build: refresh js files

Compute preliminary overlay database mode
Add getPreliminaryOverlayDatabaseMode()
2025-12-06 07:48:17 +08:00 · 2025-09-26 15:13:52 -07:00 · 2025-09-26 15:13:51 -07:00 · 2025-09-26 15:13:51 -07:00 · 2025-09-26 15:13:51 -07:00 · 2025-09-26 15:13:51 -07:00
16 changed files with 3271 additions and 2964 deletions
--- a/lib/analyze-action-post.js
+++ b/lib/analyze-action-post.js
@@ -117550,10 +117550,191 @@ var PACK_IDENTIFIER_PATTERN = (function() {
 // src/feature-flags.ts
 var semver4 = __toESM(require_semver2());

-// src/overlay-database-utils.ts
-var fs2 = __toESM(require("fs"));
-var path2 = __toESM(require("path"));
-var actionsCache = __toESM(require_cache3());
+// src/tools-features.ts
+var semver3 = __toESM(require_semver2());
+function isSupportedToolsFeature(versionInfo, feature) {
+  return !!versionInfo.features && versionInfo.features[feature];
+}
+var SafeArtifactUploadVersion = "2.20.3";
+function isSafeArtifactUpload(codeQlVersion) {
+  return !codeQlVersion ? true : semver3.gte(codeQlVersion, SafeArtifactUploadVersion);
+}
+
+// src/feature-flags.ts
+var featureConfig = {
+  ["cleanup_trap_caches" /* CleanupTrapCaches */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES",
+    minimumVersion: void 0
+  },
+  ["cpp_dependency_installation_enabled" /* CppDependencyInstallation */]: {
+    defaultValue: false,
+    envVar: "CODEQL_EXTRACTOR_CPP_AUTOINSTALL_DEPENDENCIES",
+    legacyApi: true,
+    minimumVersion: "2.15.0"
+  },
+  ["diff_informed_queries" /* DiffInformedQueries */]: {
+    defaultValue: true,
+    envVar: "CODEQL_ACTION_DIFF_INFORMED_QUERIES",
+    minimumVersion: "2.21.0"
+  },
+  ["disable_csharp_buildless" /* DisableCsharpBuildless */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_DISABLE_CSHARP_BUILDLESS",
+    minimumVersion: void 0
+  },
+  ["disable_java_buildless_enabled" /* DisableJavaBuildlessEnabled */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_DISABLE_JAVA_BUILDLESS",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["disable_kotlin_analysis_enabled" /* DisableKotlinAnalysisEnabled */]: {
+    defaultValue: false,
+    envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["export_diagnostics_enabled" /* ExportDiagnosticsEnabled */]: {
+    defaultValue: true,
+    envVar: "CODEQL_ACTION_EXPORT_DIAGNOSTICS",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["resolve_supported_languages_using_cli" /* ResolveSupportedLanguagesUsingCli */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_RESOLVE_SUPPORTED_LANGUAGES_USING_CLI",
+    minimumVersion: void 0,
+    toolsFeature: "builtinExtractorsSpecifyDefaultQueries" /* BuiltinExtractorsSpecifyDefaultQueries */
+  },
+  ["overlay_analysis" /* OverlayAnalysis */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_go" /* OverlayAnalysisGo */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_java" /* OverlayAnalysisJava */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_python" /* OverlayAnalysisPython */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
+    minimumVersion: void 0
+  },
+  ["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
+    minimumVersion: void 0,
+    toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */
+  },
+  ["use_repository_properties" /* UseRepositoryProperties */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
+    minimumVersion: void 0
+  },
+  ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_QA_TELEMETRY",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS",
+    minimumVersion: "2.23.0"
+  }
+};

 // src/git-utils.ts
 var core7 = __toESM(require_core());
@@ -117718,6 +117899,11 @@ async function isAnalyzingDefaultBranch() {
  return currentRef === defaultBranch;
 }

+// src/overlay-database-utils.ts
+var fs2 = __toESM(require("fs"));
+var path2 = __toESM(require("path"));
+var actionsCache = __toESM(require_cache3());
+
 // src/logging.ts
 var core8 = __toESM(require_core());
 function getActionsLogger() {
@@ -117733,7 +117919,6 @@ function withGroup(groupName, f) {
 }

 // src/overlay-database-utils.ts
-var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4";
 var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
 var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
 async function writeBaseDatabaseOidsFile(config, sourceRoot) {
@@ -117793,192 +117978,6 @@ function computeChangedFiles(baseFileOids, overlayFileOids) {
  return changes;
 }

-// src/tools-features.ts
-var semver3 = __toESM(require_semver2());
-function isSupportedToolsFeature(versionInfo, feature) {
-  return !!versionInfo.features && versionInfo.features[feature];
-}
-var SafeArtifactUploadVersion = "2.20.3";
-function isSafeArtifactUpload(codeQlVersion) {
-  return !codeQlVersion ? true : semver3.gte(codeQlVersion, SafeArtifactUploadVersion);
-}
-
-// src/feature-flags.ts
-var featureConfig = {
-  ["cleanup_trap_caches" /* CleanupTrapCaches */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES",
-    minimumVersion: void 0
-  },
-  ["cpp_dependency_installation_enabled" /* CppDependencyInstallation */]: {
-    defaultValue: false,
-    envVar: "CODEQL_EXTRACTOR_CPP_AUTOINSTALL_DEPENDENCIES",
-    legacyApi: true,
-    minimumVersion: "2.15.0"
-  },
-  ["diff_informed_queries" /* DiffInformedQueries */]: {
-    defaultValue: true,
-    envVar: "CODEQL_ACTION_DIFF_INFORMED_QUERIES",
-    minimumVersion: "2.21.0"
-  },
-  ["disable_csharp_buildless" /* DisableCsharpBuildless */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_DISABLE_CSHARP_BUILDLESS",
-    minimumVersion: void 0
-  },
-  ["disable_java_buildless_enabled" /* DisableJavaBuildlessEnabled */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_DISABLE_JAVA_BUILDLESS",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["disable_kotlin_analysis_enabled" /* DisableKotlinAnalysisEnabled */]: {
-    defaultValue: false,
-    envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["export_diagnostics_enabled" /* ExportDiagnosticsEnabled */]: {
-    defaultValue: true,
-    envVar: "CODEQL_ACTION_EXPORT_DIAGNOSTICS",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["resolve_supported_languages_using_cli" /* ResolveSupportedLanguagesUsingCli */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_RESOLVE_SUPPORTED_LANGUAGES_USING_CLI",
-    minimumVersion: void 0,
-    toolsFeature: "builtinExtractorsSpecifyDefaultQueries" /* BuiltinExtractorsSpecifyDefaultQueries */
-  },
-  ["overlay_analysis" /* OverlayAnalysis */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
-    minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
-  },
-  ["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_go" /* OverlayAnalysisGo */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_java" /* OverlayAnalysisJava */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_python" /* OverlayAnalysisPython */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
-    minimumVersion: void 0
-  },
-  ["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
-    minimumVersion: void 0,
-    toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */
-  },
-  ["use_repository_properties" /* UseRepositoryProperties */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
-    minimumVersion: void 0
-  },
-  ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_QA_TELEMETRY",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS",
-    minimumVersion: "2.23.0"
-  }
-};
-
 // src/trap-caching.ts
 var actionsCache2 = __toESM(require_cache3());

--- a/lib/analyze-action.js
+++ b/lib/analyze-action.js
--- a/lib/autobuild-action.js
+++ b/lib/autobuild-action.js
@@ -78290,249 +78290,14 @@ var PACK_IDENTIFIER_PATTERN = (function() {
 })();

 // src/feature-flags.ts
-var fs3 = __toESM(require("fs"));
-var path3 = __toESM(require("path"));
+var fs2 = __toESM(require("fs"));
+var path2 = __toESM(require("path"));
 var semver4 = __toESM(require_semver2());

 // src/defaults.json
 var bundleVersion = "codeql-bundle-v2.23.1";
 var cliVersion = "2.23.1";

-// src/overlay-database-utils.ts
-var fs2 = __toESM(require("fs"));
-var path2 = __toESM(require("path"));
-var actionsCache = __toESM(require_cache3());
-
-// src/git-utils.ts
-var core7 = __toESM(require_core());
-var toolrunner2 = __toESM(require_toolrunner());
-var io3 = __toESM(require_io());
-var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
-  let stdout = "";
-  let stderr = "";
-  core7.debug(`Running git command: git ${args.join(" ")}`);
-  try {
-    await new toolrunner2.ToolRunner(await io3.which("git", true), args, {
-      silent: true,
-      listeners: {
-        stdout: (data) => {
-          stdout += data.toString();
-        },
-        stderr: (data) => {
-          stderr += data.toString();
-        }
-      },
-      cwd: workingDirectory
-    }).exec();
-    return stdout;
-  } catch (error2) {
-    let reason = stderr;
-    if (stderr.includes("not a git repository")) {
-      reason = "The checkout path provided to the action does not appear to be a git repository.";
-    }
-    core7.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
-    throw error2;
-  }
-};
-var getCommitOid = async function(checkoutPath, ref = "HEAD") {
-  try {
-    const stdout = await runGitCommand(
-      checkoutPath,
-      ["rev-parse", ref],
-      "Continuing with commit SHA from user input or environment."
-    );
-    return stdout.trim();
-  } catch {
-    return getOptionalInput("sha") || getRequiredEnvParam("GITHUB_SHA");
-  }
-};
-var decodeGitFilePath = function(filePath) {
-  if (filePath.startsWith('"') && filePath.endsWith('"')) {
-    filePath = filePath.substring(1, filePath.length - 1);
-    return filePath.replace(
-      /\\([abfnrtv\\"]|[0-7]{1,3})/g,
-      (_match, seq2) => {
-        switch (seq2[0]) {
-          case "a":
-            return "\x07";
-          case "b":
-            return "\b";
-          case "f":
-            return "\f";
-          case "n":
-            return "\n";
-          case "r":
-            return "\r";
-          case "t":
-            return "	";
-          case "v":
-            return "\v";
-          case "\\":
-            return "\\";
-          case '"':
-            return '"';
-          default:
-            return String.fromCharCode(parseInt(seq2, 8));
-        }
-      }
-    );
-  }
-  return filePath;
-};
-var getFileOidsUnderPath = async function(basePath) {
-  const stdout = await runGitCommand(
-    basePath,
-    ["ls-files", "--recurse-submodules", "--format=%(objectname)_%(path)"],
-    "Cannot list Git OIDs of tracked files."
-  );
-  const fileOidMap = {};
-  const regex = /^([0-9a-f]{40})_(.+)$/;
-  for (const line of stdout.split("\n")) {
-    if (line) {
-      const match = line.match(regex);
-      if (match) {
-        const oid = match[1];
-        const path7 = decodeGitFilePath(match[2]);
-        fileOidMap[path7] = oid;
-      } else {
-        throw new Error(`Unexpected "git ls-files" output: ${line}`);
-      }
-    }
-  }
-  return fileOidMap;
-};
-function getRefFromEnv() {
-  let refEnv;
-  try {
-    refEnv = getRequiredEnvParam("GITHUB_REF");
-  } catch (e) {
-    const maybeRef = process.env["CODE_SCANNING_REF"];
-    if (maybeRef === void 0 || maybeRef.length === 0) {
-      throw e;
-    }
-    refEnv = maybeRef;
-  }
-  return refEnv;
-}
-async function getRef() {
-  const refInput = getOptionalInput("ref");
-  const shaInput = getOptionalInput("sha");
-  const checkoutPath = getOptionalInput("checkout_path") || getOptionalInput("source-root") || getRequiredEnvParam("GITHUB_WORKSPACE");
-  const hasRefInput = !!refInput;
-  const hasShaInput = !!shaInput;
-  if ((hasRefInput || hasShaInput) && !(hasRefInput && hasShaInput)) {
-    throw new ConfigurationError(
-      "Both 'ref' and 'sha' are required if one of them is provided."
-    );
-  }
-  const ref = refInput || getRefFromEnv();
-  const sha = shaInput || getRequiredEnvParam("GITHUB_SHA");
-  if (refInput) {
-    return refInput;
-  }
-  const pull_ref_regex = /refs\/pull\/(\d+)\/merge/;
-  if (!pull_ref_regex.test(ref)) {
-    return ref;
-  }
-  const head = await getCommitOid(checkoutPath, "HEAD");
-  const hasChangedRef = sha !== head && await getCommitOid(
-    checkoutPath,
-    ref.replace(/^refs\/pull\//, "refs/remotes/pull/")
-  ) !== head;
-  if (hasChangedRef) {
-    const newRef = ref.replace(pull_ref_regex, "refs/pull/$1/head");
-    core7.debug(
-      `No longer on merge commit, rewriting ref from ${ref} to ${newRef}.`
-    );
-    return newRef;
-  } else {
-    return ref;
-  }
-}
-function removeRefsHeadsPrefix(ref) {
-  return ref.startsWith("refs/heads/") ? ref.slice("refs/heads/".length) : ref;
-}
-async function isAnalyzingDefaultBranch() {
-  if (process.env.CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH === "true") {
-    return true;
-  }
-  let currentRef = await getRef();
-  currentRef = removeRefsHeadsPrefix(currentRef);
-  const event = getWorkflowEvent();
-  let defaultBranch = event?.repository?.default_branch;
-  if (getWorkflowEventName() === "schedule") {
-    defaultBranch = removeRefsHeadsPrefix(getRefFromEnv());
-  }
-  return currentRef === defaultBranch;
-}
-
-// src/logging.ts
-var core8 = __toESM(require_core());
-function getActionsLogger() {
-  return core8;
-}
-
-// src/overlay-database-utils.ts
-var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4";
-var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
-var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
-async function writeBaseDatabaseOidsFile(config, sourceRoot) {
-  const gitFileOids = await getFileOidsUnderPath(sourceRoot);
-  const gitFileOidsJson = JSON.stringify(gitFileOids);
-  const baseDatabaseOidsFilePath = getBaseDatabaseOidsFilePath(config);
-  await fs2.promises.writeFile(baseDatabaseOidsFilePath, gitFileOidsJson);
-}
-async function readBaseDatabaseOidsFile(config, logger) {
-  const baseDatabaseOidsFilePath = getBaseDatabaseOidsFilePath(config);
-  try {
-    const contents = await fs2.promises.readFile(
-      baseDatabaseOidsFilePath,
-      "utf-8"
-    );
-    return JSON.parse(contents);
-  } catch (e) {
-    logger.error(
-      `Failed to read overlay-base file OIDs from ${baseDatabaseOidsFilePath}: ${e.message || e}`
-    );
-    throw e;
-  }
-}
-function getBaseDatabaseOidsFilePath(config) {
-  return path2.join(config.dbLocation, "base-database-oids.json");
-}
-async function writeOverlayChangesFile(config, sourceRoot, logger) {
-  const baseFileOids = await readBaseDatabaseOidsFile(config, logger);
-  const overlayFileOids = await getFileOidsUnderPath(sourceRoot);
-  const changedFiles = computeChangedFiles(baseFileOids, overlayFileOids);
-  logger.info(
-    `Found ${changedFiles.length} changed file(s) under ${sourceRoot}.`
-  );
-  const changedFilesJson = JSON.stringify({ changes: changedFiles });
-  const overlayChangesFile = path2.join(
-    getTemporaryDirectory(),
-    "overlay-changes.json"
-  );
-  logger.debug(
-    `Writing overlay changed files to ${overlayChangesFile}: ${changedFilesJson}`
-  );
-  await fs2.promises.writeFile(overlayChangesFile, changedFilesJson);
-  return overlayChangesFile;
-}
-function computeChangedFiles(baseFileOids, overlayFileOids) {
-  const changes = [];
-  for (const [file, oid] of Object.entries(overlayFileOids)) {
-    if (!(file in baseFileOids) || baseFileOids[file] !== oid) {
-      changes.push(file);
-    }
-  }
-  for (const file of Object.keys(baseFileOids)) {
-    if (!(file in overlayFileOids)) {
-      changes.push(file);
-    }
-  }
-  return changes;
-}
-
 // src/tools-features.ts
 var semver3 = __toESM(require_semver2());
 function isSupportedToolsFeature(versionInfo, feature) {
@@ -78591,7 +78356,7 @@ var featureConfig = {
  ["overlay_analysis" /* OverlayAnalysis */]: {
    defaultValue: false,
    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
-    minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
+    minimumVersion: void 0
  },
  ["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
    defaultValue: false,
@@ -78723,7 +78488,7 @@ var Features = class {
    this.gitHubFeatureFlags = new GitHubFeatureFlags(
      gitHubVersion,
      repositoryNwo,
-      path3.join(tempDir, FEATURE_FLAGS_FILE_NAME),
+      path2.join(tempDir, FEATURE_FLAGS_FILE_NAME),
      logger
    );
  }
@@ -78902,12 +78667,12 @@ var GitHubFeatureFlags = class {
  }
  async readLocalFlags() {
    try {
-      if (fs3.existsSync(this.featureFlagsFile)) {
+      if (fs2.existsSync(this.featureFlagsFile)) {
        this.logger.debug(
          `Loading feature flags from ${this.featureFlagsFile}`
        );
        return JSON.parse(
-          fs3.readFileSync(this.featureFlagsFile, "utf8")
+          fs2.readFileSync(this.featureFlagsFile, "utf8")
        );
      }
    } catch (e) {
@@ -78920,7 +78685,7 @@ var GitHubFeatureFlags = class {
  async writeLocalFlags(flags) {
    try {
      this.logger.debug(`Writing feature flags to ${this.featureFlagsFile}`);
-      fs3.writeFileSync(this.featureFlagsFile, JSON.stringify(flags));
+      fs2.writeFileSync(this.featureFlagsFile, JSON.stringify(flags));
    } catch (e) {
      this.logger.warning(
        `Error writing cached feature flags file ${this.featureFlagsFile}: ${e}.`
@@ -78981,6 +78746,240 @@ var GitHubFeatureFlags = class {
  }
 };

+// src/git-utils.ts
+var core7 = __toESM(require_core());
+var toolrunner2 = __toESM(require_toolrunner());
+var io3 = __toESM(require_io());
+var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
+  let stdout = "";
+  let stderr = "";
+  core7.debug(`Running git command: git ${args.join(" ")}`);
+  try {
+    await new toolrunner2.ToolRunner(await io3.which("git", true), args, {
+      silent: true,
+      listeners: {
+        stdout: (data) => {
+          stdout += data.toString();
+        },
+        stderr: (data) => {
+          stderr += data.toString();
+        }
+      },
+      cwd: workingDirectory
+    }).exec();
+    return stdout;
+  } catch (error2) {
+    let reason = stderr;
+    if (stderr.includes("not a git repository")) {
+      reason = "The checkout path provided to the action does not appear to be a git repository.";
+    }
+    core7.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
+    throw error2;
+  }
+};
+var getCommitOid = async function(checkoutPath, ref = "HEAD") {
+  try {
+    const stdout = await runGitCommand(
+      checkoutPath,
+      ["rev-parse", ref],
+      "Continuing with commit SHA from user input or environment."
+    );
+    return stdout.trim();
+  } catch {
+    return getOptionalInput("sha") || getRequiredEnvParam("GITHUB_SHA");
+  }
+};
+var decodeGitFilePath = function(filePath) {
+  if (filePath.startsWith('"') && filePath.endsWith('"')) {
+    filePath = filePath.substring(1, filePath.length - 1);
+    return filePath.replace(
+      /\\([abfnrtv\\"]|[0-7]{1,3})/g,
+      (_match, seq2) => {
+        switch (seq2[0]) {
+          case "a":
+            return "\x07";
+          case "b":
+            return "\b";
+          case "f":
+            return "\f";
+          case "n":
+            return "\n";
+          case "r":
+            return "\r";
+          case "t":
+            return "	";
+          case "v":
+            return "\v";
+          case "\\":
+            return "\\";
+          case '"':
+            return '"';
+          default:
+            return String.fromCharCode(parseInt(seq2, 8));
+        }
+      }
+    );
+  }
+  return filePath;
+};
+var getFileOidsUnderPath = async function(basePath) {
+  const stdout = await runGitCommand(
+    basePath,
+    ["ls-files", "--recurse-submodules", "--format=%(objectname)_%(path)"],
+    "Cannot list Git OIDs of tracked files."
+  );
+  const fileOidMap = {};
+  const regex = /^([0-9a-f]{40})_(.+)$/;
+  for (const line of stdout.split("\n")) {
+    if (line) {
+      const match = line.match(regex);
+      if (match) {
+        const oid = match[1];
+        const path7 = decodeGitFilePath(match[2]);
+        fileOidMap[path7] = oid;
+      } else {
+        throw new Error(`Unexpected "git ls-files" output: ${line}`);
+      }
+    }
+  }
+  return fileOidMap;
+};
+function getRefFromEnv() {
+  let refEnv;
+  try {
+    refEnv = getRequiredEnvParam("GITHUB_REF");
+  } catch (e) {
+    const maybeRef = process.env["CODE_SCANNING_REF"];
+    if (maybeRef === void 0 || maybeRef.length === 0) {
+      throw e;
+    }
+    refEnv = maybeRef;
+  }
+  return refEnv;
+}
+async function getRef() {
+  const refInput = getOptionalInput("ref");
+  const shaInput = getOptionalInput("sha");
+  const checkoutPath = getOptionalInput("checkout_path") || getOptionalInput("source-root") || getRequiredEnvParam("GITHUB_WORKSPACE");
+  const hasRefInput = !!refInput;
+  const hasShaInput = !!shaInput;
+  if ((hasRefInput || hasShaInput) && !(hasRefInput && hasShaInput)) {
+    throw new ConfigurationError(
+      "Both 'ref' and 'sha' are required if one of them is provided."
+    );
+  }
+  const ref = refInput || getRefFromEnv();
+  const sha = shaInput || getRequiredEnvParam("GITHUB_SHA");
+  if (refInput) {
+    return refInput;
+  }
+  const pull_ref_regex = /refs\/pull\/(\d+)\/merge/;
+  if (!pull_ref_regex.test(ref)) {
+    return ref;
+  }
+  const head = await getCommitOid(checkoutPath, "HEAD");
+  const hasChangedRef = sha !== head && await getCommitOid(
+    checkoutPath,
+    ref.replace(/^refs\/pull\//, "refs/remotes/pull/")
+  ) !== head;
+  if (hasChangedRef) {
+    const newRef = ref.replace(pull_ref_regex, "refs/pull/$1/head");
+    core7.debug(
+      `No longer on merge commit, rewriting ref from ${ref} to ${newRef}.`
+    );
+    return newRef;
+  } else {
+    return ref;
+  }
+}
+function removeRefsHeadsPrefix(ref) {
+  return ref.startsWith("refs/heads/") ? ref.slice("refs/heads/".length) : ref;
+}
+async function isAnalyzingDefaultBranch() {
+  if (process.env.CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH === "true") {
+    return true;
+  }
+  let currentRef = await getRef();
+  currentRef = removeRefsHeadsPrefix(currentRef);
+  const event = getWorkflowEvent();
+  let defaultBranch = event?.repository?.default_branch;
+  if (getWorkflowEventName() === "schedule") {
+    defaultBranch = removeRefsHeadsPrefix(getRefFromEnv());
+  }
+  return currentRef === defaultBranch;
+}
+
+// src/overlay-database-utils.ts
+var fs3 = __toESM(require("fs"));
+var path3 = __toESM(require("path"));
+var actionsCache = __toESM(require_cache3());
+
+// src/logging.ts
+var core8 = __toESM(require_core());
+function getActionsLogger() {
+  return core8;
+}
+
+// src/overlay-database-utils.ts
+var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
+var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
+async function writeBaseDatabaseOidsFile(config, sourceRoot) {
+  const gitFileOids = await getFileOidsUnderPath(sourceRoot);
+  const gitFileOidsJson = JSON.stringify(gitFileOids);
+  const baseDatabaseOidsFilePath = getBaseDatabaseOidsFilePath(config);
+  await fs3.promises.writeFile(baseDatabaseOidsFilePath, gitFileOidsJson);
+}
+async function readBaseDatabaseOidsFile(config, logger) {
+  const baseDatabaseOidsFilePath = getBaseDatabaseOidsFilePath(config);
+  try {
+    const contents = await fs3.promises.readFile(
+      baseDatabaseOidsFilePath,
+      "utf-8"
+    );
+    return JSON.parse(contents);
+  } catch (e) {
+    logger.error(
+      `Failed to read overlay-base file OIDs from ${baseDatabaseOidsFilePath}: ${e.message || e}`
+    );
+    throw e;
+  }
+}
+function getBaseDatabaseOidsFilePath(config) {
+  return path3.join(config.dbLocation, "base-database-oids.json");
+}
+async function writeOverlayChangesFile(config, sourceRoot, logger) {
+  const baseFileOids = await readBaseDatabaseOidsFile(config, logger);
+  const overlayFileOids = await getFileOidsUnderPath(sourceRoot);
+  const changedFiles = computeChangedFiles(baseFileOids, overlayFileOids);
+  logger.info(
+    `Found ${changedFiles.length} changed file(s) under ${sourceRoot}.`
+  );
+  const changedFilesJson = JSON.stringify({ changes: changedFiles });
+  const overlayChangesFile = path3.join(
+    getTemporaryDirectory(),
+    "overlay-changes.json"
+  );
+  logger.debug(
+    `Writing overlay changed files to ${overlayChangesFile}: ${changedFilesJson}`
+  );
+  await fs3.promises.writeFile(overlayChangesFile, changedFilesJson);
+  return overlayChangesFile;
+}
+function computeChangedFiles(baseFileOids, overlayFileOids) {
+  const changes = [];
+  for (const [file, oid] of Object.entries(overlayFileOids)) {
+    if (!(file in baseFileOids) || baseFileOids[file] !== oid) {
+      changes.push(file);
+    }
+  }
+  for (const file of Object.keys(baseFileOids)) {
+    if (!(file in overlayFileOids)) {
+      changes.push(file);
+    }
+  }
+  return changes;
+}
+
 // src/trap-caching.ts
 var actionsCache2 = __toESM(require_cache3());

--- a/lib/init-action-post.js
+++ b/lib/init-action-post.js
--- a/lib/init-action.js
+++ b/lib/init-action.js
--- a/lib/resolve-environment-action.js
+++ b/lib/resolve-environment-action.js
@@ -78291,10 +78291,187 @@ var PACK_IDENTIFIER_PATTERN = (function() {
 // src/feature-flags.ts
 var semver4 = __toESM(require_semver2());

-// src/overlay-database-utils.ts
-var fs2 = __toESM(require("fs"));
-var path2 = __toESM(require("path"));
-var actionsCache = __toESM(require_cache3());
+// src/tools-features.ts
+var semver3 = __toESM(require_semver2());
+function isSupportedToolsFeature(versionInfo, feature) {
+  return !!versionInfo.features && versionInfo.features[feature];
+}
+
+// src/feature-flags.ts
+var featureConfig = {
+  ["cleanup_trap_caches" /* CleanupTrapCaches */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES",
+    minimumVersion: void 0
+  },
+  ["cpp_dependency_installation_enabled" /* CppDependencyInstallation */]: {
+    defaultValue: false,
+    envVar: "CODEQL_EXTRACTOR_CPP_AUTOINSTALL_DEPENDENCIES",
+    legacyApi: true,
+    minimumVersion: "2.15.0"
+  },
+  ["diff_informed_queries" /* DiffInformedQueries */]: {
+    defaultValue: true,
+    envVar: "CODEQL_ACTION_DIFF_INFORMED_QUERIES",
+    minimumVersion: "2.21.0"
+  },
+  ["disable_csharp_buildless" /* DisableCsharpBuildless */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_DISABLE_CSHARP_BUILDLESS",
+    minimumVersion: void 0
+  },
+  ["disable_java_buildless_enabled" /* DisableJavaBuildlessEnabled */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_DISABLE_JAVA_BUILDLESS",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["disable_kotlin_analysis_enabled" /* DisableKotlinAnalysisEnabled */]: {
+    defaultValue: false,
+    envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["export_diagnostics_enabled" /* ExportDiagnosticsEnabled */]: {
+    defaultValue: true,
+    envVar: "CODEQL_ACTION_EXPORT_DIAGNOSTICS",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["resolve_supported_languages_using_cli" /* ResolveSupportedLanguagesUsingCli */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_RESOLVE_SUPPORTED_LANGUAGES_USING_CLI",
+    minimumVersion: void 0,
+    toolsFeature: "builtinExtractorsSpecifyDefaultQueries" /* BuiltinExtractorsSpecifyDefaultQueries */
+  },
+  ["overlay_analysis" /* OverlayAnalysis */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_go" /* OverlayAnalysisGo */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_java" /* OverlayAnalysisJava */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_python" /* OverlayAnalysisPython */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
+    minimumVersion: void 0
+  },
+  ["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
+    minimumVersion: void 0,
+    toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */
+  },
+  ["use_repository_properties" /* UseRepositoryProperties */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
+    minimumVersion: void 0
+  },
+  ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_QA_TELEMETRY",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS",
+    minimumVersion: "2.23.0"
+  }
+};

 // src/git-utils.ts
 var core7 = __toESM(require_core());
@@ -78459,6 +78636,11 @@ async function isAnalyzingDefaultBranch() {
  return currentRef === defaultBranch;
 }

+// src/overlay-database-utils.ts
+var fs2 = __toESM(require("fs"));
+var path2 = __toESM(require("path"));
+var actionsCache = __toESM(require_cache3());
+
 // src/logging.ts
 var core8 = __toESM(require_core());
 function getActionsLogger() {
@@ -78466,7 +78648,6 @@ function getActionsLogger() {
 }

 // src/overlay-database-utils.ts
-var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4";
 var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
 var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
 async function writeBaseDatabaseOidsFile(config, sourceRoot) {
@@ -78526,188 +78707,6 @@ function computeChangedFiles(baseFileOids, overlayFileOids) {
  return changes;
 }

-// src/tools-features.ts
-var semver3 = __toESM(require_semver2());
-function isSupportedToolsFeature(versionInfo, feature) {
-  return !!versionInfo.features && versionInfo.features[feature];
-}
-
-// src/feature-flags.ts
-var featureConfig = {
-  ["cleanup_trap_caches" /* CleanupTrapCaches */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES",
-    minimumVersion: void 0
-  },
-  ["cpp_dependency_installation_enabled" /* CppDependencyInstallation */]: {
-    defaultValue: false,
-    envVar: "CODEQL_EXTRACTOR_CPP_AUTOINSTALL_DEPENDENCIES",
-    legacyApi: true,
-    minimumVersion: "2.15.0"
-  },
-  ["diff_informed_queries" /* DiffInformedQueries */]: {
-    defaultValue: true,
-    envVar: "CODEQL_ACTION_DIFF_INFORMED_QUERIES",
-    minimumVersion: "2.21.0"
-  },
-  ["disable_csharp_buildless" /* DisableCsharpBuildless */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_DISABLE_CSHARP_BUILDLESS",
-    minimumVersion: void 0
-  },
-  ["disable_java_buildless_enabled" /* DisableJavaBuildlessEnabled */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_DISABLE_JAVA_BUILDLESS",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["disable_kotlin_analysis_enabled" /* DisableKotlinAnalysisEnabled */]: {
-    defaultValue: false,
-    envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["export_diagnostics_enabled" /* ExportDiagnosticsEnabled */]: {
-    defaultValue: true,
-    envVar: "CODEQL_ACTION_EXPORT_DIAGNOSTICS",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["resolve_supported_languages_using_cli" /* ResolveSupportedLanguagesUsingCli */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_RESOLVE_SUPPORTED_LANGUAGES_USING_CLI",
-    minimumVersion: void 0,
-    toolsFeature: "builtinExtractorsSpecifyDefaultQueries" /* BuiltinExtractorsSpecifyDefaultQueries */
-  },
-  ["overlay_analysis" /* OverlayAnalysis */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
-    minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
-  },
-  ["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_go" /* OverlayAnalysisGo */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_java" /* OverlayAnalysisJava */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_python" /* OverlayAnalysisPython */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
-    minimumVersion: void 0
-  },
-  ["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
-    minimumVersion: void 0,
-    toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */
-  },
-  ["use_repository_properties" /* UseRepositoryProperties */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
-    minimumVersion: void 0
-  },
-  ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_QA_TELEMETRY",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS",
-    minimumVersion: "2.23.0"
-  }
-};
-
 // src/trap-caching.ts
 var actionsCache2 = __toESM(require_cache3());

--- a/lib/start-proxy-action-post.js
+++ b/lib/start-proxy-action-post.js
@@ -117190,25 +117190,6 @@ var PACK_IDENTIFIER_PATTERN = (function() {
 // src/feature-flags.ts
 var semver4 = __toESM(require_semver2());

-// src/overlay-database-utils.ts
-var actionsCache = __toESM(require_cache3());
-
-// src/git-utils.ts
-var core7 = __toESM(require_core());
-var toolrunner2 = __toESM(require_toolrunner());
-var io3 = __toESM(require_io());
-
-// src/logging.ts
-var core8 = __toESM(require_core());
-function getActionsLogger() {
-  return core8;
-}
-
-// src/overlay-database-utils.ts
-var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4";
-var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
-var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
-
 // src/tools-features.ts
 var semver3 = __toESM(require_semver2());

@@ -117262,7 +117243,7 @@ var featureConfig = {
  ["overlay_analysis" /* OverlayAnalysis */]: {
    defaultValue: false,
    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
-    minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
+    minimumVersion: void 0
  },
  ["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
    defaultValue: false,
@@ -117388,6 +117369,24 @@ var featureConfig = {
  }
 };

+// src/git-utils.ts
+var core7 = __toESM(require_core());
+var toolrunner2 = __toESM(require_toolrunner());
+var io3 = __toESM(require_io());
+
+// src/overlay-database-utils.ts
+var actionsCache = __toESM(require_cache3());
+
+// src/logging.ts
+var core8 = __toESM(require_core());
+function getActionsLogger() {
+  return core8;
+}
+
+// src/overlay-database-utils.ts
+var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
+var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
+
 // src/trap-caching.ts
 var actionsCache2 = __toESM(require_cache3());

--- a/lib/upload-lib.js
+++ b/lib/upload-lib.js
@@ -88942,8 +88942,8 @@ var PACK_IDENTIFIER_PATTERN = (function() {
 })();

 // src/diff-informed-analysis-utils.ts
-var fs6 = __toESM(require("fs"));
-var path8 = __toESM(require("path"));
+var fs5 = __toESM(require("fs"));
+var path7 = __toESM(require("path"));

 // src/feature-flags.ts
 var semver4 = __toESM(require_semver2());
@@ -88952,10 +88952,206 @@ var semver4 = __toESM(require_semver2());
 var bundleVersion = "codeql-bundle-v2.23.1";
 var cliVersion = "2.23.1";

-// src/overlay-database-utils.ts
-var fs5 = __toESM(require("fs"));
-var path7 = __toESM(require("path"));
-var actionsCache = __toESM(require_cache3());
+// src/tools-features.ts
+var semver3 = __toESM(require_semver2());
+function isSupportedToolsFeature(versionInfo, feature) {
+  return !!versionInfo.features && versionInfo.features[feature];
+}
+
+// src/feature-flags.ts
+var CODEQL_VERSION_ZSTD_BUNDLE = "2.19.0";
+var featureConfig = {
+  ["cleanup_trap_caches" /* CleanupTrapCaches */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES",
+    minimumVersion: void 0
+  },
+  ["cpp_dependency_installation_enabled" /* CppDependencyInstallation */]: {
+    defaultValue: false,
+    envVar: "CODEQL_EXTRACTOR_CPP_AUTOINSTALL_DEPENDENCIES",
+    legacyApi: true,
+    minimumVersion: "2.15.0"
+  },
+  ["diff_informed_queries" /* DiffInformedQueries */]: {
+    defaultValue: true,
+    envVar: "CODEQL_ACTION_DIFF_INFORMED_QUERIES",
+    minimumVersion: "2.21.0"
+  },
+  ["disable_csharp_buildless" /* DisableCsharpBuildless */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_DISABLE_CSHARP_BUILDLESS",
+    minimumVersion: void 0
+  },
+  ["disable_java_buildless_enabled" /* DisableJavaBuildlessEnabled */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_DISABLE_JAVA_BUILDLESS",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["disable_kotlin_analysis_enabled" /* DisableKotlinAnalysisEnabled */]: {
+    defaultValue: false,
+    envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["export_diagnostics_enabled" /* ExportDiagnosticsEnabled */]: {
+    defaultValue: true,
+    envVar: "CODEQL_ACTION_EXPORT_DIAGNOSTICS",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["resolve_supported_languages_using_cli" /* ResolveSupportedLanguagesUsingCli */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_RESOLVE_SUPPORTED_LANGUAGES_USING_CLI",
+    minimumVersion: void 0,
+    toolsFeature: "builtinExtractorsSpecifyDefaultQueries" /* BuiltinExtractorsSpecifyDefaultQueries */
+  },
+  ["overlay_analysis" /* OverlayAnalysis */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_go" /* OverlayAnalysisGo */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_java" /* OverlayAnalysisJava */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_python" /* OverlayAnalysisPython */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
+    minimumVersion: void 0
+  },
+  ["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
+    minimumVersion: void 0
+  },
+  ["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
+    minimumVersion: void 0,
+    toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */
+  },
+  ["use_repository_properties" /* UseRepositoryProperties */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
+    minimumVersion: void 0
+  },
+  ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_QA_TELEMETRY",
+    legacyApi: true,
+    minimumVersion: void 0
+  },
+  ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: {
+    defaultValue: false,
+    envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS",
+    minimumVersion: "2.23.0"
+  }
+};
+
+// src/diff-informed-analysis-utils.ts
+function getDiffRangesJsonFilePath() {
+  return path7.join(getTemporaryDirectory(), "pr-diff-range.json");
+}
+function readDiffRangesJsonFile(logger) {
+  const jsonFilePath = getDiffRangesJsonFilePath();
+  if (!fs5.existsSync(jsonFilePath)) {
+    logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
+    return void 0;
+  }
+  const jsonContents = fs5.readFileSync(jsonFilePath, "utf8");
+  logger.debug(
+    `Read pr-diff-range JSON file from ${jsonFilePath}:
+${jsonContents}`
+  );
+  return JSON.parse(jsonContents);
+}

 // src/git-utils.ts
 var core7 = __toESM(require_core());
@@ -89154,6 +89350,11 @@ async function isAnalyzingDefaultBranch() {
  return currentRef === defaultBranch;
 }

+// src/overlay-database-utils.ts
+var fs6 = __toESM(require("fs"));
+var path8 = __toESM(require("path"));
+var actionsCache = __toESM(require_cache3());
+
 // src/logging.ts
 var core8 = __toESM(require_core());
 function formatDuration(durationMs) {
@@ -89169,19 +89370,18 @@ function formatDuration(durationMs) {
 }

 // src/overlay-database-utils.ts
-var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4";
 var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
 var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
 async function writeBaseDatabaseOidsFile(config, sourceRoot) {
  const gitFileOids = await getFileOidsUnderPath(sourceRoot);
  const gitFileOidsJson = JSON.stringify(gitFileOids);
  const baseDatabaseOidsFilePath = getBaseDatabaseOidsFilePath(config);
-  await fs5.promises.writeFile(baseDatabaseOidsFilePath, gitFileOidsJson);
+  await fs6.promises.writeFile(baseDatabaseOidsFilePath, gitFileOidsJson);
 }
 async function readBaseDatabaseOidsFile(config, logger) {
  const baseDatabaseOidsFilePath = getBaseDatabaseOidsFilePath(config);
  try {
-    const contents = await fs5.promises.readFile(
+    const contents = await fs6.promises.readFile(
      baseDatabaseOidsFilePath,
      "utf-8"
    );
@@ -89194,7 +89394,7 @@ async function readBaseDatabaseOidsFile(config, logger) {
  }
 }
 function getBaseDatabaseOidsFilePath(config) {
-  return path7.join(config.dbLocation, "base-database-oids.json");
+  return path8.join(config.dbLocation, "base-database-oids.json");
 }
 async function writeOverlayChangesFile(config, sourceRoot, logger) {
  const baseFileOids = await readBaseDatabaseOidsFile(config, logger);
@@ -89204,14 +89404,14 @@ async function writeOverlayChangesFile(config, sourceRoot, logger) {
    `Found ${changedFiles.length} changed file(s) under ${sourceRoot}.`
  );
  const changedFilesJson = JSON.stringify({ changes: changedFiles });
-  const overlayChangesFile = path7.join(
+  const overlayChangesFile = path8.join(
    getTemporaryDirectory(),
    "overlay-changes.json"
  );
  logger.debug(
    `Writing overlay changed files to ${overlayChangesFile}: ${changedFilesJson}`
  );
-  await fs5.promises.writeFile(overlayChangesFile, changedFilesJson);
+  await fs6.promises.writeFile(overlayChangesFile, changedFilesJson);
  return overlayChangesFile;
 }
 function computeChangedFiles(baseFileOids, overlayFileOids) {
@@ -89229,207 +89429,6 @@ function computeChangedFiles(baseFileOids, overlayFileOids) {
  return changes;
 }

-// src/tools-features.ts
-var semver3 = __toESM(require_semver2());
-function isSupportedToolsFeature(versionInfo, feature) {
-  return !!versionInfo.features && versionInfo.features[feature];
-}
-
-// src/feature-flags.ts
-var CODEQL_VERSION_ZSTD_BUNDLE = "2.19.0";
-var featureConfig = {
-  ["cleanup_trap_caches" /* CleanupTrapCaches */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES",
-    minimumVersion: void 0
-  },
-  ["cpp_dependency_installation_enabled" /* CppDependencyInstallation */]: {
-    defaultValue: false,
-    envVar: "CODEQL_EXTRACTOR_CPP_AUTOINSTALL_DEPENDENCIES",
-    legacyApi: true,
-    minimumVersion: "2.15.0"
-  },
-  ["diff_informed_queries" /* DiffInformedQueries */]: {
-    defaultValue: true,
-    envVar: "CODEQL_ACTION_DIFF_INFORMED_QUERIES",
-    minimumVersion: "2.21.0"
-  },
-  ["disable_csharp_buildless" /* DisableCsharpBuildless */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_DISABLE_CSHARP_BUILDLESS",
-    minimumVersion: void 0
-  },
-  ["disable_java_buildless_enabled" /* DisableJavaBuildlessEnabled */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_DISABLE_JAVA_BUILDLESS",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["disable_kotlin_analysis_enabled" /* DisableKotlinAnalysisEnabled */]: {
-    defaultValue: false,
-    envVar: "CODEQL_DISABLE_KOTLIN_ANALYSIS",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["export_diagnostics_enabled" /* ExportDiagnosticsEnabled */]: {
-    defaultValue: true,
-    envVar: "CODEQL_ACTION_EXPORT_DIAGNOSTICS",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["resolve_supported_languages_using_cli" /* ResolveSupportedLanguagesUsingCli */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_RESOLVE_SUPPORTED_LANGUAGES_USING_CLI",
-    minimumVersion: void 0,
-    toolsFeature: "builtinExtractorsSpecifyDefaultQueries" /* BuiltinExtractorsSpecifyDefaultQueries */
-  },
-  ["overlay_analysis" /* OverlayAnalysis */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
-    minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
-  },
-  ["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_ACTIONS",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_actions" /* OverlayAnalysisCodeScanningActions */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_ACTIONS",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_cpp" /* OverlayAnalysisCodeScanningCpp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CPP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_csharp" /* OverlayAnalysisCodeScanningCsharp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_CSHARP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_go" /* OverlayAnalysisCodeScanningGo */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_GO",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_java" /* OverlayAnalysisCodeScanningJava */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVA",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_javascript" /* OverlayAnalysisCodeScanningJavascript */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_JAVASCRIPT",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_python" /* OverlayAnalysisCodeScanningPython */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_PYTHON",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_ruby" /* OverlayAnalysisCodeScanningRuby */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUBY",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_rust" /* OverlayAnalysisCodeScanningRust */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_RUST",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_code_scanning_swift" /* OverlayAnalysisCodeScanningSwift */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CODE_SCANNING_SWIFT",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_cpp" /* OverlayAnalysisCpp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CPP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_csharp" /* OverlayAnalysisCsharp */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_CSHARP",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_go" /* OverlayAnalysisGo */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_GO",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_java" /* OverlayAnalysisJava */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVA",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_javascript" /* OverlayAnalysisJavascript */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_JAVASCRIPT",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_python" /* OverlayAnalysisPython */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_PYTHON",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_ruby" /* OverlayAnalysisRuby */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUBY",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_rust" /* OverlayAnalysisRust */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_RUST",
-    minimumVersion: void 0
-  },
-  ["overlay_analysis_swift" /* OverlayAnalysisSwift */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS_SWIFT",
-    minimumVersion: void 0
-  },
-  ["python_default_is_to_not_extract_stdlib" /* PythonDefaultIsToNotExtractStdlib */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_DISABLE_PYTHON_STANDARD_LIBRARY_EXTRACTION",
-    minimumVersion: void 0,
-    toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */
-  },
-  ["use_repository_properties" /* UseRepositoryProperties */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES",
-    minimumVersion: void 0
-  },
-  ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_QA_TELEMETRY",
-    legacyApi: true,
-    minimumVersion: void 0
-  },
-  ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: {
-    defaultValue: false,
-    envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS",
-    minimumVersion: "2.23.0"
-  }
-};
-
-// src/diff-informed-analysis-utils.ts
-function getDiffRangesJsonFilePath() {
-  return path8.join(getTemporaryDirectory(), "pr-diff-range.json");
-}
-function readDiffRangesJsonFile(logger) {
-  const jsonFilePath = getDiffRangesJsonFilePath();
-  if (!fs6.existsSync(jsonFilePath)) {
-    logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
-    return void 0;
-  }
-  const jsonContents = fs6.readFileSync(jsonFilePath, "utf8");
-  logger.debug(
-    `Read pr-diff-range JSON file from ${jsonFilePath}:
-${jsonContents}`
-  );
-  return JSON.parse(jsonContents);
-}
-
 // src/trap-caching.ts
 var actionsCache2 = __toESM(require_cache3());

--- a/lib/upload-sarif-action-post.js
+++ b/lib/upload-sarif-action-post.js
@@ -117341,33 +117341,6 @@ var PACK_IDENTIFIER_PATTERN = (function() {
 // src/feature-flags.ts
 var semver4 = __toESM(require_semver2());

-// src/overlay-database-utils.ts
-var actionsCache = __toESM(require_cache3());
-
-// src/git-utils.ts
-var core7 = __toESM(require_core());
-var toolrunner2 = __toESM(require_toolrunner());
-var io3 = __toESM(require_io());
-
-// src/logging.ts
-var core8 = __toESM(require_core());
-function getActionsLogger() {
-  return core8;
-}
-function withGroup(groupName, f) {
-  core8.startGroup(groupName);
-  try {
-    return f();
-  } finally {
-    core8.endGroup();
-  }
-}
-
-// src/overlay-database-utils.ts
-var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4";
-var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
-var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
-
 // src/tools-features.ts
 var semver3 = __toESM(require_semver2());
 var SafeArtifactUploadVersion = "2.20.3";
@@ -117425,7 +117398,7 @@ var featureConfig = {
  ["overlay_analysis" /* OverlayAnalysis */]: {
    defaultValue: false,
    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
-    minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
+    minimumVersion: void 0
  },
  ["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
    defaultValue: false,
@@ -117551,6 +117524,32 @@ var featureConfig = {
  }
 };

+// src/git-utils.ts
+var core7 = __toESM(require_core());
+var toolrunner2 = __toESM(require_toolrunner());
+var io3 = __toESM(require_io());
+
+// src/overlay-database-utils.ts
+var actionsCache = __toESM(require_cache3());
+
+// src/logging.ts
+var core8 = __toESM(require_core());
+function getActionsLogger() {
+  return core8;
+}
+function withGroup(groupName, f) {
+  core8.startGroup(groupName);
+  try {
+    return f();
+  } finally {
+    core8.endGroup();
+  }
+}
+
+// src/overlay-database-utils.ts
+var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
+var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
+
 // src/trap-caching.ts
 var actionsCache2 = __toESM(require_cache3());

--- a/lib/upload-sarif-action.js
+++ b/lib/upload-sarif-action.js
@@ -88927,294 +88927,14 @@ function wrapApiConfigurationError(e) {
 }

 // src/feature-flags.ts
-var fs6 = __toESM(require("fs"));
-var path8 = __toESM(require("path"));
+var fs5 = __toESM(require("fs"));
+var path7 = __toESM(require("path"));
 var semver3 = __toESM(require_semver2());

 // src/defaults.json
 var bundleVersion = "codeql-bundle-v2.23.1";
 var cliVersion = "2.23.1";

-// src/overlay-database-utils.ts
-var fs5 = __toESM(require("fs"));
-var path7 = __toESM(require("path"));
-var actionsCache = __toESM(require_cache3());
-
-// src/git-utils.ts
-var core6 = __toESM(require_core());
-var toolrunner2 = __toESM(require_toolrunner());
-var io3 = __toESM(require_io());
-var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
-  let stdout = "";
-  let stderr = "";
-  core6.debug(`Running git command: git ${args.join(" ")}`);
-  try {
-    await new toolrunner2.ToolRunner(await io3.which("git", true), args, {
-      silent: true,
-      listeners: {
-        stdout: (data) => {
-          stdout += data.toString();
-        },
-        stderr: (data) => {
-          stderr += data.toString();
-        }
-      },
-      cwd: workingDirectory
-    }).exec();
-    return stdout;
-  } catch (error2) {
-    let reason = stderr;
-    if (stderr.includes("not a git repository")) {
-      reason = "The checkout path provided to the action does not appear to be a git repository.";
-    }
-    core6.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
-    throw error2;
-  }
-};
-var getCommitOid = async function(checkoutPath, ref = "HEAD") {
-  try {
-    const stdout = await runGitCommand(
-      checkoutPath,
-      ["rev-parse", ref],
-      "Continuing with commit SHA from user input or environment."
-    );
-    return stdout.trim();
-  } catch {
-    return getOptionalInput("sha") || getRequiredEnvParam("GITHUB_SHA");
-  }
-};
-var determineBaseBranchHeadCommitOid = async function(checkoutPathOverride) {
-  if (getWorkflowEventName() !== "pull_request") {
-    return void 0;
-  }
-  const mergeSha = getRequiredEnvParam("GITHUB_SHA");
-  const checkoutPath = checkoutPathOverride ?? getOptionalInput("checkout_path");
-  try {
-    let commitOid = "";
-    let baseOid = "";
-    let headOid = "";
-    const stdout = await runGitCommand(
-      checkoutPath,
-      ["show", "-s", "--format=raw", mergeSha],
-      "Will calculate the base branch SHA on the server."
-    );
-    for (const data of stdout.split("\n")) {
-      if (data.startsWith("commit ") && commitOid === "") {
-        commitOid = data.substring(7);
-      } else if (data.startsWith("parent ")) {
-        if (baseOid === "") {
-          baseOid = data.substring(7);
-        } else if (headOid === "") {
-          headOid = data.substring(7);
-        }
-      }
-    }
-    if (commitOid === mergeSha && headOid.length === 40 && baseOid.length === 40) {
-      return baseOid;
-    }
-    return void 0;
-  } catch {
-    return void 0;
-  }
-};
-var decodeGitFilePath = function(filePath) {
-  if (filePath.startsWith('"') && filePath.endsWith('"')) {
-    filePath = filePath.substring(1, filePath.length - 1);
-    return filePath.replace(
-      /\\([abfnrtv\\"]|[0-7]{1,3})/g,
-      (_match, seq2) => {
-        switch (seq2[0]) {
-          case "a":
-            return "\x07";
-          case "b":
-            return "\b";
-          case "f":
-            return "\f";
-          case "n":
-            return "\n";
-          case "r":
-            return "\r";
-          case "t":
-            return "	";
-          case "v":
-            return "\v";
-          case "\\":
-            return "\\";
-          case '"':
-            return '"';
-          default:
-            return String.fromCharCode(parseInt(seq2, 8));
-        }
-      }
-    );
-  }
-  return filePath;
-};
-var getFileOidsUnderPath = async function(basePath) {
-  const stdout = await runGitCommand(
-    basePath,
-    ["ls-files", "--recurse-submodules", "--format=%(objectname)_%(path)"],
-    "Cannot list Git OIDs of tracked files."
-  );
-  const fileOidMap = {};
-  const regex = /^([0-9a-f]{40})_(.+)$/;
-  for (const line of stdout.split("\n")) {
-    if (line) {
-      const match = line.match(regex);
-      if (match) {
-        const oid = match[1];
-        const path16 = decodeGitFilePath(match[2]);
-        fileOidMap[path16] = oid;
-      } else {
-        throw new Error(`Unexpected "git ls-files" output: ${line}`);
-      }
-    }
-  }
-  return fileOidMap;
-};
-function getRefFromEnv() {
-  let refEnv;
-  try {
-    refEnv = getRequiredEnvParam("GITHUB_REF");
-  } catch (e) {
-    const maybeRef = process.env["CODE_SCANNING_REF"];
-    if (maybeRef === void 0 || maybeRef.length === 0) {
-      throw e;
-    }
-    refEnv = maybeRef;
-  }
-  return refEnv;
-}
-async function getRef() {
-  const refInput = getOptionalInput("ref");
-  const shaInput = getOptionalInput("sha");
-  const checkoutPath = getOptionalInput("checkout_path") || getOptionalInput("source-root") || getRequiredEnvParam("GITHUB_WORKSPACE");
-  const hasRefInput = !!refInput;
-  const hasShaInput = !!shaInput;
-  if ((hasRefInput || hasShaInput) && !(hasRefInput && hasShaInput)) {
-    throw new ConfigurationError(
-      "Both 'ref' and 'sha' are required if one of them is provided."
-    );
-  }
-  const ref = refInput || getRefFromEnv();
-  const sha = shaInput || getRequiredEnvParam("GITHUB_SHA");
-  if (refInput) {
-    return refInput;
-  }
-  const pull_ref_regex = /refs\/pull\/(\d+)\/merge/;
-  if (!pull_ref_regex.test(ref)) {
-    return ref;
-  }
-  const head = await getCommitOid(checkoutPath, "HEAD");
-  const hasChangedRef = sha !== head && await getCommitOid(
-    checkoutPath,
-    ref.replace(/^refs\/pull\//, "refs/remotes/pull/")
-  ) !== head;
-  if (hasChangedRef) {
-    const newRef = ref.replace(pull_ref_regex, "refs/pull/$1/head");
-    core6.debug(
-      `No longer on merge commit, rewriting ref from ${ref} to ${newRef}.`
-    );
-    return newRef;
-  } else {
-    return ref;
-  }
-}
-function removeRefsHeadsPrefix(ref) {
-  return ref.startsWith("refs/heads/") ? ref.slice("refs/heads/".length) : ref;
-}
-async function isAnalyzingDefaultBranch() {
-  if (process.env.CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH === "true") {
-    return true;
-  }
-  let currentRef = await getRef();
-  currentRef = removeRefsHeadsPrefix(currentRef);
-  const event = getWorkflowEvent();
-  let defaultBranch = event?.repository?.default_branch;
-  if (getWorkflowEventName() === "schedule") {
-    defaultBranch = removeRefsHeadsPrefix(getRefFromEnv());
-  }
-  return currentRef === defaultBranch;
-}
-
-// src/logging.ts
-var core7 = __toESM(require_core());
-function getActionsLogger() {
-  return core7;
-}
-function formatDuration(durationMs) {
-  if (durationMs < 1e3) {
-    return `${durationMs}ms`;
-  }
-  if (durationMs < 60 * 1e3) {
-    return `${(durationMs / 1e3).toFixed(1)}s`;
-  }
-  const minutes = Math.floor(durationMs / (60 * 1e3));
-  const seconds = Math.floor(durationMs % (60 * 1e3) / 1e3);
-  return `${minutes}m${seconds}s`;
-}
-
-// src/overlay-database-utils.ts
-var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4";
-var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
-var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
-async function writeBaseDatabaseOidsFile(config, sourceRoot) {
-  const gitFileOids = await getFileOidsUnderPath(sourceRoot);
-  const gitFileOidsJson = JSON.stringify(gitFileOids);
-  const baseDatabaseOidsFilePath = getBaseDatabaseOidsFilePath(config);
-  await fs5.promises.writeFile(baseDatabaseOidsFilePath, gitFileOidsJson);
-}
-async function readBaseDatabaseOidsFile(config, logger) {
-  const baseDatabaseOidsFilePath = getBaseDatabaseOidsFilePath(config);
-  try {
-    const contents = await fs5.promises.readFile(
-      baseDatabaseOidsFilePath,
-      "utf-8"
-    );
-    return JSON.parse(contents);
-  } catch (e) {
-    logger.error(
-      `Failed to read overlay-base file OIDs from ${baseDatabaseOidsFilePath}: ${e.message || e}`
-    );
-    throw e;
-  }
-}
-function getBaseDatabaseOidsFilePath(config) {
-  return path7.join(config.dbLocation, "base-database-oids.json");
-}
-async function writeOverlayChangesFile(config, sourceRoot, logger) {
-  const baseFileOids = await readBaseDatabaseOidsFile(config, logger);
-  const overlayFileOids = await getFileOidsUnderPath(sourceRoot);
-  const changedFiles = computeChangedFiles(baseFileOids, overlayFileOids);
-  logger.info(
-    `Found ${changedFiles.length} changed file(s) under ${sourceRoot}.`
-  );
-  const changedFilesJson = JSON.stringify({ changes: changedFiles });
-  const overlayChangesFile = path7.join(
-    getTemporaryDirectory(),
-    "overlay-changes.json"
-  );
-  logger.debug(
-    `Writing overlay changed files to ${overlayChangesFile}: ${changedFilesJson}`
-  );
-  await fs5.promises.writeFile(overlayChangesFile, changedFilesJson);
-  return overlayChangesFile;
-}
-function computeChangedFiles(baseFileOids, overlayFileOids) {
-  const changes = [];
-  for (const [file, oid] of Object.entries(overlayFileOids)) {
-    if (!(file in baseFileOids) || baseFileOids[file] !== oid) {
-      changes.push(file);
-    }
-  }
-  for (const file of Object.keys(baseFileOids)) {
-    if (!(file in overlayFileOids)) {
-      changes.push(file);
-    }
-  }
-  return changes;
-}
-
 // src/tools-features.ts
 var semver2 = __toESM(require_semver2());
 function isSupportedToolsFeature(versionInfo, feature) {
@@ -89274,7 +88994,7 @@ var featureConfig = {
  ["overlay_analysis" /* OverlayAnalysis */]: {
    defaultValue: false,
    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
-    minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION
+    minimumVersion: void 0
  },
  ["overlay_analysis_actions" /* OverlayAnalysisActions */]: {
    defaultValue: false,
@@ -89406,7 +89126,7 @@ var Features = class {
    this.gitHubFeatureFlags = new GitHubFeatureFlags(
      gitHubVersion,
      repositoryNwo,
-      path8.join(tempDir, FEATURE_FLAGS_FILE_NAME),
+      path7.join(tempDir, FEATURE_FLAGS_FILE_NAME),
      logger
    );
  }
@@ -89585,12 +89305,12 @@ var GitHubFeatureFlags = class {
  }
  async readLocalFlags() {
    try {
-      if (fs6.existsSync(this.featureFlagsFile)) {
+      if (fs5.existsSync(this.featureFlagsFile)) {
        this.logger.debug(
          `Loading feature flags from ${this.featureFlagsFile}`
        );
        return JSON.parse(
-          fs6.readFileSync(this.featureFlagsFile, "utf8")
+          fs5.readFileSync(this.featureFlagsFile, "utf8")
        );
      }
    } catch (e) {
@@ -89603,7 +89323,7 @@ var GitHubFeatureFlags = class {
  async writeLocalFlags(flags) {
    try {
      this.logger.debug(`Writing feature flags to ${this.featureFlagsFile}`);
-      fs6.writeFileSync(this.featureFlagsFile, JSON.stringify(flags));
+      fs5.writeFileSync(this.featureFlagsFile, JSON.stringify(flags));
    } catch (e) {
      this.logger.warning(
        `Error writing cached feature flags file ${this.featureFlagsFile}: ${e}.`
@@ -89664,6 +89384,23 @@ var GitHubFeatureFlags = class {
  }
 };

+// src/logging.ts
+var core6 = __toESM(require_core());
+function getActionsLogger() {
+  return core6;
+}
+function formatDuration(durationMs) {
+  if (durationMs < 1e3) {
+    return `${durationMs}ms`;
+  }
+  if (durationMs < 60 * 1e3) {
+    return `${(durationMs / 1e3).toFixed(1)}s`;
+  }
+  const minutes = Math.floor(durationMs / (60 * 1e3));
+  const seconds = Math.floor(durationMs % (60 * 1e3) / 1e3);
+  return `${minutes}m${seconds}s`;
+}
+
 // src/status-report.ts
 var os = __toESM(require("os"));
 var core9 = __toESM(require_core());
@@ -89673,7 +89410,7 @@ var fs8 = __toESM(require("fs"));
 var path10 = __toESM(require("path"));

 // src/caching-utils.ts
-var core8 = __toESM(require_core());
+var core7 = __toESM(require_core());

 // src/config/db-config.ts
 var semver4 = __toESM(require_semver2());
@@ -89685,18 +89422,18 @@ var PACK_IDENTIFIER_PATTERN = (function() {
 })();

 // src/diff-informed-analysis-utils.ts
-var fs7 = __toESM(require("fs"));
-var path9 = __toESM(require("path"));
+var fs6 = __toESM(require("fs"));
+var path8 = __toESM(require("path"));
 function getDiffRangesJsonFilePath() {
-  return path9.join(getTemporaryDirectory(), "pr-diff-range.json");
+  return path8.join(getTemporaryDirectory(), "pr-diff-range.json");
 }
 function readDiffRangesJsonFile(logger) {
  const jsonFilePath = getDiffRangesJsonFilePath();
-  if (!fs7.existsSync(jsonFilePath)) {
+  if (!fs6.existsSync(jsonFilePath)) {
    logger.debug(`Diff ranges JSON file does not exist at ${jsonFilePath}`);
    return void 0;
  }
-  const jsonContents = fs7.readFileSync(jsonFilePath, "utf8");
+  const jsonContents = fs6.readFileSync(jsonFilePath, "utf8");
  logger.debug(
    `Read pr-diff-range JSON file from ${jsonFilePath}:
 ${jsonContents}`
@@ -89704,6 +89441,266 @@ ${jsonContents}`
  return JSON.parse(jsonContents);
 }

+// src/git-utils.ts
+var core8 = __toESM(require_core());
+var toolrunner2 = __toESM(require_toolrunner());
+var io3 = __toESM(require_io());
+var runGitCommand = async function(workingDirectory, args, customErrorMessage) {
+  let stdout = "";
+  let stderr = "";
+  core8.debug(`Running git command: git ${args.join(" ")}`);
+  try {
+    await new toolrunner2.ToolRunner(await io3.which("git", true), args, {
+      silent: true,
+      listeners: {
+        stdout: (data) => {
+          stdout += data.toString();
+        },
+        stderr: (data) => {
+          stderr += data.toString();
+        }
+      },
+      cwd: workingDirectory
+    }).exec();
+    return stdout;
+  } catch (error2) {
+    let reason = stderr;
+    if (stderr.includes("not a git repository")) {
+      reason = "The checkout path provided to the action does not appear to be a git repository.";
+    }
+    core8.info(`git call failed. ${customErrorMessage} Error: ${reason}`);
+    throw error2;
+  }
+};
+var getCommitOid = async function(checkoutPath, ref = "HEAD") {
+  try {
+    const stdout = await runGitCommand(
+      checkoutPath,
+      ["rev-parse", ref],
+      "Continuing with commit SHA from user input or environment."
+    );
+    return stdout.trim();
+  } catch {
+    return getOptionalInput("sha") || getRequiredEnvParam("GITHUB_SHA");
+  }
+};
+var determineBaseBranchHeadCommitOid = async function(checkoutPathOverride) {
+  if (getWorkflowEventName() !== "pull_request") {
+    return void 0;
+  }
+  const mergeSha = getRequiredEnvParam("GITHUB_SHA");
+  const checkoutPath = checkoutPathOverride ?? getOptionalInput("checkout_path");
+  try {
+    let commitOid = "";
+    let baseOid = "";
+    let headOid = "";
+    const stdout = await runGitCommand(
+      checkoutPath,
+      ["show", "-s", "--format=raw", mergeSha],
+      "Will calculate the base branch SHA on the server."
+    );
+    for (const data of stdout.split("\n")) {
+      if (data.startsWith("commit ") && commitOid === "") {
+        commitOid = data.substring(7);
+      } else if (data.startsWith("parent ")) {
+        if (baseOid === "") {
+          baseOid = data.substring(7);
+        } else if (headOid === "") {
+          headOid = data.substring(7);
+        }
+      }
+    }
+    if (commitOid === mergeSha && headOid.length === 40 && baseOid.length === 40) {
+      return baseOid;
+    }
+    return void 0;
+  } catch {
+    return void 0;
+  }
+};
+var decodeGitFilePath = function(filePath) {
+  if (filePath.startsWith('"') && filePath.endsWith('"')) {
+    filePath = filePath.substring(1, filePath.length - 1);
+    return filePath.replace(
+      /\\([abfnrtv\\"]|[0-7]{1,3})/g,
+      (_match, seq2) => {
+        switch (seq2[0]) {
+          case "a":
+            return "\x07";
+          case "b":
+            return "\b";
+          case "f":
+            return "\f";
+          case "n":
+            return "\n";
+          case "r":
+            return "\r";
+          case "t":
+            return "	";
+          case "v":
+            return "\v";
+          case "\\":
+            return "\\";
+          case '"':
+            return '"';
+          default:
+            return String.fromCharCode(parseInt(seq2, 8));
+        }
+      }
+    );
+  }
+  return filePath;
+};
+var getFileOidsUnderPath = async function(basePath) {
+  const stdout = await runGitCommand(
+    basePath,
+    ["ls-files", "--recurse-submodules", "--format=%(objectname)_%(path)"],
+    "Cannot list Git OIDs of tracked files."
+  );
+  const fileOidMap = {};
+  const regex = /^([0-9a-f]{40})_(.+)$/;
+  for (const line of stdout.split("\n")) {
+    if (line) {
+      const match = line.match(regex);
+      if (match) {
+        const oid = match[1];
+        const path16 = decodeGitFilePath(match[2]);
+        fileOidMap[path16] = oid;
+      } else {
+        throw new Error(`Unexpected "git ls-files" output: ${line}`);
+      }
+    }
+  }
+  return fileOidMap;
+};
+function getRefFromEnv() {
+  let refEnv;
+  try {
+    refEnv = getRequiredEnvParam("GITHUB_REF");
+  } catch (e) {
+    const maybeRef = process.env["CODE_SCANNING_REF"];
+    if (maybeRef === void 0 || maybeRef.length === 0) {
+      throw e;
+    }
+    refEnv = maybeRef;
+  }
+  return refEnv;
+}
+async function getRef() {
+  const refInput = getOptionalInput("ref");
+  const shaInput = getOptionalInput("sha");
+  const checkoutPath = getOptionalInput("checkout_path") || getOptionalInput("source-root") || getRequiredEnvParam("GITHUB_WORKSPACE");
+  const hasRefInput = !!refInput;
+  const hasShaInput = !!shaInput;
+  if ((hasRefInput || hasShaInput) && !(hasRefInput && hasShaInput)) {
+    throw new ConfigurationError(
+      "Both 'ref' and 'sha' are required if one of them is provided."
+    );
+  }
+  const ref = refInput || getRefFromEnv();
+  const sha = shaInput || getRequiredEnvParam("GITHUB_SHA");
+  if (refInput) {
+    return refInput;
+  }
+  const pull_ref_regex = /refs\/pull\/(\d+)\/merge/;
+  if (!pull_ref_regex.test(ref)) {
+    return ref;
+  }
+  const head = await getCommitOid(checkoutPath, "HEAD");
+  const hasChangedRef = sha !== head && await getCommitOid(
+    checkoutPath,
+    ref.replace(/^refs\/pull\//, "refs/remotes/pull/")
+  ) !== head;
+  if (hasChangedRef) {
+    const newRef = ref.replace(pull_ref_regex, "refs/pull/$1/head");
+    core8.debug(
+      `No longer on merge commit, rewriting ref from ${ref} to ${newRef}.`
+    );
+    return newRef;
+  } else {
+    return ref;
+  }
+}
+function removeRefsHeadsPrefix(ref) {
+  return ref.startsWith("refs/heads/") ? ref.slice("refs/heads/".length) : ref;
+}
+async function isAnalyzingDefaultBranch() {
+  if (process.env.CODE_SCANNING_IS_ANALYZING_DEFAULT_BRANCH === "true") {
+    return true;
+  }
+  let currentRef = await getRef();
+  currentRef = removeRefsHeadsPrefix(currentRef);
+  const event = getWorkflowEvent();
+  let defaultBranch = event?.repository?.default_branch;
+  if (getWorkflowEventName() === "schedule") {
+    defaultBranch = removeRefsHeadsPrefix(getRefFromEnv());
+  }
+  return currentRef === defaultBranch;
+}
+
+// src/overlay-database-utils.ts
+var fs7 = __toESM(require("fs"));
+var path9 = __toESM(require("path"));
+var actionsCache = __toESM(require_cache3());
+var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 15e3;
+var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6;
+async function writeBaseDatabaseOidsFile(config, sourceRoot) {
+  const gitFileOids = await getFileOidsUnderPath(sourceRoot);
+  const gitFileOidsJson = JSON.stringify(gitFileOids);
+  const baseDatabaseOidsFilePath = getBaseDatabaseOidsFilePath(config);
+  await fs7.promises.writeFile(baseDatabaseOidsFilePath, gitFileOidsJson);
+}
+async function readBaseDatabaseOidsFile(config, logger) {
+  const baseDatabaseOidsFilePath = getBaseDatabaseOidsFilePath(config);
+  try {
+    const contents = await fs7.promises.readFile(
+      baseDatabaseOidsFilePath,
+      "utf-8"
+    );
+    return JSON.parse(contents);
+  } catch (e) {
+    logger.error(
+      `Failed to read overlay-base file OIDs from ${baseDatabaseOidsFilePath}: ${e.message || e}`
+    );
+    throw e;
+  }
+}
+function getBaseDatabaseOidsFilePath(config) {
+  return path9.join(config.dbLocation, "base-database-oids.json");
+}
+async function writeOverlayChangesFile(config, sourceRoot, logger) {
+  const baseFileOids = await readBaseDatabaseOidsFile(config, logger);
+  const overlayFileOids = await getFileOidsUnderPath(sourceRoot);
+  const changedFiles = computeChangedFiles(baseFileOids, overlayFileOids);
+  logger.info(
+    `Found ${changedFiles.length} changed file(s) under ${sourceRoot}.`
+  );
+  const changedFilesJson = JSON.stringify({ changes: changedFiles });
+  const overlayChangesFile = path9.join(
+    getTemporaryDirectory(),
+    "overlay-changes.json"
+  );
+  logger.debug(
+    `Writing overlay changed files to ${overlayChangesFile}: ${changedFilesJson}`
+  );
+  await fs7.promises.writeFile(overlayChangesFile, changedFilesJson);
+  return overlayChangesFile;
+}
+function computeChangedFiles(baseFileOids, overlayFileOids) {
+  const changes = [];
+  for (const [file, oid] of Object.entries(overlayFileOids)) {
+    if (!(file in baseFileOids) || baseFileOids[file] !== oid) {
+      changes.push(file);
+    }
+  }
+  for (const file of Object.keys(baseFileOids)) {
+    if (!(file in overlayFileOids)) {
+      changes.push(file);
+    }
+  }
+  return changes;
+}
+
 // src/trap-caching.ts
 var actionsCache2 = __toESM(require_cache3());

--- a/src/config-utils.test.ts
+++ b/src/config-utils.test.ts
@@ -65,16 +65,6 @@ function createTestInitConfigInputs(
      debugDatabaseName: "",
      repository: { owner: "github", repo: "example" },
      tempDir: "",
-      codeql: createStubCodeQL({
-        async betterResolveLanguages() {
-          return {
-            extractors: {
-              html: [{ extractor_root: "" }],
-              javascript: [{ extractor_root: "" }],
-            },
-          };
-        },
-      }),
      workspacePath: "",
      sourceRoot: "",
      githubVersion,
@@ -99,6 +89,20 @@ function createConfigFile(inputFileContents: string, tmpDir: string): string {
  return configFilePath;
 }

+// Returns a default CodeQL stub for tests
+function createDefaultTestCodeQL() {
+  return createStubCodeQL({
+    async betterResolveLanguages() {
+      return {
+        extractors: {
+          html: [{ extractor_root: "" }],
+          javascript: [{ extractor_root: "" }],
+        },
+      };
+    },
+  });
+}
+
 type GetContentsResponse = { content?: string } | object[];

 function mockGetContents(
@@ -153,19 +157,19 @@ test("load empty config", async (t) => {
        languagesInput: languages,
        repository: { owner: "github", repo: "example" },
        tempDir,
-        codeql,
        logger,
      }),
+      codeql,
    );

    const expectedConfig = await configUtils.initActionState(
      createTestInitConfigInputs({
        languagesInput: languages,
        tempDir,
-        codeql,
        logger,
      }),
      {},
+      codeql,
    );

    t.deepEqual(config, expectedConfig);
@@ -193,9 +197,9 @@ test("load code quality config", async (t) => {
        languagesInput: languages,
        repository: { owner: "github", repo: "example" },
        tempDir,
-        codeql,
        logger,
      }),
+      codeql,
    );

    // And the config we expect it to result in
@@ -277,10 +281,10 @@ test("initActionState doesn't throw if there are queries configured in the repos
          languagesInput: languages,
          repository: { owner: "github", repo: "example" },
          tempDir,
-          codeql,
          repositoryProperties,
          logger,
        }),
+        codeql,
      );

      t.deepEqual(config, expectedConfig);
@@ -313,10 +317,10 @@ test("loading a saved config produces the same config", async (t) => {
      createTestInitConfigInputs({
        languagesInput: "javascript,python",
        tempDir,
-        codeql,
        workspacePath: tempDir,
        logger,
      }),
+      codeql,
    );
    await configUtils.saveConfig(config1, logger);

@@ -364,10 +368,10 @@ test("loading config with version mismatch throws", async (t) => {
      createTestInitConfigInputs({
        languagesInput: "javascript,python",
        tempDir,
-        codeql,
        workspacePath: tempDir,
        logger,
      }),
+      codeql,
    );
    // initConfig does not save the config, so we do it here.
    await configUtils.saveConfig(config, logger);
@@ -394,6 +398,7 @@ test("load input outside of workspace", async (t) => {
          tempDir,
          workspacePath: tempDir,
        }),
+        createDefaultTestCodeQL(),
      );
      throw new Error("initConfig did not throw error");
    } catch (err) {
@@ -421,6 +426,7 @@ test("load non-local input with invalid repo syntax", async (t) => {
          tempDir,
          workspacePath: tempDir,
        }),
+        createDefaultTestCodeQL(),
      );
      throw new Error("initConfig did not throw error");
    } catch (err) {
@@ -450,6 +456,7 @@ test("load non-existent input", async (t) => {
          tempDir,
          workspacePath: tempDir,
        }),
+        createDefaultTestCodeQL(),
      );
      throw new Error("initConfig did not throw error");
    } catch (err) {
@@ -534,9 +541,9 @@ test("load non-empty input", async (t) => {
        debugArtifactName: "my-artifact",
        debugDatabaseName: "my-db",
        tempDir,
-        codeql,
        workspacePath: tempDir,
      }),
+      codeql,
    );

    // Should exactly equal the object we constructed earlier
@@ -582,16 +589,15 @@ test("Using config input and file together, config input should be used.", async
    // Only JS, python packs will be ignored
    const languagesInput = "javascript";

-    const config = await configUtils.initConfig(
-      createTestInitConfigInputs({
-        languagesInput,
-        configFile: configFilePath,
-        configInput,
-        tempDir,
-        codeql,
-        workspacePath: tempDir,
-      }),
-    );
+    const inputs = createTestInitConfigInputs({
+      languagesInput,
+      configFile: configFilePath,
+      configInput,
+      tempDir,
+      workspacePath: tempDir,
+    });
+    configUtils.amendInputConfigFile(inputs, inputs.logger);
+    const config = await configUtils.initConfig(inputs, codeql);

    t.deepEqual(config.originalUserInput, yaml.load(configInput));
  });
@@ -637,9 +643,9 @@ test("API client used when reading remote config", async (t) => {
        languagesInput,
        configFile,
        tempDir,
-        codeql,
        workspacePath: tempDir,
      }),
+      codeql,
    );
    t.assert(spyGetContents.called);
  });
@@ -658,6 +664,7 @@ test("Remote config handles the case where a directory is provided", async (t) =
          tempDir,
          workspacePath: tempDir,
        }),
+        createDefaultTestCodeQL(),
      );
      throw new Error("initConfig did not throw error");
    } catch (err) {
@@ -686,6 +693,7 @@ test("Invalid format of remote config handled correctly", async (t) => {
          tempDir,
          workspacePath: tempDir,
        }),
+        createDefaultTestCodeQL(),
      );
      throw new Error("initConfig did not throw error");
    } catch (err) {
@@ -712,9 +720,9 @@ test("No detected languages", async (t) => {
      await configUtils.initConfig(
        createTestInitConfigInputs({
          tempDir,
-          codeql,
          workspacePath: tempDir,
        }),
+        codeql,
      );
      throw new Error("initConfig did not throw error");
    } catch (err) {
@@ -737,6 +745,7 @@ test("Unknown languages", async (t) => {
          tempDir,
          workspacePath: tempDir,
        }),
+        createDefaultTestCodeQL(),
      );
      throw new Error("initConfig did not throw error");
    } catch (err) {
@@ -987,7 +996,7 @@ interface OverlayDatabaseModeTestSetup {
  isDefaultBranch: boolean;
  repositoryOwner: string;
  buildMode: BuildMode | undefined;
-  languages: Language[];
+  languages: string[];
  codeqlVersion: string;
  gitRoot: string | undefined;
  codeScanningConfig: configUtils.UserConfig;
@@ -1014,6 +1023,8 @@ const getOverlayDatabaseModeMacro = test.macro({
    expected: {
      overlayDatabaseMode: OverlayDatabaseMode;
      useOverlayDatabaseCaching: boolean;
+      preliminaryOverlayDatabaseMode?: OverlayDatabaseMode;
+      preliminaryUseOverlayDatabaseCaching?: boolean;
    },
  ) => {
    return await withTmpDir(async (tempDir) => {
@@ -1075,13 +1086,51 @@ const getOverlayDatabaseModeMacro = test.macro({
          repository,
          features,
          setup.languages,
+          setup.languages.join(","),
          tempDir, // sourceRoot
          setup.buildMode,
          setup.codeScanningConfig,
          logger,
        );

-        t.deepEqual(result, expected);
+        const expectedResult = {
+          overlayDatabaseMode: expected.overlayDatabaseMode,
+          useOverlayDatabaseCaching: expected.useOverlayDatabaseCaching,
+        };
+        t.deepEqual(result, expectedResult);
+
+        let configFile: string | undefined;
+        if (Object.keys(setup.codeScanningConfig).length > 0) {
+          configFile = createConfigFile(
+            yaml.dump(setup.codeScanningConfig),
+            tempDir,
+          );
+        }
+
+        // Test getPreliminaryOverlayDatabaseMode as well
+        const preliminaryResult =
+          await configUtils.getPreliminaryOverlayDatabaseMode(
+            createTestInitConfigInputs({
+              languagesInput: setup.languages.join(","),
+              configFile,
+              features,
+              tempDir,
+              workspacePath: tempDir,
+              sourceRoot: tempDir,
+              repository,
+              logger,
+            }),
+          );
+
+        const expectedPreliminaryResult = {
+          overlayDatabaseMode:
+            expected.preliminaryOverlayDatabaseMode ??
+            expected.overlayDatabaseMode,
+          useOverlayDatabaseCaching:
+            expected.preliminaryUseOverlayDatabaseCaching ??
+            expected.useOverlayDatabaseCaching,
+        };
+        t.deepEqual(preliminaryResult, expectedPreliminaryResult);
      } finally {
        // Restore the original environment
        process.env = originalEnv;
@@ -1336,6 +1385,20 @@ test(
  },
 );

+test(
+  getOverlayDatabaseModeMacro,
+  "Overlay analysis on PR when feature enabled via language alias",
+  {
+    languages: ["javascript-typescript"],
+    features: [Feature.OverlayAnalysis, Feature.OverlayAnalysisJavascript],
+    isPullRequest: true,
+  },
+  {
+    overlayDatabaseMode: OverlayDatabaseMode.Overlay,
+    useOverlayDatabaseCaching: true,
+  },
+);
+
 test(
  getOverlayDatabaseModeMacro,
  "Overlay analysis on PR when feature enabled with custom analysis",
@@ -1492,6 +1555,20 @@ test(
  },
 );

+test(
+  getOverlayDatabaseModeMacro,
+  "No overlay analysis on PR when the language is unknown",
+  {
+    languages: ["cobol"],
+    features: [Feature.OverlayAnalysis],
+    isPullRequest: true,
+  },
+  {
+    overlayDatabaseMode: OverlayDatabaseMode.None,
+    useOverlayDatabaseCaching: false,
+  },
+);
+
 test(
  getOverlayDatabaseModeMacro,
  "Overlay PR analysis by env for dsp-testing",
@@ -1559,6 +1636,8 @@ test(
  {
    overlayDatabaseMode: OverlayDatabaseMode.None,
    useOverlayDatabaseCaching: false,
+    preliminaryOverlayDatabaseMode: OverlayDatabaseMode.Overlay,
+    preliminaryUseOverlayDatabaseCaching: false,
  },
 );

@@ -1573,6 +1652,8 @@ test(
  {
    overlayDatabaseMode: OverlayDatabaseMode.None,
    useOverlayDatabaseCaching: false,
+    preliminaryOverlayDatabaseMode: OverlayDatabaseMode.Overlay,
+    preliminaryUseOverlayDatabaseCaching: false,
  },
 );

@@ -1586,6 +1667,8 @@ test(
  {
    overlayDatabaseMode: OverlayDatabaseMode.None,
    useOverlayDatabaseCaching: false,
+    preliminaryOverlayDatabaseMode: OverlayDatabaseMode.Overlay,
+    preliminaryUseOverlayDatabaseCaching: false,
  },
 );

--- a/src/config-utils.ts
+++ b/src/config-utils.ts
@@ -33,6 +33,7 @@ import {
  CODEQL_OVERLAY_MINIMUM_VERSION,
  OverlayDatabaseMode,
 } from "./overlay-database-utils";
+import * as overlayLanguageAliases from "./overlay-language-aliases.json";
 import { RepositoryNwo } from "./repository";
 import { downloadTrapCaches } from "./trap-caching";
 import {
@@ -331,6 +332,36 @@ export async function getLanguages(
  return languages;
 }

+/**
+ * Get the (unverified) languages for overlay analysis.
+ *
+ * This is a simplified version of `getLanguages` that only resolves language
+ * aliases but does not check if the languages are actually supported by the
+ * CodeQL CLI. It is intended to be used for overlay analysis preparations
+ * before the CodeQL CLI is available.
+ */
+async function getUnverifiedLanguagesForOverlay(
+  languagesInput: string | undefined,
+  repository: RepositoryNwo,
+  sourceRoot: string,
+  logger: Logger,
+): Promise<string[]> {
+  // Obtain languages without filtering them.
+  const { rawLanguages } = await getRawLanguages(
+    languagesInput,
+    repository,
+    sourceRoot,
+    logger,
+  );
+  const languageAliases = overlayLanguageAliases as Record<string, string>;
+
+  const languagesSet: string[] = [];
+  for (const language of rawLanguages) {
+    languagesSet.push(languageAliases[language] || language);
+  }
+  return languagesSet;
+}
+
 export function getRawLanguagesNoAutodetect(
  languagesInput: string | undefined,
 ): string[] {
@@ -389,7 +420,6 @@ export interface InitConfigInputs {
  debugDatabaseName: string;
  repository: RepositoryNwo;
  tempDir: string;
-  codeql: CodeQL;
  workspacePath: string;
  sourceRoot: string;
  githubVersion: GitHubVersion;
@@ -419,7 +449,6 @@ export async function initActionState(
    debugDatabaseName,
    repository,
    tempDir,
-    codeql,
    sourceRoot,
    githubVersion,
    features,
@@ -427,6 +456,7 @@ export async function initActionState(
    logger,
  }: InitConfigInputs,
  userConfig: UserConfig,
+  codeql: CodeQL,
 ): Promise<Config> {
  const analysisKinds = await parseAnalysisKinds(analysisKindsInput);

@@ -539,12 +569,48 @@ async function downloadCacheWithTime(
  return { trapCaches, trapCacheDownloadTime };
 }

+/**
+ * Amends the input config file if configInput is provided.
+ * If configInput is set, it takes precedence over configFile.
+ *
+ * This function should be called only once on any specific `InitConfigInputs`
+ * object. Otherwise it could emit a false warning.
+ */
+export function amendInputConfigFile(
+  inputs: InitConfigInputs,
+  logger: Logger,
+): void {
+  // if configInput is set, it takes precedence over configFile
+  if (inputs.configInput) {
+    if (inputs.configFile) {
+      logger.warning(
+        `Both a config file and config input were provided. Ignoring config file.`,
+      );
+    }
+    inputs.configFile = userConfigFromActionPath(inputs.tempDir);
+    fs.writeFileSync(inputs.configFile, inputs.configInput);
+    logger.debug(`Using config from action input: ${inputs.configFile}`);
+  }
+}
+
+/**
+ * Load user configuration from a file or return an empty configuration
+ * if no config file is specified.
+ */
 async function loadUserConfig(
-  configFile: string,
+  configFile: string | undefined,
  workspacePath: string,
  apiDetails: api.GitHubApiCombinedDetails,
  tempDir: string,
+  logger: Logger,
 ): Promise<UserConfig> {
+  if (!configFile) {
+    logger.debug("No configuration file was provided");
+    return {};
+  }
+
+  logger.debug(`Using configuration file: ${configFile}`);
+
  if (isLocal(configFile)) {
    if (configFile !== userConfigFromActionPath(tempDir)) {
      // If the config file is not generated by the Action, it should be relative to the workspace.
@@ -589,32 +655,38 @@ const OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES: Record<Language, Feature> = {
 };

 async function isOverlayAnalysisFeatureEnabled(
-  repository: RepositoryNwo,
-  features: FeatureEnablement,
-  codeql: CodeQL,
-  languages: Language[],
  codeScanningConfig: UserConfig,
+  languagesInput: string | undefined,
+  repository: RepositoryNwo,
+  sourceRoot: string,
+  features: FeatureEnablement,
+  logger: Logger,
 ): Promise<boolean> {
  // TODO: Remove the repository owner check once support for overlay analysis
  // stabilizes, and no more backward-incompatible changes are expected.
  if (!["github", "dsp-testing"].includes(repository.owner)) {
    return false;
  }
-  if (!(await features.getValue(Feature.OverlayAnalysis, codeql))) {
+  if (!(await features.getValue(Feature.OverlayAnalysis))) {
    return false;
  }
+
+  const languages = await getUnverifiedLanguagesForOverlay(
+    languagesInput,
+    repository,
+    sourceRoot,
+    logger,
+  );
+
  let enableForCodeScanningOnly = false;
  for (const language of languages) {
    const feature = OVERLAY_ANALYSIS_FEATURES[language];
-    if (feature && (await features.getValue(feature, codeql))) {
+    if (feature && (await features.getValue(feature))) {
      continue;
    }
    const codeScanningFeature =
      OVERLAY_ANALYSIS_CODE_SCANNING_FEATURES[language];
-    if (
-      codeScanningFeature &&
-      (await features.getValue(codeScanningFeature, codeql))
-    ) {
+    if (codeScanningFeature && (await features.getValue(codeScanningFeature))) {
      enableForCodeScanningOnly = true;
      continue;
    }
@@ -652,14 +724,18 @@ async function isOverlayAnalysisFeatureEnabled(
 * For `Overlay` and `OverlayBase`, the function performs further checks and
 * reverts to `None` if any check should fail.
 *
+ * If `codeql` or `languages` is undefined, the function will skip checks that
+ * depend on them.
+ *
 * @returns An object containing the overlay database mode and whether the
 * action should perform overlay-base database caching.
 */
 export async function getOverlayDatabaseMode(
-  codeql: CodeQL,
+  codeql: CodeQL | undefined,
  repository: RepositoryNwo,
  features: FeatureEnablement,
-  languages: Language[],
+  languages: Language[] | undefined,
+  languagesInput: string | undefined,
  sourceRoot: string,
  buildMode: BuildMode | undefined,
  codeScanningConfig: UserConfig,
@@ -686,11 +762,12 @@ export async function getOverlayDatabaseMode(
    );
  } else if (
    await isOverlayAnalysisFeatureEnabled(
-      repository,
-      features,
-      codeql,
-      languages,
      codeScanningConfig,
+      languagesInput,
+      repository,
+      sourceRoot,
+      features,
+      logger,
    )
  ) {
    if (isAnalyzingPullRequest()) {
@@ -720,6 +797,8 @@ export async function getOverlayDatabaseMode(
  }

  if (
+    codeql !== undefined &&
+    languages !== undefined &&
    buildMode !== BuildMode.None &&
    (
      await Promise.all(
@@ -734,7 +813,10 @@ export async function getOverlayDatabaseMode(
    );
    return nonOverlayAnalysis;
  }
-  if (!(await codeQlVersionAtLeast(codeql, CODEQL_OVERLAY_MINIMUM_VERSION))) {
+  if (
+    codeql !== undefined &&
+    !(await codeQlVersionAtLeast(codeql, CODEQL_OVERLAY_MINIMUM_VERSION))
+  ) {
    logger.warning(
      `Cannot build an ${overlayDatabaseMode} database because ` +
        `the CodeQL CLI is older than ${CODEQL_OVERLAY_MINIMUM_VERSION}. ` +
@@ -757,6 +839,62 @@ export async function getOverlayDatabaseMode(
  };
 }

+/**
+ * Get preliminary overlay database mode using only the information available
+ * in InitConfigInputs, without depending on CodeQL.
+ *
+ * This is a simplified version of getOverlayDatabaseMode that can be called
+ * before the CodeQL CLI is available.
+ *
+ * @param inputs The initialization configuration inputs.
+ * @returns An object containing the overlay database mode and whether the
+ * action should perform overlay-base database caching.
+ */
+export async function getPreliminaryOverlayDatabaseMode(
+  inputs: InitConfigInputs,
+): Promise<{
+  overlayDatabaseMode: OverlayDatabaseMode;
+  useOverlayDatabaseCaching: boolean;
+}> {
+  const userConfig = await loadUserConfig(
+    inputs.configFile,
+    inputs.workspacePath,
+    inputs.apiDetails,
+    inputs.tempDir,
+    inputs.logger,
+  );
+
+  const languages = await getUnverifiedLanguagesForOverlay(
+    inputs.languagesInput,
+    inputs.repository,
+    inputs.sourceRoot,
+    inputs.logger,
+  );
+  const augmentationProperties = await calculateAugmentation(
+    inputs.packsInput,
+    inputs.queriesInput,
+    inputs.repositoryProperties,
+    languages,
+  );
+  const computedConfig = generateCodeScanningConfig(
+    inputs.logger,
+    userConfig,
+    augmentationProperties,
+  );
+
+  return getOverlayDatabaseMode(
+    undefined, // codeql
+    inputs.repository,
+    inputs.features,
+    undefined, // languages
+    inputs.languagesInput,
+    inputs.sourceRoot,
+    undefined, // buildMode
+    computedConfig,
+    inputs.logger,
+  );
+}
+
 function dbLocationOrDefault(
  dbLocation: string | undefined,
  tempDir: string,
@@ -787,35 +925,20 @@ function hasQueryCustomisation(userConfig: UserConfig): boolean {
 * This will parse the config from the user input if present, or generate
 * a default config. The parsed config is then stored to a known location.
 */
-export async function initConfig(inputs: InitConfigInputs): Promise<Config> {
+export async function initConfig(
+  inputs: InitConfigInputs,
+  codeql: CodeQL,
+): Promise<Config> {
  const { logger, tempDir } = inputs;

-  // if configInput is set, it takes precedence over configFile
-  if (inputs.configInput) {
-    if (inputs.configFile) {
-      logger.warning(
-        `Both a config file and config input were provided. Ignoring config file.`,
-      );
-    }
-    inputs.configFile = userConfigFromActionPath(tempDir);
-    fs.writeFileSync(inputs.configFile, inputs.configInput);
-    logger.debug(`Using config from action input: ${inputs.configFile}`);
-  }
-
-  let userConfig: UserConfig = {};
-  if (!inputs.configFile) {
-    logger.debug("No configuration file was provided");
-  } else {
-    logger.debug(`Using configuration file: ${inputs.configFile}`);
-    userConfig = await loadUserConfig(
-      inputs.configFile,
-      inputs.workspacePath,
-      inputs.apiDetails,
-      tempDir,
-    );
-  }
-
-  const config = await initActionState(inputs, userConfig);
+  const userConfig = await loadUserConfig(
+    inputs.configFile,
+    inputs.workspacePath,
+    inputs.apiDetails,
+    tempDir,
+    logger,
+  );
+  const config = await initActionState(inputs, userConfig, codeql);

  // If Code Quality analysis is the only enabled analysis kind, then we will initialise
  // the database for Code Quality. That entails disabling the default queries and only
@@ -842,10 +965,11 @@ export async function initConfig(inputs: InitConfigInputs): Promise<Config> {
  // rest of the config has been populated.
  const { overlayDatabaseMode, useOverlayDatabaseCaching } =
    await getOverlayDatabaseMode(
-      inputs.codeql,
+      codeql,
      inputs.repository,
      inputs.features,
      config.languages,
+      inputs.languagesInput,
      inputs.sourceRoot,
      config.buildMode,
      config.computedConfig,
@@ -860,11 +984,7 @@ export async function initConfig(inputs: InitConfigInputs): Promise<Config> {

  if (
    overlayDatabaseMode === OverlayDatabaseMode.Overlay ||
-    (await shouldPerformDiffInformedAnalysis(
-      inputs.codeql,
-      inputs.features,
-      logger,
-    ))
+    (await shouldPerformDiffInformedAnalysis(codeql, inputs.features, logger))
  ) {
    config.extraQueryExclusions.push({
      exclude: { tags: "exclude-from-incremental" },
--- a/src/feature-flags.ts
+++ b/src/feature-flags.ts
@@ -7,7 +7,6 @@ import { getApiClient } from "./api-client";
 import type { CodeQL } from "./codeql";
 import * as defaults from "./defaults.json";
 import { Logger } from "./logging";
-import { CODEQL_OVERLAY_MINIMUM_VERSION } from "./overlay-database-utils";
 import { RepositoryNwo } from "./repository";
 import { ToolsFeature } from "./tools-features";
 import * as util from "./util";
@@ -157,7 +156,7 @@ export const featureConfig: Record<
  [Feature.OverlayAnalysis]: {
    defaultValue: false,
    envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS",
-    minimumVersion: CODEQL_OVERLAY_MINIMUM_VERSION,
+    minimumVersion: undefined,
  },
  [Feature.OverlayAnalysisActions]: {
    defaultValue: false,
--- a/src/init-action.ts
+++ b/src/init-action.ts
@@ -42,7 +42,7 @@ import {
  runDatabaseInitCluster,
 } from "./init";
 import { KnownLanguage } from "./languages";
-import { getActionsLogger, Logger } from "./logging";
+import { getActionsLogger, Logger, withGroupAsync } from "./logging";
 import {
  downloadOverlayBaseDatabaseFromCache,
  OverlayBaseDatabaseDownloadStats,
@@ -233,6 +233,45 @@ async function run() {
    if (statusReportBase !== undefined) {
      await sendStatusReport(statusReportBase);
    }
+
+    const inputs: configUtils.InitConfigInputs = {
+      analysisKindsInput: getRequiredInput("analysis-kinds"),
+      languagesInput: getOptionalInput("languages"),
+      queriesInput: getOptionalInput("queries"),
+      qualityQueriesInput: getOptionalInput("quality-queries"),
+      packsInput: getOptionalInput("packs"),
+      buildModeInput: getOptionalInput("build-mode"),
+      configFile,
+      dbLocation: getOptionalInput("db-location"),
+      configInput: getOptionalInput("config"),
+      trapCachingEnabled: getTrapCachingEnabled(),
+      dependencyCachingEnabled: getDependencyCachingEnabled(),
+      // Debug mode is enabled if:
+      // - The `init` Action is passed `debug: true`.
+      // - Actions step debugging is enabled (e.g. by [enabling debug logging for a rerun](https://docs.github.com/en/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-all-the-jobs-in-a-workflow),
+      //   or by setting the `ACTIONS_STEP_DEBUG` secret to `true`).
+      debugMode: getOptionalInput("debug") === "true" || core.isDebug(),
+      debugArtifactName:
+        getOptionalInput("debug-artifact-name") || DEFAULT_DEBUG_ARTIFACT_NAME,
+      debugDatabaseName:
+        getOptionalInput("debug-database-name") || DEFAULT_DEBUG_DATABASE_NAME,
+      repository: repositoryNwo,
+      tempDir: getTemporaryDirectory(),
+      workspacePath: getRequiredEnvParam("GITHUB_WORKSPACE"),
+      sourceRoot,
+      githubVersion: gitHubVersion,
+      apiDetails,
+      features,
+      repositoryProperties,
+      logger,
+    };
+    configUtils.amendInputConfigFile(inputs, logger);
+
+    await withGroupAsync(
+      "Compute preliminary overlay database mode",
+      async () => configUtils.getPreliminaryOverlayDatabaseMode(inputs),
+    );
+
    const codeQLDefaultVersionInfo = await features.getDefaultCliVersion(
      gitHubVersion.type,
    );
@@ -288,47 +327,14 @@ async function run() {
    }

    // Warn that `quality-queries` is deprecated if there is an argument for it.
-    const qualityQueriesInput = getOptionalInput("quality-queries");
-
-    if (qualityQueriesInput !== undefined) {
+    if (inputs.qualityQueriesInput !== undefined) {
      logger.warning(
        "The `quality-queries` input is deprecated and will be removed in a future version of the CodeQL Action. " +
          "Use the `analysis-kinds` input to configure different analysis kinds instead.",
      );
    }

-    config = await initConfig({
-      analysisKindsInput: getRequiredInput("analysis-kinds"),
-      languagesInput: getOptionalInput("languages"),
-      queriesInput: getOptionalInput("queries"),
-      qualityQueriesInput,
-      packsInput: getOptionalInput("packs"),
-      buildModeInput: getOptionalInput("build-mode"),
-      configFile,
-      dbLocation: getOptionalInput("db-location"),
-      configInput: getOptionalInput("config"),
-      trapCachingEnabled: getTrapCachingEnabled(),
-      dependencyCachingEnabled: getDependencyCachingEnabled(),
-      // Debug mode is enabled if:
-      // - The `init` Action is passed `debug: true`.
-      // - Actions step debugging is enabled (e.g. by [enabling debug logging for a rerun](https://docs.github.com/en/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-all-the-jobs-in-a-workflow),
-      //   or by setting the `ACTIONS_STEP_DEBUG` secret to `true`).
-      debugMode: getOptionalInput("debug") === "true" || core.isDebug(),
-      debugArtifactName:
-        getOptionalInput("debug-artifact-name") || DEFAULT_DEBUG_ARTIFACT_NAME,
-      debugDatabaseName:
-        getOptionalInput("debug-database-name") || DEFAULT_DEBUG_DATABASE_NAME,
-      repository: repositoryNwo,
-      tempDir: getTemporaryDirectory(),
-      codeql,
-      workspacePath: getRequiredEnvParam("GITHUB_WORKSPACE"),
-      sourceRoot,
-      githubVersion: gitHubVersion,
-      apiDetails,
-      features,
-      repositoryProperties,
-      logger,
-    });
+    config = await initConfig(inputs, codeql);

    await checkInstallPython311(config.languages, codeql);
  } catch (unwrappedError) {
--- a/src/init.ts
+++ b/src/init.ts
@@ -60,9 +60,10 @@ export async function initCodeQL(

 export async function initConfig(
  inputs: configUtils.InitConfigInputs,
+  codeql: CodeQL,
 ): Promise<configUtils.Config> {
  return await withGroupAsync("Load language configuration", async () => {
-    return await configUtils.initConfig(inputs);
+    return await configUtils.initConfig(inputs, codeql);
  });
 }

--- a/src/overlay-language-aliases.json
+++ b/src/overlay-language-aliases.json
@@ -0,0 +1,11 @@
+{
+  "c": "cpp",
+  "c++": "cpp",
+  "c-c++": "cpp",
+  "c-cpp": "cpp",
+  "c#": "csharp",
+  "java-kotlin": "java",
+  "kotlin": "java",
+  "javascript-typescript": "javascript",
+  "typescript": "javascript"
+}
Author	SHA1	Message	Date
Chuan-kai Lin	c4d96bef6a	build: refresh js files	2025-09-26 15:13:52 -07:00
Chuan-kai Lin	c3d80a1a64	Compute preliminary overlay database mode	2025-09-26 15:13:51 -07:00
Chuan-kai Lin	57444ccc63	Add getPreliminaryOverlayDatabaseMode()	2025-09-26 15:13:51 -07:00
Chuan-kai Lin	25b6845641	Move support code into loadUserConfig()	2025-09-26 15:13:51 -07:00
Chuan-kai Lin	c079287f80	Call amendInputConfigFile() early This commit extracts into amendInputConfigFile() the code that processes configInput, and moves the call from initConfig() into init-action.ts.	2025-09-26 15:13:51 -07:00
Chuan-kai Lin	fcd4657460	Compute InitConfigInputs early	2025-09-26 15:13:50 -07:00
Chuan-kai Lin	9ebca4c820	Move codeql out of InitConfigInputs	2025-09-26 15:13:50 -07:00
Chuan-kai Lin	046ce56f57	Overlay: choose database mode without CodeQL CLI This commit makes getOverlayDatabaseMode() accept undefined as arguments for codeql and languages.	2025-09-26 15:13:50 -07:00
Chuan-kai Lin	f6247bb37b	Overlay: check features without CodeQL CLI This commit changes isOverlayAnalysisFeatureEnabled() so that it uses the overlay-language-aliases.json file to resolve language aliases instead of relying on the CodeQL CLI.	2025-09-26 15:13:50 -07:00
Chuan-kai Lin	6e69a927f6	Remove Feature.OverlayAnalysis minimumVersion getOverlayDatabaseMode() already performs the same version check, so we can remove minimumVersion from Feature.OverlayAnalysis. Doing so allows the action to perform feature checks without CodeQL CLI.	2025-09-26 15:13:50 -07:00