Merge pull request #319 from github/simon-engledew/lint-workspace

Validate the codeql-action workspace for common errors

.eslintrc.json

@@ -18,15 +18,20 @@
         "import/no-amd": "error",
         "import/no-commonjs": "error",
         "import/no-dynamic-require": "error",
-        "import/no-extraneous-dependencies": ["error", {"devDependencies": false}],
+        "import/no-extraneous-dependencies": ["error"],
         "import/no-namespace": "off",
         "import/no-unresolved": "error",
         "import/no-webpack-loader-syntax": "error",
+        "import/order": ["error", {
+            "alphabetize": {"order": "asc"},
+            "newlines-between": "always"
+        }],
         "no-async-foreach/no-async-foreach": "error",
         "no-console": "off",
         "no-sequences": "error",
-        "one-var": ["error", "never"],
-        "sort-imports": ["error", { "allowSeparatedGroups": true }]
+        "no-shadow": "off",
+        "@typescript-eslint/no-shadow": ["error"],
+        "one-var": ["error", "never"]
     },
     "overrides": [{
         // "temporarily downgraded during transition to eslint
@@ -44,16 +49,7 @@
             "@typescript-eslint/prefer-regexp-exec": "off",
             "@typescript-eslint/require-await": "off",
             "@typescript-eslint/restrict-template-expressions": "off",
-            "eslint-comments/no-use": "off",
-            "func-style": "off",
-            "github/array-foreach": "off",
-            "github/no-then": "off",
-            "import/no-extraneous-dependencies": "off",
-            "no-shadow": "off",
-            "no-sparse-arrays": "off",
-            "no-throw-literal": "off",
-            "no-useless-escape": "off",
-            "sort-imports": "off"
+            "func-style": "off"
         }
     }]
 }

.github/ISSUE_TEMPLATE/config.yml

@@ -1,5 +1,5 @@
 blank_issues_enabled: true
 contact_links:
   - name: Contact GitHub Support
-    url: https://support.github.com/contact?subject=Code+Scanning+Beta+Support&tags=code-scanning-support
-    about: Contact Support about code scanning
+    url: https://support.github.com/request
+    about: Contact Support 

.github/update-release-branch.py

@@ -123,8 +123,8 @@ def get_pr_for_commit(repo, commit):
   if prs.totalCount > 0:
     # In the case that there are multiple PRs, return the earliest one
     prs = list(prs)
-    sorted(prs, key=lambda pr: int(pr.number))
-    return prs[0]
+    sorted_prs = sorted(prs, key=lambda pr: int(pr.number))
+    return sorted_prs[0]
   else:
     return None
 

.github/workflows/codeql.yml

@@ -14,18 +14,12 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
-      with:
-        # Must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head of the pull request.
-        fetch-depth: 2
-
-    # If this run was triggered by a pull request event then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-
     - uses: ./init
+      id: init
       with:
         languages: javascript
         config-file: ./.github/codeql/codeql-config.yml
+    # confirm steps.init.outputs.codeql-path points to the codeql binary
+    - name: Print CodeQL Version
+      run: ${{steps.init.outputs.codeql-path}} version --format=json
     - uses: ./analyze

.github/workflows/integration-testing.yml

@@ -44,6 +44,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
+        tools: [~, latest]
     runs-on: ${{ matrix.os }}
 
     steps:
@@ -56,6 +57,7 @@ jobs:
         mv ../action/tests/multi-language-repo/{*,.github} .
     - uses: ./../action/init
       with:
+        tools: ${{ matrix.tools }}
         languages: cpp,csharp,java,javascript,python
         config-file: github/codeql-action/tests/multi-language-repo/.github/codeql/custom-queries.yml@${{ github.sha }}
     - name: Build code
@@ -96,6 +98,37 @@ jobs:
       env:
         TEST_MODE: true
 
+  go-custom-tracing:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest]
+    runs-on: ${{ matrix.os }}
+    env:
+      CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on"
+
+    steps:
+    - uses: actions/setup-go@v2
+      if: ${{ matrix.os ==  'macos-latest' }}
+      with:
+        go-version: '^1.13.1'
+    - uses: actions/checkout@v2
+    - name: Move codeql-action
+      shell: bash
+      run: |
+        mkdir ../action
+        mv * .github ../action/
+        mv ../action/tests/multi-language-repo/{*,.github} .
+    - uses: ./../action/init
+      with:
+        languages: go
+    - name: Build code
+      shell: bash
+      run: go build main.go
+    - uses: ./../action/analyze
+      env:
+        TEST_MODE: true
+
   multi-language-repo_rubocop:
     runs-on: ubuntu-latest
 
@@ -433,6 +466,8 @@ jobs:
   runner-upload-sarif:
     runs-on: ubuntu-latest
 
+    if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }}
+
     steps:
     - uses: actions/checkout@v2
 

.github/workflows/python-deps.yml

@@ -0,0 +1,133 @@
+name: Test Python Package Installation on Linux and Mac
+
+on:
+  push:
+    branches: [main, v1]
+  pull_request:
+
+jobs:
+
+  test-setup-python-scripts:
+    runs-on: ${{ matrix.os }}
+    strategy:
+        fail-fast: false
+        matrix:
+          os: [ubuntu-latest, macos-latest]
+          include:
+            - test_dir: python-setup/tests/pipenv/requests-2
+              test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 2
+            - test_dir: python-setup/tests/pipenv/requests-3
+              test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 3
+
+            - test_dir: python-setup/tests/poetry/requests-2
+              test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 2
+            - test_dir: python-setup/tests/poetry/requests-3
+              test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 3
+
+            - test_dir: python-setup/tests/requirements/requests-2
+              test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 2
+            - test_dir: python-setup/tests/requirements/requests-3
+              test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 3
+
+            - test_dir: python-setup/tests/setup_py/requests-2
+              test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 2
+            - test_dir: python-setup/tests/setup_py/requests-3
+              test_script: $GITHUB_WORKSPACE/python-setup/tests/check_requests_123.sh 3
+
+            # This one shouldn't fail, but also won't install packages
+            - test_dir: python-setup/tests/requirements/non-standard-location
+              test_script: test -z $LGTM_INDEX_IMPORT_PATH
+
+    steps:
+    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+    - uses: actions/checkout@v2
+
+    - name: Initialize CodeQL
+      uses: ./init
+      id: init
+      with:
+        tools: latest
+        languages: python
+        setup-python-dependencies: false
+
+    - name: Test Auto Package Installation
+      run: |
+        set -x
+        $GITHUB_WORKSPACE/python-setup/install_tools.sh
+
+        cd $GITHUB_WORKSPACE/${{ matrix.test_dir }}
+
+        case ${{ matrix.os }} in
+            ubuntu-latest*)     basePath="/opt";;
+            macos-latest*)    basePath="/Users/runner";;
+        esac
+        echo ${basePath}
+
+        $GITHUB_WORKSPACE/python-setup/auto_install_packages.py "$(dirname ${{steps.init.outputs.codeql-path}})"
+    - name: Setup for extractor
+      run: |
+        echo $CODEQL_PYTHON
+        # only run if $CODEQL_PYTHON is set
+        if [ ! -z $CODEQL_PYTHON ]; then
+            $GITHUB_WORKSPACE/python-setup/tests/from_python_exe.py $CODEQL_PYTHON;
+        fi
+    - name: Verify packages installed
+      run: |
+        ${{ matrix.test_script }}
+
+  test-setup-python-scripts-windows:
+    runs-on: windows-latest
+    strategy:
+        fail-fast: false
+        matrix:
+          include:
+            - test_dir: python-setup/tests/pipenv/requests-2
+              python_version: 2
+            - test_dir: python-setup/tests/pipenv/requests-3
+              python_version: 3
+
+            - test_dir: python-setup/tests/poetry/requests-2
+              python_version: 2
+            - test_dir: python-setup/tests/poetry/requests-3
+              python_version: 3
+
+            - test_dir: python-setup/tests/requirements/requests-2
+              python_version: 2
+            - test_dir: python-setup/tests/requirements/requests-3
+              python_version: 3
+
+            - test_dir: python-setup/tests/setup_py/requests-2
+              python_version: 2
+            - test_dir: python-setup/tests/setup_py/requests-3
+              python_version: 3
+
+    steps:
+    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+    - uses: actions/checkout@v2
+
+    - name: Initialize CodeQL
+      uses: ./init
+      with:
+        tools: latest
+        languages: python
+        setup-python-dependencies: false
+
+    - name: Test Auto Package Installation
+      run: |
+        $cmd = $Env:GITHUB_WORKSPACE + "\\python-setup\\install_tools.ps1"
+        powershell -File $cmd
+
+        cd $Env:GITHUB_WORKSPACE\\${{ matrix.test_dir }}
+        $DefaultsPath = Join-Path (Join-Path $Env:GITHUB_WORKSPACE "src") "defaults.json"
+        $CodeQLBundleName = (Get-Content -Raw -Path $DefaultsPath | ConvertFrom-Json).bundleVersion
+        $CodeQLVersion = "0.0.0-" + $CodeQLBundleName.split("-")[-1]
+        py -3 $Env:GITHUB_WORKSPACE\\python-setup\\auto_install_packages.py C:\\hostedtoolcache\\windows\\CodeQL\\$CodeQLVersion\\x64\\codeql
+    - name: Setup for extractor
+      run: |
+        echo $Env:CODEQL_PYTHON
+
+        py -3 $Env:GITHUB_WORKSPACE\\python-setup\\tests\\from_python_exe.py $Env:CODEQL_PYTHON
+    - name: Verify packages installed
+      run: |
+        $cmd = $Env:GITHUB_WORKSPACE + "\\python-setup\\tests\\check_requests_123.ps1"
+        powershell -File $cmd ${{ matrix.python_version }}

.github/workflows/release-runner.yml

@@ -0,0 +1,54 @@
+name: Release runner
+
+on:
+  workflow_dispatch:
+    inputs:
+      bundle-tag:
+        description: 'Tag of the bundle release (e.g., "codeql-bundle-20200826")'
+        required: false
+
+jobs:
+  release-runner:
+    runs-on: ubuntu-latest
+    env:
+      RELEASE_TAG: "${{ github.event.inputs.bundle-tag }}"
+
+    strategy:
+      matrix:
+        extension: ["linux", "macos", "win.exe"]
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build runner
+        run: |
+          cd runner
+          npm install
+          npm run build-runner
+
+      - uses: actions/upload-artifact@v2
+        with:
+          name: codeql-runner-${{matrix.extension}}
+          path: runner/dist/codeql-runner-${{matrix.extension}}
+
+      - name: Resolve Upload URL for the release
+        if: ${{ github.event.inputs.bundle-tag != null }}
+        id: save_url
+        run: |
+          UPLOAD_URL=$(curl -sS \
+                "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/tags/${RELEASE_TAG}" \
+                -H "Accept: application/json" \
+                -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" | jq .upload_url | sed s/\"//g)
+          echo ${UPLOAD_URL}
+          echo "::set-output name=upload_url::${UPLOAD_URL}"
+
+      - name: Upload Platform Package
+        if: ${{ github.event.inputs.bundle-tag != null }}
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.save_url.outputs.upload_url }}
+          asset_path: runner/dist/codeql-runner-${{matrix.extension}}
+          asset_name: codeql-runner-${{matrix.extension}}
+          asset_content_type: application/octet-stream

.github/workflows/split.yml

@@ -0,0 +1,73 @@
+#
+# Split the CodeQL Bundle into platform bundles
+#
+# Instructions:
+#  1. Upload the new codeql-bundle (codeql-bundle.tar.gz) as an asset of the
+#     release (codeql-bundle-20200826)
+#  2. Take note of the CLI Release used by the bundle (e.g., v2.2.5)
+#  3. Manually launch this workflow file (via the Actions UI) specifying
+#     - The CLI Release (e.g., v2.2.5)
+#     - The release tag (e.g., codeql-bundle-20200826)
+#  4. If everything succeeds you should see 3 new assets.
+#
+
+name: Split Bundle
+
+on:
+ workflow_dispatch:
+    inputs:
+      cli-release:
+        description: 'CodeQL CLI Release (e.g., "v2.2.5")'
+        required: true
+      bundle-tag:
+        description: 'Tag of the bundle release (e.g., "codeql-bundle-20200826")'
+        required: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    env:
+      CLI_RELEASE: "${{ github.event.inputs.cli-release }}"
+      RELEASE_TAG: "${{ github.event.inputs.bundle-tag }}"
+
+    strategy:
+      fail-fast: false
+      matrix:
+        platform: ["linux64", "osx64", "win64"]
+
+    steps:
+      - name: Resolve Upload URL for the release
+        id: save_url
+        run: |
+          UPLOAD_URL=$(curl -sS \
+               "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/tags/${RELEASE_TAG}" \
+               -H "Accept: application/json" \
+               -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" | jq .upload_url | sed s/\"//g)
+          echo ${UPLOAD_URL}
+          echo "::set-output name=upload_url::${UPLOAD_URL}"
+
+      - name: Download CodeQL CLI and Bundle
+        run: |
+          wget --no-verbose "https://github.com/${GITHUB_REPOSITORY}/releases/download/${RELEASE_TAG}/codeql-bundle.tar.gz"
+          wget --no-verbose "https://github.com/github/codeql-cli-binaries/releases/download/${CLI_RELEASE}/codeql-${{matrix.platform}}.zip"
+
+      - name: Create Platform Package
+        # Replace the codeql-binaries with the platform specific ones
+        run: |
+          gunzip codeql-bundle.tar.gz
+          tar -f codeql-bundle.tar --delete codeql
+          unzip -q codeql-${{matrix.platform}}.zip
+          tar -f codeql-bundle.tar --append codeql
+          gzip codeql-bundle.tar
+          mv codeql-bundle.tar.gz codeql-bundle-${{matrix.platform}}.tar.gz
+          du -sh codeql-bundle-${{matrix.platform}}.tar.gz
+
+      - name: Upload Platform Package
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.save_url.outputs.upload_url }}
+          asset_path: ./codeql-bundle-${{matrix.platform}}.tar.gz
+          asset_name: codeql-bundle-${{matrix.platform}}.tar.gz
+          asset_content_type: application/tar+gzip

.github/workflows/update-supported-enterprise-server-versions.yml

@@ -0,0 +1,43 @@
+name: Update Supported Enterprise Server Versions
+
+on:
+  schedule:
+    - cron: "0 0 * * *"
+
+jobs:
+  update-supported-enterprise-server-versions:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Setup Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: "3.7"
+      - name: Checkout CodeQL Action
+        uses: actions/checkout@v2
+      - name: Checkout Enterprise Releases
+        uses: actions/checkout@v2
+        with:
+          repository: github/enterprise-releases
+          ssh-key: ${{ secrets.ENTERPRISE_RELEASES_SSH_KEY }}
+          path: ${{ github.workspace }}/enterprise-releases/
+      - name: Update Supported Enterprise Server Versions
+        run: |
+          cd ./.github/workflows/update-supported-enterprise-server-versions/
+          python3 -m pip install pipenv
+          pipenv install
+          pipenv run ./update.py
+          rm --recursive "$ENTERPRISE_RELEASES_PATH"
+          npm run build
+        env:
+          ENTERPRISE_RELEASES_PATH: ${{ github.workspace }}/enterprise-releases/
+      - name: Commit Changes
+        uses: peter-evans/create-pull-request@c7f493a8000b8aeb17a1332e326ba76b57cb83eb # v3.4.1
+        with:
+          commit-message: Update supported GitHub Enterprise Server versions.
+          title: Update supported GitHub Enterprise Server versions.
+          body: ""
+          author: GitHub <noreply@github.com>
+          branch: update-supported-enterprise-server-versions
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/update-supported-enterprise-server-versions/Pipfile

@@ -0,0 +1,9 @@
+[[source]]
+name = "pypi"
+url = "https://pypi.org/simple"
+verify_ssl = true
+
+[dev-packages]
+
+[packages]
+semver = "*"

.github/workflows/update-supported-enterprise-server-versions/Pipfile.lock

@@ -0,0 +1,27 @@
+{
+    "_meta": {
+        "hash": {
+            "sha256": "e3ba923dcb4888e05de5448c18a732bf40197e80fabfa051a61c01b22c504879"
+        },
+        "pipfile-spec": 6,
+        "requires": {},
+        "sources": [
+            {
+                "name": "pypi",
+                "url": "https://pypi.org/simple",
+                "verify_ssl": true
+            }
+        ]
+    },
+    "default": {
+        "semver": {
+            "hashes": [
+                "sha256:ced8b23dceb22134307c1b8abfa523da14198793d9787ac838e70e29e77458d4",
+                "sha256:fa0fe2722ee1c3f57eac478820c3a5ae2f624af8264cbdf9000c980ff7f75e3f"
+            ],
+            "index": "pypi",
+            "version": "==2.13.0"
+        }
+    },
+    "develop": {}
+}

.github/workflows/update-supported-enterprise-server-versions/update.py

@@ -0,0 +1,43 @@
+#!/usr/bin/env python3
+import datetime
+import json
+import os
+import pathlib
+
+import semver
+
+_API_COMPATIBILITY_PATH = pathlib.Path(__file__).absolute().parents[3] / "src" / "api-compatibility.json"
+_ENTERPRISE_RELEASES_PATH = pathlib.Path(os.environ["ENTERPRISE_RELEASES_PATH"])
+_RELEASE_FILE_PATH = _ENTERPRISE_RELEASES_PATH / "releases.json"
+_FIRST_SUPPORTED_RELEASE = semver.VersionInfo.parse("2.22.0") # Versions older than this did not include Code Scanning.
+
+def main():
+	api_compatibility_data = json.loads(_API_COMPATIBILITY_PATH.read_text())
+
+	releases = json.loads(_RELEASE_FILE_PATH.read_text())
+	oldest_supported_release = None
+	newest_supported_release = semver.VersionInfo.parse(api_compatibility_data["maximumVersion"] + ".0")
+
+	for release_version_string, release_data in releases.items():
+		release_version = semver.VersionInfo.parse(release_version_string + ".0")
+		if release_version < _FIRST_SUPPORTED_RELEASE:
+			continue
+
+		if release_version > newest_supported_release:
+			feature_freeze_date = datetime.date.fromisoformat(release_data["feature_freeze"])
+			if feature_freeze_date < datetime.date.today() + datetime.timedelta(weeks=2):
+				newest_supported_release = release_version
+
+		if oldest_supported_release is None or release_version < oldest_supported_release:
+			end_of_life_date = datetime.date.fromisoformat(release_data["end"])
+			if end_of_life_date > datetime.date.today():
+				oldest_supported_release = release_version
+
+	api_compatibility_data = {
+		"minimumVersion": f"{oldest_supported_release.major}.{oldest_supported_release.minor}",
+		"maximumVersion": f"{newest_supported_release.major}.{newest_supported_release.minor}",
+	}
+	_API_COMPATIBILITY_PATH.write_text(json.dumps(api_compatibility_data, sort_keys=True) + "\n")
+
+if __name__ == "__main__":
+	main()

CONTRIBUTING.md

@@ -36,6 +36,7 @@ It is possible to run this action locally via [act](https://github.com/nektos/ac
 
   ```bash
   CODEQL_LOCAL_RUN=true
+  GITHUB_SERVER_URL=https://github.com
 
   # Optional, for better logging
   GITHUB_JOB=<ANY_JOB_NAME>

README.md

@@ -22,7 +22,16 @@ on:
   push:
   pull_request:
   schedule:
-    - cron: '0 0 * * 0'
+    #        ┌───────────── minute (0 - 59)
+    #        │  ┌───────────── hour (0 - 23)
+    #        │  │ ┌───────────── day of the month (1 - 31)
+    #        │  │ │ ┌───────────── month (1 - 12 or JAN-DEC)
+    #        │  │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT)
+    #        │  │ │ │ │
+    #        │  │ │ │ │
+    #        │  │ │ │ │
+    #        *  * * * *
+    - cron: '30 1 * * 0'
 
 jobs:
   CodeQL-Build:
@@ -32,17 +41,6 @@ jobs:
     steps:
       - name: Checkout repository
         uses: actions/checkout@v2
-        with:
-          # Must fetch at least the immediate parents so that if this is
-          # a pull request then we can checkout the head of the pull request.
-          # Only include this option if you are running this workflow on pull requests.
-          fetch-depth: 2
-
-      # If this run was triggered by a pull request event then checkout
-      # the head of the pull request instead of the merge commit.
-      # Only include this step if you are running this workflow on pull requests.
-      - run: git checkout HEAD^2
-        if: ${{ github.event_name == 'pull_request' }}
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL

analyze/action.yml

@@ -24,7 +24,7 @@ inputs:
     description: The number of threads to be used by CodeQL.
     required: false
   checkout_path:
-    description: "The path at which the analyzed repository was checked out. Used to relativeize any absolute paths in the uploaded SARIF file."
+    description: "The path at which the analyzed repository was checked out. Used to relativize any absolute paths in the uploaded SARIF file."
     required: false
     default: ${{ github.workspace }}
   token:

init/action.yml

@@ -1,5 +1,5 @@
 name: 'CodeQL: Init'
-description: 'Setup the CodeQL tracer'
+description: 'Set up CodeQL'
 author: 'GitHub'
 inputs:
   tools:
@@ -19,6 +19,13 @@ inputs:
   queries:
     description: Comma-separated list of additional queries to run. By default, this overrides the same setting in a configuration file; prefix with "+" to use both sets of queries.
     required: false
+  setup-python-dependencies:
+    description: Try to auto-install your python dependencies
+    required: true
+    default: 'true'
+outputs:
+  codeql-path:
+    description: The path of the CodeQL binary used for analysis
 runs:
   using: 'node12'
   main: '../lib/init-action.js'

lib/actions-util.js

@@ -7,8 +7,12 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
-const toolrunnner = __importStar(require("@actions/exec/lib/toolrunner"));
+const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
+const safeWhich = __importStar(require("@chrisgavin/safe-which"));
+const yaml = __importStar(require("js-yaml"));
 const api = __importStar(require("./api-client"));
 const sharedEnv = __importStar(require("./shared-environment"));
 const util_1 = require("./util");
@@ -58,12 +62,15 @@ function prepareLocalRunEnvironment() {
     if (!process.env.GITHUB_JOB) {
         core.exportVariable("GITHUB_JOB", "UNKNOWN-JOB");
     }
+    if (!process.env.CODEQL_ACTION_ANALYSIS_KEY) {
+        core.exportVariable("CODEQL_ACTION_ANALYSIS_KEY", `LOCAL-RUN:${process.env.GITHUB_JOB}`);
+    }
 }
 exports.prepareLocalRunEnvironment = prepareLocalRunEnvironment;
 /**
  * Gets the SHA of the commit that is currently checked out.
  */
-async function getCommitOid() {
+exports.getCommitOid = async function () {
     // Try to use git to get the current commit SHA. If that fails then
     // log but otherwise silently fall back to using the SHA from the environment.
     // The only time these two values will differ is during analysis of a PR when
@@ -73,7 +80,7 @@ async function getCommitOid() {
     // reported on the merge commit.
     try {
         let commitOid = "";
-        await new toolrunnner.ToolRunner("git", ["rev-parse", "HEAD"], {
+        await new toolrunner.ToolRunner(await safeWhich.safeWhich("git"), ["rev-parse", "HEAD"], {
             silent: true,
             listeners: {
                 stdout: (data) => {
@@ -90,12 +97,164 @@ async function getCommitOid() {
         core.info(`Failed to call git to get current commit. Continuing with data from environment: ${e}`);
         return getRequiredEnvParam("GITHUB_SHA");
     }
+};
+function isObject(o) {
+    return o !== null && typeof o === "object";
 }
-exports.getCommitOid = getCommitOid;
+var MissingTriggers;
+(function (MissingTriggers) {
+    MissingTriggers[MissingTriggers["None"] = 0] = "None";
+    MissingTriggers[MissingTriggers["Push"] = 1] = "Push";
+    MissingTriggers[MissingTriggers["PullRequest"] = 2] = "PullRequest";
+})(MissingTriggers || (MissingTriggers = {}));
+function toCodedErrors(errors) {
+    return Object.entries(errors).reduce((acc, [key, value]) => {
+        acc[key] = { message: value, code: key };
+        return acc;
+    }, {});
+}
+exports.WorkflowErrors = toCodedErrors({
+    MismatchedBranches: `Please make sure that every branch in on.pull_request is also in on.push so that Code Scanning can compare pull requests against the state of the base branch.`,
+    MissingHooks: `Please specify on.push and on.pull_request hooks so that Code Scanning can compare pull requests against the state of the base branch.`,
+    MissingPullRequestHook: `Please specify an on.pull_request hook so that Code Scanning is run against pull requests.`,
+    MissingPushHook: `Please specify an on.push hook so that Code Scanning can compare pull requests against the state of the base branch.`,
+    PathsSpecified: `Using on.push.paths can prevent Code Scanning annotating new alerts in your pull requests.`,
+    PathsIgnoreSpecified: `Using on.push.paths-ignore can prevent Code Scanning annotating new alerts in your pull requests.`,
+    CheckoutWrongHead: `git checkout HEAD^2 is no longer necessary. Please remove this step as Code Scanning recommends analyzing the merge commit for best results.`,
+});
+function validateWorkflow(doc) {
+    var _a, _b, _c, _d, _e;
+    const errors = [];
+    // .jobs[key].steps[].run
+    for (const job of Object.values(((_a = doc) === null || _a === void 0 ? void 0 : _a.jobs) || {})) {
+        for (const step of ((_b = job) === null || _b === void 0 ? void 0 : _b.steps) || []) {
+            // this was advice that we used to give in the README
+            // we actually want to run the analysis on the merge commit
+            // to produce results that are more inline with expectations
+            // (i.e: this is what will happen if you merge this PR)
+            // and avoid some race conditions
+            if (((_c = step) === null || _c === void 0 ? void 0 : _c.run) === "git checkout HEAD^2") {
+                errors.push(exports.WorkflowErrors.CheckoutWrongHead);
+            }
+        }
+    }
+    let missing = MissingTriggers.None;
+    if (doc.on === undefined) {
+        missing = MissingTriggers.Push | MissingTriggers.PullRequest;
+    }
+    else if (typeof doc.on === "string") {
+        switch (doc.on) {
+            case "push":
+                missing = MissingTriggers.PullRequest;
+                break;
+            case "pull_request":
+                missing = MissingTriggers.Push;
+                break;
+            default:
+                missing = MissingTriggers.Push | MissingTriggers.PullRequest;
+                break;
+        }
+    }
+    else if (Array.isArray(doc.on)) {
+        if (!doc.on.includes("push")) {
+            missing = missing | MissingTriggers.Push;
+        }
+        if (!doc.on.includes("pull_request")) {
+            missing = missing | MissingTriggers.PullRequest;
+        }
+    }
+    else if (isObject(doc.on)) {
+        if (!Object.prototype.hasOwnProperty.call(doc.on, "pull_request")) {
+            missing = missing | MissingTriggers.PullRequest;
+        }
+        if (!Object.prototype.hasOwnProperty.call(doc.on, "push")) {
+            missing = missing | MissingTriggers.Push;
+        }
+        else {
+            const paths = (_d = doc.on.push) === null || _d === void 0 ? void 0 : _d.paths;
+            // if you specify paths or paths-ignore you can end up with commits that have no baseline
+            // if they didn't change any files
+            // currently we cannot go back through the history and find the most recent baseline
+            if (Array.isArray(paths) && paths.length > 0) {
+                errors.push(exports.WorkflowErrors.PathsSpecified);
+            }
+            const pathsIgnore = (_e = doc.on.push) === null || _e === void 0 ? void 0 : _e["paths-ignore"];
+            if (Array.isArray(pathsIgnore) && pathsIgnore.length > 0) {
+                errors.push(exports.WorkflowErrors.PathsIgnoreSpecified);
+            }
+        }
+        if (doc.on.push) {
+            const push = doc.on.push.branches || [];
+            if (doc.on.pull_request) {
+                const pull_request = doc.on.pull_request.branches || [];
+                const difference = pull_request.filter((value) => !push.includes(value));
+                if (difference.length > 0) {
+                    // there are branches in pull_request that may not have a baseline
+                    // because we are not building them on push
+                    errors.push(exports.WorkflowErrors.MismatchedBranches);
+                }
+            }
+            else if (push.length > 0) {
+                // push is set up to run on a subset of branches
+                // and you could open a PR against a branch with no baseline
+                errors.push(exports.WorkflowErrors.MismatchedBranches);
+            }
+        }
+    }
+    switch (missing) {
+        case MissingTriggers.PullRequest | MissingTriggers.Push:
+            errors.push(exports.WorkflowErrors.MissingHooks);
+            break;
+        case MissingTriggers.PullRequest:
+            errors.push(exports.WorkflowErrors.MissingPullRequestHook);
+            break;
+        case MissingTriggers.Push:
+            errors.push(exports.WorkflowErrors.MissingPushHook);
+            break;
+    }
+    return errors;
+}
+exports.validateWorkflow = validateWorkflow;
+async function getWorkflowErrors() {
+    const workflow = await getWorkflow();
+    if (workflow === undefined) {
+        return [];
+    }
+    return validateWorkflow(workflow);
+}
+exports.getWorkflowErrors = getWorkflowErrors;
+function formatWorkflowErrors(errors) {
+    const issuesWere = errors.length === 1 ? "issue was" : "issues were";
+    const errorsList = errors.map((e) => e.message).join(" ");
+    return `${errors.length} ${issuesWere} detected with this workflow: ${errorsList}`;
+}
+exports.formatWorkflowErrors = formatWorkflowErrors;
+function formatWorkflowCause(errors) {
+    if (errors.length === 0) {
+        return undefined;
+    }
+    return errors.map((e) => e.code).join(",");
+}
+exports.formatWorkflowCause = formatWorkflowCause;
+async function getWorkflow() {
+    const relativePath = await getWorkflowPath();
+    const absolutePath = path.join(getRequiredEnvParam("GITHUB_WORKSPACE"), relativePath);
+    try {
+        return yaml.safeLoad(fs.readFileSync(absolutePath, "utf-8"));
+    }
+    catch (e) {
+        core.warning(`Could not read workflow: ${e.toString()}`);
+        return undefined;
+    }
+}
+exports.getWorkflow = getWorkflow;
 /**
  * Get the path of the currently executing workflow.
  */
 async function getWorkflowPath() {
+    if (util_1.isLocalRun()) {
+        return getRequiredEnvParam("WORKFLOW_PATH");
+    }
     const repo_nwo = getRequiredEnvParam("GITHUB_REPOSITORY").split("/");
     const owner = repo_nwo[0];
     const repo = repo_nwo[1];
@@ -144,16 +303,18 @@ exports.getAnalysisKey = getAnalysisKey;
 /**
  * Get the ref currently being analyzed.
  */
-function getRef() {
+async function getRef() {
     // Will be in the form "refs/heads/master" on a push event
     // or in the form "refs/pull/N/merge" on a pull_request event
     const ref = getRequiredEnvParam("GITHUB_REF");
-    // For pull request refs we want to convert from the 'merge' ref
-    // to the 'head' ref, as that is what we want to analyse.
-    // There should have been some code earlier in the workflow to do
-    // the checkout, but we have no way of verifying that here.
+    // For pull request refs we want to detect whether the workflow
+    // has run `git checkout HEAD^2` to analyze the 'head' ref rather
+    // than the 'merge' ref. If so, we want to convert the ref that
+    // we report back.
     const pull_ref_regex = /refs\/pull\/(\d+)\/merge/;
-    if (pull_ref_regex.test(ref)) {
+    const checkoutSha = await exports.getCommitOid();
+    if (pull_ref_regex.test(ref) &&
+        checkoutSha !== getRequiredEnvParam("GITHUB_SHA")) {
         return ref.replace(pull_ref_regex, "refs/pull/$1/head");
     }
     else {
@@ -172,7 +333,7 @@ exports.getRef = getRef;
  */
 async function createStatusReportBase(actionName, status, actionStartedAt, cause, exception) {
     const commitOid = process.env["GITHUB_SHA"] || "";
-    const ref = getRef();
+    const ref = await getRef();
     const workflowRunIDStr = process.env["GITHUB_RUN_ID"];
     let workflowRunID = -1;
     if (workflowRunIDStr) {
@@ -186,6 +347,11 @@ async function createStatusReportBase(actionName, status, actionStartedAt, cause
         workflowStartedAt = actionStartedAt.toISOString();
         core.exportVariable(sharedEnv.CODEQL_WORKFLOW_STARTED_AT, workflowStartedAt);
     }
+    // If running locally then the GITHUB_ACTION_REF cannot be trusted as it may be for the previous action
+    // See https://github.com/actions/runner/issues/803
+    const actionRef = isRunningLocalAction()
+        ? undefined
+        : process.env["GITHUB_ACTION_REF"];
     const statusReport = {
         workflow_run_id: workflowRunID,
         workflow_name: workflowName,
@@ -194,6 +360,7 @@ async function createStatusReportBase(actionName, status, actionStartedAt, cause
         commit_oid: commitOid,
         ref,
         action_name: actionName,
+        action_ref: actionRef,
         action_oid: "unknown",
         started_at: workflowStartedAt,
         action_started_at: actionStartedAt.toISOString(),
@@ -216,6 +383,10 @@ async function createStatusReportBase(actionName, status, actionStartedAt, cause
     return statusReport;
 }
 exports.createStatusReportBase = createStatusReportBase;
+function isHTTPError(arg) {
+    var _a;
+    return ((_a = arg) === null || _a === void 0 ? void 0 : _a.status) !== undefined && Number.isInteger(arg.status);
+}
 /**
  * Send a status report to the code_scanning/analysis/status endpoint.
  *
@@ -225,11 +396,7 @@ exports.createStatusReportBase = createStatusReportBase;
  *
  * Returns whether sending the status report was successful of not.
  */
-async function sendStatusReport(statusReport, ignoreFailures) {
-    if (getRequiredEnvParam("GITHUB_SERVER_URL") !== util_1.GITHUB_DOTCOM_URL) {
-        core.debug("Not sending status report to GitHub Enterprise");
-        return true;
-    }
+async function sendStatusReport(statusReport) {
     if (util_1.isLocalRun()) {
         core.debug("Not sending status report because this is a local run");
         return true;
@@ -239,28 +406,56 @@ async function sendStatusReport(statusReport, ignoreFailures) {
     const nwo = getRequiredEnvParam("GITHUB_REPOSITORY");
     const [owner, repo] = nwo.split("/");
     const client = api.getActionsApiClient();
-    const statusResponse = await client.request("PUT /repos/:owner/:repo/code-scanning/analysis/status", {
-        owner,
-        repo,
-        data: statusReportJSON,
-    });
-    if (!ignoreFailures) {
-        // If the status report request fails with a 403 or a 404, then this is a deliberate
-        // message from the endpoint that the SARIF upload can be expected to fail too,
-        // so the action should fail to avoid wasting actions minutes.
-        //
-        // Other failure responses (or lack thereof) could be transitory and should not
-        // cause the action to fail.
-        if (statusResponse.status === 403) {
-            core.setFailed("The repo on which this action is running is not opted-in to CodeQL code scanning.");
-            return false;
-        }
-        if (statusResponse.status === 404) {
-            core.setFailed("Not authorized to used the CodeQL code scanning feature on this repo.");
-            return false;
-        }
+    try {
+        await client.request("PUT /repos/:owner/:repo/code-scanning/analysis/status", {
+            owner,
+            repo,
+            data: statusReportJSON,
+        });
+        return true;
+    }
+    catch (e) {
+        if (isHTTPError(e)) {
+            switch (e.status) {
+                case 403:
+                    core.setFailed("The repo on which this action is running is not opted-in to CodeQL code scanning.");
+                    return false;
+                case 404:
+                    core.setFailed("Not authorized to used the CodeQL code scanning feature on this repo.");
+                    return false;
+                case 422:
+                    // schema incompatibility when reporting status
+                    // this means that this action version is no longer compatible with the API
+                    // we still want to continue as it is likely the analysis endpoint will work
+                    if (getRequiredEnvParam("GITHUB_SERVER_URL") !== util_1.GITHUB_DOTCOM_URL) {
+                        core.warning("CodeQL Action version is incompatible with the code scanning endpoint. Please update to a compatible version of codeql-action.");
+                    }
+                    else {
+                        core.warning("CodeQL Action is out-of-date. Please upgrade to the latest version of codeql-action.");
+                    }
+                    return true;
+            }
+        }
+        // something else has gone wrong and the request/response will be logged by octokit
+        // it's possible this is a transient error and we should continue scanning
+        core.error("An unexpected error occured when sending code scanning status report.");
+        return true;
     }
-    return true;
 }
 exports.sendStatusReport = sendStatusReport;
+// Is the current action executing a local copy (i.e. we're running a workflow on the codeql-action repo itself)
+// as opposed to running a remote action (i.e. when another repo references us)
+function isRunningLocalAction() {
+    const relativeScriptPath = getRelativeScriptPath();
+    return (relativeScriptPath.startsWith("..") || path.isAbsolute(relativeScriptPath));
+}
+exports.isRunningLocalAction = isRunningLocalAction;
+// Get the location where the action is running from.
+// This can be used to get the actions name or tell if we're running a local action.
+function getRelativeScriptPath() {
+    const runnerTemp = getRequiredEnvParam("RUNNER_TEMP");
+    const actionsDirectory = path.join(path.dirname(runnerTemp), "_actions");
+    return path.relative(actionsDirectory, __filename);
+}
+exports.getRelativeScriptPath = getRelativeScriptPath;
 //# sourceMappingURL=actions-util.js.map

lib/actions-util.test.js

@@ -2,30 +2,185 @@
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 const ava_1 = __importDefault(require("ava"));
-const actions_util_1 = require("./actions-util");
+const sinon_1 = __importDefault(require("sinon"));
+const actionsutil = __importStar(require("./actions-util"));
 const testing_utils_1 = require("./testing-utils");
 testing_utils_1.setupTests(ava_1.default);
-ava_1.default("getRef() throws on the empty string", (t) => {
+ava_1.default("getRef() throws on the empty string", async (t) => {
     process.env["GITHUB_REF"] = "";
-    t.throws(actions_util_1.getRef);
+    await t.throwsAsync(actionsutil.getRef);
+});
+ava_1.default("getRef() returns merge PR ref if GITHUB_SHA still checked out", async (t) => {
+    const expectedRef = "refs/pull/1/merge";
+    const currentSha = "a".repeat(40);
+    process.env["GITHUB_REF"] = expectedRef;
+    process.env["GITHUB_SHA"] = currentSha;
+    sinon_1.default.stub(actionsutil, "getCommitOid").resolves(currentSha);
+    const actualRef = await actionsutil.getRef();
+    t.deepEqual(actualRef, expectedRef);
+});
+ava_1.default("getRef() returns head PR ref if GITHUB_SHA not currently checked out", async (t) => {
+    process.env["GITHUB_REF"] = "refs/pull/1/merge";
+    process.env["GITHUB_SHA"] = "a".repeat(40);
+    sinon_1.default.stub(actionsutil, "getCommitOid").resolves("b".repeat(40));
+    const actualRef = await actionsutil.getRef();
+    t.deepEqual(actualRef, "refs/pull/1/head");
+});
+ava_1.default("getAnalysisKey() when a local run", async (t) => {
+    process.env.CODEQL_LOCAL_RUN = "true";
+    process.env.CODEQL_ACTION_ANALYSIS_KEY = "";
+    process.env.GITHUB_JOB = "";
+    actionsutil.prepareLocalRunEnvironment();
+    const actualAnalysisKey = await actionsutil.getAnalysisKey();
+    t.deepEqual(actualAnalysisKey, "LOCAL-RUN:UNKNOWN-JOB");
 });
 ava_1.default("prepareEnvironment() when a local run", (t) => {
-    const origLocalRun = process.env.CODEQL_LOCAL_RUN;
     process.env.CODEQL_LOCAL_RUN = "false";
     process.env.GITHUB_JOB = "YYY";
-    actions_util_1.prepareLocalRunEnvironment();
+    process.env.CODEQL_ACTION_ANALYSIS_KEY = "TEST";
+    actionsutil.prepareLocalRunEnvironment();
     // unchanged
     t.deepEqual(process.env.GITHUB_JOB, "YYY");
+    t.deepEqual(process.env.CODEQL_ACTION_ANALYSIS_KEY, "TEST");
     process.env.CODEQL_LOCAL_RUN = "true";
-    actions_util_1.prepareLocalRunEnvironment();
+    actionsutil.prepareLocalRunEnvironment();
     // unchanged
     t.deepEqual(process.env.GITHUB_JOB, "YYY");
+    t.deepEqual(process.env.CODEQL_ACTION_ANALYSIS_KEY, "TEST");
+    process.env.CODEQL_ACTION_ANALYSIS_KEY = "";
+    actionsutil.prepareLocalRunEnvironment();
+    // updated
+    t.deepEqual(process.env.GITHUB_JOB, "YYY");
+    t.deepEqual(process.env.CODEQL_ACTION_ANALYSIS_KEY, "LOCAL-RUN:YYY");
     process.env.GITHUB_JOB = "";
-    actions_util_1.prepareLocalRunEnvironment();
+    process.env.CODEQL_ACTION_ANALYSIS_KEY = "";
+    actionsutil.prepareLocalRunEnvironment();
     // updated
     t.deepEqual(process.env.GITHUB_JOB, "UNKNOWN-JOB");
-    process.env.CODEQL_LOCAL_RUN = origLocalRun;
+    t.deepEqual(process.env.CODEQL_ACTION_ANALYSIS_KEY, "LOCAL-RUN:UNKNOWN-JOB");
+});
+ava_1.default("validateWorkflow() when on is missing", (t) => {
+    const errors = actionsutil.validateWorkflow({});
+    t.deepEqual(errors, [actionsutil.WorkflowErrors.MissingHooks]);
+});
+ava_1.default("validateWorkflow() when on.push is missing", (t) => {
+    const errors = actionsutil.validateWorkflow({ on: {} });
+    console.log(errors);
+    t.deepEqual(errors, [actionsutil.WorkflowErrors.MissingHooks]);
+});
+ava_1.default("validateWorkflow() when on.push is an array missing pull_request", (t) => {
+    const errors = actionsutil.validateWorkflow({ on: ["push"] });
+    t.deepEqual(errors, [actionsutil.WorkflowErrors.MissingPullRequestHook]);
+});
+ava_1.default("validateWorkflow() when on.push is an array missing push", (t) => {
+    const errors = actionsutil.validateWorkflow({ on: ["pull_request"] });
+    t.deepEqual(errors, [actionsutil.WorkflowErrors.MissingPushHook]);
+});
+ava_1.default("validateWorkflow() when on.push is valid", (t) => {
+    const errors = actionsutil.validateWorkflow({
+        on: ["push", "pull_request"],
+    });
+    t.deepEqual(errors.length, 0);
+});
+ava_1.default("validateWorkflow() when on.push is a valid superset", (t) => {
+    const errors = actionsutil.validateWorkflow({
+        on: ["push", "pull_request", "schedule"],
+    });
+    t.deepEqual(errors.length, 0);
+});
+ava_1.default("validateWorkflow() when on.push should not have a path", (t) => {
+    const errors = actionsutil.validateWorkflow({
+        on: {
+            push: { branches: ["main"], paths: ["test/*"] },
+            pull_request: { branches: ["main"] },
+        },
+    });
+    t.deepEqual(errors, [actionsutil.WorkflowErrors.PathsSpecified]);
+});
+ava_1.default("validateWorkflow() when on.push is a correct object", (t) => {
+    const errors = actionsutil.validateWorkflow({
+        on: { push: { branches: ["main"] }, pull_request: { branches: ["main"] } },
+    });
+    t.deepEqual(errors.length, 0);
+});
+ava_1.default("validateWorkflow() when on.push is correct with empty objects", (t) => {
+    const errors = actionsutil.validateWorkflow({
+        on: { push: undefined, pull_request: undefined },
+    });
+    console.log(errors);
+    t.deepEqual(errors.length, 0);
+});
+ava_1.default("validateWorkflow() when on.push is mismatched", (t) => {
+    const errors = actionsutil.validateWorkflow({
+        on: {
+            push: { branches: ["main"] },
+            pull_request: { branches: ["feature"] },
+        },
+    });
+    t.deepEqual(errors, [actionsutil.WorkflowErrors.MismatchedBranches]);
+});
+ava_1.default("validateWorkflow() when on.push is not mismatched", (t) => {
+    const errors = actionsutil.validateWorkflow({
+        on: {
+            push: { branches: ["main", "feature"] },
+            pull_request: { branches: ["main"] },
+        },
+    });
+    t.deepEqual(errors.length, 0);
+});
+ava_1.default("validateWorkflow() when on.push is mismatched for pull_request", (t) => {
+    const errors = actionsutil.validateWorkflow({
+        on: {
+            push: { branches: ["main"] },
+            pull_request: { branches: ["main", "feature"] },
+        },
+    });
+    t.deepEqual(errors, [actionsutil.WorkflowErrors.MismatchedBranches]);
+});
+ava_1.default("validateWorkflow() when on.pull_request for every branch but push specifies branches", (t) => {
+    const errors = actionsutil.validateWorkflow({
+        on: {
+            push: { branches: ["main"] },
+            pull_request: null,
+        },
+    });
+    t.deepEqual(errors, [actionsutil.WorkflowErrors.MismatchedBranches]);
+});
+ava_1.default("validateWorkflow() when HEAD^2 is checked out", (t) => {
+    const errors = actionsutil.validateWorkflow({
+        on: ["push", "pull_request"],
+        jobs: { test: { steps: [{ run: "git checkout HEAD^2" }] } },
+    });
+    t.deepEqual(errors, [actionsutil.WorkflowErrors.CheckoutWrongHead]);
+});
+ava_1.default("formatWorkflowErrors() when there is one error", (t) => {
+    const message = actionsutil.formatWorkflowErrors([
+        actionsutil.WorkflowErrors.CheckoutWrongHead,
+    ]);
+    t.true(message.startsWith("1 issue was detected with this workflow:"));
+});
+ava_1.default("formatWorkflowErrors() when there are multiple errors", (t) => {
+    const message = actionsutil.formatWorkflowErrors([
+        actionsutil.WorkflowErrors.CheckoutWrongHead,
+        actionsutil.WorkflowErrors.PathsSpecified,
+    ]);
+    t.true(message.startsWith("2 issues were detected with this workflow:"));
+});
+ava_1.default("formatWorkflowCause()", (t) => {
+    const message = actionsutil.formatWorkflowCause([
+        actionsutil.WorkflowErrors.CheckoutWrongHead,
+        actionsutil.WorkflowErrors.PathsSpecified,
+    ]);
+    t.deepEqual(message, "CheckoutWrongHead,PathsSpecified");
+    t.deepEqual(actionsutil.formatWorkflowCause([]), undefined);
 });
 //# sourceMappingURL=actions-util.test.js.map

lib/analysis-paths.js

@@ -1,10 +1,18 @@
 "use strict";
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
 Object.defineProperty(exports, "__esModule", { value: true });
+const path = __importStar(require("path"));
 function isInterpretedLanguage(language) {
     return language === "javascript" || language === "python";
 }
 // Matches a string containing only characters that are legal to include in paths on windows.
-exports.legalWindowsPathCharactersRegex = /^[^<>:"\|?]*$/;
+exports.legalWindowsPathCharactersRegex = /^[^<>:"|?]*$/;
 // Builds an environment variable suitable for LGTM_INDEX_INCLUDE or LGTM_INDEX_EXCLUDE
 function buildIncludeExcludeEnvVar(paths) {
     // Ignore anything containing a *
@@ -35,8 +43,18 @@ function includeAndExcludeAnalysisPaths(config) {
     if (config.paths.length !== 0) {
         process.env["LGTM_INDEX_INCLUDE"] = buildIncludeExcludeEnvVar(config.paths);
     }
-    if (config.pathsIgnore.length !== 0) {
-        process.env["LGTM_INDEX_EXCLUDE"] = buildIncludeExcludeEnvVar(config.pathsIgnore);
+    // If the temporary or tools directory is in the working directory ignore that too.
+    const tempRelativeToWorking = path.relative(process.cwd(), config.tempDir);
+    const toolsRelativeToWorking = path.relative(process.cwd(), config.toolCacheDir);
+    let pathsIgnore = config.pathsIgnore;
+    if (!tempRelativeToWorking.startsWith("..")) {
+        pathsIgnore = pathsIgnore.concat(tempRelativeToWorking);
+    }
+    if (!toolsRelativeToWorking.startsWith("..")) {
+        pathsIgnore = pathsIgnore.concat(toolsRelativeToWorking);
+    }
+    if (pathsIgnore.length !== 0) {
+        process.env["LGTM_INDEX_EXCLUDE"] = buildIncludeExcludeEnvVar(pathsIgnore);
     }
     // The 'LGTM_INDEX_FILTERS' environment variable controls which files are
     // extracted or ignored. It does not control which directories are traversed.

lib/analysis-paths.js.map

@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;AAGA,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,CAAC;AAC5D,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,eAAe,CAAC;AAE/D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,oEAAoE;IACpE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,4FAA4F,CAC7F,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QACnC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAC3D,MAAM,CAAC,WAAW,CACnB,CAAC;KACH;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AA1BD,wEA0BC"}
+{"version":3,"file":"analysis-paths.js","sourceRoot":"","sources":["../src/analysis-paths.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAA6B;AAK7B,SAAS,qBAAqB,CAAC,QAAQ;IACrC,OAAO,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,QAAQ,CAAC;AAC5D,CAAC;AAED,6FAA6F;AAChF,QAAA,+BAA+B,GAAG,cAAc,CAAC;AAE9D,uFAAuF;AACvF,SAAS,yBAAyB,CAAC,KAAe;IAChD,iCAAiC;IACjC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnD,uDAAuD;IACvD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uCAA+B,CAAC,CAAC,CAAC;KACvE;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAgB,uBAAuB,CACrC,MAA0B,EAC1B,MAAc;IAEd,oEAAoE;IACpE,sEAAsE;IACtE,IACE,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QAC9D,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAC9C;QACA,MAAM,CAAC,OAAO,CACZ,4FAA4F,CAC7F,CAAC;KACH;AACH,CAAC;AAdD,0DAcC;AAED,SAAgB,8BAA8B,CAAC,MAA0B;IACvE,0EAA0E;IAC1E,+DAA+D;IAC/D,sEAAsE;IACtE,qDAAqD;IACrD,gFAAgF;IAChF,sEAAsE;IACtE,sDAAsD;IACtD,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KAC7E;IACD,mFAAmF;IACnF,MAAM,qBAAqB,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3E,MAAM,sBAAsB,GAAG,IAAI,CAAC,QAAQ,CAC1C,OAAO,CAAC,GAAG,EAAE,EACb,MAAM,CAAC,YAAY,CACpB,CAAC;IACF,IAAI,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACrC,IAAI,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;QAC3C,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACzD;IACD,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;QAC5C,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;KAC1D;IACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;QAC5B,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC5E;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wDAAwD;IACxD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACxD;AACH,CAAC;AArCD,wEAqCC"}

lib/analysis-paths.test.js

@@ -1,7 +1,4 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 var __importStar = (this && this.__importStar) || function (mod) {
     if (mod && mod.__esModule) return mod;
     var result = {};
@@ -9,7 +6,11 @@ var __importStar = (this && this.__importStar) || function (mod) {
     result["default"] = mod;
     return result;
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
+const path = __importStar(require("path"));
 const ava_1 = __importDefault(require("ava"));
 const analysisPaths = __importStar(require("./analysis-paths"));
 const testing_utils_1 = require("./testing-utils");
@@ -51,4 +52,23 @@ ava_1.default("nonEmptyPaths", async (t) => {
         t.is(process.env["LGTM_INDEX_FILTERS"], "include:path1\ninclude:path2\ninclude:**/path3\nexclude:path4\nexclude:path5\nexclude:path6/**");
     });
 });
+ava_1.default("exclude temp dir", async (t) => {
+    return await util.withTmpDir(async (toolCacheDir) => {
+        const tempDir = path.join(process.cwd(), "codeql-runner-temp");
+        const config = {
+            languages: [],
+            queries: {},
+            pathsIgnore: [],
+            paths: [],
+            originalUserInput: {},
+            tempDir,
+            toolCacheDir,
+            codeQLCmd: "",
+        };
+        analysisPaths.includeAndExcludeAnalysisPaths(config);
+        t.is(process.env["LGTM_INDEX_INCLUDE"], undefined);
+        t.is(process.env["LGTM_INDEX_EXCLUDE"], "codeql-runner-temp");
+        t.is(process.env["LGTM_INDEX_FILTERS"], undefined);
+    });
+});
 //# sourceMappingURL=analysis-paths.test.js.map

lib/analysis-paths.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,0BAAU,CAAC,aAAI,CAAC,CAAC;AAEjB,aAAI,CAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,EAAE;SACd,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,EAAE;SACd,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analysis-paths.test.js","sourceRoot":"","sources":["../src/analysis-paths.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA6B;AAE7B,8CAAuB;AAEvB,gEAAkD;AAClD,mDAA6C;AAC7C,6CAA+B;AAE/B,0BAAU,CAAC,aAAI,CAAC,CAAC;AAEjB,aAAI,CAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC7B,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,EAAE;SACd,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAChC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YACrC,WAAW,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;YAC3C,iBAAiB,EAAE,EAAE;YACrB,OAAO,EAAE,MAAM;YACf,YAAY,EAAE,MAAM;YACpB,SAAS,EAAE,EAAE;SACd,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,EAAE,CACF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EACjC,gGAAgG,CACjG,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,aAAI,CAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC,CAAC;QAC/D,MAAM,MAAM,GAAG;YACb,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,KAAK,EAAE,EAAE;YACT,iBAAiB,EAAE,EAAE;YACrB,OAAO;YACP,YAAY;YACZ,SAAS,EAAE,EAAE;SACd,CAAC;QACF,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;QACnD,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,oBAAoB,CAAC,CAAC;QAC9D,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,SAAS,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/analyze-action.js

@@ -31,7 +31,7 @@ async function run() {
     let stats = undefined;
     try {
         actionsUtil.prepareLocalRunEnvironment();
-        if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("finish", "starting", startedAt), true))) {
+        if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("finish", "starting", startedAt)))) {
             return;
         }
         const logger = logging_1.getActionsLogger();
@@ -39,18 +39,31 @@ async function run() {
         if (config === undefined) {
             throw new Error("Config file could not be found at expected location. Has the 'init' action been called?");
         }
-        stats = await analyze_1.runAnalyze(repository_1.parseRepositoryNwo(actionsUtil.getRequiredEnvParam("GITHUB_REPOSITORY")), await actionsUtil.getCommitOid(), actionsUtil.getRef(), await actionsUtil.getAnalysisKey(), actionsUtil.getRequiredEnvParam("GITHUB_WORKFLOW"), actionsUtil.getWorkflowRunID(), actionsUtil.getRequiredInput("checkout_path"), actionsUtil.getRequiredInput("matrix"), actionsUtil.getRequiredInput("token"), actionsUtil.getRequiredEnvParam("GITHUB_SERVER_URL"), actionsUtil.getRequiredInput("upload") === "true", "actions", actionsUtil.getRequiredInput("output"), util.getMemoryFlag(actionsUtil.getOptionalInput("ram")), util.getAddSnippetsFlag(actionsUtil.getRequiredInput("add-snippets")), util.getThreadsFlag(actionsUtil.getOptionalInput("threads"), logger), config, logger);
+        const apiDetails = {
+            auth: actionsUtil.getRequiredInput("token"),
+            url: actionsUtil.getRequiredEnvParam("GITHUB_SERVER_URL"),
+        };
+        stats = await analyze_1.runAnalyze(repository_1.parseRepositoryNwo(actionsUtil.getRequiredEnvParam("GITHUB_REPOSITORY")), await actionsUtil.getCommitOid(), await actionsUtil.getRef(), await actionsUtil.getAnalysisKey(), actionsUtil.getRequiredEnvParam("GITHUB_WORKFLOW"), actionsUtil.getWorkflowRunID(), actionsUtil.getRequiredInput("checkout_path"), actionsUtil.getRequiredInput("matrix"), apiDetails, actionsUtil.getRequiredInput("upload") === "true", "actions", actionsUtil.getRequiredInput("output"), util.getMemoryFlag(actionsUtil.getOptionalInput("ram")), util.getAddSnippetsFlag(actionsUtil.getRequiredInput("add-snippets")), util.getThreadsFlag(actionsUtil.getOptionalInput("threads"), logger), config, logger);
     }
     catch (error) {
         core.setFailed(error.message);
         console.log(error);
+        if (error instanceof analyze_1.CodeQLAnalysisError) {
+            stats = { ...error.queriesStatusReport };
+        }
         await sendStatusReport(startedAt, stats, error);
         return;
     }
     await sendStatusReport(startedAt, stats);
 }
-run().catch((e) => {
-    core.setFailed(`analyze action failed: ${e}`);
-    console.log(e);
-});
+async function runWrapper() {
+    try {
+        await run();
+    }
+    catch (error) {
+        core.setFailed(`analyze action failed: ${error}`);
+        console.log(error);
+    }
+}
+void runWrapper();
 //# sourceMappingURL=analyze-action.js.map

lib/analyze-action.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action.js","sourceRoot":"","sources":["../src/analyze-action.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,uCAA6D;AAC7D,iDAA2C;AAC3C,uCAA6C;AAC7C,6CAAkD;AAClD,6CAA+B;AAM/B,KAAK,UAAU,gBAAgB,CAC7B,SAAe,EACf,KAAuC,EACvC,KAAa;;IAEb,MAAM,MAAM,GACV,OAAA,KAAK,0CAAE,wBAAwB,MAAK,SAAS,IAAI,KAAK,KAAK,SAAS;QAClE,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,QAAQ,EACR,MAAM,EACN,SAAS,QACT,KAAK,0CAAE,OAAO,QACd,KAAK,0CAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAAuB;QACvC,GAAG,gBAAgB;QACnB,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;KACjB,CAAC;IACF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAI,KAAK,GAAqC,SAAS,CAAC;IACxD,IAAI;QACF,WAAW,CAAC,0BAA0B,EAAE,CAAC;QACzC,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CACtC,QAAQ,EACR,UAAU,EACV,SAAS,CACV,EACD,IAAI,CACL,CAAC,EACF;YACA,OAAO;SACR;QACD,MAAM,MAAM,GAAG,0BAAgB,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG,MAAM,wBAAS,CAC5B,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,MAAM,CACP,CAAC;QACF,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QACD,KAAK,GAAG,MAAM,oBAAU,CACtB,+BAAkB,CAAC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,CAAC,EACxE,MAAM,WAAW,CAAC,YAAY,EAAE,EAChC,WAAW,CAAC,MAAM,EAAE,EACpB,MAAM,WAAW,CAAC,cAAc,EAAE,EAClC,WAAW,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,EAClD,WAAW,CAAC,gBAAgB,EAAE,EAC9B,WAAW,CAAC,gBAAgB,CAAC,eAAe,CAAC,EAC7C,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,EACtC,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,KAAK,MAAM,EACjD,SAAS,EACT,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,EACtC,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,EACvD,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAC,EACrE,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,EACpE,MAAM,EACN,MAAM,CACP,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,gBAAgB,CAAC,SAAS,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QAChD,OAAO;KACR;IAED,MAAM,gBAAgB,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;AAC3C,CAAC;AAED,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IAChB,IAAI,CAAC,SAAS,CAAC,0BAA0B,CAAC,EAAE,CAAC,CAAC;IAC9C,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACjB,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze-action.js","sourceRoot":"","sources":["../src/analyze-action.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,uCAImB;AACnB,iDAA2C;AAC3C,uCAA6C;AAC7C,6CAAkD;AAClD,6CAA+B;AAM/B,KAAK,UAAU,gBAAgB,CAC7B,SAAe,EACf,KAAuC,EACvC,KAAa;;IAEb,MAAM,MAAM,GACV,OAAA,KAAK,0CAAE,wBAAwB,MAAK,SAAS,IAAI,KAAK,KAAK,SAAS;QAClE,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,QAAQ,EACR,MAAM,EACN,SAAS,QACT,KAAK,0CAAE,OAAO,QACd,KAAK,0CAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAAuB;QACvC,GAAG,gBAAgB;QACnB,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;KACjB,CAAC;IACF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAI,KAAK,GAAqC,SAAS,CAAC;IACxD,IAAI;QACF,WAAW,CAAC,0BAA0B,EAAE,CAAC;QACzC,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CACtC,QAAQ,EACR,UAAU,EACV,SAAS,CACV,CACF,CAAC,EACF;YACA,OAAO;SACR;QACD,MAAM,MAAM,GAAG,0BAAgB,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG,MAAM,wBAAS,CAC5B,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,MAAM,CACP,CAAC;QACF,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QACD,MAAM,UAAU,GAAG;YACjB,IAAI,EAAE,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC;YAC3C,GAAG,EAAE,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC;SAC1D,CAAC;QACF,KAAK,GAAG,MAAM,oBAAU,CACtB,+BAAkB,CAAC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,CAAC,EACxE,MAAM,WAAW,CAAC,YAAY,EAAE,EAChC,MAAM,WAAW,CAAC,MAAM,EAAE,EAC1B,MAAM,WAAW,CAAC,cAAc,EAAE,EAClC,WAAW,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,EAClD,WAAW,CAAC,gBAAgB,EAAE,EAC9B,WAAW,CAAC,gBAAgB,CAAC,eAAe,CAAC,EAC7C,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,EACtC,UAAU,EACV,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,KAAK,MAAM,EACjD,SAAS,EACT,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,EACtC,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,EACvD,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAC,EACrE,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,EACpE,MAAM,EACN,MAAM,CACP,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAEnB,IAAI,KAAK,YAAY,6BAAmB,EAAE;YACxC,KAAK,GAAG,EAAE,GAAG,KAAK,CAAC,mBAAmB,EAAE,CAAC;SAC1C;QAED,MAAM,gBAAgB,CAAC,SAAS,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QAChD,OAAO;KACR;IAED,MAAM,gBAAgB,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;AAC3C,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,0BAA0B,KAAK,EAAE,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

lib/analyze.js

@@ -9,12 +9,46 @@ var __importStar = (this && this.__importStar) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
+const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const analysisPaths = __importStar(require("./analysis-paths"));
 const codeql_1 = require("./codeql");
 const languages_1 = require("./languages");
 const sharedEnv = __importStar(require("./shared-environment"));
 const upload_lib = __importStar(require("./upload-lib"));
 const util = __importStar(require("./util"));
+class CodeQLAnalysisError extends Error {
+    constructor(queriesStatusReport, message) {
+        super(message);
+        this.name = "CodeQLAnalysisError";
+        this.queriesStatusReport = queriesStatusReport;
+    }
+}
+exports.CodeQLAnalysisError = CodeQLAnalysisError;
+async function setupPythonExtractor(logger) {
+    const codeqlPython = process.env["CODEQL_PYTHON"];
+    if (codeqlPython === undefined || codeqlPython.length === 0) {
+        // If CODEQL_PYTHON is not set, no dependencies were installed, so we don't need to do anything
+        return;
+    }
+    let output = "";
+    const options = {
+        listeners: {
+            stdout: (data) => {
+                output += data.toString();
+            },
+        },
+    };
+    await new toolrunner.ToolRunner(codeqlPython, [
+        "-c",
+        "import os; import pip; print(os.path.dirname(os.path.dirname(pip.__file__)))",
+    ], options).exec();
+    logger.info(`Setting LGTM_INDEX_IMPORT_PATH=${output}`);
+    process.env["LGTM_INDEX_IMPORT_PATH"] = output;
+    output = "";
+    await new toolrunner.ToolRunner(codeqlPython, ["-c", "import sys; print(sys.version_info[0])"], options).exec();
+    logger.info(`Setting LGTM_PYTHON_SETUP_VERSION=${output}`);
+    process.env["LGTM_PYTHON_SETUP_VERSION"] = output;
+}
 async function createdDBForScannedLanguages(config, logger) {
     // Insert the LGTM_INDEX_X env vars at this point so they are set when
     // we extract any scanned languages.
@@ -23,17 +57,20 @@ async function createdDBForScannedLanguages(config, logger) {
     for (const language of config.languages) {
         if (languages_1.isScannedLanguage(language)) {
             logger.startGroup(`Extracting ${language}`);
+            if (language === languages_1.Language.python) {
+                await setupPythonExtractor(logger);
+            }
             await codeql.extractScannedLanguage(util.getCodeQLDatabasePath(config.tempDir, language), language);
             logger.endGroup();
         }
     }
 }
-async function finalizeDatabaseCreation(config, logger) {
+async function finalizeDatabaseCreation(config, threadsFlag, logger) {
     await createdDBForScannedLanguages(config, logger);
     const codeql = codeql_1.getCodeQL(config.codeQLCmd);
     for (const language of config.languages) {
         logger.startGroup(`Finalizing ${language}`);
-        await codeql.finalizeDatabase(util.getCodeQLDatabasePath(config.tempDir, language));
+        await codeql.finalizeDatabase(util.getCodeQLDatabasePath(config.tempDir, language), threadsFlag);
         logger.endGroup();
     }
 }
@@ -72,28 +109,27 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
             }
         }
         catch (e) {
-            logger.error(`Error running analysis for ${language}: ${e}`);
             logger.info(e);
             statusReport.analyze_failure_language = language;
-            return statusReport;
+            throw new CodeQLAnalysisError(statusReport, `Error running analysis for ${language}: ${e}`);
         }
     }
     return statusReport;
 }
 exports.runQueries = runQueries;
-async function runAnalyze(repositoryNwo, commitOid, ref, analysisKey, analysisName, workflowRunID, checkoutPath, environment, githubAuth, githubUrl, doUpload, mode, outputDir, memoryFlag, addSnippetsFlag, threadsFlag, config, logger) {
+async function runAnalyze(repositoryNwo, commitOid, ref, analysisKey, analysisName, workflowRunID, checkoutPath, environment, apiDetails, doUpload, mode, outputDir, memoryFlag, addSnippetsFlag, threadsFlag, config, logger) {
     // Delete the tracer config env var to avoid tracing ourselves
     delete process.env[sharedEnv.ODASA_TRACER_CONFIGURATION];
     fs.mkdirSync(outputDir, { recursive: true });
     logger.info("Finalizing database creation");
-    await finalizeDatabaseCreation(config, logger);
+    await finalizeDatabaseCreation(config, threadsFlag, logger);
     logger.info("Analyzing database");
     const queriesStats = await runQueries(outputDir, memoryFlag, addSnippetsFlag, threadsFlag, config, logger);
     if (!doUpload) {
         logger.info("Not uploading results");
         return { ...queriesStats };
     }
-    const uploadStats = await upload_lib.upload(outputDir, repositoryNwo, commitOid, ref, analysisKey, analysisName, workflowRunID, checkoutPath, environment, githubAuth, githubUrl, mode, logger);
+    const uploadStats = await upload_lib.upload(outputDir, repositoryNwo, commitOid, ref, analysisKey, analysisName, workflowRunID, checkoutPath, environment, apiDetails, mode, logger);
     return { ...queriesStats, ...uploadStats };
 }
 exports.runAnalyze = runAnalyze;

lib/analyze.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze.js","sourceRoot":"","sources":["../src/analyze.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,gEAAkD;AAClD,qCAAqC;AAErC,2CAAgD;AAGhD,gEAAkD;AAClD,yDAA2C;AAC3C,6CAA+B;AAmC/B,KAAK,UAAU,4BAA4B,CACzC,MAA0B,EAC1B,MAAc;IAEd,sEAAsE;IACtE,oCAAoC;IACpC,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;IAErD,MAAM,MAAM,GAAG,kBAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC3C,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,IAAI,6BAAiB,CAAC,QAAQ,CAAC,EAAE;YAC/B,MAAM,CAAC,UAAU,CAAC,cAAc,QAAQ,EAAE,CAAC,CAAC;YAC5C,MAAM,MAAM,CAAC,sBAAsB,CACjC,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,EACpD,QAAQ,CACT,CAAC;YACF,MAAM,CAAC,QAAQ,EAAE,CAAC;SACnB;KACF;AACH,CAAC;AAED,KAAK,UAAU,wBAAwB,CACrC,MAA0B,EAC1B,MAAc;IAEd,MAAM,4BAA4B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEnD,MAAM,MAAM,GAAG,kBAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC3C,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,MAAM,CAAC,UAAU,CAAC,cAAc,QAAQ,EAAE,CAAC,CAAC;QAC5C,MAAM,MAAM,CAAC,gBAAgB,CAC3B,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,CACrD,CAAC;QACF,MAAM,CAAC,QAAQ,EAAE,CAAC;KACnB;AACH,CAAC;AAED,2DAA2D;AACpD,KAAK,UAAU,UAAU,CAC9B,WAAmB,EACnB,UAAkB,EAClB,eAAuB,EACvB,WAAmB,EACnB,MAA0B,EAC1B,MAAc;IAEd,MAAM,YAAY,GAAwB,EAAE,CAAC;IAE7C,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,MAAM,CAAC,UAAU,CAAC,aAAa,QAAQ,EAAE,CAAC,CAAC;QAE3C,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACzC,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;YAC/D,MAAM,IAAI,KAAK,CACb,qBAAqB,QAAQ,gDAAgD,CAC9E,CAAC;SACH;QAED,IAAI;YACF,KAAK,MAAM,IAAI,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;gBACxC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;oBAC5B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC;oBAEvC,MAAM,YAAY,GAAG,IAAI,CAAC,qBAAqB,CAC7C,MAAM,CAAC,OAAO,EACd,QAAQ,CACT,CAAC;oBACF,uEAAuE;oBACvE,2EAA2E;oBAC3E,MAAM,cAAc,GAAG,GAAG,YAAY,YAAY,IAAI,MAAM,CAAC;oBAC7D,MAAM,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;yBACrC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,YAAY,CAAC,EAAE,CAAC;yBACnC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACd,EAAE,CAAC,aAAa,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;oBACrD,MAAM,CAAC,KAAK,CACV,wBAAwB,QAAQ,QAAQ,kBAAkB,EAAE,CAC7D,CAAC;oBAEF,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,QAAQ,IAAI,IAAI,QAAQ,CAAC,CAAC;oBAEtE,MAAM,MAAM,GAAG,kBAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;oBAC3C,MAAM,MAAM,CAAC,eAAe,CAC1B,YAAY,EACZ,SAAS,EACT,cAAc,EACd,UAAU,EACV,eAAe,EACf,WAAW,CACZ,CAAC;oBAEF,MAAM,CAAC,KAAK,CACV,8BAA8B,QAAQ,gBAAgB,SAAS,GAAG,CACnE,CAAC;oBACF,MAAM,CAAC,QAAQ,EAAE,CAAC;oBAElB,yBAAyB;oBACzB,MAAM,OAAO,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC;oBACrC,YAAY,CAAC,WAAW,IAAI,YAAY,QAAQ,cAAc,CAAC;wBAC7D,OAAO,GAAG,SAAS,CAAC;iBACvB;aACF;SACF;QAAC,OAAO,CAAC,EAAE;YACV,MAAM,CAAC,KAAK,CAAC,8BAA8B,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;YAC7D,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACf,YAAY,CAAC,wBAAwB,GAAG,QAAQ,CAAC;YACjD,OAAO,YAAY,CAAC;SACrB;KACF;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAxED,gCAwEC;AAEM,KAAK,UAAU,UAAU,CAC9B,aAA4B,EAC5B,SAAiB,EACjB,GAAW,EACX,WAA+B,EAC/B,YAAgC,EAChC,aAAiC,EACjC,YAAoB,EACpB,WAA+B,EAC/B,UAAkB,EAClB,SAAiB,EACjB,QAAiB,EACjB,IAAe,EACf,SAAiB,EACjB,UAAkB,EAClB,eAAuB,EACvB,WAAmB,EACnB,MAA0B,EAC1B,MAAc;IAEd,8DAA8D;IAC9D,OAAO,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;IAEzD,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE7C,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;IAC5C,MAAM,wBAAwB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE/C,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IAClC,MAAM,YAAY,GAAG,MAAM,UAAU,CACnC,SAAS,EACT,UAAU,EACV,eAAe,EACf,WAAW,EACX,MAAM,EACN,MAAM,CACP,CAAC;IAEF,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACrC,OAAO,EAAE,GAAG,YAAY,EAAE,CAAC;KAC5B;IAED,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,MAAM,CACzC,SAAS,EACT,aAAa,EACb,SAAS,EACT,GAAG,EACH,WAAW,EACX,YAAY,EACZ,aAAa,EACb,YAAY,EACZ,WAAW,EACX,UAAU,EACV,SAAS,EACT,IAAI,EACJ,MAAM,CACP,CAAC;IAEF,OAAO,EAAE,GAAG,YAAY,EAAE,GAAG,WAAW,EAAE,CAAC;AAC7C,CAAC;AA5DD,gCA4DC"}
+{"version":3,"file":"analyze.js","sourceRoot":"","sources":["../src/analyze.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAE3D,gEAAkD;AAElD,qCAAqC;AAErC,2CAA0D;AAG1D,gEAAkD;AAClD,yDAA2C;AAC3C,6CAA+B;AAE/B,MAAa,mBAAoB,SAAQ,KAAK;IAG5C,YAAY,mBAAwC,EAAE,OAAe;QACnE,KAAK,CAAC,OAAO,CAAC,CAAC;QAEf,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;QAClC,IAAI,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;IACjD,CAAC;CACF;AATD,kDASC;AAmCD,KAAK,UAAU,oBAAoB,CAAC,MAAc;IAChD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAClD,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE;QAC3D,+FAA+F;QAC/F,OAAO;KACR;IAED,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,OAAO,GAAG;QACd,SAAS,EAAE;YACT,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;gBACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,CAAC;SACF;KACF,CAAC;IAEF,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,YAAY,EACZ;QACE,IAAI;QACJ,8EAA8E;KAC/E,EACD,OAAO,CACR,CAAC,IAAI,EAAE,CAAC;IACT,MAAM,CAAC,IAAI,CAAC,kCAAkC,MAAM,EAAE,CAAC,CAAC;IACxD,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,GAAG,MAAM,CAAC;IAE/C,MAAM,GAAG,EAAE,CAAC;IACZ,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,YAAY,EACZ,CAAC,IAAI,EAAE,wCAAwC,CAAC,EAChD,OAAO,CACR,CAAC,IAAI,EAAE,CAAC;IACT,MAAM,CAAC,IAAI,CAAC,qCAAqC,MAAM,EAAE,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,GAAG,MAAM,CAAC;AACpD,CAAC;AAED,KAAK,UAAU,4BAA4B,CACzC,MAA0B,EAC1B,MAAc;IAEd,sEAAsE;IACtE,oCAAoC;IACpC,aAAa,CAAC,8BAA8B,CAAC,MAAM,CAAC,CAAC;IAErD,MAAM,MAAM,GAAG,kBAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC3C,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,IAAI,6BAAiB,CAAC,QAAQ,CAAC,EAAE;YAC/B,MAAM,CAAC,UAAU,CAAC,cAAc,QAAQ,EAAE,CAAC,CAAC;YAE5C,IAAI,QAAQ,KAAK,oBAAQ,CAAC,MAAM,EAAE;gBAChC,MAAM,oBAAoB,CAAC,MAAM,CAAC,CAAC;aACpC;YAED,MAAM,MAAM,CAAC,sBAAsB,CACjC,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,EACpD,QAAQ,CACT,CAAC;YACF,MAAM,CAAC,QAAQ,EAAE,CAAC;SACnB;KACF;AACH,CAAC;AAED,KAAK,UAAU,wBAAwB,CACrC,MAA0B,EAC1B,WAAmB,EACnB,MAAc;IAEd,MAAM,4BAA4B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEnD,MAAM,MAAM,GAAG,kBAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC3C,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,MAAM,CAAC,UAAU,CAAC,cAAc,QAAQ,EAAE,CAAC,CAAC;QAC5C,MAAM,MAAM,CAAC,gBAAgB,CAC3B,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,EACpD,WAAW,CACZ,CAAC;QACF,MAAM,CAAC,QAAQ,EAAE,CAAC;KACnB;AACH,CAAC;AAED,2DAA2D;AACpD,KAAK,UAAU,UAAU,CAC9B,WAAmB,EACnB,UAAkB,EAClB,eAAuB,EACvB,WAAmB,EACnB,MAA0B,EAC1B,MAAc;IAEd,MAAM,YAAY,GAAwB,EAAE,CAAC;IAE7C,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,MAAM,CAAC,UAAU,CAAC,aAAa,QAAQ,EAAE,CAAC,CAAC;QAE3C,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACzC,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;YAC/D,MAAM,IAAI,KAAK,CACb,qBAAqB,QAAQ,gDAAgD,CAC9E,CAAC;SACH;QAED,IAAI;YACF,KAAK,MAAM,IAAI,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;gBACxC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;oBAC5B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC;oBAEvC,MAAM,YAAY,GAAG,IAAI,CAAC,qBAAqB,CAC7C,MAAM,CAAC,OAAO,EACd,QAAQ,CACT,CAAC;oBACF,uEAAuE;oBACvE,2EAA2E;oBAC3E,MAAM,cAAc,GAAG,GAAG,YAAY,YAAY,IAAI,MAAM,CAAC;oBAC7D,MAAM,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;yBACrC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,YAAY,CAAC,EAAE,CAAC;yBACnC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACd,EAAE,CAAC,aAAa,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;oBACrD,MAAM,CAAC,KAAK,CACV,wBAAwB,QAAQ,QAAQ,kBAAkB,EAAE,CAC7D,CAAC;oBAEF,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,QAAQ,IAAI,IAAI,QAAQ,CAAC,CAAC;oBAEtE,MAAM,MAAM,GAAG,kBAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;oBAC3C,MAAM,MAAM,CAAC,eAAe,CAC1B,YAAY,EACZ,SAAS,EACT,cAAc,EACd,UAAU,EACV,eAAe,EACf,WAAW,CACZ,CAAC;oBAEF,MAAM,CAAC,KAAK,CACV,8BAA8B,QAAQ,gBAAgB,SAAS,GAAG,CACnE,CAAC;oBACF,MAAM,CAAC,QAAQ,EAAE,CAAC;oBAElB,yBAAyB;oBACzB,MAAM,OAAO,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC;oBACrC,YAAY,CAAC,WAAW,IAAI,YAAY,QAAQ,cAAc,CAAC;wBAC7D,OAAO,GAAG,SAAS,CAAC;iBACvB;aACF;SACF;QAAC,OAAO,CAAC,EAAE;YACV,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACf,YAAY,CAAC,wBAAwB,GAAG,QAAQ,CAAC;YACjD,MAAM,IAAI,mBAAmB,CAC3B,YAAY,EACZ,8BAA8B,QAAQ,KAAK,CAAC,EAAE,CAC/C,CAAC;SACH;KACF;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AA1ED,gCA0EC;AAEM,KAAK,UAAU,UAAU,CAC9B,aAA4B,EAC5B,SAAiB,EACjB,GAAW,EACX,WAA+B,EAC/B,YAAgC,EAChC,aAAiC,EACjC,YAAoB,EACpB,WAA+B,EAC/B,UAA4B,EAC5B,QAAiB,EACjB,IAAe,EACf,SAAiB,EACjB,UAAkB,EAClB,eAAuB,EACvB,WAAmB,EACnB,MAA0B,EAC1B,MAAc;IAEd,8DAA8D;IAC9D,OAAO,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;IAEzD,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE7C,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;IAC5C,MAAM,wBAAwB,CAAC,MAAM,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;IAE5D,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IAClC,MAAM,YAAY,GAAG,MAAM,UAAU,CACnC,SAAS,EACT,UAAU,EACV,eAAe,EACf,WAAW,EACX,MAAM,EACN,MAAM,CACP,CAAC;IAEF,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACrC,OAAO,EAAE,GAAG,YAAY,EAAE,CAAC;KAC5B;IAED,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,MAAM,CACzC,SAAS,EACT,aAAa,EACb,SAAS,EACT,GAAG,EACH,WAAW,EACX,YAAY,EACZ,aAAa,EACb,YAAY,EACZ,WAAW,EACX,UAAU,EACV,IAAI,EACJ,MAAM,CACP,CAAC;IAEF,OAAO,EAAE,GAAG,YAAY,EAAE,GAAG,WAAW,EAAE,CAAC;AAC7C,CAAC;AA1DD,gCA0DC"}

lib/analyze.test.js

@@ -1,7 +1,4 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 var __importStar = (this && this.__importStar) || function (mod) {
     if (mod && mod.__esModule) return mod;
     var result = {};
@@ -9,9 +6,12 @@ var __importStar = (this && this.__importStar) || function (mod) {
     result["default"] = mod;
     return result;
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-const ava_1 = __importDefault(require("ava"));
 const fs = __importStar(require("fs"));
+const ava_1 = __importDefault(require("ava"));
 const analyze_1 = require("./analyze");
 const codeql_1 = require("./codeql");
 const languages_1 = require("./languages");

lib/analyze.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze.test.js","sourceRoot":"","sources":["../src/analyze.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,8CAAuB;AACvB,uCAAyB;AAEzB,uCAAuC;AACvC,qCAAqC;AAErC,2CAAuC;AACvC,uCAA4C;AAC5C,mDAA6C;AAC7C,6CAA+B;AAE/B,0BAAU,CAAC,aAAI,CAAC,CAAC;AAEjB,yEAAyE;AACzE,yCAAyC;AACzC,aAAI,CAAC,sBAAsB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,kBAAS,CAAC;YACR,eAAe,EAAE,KAAK,IAAI,EAAE,CAAC,SAAS;SACvC,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,EAAE,CAAC;QACtB,MAAM,eAAe,GAAG,EAAE,CAAC;QAC3B,MAAM,WAAW,GAAG,EAAE,CAAC;QAEvB,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,oBAAQ,CAAC,EAAE;YAC9C,MAAM,MAAM,GAAW;gBACrB,SAAS,EAAE,CAAC,QAAQ,CAAC;gBACrB,OAAO,EAAE,EAAE;gBACX,WAAW,EAAE,EAAE;gBACf,KAAK,EAAE,EAAE;gBACT,iBAAiB,EAAE,EAAE;gBACrB,OAAO,EAAE,MAAM;gBACf,YAAY,EAAE,MAAM;gBACpB,SAAS,EAAE,EAAE;aACd,CAAC;YACF,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE;gBACjE,SAAS,EAAE,IAAI;aAChB,CAAC,CAAC;YAEH,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG;gBACzB,OAAO,EAAE,CAAC,QAAQ,CAAC;gBACnB,MAAM,EAAE,EAAE;aACX,CAAC;YACF,MAAM,mBAAmB,GAAG,MAAM,oBAAU,CAC1C,MAAM,EACN,UAAU,EACV,eAAe,EACf,WAAW,EACX,MAAM,EACN,yBAAe,CAAC,IAAI,CAAC,CACtB,CAAC;YACF,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACxD,CAAC,CAAC,IAAI,CACJ,2BAA2B,QAAQ,cAAc,IAAI,mBAAmB,CACzE,CAAC;YAEF,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG;gBACzB,OAAO,EAAE,EAAE;gBACX,MAAM,EAAE,CAAC,QAAQ,CAAC;aACnB,CAAC;YACF,MAAM,kBAAkB,GAAG,MAAM,oBAAU,CACzC,MAAM,EACN,UAAU,EACV,eAAe,EACf,WAAW,EACX,MAAM,EACN,yBAAe,CAAC,IAAI,CAAC,CACtB,CAAC;YACF,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACvD,CAAC,CAAC,IAAI,CACJ,0BAA0B,QAAQ,cAAc,IAAI,kBAAkB,CACvE,CAAC;SACH;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"analyze.test.js","sourceRoot":"","sources":["../src/analyze.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,uCAAyB;AAEzB,8CAAuB;AAEvB,uCAAuC;AACvC,qCAAqC;AAErC,2CAAuC;AACvC,uCAA4C;AAC5C,mDAA6C;AAC7C,6CAA+B;AAE/B,0BAAU,CAAC,aAAI,CAAC,CAAC;AAEjB,yEAAyE;AACzE,yCAAyC;AACzC,aAAI,CAAC,sBAAsB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvC,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QAC5C,kBAAS,CAAC;YACR,eAAe,EAAE,KAAK,IAAI,EAAE,CAAC,SAAS;SACvC,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,EAAE,CAAC;QACtB,MAAM,eAAe,GAAG,EAAE,CAAC;QAC3B,MAAM,WAAW,GAAG,EAAE,CAAC;QAEvB,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,oBAAQ,CAAC,EAAE;YAC9C,MAAM,MAAM,GAAW;gBACrB,SAAS,EAAE,CAAC,QAAQ,CAAC;gBACrB,OAAO,EAAE,EAAE;gBACX,WAAW,EAAE,EAAE;gBACf,KAAK,EAAE,EAAE;gBACT,iBAAiB,EAAE,EAAE;gBACrB,OAAO,EAAE,MAAM;gBACf,YAAY,EAAE,MAAM;gBACpB,SAAS,EAAE,EAAE;aACd,CAAC;YACF,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE;gBACjE,SAAS,EAAE,IAAI;aAChB,CAAC,CAAC;YAEH,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG;gBACzB,OAAO,EAAE,CAAC,QAAQ,CAAC;gBACnB,MAAM,EAAE,EAAE;aACX,CAAC;YACF,MAAM,mBAAmB,GAAG,MAAM,oBAAU,CAC1C,MAAM,EACN,UAAU,EACV,eAAe,EACf,WAAW,EACX,MAAM,EACN,yBAAe,CAAC,IAAI,CAAC,CACtB,CAAC;YACF,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACxD,CAAC,CAAC,IAAI,CACJ,2BAA2B,QAAQ,cAAc,IAAI,mBAAmB,CACzE,CAAC;YAEF,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG;gBACzB,OAAO,EAAE,EAAE;gBACX,MAAM,EAAE,CAAC,QAAQ,CAAC;aACnB,CAAC;YACF,MAAM,kBAAkB,GAAG,MAAM,oBAAU,CACzC,MAAM,EACN,UAAU,EACV,eAAe,EACf,WAAW,EACX,MAAM,EACN,yBAAe,CAAC,IAAI,CAAC,CACtB,CAAC;YACF,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACvD,CAAC,CAAC,IAAI,CACJ,0BAA0B,QAAQ,cAAc,IAAI,kBAAkB,CACvE,CAAC;SACH;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/api-client.js

@@ -10,21 +10,59 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const github = __importStar(require("@actions/github"));
-const console_log_level_1 = __importDefault(require("console-log-level"));
 const path = __importStar(require("path"));
+const core_1 = require("@actions/core");
+const githubUtils = __importStar(require("@actions/github/lib/utils"));
+const retry = __importStar(require("@octokit/plugin-retry"));
+const console_log_level_1 = __importDefault(require("console-log-level"));
+const semver = __importStar(require("semver"));
 const actions_util_1 = require("./actions-util");
+const apiCompatibility = __importStar(require("./api-compatibility.json"));
+const logging_1 = require("./logging");
 const util_1 = require("./util");
-exports.getApiClient = function (githubAuth, githubUrl, allowLocalRun = false) {
+var DisallowedAPIVersionReason;
+(function (DisallowedAPIVersionReason) {
+    DisallowedAPIVersionReason[DisallowedAPIVersionReason["ACTION_TOO_OLD"] = 0] = "ACTION_TOO_OLD";
+    DisallowedAPIVersionReason[DisallowedAPIVersionReason["ACTION_TOO_NEW"] = 1] = "ACTION_TOO_NEW";
+})(DisallowedAPIVersionReason = exports.DisallowedAPIVersionReason || (exports.DisallowedAPIVersionReason = {}));
+const GITHUB_ENTERPRISE_VERSION_HEADER = "x-github-enterprise-version";
+const CODEQL_ACTION_WARNED_ABOUT_VERSION_ENV_VAR = "CODEQL_ACTION_WARNED_ABOUT_VERSION";
+let hasBeenWarnedAboutVersion = false;
+exports.getApiClient = function (apiDetails, mode, logger, allowLocalRun = false, possibleFailureExpected = false) {
     if (util_1.isLocalRun() && !allowLocalRun) {
         throw new Error("Invalid API call in local run");
     }
-    return new github.GitHub({
-        auth: githubAuth,
-        baseUrl: getApiUrl(githubUrl),
+    const customOctokit = githubUtils.GitHub.plugin(retry.retry, (octokit, _) => {
+        octokit.hook.after("request", (response, __) => {
+            if (response.status < 400 && !possibleFailureExpected) {
+                if (hasBeenWarnedAboutVersion) {
+                    return;
+                }
+            }
+            if (response.headers[GITHUB_ENTERPRISE_VERSION_HEADER] === undefined ||
+                process.env[CODEQL_ACTION_WARNED_ABOUT_VERSION_ENV_VAR] === undefined) {
+                return;
+            }
+            const installedVersion = response.headers[GITHUB_ENTERPRISE_VERSION_HEADER];
+            const disallowedAPIVersionReason = apiVersionInRange(installedVersion, apiCompatibility.minimumVersion, apiCompatibility.maximumVersion);
+            const toolName = mode === "actions" ? "Action" : "Runner";
+            if (disallowedAPIVersionReason === DisallowedAPIVersionReason.ACTION_TOO_OLD) {
+                logger.warning(`The CodeQL ${toolName} version you are using is too old to be compatible with GitHub Enterprise ${installedVersion}. If you experience issues, please upgrade to a more recent version of the CodeQL ${toolName}.`);
+            }
+            if (disallowedAPIVersionReason === DisallowedAPIVersionReason.ACTION_TOO_NEW) {
+                logger.warning(`GitHub Enterprise ${installedVersion} is too old to be compatible with this version of the CodeQL ${toolName}. If you experience issues, please upgrade to a more recent version of GitHub Enterprise or use an older version of the CodeQL ${toolName}.`);
+            }
+            hasBeenWarnedAboutVersion = true;
+            if (mode === "actions") {
+                core_1.exportVariable(CODEQL_ACTION_WARNED_ABOUT_VERSION_ENV_VAR, true);
+            }
+        });
+    });
+    return new customOctokit(githubUtils.getOctokitOptions(apiDetails.auth, {
+        baseUrl: getApiUrl(apiDetails.url),
         userAgent: "CodeQL Action",
         log: console_log_level_1.default({ level: "debug" }),
-    });
+    }));
 };
 function getApiUrl(githubUrl) {
     const url = new URL(githubUrl);
@@ -38,10 +76,24 @@ function getApiUrl(githubUrl) {
     return url.toString();
 }
 // Temporary function to aid in the transition to running on and off of github actions.
-// Once all code has been coverted this function should be removed or made canonical
+// Once all code has been converted this function should be removed or made canonical
 // and called only from the action entrypoints.
 function getActionsApiClient(allowLocalRun = false) {
-    return exports.getApiClient(actions_util_1.getRequiredInput("token"), actions_util_1.getRequiredEnvParam("GITHUB_SERVER_URL"), allowLocalRun);
+    const apiDetails = {
+        auth: actions_util_1.getRequiredInput("token"),
+        url: actions_util_1.getRequiredEnvParam("GITHUB_SERVER_URL"),
+    };
+    return exports.getApiClient(apiDetails, "actions", logging_1.getActionsLogger(), allowLocalRun);
 }
 exports.getActionsApiClient = getActionsApiClient;
+function apiVersionInRange(version, minimumVersion, maximumVersion) {
+    if (!semver.satisfies(version, `>=${minimumVersion}`)) {
+        return DisallowedAPIVersionReason.ACTION_TOO_NEW;
+    }
+    if (!semver.satisfies(version, `<=${maximumVersion}`)) {
+        return DisallowedAPIVersionReason.ACTION_TOO_OLD;
+    }
+    return undefined;
+}
+exports.apiVersionInRange = apiVersionInRange;
 //# sourceMappingURL=api-client.js.map

lib/api-client.js.map

@@ -1 +1 @@
-{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wDAA0C;AAC1C,0EAAgD;AAChD,2CAA6B;AAE7B,iDAAuE;AACvE,iCAAoC;AAEvB,QAAA,YAAY,GAAG,UAC1B,UAAkB,EAClB,SAAiB,EACjB,aAAa,GAAG,KAAK;IAErB,IAAI,iBAAU,EAAE,IAAI,CAAC,aAAa,EAAE;QAClC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;KAClD;IACD,OAAO,IAAI,MAAM,CAAC,MAAM,CAAC;QACvB,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,SAAS,CAAC,SAAS,CAAC;QAC7B,SAAS,EAAE,eAAe;QAC1B,GAAG,EAAE,2BAAe,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;KACzC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,SAAS,SAAS,CAAC,SAAiB;IAClC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;IAE/B,kDAAkD;IAClD,0CAA0C;IAC1C,IAAI,GAAG,CAAC,QAAQ,KAAK,YAAY,IAAI,GAAG,CAAC,QAAQ,KAAK,gBAAgB,EAAE;QACtE,OAAO,wBAAwB,CAAC;KACjC;IAED,6BAA6B;IAC7B,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AAED,uFAAuF;AACvF,oFAAoF;AACpF,+CAA+C;AAC/C,SAAgB,mBAAmB,CAAC,aAAa,GAAG,KAAK;IACvD,OAAO,oBAAY,CACjB,+BAAgB,CAAC,OAAO,CAAC,EACzB,kCAAmB,CAAC,mBAAmB,CAAC,EACxC,aAAa,CACd,CAAC;AACJ,CAAC;AAND,kDAMC"}
+{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA6B;AAE7B,wCAA+C;AAC/C,uEAAyD;AACzD,6DAA+C;AAE/C,0EAAgD;AAChD,+CAAiC;AAEjC,iDAAuE;AACvE,2EAA6D;AAC7D,uCAAqD;AACrD,iCAA0C;AAE1C,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,+FAAc,CAAA;IACd,+FAAc,CAAA;AAChB,CAAC,EAHW,0BAA0B,GAA1B,kCAA0B,KAA1B,kCAA0B,QAGrC;AAOD,MAAM,gCAAgC,GAAG,6BAA6B,CAAC;AACvE,MAAM,0CAA0C,GAC9C,oCAAoC,CAAC;AACvC,IAAI,yBAAyB,GAAG,KAAK,CAAC;AAEzB,QAAA,YAAY,GAAG,UAC1B,UAA4B,EAC5B,IAAU,EACV,MAAc,EACd,aAAa,GAAG,KAAK,EACrB,uBAAuB,GAAG,KAAK;IAE/B,IAAI,iBAAU,EAAE,IAAI,CAAC,aAAa,EAAE;QAClC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;KAClD;IACD,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,OAAO,EAAE,CAAC,EAAE,EAAE;QAC1E,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC,QAA8B,EAAE,EAAE,EAAE,EAAE;YACnE,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,IAAI,CAAC,uBAAuB,EAAE;gBACrD,IAAI,yBAAyB,EAAE;oBAC7B,OAAO;iBACR;aACF;YACD,IACE,QAAQ,CAAC,OAAO,CAAC,gCAAgC,CAAC,KAAK,SAAS;gBAChE,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,KAAK,SAAS,EACrE;gBACA,OAAO;aACR;YACD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,OAAO,CACvC,gCAAgC,CACvB,CAAC;YACZ,MAAM,0BAA0B,GAAG,iBAAiB,CAClD,gBAAgB,EAChB,gBAAgB,CAAC,cAAc,EAC/B,gBAAgB,CAAC,cAAc,CAChC,CAAC;YAEF,MAAM,QAAQ,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;YAE1D,IACE,0BAA0B,KAAK,0BAA0B,CAAC,cAAc,EACxE;gBACA,MAAM,CAAC,OAAO,CACZ,cAAc,QAAQ,6EAA6E,gBAAgB,qFAAqF,QAAQ,GAAG,CACpN,CAAC;aACH;YACD,IACE,0BAA0B,KAAK,0BAA0B,CAAC,cAAc,EACxE;gBACA,MAAM,CAAC,OAAO,CACZ,qBAAqB,gBAAgB,gEAAgE,QAAQ,kIAAkI,QAAQ,GAAG,CAC3P,CAAC;aACH;YACD,yBAAyB,GAAG,IAAI,CAAC;YACjC,IAAI,IAAI,KAAK,SAAS,EAAE;gBACtB,qBAAc,CAAC,0CAA0C,EAAE,IAAI,CAAC,CAAC;aAClE;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,OAAO,IAAI,aAAa,CACtB,WAAW,CAAC,iBAAiB,CAAC,UAAU,CAAC,IAAI,EAAE;QAC7C,OAAO,EAAE,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC;QAClC,SAAS,EAAE,eAAe;QAC1B,GAAG,EAAE,2BAAe,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;KACzC,CAAC,CACH,CAAC;AACJ,CAAC,CAAC;AAEF,SAAS,SAAS,CAAC,SAAiB;IAClC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;IAE/B,kDAAkD;IAClD,0CAA0C;IAC1C,IAAI,GAAG,CAAC,QAAQ,KAAK,YAAY,IAAI,GAAG,CAAC,QAAQ,KAAK,gBAAgB,EAAE;QACtE,OAAO,wBAAwB,CAAC;KACjC;IAED,6BAA6B;IAC7B,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AAED,uFAAuF;AACvF,qFAAqF;AACrF,+CAA+C;AAC/C,SAAgB,mBAAmB,CAAC,aAAa,GAAG,KAAK;IACvD,MAAM,UAAU,GAAG;QACjB,IAAI,EAAE,+BAAgB,CAAC,OAAO,CAAC;QAC/B,GAAG,EAAE,kCAAmB,CAAC,mBAAmB,CAAC;KAC9C,CAAC;IAEF,OAAO,oBAAY,CAAC,UAAU,EAAE,SAAS,EAAE,0BAAgB,EAAE,EAAE,aAAa,CAAC,CAAC;AAChF,CAAC;AAPD,kDAOC;AAED,SAAgB,iBAAiB,CAC/B,OAAe,EACf,cAAsB,EACtB,cAAsB;IAEtB,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,KAAK,cAAc,EAAE,CAAC,EAAE;QACrD,OAAO,0BAA0B,CAAC,cAAc,CAAC;KAClD;IACD,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,KAAK,cAAc,EAAE,CAAC,EAAE;QACrD,OAAO,0BAA0B,CAAC,cAAc,CAAC;KAClD;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAZD,8CAYC"}

lib/api-client.test.js

@@ -0,0 +1,17 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const ava_1 = __importDefault(require("ava"));
+const api_client_1 = require("./api-client");
+ava_1.default("allowed API versions", async (t) => {
+    t.is(api_client_1.apiVersionInRange("1.33.0", "1.33", "2.0"), undefined);
+    t.is(api_client_1.apiVersionInRange("1.33.1", "1.33", "2.0"), undefined);
+    t.is(api_client_1.apiVersionInRange("1.34.0", "1.33", "2.0"), undefined);
+    t.is(api_client_1.apiVersionInRange("2.0.0", "1.33", "2.0"), undefined);
+    t.is(api_client_1.apiVersionInRange("2.0.1", "1.33", "2.0"), undefined);
+    t.is(api_client_1.apiVersionInRange("1.32.0", "1.33", "2.0"), api_client_1.DisallowedAPIVersionReason.ACTION_TOO_NEW);
+    t.is(api_client_1.apiVersionInRange("2.1.0", "1.33", "2.0"), api_client_1.DisallowedAPIVersionReason.ACTION_TOO_OLD);
+});
+//# sourceMappingURL=api-client.test.js.map

lib/api-client.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-client.test.js","sourceRoot":"","sources":["../src/api-client.test.ts"],"names":[],"mappings":";;;;;AAAA,8CAAuB;AAEvB,6CAA6E;AAE7E,aAAI,CAAC,sBAAsB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACvC,CAAC,CAAC,EAAE,CAAC,8BAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,SAAS,CAAC,CAAC;IAC5D,CAAC,CAAC,EAAE,CAAC,8BAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,SAAS,CAAC,CAAC;IAC5D,CAAC,CAAC,EAAE,CAAC,8BAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,SAAS,CAAC,CAAC;IAC5D,CAAC,CAAC,EAAE,CAAC,8BAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,SAAS,CAAC,CAAC;IAC3D,CAAC,CAAC,EAAE,CAAC,8BAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,SAAS,CAAC,CAAC;IAC3D,CAAC,CAAC,EAAE,CACF,8BAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,EAC1C,uCAA0B,CAAC,cAAc,CAC1C,CAAC;IACF,CAAC,CAAC,EAAE,CACF,8BAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EACzC,uCAA0B,CAAC,cAAc,CAC1C,CAAC;AACJ,CAAC,CAAC,CAAC"}

lib/api-compatibility.json

@@ -0,0 +1 @@
+{ "maximumVersion": "3.0", "minimumVersion": "2.22" }

lib/autobuild-action.js

@@ -31,7 +31,7 @@ async function run() {
     let language = undefined;
     try {
         actionsUtil.prepareLocalRunEnvironment();
-        if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("autobuild", "starting", startedAt), true))) {
+        if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("autobuild", "starting", startedAt)))) {
             return;
         }
         const config = await config_utils.getConfig(actionsUtil.getRequiredEnvParam("RUNNER_TEMP"), logger);
@@ -51,8 +51,14 @@ async function run() {
     }
     await sendCompletedStatusReport(startedAt, language ? [language] : []);
 }
-run().catch((e) => {
-    core.setFailed(`autobuild action failed.  ${e}`);
-    console.log(e);
-});
+async function runWrapper() {
+    try {
+        await run();
+    }
+    catch (error) {
+        core.setFailed(`autobuild action failed. ${error}`);
+        console.log(error);
+    }
+}
+void runWrapper();
 //# sourceMappingURL=autobuild-action.js.map

lib/autobuild-action.js.map

@@ -1 +1 @@
-{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,2CAAuE;AACvE,6DAA+C;AAE/C,uCAA6C;AAS7C,KAAK,UAAU,yBAAyB,CACtC,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;;IAEb,MAAM,MAAM,GACV,eAAe,KAAK,SAAS,IAAI,KAAK,KAAK,SAAS;QAClD,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,WAAW,EACX,MAAM,EACN,SAAS,QACT,KAAK,0CAAE,OAAO,QACd,KAAK,0CAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAA0B;QAC1C,GAAG,gBAAgB;QACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,iBAAiB,EAAE,eAAe;KACnC,CAAC;IACF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,MAAM,GAAG,0BAAgB,EAAE,CAAC;IAClC,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAI,QAAQ,GAAyB,SAAS,CAAC;IAC/C,IAAI;QACF,WAAW,CAAC,0BAA0B,EAAE,CAAC;QACzC,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CACtC,WAAW,EACX,UAAU,EACV,SAAS,CACV,EACD,IAAI,CACL,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,CACzC,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,MAAM,CACP,CAAC;QACF,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QACD,QAAQ,GAAG,sCAA0B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtD,IAAI,QAAQ,KAAK,SAAS,EAAE;YAC1B,MAAM,wBAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;SAC9C;KACF;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CACZ,mIAAmI,KAAK,CAAC,OAAO,EAAE,CACnJ,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,yBAAyB,CAC7B,SAAS,EACT,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,EAC1B,QAAQ,EACR,KAAK,CACN,CAAC;QACF,OAAO;KACR;IAED,MAAM,yBAAyB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;AACzE,CAAC;AAED,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IAChB,IAAI,CAAC,SAAS,CAAC,6BAA6B,CAAC,EAAE,CAAC,CAAC;IACjD,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACjB,CAAC,CAAC,CAAC"}
+{"version":3,"file":"autobuild-action.js","sourceRoot":"","sources":["../src/autobuild-action.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,2CAAuE;AACvE,6DAA+C;AAE/C,uCAA6C;AAS7C,KAAK,UAAU,yBAAyB,CACtC,SAAe,EACf,YAAsB,EACtB,eAAwB,EACxB,KAAa;;IAEb,MAAM,MAAM,GACV,eAAe,KAAK,SAAS,IAAI,KAAK,KAAK,SAAS;QAClD,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,WAAW,EACX,MAAM,EACN,SAAS,QACT,KAAK,0CAAE,OAAO,QACd,KAAK,0CAAE,KAAK,CACb,CAAC;IACF,MAAM,YAAY,GAA0B;QAC1C,GAAG,gBAAgB;QACnB,mBAAmB,EAAE,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,iBAAiB,EAAE,eAAe;KACnC,CAAC;IACF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,MAAM,GAAG,0BAAgB,EAAE,CAAC;IAClC,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IAAI,QAAQ,GAAyB,SAAS,CAAC;IAC/C,IAAI;QACF,WAAW,CAAC,0BAA0B,EAAE,CAAC;QACzC,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CACtC,WAAW,EACX,UAAU,EACV,SAAS,CACV,CACF,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,CACzC,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,MAAM,CACP,CAAC;QACF,IAAI,MAAM,KAAK,SAAS,EAAE;YACxB,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;QACD,QAAQ,GAAG,sCAA0B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtD,IAAI,QAAQ,KAAK,SAAS,EAAE;YAC1B,MAAM,wBAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;SAC9C;KACF;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CACZ,mIAAmI,KAAK,CAAC,OAAO,EAAE,CACnJ,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,yBAAyB,CAC7B,SAAS,EACT,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,EAC1B,QAAQ,EACR,KAAK,CACN,CAAC;QACF,OAAO;KACR;IAED,MAAM,yBAAyB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;AACzE,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,4BAA4B,KAAK,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

lib/codeql.js

@@ -6,19 +6,16 @@ var __importStar = (this && this.__importStar) || function (mod) {
     result["default"] = mod;
     return result;
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-const toolrunnner = __importStar(require("@actions/exec/lib/toolrunner"));
-const http = __importStar(require("@actions/http-client"));
-const toolcache = __importStar(require("@actions/tool-cache"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
-const semver = __importStar(require("semver"));
 const stream = __importStar(require("stream"));
 const globalutil = __importStar(require("util"));
-const v4_1 = __importDefault(require("uuid/v4"));
+const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
+const http = __importStar(require("@actions/http-client"));
+const toolcache = __importStar(require("@actions/tool-cache"));
+const semver = __importStar(require("semver"));
+const uuid_1 = require("uuid");
 const actions_util_1 = require("./actions-util");
 const api = __importStar(require("./api-client"));
 const defaults = __importStar(require("./defaults.json")); // Referenced from codeql-action-sync-tool!
@@ -31,40 +28,56 @@ const util = __importStar(require("./util"));
  */
 let cachedCodeQL = undefined;
 const CODEQL_BUNDLE_VERSION = defaults.bundleVersion;
-const CODEQL_BUNDLE_NAME = "codeql-bundle.tar.gz";
 const CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action";
-function getCodeQLActionRepository(mode) {
+function getCodeQLBundleName() {
+    let platform;
+    if (process.platform === "win32") {
+        platform = "win64";
+    }
+    else if (process.platform === "linux") {
+        platform = "linux64";
+    }
+    else if (process.platform === "darwin") {
+        platform = "osx64";
+    }
+    else {
+        return "codeql-bundle.tar.gz";
+    }
+    return `codeql-bundle-${platform}.tar.gz`;
+}
+function getCodeQLActionRepository(mode, logger) {
     if (mode !== "actions") {
         return CODEQL_DEFAULT_ACTION_REPOSITORY;
     }
-    // Actions do not know their own repository name,
-    // so we currently use this hack to find the name based on where our files are.
-    // This can be removed once the change to the runner in https://github.com/actions/runner/pull/585 is deployed.
-    const runnerTemp = actions_util_1.getRequiredEnvParam("RUNNER_TEMP");
-    const actionsDirectory = path.join(path.dirname(runnerTemp), "_actions");
-    const relativeScriptPath = path.relative(actionsDirectory, __filename);
-    // This handles the case where the Action does not come from an Action repository,
-    // e.g. our integration tests which use the Action code from the current checkout.
-    if (relativeScriptPath.startsWith("..") ||
-        path.isAbsolute(relativeScriptPath)) {
+    if (process.env["GITHUB_ACTION_REPOSITORY"] !== undefined) {
+        return process.env["GITHUB_ACTION_REPOSITORY"];
+    }
+    // The Actions Runner used with GitHub Enterprise Server 2.22 did not set the GITHUB_ACTION_REPOSITORY variable.
+    // This fallback logic can be removed after the end-of-support for 2.22 on 2021-09-23.
+    if (actions_util_1.isRunningLocalAction()) {
+        // This handles the case where the Action does not come from an Action repository,
+        // e.g. our integration tests which use the Action code from the current checkout.
+        logger.info("The CodeQL Action is checked out locally. Using the default CodeQL Action repository.");
         return CODEQL_DEFAULT_ACTION_REPOSITORY;
     }
-    const relativeScriptPathParts = relativeScriptPath.split(path.sep);
+    logger.info("GITHUB_ACTION_REPOSITORY environment variable was not set. Falling back to legacy method of finding the GitHub Action.");
+    const relativeScriptPathParts = actions_util_1.getRelativeScriptPath().split(path.sep);
     return `${relativeScriptPathParts[0]}/${relativeScriptPathParts[1]}`;
 }
-async function getCodeQLBundleDownloadURL(githubAuth, githubUrl, mode, logger) {
-    const codeQLActionRepository = getCodeQLActionRepository(mode);
+async function getCodeQLBundleDownloadURL(apiDetails, mode, logger) {
+    const codeQLActionRepository = getCodeQLActionRepository(mode, logger);
     const potentialDownloadSources = [
         // This GitHub instance, and this Action.
-        [githubUrl, codeQLActionRepository],
+        [apiDetails.url, codeQLActionRepository],
         // This GitHub instance, and the canonical Action.
-        [githubUrl, CODEQL_DEFAULT_ACTION_REPOSITORY],
+        [apiDetails.url, CODEQL_DEFAULT_ACTION_REPOSITORY],
         // GitHub.com, and the canonical Action.
         [util.GITHUB_DOTCOM_URL, CODEQL_DEFAULT_ACTION_REPOSITORY],
     ];
     // We now filter out any duplicates.
     // Duplicates will happen either because the GitHub instance is GitHub.com, or because the Action is not a fork.
     const uniqueDownloadSources = potentialDownloadSources.filter((url, index, self) => index === self.indexOf(url));
+    const codeQLBundleName = getCodeQLBundleName();
     for (const downloadSource of uniqueDownloadSources) {
         const [apiURL, repository] = downloadSource;
         // If we've reached the final case, short-circuit the API check since we know the bundle exists and is public.
@@ -75,14 +88,14 @@ async function getCodeQLBundleDownloadURL(githubAuth, githubUrl, mode, logger) {
         const [repositoryOwner, repositoryName] = repository.split("/");
         try {
             const release = await api
-                .getApiClient(githubAuth, githubUrl)
+                .getApiClient(apiDetails, mode, logger, false, true)
                 .repos.getReleaseByTag({
                 owner: repositoryOwner,
                 repo: repositoryName,
                 tag: CODEQL_BUNDLE_VERSION,
             });
             for (const asset of release.data.assets) {
-                if (asset.name === CODEQL_BUNDLE_NAME) {
+                if (asset.name === codeQLBundleName) {
                     logger.info(`Found CodeQL bundle in ${downloadSource[1]} on ${downloadSource[0]} with URL ${asset.url}.`);
                     return asset.url;
                 }
@@ -92,13 +105,13 @@ async function getCodeQLBundleDownloadURL(githubAuth, githubUrl, mode, logger) {
             logger.info(`Looked for CodeQL bundle in ${downloadSource[1]} on ${downloadSource[0]} but got error ${e}.`);
         }
     }
-    return `https://github.com/${CODEQL_DEFAULT_ACTION_REPOSITORY}/releases/download/${CODEQL_BUNDLE_VERSION}/${CODEQL_BUNDLE_NAME}`;
+    return `https://github.com/${CODEQL_DEFAULT_ACTION_REPOSITORY}/releases/download/${CODEQL_BUNDLE_VERSION}/${codeQLBundleName}`;
 }
 // We have to download CodeQL manually because the toolcache doesn't support Accept headers.
 // This can be removed once https://github.com/actions/toolkit/pull/530 is merged and released.
 async function toolcacheDownloadTool(url, headers, tempDir, logger) {
     const client = new http.HttpClient("CodeQL Action");
-    const dest = path.join(tempDir, v4_1.default());
+    const dest = path.join(tempDir, uuid_1.v4());
     const response = await client.get(url, headers);
     if (response.message.statusCode !== 200) {
         logger.info(`Failed to download from "${url}". Code(${response.message.statusCode}) Message(${response.message.statusMessage})`);
@@ -109,29 +122,50 @@ async function toolcacheDownloadTool(url, headers, tempDir, logger) {
     await pipeline(response.message, fs.createWriteStream(dest));
     return dest;
 }
-async function setupCodeQL(codeqlURL, githubAuth, githubUrl, tempDir, toolsDir, mode, logger) {
+async function setupCodeQL(codeqlURL, apiDetails, tempDir, toolsDir, mode, logger) {
     // Setting these two env vars makes the toolcache code safe to use outside,
     // of actions but this is obviously not a great thing we're doing and it would
     // be better to write our own implementation to use outside of actions.
     process.env["RUNNER_TEMP"] = tempDir;
     process.env["RUNNER_TOOL_CACHE"] = toolsDir;
     try {
-        const codeqlURLVersion = getCodeQLURLVersion(codeqlURL || `/${CODEQL_BUNDLE_VERSION}/`, logger);
-        let codeqlFolder = toolcache.find("CodeQL", codeqlURLVersion);
+        // We use the special value of 'latest' to prioritize the version in the
+        // defaults over any pinned cached version.
+        const forceLatest = codeqlURL === "latest";
+        if (forceLatest) {
+            codeqlURL = undefined;
+        }
+        const codeqlURLVersion = getCodeQLURLVersion(codeqlURL || `/${CODEQL_BUNDLE_VERSION}/`);
+        const codeqlURLSemVer = convertToSemVer(codeqlURLVersion, logger);
+        // If we find the specified version, we always use that.
+        let codeqlFolder = toolcache.find("CodeQL", codeqlURLSemVer);
+        // If we don't find the requested version, in some cases we may allow a
+        // different version to save download time if the version hasn't been
+        // specified explicitly (in which case we always honor it).
+        if (!codeqlFolder && !codeqlURL && !forceLatest) {
+            const codeqlVersions = toolcache.findAllVersions("CodeQL");
+            if (codeqlVersions.length === 1) {
+                const tmpCodeqlFolder = toolcache.find("CodeQL", codeqlVersions[0]);
+                if (fs.existsSync(path.join(tmpCodeqlFolder, "pinned-version"))) {
+                    logger.debug(`CodeQL in cache overriding the default ${CODEQL_BUNDLE_VERSION}`);
+                    codeqlFolder = tmpCodeqlFolder;
+                }
+            }
+        }
         if (codeqlFolder) {
             logger.debug(`CodeQL found in cache ${codeqlFolder}`);
         }
         else {
             if (!codeqlURL) {
-                codeqlURL = await getCodeQLBundleDownloadURL(githubAuth, githubUrl, mode, logger);
+                codeqlURL = await getCodeQLBundleDownloadURL(apiDetails, mode, logger);
             }
             const headers = { accept: "application/octet-stream" };
             // We only want to provide an authorization header if we are downloading
             // from the same GitHub instance the Action is running on.
             // This avoids leaking Enterprise tokens to dotcom.
-            if (codeqlURL.startsWith(`${githubUrl}/`)) {
+            if (codeqlURL.startsWith(`${apiDetails.url}/`)) {
                 logger.debug("Downloading CodeQL bundle with token.");
-                headers.authorization = `token ${githubAuth}`;
+                headers.authorization = `token ${apiDetails.auth}`;
             }
             else {
                 logger.debug("Downloading CodeQL bundle without token.");
@@ -140,7 +174,7 @@ async function setupCodeQL(codeqlURL, githubAuth, githubUrl, tempDir, toolsDir,
             const codeqlPath = await toolcacheDownloadTool(codeqlURL, headers, tempDir, logger);
             logger.debug(`CodeQL bundle download to ${codeqlPath} complete.`);
             const codeqlExtracted = await toolcache.extractTar(codeqlPath);
-            codeqlFolder = await toolcache.cacheDir(codeqlExtracted, "CodeQL", codeqlURLVersion);
+            codeqlFolder = await toolcache.cacheDir(codeqlExtracted, "CodeQL", codeqlURLSemVer);
         }
         let codeqlCmd = path.join(codeqlFolder, "codeql", "codeql");
         if (process.platform === "win32") {
@@ -150,7 +184,7 @@ async function setupCodeQL(codeqlURL, githubAuth, githubUrl, tempDir, toolsDir,
             throw new Error(`Unsupported platform: ${process.platform}`);
         }
         cachedCodeQL = getCodeQLForCmd(codeqlCmd);
-        return cachedCodeQL;
+        return { codeql: cachedCodeQL, toolsVersion: codeqlURLVersion };
     }
     catch (e) {
         logger.error(e);
@@ -158,23 +192,26 @@ async function setupCodeQL(codeqlURL, githubAuth, githubUrl, tempDir, toolsDir,
     }
 }
 exports.setupCodeQL = setupCodeQL;
-function getCodeQLURLVersion(url, logger) {
+function getCodeQLURLVersion(url) {
     const match = url.match(/\/codeql-bundle-(.*)\//);
     if (match === null || match.length < 2) {
         throw new Error(`Malformed tools url: ${url}. Version could not be inferred`);
     }
-    let version = match[1];
+    return match[1];
+}
+exports.getCodeQLURLVersion = getCodeQLURLVersion;
+function convertToSemVer(version, logger) {
     if (!semver.valid(version)) {
         logger.debug(`Bundle version ${version} is not in SemVer format. Will treat it as pre-release 0.0.0-${version}.`);
         version = `0.0.0-${version}`;
     }
     const s = semver.clean(version);
     if (!s) {
-        throw new Error(`Malformed tools url ${url}. Version should be in SemVer format but have ${version} instead`);
+        throw new Error(`Bundle version ${version} is not in SemVer format.`);
     }
     return s;
 }
-exports.getCodeQLURLVersion = getCodeQLURLVersion;
+exports.convertToSemVer = convertToSemVer;
 /**
  * Use the CodeQL executable located at the given path.
  */
@@ -238,10 +275,7 @@ function getCodeQLForCmd(cmd) {
             return cmd;
         },
         async printVersion() {
-            await new toolrunnner.ToolRunner(cmd, [
-                "version",
-                "--format=json",
-            ]).exec();
+            await new toolrunner.ToolRunner(cmd, ["version", "--format=json"]).exec();
         },
         async getTracerEnv(databasePath) {
             // Write tracer-env.js to a temp location.
@@ -260,7 +294,7 @@ function getCodeQLForCmd(cmd) {
         process.stdout.write(process.argv[2]);
         fs.writeFileSync(process.argv[2], JSON.stringify(env), 'utf-8');`);
             const envFile = path.resolve(databasePath, "working", "env.tmp");
-            await new toolrunnner.ToolRunner(cmd, [
+            await new toolrunner.ToolRunner(cmd, [
                 "database",
                 "trace-command",
                 databasePath,
@@ -272,7 +306,7 @@ function getCodeQLForCmd(cmd) {
             return JSON.parse(fs.readFileSync(envFile, "utf-8"));
         },
         async databaseInit(databasePath, language, sourceRoot) {
-            await new toolrunnner.ToolRunner(cmd, [
+            await new toolrunner.ToolRunner(cmd, [
                 "database",
                 "init",
                 databasePath,
@@ -295,12 +329,12 @@ function getCodeQLForCmd(cmd) {
                 "-Dhttp.keepAlive=false",
                 "-Dmaven.wagon.http.pool=false",
             ].join(" ");
-            await new toolrunnner.ToolRunner(autobuildCmd).exec();
+            await new toolrunner.ToolRunner(autobuildCmd).exec();
         },
         async extractScannedLanguage(databasePath, language) {
             // Get extractor location
             let extractorPath = "";
-            await new toolrunnner.ToolRunner(cmd, [
+            await new toolrunner.ToolRunner(cmd, [
                 "resolve",
                 "extractor",
                 "--format=json",
@@ -330,10 +364,11 @@ function getCodeQLForCmd(cmd) {
                 traceCommand,
             ], error_matcher_1.errorMatchers);
         },
-        async finalizeDatabase(databasePath) {
+        async finalizeDatabase(databasePath, threadsFlag) {
             await toolrunner_error_catcher_1.toolrunnerErrorCatcher(cmd, [
                 "database",
                 "finalize",
+                threadsFlag,
                 ...getExtraOptionsFromEnv(["database", "finalize"]),
                 databasePath,
             ], error_matcher_1.errorMatchers);
@@ -350,7 +385,7 @@ function getCodeQLForCmd(cmd) {
                 codeqlArgs.push("--search-path", extraSearchPath);
             }
             let output = "";
-            await new toolrunnner.ToolRunner(cmd, codeqlArgs, {
+            await new toolrunner.ToolRunner(cmd, codeqlArgs, {
                 listeners: {
                     stdout: (data) => {
                         output += data.toString();
@@ -360,13 +395,15 @@ function getCodeQLForCmd(cmd) {
             return JSON.parse(output);
         },
         async databaseAnalyze(databasePath, sarifFile, querySuite, memoryFlag, addSnippetsFlag, threadsFlag) {
-            await new toolrunnner.ToolRunner(cmd, [
+            await new toolrunner.ToolRunner(cmd, [
                 "database",
                 "analyze",
                 memoryFlag,
                 threadsFlag,
                 databasePath,
+                "--min-disk-free=1024",
                 "--format=sarif-latest",
+                "--sarif-multicause-markdown",
                 `--output=${sarifFile}`,
                 addSnippetsFlag,
                 ...getExtraOptionsFromEnv(["database", "analyze"]),
@@ -378,44 +415,46 @@ function getCodeQLForCmd(cmd) {
 /**
  * Gets the options for `path` of `options` as an array of extra option strings.
  */
-function getExtraOptionsFromEnv(path) {
+function getExtraOptionsFromEnv(paths) {
     const options = util.getExtraOptionsEnvParam();
-    return getExtraOptions(options, path, []);
+    return getExtraOptions(options, paths, []);
+}
+/**
+ * Gets `options` as an array of extra option strings.
+ *
+ * - throws an exception mentioning `pathInfo` if this conversion is impossible.
+ */
+function asExtraOptions(options, pathInfo) {
+    if (options === undefined) {
+        return [];
+    }
+    if (!Array.isArray(options)) {
+        const msg = `The extra options for '${pathInfo.join(".")}' ('${JSON.stringify(options)}') are not in an array.`;
+        throw new Error(msg);
+    }
+    return options.map((o) => {
+        const t = typeof o;
+        if (t !== "string" && t !== "number" && t !== "boolean") {
+            const msg = `The extra option for '${pathInfo.join(".")}' ('${JSON.stringify(o)}') is not a primitive value.`;
+            throw new Error(msg);
+        }
+        return `${o}`;
+    });
 }
 /**
  * Gets the options for `path` of `options` as an array of extra option strings.
  *
  * - the special terminal step name '*' in `options` matches all path steps
  * - throws an exception if this conversion is impossible.
+ *
+ * Exported for testing.
  */
-function getExtraOptions(options, path, pathInfo) {
+function getExtraOptions(options, paths, pathInfo) {
     var _a, _b, _c;
-    /**
-     * Gets `options` as an array of extra option strings.
-     *
-     * - throws an exception mentioning `pathInfo` if this conversion is impossible.
-     */
-    function asExtraOptions(options, pathInfo) {
-        if (options === undefined) {
-            return [];
-        }
-        if (!Array.isArray(options)) {
-            const msg = `The extra options for '${pathInfo.join(".")}' ('${JSON.stringify(options)}') are not in an array.`;
-            throw new Error(msg);
-        }
-        return options.map((o) => {
-            const t = typeof o;
-            if (t !== "string" && t !== "number" && t !== "boolean") {
-                const msg = `The extra option for '${pathInfo.join(".")}' ('${JSON.stringify(o)}') is not a primitive value.`;
-                throw new Error(msg);
-            }
-            return `${o}`;
-        });
-    }
     const all = asExtraOptions((_a = options) === null || _a === void 0 ? void 0 : _a["*"], pathInfo.concat("*"));
-    const specific = path.length === 0
+    const specific = paths.length === 0
         ? asExtraOptions(options, pathInfo)
-        : getExtraOptions((_b = options) === null || _b === void 0 ? void 0 : _b[path[0]], (_c = path) === null || _c === void 0 ? void 0 : _c.slice(1), pathInfo.concat(path[0]));
+        : getExtraOptions((_b = options) === null || _b === void 0 ? void 0 : _b[paths[0]], (_c = paths) === null || _c === void 0 ? void 0 : _c.slice(1), pathInfo.concat(paths[0]));
     return all.concat(specific);
 }
 exports.getExtraOptions = getExtraOptions;

lib/codeql.test.js

@@ -10,15 +10,20 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+const path = __importStar(require("path"));
 const toolcache = __importStar(require("@actions/tool-cache"));
 const ava_1 = __importDefault(require("ava"));
 const nock_1 = __importDefault(require("nock"));
-const path = __importStar(require("path"));
 const codeql = __importStar(require("./codeql"));
+const defaults = __importStar(require("./defaults.json"));
 const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
 testing_utils_1.setupTests(ava_1.default);
+const sampleApiDetails = {
+    auth: "token",
+    url: "https://github.com",
+};
 ava_1.default("download codeql bundle cache", async (t) => {
     await util.withTmpDir(async (tmpDir) => {
         const versions = ["20200601", "20200610"];
@@ -27,14 +32,83 @@ ava_1.default("download codeql bundle cache", async (t) => {
             nock_1.default("https://example.com")
                 .get(`/download/codeql-bundle-${version}/codeql-bundle.tar.gz`)
                 .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
-            await codeql.setupCodeQL(`https://example.com/download/codeql-bundle-${version}/codeql-bundle.tar.gz`, "token", "https://github.example.com", tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+            await codeql.setupCodeQL(`https://example.com/download/codeql-bundle-${version}/codeql-bundle.tar.gz`, sampleApiDetails, tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
             t.assert(toolcache.find("CodeQL", `0.0.0-${version}`));
         }
         const cachedVersions = toolcache.findAllVersions("CodeQL");
         t.is(cachedVersions.length, 2);
     });
 });
+ava_1.default("download codeql bundle cache explicitly requested with pinned different version cached", async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        nock_1.default("https://example.com")
+            .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        nock_1.default("https://example.com")
+            .get(`/download/codeql-bundle-20200610/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200610/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200610"));
+    });
+});
+ava_1.default("don't download codeql bundle cache with pinned different version cached", async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        nock_1.default("https://example.com")
+            .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        const cachedVersions = toolcache.findAllVersions("CodeQL");
+        t.is(cachedVersions.length, 1);
+    });
+});
+ava_1.default("download codeql bundle cache with different version cached (not pinned)", async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        nock_1.default("https://example.com")
+            .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        const platform = process.platform === "win32"
+            ? "win64"
+            : process.platform === "linux"
+                ? "linux64"
+                : "osx64";
+        nock_1.default("https://github.com")
+            .get(`/github/codeql-action/releases/download/${defaults.bundleVersion}/codeql-bundle-${platform}.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
+        await codeql.setupCodeQL(undefined, sampleApiDetails, tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        const cachedVersions = toolcache.findAllVersions("CodeQL");
+        t.is(cachedVersions.length, 2);
+    });
+});
+ava_1.default('download codeql bundle cache with pinned different version cached if "latests" tools specified', async (t) => {
+    await util.withTmpDir(async (tmpDir) => {
+        nock_1.default("https://example.com")
+            .get(`/download/codeql-bundle-20200601/codeql-bundle.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle-pinned.tar.gz`));
+        await codeql.setupCodeQL("https://example.com/download/codeql-bundle-20200601/codeql-bundle.tar.gz", sampleApiDetails, tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        t.assert(toolcache.find("CodeQL", "0.0.0-20200601"));
+        const platform = process.platform === "win32"
+            ? "win64"
+            : process.platform === "linux"
+                ? "linux64"
+                : "osx64";
+        nock_1.default("https://github.com")
+            .get(`/github/codeql-action/releases/download/${defaults.bundleVersion}/codeql-bundle-${platform}.tar.gz`)
+            .replyWithFile(200, path.join(__dirname, `/../src/testdata/codeql-bundle.tar.gz`));
+        await codeql.setupCodeQL("latest", sampleApiDetails, tmpDir, tmpDir, "runner", logging_1.getRunnerLogger(true));
+        const cachedVersions = toolcache.findAllVersions("CodeQL");
+        t.is(cachedVersions.length, 2);
+    });
+});
 ava_1.default("parse codeql bundle url version", (t) => {
+    t.deepEqual(codeql.getCodeQLURLVersion("https://github.com/.../codeql-bundle-20200601/..."), "20200601");
+});
+ava_1.default("convert to semver", (t) => {
     const tests = {
         "20200601": "0.0.0-20200601",
         "20200601.0": "0.0.0-20200601.0",
@@ -44,9 +118,8 @@ ava_1.default("parse codeql bundle url version", (t) => {
         "1.2.3-beta.1": "1.2.3-beta.1",
     };
     for (const [version, expectedVersion] of Object.entries(tests)) {
-        const url = `https://github.com/.../codeql-bundle-${version}/...`;
         try {
-            const parsedVersion = codeql.getCodeQLURLVersion(url, logging_1.getRunnerLogger(true));
+            const parsedVersion = codeql.convertToSemVer(version, logging_1.getRunnerLogger(true));
             t.deepEqual(parsedVersion, expectedVersion);
         }
         catch (e) {

lib/config-utils.js

@@ -8,8 +8,8 @@ var __importStar = (this && this.__importStar) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const fs = __importStar(require("fs"));
-const yaml = __importStar(require("js-yaml"));
 const path = __importStar(require("path"));
+const yaml = __importStar(require("js-yaml"));
 const api = __importStar(require("./api-client"));
 const externalQueries = __importStar(require("./external-queries"));
 const languages_1 = require("./languages");
@@ -99,8 +99,8 @@ const builtinSuites = ["security-extended", "security-and-quality"];
  * Throws an error if suiteName is not a valid builtin suite.
  */
 async function addBuiltinSuiteQueries(languages, codeQL, resultMap, suiteName, configFile) {
-    const suite = builtinSuites.find((suite) => suite === suiteName);
-    if (!suite) {
+    const found = builtinSuites.find((suite) => suite === suiteName);
+    if (!found) {
         throw new Error(getQueryUsesInvalid(configFile, suiteName));
     }
     const suites = languages.map((l) => `${l}-${suiteName}.qls`);
@@ -185,44 +185,44 @@ async function parseQueryUses(languages, codeQL, resultMap, queryUses, tempDir,
 const pathStarsRegex = /.*(?:\*\*[^/].*|\*\*$|[^/]\*\*.*)/;
 // Characters that are supported by filters in workflows, but not by us.
 // See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
-const filterPatternCharactersRegex = /.*[\?\+\[\]!].*/;
+const filterPatternCharactersRegex = /.*[?+[\]!].*/;
 // Checks that a paths of paths-ignore entry is valid, possibly modifying it
 // to make it valid, or if not possible then throws an error.
 function validateAndSanitisePath(originalPath, propertyName, configFile, logger) {
     // Take a copy so we don't modify the original path, so we can still construct error messages
-    let path = originalPath;
+    let newPath = originalPath;
     // All paths are relative to the src root, so strip off leading slashes.
-    while (path.charAt(0) === "/") {
-        path = path.substring(1);
+    while (newPath.charAt(0) === "/") {
+        newPath = newPath.substring(1);
     }
     // Trailing ** are redundant, so strip them off
-    if (path.endsWith("/**")) {
-        path = path.substring(0, path.length - 2);
+    if (newPath.endsWith("/**")) {
+        newPath = newPath.substring(0, newPath.length - 2);
     }
     // An empty path is not allowed as it's meaningless
-    if (path === "") {
+    if (newPath === "") {
         throw new Error(getConfigFilePropertyError(configFile, propertyName, `"${originalPath}" is not an invalid path. ` +
             `It is not necessary to include it, and it is not allowed to exclude it.`));
     }
     // Check for illegal uses of **
-    if (path.match(pathStarsRegex)) {
+    if (newPath.match(pathStarsRegex)) {
         throw new Error(getConfigFilePropertyError(configFile, propertyName, `"${originalPath}" contains an invalid "**" wildcard. ` +
-            `They must be immediately preceeded and followed by a slash as in "/**/", or come at the start or end.`));
+            `They must be immediately preceded and followed by a slash as in "/**/", or come at the start or end.`));
     }
     // Check for other regex characters that we don't support.
     // Output a warning so the user knows, but otherwise continue normally.
-    if (path.match(filterPatternCharactersRegex)) {
+    if (newPath.match(filterPatternCharactersRegex)) {
         logger.warning(getConfigFilePropertyError(configFile, propertyName, `"${originalPath}" contains an unsupported character. ` +
             `The filter pattern characters ?, +, [, ], ! are not supported and will be matched literally.`));
     }
     // Ban any uses of backslash for now.
     // This may not play nicely with project layouts.
     // This restriction can be lifted later if we determine they are ok.
-    if (path.indexOf("\\") !== -1) {
+    if (newPath.indexOf("\\") !== -1) {
         throw new Error(getConfigFilePropertyError(configFile, propertyName, `"${originalPath}" contains an "\\" character. These are not allowed in filters. ` +
             `If running on windows we recommend using "/" instead for path filters.`));
     }
-    return path;
+    return newPath;
 }
 exports.validateAndSanitisePath = validateAndSanitisePath;
 // An undefined configFile in some of these functions indicates that
@@ -301,10 +301,10 @@ exports.getUnknownLanguagesError = getUnknownLanguagesError;
 /**
  * Gets the set of languages in the current repository
  */
-async function getLanguagesInRepo(repository, githubAuth, githubUrl, logger) {
+async function getLanguagesInRepo(repository, apiDetails, mode, logger) {
     logger.debug(`GitHub repo ${repository.owner} ${repository.repo}`);
     const response = await api
-        .getApiClient(githubAuth, githubUrl, true)
+        .getApiClient(apiDetails, mode, logger, true)
         .repos.listLanguages({
         owner: repository.owner,
         repo: repository.repo,
@@ -333,7 +333,7 @@ async function getLanguagesInRepo(repository, githubAuth, githubUrl, logger) {
  * If no languages could be detected from either the workflow or the repository
  * then throw an error.
  */
-async function getLanguages(languagesInput, repository, githubAuth, githubUrl, logger) {
+async function getLanguages(languagesInput, repository, apiDetails, mode, logger) {
     // Obtain from action input 'languages' if set
     let languages = (languagesInput || "")
         .split(",")
@@ -342,7 +342,7 @@ async function getLanguages(languagesInput, repository, githubAuth, githubUrl, l
     logger.info(`Languages from configuration: ${JSON.stringify(languages)}`);
     if (languages.length === 0) {
         // Obtain languages as all languages in the repo that can be analysed
-        languages = await getLanguagesInRepo(repository, githubAuth, githubUrl, logger);
+        languages = await getLanguagesInRepo(repository, apiDetails, mode, logger);
         logger.info(`Automatically detected languages: ${JSON.stringify(languages)}`);
     }
     // If the languages parameter was not given and no languages were
@@ -388,12 +388,12 @@ function shouldAddConfigFileQueries(queriesInput) {
 /**
  * Get the default config for when the user has not supplied one.
  */
-async function getDefaultConfig(languagesInput, queriesInput, repository, tempDir, toolCacheDir, codeQL, checkoutPath, githubAuth, githubUrl, logger) {
-    const languages = await getLanguages(languagesInput, repository, githubAuth, githubUrl, logger);
+async function getDefaultConfig(languagesInput, queriesInput, repository, tempDir, toolCacheDir, codeQL, checkoutPath, apiDetails, mode, logger) {
+    const languages = await getLanguages(languagesInput, repository, apiDetails, mode, logger);
     const queries = {};
     await addDefaultQueries(codeQL, languages, queries);
     if (queriesInput) {
-        await addQueriesFromWorkflow(codeQL, queriesInput, languages, queries, tempDir, checkoutPath, githubUrl, logger);
+        await addQueriesFromWorkflow(codeQL, queriesInput, languages, queries, tempDir, checkoutPath, apiDetails.url, logger);
     }
     return {
         languages,
@@ -410,7 +410,7 @@ exports.getDefaultConfig = getDefaultConfig;
 /**
  * Load the config from the given file.
  */
-async function loadConfig(languagesInput, queriesInput, configFile, repository, tempDir, toolCacheDir, codeQL, checkoutPath, githubAuth, githubUrl, logger) {
+async function loadConfig(languagesInput, queriesInput, configFile, repository, tempDir, toolCacheDir, codeQL, checkoutPath, apiDetails, mode, logger) {
     let parsedYAML;
     if (isLocal(configFile)) {
         // Treat the config file as relative to the workspace
@@ -418,7 +418,7 @@ async function loadConfig(languagesInput, queriesInput, configFile, repository,
         parsedYAML = getLocalConfig(configFile, checkoutPath);
     }
     else {
-        parsedYAML = await getRemoteConfig(configFile, githubAuth, githubUrl);
+        parsedYAML = await getRemoteConfig(configFile, apiDetails, mode, logger);
     }
     // Validate that the 'name' property is syntactically correct,
     // even though we don't use the value yet.
@@ -430,7 +430,7 @@ async function loadConfig(languagesInput, queriesInput, configFile, repository,
             throw new Error(getNameInvalid(configFile));
         }
     }
-    const languages = await getLanguages(languagesInput, repository, githubAuth, githubUrl, logger);
+    const languages = await getLanguages(languagesInput, repository, apiDetails, mode, logger);
     const queries = {};
     const pathsIgnore = [];
     const paths = [];
@@ -449,7 +449,7 @@ async function loadConfig(languagesInput, queriesInput, configFile, repository,
     // unless they're prefixed with "+", in which case they supplement those
     // in the config file.
     if (queriesInput) {
-        await addQueriesFromWorkflow(codeQL, queriesInput, languages, queries, tempDir, checkoutPath, githubUrl, logger);
+        await addQueriesFromWorkflow(codeQL, queriesInput, languages, queries, tempDir, checkoutPath, apiDetails.url, logger);
     }
     if (shouldAddConfigFileQueries(queriesInput) &&
         QUERIES_PROPERTY in parsedYAML) {
@@ -461,30 +461,30 @@ async function loadConfig(languagesInput, queriesInput, configFile, repository,
                 typeof query[QUERIES_USES_PROPERTY] !== "string") {
                 throw new Error(getQueryUsesInvalid(configFile));
             }
-            await parseQueryUses(languages, codeQL, queries, query[QUERIES_USES_PROPERTY], tempDir, checkoutPath, githubUrl, logger, configFile);
+            await parseQueryUses(languages, codeQL, queries, query[QUERIES_USES_PROPERTY], tempDir, checkoutPath, apiDetails.url, logger, configFile);
         }
     }
     if (PATHS_IGNORE_PROPERTY in parsedYAML) {
         if (!(parsedYAML[PATHS_IGNORE_PROPERTY] instanceof Array)) {
             throw new Error(getPathsIgnoreInvalid(configFile));
         }
-        parsedYAML[PATHS_IGNORE_PROPERTY].forEach((path) => {
-            if (typeof path !== "string" || path === "") {
+        for (const ignorePath of parsedYAML[PATHS_IGNORE_PROPERTY]) {
+            if (typeof ignorePath !== "string" || ignorePath === "") {
                 throw new Error(getPathsIgnoreInvalid(configFile));
             }
-            pathsIgnore.push(validateAndSanitisePath(path, PATHS_IGNORE_PROPERTY, configFile, logger));
-        });
+            pathsIgnore.push(validateAndSanitisePath(ignorePath, PATHS_IGNORE_PROPERTY, configFile, logger));
+        }
     }
     if (PATHS_PROPERTY in parsedYAML) {
         if (!(parsedYAML[PATHS_PROPERTY] instanceof Array)) {
             throw new Error(getPathsInvalid(configFile));
         }
-        parsedYAML[PATHS_PROPERTY].forEach((path) => {
-            if (typeof path !== "string" || path === "") {
+        for (const includePath of parsedYAML[PATHS_PROPERTY]) {
+            if (typeof includePath !== "string" || includePath === "") {
                 throw new Error(getPathsInvalid(configFile));
             }
-            paths.push(validateAndSanitisePath(path, PATHS_PROPERTY, configFile, logger));
-        });
+            paths.push(validateAndSanitisePath(includePath, PATHS_PROPERTY, configFile, logger));
+        }
     }
     // The list of queries should not be empty for any language. If it is then
     // it is a user configuration error.
@@ -513,15 +513,15 @@ async function loadConfig(languagesInput, queriesInput, configFile, repository,
  * This will parse the config from the user input if present, or generate
  * a default config. The parsed config is then stored to a known location.
  */
-async function initConfig(languagesInput, queriesInput, configFile, repository, tempDir, toolCacheDir, codeQL, checkoutPath, githubAuth, githubUrl, logger) {
+async function initConfig(languagesInput, queriesInput, configFile, repository, tempDir, toolCacheDir, codeQL, checkoutPath, apiDetails, mode, logger) {
     let config;
     // If no config file was provided create an empty one
     if (!configFile) {
         logger.debug("No configuration file was provided");
-        config = await getDefaultConfig(languagesInput, queriesInput, repository, tempDir, toolCacheDir, codeQL, checkoutPath, githubAuth, githubUrl, logger);
+        config = await getDefaultConfig(languagesInput, queriesInput, repository, tempDir, toolCacheDir, codeQL, checkoutPath, apiDetails, mode, logger);
     }
     else {
-        config = await loadConfig(languagesInput, queriesInput, configFile, repository, tempDir, toolCacheDir, codeQL, checkoutPath, githubAuth, githubUrl, logger);
+        config = await loadConfig(languagesInput, queriesInput, configFile, repository, tempDir, toolCacheDir, codeQL, checkoutPath, apiDetails, mode, logger);
     }
     // Save the config so we can easily access it again in the future
     await saveConfig(config, logger);
@@ -546,7 +546,7 @@ function getLocalConfig(configFile, checkoutPath) {
     }
     return yaml.safeLoad(fs.readFileSync(configFile, "utf8"));
 }
-async function getRemoteConfig(configFile, githubAuth, githubUrl) {
+async function getRemoteConfig(configFile, apiDetails, mode, logger) {
     // retrieve the various parts of the config location, and ensure they're present
     const format = new RegExp("(?<owner>[^/]+)/(?<repo>[^/]+)/(?<path>[^@]+)@(?<ref>.*)");
     const pieces = format.exec(configFile);
@@ -555,8 +555,8 @@ async function getRemoteConfig(configFile, githubAuth, githubUrl) {
         throw new Error(getConfigFileRepoFormatInvalidMessage(configFile));
     }
     const response = await api
-        .getApiClient(githubAuth, githubUrl, true)
-        .repos.getContents({
+        .getApiClient(apiDetails, mode, logger, true)
+        .repos.getContent({
         owner: pieces.groups.owner,
         repo: pieces.groups.repo,
         path: pieces.groups.path,

lib/config-utils.test.js

@@ -10,10 +10,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const github = __importStar(require("@actions/github"));
-const ava_1 = __importDefault(require("ava"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
+const github = __importStar(require("@actions/github"));
+const ava_1 = __importDefault(require("ava"));
 const sinon_1 = __importDefault(require("sinon"));
 const api = __importStar(require("./api-client"));
 const codeql_1 = require("./codeql");
@@ -23,6 +23,10 @@ const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
 testing_utils_1.setupTests(ava_1.default);
+const sampleApiDetails = {
+    auth: "token",
+    url: "https://github.example.com",
+};
 // Returns the filepath of the newly-created file
 function createConfigFile(inputFileContents, tmpDir) {
     const configFilePath = path.join(tmpDir, "input");
@@ -31,19 +35,19 @@ function createConfigFile(inputFileContents, tmpDir) {
 }
 function mockGetContents(content) {
     // Passing an auth token is required, so we just use a dummy value
-    const client = new github.GitHub("123");
+    const client = github.getOctokit("123");
     const response = {
         data: content,
     };
     const spyGetContents = sinon_1.default
-        .stub(client.repos, "getContents")
+        .stub(client.repos, "getContent")
         .resolves(response);
     sinon_1.default.stub(api, "getApiClient").value(() => client);
     return spyGetContents;
 }
 function mockListLanguages(languages) {
     // Passing an auth token is required, so we just use a dummy value
-    const client = new github.GitHub("123");
+    const client = github.getOctokit("123");
     const response = {
         data: {},
     };
@@ -66,8 +70,8 @@ ava_1.default("load empty config", async (t) => {
                 };
             },
         });
-        const config = await configUtils.initConfig(languages, undefined, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logger);
-        t.deepEqual(config, await configUtils.getDefaultConfig(languages, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logger));
+        const config = await configUtils.initConfig(languages, undefined, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logger);
+        t.deepEqual(config, await configUtils.getDefaultConfig(languages, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logger));
     });
 });
 ava_1.default("loading config saves config", async (t) => {
@@ -86,7 +90,7 @@ ava_1.default("loading config saves config", async (t) => {
         t.false(fs.existsSync(configUtils.getPathToParsedConfigFile(tmpDir)));
         // Sanity check that getConfig returns undefined before we have called initConfig
         t.deepEqual(await configUtils.getConfig(tmpDir, logger), undefined);
-        const config1 = await configUtils.initConfig("javascript,python", undefined, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logger);
+        const config1 = await configUtils.initConfig("javascript,python", undefined, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logger);
         // The saved config file should now exist
         t.true(fs.existsSync(configUtils.getPathToParsedConfigFile(tmpDir)));
         // And that same newly-initialised config should now be returned by getConfig
@@ -97,7 +101,7 @@ ava_1.default("loading config saves config", async (t) => {
 ava_1.default("load input outside of workspace", async (t) => {
     return await util.withTmpDir(async (tmpDir) => {
         try {
-            await configUtils.initConfig(undefined, undefined, "../input", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+            await configUtils.initConfig(undefined, undefined, "../input", { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -110,7 +114,7 @@ ava_1.default("load non-local input with invalid repo syntax", async (t) => {
         // no filename given, just a repo
         const configFile = "octo-org/codeql-config@main";
         try {
-            await configUtils.initConfig(undefined, undefined, configFile, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+            await configUtils.initConfig(undefined, undefined, configFile, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -124,7 +128,7 @@ ava_1.default("load non-existent input", async (t) => {
         const configFile = "input";
         t.false(fs.existsSync(path.join(tmpDir, configFile)));
         try {
-            await configUtils.initConfig(languages, undefined, configFile, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+            await configUtils.initConfig(languages, undefined, configFile, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -184,7 +188,7 @@ ava_1.default("load non-empty input", async (t) => {
         };
         const languages = "javascript";
         const configFilePath = createConfigFile(inputFileContents, tmpDir);
-        const actualConfig = await configUtils.initConfig(languages, undefined, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+        const actualConfig = await configUtils.initConfig(languages, undefined, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
         // Should exactly equal the object we constructed earlier
         t.deepEqual(actualConfig, expectedConfig);
     });
@@ -213,14 +217,14 @@ ava_1.default("Default queries are used", async (t) => {
         });
         // The important point of this config is that it doesn't specify
         // the disable-default-queries field.
-        // Any other details are hopefully irrelevant for this tetst.
+        // Any other details are hopefully irrelevant for this test.
         const inputFileContents = `
       paths:
         - foo`;
         fs.mkdirSync(path.join(tmpDir, "foo"));
         const languages = "javascript";
         const configFilePath = createConfigFile(inputFileContents, tmpDir);
-        await configUtils.initConfig(languages, undefined, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+        await configUtils.initConfig(languages, undefined, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
         // Check resolve queries was called correctly
         t.deepEqual(resolveQueriesArgs.length, 1);
         t.deepEqual(resolveQueriesArgs[0].queries, [
@@ -236,9 +240,9 @@ ava_1.default("Default queries are used", async (t) => {
  */
 function queriesToResolvedQueryForm(queries) {
     const dummyResolvedQueries = {};
-    queries.forEach((q) => {
+    for (const q of queries) {
         dummyResolvedQueries[q] = {};
-    });
+    }
     return {
         byLanguage: {
             javascript: dummyResolvedQueries,
@@ -263,7 +267,7 @@ ava_1.default("Queries can be specified in config file", async (t) => {
             },
         });
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, undefined, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+        const config = await configUtils.initConfig(languages, undefined, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
         // Check resolveQueries was called correctly
         // It'll be called once for the default queries
         // and once for `./foo` from the config file.
@@ -285,7 +289,7 @@ ava_1.default("Queries from config file can be overridden in workflow file", asy
         - uses: ./foo`;
         const configFilePath = createConfigFile(inputFileContents, tmpDir);
         // This config item should take precedence over the config file but shouldn't affect the default queries.
-        const queries = "./override";
+        const testQueries = "./override";
         fs.mkdirSync(path.join(tmpDir, "foo"));
         fs.mkdirSync(path.join(tmpDir, "override"));
         const resolveQueriesArgs = [];
@@ -296,7 +300,7 @@ ava_1.default("Queries from config file can be overridden in workflow file", asy
             },
         });
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, queries, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+        const config = await configUtils.initConfig(languages, testQueries, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
         // Check resolveQueries was called correctly
         // It'll be called once for the default queries and once for `./override`,
         // but won't be called for './foo' from the config file.
@@ -318,7 +322,7 @@ ava_1.default("Queries in workflow file can be used in tandem with the 'disable
       name: my config
       disable-default-queries: true`;
         const configFilePath = createConfigFile(inputFileContents, tmpDir);
-        const queries = "./workflow-query";
+        const testQueries = "./workflow-query";
         fs.mkdirSync(path.join(tmpDir, "workflow-query"));
         const resolveQueriesArgs = [];
         const codeQL = codeql_1.setCodeQL({
@@ -328,7 +332,7 @@ ava_1.default("Queries in workflow file can be used in tandem with the 'disable
             },
         });
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, queries, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+        const config = await configUtils.initConfig(languages, testQueries, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
         // Check resolveQueries was called correctly
         // It'll be called once for `./workflow-query`,
         // but won't be called for the default one since that was disabled
@@ -345,7 +349,7 @@ ava_1.default("Multiple queries can be specified in workflow file, no config fil
     return await util.withTmpDir(async (tmpDir) => {
         fs.mkdirSync(path.join(tmpDir, "override1"));
         fs.mkdirSync(path.join(tmpDir, "override2"));
-        const queries = "./override1,./override2";
+        const testQueries = "./override1,./override2";
         const resolveQueriesArgs = [];
         const codeQL = codeql_1.setCodeQL({
             async resolveQueries(queries, extraSearchPath) {
@@ -354,7 +358,7 @@ ava_1.default("Multiple queries can be specified in workflow file, no config fil
             },
         });
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, queries, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+        const config = await configUtils.initConfig(languages, testQueries, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
         // Check resolveQueries was called correctly:
         // It'll be called once for the default queries,
         // and then once for each of the two queries from the workflow
@@ -381,7 +385,7 @@ ava_1.default("Queries in workflow file can be added to the set of queries witho
         - uses: ./foo`;
         const configFilePath = createConfigFile(inputFileContents, tmpDir);
         // These queries shouldn't override anything, because the value is prefixed with "+"
-        const queries = "+./additional1,./additional2";
+        const testQueries = "+./additional1,./additional2";
         fs.mkdirSync(path.join(tmpDir, "foo"));
         fs.mkdirSync(path.join(tmpDir, "additional1"));
         fs.mkdirSync(path.join(tmpDir, "additional2"));
@@ -393,7 +397,7 @@ ava_1.default("Queries in workflow file can be added to the set of queries witho
             },
         });
         const languages = "javascript";
-        const config = await configUtils.initConfig(languages, queries, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+        const config = await configUtils.initConfig(languages, testQueries, configFilePath, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
         // Check resolveQueries was called correctly
         // It'll be called once for the default queries,
         // once for each of additional1 and additional2,
@@ -432,7 +436,7 @@ ava_1.default("Invalid queries in workflow file handled correctly", async (t) =>
             },
         });
         try {
-            await configUtils.initConfig(languages, queries, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+            await configUtils.initConfig(languages, queries, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
             t.fail("initConfig did not throw error");
         }
         catch (err) {
@@ -475,7 +479,7 @@ ava_1.default("API client used when reading remote config", async (t) => {
         fs.mkdirSync(path.join(tmpDir, "foo/bar/dev"), { recursive: true });
         const configFile = "octo-org/codeql-config/config.yaml@main";
         const languages = "javascript";
-        await configUtils.initConfig(languages, undefined, configFile, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+        await configUtils.initConfig(languages, undefined, configFile, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
         t.assert(spyGetContents.called);
     });
 });
@@ -485,7 +489,7 @@ ava_1.default("Remote config handles the case where a directory is provided", as
         mockGetContents(dummyResponse);
         const repoReference = "octo-org/codeql-config/config.yaml@main";
         try {
-            await configUtils.initConfig(undefined, undefined, repoReference, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+            await configUtils.initConfig(undefined, undefined, repoReference, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -501,7 +505,7 @@ ava_1.default("Invalid format of remote config handled correctly", async (t) =>
         mockGetContents(dummyResponse);
         const repoReference = "octo-org/codeql-config/config.yaml@main";
         try {
-            await configUtils.initConfig(undefined, undefined, repoReference, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+            await configUtils.initConfig(undefined, undefined, repoReference, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -513,7 +517,7 @@ ava_1.default("No detected languages", async (t) => {
     return await util.withTmpDir(async (tmpDir) => {
         mockListLanguages([]);
         try {
-            await configUtils.initConfig(undefined, undefined, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+            await configUtils.initConfig(undefined, undefined, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -525,7 +529,7 @@ ava_1.default("Unknown languages", async (t) => {
     return await util.withTmpDir(async (tmpDir) => {
         const languages = "ruby,english";
         try {
-            await configUtils.initConfig(languages, undefined, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+            await configUtils.initConfig(languages, undefined, undefined, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeql_1.getCachedCodeQL(), tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
             throw new Error("initConfig did not throw error");
         }
         catch (err) {
@@ -550,7 +554,7 @@ function doInvalidInputTest(testName, inputFileContents, expectedErrorMessageGen
             const inputFile = path.join(tmpDir, configFile);
             fs.writeFileSync(inputFile, inputFileContents, "utf8");
             try {
-                await configUtils.initConfig(languages, undefined, configFile, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, "token", "https://github.example.com", logging_1.getRunnerLogger(true));
+                await configUtils.initConfig(languages, undefined, configFile, { owner: "github", repo: "example " }, tmpDir, tmpDir, codeQL, tmpDir, sampleApiDetails, "runner", logging_1.getRunnerLogger(true));
                 throw new Error("initConfig did not throw error");
             }
             catch (err) {
@@ -604,11 +608,11 @@ ava_1.default("path validations", (t) => {
     // Dummy values to pass to validateAndSanitisePath
     const propertyName = "paths";
     const configFile = "./.github/codeql/config.yml";
-    for (const path of validPaths) {
-        t.truthy(configUtils.validateAndSanitisePath(path, propertyName, configFile, logging_1.getRunnerLogger(true)));
+    for (const validPath of validPaths) {
+        t.truthy(configUtils.validateAndSanitisePath(validPath, propertyName, configFile, logging_1.getRunnerLogger(true)));
     }
-    for (const path of invalidPaths) {
-        t.throws(() => configUtils.validateAndSanitisePath(path, propertyName, configFile, logging_1.getRunnerLogger(true)));
+    for (const invalidPath of invalidPaths) {
+        t.throws(() => configUtils.validateAndSanitisePath(invalidPath, propertyName, configFile, logging_1.getRunnerLogger(true)));
     }
 });
 ava_1.default("path sanitisation", (t) => {

lib/defaults.json

@@ -1,3 +1,3 @@
 {
-    "bundleVersion": "codeql-bundle-20200826"
+    "bundleVersion": "codeql-bundle-20201106"
 }

lib/external-queries.js

@@ -7,9 +7,10 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const toolrunnner = __importStar(require("@actions/exec/lib/toolrunner"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
+const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
+const safeWhich = __importStar(require("@chrisgavin/safe-which"));
 /**
  * Check out repository at the given ref, and return the directory of the checkout.
  */
@@ -22,12 +23,12 @@ async function checkoutExternalRepository(repository, ref, githubUrl, tempDir, l
     }
     if (!fs.existsSync(checkoutLocation)) {
         const repoURL = `${githubUrl}/${repository}`;
-        await new toolrunnner.ToolRunner("git", [
+        await new toolrunner.ToolRunner(await safeWhich.safeWhich("git"), [
             "clone",
             repoURL,
             checkoutLocation,
         ]).exec();
-        await new toolrunnner.ToolRunner("git", [
+        await new toolrunner.ToolRunner(await safeWhich.safeWhich("git"), [
             `--work-tree=${checkoutLocation}`,
             `--git-dir=${checkoutLocation}/.git`,
             "checkout",

lib/external-queries.js.map

@@ -1 +1 @@
-{"version":3,"file":"external-queries.js","sourceRoot":"","sources":["../src/external-queries.ts"],"names":[],"mappings":";;;;;;;;;AAAA,0EAA4D;AAC5D,uCAAyB;AACzB,2CAA6B;AAI7B;;GAEG;AACI,KAAK,UAAU,0BAA0B,CAC9C,UAAkB,EAClB,GAAW,EACX,SAAiB,EACjB,OAAe,EACf,MAAc;IAEd,MAAM,CAAC,IAAI,CAAC,gBAAgB,UAAU,EAAE,CAAC,CAAC;IAE1C,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAE7D,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE;QACzC,wGAAwG;QACxG,MAAM,IAAI,KAAK,CACb,IAAI,UAAU,IAAI,GAAG,4CAA4C,CAClE,CAAC;KACH;IAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE;QACpC,MAAM,OAAO,GAAG,GAAG,SAAS,IAAI,UAAU,EAAE,CAAC;QAC7C,MAAM,IAAI,WAAW,CAAC,UAAU,CAAC,KAAK,EAAE;YACtC,OAAO;YACP,OAAO;YACP,gBAAgB;SACjB,CAAC,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,WAAW,CAAC,UAAU,CAAC,KAAK,EAAE;YACtC,eAAe,gBAAgB,EAAE;YACjC,aAAa,gBAAgB,OAAO;YACpC,UAAU;YACV,GAAG;SACJ,CAAC,CAAC,IAAI,EAAE,CAAC;KACX;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAlCD,gEAkCC"}
+{"version":3,"file":"external-queries.js","sourceRoot":"","sources":["../src/external-queries.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAIpD;;GAEG;AACI,KAAK,UAAU,0BAA0B,CAC9C,UAAkB,EAClB,GAAW,EACX,SAAiB,EACjB,OAAe,EACf,MAAc;IAEd,MAAM,CAAC,IAAI,CAAC,gBAAgB,UAAU,EAAE,CAAC,CAAC;IAE1C,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAE7D,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE;QACzC,wGAAwG;QACxG,MAAM,IAAI,KAAK,CACb,IAAI,UAAU,IAAI,GAAG,4CAA4C,CAClE,CAAC;KACH;IAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE;QACpC,MAAM,OAAO,GAAG,GAAG,SAAS,IAAI,UAAU,EAAE,CAAC;QAC7C,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE;YAChE,OAAO;YACP,OAAO;YACP,gBAAgB;SACjB,CAAC,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE;YAChE,eAAe,gBAAgB,EAAE;YACjC,aAAa,gBAAgB,OAAO;YACpC,UAAU;YACV,GAAG;SACJ,CAAC,CAAC,IAAI,EAAE,CAAC;KACX;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAlCD,gEAkCC"}

lib/external-queries.test.js

@@ -10,10 +10,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const toolrunnner = __importStar(require("@actions/exec/lib/toolrunner"));
-const ava_1 = __importDefault(require("ava"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
+const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
+const safeWhich = __importStar(require("@chrisgavin/safe-which"));
+const ava_1 = __importDefault(require("ava"));
 const externalQueries = __importStar(require("./external-queries"));
 const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
@@ -43,7 +44,7 @@ ava_1.default("checkoutExternalQueries", async (t) => {
             ];
             console.log(`Running: git ${command.join(" ")}`);
             try {
-                await new toolrunnner.ToolRunner("git", command, {
+                await new toolrunner.ToolRunner(await safeWhich.safeWhich("git"), command, {
                     silent: true,
                     listeners: {
                         stdout: (data) => {
@@ -66,6 +67,7 @@ ava_1.default("checkoutExternalQueries", async (t) => {
         await runGit(["init", repoPath]);
         await runGit(["config", "user.email", "test@github.com"]);
         await runGit(["config", "user.name", "Test Test"]);
+        await runGit(["config", "commit.gpgsign", "false"]);
         fs.writeFileSync(path.join(repoPath, "a"), "a content");
         await runGit(["add", "a"]);
         await runGit(["commit", "-m", "commit1"]);

lib/external-queries.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"external-queries.test.js","sourceRoot":"","sources":["../src/external-queries.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,0EAA4D;AAC5D,8CAAuB;AACvB,uCAAyB;AACzB,2CAA6B;AAE7B,oEAAsD;AACtD,uCAA4C;AAC5C,mDAA6C;AAC7C,6CAA+B;AAE/B,0BAAU,CAAC,aAAI,CAAC,CAAC;AAEjB,aAAI,CAAC,yBAAyB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC1C,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,kDAAkD;QAClD,mFAAmF;QACnF,gDAAgD;QAChD,wCAAwC;QACxC,8EAA8E;QAC9E,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;QAC3D,MAAM,QAAQ,GAAG,WAAW,CAAC;QAC7B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;QACtD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAE/C,oDAAoD;QACpD,oCAAoC;QACpC,2DAA2D;QAC3D,MAAM,MAAM,GAAG,KAAK,WAAW,OAAiB;YAC9C,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,OAAO,GAAG;gBACR,aAAa,UAAU,EAAE;gBACzB,eAAe,QAAQ,EAAE;gBACzB,GAAG,OAAO;aACX,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,gBAAgB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACjD,IAAI;gBACF,MAAM,IAAI,WAAW,CAAC,UAAU,CAAC,KAAK,EAAE,OAAO,EAAE;oBAC/C,MAAM,EAAE,IAAI;oBACZ,SAAS,EAAE;wBACT,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;4BACf,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;wBAC5B,CAAC;wBACD,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;4BACf,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;wBAC5B,CAAC;qBACF;iBACF,CAAC,CAAC,IAAI,EAAE,CAAC;aACX;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,CAAC,GAAG,CAAC,uBAAuB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACxD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBAC7B,MAAM,CAAC,CAAC;aACT;YACD,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC;QACvB,CAAC,CAAC;QAEF,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,MAAM,MAAM,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;QACjC,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAC,CAAC;QAC1D,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC;QAEnD,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE,WAAW,CAAC,CAAC;QACxD,MAAM,MAAM,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;QAC3B,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;QAE1C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE,WAAW,CAAC,CAAC;QACxD,MAAM,MAAM,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;QAC3B,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;QAC1C,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC;QAEvD,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC;QACxC,MAAM,MAAM,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;QAC3B,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;QAC1C,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC;QAEvD,8DAA8D;QAC9D,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC;QACpD,MAAM,eAAe,CAAC,0BAA0B,CAC9C,QAAQ,EACR,UAAU,EACV,UAAU,eAAe,EAAE,EAC3B,MAAM,EACN,yBAAe,CAAC,IAAI,CAAC,CACtB,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC;QACnD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/D,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACpE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QAEpE,oEAAoE;QACpE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;QAChE,MAAM,eAAe,CAAC,0BAA0B,CAC9C,QAAQ,EACR,UAAU,EACV,UAAU,eAAe,EAAE,EAC3B,MAAM,EACN,yBAAe,CAAC,IAAI,CAAC,CACtB,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/D,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACpE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"external-queries.test.js","sourceRoot":"","sources":["../src/external-queries.test.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AACpD,8CAAuB;AAEvB,oEAAsD;AACtD,uCAA4C;AAC5C,mDAA6C;AAC7C,6CAA+B;AAE/B,0BAAU,CAAC,aAAI,CAAC,CAAC;AAEjB,aAAI,CAAC,yBAAyB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IAC1C,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACrC,kDAAkD;QAClD,mFAAmF;QACnF,gDAAgD;QAChD,wCAAwC;QACxC,8EAA8E;QAC9E,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;QAC3D,MAAM,QAAQ,GAAG,WAAW,CAAC;QAC7B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;QACtD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAE/C,oDAAoD;QACpD,oCAAoC;QACpC,2DAA2D;QAC3D,MAAM,MAAM,GAAG,KAAK,WAAW,OAAiB;YAC9C,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,OAAO,GAAG;gBACR,aAAa,UAAU,EAAE;gBACzB,eAAe,QAAQ,EAAE;gBACzB,GAAG,OAAO;aACX,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,gBAAgB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACjD,IAAI;gBACF,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,EAChC,OAAO,EACP;oBACE,MAAM,EAAE,IAAI;oBACZ,SAAS,EAAE;wBACT,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;4BACf,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;wBAC5B,CAAC;wBACD,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;4BACf,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;wBAC5B,CAAC;qBACF;iBACF,CACF,CAAC,IAAI,EAAE,CAAC;aACV;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,CAAC,GAAG,CAAC,uBAAuB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBACxD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBAC7B,MAAM,CAAC,CAAC;aACT;YACD,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC;QACvB,CAAC,CAAC;QAEF,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,MAAM,MAAM,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;QACjC,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAC,CAAC;QAC1D,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC;QACnD,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,gBAAgB,EAAE,OAAO,CAAC,CAAC,CAAC;QAEpD,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE,WAAW,CAAC,CAAC;QACxD,MAAM,MAAM,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;QAC3B,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;QAE1C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE,WAAW,CAAC,CAAC;QACxD,MAAM,MAAM,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;QAC3B,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;QAC1C,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC;QAEvD,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC;QACxC,MAAM,MAAM,CAAC,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;QAC3B,MAAM,MAAM,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;QAC1C,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC;QAEvD,8DAA8D;QAC9D,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC;QACpD,MAAM,eAAe,CAAC,0BAA0B,CAC9C,QAAQ,EACR,UAAU,EACV,UAAU,eAAe,EAAE,EAC3B,MAAM,EACN,yBAAe,CAAC,IAAI,CAAC,CACtB,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC;QACnD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/D,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACpE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QAEpE,oEAAoE;QACpE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;QAChE,MAAM,eAAe,CAAC,0BAA0B,CAC9C,QAAQ,EACR,UAAU,EACV,UAAU,eAAe,EAAE,EAC3B,MAAM,EACN,yBAAe,CAAC,IAAI,CAAC,CACtB,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/D,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;QACpE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

lib/fingerprints.js

@@ -46,7 +46,7 @@ function hash(callback, input) {
     // Indexes match up with those from the window variable.
     const lineNumbers = Array(BLOCK_SIZE).fill(-1);
     // The current hash value, updated as we read each character
-    let hash = long_1.default.ZERO;
+    let hashRaw = long_1.default.ZERO;
     const firstMod = computeFirstMod();
     // The current index in the window, will wrap around to zero when we reach BLOCK_SIZE
     let index = 0;
@@ -61,7 +61,7 @@ function hash(callback, input) {
     const hashCounts = {};
     // Output the current hash and line number to the callback function
     const outputHash = function () {
-        const hashValue = hash.toUnsigned().toString(16);
+        const hashValue = hashRaw.toUnsigned().toString(16);
         if (!hashCounts[hashValue]) {
             hashCounts[hashValue] = 0;
         }
@@ -73,7 +73,7 @@ function hash(callback, input) {
     const updateHash = function (current) {
         const begin = window[index];
         window[index] = current;
-        hash = MOD.multiply(hash)
+        hashRaw = MOD.multiply(hashRaw)
             .add(long_1.default.fromInt(current))
             .subtract(firstMod.multiply(long_1.default.fromInt(begin)));
         index = (index + 1) % BLOCK_SIZE;
@@ -120,7 +120,7 @@ function hash(callback, input) {
 }
 exports.hash = hash;
 // Generate a hash callback function that updates the given result in-place
-// when it recieves a hash for the correct line number. Ignores hashes for other lines.
+// when it receives a hash for the correct line number. Ignores hashes for other lines.
 function locationUpdateCallback(result, location, logger) {
     var _a, _b;
     let locationStartLine = (_b = (_a = location.physicalLocation) === null || _a === void 0 ? void 0 : _a.region) === null || _b === void 0 ? void 0 : _b.startLine;
@@ -130,7 +130,7 @@ function locationUpdateCallback(result, location, logger) {
         // using the hash of the first line of the file.
         locationStartLine = 1;
     }
-    return function (lineNumber, hash) {
+    return function (lineNumber, hashValue) {
         // Ignore hashes for lines that don't concern us
         if (locationStartLine !== lineNumber) {
             return;
@@ -142,10 +142,10 @@ function locationUpdateCallback(result, location, logger) {
         // If the hash doesn't match the existing fingerprint then
         // output a warning and don't overwrite it.
         if (!existingFingerprint) {
-            result.partialFingerprints.primaryLocationLineHash = hash;
+            result.partialFingerprints.primaryLocationLineHash = hashValue;
         }
-        else if (existingFingerprint !== hash) {
-            logger.warning(`Calculated fingerprint of ${hash} for file ${location.physicalLocation.artifactLocation.uri} line ${lineNumber}, but found existing inconsistent fingerprint value ${existingFingerprint}`);
+        else if (existingFingerprint !== hashValue) {
+            logger.warning(`Calculated fingerprint of ${hashValue} for file ${location.physicalLocation.artifactLocation.uri} line ${lineNumber}, but found existing inconsistent fingerprint value ${existingFingerprint}`);
         }
     };
 }
@@ -229,14 +229,16 @@ function addFingerprints(sarifContents, checkoutPath, logger) {
         }
     }
     // Now hash each file that was found
-    Object.entries(callbacksByFile).forEach(([filepath, callbacks]) => {
+    for (const [filepath, callbacks] of Object.entries(callbacksByFile)) {
         // A callback that forwards the hash to all other callbacks for that file
-        const teeCallback = function (lineNumber, hash) {
-            Object.values(callbacks).forEach((c) => c(lineNumber, hash));
+        const teeCallback = function (lineNumber, hashValue) {
+            for (const c of Object.values(callbacks)) {
+                c(lineNumber, hashValue);
+            }
         };
         const fileContents = fs.readFileSync(filepath).toString();
         hash(teeCallback, fileContents);
-    });
+    }
     return JSON.stringify(sarif);
 }
 exports.addFingerprints = addFingerprints;

lib/fingerprints.test.js

@@ -1,7 +1,4 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 var __importStar = (this && this.__importStar) || function (mod) {
     if (mod && mod.__esModule) return mod;
     var result = {};
@@ -9,10 +6,13 @@ var __importStar = (this && this.__importStar) || function (mod) {
     result["default"] = mod;
     return result;
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-const ava_1 = __importDefault(require("ava"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
+const ava_1 = __importDefault(require("ava"));
 const fingerprints = __importStar(require("./fingerprints"));
 const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
@@ -108,7 +108,9 @@ ava_1.default("hash", (t) => {
 });
 function testResolveUriToFile(uri, index, artifactsURIs) {
     const location = { uri, index };
-    const artifacts = artifactsURIs.map((uri) => ({ location: { uri } }));
+    const artifacts = artifactsURIs.map((artifactURI) => ({
+        location: { uri: artifactURI },
+    }));
     return fingerprints.resolveUriToFile(location, artifacts, process.cwd(), logging_1.getRunnerLogger(true));
 }
 ava_1.default("resolveUriToFile", (t) => {
@@ -119,13 +121,13 @@ ava_1.default("resolveUriToFile", (t) => {
     const cwd = process.cwd();
     const filepath = __filename;
     t.true(filepath.startsWith(`${cwd}/`));
-    const relativeFilepaht = filepath.substring(cwd.length + 1);
+    const relativeFilepath = filepath.substring(cwd.length + 1);
     // Absolute paths are unmodified
     t.is(testResolveUriToFile(filepath, undefined, []), filepath);
     t.is(testResolveUriToFile(`file://${filepath}`, undefined, []), filepath);
     // Relative paths are made absolute
-    t.is(testResolveUriToFile(relativeFilepaht, undefined, []), filepath);
-    t.is(testResolveUriToFile(`file://${relativeFilepaht}`, undefined, []), filepath);
+    t.is(testResolveUriToFile(relativeFilepath, undefined, []), filepath);
+    t.is(testResolveUriToFile(`file://${relativeFilepath}`, undefined, []), filepath);
     // Absolute paths outside the src root are discarded
     t.is(testResolveUriToFile("/src/foo/bar.js", undefined, []), undefined);
     t.is(testResolveUriToFile("file:///src/foo/bar.js", undefined, []), undefined);
@@ -135,7 +137,7 @@ ava_1.default("resolveUriToFile", (t) => {
     // Invalid URIs are discarded
     t.is(testResolveUriToFile(1, undefined, []), undefined);
     t.is(testResolveUriToFile(undefined, undefined, []), undefined);
-    // Non-existant files are discarded
+    // Non-existent files are discarded
     t.is(testResolveUriToFile(`${filepath}2`, undefined, []), undefined);
     // Index is resolved
     t.is(testResolveUriToFile(undefined, 0, [filepath]), filepath);

lib/init-action.js

@@ -10,9 +10,10 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const core = __importStar(require("@actions/core"));
 const actionsUtil = __importStar(require("./actions-util"));
 const init_1 = require("./init");
+const languages_1 = require("./languages");
 const logging_1 = require("./logging");
 const repository_1 = require("./repository");
-async function sendSuccessStatusReport(startedAt, config) {
+async function sendSuccessStatusReport(startedAt, config, toolsVersion) {
     var _a;
     const statusReportBase = await actionsUtil.createStatusReportBase("init", "success", startedAt);
     const languages = config.languages.join(",");
@@ -41,6 +42,8 @@ async function sendSuccessStatusReport(startedAt, config) {
         paths_ignore: pathsIgnore,
         disable_default_queries: disableDefaultQueries,
         queries: queries.join(","),
+        tools_input: actionsUtil.getOptionalInput("tools") || "",
+        tools_resolved_version: toolsVersion,
     };
     await actionsUtil.sendStatusReport(statusReport);
 }
@@ -49,13 +52,33 @@ async function run() {
     const logger = logging_1.getActionsLogger();
     let config;
     let codeql;
+    let toolsVersion;
     try {
         actionsUtil.prepareLocalRunEnvironment();
-        if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("init", "starting", startedAt), true))) {
+        const workflowErrors = await actionsUtil.getWorkflowErrors();
+        if (workflowErrors.length > 0) {
+            core.warning(actionsUtil.formatWorkflowErrors(workflowErrors));
+        }
+        if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("init", "starting", startedAt, actionsUtil.formatWorkflowCause(workflowErrors))))) {
             return;
         }
-        codeql = await init_1.initCodeQL(actionsUtil.getOptionalInput("tools"), actionsUtil.getRequiredInput("token"), actionsUtil.getRequiredEnvParam("GITHUB_SERVER_URL"), actionsUtil.getRequiredEnvParam("RUNNER_TEMP"), actionsUtil.getRequiredEnvParam("RUNNER_TOOL_CACHE"), "actions", logger);
-        config = await init_1.initConfig(actionsUtil.getOptionalInput("languages"), actionsUtil.getOptionalInput("queries"), actionsUtil.getOptionalInput("config-file"), repository_1.parseRepositoryNwo(actionsUtil.getRequiredEnvParam("GITHUB_REPOSITORY")), actionsUtil.getRequiredEnvParam("RUNNER_TEMP"), actionsUtil.getRequiredEnvParam("RUNNER_TOOL_CACHE"), codeql, actionsUtil.getRequiredEnvParam("GITHUB_WORKSPACE"), actionsUtil.getRequiredInput("token"), actionsUtil.getRequiredEnvParam("GITHUB_SERVER_URL"), logger);
+        const apiDetails = {
+            auth: actionsUtil.getRequiredInput("token"),
+            url: actionsUtil.getRequiredEnvParam("GITHUB_SERVER_URL"),
+        };
+        const initCodeQLResult = await init_1.initCodeQL(actionsUtil.getOptionalInput("tools"), apiDetails, actionsUtil.getRequiredEnvParam("RUNNER_TEMP"), actionsUtil.getRequiredEnvParam("RUNNER_TOOL_CACHE"), "actions", logger);
+        codeql = initCodeQLResult.codeql;
+        toolsVersion = initCodeQLResult.toolsVersion;
+        config = await init_1.initConfig(actionsUtil.getOptionalInput("languages"), actionsUtil.getOptionalInput("queries"), actionsUtil.getOptionalInput("config-file"), repository_1.parseRepositoryNwo(actionsUtil.getRequiredEnvParam("GITHUB_REPOSITORY")), actionsUtil.getRequiredEnvParam("RUNNER_TEMP"), actionsUtil.getRequiredEnvParam("RUNNER_TOOL_CACHE"), codeql, actionsUtil.getRequiredEnvParam("GITHUB_WORKSPACE"), apiDetails, "actions", logger);
+        if (config.languages.includes(languages_1.Language.python) &&
+            actionsUtil.getRequiredInput("setup-python-dependencies") === "true") {
+            try {
+                await init_1.installPythonDeps(codeql, logger);
+            }
+            catch (err) {
+                logger.warning(`${err.message} You can call this action with 'setup-python-dependencies: false' to disable this process`);
+            }
+        }
     }
     catch (e) {
         core.setFailed(e.message);
@@ -75,11 +98,14 @@ async function run() {
         core.exportVariable("CODEQL_RAM", codeqlRam);
         const tracerConfig = await init_1.runInit(codeql, config);
         if (tracerConfig !== undefined) {
-            Object.entries(tracerConfig.env).forEach(([key, value]) => core.exportVariable(key, value));
+            for (const [key, value] of Object.entries(tracerConfig.env)) {
+                core.exportVariable(key, value);
+            }
             if (process.platform === "win32") {
                 await init_1.injectWindowsTracer("Runner.Worker.exe", undefined, config, codeql, tracerConfig);
             }
         }
+        core.setOutput("codeql-path", config.codeQLCmd);
     }
     catch (error) {
         core.setFailed(error.message);
@@ -87,10 +113,16 @@ async function run() {
         await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("init", "failure", startedAt, error.message, error.stack));
         return;
     }
-    await sendSuccessStatusReport(startedAt, config);
+    await sendSuccessStatusReport(startedAt, config, toolsVersion);
 }
-run().catch((e) => {
-    core.setFailed(`init action failed: ${e}`);
-    console.log(e);
-});
+async function runWrapper() {
+    try {
+        await run();
+    }
+    catch (error) {
+        core.setFailed(`init action failed: ${error}`);
+        console.log(error);
+    }
+}
+void runWrapper();
 //# sourceMappingURL=init-action.js.map

lib/init-action.js.map

@@ -1 +1 @@
-{"version":3,"file":"init-action.js","sourceRoot":"","sources":["../src/init-action.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAG9C,iCAA8E;AAC9E,uCAA6C;AAC7C,6CAAkD;AAkBlD,KAAK,UAAU,uBAAuB,CACpC,SAAe,EACf,MAA0B;;IAE1B,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,MAAM,EACN,SAAS,EACT,SAAS,CACV,CAAC;IAEF,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,iBAAiB,GAAG,WAAW,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;IACpE,MAAM,KAAK,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CACvE,GAAG,CACJ,CAAC;IACF,MAAM,qBAAqB,GAAG,MAAM,CAAC,iBAAiB,CACpD,yBAAyB,CAC1B;QACC,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,YAAY,SAAG,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,0CAAE,IAAI,EAAE,CAAC;IACnE,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;QAC9D,OAAO,CAAC,IAAI,CACV,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAC/D,CAAC;KACH;IACD,IAAI,YAAY,KAAK,SAAS,EAAE;QAC9B,YAAY,GAAG,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC;YACzC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;YACxB,CAAC,CAAC,YAAY,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;KAC1C;IAED,MAAM,YAAY,GAA4B;QAC5C,GAAG,gBAAgB;QACnB,SAAS;QACT,kBAAkB,EAAE,iBAAiB,IAAI,EAAE;QAC3C,KAAK;QACL,YAAY,EAAE,WAAW;QACzB,uBAAuB,EAAE,qBAAqB;QAC9C,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;KAC3B,CAAC;IAEF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,0BAAgB,EAAE,CAAC;IAClC,IAAI,MAA0B,CAAC;IAC/B,IAAI,MAAc,CAAC;IAEnB,IAAI;QACF,WAAW,CAAC,0BAA0B,EAAE,CAAC;QACzC,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CAAC,MAAM,EAAE,UAAU,EAAE,SAAS,CAAC,EACvE,IAAI,CACL,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,GAAG,MAAM,iBAAU,CACvB,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,SAAS,EACT,MAAM,CACP,CAAC;QACF,MAAM,GAAG,MAAM,iBAAU,CACvB,WAAW,CAAC,gBAAgB,CAAC,WAAW,CAAC,EACzC,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,EACvC,WAAW,CAAC,gBAAgB,CAAC,aAAa,CAAC,EAC3C,+BAAkB,CAAC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,CAAC,EACxE,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,MAAM,EACN,WAAW,CAAC,mBAAmB,CAAC,kBAAkB,CAAC,EACnD,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,MAAM,CACP,CAAC;KACH;IAAC,OAAO,CAAC,EAAE;QACV,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACf,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,MAAM,EACN,SAAS,EACT,SAAS,EACT,CAAC,CAAC,OAAO,CACV,CACF,CAAC;QACF,OAAO;KACR;IAED,IAAI;QACF,mBAAmB;QACnB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACvC,IAAI,OAAO,EAAE;YACX,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YACxC,IAAI,CAAC,OAAO,CACV,6GAA6G,CAC9G,CAAC;SACH;QAED,mGAAmG;QACnG,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,MAAM,CAAC;QACtD,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAE7C,MAAM,YAAY,GAAG,MAAM,cAAO,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACnD,IAAI,YAAY,KAAK,SAAS,EAAE;YAC9B,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CACxD,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,KAAK,CAAC,CAChC,CAAC;YAEF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;gBAChC,MAAM,0BAAmB,CACvB,mBAAmB,EACnB,SAAS,EACT,MAAM,EACN,MAAM,EACN,YAAY,CACb,CAAC;aACH;SACF;KACF;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,MAAM,EACN,SAAS,EACT,SAAS,EACT,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;QACF,OAAO;KACR;IACD,MAAM,uBAAuB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;AACnD,CAAC;AAED,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IAChB,IAAI,CAAC,SAAS,CAAC,uBAAuB,CAAC,EAAE,CAAC,CAAC;IAC3C,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACjB,CAAC,CAAC,CAAC"}
+{"version":3,"file":"init-action.js","sourceRoot":"","sources":["../src/init-action.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAG9C,iCAMgB;AAChB,2CAAuC;AACvC,uCAA6C;AAC7C,6CAAkD;AAsBlD,KAAK,UAAU,uBAAuB,CACpC,SAAe,EACf,MAA0B,EAC1B,YAAoB;;IAEpB,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,MAAM,EACN,SAAS,EACT,SAAS,CACV,CAAC;IAEF,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,iBAAiB,GAAG,WAAW,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;IACpE,MAAM,KAAK,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CACvE,GAAG,CACJ,CAAC;IACF,MAAM,qBAAqB,GAAG,MAAM,CAAC,iBAAiB,CACpD,yBAAyB,CAC1B;QACC,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,YAAY,SAAG,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,0CAAE,IAAI,EAAE,CAAC;IACnE,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;QAC9D,OAAO,CAAC,IAAI,CACV,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAC/D,CAAC;KACH;IACD,IAAI,YAAY,KAAK,SAAS,EAAE;QAC9B,YAAY,GAAG,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC;YACzC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;YACxB,CAAC,CAAC,YAAY,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;KAC1C;IAED,MAAM,YAAY,GAA4B;QAC5C,GAAG,gBAAgB;QACnB,SAAS;QACT,kBAAkB,EAAE,iBAAiB,IAAI,EAAE;QAC3C,KAAK;QACL,YAAY,EAAE,WAAW;QACzB,uBAAuB,EAAE,qBAAqB;QAC9C,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;QAC1B,WAAW,EAAE,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,IAAI,EAAE;QACxD,sBAAsB,EAAE,YAAY;KACrC,CAAC;IAEF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,0BAAgB,EAAE,CAAC;IAClC,IAAI,MAA0B,CAAC;IAC/B,IAAI,MAAc,CAAC;IACnB,IAAI,YAAoB,CAAC;IAEzB,IAAI;QACF,WAAW,CAAC,0BAA0B,EAAE,CAAC;QAEzC,MAAM,cAAc,GAAG,MAAM,WAAW,CAAC,iBAAiB,EAAE,CAAC;QAE7D,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE;YAC7B,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,oBAAoB,CAAC,cAAc,CAAC,CAAC,CAAC;SAChE;QAED,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CACtC,MAAM,EACN,UAAU,EACV,SAAS,EACT,WAAW,CAAC,mBAAmB,CAAC,cAAc,CAAC,CAChD,CACF,CAAC,EACF;YACA,OAAO;SACR;QAED,MAAM,UAAU,GAAG;YACjB,IAAI,EAAE,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC;YAC3C,GAAG,EAAE,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC;SAC1D,CAAC;QAEF,MAAM,gBAAgB,GAAG,MAAM,iBAAU,CACvC,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,UAAU,EACV,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,SAAS,EACT,MAAM,CACP,CAAC;QACF,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC;QACjC,YAAY,GAAG,gBAAgB,CAAC,YAAY,CAAC;QAE7C,MAAM,GAAG,MAAM,iBAAU,CACvB,WAAW,CAAC,gBAAgB,CAAC,WAAW,CAAC,EACzC,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,EACvC,WAAW,CAAC,gBAAgB,CAAC,aAAa,CAAC,EAC3C,+BAAkB,CAAC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,CAAC,EACxE,WAAW,CAAC,mBAAmB,CAAC,aAAa,CAAC,EAC9C,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,MAAM,EACN,WAAW,CAAC,mBAAmB,CAAC,kBAAkB,CAAC,EACnD,UAAU,EACV,SAAS,EACT,MAAM,CACP,CAAC;QAEF,IACE,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,oBAAQ,CAAC,MAAM,CAAC;YAC1C,WAAW,CAAC,gBAAgB,CAAC,2BAA2B,CAAC,KAAK,MAAM,EACpE;YACA,IAAI;gBACF,MAAM,wBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;aACzC;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,CAAC,OAAO,CACZ,GAAG,GAAG,CAAC,OAAO,2FAA2F,CAC1G,CAAC;aACH;SACF;KACF;IAAC,OAAO,CAAC,EAAE;QACV,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACf,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,MAAM,EACN,SAAS,EACT,SAAS,EACT,CAAC,CAAC,OAAO,CACV,CACF,CAAC;QACF,OAAO;KACR;IAED,IAAI;QACF,mBAAmB;QACnB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACvC,IAAI,OAAO,EAAE;YACX,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YACxC,IAAI,CAAC,OAAO,CACV,6GAA6G,CAC9G,CAAC;SACH;QAED,mGAAmG;QACnG,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,MAAM,CAAC;QACtD,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAE7C,MAAM,YAAY,GAAG,MAAM,cAAO,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACnD,IAAI,YAAY,KAAK,SAAS,EAAE;YAC9B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE;gBAC3D,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;aACjC;YAED,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;gBAChC,MAAM,0BAAmB,CACvB,mBAAmB,EACnB,SAAS,EACT,MAAM,EACN,MAAM,EACN,YAAY,CACb,CAAC;aACH;SACF;QAED,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;KACjD;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,MAAM,EACN,SAAS,EACT,SAAS,EACT,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;QACF,OAAO;KACR;IACD,MAAM,uBAAuB,CAAC,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;AACjE,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,uBAAuB,KAAK,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

lib/init.js

@@ -7,25 +7,26 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const toolrunnner = __importStar(require("@actions/exec/lib/toolrunner"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
+const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
+const safeWhich = __importStar(require("@chrisgavin/safe-which"));
 const analysisPaths = __importStar(require("./analysis-paths"));
 const codeql_1 = require("./codeql");
 const configUtils = __importStar(require("./config-utils"));
 const tracer_config_1 = require("./tracer-config");
 const util = __importStar(require("./util"));
-async function initCodeQL(codeqlURL, githubAuth, githubUrl, tempDir, toolsDir, mode, logger) {
+async function initCodeQL(codeqlURL, apiDetails, tempDir, toolsDir, mode, logger) {
     logger.startGroup("Setup CodeQL tools");
-    const codeql = await codeql_1.setupCodeQL(codeqlURL, githubAuth, githubUrl, tempDir, toolsDir, mode, logger);
+    const { codeql, toolsVersion } = await codeql_1.setupCodeQL(codeqlURL, apiDetails, tempDir, toolsDir, mode, logger);
     await codeql.printVersion();
     logger.endGroup();
-    return codeql;
+    return { codeql, toolsVersion };
 }
 exports.initCodeQL = initCodeQL;
-async function initConfig(languagesInput, queriesInput, configFile, repository, tempDir, toolCacheDir, codeQL, checkoutPath, githubAuth, githubUrl, logger) {
+async function initConfig(languagesInput, queriesInput, configFile, repository, tempDir, toolCacheDir, codeQL, checkoutPath, apiDetails, mode, logger) {
     logger.startGroup("Load language configuration");
-    const config = await configUtils.initConfig(languagesInput, queriesInput, configFile, repository, tempDir, toolCacheDir, codeQL, checkoutPath, githubAuth, githubUrl, logger);
+    const config = await configUtils.initConfig(languagesInput, queriesInput, configFile, repository, tempDir, toolCacheDir, codeQL, checkoutPath, apiDetails, mode, logger);
     analysisPaths.printPathFiltersWarning(config, logger);
     logger.endGroup();
     return config;
@@ -102,6 +103,10 @@ async function injectWindowsTracer(processName, processLevel, config, codeql, tr
           Write-Host "Found Runner.Worker.exe process which means we are running on GitHub Actions"
           Write-Host "Aborting search early and using process: $p"
           Break
+        } elseif ($p[0].Name -eq "Agent.Worker.exe") {
+          Write-Host "Found Agent.Worker.exe process which means we are running on Azure Pipelines"
+          Write-Host "Aborting search early and using process: $p"
+          Break
         } else {
           $id = $p[0].ParentProcessId
         }
@@ -112,7 +117,7 @@ async function injectWindowsTracer(processName, processLevel, config, codeql, tr
     }
     const injectTracerPath = path.join(config.tempDir, "inject-tracer.ps1");
     fs.writeFileSync(injectTracerPath, script);
-    await new toolrunnner.ToolRunner("powershell", [
+    await new toolrunner.ToolRunner(await safeWhich.safeWhich("powershell"), [
         "-ExecutionPolicy",
         "Bypass",
         "-file",
@@ -121,4 +126,49 @@ async function injectWindowsTracer(processName, processLevel, config, codeql, tr
     ], { env: { ODASA_TRACER_CONFIGURATION: tracerConfig.spec } }).exec();
 }
 exports.injectWindowsTracer = injectWindowsTracer;
+async function installPythonDeps(codeql, logger) {
+    logger.startGroup("Setup Python dependencies");
+    const scriptsFolder = path.resolve(__dirname, "../python-setup");
+    // Setup tools on the Github hosted runners
+    if (process.env["ImageOS"] !== undefined) {
+        try {
+            if (process.platform === "win32") {
+                await new toolrunner.ToolRunner(await safeWhich.safeWhich("powershell"), [path.join(scriptsFolder, "install_tools.ps1")]).exec();
+            }
+            else {
+                await new toolrunner.ToolRunner(path.join(scriptsFolder, "install_tools.sh")).exec();
+            }
+        }
+        catch (e) {
+            // This script tries to install some needed tools in the runner. It should not fail, but if it does
+            // we just abort the process without failing the action
+            logger.endGroup();
+            logger.warning("Unable to download and extract the tools needed for installing the python dependencies. You can call this action with 'setup-python-dependencies: false' to disable this process.");
+            return;
+        }
+    }
+    // Install dependencies
+    try {
+        const script = "auto_install_packages.py";
+        if (process.platform === "win32") {
+            await new toolrunner.ToolRunner(await safeWhich.safeWhich("py"), [
+                "-3",
+                path.join(scriptsFolder, script),
+                path.dirname(codeql.getPath()),
+            ]).exec();
+        }
+        else {
+            await new toolrunner.ToolRunner(path.join(scriptsFolder, script), [
+                path.dirname(codeql.getPath()),
+            ]).exec();
+        }
+    }
+    catch (e) {
+        logger.endGroup();
+        logger.warning("We were unable to install your python dependencies. You can call this action with 'setup-python-dependencies: false' to disable this process.");
+        return;
+    }
+    logger.endGroup();
+}
+exports.installPythonDeps = installPythonDeps;
 //# sourceMappingURL=init.js.map

lib/init.js.map

@@ -1 +1 @@
-{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;AAAA,0EAA4D;AAC5D,uCAAyB;AACzB,2CAA6B;AAE7B,gEAAkD;AAClD,qCAA+C;AAC/C,4DAA8C;AAG9C,mDAAwE;AACxE,6CAA+B;AAExB,KAAK,UAAU,UAAU,CAC9B,SAA6B,EAC7B,UAAkB,EAClB,SAAiB,EACjB,OAAe,EACf,QAAgB,EAChB,IAAe,EACf,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,MAAM,oBAAW,CAC9B,SAAS,EACT,UAAU,EACV,SAAS,EACT,OAAO,EACP,QAAQ,EACR,IAAI,EACJ,MAAM,CACP,CAAC;IACF,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AAtBD,gCAsBC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,UAAyB,EACzB,OAAe,EACf,YAAoB,EACpB,MAAc,EACd,YAAoB,EACpB,UAAkB,EAClB,SAAiB,EACjB,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,UAAU,EACV,OAAO,EACP,YAAY,EACZ,MAAM,EACN,YAAY,EACZ,UAAU,EACV,SAAS,EACT,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AA9BD,gCA8BC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B;IAE1B,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;IAElC,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE9E,sEAAsE;IACtE,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,yBAAyB;QACzB,MAAM,MAAM,CAAC,YAAY,CACvB,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,EACpD,QAAQ,EACR,UAAU,CACX,CAAC;KACH;IAED,OAAO,MAAM,uCAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AAnBD,0BAmBC;AAED,sEAAsE;AACtE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,+CAA+C;AACxC,KAAK,UAAU,mBAAmB,CACvC,WAA+B,EAC/B,YAAgC,EAChC,MAA0B,EAC1B,MAAc,EACd,YAA0B;IAE1B,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,KAAK,SAAS,EAAE;QAC7B,MAAM,GAAG;;;;;;;;;;;;uCAY0B,WAAW;;8BAEpB,WAAW;;;;;;;;gDAQO,CAAC;KAC9C;SAAM;QACL,oEAAoE;QACpE,mFAAmF;QACnF,+EAA+E;QAC/E,kFAAkF;QAClF,6EAA6E;QAC7E,oFAAoF;QACpF,6CAA6C;QAC7C,YAAY,GAAG,YAAY,IAAI,CAAC,CAAC;QACjC,MAAM,GAAG;;;;;;;;4BAQe,YAAY;;;;;;;;;;;;;;;;;gDAiBQ,CAAC;KAC9C;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IACxE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,IAAI,WAAW,CAAC,UAAU,CAC9B,YAAY,EACZ;QACE,kBAAkB;QAClB,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,IAAI,CAAC,OAAO,CACV,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EAC9B,OAAO,EACP,OAAO,EACP,YAAY,CACb;KACF,EACD,EAAE,GAAG,EAAE,EAAE,0BAA0B,EAAE,YAAY,CAAC,IAAI,EAAE,EAAE,CAC3D,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AAxFD,kDAwFC"}
+{"version":3,"file":"init.js","sourceRoot":"","sources":["../src/init.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,yEAA2D;AAC3D,kEAAoD;AAEpD,gEAAkD;AAElD,qCAA+C;AAC/C,4DAA8C;AAG9C,mDAAwE;AACxE,6CAA+B;AAExB,KAAK,UAAU,UAAU,CAC9B,SAA6B,EAC7B,UAA4B,EAC5B,OAAe,EACf,QAAgB,EAChB,IAAe,EACf,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACxC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,oBAAW,CAChD,SAAS,EACT,UAAU,EACV,OAAO,EACP,QAAQ,EACR,IAAI,EACJ,MAAM,CACP,CAAC;IACF,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAC5B,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;AAClC,CAAC;AApBD,gCAoBC;AAEM,KAAK,UAAU,UAAU,CAC9B,cAAkC,EAClC,YAAgC,EAChC,UAA8B,EAC9B,UAAyB,EACzB,OAAe,EACf,YAAoB,EACpB,MAAc,EACd,YAAoB,EACpB,UAA4B,EAC5B,IAAe,EACf,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,6BAA6B,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,CACzC,cAAc,EACd,YAAY,EACZ,UAAU,EACV,UAAU,EACV,OAAO,EACP,YAAY,EACZ,MAAM,EACN,YAAY,EACZ,UAAU,EACV,IAAI,EACJ,MAAM,CACP,CAAC;IACF,aAAa,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,CAAC,QAAQ,EAAE,CAAC;IAClB,OAAO,MAAM,CAAC;AAChB,CAAC;AA9BD,gCA8BC;AAEM,KAAK,UAAU,OAAO,CAC3B,MAAc,EACd,MAA0B;IAE1B,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;IAElC,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE9E,sEAAsE;IACtE,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE;QACvC,yBAAyB;QACzB,MAAM,MAAM,CAAC,YAAY,CACvB,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,EACpD,QAAQ,EACR,UAAU,CACX,CAAC;KACH;IAED,OAAO,MAAM,uCAAuB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AAnBD,0BAmBC;AAED,sEAAsE;AACtE,4EAA4E;AAC5E,4EAA4E;AAC5E,6EAA6E;AAC7E,+CAA+C;AACxC,KAAK,UAAU,mBAAmB,CACvC,WAA+B,EAC/B,YAAgC,EAChC,MAA0B,EAC1B,MAAc,EACd,YAA0B;IAE1B,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,KAAK,SAAS,EAAE;QAC7B,MAAM,GAAG;;;;;;;;;;;;uCAY0B,WAAW;;8BAEpB,WAAW;;;;;;;;gDAQO,CAAC;KAC9C;SAAM;QACL,oEAAoE;QACpE,mFAAmF;QACnF,+EAA+E;QAC/E,kFAAkF;QAClF,6EAA6E;QAC7E,oFAAoF;QACpF,6CAA6C;QAC7C,YAAY,GAAG,YAAY,IAAI,CAAC,CAAC;QACjC,MAAM,GAAG;;;;;;;;4BAQe,YAAY;;;;;;;;;;;;;;;;;;;;;gDAqBQ,CAAC;KAC9C;IAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IACxE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAE3C,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EACvC;QACE,kBAAkB;QAClB,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,IAAI,CAAC,OAAO,CACV,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EAC9B,OAAO,EACP,OAAO,EACP,YAAY,CACb;KACF,EACD,EAAE,GAAG,EAAE,EAAE,0BAA0B,EAAE,YAAY,CAAC,IAAI,EAAE,EAAE,CAC3D,CAAC,IAAI,EAAE,CAAC;AACX,CAAC;AA5FD,kDA4FC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,CAAC,UAAU,CAAC,2BAA2B,CAAC,CAAC;IAE/C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAEjE,2CAA2C;IAC3C,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,SAAS,EAAE;QACxC,IAAI;YACF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;gBAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,MAAM,SAAS,CAAC,SAAS,CAAC,YAAY,CAAC,EACvC,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,mBAAmB,CAAC,CAAC,CAChD,CAAC,IAAI,EAAE,CAAC;aACV;iBAAM;gBACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAC7B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAC7C,CAAC,IAAI,EAAE,CAAC;aACV;SACF;QAAC,OAAO,CAAC,EAAE;YACV,mGAAmG;YACnG,uDAAuD;YACvD,MAAM,CAAC,QAAQ,EAAE,CAAC;YAClB,MAAM,CAAC,OAAO,CACZ,mLAAmL,CACpL,CAAC;YACF,OAAO;SACR;KACF;IAED,uBAAuB;IACvB,IAAI;QACF,MAAM,MAAM,GAAG,0BAA0B,CAAC;QAC1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;YAChC,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;gBAC/D,IAAI;gBACJ,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;aAAM;YACL,MAAM,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;gBAChE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;aAC/B,CAAC,CAAC,IAAI,EAAE,CAAC;SACX;KACF;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CACZ,+IAA+I,CAChJ,CAAC;QACF,OAAO;KACR;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAnDD,8CAmDC"}

lib/languages.js

@@ -33,7 +33,9 @@ function parseLanguage(language) {
 }
 exports.parseLanguage = parseLanguage;
 function isTracedLanguage(language) {
-    return ["cpp", "java", "csharp"].includes(language);
+    return (["cpp", "java", "csharp"].includes(language) ||
+        (process.env["CODEQL_EXTRACTOR_GO_BUILD_TRACING"] === "on" &&
+            language === Language.go));
 }
 exports.isTracedLanguage = isTracedLanguage;
 function isScannedLanguage(language) {

lib/languages.js.map

@@ -1 +1 @@
-{"version":3,"file":"languages.js","sourceRoot":"","sources":["../src/languages.ts"],"names":[],"mappings":";;AAAA,wCAAwC;AACxC,IAAY,QAOX;AAPD,WAAY,QAAQ;IAClB,6BAAiB,CAAA;IACjB,uBAAW,CAAA;IACX,qBAAS,CAAA;IACT,yBAAa,CAAA;IACb,qCAAyB,CAAA;IACzB,6BAAiB,CAAA;AACnB,CAAC,EAPW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAOnB;AAED,iCAAiC;AACjC,MAAM,gBAAgB,GAAiC;IACrD,CAAC,EAAE,QAAQ,CAAC,GAAG;IACf,KAAK,EAAE,QAAQ,CAAC,GAAG;IACnB,IAAI,EAAE,QAAQ,CAAC,MAAM;IACrB,UAAU,EAAE,QAAQ,CAAC,UAAU;CAChC,CAAC;AAEF,gGAAgG;AAChG,SAAgB,aAAa,CAAC,QAAgB;IAC5C,0BAA0B;IAC1B,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAElC,6BAA6B;IAC7B,IAAI,QAAQ,IAAI,QAAQ,EAAE;QACxB,OAAO,QAAoB,CAAC;KAC7B;IAED,yBAAyB;IACzB,IAAI,QAAQ,IAAI,gBAAgB,EAAE;QAChC,OAAO,gBAAgB,CAAC,QAAQ,CAAC,CAAC;KACnC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAfD,sCAeC;AAED,SAAgB,gBAAgB,CAAC,QAAkB;IACjD,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACtD,CAAC;AAFD,4CAEC;AAED,SAAgB,iBAAiB,CAAC,QAAkB;IAClD,OAAO,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC;AAFD,8CAEC"}
+{"version":3,"file":"languages.js","sourceRoot":"","sources":["../src/languages.ts"],"names":[],"mappings":";;AAAA,wCAAwC;AACxC,IAAY,QAOX;AAPD,WAAY,QAAQ;IAClB,6BAAiB,CAAA;IACjB,uBAAW,CAAA;IACX,qBAAS,CAAA;IACT,yBAAa,CAAA;IACb,qCAAyB,CAAA;IACzB,6BAAiB,CAAA;AACnB,CAAC,EAPW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAOnB;AAED,iCAAiC;AACjC,MAAM,gBAAgB,GAAiC;IACrD,CAAC,EAAE,QAAQ,CAAC,GAAG;IACf,KAAK,EAAE,QAAQ,CAAC,GAAG;IACnB,IAAI,EAAE,QAAQ,CAAC,MAAM;IACrB,UAAU,EAAE,QAAQ,CAAC,UAAU;CAChC,CAAC;AAEF,gGAAgG;AAChG,SAAgB,aAAa,CAAC,QAAgB;IAC5C,0BAA0B;IAC1B,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAElC,6BAA6B;IAC7B,IAAI,QAAQ,IAAI,QAAQ,EAAE;QACxB,OAAO,QAAoB,CAAC;KAC7B;IAED,yBAAyB;IACzB,IAAI,QAAQ,IAAI,gBAAgB,EAAE;QAChC,OAAO,gBAAgB,CAAC,QAAQ,CAAC,CAAC;KACnC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAfD,sCAeC;AAED,SAAgB,gBAAgB,CAAC,QAAkB;IACjD,OAAO,CACL,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC5C,CAAC,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,KAAK,IAAI;YACxD,QAAQ,KAAK,QAAQ,CAAC,EAAE,CAAC,CAC5B,CAAC;AACJ,CAAC;AAND,4CAMC;AAED,SAAgB,iBAAiB,CAAC,QAAkB;IAClD,OAAO,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC;AAFD,8CAEC"}

lib/languages.test.js

@@ -7,7 +7,7 @@ const ava_1 = __importDefault(require("ava"));
 const languages_1 = require("./languages");
 const testing_utils_1 = require("./testing-utils");
 testing_utils_1.setupTests(ava_1.default);
-ava_1.default("parseLangauge", async (t) => {
+ava_1.default("parseLanguage", async (t) => {
     // Exact matches
     t.deepEqual(languages_1.parseLanguage("csharp"), languages_1.Language.csharp);
     t.deepEqual(languages_1.parseLanguage("cpp"), languages_1.Language.cpp);

lib/runner.js

@@ -7,10 +7,10 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const commander_1 = require("commander");
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
 const path = __importStar(require("path"));
+const commander_1 = require("commander");
 const analyze_1 = require("./analyze");
 const autobuild_1 = require("./autobuild");
 const codeql_1 = require("./codeql");
@@ -23,24 +23,6 @@ const upload_lib = __importStar(require("./upload-lib"));
 const util_1 = require("./util");
 const program = new commander_1.Command();
 program.version("0.0.1");
-function parseGithubUrl(inputUrl) {
-    try {
-        const url = new URL(inputUrl);
-        // If we detect this is trying to be to github.com
-        // then return with a fixed canonical URL.
-        if (url.hostname === "github.com" || url.hostname === "api.github.com") {
-            return "https://github.com";
-        }
-        // Remove the API prefix if it's present
-        if (url.pathname.indexOf("/api/v3") !== -1) {
-            url.pathname = url.pathname.substring(0, url.pathname.indexOf("/api/v3"));
-        }
-        return url.toString();
-    }
-    catch (e) {
-        throw new Error(`"${inputUrl}" is not a valid URL`);
-    }
-}
 function getTempDir(userInput) {
     const tempDir = path.join(userInput || process.cwd(), "codeql-runner");
     if (!fs.existsSync(tempDir)) {
@@ -61,7 +43,9 @@ function importTracerEnvironment(config) {
     if (!("ODASA_TRACER_CONFIGURATION" in process.env)) {
         const jsonEnvFile = path.join(config.tempDir, codeqlEnvJsonFilename);
         const env = JSON.parse(fs.readFileSync(jsonEnvFile).toString("utf-8"));
-        Object.keys(env).forEach((key) => (process.env[key] = env[key]));
+        for (const key of Object.keys(env)) {
+            process.env[key] = env[key];
+        }
     }
 }
 // Allow the user to specify refs in full refs/heads/branch format
@@ -119,14 +103,18 @@ program
         logger.info(`Cleaning temp directory ${tempDir}`);
         fs.rmdirSync(tempDir, { recursive: true });
         fs.mkdirSync(tempDir, { recursive: true });
+        const apiDetails = {
+            auth: cmd.githubAuth,
+            url: util_1.parseGithubUrl(cmd.githubUrl),
+        };
         let codeql;
         if (cmd.codeqlPath !== undefined) {
             codeql = codeql_1.getCodeQL(cmd.codeqlPath);
         }
         else {
-            codeql = await init_1.initCodeQL(undefined, cmd.githubAuth, parseGithubUrl(cmd.githubUrl), tempDir, toolsDir, "runner", logger);
+            codeql = (await init_1.initCodeQL(undefined, apiDetails, tempDir, toolsDir, "runner", logger)).codeql;
         }
-        const config = await init_1.initConfig(cmd.languages, cmd.queries, cmd.configFile, repository_1.parseRepositoryNwo(cmd.repository), tempDir, toolsDir, codeql, cmd.checkoutPath || process.cwd(), cmd.githubAuth, parseGithubUrl(cmd.githubUrl), logger);
+        const config = await init_1.initConfig(cmd.languages, cmd.queries, cmd.configFile, repository_1.parseRepositoryNwo(cmd.repository), tempDir, toolsDir, codeql, cmd.checkoutPath || process.cwd(), apiDetails, "runner", logger);
         const tracerConfig = await init_1.runInit(codeql, config);
         if (tracerConfig === undefined) {
             return;
@@ -134,7 +122,7 @@ program
         if (process.platform === "win32") {
             await init_1.injectWindowsTracer(parseTraceProcessName(), parseTraceProcessLevel(), config, codeql, tracerConfig);
         }
-        // Always output a json file of the env that can be consumed programatically
+        // Always output a json file of the env that can be consumed programmatically
         const jsonEnvFile = path.join(config.tempDir, codeqlEnvJsonFilename);
         fs.writeFileSync(jsonEnvFile, JSON.stringify(tracerConfig.env));
         if (process.platform === "win32") {
@@ -149,7 +137,7 @@ program
                 .join("\n");
             fs.writeFileSync(powershellEnvFile, powershellEnvFileContents);
             logger.info(`\nCodeQL environment output to "${jsonEnvFile}", "${batEnvFile}" and "${powershellEnvFile}". ` +
-                `Please export these variables to future processes so the build can be traced. ` +
+                `Please export these variables to future processes so that CodeQL can monitor the build. ` +
                 `If using cmd/batch run "call ${batEnvFile}" ` +
                 `or if using PowerShell run "cat ${powershellEnvFile} | Invoke-Expression".`);
         }
@@ -162,7 +150,7 @@ program
                 .join("\n");
             fs.writeFileSync(shEnvFile, shEnvFileContents);
             logger.info(`\nCodeQL environment output to "${jsonEnvFile}" and "${shEnvFile}". ` +
-                `Please export these variables to future processes so the build can be traced, ` +
+                `Please export these variables to future processes so that CodeQL can monitor the build, ` +
                 `for example by running ". ${shEnvFile}".`);
         }
     }
@@ -235,7 +223,11 @@ program
             throw new Error("Config file could not be found at expected location. " +
                 "Was the 'init' command run with the same '--temp-dir' argument as this command.");
         }
-        await analyze_1.runAnalyze(repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), undefined, undefined, undefined, cmd.checkoutPath || process.cwd(), undefined, cmd.githubAuth, parseGithubUrl(cmd.githubUrl), cmd.upload, "runner", outputDir, util_1.getMemoryFlag(cmd.ram), util_1.getAddSnippetsFlag(cmd.addSnippets), util_1.getThreadsFlag(cmd.threads, logger), config, logger);
+        const apiDetails = {
+            auth: cmd.githubAuth,
+            url: util_1.parseGithubUrl(cmd.githubUrl),
+        };
+        await analyze_1.runAnalyze(repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), undefined, undefined, undefined, cmd.checkoutPath || process.cwd(), undefined, apiDetails, cmd.upload, "runner", outputDir, util_1.getMemoryFlag(cmd.ram), util_1.getAddSnippetsFlag(cmd.addSnippets), util_1.getThreadsFlag(cmd.threads, logger), config, logger);
     }
     catch (e) {
         logger.error("Analyze failed");
@@ -256,8 +248,12 @@ program
     .option("--debug", "Print more verbose output", false)
     .action(async (cmd) => {
     const logger = logging_1.getRunnerLogger(cmd.debug);
+    const apiDetails = {
+        auth: cmd.githubAuth,
+        url: util_1.parseGithubUrl(cmd.githubUrl),
+    };
     try {
-        await upload_lib.upload(cmd.sarifFile, repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), undefined, undefined, undefined, cmd.checkoutPath || process.cwd(), undefined, cmd.githubAuth, parseGithubUrl(cmd.githubUrl), "runner", logger);
+        await upload_lib.upload(cmd.sarifFile, repository_1.parseRepositoryNwo(cmd.repository), cmd.commit, parseRef(cmd.ref), undefined, undefined, undefined, cmd.checkoutPath || process.cwd(), undefined, apiDetails, "runner", logger);
     }
     catch (e) {
         logger.error("Upload failed");

lib/toolrunner-error-catcher.js

@@ -7,7 +7,8 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const toolrunnner = __importStar(require("@actions/exec/lib/toolrunner"));
+const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
+const safeWhich = __importStar(require("@chrisgavin/safe-which"));
 /**
  * Wrapper for toolrunner.Toolrunner which checks for specific return code and/or regex matches in console output.
  * Output will be streamed to the live console as well as captured for subsequent processing.
@@ -50,7 +51,7 @@ async function toolrunnerErrorCatcher(commandLine, args, matchers, options) {
     // we capture the original return code or error so that if no match is found we can duplicate the behavior
     let returnState;
     try {
-        returnState = await new toolrunnner.ToolRunner(commandLine, args, {
+        returnState = await new toolrunner.ToolRunner(await safeWhich.safeWhich(commandLine), args, {
             ...options,
             listeners,
             ignoreReturnCode: true,
@@ -75,7 +76,7 @@ async function toolrunnerErrorCatcher(commandLine, args, matchers, options) {
             return returnState;
         }
         else {
-            throw new Error(`The process \'${commandLine}\' failed with exit code ${returnState}`);
+            throw new Error(`The process '${commandLine}' failed with exit code ${returnState}`);
         }
     }
     else {

lib/toolrunner-error-catcher.js.map

@@ -1 +1 @@
-{"version":3,"file":"toolrunner-error-catcher.js","sourceRoot":"","sources":["../src/toolrunner-error-catcher.ts"],"names":[],"mappings":";;;;;;;;;AACA,0EAA4D;AAI5D;;;;;;;;;;GAUG;AACI,KAAK,UAAU,sBAAsB,CAC1C,WAAmB,EACnB,IAAe,EACf,QAAyB,EACzB,OAAwB;;IAExB,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,MAAM,SAAS,GAAG;QAChB,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,aAAA,OAAO,0CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;iBAAM;gBACL,4FAA4F;gBAC5F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;aAC5B;QACH,CAAC;QACD,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,aAAA,OAAO,0CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;iBAAM;gBACL,4FAA4F;gBAC5F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;aAC5B;QACH,CAAC;KACF,CAAC;IAEF,0GAA0G;IAC1G,IAAI,WAA2B,CAAC;IAChC,IAAI;QACF,WAAW,GAAG,MAAM,IAAI,WAAW,CAAC,UAAU,CAAC,WAAW,EAAE,IAAI,EAAE;YAChE,GAAG,OAAO;YACV,SAAS;YACT,gBAAgB,EAAE,IAAI;SACvB,CAAC,CAAC,IAAI,EAAE,CAAC;KACX;IAAC,OAAO,CAAC,EAAE;QACV,WAAW,GAAG,CAAC,CAAC;KACjB;IAED,mEAAmE;IACnE,IAAI,WAAW,KAAK,CAAC;QAAE,OAAO,WAAW,CAAC;IAE1C,IAAI,QAAQ,EAAE;QACZ,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;YAC9B,IACE,OAAO,CAAC,QAAQ,KAAK,WAAW,WAChC,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,EAAC,WACjC,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,EAAC,EACjC;gBACA,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;aAClC;SACF;KACF;IAED,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE;QACnC,qFAAqF;QACrF,UAAI,OAAO,0CAAE,gBAAgB,EAAE;YAC7B,OAAO,WAAW,CAAC;SACpB;aAAM;YACL,MAAM,IAAI,KAAK,CACb,iBAAiB,WAAW,4BAA4B,WAAW,EAAE,CACtE,CAAC;SACH;KACF;SAAM;QACL,MAAM,WAAW,CAAC;KACnB;AACH,CAAC;AArED,wDAqEC"}
+{"version":3,"file":"toolrunner-error-catcher.js","sourceRoot":"","sources":["../src/toolrunner-error-catcher.ts"],"names":[],"mappings":";;;;;;;;;AACA,yEAA2D;AAC3D,kEAAoD;AAIpD;;;;;;;;;;GAUG;AACI,KAAK,UAAU,sBAAsB,CAC1C,WAAmB,EACnB,IAAe,EACf,QAAyB,EACzB,OAAwB;;IAExB,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,MAAM,SAAS,GAAG;QAChB,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,aAAA,OAAO,0CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;iBAAM;gBACL,4FAA4F;gBAC5F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;aAC5B;QACH,CAAC;QACD,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;;YACvB,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,aAAA,OAAO,0CAAE,SAAS,0CAAE,MAAM,MAAK,SAAS,EAAE;gBAC5C,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;aAChC;iBAAM;gBACL,4FAA4F;gBAC5F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;aAC5B;QACH,CAAC;KACF,CAAC;IAEF,0GAA0G;IAC1G,IAAI,WAA2B,CAAC;IAChC,IAAI;QACF,WAAW,GAAG,MAAM,IAAI,UAAU,CAAC,UAAU,CAC3C,MAAM,SAAS,CAAC,SAAS,CAAC,WAAW,CAAC,EACtC,IAAI,EACJ;YACE,GAAG,OAAO;YACV,SAAS;YACT,gBAAgB,EAAE,IAAI;SACvB,CACF,CAAC,IAAI,EAAE,CAAC;KACV;IAAC,OAAO,CAAC,EAAE;QACV,WAAW,GAAG,CAAC,CAAC;KACjB;IAED,mEAAmE;IACnE,IAAI,WAAW,KAAK,CAAC;QAAE,OAAO,WAAW,CAAC;IAE1C,IAAI,QAAQ,EAAE;QACZ,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;YAC9B,IACE,OAAO,CAAC,QAAQ,KAAK,WAAW,WAChC,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,EAAC,WACjC,OAAO,CAAC,WAAW,0CAAE,IAAI,CAAC,MAAM,EAAC,EACjC;gBACA,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;aAClC;SACF;KACF;IAED,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE;QACnC,qFAAqF;QACrF,UAAI,OAAO,0CAAE,gBAAgB,EAAE;YAC7B,OAAO,WAAW,CAAC;SACpB;aAAM;YACL,MAAM,IAAI,KAAK,CACb,gBAAgB,WAAW,2BAA2B,WAAW,EAAE,CACpE,CAAC;SACH;KACF;SAAM;QACL,MAAM,WAAW,CAAC;KACnB;AACH,CAAC;AAzED,wDAyEC"}

lib/tracer-config.js

@@ -13,13 +13,9 @@ const languages_1 = require("./languages");
 const util = __importStar(require("./util"));
 const CRITICAL_TRACER_VARS = new Set([
     "SEMMLE_PRELOAD_libtrace",
-    ,
     "SEMMLE_RUNNER",
-    ,
     "SEMMLE_COPY_EXECUTABLES_ROOT",
-    ,
     "SEMMLE_DEPTRACE_SOCKET",
-    ,
     "SEMMLE_JAVA_TOOL_OPTIONS",
 ]);
 async function getTracerConfigForLanguage(codeql, config, language) {
@@ -113,7 +109,7 @@ function concatTracerConfigs(tracerConfigs, config) {
     for (const e of Object.entries(env)) {
         const key = e[0];
         const value = e[1];
-        const lineBuffer = new Buffer(`${key}=${value}\0`, "utf8");
+        const lineBuffer = Buffer.from(`${key}=${value}\0`, "utf8");
         const sizeBuffer = Buffer.alloc(4);
         sizeBuffer.writeInt32LE(lineBuffer.length, 0);
         buffer = Buffer.concat([buffer, sizeBuffer, lineBuffer]);

lib/tracer-config.js.map

@@ -1 +1 @@
-{"version":3,"file":"tracer-config.js","sourceRoot":"","sources":["../src/tracer-config.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAI7B,2CAAyD;AACzD,6CAA+B;AAO/B,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC;IACnC,yBAAyB;IACzB,AAD0B;IAE1B,eAAe;IACf,AADgB;IAEhB,8BAA8B;IAC9B,AAD+B;IAE/B,wBAAwB;IACxB,AADyB;IAEzB,0BAA0B;CAC3B,CAAC,CAAC;AAEI,KAAK,UAAU,0BAA0B,CAC9C,MAAc,EACd,MAA0B,EAC1B,QAAkB;IAElB,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,YAAY,CACnC,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,CACrD,CAAC;IAEF,MAAM,IAAI,GAAG,GAAG,CAAC,4BAA4B,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAiB,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC;IAE7C,yDAAyD;IACzD,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACvC,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACrB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,8DAA8D;QAC9D,IAAI,GAAG,KAAK,4BAA4B,EAAE;YACxC,SAAS;SACV;QACD,wBAAwB;QACxB,IAAI,OAAO,KAAK,KAAK,WAAW,EAAE;YAChC,SAAS;SACV;QACD,mFAAmF;QACnF,iCAAiC;QACjC,IACE,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,WAAW;YACvC,oBAAoB,CAAC,GAAG,CAAC,GAAG,CAAC;YAC7B,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,EACzB;YACA,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;SACvB;KACF;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAnCD,gEAmCC;AAED,SAAgB,mBAAmB,CACjC,aAA+C,EAC/C,MAA0B;IAE1B,iGAAiG;IACjG,0FAA0F;IAE1F,yBAAyB;IACzB,MAAM,GAAG,GAA8B,EAAE,CAAC;IAC1C,IAAI,eAAe,GAAG,KAAK,CAAC;IAC5B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE;QAC5C,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE;YACrC,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YAClB,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACnB,gEAAgE;YAChE,IAAI,IAAI,KAAK,8BAA8B,EAAE;gBAC3C,eAAe,GAAG,IAAI,CAAC;aACxB;iBAAM,IAAI,IAAI,IAAI,GAAG,EAAE;gBACtB,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,KAAK,EAAE;oBACvB,MAAM,KAAK,CACT,gDAAgD,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,QAAQ,KAAK,EAAE,CAClF,CAAC;iBACH;aACF;iBAAM;gBACL,GAAG,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;gBAClB,OAAO,IAAI,CAAC,CAAC;aACd;SACF;KACF;IAED,8CAA8C;IAC9C,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC7C,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAC1C,yFAAyF;IACzF,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE;QACnB,MAAM,QAAQ,GAAG,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACjD,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;QACtD,SAAS,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC;KAChC;IAED,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE;QAC5B,MAAM,KAAK,GAAG,EAAE;aACb,YAAY,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC;aAC9C,KAAK,CAAC,OAAO,CAAC,CAAC;QAClB,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,UAAU,IAAI,KAAK,CAAC;QACpB,UAAU,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACpC;IAED,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CACjC,MAAM,CAAC,OAAO,EACd,2BAA2B,CAC5B,CAAC;IACF,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IAC3D,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IACzE,MAAM,cAAc,GAAG;QACrB,cAAc;QACd,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvB,GAAG,UAAU;KACd,CAAC;IAEF,IAAI,eAAe,EAAE;QACnB,GAAG,CAAC,8BAA8B,CAAC,GAAG,kBAAkB,CAAC;QACzD,OAAO,IAAI,CAAC,CAAC;KACd;IAED,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAElD,uDAAuD;IACvD,IAAI,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7B,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IAChC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACnC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACjB,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACnB,MAAM,UAAU,GAAG,IAAI,MAAM,CAAC,GAAG,GAAG,IAAI,KAAK,IAAI,EAAE,MAAM,CAAC,CAAC;QAC3D,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACnC,UAAU,CAAC,YAAY,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC9C,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;KAC1D;IACD,iCAAiC;IACjC,MAAM,OAAO,GAAG,GAAG,IAAI,cAAc,CAAC;IACtC,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAElC,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;AACvB,CAAC;AAvFD,kDAuFC;AAEM,KAAK,UAAU,uBAAuB,CAC3C,MAA0B,EAC1B,MAAc;IAEd,kEAAkE;IAClE,MAAM,eAAe,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,4BAAgB,CAAC,CAAC;IAClE,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE;QAChC,OAAO,SAAS,CAAC;KAClB;IAED,uDAAuD;IACvD,MAAM,qBAAqB,GAAqC,EAAE,CAAC;IACnE,KAAK,MAAM,QAAQ,IAAI,eAAe,EAAE;QACtC,qBAAqB,CAAC,QAAQ,CAAC,GAAG,MAAM,0BAA0B,CAChE,MAAM,EACN,MAAM,EACN,QAAQ,CACT,CAAC;KACH;IACD,MAAM,gBAAgB,GAAG,mBAAmB,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;IAE5E,8BAA8B;IAC9B,gBAAgB,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,gBAAgB,CAAC,IAAI,CAAC;IAC3E,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IACjD,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE;QACjC,gBAAgB,CAAC,GAAG,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,IAAI,CACvD,SAAS,EACT,OAAO,EACP,OAAO,EACP,gBAAgB,CACjB,CAAC;KACH;SAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QACvC,gBAAgB,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,IAAI,CAC5C,SAAS,EACT,OAAO,EACP,SAAS,EACT,gBAAgB,CACjB,CAAC;KACH;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAzCD,0DAyCC"}
+{"version":3,"file":"tracer-config.js","sourceRoot":"","sources":["../src/tracer-config.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAI7B,2CAAyD;AACzD,6CAA+B;AAO/B,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC;IACnC,yBAAyB;IACzB,eAAe;IACf,8BAA8B;IAC9B,wBAAwB;IACxB,0BAA0B;CAC3B,CAAC,CAAC;AAEI,KAAK,UAAU,0BAA0B,CAC9C,MAAc,EACd,MAA0B,EAC1B,QAAkB;IAElB,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,YAAY,CACnC,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,CACrD,CAAC;IAEF,MAAM,IAAI,GAAG,GAAG,CAAC,4BAA4B,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAiB,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC;IAE7C,yDAAyD;IACzD,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACvC,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACrB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,8DAA8D;QAC9D,IAAI,GAAG,KAAK,4BAA4B,EAAE;YACxC,SAAS;SACV;QACD,wBAAwB;QACxB,IAAI,OAAO,KAAK,KAAK,WAAW,EAAE;YAChC,SAAS;SACV;QACD,mFAAmF;QACnF,iCAAiC;QACjC,IACE,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,WAAW;YACvC,oBAAoB,CAAC,GAAG,CAAC,GAAG,CAAC;YAC7B,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,EACzB;YACA,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;SACvB;KACF;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAnCD,gEAmCC;AAED,SAAgB,mBAAmB,CACjC,aAA+C,EAC/C,MAA0B;IAE1B,iGAAiG;IACjG,0FAA0F;IAE1F,yBAAyB;IACzB,MAAM,GAAG,GAA8B,EAAE,CAAC;IAC1C,IAAI,eAAe,GAAG,KAAK,CAAC;IAC5B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE;QAC5C,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE;YACrC,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YAClB,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACnB,gEAAgE;YAChE,IAAI,IAAI,KAAK,8BAA8B,EAAE;gBAC3C,eAAe,GAAG,IAAI,CAAC;aACxB;iBAAM,IAAI,IAAI,IAAI,GAAG,EAAE;gBACtB,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,KAAK,EAAE;oBACvB,MAAM,KAAK,CACT,gDAAgD,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,QAAQ,KAAK,EAAE,CAClF,CAAC;iBACH;aACF;iBAAM;gBACL,GAAG,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;gBAClB,OAAO,IAAI,CAAC,CAAC;aACd;SACF;KACF;IAED,8CAA8C;IAC9C,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC7C,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAC1C,yFAAyF;IACzF,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE;QACnB,MAAM,QAAQ,GAAG,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACjD,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;QACtD,SAAS,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC;KAChC;IAED,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE;QAC5B,MAAM,KAAK,GAAG,EAAE;aACb,YAAY,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC;aAC9C,KAAK,CAAC,OAAO,CAAC,CAAC;QAClB,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,UAAU,IAAI,KAAK,CAAC;QACpB,UAAU,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACpC;IAED,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CACjC,MAAM,CAAC,OAAO,EACd,2BAA2B,CAC5B,CAAC;IACF,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IAC3D,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IACzE,MAAM,cAAc,GAAG;QACrB,cAAc;QACd,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvB,GAAG,UAAU;KACd,CAAC;IAEF,IAAI,eAAe,EAAE;QACnB,GAAG,CAAC,8BAA8B,CAAC,GAAG,kBAAkB,CAAC;QACzD,OAAO,IAAI,CAAC,CAAC;KACd;IAED,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAElD,uDAAuD;IACvD,IAAI,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7B,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IAChC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACnC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACjB,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACnB,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,GAAG,IAAI,KAAK,IAAI,EAAE,MAAM,CAAC,CAAC;QAC5D,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACnC,UAAU,CAAC,YAAY,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC9C,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;KAC1D;IACD,iCAAiC;IACjC,MAAM,OAAO,GAAG,GAAG,IAAI,cAAc,CAAC;IACtC,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAElC,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;AACvB,CAAC;AAvFD,kDAuFC;AAEM,KAAK,UAAU,uBAAuB,CAC3C,MAA0B,EAC1B,MAAc;IAEd,kEAAkE;IAClE,MAAM,eAAe,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,4BAAgB,CAAC,CAAC;IAClE,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE;QAChC,OAAO,SAAS,CAAC;KAClB;IAED,uDAAuD;IACvD,MAAM,qBAAqB,GAAqC,EAAE,CAAC;IACnE,KAAK,MAAM,QAAQ,IAAI,eAAe,EAAE;QACtC,qBAAqB,CAAC,QAAQ,CAAC,GAAG,MAAM,0BAA0B,CAChE,MAAM,EACN,MAAM,EACN,QAAQ,CACT,CAAC;KACH;IACD,MAAM,gBAAgB,GAAG,mBAAmB,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;IAE5E,8BAA8B;IAC9B,gBAAgB,CAAC,GAAG,CAAC,4BAA4B,CAAC,GAAG,gBAAgB,CAAC,IAAI,CAAC;IAC3E,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IACjD,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE;QACjC,gBAAgB,CAAC,GAAG,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,IAAI,CACvD,SAAS,EACT,OAAO,EACP,OAAO,EACP,gBAAgB,CACjB,CAAC;KACH;SAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;QACvC,gBAAgB,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,IAAI,CAC5C,SAAS,EACT,OAAO,EACP,SAAS,EACT,gBAAgB,CACjB,CAAC;KACH;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAzCD,0DAyCC"}

lib/tracer-config.test.js

@@ -1,7 +1,4 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 var __importStar = (this && this.__importStar) || function (mod) {
     if (mod && mod.__esModule) return mod;
     var result = {};
@@ -9,10 +6,13 @@ var __importStar = (this && this.__importStar) || function (mod) {
     result["default"] = mod;
     return result;
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-const ava_1 = __importDefault(require("ava"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
+const ava_1 = __importDefault(require("ava"));
 const codeql_1 = require("./codeql");
 const languages_1 = require("./languages");
 const testing_utils_1 = require("./testing-utils");
@@ -58,7 +58,6 @@ ava_1.default("getTracerConfigForLanguage - existing / critical vars", async (t)
         process.env["SEMMLE_COPY_EXECUTABLES_ROOT"] = "abc";
         process.env["SEMMLE_DEPTRACE_SOCKET"] = "abc";
         process.env["SEMMLE_JAVA_TOOL_OPTIONS"] = "abc";
-        process.env["SEMMLE_DEPTRACE_SOCKET"] = "abc";
         process.env["CODEQL_VAR"] = "abc";
         // Now CodeQL returns all these variables, and one more, with different values
         const codeQL = codeql_1.setCodeQL({

lib/upload-lib.js

@@ -10,12 +10,12 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const core = __importStar(require("@actions/core"));
-const file_url_1 = __importDefault(require("file-url"));
 const fs = __importStar(require("fs"));
-const jsonschema = __importStar(require("jsonschema"));
 const path = __importStar(require("path"));
 const zlib_1 = __importDefault(require("zlib"));
+const core = __importStar(require("@actions/core"));
+const file_url_1 = __importDefault(require("file-url"));
+const jsonschema = __importStar(require("jsonschema"));
 const api = __importStar(require("./api-client"));
 const fingerprints = __importStar(require("./fingerprints"));
 const sharedEnv = __importStar(require("./shared-environment"));
@@ -34,7 +34,7 @@ function combineSarifFiles(sarifFiles) {
             combinedSarif.version = sarifObject.version;
         }
         else if (combinedSarif.version !== sarifObject.version) {
-            throw `Different SARIF versions encountered: ${combinedSarif.version} and ${sarifObject.version}`;
+            throw new Error(`Different SARIF versions encountered: ${combinedSarif.version} and ${sarifObject.version}`);
         }
         combinedSarif.runs.push(...sarifObject.runs);
     }
@@ -43,71 +43,41 @@ function combineSarifFiles(sarifFiles) {
 exports.combineSarifFiles = combineSarifFiles;
 // Upload the given payload.
 // If the request fails then this will retry a small number of times.
-async function uploadPayload(payload, repositoryNwo, githubAuth, githubUrl, mode, logger) {
+async function uploadPayload(payload, repositoryNwo, apiDetails, mode, logger) {
     logger.info("Uploading results");
     // If in test mode we don't want to upload the results
     const testMode = process.env["TEST_MODE"] === "true" || false;
     if (testMode) {
         return;
     }
-    // Make up to 4 attempts to upload, and sleep for these
-    // number of seconds between each attempt.
-    // We don't want to backoff too much to avoid wasting action
-    // minutes, but just waiting a little bit could maybe help.
-    const backoffPeriods = [1, 5, 15];
-    const client = api.getApiClient(githubAuth, githubUrl);
-    for (let attempt = 0; attempt <= backoffPeriods.length; attempt++) {
-        const reqURL = mode === "actions"
-            ? "PUT /repos/:owner/:repo/code-scanning/analysis"
-            : "POST /repos/:owner/:repo/code-scanning/sarifs";
-        const response = await client.request(reqURL, {
-            owner: repositoryNwo.owner,
-            repo: repositoryNwo.repo,
-            data: payload,
-        });
-        logger.debug(`response status: ${response.status}`);
-        const statusCode = response.status;
-        if (statusCode === 202) {
-            logger.info("Successfully uploaded results");
-            return;
-        }
-        const requestID = response.headers["x-github-request-id"];
-        // On any other status code that's not 5xx mark the upload as failed
-        if (!statusCode || statusCode < 500 || statusCode >= 600) {
-            throw new Error(`Upload failed (${requestID}): (${statusCode}) ${JSON.stringify(response.data)}`);
-        }
-        // On a 5xx status code we may retry the request
-        if (attempt < backoffPeriods.length) {
-            // Log the failure as a warning but don't mark the action as failed yet
-            logger.warning(`Upload attempt (${attempt + 1} of ${backoffPeriods.length + 1}) failed (${requestID}). Retrying in ${backoffPeriods[attempt]} seconds: (${statusCode}) ${JSON.stringify(response.data)}`);
-            // Sleep for the backoff period
-            await new Promise((r) => setTimeout(r, backoffPeriods[attempt] * 1000));
-            continue;
-        }
-        else {
-            // If the upload fails with 5xx then we assume it is a temporary problem
-            // and not an error that the user has caused or can fix.
-            // We avoid marking the job as failed to avoid breaking CI workflows.
-            throw new Error(`Upload failed (${requestID}): (${statusCode}) ${JSON.stringify(response.data)}`);
-        }
-    }
-    // This case shouldn't ever happen as the final iteration of the loop
-    // will always throw an error instead of exiting to here.
-    throw new Error("Upload failed");
+    const client = api.getApiClient(apiDetails, mode, logger);
+    const reqURL = mode === "actions"
+        ? "PUT /repos/:owner/:repo/code-scanning/analysis"
+        : "POST /repos/:owner/:repo/code-scanning/sarifs";
+    const response = await client.request(reqURL, {
+        owner: repositoryNwo.owner,
+        repo: repositoryNwo.repo,
+        data: payload,
+    });
+    logger.debug(`response status: ${response.status}`);
+    logger.info("Successfully uploaded results");
 }
 // Uploads a single sarif file or a directory of sarif files
 // depending on what the path happens to refer to.
 // Returns true iff the upload occurred and succeeded
-async function upload(sarifPath, repositoryNwo, commitOid, ref, analysisKey, analysisName, workflowRunID, checkoutPath, environment, githubAuth, githubUrl, mode, logger) {
+async function upload(sarifPath, repositoryNwo, commitOid, ref, analysisKey, analysisName, workflowRunID, checkoutPath, environment, apiDetails, mode, logger) {
     const sarifFiles = [];
     if (!fs.existsSync(sarifPath)) {
         throw new Error(`Path does not exist: ${sarifPath}`);
     }
     if (fs.lstatSync(sarifPath).isDirectory()) {
-        fs.readdirSync(sarifPath)
+        const paths = fs
+            .readdirSync(sarifPath)
             .filter((f) => f.endsWith(".sarif"))
-            .map((f) => path.resolve(sarifPath, f))
-            .forEach((f) => sarifFiles.push(f));
+            .map((f) => path.resolve(sarifPath, f));
+        for (const filepath of paths) {
+            sarifFiles.push(filepath);
+        }
         if (sarifFiles.length === 0) {
             throw new Error(`No SARIF files found to upload in "${sarifPath}".`);
         }
@@ -115,7 +85,7 @@ async function upload(sarifPath, repositoryNwo, commitOid, ref, analysisKey, ana
     else {
         sarifFiles.push(sarifPath);
     }
-    return await uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKey, analysisName, workflowRunID, checkoutPath, environment, githubAuth, githubUrl, mode, logger);
+    return await uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKey, analysisName, workflowRunID, checkoutPath, environment, apiDetails, mode, logger);
 }
 exports.upload = upload;
 // Counts the number of results in the given SARIF file
@@ -149,7 +119,7 @@ function validateSarifFileSchema(sarifFilePath, logger) {
 exports.validateSarifFileSchema = validateSarifFileSchema;
 // Uploads the given set of sarif files.
 // Returns true iff the upload occurred and succeeded
-async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKey, analysisName, workflowRunID, checkoutPath, environment, githubAuth, githubUrl, mode, logger) {
+async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKey, analysisName, workflowRunID, checkoutPath, environment, apiDetails, mode, logger) {
     logger.info(`Uploading sarif files: ${JSON.stringify(sarifFiles)}`);
     if (mode === "actions") {
         // This check only works on actions as env vars don't persist between calls to the runner
@@ -200,7 +170,7 @@ async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKe
     const numResultInSarif = countResultsInSarif(sarifPayload);
     logger.debug(`Number of results in upload: ${numResultInSarif}`);
     // Make the upload
-    await uploadPayload(payload, repositoryNwo, githubAuth, githubUrl, mode, logger);
+    await uploadPayload(payload, repositoryNwo, apiDetails, mode, logger);
     return {
         raw_upload_size_bytes: rawUploadSizeBytes,
         zipped_upload_size_bytes: zippedUploadSizeBytes,

lib/upload-sarif-action.js

@@ -22,11 +22,15 @@ async function sendSuccessStatusReport(startedAt, uploadStats) {
 }
 async function run() {
     const startedAt = new Date();
-    if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("upload-sarif", "starting", startedAt), true))) {
+    if (!(await actionsUtil.sendStatusReport(await actionsUtil.createStatusReportBase("upload-sarif", "starting", startedAt)))) {
         return;
     }
     try {
-        const uploadStats = await upload_lib.upload(actionsUtil.getRequiredInput("sarif_file"), repository_1.parseRepositoryNwo(actionsUtil.getRequiredEnvParam("GITHUB_REPOSITORY")), await actionsUtil.getCommitOid(), actionsUtil.getRef(), await actionsUtil.getAnalysisKey(), actionsUtil.getRequiredEnvParam("GITHUB_WORKFLOW"), actionsUtil.getWorkflowRunID(), actionsUtil.getRequiredInput("checkout_path"), actionsUtil.getRequiredInput("matrix"), actionsUtil.getRequiredInput("token"), actionsUtil.getRequiredEnvParam("GITHUB_SERVER_URL"), "actions", logging_1.getActionsLogger());
+        const apiDetails = {
+            auth: actionsUtil.getRequiredInput("token"),
+            url: actionsUtil.getRequiredEnvParam("GITHUB_SERVER_URL"),
+        };
+        const uploadStats = await upload_lib.upload(actionsUtil.getRequiredInput("sarif_file"), repository_1.parseRepositoryNwo(actionsUtil.getRequiredEnvParam("GITHUB_REPOSITORY")), await actionsUtil.getCommitOid(), await actionsUtil.getRef(), await actionsUtil.getAnalysisKey(), actionsUtil.getRequiredEnvParam("GITHUB_WORKFLOW"), actionsUtil.getWorkflowRunID(), actionsUtil.getRequiredInput("checkout_path"), actionsUtil.getRequiredInput("matrix"), apiDetails, "actions", logging_1.getActionsLogger());
         await sendSuccessStatusReport(startedAt, uploadStats);
     }
     catch (error) {
@@ -36,8 +40,14 @@ async function run() {
         return;
     }
 }
-run().catch((e) => {
-    core.setFailed(`codeql/upload-sarif action failed: ${e}`);
-    console.log(e);
-});
+async function runWrapper() {
+    try {
+        await run();
+    }
+    catch (error) {
+        core.setFailed(`codeql/upload-sarif action failed: ${error}`);
+        console.log(error);
+    }
+}
+void runWrapper();
 //# sourceMappingURL=upload-sarif-action.js.map

lib/upload-sarif-action.js.map

@@ -1 +1 @@
-{"version":3,"file":"upload-sarif-action.js","sourceRoot":"","sources":["../src/upload-sarif-action.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,uCAA6C;AAC7C,6CAAkD;AAClD,yDAA2C;AAM3C,KAAK,UAAU,uBAAuB,CACpC,SAAe,EACf,WAA0C;IAE1C,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,cAAc,EACd,SAAS,EACT,SAAS,CACV,CAAC;IACF,MAAM,YAAY,GAA4B;QAC5C,GAAG,gBAAgB;QACnB,GAAG,WAAW;KACf,CAAC;IACF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CACtC,cAAc,EACd,UAAU,EACV,SAAS,CACV,EACD,IAAI,CACL,CAAC,EACF;QACA,OAAO;KACR;IAED,IAAI;QACF,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,MAAM,CACzC,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,EAC1C,+BAAkB,CAAC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,CAAC,EACxE,MAAM,WAAW,CAAC,YAAY,EAAE,EAChC,WAAW,CAAC,MAAM,EAAE,EACpB,MAAM,WAAW,CAAC,cAAc,EAAE,EAClC,WAAW,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,EAClD,WAAW,CAAC,gBAAgB,EAAE,EAC9B,WAAW,CAAC,gBAAgB,CAAC,eAAe,CAAC,EAC7C,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,EACtC,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,EACrC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,EACpD,SAAS,EACT,0BAAgB,EAAE,CACnB,CAAC;QACF,MAAM,uBAAuB,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;KACvD;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,cAAc,EACd,SAAS,EACT,SAAS,EACT,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;QACF,OAAO;KACR;AACH,CAAC;AAED,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IAChB,IAAI,CAAC,SAAS,CAAC,sCAAsC,CAAC,EAAE,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACjB,CAAC,CAAC,CAAC"}
+{"version":3,"file":"upload-sarif-action.js","sourceRoot":"","sources":["../src/upload-sarif-action.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,uCAA6C;AAC7C,6CAAkD;AAClD,yDAA2C;AAM3C,KAAK,UAAU,uBAAuB,CACpC,SAAe,EACf,WAA0C;IAE1C,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,sBAAsB,CAC/D,cAAc,EACd,SAAS,EACT,SAAS,CACV,CAAC;IACF,MAAM,YAAY,GAA4B;QAC5C,GAAG,gBAAgB;QACnB,GAAG,WAAW;KACf,CAAC;IACF,MAAM,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,IACE,CAAC,CAAC,MAAM,WAAW,CAAC,gBAAgB,CAClC,MAAM,WAAW,CAAC,sBAAsB,CACtC,cAAc,EACd,UAAU,EACV,SAAS,CACV,CACF,CAAC,EACF;QACA,OAAO;KACR;IAED,IAAI;QACF,MAAM,UAAU,GAAG;YACjB,IAAI,EAAE,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC;YAC3C,GAAG,EAAE,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC;SAC1D,CAAC;QAEF,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,MAAM,CACzC,WAAW,CAAC,gBAAgB,CAAC,YAAY,CAAC,EAC1C,+BAAkB,CAAC,WAAW,CAAC,mBAAmB,CAAC,mBAAmB,CAAC,CAAC,EACxE,MAAM,WAAW,CAAC,YAAY,EAAE,EAChC,MAAM,WAAW,CAAC,MAAM,EAAE,EAC1B,MAAM,WAAW,CAAC,cAAc,EAAE,EAClC,WAAW,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,EAClD,WAAW,CAAC,gBAAgB,EAAE,EAC9B,WAAW,CAAC,gBAAgB,CAAC,eAAe,CAAC,EAC7C,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,EACtC,UAAU,EACV,SAAS,EACT,0BAAgB,EAAE,CACnB,CAAC;QACF,MAAM,uBAAuB,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;KACvD;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACnB,MAAM,WAAW,CAAC,gBAAgB,CAChC,MAAM,WAAW,CAAC,sBAAsB,CACtC,cAAc,EACd,SAAS,EACT,SAAS,EACT,KAAK,CAAC,OAAO,EACb,KAAK,CAAC,KAAK,CACZ,CACF,CAAC;QACF,OAAO;KACR;AACH,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,IAAI;QACF,MAAM,GAAG,EAAE,CAAC;KACb;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,CAAC,SAAS,CAAC,sCAAsC,KAAK,EAAE,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;KACpB;AACH,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"}

lib/util.js

@@ -151,4 +151,43 @@ function getCodeQLDatabasePath(tempDir, language) {
     return path.resolve(getCodeQLDatabasesDir(tempDir), language);
 }
 exports.getCodeQLDatabasePath = getCodeQLDatabasePath;
+/**
+ * Parses user input of a github.com or GHES URL to a canonical form.
+ * Removes any API prefix or suffix if one is present.
+ */
+function parseGithubUrl(inputUrl) {
+    const originalUrl = inputUrl;
+    if (inputUrl.indexOf("://") === -1) {
+        inputUrl = `https://${inputUrl}`;
+    }
+    if (!inputUrl.startsWith("http://") && !inputUrl.startsWith("https://")) {
+        throw new Error(`"${originalUrl}" is not a http or https URL`);
+    }
+    let url;
+    try {
+        url = new URL(inputUrl);
+    }
+    catch (e) {
+        throw new Error(`"${originalUrl}" is not a valid URL`);
+    }
+    // If we detect this is trying to be to github.com
+    // then return with a fixed canonical URL.
+    if (url.hostname === "github.com" || url.hostname === "api.github.com") {
+        return exports.GITHUB_DOTCOM_URL;
+    }
+    // Remove the API prefix if it's present
+    if (url.pathname.indexOf("/api/v3") !== -1) {
+        url.pathname = url.pathname.substring(0, url.pathname.indexOf("/api/v3"));
+    }
+    // Also consider subdomain isolation on GHES
+    if (url.hostname.startsWith("api.")) {
+        url.hostname = url.hostname.substring(4);
+    }
+    // Normalise path to having a trailing slash for consistency
+    if (!url.pathname.endsWith("/")) {
+        url.pathname = `${url.pathname}/`;
+    }
+    return url.toString();
+}
+exports.parseGithubUrl = parseGithubUrl;
 //# sourceMappingURL=util.js.map

lib/util.js.map

@@ -1 +1 @@
-{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAU7B;;GAEG;AACU,QAAA,iBAAiB,GAAG,oBAAoB,CAAC;AAEtD;;GAEG;AACH,SAAgB,uBAAuB;IACrC,MAAM,OAAO,GAAG,6BAA6B,CAAC;IAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACjC,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;QACzC,OAAO,EAAE,CAAC;KACX;IACD,IAAI;QACF,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;KACxB;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CACb,GAAG,OAAO,kEAAkE,CAAC,CAAC,OAAO,EAAE,CACxF,CAAC;KACH;AACH,CAAC;AAbD,0DAaC;AAED,SAAgB,UAAU;IACxB,OAAO,CACL,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC9B,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,OAAO;QACxC,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,GAAG,CACrC,CAAC;AACJ,CAAC;AAND,gCAMC;AAED;;;;GAIG;AACH,SAAgB,YAAY,CAAC,aAAqB;IAChD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,EAAE,CAAC;IAErB,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,IAAI,IAAI,EAAE,EAAE;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC;QACjC,IAAI,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;YAC7D,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;SAC/B;KACF;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAChC,CAAC;AAbD,oCAaC;AAED,6FAA6F;AAC7F,wCAAwC;AACjC,KAAK,UAAU,UAAU,CAC9B,IAAoC;IAEpC,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,gBAAgB,CAAC,CAAC,CAAC;IACxE,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7C,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACzB,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACnD,EAAE,CAAC,WAAW,CAAC,UAAU,EAAE,aAAa,EAAE,KAAK,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,CAAC;IACzC,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1C,OAAO,MAAM,CAAC;AAChB,CAAC;AAXD,gCAWC;AAED;;;;;GAKG;AACH,SAAgB,aAAa,CAAC,SAA6B;IACzD,IAAI,oBAA4B,CAAC;IACjC,IAAI,SAAS,EAAE;QACb,oBAAoB,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QACzC,IAAI,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,oBAAoB,IAAI,CAAC,EAAE;YACnE,MAAM,IAAI,KAAK,CAAC,wBAAwB,SAAS,eAAe,CAAC,CAAC;SACnE;KACF;SAAM;QACL,MAAM,gBAAgB,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;QACvC,MAAM,oBAAoB,GAAG,gBAAgB,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;QAC9D,MAAM,6BAA6B,GAAG,GAAG,CAAC;QAC1C,oBAAoB,GAAG,oBAAoB,GAAG,6BAA6B,CAAC;KAC7E;IACD,OAAO,SAAS,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;AACrD,CAAC;AAdD,sCAcC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAChC,SAAuC;IAEvC,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;QACjC,sEAAsE;QACtE,SAAS,GAAG,SAAS,CAAC,WAAW,EAAE,KAAK,MAAM,CAAC;KAChD;IACD,OAAO,SAAS,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,yBAAyB,CAAC;AACxE,CAAC;AARD,gDAQC;AAED;;;;;;;GAOG;AACH,SAAgB,cAAc,CAC5B,SAA6B,EAC7B,MAAc;IAEd,IAAI,UAAkB,CAAC;IACvB,MAAM,UAAU,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC;IACpC,IAAI,SAAS,EAAE;QACb,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC/B,IAAI,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,4BAA4B,SAAS,eAAe,CAAC,CAAC;SACvE;QACD,IAAI,UAAU,GAAG,UAAU,EAAE;YAC3B,MAAM,CAAC,IAAI,CACT,uCAAuC,UAAU,uBAAuB,UAAU,IAAI,CACvF,CAAC;YACF,UAAU,GAAG,UAAU,CAAC;SACzB;QACD,MAAM,UAAU,GAAG,CAAC,UAAU,CAAC;QAC/B,IAAI,UAAU,GAAG,UAAU,EAAE;YAC3B,MAAM,CAAC,IAAI,CACT,4CAA4C,UAAU,uBAAuB,UAAU,IAAI,CAC5F,CAAC;YACF,UAAU,GAAG,UAAU,CAAC;SACzB;KACF;SAAM;QACL,+BAA+B;QAC/B,UAAU,GAAG,UAAU,CAAC;KACzB;IACD,OAAO,aAAa,UAAU,EAAE,CAAC;AACnC,CAAC;AA7BD,wCA6BC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,OAAe;IACnD,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;AACnD,CAAC;AAFD,sDAEC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,OAAe,EAAE,QAAkB;IACvE,OAAO,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC;AAChE,CAAC;AAFD,sDAEC"}
+{"version":3,"file":"util.js","sourceRoot":"","sources":["../src/util.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAU7B;;GAEG;AACU,QAAA,iBAAiB,GAAG,oBAAoB,CAAC;AAEtD;;GAEG;AACH,SAAgB,uBAAuB;IACrC,MAAM,OAAO,GAAG,6BAA6B,CAAC;IAC9C,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACjC,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;QACzC,OAAO,EAAE,CAAC;KACX;IACD,IAAI;QACF,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;KACxB;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CACb,GAAG,OAAO,kEAAkE,CAAC,CAAC,OAAO,EAAE,CACxF,CAAC;KACH;AACH,CAAC;AAbD,0DAaC;AAED,SAAgB,UAAU;IACxB,OAAO,CACL,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC9B,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,OAAO;QACxC,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,GAAG,CACrC,CAAC;AACJ,CAAC;AAND,gCAMC;AAED;;;;GAIG;AACH,SAAgB,YAAY,CAAC,aAAqB;IAChD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IACxC,MAAM,SAAS,GAAG,EAAE,CAAC;IAErB,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,IAAI,IAAI,EAAE,EAAE;QAClC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC;QACjC,IAAI,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE;YAC7D,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;SAC/B;KACF;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAChC,CAAC;AAbD,oCAaC;AAED,6FAA6F;AAC7F,wCAAwC;AACjC,KAAK,UAAU,UAAU,CAC9B,IAAoC;IAEpC,MAAM,MAAM,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,gBAAgB,CAAC,CAAC,CAAC;IACxE,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7C,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACzB,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACnD,EAAE,CAAC,WAAW,CAAC,UAAU,EAAE,aAAa,EAAE,KAAK,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,CAAC;IACzC,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1C,OAAO,MAAM,CAAC;AAChB,CAAC;AAXD,gCAWC;AAED;;;;;GAKG;AACH,SAAgB,aAAa,CAAC,SAA6B;IACzD,IAAI,oBAA4B,CAAC;IACjC,IAAI,SAAS,EAAE;QACb,oBAAoB,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QACzC,IAAI,MAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,oBAAoB,IAAI,CAAC,EAAE;YACnE,MAAM,IAAI,KAAK,CAAC,wBAAwB,SAAS,eAAe,CAAC,CAAC;SACnE;KACF;SAAM;QACL,MAAM,gBAAgB,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;QACvC,MAAM,oBAAoB,GAAG,gBAAgB,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;QAC9D,MAAM,6BAA6B,GAAG,GAAG,CAAC;QAC1C,oBAAoB,GAAG,oBAAoB,GAAG,6BAA6B,CAAC;KAC7E;IACD,OAAO,SAAS,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;AACrD,CAAC;AAdD,sCAcC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAChC,SAAuC;IAEvC,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;QACjC,sEAAsE;QACtE,SAAS,GAAG,SAAS,CAAC,WAAW,EAAE,KAAK,MAAM,CAAC;KAChD;IACD,OAAO,SAAS,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,yBAAyB,CAAC;AACxE,CAAC;AARD,gDAQC;AAED;;;;;;;GAOG;AACH,SAAgB,cAAc,CAC5B,SAA6B,EAC7B,MAAc;IAEd,IAAI,UAAkB,CAAC;IACvB,MAAM,UAAU,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC;IACpC,IAAI,SAAS,EAAE;QACb,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QAC/B,IAAI,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,4BAA4B,SAAS,eAAe,CAAC,CAAC;SACvE;QACD,IAAI,UAAU,GAAG,UAAU,EAAE;YAC3B,MAAM,CAAC,IAAI,CACT,uCAAuC,UAAU,uBAAuB,UAAU,IAAI,CACvF,CAAC;YACF,UAAU,GAAG,UAAU,CAAC;SACzB;QACD,MAAM,UAAU,GAAG,CAAC,UAAU,CAAC;QAC/B,IAAI,UAAU,GAAG,UAAU,EAAE;YAC3B,MAAM,CAAC,IAAI,CACT,4CAA4C,UAAU,uBAAuB,UAAU,IAAI,CAC5F,CAAC;YACF,UAAU,GAAG,UAAU,CAAC;SACzB;KACF;SAAM;QACL,+BAA+B;QAC/B,UAAU,GAAG,UAAU,CAAC;KACzB;IACD,OAAO,aAAa,UAAU,EAAE,CAAC;AACnC,CAAC;AA7BD,wCA6BC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,OAAe;IACnD,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;AACnD,CAAC;AAFD,sDAEC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,OAAe,EAAE,QAAkB;IACvE,OAAO,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC;AAChE,CAAC;AAFD,sDAEC;AAED;;;GAGG;AACH,SAAgB,cAAc,CAAC,QAAgB;IAC7C,MAAM,WAAW,GAAG,QAAQ,CAAC;IAC7B,IAAI,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE;QAClC,QAAQ,GAAG,WAAW,QAAQ,EAAE,CAAC;KAClC;IACD,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE;QACvE,MAAM,IAAI,KAAK,CAAC,IAAI,WAAW,8BAA8B,CAAC,CAAC;KAChE;IAED,IAAI,GAAQ,CAAC;IACb,IAAI;QACF,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC;KACzB;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CAAC,IAAI,WAAW,sBAAsB,CAAC,CAAC;KACxD;IAED,kDAAkD;IAClD,0CAA0C;IAC1C,IAAI,GAAG,CAAC,QAAQ,KAAK,YAAY,IAAI,GAAG,CAAC,QAAQ,KAAK,gBAAgB,EAAE;QACtE,OAAO,yBAAiB,CAAC;KAC1B;IAED,wCAAwC;IACxC,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE;QAC1C,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC;KAC3E;IACD,4CAA4C;IAC5C,IAAI,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE;QACnC,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;KAC1C;IAED,4DAA4D;IAC5D,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;QAC/B,GAAG,CAAC,QAAQ,GAAG,GAAG,GAAG,CAAC,QAAQ,GAAG,CAAC;KACnC;IAED,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AArCD,wCAqCC"}

lib/util.test.js

@@ -1,7 +1,4 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 var __importStar = (this && this.__importStar) || function (mod) {
     if (mod && mod.__esModule) return mod;
     var result = {};
@@ -9,10 +6,13 @@ var __importStar = (this && this.__importStar) || function (mod) {
     result["default"] = mod;
     return result;
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-const ava_1 = __importDefault(require("ava"));
 const fs = __importStar(require("fs"));
 const os = __importStar(require("os"));
+const ava_1 = __importDefault(require("ava"));
 const logging_1 = require("./logging");
 const testing_utils_1 = require("./testing-utils");
 const util = __importStar(require("./util"));
@@ -66,7 +66,6 @@ ava_1.default("getThreadsFlag() throws if the threads input is not an integer",
     t.throws(() => util.getThreadsFlag("hello!", logging_1.getRunnerLogger(true)));
 });
 ava_1.default("isLocalRun() runs correctly", (t) => {
-    const origLocalRun = process.env.CODEQL_LOCAL_RUN;
     process.env.CODEQL_LOCAL_RUN = "";
     t.assert(!util.isLocalRun());
     process.env.CODEQL_LOCAL_RUN = "false";
@@ -77,7 +76,6 @@ ava_1.default("isLocalRun() runs correctly", (t) => {
     t.assert(util.isLocalRun());
     process.env.CODEQL_LOCAL_RUN = "hucairz";
     t.assert(util.isLocalRun());
-    process.env.CODEQL_LOCAL_RUN = origLocalRun;
 });
 ava_1.default("getExtraOptionsEnvParam() succeeds on valid JSON with invalid options (for now)", (t) => {
     const origExtraOptions = process.env.CODEQL_ACTION_EXTRA_OPTIONS;
@@ -99,4 +97,28 @@ ava_1.default("getExtraOptionsEnvParam() fails on invalid JSON", (t) => {
     t.throws(util.getExtraOptionsEnvParam);
     process.env.CODEQL_ACTION_EXTRA_OPTIONS = origExtraOptions;
 });
+ava_1.default("parseGithubUrl", (t) => {
+    t.deepEqual(util.parseGithubUrl("github.com"), "https://github.com");
+    t.deepEqual(util.parseGithubUrl("https://github.com"), "https://github.com");
+    t.deepEqual(util.parseGithubUrl("https://api.github.com"), "https://github.com");
+    t.deepEqual(util.parseGithubUrl("https://github.com/foo/bar"), "https://github.com");
+    t.deepEqual(util.parseGithubUrl("github.example.com"), "https://github.example.com/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com"), "https://github.example.com/");
+    t.deepEqual(util.parseGithubUrl("https://api.github.example.com"), "https://github.example.com/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com/api/v3"), "https://github.example.com/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com:1234"), "https://github.example.com:1234/");
+    t.deepEqual(util.parseGithubUrl("https://api.github.example.com:1234"), "https://github.example.com:1234/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com:1234/api/v3"), "https://github.example.com:1234/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com/base/path"), "https://github.example.com/base/path/");
+    t.deepEqual(util.parseGithubUrl("https://github.example.com/base/path/api/v3"), "https://github.example.com/base/path/");
+    t.throws(() => util.parseGithubUrl(""), {
+        message: '"" is not a valid URL',
+    });
+    t.throws(() => util.parseGithubUrl("ssh://github.com"), {
+        message: '"ssh://github.com" is not a http or https URL',
+    });
+    t.throws(() => util.parseGithubUrl("http:///::::433"), {
+        message: '"http:///::::433" is not a valid URL',
+    });
+});
 //# sourceMappingURL=util.test.js.map

node_modules/.bin/uuid

@@ -1 +1 @@
-../uuid/bin/uuid
+../uuid/dist/bin/uuid

node_modules/.bin/which

@@ -1 +0,0 @@
-../which/bin/which

node_modules/@actions/core/LICENSE.md

@@ -1,9 +1,9 @@
-MIT License
+The MIT License (MIT)
 
-Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com)
+Copyright 2019 GitHub
 
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 
 The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

node_modules/@actions/core/README.md

@@ -82,7 +82,14 @@ try {
     core.warning('myInput was not set');
   }
   
+  if (core.isDebug()) {
+    // curl -v https://github.com
+  } else {
+    // curl https://github.com
+  }
+
   // Do stuff
+  core.info('Output to the actions build log')
 }
 catch (err) {
   core.error(`Error ${err}, action may still succeed though`);
@@ -137,4 +144,4 @@ const core = require('@actions/core');
 var pid = core.getState("pidToKill");
 
 process.kill(pid);
-```
+```

node_modules/@actions/core/lib/command.d.ts

@@ -1,16 +1,16 @@
 interface CommandProperties {
-    [key: string]: string;
+    [key: string]: any;
 }
 /**
  * Commands
  *
  * Command Format:
- *   ##[name key=value;key=value]message
+ *   ::name key=value,key=value::message
  *
  * Examples:
- *   ##[warning]This is the user warning message
- *   ##[set-secret name=mypassword]definitelyNotAPassword!
+ *   ::warning::This is the message
+ *   ::set-env name=MY_VAR::some value
  */
-export declare function issueCommand(command: string, properties: CommandProperties, message: string): void;
+export declare function issueCommand(command: string, properties: CommandProperties, message: any): void;
 export declare function issue(name: string, message?: string): void;
 export {};

node_modules/@actions/core/lib/command.js

@@ -1,15 +1,23 @@
 "use strict";
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-const os = require("os");
+const os = __importStar(require("os"));
+const utils_1 = require("./utils");
 /**
  * Commands
  *
  * Command Format:
- *   ##[name key=value;key=value]message
+ *   ::name key=value,key=value::message
  *
  * Examples:
- *   ##[warning]This is the user warning message
- *   ##[set-secret name=mypassword]definitelyNotAPassword!
+ *   ::warning::This is the message
+ *   ::set-env name=MY_VAR::some value
  */
 function issueCommand(command, properties, message) {
     const cmd = new Command(command, properties, message);
@@ -34,33 +42,38 @@ class Command {
         let cmdStr = CMD_STRING + this.command;
         if (this.properties && Object.keys(this.properties).length > 0) {
             cmdStr += ' ';
+            let first = true;
             for (const key in this.properties) {
                 if (this.properties.hasOwnProperty(key)) {
                     const val = this.properties[key];
                     if (val) {
-                        // safely append the val - avoid blowing up when attempting to
-                        // call .replace() if message is not a string for some reason
-                        cmdStr += `${key}=${escape(`${val || ''}`)},`;
+                        if (first) {
+                            first = false;
+                        }
+                        else {
+                            cmdStr += ',';
+                        }
+                        cmdStr += `${key}=${escapeProperty(val)}`;
                     }
                 }
             }
         }
-        cmdStr += CMD_STRING;
-        // safely append the message - avoid blowing up when attempting to
-        // call .replace() if message is not a string for some reason
-        const message = `${this.message || ''}`;
-        cmdStr += escapeData(message);
+        cmdStr += `${CMD_STRING}${escapeData(this.message)}`;
         return cmdStr;
     }
 }
 function escapeData(s) {
-    return s.replace(/\r/g, '%0D').replace(/\n/g, '%0A');
+    return utils_1.toCommandValue(s)
+        .replace(/%/g, '%25')
+        .replace(/\r/g, '%0D')
+        .replace(/\n/g, '%0A');
 }
-function escape(s) {
-    return s
+function escapeProperty(s) {
+    return utils_1.toCommandValue(s)
+        .replace(/%/g, '%25')
         .replace(/\r/g, '%0D')
         .replace(/\n/g, '%0A')
-        .replace(/]/g, '%5D')
-        .replace(/;/g, '%3B');
+        .replace(/:/g, '%3A')
+        .replace(/,/g, '%2C');
 }
 //# sourceMappingURL=command.js.map

node_modules/@actions/core/lib/command.js.map

@@ -1 +1 @@
-{"version":3,"file":"command.js","sourceRoot":"","sources":["../src/command.ts"],"names":[],"mappings":";;AAAA,yBAAwB;AAQxB;;;;;;;;;GASG;AACH,SAAgB,YAAY,CAC1B,OAAe,EACf,UAA6B,EAC7B,OAAe;IAEf,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;IACrD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAA;AAC/C,CAAC;AAPD,oCAOC;AAED,SAAgB,KAAK,CAAC,IAAY,EAAE,UAAkB,EAAE;IACtD,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;AACjC,CAAC;AAFD,sBAEC;AAED,MAAM,UAAU,GAAG,IAAI,CAAA;AAEvB,MAAM,OAAO;IAKX,YAAY,OAAe,EAAE,UAA6B,EAAE,OAAe;QACzE,IAAI,CAAC,OAAO,EAAE;YACZ,OAAO,GAAG,iBAAiB,CAAA;SAC5B;QAED,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,CAAC;IAED,QAAQ;QACN,IAAI,MAAM,GAAG,UAAU,GAAG,IAAI,CAAC,OAAO,CAAA;QAEtC,IAAI,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;YAC9D,MAAM,IAAI,GAAG,CAAA;YACb,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,UAAU,EAAE;gBACjC,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE;oBACvC,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;oBAChC,IAAI,GAAG,EAAE;wBACP,8DAA8D;wBAC9D,6DAA6D;wBAC7D,MAAM,IAAI,GAAG,GAAG,IAAI,MAAM,CAAC,GAAG,GAAG,IAAI,EAAE,EAAE,CAAC,GAAG,CAAA;qBAC9C;iBACF;aACF;SACF;QAED,MAAM,IAAI,UAAU,CAAA;QAEpB,kEAAkE;QAClE,6DAA6D;QAC7D,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,OAAO,IAAI,EAAE,EAAE,CAAA;QACvC,MAAM,IAAI,UAAU,CAAC,OAAO,CAAC,CAAA;QAE7B,OAAO,MAAM,CAAA;IACf,CAAC;CACF;AAED,SAAS,UAAU,CAAC,CAAS;IAC3B,OAAO,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;AACtD,CAAC;AAED,SAAS,MAAM,CAAC,CAAS;IACvB,OAAO,CAAC;SACL,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;SACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;AACzB,CAAC"}
+{"version":3,"file":"command.js","sourceRoot":"","sources":["../src/command.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAwB;AACxB,mCAAsC;AAWtC;;;;;;;;;GASG;AACH,SAAgB,YAAY,CAC1B,OAAe,EACf,UAA6B,EAC7B,OAAY;IAEZ,MAAM,GAAG,GAAG,IAAI,OAAO,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;IACrD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAA;AAC/C,CAAC;AAPD,oCAOC;AAED,SAAgB,KAAK,CAAC,IAAY,EAAE,UAAkB,EAAE;IACtD,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;AACjC,CAAC;AAFD,sBAEC;AAED,MAAM,UAAU,GAAG,IAAI,CAAA;AAEvB,MAAM,OAAO;IAKX,YAAY,OAAe,EAAE,UAA6B,EAAE,OAAe;QACzE,IAAI,CAAC,OAAO,EAAE;YACZ,OAAO,GAAG,iBAAiB,CAAA;SAC5B;QAED,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,CAAC;IAED,QAAQ;QACN,IAAI,MAAM,GAAG,UAAU,GAAG,IAAI,CAAC,OAAO,CAAA;QAEtC,IAAI,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;YAC9D,MAAM,IAAI,GAAG,CAAA;YACb,IAAI,KAAK,GAAG,IAAI,CAAA;YAChB,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,UAAU,EAAE;gBACjC,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE;oBACvC,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;oBAChC,IAAI,GAAG,EAAE;wBACP,IAAI,KAAK,EAAE;4BACT,KAAK,GAAG,KAAK,CAAA;yBACd;6BAAM;4BACL,MAAM,IAAI,GAAG,CAAA;yBACd;wBAED,MAAM,IAAI,GAAG,GAAG,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAA;qBAC1C;iBACF;aACF;SACF;QAED,MAAM,IAAI,GAAG,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAA;QACpD,OAAO,MAAM,CAAA;IACf,CAAC;CACF;AAED,SAAS,UAAU,CAAC,CAAM;IACxB,OAAO,sBAAc,CAAC,CAAC,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;SACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;AAC1B,CAAC;AAED,SAAS,cAAc,CAAC,CAAM;IAC5B,OAAO,sBAAc,CAAC,CAAC,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;SACpB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC;SACpB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;AACzB,CAAC"}

node_modules/@actions/core/lib/core.d.ts

@@ -21,9 +21,9 @@ export declare enum ExitCode {
 /**
  * Sets env variable for this action and future actions in the job
  * @param name the name of the variable to set
- * @param val the value of the variable
+ * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify
  */
-export declare function exportVariable(name: string, val: string): void;
+export declare function exportVariable(name: string, val: any): void;
 /**
  * Registers a secret which will get masked from logs
  * @param secret value of the secret
@@ -46,15 +46,25 @@ export declare function getInput(name: string, options?: InputOptions): string;
  * Sets the value of an output.
  *
  * @param     name     name of the output to set
- * @param     value    value to store
+ * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify
  */
-export declare function setOutput(name: string, value: string): void;
+export declare function setOutput(name: string, value: any): void;
+/**
+ * Enables or disables the echoing of commands into stdout for the rest of the step.
+ * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set.
+ *
+ */
+export declare function setCommandEcho(enabled: boolean): void;
 /**
  * Sets the action status to failed.
  * When the action exits it will be with an exit code of 1
  * @param message add error issue message
  */
-export declare function setFailed(message: string): void;
+export declare function setFailed(message: string | Error): void;
+/**
+ * Gets whether Actions Step Debug is on or not
+ */
+export declare function isDebug(): boolean;
 /**
  * Writes debug message to user log
  * @param message debug message
@@ -62,14 +72,14 @@ export declare function setFailed(message: string): void;
 export declare function debug(message: string): void;
 /**
  * Adds an error issue
- * @param message error issue message
+ * @param message error issue message. Errors will be converted to string via toString()
  */
-export declare function error(message: string): void;
+export declare function error(message: string | Error): void;
 /**
  * Adds an warning issue
- * @param message warning issue message
+ * @param message warning issue message. Errors will be converted to string via toString()
  */
-export declare function warning(message: string): void;
+export declare function warning(message: string | Error): void;
 /**
  * Writes info to log with console.log.
  * @param message info message
@@ -100,9 +110,9 @@ export declare function group<T>(name: string, fn: () => Promise<T>): Promise<T>
  * Saves state for current action, the state can only be retrieved by this action's post job execution.
  *
  * @param     name     name of the state to store
- * @param     value    value to store
+ * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify
  */
-export declare function saveState(name: string, value: string): void;
+export declare function saveState(name: string, value: any): void;
 /**
  * Gets the value of an state set by this action's main execution.
  *

node_modules/@actions/core/lib/core.js

@@ -8,10 +8,19 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 const command_1 = require("./command");
-const os = require("os");
-const path = require("path");
+const file_command_1 = require("./file-command");
+const utils_1 = require("./utils");
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
 /**
  * The code to exit an action
  */
@@ -32,11 +41,21 @@ var ExitCode;
 /**
  * Sets env variable for this action and future actions in the job
  * @param name the name of the variable to set
- * @param val the value of the variable
+ * @param val the value of the variable. Non-string values will be converted to a string via JSON.stringify
  */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
 function exportVariable(name, val) {
-    process.env[name] = val;
-    command_1.issueCommand('set-env', { name }, val);
+    const convertedVal = utils_1.toCommandValue(val);
+    process.env[name] = convertedVal;
+    const filePath = process.env['GITHUB_ENV'] || '';
+    if (filePath) {
+        const delimiter = '_GitHubActionsFileCommandDelimeter_';
+        const commandValue = `${name}<<${delimiter}${os.EOL}${convertedVal}${os.EOL}${delimiter}`;
+        file_command_1.issueCommand('ENV', commandValue);
+    }
+    else {
+        command_1.issueCommand('set-env', { name }, convertedVal);
+    }
 }
 exports.exportVariable = exportVariable;
 /**
@@ -52,7 +71,13 @@ exports.setSecret = setSecret;
  * @param inputPath
  */
 function addPath(inputPath) {
-    command_1.issueCommand('add-path', {}, inputPath);
+    const filePath = process.env['GITHUB_PATH'] || '';
+    if (filePath) {
+        file_command_1.issueCommand('PATH', inputPath);
+    }
+    else {
+        command_1.issueCommand('add-path', {}, inputPath);
+    }
     process.env['PATH'] = `${inputPath}${path.delimiter}${process.env['PATH']}`;
 }
 exports.addPath = addPath;
@@ -75,12 +100,22 @@ exports.getInput = getInput;
  * Sets the value of an output.
  *
  * @param     name     name of the output to set
- * @param     value    value to store
+ * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify
  */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
 function setOutput(name, value) {
     command_1.issueCommand('set-output', { name }, value);
 }
 exports.setOutput = setOutput;
+/**
+ * Enables or disables the echoing of commands into stdout for the rest of the step.
+ * Echoing is disabled by default if ACTIONS_STEP_DEBUG is not set.
+ *
+ */
+function setCommandEcho(enabled) {
+    command_1.issue('echo', enabled ? 'on' : 'off');
+}
+exports.setCommandEcho = setCommandEcho;
 //-----------------------------------------------------------------------
 // Results
 //-----------------------------------------------------------------------
@@ -97,6 +132,13 @@ exports.setFailed = setFailed;
 //-----------------------------------------------------------------------
 // Logging Commands
 //-----------------------------------------------------------------------
+/**
+ * Gets whether Actions Step Debug is on or not
+ */
+function isDebug() {
+    return process.env['RUNNER_DEBUG'] === '1';
+}
+exports.isDebug = isDebug;
 /**
  * Writes debug message to user log
  * @param message debug message
@@ -107,18 +149,18 @@ function debug(message) {
 exports.debug = debug;
 /**
  * Adds an error issue
- * @param message error issue message
+ * @param message error issue message. Errors will be converted to string via toString()
  */
 function error(message) {
-    command_1.issue('error', message);
+    command_1.issue('error', message instanceof Error ? message.toString() : message);
 }
 exports.error = error;
 /**
  * Adds an warning issue
- * @param message warning issue message
+ * @param message warning issue message. Errors will be converted to string via toString()
  */
 function warning(message) {
-    command_1.issue('warning', message);
+    command_1.issue('warning', message instanceof Error ? message.toString() : message);
 }
 exports.warning = warning;
 /**
@@ -176,8 +218,9 @@ exports.group = group;
  * Saves state for current action, the state can only be retrieved by this action's post job execution.
  *
  * @param     name     name of the state to store
- * @param     value    value to store
+ * @param     value    value to store. Non-string values will be converted to a string via JSON.stringify
  */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
 function saveState(name, value) {
     command_1.issueCommand('save-state', { name }, value);
 }

node_modules/@actions/core/lib/core.js.map

@@ -1 +1 @@
-{"version":3,"file":"core.js","sourceRoot":"","sources":["../src/core.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,uCAA6C;AAE7C,yBAAwB;AACxB,6BAA4B;AAU5B;;GAEG;AACH,IAAY,QAUX;AAVD,WAAY,QAAQ;IAClB;;OAEG;IACH,6CAAW,CAAA;IAEX;;OAEG;IACH,6CAAW,CAAA;AACb,CAAC,EAVW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAUnB;AAED,yEAAyE;AACzE,YAAY;AACZ,yEAAyE;AAEzE;;;;GAIG;AACH,SAAgB,cAAc,CAAC,IAAY,EAAE,GAAW;IACtD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAA;IACvB,sBAAY,CAAC,SAAS,EAAE,EAAC,IAAI,EAAC,EAAE,GAAG,CAAC,CAAA;AACtC,CAAC;AAHD,wCAGC;AAED;;;GAGG;AACH,SAAgB,SAAS,CAAC,MAAc;IACtC,sBAAY,CAAC,UAAU,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;AACtC,CAAC;AAFD,8BAEC;AAED;;;GAGG;AACH,SAAgB,OAAO,CAAC,SAAiB;IACvC,sBAAY,CAAC,UAAU,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;IACvC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,GAAG,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAA;AAC7E,CAAC;AAHD,0BAGC;AAED;;;;;;GAMG;AACH,SAAgB,QAAQ,CAAC,IAAY,EAAE,OAAsB;IAC3D,MAAM,GAAG,GACP,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,IAAI,EAAE,CAAA;IACrE,IAAI,OAAO,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,GAAG,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,EAAE,CAAC,CAAA;KAC5D;IAED,OAAO,GAAG,CAAC,IAAI,EAAE,CAAA;AACnB,CAAC;AARD,4BAQC;AAED;;;;;GAKG;AACH,SAAgB,SAAS,CAAC,IAAY,EAAE,KAAa;IACnD,sBAAY,CAAC,YAAY,EAAE,EAAC,IAAI,EAAC,EAAE,KAAK,CAAC,CAAA;AAC3C,CAAC;AAFD,8BAEC;AAED,yEAAyE;AACzE,UAAU;AACV,yEAAyE;AAEzE;;;;GAIG;AACH,SAAgB,SAAS,CAAC,OAAe;IACvC,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAA;IACnC,KAAK,CAAC,OAAO,CAAC,CAAA;AAChB,CAAC;AAHD,8BAGC;AAED,yEAAyE;AACzE,mBAAmB;AACnB,yEAAyE;AAEzE;;;GAGG;AACH,SAAgB,KAAK,CAAC,OAAe;IACnC,sBAAY,CAAC,OAAO,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;AACpC,CAAC;AAFD,sBAEC;AAED;;;GAGG;AACH,SAAgB,KAAK,CAAC,OAAe;IACnC,eAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;AACzB,CAAC;AAFD,sBAEC;AAED;;;GAGG;AACH,SAAgB,OAAO,CAAC,OAAe;IACrC,eAAK,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;AAC3B,CAAC;AAFD,0BAEC;AAED;;;GAGG;AACH,SAAgB,IAAI,CAAC,OAAe;IAClC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,CAAA;AACxC,CAAC;AAFD,oBAEC;AAED;;;;;;GAMG;AACH,SAAgB,UAAU,CAAC,IAAY;IACrC,eAAK,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACtB,CAAC;AAFD,gCAEC;AAED;;GAEG;AACH,SAAgB,QAAQ;IACtB,eAAK,CAAC,UAAU,CAAC,CAAA;AACnB,CAAC;AAFD,4BAEC;AAED;;;;;;;GAOG;AACH,SAAsB,KAAK,CAAI,IAAY,EAAE,EAAoB;;QAC/D,UAAU,CAAC,IAAI,CAAC,CAAA;QAEhB,IAAI,MAAS,CAAA;QAEb,IAAI;YACF,MAAM,GAAG,MAAM,EAAE,EAAE,CAAA;SACpB;gBAAS;YACR,QAAQ,EAAE,CAAA;SACX;QAED,OAAO,MAAM,CAAA;IACf,CAAC;CAAA;AAZD,sBAYC;AAED,yEAAyE;AACzE,uBAAuB;AACvB,yEAAyE;AAEzE;;;;;GAKG;AACH,SAAgB,SAAS,CAAC,IAAY,EAAE,KAAa;IACnD,sBAAY,CAAC,YAAY,EAAE,EAAC,IAAI,EAAC,EAAE,KAAK,CAAC,CAAA;AAC3C,CAAC;AAFD,8BAEC;AAED;;;;;GAKG;AACH,SAAgB,QAAQ,CAAC,IAAY;IACnC,OAAO,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,IAAI,EAAE,CAAA;AAC3C,CAAC;AAFD,4BAEC"}
+{"version":3,"file":"core.js","sourceRoot":"","sources":["../src/core.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,uCAA6C;AAC7C,iDAA+D;AAC/D,mCAAsC;AAEtC,uCAAwB;AACxB,2CAA4B;AAU5B;;GAEG;AACH,IAAY,QAUX;AAVD,WAAY,QAAQ;IAClB;;OAEG;IACH,6CAAW,CAAA;IAEX;;OAEG;IACH,6CAAW,CAAA;AACb,CAAC,EAVW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAUnB;AAED,yEAAyE;AACzE,YAAY;AACZ,yEAAyE;AAEzE;;;;GAIG;AACH,8DAA8D;AAC9D,SAAgB,cAAc,CAAC,IAAY,EAAE,GAAQ;IACnD,MAAM,YAAY,GAAG,sBAAc,CAAC,GAAG,CAAC,CAAA;IACxC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,YAAY,CAAA;IAEhC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAA;IAChD,IAAI,QAAQ,EAAE;QACZ,MAAM,SAAS,GAAG,qCAAqC,CAAA;QACvD,MAAM,YAAY,GAAG,GAAG,IAAI,KAAK,SAAS,GAAG,EAAE,CAAC,GAAG,GAAG,YAAY,GAAG,EAAE,CAAC,GAAG,GAAG,SAAS,EAAE,CAAA;QACzF,2BAAgB,CAAC,KAAK,EAAE,YAAY,CAAC,CAAA;KACtC;SAAM;QACL,sBAAY,CAAC,SAAS,EAAE,EAAC,IAAI,EAAC,EAAE,YAAY,CAAC,CAAA;KAC9C;AACH,CAAC;AAZD,wCAYC;AAED;;;GAGG;AACH,SAAgB,SAAS,CAAC,MAAc;IACtC,sBAAY,CAAC,UAAU,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;AACtC,CAAC;AAFD,8BAEC;AAED;;;GAGG;AACH,SAAgB,OAAO,CAAC,SAAiB;IACvC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,CAAA;IACjD,IAAI,QAAQ,EAAE;QACZ,2BAAgB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;KACpC;SAAM;QACL,sBAAY,CAAC,UAAU,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;KACxC;IACD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,GAAG,SAAS,GAAG,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAA;AAC7E,CAAC;AARD,0BAQC;AAED;;;;;;GAMG;AACH,SAAgB,QAAQ,CAAC,IAAY,EAAE,OAAsB;IAC3D,MAAM,GAAG,GACP,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,IAAI,EAAE,CAAA;IACrE,IAAI,OAAO,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,GAAG,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,EAAE,CAAC,CAAA;KAC5D;IAED,OAAO,GAAG,CAAC,IAAI,EAAE,CAAA;AACnB,CAAC;AARD,4BAQC;AAED;;;;;GAKG;AACH,8DAA8D;AAC9D,SAAgB,SAAS,CAAC,IAAY,EAAE,KAAU;IAChD,sBAAY,CAAC,YAAY,EAAE,EAAC,IAAI,EAAC,EAAE,KAAK,CAAC,CAAA;AAC3C,CAAC;AAFD,8BAEC;AAED;;;;GAIG;AACH,SAAgB,cAAc,CAAC,OAAgB;IAC7C,eAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;AACvC,CAAC;AAFD,wCAEC;AAED,yEAAyE;AACzE,UAAU;AACV,yEAAyE;AAEzE;;;;GAIG;AACH,SAAgB,SAAS,CAAC,OAAuB;IAC/C,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAA;IAEnC,KAAK,CAAC,OAAO,CAAC,CAAA;AAChB,CAAC;AAJD,8BAIC;AAED,yEAAyE;AACzE,mBAAmB;AACnB,yEAAyE;AAEzE;;GAEG;AACH,SAAgB,OAAO;IACrB,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,GAAG,CAAA;AAC5C,CAAC;AAFD,0BAEC;AAED;;;GAGG;AACH,SAAgB,KAAK,CAAC,OAAe;IACnC,sBAAY,CAAC,OAAO,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;AACpC,CAAC;AAFD,sBAEC;AAED;;;GAGG;AACH,SAAgB,KAAK,CAAC,OAAuB;IAC3C,eAAK,CAAC,OAAO,EAAE,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;AACzE,CAAC;AAFD,sBAEC;AAED;;;GAGG;AACH,SAAgB,OAAO,CAAC,OAAuB;IAC7C,eAAK,CAAC,SAAS,EAAE,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;AAC3E,CAAC;AAFD,0BAEC;AAED;;;GAGG;AACH,SAAgB,IAAI,CAAC,OAAe;IAClC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,CAAA;AACxC,CAAC;AAFD,oBAEC;AAED;;;;;;GAMG;AACH,SAAgB,UAAU,CAAC,IAAY;IACrC,eAAK,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACtB,CAAC;AAFD,gCAEC;AAED;;GAEG;AACH,SAAgB,QAAQ;IACtB,eAAK,CAAC,UAAU,CAAC,CAAA;AACnB,CAAC;AAFD,4BAEC;AAED;;;;;;;GAOG;AACH,SAAsB,KAAK,CAAI,IAAY,EAAE,EAAoB;;QAC/D,UAAU,CAAC,IAAI,CAAC,CAAA;QAEhB,IAAI,MAAS,CAAA;QAEb,IAAI;YACF,MAAM,GAAG,MAAM,EAAE,EAAE,CAAA;SACpB;gBAAS;YACR,QAAQ,EAAE,CAAA;SACX;QAED,OAAO,MAAM,CAAA;IACf,CAAC;CAAA;AAZD,sBAYC;AAED,yEAAyE;AACzE,uBAAuB;AACvB,yEAAyE;AAEzE;;;;;GAKG;AACH,8DAA8D;AAC9D,SAAgB,SAAS,CAAC,IAAY,EAAE,KAAU;IAChD,sBAAY,CAAC,YAAY,EAAE,EAAC,IAAI,EAAC,EAAE,KAAK,CAAC,CAAA;AAC3C,CAAC;AAFD,8BAEC;AAED;;;;;GAKG;AACH,SAAgB,QAAQ,CAAC,IAAY;IACnC,OAAO,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,IAAI,EAAE,CAAA;AAC3C,CAAC;AAFD,4BAEC"}

node_modules/@actions/core/lib/file-command.d.ts

@@ -0,0 +1 @@
+export declare function issueCommand(command: string, message: any): void;

node_modules/@actions/core/lib/file-command.js

@@ -0,0 +1,29 @@
+"use strict";
+// For internal use, subject to change.
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+// We use any as a valid input type
+/* eslint-disable @typescript-eslint/no-explicit-any */
+const fs = __importStar(require("fs"));
+const os = __importStar(require("os"));
+const utils_1 = require("./utils");
+function issueCommand(command, message) {
+    const filePath = process.env[`GITHUB_${command}`];
+    if (!filePath) {
+        throw new Error(`Unable to find environment variable for file command ${command}`);
+    }
+    if (!fs.existsSync(filePath)) {
+        throw new Error(`Missing file at path: ${filePath}`);
+    }
+    fs.appendFileSync(filePath, `${utils_1.toCommandValue(message)}${os.EOL}`, {
+        encoding: 'utf8'
+    });
+}
+exports.issueCommand = issueCommand;
+//# sourceMappingURL=file-command.js.map

node_modules/@actions/core/lib/file-command.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-command.js","sourceRoot":"","sources":["../src/file-command.ts"],"names":[],"mappings":";AAAA,uCAAuC;;;;;;;;;AAEvC,mCAAmC;AACnC,uDAAuD;AAEvD,uCAAwB;AACxB,uCAAwB;AACxB,mCAAsC;AAEtC,SAAgB,YAAY,CAAC,OAAe,EAAE,OAAY;IACxD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,OAAO,EAAE,CAAC,CAAA;IACjD,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CACb,wDAAwD,OAAO,EAAE,CAClE,CAAA;KACF;IACD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE;QAC5B,MAAM,IAAI,KAAK,CAAC,yBAAyB,QAAQ,EAAE,CAAC,CAAA;KACrD;IAED,EAAE,CAAC,cAAc,CAAC,QAAQ,EAAE,GAAG,sBAAc,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE;QACjE,QAAQ,EAAE,MAAM;KACjB,CAAC,CAAA;AACJ,CAAC;AAdD,oCAcC"}

node_modules/@actions/core/lib/utils.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Sanitizes an input into a string so it can be passed into issueCommand safely
+ * @param input input to sanitize into a string
+ */
+export declare function toCommandValue(input: any): string;

node_modules/@actions/core/lib/utils.js

@@ -0,0 +1,19 @@
+"use strict";
+// We use any as a valid input type
+/* eslint-disable @typescript-eslint/no-explicit-any */
+Object.defineProperty(exports, "__esModule", { value: true });
+/**
+ * Sanitizes an input into a string so it can be passed into issueCommand safely
+ * @param input input to sanitize into a string
+ */
+function toCommandValue(input) {
+    if (input === null || input === undefined) {
+        return '';
+    }
+    else if (typeof input === 'string' || input instanceof String) {
+        return input;
+    }
+    return JSON.stringify(input);
+}
+exports.toCommandValue = toCommandValue;
+//# sourceMappingURL=utils.js.map

node_modules/@actions/core/lib/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";AAAA,mCAAmC;AACnC,uDAAuD;;AAEvD;;;GAGG;AACH,SAAgB,cAAc,CAAC,KAAU;IACvC,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE;QACzC,OAAO,EAAE,CAAA;KACV;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,YAAY,MAAM,EAAE;QAC/D,OAAO,KAAe,CAAA;KACvB;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;AAC9B,CAAC;AAPD,wCAOC"}

node_modules/@actions/core/package.json

@@ -1,21 +1,23 @@
 {
   "name": "@actions/core",
-  "version": "1.2.0",
+  "version": "1.2.6",
   "description": "Actions core lib",
   "keywords": [
     "github",
     "actions",
     "core"
   ],
-  "homepage": "https://github.com/actions/toolkit/tree/master/packages/core",
+  "homepage": "https://github.com/actions/toolkit/tree/main/packages/core",
   "license": "MIT",
   "main": "lib/core.js",
+  "types": "lib/core.d.ts",
   "directories": {
     "lib": "lib",
     "test": "__tests__"
   },
   "files": [
-    "lib"
+    "lib",
+    "!.DS_Store"
   ],
   "publishConfig": {
     "access": "public"
@@ -26,6 +28,7 @@
     "directory": "packages/core"
   },
   "scripts": {
+    "audit-moderate": "npm install && npm audit --json --audit-level=moderate > audit.json",
     "test": "echo \"Error: run tests from root\" && exit 1",
     "tsc": "tsc"
   },

node_modules/@actions/github/README.md

@@ -4,7 +4,7 @@
 
 ## Usage
 
-Returns an authenticated Octokit client that follows the machine [proxy settings](https://help.github.com/en/actions/hosting-your-own-runners/using-a-proxy-server-with-self-hosted-runners). See https://octokit.github.io/rest.js for the API.
+Returns an authenticated Octokit client that follows the machine [proxy settings](https://help.github.com/en/actions/hosting-your-own-runners/using-a-proxy-server-with-self-hosted-runners) and correctly sets GHES base urls. See https://octokit.github.io/rest.js for the API.
 
 ```js
 const github = require('@actions/github');
@@ -17,7 +17,10 @@ async function run() {
     // https://help.github.com/en/actions/automating-your-workflow-with-github-actions/authenticating-with-the-github_token#about-the-github_token-secret
     const myToken = core.getInput('myToken');
 
-    const octokit = new github.GitHub(myToken);
+    const octokit = github.getOctokit(myToken)
+
+    // You can also pass in additional options as a second parameter to getOctokit
+    // const octokit = github.getOctokit(myToken, {userAgent: "MyActionVersion1"});
 
     const { data: pullRequest } = await octokit.pulls.get({
         owner: 'octokit',
@@ -34,8 +37,6 @@ async function run() {
 run();
 ```
 
-You can pass client options, as specified by [Octokit](https://octokit.github.io/rest.js/), as a second argument to the `GitHub` constructor.
-
 You can also make GraphQL requests. See https://github.com/octokit/graphql.js for the API.
 
 ```js
@@ -72,3 +73,25 @@ if (github.context.eventName === 'push') {
   core.info(`The head commit is: ${pushPayload.head}`)
 }
 ```
+
+## Extending the Octokit instance
+`@octokit/core` now supports the [plugin architecture](https://github.com/octokit/core.js#plugins). You can extend the GitHub instance using plugins. 
+
+For example, using the `@octokit/plugin-enterprise-server` you can now access enterprise admin apis on GHES instances.
+
+```ts
+import { GitHub, getOctokitOptions } from '@actions/github/lib/utils'
+import { enterpriseServer220Admin } from '@octokit/plugin-enterprise-server'
+
+const octokit = GitHub.plugin(enterpriseServer220Admin)
+// or override some of the default values as well 
+// const octokit = GitHub.plugin(enterpriseServer220Admin).defaults({userAgent: "MyNewUserAgent"})
+
+const myToken = core.getInput('myToken');
+const myOctokit = new octokit(getOctokitOptions(token))
+// Create a new user
+myOctokit.enterpriseAdmin.createUser({
+  login: "testuser",
+  email: "testuser@test.com",
+});
+```

node_modules/@actions/github/lib/context.d.ts

@@ -10,6 +10,9 @@ export declare class Context {
     workflow: string;
     action: string;
     actor: string;
+    job: string;
+    runNumber: number;
+    runId: number;
     /**
      * Hydrate the context from the environment
      */

node_modules/@actions/github/lib/context.js

@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.Context = void 0;
 const fs_1 = require("fs");
 const os_1 = require("os");
 class Context {
@@ -23,6 +24,9 @@ class Context {
         this.workflow = process.env.GITHUB_WORKFLOW;
         this.action = process.env.GITHUB_ACTION;
         this.actor = process.env.GITHUB_ACTOR;
+        this.job = process.env.GITHUB_JOB;
+        this.runNumber = parseInt(process.env.GITHUB_RUN_NUMBER, 10);
+        this.runId = parseInt(process.env.GITHUB_RUN_ID, 10);
     }
     get issue() {
         const payload = this.payload;

node_modules/@actions/github/lib/context.js.map

@@ -1 +1 @@
-{"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":";;AAEA,2BAA2C;AAC3C,2BAAsB;AAEtB,MAAa,OAAO;IAalB;;OAEG;IACH;QACE,IAAI,CAAC,OAAO,GAAG,EAAE,CAAA;QACjB,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE;YACjC,IAAI,eAAU,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE;gBAC7C,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,KAAK,CACvB,iBAAY,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,EAAC,QAAQ,EAAE,MAAM,EAAC,CAAC,CAChE,CAAA;aACF;iBAAM;gBACL,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAA;gBAC1C,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,IAAI,kBAAkB,QAAG,EAAE,CAAC,CAAA;aACvE;SACF;QACD,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,iBAA2B,CAAA;QACxD,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,UAAoB,CAAA;QAC3C,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,UAAoB,CAAA;QAC3C,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,eAAyB,CAAA;QACrD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,aAAuB,CAAA;QACjD,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,YAAsB,CAAA;IACjD,CAAC;IAED,IAAI,KAAK;QACP,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,uCACK,IAAI,CAAC,IAAI,KACZ,MAAM,EAAE,CAAC,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,YAAY,IAAI,OAAO,CAAC,CAAC,MAAM,IAClE;IACH,CAAC;IAED,IAAI,IAAI;QACN,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE;YACjC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAC9D,OAAO,EAAC,KAAK,EAAE,IAAI,EAAC,CAAA;SACrB;QAED,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE;YAC3B,OAAO;gBACL,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,KAAK;gBAC1C,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI;aACnC,CAAA;SACF;QAED,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;IACH,CAAC;CACF;AA9DD,0BA8DC"}
+{"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":";;;AAEA,2BAA2C;AAC3C,2BAAsB;AAEtB,MAAa,OAAO;IAgBlB;;OAEG;IACH;QACE,IAAI,CAAC,OAAO,GAAG,EAAE,CAAA;QACjB,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE;YACjC,IAAI,eAAU,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE;gBAC7C,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,KAAK,CACvB,iBAAY,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,EAAC,QAAQ,EAAE,MAAM,EAAC,CAAC,CAChE,CAAA;aACF;iBAAM;gBACL,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAA;gBAC1C,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,IAAI,kBAAkB,QAAG,EAAE,CAAC,CAAA;aACvE;SACF;QACD,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,iBAA2B,CAAA;QACxD,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,UAAoB,CAAA;QAC3C,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,UAAoB,CAAA;QAC3C,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,eAAyB,CAAA;QACrD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,aAAuB,CAAA;QACjD,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,YAAsB,CAAA;QAC/C,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,UAAoB,CAAA;QAC3C,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,iBAA2B,EAAE,EAAE,CAAC,CAAA;QACtE,IAAI,CAAC,KAAK,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,aAAuB,EAAE,EAAE,CAAC,CAAA;IAChE,CAAC;IAED,IAAI,KAAK;QACP,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAE5B,uCACK,IAAI,CAAC,IAAI,KACZ,MAAM,EAAE,CAAC,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,YAAY,IAAI,OAAO,CAAC,CAAC,MAAM,IAClE;IACH,CAAC;IAED,IAAI,IAAI;QACN,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE;YACjC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAC9D,OAAO,EAAC,KAAK,EAAE,IAAI,EAAC,CAAA;SACrB;QAED,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE;YAC3B,OAAO;gBACL,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,KAAK;gBAC1C,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI;aACnC,CAAA;SACF;QAED,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;IACH,CAAC;CACF;AApED,0BAoEC"}

node_modules/@actions/github/lib/github.d.ts

@@ -1,27 +1,11 @@
-import { graphql as GraphQL } from '@octokit/graphql/dist-types/types';
-import { Octokit } from '@octokit/rest';
 import * as Context from './context';
+import { GitHub } from './utils';
+import { OctokitOptions } from '@octokit/core/dist-types/types';
 export declare const context: Context.Context;
-export declare class GitHub extends Octokit {
-    graphql: GraphQL;
-    /**
-     * Sets up the REST client and GraphQL client with auth and proxy support.
-     * The parameter `token` or `opts.auth` must be supplied. The GraphQL client
-     * authorization is not setup when `opts.auth` is a function or object.
-     *
-     * @param token  Auth token
-     * @param opts   Octokit options
-     */
-    constructor(token: string, opts?: Omit<Octokit.Options, 'auth'>);
-    constructor(opts: Octokit.Options);
-    /**
-     * Disambiguates the constructor overload parameters
-     */
-    private static disambiguate;
-    private static getOctokitOptions;
-    private static getGraphQL;
-    private static getAuthString;
-    private static getProxyAgent;
-    private static getApiBaseUrl;
-    private static getGraphQLBaseUrl;
-}
+/**
+ * Returns a hydrated octokit ready to use for GitHub Actions
+ *
+ * @param     token    the repo PAT or GITHUB_TOKEN
+ * @param     options  other options to set
+ */
+export declare function getOctokit(token: string, options?: OctokitOptions): InstanceType<typeof GitHub>;

node_modules/@actions/github/lib/github.js

@@ -1,108 +1,36 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
 var __importStar = (this && this.__importStar) || function (mod) {
     if (mod && mod.__esModule) return mod;
     var result = {};
-    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
-    result["default"] = mod;
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-// Originally pulled from https://github.com/JasonEtco/actions-toolkit/blob/master/src/github.ts
-const graphql_1 = require("@octokit/graphql");
-const rest_1 = require("@octokit/rest");
+exports.getOctokit = exports.context = void 0;
 const Context = __importStar(require("./context"));
-const httpClient = __importStar(require("@actions/http-client"));
-// We need this in order to extend Octokit
-rest_1.Octokit.prototype = new rest_1.Octokit();
+const utils_1 = require("./utils");
 exports.context = new Context.Context();
-class GitHub extends rest_1.Octokit {
-    constructor(token, opts) {
-        super(GitHub.getOctokitOptions(GitHub.disambiguate(token, opts)));
-        this.graphql = GitHub.getGraphQL(GitHub.disambiguate(token, opts));
-    }
-    /**
-     * Disambiguates the constructor overload parameters
-     */
-    static disambiguate(token, opts) {
-        return [
-            typeof token === 'string' ? token : '',
-            typeof token === 'object' ? token : opts || {}
-        ];
-    }
-    static getOctokitOptions(args) {
-        const token = args[0];
-        const options = Object.assign({}, args[1]); // Shallow clone - don't mutate the object provided by the caller
-        // Base URL - GHES or Dotcom
-        options.baseUrl = options.baseUrl || this.getApiBaseUrl();
-        // Auth
-        const auth = GitHub.getAuthString(token, options);
-        if (auth) {
-            options.auth = auth;
-        }
-        // Proxy
-        const agent = GitHub.getProxyAgent(options.baseUrl, options);
-        if (agent) {
-            // Shallow clone - don't mutate the object provided by the caller
-            options.request = options.request ? Object.assign({}, options.request) : {};
-            // Set the agent
-            options.request.agent = agent;
-        }
-        return options;
-    }
-    static getGraphQL(args) {
-        const defaults = {};
-        defaults.baseUrl = this.getGraphQLBaseUrl();
-        const token = args[0];
-        const options = args[1];
-        // Authorization
-        const auth = this.getAuthString(token, options);
-        if (auth) {
-            defaults.headers = {
-                authorization: auth
-            };
-        }
-        // Proxy
-        const agent = GitHub.getProxyAgent(defaults.baseUrl, options);
-        if (agent) {
-            defaults.request = { agent };
-        }
-        return graphql_1.graphql.defaults(defaults);
-    }
-    static getAuthString(token, options) {
-        // Validate args
-        if (!token && !options.auth) {
-            throw new Error('Parameter token or opts.auth is required');
-        }
-        else if (token && options.auth) {
-            throw new Error('Parameters token and opts.auth may not both be specified');
-        }
-        return typeof options.auth === 'string' ? options.auth : `token ${token}`;
-    }
-    static getProxyAgent(destinationUrl, options) {
-        var _a;
-        if (!((_a = options.request) === null || _a === void 0 ? void 0 : _a.agent)) {
-            if (httpClient.getProxyUrl(destinationUrl)) {
-                const hc = new httpClient.HttpClient();
-                return hc.getAgent(destinationUrl);
-            }
-        }
-        return undefined;
-    }
-    static getApiBaseUrl() {
-        return process.env['GITHUB_API_URL'] || 'https://api.github.com';
-    }
-    static getGraphQLBaseUrl() {
-        let url = process.env['GITHUB_GRAPHQL_URL'] || 'https://api.github.com/graphql';
-        // Shouldn't be a trailing slash, but remove if so
-        if (url.endsWith('/')) {
-            url = url.substr(0, url.length - 1);
-        }
-        // Remove trailing "/graphql"
-        if (url.toUpperCase().endsWith('/GRAPHQL')) {
-            url = url.substr(0, url.length - '/graphql'.length);
-        }
-        return url;
-    }
+/**
+ * Returns a hydrated octokit ready to use for GitHub Actions
+ *
+ * @param     token    the repo PAT or GITHUB_TOKEN
+ * @param     options  other options to set
+ */
+function getOctokit(token, options) {
+    return new utils_1.GitHub(utils_1.getOctokitOptions(token, options));
 }
-exports.GitHub = GitHub;
+exports.getOctokit = getOctokit;
 //# sourceMappingURL=github.js.map