Merge pull request #1813 from github/update-v2.21.2-10c6bfee1

Merge main into releases/v2

.github/actions/prepare-test/action.yml

@@ -23,15 +23,27 @@ runs:
       shell: bash
       run: |
         set -e # Fail this Action if `gh release list` fails.
+
+        if [[ "$RUNNER_OS" == "Linux" ]]; then
+          artifact_name="codeql-bundle-linux64.tar.gz"
+        elif [[ "$RUNNER_OS" == "macOS" ]]; then
+          artifact_name="codeql-bundle-osx64.tar.gz"
+        elif [[ "$RUNNER_OS" == "Windows" ]]; then
+          artifact_name="codeql-bundle-win64.tar.gz"
+        else
+          echo "::error::Unrecognized OS $RUNNER_OS"
+          exit 1
+        fi
+
         if [[ ${{ inputs.version }} == "nightly-latest" ]]; then
-          export LATEST=`gh release list --repo dsp-testing/codeql-cli-nightlies -L 1 | cut -f 3`
+          tag=`gh release list --repo dsp-testing/codeql-cli-nightlies -L 1 | cut -f 3`
-          echo "tools-url=https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/$LATEST/codeql-bundle.tar.gz" >> $GITHUB_OUTPUT
+          echo "tools-url=https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/$tag/$artifact_name" >> $GITHUB_OUTPUT
         elif [[ ${{ inputs.version }} == *"nightly"* ]]; then
-          export VERSION=`echo ${{ inputs.version }} | sed -e 's/^.*\-//'`
+          version=`echo ${{ inputs.version }} | sed -e 's/^.*\-//'`
-          echo "tools-url=https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-$VERSION-manual/codeql-bundle.tar.gz" >> $GITHUB_OUTPUT
+          echo "tools-url=https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/codeql-bundle-$version-manual/$artifact_name" >> $GITHUB_OUTPUT
         elif [[ ${{ inputs.version }} == *"stable"* ]]; then
-          export VERSION=`echo ${{ inputs.version }} | sed -e 's/^.*\-//'`
+          version=`echo ${{ inputs.version }} | sed -e 's/^.*\-//'`
-          echo "tools-url=https://github.com/github/codeql-action/releases/download/codeql-bundle-$VERSION/codeql-bundle.tar.gz" >> $GITHUB_OUTPUT
+          echo "tools-url=https://github.com/github/codeql-action/releases/download/codeql-bundle-$version/$artifact_name" >> $GITHUB_OUTPUT
         elif [[ ${{ inputs.version }} == "latest" ]]; then
           echo "tools-url=latest" >> $GITHUB_OUTPUT
         elif [[ ${{ inputs.version }} == "cached" ]]; then

.github/workflows/__test-local-codeql.yml

@@ -58,7 +58,7 @@ jobs:
     - id: init
       uses: ./../action/init
       with:
-        tools: ./codeql-bundle.tar.gz
+        tools: ./codeql-bundle-linux64.tar.gz
     - uses: ./../action/.github/actions/setup-swift
       with:
         codeql-path: ${{ steps.init.outputs.codeql-path }}

CHANGELOG.md

@@ -2,6 +2,11 @@
 
 See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
 
+## 2.21.2 - 28 Jul 2023
+
+- Update default CodeQL bundle version to 2.14.1. [#1797](https://github.com/github/codeql-action/pull/1797)
+- Avoid duplicating the analysis summary within the logs. [#1811](https://github.com/github/codeql-action/pull/1811)
+
 ## 2.21.1 - 26 Jul 2023
 
 - Improve the handling of fatal errors from the CodeQL CLI. [#1795](https://github.com/github/codeql-action/pull/1795)

lib/codeql.js

@@ -485,12 +485,15 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             if (querySuitePaths) {
                 codeqlArgs.push(...querySuitePaths);
             }
-            // capture stdout, which contains analysis summaries
+            // Capture the stdout, which contains the analysis summary. Don't stream it to the Actions
-            const returnState = await runTool(cmd, codeqlArgs);
+            // logs to avoid printing it twice.
+            const analysisSummary = await runTool(cmd, codeqlArgs, {
+                noStreamStdout: true,
+            });
             if (shouldWorkaroundInvalidNotifications) {
                 util.fixInvalidNotificationsInFile(codeqlOutputFile, sarifFile, logger);
             }
-            return returnState;
+            return analysisSummary;
         },
         async databasePrintBaseline(databasePath) {
             const codeqlArgs = [
@@ -718,9 +721,13 @@ async function runTool(cmd, args = [], opts = {}) {
     let output = "";
     let error = "";
     const exitCode = await new toolrunner.ToolRunner(cmd, args, {
+        ignoreReturnCode: true,
         listeners: {
             stdout: (data) => {
                 output += data.toString("utf8");
+                if (!opts.noStreamStdout) {
+                    process.stdout.write(data);
+                }
             },
             stderr: (data) => {
                 let readStartIndex = 0;
@@ -730,9 +737,11 @@ async function runTool(cmd, args = [], opts = {}) {
                     readStartIndex = data.length - maxErrorSize + 1;
                 }
                 error += data.toString("utf8", readStartIndex);
+                // Mimic the standard behavior of the toolrunner by writing stderr to stdout
+                process.stdout.write(data);
             },
         },
-        ignoreReturnCode: true,
+        silent: true,
         ...(opts.stdin ? { input: Buffer.from(opts.stdin || "") } : {}),
     }).exec();
     if (exitCode !== 0) {

lib/defaults.json

@@ -1,6 +1,6 @@
 {
-    "bundleVersion": "codeql-bundle-v2.14.0",
+    "bundleVersion": "codeql-bundle-v2.14.1",
-    "cliVersion": "2.14.0",
+    "cliVersion": "2.14.1",
-    "priorBundleVersion": "codeql-bundle-v2.13.5",
+    "priorBundleVersion": "codeql-bundle-v2.14.0",
-    "priorCliVersion": "2.13.5"
+    "priorCliVersion": "2.14.0"
 }

node_modules/.package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.21.1",
+  "version": "2.21.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "codeql",
-  "version": "2.21.1",
+  "version": "2.21.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "codeql",
-      "version": "2.21.1",
+      "version": "2.21.2",
       "license": "MIT",
       "dependencies": {
         "@actions/artifact": "^1.1.1",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.21.1",
+  "version": "2.21.2",
   "private": true,
   "description": "CodeQL action",
   "scripts": {

pr-checks/checks/test-local-codeql.yml

@@ -12,7 +12,7 @@ steps:
   - id: init
     uses: ./../action/init
     with:
-      tools: ./codeql-bundle.tar.gz
+      tools: ./codeql-bundle-linux64.tar.gz
   - uses: ./../action/.github/actions/setup-swift
     with:
       codeql-path: ${{ steps.init.outputs.codeql-path }}

src/codeql.ts

@@ -843,14 +843,17 @@ export async function getCodeQLForCmd(
       if (querySuitePaths) {
         codeqlArgs.push(...querySuitePaths);
       }
-      // capture stdout, which contains analysis summaries
+      // Capture the stdout, which contains the analysis summary. Don't stream it to the Actions
-      const returnState = await runTool(cmd, codeqlArgs);
+      // logs to avoid printing it twice.
+      const analysisSummary = await runTool(cmd, codeqlArgs, {
+        noStreamStdout: true,
+      });
 
       if (shouldWorkaroundInvalidNotifications) {
         util.fixInvalidNotificationsInFile(codeqlOutputFile, sarifFile, logger);
       }
 
-      return returnState;
+      return analysisSummary;
     },
     async databasePrintBaseline(databasePath: string): Promise<string> {
       const codeqlArgs = [
@@ -1131,14 +1134,18 @@ const maxErrorSize = 20_000;
 async function runTool(
   cmd: string,
   args: string[] = [],
-  opts: { stdin?: string } = {},
+  opts: { stdin?: string; noStreamStdout?: boolean } = {},
 ) {
   let output = "";
   let error = "";
   const exitCode = await new toolrunner.ToolRunner(cmd, args, {
+    ignoreReturnCode: true,
     listeners: {
       stdout: (data: Buffer) => {
         output += data.toString("utf8");
+        if (!opts.noStreamStdout) {
+          process.stdout.write(data);
+        }
       },
       stderr: (data: Buffer) => {
         let readStartIndex = 0;
@@ -1148,9 +1155,11 @@ async function runTool(
           readStartIndex = data.length - maxErrorSize + 1;
         }
         error += data.toString("utf8", readStartIndex);
+        // Mimic the standard behavior of the toolrunner by writing stderr to stdout
+        process.stdout.write(data);
       },
     },
-    ignoreReturnCode: true,
+    silent: true,
     ...(opts.stdin ? { input: Buffer.from(opts.stdin || "") } : {}),
   }).exec();
   if (exitCode !== 0) {

src/defaults.json

@@ -1,6 +1,6 @@
 {
-  "bundleVersion": "codeql-bundle-v2.14.0",
+  "bundleVersion": "codeql-bundle-v2.14.1",
-  "cliVersion": "2.14.0",
+  "cliVersion": "2.14.1",
-  "priorBundleVersion": "codeql-bundle-v2.13.5",
+  "priorBundleVersion": "codeql-bundle-v2.14.0",
-  "priorCliVersion": "2.13.5"
+  "priorCliVersion": "2.14.0"
 }