Merge pull request #2410 from github/update-v3.26.0-c24926b73

Merge main into releases/v3

.eslintrc.json

@@ -1,71 +0,0 @@
-
-{
-    "parser": "@typescript-eslint/parser",
-    "parserOptions": {
-        "project": "./tsconfig.json"
-    },
-    "plugins": ["@typescript-eslint", "filenames", "github", "import", "no-async-foreach"],
-    "extends": [
-        "eslint:recommended",
-        "plugin:@typescript-eslint/recommended",
-        "plugin:@typescript-eslint/recommended-requiring-type-checking",
-        "plugin:github/recommended",
-        "plugin:github/typescript",
-        "plugin:import/typescript"
-    ],
-    "rules": {
-        "filenames/match-regex": ["error", "^[a-z0-9-]+(\\.test)?$"],
-        "i18n-text/no-en": "off",
-        "import/extensions": ["error", {
-            // Allow importing JSON files
-            "json": {}
-        }],
-        "import/no-amd": "error",
-        "import/no-commonjs": "error",
-        "import/no-cycle": "error",
-        "import/no-dynamic-require": "error",
-        // Disable the rule that checks that devDependencies aren't imported since we use a single
-        // linting configuration file for both source and test code.
-        "import/no-extraneous-dependencies": ["error", {"devDependencies": true}],
-        "import/no-namespace": "off",
-        "import/no-unresolved": "error",
-        "import/no-webpack-loader-syntax": "error",
-        "import/order": ["error", {
-            "alphabetize": {"order": "asc"},
-            "newlines-between": "always"
-        }],
-        "max-len": ["error", {
-            "code": 120,
-            "ignoreUrls": true,
-            "ignoreStrings": true,
-            "ignoreTemplateLiterals": true
-        }],
-        "no-async-foreach/no-async-foreach": "error",
-        "no-sequences": "error",
-        "no-shadow": "off",
-        "@typescript-eslint/no-shadow": "error",
-        "one-var": ["error", "never"]
-    },
-    "overrides": [{
-        // "temporarily downgraded during transition to eslint
-        "files": "**",
-        "rules": {
-            "@typescript-eslint/no-explicit-any": "off",
-            "@typescript-eslint/no-unsafe-assignment": "off",
-            "@typescript-eslint/no-unsafe-member-access": "off",
-            "@typescript-eslint/no-var-requires": "off",
-            "@typescript-eslint/prefer-regexp-exec": "off",
-            "@typescript-eslint/require-await": "off",
-            "@typescript-eslint/restrict-template-expressions": "off",
-            "func-style": "off"
-        }
-    }],
-    "settings": {
-        "import/resolver": {
-            "node": {
-                "moduleDirectory": ["node_modules", "src"]
-            },
-            "typescript": {}
-        }
-    }
-}

.github/workflows/__all-platform-bundle.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')
@@ -60,10 +58,9 @@ jobs:
       - id: init
         uses: ./../action/init
         with:
+      # Swift is not supported on Ubuntu so we manually exclude it from the list here
+          languages: cpp,csharp,go,java,javascript,python,ruby
           tools: ${{ steps.prepare-test.outputs.tools-url }}
-      - uses: ./../action/.github/actions/setup-swift
-        with:
-          codeql-path: ${{ steps.init.outputs.codeql-path }}
       - name: Build code
         shell: bash
         run: ./build.sh

.github/workflows/__analyze-ref-input.yml

@@ -45,8 +45,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__autobuild-action.yml

@@ -45,8 +45,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__autobuild-direct-tracing-with-working-dir.yml

@@ -47,8 +47,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__autobuild-direct-tracing.yml

@@ -47,8 +47,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__build-mode-autobuild.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__build-mode-manual.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')
@@ -74,10 +72,6 @@ jobs:
             exit 1
           fi
 
-      - uses: ./../action/.github/actions/setup-swift
-        with:
-          codeql-path: ${{ steps.init.outputs.codeql-path }}
-
       - name: Build code
         shell: bash
         run: ./build.sh

.github/workflows/__build-mode-none.yml

@@ -43,8 +43,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__build-mode-rollback.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__cleanup-db-cluster-dir.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__config-export.yml

@@ -51,8 +51,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__config-input.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__cpp-deptrace-disabled.yml

@@ -45,8 +45,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__cpp-deptrace-enabled-on-macos.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__cpp-deptrace-enabled.yml

@@ -45,8 +45,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__diagnostics-export.yml

@@ -27,12 +27,6 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - os: ubuntu-latest
-            version: stable-20230403
-          - os: macos-12
-            version: stable-20230403
-          - os: windows-latest
-            version: stable-20230403
           - os: ubuntu-latest
             version: linked
           - os: macos-latest
@@ -57,8 +51,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')
@@ -83,17 +75,13 @@ jobs:
         env:
           CODEQL_PATH: ${{ steps.init.outputs.codeql-path }}
         run: |
-          for i in {1..2}; do
-            # Use the same location twice to test the workaround for the bug in CodeQL CLI 2.12.6 that
-            # produces an invalid diagnostic with multiple identical location objects.
           "$CODEQL_PATH" database add-diagnostic \
             "$RUNNER_TEMP/codeql_databases/javascript" \
             --file-path /path/to/file \
-              --plaintext-message "Plaintext message $i" \
+            --plaintext-message "Plaintext message" \
             --source-id "lang/diagnostics/example" \
             --source-name "Diagnostic name" \
             --ready-for-status-page
-          done
       - uses: ./../action/analyze
         with:
           output: ${{ runner.temp }}/results
@@ -113,7 +101,7 @@ jobs:
             const fs = require('fs');
 
             function checkStatusPageNotification(n) {
-              const expectedMessage = 'Plaintext message 1\n\nCodeQL also found 1 other diagnostic like this. See the workflow log for details.';
+              const expectedMessage = 'Plaintext message';
               if (n.message.text !== expectedMessage) {
                 core.setFailed(`Expected the status page diagnostic to have the message '${expectedMessage}', but found '${n.message.text}'.`);
               }

.github/workflows/__export-file-baseline-information.yml

@@ -45,8 +45,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')
@@ -86,7 +84,7 @@ jobs:
         run: |
           cd "$RUNNER_TEMP/results"
           expected_baseline_languages="c csharp go java kotlin javascript python ruby"
-          if [[ $RUNNER_OS != "Windows" ]]; then
+          if [[ $RUNNER_OS == "macOS" ]]; then
             expected_baseline_languages+=" swift"
           fi
 

.github/workflows/__extractor-ram-threads.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__go-custom-queries.yml

@@ -27,12 +27,6 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - os: ubuntu-latest
-            version: stable-20230403
-          - os: macos-12
-            version: stable-20230403
-          - os: windows-latest
-            version: stable-20230403
           - os: ubuntu-latest
             version: stable-v2.13.5
           - os: macos-12
@@ -57,6 +51,12 @@ jobs:
             version: stable-v2.16.6
           - os: windows-latest
             version: stable-v2.16.6
+          - os: ubuntu-latest
+            version: stable-v2.17.6
+          - os: macos-latest
+            version: stable-v2.17.6
+          - os: windows-latest
+            version: stable-v2.17.6
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -87,8 +87,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__go-indirect-tracing-workaround-no-file-program.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__go-indirect-tracing-workaround.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__go-tracing-autobuilder.yml

@@ -27,10 +27,6 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - os: ubuntu-latest
-            version: stable-20230403
-          - os: macos-12
-            version: stable-20230403
           - os: ubuntu-latest
             version: stable-v2.13.5
           - os: macos-12
@@ -47,6 +43,10 @@ jobs:
             version: stable-v2.16.6
           - os: macos-latest
             version: stable-v2.16.6
+          - os: ubuntu-latest
+            version: stable-v2.17.6
+          - os: macos-latest
+            version: stable-v2.17.6
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -71,8 +71,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__go-tracing-custom-build-steps.yml

@@ -27,10 +27,6 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - os: ubuntu-latest
-            version: stable-20230403
-          - os: macos-12
-            version: stable-20230403
           - os: ubuntu-latest
             version: stable-v2.13.5
           - os: macos-12
@@ -47,6 +43,10 @@ jobs:
             version: stable-v2.16.6
           - os: macos-latest
             version: stable-v2.16.6
+          - os: ubuntu-latest
+            version: stable-v2.17.6
+          - os: macos-latest
+            version: stable-v2.17.6
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -71,8 +71,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__go-tracing-legacy-workflow.yml

@@ -27,10 +27,6 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - os: ubuntu-latest
-            version: stable-20230403
-          - os: macos-12
-            version: stable-20230403
           - os: ubuntu-latest
             version: stable-v2.13.5
           - os: macos-12
@@ -47,6 +43,10 @@ jobs:
             version: stable-v2.16.6
           - os: macos-latest
             version: stable-v2.16.6
+          - os: ubuntu-latest
+            version: stable-v2.17.6
+          - os: macos-latest
+            version: stable-v2.17.6
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -71,8 +71,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__init-with-registries.yml

@@ -58,8 +58,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__javascript-source-root.yml

@@ -45,8 +45,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__language-aliases.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__multi-language-autodetect.yml

@@ -28,15 +28,25 @@ jobs:
       matrix:
         include:
           - os: macos-12
-            version: stable-20230403
+            version: stable-v2.13.5
-          - os: macos-12
+          - os: ubuntu-latest
             version: stable-v2.13.5
           - os: macos-12
             version: stable-v2.14.6
+          - os: ubuntu-latest
+            version: stable-v2.14.6
           - os: macos-latest
             version: stable-v2.15.5
+          - os: ubuntu-latest
+            version: stable-v2.15.5
           - os: macos-latest
             version: stable-v2.16.6
+          - os: ubuntu-latest
+            version: stable-v2.16.6
+          - os: macos-latest
+            version: stable-v2.17.6
+          - os: ubuntu-latest
+            version: stable-v2.17.6
           - os: macos-latest
             version: default
           - os: ubuntu-latest
@@ -61,8 +71,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')
@@ -85,9 +93,13 @@ jobs:
         id: init
         with:
           db-location: ${{ runner.temp }}/customDbLocation
+      # Swift is not supported on Ubuntu so we manually exclude it from the list here
+          languages: ${{ runner.os == 'Linux' && 'cpp,csharp,go,java,javascript,python,ruby'
+            || '' }}
           tools: ${{ steps.prepare-test.outputs.tools-url }}
 
       - uses: ./../action/.github/actions/setup-swift
+        if: runner.os == 'macOS'
         with:
           codeql-path: ${{ steps.init.outputs.codeql-path }}
 
@@ -139,8 +151,8 @@ jobs:
             exit 1
           fi
 
-      - name: Check language autodetect for Swift
+      - name: Check language autodetect for Swift on MacOS
-        if: runner.os != 'Windows' && matrix.version != 'stable-20230403'
+        if: runner.os == 'macOS'
         shell: bash
         run: |
           SWIFT_DB=${{ fromJson(steps.analysis.outputs.db-locations).swift }}

.github/workflows/__packaging-codescanning-config-inputs-js.yml

@@ -57,8 +57,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__packaging-config-inputs-js.yml

@@ -57,8 +57,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__packaging-config-js.yml

@@ -57,8 +57,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__packaging-inputs-js.yml

@@ -57,8 +57,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__remote-config.yml

@@ -27,12 +27,6 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - os: ubuntu-latest
-            version: stable-20230403
-          - os: macos-12
-            version: stable-20230403
-          - os: windows-latest
-            version: stable-20230403
           - os: ubuntu-latest
             version: stable-v2.13.5
           - os: macos-12
@@ -57,6 +51,12 @@ jobs:
             version: stable-v2.16.6
           - os: windows-latest
             version: stable-v2.16.6
+          - os: ubuntu-latest
+            version: stable-v2.17.6
+          - os: macos-latest
+            version: stable-v2.17.6
+          - os: windows-latest
+            version: stable-v2.17.6
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -87,8 +87,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__resolve-environment-action.yml

@@ -28,11 +28,11 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: stable-v2.13.4
+            version: stable-v2.13.5
           - os: macos-12
-            version: stable-v2.13.4
+            version: stable-v2.13.5
           - os: windows-latest
-            version: stable-v2.13.4
+            version: stable-v2.13.5
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -63,8 +63,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')
@@ -81,7 +79,7 @@ jobs:
           setup-kotlin: 'true'
       - uses: ./../action/init
         with:
-          languages: ${{ matrix.version == 'stable-v2.13.4' && 'go' || 'go,javascript-typescript'
+          languages: ${{ matrix.version == 'stable-v2.13.5' && 'go' || 'go,javascript-typescript'
             }}
           tools: ${{ steps.prepare-test.outputs.tools-url }}
 
@@ -96,14 +94,14 @@ jobs:
         run: exit 1
 
       - name: Resolve environment for JavaScript/TypeScript
-        if: matrix.version != 'stable-v2.13.4'
+        if: matrix.version != 'stable-v2.13.5'
         uses: ./../action/resolve-environment
         id: resolve-environment-js
         with:
           language: javascript-typescript
 
       - name: Fail if JavaScript/TypeScript configuration present
-        if: matrix.version != 'stable-v2.13.4' && 
+        if: matrix.version != 'stable-v2.13.5' && 
           fromJSON(steps.resolve-environment-js.outputs.environment).configuration.javascript
         run: exit 1
     env:

.github/workflows/__rubocop-multi-language.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__ruby.yml

@@ -51,8 +51,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__scaling-reserved-ram.yml

@@ -1,104 +0,0 @@
-# Warning: This file is generated automatically, and should not be modified.
-# Instead, please modify the template in the pr-checks directory and run:
-#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
-# to regenerate this file.
-
-name: PR Check - Scaling reserved RAM
-env:
-  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-  GO111MODULE: auto
-on:
-  push:
-    branches:
-      - main
-      - releases/v*
-  pull_request:
-    types:
-      - opened
-      - synchronize
-      - reopened
-      - ready_for_review
-  schedule:
-    - cron: '0 5 * * *'
-  workflow_dispatch: {}
-jobs:
-  scaling-reserved-ram:
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - os: macos-12
-            version: stable-20230403
-          - os: macos-12
-            version: stable-v2.13.5
-          - os: macos-12
-            version: stable-v2.14.6
-          - os: macos-latest
-            version: stable-v2.15.5
-          - os: macos-latest
-            version: stable-v2.16.6
-          - os: macos-latest
-            version: default
-          - os: ubuntu-latest
-            version: default
-          - os: macos-latest
-            version: linked
-          - os: ubuntu-latest
-            version: linked
-          - os: macos-latest
-            version: nightly-latest
-          - os: ubuntu-latest
-            version: nightly-latest
-    name: Scaling reserved RAM
-    permissions:
-      contents: read
-      security-events: write
-    timeout-minutes: 45
-    runs-on: ${{ matrix.os }}
-    steps:
-      - name: Setup Python on MacOS
-        uses: actions/setup-python@v5
-        if: >-
-          runner.os == 'macOS' && (
-
-          matrix.version == 'stable-20230403' ||
-
-          matrix.version == 'stable-v2.13.5' ||
-
-          matrix.version == 'stable-v2.14.6')
-        with:
-          python-version: '3.11'
-      - name: Check out repository
-        uses: actions/checkout@v4
-      - name: Prepare test
-        id: prepare-test
-        uses: ./.github/actions/prepare-test
-        with:
-          version: ${{ matrix.version }}
-          use-all-platform-bundle: 'false'
-          setup-kotlin: 'true'
-      - uses: actions/setup-go@v5
-        with:
-          go-version: '>=1.21.0'
-
-      - uses: ./../action/init
-        id: init
-        with:
-          db-location: ${{ runner.temp }}/customDbLocation
-          tools: ${{ steps.prepare-test.outputs.tools-url }}
-
-      - uses: ./../action/.github/actions/setup-swift
-        with:
-          codeql-path: ${{ steps.init.outputs.codeql-path }}
-
-      - name: Build code
-        shell: bash
-        run: ./build.sh
-
-      - uses: ./../action/analyze
-        id: analysis
-        with:
-          upload-database: false
-    env:
-      CODEQL_ACTION_SCALING_RESERVED_RAM: true
-      CODEQL_ACTION_TEST_MODE: true

.github/workflows/__split-workflow.yml

@@ -51,8 +51,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__submit-sarif-failure.yml

@@ -45,8 +45,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__swift-autobuild.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__swift-custom-build.yml

@@ -29,16 +29,10 @@ jobs:
         include:
           - os: macos-latest
             version: linked
-          - os: ubuntu-latest
-            version: linked
           - os: macos-latest
             version: default
-          - os: ubuntu-latest
-            version: default
           - os: macos-latest
             version: nightly-latest
-          - os: ubuntu-latest
-            version: nightly-latest
     name: Swift analysis using a custom build command
     permissions:
       contents: read
@@ -51,8 +45,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__test-autobuild-working-dir.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__test-local-codeql.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')
@@ -66,10 +64,9 @@ jobs:
       - id: init
         uses: ./../action/init
         with:
+      # Swift is not supported on Ubuntu so we manually exclude it from the list here
+          languages: cpp,csharp,go,java,javascript,python,ruby
           tools: ./codeql-bundle-linux64.tar.gz
-      - uses: ./../action/.github/actions/setup-swift
-        with:
-          codeql-path: ${{ steps.init.outputs.codeql-path }}
       - name: Build code
         shell: bash
         run: ./build.sh

.github/workflows/__test-proxy.yml

@@ -41,8 +41,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__unset-environment.yml

@@ -27,6 +27,16 @@ jobs:
       fail-fast: false
       matrix:
         include:
+          - os: ubuntu-latest
+            version: stable-v2.13.5
+          - os: ubuntu-latest
+            version: stable-v2.14.6
+          - os: ubuntu-latest
+            version: stable-v2.15.5
+          - os: ubuntu-latest
+            version: stable-v2.16.6
+          - os: ubuntu-latest
+            version: stable-v2.17.6
           - os: ubuntu-latest
             version: default
           - os: ubuntu-latest
@@ -45,8 +55,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')
@@ -65,10 +73,9 @@ jobs:
         id: init
         with:
           db-location: ${{ runner.temp }}/customDbLocation
+      # Swift is not supported on Ubuntu so we manually exclude it from the list here
+          languages: cpp,csharp,go,java,javascript,python,ruby
           tools: ${{ steps.prepare-test.outputs.tools-url }}
-      - uses: ./../action/.github/actions/setup-swift
-        with:
-          codeql-path: ${{ steps.init.outputs.codeql-path }}
       - uses: actions/setup-go@v5
         with:
           go-version: '>=1.21.0'

.github/workflows/__upload-ref-sha-input.yml

@@ -45,8 +45,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/__with-checkout-path.yml

@@ -45,8 +45,6 @@ jobs:
         if: >-
           runner.os == 'macOS' && (
 
-          matrix.version == 'stable-20230403' ||
-
           matrix.version == 'stable-v2.13.5' ||
 
           matrix.version == 'stable-v2.14.6')

.github/workflows/debug-artifacts.yml

@@ -22,10 +22,11 @@ jobs:
       fail-fast: false
       matrix:
         version:
-        - stable-20230403
         - stable-v2.13.5
         - stable-v2.14.6
         - stable-v2.15.5
+        - stable-v2.16.6
+        - stable-v2.17.6
         - default
         - linked
         - nightly-latest
@@ -52,9 +53,8 @@ jobs:
           debug: true
           debug-artifact-name: my-debug-artifacts
           debug-database-name: my-db
-      - uses: ./../action/.github/actions/setup-swift
+          # We manually exclude Swift from the languages list here, as it is not supported on Ubuntu
-        with:
+          languages: cpp,csharp,go,java,javascript,python,ruby 
-          codeql-path: ${{ steps.init.outputs.codeql-path }}
       - name: Build code
         shell: bash
         run: ./build.sh
@@ -71,7 +71,7 @@ jobs:
       - name: Check expected artifacts exist
         shell: bash
         run: |
-          VERSIONS="stable-20230403 stable-v2.13.5 stable-v2.14.6 stable-v2.15.5 default linked nightly-latest"
+          VERSIONS="stable-v2.13.5 stable-v2.14.6 stable-v2.15.5 stable-v2.16.6 stable-v2.17.6 default linked nightly-latest"
           LANGUAGES="cpp csharp go java javascript python"
           for version in $VERSIONS; do
             pushd "./my-debug-artifacts-${version//./}"

.github/workflows/pr-checks.yml

@@ -2,7 +2,6 @@ name: PR Checks
 
 on:
   push:
-    branches: [main, releases/v*]
   pull_request:
     # Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
     # by other workflows.
@@ -53,6 +52,7 @@ jobs:
         run: .github/workflows/script/check-js.sh
 
   check-node-modules:
+    if: github.event_name != 'push' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/releases/v')
     name: Check modules up to date
     runs-on: macos-latest
     timeout-minutes: 45
@@ -63,6 +63,7 @@ jobs:
         run: .github/workflows/script/check-node-modules.sh
 
   check-file-contents:
+    if: github.event_name != 'push' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/releases/v')
     name: Check file contents
     runs-on: ubuntu-latest
     timeout-minutes: 45
@@ -87,6 +88,7 @@ jobs:
         run: .github/workflows/script/verify-pr-checks.sh
 
   npm-test:
+    if: github.event_name != 'push' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/releases/v')
     name: Unit Test
     needs: [check-js, check-node-modules]
     strategy:
@@ -106,7 +108,7 @@ jobs:
           npm test
 
   check-node-version:
-    if: ${{ github.event.pull_request }}
+    if: github.event.pull_request
     name: Check Action Node versions
     runs-on: ubuntu-latest
     timeout-minutes: 45

.github/workflows/script/update-required-checks.sh

@@ -28,7 +28,8 @@ fi
 echo "Getting checks for $GITHUB_SHA"
 
 # Ignore any checks with "https://", CodeQL, LGTM, and Update checks.
-CHECKS="$(gh api repos/github/codeql-action/commits/"${GITHUB_SHA}"/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "Dependabot" or . == "check-expected-release-files" or contains("Update") or contains("update") or contains("test-setup-python-scripts") | not)] | unique | sort')"
+# Also ignore the non-matrixed "Unit Tests" job that only runs on pushes to protected branches.
+CHECKS="$(gh api repos/github/codeql-action/commits/"${GITHUB_SHA}"/check-runs --paginate | jq --slurp --compact-output --raw-output '[.[].check_runs | .[].name | select(contains("https://") or . == "CodeQL" or . == "Dependabot" or . == "check-expected-release-files" or . == "Unit Tests" or contains("Update") or contains("update") or contains("test-setup-python-scripts") | not)] | unique | sort')"
 
 echo "$CHECKS" | jq
 

.github/workflows/test-codeql-bundle-all.yml

@@ -42,10 +42,9 @@ jobs:
     - id: init
       uses: ./../action/init
       with:
+        # We manually exclude Swift from the languages list here, as it is not supported on Ubuntu
+        languages: cpp,csharp,go,java,javascript,python,ruby 
         tools: ${{ steps.prepare-test.outputs.tools-url }}
-    - uses: ./../action/.github/actions/setup-swift
-      with:
-        codeql-path: ${{ steps.init.outputs.codeql-path }}
     - name: Build code
       shell: bash
       run: ./build.sh

CHANGELOG.md

@@ -4,9 +4,35 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
 
 Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.
 
-## [UNRELEASED]
+## 3.26.0 - 06 Aug 2024
+
+- _Deprecation:_ Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. [#2403](https://github.com/github/codeql-action/pull/2403)
+- Bump the minimum CodeQL bundle version to 2.13.5. [#2408](https://github.com/github/codeql-action/pull/2408)
+
+## 3.25.15 - 26 Jul 2024
+
+- Update default CodeQL bundle version to 2.18.1. [#2385](https://github.com/github/codeql-action/pull/2385)
+
+## 3.25.14 - 25 Jul 2024
+
+- Experimental: add a new `start-proxy` action which starts the same HTTP proxy as used by [`github/dependabot-action`](https://github.com/github/dependabot-action). Do not use this in production as it is part of an internal experiment and subject to change at any time. [#2376](https://github.com/github/codeql-action/pull/2376)
+
+## 3.25.13 - 19 Jul 2024
+
+- Add `codeql-version` to outputs. [#2368](https://github.com/github/codeql-action/pull/2368)
+- Add a deprecation warning for customers using CodeQL version 2.13.4 and earlier. These versions of CodeQL were discontinued on 9 July 2024 alongside GitHub Enterprise Server 3.9, and will be unsupported by CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later. [#2375](https://github.com/github/codeql-action/pull/2375)
+  - If you are using one of these versions, please update to CodeQL CLI version 2.13.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
+  - Alternatively, if you want to continue using a version of the CodeQL CLI between 2.12.6 and 2.13.4, you can replace `github/codeql-action/*@v3` by `github/codeql-action/*@v3.25.13` and `github/codeql-action/*@v2` by `github/codeql-action/*@v2.25.13` in your code scanning workflow to ensure you continue using this version of the CodeQL Action.
+
+## 3.25.12 - 12 Jul 2024
+
+- Improve the reliability and performance of analyzing code when analyzing a compiled language with the `autobuild` [build mode](https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes) on GitHub Enterprise Server. This feature is already available to GitHub.com users. [#2353](https://github.com/github/codeql-action/pull/2353)
+- Update default CodeQL bundle version to 2.18.0. [#2364](https://github.com/github/codeql-action/pull/2364)
+
+## 3.25.11 - 28 Jun 2024
 
 - Avoid failing the workflow run if there is an error while uploading debug artifacts. [#2349](https://github.com/github/codeql-action/pull/2349)
+- Update default CodeQL bundle version to 2.17.6. [#2352](https://github.com/github/codeql-action/pull/2352)
 
 ## 3.25.10 - 13 Jun 2024
 

README.md

@@ -44,7 +44,6 @@ We typically release new minor versions of the CodeQL Action and CLI when a new
 | `3.22.12` | `2.15.5` | Enterprise Server 3.12 |
 | `2.22.1` | `2.14.6` | Enterprise Server 3.11 |
 | `2.20.3` | `2.13.5` | Enterprise Server 3.10 |
-| `2.2.9` | `2.12.5` | Enterprise Server 3.9 |
 
 CodeQL Action `v2` will stop receiving updates when GHES 3.11 is deprecated.
 

eslint.config.mjs

@@ -0,0 +1,149 @@
+// Automatically generated by running npx @eslint/migrate-config .eslintrc.json
+
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+
+import { fixupConfigRules, fixupPluginRules } from "@eslint/compat";
+import { FlatCompat } from "@eslint/eslintrc";
+import js from "@eslint/js";
+import typescriptEslint from "@typescript-eslint/eslint-plugin";
+import tsParser from "@typescript-eslint/parser";
+import filenames from "eslint-plugin-filenames";
+import github from "eslint-plugin-github";
+import _import from "eslint-plugin-import";
+import noAsyncForeach from "eslint-plugin-no-async-foreach";
+import globals from "globals";
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const compat = new FlatCompat({
+  baseDirectory: __dirname,
+  recommendedConfig: js.configs.recommended,
+  allConfig: js.configs.all,
+});
+
+export default [
+  {
+    ignores: [
+      "**/webpack.config.js",
+      "lib/**/*",
+      "src/testdata/**/*",
+      "tests/**/*",
+      "eslint.config.mjs",
+      ".github/**/*",
+    ],
+  },
+  ...fixupConfigRules(
+    compat.extends(
+      "eslint:recommended",
+      "plugin:@typescript-eslint/recommended",
+      "plugin:@typescript-eslint/recommended-requiring-type-checking",
+      "plugin:github/recommended",
+      "plugin:github/typescript",
+      "plugin:import/typescript",
+    ),
+  ),
+  {
+    plugins: {
+      "@typescript-eslint": fixupPluginRules(typescriptEslint),
+      filenames: fixupPluginRules(filenames),
+      github: fixupPluginRules(github),
+      import: fixupPluginRules(_import),
+      "no-async-foreach": noAsyncForeach,
+    },
+
+    languageOptions: {
+      parser: tsParser,
+      ecmaVersion: 5,
+      sourceType: "module",
+
+      globals: {
+        ...globals.node,
+      },
+
+      parserOptions: {
+        project: "./tsconfig.json",
+      },
+    },
+
+    settings: {
+      "import/resolver": {
+        node: {
+          moduleDirectory: ["node_modules", "src"],
+        },
+
+        typescript: {},
+      },
+      "import/ignore": ["sinon", "uuid", "@octokit/plugin-retry"],
+    },
+
+    rules: {
+      "filenames/match-regex": ["error", "^[a-z0-9-]+(\\.test)?$"],
+      "i18n-text/no-en": "off",
+
+      "import/extensions": [
+        "error",
+        {
+          json: {},
+        },
+      ],
+
+      "import/no-amd": "error",
+      "import/no-commonjs": "error",
+      "import/no-cycle": "error",
+      "import/no-dynamic-require": "error",
+
+      "import/no-extraneous-dependencies": [
+        "error",
+        {
+          devDependencies: true,
+        },
+      ],
+
+      "import/no-namespace": "off",
+      "import/no-unresolved": "error",
+      "import/no-webpack-loader-syntax": "error",
+
+      "import/order": [
+        "error",
+        {
+          alphabetize: {
+            order: "asc",
+          },
+
+          "newlines-between": "always",
+        },
+      ],
+
+      "max-len": [
+        "error",
+        {
+          code: 120,
+          ignoreUrls: true,
+          ignoreStrings: true,
+          ignoreTemplateLiterals: true,
+        },
+      ],
+
+      "no-async-foreach/no-async-foreach": "error",
+      "no-sequences": "error",
+      "no-shadow": "off",
+      "@typescript-eslint/no-shadow": "error",
+      "one-var": ["error", "never"],
+    },
+  },
+  {
+    files: ["**/*.ts", "**/*.js"],
+
+    rules: {
+      "@typescript-eslint/no-explicit-any": "off",
+      "@typescript-eslint/no-unsafe-assignment": "off",
+      "@typescript-eslint/no-unsafe-member-access": "off",
+      "@typescript-eslint/no-var-requires": "off",
+      "@typescript-eslint/prefer-regexp-exec": "off",
+      "@typescript-eslint/require-await": "off",
+      "@typescript-eslint/restrict-template-expressions": "off",
+      "func-style": "off",
+    },
+  },
+];

init/action.yml

@@ -139,6 +139,8 @@ inputs:
 outputs:
   codeql-path:
     description: The path of the CodeQL binary used for analysis
+  codeql-version:
+    description: The version of the CodeQL binary used for analysis
 runs:
   using: node20
   main: '../lib/init-action.js'

lib/actions-util.js

@@ -43,7 +43,7 @@ const core = __importStar(require("@actions/core"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const safeWhich = __importStar(require("@chrisgavin/safe-which"));
 const util_1 = require("./util");
-// eslint-disable-next-line import/no-commonjs
+// eslint-disable-next-line import/no-commonjs, @typescript-eslint/no-require-imports
 const pkg = require("../package.json");
 /**
  * Wrapper around core.getInput for inputs that always have a value.
@@ -104,7 +104,7 @@ const getCommitOid = async function (checkoutPath, ref = "HEAD") {
         }).exec();
         return commitOid.trim();
     }
-    catch (e) {
+    catch {
         if (stderr.includes("not a git repository")) {
             core.info("Could not determine current commit SHA using git. Continuing with data from user input or environment. " +
                 "The checkout path provided to the action does not appear to be a git repository.");
@@ -161,7 +161,7 @@ const determineMergeBaseCommitOid = async function (checkoutPathOverride) {
         }
         return undefined;
     }
-    catch (e) {
+    catch {
         if (stderr.includes("not a git repository")) {
             core.info("The checkout path provided to the action does not appear to be a git repository. " +
                 "Will calculate the merge base on the server.");

lib/analyze-action-env.test.js

@@ -77,6 +77,7 @@ const util = __importStar(require("./util"));
         process.env["CODEQL_RAM"] = "4992";
         const runFinalizeStub = sinon.stub(analyze, "runFinalize");
         const runQueriesStub = sinon.stub(analyze, "runQueries");
+        // eslint-disable-next-line @typescript-eslint/no-require-imports
         const analyzeAction = require("./analyze-action");
         // When analyze-action.ts loads, it runs an async function from the top
         // level but does not wait for it to finish. To ensure that calls to

lib/analyze-action-env.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,kDAAoC;AACpC,4DAA8C;AAC9C,8DAAgD;AAChD,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,YAAY,EAAE,wBAAwB,CAAC;aAC5C,QAAQ,CAAC,EAAmC,CAAC,CAAC;QACjD,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEnE,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC5D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-env.test.js","sourceRoot":"","sources":["../src/analyze-action-env.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,kDAAoC;AACpC,4DAA8C;AAC9C,8DAAgD;AAChD,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,YAAY,EAAE,wBAAwB,CAAC;aAC5C,QAAQ,CAAC,EAAmC,CAAC,CAAC;QACjD,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEnE,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC5D,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,uEAAuE;QACvE,0EAA0E;QAC1E,iBAAiB;QACjB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,iEAAiE;QACjE,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/analyze-action-input.test.js

@@ -77,6 +77,7 @@ const util = __importStar(require("./util"));
         optionalInputStub.withArgs("ram").returns("3012");
         const runFinalizeStub = sinon.stub(analyze, "runFinalize");
         const runQueriesStub = sinon.stub(analyze, "runQueries");
+        // eslint-disable-next-line @typescript-eslint/no-require-imports
         const analyzeAction = require("./analyze-action");
         // When analyze-action.ts loads, it runs an async function from the top
         // level but does not wait for it to finish. To ensure that calls to

lib/analyze-action-input.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,kDAAoC;AACpC,4DAA8C;AAC9C,8DAAgD;AAChD,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,YAAY,EAAE,wBAAwB,CAAC;aAC5C,QAAQ,CAAC,EAAmC,CAAC,CAAC;QACjD,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxD,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnE,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action-input.test.js","sourceRoot":"","sources":["../src/analyze-action-input.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AACvB,6CAA+B;AAE/B,4DAA8C;AAC9C,mDAAqC;AACrC,kDAAoC;AACpC,4DAA8C;AAC9C,8DAAgD;AAChD,mDAIyB;AACzB,6CAA+B;AAE/B,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,4EAA4E;AAC5E,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,gFAAgF;AAChF,iCAAiC;AAEjC,IAAA,aAAI,EAAC,sDAAsD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvE,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,GAAG,sCAAsC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,wBAAwB,CAAC;QACzD,KAAK;aACF,IAAI,CAAC,YAAY,EAAE,wBAAwB,CAAC;aAC5C,QAAQ,CAAC,EAAmC,CAAC,CAAC;QACjD,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAC,QAAQ,EAAE,CAAC;QACxD,MAAM,aAAa,GAAuB;YACxC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM;SAChC,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC;YAC5C,aAAa;YACb,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACkB,CAAC,CAAC;QACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,iBAAiB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,iBAAiB,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;QACtE,iBAAiB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnE,IAAA,gCAAgB,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,IAAA,0CAA0B,EAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAEpC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,GAAG,GAAG,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC;QAEnC,4DAA4D;QAC5D,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpD,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,iEAAiE;QACjE,MAAM,aAAa,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAElD,uEAAuE;QACvE,oEAAoE;QACpE,4EAA4E;QAC5E,wEAAwE;QACxE,MAAM,aAAa,CAAC,UAAU,CAAC;QAE/B,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/analyze-action.js

@@ -108,7 +108,7 @@ function doesGoExtractionOutputExist(config) {
  * - We approximate whether manual build steps are present by looking at
  * whether any extraction output already exists for Go.
  */
-async function runAutobuildIfLegacyGoWorkflow(config, features, logger) {
+async function runAutobuildIfLegacyGoWorkflow(config, logger) {
     if (!config.languages.includes(languages_1.Language.go)) {
         return;
     }
@@ -135,7 +135,7 @@ async function runAutobuildIfLegacyGoWorkflow(config, features, logger) {
         return;
     }
     logger.debug("Running Go autobuild because extraction output (TRAP files) for Go code has not been found.");
-    await (0, autobuild_1.runAutobuild)(config, languages_1.Language.go, features, logger);
+    await (0, autobuild_1.runAutobuild)(config, languages_1.Language.go, logger);
 }
 async function run() {
     const startedAt = new Date();
@@ -170,8 +170,8 @@ async function run() {
         const features = new feature_flags_1.Features(gitHubVersion, repositoryNwo, actionsUtil.getTemporaryDirectory(), logger);
         const memory = util.getMemoryFlag(actionsUtil.getOptionalInput("ram") || process.env["CODEQL_RAM"], logger);
         await (0, analyze_1.warnIfGoInstalledAfterInit)(config, logger);
-        await runAutobuildIfLegacyGoWorkflow(config, features, logger);
+        await runAutobuildIfLegacyGoWorkflow(config, logger);
-        dbCreationTimings = await (0, analyze_1.runFinalize)(outputDir, threads, memory, codeql, config, features, logger);
+        dbCreationTimings = await (0, analyze_1.runFinalize)(outputDir, threads, memory, codeql, config, logger);
         if (actionsUtil.getRequiredInput("skip-queries") !== "true") {
             runStats = await (0, analyze_1.runQueries)(outputDir, memory, util.getAddSnippetsFlag(actionsUtil.getRequiredInput("add-snippets")), threads, actionsUtil.getOptionalInput("category"), config, logger, features);
         }
@@ -186,7 +186,7 @@ async function run() {
         core.setOutput("sarif-output", path_1.default.resolve(outputDir));
         const uploadInput = actionsUtil.getOptionalInput("upload");
         if (runStats && actionsUtil.getUploadValue(uploadInput) === "always") {
-            uploadResult = await uploadLib.uploadFromActions(outputDir, actionsUtil.getRequiredInput("checkout_path"), actionsUtil.getOptionalInput("category"), logger);
+            uploadResult = await uploadLib.uploadFiles(outputDir, actionsUtil.getRequiredInput("checkout_path"), actionsUtil.getOptionalInput("category"), features, logger);
             core.setOutput("sarif-id", uploadResult.sarifID);
         }
         else {
@@ -220,13 +220,9 @@ async function run() {
             hasBadExpectErrorInput()) {
             core.setFailed(error.message);
         }
-        if (error instanceof analyze_1.CodeQLAnalysisError) {
+        await sendStatusReport(startedAt, config, error instanceof analyze_1.CodeQLAnalysisError
-            const stats = { ...error.queriesStatusReport };
+            ? error.queriesStatusReport
-            await sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, trapCacheCleanupTelemetry, logger);
+            : undefined, error instanceof analyze_1.CodeQLAnalysisError ? error.error : error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, trapCacheCleanupTelemetry, logger);
-        }
-        else {
-            await sendStatusReport(startedAt, config, undefined, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, trapCacheCleanupTelemetry, logger);
-        }
         return;
     }
     if (runStats && uploadResult) {

lib/analyze.js

@@ -51,10 +51,12 @@ const upload_lib_1 = require("./upload-lib");
 const util = __importStar(require("./util"));
 const util_1 = require("./util");
 class CodeQLAnalysisError extends Error {
-    constructor(queriesStatusReport, message) {
+    constructor(queriesStatusReport, message, error) {
         super(message);
-        this.name = "CodeQLAnalysisError";
         this.queriesStatusReport = queriesStatusReport;
+        this.message = message;
+        this.error = error;
+        this.name = "CodeQLAnalysisError";
     }
 }
 exports.CodeQLAnalysisError = CodeQLAnalysisError;
@@ -106,7 +108,7 @@ function dbIsFinalized(config, language, logger) {
         const dbInfo = yaml.load(fs.readFileSync(path.resolve(dbPath, "codeql-database.yml"), "utf8"));
         return !("inProgress" in dbInfo);
     }
-    catch (e) {
+    catch {
         logger.warning(`Could not check whether database for ${language} was finalized. Assuming it is not.`);
         return false;
     }
@@ -184,13 +186,13 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
         }
         catch (e) {
             statusReport.analyze_failure_language = language;
-            throw new CodeQLAnalysisError(statusReport, `Error running analysis for ${language}: ${util.wrapError(e).message}`);
+            throw new CodeQLAnalysisError(statusReport, `Error running analysis for ${language}: ${util.wrapError(e).message}`, util.wrapError(e));
         }
     }
     return statusReport;
     async function runInterpretResults(language, queries, sarifFile, enableDebugLogging) {
         const databasePath = util.getCodeQLDatabasePath(config, language);
-        return await codeql.databaseInterpretResults(databasePath, queries, sarifFile, addSnippetsFlag, threadsFlag, enableDebugLogging ? "-vv" : "-v", automationDetailsId, config, features, logger);
+        return await codeql.databaseInterpretResults(databasePath, queries, sarifFile, addSnippetsFlag, threadsFlag, enableDebugLogging ? "-vv" : "-v", automationDetailsId, config, features);
     }
     /** Get an object with all queries and their counts parsed from a SARIF file path. */
     function getPerQueryAlertCounts(sarifPath, log) {
@@ -217,7 +219,7 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
         return await codeql.databasePrintBaseline(databasePath);
     }
 }
-async function runFinalize(outputDir, threadsFlag, memoryFlag, codeql, config, features, logger) {
+async function runFinalize(outputDir, threadsFlag, memoryFlag, codeql, config, logger) {
     try {
         await (0, del_1.default)(outputDir, { force: true });
     }
@@ -230,7 +232,7 @@ async function runFinalize(outputDir, threadsFlag, memoryFlag, codeql, config, f
     const timings = await finalizeDatabaseCreation(codeql, config, threadsFlag, memoryFlag, logger);
     // If we didn't already end tracing in the autobuild Action, end it now.
     if (process.env[environment_1.EnvVar.AUTOBUILD_DID_COMPLETE_SUCCESSFULLY] !== "true") {
-        await (0, tracer_config_1.endTracingForCluster)(codeql, config, logger, features);
+        await (0, tracer_config_1.endTracingForCluster)(codeql, config, logger);
     }
     return timings;
 }

lib/api-client.js

@@ -123,6 +123,13 @@ async function getWorkflowRelativePath() {
         run_id,
     });
     const workflowUrl = runsResponse.data.workflow_url;
+    const requiredWorkflowRegex = /\/repos\/[^/]+\/[^/]+\/actions\/required_workflows\/[^/]+/;
+    if (!workflowUrl || requiredWorkflowRegex.test(workflowUrl)) {
+        // For required workflows, the workflowUrl is invalid so we cannot fetch more informations
+        // about the workflow.
+        // However, the path is available in the original response.
+        return runsResponse.data.path;
+    }
     const workflowResponse = await apiClient.request(`GET ${workflowUrl}`);
     return workflowResponse.data.path;
 }

lib/api-compatibility.json

@@ -1 +1 @@
-{ "maximumVersion": "3.14", "minimumVersion": "3.9" }
+{ "maximumVersion": "3.14", "minimumVersion": "3.10" }

lib/autobuild-action.js

@@ -30,9 +30,7 @@ const autobuild_1 = require("./autobuild");
 const codeql_1 = require("./codeql");
 const config_utils_1 = require("./config-utils");
 const environment_1 = require("./environment");
-const feature_flags_1 = require("./feature-flags");
 const logging_1 = require("./logging");
-const repository_1 = require("./repository");
 const status_report_1 = require("./status-report");
 const tracer_config_1 = require("./tracer-config");
 const util_1 = require("./util");
@@ -63,8 +61,6 @@ async function run() {
         const gitHubVersion = await (0, api_client_1.getGitHubVersion)();
         (0, util_1.checkGitHubVersionInRange)(gitHubVersion, logger);
         (0, util_1.checkActionVersion)((0, actions_util_1.getActionVersion)(), gitHubVersion);
-        const repositoryNwo = (0, repository_1.parseRepositoryNwo)((0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY"));
-        const features = new feature_flags_1.Features(gitHubVersion, repositoryNwo, (0, actions_util_1.getTemporaryDirectory)(), logger);
         config = await (0, config_utils_1.getConfig)((0, actions_util_1.getTemporaryDirectory)(), logger);
         if (config === undefined) {
             throw new Error("Config file could not be found at expected location. Has the 'init' action been called?");
@@ -79,12 +75,12 @@ async function run() {
             }
             for (const language of languages) {
                 currentLanguage = language;
-                await (0, autobuild_1.runAutobuild)(config, language, features, logger);
+                await (0, autobuild_1.runAutobuild)(config, language, logger);
             }
         }
         // End tracing early to avoid tracing analyze. This improves the performance and reliability of
         // the analyze step.
-        await (0, tracer_config_1.endTracingForCluster)(codeql, config, logger, features);
+        await (0, tracer_config_1.endTracingForCluster)(codeql, config, logger);
     }
     catch (unwrappedError) {
         const error = (0, util_1.wrapError)(unwrappedError);

lib/autobuild-action.js.map

@@ -1 +1 @@
-{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAIwB;AACxB,6CAAgD;AAChD,2CAAwE;AACxE,qCAAqC;AACrC,iDAAmD;AACnD,+CAAuC;AACvC,mDAA2C;AAE3C,uCAAqD;AACrD,6CAAkD;AAClD,mDAMyB;AACzB,mDAAuD;AACvD,iCAOgB;AAShB,KAAK,UAAU,yBAAyB,CACtC,MAA0B,EAC1B,MAAc,EACd,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;IAEb,IAAA,4BAAqB,EAAC,IAAA,+BAAgB,GAAE,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,IAAA,gCAAgB,EAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,sCAAsB,EACnD,0BAAU,CAAC,SAAS,EACpB,MAAM,EACN,SAAS,EACT,MAAM,EACN,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,EAC5B,MAAM,EACN,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,KAAK,CACb,CAAC;IACF,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;QACnC,MAAM,YAAY,GAA0B;YAC1C,GAAG,gBAAgB;YACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;YAC3C,iBAAiB,EAAE,eAAe;SACnC,CAAC;QACF,MAAM,IAAA,gCAAgB,EAAC,YAAY,CAAC,CAAC;IACvC,CAAC;AACH,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,IAAI,MAA0B,CAAC;IAC/B,IAAI,eAAqC,CAAC;IAC1C,IAAI,SAAiC,CAAC;IACtC,IAAI,CAAC;QACH,MAAM,gBAAgB,GAAG,MAAM,IAAA,sCAAsB,EACnD,0BAAU,CAAC,SAAS,EACpB,UAAU,EACV,SAAS,EACT,MAAM,EACN,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,EAC5B,MAAM,CACP,CAAC;QACF,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,MAAM,IAAA,gCAAgB,EAAC,gBAAgB,CAAC,CAAC;QAC3C,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QACjD,IAAA,yBAAkB,EAAC,IAAA,+BAAgB,GAAE,EAAE,aAAa,CAAC,CAAC;QAEtD,MAAM,aAAa,GAAG,IAAA,+BAAkB,EACtC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CACzC,CAAC;QAEF,MAAM,QAAQ,GAAG,IAAI,wBAAQ,CAC3B,aAAa,EACb,aAAa,EACb,IAAA,oCAAqB,GAAE,EACvB,MAAM,CACP,CAAC;QAEF,MAAM,GAAG,MAAM,IAAA,wBAAS,EAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC1D,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAEjD,SAAS,GAAG,MAAM,IAAA,uCAA2B,EAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QACtE,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,gBAAgB,EAAE,CAAC;gBACrB,MAAM,CAAC,IAAI,CACT,6CAA6C,gBAAgB,EAAE,CAChE,CAAC;gBACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;YAClC,CAAC;YACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;gBACjC,eAAe,GAAG,QAAQ,CAAC;gBAC3B,MAAM,IAAA,wBAAY,EAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QAED,+FAA+F;QAC/F,oBAAoB;QACpB,MAAM,IAAA,oCAAoB,EAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC/D,CAAC;IAAC,OAAO,cAAc,EAAE,CAAC;QACxB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QACxC,IAAI,CAAC,SAAS,CACZ,kIAAkI,KAAK,CAAC,OAAO,EAAE,CAClJ,CAAC;QACF,MAAM,yBAAyB,CAC7B,MAAM,EACN,MAAM,EACN,SAAS,EACT,SAAS,IAAI,EAAE,EACf,eAAe,EACf,KAAK,CACN,CAAC;QACF,OAAO;IACT,CAAC;IAED,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,mCAAmC,EAAE,MAAM,CAAC,CAAC;IAExE,MAAM,yBAAyB,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC;AAC9E,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI,CAAC;QACH,MAAM,GAAG,EAAE,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,SAAS,CAAC,4BAA4B,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IACzE,CAAC;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}
+{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAIwB;AACxB,6CAAgD;AAChD,2CAAwE;AACxE,qCAAqC;AACrC,iDAAmD;AACnD,+CAAuC;AAEvC,uCAAqD;AACrD,mDAMyB;AACzB,mDAAuD;AACvD,iCAMgB;AAShB,KAAK,UAAU,yBAAyB,CACtC,MAA0B,EAC1B,MAAc,EACd,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;IAEb,IAAA,4BAAqB,EAAC,IAAA,+BAAgB,GAAE,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,IAAA,gCAAgB,EAAC,KAAK,EAAE,eAAe,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,sCAAsB,EACnD,0BAAU,CAAC,SAAS,EACpB,MAAM,EACN,SAAS,EACT,MAAM,EACN,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,EAC5B,MAAM,EACN,KAAK,EAAE,OAAO,EACd,KAAK,EAAE,KAAK,CACb,CAAC;IACF,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;QACnC,MAAM,YAAY,GAA0B;YAC1C,GAAG,gBAAgB;YACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;YAC3C,iBAAiB,EAAE,eAAe;SACnC,CAAC;QACF,MAAM,IAAA,gCAAgB,EAAC,YAAY,CAAC,CAAC;IACvC,CAAC;AACH,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,IAAI,MAA0B,CAAC;IAC/B,IAAI,eAAqC,CAAC;IAC1C,IAAI,SAAiC,CAAC;IACtC,IAAI,CAAC;QACH,MAAM,gBAAgB,GAAG,MAAM,IAAA,sCAAsB,EACnD,0BAAU,CAAC,SAAS,EACpB,UAAU,EACV,SAAS,EACT,MAAM,EACN,MAAM,IAAA,qBAAc,EAAC,MAAM,CAAC,EAC5B,MAAM,CACP,CAAC;QACF,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,MAAM,IAAA,gCAAgB,EAAC,gBAAgB,CAAC,CAAC;QAC3C,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;QAC/C,IAAA,gCAAyB,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QACjD,IAAA,yBAAkB,EAAC,IAAA,+BAAgB,GAAE,EAAE,aAAa,CAAC,CAAC;QAEtD,MAAM,GAAG,MAAM,IAAA,wBAAS,EAAC,IAAA,oCAAqB,GAAE,EAAE,MAAM,CAAC,CAAC;QAC1D,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAEjD,SAAS,GAAG,MAAM,IAAA,uCAA2B,EAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QACtE,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,MAAM,gBAAgB,GAAG,IAAA,+BAAgB,EAAC,mBAAmB,CAAC,CAAC;YAC/D,IAAI,gBAAgB,EAAE,CAAC;gBACrB,MAAM,CAAC,IAAI,CACT,6CAA6C,gBAAgB,EAAE,CAChE,CAAC;gBACF,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;YAClC,CAAC;YACD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;gBACjC,eAAe,GAAG,QAAQ,CAAC;gBAC3B,MAAM,IAAA,wBAAY,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,+FAA+F;QAC/F,oBAAoB;QACpB,MAAM,IAAA,oCAAoB,EAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IACrD,CAAC;IAAC,OAAO,cAAc,EAAE,CAAC;QACxB,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,cAAc,CAAC,CAAC;QACxC,IAAI,CAAC,SAAS,CACZ,kIAAkI,KAAK,CAAC,OAAO,EAAE,CAClJ,CAAC;QACF,MAAM,yBAAyB,CAC7B,MAAM,EACN,MAAM,EACN,SAAS,EACT,SAAS,IAAI,EAAE,EACf,eAAe,EACf,KAAK,CACN,CAAC;QACF,OAAO;IACT,CAAC;IAED,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,mCAAmC,EAAE,MAAM,CAAC,CAAC;IAExE,MAAM,yBAAyB,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC;AAC9E,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI,CAAC;QACH,MAAM,GAAG,EAAE,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,SAAS,CAAC,4BAA4B,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IACzE,CAAC;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

lib/autobuild.js

@@ -30,6 +30,7 @@ const core = __importStar(require("@actions/core"));
 const actions_util_1 = require("./actions-util");
 const api_client_1 = require("./api-client");
 const codeql_1 = require("./codeql");
+const doc_url_1 = require("./doc-url");
 const environment_1 = require("./environment");
 const feature_flags_1 = require("./feature-flags");
 const languages_1 = require("./languages");
@@ -103,15 +104,13 @@ async function determineAutobuildLanguages(codeql, config, logger) {
         logger.warning(`We will only automatically build ${languages.join(" and ")} code. If you wish to scan ${autobuildLanguagesWithoutGo
             .slice(1)
             .join(" and ")}, you must replace the autobuild step of your workflow with custom build steps. ` +
-            "For more information, see " +
+            `See ${doc_url_1.DocUrl.SPECIFY_BUILD_STEPS_MANUALLY} for more information.`);
-            "https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language");
     }
     return languages;
 }
 async function setupCppAutobuild(codeql, logger) {
     const envVar = feature_flags_1.featureConfig[feature_flags_1.Feature.CppDependencyInstallation].envVar;
     const featureName = "C++ automatic installation of dependencies";
-    const envDoc = "https://docs.github.com/en/actions/learn-github-actions/variables#defining-environment-variables-for-a-single-workflow";
     const gitHubVersion = await (0, api_client_1.getGitHubVersion)();
     const repositoryNwo = (0, repository_1.parseRepositoryNwo)((0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY"));
     const features = new feature_flags_1.Features(gitHubVersion, repositoryNwo, (0, actions_util_1.getTemporaryDirectory)(), logger);
@@ -120,12 +119,12 @@ async function setupCppAutobuild(codeql, logger) {
         if (process.env["RUNNER_ENVIRONMENT"] === "self-hosted" &&
             process.env[envVar] !== "true") {
             logger.info(`Disabling ${featureName} as we are on a self-hosted runner.${(0, actions_util_1.getWorkflowEventName)() !== "dynamic"
-                ? ` To override this, set the ${envVar} environment variable to 'true' in your workflow (see ${envDoc}).`
+                ? ` To override this, set the ${envVar} environment variable to 'true' in your workflow. See ${doc_url_1.DocUrl.DEFINE_ENV_VARIABLES} for more information.`
                 : ""}`);
             core.exportVariable(envVar, "false");
         }
         else {
-            logger.info(`Enabling ${featureName}. This can be disabled by setting the ${envVar} environment variable to 'false' (see ${envDoc}).`);
+            logger.info(`Enabling ${featureName}. This can be disabled by setting the ${envVar} environment variable to 'false'. See ${doc_url_1.DocUrl.DEFINE_ENV_VARIABLES} for more information.`);
             core.exportVariable(envVar, "true");
         }
     }
@@ -134,14 +133,14 @@ async function setupCppAutobuild(codeql, logger) {
         core.exportVariable(envVar, "false");
     }
 }
-async function runAutobuild(config, language, features, logger) {
+async function runAutobuild(config, language, logger) {
     logger.startGroup(`Attempting to automatically build ${language} code`);
     const codeQL = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
     if (language === languages_1.Language.cpp) {
         await setupCppAutobuild(codeQL, logger);
     }
     if (config.buildMode &&
-        (await features.getValue(feature_flags_1.Feature.AutobuildDirectTracing, codeQL))) {
+        (await codeQL.supportsFeature(tools_features_1.ToolsFeature.TraceCommandUseBuildMode))) {
         await codeQL.extractUsingBuildMode(config, language);
     }
     else {

lib/autobuild.js.map

@@ -1 +1 @@
-{"version":3,"file":"autobuild.js","sourceRoot":"","sources":["../src/autobuild.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAmBA,kEAgGC;AAED,8CAuCC;AAED,oCAuBC;AArLD,oDAAsC;AAEtC,iDAA6E;AAC7E,6CAAgD;AAChD,qCAA6C;AAE7C,+CAAuC;AACvC,mDAKyB;AACzB,2CAAyD;AAEzD,6CAAkD;AAClD,qDAAgD;AAChD,iCAAwD;AAEjD,KAAK,UAAU,2BAA2B,CAC/C,MAAc,EACd,MAA0B,EAC1B,MAAc;IAEd,IACE,CAAC,MAAM,CAAC,SAAS,KAAK,gBAAS,CAAC,IAAI;QAClC,CAAC,MAAM,MAAM,CAAC,eAAe,CAAC,6BAAY,CAAC,wBAAwB,CAAC,CAAC,CAAC;QACxE,MAAM,CAAC,SAAS,KAAK,gBAAS,CAAC,MAAM,EACrC,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,SAAS,MAAM,CAAC,SAAS,oCAAoC,CAAC,CAAC;QAC3E,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,0CAA0C;IAC1C,mFAAmF;IACnF,oFAAoF;IACpF,4EAA4E;IAC5E,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvD,IAAA,4BAAgB,EAAC,CAAC,CAAC,CACpB,CAAC;IAEF,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,CACT,iEAAiE,CAClE,CAAC;QACF,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,MAAM,2BAA2B,GAAG,kBAAkB,CAAC,MAAM,CAC3D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,oBAAQ,CAAC,EAAE,CACzB,CAAC;IAEF,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,yEAAyE;IACzE,UAAU;IACV,IAAI,2BAA2B,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;QACjD,SAAS,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,uEAAuE;IACvE,wCAAwC;IACxC,IAAI,kBAAkB,CAAC,MAAM,KAAK,2BAA2B,CAAC,MAAM,EAAE,CAAC;QACrE,SAAS,CAAC,IAAI,CAAC,oBAAQ,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAE3D,2EAA2E;IAC3E,4EAA4E;IAC5E,2CAA2C;IAC3C,uEAAuE;IACvE,2EAA2E;IAC3E,uEAAuE;IACvE,yCAAyC;IACzC,IAAI,2BAA2B,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,OAAO,CACZ,oCAAoC,SAAS,CAAC,IAAI,CAChD,OAAO,CACR,8BAA8B,2BAA2B;aACvD,KAAK,CAAC,CAAC,CAAC;aACR,IAAI,CACH,OAAO,CACR,kFAAkF;YACnF,4BAA4B;YAC5B,0NAA0N,CAC7N,CAAC;IACJ,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,MAAM,GAAG,6BAAa,CAAC,uBAAO,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC;IACvE,MAAM,WAAW,GAAG,4CAA4C,CAAC;IACjE,MAAM,MAAM,GACV,wHAAwH,CAAC;IAC3H,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;IAC/C,MAAM,aAAa,GAAG,IAAA,+BAAkB,EACtC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CACzC,CAAC;IACF,MAAM,QAAQ,GAAG,IAAI,wBAAQ,CAC3B,aAAa,EACb,aAAa,EACb,IAAA,oCAAqB,GAAE,EACvB,MAAM,CACP,CAAC;IACF,IAAI,MAAM,QAAQ,CAAC,QAAQ,CAAC,uBAAO,CAAC,yBAAyB,EAAE,MAAM,CAAC,EAAE,CAAC;QACvE,yEAAyE;QACzE,IACE,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,aAAa;YACnD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,MAAM,EAC9B,CAAC;YACD,MAAM,CAAC,IAAI,CACT,aAAa,WAAW,sCACtB,IAAA,mCAAoB,GAAE,KAAK,SAAS;gBAClC,CAAC,CAAC,8BAA8B,MAAM,yDAAyD,MAAM,IAAI;gBACzG,CAAC,CAAC,EACN,EAAE,CACH,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACvC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CACT,YAAY,WAAW,yCAAyC,MAAM,yCAAyC,MAAM,IAAI,CAC1H,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,aAAa,WAAW,GAAG,CAAC,CAAC;QACzC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,YAAY,CAChC,MAA0B,EAC1B,QAAkB,EAClB,QAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,qCAAqC,QAAQ,OAAO,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACjD,IAAI,QAAQ,KAAK,oBAAQ,CAAC,GAAG,EAAE,CAAC;QAC9B,MAAM,iBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IACD,IACE,MAAM,CAAC,SAAS;QAChB,CAAC,MAAM,QAAQ,CAAC,QAAQ,CAAC,uBAAO,CAAC,sBAAsB,EAAE,MAAM,CAAC,CAAC,EACjE,CAAC;QACD,MAAM,MAAM,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACvD,CAAC;SAAM,CAAC;QACN,MAAM,MAAM,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC9C,CAAC;IACD,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE,CAAC;QAC7B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;IAC3D,CAAC;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC"}
+{"version":3,"file":"autobuild.js","sourceRoot":"","sources":["../src/autobuild.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAeA,kEA+FC;AAED,8CAqCC;AAED,oCAsBC;AA7KD,oDAAsC;AAEtC,iDAA6E;AAC7E,6CAAgD;AAChD,qCAA6C;AAE7C,uCAAmC;AACnC,+CAAuC;AACvC,mDAAmE;AACnE,2CAAyD;AAEzD,6CAAkD;AAClD,qDAAgD;AAChD,iCAAwD;AAEjD,KAAK,UAAU,2BAA2B,CAC/C,MAAc,EACd,MAA0B,EAC1B,MAAc;IAEd,IACE,CAAC,MAAM,CAAC,SAAS,KAAK,gBAAS,CAAC,IAAI;QAClC,CAAC,MAAM,MAAM,CAAC,eAAe,CAAC,6BAAY,CAAC,wBAAwB,CAAC,CAAC,CAAC;QACxE,MAAM,CAAC,SAAS,KAAK,gBAAS,CAAC,MAAM,EACrC,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,SAAS,MAAM,CAAC,SAAS,oCAAoC,CAAC,CAAC;QAC3E,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,0CAA0C;IAC1C,mFAAmF;IACnF,oFAAoF;IACpF,4EAA4E;IAC5E,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvD,IAAA,4BAAgB,EAAC,CAAC,CAAC,CACpB,CAAC;IAEF,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,CACT,iEAAiE,CAClE,CAAC;QACF,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,MAAM,2BAA2B,GAAG,kBAAkB,CAAC,MAAM,CAC3D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,oBAAQ,CAAC,EAAE,CACzB,CAAC;IAEF,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,yEAAyE;IACzE,UAAU;IACV,IAAI,2BAA2B,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;QACjD,SAAS,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,uEAAuE;IACvE,wCAAwC;IACxC,IAAI,kBAAkB,CAAC,MAAM,KAAK,2BAA2B,CAAC,MAAM,EAAE,CAAC;QACrE,SAAS,CAAC,IAAI,CAAC,oBAAQ,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAE3D,2EAA2E;IAC3E,4EAA4E;IAC5E,2CAA2C;IAC3C,uEAAuE;IACvE,2EAA2E;IAC3E,uEAAuE;IACvE,yCAAyC;IACzC,IAAI,2BAA2B,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,OAAO,CACZ,oCAAoC,SAAS,CAAC,IAAI,CAChD,OAAO,CACR,8BAA8B,2BAA2B;aACvD,KAAK,CAAC,CAAC,CAAC;aACR,IAAI,CACH,OAAO,CACR,kFAAkF;YACnF,OAAO,gBAAM,CAAC,4BAA4B,wBAAwB,CACrE,CAAC;IACJ,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,MAAM,GAAG,6BAAa,CAAC,uBAAO,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC;IACvE,MAAM,WAAW,GAAG,4CAA4C,CAAC;IACjE,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;IAC/C,MAAM,aAAa,GAAG,IAAA,+BAAkB,EACtC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CACzC,CAAC;IACF,MAAM,QAAQ,GAAG,IAAI,wBAAQ,CAC3B,aAAa,EACb,aAAa,EACb,IAAA,oCAAqB,GAAE,EACvB,MAAM,CACP,CAAC;IACF,IAAI,MAAM,QAAQ,CAAC,QAAQ,CAAC,uBAAO,CAAC,yBAAyB,EAAE,MAAM,CAAC,EAAE,CAAC;QACvE,yEAAyE;QACzE,IACE,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,aAAa;YACnD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,MAAM,EAC9B,CAAC;YACD,MAAM,CAAC,IAAI,CACT,aAAa,WAAW,sCACtB,IAAA,mCAAoB,GAAE,KAAK,SAAS;gBAClC,CAAC,CAAC,8BAA8B,MAAM,yDAAyD,gBAAM,CAAC,oBAAoB,wBAAwB;gBAClJ,CAAC,CAAC,EACN,EAAE,CACH,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACvC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CACT,YAAY,WAAW,yCAAyC,MAAM,yCAAyC,gBAAM,CAAC,oBAAoB,wBAAwB,CACnK,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,aAAa,WAAW,GAAG,CAAC,CAAC;QACzC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,YAAY,CAChC,MAA0B,EAC1B,QAAkB,EAClB,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,qCAAqC,QAAQ,OAAO,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACjD,IAAI,QAAQ,KAAK,oBAAQ,CAAC,GAAG,EAAE,CAAC;QAC9B,MAAM,iBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IACD,IACE,MAAM,CAAC,SAAS;QAChB,CAAC,MAAM,MAAM,CAAC,eAAe,CAAC,6BAAY,CAAC,wBAAwB,CAAC,CAAC,EACrE,CAAC;QACD,MAAM,MAAM,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACvD,CAAC;SAAM,CAAC;QACN,MAAM,MAAM,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC9C,CAAC;IACD,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE,CAAC;QAC7B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;IAC3D,CAAC;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC"}

lib/cli-errors.js

@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.cliErrorsConfig = exports.CliConfigErrorCategory = exports.CommandInvocationError = void 0;
 exports.getCliConfigCategoryIfExists = getCliConfigCategoryIfExists;
 exports.wrapCliConfigurationError = wrapCliConfigurationError;
+const doc_url_1 = require("./doc-url");
 const util_1 = require("./util");
 /**
  * A class of Error that we can classify as an error stemming from a CLI
@@ -19,20 +20,16 @@ class CommandInvocationError extends Error {
         if (fatalErrors) {
             message =
                 `Encountered a fatal error while running "${prettyCommand}". ` +
-                    `Exit code was ${exitCode} and error was: ${fatalErrors.trim()} See the logs for more details.`;
+                    `Exit code was ${exitCode} and error was: ${ensureEndsInPeriod(fatalErrors.trim())} See the logs for more details.`;
         }
         else if (autobuildErrors) {
-            const autobuildHelpLink = "https://docs.github.com/en/code-security/code-scanning/troubleshooting-code-scanning/automatic-build-failed";
             message =
                 "We were unable to automatically build your code. Please provide manual build steps. " +
-                    `For more information, see ${autobuildHelpLink}. ` +
+                    `See ${doc_url_1.DocUrl.AUTOMATIC_BUILD_FAILED} for more information. ` +
                     `Encountered the following error: ${autobuildErrors}`;
         }
         else {
-            let lastLine = stderr.trim().split("\n").pop()?.trim() || "";
+            const lastLine = ensureEndsInPeriod(stderr.trim().split("\n").pop()?.trim() || "n/a");
-            if (lastLine[lastLine.length - 1] !== ".") {
-                lastLine += ".";
-            }
             message =
                 `Encountered a fatal error while running "${prettyCommand}". ` +
                     `Exit code was ${exitCode} and last log line was: ${lastLine} See the logs for more details.`;
@@ -74,7 +71,7 @@ exports.CommandInvocationError = CommandInvocationError;
  * the Actions UI.
  */
 function extractFatalErrors(error) {
-    const fatalErrorRegex = /.*fatal error occurred:/gi;
+    const fatalErrorRegex = /.*fatal (internal )?error occurr?ed(. Details)?:/gi;
     let fatalErrors = [];
     let lastFatalErrorIndex;
     let match;
@@ -118,6 +115,7 @@ function ensureEndsInPeriod(text) {
 /** Error messages from the CLI that we consider configuration errors and handle specially. */
 var CliConfigErrorCategory;
 (function (CliConfigErrorCategory) {
+    CliConfigErrorCategory["AutobuildError"] = "AutobuildError";
     CliConfigErrorCategory["ExternalRepositoryCloneFailed"] = "ExternalRepositoryCloneFailed";
     CliConfigErrorCategory["GradleBuildFailed"] = "GradleBuildFailed";
     CliConfigErrorCategory["IncompatibleWithActionVersion"] = "IncompatibleWithActionVersion";
@@ -141,6 +139,11 @@ var CliConfigErrorCategory;
  * would like to categorize an error as a configuration error or not.
  */
 exports.cliErrorsConfig = {
+    [CliConfigErrorCategory.AutobuildError]: {
+        cliErrorMessageCandidates: [
+            new RegExp("We were unable to automatically build your code"),
+        ],
+    },
     [CliConfigErrorCategory.ExternalRepositoryCloneFailed]: {
         cliErrorMessageCandidates: [
             new RegExp("Failed to clone external Git repository"),

lib/codeql.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = void 0;
+exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = void 0;
 exports.setupCodeQL = setupCodeQL;
 exports.getCodeQL = getCodeQL;
 exports.setCodeQL = setCodeQL;
@@ -42,6 +42,7 @@ const yaml = __importStar(require("js-yaml"));
 const semver = __importStar(require("semver"));
 const actions_util_1 = require("./actions-util");
 const cli_errors_1 = require("./cli-errors");
+const doc_url_1 = require("./doc-url");
 const environment_1 = require("./environment");
 const feature_flags_1 = require("./feature-flags");
 const setupCodeql = __importStar(require("./setup-codeql"));
@@ -62,19 +63,19 @@ let cachedCodeQL = undefined;
  * The version flags below can be used to conditionally enable certain features
  * on versions newer than this.
  */
-const CODEQL_MINIMUM_VERSION = "2.12.6";
+const CODEQL_MINIMUM_VERSION = "2.13.5";
 /**
  * This version will shortly become the oldest version of CodeQL that the Action will run with.
  */
-const CODEQL_NEXT_MINIMUM_VERSION = "2.12.6";
+const CODEQL_NEXT_MINIMUM_VERSION = "2.13.5";
 /**
  * This is the version of GHES that was most recently deprecated.
  */
-const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.8";
+const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.9";
 /**
  * This is the deprecation date for the version of GHES that was most recently deprecated.
  */
-const GHES_MOST_RECENT_DEPRECATION_DATE = "2024-03-26";
+const GHES_MOST_RECENT_DEPRECATION_DATE = "2024-07-09";
 /** The CLI verbosity level to use for extraction in debug mode. */
 const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
 /*
@@ -84,14 +85,6 @@ const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
  * For convenience, please keep these in descending order. Once a version
  * flag is older than the oldest supported version above, it may be removed.
  */
-/**
- * Versions 2.13.1+ of the CodeQL CLI fix a bug where diagnostics export could produce invalid SARIF.
- */
-exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = "2.13.1";
-/**
- * Versions 2.13.4+ of the CodeQL CLI support the `resolve build-environment` command.
- */
-exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = "2.13.4";
 /**
  * Versions 2.14.2+ of the CodeQL CLI support language-specific baseline configuration.
  */
@@ -246,7 +239,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 try {
                     result = JSON.parse(output);
                 }
-                catch (err) {
+                catch {
                     throw Error(`Invalid JSON output from \`version --format=json\`: ${output}`);
                 }
                 util.cacheCodeQlVersion(result);
@@ -259,9 +252,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
         async supportsFeature(feature) {
             return (0, tools_features_1.isSupportedToolsFeature)(await this.getVersion(), feature);
         },
-        async databaseInitCluster(config, sourceRoot, processName, qlconfigFile, features, logger) {
+        async databaseInitCluster(config, sourceRoot, processName, qlconfigFile, logger) {
             const extraArgs = config.languages.map((language) => `--language=${language}`);
-            if (await (0, tracer_config_1.shouldEnableIndirectTracing)(codeql, config, features)) {
+            if (await (0, tracer_config_1.shouldEnableIndirectTracing)(codeql, config)) {
                 extraArgs.push("--begin-tracing");
                 extraArgs.push(...(await getTrapCachingExtractorConfigArgs(config)));
                 extraArgs.push(`--trace-process-name=${processName}`);
@@ -360,8 +353,7 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 if (config.buildMode === util_1.BuildMode.Autobuild) {
                     const prefix = "We were unable to automatically build your code. " +
                         "Please change the build mode for this language to manual and specify build steps " +
-                        "for your project. For more information, see " +
+                        `for your project. See ${doc_url_1.DocUrl.AUTOMATIC_BUILD_FAILED} for more information.`;
-                        "https://docs.github.com/en/code-security/code-scanning/troubleshooting-code-scanning/automatic-build-failed.";
                     const ErrorConstructor = e instanceof util.ConfigurationError
                         ? util.ConfigurationError
                         : Error;
@@ -473,20 +465,15 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             }
             await runTool(cmd, codeqlArgs);
         },
-        async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, automationDetailsId, config, features, logger) {
+        async databaseInterpretResults(databasePath, querySuitePaths, sarifFile, addSnippetsFlag, threadsFlag, verbosityFlag, automationDetailsId, config, features) {
             const shouldExportDiagnostics = await features.getValue(feature_flags_1.Feature.ExportDiagnosticsEnabled, this);
-            const shouldWorkaroundInvalidNotifications = shouldExportDiagnostics &&
-                !(await isDiagnosticsExportInvalidSarifFixed(this));
-            const codeqlOutputFile = shouldWorkaroundInvalidNotifications
-                ? path.join(config.tempDir, "codeql-intermediate-results.sarif")
-                : sarifFile;
             const codeqlArgs = [
                 "database",
                 "interpret-results",
                 threadsFlag,
                 "--format=sarif-latest",
                 verbosityFlag,
-                `--output=${codeqlOutputFile}`,
+                `--output=${sarifFile}`,
                 addSnippetsFlag,
                 "--print-diagnostics-summary",
                 "--print-metrics-summary",
@@ -521,13 +508,9 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             }
             // Capture the stdout, which contains the analysis summary. Don't stream it to the Actions
             // logs to avoid printing it twice.
-            const analysisSummary = await runTool(cmd, codeqlArgs, {
+            return await runTool(cmd, codeqlArgs, {
                 noStreamStdout: true,
             });
-            if (shouldWorkaroundInvalidNotifications) {
-                util.fixInvalidNotificationsInFile(codeqlOutputFile, sarifFile, logger);
-            }
-            return analysisSummary;
         },
         async databasePrintBaseline(databasePath) {
             const codeqlArgs = [
@@ -603,18 +586,14 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             ];
             await new toolrunner.ToolRunner(cmd, args).exec();
         },
-        async databaseExportDiagnostics(databasePath, sarifFile, automationDetailsId, tempDir, logger) {
+        async databaseExportDiagnostics(databasePath, sarifFile, automationDetailsId) {
-            const shouldWorkaroundInvalidNotifications = !(await isDiagnosticsExportInvalidSarifFixed(this));
-            const codeqlOutputFile = shouldWorkaroundInvalidNotifications
-                ? path.join(tempDir, "codeql-intermediate-results.sarif")
-                : sarifFile;
             const args = [
                 "database",
                 "export-diagnostics",
                 `${databasePath}`,
                 "--db-cluster", // Database is always a cluster for CodeQL versions that support diagnostics.
                 "--format=sarif-latest",
-                `--output=${codeqlOutputFile}`,
+                `--output=${sarifFile}`,
                 "--sarif-include-diagnostics", // ExportDiagnosticsEnabled is always true if this command is run.
                 "-vvv",
                 ...getExtraOptionsFromEnv(["diagnostics", "export"]),
@@ -623,10 +602,6 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                 args.push("--sarif-category", automationDetailsId);
             }
             await new toolrunner.ToolRunner(cmd, args).exec();
-            if (shouldWorkaroundInvalidNotifications) {
-                // Fix invalid notifications in the SARIF file output by CodeQL.
-                util.fixInvalidNotificationsInFile(codeqlOutputFile, sarifFile, logger);
-            }
         },
         async diagnosticsExport(sarifFile, automationDetailsId, config) {
             const args = [
@@ -887,9 +862,6 @@ async function getTrapCachingExtractorConfigArgsForLang(config, language) {
 function getGeneratedCodeScanningConfigPath(config) {
     return path.resolve(config.tempDir, "user-config.yaml");
 }
-async function isDiagnosticsExportInvalidSarifFixed(codeql) {
-    return await util.codeQlVersionAtLeast(codeql, exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED);
-}
 async function getLanguageAliasingArguments(codeql) {
     if (await util.codeQlVersionAtLeast(codeql, exports.CODEQL_VERSION_LANGUAGE_ALIASING)) {
         return ["--extractor-include-aliases"];

lib/codeql.test.js

@@ -40,6 +40,7 @@ const actionsUtil = __importStar(require("./actions-util"));
 const cli_errors_1 = require("./cli-errors");
 const codeql = __importStar(require("./codeql"));
 const defaults = __importStar(require("./defaults.json"));
+const doc_url_1 = require("./doc-url");
 const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const setup_codeql_1 = require("./setup-codeql");
@@ -140,35 +141,26 @@ function mockApiDetails(apiDetails) {
 });
 const EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES = [
     {
-        cliVersion: "2.10.0",
+        tagName: "codeql-bundle-2.17.6",
-        expectedToolcacheVersion: "2.10.0-20200610",
+        expectedToolcacheVersion: "2.17.6",
     },
     {
-        cliVersion: "2.10.0-pre",
+        tagName: "codeql-bundle-20240805",
-        expectedToolcacheVersion: "0.0.0-20200610",
+        expectedToolcacheVersion: "0.0.0-20240805",
-    },
-    {
-        cliVersion: "2.10.0+202006100101",
-        expectedToolcacheVersion: "0.0.0-20200610",
     },
 ];
-for (const { cliVersion, expectedToolcacheVersion, } of EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES) {
+for (const { tagName, expectedToolcacheVersion, } of EXPLICITLY_REQUESTED_BUNDLE_TEST_CASES) {
-    (0, ava_1.default)(`caches an explicitly requested bundle containing CLI ${cliVersion} as ${expectedToolcacheVersion}`, async (t) => {
+    (0, ava_1.default)(`caches explicitly requested bundle ${tagName} as ${expectedToolcacheVersion}`, async (t) => {
         await util.withTmpDir(async (tmpDir) => {
             (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
             mockApiDetails(testing_utils_1.SAMPLE_DOTCOM_API_DETAILS);
             sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
-            const releaseApiMock = mockReleaseApi({
-                assetNames: [`cli-version-${cliVersion}.txt`],
-                tagName: "codeql-bundle-20200610",
-            });
             const url = (0, testing_utils_1.mockBundleDownloadApi)({
-                tagName: "codeql-bundle-20200610",
+                tagName,
             });
             const result = await codeql.setupCodeQL(url, testing_utils_1.SAMPLE_DOTCOM_API_DETAILS, tmpDir, util.GitHubVariant.DOTCOM, testing_utils_1.SAMPLE_DEFAULT_CLI_VERSION, (0, logging_1.getRunnerLogger)(true), false);
-            t.assert(releaseApiMock.isDone(), "Releases API should have been called");
             t.assert(toolcache.find("CodeQL", expectedToolcacheVersion));
-            t.deepEqual(result.toolsVersion, cliVersion);
+            t.deepEqual(result.toolsVersion, expectedToolcacheVersion);
             t.is(result.toolsSource, setup_codeql_1.ToolsSource.Download);
             t.assert(Number.isInteger(result.toolsDownloadDurationMs));
         });
@@ -262,7 +254,7 @@ for (const toolcacheVersion of [
         mockApiDetails(testing_utils_1.SAMPLE_DOTCOM_API_DETAILS);
         sinon.stub(actionsUtil, "isRunningLocalAction").returns(true);
         const releasesApiMock = mockReleaseApi({
-            assetNames: ["cli-version-2.12.6.txt"],
+            assetNames: ["cli-version-2.13.5.txt"],
             tagName: "codeql-bundle-20230203",
         });
         (0, testing_utils_1.mockBundleDownloadApi)({
@@ -315,7 +307,7 @@ const injectedConfigMacro = ava_1.default.macro({
                 tempDir,
                 augmentationProperties,
             };
-            await codeqlObject.databaseInitCluster(thisStubConfig, "", undefined, undefined, (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
+            await codeqlObject.databaseInitCluster(thisStubConfig, "", undefined, undefined, (0, logging_1.getRunnerLogger)(true));
             const args = runnerConstructorStub.firstCall.args[1];
             // should have used an config file
             const configArg = args.find((arg) => arg.startsWith("--codescanning-config="));
@@ -450,8 +442,8 @@ const injectedConfigMacro = ava_1.default.macro({
     await util.withTmpDir(async (tempDir) => {
         const runnerConstructorStub = stubToolRunnerConstructor();
         const codeqlObject = await codeql.getCodeQLForTesting();
-        sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
+        sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.17.6"));
-        await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, "/path/to/qlconfig.yml", (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
+        await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, "/path/to/qlconfig.yml", (0, logging_1.getRunnerLogger)(true));
         const args = runnerConstructorStub.firstCall.args[1];
         // should have used a config file
         const hasCodeScanningConfigArg = args.some((arg) => arg.startsWith("--codescanning-config="));
@@ -465,9 +457,9 @@ const injectedConfigMacro = ava_1.default.macro({
     await util.withTmpDir(async (tempDir) => {
         const runnerConstructorStub = stubToolRunnerConstructor();
         const codeqlObject = await codeql.getCodeQLForTesting();
-        sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
+        sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.17.6"));
         await codeqlObject.databaseInitCluster({ ...stubConfig, tempDir }, "", undefined, undefined, // undefined qlconfigFile
-        (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
+        (0, logging_1.getRunnerLogger)(true));
         const args = runnerConstructorStub.firstCall.args[1];
         const hasQlconfigArg = args.some((arg) => arg.startsWith("--qlconfig-file="));
         t.false(hasQlconfigArg, "should NOT have injected a qlconfig");
@@ -496,7 +488,7 @@ const NEW_ANALYSIS_SUMMARY_TEST_CASES = [
         codeqlVersion: (0, testing_utils_1.makeVersionInfo)("2.15.0"),
         githubVersion: {
             type: util.GitHubVariant.GHES,
-            version: "3.9.0",
+            version: "3.10.0",
         },
         flagPassed: true,
         negativeFlagPassed: false,
@@ -521,25 +513,12 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
         sinon.stub(codeqlObject, "getVersion").resolves(codeqlVersion);
         // safeWhich throws because of the test CodeQL object.
         sinon.stub(safeWhich, "safeWhich").resolves("");
-        await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", Object.assign({}, stubConfig, { gitHubVersion: githubVersion }), (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
+        await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", Object.assign({}, stubConfig, { gitHubVersion: githubVersion }), (0, testing_utils_1.createFeatures)([]));
         const actualArgs = runnerConstructorStub.firstCall.args[1];
         t.is(actualArgs.includes("--new-analysis-summary"), flagPassed, `--new-analysis-summary should${flagPassed ? "" : "n't"} be passed`);
         t.is(actualArgs.includes("--no-new-analysis-summary"), negativeFlagPassed, `--no-new-analysis-summary should${negativeFlagPassed ? "" : "n't"} be passed`);
     });
 }
-(0, ava_1.default)("database finalize does not override no code found error on CodeQL 2.12.6", async (t) => {
-    const cliMessage = "CodeQL did not detect any code written in languages supported by CodeQL. Review our troubleshooting guide at " +
-        "https://gh.io/troubleshooting-code-scanning/no-source-code-seen-during-build.";
-    stubToolRunnerConstructor(32, cliMessage);
-    const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
-    // safeWhich throws because of the test CodeQL object.
-    sinon.stub(safeWhich, "safeWhich").resolves("");
-    await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048", false), {
-        message: 'Encountered a fatal error while running "codeql-for-testing database finalize --finalize-dataset --threads=2 --ram=2048 db". ' +
-            `Exit code was 32 and last log line was: ${cliMessage} See the logs for more details.`,
-    });
-});
 (0, ava_1.default)("runTool summarizes several fatal errors", async (t) => {
     const heapError = "A fatal error occurred: Evaluator heap must be at least 384.00 MiB";
     const datasetImportError = "A fatal error occurred: Dataset import for /home/runner/work/_temp/codeql_databases/javascript/db-javascript failed with code 2";
@@ -547,7 +526,7 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
         `${heapError}\n${datasetImportError}.`;
     stubToolRunnerConstructor(32, cliStderr);
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.17.6"));
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048", false), {
@@ -569,15 +548,14 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
   `;
     stubToolRunnerConstructor(1, stderr);
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.17.6"));
     sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.runAutobuild(stubConfig, languages_1.Language.java), {
-        instanceOf: cli_errors_1.CommandInvocationError,
+        instanceOf: util.ConfigurationError,
         message: "We were unable to automatically build your code. Please provide manual build steps. " +
-            "For more information, see " +
+            `See ${doc_url_1.DocUrl.AUTOMATIC_BUILD_FAILED} for more information. ` +
-            "https://docs.github.com/en/code-security/code-scanning/troubleshooting-code-scanning/automatic-build-failed. " +
             "Encountered the following error: Start of the error message\n" +
             "  Some more context about the error message\n" +
             "  continued\n" +
@@ -588,24 +566,42 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
     const stderr = Array.from({ length: 20 }, (_, i) => `[2019-09-18 12:00:00] [autobuild] [ERROR] line${i + 1}`).join("\n");
     stubToolRunnerConstructor(1, stderr);
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.17.6"));
     sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.runAutobuild(stubConfig, languages_1.Language.java), {
-        instanceOf: cli_errors_1.CommandInvocationError,
+        instanceOf: util.ConfigurationError,
         message: "We were unable to automatically build your code. Please provide manual build steps. " +
-            "For more information, see " +
+            `See ${doc_url_1.DocUrl.AUTOMATIC_BUILD_FAILED} for more information. ` +
-            "https://docs.github.com/en/code-security/code-scanning/troubleshooting-code-scanning/automatic-build-failed. " +
             "Encountered the following error: " +
             `${Array.from({ length: 10 }, (_, i) => `line${i + 1}`).join("\n")}\n(truncated)`,
     });
 });
+(0, ava_1.default)("runTool recognizes fatal internal errors", async (t) => {
+    const stderr = `
+    [11/31 eval 8m19s] Evaluation done; writing results to codeql/go-queries/Security/CWE-020/MissingRegexpAnchor.bqrs.
+    Oops! A fatal internal error occurred. Details:
+    com.semmle.util.exception.CatastrophicError: An error occurred while evaluating ControlFlowGraph::ControlFlow::Root.isRootOf/1#dispred#f610e6ed/2@86282cc8
+    Severe disk cache trouble (corruption or out of space) at /home/runner/work/_temp/codeql_databases/go/db-go/default/cache/pages/28/33.pack: Failed to write item to disk`;
+    stubToolRunnerConstructor(1, stderr);
+    const codeqlObject = await codeql.getCodeQLForTesting();
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.17.6"));
+    sinon.stub(codeqlObject, "resolveExtractor").resolves("/path/to/extractor");
+    // safeWhich throws because of the test CodeQL object.
+    sinon.stub(safeWhich, "safeWhich").resolves("");
+    await t.throwsAsync(async () => await codeqlObject.databaseRunQueries(stubConfig.dbLocation, []), {
+        instanceOf: cli_errors_1.CommandInvocationError,
+        message: `Encountered a fatal error while running "codeql-for-testing database run-queries  --expect-discarded-cache --min-disk-free=1024 -v --intra-layer-parallelism". Exit code was 1 and error was: Oops! A fatal internal error occurred. Details:
+    com.semmle.util.exception.CatastrophicError: An error occurred while evaluating ControlFlowGraph::ControlFlow::Root.isRootOf/1#dispred#f610e6ed/2@86282cc8
+    Severe disk cache trouble (corruption or out of space) at /home/runner/work/_temp/codeql_databases/go/db-go/default/cache/pages/28/33.pack: Failed to write item to disk. See the logs for more details.`,
+    });
+});
 (0, ava_1.default)("runTool outputs last line of stderr if fatal error could not be found", async (t) => {
     const cliStderr = "line1\nline2\nline3\nline4\nline5";
     stubToolRunnerConstructor(32, cliStderr);
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.17.6"));
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
     await t.throwsAsync(async () => await codeqlObject.finalizeDatabase("db", "--threads=2", "--ram=2048", false), {
@@ -617,12 +613,12 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
 (0, ava_1.default)("Avoids duplicating --overwrite flag if specified in CODEQL_ACTION_EXTRA_OPTIONS", async (t) => {
     const runnerConstructorStub = stubToolRunnerConstructor();
     const codeqlObject = await codeql.getCodeQLForTesting();
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.17.6"));
     // safeWhich throws because of the test CodeQL object.
     sinon.stub(safeWhich, "safeWhich").resolves("");
     process.env["CODEQL_ACTION_EXTRA_OPTIONS"] =
         '{ "database": { "init": ["--overwrite"] } }';
-    await codeqlObject.databaseInitCluster(stubConfig, "sourceRoot", undefined, undefined, (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(false));
+    await codeqlObject.databaseInitCluster(stubConfig, "sourceRoot", undefined, undefined, (0, logging_1.getRunnerLogger)(false));
     t.true(runnerConstructorStub.calledOnce);
     const args = runnerConstructorStub.firstCall.args[1];
     t.is(args.filter((option) => option === "--overwrite").length, 1, "--overwrite should only be passed once");

lib/config-utils.js

@@ -419,7 +419,7 @@ function parsePacksSpecification(packStr) {
         try {
             new semver.Range(version);
         }
-        catch (e) {
+        catch {
             // The range string is invalid. OK to ignore the caught error
             throw new util_1.ConfigurationError(getPacksStrInvalid(packStr));
         }
@@ -503,7 +503,7 @@ function parseRegistries(registriesInput) {
             ? yaml.load(registriesInput)
             : undefined;
     }
-    catch (e) {
+    catch {
         throw new util_1.ConfigurationError("Invalid registries input. Must be a YAML string.");
     }
 }

lib/debug-artifacts.js

@@ -55,7 +55,7 @@ async function uploadDebugArtifacts(toUpload, rootDir, artifactName) {
             for (const [, matrixVal] of Object.entries(JSON.parse(matrix)).sort())
                 suffix += `-${matrixVal}`;
         }
-        catch (e) {
+        catch {
             core.info("Could not parse user-specified `matrix` input into JSON. The debug artifact will not be named with the user's `matrix` input.");
         }
     }

lib/debug-artifacts.js.map

@@ -1 +1 @@
-{"version":3,"file":"debug-artifacts.js","sourceRoot":"","sources":["../src/debug-artifacts.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqBA,kDAEC;AAED,oDAsCC;AAED,4DAgBC;AAED,0DAwBC;AA8CD,8EA0BC;AAnLD,uCAAyB;AACzB,2CAA6B;AAE7B,4DAA8C;AAC9C,oDAAsC;AACtC,sDAA6B;AAC7B,8CAAsB;AAEtB,iDAAkD;AAClD,uCAA0C;AAC1C,qCAAqC;AAIrC,iCAKgB;AAEhB,SAAgB,mBAAmB,CAAC,IAAY;IAC9C,OAAO,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC;AAChD,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,QAAkB,EAClB,OAAe,EACf,YAAoB;IAEpB,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO;IACT,CAAC;IACD,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,KAAK,MAAM,CAAC,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CACxC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAY,CAC9B,CAAC,IAAI,EAAE;gBACN,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC9B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,IAAI,CACP,+HAA+H,CAChI,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,CAAC;QACH,MAAM,QAAQ,CAAC,MAAM,EAAE,CAAC,cAAc,CACpC,mBAAmB,CAAC,GAAG,YAAY,GAAG,MAAM,EAAE,CAAC,EAC/C,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAC5C,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EACvB;YACE,eAAe,EAAE,IAAI;YACrB,wFAAwF;YACxF,aAAa,EAAE,CAAC;SACjB,CACF,CAAC;IACJ,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,yEAAyE;QACzE,IAAI,CAAC,OAAO,CAAC,qCAAqC,CAAC,EAAE,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,wBAAwB,CAC5C,MAAc,EACd,SAAiB;IAEjB,IAAI,CAAC,IAAA,yBAAkB,EAAC,SAAS,CAAC,EAAE,CAAC;QACnC,OAAO;IACT,CAAC;IAED,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,IAAI,QAAQ,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IACD,MAAM,oBAAoB,CAAC,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAC5E,CAAC;AAEM,KAAK,UAAU,uBAAuB,CAAC,MAAc;IAC1D,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACxC,MAAM,iBAAiB,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClE,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;QAC7D,IAAI,IAAA,yBAAkB,EAAC,aAAa,CAAC,EAAE,CAAC;YACtC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,aAAa,CAAC,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,iCAAiC,GAAG,IAAI,CAAC,OAAO,CACpD,MAAM,CAAC,UAAU,EACjB,KAAK,CACN,CAAC;IACF,IAAI,IAAA,yBAAkB,EAAC,iCAAiC,CAAC,EAAE,CAAC;QAC1D,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,iCAAiC,CAAC,CAAC,CAAC;IAC5E,CAAC;IAED,MAAM,oBAAoB,CACxB,QAAQ,EACR,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,2BAA2B,CACxC,MAAc,EACd,QAAkB;IAElB,MAAM,YAAY,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC7D,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CACrC,MAAM,CAAC,UAAU,EACjB,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,cAAc,CACtD,CAAC;IACF,IAAI,CAAC,IAAI,CACP,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,2DAA2D,kBAAkB,KAAK,CAC1H,CAAC;IACF,qEAAqE;IACrE,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACtC,MAAM,IAAA,aAAG,EAAC,kBAAkB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,iBAAM,EAAE,CAAC;IACzB,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACjC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;IACjC,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,MAAc,EACd,QAAkB;IAElB,kDAAkD;IAClD,MAAM,kBAAkB,GAAG,MAAM,IAAA,eAAQ,EACvC,MAAM,EACN,QAAQ,EACR,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,EACjC,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,EAAE,CAC1C,CAAC;IACF,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAEM,KAAK,UAAU,iCAAiC,CACrD,MAAc,EACd,MAAc;IAEd,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,IAAI,kBAA0B,CAAC;YAC/B,IAAI,CAAC,IAAA,uBAAa,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC;gBAC7C,kBAAkB,GAAG,MAAM,2BAA2B,CACpD,MAAM,EACN,QAAQ,CACT,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,kBAAkB,GAAG,MAAM,uBAAuB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,oBAAoB,CACxB,CAAC,kBAAkB,CAAC,EACpB,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,IAAI,CACP,8CAA8C,MAAM,CAAC,iBAAiB,IAAI,QAAQ,KAAK,KAAK,EAAE,CAC/F,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC"}
+{"version":3,"file":"debug-artifacts.js","sourceRoot":"","sources":["../src/debug-artifacts.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqBA,kDAEC;AAED,oDAsCC;AAED,4DAgBC;AAED,0DAwBC;AA8CD,8EA0BC;AAnLD,uCAAyB;AACzB,2CAA6B;AAE7B,4DAA8C;AAC9C,oDAAsC;AACtC,sDAA6B;AAC7B,8CAAsB;AAEtB,iDAAkD;AAClD,uCAA0C;AAC1C,qCAAqC;AAIrC,iCAKgB;AAEhB,SAAgB,mBAAmB,CAAC,IAAY;IAC9C,OAAO,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC;AAChD,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,QAAkB,EAClB,OAAe,EACf,YAAoB;IAEpB,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO;IACT,CAAC;IACD,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,KAAK,MAAM,CAAC,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CACxC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAY,CAC9B,CAAC,IAAI,EAAE;gBACN,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC9B,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,IAAI,CACP,+HAA+H,CAChI,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,CAAC;QACH,MAAM,QAAQ,CAAC,MAAM,EAAE,CAAC,cAAc,CACpC,mBAAmB,CAAC,GAAG,YAAY,GAAG,MAAM,EAAE,CAAC,EAC/C,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAC5C,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EACvB;YACE,eAAe,EAAE,IAAI;YACrB,wFAAwF;YACxF,aAAa,EAAE,CAAC;SACjB,CACF,CAAC;IACJ,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,yEAAyE;QACzE,IAAI,CAAC,OAAO,CAAC,qCAAqC,CAAC,EAAE,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,wBAAwB,CAC5C,MAAc,EACd,SAAiB;IAEjB,IAAI,CAAC,IAAA,yBAAkB,EAAC,SAAS,CAAC,EAAE,CAAC;QACnC,OAAO;IACT,CAAC;IAED,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,IAAI,QAAQ,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IACD,MAAM,oBAAoB,CAAC,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAC5E,CAAC;AAEM,KAAK,UAAU,uBAAuB,CAAC,MAAc;IAC1D,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACxC,MAAM,iBAAiB,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClE,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;QAC7D,IAAI,IAAA,yBAAkB,EAAC,aAAa,CAAC,EAAE,CAAC;YACtC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,aAAa,CAAC,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,iCAAiC,GAAG,IAAI,CAAC,OAAO,CACpD,MAAM,CAAC,UAAU,EACjB,KAAK,CACN,CAAC;IACF,IAAI,IAAA,yBAAkB,EAAC,iCAAiC,CAAC,EAAE,CAAC;QAC1D,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,iCAAiC,CAAC,CAAC,CAAC;IAC5E,CAAC;IAED,MAAM,oBAAoB,CACxB,QAAQ,EACR,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,2BAA2B,CACxC,MAAc,EACd,QAAkB;IAElB,MAAM,YAAY,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC7D,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CACrC,MAAM,CAAC,UAAU,EACjB,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,cAAc,CACtD,CAAC;IACF,IAAI,CAAC,IAAI,CACP,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,2DAA2D,kBAAkB,KAAK,CAC1H,CAAC;IACF,qEAAqE;IACrE,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACtC,MAAM,IAAA,aAAG,EAAC,kBAAkB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,iBAAM,EAAE,CAAC;IACzB,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACjC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;IACjC,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,MAAc,EACd,QAAkB;IAElB,kDAAkD;IAClD,MAAM,kBAAkB,GAAG,MAAM,IAAA,eAAQ,EACvC,MAAM,EACN,QAAQ,EACR,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,EACjC,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,EAAE,CAC1C,CAAC;IACF,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAEM,KAAK,UAAU,iCAAiC,CACrD,MAAc,EACd,MAAc;IAEd,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,IAAI,kBAA0B,CAAC;YAC/B,IAAI,CAAC,IAAA,uBAAa,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC;gBAC7C,kBAAkB,GAAG,MAAM,2BAA2B,CACpD,MAAM,EACN,QAAQ,CACT,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,kBAAkB,GAAG,MAAM,uBAAuB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,oBAAoB,CACxB,CAAC,kBAAkB,CAAC,EACpB,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,IAAI,CACP,8CAA8C,MAAM,CAAC,iBAAiB,IAAI,QAAQ,KAAK,KAAK,EAAE,CAC/F,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC"}

lib/defaults.json

@@ -1,6 +1,6 @@
 {
-    "bundleVersion": "codeql-bundle-v2.17.5",
+    "bundleVersion": "codeql-bundle-v2.18.1",
-    "cliVersion": "2.17.5",
+    "cliVersion": "2.18.1",
-    "priorBundleVersion": "codeql-bundle-v2.17.4",
+    "priorBundleVersion": "codeql-bundle-v2.18.0",
-    "priorCliVersion": "2.17.4"
+    "priorCliVersion": "2.18.0"
 }

lib/doc-url.js

@@ -0,0 +1,16 @@
+"use strict";
+/**
+ * URLs to code scanning docs linked to from CodeQL Action logs.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DocUrl = void 0;
+var DocUrl;
+(function (DocUrl) {
+    DocUrl["ASSIGNING_PERMISSIONS_TO_JOBS"] = "https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs";
+    DocUrl["AUTOMATIC_BUILD_FAILED"] = "https://docs.github.com/en/code-security/code-scanning/troubleshooting-code-scanning/automatic-build-failed";
+    DocUrl["DEFINE_ENV_VARIABLES"] = "https://docs.github.com/en/actions/learn-github-actions/variables#defining-environment-variables-for-a-single-workflow";
+    DocUrl["SCANNING_ON_PUSH"] = "https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#scanning-on-push";
+    DocUrl["SPECIFY_BUILD_STEPS_MANUALLY"] = "https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#about-specifying-build-steps-manually";
+    DocUrl["TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS"] = "https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs";
+})(DocUrl || (exports.DocUrl = DocUrl = {}));
+//# sourceMappingURL=doc-url.js.map

lib/doc-url.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"doc-url.js","sourceRoot":"","sources":["../src/doc-url.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,IAAY,MAOX;AAPD,WAAY,MAAM;IAChB,uHAA6G,CAAA;IAC7G,gJAAsI,CAAA;IACtI,yJAA+I,CAAA;IAC/I,qMAA2L,CAAA;IAC3L,gOAAsN,CAAA;IACtN,2PAAiP,CAAA;AACnP,CAAC,EAPW,MAAM,sBAAN,MAAM,QAOjB"}

lib/feature-flags.js

@@ -23,20 +23,15 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Features = exports.FEATURE_FLAGS_FILE_NAME = exports.featureConfig = exports.Feature = exports.CODEQL_VERSION_FINE_GRAINED_PARALLELISM = exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = void 0;
+exports.Features = exports.FEATURE_FLAGS_FILE_NAME = exports.featureConfig = exports.Feature = exports.CODEQL_VERSION_FINE_GRAINED_PARALLELISM = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const semver = __importStar(require("semver"));
 const api_client_1 = require("./api-client");
 const defaults = __importStar(require("./defaults.json"));
-const tools_features_1 = require("./tools-features");
 const util = __importStar(require("./util"));
 const DEFAULT_VERSION_FEATURE_FLAG_PREFIX = "default_codeql_version_";
 const DEFAULT_VERSION_FEATURE_FLAG_SUFFIX = "_enabled";
-/**
- * Versions 2.13.4+ of the CodeQL CLI have an associated CodeQL Bundle release that is semantically versioned.
- */
-exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED = "2.13.4";
 /**
  * Evaluator fine-grained parallelism (aka intra-layer parallelism) is only safe to enable in 2.15.1 onwards.
  * (Some earlier versions recognize the command-line flag, but they contain a bug which makes it unsafe to use).
@@ -49,7 +44,6 @@ exports.CODEQL_VERSION_FINE_GRAINED_PARALLELISM = "2.15.1";
  */
 var Feature;
 (function (Feature) {
-    Feature["AutobuildDirectTracing"] = "autobuild_direct_tracing_v2";
     Feature["CleanupTrapCaches"] = "cleanup_trap_caches";
     Feature["CppDependencyInstallation"] = "cpp_dependency_installation_enabled";
     Feature["DisableCsharpBuildless"] = "disable_csharp_buildless";
@@ -59,12 +53,6 @@ var Feature;
     Feature["QaTelemetryEnabled"] = "qa_telemetry_enabled";
 })(Feature || (exports.Feature = Feature = {}));
 exports.featureConfig = {
-    [Feature.AutobuildDirectTracing]: {
-        defaultValue: false,
-        envVar: "CODEQL_ACTION_AUTOBUILD_BUILD_MODE_DIRECT_TRACING",
-        minimumVersion: undefined,
-        toolsFeature: tools_features_1.ToolsFeature.TraceCommandUseBuildMode,
-    },
     [Feature.CleanupTrapCaches]: {
         defaultValue: false,
         envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES",
@@ -221,10 +209,7 @@ class GitHubFeatureFlags {
         const response = await this.getAllFeatures();
         const enabledFeatureFlagCliVersions = Object.entries(response)
             .map(([f, isEnabled]) => isEnabled ? this.getCliVersionFromFeatureFlag(f) : undefined)
-            .filter((f) => f !== undefined &&
+            .filter((f) => f !== undefined);
-            // Only consider versions that have semantically versioned bundles.
-            semver.gte(f, exports.CODEQL_VERSION_BUNDLE_SEMANTICALLY_VERSIONED))
-            .map((f) => f);
         if (enabledFeatureFlagCliVersions.length === 0) {
             // We expect at least one default CLI version to be enabled on Dotcom at any time. However if
             // the feature flags are misconfigured, rather than crashing, we fall back to the CLI version

lib/feature-flags.test.js

@@ -196,18 +196,6 @@ for (const feature of Object.keys(feature_flags_1.featureConfig)) {
         });
     }
 }
-// If we ever run into a situation where we no longer have any features that
-// specify a minimum version or required tools feature, then we will have a
-// bunch of code no longer being tested. This is unlikely, and this test will
-// fail if that happens.
-// If we do end up in that situation, then we should consider adding a synthetic
-// feature with a minimum version that is only used for tests.
-(0, ava_1.default)("At least one feature has a minimum version specified", (t) => {
-    t.assert(Object.values(feature_flags_1.featureConfig).some((f) => f.minimumVersion !== undefined), "At least one feature should have a minimum version specified");
-    t.assert(Object.values(feature_flags_1.featureConfig).some((f) => f.toolsFeature !== undefined), "At least one feature should have a required tools feature specified");
-    // An even less likely scenario is that we no longer have any features.
-    t.assert(Object.values(feature_flags_1.featureConfig).length > 0, "There should be at least one feature");
-});
 (0, ava_1.default)("Feature flags are saved to disk", async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {
         const features = setUpFeatureFlagTests(tmpDir);
@@ -268,7 +256,7 @@ for (const feature of Object.keys(feature_flags_1.featureConfig)) {
         });
     });
 });
-(0, ava_1.default)("includes tag name when feature flags enable version greater than v2.13.4", async (t) => {
+(0, ava_1.default)("includes tag name", async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {
         const features = setUpFeatureFlagTests(tmpDir);
         const expectedFeatureEnablement = initializeFeatures(true);
@@ -295,21 +283,6 @@ for (const feature of Object.keys(feature_flags_1.featureConfig)) {
         });
     });
 });
-(0, ava_1.default)(`selects CLI from defaults.json on Dotcom when default version feature flags are unsupported`, async (t) => {
-    await (0, util_1.withTmpDir)(async (tmpDir) => {
-        const features = setUpFeatureFlagTests(tmpDir);
-        const expectedFeatureEnablement = initializeFeatures(true);
-        // Doesn't have a semantically versioned bundle
-        expectedFeatureEnablement["default_codeql_version_2_13_3_enabled"] = true;
-        (0, testing_utils_1.mockFeatureFlagApiEndpoint)(200, expectedFeatureEnablement);
-        const defaultCliVersion = await features.getDefaultCliVersion(util_1.GitHubVariant.DOTCOM);
-        t.deepEqual(defaultCliVersion, {
-            cliVersion: defaults.cliVersion,
-            tagName: defaults.bundleVersion,
-            toolsFeatureFlagsValid: false,
-        });
-    });
-});
 (0, ava_1.default)("ignores invalid version numbers in default version feature flags", async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {
         const loggedMessages = [];

lib/fingerprints.js

@@ -32,6 +32,7 @@ exports.addFingerprints = addFingerprints;
 const fs = __importStar(require("fs"));
 const path_1 = __importDefault(require("path"));
 const long_1 = __importDefault(require("long"));
+const doc_url_1 = require("./doc-url");
 const tab = "\t".charCodeAt(0);
 const space = " ".charCodeAt(0);
 const lf = "\n".charCodeAt(0);
@@ -199,7 +200,7 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) {
     try {
         uri = decodeURIComponent(location.uri);
     }
-    catch (e) {
+    catch {
         logger.debug(`Ignoring location as URI "${location.uri}" is invalid`);
         return undefined;
     }
@@ -238,7 +239,7 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) {
 // Compute fingerprints for results in the given sarif file
 // and return an updated sarif file contents.
 async function addFingerprints(sarif, sourceRoot, logger) {
-    logger.info("Adding fingerprints to SARIF file. For more information, see https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs");
+    logger.info(`Adding fingerprints to SARIF file. See ${doc_url_1.DocUrl.TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS} for more information.`);
     // Gather together results for the same file and construct
     // callbacks to accept hashes for that file and update the location
     const callbacksByFile = {};

lib/init-action-post-helper.js

@@ -74,10 +74,10 @@ async function maybeUploadFailedSarif(config, repositoryNwo, features, logger) {
     }
     else {
         // We call 'database export-diagnostics' to find any per-database diagnostics.
-        await codeql.databaseExportDiagnostics(databasePath, sarifFile, category, config.tempDir, logger);
+        await codeql.databaseExportDiagnostics(databasePath, sarifFile, category);
     }
     logger.info(`Uploading failed SARIF file ${sarifFile}`);
-    const uploadResult = await uploadLib.uploadFromActions(sarifFile, checkoutPath, category, logger);
+    const uploadResult = await uploadLib.uploadFiles(sarifFile, checkoutPath, category, features, logger);
     await uploadLib.waitForProcessing(repositoryNwo, uploadResult.sarifID, logger, { isUnsuccessfulExecution: true });
     return uploadResult
         ? { ...uploadResult.statusReport, sarifID: uploadResult.sarifID }

lib/init-action-post-helper.test.js

@@ -315,12 +315,12 @@ async function testFailedSarifUpload(t, actionsWorkflow, { category, databaseExi
         .returns(JSON.stringify(matrix));
     const codeqlObject = await codeql.getCodeQLForTesting();
     sinon.stub(codeql, "getCodeQL").resolves(codeqlObject);
-    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.12.6"));
+    sinon.stub(codeqlObject, "getVersion").resolves((0, testing_utils_1.makeVersionInfo)("2.17.6"));
     const databaseExportDiagnosticsStub = sinon.stub(codeqlObject, "databaseExportDiagnostics");
     const diagnosticsExportStub = sinon.stub(codeqlObject, "diagnosticsExport");
     sinon.stub(workflow, "getWorkflow").resolves(actionsWorkflow);
-    const uploadFromActions = sinon.stub(uploadLib, "uploadFromActions");
+    const uploadFiles = sinon.stub(uploadLib, "uploadFiles");
-    uploadFromActions.resolves({
+    uploadFiles.resolves({
         sarifID: "42",
         statusReport: { raw_upload_size_bytes: 20, zipped_upload_size_bytes: 10 },
     });
@@ -337,19 +337,19 @@ async function testFailedSarifUpload(t, actionsWorkflow, { category, databaseExi
             zipped_upload_size_bytes: 10,
         });
         if (databaseExists && exportDiagnosticsEnabled) {
-            t.true(databaseExportDiagnosticsStub.calledOnceWith(config.dbLocation, sinon.match.string, category, sinon.match.any, sinon.match.any), `Actual args were: ${databaseExportDiagnosticsStub.args}`);
+            t.true(databaseExportDiagnosticsStub.calledOnceWith(config.dbLocation, sinon.match.string, category), `Actual args were: ${databaseExportDiagnosticsStub.args}`);
         }
         else {
             t.true(diagnosticsExportStub.calledOnceWith(sinon.match.string, category, config), `Actual args were: ${diagnosticsExportStub.args}`);
         }
-        t.true(uploadFromActions.calledOnceWith(sinon.match.string, sinon.match.string, category, sinon.match.any), `Actual args were: ${uploadFromActions.args}`);
+        t.true(uploadFiles.calledOnceWith(sinon.match.string, sinon.match.string, category, sinon.match.any, sinon.match.any), `Actual args were: ${uploadFiles.args}`);
         t.true(waitForProcessing.calledOnceWith(sinon.match.any, "42", sinon.match.any, {
             isUnsuccessfulExecution: true,
         }));
     }
     else {
         t.true(diagnosticsExportStub.notCalled);
-        t.true(uploadFromActions.notCalled);
+        t.true(uploadFiles.notCalled);
         t.true(waitForProcessing.notCalled);
     }
     return result;

lib/init-action.js

@@ -188,6 +188,10 @@ async function run() {
             core.exportVariable("GOFLAGS", goFlags);
             core.warning("Passing the GOFLAGS env parameter to the init action is deprecated. Please move this to the analyze action.");
         }
+        if (config.languages.includes(languages_1.Language.swift) &&
+            process.platform === "linux") {
+            logger.warning(`Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you.`);
+        }
         if (config.languages.includes(languages_1.Language.go) &&
             process.platform === "linux") {
             try {
@@ -251,8 +255,7 @@ async function run() {
             core.exportVariable("CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN", "true");
         }
         const kotlinLimitVar = "CODEQL_EXTRACTOR_KOTLIN_OVERRIDE_MAXIMUM_VERSION_LIMIT";
-        if ((await (0, util_1.codeQlVersionAtLeast)(codeql, "2.13.4")) &&
+        if (!(await (0, util_1.codeQlVersionAtLeast)(codeql, "2.14.4"))) {
-            !(await (0, util_1.codeQlVersionAtLeast)(codeql, "2.14.4"))) {
             core.exportVariable(kotlinLimitVar, "1.9.20");
         }
         if (config.languages.includes(languages_1.Language.java) &&
@@ -293,7 +296,7 @@ async function run() {
         }
         // From 2.16.0 the default for the python extractor is to not perform any
         // dependency extraction. For versions before that, you needed to set this flag to
-        // enable this behavior (supported since 2.13.1).
+        // enable this behavior.
         if (await (0, util_1.codeQlVersionAtLeast)(codeql, "2.17.1")) {
             // disabled by default, no warning
         }
@@ -301,11 +304,8 @@ async function run() {
             // disabled by default, prints warning if environment variable is not set
             core.exportVariable("CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION", "true");
         }
-        else if (await (0, util_1.codeQlVersionAtLeast)(codeql, "2.13.1")) {
-            core.exportVariable("CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION", "true");
-        }
         else {
-            logger.warning(`CodeQL Action versions 3.25.0 and later, and versions 2.25.0 and later no longer install Python dependencies. We recommend upgrading to at least CodeQL Bundle 2.16.0 to avoid any potential problems due to this (you are currently using ${(await codeql.getVersion()).version}). Alternatively, we recommend downgrading the CodeQL Action to version 3.24.10 (for customers using GitHub.com or GitHub Enterprise Server v3.12 or later) or 2.24.10 (for customers using GitHub Enterprise Server v3.11 or earlier).`);
+            core.exportVariable("CODEQL_EXTRACTOR_PYTHON_DISABLE_LIBRARY_EXTRACTION", "true");
         }
         if ((0, actions_util_1.getOptionalInput)("setup-python-dependencies") !== undefined) {
             logger.warning("The setup-python-dependencies input is deprecated and no longer has any effect. We recommend removing any references from your workflows. See https://github.blog/changelog/2024-01-23-codeql-2-16-python-dependency-installation-disabled-new-queries-and-bug-fixes/ for more information.");
@@ -315,7 +315,7 @@ async function run() {
             logger.warning("The CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION environment variable is deprecated and no longer has any effect. We recommend removing any references from your workflows. See https://github.blog/changelog/2024-01-23-codeql-2-16-python-dependency-installation-disabled-new-queries-and-bug-fixes/ for more information.");
         }
         const sourceRoot = path.resolve((0, util_1.getRequiredEnvParam)("GITHUB_WORKSPACE"), (0, actions_util_1.getOptionalInput)("source-root") || "");
-        const tracerConfig = await (0, init_1.runInit)(codeql, config, sourceRoot, "Runner.Worker.exe", (0, actions_util_1.getOptionalInput)("registries"), apiDetails, features, logger);
+        const tracerConfig = await (0, init_1.runInit)(codeql, config, sourceRoot, "Runner.Worker.exe", (0, actions_util_1.getOptionalInput)("registries"), apiDetails, logger);
         if (tracerConfig !== undefined) {
             for (const [key, value] of Object.entries(tracerConfig.env)) {
                 core.exportVariable(key, value);
@@ -325,6 +325,7 @@ async function run() {
         // did not exist until now.
         (0, diagnostics_1.flushDiagnostics)(config);
         core.setOutput("codeql-path", config.codeQLCmd);
+        core.setOutput("codeql-version", (await codeql.getVersion()).version);
     }
     catch (unwrappedError) {
         const error = (0, util_1.wrapError)(unwrappedError);

lib/init.js

@@ -59,7 +59,7 @@ async function initConfig(inputs, codeql) {
     logger.endGroup();
     return config;
 }
-async function runInit(codeql, config, sourceRoot, processName, registriesInput, apiDetails, features, logger) {
+async function runInit(codeql, config, sourceRoot, processName, registriesInput, apiDetails, logger) {
     fs.mkdirSync(config.dbLocation, { recursive: true });
     const { registriesAuthTokens, qlconfigFile } = await configUtils.generateRegistries(registriesInput, config.tempDir, logger);
     await configUtils.wrapEnvironment({
@@ -67,8 +67,8 @@ async function runInit(codeql, config, sourceRoot, processName, registriesInput,
         CODEQL_REGISTRIES_AUTH: registriesAuthTokens,
     }, 
     // Init a database cluster
-    async () => await codeql.databaseInitCluster(config, sourceRoot, processName, qlconfigFile, features, logger));
+    async () => await codeql.databaseInitCluster(config, sourceRoot, processName, qlconfigFile, logger));
-    return await (0, tracer_config_1.getCombinedTracerConfig)(codeql, config, features);
+    return await (0, tracer_config_1.getCombinedTracerConfig)(codeql, config);
 }
 function printPathFiltersWarning(config, logger) {
     // Index include/exclude/filters only work in javascript/python/ruby.