Merge pull request #1932 from github/update-v2.22.1-18e6c398c

Merge main into releases/v2
Update changelog for v2.22.1
2025-12-06 15:58:06 +08:00 · 2023-10-09 12:02:20 +01:00 · 2023-10-09 09:46:39 +00:00 · 2023-10-09 10:30:49 +01:00 · 2023-10-09 09:55:04 +01:00 · 2023-10-09 09:42:25 +01:00
216 changed files with 120566 additions and 3301 deletions
--- a/.github/actions/setup-swift/action.yml
+++ b/.github/actions/setup-swift/action.yml
@@ -31,7 +31,7 @@ runs:
        fi
        echo "version=$VERSION" | tee -a $GITHUB_OUTPUT

-    - uses: swift-actions/setup-swift@cdcbe8e35d3801acd82d7109285e6ab22c9212c2 # Please update the corresponding SHA in the CLI's CodeQL Action Integration Test.
+    - uses: swift-actions/setup-swift@f51889efb55dccf13be0ee727e3d6c89a096fb4c # Please update the corresponding SHA in the CLI's CodeQL Action Integration Test.
      if: runner.os == 'Linux' && steps.get_swift_version.outputs.version != 'null'
      with:
        swift-version: "${{ steps.get_swift_version.outputs.version }}"
--- a/.github/workflows/__analyze-ref-input.yml
+++ b/.github/workflows/__analyze-ref-input.yml
@@ -25,12 +25,6 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
-        - os: windows-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: macos-latest
@@ -49,6 +43,18 @@ jobs:
          version: stable-20230418
        - os: windows-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: macos-latest
+          version: stable-v2.13.5
+        - os: windows-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+        - os: macos-latest
+          version: stable-v2.14.6
+        - os: windows-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: macos-latest
--- a/.github/workflows/__go-custom-queries.yml
+++ b/.github/workflows/__go-custom-queries.yml
@@ -25,12 +25,6 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
-        - os: windows-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: macos-latest
@@ -49,6 +43,18 @@ jobs:
          version: stable-20230418
        - os: windows-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: macos-latest
+          version: stable-v2.13.5
+        - os: windows-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+        - os: macos-latest
+          version: stable-v2.14.6
+        - os: windows-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: macos-latest
--- a/.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml
+++ b/.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml
@@ -0,0 +1,96 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
+# to regenerate this file.
+
+name: 'PR Check - Go: diagnostic when Go is changed after init step'
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
+on:
+  push:
+    branches:
+    - main
+    - releases/v2
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  go-indirect-tracing-workaround-diagnostic:
+    strategy:
+      matrix:
+        include:
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+    name: 'Go: diagnostic when Go is changed after init step'
+    permissions:
+      contents: read
+      security-events: write
+    timeout-minutes: 45
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v4
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/actions/prepare-test
+      with:
+        version: ${{ matrix.version }}
+        use-all-platform-bundle: 'false'
+    - name: Set environment variable for Swift enablement
+      if: >-
+        runner.os != 'Windows' && (
+            matrix.version == '20220908' ||
+            matrix.version == '20221211'
+        )
+      shell: bash
+      run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
+    - uses: actions/setup-go@v4
+      with:
+      # We need a Go version that ships with statically linked binaries on Linux
+        go-version: '>=1.21.0'
+    - uses: ./../action/init
+      with:
+        languages: go
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+  # Deliberately change Go after the `init` step
+    - uses: actions/setup-go@v4
+      with:
+        go-version: '1.20'
+    - name: Build code
+      shell: bash
+      run: go build main.go
+    - uses: ./../action/analyze
+      with:
+        output: ${{ runner.temp }}/results
+        upload-database: false
+    - name: Check diagnostic appears in SARIF
+      uses: actions/github-script@v6
+      env:
+        SARIF_PATH: ${{ runner.temp }}/results/go.sarif
+      with:
+        script: |
+          const fs = require('fs');
+
+          const sarif = JSON.parse(fs.readFileSync(process.env['SARIF_PATH'], 'utf8'));
+          const run = sarif.runs[0];
+
+          const toolExecutionNotifications = run.invocations[0].toolExecutionNotifications;
+          const statusPageNotifications = toolExecutionNotifications.filter(n =>
+            n.descriptor.id === 'go/workflow/go-installed-after-codeql-init' && n.properties?.visibility?.statusPage
+          );
+          if (statusPageNotifications.length !== 1) {
+            core.setFailed(
+              'Expected exactly one status page reporting descriptor for this diagnostic in the ' +
+                `'runs[].invocations[].toolExecutionNotifications[]' SARIF property, but found ` +
+                `${statusPageNotifications.length}. All notification reporting descriptors: ` +
+                `${JSON.stringify(toolExecutionNotifications)}.`
+            );
+          }
+    env:
+      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__go-indirect-tracing-workaround.yml
+++ b/.github/workflows/__go-indirect-tracing-workaround.yml
@@ -0,0 +1,94 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
+# to regenerate this file.
+
+name: 'PR Check - Go: workaround for indirect tracing'
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
+on:
+  push:
+    branches:
+    - main
+    - releases/v2
+  pull_request:
+    types:
+    - opened
+    - synchronize
+    - reopened
+    - ready_for_review
+  workflow_dispatch: {}
+jobs:
+  go-indirect-tracing-workaround:
+    strategy:
+      matrix:
+        include:
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+    name: 'Go: workaround for indirect tracing'
+    permissions:
+      contents: read
+      security-events: write
+    timeout-minutes: 45
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v4
+    - name: Prepare test
+      id: prepare-test
+      uses: ./.github/actions/prepare-test
+      with:
+        version: ${{ matrix.version }}
+        use-all-platform-bundle: 'false'
+    - name: Set environment variable for Swift enablement
+      if: >-
+        runner.os != 'Windows' && (
+            matrix.version == '20220908' ||
+            matrix.version == '20221211'
+        )
+      shell: bash
+      run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
+    - uses: actions/setup-go@v4
+      with:
+      # We need a Go version that ships with statically linked binaries on Linux
+        go-version: '>=1.21.0'
+    - uses: ./../action/init
+      with:
+        languages: go
+        tools: ${{ steps.prepare-test.outputs.tools-url }}
+    - name: Build code
+      shell: bash
+      run: go build main.go
+    - uses: ./../action/analyze
+      with:
+        upload-database: false
+    - shell: bash
+      run: |
+        if [[ -z "${CODEQL_ACTION_GO_BINARY}" ]]; then
+          echo "Expected the workaround for indirect tracing of static binaries to trigger, but the" \
+            "CODEQL_ACTION_GO_BINARY environment variable is not set."
+          exit 1
+        fi
+        if [[ ! -f "${CODEQL_ACTION_GO_BINARY}" ]]; then
+          echo "CODEQL_ACTION_GO_BINARY is set, but the corresponding script does not exist."
+          exit 1
+        fi
+
+
+        # Once we start running Bash 4.2 in all environments, we can replace the
+        # `! -z` flag with the more elegant `-v` which confirms that the variable
+        # is actually unset and not potentially set to a blank value.
+        if [[ ! -z "${CODEQL_ACTION_DID_AUTOBUILD_GOLANG}" ]]; then
+          echo "Expected the Go autobuilder not to be run, but the" \
+            "CODEQL_ACTION_DID_AUTOBUILD_GOLANG environment variable was set."
+          exit 1
+        fi
+        cd "$RUNNER_TEMP/codeql_databases"
+        if [[ ! -d go ]]; then
+          echo "Did not find a Go database"
+          exit 1
+        fi
+    env:
+      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__go-tracing-autobuilder.yml
+++ b/.github/workflows/__go-tracing-autobuilder.yml
@@ -25,10 +25,6 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: macos-latest
@@ -41,6 +37,14 @@ jobs:
          version: stable-20230418
        - os: macos-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: macos-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+        - os: macos-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: macos-latest
@@ -76,6 +80,9 @@ jobs:
        )
      shell: bash
      run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
+    - uses: actions/setup-go@v4
+      with:
+        go-version: ~1.21.1
    - uses: ./../action/init
      with:
        languages: go
--- a/.github/workflows/__go-tracing-custom-build-steps.yml
+++ b/.github/workflows/__go-tracing-custom-build-steps.yml
@@ -25,10 +25,6 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: macos-latest
@@ -41,6 +37,14 @@ jobs:
          version: stable-20230418
        - os: macos-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: macos-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+        - os: macos-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: macos-latest
@@ -76,6 +80,9 @@ jobs:
        )
      shell: bash
      run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
+    - uses: actions/setup-go@v4
+      with:
+        go-version: ~1.21.1
    - uses: ./../action/init
      with:
        languages: go
--- a/.github/workflows/__go-tracing-legacy-workflow.yml
+++ b/.github/workflows/__go-tracing-legacy-workflow.yml
@@ -25,10 +25,6 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: macos-latest
@@ -41,6 +37,14 @@ jobs:
          version: stable-20230418
        - os: macos-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: macos-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+        - os: macos-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: macos-latest
@@ -76,6 +80,9 @@ jobs:
        )
      shell: bash
      run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
+    - uses: actions/setup-go@v4
+      with:
+        go-version: ~1.21.1
    - uses: ./../action/init
      with:
        languages: go
--- a/.github/workflows/__ml-powered-queries.yml
+++ b/.github/workflows/__ml-powered-queries.yml
@@ -1,147 +0,0 @@
-# Warning: This file is generated automatically, and should not be modified.
-# Instead, please modify the template in the pr-checks directory and run:
-#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
-# to regenerate this file.
-
-name: PR Check - ML-powered queries
-env:
-  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-  GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
-on:
-  push:
-    branches:
-    - main
-    - releases/v2
-  pull_request:
-    types:
-    - opened
-    - synchronize
-    - reopened
-    - ready_for_review
-  workflow_dispatch: {}
-jobs:
-  ml-powered-queries:
-    strategy:
-      matrix:
-        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
-        - os: windows-latest
-          version: stable-20220615
-        - os: ubuntu-latest
-          version: stable-20220908
-        - os: macos-latest
-          version: stable-20220908
-        - os: windows-latest
-          version: stable-20220908
-        - os: ubuntu-latest
-          version: stable-20221211
-        - os: macos-latest
-          version: stable-20221211
-        - os: windows-latest
-          version: stable-20221211
-        - os: ubuntu-latest
-          version: stable-20230418
-        - os: macos-latest
-          version: stable-20230418
-        - os: windows-latest
-          version: stable-20230418
-        - os: ubuntu-latest
-          version: default
-        - os: macos-latest
-          version: default
-        - os: windows-latest
-          version: default
-        - os: ubuntu-latest
-          version: latest
-        - os: macos-latest
-          version: latest
-        - os: windows-latest
-          version: latest
-        - os: ubuntu-latest
-          version: nightly-latest
-        - os: macos-latest
-          version: nightly-latest
-        - os: windows-latest
-          version: nightly-latest
-    name: ML-powered queries
-    permissions:
-      contents: read
-      security-events: write
-    timeout-minutes: 45
-    runs-on: ${{ matrix.os }}
-    steps:
-    - name: Check out repository
-      uses: actions/checkout@v4
-    - name: Prepare test
-      id: prepare-test
-      uses: ./.github/actions/prepare-test
-      with:
-        version: ${{ matrix.version }}
-        use-all-platform-bundle: 'false'
-    - name: Set environment variable for Swift enablement
-      if: >-
-        runner.os != 'Windows' && (
-            matrix.version == '20220908' ||
-            matrix.version == '20221211'
-        )
-      shell: bash
-      run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
-    - uses: ./../action/init
-      with:
-        languages: javascript
-        queries: security-extended
-        source-root: ./../action/tests/ml-powered-queries-repo
-        tools: ${{ steps.prepare-test.outputs.tools-url }}
-
-    - uses: ./../action/analyze
-      with:
-        output: ${{ runner.temp }}/results
-        upload-database: false
-
-    - name: Upload SARIF
-      uses: actions/upload-artifact@v3
-      with:
-        name: ml-powered-queries-${{ matrix.os }}-${{ matrix.version }}.sarif.json
-        path: ${{ runner.temp }}/results/javascript.sarif
-        retention-days: 7
-
-    - name: Check sarif
-      uses: ./../action/.github/actions/check-sarif
-      with:
-        sarif-file: ${{ runner.temp }}/results/javascript.sarif
-        queries-run: 
-          js/ml-powered/nosql-injection,js/ml-powered/path-injection,js/ml-powered/sql-injection,js/ml-powered/xss
-        queries-not-run: foo,bar
-
-    - name: Check results
-      shell: bash
-      run: |
-        cd "$RUNNER_TEMP/results"
-        # We should run at least the ML-powered queries in `expected_rules`.
-        expected_rules="js/ml-powered/nosql-injection js/ml-powered/path-injection js/ml-powered/sql-injection js/ml-powered/xss"
-
-        for rule in ${expected_rules}; do
-          found_rule=$(jq --arg rule "${rule}" '[.runs[0].tool.extensions[].rules | select(. != null) |
-            flatten | .[].id] | any(. == $rule)' javascript.sarif)
-          echo "Did find rule '${rule}': ${found_rule}"
-          if [[ "${found_rule}" != "true" ]]; then
-            echo "Expected SARIF output to contain rule '${rule}', but found no such rule."
-            exit 1
-          fi
-        done
-
-        # We should have at least one alert from an ML-powered query.
-        num_alerts=$(jq '[.runs[0].results[] |
-          select(.properties.score != null and (.rule.id | startswith("js/ml-powered/")))] | length' \
-          javascript.sarif)
-        echo "Found ${num_alerts} alerts from ML-powered queries.";
-        if [[ "${num_alerts}" -eq 0 ]]; then
-          echo "Expected to find at least one alert from an ML-powered query but found ${num_alerts}."
-          exit 1
-        fi
-    env:
-      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__multi-language-autodetect.yml
+++ b/.github/workflows/__multi-language-autodetect.yml
@@ -25,10 +25,6 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: macos-latest
@@ -41,6 +37,14 @@ jobs:
          version: stable-20230418
        - os: macos-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: macos-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+        - os: macos-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: macos-latest
--- a/.github/workflows/__remote-config.yml
+++ b/.github/workflows/__remote-config.yml
@@ -25,12 +25,6 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
-        - os: windows-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: macos-latest
@@ -49,6 +43,18 @@ jobs:
          version: stable-20230418
        - os: windows-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: macos-latest
+          version: stable-v2.13.5
+        - os: windows-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+        - os: macos-latest
+          version: stable-v2.14.6
+        - os: windows-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: macos-latest
--- a/.github/workflows/__resolve-environment-action.yml
+++ b/.github/workflows/__resolve-environment-action.yml
@@ -31,6 +31,24 @@ jobs:
          version: stable-v2.13.4
        - os: windows-latest
          version: stable-v2.13.4
+        - os: ubuntu-latest
+          version: default
+        - os: macos-latest
+          version: default
+        - os: windows-latest
+          version: default
+        - os: ubuntu-latest
+          version: latest
+        - os: macos-latest
+          version: latest
+        - os: windows-latest
+          version: latest
+        - os: ubuntu-latest
+          version: nightly-latest
+        - os: macos-latest
+          version: nightly-latest
+        - os: windows-latest
+          version: nightly-latest
    name: Resolve environment
    permissions:
      contents: read
@@ -56,16 +74,30 @@ jobs:
      run: echo "CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT=true" >> $GITHUB_ENV
    - uses: ./../action/init
      with:
-        languages: go
+        languages: ${{ matrix.version == 'stable-v2.13.4' && 'go' || 'go,javascript-typescript'
+          }}
        tools: ${{ steps.prepare-test.outputs.tools-url }}

-    - uses: ./../action/resolve-environment
-      id: resolve-environment
+    - name: Resolve environment for Go
+      uses: ./../action/resolve-environment
+      id: resolve-environment-go
      with:
        language: go

-    - name: Fail if no Go configuration was returned
-      if: (!fromJSON(steps.resolve-environment.outputs.environment).configuration.go)
+    - name: Fail if Go configuration missing
+      if: (!fromJSON(steps.resolve-environment-go.outputs.environment).configuration.go)
+      run: exit 1
+
+    - name: Resolve environment for JavaScript/TypeScript
+      if: matrix.version != 'stable-v2.13.4'
+      uses: ./../action/resolve-environment
+      id: resolve-environment-js
+      with:
+        language: javascript-typescript
+
+    - name: Fail if JavaScript/TypeScript configuration present
+      if: matrix.version != 'stable-v2.13.4' && 
+        fromJSON(steps.resolve-environment-js.outputs.environment).configuration.javascript
      run: exit 1
    env:
      CODEQL_ACTION_TEST_MODE: true
--- a/.github/workflows/__scaling-reserved-ram.yml
+++ b/.github/workflows/__scaling-reserved-ram.yml
@@ -25,10 +25,6 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: macos-latest
@@ -41,6 +37,14 @@ jobs:
          version: stable-20230418
        - os: macos-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: macos-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+        - os: macos-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: macos-latest
--- a/.github/workflows/__unset-environment.yml
+++ b/.github/workflows/__unset-environment.yml
@@ -25,14 +25,16 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: ubuntu-latest
          version: stable-20221211
        - os: ubuntu-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: ubuntu-latest
--- a/.github/workflows/__upload-ref-sha-input.yml
+++ b/.github/workflows/__upload-ref-sha-input.yml
@@ -25,12 +25,6 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
-        - os: windows-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: macos-latest
@@ -49,6 +43,18 @@ jobs:
          version: stable-20230418
        - os: windows-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: macos-latest
+          version: stable-v2.13.5
+        - os: windows-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+        - os: macos-latest
+          version: stable-v2.14.6
+        - os: windows-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: macos-latest
--- a/.github/workflows/__with-checkout-path.yml
+++ b/.github/workflows/__with-checkout-path.yml
@@ -25,12 +25,6 @@ jobs:
    strategy:
      matrix:
        include:
-        - os: ubuntu-latest
-          version: stable-20220615
-        - os: macos-latest
-          version: stable-20220615
-        - os: windows-latest
-          version: stable-20220615
        - os: ubuntu-latest
          version: stable-20220908
        - os: macos-latest
@@ -49,6 +43,18 @@ jobs:
          version: stable-20230418
        - os: windows-latest
          version: stable-20230418
+        - os: ubuntu-latest
+          version: stable-v2.13.5
+        - os: macos-latest
+          version: stable-v2.13.5
+        - os: windows-latest
+          version: stable-v2.13.5
+        - os: ubuntu-latest
+          version: stable-v2.14.6
+        - os: macos-latest
+          version: stable-v2.14.6
+        - os: windows-latest
+          version: stable-v2.14.6
        - os: ubuntu-latest
          version: default
        - os: macos-latest
--- a/.github/workflows/debug-artifacts.yml
+++ b/.github/workflows/debug-artifacts.yml
@@ -25,10 +25,11 @@ jobs:
        - ubuntu-latest
        - macos-latest
        version:
-        - stable-20220615
        - stable-20220908
        - stable-20221211
        - stable-20230418
+        - stable-v2.13.5
+        - stable-v2.14.6
        - default
        - latest
        - nightly-latest
@@ -74,11 +75,11 @@ jobs:
      - name: Check expected artifacts exist
        shell: bash
        run: |
-          VERSIONS="stable-20220615 stable-20220908 stable-20221211 stable-20230418 default latest nightly-latest"
+          VERSIONS="stable-20220908 stable-20221211 stable-20230418 stable-v2.13.5 stable-v2.14.6 default latest nightly-latest"
          LANGUAGES="cpp csharp go java javascript python"
          for version in $VERSIONS; do
            for os in ubuntu-latest macos-latest; do
-              pushd "./my-debug-artifacts-$os-$version"
+              pushd "./my-debug-artifacts-$os-${version//./}"
              echo "Artifacts from version $version on $os:"
              for language in $LANGUAGES; do
                echo "- Checking $language"
--- a/.github/workflows/python312-windows.yml
+++ b/.github/workflows/python312-windows.yml
@@ -0,0 +1,41 @@
+name: Test that the workaround for python 3.12 on windows works
+
+on:
+  push:
+    branches: [main, releases/v2]
+  pull_request:
+    # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
+    # by other workflows.
+    types: [opened, synchronize, reopened, ready_for_review]
+  schedule:
+    # Weekly on Monday.
+    - cron: '0 0 * * 1'
+  workflow_dispatch:
+
+jobs:
+  test-setup-python-scripts:
+    timeout-minutes: 45
+    runs-on: windows-latest
+
+    steps:
+    - uses: actions/setup-python@v4
+      with:
+        python-version: 3.12
+
+    - uses: actions/checkout@v4
+
+    - name: Prepare test
+      uses: ./.github/actions/prepare-test
+      with:
+        version: default
+
+    - name: Initialize CodeQL
+      uses: ./../action/init
+      with:
+        tools: latest
+        languages: python
+
+    - name: Analyze
+      uses: ./../action/analyze
+      with:
+        upload-database: false
--- a/.github/workflows/update-supported-enterprise-server-versions.yml
+++ b/.github/workflows/update-supported-enterprise-server-versions.yml
@@ -52,5 +52,13 @@ jobs:
            git add .
            git commit --message "Update supported GitHub Enterprise Server versions"
            git push origin update-supported-enterprise-server-versions
-            gh pr create --fill --draft
+
+            body="This PR updates the list of supported GitHub Enterprise Server versions, either because a new "
+            body+="version is about to be feature frozen, or because an old release has been deprecated.\n\n"
+            body+="If an old release has been deprecated, please follow the instructions in CONTRIBUTING.md to "
+            body+="deprecate the corresponding version of CodeQL."
+
+            gh pr create --draft \
+              --title "Update supported GitHub Enterprise Server versions" \
+              --body "$body"
          fi
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,9 +2,22 @@

 See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.

-## [UNRELEASED]
+## 2.22.1 - 09 Oct 2023

-No user facing changes.
+- Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. [#1928](https://github.com/github/codeql-action/pull/1928)
+
+## 2.22.0 - 06 Oct 2023
+
+- The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. [#1907](https://github.com/github/codeql-action/pull/1907)
+- The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see ["CodeQL code scanning deprecates ML-powered alerts."](https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/) [#1910](https://github.com/github/codeql-action/pull/1910)
+- Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. [#1909](https://github.com/github/codeql-action/pull/1909)
+
+## 2.21.9 - 27 Sep 2023
+
+- Update default CodeQL bundle version to 2.14.6. [#1897](https://github.com/github/codeql-action/pull/1897)
+- We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. [#1889](https://github.com/github/codeql-action/pull/1889)
+- We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. [#1903](https://github.com/github/codeql-action/pull/1903)
+- Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. [#1901](https://github.com/github/codeql-action/pull/1901)

 ## 2.21.8 - 19 Sep 2023

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -78,6 +78,27 @@ Since the `codeql-action` runs most of its testing through individual Actions wo
 2. Run the script. If there's a reason to, you can pass in a different SHA as a CLI argument.
 3. After running, go to the [branch protection rules settings page](https://github.com/github/codeql-action/settings/branches) and validate that the rules for `main`, `v1`, and `v2` have been updated.

+## Deprecating a CodeQL version (write access required)
+
+We typically deprecate a version of CodeQL when the GitHub Enterprise Server (GHES) version that it first shipped in is deprecated.
+
+1. Work out the next minimum version of CodeQL. This is the version that shipped in the version of GHES after the one that has just been deprecated.
+1. Notify users using the old version of CodeQL about the deprecation.
+    - Update `CODEQL_NEXT_MINIMUM_VERSION`, `GHES_VERSION_MOST_RECENTLY_DEPRECATED`, and `GHES_MOST_RECENT_DEPRECATION_DATE` in `src/codeql.ts` to reflect the new minimum version of CodeQL and the GHES version that has just been deprecated.
+    - Add a changelog note announcing the deprecation.
+    - Example PR: https://github.com/github/codeql-action/pull/1884
+1. Release the Action, or wait for the next scheduled release of the Action, then wait at least a week so users have time to see and act on the deprecation warning.
+1. Remove support for the old version of CodeQL.
+    - Bump `CODEQL_MINIMUM_VERSION` in `src/codeql.ts` to the new minimum version of CodeQL.
+    - Remove any code that is only needed to support the old version of CodeQL. This is often behind a version guard, so look for instances of version numbers between the old minimum version and the new minimum version in the codebase. A good place to start is the list of version numbers in `src/codeql.ts`.
+    - Update the default set of CodeQL test versions in `pr-checks/sync.py`.
+        - Remove the old minimum version of CodeQL.
+        - Add the latest patch release for any new CodeQL minor version series that have shipped in GHES.
+        - Run the script to update the generated PR checks.
+    - Do the same for PR checks that aren't auto-generated.
+    - Add a changelog note announcing the new minimum version of CodeQL that is now required.
+    - Example PR: https://github.com/github/codeql-action/pull/1907
+
 ## Resources

 - [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
--- a/init/action.yml
+++ b/init/action.yml
@@ -7,7 +7,8 @@ inputs:
    required: false
    # If not specified the Action will check in several places until it finds the CodeQL tools.
  languages:
-    description: The languages to be analysed
+    description: |
+      A comma-separated value of the languages to be analysed e.g. python,javascript
    required: false
  token:
    description: GitHub token to use for authenticating with this instance of GitHub. To download custom packs from multiple registries, use the registries input.
@@ -44,7 +45,7 @@ inputs:
  db-location:
    description: Path where CodeQL databases should be created. If not specified, a temporary directory will be used.
    required: false
-  config:    
+  config:
    description: Configuration passed as a YAML string in the same format as the config-file input. This takes precedence over the config-file input.
    required: false
  queries:
--- a/lib/actions-util.js
+++ b/lib/actions-util.js
@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getWorkflowRunAttempt = exports.getWorkflowRunID = exports.getUploadValue = exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.getWorkflowEventName = exports.getActionVersion = exports.getRef = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
+exports.getFileType = exports.getWorkflowRunAttempt = exports.getWorkflowRunID = exports.getUploadValue = exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.getWorkflowEventName = exports.getActionVersion = exports.getRef = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
@@ -380,4 +380,34 @@ function getWorkflowRunAttempt() {
    return workflowRunAttempt;
 }
 exports.getWorkflowRunAttempt = getWorkflowRunAttempt;
+/**
+ * Tries to obtain the output of the `file` command for the file at the specified path.
+ * The output will vary depending on the type of `file`, which operating system we are running on, etc.
+ */
+const getFileType = async (filePath) => {
+    let stderr = "";
+    let stdout = "";
+    try {
+        // The `file` command will output information about the type of file pointed at by `filePath`.
+        // For binary files, this may include e.g. whether they are static of dynamic binaries.
+        // The `-L` switch instructs the command to follow symbolic links.
+        await new toolrunner.ToolRunner(await safeWhich.safeWhich("file"), ["-L", filePath], {
+            silent: true,
+            listeners: {
+                stdout: (data) => {
+                    stdout += data.toString();
+                },
+                stderr: (data) => {
+                    stderr += data.toString();
+                },
+            },
+        }).exec();
+        return stdout.trim();
+    }
+    catch (e) {
+        core.info(`Could not determine type of ${filePath} from ${stdout}. ${stderr}`);
+        throw e;
+    }
+};
+exports.getFileType = getFileType;
 //# sourceMappingURL=actions-util.js.map
--- a/lib/actions-util.js.map
+++ b/lib/actions-util.js.map
--- a/lib/analyze-action.js
+++ b/lib/analyze-action.js
@@ -31,6 +31,7 @@ const fs = __importStar(require("fs"));
 const path_1 = __importDefault(require("path"));
 const perf_hooks_1 = require("perf_hooks");
 const core = __importStar(require("@actions/core"));
+const safe_which_1 = require("@chrisgavin/safe-which");
 const actionsUtil = __importStar(require("./actions-util"));
 const analyze_1 = require("./analyze");
 const api_client_1 = require("./api-client");
@@ -38,6 +39,7 @@ const autobuild_1 = require("./autobuild");
 const codeql_1 = require("./codeql");
 const config_utils_1 = require("./config-utils");
 const database_upload_1 = require("./database-upload");
+const diagnostics_1 = require("./diagnostics");
 const environment_1 = require("./environment");
 const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
@@ -54,11 +56,6 @@ async function sendStatusReport(startedAt, config, stats, error, trapCacheUpload
    const statusReportBase = await (0, status_report_1.createStatusReportBase)("finish", status, startedAt, await util.checkDiskUsage(), error?.message, error?.stack);
    const report = {
        ...statusReportBase,
-        ...(config
-            ? {
-                ml_powered_javascript_queries: (0, config_utils_1.getMlPoweredJsQueriesStatus)(config),
-            }
-            : {}),
        ...(stats || {}),
        ...(dbCreationTimings || {}),
    };
@@ -164,6 +161,27 @@ async function run() {
        const gitHubVersion = await (0, api_client_1.getGitHubVersion)();
        const features = new feature_flags_1.Features(gitHubVersion, repositoryNwo, actionsUtil.getTemporaryDirectory(), logger);
        const memory = util.getMemoryFlag(actionsUtil.getOptionalInput("ram") || process.env["CODEQL_RAM"], logger);
+        // Check that `which go` still points at the wrapper script we installed in the `init` Action,
+        // if the corresponding environment variable is set. This is to ensure that there isn't a step
+        // in the workflow after the `init` step which installs a different version of Go and takes
+        // precedence in the PATH, thus potentially circumventing our workaround that allows tracing to work.
+        const goWrapperPath = process.env[environment_1.EnvVar.GO_BINARY_LOCATION];
+        if (process.env[environment_1.EnvVar.DID_AUTOBUILD_GOLANG] !== "true" &&
+            goWrapperPath !== undefined) {
+            const goBinaryPath = await (0, safe_which_1.safeWhich)("go");
+            if (goWrapperPath !== goBinaryPath) {
+                core.warning(`Expected \`which go\` to return ${goWrapperPath}, but got ${goBinaryPath}: please ensure that the correct version of Go is installed before the \`codeql-action/init\` Action is used.`);
+                (0, diagnostics_1.addDiagnostic)(config, languages_1.Language.go, (0, diagnostics_1.makeDiagnostic)("go/workflow/go-installed-after-codeql-init", "Go was installed after the `codeql-action/init` Action was run", {
+                    markdownMessage: "To avoid interfering with the CodeQL analysis, perform all installation steps before calling the `github/codeql-action/init` Action.",
+                    visibility: {
+                        statusPage: true,
+                        telemetry: true,
+                        cliSummaryTable: true,
+                    },
+                    severity: "warning",
+                }));
+            }
+        }
        await runAutobuildIfLegacyGoWorkflow(config, logger);
        dbCreationTimings = await (0, analyze_1.runFinalize)(outputDir, threads, memory, config, logger, features);
        if (actionsUtil.getRequiredInput("skip-queries") !== "true") {
--- a/lib/analyze-action.js.map
+++ b/lib/analyze-action.js.map
--- a/lib/analyze.test.js
+++ b/lib/analyze.test.js
@@ -122,7 +122,6 @@ const util = __importStar(require("./util"));
                debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
                debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
                augmentationProperties: {
-                    injectedMlQueries: false,
                    packsInputCombines: false,
                    queriesInputCombines: false,
                },
@@ -215,7 +214,7 @@ const util = __importStar(require("./util"));
 });
 function mockCodeQL() {
    return {
-        getVersion: async () => "2.12.2",
+        getVersion: async () => (0, testing_utils_1.makeVersionInfo)("1.0.0"),
        databaseRunQueries: sinon.spy(),
        databaseInterpretResults: async () => "",
        databasePrintBaseline: async () => "",
@@ -239,7 +238,6 @@ function createBaseConfig(tmpDir) {
        debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
        debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
        augmentationProperties: {
-            injectedMlQueries: false,
            packsInputCombines: false,
            queriesInputCombines: false,
        },
--- a/lib/analyze.test.js.map
+++ b/lib/analyze.test.js.map
--- a/lib/api-compatibility.json
+++ b/lib/api-compatibility.json
@@ -1 +1 @@
-{ "maximumVersion": "3.11", "minimumVersion": "3.6" }
+{ "maximumVersion": "3.11", "minimumVersion": "3.7" }
--- a/lib/autobuild-action.js
+++ b/lib/autobuild-action.js
@@ -28,8 +28,6 @@ const actions_util_1 = require("./actions-util");
 const api_client_1 = require("./api-client");
 const autobuild_1 = require("./autobuild");
 const configUtils = __importStar(require("./config-utils"));
-const environment_1 = require("./environment");
-const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const status_report_1 = require("./status-report");
 const util_1 = require("./util");
@@ -69,9 +67,6 @@ async function run() {
            for (const language of languages) {
                currentLanguage = language;
                await (0, autobuild_1.runAutobuild)(language, config, logger);
-                if (language === languages_1.Language.go) {
-                    core.exportVariable(environment_1.EnvVar.DID_AUTOBUILD_GOLANG, "true");
-                }
            }
        }
    }
--- a/lib/autobuild-action.js.map
+++ b/lib/autobuild-action.js.map
@@ -1 +1 @@
-{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAIwB;AACxB,6CAAgD;AAChD,2CAAwE;AACxE,4DAA8C;AAC9C,+CAAuC;AACvC,2CAAuC;AACvC,uCAAqD;AACrD,mDAKyB;AACzB,iCAKgB;AAShB,KAAK,UAAU,yBAAyB,CACtC,MAAc,EACd,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;IAEb,IAAA,4BAAqB,EAAC,IAAA,+BAAgB,GAAE,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,IAAA,gCAAgB,EAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,sCAAsB,EACnD,WAAW,EACX,MAAM,EACN,SAAS,EACT,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,EAC5B,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAA0B;QAC1C,GAAG,gBAAgB;QACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,iBAAiB,EAAE,eAAe;KACnC,CAAC;IACF,MAAM,IAAA,gCAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,IAAI,eAAe,GAAyB,SAAS,CAAC;IACtD,IAAI,SAAS,GAA2B,SAAS,CAAC;IAClD,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,gCAAgB,EACtB,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,UAAU,EACV,SAAS,EACT,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,CAC7B,CACF,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,SAAS,GAAG,MAAM,IAAA,uCAA2B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,SAAS,KAAK,SAAS,EAAE;YAC3B,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,gBAAgB,EAAE;gBACpB,MAAM,CAAC,IAAI,CACT,6CAA6C,gBAAgB,EAAE,CAChE,CAAC;gBACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;aACjC;YACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;gBAChC,eAAe,GAAG,QAAQ,CAAC;gBAC3B,MAAM,IAAA,wBAAY,EAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;gBAC7C,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE;oBAC5B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;iBAC1D;aACF;SACF;KACF;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QACxC,IAAI,CAAC,SAAS,CACZ,kIAAkI,KAAK,CAAC,OAAO,EAAE,CAClJ,CAAC;QACF,MAAM,yBAAyB,CAC7B,MAAM,EACN,SAAS,EACT,SAAS,IAAI,EAAE,EACf,eAAe,EACf,KAAK,CACN,CAAC;QACF,OAAO;KACR;IAED,MAAM,yBAAyB,CAAC,MAAM,EAAE,SAAS,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC;AACtE,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,4BAA4B,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;KACxE;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAIwB;AACxB,6CAAgD;AAChD,2CAAwE;AACxE,4DAA8C;AAE9C,uCAAqD;AACrD,mDAKyB;AACzB,iCAKgB;AAShB,KAAK,UAAU,yBAAyB,CACtC,MAAc,EACd,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;IAEb,IAAA,4BAAqB,EAAC,IAAA,+BAAgB,GAAE,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,IAAA,gCAAgB,EAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,sCAAsB,EACnD,WAAW,EACX,MAAM,EACN,SAAS,EACT,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,EAC5B,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAA0B;QAC1C,GAAG,gBAAgB;QACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,iBAAiB,EAAE,eAAe;KACnC,CAAC;IACF,MAAM,IAAA,gCAAgB,EAAC,YAAY,CAAC,CAAC;AACvC,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,IAAI,eAAe,GAAyB,SAAS,CAAC;IACtD,IAAI,SAAS,GAA2B,SAAS,CAAC;IAClD,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,gCAAgB,EACtB,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,UAAU,EACV,SAAS,EACT,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,CAC7B,CACF,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,SAAS,GAAG,MAAM,IAAA,uCAA2B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,SAAS,KAAK,SAAS,EAAE;YAC3B,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,gBAAgB,EAAE;gBACpB,MAAM,CAAC,IAAI,CACT,6CAA6C,gBAAgB,EAAE,CAChE,CAAC;gBACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;aACjC;YACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;gBAChC,eAAe,GAAG,QAAQ,CAAC;gBAC3B,MAAM,IAAA,wBAAY,EAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;aAC9C;SACF;KACF;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QACxC,IAAI,CAAC,SAAS,CACZ,kIAAkI,KAAK,CAAC,OAAO,EAAE,CAClJ,CAAC;QACF,MAAM,yBAAyB,CAC7B,MAAM,EACN,SAAS,EACT,SAAS,IAAI,EAAE,EACf,eAAe,EACf,KAAK,CACN,CAAC;QACF,OAAO;KACR;IAED,MAAM,yBAAyB,CAAC,MAAM,EAAE,SAAS,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC;AACtE,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,4BAA4B,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;KACxE;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
--- a/lib/autobuild.js
+++ b/lib/autobuild.js
@@ -1,8 +1,38 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.runAutobuild = exports.determineAutobuildLanguages = void 0;
+const core = __importStar(require("@actions/core"));
+const actions_util_1 = require("./actions-util");
+const api_client_1 = require("./api-client");
 const codeql_1 = require("./codeql");
+const environment_1 = require("./environment");
+const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
+const repository_1 = require("./repository");
+const util_1 = require("./util");
 async function determineAutobuildLanguages(config, logger) {
    // Attempt to find a language to autobuild
    // We want pick the dominant language in the repo from the ones we're able to build
@@ -70,10 +100,42 @@ async function determineAutobuildLanguages(config, logger) {
    return languages;
 }
 exports.determineAutobuildLanguages = determineAutobuildLanguages;
+async function setupCppAutobuild(codeql, logger) {
+    const envVar = feature_flags_1.featureConfig[feature_flags_1.Feature.CppDependencyInstallation].envVar;
+    const featureName = "C++ automatic installation of dependencies";
+    const envDoc = "https://docs.github.com/en/actions/learn-github-actions/variables#defining-environment-variables-for-a-single-workflow";
+    const gitHubVersion = await (0, api_client_1.getGitHubVersion)();
+    const repositoryNwo = (0, repository_1.parseRepositoryNwo)((0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY"));
+    const features = new feature_flags_1.Features(gitHubVersion, repositoryNwo, (0, actions_util_1.getTemporaryDirectory)(), logger);
+    if (await features.getValue(feature_flags_1.Feature.CppDependencyInstallation, codeql)) {
+        // disable autoinstall on self-hosted runners unless explicitly requested
+        if (process.env["RUNNER_ENVIRONMENT"] === "self-hosted" &&
+            process.env[envVar] !== "true") {
+            logger.info(`Disabling ${featureName} as we are on a self-hosted runner.${(0, actions_util_1.getWorkflowEventName)() !== "dynamic"
+                ? ` To override this, set the ${envVar} environment variable to 'true' in your workflow (see ${envDoc}).`
+                : ""}`);
+            core.exportVariable(envVar, "false");
+        }
+        else {
+            logger.info(`Enabling ${featureName}. This can be disabled by setting the ${envVar} environment variable to 'false' (see ${envDoc}).`);
+            core.exportVariable(envVar, "true");
+        }
+    }
+    else {
+        logger.info(`Disabling ${featureName}.`);
+        core.exportVariable(envVar, "false");
+    }
+}
 async function runAutobuild(language, config, logger) {
    logger.startGroup(`Attempting to automatically build ${language} code`);
    const codeQL = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
+    if (language === languages_1.Language.cpp) {
+        await setupCppAutobuild(codeQL, logger);
+    }
    await codeQL.runAutobuild(language);
+    if (language === languages_1.Language.go) {
+        core.exportVariable(environment_1.EnvVar.DID_AUTOBUILD_GOLANG, "true");
+    }
    logger.endGroup();
 }
 exports.runAutobuild = runAutobuild;
--- a/lib/autobuild.js.map
+++ b/lib/autobuild.js.map
@@ -1 +1 @@
-{"version":3,"file":"autobuild.js","sourceRoot":"","sources":["../src/autobuild.ts"],"names":[],"mappings":";;;AAAA,qCAAqC;AAErC,2CAAyD;AAGlD,KAAK,UAAU,2BAA2B,CAC/C,MAA0B,EAC1B,MAAc;IAEd,0CAA0C;IAC1C,mFAAmF;IACnF,oFAAoF;IACpF,4EAA4E;IAC5E,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvD,IAAA,4BAAgB,EAAC,CAAC,CAAC,CACpB,CAAC;IAEF,IAAI,CAAC,kBAAkB,EAAE;QACvB,MAAM,CAAC,IAAI,CACT,iEAAiE,CAClE,CAAC;QACF,OAAO,SAAS,CAAC;KAClB;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,MAAM,2BAA2B,GAAG,kBAAkB,CAAC,MAAM,CAC3D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,oBAAQ,CAAC,EAAE,CACzB,CAAC;IAEF,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,yEAAyE;IACzE,UAAU;IACV,IAAI,2BAA2B,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE;QAChD,SAAS,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,CAAC;KAChD;IACD,uEAAuE;IACvE,wCAAwC;IACxC,IAAI,kBAAkB,CAAC,MAAM,KAAK,2BAA2B,CAAC,MAAM,EAAE;QACpE,SAAS,CAAC,IAAI,CAAC,oBAAQ,CAAC,EAAE,CAAC,CAAC;KAC7B;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAE3D,2EAA2E;IAC3E,4EAA4E;IAC5E,2CAA2C;IAC3C,uEAAuE;IACvE,2EAA2E;IAC3E,uEAAuE;IACvE,yCAAyC;IACzC,IAAI,2BAA2B,CAAC,MAAM,GAAG,CAAC,EAAE;QAC1C,MAAM,CAAC,OAAO,CACZ,oCAAoC,SAAS,CAAC,IAAI,CAChD,OAAO,CACR,8BAA8B,2BAA2B;aACvD,KAAK,CAAC,CAAC,CAAC;aACR,IAAI,CACH,OAAO,CACR,kFAAkF;YACnF,4BAA4B;YAC5B,0NAA0N,CAC7N,CAAC;KACH;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAtFD,kEAsFC;AAEM,KAAK,UAAU,YAAY,CAChC,QAAkB,EAClB,MAA0B,EAC1B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,qCAAqC,QAAQ,OAAO,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACjD,MAAM,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IACpC,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AATD,oCASC"}
+{"version":3,"file":"autobuild.js","sourceRoot":"","sources":["../src/autobuild.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAA6E;AAC7E,6CAAgD;AAChD,qCAA6C;AAE7C,+CAAuC;AACvC,mDAAmE;AACnE,2CAAyD;AAEzD,6CAAkD;AAClD,iCAA6C;AAEtC,KAAK,UAAU,2BAA2B,CAC/C,MAA0B,EAC1B,MAAc;IAEd,0CAA0C;IAC1C,mFAAmF;IACnF,oFAAoF;IACpF,4EAA4E;IAC5E,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvD,IAAA,4BAAgB,EAAC,CAAC,CAAC,CACpB,CAAC;IAEF,IAAI,CAAC,kBAAkB,EAAE;QACvB,MAAM,CAAC,IAAI,CACT,iEAAiE,CAClE,CAAC;QACF,OAAO,SAAS,CAAC;KAClB;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,MAAM,2BAA2B,GAAG,kBAAkB,CAAC,MAAM,CAC3D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,oBAAQ,CAAC,EAAE,CACzB,CAAC;IAEF,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,yEAAyE;IACzE,UAAU;IACV,IAAI,2BAA2B,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE;QAChD,SAAS,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,CAAC;KAChD;IACD,uEAAuE;IACvE,wCAAwC;IACxC,IAAI,kBAAkB,CAAC,MAAM,KAAK,2BAA2B,CAAC,MAAM,EAAE;QACpE,SAAS,CAAC,IAAI,CAAC,oBAAQ,CAAC,EAAE,CAAC,CAAC;KAC7B;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAE3D,2EAA2E;IAC3E,4EAA4E;IAC5E,2CAA2C;IAC3C,uEAAuE;IACvE,2EAA2E;IAC3E,uEAAuE;IACvE,yCAAyC;IACzC,IAAI,2BAA2B,CAAC,MAAM,GAAG,CAAC,EAAE;QAC1C,MAAM,CAAC,OAAO,CACZ,oCAAoC,SAAS,CAAC,IAAI,CAChD,OAAO,CACR,8BAA8B,2BAA2B;aACvD,KAAK,CAAC,CAAC,CAAC;aACR,IAAI,CACH,OAAO,CACR,kFAAkF;YACnF,4BAA4B;YAC5B,0NAA0N,CAC7N,CAAC;KACH;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAtFD,kEAsFC;AAED,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IAC7D,MAAM,MAAM,GAAG,6BAAa,CAAC,uBAAO,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC;IACvE,MAAM,WAAW,GAAG,4CAA4C,CAAC;IACjE,MAAM,MAAM,GACV,wHAAwH,CAAC;IAC3H,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;IAC/C,MAAM,aAAa,GAAG,IAAA,+BAAkB,EACtC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CACzC,CAAC;IACF,MAAM,QAAQ,GAAG,IAAI,wBAAQ,CAC3B,aAAa,EACb,aAAa,EACb,IAAA,oCAAqB,GAAE,EACvB,MAAM,CACP,CAAC;IACF,IAAI,MAAM,QAAQ,CAAC,QAAQ,CAAC,uBAAO,CAAC,yBAAyB,EAAE,MAAM,CAAC,EAAE;QACtE,yEAAyE;QACzE,IACE,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,aAAa;YACnD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,MAAM,EAC9B;YACA,MAAM,CAAC,IAAI,CACT,aAAa,WAAW,sCACtB,IAAA,mCAAoB,GAAE,KAAK,SAAS;gBAClC,CAAC,CAAC,8BAA8B,MAAM,yDAAyD,MAAM,IAAI;gBACzG,CAAC,CAAC,EACN,EAAE,CACH,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACtC;aAAM;YACL,MAAM,CAAC,IAAI,CACT,YAAY,WAAW,yCAAyC,MAAM,yCAAyC,MAAM,IAAI,CAC1H,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;SACrC;KACF;SAAM;QACL,MAAM,CAAC,IAAI,CAAC,aAAa,WAAW,GAAG,CAAC,CAAC;QACzC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KACtC;AACH,CAAC;AAEM,KAAK,UAAU,YAAY,CAChC,QAAkB,EAClB,MAA0B,EAC1B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,qCAAqC,QAAQ,OAAO,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACjD,IAAI,QAAQ,KAAK,oBAAQ,CAAC,GAAG,EAAE;QAC7B,MAAM,iBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KACzC;IACD,MAAM,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IACpC,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE;QAC5B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;KAC1D;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAfD,oCAeC"}
--- a/lib/codeql.js
+++ b/lib/codeql.js
@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getGeneratedCodeScanningConfigPath = exports.getTrapCachingExtractorConfigArgsForLang = exports.getTrapCachingExtractorConfigArgs = exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = exports.CODEQL_VERSION_BETTER_NO_CODE_ERROR_MESSAGE = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = exports.CommandInvocationError = void 0;
+exports.getGeneratedCodeScanningConfigPath = exports.getTrapCachingExtractorConfigArgsForLang = exports.getTrapCachingExtractorConfigArgs = exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = exports.CODEQL_VERSION_BETTER_NO_CODE_ERROR_MESSAGE = exports.CODEQL_VERSION_INIT_WITH_QLCONFIG = exports.CODEQL_VERSION_EXPORT_CODE_SCANNING_CONFIG = exports.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE = exports.CommandInvocationError = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
@@ -62,7 +62,7 @@ let cachedCodeQL = undefined;
 * The version flags below can be used to conditionally enable certain features
 * on versions newer than this.
 */
-const CODEQL_MINIMUM_VERSION = "2.9.4";
+const CODEQL_MINIMUM_VERSION = "2.10.5";
 /**
 * This version will shortly become the oldest version of CodeQL that the Action will run with.
 */
@@ -75,20 +75,12 @@ const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.6";
 * This is the deprecation date for the version of GHES that was most recently deprecated.
 */
 const GHES_MOST_RECENT_DEPRECATION_DATE = "2023-09-12";
-/**
+/*
 * Versions of CodeQL that version-flag certain functionality in the Action.
 * For convenience, please keep these in descending order. Once a version
 * flag is older than the oldest supported version above, it may be removed.
 */
-const CODEQL_VERSION_LUA_TRACER_CONFIG = "2.10.0";
-const CODEQL_VERSION_LUA_TRACING_GO_WINDOWS_FIXED = "2.10.4";
-exports.CODEQL_VERSION_GHES_PACK_DOWNLOAD = "2.10.4";
 const CODEQL_VERSION_FILE_BASELINE_INFORMATION = "2.11.3";
-/**
- * Previous versions had the option already, but were missing the
- * --extractor-options-verbosity that we need.
- */
-exports.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES = "2.10.3";
 /**
 * Versions 2.11.1+ of the CodeQL Bundle include a `security-experimental` built-in query suite for
 * each language.
@@ -191,7 +183,9 @@ function resolveFunction(partialCodeql, methodName, defaultImplementation) {
 function setCodeQL(partialCodeql) {
    cachedCodeQL = {
        getPath: resolveFunction(partialCodeql, "getPath", () => "/tmp/dummy-path"),
-        getVersion: resolveFunction(partialCodeql, "getVersion", () => new Promise((resolve) => resolve("1.0.0"))),
+        getVersion: resolveFunction(partialCodeql, "getVersion", () => new Promise((resolve) => resolve({
+            version: "1.0.0",
+        }))),
        printVersion: resolveFunction(partialCodeql, "printVersion"),
        databaseInitCluster: resolveFunction(partialCodeql, "databaseInitCluster"),
        runAutobuild: resolveFunction(partialCodeql, "runAutobuild"),
@@ -253,7 +247,13 @@ async function getCodeQLForCmd(cmd, checkVersion) {
        async getVersion() {
            let result = util.getCachedCodeQlVersion();
            if (result === undefined) {
-                result = (await runTool(cmd, ["version", "--format=terse"])).trim();
+                const output = await runTool(cmd, ["version", "--format=json"]);
+                try {
+                    result = JSON.parse(output);
+                }
+                catch (err) {
+                    throw Error(`Invalid JSON output from \`version --format=json\`: ${output}`);
+                }
                util.cacheCodeQlVersion(result);
            }
            return result;
@@ -267,17 +267,6 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                extraArgs.push("--begin-tracing");
                extraArgs.push(...(await getTrapCachingExtractorConfigArgs(config)));
                extraArgs.push(`--trace-process-name=${processName}`);
-                if (
-                // There's a bug in Lua tracing for Go on Windows in versions earlier than
-                // `CODEQL_VERSION_LUA_TRACING_GO_WINDOWS_FIXED`, so don't use Lua tracing
-                // when tracing Go on Windows on these CodeQL versions.
-                (await util.codeQlVersionAbove(this, CODEQL_VERSION_LUA_TRACER_CONFIG)) &&
-                    config.languages.includes(languages_1.Language.go) &&
-                    (0, languages_1.isTracedLanguage)(languages_1.Language.go) &&
-                    process.platform === "win32" &&
-                    !(await util.codeQlVersionAbove(this, CODEQL_VERSION_LUA_TRACING_GO_WINDOWS_FIXED))) {
-                    extraArgs.push("--no-internal-use-lua-tracing");
-                }
            }
            // A code scanning config file is only generated if the CliConfigFileEnabled feature flag is enabled.
            const codeScanningConfigFile = await generateCodeScanningConfig(codeql, config, features, logger);
@@ -297,12 +286,19 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            if (await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG)) {
                extraArgs.push("--calculate-language-specific-baseline");
            }
+            if (await features.getValue(feature_flags_1.Feature.SublanguageFileCoverageEnabled, this)) {
+                extraArgs.push("--sublanguage-file-coverage");
+            }
+            else if (await util.codeQlVersionAbove(this, feature_flags_1.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE)) {
+                extraArgs.push("--no-sublanguage-file-coverage");
+            }
            await runTool(cmd, [
                "database",
                "init",
                "--db-cluster",
                config.dbLocation,
                `--source-root=${sourceRoot}`,
+                ...(await getLanguageAliasingArguments(this)),
                ...extraArgs,
                ...getExtraOptionsFromEnv(["database", "init"]),
            ], { stdin: externalRepositoryToken });
@@ -390,16 +386,12 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            }
        },
        async betterResolveLanguages() {
-            const extraArgs = [];
-            if (await util.codeQlVersionAbove(this, exports.CODEQL_VERSION_LANGUAGE_ALIASING)) {
-                extraArgs.push("--extractor-include-aliases");
-            }
            const codeqlArgs = [
                "resolve",
                "languages",
                "--format=betterjson",
                "--extractor-options-verbosity=4",
-                ...extraArgs,
+                ...(await getLanguageAliasingArguments(this)),
                ...getExtraOptionsFromEnv(["resolve", "languages"]),
            ];
            const output = await runTool(cmd, codeqlArgs);
@@ -434,6 +426,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                "resolve",
                "build-environment",
                `--language=${language}`,
+                ...(await getLanguageAliasingArguments(this)),
                ...getExtraOptionsFromEnv(["resolve", "build-environment"]),
            ];
            if (workingDir !== undefined) {
@@ -651,6 +644,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                "extractor",
                "--format=json",
                `--language=${language}`,
+                ...(await getLanguageAliasingArguments(this)),
                ...getExtraOptionsFromEnv(["resolve", "extractor"]),
            ], {
                silent: true,
@@ -676,12 +670,13 @@ async function getCodeQLForCmd(cmd, checkVersion) {
    // CodeQL object is created.
    if (checkVersion &&
        !(await util.codeQlVersionAbove(codeql, CODEQL_MINIMUM_VERSION))) {
-        throw new Error(`Expected a CodeQL CLI with version at least ${CODEQL_MINIMUM_VERSION} but got version ${await codeql.getVersion()}`);
+        throw new Error(`Expected a CodeQL CLI with version at least ${CODEQL_MINIMUM_VERSION} but got version ${(await codeql.getVersion()).version}`);
    }
    else if (checkVersion &&
        process.env[environment_1.EnvVar.SUPPRESS_DEPRECATED_SOON_WARNING] !== "true" &&
        !(await util.codeQlVersionAbove(codeql, CODEQL_NEXT_MINIMUM_VERSION))) {
-        core.warning(`CodeQL CLI version ${await codeql.getVersion()} was discontinued on ` +
+        const result = await codeql.getVersion();
+        core.warning(`CodeQL CLI version ${result.version} was discontinued on ` +
            `${GHES_MOST_RECENT_DEPRECATION_DATE} alongside GitHub Enterprise Server ` +
            `${GHES_VERSION_MOST_RECENTLY_DEPRECATED} and will not be supported by the next minor ` +
            `release of the CodeQL Action. Please update to CodeQL CLI version ` +
@@ -689,7 +684,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
            "version of the CLI using the 'tools' input to the 'init' Action, you can remove this " +
            "input to use the default version.\n\n" +
            "Alternatively, if you want to continue using CodeQL CLI version " +
-            `${await codeql.getVersion()}, you can replace 'github/codeql-action/*@v2' by ` +
+            `${result.version}, you can replace 'github/codeql-action/*@v2' by ` +
            `'github/codeql-action/*@v${(0, actions_util_1.getActionVersion)()}' in your code scanning workflow to ` +
            "continue using this version of the CodeQL Action.");
        core.exportVariable(environment_1.EnvVar.SUPPRESS_DEPRECATED_SOON_WARNING, "true");
@@ -897,21 +892,6 @@ async function generateCodeScanningConfig(codeql, config, features, logger) {
    if (Array.isArray(augmentedConfig.packs) && !augmentedConfig.packs.length) {
        delete augmentedConfig.packs;
    }
-    if (config.augmentationProperties.injectedMlQueries) {
-        // We need to inject the ML queries into the original user input before
-        // we pass this on to the CLI, to make sure these get run.
-        const packString = await util.getMlPoweredJsQueriesPack(codeql);
-        if (augmentedConfig.packs === undefined)
-            augmentedConfig.packs = [];
-        if (Array.isArray(augmentedConfig.packs)) {
-            augmentedConfig.packs.push(packString);
-        }
-        else {
-            if (!augmentedConfig.packs.javascript)
-                augmentedConfig.packs["javascript"] = [];
-            augmentedConfig.packs["javascript"].push(packString);
-        }
-    }
    logger.info(`Writing augmented user configuration file to ${codeScanningConfigFile}`);
    logger.startGroup("Augmented user configuration file contents");
    logger.info(yaml.dump(augmentedConfig));
@@ -981,4 +961,10 @@ function isNoCodeFoundError(e) {
 async function isDiagnosticsExportInvalidSarifFixed(codeql) {
    return await util.codeQlVersionAbove(codeql, exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED);
 }
+async function getLanguageAliasingArguments(codeql) {
+    if (await util.codeQlVersionAbove(codeql, exports.CODEQL_VERSION_LANGUAGE_ALIASING)) {
+        return ["--extractor-include-aliases"];
+    }
+    return [];
+}
 //# sourceMappingURL=codeql.js.map
--- a/lib/codeql.js.map
+++ b/lib/codeql.js.map
--- a/lib/codeql.test.js
+++ b/lib/codeql.test.js
@@ -73,7 +73,6 @@ ava_1.default.beforeEach(() => {
        debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
        debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
        augmentationProperties: {
-            injectedMlQueries: false,
            packsInputCombines: false,
            queriesInputCombines: false,
        },
@@ -378,14 +377,13 @@ for (const isBundleVersionInUrl of [true, false]) {
    await util.withTmpDir(async (tempDir) => {
        const runnerConstructorStub = stubToolRunnerConstructor();
        const codeqlObject = await codeql.getCodeQLForTesting();
-        sinon.stub(codeqlObject, "getVersion").resolves("2.9.4");
+        sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.10.5"));
        // safeWhich throws because of the test CodeQL object.
        sinon.stub(safeWhich, "safeWhich").resolves("");
        const thisStubConfig = {
            ...stubConfig,
            tempDir,
            augmentationProperties: {
-                injectedMlQueries: false,
                queriesInputCombines: false,
                packsInputCombines: false,
            },
@@ -405,7 +403,8 @@ const injectedConfigMacro = ava_1.default.macro({
            const codeqlObject = await codeql.getCodeQLForTesting();
            sinon
                .stub(codeqlObject, "getVersion")
-                .resolves(feature_flags_1.featureConfig[feature_flags_1.Feature.CliConfigFileEnabled].minimumVersion);
+                .resolves((0, testing_utils_1.makeVersionInfo)(feature_flags_1.featureConfig[feature_flags_1.Feature.CliConfigFileEnabled].minimumVersion ||
+                "1.0.0"));
            const thisStubConfig = {
                ...stubConfig,
                ...configOverride,
@@ -426,49 +425,10 @@ const injectedConfigMacro = ava_1.default.macro({
    title: (providedTitle = "") => `databaseInitCluster() injected config: ${providedTitle}`,
 });
 (0, ava_1.default)("basic", injectedConfigMacro, {
-    injectedMlQueries: false,
    queriesInputCombines: false,
    packsInputCombines: false,
 }, {}, {});
-(0, ava_1.default)("injected ML queries", injectedConfigMacro, {
-    injectedMlQueries: true,
-    queriesInputCombines: false,
-    packsInputCombines: false,
-}, {}, {
-    packs: ["codeql/javascript-experimental-atm-queries@~0.4.0"],
-});
-(0, ava_1.default)("injected ML queries with existing packs", injectedConfigMacro, {
-    injectedMlQueries: true,
-    queriesInputCombines: false,
-    packsInputCombines: false,
-}, {
-    originalUserInput: {
-        packs: { javascript: ["codeql/something-else"] },
-    },
-}, {
-    packs: {
-        javascript: [
-            "codeql/something-else",
-            "codeql/javascript-experimental-atm-queries@~0.4.0",
-        ],
-    },
-});
-(0, ava_1.default)("injected ML queries with existing packs of different language", injectedConfigMacro, {
-    injectedMlQueries: true,
-    queriesInputCombines: false,
-    packsInputCombines: false,
-}, {
-    originalUserInput: {
-        packs: { cpp: ["codeql/something-else"] },
-    },
-}, {
-    packs: {
-        cpp: ["codeql/something-else"],
-        javascript: ["codeql/javascript-experimental-atm-queries@~0.4.0"],
-    },
-});
 (0, ava_1.default)("injected packs from input", injectedConfigMacro, {
-    injectedMlQueries: false,
    queriesInputCombines: false,
    packsInputCombines: false,
    packsInput: ["xxx", "yyy"],
@@ -476,7 +436,6 @@ const injectedConfigMacro = ava_1.default.macro({
    packs: ["xxx", "yyy"],
 });
 (0, ava_1.default)("injected packs from input with existing packs combines", injectedConfigMacro, {
-    injectedMlQueries: false,
    queriesInputCombines: false,
    packsInputCombines: true,
    packsInput: ["xxx", "yyy"],
@@ -492,7 +451,6 @@ const injectedConfigMacro = ava_1.default.macro({
    },
 });
 (0, ava_1.default)("injected packs from input with existing packs overrides", injectedConfigMacro, {
-    injectedMlQueries: false,
    queriesInputCombines: false,
    packsInputCombines: false,
    packsInput: ["xxx", "yyy"],
@@ -505,23 +463,8 @@ const injectedConfigMacro = ava_1.default.macro({
 }, {
    packs: ["xxx", "yyy"],
 });
-(0, ava_1.default)("injected packs from input with existing packs overrides and ML model inject", injectedConfigMacro, {
-    injectedMlQueries: true,
-    queriesInputCombines: false,
-    packsInputCombines: false,
-    packsInput: ["xxx", "yyy"],
-}, {
-    originalUserInput: {
-        packs: {
-            cpp: ["codeql/something-else"],
-        },
-    },
-}, {
-    packs: ["xxx", "yyy", "codeql/javascript-experimental-atm-queries@~0.4.0"],
-});
 // similar, but with queries
 (0, ava_1.default)("injected queries from input", injectedConfigMacro, {
-    injectedMlQueries: false,
    queriesInputCombines: false,
    packsInputCombines: false,
    queriesInput: [{ uses: "xxx" }, { uses: "yyy" }],
@@ -536,7 +479,6 @@ const injectedConfigMacro = ava_1.default.macro({
    ],
 });
 (0, ava_1.default)("injected queries from input overrides", injectedConfigMacro, {
-    injectedMlQueries: false,
    queriesInputCombines: false,
    packsInputCombines: false,
    queriesInput: [{ uses: "xxx" }, { uses: "yyy" }],
@@ -555,7 +497,6 @@ const injectedConfigMacro = ava_1.default.macro({
    ],
 });
 (0, ava_1.default)("injected queries from input combines", injectedConfigMacro, {
-    injectedMlQueries: false,
    queriesInputCombines: true,
    packsInputCombines: false,
    queriesInput: [{ uses: "xxx" }, { uses: "yyy" }],
@@ -577,7 +518,6 @@ const injectedConfigMacro = ava_1.default.macro({
    ],
 });
 (0, ava_1.default)("injected queries from input combines 2", injectedConfigMacro, {
-    injectedMlQueries: false,
    queriesInputCombines: true,
    packsInputCombines: true,
    queriesInput: [{ uses: "xxx" }, { uses: "yyy" }],
@@ -592,7 +532,6 @@ const injectedConfigMacro = ava_1.default.macro({
    ],
 });
 (0, ava_1.default)("injected queries and packs, but empty", injectedConfigMacro, {
-    injectedMlQueries: false,
    queriesInputCombines: true,
    packsInputCombines: true,
    queriesInput: [],
@@ -608,7 +547,7 @@ const injectedConfigMacro = ava_1.default.macro({
        const runnerConstructorStub = stubToolRunnerConstructor();
        const codeqlObject = await codeql.getCodeQLForTesting();
        // stubbed version doesn't matter. It just needs to be valid semver.
-        sinon.stub(codeqlObject, "getVersion").resolves("0.0.0");
+        sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("0.0.0"));
        await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, (0, testing_utils_1.createFeatures)([]), "/path/to/qlconfig.yml", (0, logging_1.getRunnerLogger)(true));
        const args = runnerConstructorStub.firstCall.args[1];
        // should not have used a config file
@@ -625,7 +564,7 @@ const injectedConfigMacro = ava_1.default.macro({
        const codeqlObject = await codeql.getCodeQLForTesting();
        sinon
            .stub(codeqlObject, "getVersion")
-            .resolves(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG);
+            .resolves((0, testing_utils_1.makeVersionInfo)(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG));
        await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.CliConfigFileEnabled]), "/path/to/qlconfig.yml", (0, logging_1.getRunnerLogger)(true));
        const args = runnerConstructorStub.firstCall.args[1];
        // should have used a config file
@@ -640,7 +579,7 @@ const injectedConfigMacro = ava_1.default.macro({
    await util.withTmpDir(async (tempDir) => {
        const runnerConstructorStub = stubToolRunnerConstructor();
        const codeqlObject = await codeql.getCodeQLForTesting();
-        sinon.stub(codeqlObject, "getVersion").resolves("2.12.2");
+        sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.2"));
        await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.CliConfigFileEnabled]), "/path/to/qlconfig.yml", (0, logging_1.getRunnerLogger)(true));
        const args = runnerConstructorStub.firstCall.args[1];
        // should have used a config file
@@ -657,7 +596,7 @@ const injectedConfigMacro = ava_1.default.macro({
        const codeqlObject = await codeql.getCodeQLForTesting();
        sinon
            .stub(codeqlObject, "getVersion")
-            .resolves(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG);
+            .resolves((0, testing_utils_1.makeVersionInfo)(codeql.CODEQL_VERSION_INIT_WITH_QLCONFIG));
        await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.CliConfigFileEnabled]), undefined, // undefined qlconfigFile
        (0, logging_1.getRunnerLogger)(true));
        const args = runnerConstructorStub.firstCall.args[1];
@@ -668,7 +607,7 @@ const injectedConfigMacro = ava_1.default.macro({
 (0, ava_1.default)("databaseInterpretResults() sets --sarif-add-baseline-file-info for 2.11.3", async (t) => {
    const runnerConstructorStub = stubToolRunnerConstructor();
    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves("2.11.3");
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.11.3"));
    // safeWhich throws because of the test CodeQL object.
    sinon.stub(safeWhich, "safeWhich").resolves("");
    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", stubConfig, (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
@@ -677,7 +616,7 @@ const injectedConfigMacro = ava_1.default.macro({
 (0, ava_1.default)("databaseInterpretResults() does not set --sarif-add-baseline-file-info for 2.11.2", async (t) => {
    const runnerConstructorStub = stubToolRunnerConstructor();
    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves("2.11.2");
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.11.2"));
    // safeWhich throws because of the test CodeQL object.
    sinon.stub(safeWhich, "safeWhich").resolves("");
    await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", stubConfig, (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
@@ -711,7 +650,9 @@ for (const { featureEnabled, codeqlVersion, flagPassed, negativeFlagPassed, } of
            : "nothing"} for CodeQL CLI v${codeqlVersion} when the new analysis summary feature is ${featureEnabled ? "enabled" : "disabled"}`, async (t) => {
        const runnerConstructorStub = stubToolRunnerConstructor();
        const codeqlObject = await codeql.getCodeQLForTesting();
-        sinon.stub(codeqlObject, "getVersion").resolves(codeqlVersion);
+        sinon
+            .stub(codeqlObject, "getVersion")
+            .resolves((0, testing_utils_1.makeVersionInfo)(codeqlVersion));
        // safeWhich throws because of the test CodeQL object.
        sinon.stub(safeWhich, "safeWhich").resolves("");
        await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", stubConfig, (0, testing_utils_1.createFeatures)(featureEnabled ? [feature_flags_1.Feature.AnalysisSummaryV2Enabled] : []), (0, logging_1.getRunnerLogger)(true));
@@ -725,7 +666,7 @@ for (const { featureEnabled, codeqlVersion, flagPassed, negativeFlagPassed, } of
    2020-09-07T17:39:53.9052444Z [2020-09-07 17:39:53] [build-err] No JavaScript or TypeScript code found.
    2020-09-07T17:39:53.9251124Z [2020-09-07 17:39:53] [ERROR] Spawned process exited abnormally (code 255; tried to run: [/opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/javascript/tools/autobuild.sh])`);
    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves("2.11.6");
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.11.6"));
    // safeWhich throws because of the test CodeQL object.
    sinon.stub(safeWhich, "safeWhich").resolves("");
    await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("", "", ""), {
@@ -736,7 +677,7 @@ for (const { featureEnabled, codeqlVersion, flagPassed, negativeFlagPassed, } of
 (0, ava_1.default)("database finalize overrides no code found error on CodeQL 2.11.6", async (t) => {
    stubToolRunnerConstructor(32);
    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves("2.11.6");
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.11.6"));
    // safeWhich throws because of the test CodeQL object.
    sinon.stub(safeWhich, "safeWhich").resolves("");
    await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("", "", ""), {
@@ -749,7 +690,7 @@ for (const { featureEnabled, codeqlVersion, flagPassed, negativeFlagPassed, } of
        "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.";
    stubToolRunnerConstructor(32, cliMessage);
    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves("2.12.4");
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
    // safeWhich throws because of the test CodeQL object.
    sinon.stub(safeWhich, "safeWhich").resolves("");
    await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048"), {
@@ -764,7 +705,7 @@ for (const { featureEnabled, codeqlVersion, flagPassed, negativeFlagPassed, } of
        `${heapError}\n${datasetImportError}.`;
    stubToolRunnerConstructor(32, cliStderr);
    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves("2.12.4");
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.4"));
    // safeWhich throws because of the test CodeQL object.
    sinon.stub(safeWhich, "safeWhich").resolves("");
    await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048"), {
--- a/lib/codeql.test.js.map
+++ b/lib/codeql.test.js.map
--- a/lib/config-utils.js
+++ b/lib/config-utils.js
@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.wrapEnvironment = exports.generateRegistries = exports.downloadPacks = exports.getConfig = exports.getPathToParsedConfigFile = exports.initConfig = exports.getMlPoweredJsQueriesStatus = exports.parsePacks = exports.validatePackSpecification = exports.parsePacksSpecification = exports.parsePacksFromConfig = exports.calculateAugmentation = exports.getDefaultConfig = exports.getRawLanguages = exports.getLanguageAliases = exports.getLanguages = exports.getLanguagesInRepo = exports.getUnknownLanguagesError = exports.getNoLanguagesError = exports.getConfigFileDirectoryGivenMessage = exports.getConfigFileFormatInvalidMessage = exports.getConfigFileRepoFormatInvalidMessage = exports.getConfigFileDoesNotExistErrorMessage = exports.getConfigFileOutsideWorkspaceErrorMessage = exports.getLocalPathDoesNotExist = exports.getLocalPathOutsideOfRepository = exports.getPacksStrInvalid = exports.getPacksInvalid = exports.getPacksInvalidSplit = exports.getPathsInvalid = exports.getPathsIgnoreInvalid = exports.getQueryUsesInvalid = exports.getQueriesMissingUses = exports.getQueriesInvalid = exports.getDisableDefaultQueriesInvalid = exports.getNameInvalid = exports.validateAndSanitisePath = exports.defaultAugmentationProperties = void 0;
+exports.wrapEnvironment = exports.generateRegistries = exports.downloadPacks = exports.getConfig = exports.getPathToParsedConfigFile = exports.initConfig = exports.parsePacks = exports.validatePackSpecification = exports.parsePacksSpecification = exports.parsePacksFromConfig = exports.calculateAugmentation = exports.getDefaultConfig = exports.getRawLanguages = exports.getLanguageAliases = exports.getLanguages = exports.getLanguagesInRepo = exports.getUnknownLanguagesError = exports.getNoLanguagesError = exports.getConfigFileDirectoryGivenMessage = exports.getConfigFileFormatInvalidMessage = exports.getConfigFileRepoFormatInvalidMessage = exports.getConfigFileDoesNotExistErrorMessage = exports.getConfigFileOutsideWorkspaceErrorMessage = exports.getLocalPathDoesNotExist = exports.getLocalPathOutsideOfRepository = exports.getPacksStrInvalid = exports.getPacksInvalid = exports.getPacksInvalidSplit = exports.getPathsInvalid = exports.getPathsIgnoreInvalid = exports.getQueryUsesInvalid = exports.getQueriesMissingUses = exports.getQueriesInvalid = exports.getDisableDefaultQueriesInvalid = exports.getNameInvalid = exports.validateAndSanitisePath = exports.defaultAugmentationProperties = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const perf_hooks_1 = require("perf_hooks");
@@ -45,13 +45,12 @@ const PATHS_IGNORE_PROPERTY = "paths-ignore";
 const PATHS_PROPERTY = "paths";
 const PACKS_PROPERTY = "packs";
 /**
- * The default, empty augmentation properties. This is most useeful
+ * The default, empty augmentation properties. This is most useful
 * for tests.
 */
 exports.defaultAugmentationProperties = {
    queriesInputCombines: false,
    packsInputCombines: false,
-    injectedMlQueries: false,
    packsInput: undefined,
    queriesInput: undefined,
 };
@@ -139,10 +138,8 @@ const builtinSuites = [
 /**
 * Determine the set of queries associated with suiteName's suites and add them to resultMap.
 * Throws an error if suiteName is not a valid builtin suite.
- * May inject ML queries, and the return value will declare if this was done.
 */
-async function addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, suiteName, features, configFile) {
-    let injectedMlQueries = false;
+async function addBuiltinSuiteQueries(languages, codeQL, resultMap, suiteName, configFile) {
    const found = builtinSuites.find((suite) => suite === suiteName);
    if (!found) {
        throw new util_1.UserError(getQueryUsesInvalid(configFile, suiteName));
@@ -153,27 +150,8 @@ async function addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, suite
      ${codeql_1.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE}. Please upgrade to CodeQL CLI version
      ${codeql_1.CODEQL_VERSION_SECURITY_EXPERIMENTAL_SUITE} or later.`);
    }
-    // If we're running the JavaScript security-extended analysis (or a superset of it), the repo is
-    // opted into the ML-powered queries beta, and a user hasn't already added the ML-powered query
-    // pack, then add the ML-powered query pack so that we run ML-powered queries.
-    if (languages.includes("javascript") &&
-        (found === "security-experimental" ||
-            found === "security-extended" ||
-            found === "security-and-quality") &&
-        !packs.javascript?.some(isMlPoweredJsQueriesPack) &&
-        (await features.getValue(feature_flags_1.Feature.MlPoweredQueriesEnabled, codeQL))) {
-        if (!packs.javascript) {
-            packs.javascript = [];
-        }
-        packs.javascript.push(await (0, util_1.getMlPoweredJsQueriesPack)(codeQL));
-        injectedMlQueries = true;
-    }
    const suites = languages.map((l) => `${l}-${suiteName}.qls`);
    await runResolveQueries(codeQL, resultMap, suites, undefined);
-    return injectedMlQueries;
-}
-function isMlPoweredJsQueriesPack(pack) {
-    return parsePacksSpecification(pack).name === util_1.ML_POWERED_JS_QUERIES_PACK_NAME;
 }
 /**
 * Retrieve the set of queries at localQueryPath and add them to resultMap.
@@ -230,13 +208,8 @@ async function addRemoteQueries(codeQL, resultMap, queryUses, tempDir, apiDetail
 * parsing the 'uses' actions in the workflow file. So it can handle
 * local paths starting with './', or references to remote repos, or
 * a finite set of hardcoded terms for builtin suites.
- *
- * This may inject ML queries into the packs to use, and the return value will
- * declare if this was done.
- *
- * @returns whether or not we injected ML queries into the packs
 */
-async function parseQueryUses(languages, codeQL, resultMap, packs, queryUses, tempDir, workspacePath, apiDetails, features, logger, configFile) {
+async function parseQueryUses(languages, codeQL, resultMap, queryUses, tempDir, workspacePath, apiDetails, features, logger, configFile) {
    queryUses = queryUses.trim();
    if (queryUses === "") {
        throw new util_1.UserError(getQueryUsesInvalid(configFile));
@@ -244,11 +217,12 @@ async function parseQueryUses(languages, codeQL, resultMap, packs, queryUses, te
    // Check for the local path case before we start trying to parse the repository name
    if (queryUses.startsWith("./")) {
        await addLocalQueries(codeQL, resultMap, queryUses.slice(2), workspacePath, configFile);
-        return false;
+        return;
    }
    // Check for one of the builtin suites
    if (queryUses.indexOf("/") === -1 && queryUses.indexOf("@") === -1) {
-        return await addBuiltinSuiteQueries(languages, codeQL, resultMap, packs, queryUses, features, configFile);
+        await addBuiltinSuiteQueries(languages, codeQL, resultMap, queryUses, configFile);
+        return;
    }
    // Otherwise, must be a reference to another repo.
    // If config parsing is handled in CLI, then this repo will be downloaded
@@ -256,7 +230,6 @@ async function parseQueryUses(languages, codeQL, resultMap, packs, queryUses, te
    if (!(await (0, feature_flags_1.useCodeScanningConfigInCli)(codeQL, features))) {
        await addRemoteQueries(codeQL, resultMap, queryUses, tempDir, apiDetails, logger, configFile);
    }
-    return false;
 }
 // Regex validating stars in paths or paths-ignore entries.
 // The intention is to only allow ** to appear when immediately
@@ -516,16 +489,13 @@ async function getRawLanguages(languagesInput, repository, logger) {
    return { rawLanguages, autodetected };
 }
 exports.getRawLanguages = getRawLanguages;
-async function addQueriesAndPacksFromWorkflow(codeQL, queriesInput, languages, resultMap, packs, tempDir, workspacePath, apiDetails, features, logger) {
-    let injectedMlQueries = false;
+async function addQueriesFromWorkflow(codeQL, queriesInput, languages, resultMap, tempDir, workspacePath, apiDetails, features, logger) {
    queriesInput = queriesInput.trim();
    // "+" means "don't override config file" - see shouldAddConfigFileQueries
    queriesInput = queriesInput.replace(/^\+/, "");
    for (const query of queriesInput.split(",")) {
-        const didInject = await parseQueryUses(languages, codeQL, resultMap, packs, query, tempDir, workspacePath, apiDetails, features, logger);
-        injectedMlQueries = injectedMlQueries || didInject;
+        await parseQueryUses(languages, codeQL, resultMap, query, tempDir, workspacePath, apiDetails, features, logger);
    }
-    return injectedMlQueries;
 }
 // Returns true if either no queries were provided in the workflow.
 // or if the queries in the workflow were provided in "additive" mode,
@@ -557,8 +527,7 @@ async function getDefaultConfig(languagesInput, rawQueriesInput, rawPacksInput,
        }
        : {};
    if (rawQueriesInput) {
-        augmentationProperties.injectedMlQueries =
-            await addQueriesAndPacksFromWorkflow(codeQL, rawQueriesInput, languages, queries, packs, tempDir, workspacePath, apiDetails, features, logger);
+        await addQueriesFromWorkflow(codeQL, rawQueriesInput, languages, queries, tempDir, workspacePath, apiDetails, features, logger);
    }
    const { trapCaches, trapCacheDownloadTime } = await downloadCacheWithTime(trapCachingEnabled, codeQL, languages, logger);
    return {
@@ -641,8 +610,7 @@ async function loadConfig(languagesInput, rawQueriesInput, rawPacksInput, config
    // unless they're prefixed with "+", in which case they supplement those
    // in the config file.
    if (rawQueriesInput) {
-        augmentationProperties.injectedMlQueries =
-            await addQueriesAndPacksFromWorkflow(codeQL, rawQueriesInput, languages, queries, packs, tempDir, workspacePath, apiDetails, features, logger);
+        await addQueriesFromWorkflow(codeQL, rawQueriesInput, languages, queries, tempDir, workspacePath, apiDetails, features, logger);
    }
    if (shouldAddConfigFileQueries(rawQueriesInput) &&
        QUERIES_PROPERTY in parsedYAML) {
@@ -654,7 +622,7 @@ async function loadConfig(languagesInput, rawQueriesInput, rawPacksInput, config
            if (typeof query[QUERIES_USES_PROPERTY] !== "string") {
                throw new util_1.UserError(getQueriesMissingUses(configFile));
            }
-            await parseQueryUses(languages, codeQL, queries, packs, query[QUERIES_USES_PROPERTY], tempDir, workspacePath, apiDetails, features, logger, configFile);
+            await parseQueryUses(languages, codeQL, queries, query[QUERIES_USES_PROPERTY], tempDir, workspacePath, apiDetails, features, logger, configFile);
        }
    }
    if (PATHS_IGNORE_PROPERTY in parsedYAML) {
@@ -724,7 +692,6 @@ function calculateAugmentation(rawPacksInput, rawQueriesInput, languages) {
    const queriesInputCombines = shouldCombine(rawQueriesInput);
    const queriesInput = parseQueriesFromInput(rawQueriesInput, queriesInputCombines);
    return {
-        injectedMlQueries: false,
        packsInputCombines,
        packsInput: packsInput?.[languages[0]],
        queriesInput,
@@ -932,46 +899,6 @@ function combinePacks(packs1, packs2) {
    }
    return packs;
 }
-/**
- * Get information about ML-powered JS queries to populate status reports with.
- *
- * This will be:
- *
- * - The version string if the analysis is using a single version of the ML-powered query pack.
- * - "latest" if the version string of the ML-powered query pack is undefined. This is unlikely to
- *   occur in practice (see comment below).
- * - "false" if the analysis won't run any ML-powered JS queries.
- * - "other" in all other cases.
- *
- * Our goal of the status report here is to allow us to compare the occurrence of timeouts and other
- * errors with ML-powered queries turned on and off. We also want to be able to compare minor
- * version bumps caused by us bumping the version range of `ML_POWERED_JS_QUERIES_PACK` in a new
- * version of the CodeQL Action. For instance, we might want to compare the `~0.1.0` and `~0.0.2`
- * version strings.
- *
- * This function lives here rather than in `init-action.ts` so it's easier to test, since tests for
- * `init-action.ts` would each need to live in their own file. See `analyze-action-env.ts` for an
- * explanation as to why this is.
- */
-function getMlPoweredJsQueriesStatus(config) {
-    const mlPoweredJsQueryPacks = (config.packs.javascript || [])
-        .map((p) => parsePacksSpecification(p))
-        .filter((pack) => pack.name === util_1.ML_POWERED_JS_QUERIES_PACK_NAME && !pack.path);
-    switch (mlPoweredJsQueryPacks.length) {
-        case 1:
-            // We should always specify an explicit version string in `getMlPoweredJsQueriesPack`,
-            // otherwise we won't be able to make changes to the pack unless those changes are compatible
-            // with each version of the CodeQL Action. Therefore in practice we should only hit the
-            // `latest` case here when customers have explicitly added the ML-powered query pack to their
-            // CodeQL config.
-            return mlPoweredJsQueryPacks[0].version || "latest";
-        case 0:
-            return "false";
-        default:
-            return "other";
-    }
-}
-exports.getMlPoweredJsQueriesStatus = getMlPoweredJsQueriesStatus;
 function dbLocationOrDefault(dbLocation, tempDir) {
    return dbLocation || path.resolve(tempDir, "codeql_databases");
 }
@@ -1115,7 +1042,7 @@ async function getConfig(tempDir, logger) {
 exports.getConfig = getConfig;
 async function downloadPacks(codeQL, languages, packs, apiDetails, registriesInput, tempDir, logger) {
    // This code path is only used when config parsing occurs in the Action.
-    const { registriesAuthTokens, qlconfigFile } = await generateRegistries(registriesInput, codeQL, tempDir, logger);
+    const { registriesAuthTokens, qlconfigFile } = await generateRegistries(registriesInput, tempDir, logger);
    await wrapEnvironment({
        GITHUB_TOKEN: apiDetails.auth,
        CODEQL_REGISTRIES_AUTH: registriesAuthTokens,
@@ -1155,14 +1082,11 @@ exports.downloadPacks = downloadPacks;
 * @returns The path to the generated `qlconfig.yml` file and the auth tokens to
 *        use for each registry.
 */
-async function generateRegistries(registriesInput, codeQL, tempDir, logger) {
+async function generateRegistries(registriesInput, tempDir, logger) {
    const registries = parseRegistries(registriesInput);
    let registriesAuthTokens;
    let qlconfigFile;
    if (registries) {
-        if (!(await (0, util_1.codeQlVersionAbove)(codeQL, codeql_1.CODEQL_VERSION_GHES_PACK_DOWNLOAD))) {
-            throw new util_1.UserError(`The 'registries' input is not supported on CodeQL CLI versions earlier than ${codeql_1.CODEQL_VERSION_GHES_PACK_DOWNLOAD}. Please upgrade to CodeQL CLI version ${codeql_1.CODEQL_VERSION_GHES_PACK_DOWNLOAD} or later.`);
-        }
        // generate a qlconfig.yml file to hold the registry configs.
        const qlconfig = createRegistriesBlock(registries);
        qlconfigFile = path.join(tempDir, "qlconfig.yml");
--- a/lib/config-utils.js.map
+++ b/lib/config-utils.js.map
--- a/lib/config-utils.test.js
+++ b/lib/config-utils.test.js
@@ -35,7 +35,6 @@ const sinon = __importStar(require("sinon"));
 const api = __importStar(require("./api-client"));
 const codeql_1 = require("./codeql");
 const configUtils = __importStar(require("./config-utils"));
-const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
@@ -1062,66 +1061,6 @@ parseInputAndConfigErrorMacro.title = (providedTitle) => `Parse Packs input and
 (0, ava_1.default)("input with two languages", parseInputAndConfigErrorMacro, {}, "c/d", [languages_1.Language.cpp, languages_1.Language.csharp], false, /multi-language analysis/);
 (0, ava_1.default)("input with + only", parseInputAndConfigErrorMacro, {}, " + ", [languages_1.Language.cpp], true, /remove the '\+'/);
 (0, ava_1.default)("input with invalid pack name", parseInputAndConfigErrorMacro, {}, " xxx", [languages_1.Language.cpp], false, /"xxx" is not a valid pack/);
-const mlPoweredQueriesMacro = ava_1.default.macro({
-    exec: async (t, codeQLVersion, isMlPoweredQueriesEnabled, packsInput, queriesInput, expectedVersionString) => {
-        return await (0, util_1.withTmpDir)(async (tmpDir) => {
-            const codeQL = (0, codeql_1.setCodeQL)({
-                async getVersion() {
-                    return codeQLVersion;
-                },
-                async resolveQueries() {
-                    return {
-                        byLanguage: {
-                            javascript: { "fake-query.ql": {} },
-                        },
-                        noDeclaredLanguage: {},
-                        multipleDeclaredLanguages: {},
-                    };
-                },
-                async packDownload() {
-                    return { packs: [] };
-                },
-            });
-            const { packs } = await configUtils.initConfig("javascript", queriesInput, packsInput, undefined, undefined, undefined, undefined, false, false, "", "", { owner: "github", repo: "example" }, tmpDir, codeQL, tmpDir, gitHubVersion, sampleApiDetails, (0, testing_utils_1.createFeatures)(isMlPoweredQueriesEnabled ? [feature_flags_1.Feature.MlPoweredQueriesEnabled] : []), (0, logging_1.getRunnerLogger)(true));
-            if (expectedVersionString !== undefined) {
-                t.deepEqual(packs, {
-                    [languages_1.Language.javascript]: [
-                        `codeql/javascript-experimental-atm-queries@${expectedVersionString}`,
-                    ],
-                });
-            }
-            else {
-                t.deepEqual(packs, {});
-            }
-        });
-    },
-    title: (_providedTitle, codeQLVersion, isMlPoweredQueriesEnabled, packsInput, queriesInput, expectedVersionString) => `ML-powered queries ${expectedVersionString !== undefined
-        ? `${expectedVersionString} are`
-        : "aren't"} loaded for packs: ${packsInput}, queries: ${queriesInput} using CLI v${codeQLVersion} when feature is ${isMlPoweredQueriesEnabled ? "enabled" : "disabled"}`,
-});
-// macro, codeQLVersion, isMlPoweredQueriesEnabled, packsInput, queriesInput, expectedVersionString
-// Test that ML-powered queries aren't run when the feature is off.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.12.3", false, undefined, "security-extended", undefined);
-// Test that ML-powered queries aren't run when the user hasn't specified that we should run the
-//  `security-extended`, `security-and-quality`, or `security-experimental` query suite.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.12.3", true, undefined, undefined, undefined);
-// Test that we don't inject an ML-powered query pack if the user has already specified one.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.12.3", true, "codeql/javascript-experimental-atm-queries@0.0.1", "security-and-quality", "0.0.1");
-// Test that ML-powered queries ~0.3.0 are run on all platforms running `security-extended` on
-// CodeQL CLI 2.9.4+.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.9.4", true, undefined, "security-extended", "~0.3.0");
-// Test that ML-powered queries ~0.3.0 are run on all platforms running `security-and-quality` on
-// CodeQL CLI 2.9.4+.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.9.4", true, undefined, "security-and-quality", "~0.3.0");
-// Test that ML-powered queries ~0.4.0 are run on all platforms running `security-extended` on
-// CodeQL CLI 2.11.3+.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.11.3", true, undefined, "security-extended", "~0.4.0");
-// Test that ML-powered queries ~0.4.0 are run on all platforms running `security-and-quality` on
-// CodeQL CLI 2.11.3+.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.11.3", true, undefined, "security-and-quality", "~0.4.0");
-// Test that ML-powered queries are run on all platforms running `security-experimental` on CodeQL
-// CLI 2.12.1+.
-(0, ava_1.default)(mlPoweredQueriesMacro, "2.12.1", true, undefined, "security-experimental", "~0.4.0");
 const calculateAugmentationMacro = ava_1.default.macro({
    exec: async (t, _title, rawPacksInput, rawQueriesInput, languages, expectedAugmentationProperties) => {
        const actualAugmentationProperties = configUtils.calculateAugmentation(rawPacksInput, rawQueriesInput, languages);
@@ -1134,35 +1073,30 @@ const calculateAugmentationMacro = ava_1.default.macro({
    queriesInput: undefined,
    packsInputCombines: false,
    packsInput: undefined,
-    injectedMlQueries: false,
 });
 (0, ava_1.default)(calculateAugmentationMacro, "With queries", undefined, " a, b , c, d", [languages_1.Language.javascript], {
    queriesInputCombines: false,
    queriesInput: [{ uses: "a" }, { uses: "b" }, { uses: "c" }, { uses: "d" }],
    packsInputCombines: false,
    packsInput: undefined,
-    injectedMlQueries: false,
 });
 (0, ava_1.default)(calculateAugmentationMacro, "With queries combining", undefined, "   +   a, b , c, d ", [languages_1.Language.javascript], {
    queriesInputCombines: true,
    queriesInput: [{ uses: "a" }, { uses: "b" }, { uses: "c" }, { uses: "d" }],
    packsInputCombines: false,
    packsInput: undefined,
-    injectedMlQueries: false,
 });
 (0, ava_1.default)(calculateAugmentationMacro, "With packs", "   codeql/a , codeql/b   , codeql/c  , codeql/d  ", undefined, [languages_1.Language.javascript], {
    queriesInputCombines: false,
    queriesInput: undefined,
    packsInputCombines: false,
    packsInput: ["codeql/a", "codeql/b", "codeql/c", "codeql/d"],
-    injectedMlQueries: false,
 });
 (0, ava_1.default)(calculateAugmentationMacro, "With packs combining", "   +   codeql/a, codeql/b, codeql/c, codeql/d", undefined, [languages_1.Language.javascript], {
    queriesInputCombines: false,
    queriesInput: undefined,
    packsInputCombines: true,
    packsInput: ["codeql/a", "codeql/b", "codeql/c", "codeql/d"],
-    injectedMlQueries: false,
 });
 const calculateAugmentationErrorMacro = ava_1.default.macro({
    exec: async (t, _title, rawPacksInput, rawQueriesInput, languages, expectedError) => {
@@ -1243,7 +1177,7 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
        });
        const codeQL = (0, codeql_1.setCodeQL)({
            packDownload: packDownloadStub,
-            getVersion: () => Promise.resolve("2.10.5"),
+            getVersion: () => Promise.resolve((0, testing_utils_1.makeVersionInfo)("2.10.5")),
        });
        // packs are supplied for go, java, and python
        // analyzed languages are java, javascript, and python
@@ -1267,33 +1201,6 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
        t.deepEqual(process.env.CODEQL_REGISTRIES_AUTH, undefined);
    });
 });
-(0, ava_1.default)("downloadPacks-with-registries fails on 2.10.3", async (t) => {
-    // same thing, but this time include a registries block and
-    // associated env vars
-    return await (0, util_1.withTmpDir)(async (tmpDir) => {
-        process.env.GITHUB_TOKEN = "not-a-token";
-        process.env.CODEQL_REGISTRIES_AUTH = "not-a-registries-auth";
-        const logger = (0, logging_1.getRunnerLogger)(true);
-        const registriesInput = yaml.dump([
-            {
-                url: "http://ghcr.io",
-                packages: ["codeql/*", "codeql-testing/*"],
-                token: "not-a-token",
-            },
-            {
-                url: "https://containers.GHEHOSTNAME1/v2/",
-                packages: "semmle/*",
-                token: "still-not-a-token",
-            },
-        ]);
-        const codeQL = (0, codeql_1.setCodeQL)({
-            getVersion: () => Promise.resolve("2.10.3"),
-        });
-        await t.throwsAsync(async () => {
-            return await configUtils.downloadPacks(codeQL, [languages_1.Language.javascript, languages_1.Language.java, languages_1.Language.python], {}, sampleApiDetails, registriesInput, tmpDir, logger);
-        }, { instanceOf: Error }, "'registries' input is not supported on CodeQL versions less than 2.10.4.");
-    });
-});
 (0, ava_1.default)("downloadPacks-with-registries fails with invalid registries block", async (t) => {
    // same thing, but this time include a registries block and
    // associated env vars
@@ -1314,42 +1221,18 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
            },
        ]);
        const codeQL = (0, codeql_1.setCodeQL)({
-            getVersion: () => Promise.resolve("2.10.4"),
+            getVersion: () => Promise.resolve((0, testing_utils_1.makeVersionInfo)("2.10.4")),
        });
        await t.throwsAsync(async () => {
            return await configUtils.downloadPacks(codeQL, [languages_1.Language.javascript, languages_1.Language.java, languages_1.Language.python], {}, sampleApiDetails, registriesInput, tmpDir, logger);
        }, { instanceOf: Error }, "Invalid 'registries' input. Must be an array of objects with 'url' and 'packages' properties.");
    });
 });
-// the happy path for generateRegistries is already tested in downloadPacks.
-// these following tests are for the error cases and when nothing is generated.
-(0, ava_1.default)("no generateRegistries when CLI is too old", async (t) => {
-    return await (0, util_1.withTmpDir)(async (tmpDir) => {
-        const registriesInput = yaml.dump([
-            {
-                // no slash
-                url: "http://ghcr.io",
-                packages: ["codeql/*", "codeql-testing/*"],
-                token: "not-a-token",
-            },
-        ]);
-        const codeQL = (0, codeql_1.setCodeQL)({
-            // Accepted CLI versions are 2.10.4 or higher
-            getVersion: () => Promise.resolve("2.10.3"),
-        });
-        const logger = (0, logging_1.getRunnerLogger)(true);
-        await t.throwsAsync(async () => await configUtils.generateRegistries(registriesInput, codeQL, tmpDir, logger), undefined, "'registries' input is not supported on CodeQL versions less than 2.10.4.");
-    });
-});
 (0, ava_1.default)("no generateRegistries when registries is undefined", async (t) => {
    return await (0, util_1.withTmpDir)(async (tmpDir) => {
        const registriesInput = undefined;
-        const codeQL = (0, codeql_1.setCodeQL)({
-            // Accepted CLI versions are 2.10.4 or higher
-            getVersion: () => Promise.resolve(codeql_1.CODEQL_VERSION_GHES_PACK_DOWNLOAD),
-        });
        const logger = (0, logging_1.getRunnerLogger)(true);
-        const { registriesAuthTokens, qlconfigFile } = await configUtils.generateRegistries(registriesInput, codeQL, tmpDir, logger);
+        const { registriesAuthTokens, qlconfigFile } = await configUtils.generateRegistries(registriesInput, tmpDir, logger);
        t.is(registriesAuthTokens, undefined);
        t.is(qlconfigFile, undefined);
    });
@@ -1364,12 +1247,8 @@ const calculateAugmentationErrorMacro = ava_1.default.macro({
                token: "not-a-token",
            },
        ]);
-        const codeQL = (0, codeql_1.setCodeQL)({
-            // Accepted CLI versions are 2.10.4 or higher
-            getVersion: () => Promise.resolve(codeql_1.CODEQL_VERSION_GHES_PACK_DOWNLOAD),
-        });
        const logger = (0, logging_1.getRunnerLogger)(true);
-        const { registriesAuthTokens, qlconfigFile } = await configUtils.generateRegistries(registriesInput, codeQL, tmpDir, logger);
+        const { registriesAuthTokens, qlconfigFile } = await configUtils.generateRegistries(registriesInput, tmpDir, logger);
        t.is(registriesAuthTokens, "original");
        t.is(qlconfigFile, path.join(tmpDir, "qlconfig.yml"));
    });
@@ -1456,64 +1335,4 @@ const mockRepositoryNwo = (0, repository_1.parseRepositoryNwo)("owner/repo");
        t.deepEqual(mockRequest.called, args.expectedApiCall);
    });
 });
-const ML_POWERED_JS_STATUS_TESTS = [
-    // If no packs are loaded, status is false.
-    [[], "false"],
-    // If another pack is loaded but not the ML-powered query pack, status is false.
-    [["some-other/pack"], "false"],
-    // If the ML-powered query pack is loaded with a specific version, status is that version.
-    [[`${util_1.ML_POWERED_JS_QUERIES_PACK_NAME}@~0.1.0`], "~0.1.0"],
-    // If the ML-powered query pack is loaded with a specific version and another pack is loaded, the
-    // status is the version of the ML-powered query pack.
-    [["some-other/pack", `${util_1.ML_POWERED_JS_QUERIES_PACK_NAME}@~0.1.0`], "~0.1.0"],
-    // If the ML-powered query pack is loaded without a version, the status is "latest".
-    [[util_1.ML_POWERED_JS_QUERIES_PACK_NAME], "latest"],
-    // If the ML-powered query pack is loaded with two different versions, the status is "other".
-    [
-        [
-            `${util_1.ML_POWERED_JS_QUERIES_PACK_NAME}@~0.0.1`,
-            `${util_1.ML_POWERED_JS_QUERIES_PACK_NAME}@~0.0.2`,
-        ],
-        "other",
-    ],
-    // If the ML-powered query pack is loaded with no specific version, and another pack is loaded,
-    // the status is "latest".
-    [["some-other/pack", util_1.ML_POWERED_JS_QUERIES_PACK_NAME], "latest"],
-];
-for (const [packs, expectedStatus] of ML_POWERED_JS_STATUS_TESTS) {
-    const packDescriptions = `[${packs
-        .map((pack) => JSON.stringify(pack))
-        .join(", ")}]`;
-    (0, ava_1.default)(`ML-powered JS queries status report is "${expectedStatus}" for packs = ${packDescriptions}`, (t) => {
-        return (0, util_1.withTmpDir)(async (tmpDir) => {
-            const config = {
-                languages: [],
-                queries: {},
-                paths: [],
-                pathsIgnore: [],
-                originalUserInput: {},
-                tempDir: tmpDir,
-                codeQLCmd: "",
-                gitHubVersion: {
-                    type: util_1.GitHubVariant.DOTCOM,
-                },
-                dbLocation: "",
-                packs: {
-                    javascript: packs,
-                },
-                debugMode: false,
-                debugArtifactName: util_1.DEFAULT_DEBUG_ARTIFACT_NAME,
-                debugDatabaseName: util_1.DEFAULT_DEBUG_DATABASE_NAME,
-                augmentationProperties: {
-                    injectedMlQueries: false,
-                    packsInputCombines: false,
-                    queriesInputCombines: false,
-                },
-                trapCaches: {},
-                trapCacheDownloadTime: 0,
-            };
-            t.is(configUtils.getMlPoweredJsQueriesStatus(config), expectedStatus);
-        });
-    });
-}
 //# sourceMappingURL=config-utils.test.js.map
--- a/lib/config-utils.test.js.map
+++ b/lib/config-utils.test.js.map
--- a/lib/defaults.json
+++ b/lib/defaults.json
@@ -1,6 +1,6 @@
 {
-    "bundleVersion": "codeql-bundle-v2.14.5",
-    "cliVersion": "2.14.5",
-    "priorBundleVersion": "codeql-bundle-v2.14.4",
-    "priorCliVersion": "2.14.4"
+    "bundleVersion": "codeql-bundle-v2.14.6",
+    "cliVersion": "2.14.6",
+    "priorBundleVersion": "codeql-bundle-v2.14.5",
+    "priorCliVersion": "2.14.5"
 }
--- a/lib/diagnostics.js
+++ b/lib/diagnostics.js
@@ -0,0 +1,47 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.addDiagnostic = exports.makeDiagnostic = void 0;
+const fs_1 = require("fs");
+const path_1 = __importDefault(require("path"));
+const logging_1 = require("./logging");
+const util_1 = require("./util");
+/**
+ * Constructs a new diagnostic message with the specified id and name, as well as optional additional data.
+ *
+ * @param id An identifier under which it makes sense to group this diagnostic message.
+ * @param name Display name for the ID.
+ * @param data Optional additional data to initialize the diagnostic with.
+ * @returns Returns the new diagnostic message.
+ */
+function makeDiagnostic(id, name, data = undefined) {
+    return {
+        ...data,
+        timestamp: data?.timestamp ?? new Date().toISOString(),
+        source: { ...data?.source, id, name },
+    };
+}
+exports.makeDiagnostic = makeDiagnostic;
+/**
+ * Writes the given diagnostic to the database.
+ *
+ * @param config The configuration that tells us where to store the diagnostic.
+ * @param diagnostic The diagnostic message to add to the database.
+ */
+function addDiagnostic(config, language, diagnostic) {
+    const logger = (0, logging_1.getActionsLogger)();
+    const diagnosticsPath = path_1.default.resolve((0, util_1.getCodeQLDatabasePath)(config, language), "diagnostic", "codeql-action");
+    try {
+        // Create the directory if it doesn't exist yet.
+        (0, fs_1.mkdirSync)(diagnosticsPath, { recursive: true });
+        const jsonPath = path_1.default.resolve(diagnosticsPath, `codeql-action-${diagnostic.timestamp}.json`);
+        (0, fs_1.writeFileSync)(jsonPath, JSON.stringify(diagnostic));
+    }
+    catch (err) {
+        logger.warning(`Unable to write diagnostic message to database: ${err}`);
+    }
+}
+exports.addDiagnostic = addDiagnostic;
+//# sourceMappingURL=diagnostics.js.map
--- a/lib/diagnostics.js.map
+++ b/lib/diagnostics.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"diagnostics.js","sourceRoot":"","sources":["../src/diagnostics.ts"],"names":[],"mappings":";;;;;;AAAA,2BAA8C;AAC9C,gDAAwB;AAIxB,uCAA6C;AAC7C,iCAA+C;AAmD/C;;;;;;;GAOG;AACH,SAAgB,cAAc,CAC5B,EAAU,EACV,IAAY,EACZ,OAA+C,SAAS;IAExD,OAAO;QACL,GAAG,IAAI;QACP,SAAS,EAAE,IAAI,EAAE,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACtD,MAAM,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE;KACtC,CAAC;AACJ,CAAC;AAVD,wCAUC;AAED;;;;;GAKG;AACH,SAAgB,aAAa,CAC3B,MAAc,EACd,QAAkB,EAClB,UAA6B;IAE7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,eAAe,GAAG,cAAI,CAAC,OAAO,CAClC,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,EACvC,YAAY,EACZ,eAAe,CAChB,CAAC;IAEF,IAAI;QACF,gDAAgD;QAChD,IAAA,cAAS,EAAC,eAAe,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAEhD,MAAM,QAAQ,GAAG,cAAI,CAAC,OAAO,CAC3B,eAAe,EACf,iBAAiB,UAAU,CAAC,SAAS,OAAO,CAC7C,CAAC;QAEF,IAAA,kBAAa,EAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;KACrD;IAAC,OAAO,GAAG,EAAE;QACZ,MAAM,CAAC,OAAO,CAAC,mDAAmD,GAAG,EAAE,CAAC,CAAC;KAC1E;AACH,CAAC;AAzBD,sCAyBC"}
--- a/lib/environment.js
+++ b/lib/environment.js
@@ -51,5 +51,11 @@ var EnvVar;
     * rather that the init action.
     */
    EnvVar["WORKFLOW_STARTED_AT"] = "CODEQL_WORKFLOW_STARTED_AT";
+    /**
+     * The path where we initially discovered the Go binary in the system path
+     * before replacing it with a wrapper script. We check this later to ensure
+     * that it hasn't been tampered with by a late e.g. `setup-go` step.
+     */
+    EnvVar["GO_BINARY_LOCATION"] = "CODEQL_ACTION_GO_BINARY";
 })(EnvVar || (exports.EnvVar = EnvVar = {}));
 //# sourceMappingURL=environment.js.map
--- a/lib/environment.js.map
+++ b/lib/environment.js.map
@@ -1 +1 @@
-{"version":3,"file":"environment.js","sourceRoot":"","sources":["../src/environment.ts"],"names":[],"mappings":";;;AAAA,IAAY,MAgEX;AAhED,WAAY,MAAM;IAChB,2DAA2D;IAC3D,+FAAqF,CAAA;IAErF,gEAAgE;IAChE,qEAA2D,CAAA;IAE3D;;;OAGG;IACH,yFAA+E,CAAA;IAE/E;;;OAGG;IACH,yEAA+D,CAAA;IAE/D,gFAAgF;IAChF,6DAAmD,CAAA;IAEnD;;;OAGG;IACH,uEAA6D,CAAA;IAE7D,gEAAgE;IAChE,mEAAyD,CAAA;IAEzD,kFAAkF;IAClF,mFAAyE,CAAA;IAEzE,6CAA6C;IAC7C,uCAA6B,CAAA;IAE7B,mEAAyD,CAAA;IAEzD;;;OAGG;IACH,2FAAiF,CAAA;IAEjF,mFAAmF;IACnF,6FAAmF,CAAA;IAEnF,qFAAqF;IACrF,+CAAqC,CAAA;IAErC,mEAAyD,CAAA;IAEzD,kEAAkE;IAClE,2CAAiC,CAAA;IAEjC;;;;;;OAMG;IACH,4DAAkD,CAAA;AACpD,CAAC,EAhEW,MAAM,sBAAN,MAAM,QAgEjB"}
+{"version":3,"file":"environment.js","sourceRoot":"","sources":["../src/environment.ts"],"names":[],"mappings":";;;AAAA,IAAY,MAuEX;AAvED,WAAY,MAAM;IAChB,2DAA2D;IAC3D,+FAAqF,CAAA;IAErF,gEAAgE;IAChE,qEAA2D,CAAA;IAE3D;;;OAGG;IACH,yFAA+E,CAAA;IAE/E;;;OAGG;IACH,yEAA+D,CAAA;IAE/D,gFAAgF;IAChF,6DAAmD,CAAA;IAEnD;;;OAGG;IACH,uEAA6D,CAAA;IAE7D,gEAAgE;IAChE,mEAAyD,CAAA;IAEzD,kFAAkF;IAClF,mFAAyE,CAAA;IAEzE,6CAA6C;IAC7C,uCAA6B,CAAA;IAE7B,mEAAyD,CAAA;IAEzD;;;OAGG;IACH,2FAAiF,CAAA;IAEjF,mFAAmF;IACnF,6FAAmF,CAAA;IAEnF,qFAAqF;IACrF,+CAAqC,CAAA;IAErC,mEAAyD,CAAA;IAEzD,kEAAkE;IAClE,2CAAiC,CAAA;IAEjC;;;;;;OAMG;IACH,4DAAkD,CAAA;IAElD;;;;OAIG;IACH,wDAA8C,CAAA;AAChD,CAAC,EAvEW,MAAM,sBAAN,MAAM,QAuEjB"}
--- a/lib/feature-flags.js
+++ b/lib/feature-flags.js
@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.logCodeScanningConfigInCli = exports.useCodeScanningConfigInCli = exports.Features = exports.FEATURE_FLAGS_FILE_NAME = exports.featureConfig = exports.Feature = exports.CODEQL_VERSION_INTRA_LAYER_PARALLELISM = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = void 0;
+exports.logCodeScanningConfigInCli = exports.useCodeScanningConfigInCli = exports.Features = exports.FEATURE_FLAGS_FILE_NAME = exports.featureConfig = exports.Feature = exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_INTRA_LAYER_PARALLELISM = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const semver = __importStar(require("semver"));
@@ -41,9 +41,14 @@ exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = "2.13.4";
 */
 exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = "2.14.0";
 /**
- * Versions 2.14.0+ of the CodeQL CLI support intra-layer parallelism (aka fine-grained parallelism) options.
+ * Versions 2.14.0+ of the CodeQL CLI support intra-layer parallelism (aka fine-grained parallelism) options, but we
+ * limit to 2.14.6 onwards, since that's the version that has mitigations against OOM failures.
 */
-exports.CODEQL_VERSION_INTRA_LAYER_PARALLELISM = "2.14.0";
+exports.CODEQL_VERSION_INTRA_LAYER_PARALLELISM = "2.14.6";
+/**
+ * Versions 2.15.0+ of the CodeQL CLI support sub-language file coverage information.
+ */
+exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = "2.15.0";
 /**
 * Feature enablement as returned by the GitHub API endpoint.
 *
@@ -54,12 +59,13 @@ var Feature;
    Feature["AnalysisSummaryV2Enabled"] = "analysis_summary_v2_enabled";
    Feature["CliConfigFileEnabled"] = "cli_config_file_enabled";
    Feature["CodeqlJavaLombokEnabled"] = "codeql_java_lombok_enabled";
+    Feature["CppDependencyInstallation"] = "cpp_dependency_installation_enabled";
    Feature["DisableKotlinAnalysisEnabled"] = "disable_kotlin_analysis_enabled";
    Feature["DisablePythonDependencyInstallationEnabled"] = "disable_python_dependency_installation_enabled";
    Feature["EvaluatorIntraLayerParallelismEnabled"] = "evaluator_intra_layer_parallelism_enabled";
    Feature["ExportDiagnosticsEnabled"] = "export_diagnostics_enabled";
-    Feature["MlPoweredQueriesEnabled"] = "ml_powered_queries_enabled";
    Feature["QaTelemetryEnabled"] = "qa_telemetry_enabled";
+    Feature["SublanguageFileCoverageEnabled"] = "sublanguage_file_coverage_enabled";
    Feature["UploadFailedSarifEnabled"] = "upload_failed_sarif_enabled";
 })(Feature || (exports.Feature = Feature = {}));
 exports.featureConfig = {
@@ -73,6 +79,11 @@ exports.featureConfig = {
        minimumVersion: "2.14.0",
        defaultValue: false,
    },
+    [Feature.CppDependencyInstallation]: {
+        envVar: "CODEQL_EXTRACTOR_CPP_AUTOINSTALL_DEPENDENCIES",
+        minimumVersion: "2.15.0",
+        defaultValue: false,
+    },
    [Feature.DisableKotlinAnalysisEnabled]: {
        envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
        minimumVersion: undefined,
@@ -93,16 +104,16 @@ exports.featureConfig = {
        minimumVersion: "2.12.4",
        defaultValue: true,
    },
-    [Feature.MlPoweredQueriesEnabled]: {
-        envVar: "CODEQL_ML_POWERED_QUERIES",
-        minimumVersion: undefined,
-        defaultValue: false,
-    },
    [Feature.QaTelemetryEnabled]: {
        envVar: "CODEQL_ACTION_QA_TELEMETRY",
        minimumVersion: undefined,
        defaultValue: false,
    },
+    [Feature.SublanguageFileCoverageEnabled]: {
+        envVar: "CODEQL_ACTION_SUBLANGUAGE_FILE_COVERAGE",
+        minimumVersion: exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE,
+        defaultValue: false,
+    },
    [Feature.UploadFailedSarifEnabled]: {
        envVar: "CODEQL_ACTION_UPLOAD_FAILED_SARIF",
        minimumVersion: "2.11.3",
@@ -164,7 +175,7 @@ class Features {
                return false;
            }
            else {
-                this.logger.debug(`CodeQL CLI version ${await codeql.getVersion()} is newer than the minimum ` +
+                this.logger.debug(`CodeQL CLI version ${(await codeql.getVersion()).version} is newer than the minimum ` +
                    `version ${minimumVersion} for feature ${feature}.`);
            }
        }
--- a/lib/feature-flags.js.map
+++ b/lib/feature-flags.js.map
--- a/lib/feature-flags.test.js
+++ b/lib/feature-flags.test.js
@@ -89,7 +89,8 @@ for (const variant of ALL_FEATURES_DISABLED_VARIANTS) {
    await (0, util_1.withTmpDir)(async (tmpDir) => {
        const features = setUpFeatureFlagTests(tmpDir);
        (0, testing_utils_1.mockFeatureFlagApiEndpoint)(500, {});
-        await t.throwsAsync(async () => features.getValue(feature_flags_1.Feature.MlPoweredQueriesEnabled, includeCodeQlIfRequired(feature_flags_1.Feature.MlPoweredQueriesEnabled)), {
+        const someFeature = Object.values(feature_flags_1.Feature)[0];
+        await t.throwsAsync(async () => features.getValue(someFeature, includeCodeQlIfRequired(someFeature)), {
            message: "Encountered an error while trying to determine feature enablement: Error: some error message",
        });
    });
--- a/lib/feature-flags.test.js.map
+++ b/lib/feature-flags.test.js.map
--- a/lib/init-action-post-helper.test.js
+++ b/lib/init-action-post-helper.test.js
@@ -88,7 +88,7 @@ const workflow = __importStar(require("./workflow"));
    const actionsWorkflow = createTestWorkflow([
        {
            name: "Checkout repository",
-            uses: "actions/checkout@v3",
+            uses: "actions/checkout@v4",
        },
        {
            name: "Initialize CodeQL",
@@ -111,7 +111,7 @@ const workflow = __importStar(require("./workflow"));
    const actionsWorkflow = createTestWorkflow([
        {
            name: "Checkout repository",
-            uses: "actions/checkout@v3",
+            uses: "actions/checkout@v4",
        },
        {
            name: "Initialize CodeQL",
@@ -137,7 +137,7 @@ const workflow = __importStar(require("./workflow"));
    const actionsWorkflow = createTestWorkflow([
        {
            name: "Checkout repository",
-            uses: "actions/checkout@v3",
+            uses: "actions/checkout@v4",
        },
        {
            name: "Initialize CodeQL",
@@ -190,7 +190,7 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
        const actionsWorkflow = createTestWorkflow([
            {
                name: "Checkout repository",
-                uses: "actions/checkout@v3",
+                uses: "actions/checkout@v4",
            },
            {
                name: "Initialize CodeQL",
@@ -221,7 +221,7 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
    const actionsWorkflow = createTestWorkflow([
        {
            name: "Checkout repository",
-            uses: "actions/checkout@v3",
+            uses: "actions/checkout@v4",
        },
        {
            name: "Initialize CodeQL",
@@ -247,7 +247,7 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
    const actionsWorkflow = createTestWorkflow([
        {
            name: "Checkout repository",
-            uses: "actions/checkout@v3",
+            uses: "actions/checkout@v4",
        },
        {
            name: "Initialize CodeQL",
@@ -274,7 +274,7 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
    const actionsWorkflow = createTestWorkflow([
        {
            name: "Checkout repository",
-            uses: "actions/checkout@v3",
+            uses: "actions/checkout@v4",
        },
    ]);
    const result = await testFailedSarifUpload(t, actionsWorkflow, {
--- a/lib/init-action.js
+++ b/lib/init-action.js
@@ -23,12 +23,13 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
+const safe_which_1 = require("@chrisgavin/safe-which");
 const uuid_1 = require("uuid");
 const actions_util_1 = require("./actions-util");
 const api_client_1 = require("./api-client");
-const config_utils_1 = require("./config-utils");
 const environment_1 = require("./environment");
 const feature_flags_1 = require("./feature-flags");
 const init_1 = require("./init");
@@ -37,6 +38,7 @@ const logging_1 = require("./logging");
 const repository_1 = require("./repository");
 const setup_codeql_1 = require("./setup-codeql");
 const status_report_1 = require("./status-report");
+const tools_features_1 = require("./tools-features");
 const trap_caching_1 = require("./trap-caching");
 const util_1 = require("./util");
 const workflow_1 = require("./workflow");
@@ -81,7 +83,6 @@ async function sendCompletedStatusReport(startedAt, config, toolsDownloadDuratio
            ...initStatusReport,
            disable_default_queries: disableDefaultQueries,
            languages,
-            ml_powered_javascript_queries: (0, config_utils_1.getMlPoweredJsQueriesStatus)(config),
            paths,
            paths_ignore: pathsIgnore,
            queries: queries.join(","),
@@ -121,8 +122,7 @@ async function run() {
    const features = new feature_flags_1.Features(gitHubVersion, repositoryNwo, (0, actions_util_1.getTemporaryDirectory)(), logger);
    core.exportVariable(environment_1.EnvVar.JOB_RUN_UUID, (0, uuid_1.v4)());
    try {
-        const workflowErrors = await (0, workflow_1.validateWorkflow)(logger);
-        if (!(await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)("init", "starting", startedAt, await (0, util_1.checkDiskUsage)(logger), workflowErrors)))) {
+        if (!(await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)("init", "starting", startedAt, await (0, util_1.checkDiskUsage)(logger))))) {
            return;
        }
        const codeQLDefaultVersionInfo = await features.getDefaultCliVersion(gitHubVersion.type);
@@ -132,12 +132,14 @@ async function run() {
        toolsDownloadDurationMs = initCodeQLResult.toolsDownloadDurationMs;
        toolsVersion = initCodeQLResult.toolsVersion;
        toolsSource = initCodeQLResult.toolsSource;
+        await (0, workflow_1.validateWorkflow)(codeql, logger);
        config = await (0, init_1.initConfig)((0, actions_util_1.getOptionalInput)("languages"), (0, actions_util_1.getOptionalInput)("queries"), (0, actions_util_1.getOptionalInput)("packs"), registriesInput, (0, actions_util_1.getOptionalInput)("config-file"), (0, actions_util_1.getOptionalInput)("db-location"), (0, actions_util_1.getOptionalInput)("config"), getTrapCachingEnabled(), 
        // Debug mode is enabled if:
        // - The `init` Action is passed `debug: true`.
        // - Actions step debugging is enabled (e.g. by [enabling debug logging for a rerun](https://docs.github.com/en/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-all-the-jobs-in-a-workflow),
        //   or by setting the `ACTIONS_STEP_DEBUG` secret to `true`).
        (0, actions_util_1.getOptionalInput)("debug") === "true" || core.isDebug(), (0, actions_util_1.getOptionalInput)("debug-artifact-name") || util_1.DEFAULT_DEBUG_ARTIFACT_NAME, (0, actions_util_1.getOptionalInput)("debug-database-name") || util_1.DEFAULT_DEBUG_DATABASE_NAME, repositoryNwo, (0, actions_util_1.getTemporaryDirectory)(), codeql, (0, util_1.getRequiredEnvParam)("GITHUB_WORKSPACE"), gitHubVersion, apiDetails, features, logger);
+        await (0, init_1.checkInstallPython311)(config.languages, codeql);
        if (config.languages.includes(languages_1.Language.python) &&
            (0, actions_util_1.getRequiredInput)("setup-python-dependencies") === "true") {
            if (await features.getValue(feature_flags_1.Feature.DisablePythonDependencyInstallationEnabled, codeql)) {
@@ -161,12 +163,43 @@ async function run() {
        return;
    }
    try {
+        // Query CLI for supported features
+        const versionInfo = await codeql.getVersion();
        // Forward Go flags
        const goFlags = process.env["GOFLAGS"];
        if (goFlags) {
            core.exportVariable("GOFLAGS", goFlags);
            core.warning("Passing the GOFLAGS env parameter to the init action is deprecated. Please move this to the analyze action.");
        }
+        // Go 1.21 and above ships with statically linked binaries on Linux. CodeQL cannot currently trace custom builds
+        // where the entry point is a statically linked binary. Until that is fixed, we work around the problem by
+        // replacing the `go` binary with a shell script that invokes the actual `go` binary. Since the shell is typically
+        // dynamically linked, this provides a suitable entry point for the CodeQL tracer.
+        if (config.languages.includes(languages_1.Language.go) &&
+            process.platform === "linux" &&
+            !(0, tools_features_1.isSupportedToolsFeature)(versionInfo, tools_features_1.ToolsFeature.IndirectTracingSupportsStaticBinaries)) {
+            try {
+                const goBinaryPath = await (0, safe_which_1.safeWhich)("go");
+                const fileOutput = await (0, actions_util_1.getFileType)(goBinaryPath);
+                if (fileOutput.includes("statically linked")) {
+                    logger.debug(`Applying static binary workaround for Go`);
+                    // Create a directory that we can add to the system PATH.
+                    const tempBinPath = path.resolve((0, actions_util_1.getTemporaryDirectory)(), "codeql-action-go-tracing", "bin");
+                    fs.mkdirSync(tempBinPath, { recursive: true });
+                    core.addPath(tempBinPath);
+                    // Write the wrapper script to the directory we just added to the PATH.
+                    const goWrapperPath = path.resolve(tempBinPath, "go");
+                    fs.writeFileSync(goWrapperPath, `#!/bin/bash\n\nexec ${goBinaryPath} "$@"`);
+                    fs.chmodSync(goWrapperPath, "755");
+                    // Store the original location of our wrapper script somewhere where we can
+                    // later retrieve it from and cross-check that it hasn't been changed.
+                    core.exportVariable(environment_1.EnvVar.GO_BINARY_LOCATION, goWrapperPath);
+                }
+            }
+            catch (e) {
+                logger.warning(`Analyzing Go on Linux, but failed to install wrapper script. Tracing custom builds may fail: ${e}`);
+            }
+        }
        // Limit RAM and threads for extractors. When running extractors, the CodeQL CLI obeys the
        // CODEQL_RAM and CODEQL_THREADS environment variables to decide how much RAM and how many
        // threads it would ask extractors to use. See help text for the "--ram" and "--threads"
--- a/lib/init-action.js.map
+++ b/lib/init-action.js.map
--- a/lib/init.js
+++ b/lib/init.js
@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.installPythonDeps = exports.runInit = exports.initConfig = exports.initCodeQL = void 0;
+exports.installPythonDeps = exports.checkInstallPython311 = exports.runInit = exports.initConfig = exports.initCodeQL = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
@@ -32,6 +32,7 @@ const analysisPaths = __importStar(require("./analysis-paths"));
 const codeql_1 = require("./codeql");
 const configUtils = __importStar(require("./config-utils"));
 const feature_flags_1 = require("./feature-flags");
+const languages_1 = require("./languages");
 const tracer_config_1 = require("./tracer-config");
 const util = __importStar(require("./util"));
 async function initCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliVersion, logger) {
@@ -61,7 +62,7 @@ async function runInit(codeql, config, sourceRoot, processName, registriesInput,
        let qlconfigFile;
        if (await (0, feature_flags_1.useCodeScanningConfigInCli)(codeql, features)) {
            ({ registriesAuthTokens, qlconfigFile } =
-                await configUtils.generateRegistries(registriesInput, codeql, config.tempDir, logger));
+                await configUtils.generateRegistries(registriesInput, config.tempDir, logger));
        }
        await configUtils.wrapEnvironment({
            GITHUB_TOKEN: apiDetails.auth,
@@ -104,6 +105,21 @@ function processError(e) {
    }
    return e;
 }
+/**
+ * If we are running python 3.12+ on windows, we need to switch to python 3.11.
+ * This check happens in a powershell script.
+ */
+async function checkInstallPython311(languages, codeql) {
+    if (languages.includes(languages_1.Language.python) &&
+        process.platform === "win32" &&
+        !(await codeql.getVersion()).features?.supportsPython312) {
+        const script = path.resolve(__dirname, "../python-setup", "check_python12.ps1");
+        await new toolrunner.ToolRunner(await safeWhich.safeWhich("powershell"), [
+            script,
+        ]).exec();
+    }
+}
+exports.checkInstallPython311 = checkInstallPython311;
 async function installPythonDeps(codeql, logger) {
    logger.startGroup("Setup Python dependencies");
    const scriptsFolder = path.resolve(__dirname, "../python-setup");
--- a/lib/init.js.map
+++ b/lib/init.js.map
@@ -1 +1 @@
-{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA+C;AAC/C,4DAA8C;AAC9C,mDAIyB;AAIzB,mDAAwE;AACxE,6CAA+B;AAExB,KAAK,UAAU,UAAU,CAC9B,UAA8B,EAC9B,UAA4B,EAC5B,OAAe,EACf,OAA2B,EAC3B,iBAA2C,EAC3C,MAAc;IAOd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,uBAAuB,EAAE,WAAW,EAAE,YAAY,EAAE,GAClE,MAAM,IAAA,oBAAW,EACf,UAAU,EACV,UAAU,EACV,OAAO,EACP,OAAO,EACP,iBAAiB,EACjB,MAAM,EACN,IAAI,CACL,CAAC;IACJ,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,uBAAuB,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;AACxE,CAAC;AA3BD,gCA2BC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,eAAmC,EACnC,UAA8B,EAC9B,UAA8B,EAC9B,WAA+B,EAC/B,kBAA2B,EAC3B,SAAkB,EAClB,iBAAyB,EACzB,iBAAyB,EACzB,UAAyB,EACzB,OAAe,EACf,MAAc,EACd,aAAqB,EACrB,aAAiC,EACjC,UAAoC,EACpC,QAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,eAAe,EACf,UAAU,EACV,UAAU,EACV,WAAW,EACX,kBAAkB,EAClB,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,UAAU,EACV,OAAO,EACP,MAAM,EACN,aAAa,EACb,aAAa,EACb,UAAU,EACV,QAAQ,EACR,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AA9CD,gCA8CC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B,EAC1B,UAAkB,EAClB,WAA+B,EAC/B,eAAmC,EACnC,QAA2B,EAC3B,UAAoC,EACpC,MAAc;IAEd,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACrD,IAAI;QACF,wFAAwF;QACxF,qBAAqB;QACrB,8FAA8F;QAC9F,2FAA2F;QAC3F,IAAI,oBAAwC,CAAC;QAC7C,IAAI,YAAgC,CAAC;QACrC,IAAI,MAAM,IAAA,0CAA0B,EAAC,MAAM,EAAE,QAAQ,CAAC,EAAE;YACtD,CAAC,EAAE,oBAAoB,EAAE,YAAY,EAAE;gBACrC,MAAM,WAAW,CAAC,kBAAkB,CAClC,eAAe,EACf,MAAM,EACN,MAAM,CAAC,OAAO,EACd,MAAM,CACP,CAAC,CAAC;SACN;QACD,MAAM,WAAW,CAAC,eAAe,CAC/B;YACE,YAAY,EAAE,UAAU,CAAC,IAAI;YAC7B,sBAAsB,EAAE,oBAAoB;SAC7C;QAED,0BAA0B;QAC1B,KAAK,IAAI,EAAE,CACT,MAAM,MAAM,CAAC,mBAAmB,CAC9B,MAAM,EACN,UAAU,EACV,WAAW,EACX,QAAQ,EACR,YAAY,EACZ,MAAM,CACP,CACJ,CAAC;KACH;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,YAAY,CAAC,CAAC,CAAC,CAAC;KACvB;IACD,OAAO,MAAM,IAAA,uCAAuB,EAAC,MAAM,CAAC,CAAC;AAC/C,CAAC;AAhDD,0BAgDC;AAED;;;;;;;;GAQG;AACH,SAAS,YAAY,CAAC,CAAM;IAC1B,IAAI,CAAC,CAAC,CAAC,YAAY,KAAK,CAAC,EAAE;QACzB,OAAO,CAAC,CAAC;KACV;IAED;IACE,2BAA2B;IAC3B,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,8BAA8B,CAAC;QACnD,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,uCAAuC,CAAC,EAC5D;QACA,OAAO,IAAI,IAAI,CAAC,SAAS,CACvB,sDAAsD,CAAC,CAAC,OAAO,EAAE,CAClE,CAAC;KACH;IAED;IACE,+EAA+E;IAC/E,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,wCAAwC,CAAC;QAC7D,gEAAgE;QAChE,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,qBAAqB,CAAC,EAC1C;QACA,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;KACtC;IAED,OAAO,CAAC,CAAC;AACX,CAAC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,IAAI;QACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;gBACvE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC;aAC9C,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;SACV;QACD,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE;gBACpE,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,gFAAgF,CAAC,IAAI;YACnF,qGAAqG;YACrG,oGAAoG;YACpG,iDAAiD,CACpD,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAzCD,8CAyCC"}
+{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA+C;AAC/C,4DAA8C;AAC9C,mDAIyB;AACzB,2CAAuC;AAIvC,mDAAwE;AACxE,6CAA+B;AAExB,KAAK,UAAU,UAAU,CAC9B,UAA8B,EAC9B,UAA4B,EAC5B,OAAe,EACf,OAA2B,EAC3B,iBAA2C,EAC3C,MAAc;IAOd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,uBAAuB,EAAE,WAAW,EAAE,YAAY,EAAE,GAClE,MAAM,IAAA,oBAAW,EACf,UAAU,EACV,UAAU,EACV,OAAO,EACP,OAAO,EACP,iBAAiB,EACjB,MAAM,EACN,IAAI,CACL,CAAC;IACJ,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,uBAAuB,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;AACxE,CAAC;AA3BD,gCA2BC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,eAAmC,EACnC,UAA8B,EAC9B,UAA8B,EAC9B,WAA+B,EAC/B,kBAA2B,EAC3B,SAAkB,EAClB,iBAAyB,EACzB,iBAAyB,EACzB,UAAyB,EACzB,OAAe,EACf,MAAc,EACd,aAAqB,EACrB,aAAiC,EACjC,UAAoC,EACpC,QAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,eAAe,EACf,UAAU,EACV,UAAU,EACV,WAAW,EACX,kBAAkB,EAClB,SAAS,EACT,iBAAiB,EACjB,iBAAiB,EACjB,UAAU,EACV,OAAO,EACP,MAAM,EACN,aAAa,EACb,aAAa,EACb,UAAU,EACV,QAAQ,EACR,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AA9CD,gCA8CC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B,EAC1B,UAAkB,EAClB,WAA+B,EAC/B,eAAmC,EACnC,QAA2B,EAC3B,UAAoC,EACpC,MAAc;IAEd,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACrD,IAAI;QACF,wFAAwF;QACxF,qBAAqB;QACrB,8FAA8F;QAC9F,2FAA2F;QAC3F,IAAI,oBAAwC,CAAC;QAC7C,IAAI,YAAgC,CAAC;QACrC,IAAI,MAAM,IAAA,0CAA0B,EAAC,MAAM,EAAE,QAAQ,CAAC,EAAE;YACtD,CAAC,EAAE,oBAAoB,EAAE,YAAY,EAAE;gBACrC,MAAM,WAAW,CAAC,kBAAkB,CAClC,eAAe,EACf,MAAM,CAAC,OAAO,EACd,MAAM,CACP,CAAC,CAAC;SACN;QACD,MAAM,WAAW,CAAC,eAAe,CAC/B;YACE,YAAY,EAAE,UAAU,CAAC,IAAI;YAC7B,sBAAsB,EAAE,oBAAoB;SAC7C;QAED,0BAA0B;QAC1B,KAAK,IAAI,EAAE,CACT,MAAM,MAAM,CAAC,mBAAmB,CAC9B,MAAM,EACN,UAAU,EACV,WAAW,EACX,QAAQ,EACR,YAAY,EACZ,MAAM,CACP,CACJ,CAAC;KACH;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,YAAY,CAAC,CAAC,CAAC,CAAC;KACvB;IACD,OAAO,MAAM,IAAA,uCAAuB,EAAC,MAAM,CAAC,CAAC;AAC/C,CAAC;AA/CD,0BA+CC;AAED;;;;;;;;GAQG;AACH,SAAS,YAAY,CAAC,CAAM;IAC1B,IAAI,CAAC,CAAC,CAAC,YAAY,KAAK,CAAC,EAAE;QACzB,OAAO,CAAC,CAAC;KACV;IAED;IACE,2BAA2B;IAC3B,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,8BAA8B,CAAC;QACnD,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,uCAAuC,CAAC,EAC5D;QACA,OAAO,IAAI,IAAI,CAAC,SAAS,CACvB,sDAAsD,CAAC,CAAC,OAAO,EAAE,CAClE,CAAC;KACH;IAED;IACE,+EAA+E;IAC/E,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,wCAAwC,CAAC;QAC7D,gEAAgE;QAChE,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,qBAAqB,CAAC,EAC1C;QACA,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;KACtC;IAED,OAAO,CAAC,CAAC;AACX,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,qBAAqB,CACzC,SAAqB,EACrB,MAAc;IAEd,IACE,SAAS,CAAC,QAAQ,CAAC,oBAAQ,CAAC,MAAM,CAAC;QACnC,OAAO,CAAC,QAAQ,KAAK,OAAO;QAC5B,CAAC,CAAC,MAAM,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,QAAQ,EAAE,iBAAiB,EACxD;QACA,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CACzB,SAAS,EACT,iBAAiB,EACjB,oBAAoB,CACrB,CAAC;QACF,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;YACvE,MAAM;SACP,CAAC,CAAC,IAAI,EAAE,CAAC;KACX;AACH,CAAC;AAlBD,sDAkBC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,IAAI;QACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE;gBACvE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC;aAC9C,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;SACV;QACD,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE;gBACpE,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,gFAAgF,CAAC,IAAI;YACnF,qGAAqG;YACrG,oGAAoG;YACpG,iDAAiD,CACpD,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAzCD,8CAyCC"}
--- a/lib/resolve-environment-action.js
+++ b/lib/resolve-environment-action.js
@@ -28,7 +28,6 @@ const actions_util_1 = require("./actions-util");
 const api_client_1 = require("./api-client");
 const codeql_1 = require("./codeql");
 const configUtils = __importStar(require("./config-utils"));
-const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const resolve_environment_1 = require("./resolve-environment");
 const status_report_1 = require("./status-report");
@@ -42,10 +41,6 @@ async function run() {
        if (!(await (0, status_report_1.sendStatusReport)(await (0, status_report_1.createStatusReportBase)(ACTION_NAME, "starting", startedAt, await (0, util_1.checkDiskUsage)(logger))))) {
            return;
        }
-        const language = (0, languages_1.parseLanguage)((0, actions_util_1.getRequiredInput)("language"));
-        if (language === undefined) {
-            throw new Error(`Did not recognize the language "${(0, actions_util_1.getRequiredInput)("language")}".`);
-        }
        const gitHubVersion = await (0, api_client_1.getGitHubVersion)();
        (0, util_1.checkGitHubVersionInRange)(gitHubVersion, logger);
        const config = await configUtils.getConfig((0, actions_util_1.getTemporaryDirectory)(), logger);
@@ -53,7 +48,7 @@ async function run() {
            throw new Error("Config file could not be found at expected location. Has the 'init' action been called?");
        }
        const workingDirectory = (0, actions_util_1.getOptionalInput)("working-directory");
-        const result = await (0, resolve_environment_1.runResolveBuildEnvironment)(config.codeQLCmd, logger, workingDirectory, language);
+        const result = await (0, resolve_environment_1.runResolveBuildEnvironment)(config.codeQLCmd, logger, workingDirectory, (0, actions_util_1.getRequiredInput)("language"));
        core.setOutput(ENVIRONMENT_OUTPUT_NAME, result);
    }
    catch (unwrappedError) {
--- a/lib/resolve-environment-action.js.map
+++ b/lib/resolve-environment-action.js.map
@@ -1 +1 @@
-{"version":3,"file":"resolve-environment-action.js","sourceRoot":"","sources":["../src/resolve-environment-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAIwB;AACxB,6CAAgD;AAChD,qCAAkD;AAClD,4DAA8C;AAC9C,2CAAsD;AACtD,uCAA6C;AAC7C,+DAAmE;AACnE,mDAIyB;AACzB,iCAKgB;AAEhB,MAAM,WAAW,GAAG,qBAAqB,CAAC;AAC1C,MAAM,uBAAuB,GAAG,aAAa,CAAC;AAE9C,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAElC,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,gCAAgB,EACtB,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,UAAU,EACV,SAAS,EACT,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,CAC7B,CACF,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,QAAQ,GAAyB,IAAA,yBAAa,EAClD,IAAA,+BAAgB,EAAC,UAAU,CAAC,CAC7B,CAAC;QAEF,IAAI,QAAQ,KAAK,SAAS,EAAE;YAC1B,MAAM,IAAI,KAAK,CACb,mCAAmC,IAAA,+BAAgB,EAAC,UAAU,CAAC,IAAI,CACpE,CAAC;SACH;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;QAC/D,MAAM,MAAM,GAAG,MAAM,IAAA,gDAA0B,EAC7C,MAAM,CAAC,SAAS,EAChB,MAAM,EACN,gBAAgB,EAChB,QAAQ,CACT,CAAC;QACF,IAAI,CAAC,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;KACjD;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QAExC,IAAI,KAAK,YAAY,+BAAsB,EAAE;YAC3C,6DAA6D;YAC7D,qEAAqE;YACrE,IAAI,CAAC,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC;YAC5C,MAAM,CAAC,OAAO,CACZ,wFAAwF,KAAK,CAAC,OAAO,EAAE,CACxG,CAAC;SACH;aAAM;YACL,kFAAkF;YAClF,IAAI,CAAC,SAAS,CACZ,wFAAwF,KAAK,CAAC,OAAO,EAAE,CACxG,CAAC;YAEF,MAAM,IAAA,gCAAgB,EACpB,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,IAAA,gCAAgB,EAAC,KAAK,CAAC,EACvB,SAAS,EACT,MAAM,IAAA,qBAAc,GAAE,EACtB,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;SACH;QAED,OAAO;KACR;IAED,MAAM,IAAA,gCAAgB,EACpB,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,SAAS,EACT,SAAS,EACT,MAAM,IAAA,qBAAc,GAAE,CACvB,CACF,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,GAAG,WAAW,mBAAmB,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;KAC7E;IACD,MAAM,IAAA,sBAAe,GAAE,CAAC;AAC1B,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"resolve-environment-action.js","sourceRoot":"","sources":["../src/resolve-environment-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAIwB;AACxB,6CAAgD;AAChD,qCAAkD;AAClD,4DAA8C;AAC9C,uCAA6C;AAC7C,+DAAmE;AACnE,mDAIyB;AACzB,iCAKgB;AAEhB,MAAM,WAAW,GAAG,qBAAqB,CAAC;AAC1C,MAAM,uBAAuB,GAAG,aAAa,CAAC;AAE9C,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAElC,IAAI;QACF,IACE,CAAC,CAAC,MAAM,IAAA,gCAAgB,EACtB,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,UAAU,EACV,SAAS,EACT,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,CAC7B,CACF,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC5E,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QAED,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;QAC/D,MAAM,MAAM,GAAG,MAAM,IAAA,gDAA0B,EAC7C,MAAM,CAAC,SAAS,EAChB,MAAM,EACN,gBAAgB,EAChB,IAAA,+BAAgB,EAAC,UAAU,CAAC,CAC7B,CAAC;QACF,IAAI,CAAC,SAAS,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;KACjD;IAAC,OAAO,cAAc,EAAE;QACvB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QAExC,IAAI,KAAK,YAAY,+BAAsB,EAAE;YAC3C,6DAA6D;YAC7D,qEAAqE;YACrE,IAAI,CAAC,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC;YAC5C,MAAM,CAAC,OAAO,CACZ,wFAAwF,KAAK,CAAC,OAAO,EAAE,CACxG,CAAC;SACH;aAAM;YACL,kFAAkF;YAClF,IAAI,CAAC,SAAS,CACZ,wFAAwF,KAAK,CAAC,OAAO,EAAE,CACxG,CAAC;YAEF,MAAM,IAAA,gCAAgB,EACpB,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,IAAA,gCAAgB,EAAC,KAAK,CAAC,EACvB,SAAS,EACT,MAAM,IAAA,qBAAc,GAAE,EACtB,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;SACH;QAED,OAAO;KACR;IAED,MAAM,IAAA,gCAAgB,EACpB,MAAM,IAAA,sCAAsB,EAC1B,WAAW,EACX,SAAS,EACT,SAAS,EACT,MAAM,IAAA,qBAAc,GAAE,CACvB,CACF,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,GAAG,WAAW,mBAAmB,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;KAC7E;IACD,MAAM,IAAA,sBAAe,GAAE,CAAC;AAC1B,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
--- a/lib/resolve-environment.js
+++ b/lib/resolve-environment.js
@@ -25,10 +25,21 @@ var __importStar = (this && this.__importStar) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.runResolveBuildEnvironment = void 0;
 const codeql_1 = require("./codeql");
+const languages_1 = require("./languages");
 const util = __importStar(require("./util"));
-async function runResolveBuildEnvironment(cmd, logger, workingDir, language) {
-    logger.startGroup(`Attempting to resolve build environment for ${language}`);
+async function runResolveBuildEnvironment(cmd, logger, workingDir, languageInput) {
+    logger.startGroup(`Attempting to resolve build environment for ${languageInput}`);
    const codeql = await (0, codeql_1.getCodeQL)(cmd);
+    let language = languageInput;
+    // If the CodeQL CLI version in use supports language aliasing, give the CLI the raw language
+    // input. Otherwise, parse the language input and give the CLI the parsed language.
+    if (!(await util.codeQlVersionAbove(codeql, codeql_1.CODEQL_VERSION_LANGUAGE_ALIASING))) {
+        const parsedLanguage = (0, languages_1.parseLanguage)(languageInput)?.toString();
+        if (parsedLanguage === undefined) {
+            throw new Error(`Did not recognize the language '${languageInput}'.`);
+        }
+        language = parsedLanguage;
+    }
    let result = {};
    // If the CodeQL version in use does not support the `resolve build-environment`
    // command, just return an empty configuration. Otherwise invoke the CLI.
--- a/lib/resolve-environment.js.map
+++ b/lib/resolve-environment.js.map
@@ -1 +1 @@
-{"version":3,"file":"resolve-environment.js","sourceRoot":"","sources":["../src/resolve-environment.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAyE;AAGzE,6CAA+B;AAExB,KAAK,UAAU,0BAA0B,CAC9C,GAAW,EACX,MAAc,EACd,UAA8B,EAC9B,QAAkB;IAElB,MAAM,CAAC,UAAU,CAAC,+CAA+C,QAAQ,EAAE,CAAC,CAAC;IAE7E,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,GAAG,CAAC,CAAC;IACpC,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,gFAAgF;IAChF,yEAAyE;IACzE,IACE,CAAC,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,2CAAkC,CAAC,CAAC,EAC5E;QACA,MAAM,CAAC,OAAO,CACZ,0EAA0E;YACxE,mCAAmC,CACtC,CAAC;KACH;SAAM;QACL,IAAI,UAAU,KAAK,SAAS,EAAE;YAC5B,MAAM,CAAC,IAAI,CAAC,SAAS,UAAU,4BAA4B,CAAC,CAAC;SAC9D;QAED,MAAM,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;KACrE;IAED,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AA9BD,gEA8BC"}
+{"version":3,"file":"resolve-environment.js","sourceRoot":"","sources":["../src/resolve-environment.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAIkB;AAClB,2CAA4C;AAE5C,6CAA+B;AAExB,KAAK,UAAU,0BAA0B,CAC9C,GAAW,EACX,MAAc,EACd,UAA8B,EAC9B,aAAqB;IAErB,MAAM,CAAC,UAAU,CACf,+CAA+C,aAAa,EAAE,CAC/D,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,GAAG,CAAC,CAAC;IAEpC,IAAI,QAAQ,GAAG,aAAa,CAAC;IAC7B,6FAA6F;IAC7F,mFAAmF;IACnF,IACE,CAAC,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,yCAAgC,CAAC,CAAC,EAC1E;QACA,MAAM,cAAc,GAAG,IAAA,yBAAa,EAAC,aAAa,CAAC,EAAE,QAAQ,EAAE,CAAC;QAChE,IAAI,cAAc,KAAK,SAAS,EAAE;YAChC,MAAM,IAAI,KAAK,CAAC,mCAAmC,aAAa,IAAI,CAAC,CAAC;SACvE;QACD,QAAQ,GAAG,cAAc,CAAC;KAC3B;IAED,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,gFAAgF;IAChF,yEAAyE;IACzE,IACE,CAAC,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,2CAAkC,CAAC,CAAC,EAC5E;QACA,MAAM,CAAC,OAAO,CACZ,0EAA0E;YACxE,mCAAmC,CACtC,CAAC;KACH;SAAM;QACL,IAAI,UAAU,KAAK,SAAS,EAAE;YAC5B,MAAM,CAAC,IAAI,CAAC,SAAS,UAAU,4BAA4B,CAAC,CAAC;SAC9D;QAED,MAAM,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;KACrE;IAED,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AA9CD,gEA8CC"}
--- a/lib/setup-codeql.js
+++ b/lib/setup-codeql.js
@@ -418,7 +418,7 @@ async function downloadCodeQL(codeqlURL, maybeBundleVersion, maybeCliVersion, ap
    else {
        logger.debug("Downloading CodeQL tools without an authorization token.");
    }
-    logger.info(`Downloading CodeQL tools from ${codeqlURL}. This may take a while.`);
+    logger.info(`Downloading CodeQL tools from ${codeqlURL} . This may take a while.`);
    const dest = path.join(tempDir, (0, uuid_1.v4)());
    const finalHeaders = Object.assign({ "User-Agent": "CodeQL Action" }, headers);
    const toolsDownloadStart = perf_hooks_1.performance.now();
--- a/lib/setup-codeql.js.map
+++ b/lib/setup-codeql.js.map
--- a/lib/status-report.js
+++ b/lib/status-report.js
@@ -118,7 +118,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, diskI
        statusReport.runner_os_release = os.release();
    }
    if (codeQlCliVersion !== undefined) {
-        statusReport.codeql_version = codeQlCliVersion;
+        statusReport.codeql_version = codeQlCliVersion.version;
    }
    const imageVersion = process.env["ImageVersion"];
    if (imageVersion) {
--- a/lib/status-report.js.map
+++ b/lib/status-report.js.map
@@ -1 +1 @@
-{"version":3,"file":"status-report.js","sourceRoot":"","sources":["../src/status-report.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,oDAAsC;AAEtC,iDAQwB;AACxB,6CAA4D;AAC5D,+CAAuC;AACvC,iCAQgB;AAqGhB,SAAgB,gBAAgB,CAC9B,KAAe,EACf,iBAA0B;IAE1B,IAAI,KAAK,IAAI,iBAAiB,EAAE;QAC9B,OAAO,KAAK,YAAY,gBAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;KAC9D;SAAM;QACL,OAAO,SAAS,CAAC;KAClB;AACH,CAAC;AATD,4CASC;AAqBD;;;;;;;;GAQG;AACI,KAAK,UAAU,sBAAsB,CAC1C,UAAsB,EACtB,MAAoB,EACpB,eAAqB,EACrB,QAAmB,EACnB,KAAc,EACd,SAAkB;IAElB,MAAM,SAAS,GAAG,IAAA,+BAAgB,EAAC,KAAK,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC7E,MAAM,GAAG,GAAG,MAAM,IAAA,qBAAM,GAAE,CAAC;IAC3B,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAG,IAAA,+BAAgB,GAAE,CAAC;IACzC,MAAM,kBAAkB,GAAG,IAAA,oCAAqB,GAAE,CAAC;IACnD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC;IAC1D,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAChD,MAAM,YAAY,GAAG,MAAM,IAAA,2BAAc,GAAE,CAAC;IAC5C,IAAI,iBAAiB,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,mBAAmB,CAAC,CAAC;IAChE,IAAI,iBAAiB,KAAK,SAAS,EAAE;QACnC,iBAAiB,GAAG,eAAe,CAAC,WAAW,EAAE,CAAC;QAClD,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,mBAAmB,EAAE,iBAAiB,CAAC,CAAC;KACpE;IACD,MAAM,QAAQ,GAAG,IAAA,0BAAmB,EAAC,WAAW,CAAC,CAAC;IAClD,MAAM,gBAAgB,GAAG,IAAA,6BAAsB,GAAE,CAAC;IAClD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACnD,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC;IACzE,0FAA0F;IAC1F,wCAAwC;IACxC,IAAI,kBAAkB,KAAK,EAAE,EAAE;QAC7B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,mBAAmB,EAAE,kBAAkB,CAAC,CAAC;KACrE;IAED,MAAM,YAAY,GAAqB;QACrC,WAAW,EAAE,UAAU;QACvB,UAAU,EAAE,SAAS;QACrB,UAAU,EAAE,SAAS;QACrB,iBAAiB,EAAE,eAAe,CAAC,WAAW,EAAE;QAChD,cAAc,EAAE,IAAA,+BAAgB,GAAE;QAClC,YAAY;QACZ,UAAU,EAAE,SAAS;QACrB,QAAQ,EAAE,OAAO;QACjB,YAAY,EAAE,UAAU;QACxB,GAAG;QACH,iCAAiC,EAAE,QAAQ,CAAC,iBAAiB;QAC7D,SAAS,EAAE,QAAQ;QACnB,6BAA6B,EAAE,QAAQ,CAAC,aAAa;QACrD,UAAU,EAAE,iBAAiB;QAC7B,MAAM;QACN,mBAAmB,EAAE,kBAAkB;QACvC,aAAa,EAAE,YAAY;QAC3B,oBAAoB,EAAE,kBAAkB;QACxC,eAAe,EAAE,aAAa;KAC/B,CAAC;IAEF,0BAA0B;IAC1B,IAAI,KAAK,EAAE;QACT,YAAY,CAAC,KAAK,GAAG,KAAK,CAAC;KAC5B;IACD,IAAI,SAAS,EAAE;QACb,YAAY,CAAC,SAAS,GAAG,SAAS,CAAC;KACpC;IACD,IACE,MAAM,KAAK,SAAS;QACpB,MAAM,KAAK,SAAS;QACpB,MAAM,KAAK,SAAS;QACpB,MAAM,KAAK,YAAY,EACvB;QACA,YAAY,CAAC,YAAY,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;KACtD;IACD,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE;QACV,YAAY,CAAC,WAAW,GAAG,MAAM,CAAC;KACnC;IACD,IAAI,aAAa,IAAI,OAAO,CAAC,GAAG,EAAE;QAChC,sDAAsD;QACtD,sEAAsE;QACtE,YAAY,CAAC,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;KACvD;IACD,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,KAAK,OAAO,EAAE;QAClD,YAAY,CAAC,iBAAiB,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;KAC/C;IACD,IAAI,gBAAgB,KAAK,SAAS,EAAE;QAClC,YAAY,CAAC,cAAc,GAAG,gBAAgB,CAAC;KAChD;IACD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACjD,IAAI,YAAY,EAAE;QAChB,YAAY,CAAC,oBAAoB,GAAG,YAAY,CAAC;KAClD;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAzFD,wDAyFC;AAED,MAAM,eAAe,GACnB,mFAAmF,CAAC;AACtF,MAAM,eAAe,GACnB,sEAAsE,CAAC;AACzE,MAAM,eAAe,GACnB,sFAAsF,CAAC;AACzF,MAAM,gBAAgB,GACpB,gIAAgI,CAAC;AAEnI;;;;;;;;GAQG;AACI,KAAK,UAAU,gBAAgB,CACpC,YAAe;IAEf,MAAM,gBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IACtD,IAAI,CAAC,KAAK,CAAC,0BAA0B,gBAAgB,EAAE,CAAC,CAAC;IACzD,sDAAsD;IACtD,IAAI,IAAA,mBAAY,GAAE,EAAE;QAClB,IAAI,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC7D,OAAO,IAAI,CAAC;KACb;IAED,MAAM,GAAG,GAAG,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CAAC;IACrD,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAE9B,IAAI;QACF,MAAM,MAAM,CAAC,OAAO,CAClB,uDAAuD,EACvD;YACE,KAAK;YACL,IAAI;YACJ,IAAI,EAAE,gBAAgB;SACvB,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;KACb;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACf,IAAI,IAAA,kBAAW,EAAC,CAAC,CAAC,EAAE;YAClB,QAAQ,CAAC,CAAC,MAAM,EAAE;gBAChB,KAAK,GAAG;oBACN,IACE,IAAA,mCAAoB,GAAE,KAAK,MAAM;wBACjC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,EACjD;wBACA,IAAI,CAAC,SAAS,CACZ,mFAAmF;4BACjF,yDAAyD;4BACzD,iLAAiL;4BACjL,8JAA8J,CACjK,CAAC;qBACH;yBAAM;wBACL,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,IAAI,eAAe,CAAC,CAAC;qBAC9C;oBACD,OAAO,KAAK,CAAC;gBACf,KAAK,GAAG;oBACN,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;oBAChC,OAAO,KAAK,CAAC;gBACf,KAAK,GAAG;oBACN,+CAA+C;oBAC/C,2EAA2E;oBAC3E,4EAA4E;oBAC5E,IAAI,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,KAAK,wBAAiB,EAAE;wBAClE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;qBAC9B;yBAAM;wBACL,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;qBAC7B;oBACD,OAAO,IAAI,CAAC;aACf;SACF;QAED,mFAAmF;QACnF,0EAA0E;QAC1E,IAAI,CAAC,KAAK,CACR,wEAAwE,CACzE,CAAC;QACF,OAAO,IAAI,CAAC;KACb;AACH,CAAC;AApED,4CAoEC"}
+{"version":3,"file":"status-report.js","sourceRoot":"","sources":["../src/status-report.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,oDAAsC;AAEtC,iDAQwB;AACxB,6CAA4D;AAC5D,+CAAuC;AACvC,iCAQgB;AAqGhB,SAAgB,gBAAgB,CAC9B,KAAe,EACf,iBAA0B;IAE1B,IAAI,KAAK,IAAI,iBAAiB,EAAE;QAC9B,OAAO,KAAK,YAAY,gBAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;KAC9D;SAAM;QACL,OAAO,SAAS,CAAC;KAClB;AACH,CAAC;AATD,4CASC;AAqBD;;;;;;;;GAQG;AACI,KAAK,UAAU,sBAAsB,CAC1C,UAAsB,EACtB,MAAoB,EACpB,eAAqB,EACrB,QAAmB,EACnB,KAAc,EACd,SAAkB;IAElB,MAAM,SAAS,GAAG,IAAA,+BAAgB,EAAC,KAAK,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC7E,MAAM,GAAG,GAAG,MAAM,IAAA,qBAAM,GAAE,CAAC;IAC3B,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAG,IAAA,+BAAgB,GAAE,CAAC;IACzC,MAAM,kBAAkB,GAAG,IAAA,oCAAqB,GAAE,CAAC;IACnD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC;IAC1D,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAChD,MAAM,YAAY,GAAG,MAAM,IAAA,2BAAc,GAAE,CAAC;IAC5C,IAAI,iBAAiB,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,mBAAmB,CAAC,CAAC;IAChE,IAAI,iBAAiB,KAAK,SAAS,EAAE;QACnC,iBAAiB,GAAG,eAAe,CAAC,WAAW,EAAE,CAAC;QAClD,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,mBAAmB,EAAE,iBAAiB,CAAC,CAAC;KACpE;IACD,MAAM,QAAQ,GAAG,IAAA,0BAAmB,EAAC,WAAW,CAAC,CAAC;IAClD,MAAM,gBAAgB,GAAG,IAAA,6BAAsB,GAAE,CAAC;IAClD,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACnD,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAM,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC;IACzE,0FAA0F;IAC1F,wCAAwC;IACxC,IAAI,kBAAkB,KAAK,EAAE,EAAE;QAC7B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,mBAAmB,EAAE,kBAAkB,CAAC,CAAC;KACrE;IAED,MAAM,YAAY,GAAqB;QACrC,WAAW,EAAE,UAAU;QACvB,UAAU,EAAE,SAAS;QACrB,UAAU,EAAE,SAAS;QACrB,iBAAiB,EAAE,eAAe,CAAC,WAAW,EAAE;QAChD,cAAc,EAAE,IAAA,+BAAgB,GAAE;QAClC,YAAY;QACZ,UAAU,EAAE,SAAS;QACrB,QAAQ,EAAE,OAAO;QACjB,YAAY,EAAE,UAAU;QACxB,GAAG;QACH,iCAAiC,EAAE,QAAQ,CAAC,iBAAiB;QAC7D,SAAS,EAAE,QAAQ;QACnB,6BAA6B,EAAE,QAAQ,CAAC,aAAa;QACrD,UAAU,EAAE,iBAAiB;QAC7B,MAAM;QACN,mBAAmB,EAAE,kBAAkB;QACvC,aAAa,EAAE,YAAY;QAC3B,oBAAoB,EAAE,kBAAkB;QACxC,eAAe,EAAE,aAAa;KAC/B,CAAC;IAEF,0BAA0B;IAC1B,IAAI,KAAK,EAAE;QACT,YAAY,CAAC,KAAK,GAAG,KAAK,CAAC;KAC5B;IACD,IAAI,SAAS,EAAE;QACb,YAAY,CAAC,SAAS,GAAG,SAAS,CAAC;KACpC;IACD,IACE,MAAM,KAAK,SAAS;QACpB,MAAM,KAAK,SAAS;QACpB,MAAM,KAAK,SAAS;QACpB,MAAM,KAAK,YAAY,EACvB;QACA,YAAY,CAAC,YAAY,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;KACtD;IACD,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE;QACV,YAAY,CAAC,WAAW,GAAG,MAAM,CAAC;KACnC;IACD,IAAI,aAAa,IAAI,OAAO,CAAC,GAAG,EAAE;QAChC,sDAAsD;QACtD,sEAAsE;QACtE,YAAY,CAAC,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;KACvD;IACD,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,KAAK,OAAO,EAAE;QAClD,YAAY,CAAC,iBAAiB,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;KAC/C;IACD,IAAI,gBAAgB,KAAK,SAAS,EAAE;QAClC,YAAY,CAAC,cAAc,GAAG,gBAAgB,CAAC,OAAO,CAAC;KACxD;IACD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACjD,IAAI,YAAY,EAAE;QAChB,YAAY,CAAC,oBAAoB,GAAG,YAAY,CAAC;KAClD;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAzFD,wDAyFC;AAED,MAAM,eAAe,GACnB,mFAAmF,CAAC;AACtF,MAAM,eAAe,GACnB,sEAAsE,CAAC;AACzE,MAAM,eAAe,GACnB,sFAAsF,CAAC;AACzF,MAAM,gBAAgB,GACpB,gIAAgI,CAAC;AAEnI;;;;;;;;GAQG;AACI,KAAK,UAAU,gBAAgB,CACpC,YAAe;IAEf,MAAM,gBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IACtD,IAAI,CAAC,KAAK,CAAC,0BAA0B,gBAAgB,EAAE,CAAC,CAAC;IACzD,sDAAsD;IACtD,IAAI,IAAA,mBAAY,GAAE,EAAE;QAClB,IAAI,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC7D,OAAO,IAAI,CAAC;KACb;IAED,MAAM,GAAG,GAAG,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CAAC;IACrD,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAE9B,IAAI;QACF,MAAM,MAAM,CAAC,OAAO,CAClB,uDAAuD,EACvD;YACE,KAAK;YACL,IAAI;YACJ,IAAI,EAAE,gBAAgB;SACvB,CACF,CAAC;QAEF,OAAO,IAAI,CAAC;KACb;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACf,IAAI,IAAA,kBAAW,EAAC,CAAC,CAAC,EAAE;YAClB,QAAQ,CAAC,CAAC,MAAM,EAAE;gBAChB,KAAK,GAAG;oBACN,IACE,IAAA,mCAAoB,GAAE,KAAK,MAAM;wBACjC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,EACjD;wBACA,IAAI,CAAC,SAAS,CACZ,mFAAmF;4BACjF,yDAAyD;4BACzD,iLAAiL;4BACjL,8JAA8J,CACjK,CAAC;qBACH;yBAAM;wBACL,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,IAAI,eAAe,CAAC,CAAC;qBAC9C;oBACD,OAAO,KAAK,CAAC;gBACf,KAAK,GAAG;oBACN,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;oBAChC,OAAO,KAAK,CAAC;gBACf,KAAK,GAAG;oBACN,+CAA+C;oBAC/C,2EAA2E;oBAC3E,4EAA4E;oBAC5E,IAAI,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,KAAK,wBAAiB,EAAE;wBAClE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;qBAC9B;yBAAM;wBACL,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;qBAC7B;oBACD,OAAO,IAAI,CAAC;aACf;SACF;QAED,mFAAmF;QACnF,0EAA0E;QAC1E,IAAI,CAAC,KAAK,CACR,wEAAwE,CACzE,CAAC;QACF,OAAO,IAAI,CAAC;KACb;AACH,CAAC;AApED,4CAoEC"}
--- a/lib/testing-utils.js
+++ b/lib/testing-utils.js
@@ -26,7 +26,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.mockBundleDownloadApi = exports.createFeatures = exports.mockCodeQLVersion = exports.mockLanguagesInRepo = exports.mockFeatureFlagApiEndpoint = exports.getRecordingLogger = exports.setupActionsVars = exports.setupTests = exports.SAMPLE_DEFAULT_CLI_VERSION = exports.SAMPLE_DOTCOM_API_DETAILS = void 0;
+exports.mockBundleDownloadApi = exports.createFeatures = exports.mockCodeQLVersion = exports.makeVersionInfo = exports.mockLanguagesInRepo = exports.mockFeatureFlagApiEndpoint = exports.getRecordingLogger = exports.setupActionsVars = exports.setupTests = exports.SAMPLE_DEFAULT_CLI_VERSION = exports.SAMPLE_DOTCOM_API_DETAILS = void 0;
 const node_util_1 = require("node:util");
 const path_1 = __importDefault(require("path"));
 const github = __importStar(require("@actions/github"));
@@ -187,10 +187,17 @@ function mockLanguagesInRepo(languages) {
    return listLanguages;
 }
 exports.mockLanguagesInRepo = mockLanguagesInRepo;
+/**
+ * Constructs a `VersionInfo` object for testing purposes only.
+ */
+const makeVersionInfo = (version) => ({
+    version,
+});
+exports.makeVersionInfo = makeVersionInfo;
 function mockCodeQLVersion(version) {
    return {
        async getVersion() {
-            return version;
+            return (0, exports.makeVersionInfo)(version);
        },
    };
 }
--- a/lib/testing-utils.js.map
+++ b/lib/testing-utils.js.map
--- a/lib/tools-features.js
+++ b/lib/tools-features.js
@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isSupportedToolsFeature = exports.ToolsFeature = void 0;
+var ToolsFeature;
+(function (ToolsFeature) {
+    ToolsFeature["IndirectTracingSupportsStaticBinaries"] = "indirectTracingSupportsStaticBinaries";
+})(ToolsFeature || (exports.ToolsFeature = ToolsFeature = {}));
+/**
+ * Determines if the given feature is supported by the CLI.
+ *
+ * @param versionInfo Version information, including features, returned by the CLI.
+ * @param feature The feature to check for.
+ * @returns True if the feature is supported or false otherwise.
+ */
+function isSupportedToolsFeature(versionInfo, feature) {
+    return !!versionInfo.features && versionInfo.features[feature];
+}
+exports.isSupportedToolsFeature = isSupportedToolsFeature;
+//# sourceMappingURL=tools-features.js.map
--- a/lib/tools-features.js.map
+++ b/lib/tools-features.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"tools-features.js","sourceRoot":"","sources":["../src/tools-features.ts"],"names":[],"mappings":";;;AAEA,IAAY,YAEX;AAFD,WAAY,YAAY;IACtB,+FAA+E,CAAA;AACjF,CAAC,EAFW,YAAY,4BAAZ,YAAY,QAEvB;AAED;;;;;;GAMG;AACH,SAAgB,uBAAuB,CACrC,WAAwB,EACxB,OAAqB;IAErB,OAAO,CAAC,CAAC,WAAW,CAAC,QAAQ,IAAI,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACjE,CAAC;AALD,0DAKC"}
--- a/lib/tools-features.test.js
+++ b/lib/tools-features.test.js
@@ -0,0 +1,15 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const ava_1 = __importDefault(require("ava"));
+const testing_utils_1 = require("./testing-utils");
+const tools_features_1 = require("./tools-features");
+(0, ava_1.default)("isSupportedToolsFeature", async (t) => {
+    const versionInfo = (0, testing_utils_1.makeVersionInfo)("1.0.0");
+    t.false((0, tools_features_1.isSupportedToolsFeature)(versionInfo, tools_features_1.ToolsFeature.IndirectTracingSupportsStaticBinaries));
+    versionInfo.features = { indirectTracingSupportsStaticBinaries: true };
+    t.true((0, tools_features_1.isSupportedToolsFeature)(versionInfo, tools_features_1.ToolsFeature.IndirectTracingSupportsStaticBinaries));
+});
+//# sourceMappingURL=tools-features.test.js.map
--- a/lib/tools-features.test.js.map
+++ b/lib/tools-features.test.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"tools-features.test.js","sourceRoot":"","sources":["../src/tools-features.test.ts"],"names":[],"mappings":";;;;;AAAA,8CAAuB;AAEvB,mDAAkD;AAClD,qDAAyE;AAEzE,IAAA,aAAI,EAAC,yBAAyB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC1C,MAAM,WAAW,GAAG,IAAA,+BAAe,EAAC,OAAO,CAAC,CAAC;IAE7C,CAAC,CAAC,KAAK,CACL,IAAA,wCAAuB,EACrB,WAAW,EACX,6BAAY,CAAC,qCAAqC,CACnD,CACF,CAAC;IAEF,WAAW,CAAC,QAAQ,GAAG,EAAE,qCAAqC,EAAE,IAAI,EAAE,CAAC;IAEvE,CAAC,CAAC,IAAI,CACJ,IAAA,wCAAuB,EACrB,WAAW,EACX,6BAAY,CAAC,qCAAqC,CACnD,CACF,CAAC;AACJ,CAAC,CAAC,CAAC"}
--- a/lib/trap-caching.js
+++ b/lib/trap-caching.js
@@ -28,7 +28,6 @@ const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const cache = __importStar(require("@actions/cache"));
 const actionsUtil = __importStar(require("./actions-util"));
-const codeql_1 = require("./codeql");
 const util_1 = require("./util");
 // This constant should be bumped if we make a breaking change
 // to how the CodeQL Action stores or retrieves the TRAP cache,
@@ -133,8 +132,6 @@ async function uploadTrapCaches(codeql, config, logger) {
 exports.uploadTrapCaches = uploadTrapCaches;
 async function getLanguagesSupportingCaching(codeql, languages, logger) {
    const result = [];
-    if (!(await (0, util_1.codeQlVersionAbove)(codeql, codeql_1.CODEQL_VERSION_BETTER_RESOLVE_LANGUAGES)))
-        return result;
    const resolveResult = await codeql.betterResolveLanguages();
    outer: for (const lang of languages) {
        const extractorsForLanguage = resolveResult.extractors[lang];
@@ -172,6 +169,6 @@ async function cacheKey(codeql, language, baseSha) {
    return `${await cachePrefix(codeql, language)}${baseSha}`;
 }
 async function cachePrefix(codeql, language) {
-    return `codeql-trap-${CACHE_VERSION}-${await codeql.getVersion()}-${language}-`;
+    return `codeql-trap-${CACHE_VERSION}-${(await codeql.getVersion()).version}-${language}-`;
 }
 //# sourceMappingURL=trap-caching.js.map
--- a/lib/trap-caching.js.map
+++ b/lib/trap-caching.js.map
@@ -1 +1 @@
-{"version":3,"file":"trap-caching.js","sourceRoot":"","sources":["../src/trap-caching.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,sDAAwC;AAExC,4DAA8C;AAC9C,qCAA2E;AAI3E,iCAA4E;AAE5E,8DAA8D;AAC9D,+DAA+D;AAC/D,6DAA6D;AAC7D,6DAA6D;AAC7D,2BAA2B;AAC3B,MAAM,aAAa,GAAG,CAAC,CAAC;AAExB,6DAA6D;AAC7D,+CAA+C;AAC/C,MAAM,0BAA0B,GAAG,EAAE,CAAC;AAEtC,4DAA4D;AAC5D,2DAA2D;AAC3D,wDAAwD;AACxD,0DAA0D;AAC1D,MAAM,sBAAsB,GAAG,MAAO,CAAC,CAAC,cAAc;AAEtD;;;;;;;GAOG;AACI,KAAK,UAAU,kBAAkB,CACtC,MAAc,EACd,SAAqB,EACrB,MAAc;IAEd,MAAM,MAAM,GAAsC,EAAE,CAAC;IACrD,MAAM,0BAA0B,GAAG,MAAM,6BAA6B,CACpE,MAAM,EACN,SAAS,EACT,MAAM,CACP,CAAC;IACF,MAAM,CAAC,IAAI,CACT,SAAS,0BAA0B,CAAC,MAAM,sCAAsC,CACjF,CAAC;IACF,IAAI,0BAA0B,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,MAAM,CAAC;IAE3D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CACzB,WAAW,CAAC,qBAAqB,EAAE,EACnC,YAAY,CACb,CAAC;IACF,KAAK,MAAM,QAAQ,IAAI,0BAA0B,EAAE;QACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;QAChD,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,MAAM,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC;KAC7B;IAED,IAAI,MAAM,WAAW,CAAC,wBAAwB,EAAE,EAAE;QAChD,MAAM,CAAC,IAAI,CACT,gEAAgE,CACjE,CAAC;QACF,OAAO,MAAM,CAAC;KACf;IAED,IAAI,OAAO,GAAG,SAAS,CAAC;IACxB,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAChD,IACE,WAAW,CAAC,oBAAoB,EAAE,KAAK,cAAc;QACrD,SAAS,KAAK,SAAS,EACvB;QACA,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;QAC5E,OAAO,GAAG,KAAK,CAAC,YAAY,EAAE,IAAI,EAAE,GAAG,IAAI,OAAO,CAAC;KACpD;IACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;QAChC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,QAAQ,KAAK,SAAS;YAAE,SAAS;QACrC,uFAAuF;QACvF,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC/D,MAAM,CAAC,IAAI,CACT,oDAAoD,YAAY,EAAE,CACnE,CAAC;QACF,MAAM,KAAK,GAAG,MAAM,IAAA,kBAAW,EAC7B,sBAAsB,EACtB,KAAK,CAAC,YAAY,CAAC,CAAC,QAAQ,CAAC,EAAE,YAAY,EAAE;YAC3C,mDAAmD;YACnD,MAAM,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC;SACpC,CAAC,EACF,GAAG,EAAE;YACH,MAAM,CAAC,IAAI,CACT,mCAAmC,QAAQ,4BAA4B,CACxE,CAAC;QACJ,CAAC,CACF,CAAC;QACF,IAAI,KAAK,KAAK,SAAS,EAAE;YACvB,gFAAgF;YAChF,oFAAoF;YACpF,6EAA6E;YAC7E,MAAM,CAAC,IAAI,CAAC,4CAA4C,QAAQ,EAAE,CAAC,CAAC;YACpE,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;SACzB;KACF;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAxED,gDAwEC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,gBAAgB,CACpC,MAAc,EACd,MAAc,EACd,MAAc;IAEd,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC,CAAC,6CAA6C;IAEhH,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC7C,IAAI,QAAQ,KAAK,SAAS;YAAE,SAAS;QACrC,MAAM,cAAc,GAAG,MAAM,IAAA,wBAAiB,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACjE,IAAI,cAAc,KAAK,SAAS,EAAE;YAChC,MAAM,CAAC,IAAI,CACT,qCAAqC,QAAQ,oCAAoC,CAClF,CAAC;YACF,SAAS;SACV;QACD,IAAI,cAAc,GAAG,0BAA0B,GAAG,OAAS,EAAE;YAC3D,MAAM,CAAC,IAAI,CACT,qCAAqC,QAAQ,qBAAqB,CACnE,CAAC;YACF,SAAS;SACV;QACD,MAAM,GAAG,GAAG,MAAM,QAAQ,CACxB,MAAM,EACN,QAAQ,EACR,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,SAAS,CACpC,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,kDAAkD,GAAG,EAAE,CAAC,CAAC;QACrE,MAAM,IAAA,kBAAW,EACf,sBAAsB,EACtB,KAAK,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,EAAE,GAAG,CAAC,EAChC,GAAG,EAAE;YACH,MAAM,CAAC,IAAI,CACT,wCAAwC,QAAQ,6CAA6C,CAC9F,CAAC;QACJ,CAAC,CACF,CAAC;KACH;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAxCD,4CAwCC;AAEM,KAAK,UAAU,6BAA6B,CACjD,MAAc,EACd,SAAqB,EACrB,MAAc;IAEd,MAAM,MAAM,GAAe,EAAE,CAAC;IAC9B,IACE,CAAC,CAAC,MAAM,IAAA,yBAAkB,EAAC,MAAM,EAAE,gDAAuC,CAAC,CAAC;QAE5E,OAAO,MAAM,CAAC;IAChB,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;IAC5D,KAAK,EAAE,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE;QACnC,MAAM,qBAAqB,GAAG,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAC7D,IAAI,qBAAqB,KAAK,SAAS,EAAE;YACvC,MAAM,CAAC,IAAI,CACT,GAAG,IAAI,6DAA6D,CACrE,CAAC;YACF,SAAS;SACV;QACD,IAAI,qBAAqB,CAAC,MAAM,KAAK,CAAC,EAAE;YACtC,MAAM,CAAC,IAAI,CACT,GAAG,IAAI,4DAA4D,CACpE,CAAC;YACF,SAAS;SACV;QACD,MAAM,SAAS,GAAG,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC3C,MAAM,gBAAgB,GACpB,SAAS,CAAC,iBAAiB,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,CAAC;QACnE,IAAI,gBAAgB,KAAK,SAAS,EAAE;YAClC,MAAM,CAAC,IAAI,CACT,GAAG,IAAI,uDAAuD,CAC/D,CAAC;YACF,SAAS;SACV;QACD,KAAK,MAAM,WAAW,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE;YACnD,IAAI,CAAC,CAAC,WAAW,IAAI,gBAAgB,CAAC,EAAE;gBACtC,MAAM,CAAC,IAAI,CACT,GAAG,IAAI,2CAA2C,WAAW,UAAU,CACxE,CAAC;gBACF,SAAS,KAAK,CAAC;aAChB;SACF;QACD,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACnB;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AA7CD,sEA6CC;AAEM,KAAK,UAAU,iBAAiB,CACrC,UAA6C,EAC7C,MAAc;IAEd,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,GAAG,CAC7B,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACzC,IAAA,wBAAiB,EAAC,QAAQ,EAAE,MAAM,CAAC,CACpC,CACF,CAAC;IACF,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;AAC7D,CAAC;AAVD,8CAUC;AAED,KAAK,UAAU,QAAQ,CACrB,MAAc,EACd,QAAkB,EAClB,OAAe;IAEf,OAAO,GAAG,MAAM,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,GAAG,OAAO,EAAE,CAAC;AAC5D,CAAC;AAED,KAAK,UAAU,WAAW,CACxB,MAAc,EACd,QAAkB;IAElB,OAAO,eAAe,aAAa,IAAI,MAAM,MAAM,CAAC,UAAU,EAAE,IAAI,QAAQ,GAAG,CAAC;AAClF,CAAC"}
+{"version":3,"file":"trap-caching.js","sourceRoot":"","sources":["../src/trap-caching.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,sDAAwC;AAExC,4DAA8C;AAK9C,iCAAwD;AAExD,8DAA8D;AAC9D,+DAA+D;AAC/D,6DAA6D;AAC7D,6DAA6D;AAC7D,2BAA2B;AAC3B,MAAM,aAAa,GAAG,CAAC,CAAC;AAExB,6DAA6D;AAC7D,+CAA+C;AAC/C,MAAM,0BAA0B,GAAG,EAAE,CAAC;AAEtC,4DAA4D;AAC5D,2DAA2D;AAC3D,wDAAwD;AACxD,0DAA0D;AAC1D,MAAM,sBAAsB,GAAG,MAAO,CAAC,CAAC,cAAc;AAEtD;;;;;;;GAOG;AACI,KAAK,UAAU,kBAAkB,CACtC,MAAc,EACd,SAAqB,EACrB,MAAc;IAEd,MAAM,MAAM,GAAsC,EAAE,CAAC;IACrD,MAAM,0BAA0B,GAAG,MAAM,6BAA6B,CACpE,MAAM,EACN,SAAS,EACT,MAAM,CACP,CAAC;IACF,MAAM,CAAC,IAAI,CACT,SAAS,0BAA0B,CAAC,MAAM,sCAAsC,CACjF,CAAC;IACF,IAAI,0BAA0B,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,MAAM,CAAC;IAE3D,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CACzB,WAAW,CAAC,qBAAqB,EAAE,EACnC,YAAY,CACb,CAAC;IACF,KAAK,MAAM,QAAQ,IAAI,0BAA0B,EAAE;QACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;QAChD,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,MAAM,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC;KAC7B;IAED,IAAI,MAAM,WAAW,CAAC,wBAAwB,EAAE,EAAE;QAChD,MAAM,CAAC,IAAI,CACT,gEAAgE,CACjE,CAAC;QACF,OAAO,MAAM,CAAC;KACf;IAED,IAAI,OAAO,GAAG,SAAS,CAAC;IACxB,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAChD,IACE,WAAW,CAAC,oBAAoB,EAAE,KAAK,cAAc;QACrD,SAAS,KAAK,SAAS,EACvB;QACA,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;QAC5E,OAAO,GAAG,KAAK,CAAC,YAAY,EAAE,IAAI,EAAE,GAAG,IAAI,OAAO,CAAC;KACpD;IACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;QAChC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,QAAQ,KAAK,SAAS;YAAE,SAAS;QACrC,uFAAuF;QACvF,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC/D,MAAM,CAAC,IAAI,CACT,oDAAoD,YAAY,EAAE,CACnE,CAAC;QACF,MAAM,KAAK,GAAG,MAAM,IAAA,kBAAW,EAC7B,sBAAsB,EACtB,KAAK,CAAC,YAAY,CAAC,CAAC,QAAQ,CAAC,EAAE,YAAY,EAAE;YAC3C,mDAAmD;YACnD,MAAM,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC;SACpC,CAAC,EACF,GAAG,EAAE;YACH,MAAM,CAAC,IAAI,CACT,mCAAmC,QAAQ,4BAA4B,CACxE,CAAC;QACJ,CAAC,CACF,CAAC;QACF,IAAI,KAAK,KAAK,SAAS,EAAE;YACvB,gFAAgF;YAChF,oFAAoF;YACpF,6EAA6E;YAC7E,MAAM,CAAC,IAAI,CAAC,4CAA4C,QAAQ,EAAE,CAAC,CAAC;YACpE,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;SACzB;KACF;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAxED,gDAwEC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,gBAAgB,CACpC,MAAc,EACd,MAAc,EACd,MAAc;IAEd,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC,CAAC,6CAA6C;IAEhH,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC7C,IAAI,QAAQ,KAAK,SAAS;YAAE,SAAS;QACrC,MAAM,cAAc,GAAG,MAAM,IAAA,wBAAiB,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACjE,IAAI,cAAc,KAAK,SAAS,EAAE;YAChC,MAAM,CAAC,IAAI,CACT,qCAAqC,QAAQ,oCAAoC,CAClF,CAAC;YACF,SAAS;SACV;QACD,IAAI,cAAc,GAAG,0BAA0B,GAAG,OAAS,EAAE;YAC3D,MAAM,CAAC,IAAI,CACT,qCAAqC,QAAQ,qBAAqB,CACnE,CAAC;YACF,SAAS;SACV;QACD,MAAM,GAAG,GAAG,MAAM,QAAQ,CACxB,MAAM,EACN,QAAQ,EACR,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,SAAS,CACpC,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,kDAAkD,GAAG,EAAE,CAAC,CAAC;QACrE,MAAM,IAAA,kBAAW,EACf,sBAAsB,EACtB,KAAK,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,EAAE,GAAG,CAAC,EAChC,GAAG,EAAE;YACH,MAAM,CAAC,IAAI,CACT,wCAAwC,QAAQ,6CAA6C,CAC9F,CAAC;QACJ,CAAC,CACF,CAAC;KACH;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAxCD,4CAwCC;AAEM,KAAK,UAAU,6BAA6B,CACjD,MAAc,EACd,SAAqB,EACrB,MAAc;IAEd,MAAM,MAAM,GAAe,EAAE,CAAC;IAC9B,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,sBAAsB,EAAE,CAAC;IAC5D,KAAK,EAAE,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE;QACnC,MAAM,qBAAqB,GAAG,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAC7D,IAAI,qBAAqB,KAAK,SAAS,EAAE;YACvC,MAAM,CAAC,IAAI,CACT,GAAG,IAAI,6DAA6D,CACrE,CAAC;YACF,SAAS;SACV;QACD,IAAI,qBAAqB,CAAC,MAAM,KAAK,CAAC,EAAE;YACtC,MAAM,CAAC,IAAI,CACT,GAAG,IAAI,4DAA4D,CACpE,CAAC;YACF,SAAS;SACV;QACD,MAAM,SAAS,GAAG,qBAAqB,CAAC,CAAC,CAAC,CAAC;QAC3C,MAAM,gBAAgB,GACpB,SAAS,CAAC,iBAAiB,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,CAAC;QACnE,IAAI,gBAAgB,KAAK,SAAS,EAAE;YAClC,MAAM,CAAC,IAAI,CACT,GAAG,IAAI,uDAAuD,CAC/D,CAAC;YACF,SAAS;SACV;QACD,KAAK,MAAM,WAAW,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE;YACnD,IAAI,CAAC,CAAC,WAAW,IAAI,gBAAgB,CAAC,EAAE;gBACtC,MAAM,CAAC,IAAI,CACT,GAAG,IAAI,2CAA2C,WAAW,UAAU,CACxE,CAAC;gBACF,SAAS,KAAK,CAAC;aAChB;SACF;QACD,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACnB;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAzCD,sEAyCC;AAEM,KAAK,UAAU,iBAAiB,CACrC,UAA6C,EAC7C,MAAc;IAEd,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,GAAG,CAC7B,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACzC,IAAA,wBAAiB,EAAC,QAAQ,EAAE,MAAM,CAAC,CACpC,CACF,CAAC;IACF,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;AAC7D,CAAC;AAVD,8CAUC;AAED,KAAK,UAAU,QAAQ,CACrB,MAAc,EACd,QAAkB,EAClB,OAAe;IAEf,OAAO,GAAG,MAAM,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,GAAG,OAAO,EAAE,CAAC;AAC5D,CAAC;AAED,KAAK,UAAU,WAAW,CACxB,MAAc,EACd,QAAkB;IAElB,OAAO,eAAe,aAAa,IACjC,CAAC,MAAM,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,OAC9B,IAAI,QAAQ,GAAG,CAAC;AAClB,CAAC"}
--- a/lib/trap-caching.test.js
+++ b/lib/trap-caching.test.js
@@ -40,7 +40,7 @@ const util = __importStar(require("./util"));
 (0, testing_utils_1.setupTests)(ava_1.default);
 const stubCodeql = (0, codeql_1.setCodeQL)({
    async getVersion() {
-        return "2.10.3";
+        return (0, testing_utils_1.makeVersionInfo)("2.10.3");
    },
    async betterResolveLanguages() {
        return {
@@ -95,7 +95,6 @@ const testConfigWithoutTmpDir = {
    debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
    debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
    augmentationProperties: {
-        injectedMlQueries: false,
        packsInputCombines: false,
        queriesInputCombines: false,
    },
@@ -120,7 +119,6 @@ function getTestConfigWithTempDir(tmpDir) {
        debugArtifactName: util.DEFAULT_DEBUG_ARTIFACT_NAME,
        debugDatabaseName: util.DEFAULT_DEBUG_DATABASE_NAME,
        augmentationProperties: {
-            injectedMlQueries: false,
            packsInputCombines: false,
            queriesInputCombines: false,
        },
--- a/lib/trap-caching.test.js.map
+++ b/lib/trap-caching.test.js.map
--- a/lib/util.js
+++ b/lib/util.js
@@ -26,7 +26,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.checkDiskUsage = exports.prettyPrintPack = exports.getMlPoweredJsQueriesPack = exports.ML_POWERED_JS_QUERIES_PACK_NAME = exports.wrapError = exports.fixInvalidNotificationsInFile = exports.fixInvalidNotifications = exports.parseMatrixInput = exports.isHostedRunner = exports.checkForTimeout = exports.withTimeout = exports.tryGetFolderBytes = exports.listFolder = exports.doesDirectoryExist = exports.isInTestMode = exports.supportExpectDiscardedCache = exports.isGoodVersion = exports.delay = exports.bundleDb = exports.codeQlVersionAbove = exports.getCachedCodeQlVersion = exports.cacheCodeQlVersion = exports.isHTTPError = exports.UserError = exports.HTTPError = exports.getRequiredEnvParam = exports.initializeEnvironment = exports.assertNever = exports.apiVersionInRange = exports.DisallowedAPIVersionReason = exports.checkGitHubVersionInRange = exports.GitHubVariant = exports.parseGitHubUrl = exports.getCodeQLDatabasePath = exports.getThreadsFlag = exports.getThreadsFlagValue = exports.getAddSnippetsFlag = exports.getMemoryFlag = exports.getMemoryFlagValue = exports.getMemoryFlagValueForPlatform = exports.withTmpDir = exports.getToolNames = exports.getExtraOptionsEnvParam = exports.DEFAULT_DEBUG_DATABASE_NAME = exports.DEFAULT_DEBUG_ARTIFACT_NAME = exports.GITHUB_DOTCOM_URL = void 0;
+exports.checkDiskUsage = exports.prettyPrintPack = exports.wrapError = exports.fixInvalidNotificationsInFile = exports.fixInvalidNotifications = exports.parseMatrixInput = exports.isHostedRunner = exports.checkForTimeout = exports.withTimeout = exports.tryGetFolderBytes = exports.listFolder = exports.doesDirectoryExist = exports.isInTestMode = exports.supportExpectDiscardedCache = exports.isGoodVersion = exports.delay = exports.bundleDb = exports.codeQlVersionAbove = exports.getCachedCodeQlVersion = exports.cacheCodeQlVersion = exports.isHTTPError = exports.UserError = exports.HTTPError = exports.getRequiredEnvParam = exports.initializeEnvironment = exports.assertNever = exports.apiVersionInRange = exports.DisallowedAPIVersionReason = exports.checkGitHubVersionInRange = exports.GitHubVariant = exports.parseGitHubUrl = exports.getCodeQLDatabasePath = exports.getThreadsFlag = exports.getThreadsFlagValue = exports.getAddSnippetsFlag = exports.getMemoryFlag = exports.getMemoryFlagValue = exports.getMemoryFlagValueForPlatform = exports.withTmpDir = exports.getToolNames = exports.getExtraOptionsEnvParam = exports.DEFAULT_DEBUG_DATABASE_NAME = exports.DEFAULT_DEBUG_ARTIFACT_NAME = exports.GITHUB_DOTCOM_URL = void 0;
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
@@ -189,6 +189,11 @@ function getCgroupMemoryLimitBytes(limitFile, logger) {
        return undefined;
    }
    const displayLimit = `${Math.floor(limit / (1024 * 1024))} MiB`;
+    if (limit > os.totalmem()) {
+        logger.debug(`While resolving RAM, ignored the file ${limitFile} that may contain a cgroup memory limit as ` +
+            `its contents ${displayLimit} were greater than the total amount of system memory.`);
+        return undefined;
+    }
    if (limit < MINIMUM_CGROUP_MEMORY_LIMIT_BYTES) {
        logger.info(`While resolving RAM, ignored a cgroup limit of ${displayLimit} in ${limitFile} as it was below ${MINIMUM_CGROUP_MEMORY_LIMIT_BYTES / (1024 * 1024)} MiB.`);
        return undefined;
@@ -436,7 +441,7 @@ function getCachedCodeQlVersion() {
 }
 exports.getCachedCodeQlVersion = getCachedCodeQlVersion;
 async function codeQlVersionAbove(codeql, requiredVersion) {
-    return semver.gte(await codeql.getVersion(), requiredVersion);
+    return semver.gte((await codeql.getVersion()).version, requiredVersion);
 }
 exports.codeQlVersionAbove = codeQlVersionAbove;
 // Create a bundle for the given DB, if it doesn't already exist
@@ -714,25 +719,6 @@ function wrapError(error) {
    return error instanceof Error ? error : new Error(String(error));
 }
 exports.wrapError = wrapError;
-exports.ML_POWERED_JS_QUERIES_PACK_NAME = "codeql/javascript-experimental-atm-queries";
-/**
- * Gets the ML-powered JS query pack to add to the analysis if a repo is opted into the ML-powered
- * queries beta.
- */
-async function getMlPoweredJsQueriesPack(codeQL) {
-    let version;
-    if (await codeQlVersionAbove(codeQL, "2.11.3")) {
-        version = "~0.4.0";
-    }
-    else {
-        version = `~0.3.0`;
-    }
-    return prettyPrintPack({
-        name: exports.ML_POWERED_JS_QUERIES_PACK_NAME,
-        version,
-    });
-}
-exports.getMlPoweredJsQueriesPack = getMlPoweredJsQueriesPack;
 function prettyPrintPack(pack) {
    return `${pack.name}${pack.version ? `@${pack.version}` : ""}${pack.path ? `:${pack.path}` : ""}`;
 }
--- a/lib/util.js.map
+++ b/lib/util.js.map
--- a/lib/workflow.js
+++ b/lib/workflow.js
@@ -78,11 +78,57 @@ exports.WorkflowErrors = toCodedErrors({
    MissingPushHook: `Please specify an on.push hook to analyze and see code scanning alerts from the default branch on the Security tab.`,
    CheckoutWrongHead: `git checkout HEAD^2 is no longer necessary. Please remove this step as Code Scanning recommends analyzing the merge commit for best results.`,
 });
-function getWorkflowErrors(doc) {
+/**
+ * Groups the given list of CodeQL languages by their extractor name.
+ *
+ * Resolves to `undefined` if the CodeQL version does not support language aliasing.
+ */
+async function groupLanguagesByExtractor(languages, codeql) {
+    const resolveResult = await codeql.betterResolveLanguages();
+    if (!resolveResult.aliases) {
+        return undefined;
+    }
+    const aliases = resolveResult.aliases;
+    const languagesByExtractor = {};
+    for (const language of languages) {
+        const extractorName = aliases[language] || language;
+        if (!languagesByExtractor[extractorName]) {
+            languagesByExtractor[extractorName] = [];
+        }
+        languagesByExtractor[extractorName].push(language);
+    }
+    return languagesByExtractor;
+}
+async function getWorkflowErrors(doc, codeql) {
    const errors = [];
    const jobName = process.env.GITHUB_JOB;
    if (jobName) {
        const job = doc?.jobs?.[jobName];
+        if (job?.strategy?.matrix?.language) {
+            const matrixLanguages = job.strategy.matrix.language;
+            if (Array.isArray(matrixLanguages)) {
+                // Map extractors to entries in the `language` matrix parameter. This will allow us to
+                // detect languages which are analyzed in more than one job.
+                const matrixLanguagesByExtractor = await groupLanguagesByExtractor(matrixLanguages, codeql);
+                // If the CodeQL version does not support language aliasing, then `matrixLanguagesByExtractor`
+                // will be `undefined`. In this case, we cannot detect duplicate languages in the matrix.
+                if (matrixLanguagesByExtractor !== undefined) {
+                    // Check for duplicate languages in the matrix
+                    for (const [extractor, languages] of Object.entries(matrixLanguagesByExtractor)) {
+                        if (languages.length > 1) {
+                            errors.push({
+                                message: `CodeQL language '${extractor}' is referenced by more than one entry in the ` +
+                                    `'language' matrix parameter for job '${jobName}'. This may result in duplicate alerts. ` +
+                                    `Please edit the 'language' matrix parameter to keep only one of the following: ${languages
+                                        .map((language) => `'${language}'`)
+                                        .join(", ")}.`,
+                                code: "DuplicateLanguageInMatrix",
+                            });
+                        }
+                    }
+                }
+            }
+        }
        const steps = job?.steps;
        if (Array.isArray(steps)) {
            for (const step of steps) {
@@ -127,7 +173,7 @@ function getWorkflowErrors(doc) {
    return errors;
 }
 exports.getWorkflowErrors = getWorkflowErrors;
-async function validateWorkflow(logger) {
+async function validateWorkflow(codeql, logger) {
    let workflow;
    try {
        workflow = await getWorkflow(logger);
@@ -137,7 +183,7 @@ async function validateWorkflow(logger) {
    }
    let workflowErrors;
    try {
-        workflowErrors = getWorkflowErrors(workflow);
+        workflowErrors = await getWorkflowErrors(workflow, codeql);
    }
    catch (e) {
        return `error: getWorkflowErrors() failed: ${String(e)}`;
--- a/lib/workflow.js.map
+++ b/lib/workflow.js.map
--- a/lib/workflow.test.js
+++ b/lib/workflow.test.js
@@ -28,119 +28,114 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const ava_1 = __importDefault(require("ava"));
 const yaml = __importStar(require("js-yaml"));
+const sinon = __importStar(require("sinon"));
+const codeql_1 = require("./codeql");
 const testing_utils_1 = require("./testing-utils");
 const workflow_1 = require("./workflow");
 function errorCodes(actual, expected) {
    return [actual.map(({ code }) => code), expected.map(({ code }) => code)];
 }
 (0, testing_utils_1.setupTests)(ava_1.default);
-(0, ava_1.default)("getWorkflowErrors() when on is empty", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)({ on: {} });
+(0, ava_1.default)("getWorkflowErrors() when on is empty", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)({ on: {} }, await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() when on.push is an array missing pull_request", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)({ on: ["push"] });
+(0, ava_1.default)("getWorkflowErrors() when on.push is an array missing pull_request", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)({ on: ["push"] }, await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() when on.push is an array missing push", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)({ on: ["pull_request"] });
+(0, ava_1.default)("getWorkflowErrors() when on.push is an array missing push", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)({ on: ["pull_request"] }, await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, [workflow_1.WorkflowErrors.MissingPushHook]));
 });
-(0, ava_1.default)("getWorkflowErrors() when on.push is valid", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)({
+(0, ava_1.default)("getWorkflowErrors() when on.push is valid", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)({
        on: ["push", "pull_request"],
-    });
+    }, await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() when on.push is a valid superset", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)({
+(0, ava_1.default)("getWorkflowErrors() when on.push is a valid superset", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)({
        on: ["push", "pull_request", "schedule"],
-    });
+    }, await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() when on.push is a correct object", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)({
-        on: { push: { branches: ["main"] }, pull_request: { branches: ["main"] } },
-    });
+(0, ava_1.default)("getWorkflowErrors() when on.push is a correct object", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)({
+        on: {
+            push: { branches: ["main"] },
+            pull_request: { branches: ["main"] },
+        },
+    }, await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() when on.pull_requests is a string and correct", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)({
+(0, ava_1.default)("getWorkflowErrors() when on.pull_requests is a string and correct", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)({
        on: { push: { branches: "*" }, pull_request: { branches: "*" } },
-    });
+    }, await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() when on.push is correct with empty objects", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)(yaml.load(`
+(0, ava_1.default)("getWorkflowErrors() when on.push is correct with empty objects", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)(yaml.load(`
  on:
    push:
    pull_request:
-  `));
+  `), await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() when on.push is not mismatched", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)({
+(0, ava_1.default)("getWorkflowErrors() when on.push is not mismatched", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)({
        on: {
            push: { branches: ["main", "feature"] },
            pull_request: { branches: ["main"] },
        },
-    });
+    }, await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() for a range of malformed workflows", (t) => {
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)({
+(0, ava_1.default)("getWorkflowErrors() for a range of malformed workflows", async (t) => {
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: {
            push: 1,
            pull_request: 1,
        },
-    }), []));
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)({
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: 1,
-    }), []));
-    t.deepEqual(...errorCodes(
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
-    (0, workflow_1.getWorkflowErrors)({
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: 1,
        jobs: 1,
-    }), []));
-    t.deepEqual(...errorCodes(
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
-    (0, workflow_1.getWorkflowErrors)({
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: 1,
        jobs: [1],
-    }), []));
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)({
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: 1,
        jobs: { 1: 1 },
-    }), []));
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)({
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: 1,
        jobs: { test: 1 },
-    }), []));
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)({
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: 1,
        jobs: { test: [1] },
-    }), []));
-    t.deepEqual(...errorCodes(
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
-    (0, workflow_1.getWorkflowErrors)({
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: 1,
        jobs: { test: { steps: 1 } },
-    }), []));
-    t.deepEqual(...errorCodes(
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
-    (0, workflow_1.getWorkflowErrors)({
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: 1,
        jobs: { test: { steps: [{ notrun: "git checkout HEAD^2" }] } },
-    }), []));
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)({
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: 1,
        jobs: { test: [undefined] },
-    }), []));
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)(1), []));
-    t.deepEqual(...errorCodes(
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
-    (0, workflow_1.getWorkflowErrors)({
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)(1, await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)({
        on: {
            push: {
                branches: 1,
@@ -149,25 +144,86 @@ function errorCodes(actual, expected) {
                branches: 1,
            },
        },
-    }), []));
+    }, await (0, codeql_1.getCodeQLForTesting)()), []));
 });
-(0, ava_1.default)("getWorkflowErrors() when on.pull_request for wildcard branches", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)({
+(0, ava_1.default)("getWorkflowErrors() when on.pull_request for wildcard branches", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)({
        on: {
            push: { branches: ["feature/*"] },
            pull_request: { branches: "feature/moose" },
        },
-    });
+    }, await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() when HEAD^2 is checked out", (t) => {
+(0, ava_1.default)("getWorkflowErrors() when HEAD^2 is checked out", async (t) => {
    process.env.GITHUB_JOB = "test";
-    const errors = (0, workflow_1.getWorkflowErrors)({
+    const errors = await (0, workflow_1.getWorkflowErrors)({
        on: ["push", "pull_request"],
        jobs: { test: { steps: [{ run: "git checkout HEAD^2" }] } },
-    });
+    }, await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, [workflow_1.WorkflowErrors.CheckoutWrongHead]));
 });
+(0, ava_1.default)("getWorkflowErrors() produces an error for workflow with language name and its alias", async (t) => {
+    await testLanguageAliases(t, ["java", "kotlin"], { java: ["java-kotlin", "kotlin"] }, [
+        "CodeQL language 'java' is referenced by more than one entry in the 'language' matrix " +
+            "parameter for job 'test'. This may result in duplicate alerts. Please edit the 'language' " +
+            "matrix parameter to keep only one of the following: 'java', 'kotlin'.",
+    ]);
+});
+(0, ava_1.default)("getWorkflowErrors() produces an error for workflow with two aliases same language", async (t) => {
+    await testLanguageAliases(t, ["java-kotlin", "kotlin"], { java: ["java-kotlin", "kotlin"] }, [
+        "CodeQL language 'java' is referenced by more than one entry in the 'language' matrix " +
+            "parameter for job 'test'. This may result in duplicate alerts. Please edit the 'language' " +
+            "matrix parameter to keep only one of the following: 'java-kotlin', 'kotlin'.",
+    ]);
+});
+(0, ava_1.default)("getWorkflowErrors() does not produce an error for workflow with two distinct languages", async (t) => {
+    await testLanguageAliases(t, ["java", "typescript"], {
+        java: ["java-kotlin", "kotlin"],
+        javascript: ["javascript-typescript", "typescript"],
+    }, []);
+});
+(0, ava_1.default)("getWorkflowErrors() does not produce an error if codeql doesn't support language aliases", async (t) => {
+    await testLanguageAliases(t, ["java-kotlin", "kotlin"], undefined, []);
+});
+async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMessages) {
+    process.env.GITHUB_JOB = "test";
+    const codeql = await (0, codeql_1.getCodeQLForTesting)();
+    sinon.stub(codeql, "betterResolveLanguages").resolves({
+        aliases: aliases !== undefined
+            ? // Remap from languageName -> aliases to alias -> languageName
+                Object.assign({}, ...Object.entries(aliases).flatMap(([language, languageAliases]) => languageAliases.map((alias) => ({
+                    [alias]: language,
+                }))))
+            : undefined,
+        extractors: {
+            java: [
+                {
+                    extractor_root: "",
+                },
+            ],
+        },
+    });
+    const errors = await (0, workflow_1.getWorkflowErrors)({
+        on: ["push", "pull_request"],
+        jobs: {
+            test: {
+                strategy: {
+                    matrix: {
+                        language: matrixLanguages,
+                    },
+                },
+                steps: [
+                    { uses: "actions/checkout@v2" },
+                    { uses: "github/codeql-action/init@v2" },
+                    { uses: "github/codeql-action/analyze@v2" },
+                ],
+            },
+        },
+    }, codeql);
+    t.is(errors.length, expectedErrorMessages.length);
+    t.deepEqual(errors.map((e) => e.message), expectedErrorMessages);
+}
 (0, ava_1.default)("formatWorkflowErrors() when there is one error", (t) => {
    const message = (0, workflow_1.formatWorkflowErrors)([workflow_1.WorkflowErrors.CheckoutWrongHead]);
    t.true(message.startsWith("1 issue was detected with this workflow:"));
@@ -213,19 +269,19 @@ function errorCodes(actual, expected) {
    t.true((0, workflow_1.patternIsSuperset)("/robin/*/release/*", "/robin/moose/release/goose"));
    t.false((0, workflow_1.patternIsSuperset)("/robin/moose/release/goose", "/robin/*/release/*"));
 });
-(0, ava_1.default)("getWorkflowErrors() when branches contain dots", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)(yaml.load(`
+(0, ava_1.default)("getWorkflowErrors() when branches contain dots", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)(yaml.load(`
    on:
      push:
        branches: [4.1, master]
      pull_request:
        # The branches below must be a subset of the branches above
        branches: [4.1, master]
-  `));
+  `), await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() when on.push has a trailing comma", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)(yaml.load(`
+(0, ava_1.default)("getWorkflowErrors() when on.push has a trailing comma", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)(yaml.load(`
  name: "CodeQL"
  on:
    push:
@@ -233,12 +289,12 @@ function errorCodes(actual, expected) {
    pull_request:
      # The branches below must be a subset of the branches above
      branches: [master]
-  `));
+  `), await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() should only report the current job's CheckoutWrongHead", (t) => {
+(0, ava_1.default)("getWorkflowErrors() should only report the current job's CheckoutWrongHead", async (t) => {
    process.env.GITHUB_JOB = "test";
-    const errors = (0, workflow_1.getWorkflowErrors)(yaml.load(`
+    const errors = await (0, workflow_1.getWorkflowErrors)(yaml.load(`
  name: "CodeQL"
  on:
    push:
@@ -257,12 +313,12 @@ function errorCodes(actual, expected) {
  
    test3:
      steps: []
-  `));
+  `), await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, [workflow_1.WorkflowErrors.CheckoutWrongHead]));
 });
-(0, ava_1.default)("getWorkflowErrors() should not report a different job's CheckoutWrongHead", (t) => {
+(0, ava_1.default)("getWorkflowErrors() should not report a different job's CheckoutWrongHead", async (t) => {
    process.env.GITHUB_JOB = "test3";
-    const errors = (0, workflow_1.getWorkflowErrors)(yaml.load(`
+    const errors = await (0, workflow_1.getWorkflowErrors)(yaml.load(`
  name: "CodeQL"
  on:
    push:
@@ -281,41 +337,41 @@ function errorCodes(actual, expected) {
  
    test3:
      steps: []
-  `));
+  `), await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() when on is missing", (t) => {
-    const errors = (0, workflow_1.getWorkflowErrors)(yaml.load(`
+(0, ava_1.default)("getWorkflowErrors() when on is missing", async (t) => {
+    const errors = await (0, workflow_1.getWorkflowErrors)(yaml.load(`
  name: "CodeQL"
-  `));
+  `), await (0, codeql_1.getCodeQLForTesting)());
    t.deepEqual(...errorCodes(errors, []));
 });
-(0, ava_1.default)("getWorkflowErrors() with a different on setup", (t) => {
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)(yaml.load(`
+(0, ava_1.default)("getWorkflowErrors() with a different on setup", async (t) => {
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)(yaml.load(`
  name: "CodeQL"
  on: "workflow_dispatch"
-  `)), []));
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)(yaml.load(`
+  `), await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)(yaml.load(`
  name: "CodeQL"
  on: [workflow_dispatch]
-  `)), []));
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)(yaml.load(`
+  `), await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)(yaml.load(`
  name: "CodeQL"
  on:
    workflow_dispatch: {}
-  `)), []));
+  `), await (0, codeql_1.getCodeQLForTesting)()), []));
 });
-(0, ava_1.default)("getWorkflowErrors() should not report an error if PRs are totally unconfigured", (t) => {
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)(yaml.load(`
+(0, ava_1.default)("getWorkflowErrors() should not report an error if PRs are totally unconfigured", async (t) => {
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)(yaml.load(`
  name: "CodeQL"
  on:
    push:
      branches: [master]
-  `)), []));
-    t.deepEqual(...errorCodes((0, workflow_1.getWorkflowErrors)(yaml.load(`
+  `), await (0, codeql_1.getCodeQLForTesting)()), []));
+    t.deepEqual(...errorCodes(await (0, workflow_1.getWorkflowErrors)(yaml.load(`
  name: "CodeQL"
  on: ["push"]
-  `)), []));
+  `), await (0, codeql_1.getCodeQLForTesting)()), []));
 });
 (0, ava_1.default)("getCategoryInputOrThrow returns category for simple workflow with category", (t) => {
    process.env["GITHUB_REPOSITORY"] = "github/codeql-action-fake-repository";
--- a/lib/workflow.test.js.map
+++ b/lib/workflow.test.js.map
--- a/node_modules/.package-lock.json
+++ b/node_modules/.package-lock.json
@@ -1,6 +1,6 @@
 {
  "name": "codeql",
-  "version": "2.21.9",
+  "version": "2.22.1",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
@@ -448,9 +448,9 @@
      }
    },
    "node_modules/@eslint/js": {
-      "version": "8.49.0",
-      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.49.0.tgz",
-      "integrity": "sha512-1S8uAY/MTJqVx0SC4epBq+N2yhuwtNwLbJYNZyhL2pO1ZVKn5HFXav5T41Ryzy9K9V7ZId2JB2oy/W4aCd9/2w==",
+      "version": "8.50.0",
+      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.50.0.tgz",
+      "integrity": "sha512-NCC3zz2+nvYd+Ckfh87rA47zfu2QsQpvc6k1yzTk+b9KzRj0wkGa8LSoGOXN6Zv4lRf/EIoZ80biDh9HOI+RNQ==",
      "dev": true,
      "engines": {
        "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@@ -762,13 +762,18 @@
      }
    },
    "node_modules/@octokit/types": {
-      "version": "11.1.0",
-      "resolved": "https://registry.npmjs.org/@octokit/types/-/types-11.1.0.tgz",
-      "integrity": "sha512-Fz0+7GyLm/bHt8fwEqgvRBWwIV1S6wRRyq+V6exRKLVWaKGsuy6H9QFYeBVDV7rK6fO3XwHgQOPxv+cLj2zpXQ==",
+      "version": "12.0.0",
+      "resolved": "https://registry.npmjs.org/@octokit/types/-/types-12.0.0.tgz",
+      "integrity": "sha512-EzD434aHTFifGudYAygnFlS1Tl6KhbTynEWELQXIbTY8Msvb5nEqTZIm7sbPEt4mQYLZwu3zPKVdeIrw0g7ovg==",
      "dependencies": {
-        "@octokit/openapi-types": "^18.0.0"
+        "@octokit/openapi-types": "^19.0.0"
      }
    },
+    "node_modules/@octokit/types/node_modules/@octokit/openapi-types": {
+      "version": "19.0.0",
+      "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-19.0.0.tgz",
+      "integrity": "sha512-PclQ6JGMTE9iUStpzMkwLCISFn/wDeRjkZFIKALpvJQNBGwDoYYi2fFvuHwssoQ1rXI5mfh6jgTgWuddeUzfWw=="
+    },
    "node_modules/@opentelemetry/api": {
      "version": "1.4.1",
      "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.4.1.tgz",
@@ -835,9 +840,9 @@
      "dev": true
    },
    "node_modules/@types/adm-zip": {
-      "version": "0.5.1",
-      "resolved": "https://registry.npmjs.org/@types/adm-zip/-/adm-zip-0.5.1.tgz",
-      "integrity": "sha512-3+psmbh60N5JXM2LMkujFqnjMf3KB0LZoIQO73NJvkv57q+384nK/A7pP0v+ZkB/Zrfqn+5xtAyt5OsY+GiYLQ==",
+      "version": "0.5.2",
+      "resolved": "https://registry.npmjs.org/@types/adm-zip/-/adm-zip-0.5.2.tgz",
+      "integrity": "sha512-33OTTnnW3onOE6HJuoqsi7T7Ojupz7zO/Vs5ddRNVCYQnu4lg05RqH/pr9eidHGvGyYfdO4uPO9cvegAMixBCQ==",
      "dev": true,
      "dependencies": {
        "@types/node": "*"
@@ -900,15 +905,15 @@
      }
    },
    "node_modules/@types/semver": {
-      "version": "7.5.2",
-      "resolved": "https://registry.npmjs.org/@types/semver/-/semver-7.5.2.tgz",
-      "integrity": "sha512-7aqorHYgdNO4DM36stTiGO3DvKoex9TQRwsJU6vMaFGyqpBA1MNZkz+PG3gaNUPpTAOYhT1WR7M1JyA3fbS9Cw==",
+      "version": "7.5.3",
+      "resolved": "https://registry.npmjs.org/@types/semver/-/semver-7.5.3.tgz",
+      "integrity": "sha512-OxepLK9EuNEIPxWNME+C6WwbRAOOI2o2BaQEGzz5Lu2e4Z5eDnEo+/aVEDMIXywoJitJ7xWd641wrGLZdtwRyw==",
      "dev": true
    },
    "node_modules/@types/sinon": {
-      "version": "10.0.16",
-      "resolved": "https://registry.npmjs.org/@types/sinon/-/sinon-10.0.16.tgz",
-      "integrity": "sha512-j2Du5SYpXZjJVJtXBokASpPRj+e2z+VUhCPHmM6WMfe3dpHu6iVKJMU6AiBcMp/XTAYnEj6Wc1trJUWwZ0QaAQ==",
+      "version": "10.0.17",
+      "resolved": "https://registry.npmjs.org/@types/sinon/-/sinon-10.0.17.tgz",
+      "integrity": "sha512-+6ILpcixQ0Ma3dHMTLv4rSycbDXkDljgKL+E0nI2RUxxhYTFyPSjt6RVMxh7jUshvyVcBvicb0Ktj+lAJcjgeA==",
      "dev": true,
      "dependencies": {
        "@types/sinonjs__fake-timers": "*"
@@ -934,16 +939,16 @@
      "integrity": "sha512-zAuJWQflfx6dYJM62vna+Sn5aeSWhh3OB+wfUEACNcqUSc0AGc5JKl+ycL1vrH7frGTXhJchYjE1Hak8L819dA=="
    },
    "node_modules/@typescript-eslint/eslint-plugin": {
-      "version": "6.7.2",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.7.2.tgz",
-      "integrity": "sha512-ooaHxlmSgZTM6CHYAFRlifqh1OAr3PAQEwi7lhYhaegbnXrnh7CDcHmc3+ihhbQC7H0i4JF0psI5ehzkF6Yl6Q==",
+      "version": "6.7.3",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.7.3.tgz",
+      "integrity": "sha512-vntq452UHNltxsaaN+L9WyuMch8bMd9CqJ3zhzTPXXidwbf5mqqKCVXEuvRZUqLJSTLeWE65lQwyXsRGnXkCTA==",
      "dev": true,
      "dependencies": {
        "@eslint-community/regexpp": "^4.5.1",
-        "@typescript-eslint/scope-manager": "6.7.2",
-        "@typescript-eslint/type-utils": "6.7.2",
-        "@typescript-eslint/utils": "6.7.2",
-        "@typescript-eslint/visitor-keys": "6.7.2",
+        "@typescript-eslint/scope-manager": "6.7.3",
+        "@typescript-eslint/type-utils": "6.7.3",
+        "@typescript-eslint/utils": "6.7.3",
+        "@typescript-eslint/visitor-keys": "6.7.3",
        "debug": "^4.3.4",
        "graphemer": "^1.4.0",
        "ignore": "^5.2.4",
@@ -969,15 +974,15 @@
      }
    },
    "node_modules/@typescript-eslint/parser": {
-      "version": "6.7.2",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.7.2.tgz",
-      "integrity": "sha512-KA3E4ox0ws+SPyxQf9iSI25R6b4Ne78ORhNHeVKrPQnoYsb9UhieoiRoJgrzgEeKGOXhcY1i8YtOeCHHTDa6Fw==",
+      "version": "6.7.3",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.7.3.tgz",
+      "integrity": "sha512-TlutE+iep2o7R8Lf+yoer3zU6/0EAUc8QIBB3GYBc1KGz4c4TRm83xwXUZVPlZ6YCLss4r77jbu6j3sendJoiQ==",
      "dev": true,
      "dependencies": {
-        "@typescript-eslint/scope-manager": "6.7.2",
-        "@typescript-eslint/types": "6.7.2",
-        "@typescript-eslint/typescript-estree": "6.7.2",
-        "@typescript-eslint/visitor-keys": "6.7.2",
+        "@typescript-eslint/scope-manager": "6.7.3",
+        "@typescript-eslint/types": "6.7.3",
+        "@typescript-eslint/typescript-estree": "6.7.3",
+        "@typescript-eslint/visitor-keys": "6.7.3",
        "debug": "^4.3.4"
      },
      "engines": {
@@ -997,13 +1002,13 @@
      }
    },
    "node_modules/@typescript-eslint/scope-manager": {
-      "version": "6.7.2",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.7.2.tgz",
-      "integrity": "sha512-bgi6plgyZjEqapr7u2mhxGR6E8WCzKNUFWNh6fkpVe9+yzRZeYtDTbsIBzKbcxI+r1qVWt6VIoMSNZ4r2A+6Yw==",
+      "version": "6.7.3",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.7.3.tgz",
+      "integrity": "sha512-wOlo0QnEou9cHO2TdkJmzF7DFGvAKEnB82PuPNHpT8ZKKaZu6Bm63ugOTn9fXNJtvuDPanBc78lGUGGytJoVzQ==",
      "dev": true,
      "dependencies": {
-        "@typescript-eslint/types": "6.7.2",
-        "@typescript-eslint/visitor-keys": "6.7.2"
+        "@typescript-eslint/types": "6.7.3",
+        "@typescript-eslint/visitor-keys": "6.7.3"
      },
      "engines": {
        "node": "^16.0.0 || >=18.0.0"
@@ -1014,13 +1019,13 @@
      }
    },
    "node_modules/@typescript-eslint/type-utils": {
-      "version": "6.7.2",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.7.2.tgz",
-      "integrity": "sha512-36F4fOYIROYRl0qj95dYKx6kybddLtsbmPIYNK0OBeXv2j9L5nZ17j9jmfy+bIDHKQgn2EZX+cofsqi8NPATBQ==",
+      "version": "6.7.3",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.7.3.tgz",
+      "integrity": "sha512-Fc68K0aTDrKIBvLnKTZ5Pf3MXK495YErrbHb1R6aTpfK5OdSFj0rVN7ib6Tx6ePrZ2gsjLqr0s98NG7l96KSQw==",
      "dev": true,
      "dependencies": {
-        "@typescript-eslint/typescript-estree": "6.7.2",
-        "@typescript-eslint/utils": "6.7.2",
+        "@typescript-eslint/typescript-estree": "6.7.3",
+        "@typescript-eslint/utils": "6.7.3",
        "debug": "^4.3.4",
        "ts-api-utils": "^1.0.1"
      },
@@ -1041,9 +1046,9 @@
      }
    },
    "node_modules/@typescript-eslint/types": {
-      "version": "6.7.2",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.7.2.tgz",
-      "integrity": "sha512-flJYwMYgnUNDAN9/GAI3l8+wTmvTYdv64fcH8aoJK76Y+1FCZ08RtI5zDerM/FYT5DMkAc+19E4aLmd5KqdFyg==",
+      "version": "6.7.3",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.7.3.tgz",
+      "integrity": "sha512-4g+de6roB2NFcfkZb439tigpAMnvEIg3rIjWQ+EM7IBaYt/CdJt6em9BJ4h4UpdgaBWdmx2iWsafHTrqmgIPNw==",
      "dev": true,
      "engines": {
        "node": "^16.0.0 || >=18.0.0"
@@ -1054,13 +1059,13 @@
      }
    },
    "node_modules/@typescript-eslint/typescript-estree": {
-      "version": "6.7.2",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.7.2.tgz",
-      "integrity": "sha512-kiJKVMLkoSciGyFU0TOY0fRxnp9qq1AzVOHNeN1+B9erKFCJ4Z8WdjAkKQPP+b1pWStGFqezMLltxO+308dJTQ==",
+      "version": "6.7.3",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.7.3.tgz",
+      "integrity": "sha512-YLQ3tJoS4VxLFYHTw21oe1/vIZPRqAO91z6Uv0Ss2BKm/Ag7/RVQBcXTGcXhgJMdA4U+HrKuY5gWlJlvoaKZ5g==",
      "dev": true,
      "dependencies": {
-        "@typescript-eslint/types": "6.7.2",
-        "@typescript-eslint/visitor-keys": "6.7.2",
+        "@typescript-eslint/types": "6.7.3",
+        "@typescript-eslint/visitor-keys": "6.7.3",
        "debug": "^4.3.4",
        "globby": "^11.1.0",
        "is-glob": "^4.0.3",
@@ -1081,17 +1086,17 @@
      }
    },
    "node_modules/@typescript-eslint/utils": {
-      "version": "6.7.2",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.7.2.tgz",
-      "integrity": "sha512-ZCcBJug/TS6fXRTsoTkgnsvyWSiXwMNiPzBUani7hDidBdj1779qwM1FIAmpH4lvlOZNF3EScsxxuGifjpLSWQ==",
+      "version": "6.7.3",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.7.3.tgz",
+      "integrity": "sha512-vzLkVder21GpWRrmSR9JxGZ5+ibIUSudXlW52qeKpzUEQhRSmyZiVDDj3crAth7+5tmN1ulvgKaCU2f/bPRCzg==",
      "dev": true,
      "dependencies": {
        "@eslint-community/eslint-utils": "^4.4.0",
        "@types/json-schema": "^7.0.12",
        "@types/semver": "^7.5.0",
-        "@typescript-eslint/scope-manager": "6.7.2",
-        "@typescript-eslint/types": "6.7.2",
-        "@typescript-eslint/typescript-estree": "6.7.2",
+        "@typescript-eslint/scope-manager": "6.7.3",
+        "@typescript-eslint/types": "6.7.3",
+        "@typescript-eslint/typescript-estree": "6.7.3",
        "semver": "^7.5.4"
      },
      "engines": {
@@ -1106,12 +1111,12 @@
      }
    },
    "node_modules/@typescript-eslint/visitor-keys": {
-      "version": "6.7.2",
-      "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.7.2.tgz",
-      "integrity": "sha512-uVw9VIMFBUTz8rIeaUT3fFe8xIUx8r4ywAdlQv1ifH+6acn/XF8Y6rwJ7XNmkNMDrTW+7+vxFFPIF40nJCVsMQ==",
+      "version": "6.7.3",
+      "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.7.3.tgz",
+      "integrity": "sha512-HEVXkU9IB+nk9o63CeICMHxFWbHWr3E1mpilIQBe9+7L/lH97rleFLVtYsfnWB+JVMaiFnEaxvknvmIzX+CqVg==",
      "dev": true,
      "dependencies": {
-        "@typescript-eslint/types": "6.7.2",
+        "@typescript-eslint/types": "6.7.3",
        "eslint-visitor-keys": "^3.4.1"
      },
      "engines": {
@@ -2465,15 +2470,15 @@
      }
    },
    "node_modules/eslint": {
-      "version": "8.49.0",
-      "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.49.0.tgz",
-      "integrity": "sha512-jw03ENfm6VJI0jA9U+8H5zfl5b+FvuU3YYvZRdZHOlU2ggJkxrlkJH4HcDrZpj6YwD8kuYqvQM8LyesoazrSOQ==",
+      "version": "8.50.0",
+      "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.50.0.tgz",
+      "integrity": "sha512-FOnOGSuFuFLv/Sa+FDVRZl4GGVAAFFi8LecRsI5a1tMO5HIE8nCm4ivAlzt4dT3ol/PaaGC0rJEEXQmHJBGoOg==",
      "dev": true,
      "dependencies": {
        "@eslint-community/eslint-utils": "^4.2.0",
        "@eslint-community/regexpp": "^4.6.1",
        "@eslint/eslintrc": "^2.1.2",
-        "@eslint/js": "8.49.0",
+        "@eslint/js": "8.50.0",
        "@humanwhocodes/config-array": "^0.11.11",
        "@humanwhocodes/module-importer": "^1.0.1",
        "@nodelib/fs.walk": "^1.2.8",
@@ -2551,9 +2556,9 @@
      }
    },
    "node_modules/eslint-import-resolver-typescript": {
-      "version": "3.6.0",
-      "resolved": "https://registry.npmjs.org/eslint-import-resolver-typescript/-/eslint-import-resolver-typescript-3.6.0.tgz",
-      "integrity": "sha512-QTHR9ddNnn35RTxlaEnx2gCxqFlF2SEN0SE2d17SqwyM7YOSI2GHWRYp5BiRkObTUNYPupC/3Fq2a0PpT+EKpg==",
+      "version": "3.6.1",
+      "resolved": "https://registry.npmjs.org/eslint-import-resolver-typescript/-/eslint-import-resolver-typescript-3.6.1.tgz",
+      "integrity": "sha512-xgdptdoi5W3niYeuQxKmzVDTATvLYqhpwmykwsh7f6HIOStGWEIL9iqZgQDF9u9OEzrRwR8no5q2VT+bjAujTg==",
      "dev": true,
      "dependencies": {
        "debug": "^4.3.4",
@@ -2646,9 +2651,9 @@
      }
    },
    "node_modules/eslint-plugin-github": {
-      "version": "4.10.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-4.10.0.tgz",
-      "integrity": "sha512-YKtqBtFbjih1wZNTwZjtLPEG6B/4ySMa38fgOo/rbMJpNKO3+OaKzwwOYkeKx/FapM/4MsTP9ExqUcDV+dkixA==",
+      "version": "4.10.1",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-github/-/eslint-plugin-github-4.10.1.tgz",
+      "integrity": "sha512-1AqQBockOM+m0ZUpwfjWtX0lWdX5cRi/hwJnSNvXoOmz/Hh+ULH6QFz6ENWueTWjoWpgPv0af3bj+snps6o4og==",
      "dev": true,
      "dependencies": {
        "@github/browserslist-config": "^1.0.0",
--- a/node_modules/@eslint/js/package.json
+++ b/node_modules/@eslint/js/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@eslint/js",
-  "version": "8.49.0",
+  "version": "8.50.0",
  "description": "ESLint JavaScript language implementation",
  "main": "./src/index.js",
  "scripts": {},
--- a/node_modules/@eslint/js/src/configs/eslint-all.js
+++ b/node_modules/@eslint/js/src/configs/eslint-all.js
@@ -152,11 +152,11 @@ module.exports = Object.freeze({
        "no-new": "error",
        "no-new-func": "error",
        "no-new-native-nonconstructor": "error",
-        "no-new-object": "error",
        "no-new-symbol": "error",
        "no-new-wrappers": "error",
        "no-nonoctal-decimal-escape": "error",
        "no-obj-calls": "error",
+        "no-object-constructor": "error",
        "no-octal": "error",
        "no-octal-escape": "error",
        "no-param-reassign": "error",
--- a/node_modules/@octokit/types/dist-types/VERSION.d.ts
+++ b/node_modules/@octokit/types/dist-types/VERSION.d.ts
@@ -1 +1 @@
-export declare const VERSION = "11.1.0";
+export declare const VERSION = "12.0.0";
--- a/node_modules/@octokit/types/dist-types/generated/Endpoints.d.ts
+++ b/node_modules/@octokit/types/dist-types/generated/Endpoints.d.ts
--- a/node_modules/@octokit/types/node_modules/@octokit/openapi-types/LICENSE
+++ b/node_modules/@octokit/types/node_modules/@octokit/openapi-types/LICENSE
@@ -0,0 +1,7 @@
+Copyright 2020 Gregor Martynus
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--- a/node_modules/@octokit/types/node_modules/@octokit/openapi-types/README.md
+++ b/node_modules/@octokit/types/node_modules/@octokit/openapi-types/README.md
@@ -0,0 +1,17 @@
+# @octokit/openapi-types
+
+> Generated TypeScript definitions based on GitHub's OpenAPI spec
+
+This package is continously updated based on [GitHub's OpenAPI specification](https://github.com/github/rest-api-description/)
+
+## Usage
+
+```ts
+import { components } from "@octokit/openapi-types";
+
+type Repository = components["schemas"]["full-repository"];
+```
+
+## License
+
+[MIT](LICENSE)
--- a/node_modules/@octokit/types/node_modules/@octokit/openapi-types/package.json
+++ b/node_modules/@octokit/types/node_modules/@octokit/openapi-types/package.json
@@ -0,0 +1,20 @@
+{
+  "name": "@octokit/openapi-types",
+  "description": "Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/octokit/openapi-types.ts.git",
+    "directory": "packages/openapi-types"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "version": "19.0.0",
+  "main": "",
+  "types": "types.d.ts",
+  "author": "Gregor Martynus (https://twitter.com/gr2m)",
+  "license": "MIT",
+  "octokit": {
+    "openapi-version": "13.0.0"
+  }
+}
--- a/node_modules/@octokit/types/node_modules/@octokit/openapi-types/types.d.ts
+++ b/node_modules/@octokit/types/node_modules/@octokit/openapi-types/types.d.ts
--- a/node_modules/@octokit/types/package.json
+++ b/node_modules/@octokit/types/package.json
@@ -1,12 +1,12 @@
 {
  "name": "@octokit/types",
-  "version": "11.1.0",
+  "version": "12.0.0",
  "publishConfig": {
    "access": "public"
  },
  "description": "Shared TypeScript definitions for Octokit projects",
  "dependencies": {
-    "@octokit/openapi-types": "^18.0.0"
+    "@octokit/openapi-types": "^19.0.0"
  },
  "repository": "github:octokit/types.ts",
  "keywords": [
@@ -28,15 +28,15 @@
    "npm-run-all": "^4.1.5",
    "pascal-case": "^3.1.1",
    "prettier": "^3.0.0",
-    "semantic-release": "^21.0.0",
+    "semantic-release": "^22.0.0",
    "semantic-release-plugin-update-version-in-files": "^1.0.0",
    "sort-keys": "^5.0.0",
    "string-to-jsdoc-comment": "^1.0.0",
-    "typedoc": "^0.24.0",
+    "typedoc": "^0.25.0",
    "typescript": "^5.0.0"
  },
  "octokit": {
-    "openapi-version": "12.0.0"
+    "openapi-version": "13.0.0"
  },
  "files": [
    "dist-types/**"
--- a/node_modules/@types/adm-zip/LICENSE
+++ b/node_modules/@types/adm-zip/LICENSE
--- a/node_modules/@types/adm-zip/README.md
+++ b/node_modules/@types/adm-zip/README.md
@@ -8,7 +8,7 @@ This package contains type definitions for adm-zip (https://github.com/cthackers
 Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/adm-zip.

 ### Additional Details
- * Last updated: Sat, 09 Sep 2023 20:33:02 GMT
+ * Last updated: Fri, 22 Sep 2023 18:11:03 GMT
 * Dependencies: [@types/node](https://npmjs.com/package/@types/node)
 * Global values: none

--- a/node_modules/@types/adm-zip/index.d.ts
+++ b/node_modules/@types/adm-zip/index.d.ts
@@ -9,8 +9,8 @@

 /// <reference types="node" />

-import * as FS from 'fs';
-import { Constants } from './util';
+import * as FS from "fs";
+import { Constants } from "./util";

 declare class AdmZip {
    /**
@@ -118,7 +118,6 @@ declare class AdmZip {
        filter?: RegExp | ((filename: string) => boolean),
    ): void;
    /**
-     *
     * @param localPath - path where files will be extracted
     * @param props - optional properties
     * @param props.zipPath - optional path inside zip
--- a/node_modules/@types/adm-zip/package.json
+++ b/node_modules/@types/adm-zip/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@types/adm-zip",
-  "version": "0.5.1",
+  "version": "0.5.2",
  "description": "TypeScript definitions for adm-zip",
  "homepage": "https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/adm-zip",
  "license": "MIT",
@@ -42,6 +42,6 @@
  "dependencies": {
    "@types/node": "*"
  },
-  "typesPublisherContentHash": "2e5ee14b2604eed0df716f3fbe0ab112c0e9202577bf8b71e85576326fedaa6d",
-  "typeScriptVersion": "4.3"
+  "typesPublisherContentHash": "760a250ea3b5679cae48f06c02648470299cac3e2afe9f0ab03cffc9d703048d",
+  "typeScriptVersion": "4.5"
 }
--- a/node_modules/@types/adm-zip/util.d.ts
+++ b/node_modules/@types/adm-zip/util.d.ts
@@ -143,36 +143,36 @@ export const Constants: {

 export const Errors: {
    /* Header error messages */
-    INVALID_LOC: 'Invalid LOC header (bad signature)';
-    INVALID_CEN: 'Invalid CEN header (bad signature)';
-    INVALID_END: 'Invalid END header (bad signature)';
+    INVALID_LOC: "Invalid LOC header (bad signature)";
+    INVALID_CEN: "Invalid CEN header (bad signature)";
+    INVALID_END: "Invalid END header (bad signature)";

    /* ZipEntry error messages */
-    NO_DATA: 'Nothing to decompress';
-    BAD_CRC: 'CRC32 checksum failed';
-    FILE_IN_THE_WAY: 'There is a file in the way: %s';
-    UNKNOWN_METHOD: 'Invalid/unsupported compression method';
+    NO_DATA: "Nothing to decompress";
+    BAD_CRC: "CRC32 checksum failed";
+    FILE_IN_THE_WAY: "There is a file in the way: %s";
+    UNKNOWN_METHOD: "Invalid/unsupported compression method";

    /* Inflater error messages */
-    AVAIL_DATA: 'inflate::Available inflate data did not terminate';
-    INVALID_DISTANCE: 'inflate::Invalid literal/length or distance code in fixed or dynamic block';
-    TO_MANY_CODES: 'inflate::Dynamic block code description: too many length or distance codes';
-    INVALID_REPEAT_LEN: 'inflate::Dynamic block code description: repeat more than specified lengths';
-    INVALID_REPEAT_FIRST: 'inflate::Dynamic block code description: repeat lengths with no first length';
-    INCOMPLETE_CODES: 'inflate::Dynamic block code description: code lengths codes incomplete';
-    INVALID_DYN_DISTANCE: 'inflate::Dynamic block code description: invalid distance code lengths';
-    INVALID_CODES_LEN: 'inflate::Dynamic block code description: invalid literal/length code lengths';
+    AVAIL_DATA: "inflate::Available inflate data did not terminate";
+    INVALID_DISTANCE: "inflate::Invalid literal/length or distance code in fixed or dynamic block";
+    TO_MANY_CODES: "inflate::Dynamic block code description: too many length or distance codes";
+    INVALID_REPEAT_LEN: "inflate::Dynamic block code description: repeat more than specified lengths";
+    INVALID_REPEAT_FIRST: "inflate::Dynamic block code description: repeat lengths with no first length";
+    INCOMPLETE_CODES: "inflate::Dynamic block code description: code lengths codes incomplete";
+    INVALID_DYN_DISTANCE: "inflate::Dynamic block code description: invalid distance code lengths";
+    INVALID_CODES_LEN: "inflate::Dynamic block code description: invalid literal/length code lengths";
    INVALID_STORE_BLOCK: "inflate::Stored block length did not match one's complement";
-    INVALID_BLOCK_TYPE: 'inflate::Invalid block type (type == 3)';
+    INVALID_BLOCK_TYPE: "inflate::Invalid block type (type == 3)";

    /* ADM-ZIP error messages */
-    CANT_EXTRACT_FILE: 'Could not extract the file';
-    CANT_OVERRIDE: 'Target file already exists';
-    NO_ZIP: 'No zip file was loaded';
+    CANT_EXTRACT_FILE: "Could not extract the file";
+    CANT_OVERRIDE: "Target file already exists";
+    NO_ZIP: "No zip file was loaded";
    NO_ENTRY: "Entry doesn't exist";
-    DIRECTORY_CONTENT_ERROR: 'A directory cannot have content';
-    FILE_NOT_FOUND: 'File not found: %s';
-    NOT_IMPLEMENTED: 'Not implemented';
-    INVALID_FILENAME: 'Invalid filename';
-    INVALID_FORMAT: 'Invalid or unsupported zip format. No END header found';
+    DIRECTORY_CONTENT_ERROR: "A directory cannot have content";
+    FILE_NOT_FOUND: "File not found: %s";
+    NOT_IMPLEMENTED: "Not implemented";
+    INVALID_FILENAME: "Invalid filename";
+    INVALID_FORMAT: "Invalid or unsupported zip format. No END header found";
 };
--- a/node_modules/@types/semver/README.md
+++ b/node_modules/@types/semver/README.md
@@ -8,7 +8,7 @@ This package contains type definitions for semver (https://github.com/npm/node-s
 Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/semver.

 ### Additional Details
- * Last updated: Thu, 14 Sep 2023 01:49:19 GMT
+ * Last updated: Mon, 25 Sep 2023 13:39:06 GMT
 * Dependencies: none
 * Global values: none

--- a/node_modules/@types/semver/classes/comparator.d.ts
+++ b/node_modules/@types/semver/classes/comparator.d.ts
@@ -1,11 +1,11 @@
-import semver = require('../index');
-import SemVer = require('./semver');
+import semver = require("../index");
+import SemVer = require("./semver");

 declare class Comparator {
    constructor(comp: string | Comparator, optionsOrLoose?: boolean | semver.Options);

    semver: SemVer;
-    operator: '' | '=' | '<' | '>' | '<=' | '>=';
+    operator: "" | "=" | "<" | ">" | "<=" | ">=";
    value: string;
    loose: boolean;
    options: semver.Options;
--- a/node_modules/@types/semver/classes/range.d.ts
+++ b/node_modules/@types/semver/classes/range.d.ts
@@ -1,6 +1,6 @@
-import semver = require('../index');
-import Comparator = require('./comparator');
-import SemVer = require('./semver');
+import semver = require("../index");
+import Comparator = require("./comparator");
+import SemVer = require("./semver");

 declare class Range {
    constructor(range: string | Range, optionsOrLoose?: boolean | semver.RangeOptions);
--- a/node_modules/@types/semver/classes/semver.d.ts
+++ b/node_modules/@types/semver/classes/semver.d.ts
@@ -1,4 +1,4 @@
-import semver = require('../index');
+import semver = require("../index");

 declare class SemVer {
    constructor(version: string | SemVer, optionsOrLoose?: boolean | semver.RangeOptions);
--- a/node_modules/@types/semver/functions/clean.d.ts
+++ b/node_modules/@types/semver/functions/clean.d.ts
@@ -1,4 +1,4 @@
-import semver = require('../index');
+import semver = require("../index");

 /**
 * Returns cleaned (removed leading/trailing whitespace, remove '=v' prefix) and parsed version, or null if version is invalid.
--- a/node_modules/@types/semver/functions/cmp.d.ts
+++ b/node_modules/@types/semver/functions/cmp.d.ts
@@ -1,5 +1,5 @@
-import semver = require('../index');
-import SemVer = require('../classes/semver');
+import semver = require("../index");
+import SemVer = require("../classes/semver");

 /**
 * Pass in a comparison string, and it'll call the corresponding semver comparison function.
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				{"version":3,"file":"diagnostics.js","sourceRoot":"","sources":["../src/diagnostics.ts"],"names":[],"mappings":";;;;;;AAAA,2BAA8C;AAC9C,gDAAwB;AAIxB,uCAA6C;AAC7C,iCAA+C;AAmD/C;;;;;;;GAOG;AACH,SAAgB,cAAc,CAC5B,EAAU,EACV,IAAY,EACZ,OAA+C,SAAS;IAExD,OAAO;QACL,GAAG,IAAI;QACP,SAAS,EAAE,IAAI,EAAE,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACtD,MAAM,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE;KACtC,CAAC;AACJ,CAAC;AAVD,wCAUC;AAED;;;;;GAKG;AACH,SAAgB,aAAa,CAC3B,MAAc,EACd,QAAkB,EAClB,UAA6B;IAE7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,eAAe,GAAG,cAAI,CAAC,OAAO,CAClC,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,EACvC,YAAY,EACZ,eAAe,CAChB,CAAC;IAEF,IAAI;QACF,gDAAgD;QAChD,IAAA,cAAS,EAAC,eAAe,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAEhD,MAAM,QAAQ,GAAG,cAAI,CAAC,OAAO,CAC3B,eAAe,EACf,iBAAiB,UAAU,CAAC,SAAS,OAAO,CAC7C,CAAC;QAEF,IAAA,kBAAa,EAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;KACrD;IAAC,OAAO,GAAG,EAAE;QACZ,MAAM,CAAC,OAAO,CAAC,mDAAmD,GAAG,EAAE,CAAC,CAAC;KAC1E;AACH,CAAC;AAzBD,sCAyBC"}
				`@@ -0,0 +1 @@`
				`{"version":3,"file":"tools-features.js","sourceRoot":"","sources":["../src/tools-features.ts"],"names":[],"mappings":";;;AAEA,IAAY,YAEX;AAFD,WAAY,YAAY;IACtB,+FAA+E,CAAA;AACjF,CAAC,EAFW,YAAY,4BAAZ,YAAY,QAEvB;AAED;;;;;;GAMG;AACH,SAAgB,uBAAuB,CACrC,WAAwB,EACxB,OAAqB;IAErB,OAAO,CAAC,CAAC,WAAW,CAAC,QAAQ,IAAI,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACjE,CAAC;AALD,0DAKC"}`
				`@@ -0,0 +1 @@`
				{"version":3,"file":"tools-features.test.js","sourceRoot":"","sources":["../src/tools-features.test.ts"],"names":[],"mappings":";;;;;AAAA,8CAAuB;AAEvB,mDAAkD;AAClD,qDAAyE;AAEzE,IAAA,aAAI,EAAC,yBAAyB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC1C,MAAM,WAAW,GAAG,IAAA,+BAAe,EAAC,OAAO,CAAC,CAAC;IAE7C,CAAC,CAAC,KAAK,CACL,IAAA,wCAAuB,EACrB,WAAW,EACX,6BAAY,CAAC,qCAAqC,CACnD,CACF,CAAC;IAEF,WAAW,CAAC,QAAQ,GAAG,EAAE,qCAAqC,EAAE,IAAI,EAAE,CAAC;IAEvE,CAAC,CAAC,IAAI,CACJ,IAAA,wCAAuB,EACrB,WAAW,EACX,6BAAY,CAAC,qCAAqC,CACnD,CACF,CAAC;AACJ,CAAC,CAAC,CAAC"}