmpDir,
         });
-        const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
         t.assert(toolcache.find("CodeQL", "0.0.0-20200610"));
-        t.deepEqual(result.toolsVersion, "0.0.0-20200610");
-        t.is(result.toolsSource, init_1.ToolsSource.Download);
-        t.assert(Number.isInteger(result.toolsDownloadDurationMs));
+        t.deepEqual(unpinnedCodeQLConfig.toolsVersion, "20200610");
     });
 });
-const EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES = [
-    {
-        cliVersion: "2.10.0",
-        expectedToolcacheVersion: "2.10.0-20200610",
-    },
-    {
-        cliVersion: "2.10.0-pre",
-        expectedToolcacheVersion: "0.0.0-20200610",
-    },
-    {
-        cliVersion: "2.10.0+202006100101",
-        expectedToolcacheVersion: "0.0.0-20200610",
-    },
-];
-for (const { cliVersion, expectedToolcacheVersion, } of EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES) {
-    (0, ava_1.default)(`caches an explicitly requested bundle containing CLI ${cliVersion} as ${expectedToolcacheVersion}`, async (t) => {
-        await util.withTmpDir(async (tmpDir) => {
-            (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-            mockApiDetails(sampleApiDetails);
-            sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
-            const releaseApiMock = mockReleaseApi({
-                assetNames: [`cli-version-${cliVersion}.txt`],
-                tagName: "codeql-bundle-20200610",
-            });
-            const url = mockDownloadApi({
-                tagName: "codeql-bundle-20200610",
-            });
-            const result = await codeql.setupCodeQL(url, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
-            t.assert(releaseApiMock.isDone(), "Releases API should have been called");
-            t.assert(toolcache.find("CodeQL", expectedToolcacheVersion));
-            t.deepEqual(result.toolsVersion, cliVersion);
-            t.is(result.toolsSource, init_1.ToolsSource.Download);
-            t.assert(Number.isInteger(result.toolsDownloadDurationMs));
-        });
-    });
-}
-for (const { githubReleases, toolcacheVersion } of [
-    // Test that we use the tools from the toolcache when `SAMPLE_DEFAULT_CLI_VERSION` is requested
-    // and `SAMPLE_DEFAULT_CLI_VERSION-` is in the toolcache.
-    {
-        toolcacheVersion: SAMPLE_DEFAULT_CLI_VERSION.cliVersion,
-    },
-    {
-        githubReleases: {
-            "codeql-bundle-20230101": `cli-version-${SAMPLE_DEFAULT_CLI_VERSION.cliVersion}.txt`,
-        },
-        toolcacheVersion: "0.0.0-20230101",
-    },
-    {
-        toolcacheVersion: `${SAMPLE_DEFAULT_CLI_VERSION.cliVersion}-20230101`,
-    },
-]) {
-    (0, ava_1.default)(`uses tools from toolcache when ${SAMPLE_DEFAULT_CLI_VERSION.cliVersion} is requested and ` +
-        `${toolcacheVersion} is installed`, async (t) => {
-        await util.withTmpDir(async (tmpDir) => {
-            (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-            sinon
-                .stub(toolcache, "find")
-                .withArgs("CodeQL", toolcacheVersion)
-                .returns("path/to/cached/codeql");
-            sinon.stub(toolcache, "findAllVersions").returns([toolcacheVersion]);
-            if (githubReleases) {
-                sinon.stub(api, "getApiClient").value(() => ({
-                    repos: {
-                        listReleases: sinon.stub().resolves(undefined),
-                    },
-                    paginate: sinon.stub().resolves(Object.entries(githubReleases).map(([releaseTagName, cliVersionMarkerFile]) => ({
-                        assets: [
-                            {
-                                name: cliVersionMarkerFile,
-                            },
-                        ],
-                        tag_name: releaseTagName,
-                    }))),
-                }));
-            }
-            const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
-            t.is(result.toolsVersion, SAMPLE_DEFAULT_CLI_VERSION.cliVersion);
-            t.is(result.toolsSource, init_1.ToolsSource.Toolcache);
-            t.is(result.toolsDownloadDurationMs, undefined);
-        });
-    });
-}
-for (const variant of [util.GitHubVariant.GHAE, util.GitHubVariant.GHES]) {
-    (0, ava_1.default)(`uses a cached bundle when no tools input is given on ${util.GitHubVariant[variant]}`, async (t) => {
-        await util.withTmpDir(async (tmpDir) => {
-            (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-            await installIntoToolcache({
-                tagName: "codeql-bundle-20200601",
-                isPinned: true,
-                tmpDir,
-            });
-            const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, variant, {
-                cliVersion: defaults.cliVersion,
-                tagName: defaults.bundleVersion,
-                variant,
-            }, (0, logging_1.getRunnerLogger)(true), false);
-            t.deepEqual(result.toolsVersion, "0.0.0-20200601");
-            t.is(result.toolsSource, init_1.ToolsSource.Toolcache);
-            t.is(result.toolsDownloadDurationMs, undefined);
-            const cachedVersions = toolcache.findAllVersions("CodeQL");
-            t.is(cachedVersions.length, 1);
-        });
-    });
-    (0, ava_1.default)(`downloads bundle if only an unpinned version is cached on ${util.GitHubVariant[variant]}`, async (t) => {
-        await util.withTmpDir(async (tmpDir) => {
-            (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-            await installIntoToolcache({
-                tagName: "codeql-bundle-20200601",
-                isPinned: false,
-                tmpDir,
-            });
-            mockDownloadApi({
-                tagName: defaults.bundleVersion,
-            });
-            const result = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, variant, {
-                cliVersion: defaults.cliVersion,
-                tagName: defaults.bundleVersion,
-                variant,
-            }, (0, logging_1.getRunnerLogger)(true), false);
-            t.deepEqual(result.toolsVersion, defaults.cliVersion);
-            t.is(result.toolsSource, init_1.ToolsSource.Download);
-            t.assert(Number.isInteger(result.toolsDownloadDurationMs));
-            const cachedVersions = toolcache.findAllVersions("CodeQL");
-            t.is(cachedVersions.length, 2);
-        });
-    });
-}
-(0, ava_1.default)('downloads bundle if "latest" tools specified but not cached', async (t) => {
+(0, ava_1.default)("don't download codeql bundle cache with pinned different version cached", async (t) => {
     await util.withTmpDir(async (tmpDir) => {
         (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-        await installIntoToolcache({
-            tagName: "codeql-bundle-20200601",
+        const pinnedCodeQLConfig = await mockApiAndSetupCodeQL({
+            version: "20200601",
             isPinned: true,
             tmpDir,
         });
-        mockDownloadApi({
-            tagName: defaults.bundleVersion,
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        t.deepEqual(pinnedCodeQLConfig.toolsVersion, "20200601");
+        const codeQLConfig = await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, false, (0, logging_1.getRunnerLogger)(true), false);
+        t.deepEqual(codeQLConfig.toolsVersion, "0.0.0-20200601");
+        const cachedVersions = toolcache.findAllVersions("CodeQL");
+        t.is(cachedVersions.length, 1);
+    });
+});
+(0, ava_1.default)("download codeql bundle cache with different version cached (not pinned)", async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
+        const cachedCodeQLConfig = await mockApiAndSetupCodeQL({
+            version: "20200601",
+            tmpDir,
         });
-        const result = await codeql.setupCodeQL("latest", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
-        t.deepEqual(result.toolsVersion, defaults.cliVersion);
-        t.is(result.toolsSource, init_1.ToolsSource.Download);
-        t.assert(Number.isInteger(result.toolsDownloadDurationMs));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        t.deepEqual(cachedCodeQLConfig.toolsVersion, "20200601");
+        const codeQLConfig = await mockApiAndSetupCodeQL({
+            version: defaults.bundleVersion,
+            tmpDir,
+            apiDetails: sampleApiDetails,
+            toolsInput: { input: undefined },
+        });
+        t.deepEqual(codeQLConfig.toolsVersion, defaults.bundleVersion.replace("codeql-bundle-", ""));
         const cachedVersions = toolcache.findAllVersions("CodeQL");
         t.is(cachedVersions.length, 2);
     });
 });
-for (const isBundleVersionInUrl of [true, false]) {
-    const inclusionString = isBundleVersionInUrl
-        ? "includes"
-        : "does not include";
-    (0, ava_1.default)(`download codeql bundle from github ae endpoint (URL ${inclusionString} bundle version)`, async (t) => {
+(0, ava_1.default)('download codeql bundle cache with pinned different version cached if "latest" tools specified', async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
+        const pinnedCodeQLConfig = await mockApiAndSetupCodeQL({
+            version: "20200601",
+            isPinned: true,
+            tmpDir,
+        });
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        t.deepEqual(pinnedCodeQLConfig.toolsVersion, "20200601");
+        const latestCodeQLConfig = await mockApiAndSetupCodeQL({
+            version: defaults.bundleVersion,
+            apiDetails: sampleApiDetails,
+            toolsInput: { input: "latest" },
+            tmpDir,
+        });
+        t.deepEqual(latestCodeQLConfig.toolsVersion, defaults.bundleVersion.replace("codeql-bundle-", ""));
+        const cachedVersions = toolcache.findAllVersions("CodeQL");
+        t.is(cachedVersions.length, 2);
+    });
+});
+const TOOLCACHE_BYPASS_TEST_CASES = [
+    [true, undefined, true],
+    [false, undefined, false],
+    [
+        true,
+        "https://github.com/github/codeql-action/releases/download/codeql-bundle-20200601/codeql-bundle.tar.gz",
+        false,
+    ],
+];
+for (const [isFeatureEnabled, toolsInput, shouldToolcacheBeBypassed,] of TOOLCACHE_BYPASS_TEST_CASES) {
+    (0, ava_1.default)(`download codeql bundle ${shouldToolcacheBeBypassed ? "bypasses" : "does not bypass"} toolcache when feature ${isFeatureEnabled ? "enabled" : "disabled"} and tools: ${toolsInput} passed`, async (t) => {
         await util.withTmpDir(async (tmpDir) => {
             (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-            const bundleAssetID = 10;
-            const platform = process.platform === "win32"
-                ? "win64"
-                : process.platform === "linux"
-                    ? "linux64"
-                    : "osx64";
-            const codeQLBundleName = `codeql-bundle-${platform}.tar.gz`;
-            const eventualDownloadUrl = isBundleVersionInUrl
-                ? `https://example.githubenterprise.com/github/codeql-action/releases/download/${defaults.bundleVersion}/${codeQLBundleName}`
-                : `https://example.githubenterprise.com/api/v3/repos/github/codeql-action/releases/assets/${bundleAssetID}`;
-            (0, nock_1.default)("https://example.githubenterprise.com")
-                .get(`/api/v3/enterprise/code-scanning/codeql-bundle/find/${defaults.bundleVersion}`)
-                .reply(200, {
-                assets: { [codeQLBundleName]: bundleAssetID },
+            await mockApiAndSetupCodeQL({
+                version: "codeql-bundle-20200601",
+                apiDetails: sampleApiDetails,
+                isPinned: true,
+                tmpDir,
             });
-            (0, nock_1.default)("https://example.githubenterprise.com")
-                .get(`/api/v3/enterprise/code-scanning/codeql-bundle/download/${bundleAssetID}`)
-                .reply(200, {
-                url: eventualDownloadUrl,
+            t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+            await mockApiAndSetupCodeQL({
+                version: defaults.bundleVersion,
+                apiDetails: sampleApiDetails,
+                bypassToolcache: isFeatureEnabled,
+                toolsInput: { input: toolsInput },
+                tmpDir,
             });
-            (0, nock_1.default)("https://example.githubenterprise.com")
-                .get(eventualDownloadUrl.replace("https://example.githubenterprise.com", ""))
-                .replyWithFile(200, path_1.default.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
-            mockApiDetails(sampleGHAEApiDetails);
-            sinon.stub(actionsUtil, "isRunningLocalAction").returns(false);
-            process.env["GITHUB_ACTION_REPOSITORY"] = "github/codeql-action";
-            const result = await codeql.setupCodeQL(undefined, sampleGHAEApiDetails, tmpDir, util.GitHubVariant.GHAE, {
-                cliVersion: defaults.cliVersion,
-                tagName: defaults.bundleVersion,
-                variant: util.GitHubVariant.GHAE,
-            }, (0, logging_1.getRunnerLogger)(true), false);
-            t.is(result.toolsSource, init_1.ToolsSource.Download);
-            t.assert(Number.isInteger(result.toolsDownloadDurationMs));
             const cachedVersions = toolcache.findAllVersions("CodeQL");
-            t.is(cachedVersions.length, 1);
+            t.is(cachedVersions.length, shouldToolcacheBeBypassed ? 2 : 1);
         });
     });
 }
-(0, ava_1.default)("bundle URL from another repo is cached as 0.0.0-bundleVersion", async (t) => {
+(0, ava_1.default)("download codeql bundle from github ae endpoint", async (t) => {
     await util.withTmpDir(async (tmpDir) => {
         (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
-        mockApiDetails(sampleApiDetails);
-        sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
-        const releasesApiMock = mockReleaseApi({
-            assetNames: ["cli-version-2.12.2.txt"],
-            tagName: "codeql-bundle-20230203",
+        const bundleAssetID = 10;
+        const platform = process.platform === "win32"
+            ? "win64"
+            : process.platform === "linux"
+                ? "linux64"
+                : "osx64";
+        const codeQLBundleName = `codeql-bundle-${platform}.tar.gz`;
+        (0, nock_1.default)("https://example.githubenterprise.com")
+            .get(`/api/v3/enterprise/code-scanning/codeql-bundle/find/${defaults.bundleVersion}`)
+            .reply(200, {
+            assets: { [codeQLBundleName]: bundleAssetID },
         });
-        mockDownloadApi({
-            repo: "dsp-testing/codeql-cli-nightlies",
-            platformSpecific: false,
-            tagName: "codeql-bundle-20230203",
+        (0, nock_1.default)("https://example.githubenterprise.com")
+            .get(`/api/v3/enterprise/code-scanning/codeql-bundle/download/${bundleAssetID}`)
+            .reply(200, {
+            url: `https://example.githubenterprise.com/github/codeql-action/releases/download/${defaults.bundleVersion}/${codeQLBundleName}`,
         });
-        const result = await codeql.setupCodeQL("https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-20230203/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, util.GitHubVariant.DOTCOM, SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
-        t.is(result.toolsVersion, "0.0.0-20230203");
-        t.is(result.toolsSource, init_1.ToolsSource.Download);
-        t.true(Number.isInteger(result.toolsDownloadDurationMs));
+        (0, nock_1.default)("https://example.githubenterprise.com")
+            .get(`/github/codeql-action/releases/download/${defaults.bundleVersion}/${codeQLBundleName}`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
+        await codeql.setupCodeQL(undefined, sampleGHAEApiDetails, tmpDir, util.GitHubVariant.GHAE, false, (0, logging_1.getRunnerLogger)(true), false);
         const cachedVersions = toolcache.findAllVersions("CodeQL");
         t.is(cachedVersions.length, 1);
-        t.is(cachedVersions[0], "0.0.0-20230203");
-        t.false(releasesApiMock.isDone());
     });
 });
+(0, ava_1.default)("parse codeql bundle url version", (t) => {
+    t.deepEqual(codeql.getCodeQLURLVersion("https://github.com/.../codeql-bundle-20200601/..."), "20200601");
+});
+(0, ava_1.default)("convert to semver", (t) => {
+    const tests = {
+        "20200601": "0.0.0-20200601",
+        "20200601.0": "0.0.0-20200601.0",
+        "20200601.0.0": "20200601.0.0",
+        "1.2.3": "1.2.3",
+        "1.2.3-alpha": "1.2.3-alpha",
+        "1.2.3-beta.1": "1.2.3-beta.1",
+    };
+    for (const [version, expectedVersion] of Object.entries(tests)) {
+        try {
+            const parsedVersion = codeql.convertToSemVer(version, (0, logging_1.getRunnerLogger)(true));
+            t.deepEqual(parsedVersion, expectedVersion);
+        }
+        catch (e) {
+            t.fail(e instanceof Error ? e.message : String(e));
+        }
+    }
+});
 (0, ava_1.default)("getExtraOptions works for explicit paths", (t) => {
     t.deepEqual(codeql.getExtraOptions({}, ["foo"], []), []);
     t.deepEqual(codeql.getExtraOptions({ foo: [42] }, ["foo"], []), ["42"]);
@@ -418,22 +290,32 @@ for (const isBundleVersionInUrl of [true, false]) {
     t.throws(() => codeql.getExtraOptions({ foo: 87 }, ["foo"], []));
     t.throws(() => codeql.getExtraOptions({ "*": [42], foo: { "*": 87, bar: [99] } }, ["foo", "bar"], []));
 });
+(0, ava_1.default)("getCodeQLActionRepository", (t) => {
+    const logger = (0, logging_1.getRunnerLogger)(true);
+    (0, util_1.initializeEnvironment)("1.2.3");
+    // isRunningLocalAction() === true
+    delete process.env["GITHUB_ACTION_REPOSITORY"];
+    process.env["RUNNER_TEMP"] = path.dirname(__dirname);
+    const repoLocalRunner = codeql.getCodeQLActionRepository(logger);
+    t.deepEqual(repoLocalRunner, "github/codeql-action");
+    // isRunningLocalAction() === false
+    sinon.stub(actionsUtil, "isRunningLocalAction").returns(false);
+    process.env["GITHUB_ACTION_REPOSITORY"] = "xxx/yyy";
+    const repoEnv = codeql.getCodeQLActionRepository(logger);
+    t.deepEqual(repoEnv, "xxx/yyy");
+});
 (0, ava_1.default)("databaseInterpretResults() does not set --sarif-add-query-help for 2.7.0", async (t) => {
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
     sinon.stub(codeqlObject, "getVersion").resolves("2.7.0");
-    // safeWhich throws because of the test CodeQL object.
-    sinon.stub(safeWhich, "safeWhich").resolves("");
-    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
+    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([]));
     t.false(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"), "--sarif-add-query-help should be absent, but it is present");
 });
 (0, ava_1.default)("databaseInterpretResults() sets --sarif-add-query-help for 2.7.1", async (t) => {
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
     sinon.stub(codeqlObject, "getVersion").resolves("2.7.1");
-    // safeWhich throws because of the test CodeQL object.
-    sinon.stub(safeWhich, "safeWhich").resolves("");
-    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
+    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([]));
     t.true(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-query-help"), "--sarif-add-query-help should be present, but it is absent");
 });
 (0, ava_1.default)("databaseInitCluster() without injected codescanning config", async (t) => {
@@ -441,8 +323,6 @@ for (const isBundleVersionInUrl of [true, false]) {
         const runnerConstructorStub = stubToolRunnerConstructor();
         const codeqlObject = await codeql.getCodeQLForTesting();
         sinon.stub(codeqlObject, "getVersion").resolves("2.8.1");
-        // safeWhich throws because of the test CodeQL object.
-        sinon.stub(safeWhich, "safeWhich").resolves("");
         const thisStubConfig = {
             ...stubConfig,
             tempDir,
@@ -467,7 +347,7 @@ const injectedConfigMacro = ava_1.default.macro({
             const codeqlObject = await codeql.getCodeQLForTesting();
             sinon
                 .stub(codeqlObject, "getVersion")
-                .resolves(feature_flags_1.featureConfig[feature_flags_1.Feature.CliConfigFileEnabled].minimumVersion);
+                .resolves(codeql.CODEQL_VERSION_CONFIG_FILES);
             const thisStubConfig = {
                 ...stubConfig,
                 ...configOverride,
@@ -497,7 +377,7 @@ const injectedConfigMacro = ava_1.default.macro({
     queriesInputCombines: false,
     packsInputCombines: false,
 }, {}, {
-    packs: ["codeql/javascript-experimental-atm-queries@~0.4.0"],
+    packs: ["codeql/javascript-experimental-atm-queries@~0.3.0"],
 });
 (0, ava_1.default)("injected ML queries with existing packs", injectedConfigMacro, {
     injectedMlQueries: true,
@@ -511,7 +391,7 @@ const injectedConfigMacro = ava_1.default.macro({
     packs: {
         javascript: [
             "codeql/something-else",
-            "codeql/javascript-experimental-atm-queries@~0.4.0",
+            "codeql/javascript-experimental-atm-queries@~0.3.0",
         ],
     },
 });
@@ -526,7 +406,7 @@ const injectedConfigMacro = ava_1.default.macro({
 }, {
     packs: {
         cpp: ["codeql/something-else"],
-        javascript: ["codeql/javascript-experimental-atm-queries@~0.4.0"],
+        javascript: ["codeql/javascript-experimental-atm-queries@~0.3.0"],
     },
 });
 (0, ava_1.default)("injected packs from input", injectedConfigMacro, {
@@ -579,7 +459,7 @@ const injectedConfigMacro = ava_1.default.macro({
         },
     },
 }, {
-    packs: ["xxx", "yyy", "codeql/javascript-experimental-atm-queries@~0.4.0"],
+    packs: ["xxx", "yyy", "codeql/javascript-experimental-atm-queries@~0.3.0"],
 });
 // similar, but with queries
 (0, ava_1.default)("injected queries from input", injectedConfigMacro, {
@@ -673,7 +553,7 @@ const injectedConfigMacro = ava_1.default.macro({
         const codeqlObject = await codeql.getCodeQLForTesting();
         sinon
             .stub(codeqlObject, "getVersion")
-            .resolves(feature_flags_1.featureConfig[feature_flags_1.Feature.CliConfigFileEnabled].minimumVersion);
+            .resolves(codeql.CODEQL_VERSION_CONFIG_FILES);
         await codeqlObject.databaseInitCluster(stubConfig, "", undefined, (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
         const args = runnerConstructorStub.firstCall.args[1];
         // should have used an config file
@@ -684,22 +564,24 @@ const injectedConfigMacro = ava_1.default.macro({
         process.env["CODEQL_PASS_CONFIG_TO_CLI"] = origCODEQL_PASS_CONFIG_TO_CLI;
     }
 });
-(0, ava_1.default)("databaseInterpretResults() sets --sarif-add-baseline-file-info for 2.11.3", async (t) => {
+(0, ava_1.default)("databaseInterpretResults() sets --sarif-add-baseline-file-info when feature enabled", async (t) => {
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves("2.11.3");
-    // safeWhich throws because of the test CodeQL object.
-    sinon.stub(safeWhich, "safeWhich").resolves("");
-    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
+    // We need to set a CodeQL version such that running `databaseInterpretResults` does not crash.
+    // The version of CodeQL is checked separately to determine feature enablement, and does not
+    // otherwise impact this test, so set it to 0.0.0.
+    sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
+    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.FileBaselineInformationEnabled]));
     t.true(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-baseline-file-info"), "--sarif-add-baseline-file-info should be present, but it is absent");
 });
-(0, ava_1.default)("databaseInterpretResults() does not set --sarif-add-baseline-file-info for 2.11.2", async (t) => {
+(0, ava_1.default)("databaseInterpretResults() does not set --sarif-add-baseline-file-info if feature disabled", async (t) => {
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves("2.11.2");
-    // safeWhich throws because of the test CodeQL object.
-    sinon.stub(safeWhich, "safeWhich").resolves("");
-    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "");
+    // We need to set a CodeQL version such that running `databaseInterpretResults` does not crash.
+    // The version of CodeQL is checked upstream to determine feature enablement, so it does not
+    // affect this test.
+    sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
+    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", (0, testing_utils_1.createFeatures)([]));
     t.false(runnerConstructorStub.firstCall.args[1].includes("--sarif-add-baseline-file-info"), "--sarif-add-baseline-file-info must be absent, but it is present");
 });
 function stubToolRunnerConstructor() {

lib/config-utils.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -26,6 +22,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.downloadPacks = exports.getConfig = exports.getPathToParsedConfigFile = exports.initConfig = exports.parsePacks = exports.validatePackSpecification = exports.prettyPrintPack = exports.parsePacksSpecification = exports.parsePacksFromConfig = exports.calculateAugmentation = exports.getDefaultConfig = exports.getRawLanguages = exports.getLanguages = exports.getLanguagesInRepo = exports.getUnknownLanguagesError = exports.getNoLanguagesError = exports.getConfigFileDirectoryGivenMessage = exports.getConfigFileFormatInvalidMessage = exports.getConfigFileRepoFormatInvalidMessage = exports.getConfigFileDoesNotExistErrorMessage = exports.getConfigFileOutsideWorkspaceErrorMessage = exports.getLocalPathDoesNotExist = exports.getLocalPathOutsideOfRepository = exports.getPacksStrInvalid = exports.getPacksInvalid = exports.getPacksInvalidSplit = exports.getPathsInvalid = exports.getPathsIgnoreInvalid = exports.getQueryUsesInvalid = exports.getQueriesMissingUses = exports.getQueriesInvalid = exports.getDisableDefaultQueriesInvalid = exports.getNameInvalid = exports.validateAndSanitisePath = exports.defaultAugmentationProperties = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
+// We need to import `performance` on Node 12
 const perf_hooks_1 = require("perf_hooks");
 const yaml = __importStar(require("js-yaml"));
 const semver = __importStar(require("semver"));
@@ -131,28 +128,19 @@ async function addDefaultQueries(codeQL, languages, resultMap) {
     await runResolveQueries(codeQL, resultMap, suites, undefined);
 }
 // The set of acceptable values for built-in suites from the codeql bundle
-const builtinSuites = [
-    "security-experimental",
-    "security-extended",
-    "security-and-quality",
-];
+const builtinSuites = ["security-extended", "security-and-quality"];
 /**
  * Determine the set of queries associated with suiteName's suites and add them to resultMap.
  * Throws an error if suiteName is not a valid builtin suite.
  * May inject ML queries, and the return value will declare if this was done.
  */
 async function addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, suiteName, featureEnablement, configFile) {
+    var _a;
     let injectedMlQueries = false;
     const found = builtinSuites.find((suite) => suite === suiteName);
     if (!found) {
         throw new Error(getQueryUsesInvalid(configFile, suiteName));
     }
-    if (suiteName === "security-experimental" &&
-        !(await (0, util_1.codeQlVersionAbove)(codeQL, codeql_1.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE))) {
-        throw new Error(`The 'security-experimental' suite is not supported on CodeQL CLI versions earlier than 
-      ${codeql_1.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE}. Please upgrade to CodeQL CLI version
-      ${codeql_1.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE} or later.`);
-    }
     // If we're running the JavaScript security-extended analysis (or a superset of it), the repo is
     // opted into the ML-powered queries beta, and a user hasn't already added the ML-powered query
     // pack, then add the ML-powered query pack so that we run ML-powered queries.
@@ -161,10 +149,8 @@ async function addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, suite
     (process.platform !== "win32" ||
         (await (0, util_1.codeQlVersionAbove)(codeQL, codeql_1.CODEQL_VERSION_ML_POWERED_QUERIES_WINDOWS))) &&
         languages.includes("javascript") &&
-        (found === "security-experimental" ||
-            found === "security-extended" ||
-            found === "security-and-quality") &&
-        !packs.javascript?.some(isMlPoweredJsQueriesPack) &&
+        (found === "security-extended" || found === "security-and-quality") &&
+        !((_a = packs.javascript) === null || _a === void 0 ? void 0 : _a.some(isMlPoweredJsQueriesPack)) &&
         (await featureEnablement.getValue(feature_flags_1.Feature.MlPoweredQueriesEnabled, codeQL))) {
         if (!packs.javascript) {
             packs.javascript = [];
@@ -254,12 +240,8 @@ async function parseQueryUses(languages, codeQL, resultMap, packs, queryUses, te
     if (queryUses.indexOf("/") === -1 && queryUses.indexOf("@") === -1) {
         return await addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, queryUses, featureEnablement, configFile);
     }
-    // Otherwise, must be a reference to another repo.
-    // If config parsing is handled in CLI, then this repo will be downloaded
-    // later by the CLI.
-    if (!(await (0, util_1.useCodeScanningConfigInCli)(codeQL, featureEnablement))) {
-        await addRemoteQueries(codeQL, resultMap, queryUses, tempDir, apiDetails, logger, configFile);
-    }
+    // Otherwise, must be a reference to another repo
+    await addRemoteQueries(codeQL, resultMap, queryUses, tempDir, apiDetails, logger, configFile);
     return false;
 }
 // Regex validating stars in paths or paths-ignore entries.
@@ -582,6 +564,7 @@ async function downloadCacheWithTime(trapCachingEnabled, codeQL, languages, logg
  * Load the config from the given file.
  */
 async function loadConfig(languagesInput, rawQueriesInput, rawPacksInput, configFile, dbLocation, trapCachingEnabled, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureEnablement, logger) {
+    var _a;
     let parsedYAML;
     if (isLocal(configFile)) {
         // Treat the config file as relative to the workspace
@@ -622,7 +605,7 @@ async function loadConfig(languagesInput, rawQueriesInput, rawPacksInput, config
         await addDefaultQueries(codeQL, languages, queries);
     }
     const augmentationProperties = calculateAugmentation(rawPacksInput, rawQueriesInput, languages);
-    const packs = parsePacks(parsedYAML[PACKS_PROPERTY] ?? {}, rawPacksInput, augmentationProperties.packsInputCombines, languages, configFile, logger);
+    const packs = parsePacks((_a = parsedYAML[PACKS_PROPERTY]) !== null && _a !== void 0 ? _a : {}, rawPacksInput, augmentationProperties.packsInputCombines, languages, configFile, logger);
     // If queries were provided using `with` in the action configuration,
     // they should take precedence over the queries in the config file
     // unless they're prefixed with "+", in which case they supplement those
@@ -713,7 +696,7 @@ function calculateAugmentation(rawPacksInput, rawQueriesInput, languages) {
     return {
         injectedMlQueries: false,
         packsInputCombines,
-        packsInput: packsInput?.[languages[0]],
+        packsInput: packsInput === null || packsInput === void 0 ? void 0 : packsInput[languages[0]],
         queriesInput,
         queriesInputCombines,
     };
@@ -725,7 +708,7 @@ function parseQueriesFromInput(rawQueriesInput, queriesInputCombines) {
     }
     const trimmedInput = queriesInputCombines
         ? rawQueriesInput.trim().slice(1).trim()
-        : rawQueriesInput?.trim();
+        : rawQueriesInput === null || rawQueriesInput === void 0 ? void 0 : rawQueriesInput.trim();
     if (queriesInputCombines && trimmedInput.length === 0) {
         throw new Error(getConfigFilePropertyError(undefined, "queries", "A '+' was used in the 'queries' input to specify that you wished to add some packs to your CodeQL analysis. However, no packs were specified. Please either remove the '+' or specify some packs."));
     }
@@ -778,7 +761,7 @@ function parsePacksFromConfig(packsByLanguage, languages, configFile, logger) {
 }
 exports.parsePacksFromConfig = parsePacksFromConfig;
 function parsePacksFromInput(rawPacksInput, languages, packsInputCombines) {
-    if (!rawPacksInput?.trim()) {
+    if (!(rawPacksInput === null || rawPacksInput === void 0 ? void 0 : rawPacksInput.trim())) {
         return undefined;
     }
     if (languages.length > 1) {
@@ -905,11 +888,10 @@ exports.parsePacks = parsePacks;
  * Without a '+', an input value will override the corresponding value in the config file.
  *
  * @param inputValue The input value to process.
- * @returns true if the input value should replace the corresponding value in the config file,
- *          false if it should be appended.
+ * @returns true if the input value should replace the corresponding value in the config file, false if it should be appended.
  */
 function shouldCombine(inputValue) {
-    return !!inputValue?.trim().startsWith("+");
+    return !!(inputValue === null || inputValue === void 0 ? void 0 : inputValue.trim().startsWith("+"));
 }
 function combinePacks(packs1, packs2) {
     const packs = {};
@@ -933,6 +915,7 @@ function dbLocationOrDefault(dbLocation, tempDir) {
  * a default config. The parsed config is then stored to a known location.
  */
 async function initConfig(languagesInput, queriesInput, packsInput, registriesInput, configFile, dbLocation, trapCachingEnabled, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureEnablement, logger) {
+    var _a, _b, _c;
     let config;
     // If no config file was provided create an empty one
     if (!configFile) {
@@ -942,23 +925,22 @@ async function initConfig(languagesInput, queriesInput, packsInput, registriesIn
     else {
         config = await loadConfig(languagesInput, queriesInput, packsInput, configFile, dbLocation, trapCachingEnabled, debugMode, debugArtifactName, debugDatabaseName, repository, tempDir, codeQL, workspacePath, gitHubVersion, apiDetails, featureEnablement, logger);
     }
+    // The list of queries should not be empty for any language. If it is then
+    // it is a user configuration error.
+    for (const language of config.languages) {
+        const hasBuiltinQueries = ((_a = config.queries[language]) === null || _a === void 0 ? void 0 : _a.builtin.length) > 0;
+        const hasCustomQueries = ((_b = config.queries[language]) === null || _b === void 0 ? void 0 : _b.custom.length) > 0;
+        const hasPacks = (((_c = config.packs[language]) === null || _c === void 0 ? void 0 : _c.length) || 0) > 0;
+        if (!hasPacks && !hasBuiltinQueries && !hasCustomQueries) {
+            throw new Error(`Did not detect any queries to run for ${language}. ` +
+                "Please make sure that the default queries are enabled, or you are specifying queries to run.");
+        }
+    }
     // When using the codescanning config in the CLI, pack downloads
     // happen in the CLI during the `database init` command, so no need
     // to download them here.
     await (0, util_1.logCodeScanningConfigInCli)(codeQL, featureEnablement, logger);
     if (!(await (0, util_1.useCodeScanningConfigInCli)(codeQL, featureEnablement))) {
-        // The list of queries should not be empty for any language. If it is then
-        // it is a user configuration error.
-        // This check occurs in the CLI when it parses the config file.
-        for (const language of config.languages) {
-            const hasBuiltinQueries = config.queries[language]?.builtin.length > 0;
-            const hasCustomQueries = config.queries[language]?.custom.length > 0;
-            const hasPacks = (config.packs[language]?.length || 0) > 0;
-            if (!hasPacks && !hasBuiltinQueries && !hasCustomQueries) {
-                throw new Error(`Did not detect any queries to run for ${language}. ` +
-                    "Please make sure that the default queries are enabled, or you are specifying queries to run.");
-            }
-        }
         const registries = parseRegistries(registriesInput);
         await downloadPacks(codeQL, config.languages, config.packs, registries, apiDetails, config.tempDir, logger);
     }
@@ -1079,7 +1061,7 @@ async function downloadPacks(codeQL, languages, packs, registries, apiDetails, t
         logger.startGroup("Downloading packs");
         for (const language of languages) {
             const packsWithVersion = packs[language];
-            if (packsWithVersion?.length) {
+            if (packsWithVersion === null || packsWithVersion === void 0 ? void 0 : packsWithVersion.length) {
                 logger.info(`Downloading custom packs for ${language}`);
                 const results = await codeQL.packDownload(packsWithVersion, qlconfigFile);
                 numPacksDownloaded += results.packs.length;
@@ -1089,7 +1071,7 @@ async function downloadPacks(codeQL, languages, packs, registries, apiDetails, t
             }
         }
         if (numPacksDownloaded > 0) {
-            logger.info(`Downloaded ${numPacksDownloaded} ${numPacksDownloaded === 1 ? "pack" : "packs"}`);
+            logger.info(`Downloaded ${numPacksDownloaded} ${packs === 1 ? "pack" : "packs"}`);
         }
         else {
             logger.info("No packs to download");
@@ -1106,7 +1088,7 @@ function createRegistriesBlock(registries) {
     // be sure to remove the `token` field from the registry before writing it to disk.
     const safeRegistries = registries.map((registry) => ({
         // ensure the url ends with a slash to avoid a bug in the CLI 2.10.4
-        url: !registry?.url.endsWith("/") ? `${registry.url}/` : registry.url,
+        url: !(registry === null || registry === void 0 ? void 0 : registry.url.endsWith("/")) ? `${registry.url}/` : registry.url,
         packages: registry.packages,
     }));
     const qlconfig = {

lib/config-utils.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -64,7 +60,6 @@ function mockGetContents(content) {
     };
     const spyGetContents = sinon
         .stub(client.repos, "getContent")
-        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
         .resolves(response);
     sinon.stub(api, "getApiClient").value(() => client);
     sinon.stub(api, "getApiClientWithExternalAuth").value(() => client);
@@ -79,7 +74,6 @@ function mockListLanguages(languages) {
     for (const language of languages) {
         response.data[language] = 123;
     }
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
     sinon.stub(client.repos, "listLanguages").resolves(response);
     sinon.stub(api, "getApiClient").value(() => client);
 }
@@ -936,7 +930,7 @@ const packSpecPrettyPrintingMacro = ava_1.default.macro({
  * Test macro for testing the packs block and the packs input
  */
 function parseInputAndConfigMacro(t, packsFromConfig, packsFromInput, languages, expected) {
-    t.deepEqual(configUtils.parsePacks(packsFromConfig, packsFromInput, !!packsFromInput?.trim().startsWith("+"), // coerce to boolean
+    t.deepEqual(configUtils.parsePacks(packsFromConfig, packsFromInput, !!(packsFromInput === null || packsFromInput === void 0 ? void 0 : packsFromInput.trim().startsWith("+")), // coerce to boolean
     languages, "/a/b", mockLogger), expected);
 }
 parseInputAndConfigMacro.title = (providedTitle) => `Parse Packs input and config: ${providedTitle}`;
@@ -1014,7 +1008,7 @@ const mlPoweredQueriesMacro = ava_1.default.macro({
 // Test that the ~0.1.0 version of ML-powered queries is run on v2.8.3 of the CLI.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.8.3", true, undefined, "security-extended", process.platform === "win32" ? undefined : "~0.1.0");
 // Test that ML-powered queries aren't run when the user hasn't specified that we should run the
-//  `security-extended`, `security-and-quality`, or `security-experimental` query suite.
+// `security-extended` or `security-and-quality` query suite.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.7.5", true, undefined, undefined, undefined);
 // Test that ML-powered queries are run on non-Windows platforms running `security-extended` on
 // versions of the CodeQL CLI prior to 2.9.0.
@@ -1042,9 +1036,6 @@ const mlPoweredQueriesMacro = ava_1.default.macro({
 // Test that ML-powered queries are run on all platforms running `security-and-quality` on CodeQL
 // CLI 2.11.3+.
 (0, ava_1.default)(mlPoweredQueriesMacro, "2.11.3", true, undefined, "security-and-quality", "~0.4.0");
-// Test that ML-powered queries are run on all platforms running `security-experimental` on CodeQL
-// CLI 2.12.1+.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.12.1", true, undefined, "security-experimental", "~0.4.0");
 const calculateAugmentationMacro = ava_1.default.macro({
     exec: async (t, _title, rawPacksInput, rawQueriesInput, languages, expectedAugmentationProperties) => {
         const actualAugmentationProperties = configUtils.calculateAugmentation(rawPacksInput, rawQueriesInput, languages);

lib/database-upload.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -48,32 +44,24 @@ async function uploadDatabases(repositoryNwo, config, apiDetails, logger) {
     const client = (0, api_client_1.getApiClient)();
     const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
     for (const language of config.languages) {
+        // Upload the database bundle.
+        // Although we are uploading arbitrary file contents to the API, it's worth
+        // noting that it's the API's job to validate that the contents is acceptable.
+        // This API method is available to anyone with write access to the repo.
+        const payload = fs.readFileSync(await (0, util_1.bundleDb)(config, language, codeql, language));
         try {
-            // Upload the database bundle.
-            // Although we are uploading arbitrary file contents to the API, it's worth
-            // noting that it's the API's job to validate that the contents is acceptable.
-            // This API method is available to anyone with write access to the repo.
-            const bundledDb = await (0, util_1.bundleDb)(config, language, codeql, language);
-            const bundledDbSize = fs.statSync(bundledDb).size;
-            const bundledDbReadStream = fs.createReadStream(bundledDb);
-            try {
-                await client.request(`POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, {
-                    owner: repositoryNwo.owner,
-                    repo: repositoryNwo.repo,
-                    language,
-                    name: `${language}-database`,
-                    data: bundledDbReadStream,
-                    headers: {
-                        authorization: `token ${apiDetails.auth}`,
-                        "Content-Type": "application/zip",
-                        "Content-Length": bundledDbSize,
-                    },
-                });
-                logger.debug(`Successfully uploaded database for ${language}`);
-            }
-            finally {
-                bundledDbReadStream.close();
-            }
+            await client.request(`POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name`, {
+                owner: repositoryNwo.owner,
+                repo: repositoryNwo.repo,
+                language,
+                name: `${language}-database`,
+                data: payload,
+                headers: {
+                    authorization: `token ${apiDetails.auth}`,
+                    "Content-Type": "application/zip",
+                },
+            });
+            logger.debug(`Successfully uploaded database for ${language}`);
         }
         catch (e) {
             console.log(e);

lib/database-upload.js.map

@@ -1 +1 @@
-{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE;QAC9D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;KACR;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;QAC3D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE;QACnD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;KACR;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,IAAI;YACF,8BAA8B;YAC9B,2EAA2E;YAC3E,8EAA8E;YAC9E,wEAAwE;YACxE,MAAM,SAAS,GAAG,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;YACrE,MAAM,aAAa,GAAG,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC;YAClD,MAAM,mBAAmB,GAAG,EAAE,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;YAC3D,IAAI;gBACF,MAAM,MAAM,CAAC,OAAO,CAClB,wGAAwG,EACxG;oBACE,KAAK,EAAE,aAAa,CAAC,KAAK;oBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;oBACxB,QAAQ;oBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;oBAC5B,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE;wBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;wBACzC,cAAc,EAAE,iBAAiB;wBACjC,gBAAgB,EAAE,aAAa;qBAChC;iBACF,CACF,CAAC;gBACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;aAChE;oBAAS;gBACR,mBAAmB,CAAC,KAAK,EAAE,CAAC;aAC7B;SACF;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;SACnE;KACF;AACH,CAAC;AA7DD,0CA6DC"}
+{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE;QAC9D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;KACR;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;QAC3D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;KACR;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE;QACnD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;KACR;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,8BAA8B;QAC9B,2EAA2E;QAC3E,8EAA8E;QAC9E,wEAAwE;QACxE,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAC7B,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CACnD,CAAC;QACF,IAAI;YACF,MAAM,MAAM,CAAC,OAAO,CAClB,wGAAwG,EACxG;gBACE,KAAK,EAAE,aAAa,CAAC,KAAK;gBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;gBACxB,QAAQ;gBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;gBAC5B,IAAI,EAAE,OAAO;gBACb,OAAO,EAAE;oBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;oBACzC,cAAc,EAAE,iBAAiB;iBAClC;aACF,CACF,CAAC;YACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;SAChE;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;SACnE;KACF;AACH,CAAC;AAxDD,0CAwDC"}

lib/database-upload.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

lib/debug-artifacts.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

lib/debug-artifacts.js.map

@@ -1 +1 @@
-{"version":3,"file":"debug-artifacts.js","sourceRoot":"","sources":["../src/debug-artifacts.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,4DAA8C;AAC9C,oDAAsC;AACtC,sDAA6B;AAC7B,8CAAsB;AAEtB,iDAAkD;AAClD,uCAA0C;AAC1C,qCAAiE;AAIjE,iCAMgB;AAEhB,SAAgB,mBAAmB,CAAC,IAAY;IAC9C,OAAO,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC;AAChD,CAAC;AAFD,kDAEC;AAEM,KAAK,UAAU,oBAAoB,CACxC,QAAkB,EAClB,OAAe,EACf,YAAoB;IAEpB,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QACzB,OAAO;KACR;IACD,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE;QACV,IAAI;YACF,KAAK,MAAM,CAAC,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CACxC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAY,CAC9B,CAAC,IAAI,EAAE;gBACN,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;SAC7B;QAAC,OAAO,CAAC,EAAE;YACV,IAAI,CAAC,IAAI,CACP,+HAA+H,CAChI,CAAC;SACH;KACF;IACD,MAAM,QAAQ,CAAC,MAAM,EAAE,CAAC,cAAc,CACpC,mBAAmB,CAAC,GAAG,YAAY,GAAG,MAAM,EAAE,CAAC,EAC/C,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAC5C,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CACxB,CAAC;AACJ,CAAC;AA3BD,oDA2BC;AAEM,KAAK,UAAU,wBAAwB,CAC5C,MAAc,EACd,SAAiB;IAEjB,IAAI,CAAC,IAAA,yBAAkB,EAAC,SAAS,CAAC,EAAE;QAClC,OAAO;KACR;IAED,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,SAAS,EAAE;QACnC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,IAAI,QAAQ,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE;YAC5B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;SACvC;KACF;IACD,MAAM,oBAAoB,CAAC,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAC5E,CAAC;AAhBD,4DAgBC;AAEM,KAAK,UAAU,uBAAuB,CAAC,MAAc;IAC1D,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,MAAM,iBAAiB,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClE,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;QAC7D,IAAI,IAAA,yBAAkB,EAAC,aAAa,CAAC,EAAE;YACrC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,aAAa,CAAC,CAAC,CAAC;SACvD;KACF;IAED,IAAI,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,mCAA0B,CAAC,EAAE;QAChE,8EAA8E;QAC9E,MAAM,iCAAiC,GAAG,IAAI,CAAC,OAAO,CACpD,MAAM,CAAC,UAAU,EACjB,KAAK,CACN,CAAC;QACF,IAAI,IAAA,yBAAkB,EAAC,iCAAiC,CAAC,EAAE;YACzD,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,iCAAiC,CAAC,CAAC,CAAC;SAC3E;KACF;IACD,MAAM,oBAAoB,CACxB,QAAQ,EACR,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IAEF,sFAAsF;IACtF,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,mCAA0B,CAAC,CAAC,EAAE;QACnE,MAAM,+BAA+B,GAAG,IAAI,CAAC,OAAO,CAClD,MAAM,CAAC,OAAO,EACd,2BAA2B,CAC5B,CAAC;QACF,IAAI,IAAA,yBAAkB,EAAC,+BAA+B,CAAC,EAAE;YACvD,MAAM,oBAAoB,CACxB,CAAC,+BAA+B,CAAC,EACjC,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,iBAAiB,CACzB,CAAC;SACH;KACF;AACH,CAAC;AA1CD,0DA0CC;AAED;;;;GAIG;AACH,KAAK,UAAU,2BAA2B,CACxC,MAAc,EACd,QAAkB;IAElB,MAAM,YAAY,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC7D,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CACrC,MAAM,CAAC,UAAU,EACjB,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,cAAc,CACtD,CAAC;IACF,IAAI,CAAC,IAAI,CACP,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,2DAA2D,kBAAkB,KAAK,CAC1H,CAAC;IACF,qEAAqE;IACrE,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE;QACrC,MAAM,IAAA,aAAG,EAAC,kBAAkB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;KAChD;IACD,MAAM,GAAG,GAAG,IAAI,iBAAM,EAAE,CAAC;IACzB,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACjC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;IACjC,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,MAAc,EACd,QAAkB;IAElB,kDAAkD;IAClD,MAAM,kBAAkB,GAAG,MAAM,IAAA,eAAQ,EACvC,MAAM,EACN,QAAQ,EACR,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,EACjC,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,EAAE,CAC1C,CAAC;IACF,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAEM,KAAK,UAAU,iCAAiC,CACrD,MAAc,EACd,MAAc;IAEd,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,IAAI;YACF,IAAI,kBAA0B,CAAC;YAC/B,IAAI,CAAC,IAAA,uBAAa,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE;gBAC5C,kBAAkB,GAAG,MAAM,2BAA2B,CACpD,MAAM,EACN,QAAQ,CACT,CAAC;aACH;iBAAM;gBACL,kBAAkB,GAAG,MAAM,uBAAuB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;aACtE;YACD,MAAM,oBAAoB,CACxB,CAAC,kBAAkB,CAAC,EACpB,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;SACH;QAAC,OAAO,KAAK,EAAE;YACd,IAAI,CAAC,IAAI,CACP,8CAA8C,MAAM,CAAC,iBAAiB,IAAI,QAAQ,KAAK,KAAK,EAAE,CAC/F,CAAC;SACH;KACF;AACH,CAAC;AA1BD,8EA0BC"}
+{"version":3,"file":"debug-artifacts.js","sourceRoot":"","sources":["../src/debug-artifacts.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,4DAA8C;AAC9C,oDAAsC;AACtC,sDAA6B;AAC7B,8CAAsB;AAEtB,iDAAkD;AAClD,uCAA0C;AAC1C,qCAAiE;AAIjE,iCAMgB;AAEhB,SAAgB,mBAAmB,CAAC,IAAY;IAC9C,OAAO,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC;AAChD,CAAC;AAFD,kDAEC;AAEM,KAAK,UAAU,oBAAoB,CACxC,QAAkB,EAClB,OAAe,EACf,YAAoB;IAEpB,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QACzB,OAAO;KACR;IACD,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE;QACV,IAAI;YACF,KAAK,MAAM,CAAC,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE;gBACnE,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;SAC7B;QAAC,OAAO,CAAC,EAAE;YACV,IAAI,CAAC,IAAI,CACP,+HAA+H,CAChI,CAAC;SACH;KACF;IACD,MAAM,QAAQ,CAAC,MAAM,EAAE,CAAC,cAAc,CACpC,mBAAmB,CAAC,GAAG,YAAY,GAAG,MAAM,EAAE,CAAC,EAC/C,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAC5C,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CACxB,CAAC;AACJ,CAAC;AAzBD,oDAyBC;AAEM,KAAK,UAAU,wBAAwB,CAC5C,MAAc,EACd,SAAiB;IAEjB,IAAI,CAAC,IAAA,yBAAkB,EAAC,SAAS,CAAC,EAAE;QAClC,OAAO;KACR;IAED,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,SAAS,EAAE;QACnC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,IAAI,QAAQ,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE;YAC5B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;SACvC;KACF;IACD,MAAM,oBAAoB,CAAC,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAC5E,CAAC;AAhBD,4DAgBC;AAEM,KAAK,UAAU,uBAAuB,CAAC,MAAc;IAC1D,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,MAAM,iBAAiB,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClE,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;QAC7D,IAAI,IAAA,yBAAkB,EAAC,aAAa,CAAC,EAAE;YACrC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,aAAa,CAAC,CAAC,CAAC;SACvD;KACF;IAED,IAAI,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,mCAA0B,CAAC,EAAE;QAChE,8EAA8E;QAC9E,MAAM,iCAAiC,GAAG,IAAI,CAAC,OAAO,CACpD,MAAM,CAAC,UAAU,EACjB,KAAK,CACN,CAAC;QACF,IAAI,IAAA,yBAAkB,EAAC,iCAAiC,CAAC,EAAE;YACzD,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,iCAAiC,CAAC,CAAC,CAAC;SAC3E;KACF;IACD,MAAM,oBAAoB,CACxB,QAAQ,EACR,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;IAEF,sFAAsF;IACtF,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,mCAA0B,CAAC,CAAC,EAAE;QACnE,MAAM,+BAA+B,GAAG,IAAI,CAAC,OAAO,CAClD,MAAM,CAAC,OAAO,EACd,2BAA2B,CAC5B,CAAC;QACF,IAAI,IAAA,yBAAkB,EAAC,+BAA+B,CAAC,EAAE;YACvD,MAAM,oBAAoB,CACxB,CAAC,+BAA+B,CAAC,EACjC,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,iBAAiB,CACzB,CAAC;SACH;KACF;AACH,CAAC;AA1CD,0DA0CC;AAED;;;;GAIG;AACH,KAAK,UAAU,2BAA2B,CACxC,MAAc,EACd,QAAkB;IAElB,MAAM,YAAY,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC7D,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CACrC,MAAM,CAAC,UAAU,EACjB,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,cAAc,CACtD,CAAC;IACF,IAAI,CAAC,IAAI,CACP,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,2DAA2D,kBAAkB,KAAK,CAC1H,CAAC;IACF,qEAAqE;IACrE,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE;QACrC,MAAM,IAAA,aAAG,EAAC,kBAAkB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;KAChD;IACD,MAAM,GAAG,GAAG,IAAI,iBAAM,EAAE,CAAC;IACzB,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACjC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;IACjC,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,MAAc,EACd,QAAkB;IAElB,kDAAkD;IAClD,MAAM,kBAAkB,GAAG,MAAM,IAAA,eAAQ,EACvC,MAAM,EACN,QAAQ,EACR,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,EACjC,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,EAAE,CAC1C,CAAC;IACF,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAEM,KAAK,UAAU,iCAAiC,CACrD,MAAc,EACd,MAAc;IAEd,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,IAAI;YACF,IAAI,kBAAkB,CAAC;YACvB,IAAI,CAAC,IAAA,uBAAa,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE;gBAC5C,kBAAkB,GAAG,MAAM,2BAA2B,CACpD,MAAM,EACN,QAAQ,CACT,CAAC;aACH;iBAAM;gBACL,kBAAkB,GAAG,MAAM,uBAAuB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;aACtE;YACD,MAAM,oBAAoB,CACxB,CAAC,kBAAkB,CAAC,EACpB,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;SACH;QAAC,OAAO,KAAK,EAAE;YACd,IAAI,CAAC,IAAI,CACP,8CAA8C,MAAM,CAAC,iBAAiB,IAAI,QAAQ,KAAK,KAAK,EAAE,CAC/F,CAAC;SACH;KACF;AACH,CAAC;AA1BD,8EA0BC"}

lib/debug-artifacts.test.js

@@ -1,11 +1,7 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];