Update codeql.ts

2025-12-09 01:08:10 +08:00 · 2020-07-11 13:28:32 -07:00 · 2020-07-11 13:22:57 -07:00 · 2020-07-11 13:17:46 -07:00 · 2020-07-11 13:12:15 -07:00 · 2020-07-11 13:08:34 -07:00
5 changed files with 52 additions and 33 deletions
--- a/src/analysis-paths.ts
+++ b/src/analysis-paths.ts
@@ -53,6 +53,6 @@ export function includeAndExcludeAnalysisPaths(config: configUtils.Config, langu
        config.pathsIgnore.length !== 0 ||
        filters.length !== 0) &&
      !languages.every(isInterpretedLanguage)) {
-    core.warning('The "paths"/"paths-ignore" fields of the config only have effect for Javascript and Python');
+    core.warning('The "paths"/"paths-ignore" fields of the configuration only effect Javascript and Python analysis. [Learn more](https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#specifying-directories-to-scan) about modifying the directories to scan. );
  }
 }
--- a/src/autobuild.ts
+++ b/src/autobuild.ts
@@ -35,7 +35,7 @@ async function run() {
    core.endGroup();
  } catch (error) {
-    core.setFailed("We were unable to automatically build your code. Please replace the call to the autobuild action with your custom build steps.  " + error.message);
+    core.setFailed(`We were unable to automatically build your ${language} code. Please replace the call to the autobuild action with your custom build steps.  \n` + error.message);
    await util.reportActionFailed('autobuild', error.message, error.stack);
    return;
  }
--- a/src/codeql.ts
+++ b/src/codeql.ts
@@ -61,7 +61,19 @@ export interface ResolveQueriesOutput {
    [queryPath: string]: {}
  };
 }
-
+const options =  {
  ignoreReturnCode: true, 
  failOnStdErr: true,
  silent:true,
  listeners: {
    stdout: (data: Buffer) => {
      core.debug("Debug" + data.toString());
    },
    stderr: (data: Buffer) => {
      core.error("Error occured" + data.toString());
    }
  }
 };
 /**
 * Environment variable used to store the location of the CodeQL CLI executable.
 * Value is set by setupCodeQL and read by getCodeQL.
@@ -185,10 +197,14 @@ function getCodeQLForCmd(cmd: string): CodeQL {
          '--language=' + language
        ],
        {
-          silent: true,
+          ignoreReturnCode: true, 
          listeners: {
-            stdout: (data) => { extractorPath += data.toString(); },
+            stdout: (data: Buffer) => {
-            stderr: (data) => { process.stderr.write(data); }
+              core.debug("Debug" + data.toString());
            },
            stderr: (data: Buffer) => {
              core.error("Error occured" + data.toString());
            }
          }
        });
@@ -203,14 +219,15 @@ function getCodeQLForCmd(cmd: string): CodeQL {
        databasePath,
        '--',
        traceCommand
-      ]);
+      ], options);
    },
    finalizeDatabase: async function(databasePath: string) {
      core.debug("Finalizing " + databasePath);
      await exec.exec(cmd, [
        'database',
        'finalize',
        databasePath
-      ]);
+      ], options );
    },
    resolveQueries: async function(queries: string[]) {
      let output = '';
@@ -221,29 +238,22 @@ function getCodeQLForCmd(cmd: string): CodeQL {
          'queries',
          ...queries,
          '--format=bylanguage'
-        ],
+        ], options);
        {
          listeners: {
            stdout: (data: Buffer) => {
              output += data.toString();
            }
          }
        });
      return JSON.parse(output);
    },
    databaseAnalyze: async function(databasePath: string, sarifFile: string, querySuite: string) {
-      await exec.exec(cmd, [
+        await exec.exec(cmd, [
-        'database',
+          'database',
-        'analyze',
+          'analyze',
-        util.getMemoryFlag(),
+          util.getMemoryFlag(),
-        util.getThreadsFlag(),
+          util.getThreadsFlag(),
-        databasePath,
+          databasePath,
-        '--format=sarif-latest',
+          '--format=sarif-latest',
-        '--output=' + sarifFile,
+          '--output=' + sarifFile,
-        '--no-sarif-add-snippets',
+          '--no-sarif-add-snippets',
-        querySuite
+          querySuite
-      ]);
+        ], options);
    }
  };
 }
--- a/src/finalize-db.ts
+++ b/src/finalize-db.ts
@@ -128,7 +128,16 @@ async function runQueries(databaseFolder: string, sarifFolder: string, config: c
    const sarifFile = path.join(sarifFolder, database + '.sarif');
-    await codeql.databaseAnalyze(path.join(databaseFolder, database), sarifFile, querySuite);
+    try {
      await codeql.databaseAnalyze(path.join(databaseFolder, database), sarifFile, querySuite);
    } catch (analysisError) {
      core.debug("test test test" + analysisError.message);
      if (analysisError.message.contains("exit code 32")) {
        throw new Error('Unable to analyze ' + database + ' because CodeQL was unable to detect any code for that language. \n [Learn more](https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-code-scanning) about how to troubleshoot this error. ');
      } else {
        throw new Error(analysisError);
      }
    }
    core.debug('SARIF results for database ' + database + ' created at "' + sarifFile + '"');
    core.endGroup();
@@ -136,7 +145,7 @@ async function runQueries(databaseFolder: string, sarifFolder: string, config: c
 }
 async function run() {
-  try {
+  //try {
    if (util.should_abort('finish', true) || !await util.reportActionStarting('finish')) {
      return;
    }
@@ -165,11 +174,11 @@ async function run() {
      }
    }
-  } catch (error) {
+  /*} catch (error) {
    core.setFailed(error.message);
    await util.reportActionFailed('finish', error.message, error.stack);
    return;
-  }
+  }*/
  await util.reportActionSucceeded('finish');
 }
--- a/src/setup-tracer.ts
+++ b/src/setup-tracer.ts
@@ -148,7 +148,7 @@ async function run() {
    // If the languages parameter was not given and no languages were
    // detected then fail here as this is a workflow configuration error.
    if (languages.length === 0) {
-      throw new Error("Did not detect any languages to analyze. Please update input in workflow.");
+      throw new Error("Did not detect any languages to analyze. Please [update the languages property](https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection) in your workflow definition.");
    }
    analysisPaths.includeAndExcludeAnalysisPaths(config, languages);
@@ -243,6 +243,6 @@ async function run() {
 }
 run().catch(e => {
-  core.setFailed("init action failed: " + e);
+  core.setFailed("Init action failed: " + e);
  console.log(e);
 });
Author	SHA1	Message	Date
jhutchings1	526f19341b	Update codeql.ts	2020-07-11 13:28:32 -07:00
jhutchings1	ea8c11c723	Update codeql.ts	2020-07-11 13:22:57 -07:00
jhutchings1	df49e473c8	Update codeql.ts	2020-07-11 13:17:46 -07:00
jhutchings1	8d49f67955	Remove try/catch	2020-07-11 13:12:15 -07:00
jhutchings1	dc2f0c2f5f	Debug	2020-07-11 13:08:34 -07:00
jhutchings1	5767c8ebfc	Update codeql.ts	2020-07-11 12:59:51 -07:00
jhutchings1	fde574ae22	Update codeql.ts	2020-07-11 12:54:20 -07:00
jhutchings1	3b632c3106	Try listener option	2020-07-11 12:51:26 -07:00
jhutchings1	b63d497b0e	Test	2020-07-11 12:43:17 -07:00
jhutchings1	f1569d58df	Try additional debugging	2020-07-11 12:20:52 -07:00
jhutchings1	f2c8606b17	Add debug statements	2020-07-11 12:18:01 -07:00
jhutchings1	066d9716c6	Fix issue with error detection	2020-07-11 12:13:09 -07:00
jhutchings1	642850bff5	Add special case for "No code seen" error	2020-07-11 12:08:45 -07:00
jhutchings1	5fa6bd2622	Update autobuild and analysis path error messages.	2020-07-11 11:45:36 -07:00
jhutchings1	278f870907	Add help URL to languages error	2020-07-11 11:40:35 -07:00