Merge pull request #2351 from github/dependabot/npm_and_yarn/npm-6791eaa26c

Bump the npm group with 2 updates

.eslintrc.json

@@ -41,29 +41,23 @@
             "ignoreTemplateLiterals": true
         }],
         "no-async-foreach/no-async-foreach": "error",
-        "no-console": "off",
         "no-sequences": "error",
         "no-shadow": "off",
-        "@typescript-eslint/no-shadow": ["error"],
+        "@typescript-eslint/no-shadow": "error",
         "one-var": ["error", "never"]
     },
     "overrides": [{
         // "temporarily downgraded during transition to eslint
         "files": "**",
         "rules": {
-            "@typescript-eslint/ban-types": "off",
-            "@typescript-eslint/explicit-module-boundary-types": "off",
             "@typescript-eslint/no-explicit-any": "off",
             "@typescript-eslint/no-unsafe-assignment": "off",
-            "@typescript-eslint/no-unsafe-call": "off",
             "@typescript-eslint/no-unsafe-member-access": "off",
-            "@typescript-eslint/no-unsafe-return": "off",
             "@typescript-eslint/no-var-requires": "off",
             "@typescript-eslint/prefer-regexp-exec": "off",
             "@typescript-eslint/require-await": "off",
             "@typescript-eslint/restrict-template-expressions": "off",
-            "func-style": "off",
-            "sort-imports": "off"
+            "func-style": "off"
         }
     }],
     "settings": {

.github/actions/check-codescanning-config/action.yml

@@ -29,7 +29,16 @@ inputs:
   tools:
     required: true
     description: |
-      The url of codeql to use.
+      The version of CodeQL passed to the `tools` input of the init action.
+      This can be any of the following:
+
+      - A local path to a tarball containing the CodeQL tools, or
+      - A URL to a GitHub release assets containing the CodeQL tools, or
+      - A special value `linked` which is forcing the use of the CodeQL tools
+        that the action has been bundled with.
+
+      If not specified, the Action will check in several places until it finds
+      the CodeQL tools.
 
 runs:
   using: composite

.github/actions/prepare-test/action.yml

@@ -2,12 +2,16 @@ name: "Prepare test"
 description: Performs some preparation to run tests
 inputs:
   version:
-    description: "The version of the CodeQL CLI to use. Can be 'latest', 'default', 'nightly-latest', 'nightly-YYYY-MM-DD', or 'stable-YYYY-MM-DD'."
+    description: "The version of the CodeQL CLI to use. Can be 'linked', 'default', 'nightly-latest', 'nightly-YYYY-MM-DD', or 'stable-YYYY-MM-DD'."
     required: true
   use-all-platform-bundle:
     description: "If true, we output a tools URL with codeql-bundle.tar.gz file rather than platform-specific URL"
     default: 'false'
     required: false
+  setup-kotlin:
+    description: "If true, we setup kotlin"
+    default: 'true'
+    required: true
 outputs:
   tools-url:
     description: "The value that should be passed as the 'tools' input of the 'init' step."
@@ -50,11 +54,16 @@ runs:
         elif [[ ${{ inputs.version }} == *"stable"* ]]; then
           version=`echo ${{ inputs.version }} | sed -e 's/^.*\-//'`
           echo "tools-url=https://github.com/github/codeql-action/releases/download/codeql-bundle-$version/$artifact_name" >> $GITHUB_OUTPUT
-        elif [[ ${{ inputs.version }} == "latest" ]]; then
-          echo "tools-url=latest" >> $GITHUB_OUTPUT
+        elif [[ ${{ inputs.version }} == "linked" ]]; then
+          echo "tools-url=linked" >> $GITHUB_OUTPUT
         elif [[ ${{ inputs.version }} == "default" ]]; then
           echo "tools-url=" >> $GITHUB_OUTPUT
         else
           echo "::error::Unrecognized version specified!"
           exit 1
         fi
+
+    - uses: fwilhe2/setup-kotlin@9c245a6425255f5e98ba1ce6c15d31fce7eca9da
+      if: ${{ inputs.setup-kotlin == 'true' }}
+      with:
+        version: 1.8.21

.github/actions/query-filter-test/action.yml

@@ -23,7 +23,16 @@ inputs:
   tools:
     required: true
     description: |
-      The url of codeql to use.
+      The version of CodeQL passed to the `tools` input of the init action.
+      This can be any of the following:
+
+      - A local path to a tarball containing the CodeQL tools, or
+      - A URL to a GitHub release assets containing the CodeQL tools, or
+      - A special value `linked` which is forcing the use of the CodeQL tools
+        that the action has been bundled with.
+
+      If not specified, the Action will check in several places until it finds
+      the CodeQL tools.
 
 runs:
   using: composite
@@ -39,7 +48,6 @@ runs:
     - uses: ./../action/analyze
       with:
         output: ${{ runner.temp }}/results
-        upload-database: false
         upload: never
       env:
         CODEQL_ACTION_TEST_MODE: "true"

.github/workflows/__all-platform-bundle.yml

@@ -7,7 +7,6 @@ name: PR Check - All-platform bundle
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'true'
+          setup-kotlin: 'true'
       - id: init
         uses: ./../action/init
         with:
@@ -68,7 +68,5 @@ jobs:
         shell: bash
         run: ./build.sh
       - uses: ./../action/analyze
-        with:
-          upload-database: false
     env:
       CODEQL_ACTION_TEST_MODE: true

.github/workflows/__analyze-ref-input.yml

@@ -7,7 +7,6 @@ name: "PR Check - Analyze: 'ref' and 'sha' from inputs"
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -61,6 +60,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           tools: ${{ steps.prepare-test.outputs.tools-url }}
@@ -72,7 +72,6 @@ jobs:
         run: ./build.sh
       - uses: ./../action/analyze
         with:
-          upload-database: false
           ref: refs/heads/main
           sha: 5e235361806c361d4d3f8859e3c897658025a9a2
     env:

.github/workflows/__autobuild-action.yml

@@ -7,7 +7,6 @@ name: PR Check - autobuild-action
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,11 +28,11 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
     name: autobuild-action
     permissions:
       contents: read
@@ -61,6 +60,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           languages: csharp
@@ -75,8 +75,6 @@ jobs:
           CORECLR_PROFILER: ''
           CORECLR_PROFILER_PATH_64: ''
       - uses: ./../action/analyze
-        with:
-          upload-database: false
       - name: Check database
         shell: bash
         run: |

.github/workflows/__autobuild-direct-tracing-with-working-dir.yml

@@ -0,0 +1,92 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
+# to regenerate this file.
+
+name: PR Check - Autobuild direct tracing (custom working directory)
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+      - main
+      - releases/v*
+  pull_request:
+    types:
+      - opened
+      - synchronize
+      - reopened
+      - ready_for_review
+  schedule:
+    - cron: '0 5 * * *'
+  workflow_dispatch: {}
+jobs:
+  autobuild-direct-tracing-with-working-dir:
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - os: ubuntu-latest
+            version: linked
+          - os: windows-latest
+            version: linked
+          - os: ubuntu-latest
+            version: nightly-latest
+          - os: windows-latest
+            version: nightly-latest
+    name: Autobuild direct tracing (custom working directory)
+    permissions:
+      contents: read
+      security-events: write
+    timeout-minutes: 45
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Setup Python on MacOS
+        uses: actions/setup-python@v5
+        if: >-
+          runner.os == 'macOS' && (
+
+          matrix.version == 'stable-20230403' ||
+
+          matrix.version == 'stable-v2.13.5' ||
+
+          matrix.version == 'stable-v2.14.6')
+        with:
+          python-version: '3.11'
+      - name: Check out repository
+        uses: actions/checkout@v4
+      - name: Prepare test
+        id: prepare-test
+        uses: ./.github/actions/prepare-test
+        with:
+          version: ${{ matrix.version }}
+          use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
+      - name: Test setup
+        shell: bash
+        run: |
+          # Make sure that Gradle build succeeds in autobuild-dir ...
+          cp -a ../action/tests/java-repo autobuild-dir
+          # ... and fails if attempted in the current directory
+          echo > build.gradle
+      - uses: ./../action/init
+        with:
+          build-mode: autobuild
+          languages: java
+          tools: ${{ steps.prepare-test.outputs.tools-url }}
+      - name: Check that indirect tracing is disabled
+        shell: bash
+        run: |
+          if [[ ! -z "${CODEQL_RUNNER}" ]]; then
+            echo "Expected indirect tracing to be disabled, but the" \
+              "CODEQL_RUNNER environment variable is set."
+            exit 1
+          fi
+      - uses: ./../action/autobuild
+        with:
+          working-directory: autobuild-dir
+      - uses: ./../action/analyze
+    env:
+      CODEQL_ACTION_AUTOBUILD_BUILD_MODE_DIRECT_TRACING: true
+      CODEQL_ACTION_TEST_MODE: true

.github/workflows/__autobuild-direct-tracing.yml

@@ -7,7 +7,6 @@ name: PR Check - Autobuild direct tracing
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,9 +28,9 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
           - os: windows-latest
@@ -63,6 +62,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Set up Java test repo configuration
         shell: bash
         run: |

.github/workflows/__build-mode-autobuild.yml

@@ -7,7 +7,6 @@ name: PR Check - Build mode autobuild
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Set up Java test repo configuration
         run: |
           mv * .github ../action/tests/multi-language-repo/

.github/workflows/__build-mode-manual.yml

@@ -7,7 +7,6 @@ name: PR Check - Build mode manual
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         id: init
         with:

.github/workflows/__build-mode-none.yml

@@ -7,7 +7,6 @@ name: PR Check - Build mode none
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,7 +28,7 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
     name: Build mode none
@@ -59,6 +58,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         id: init
         with:

.github/workflows/__build-mode-rollback.yml

@@ -7,7 +7,6 @@ name: PR Check - Build mode rollback
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Set up Java test repo configuration
         run: |
           mv * .github ../action/tests/multi-language-repo/

.github/workflows/__cleanup-db-cluster-dir.yml

@@ -0,0 +1,81 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
+# to regenerate this file.
+
+name: PR Check - Clean up database cluster directory
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+      - main
+      - releases/v*
+  pull_request:
+    types:
+      - opened
+      - synchronize
+      - reopened
+      - ready_for_review
+  schedule:
+    - cron: '0 5 * * *'
+  workflow_dispatch: {}
+jobs:
+  cleanup-db-cluster-dir:
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - os: ubuntu-latest
+            version: linked
+    name: Clean up database cluster directory
+    permissions:
+      contents: read
+      security-events: write
+    timeout-minutes: 45
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Setup Python on MacOS
+        uses: actions/setup-python@v5
+        if: >-
+          runner.os == 'macOS' && (
+
+          matrix.version == 'stable-20230403' ||
+
+          matrix.version == 'stable-v2.13.5' ||
+
+          matrix.version == 'stable-v2.14.6')
+        with:
+          python-version: '3.11'
+      - name: Check out repository
+        uses: actions/checkout@v4
+      - name: Prepare test
+        id: prepare-test
+        uses: ./.github/actions/prepare-test
+        with:
+          version: ${{ matrix.version }}
+          use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
+      - name: Add a file to the database cluster directory
+        run: |
+          mkdir -p "${{ runner.temp }}/customDbLocation/javascript"
+          touch "${{ runner.temp }}/customDbLocation/javascript/a-file-to-clean-up.txt"
+
+      - uses: ./../action/init
+        id: init
+        with:
+          build-mode: none
+          db-location: ${{ runner.temp }}/customDbLocation
+          languages: javascript
+          tools: ${{ steps.prepare-test.outputs.tools-url }}
+
+      - name: Validate file cleaned up
+        run: |
+          if [[ -f "${{ runner.temp }}/customDbLocation/javascript/a-file-to-clean-up.txt" ]]; then
+            echo "File was not cleaned up"
+            exit 1
+          fi
+          echo "File was cleaned up"
+    env:
+      CODEQL_ACTION_TEST_MODE: true

.github/workflows/__config-export.yml

@@ -7,7 +7,6 @@ name: PR Check - Config export
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,11 +28,11 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
           - os: macos-latest
@@ -67,6 +66,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           languages: javascript

.github/workflows/__config-input.yml

@@ -7,7 +7,6 @@ name: PR Check - Config input
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,7 +28,7 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
     name: Config input
     permissions:
       contents: read
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Copy queries into workspace
         run: |
           cp -a ../action/queries .

.github/workflows/__cpp-deptrace-disabled.yml

@@ -7,7 +7,6 @@ name: 'PR Check - C/C++: disabling autoinstalling dependencies (Linux)'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,7 +28,7 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: default
           - os: ubuntu-latest
@@ -61,6 +60,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Test setup
         shell: bash
         run: |

.github/workflows/__cpp-deptrace-enabled-on-macos.yml

@@ -7,7 +7,6 @@ name: 'PR Check - C/C++: autoinstalling dependencies is skipped (macOS)'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Test setup
         shell: bash
         run: |

.github/workflows/__cpp-deptrace-enabled.yml

@@ -7,7 +7,6 @@ name: 'PR Check - C/C++: autoinstalling dependencies (Linux)'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,7 +28,7 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: default
           - os: ubuntu-latest
@@ -61,6 +60,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Test setup
         shell: bash
         run: |

.github/workflows/__diagnostics-export.yml

@@ -7,7 +7,6 @@ name: PR Check - Diagnostic export
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -35,11 +34,11 @@ jobs:
           - os: windows-latest
             version: stable-20230403
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
           - os: macos-latest
@@ -73,6 +72,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         id: init
         with:

.github/workflows/__export-file-baseline-information.yml

@@ -7,7 +7,6 @@ name: PR Check - Export file baseline information
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -61,6 +60,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         id: init
         with:

.github/workflows/__extractor-ram-threads.yml

@@ -7,7 +7,6 @@ name: PR Check - Extractor ram and threads options test
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,7 +28,7 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
     name: Extractor ram and threads options test
     permissions:
       contents: read
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           languages: java

.github/workflows/__go-custom-queries.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Go: Custom queries'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -65,11 +64,11 @@ jobs:
           - os: windows-latest
             version: default
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
           - os: macos-latest
@@ -103,6 +102,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: actions/setup-go@v5
         with:
           go-version: '>=1.21.0'
@@ -115,8 +115,6 @@ jobs:
         shell: bash
         run: ./build.sh
       - uses: ./../action/analyze
-        with:
-          upload-database: false
     env:
       DOTNET_GENERATE_ASPNET_CERTIFICATE: 'false'
       CODEQL_ACTION_TEST_MODE: true

.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Go: diagnostic when Go is changed after init step'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: actions/setup-go@v5
         with:
       # We need a Go version that ships with statically linked binaries on Linux

.github/workflows/__go-indirect-tracing-workaround-no-file-program.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Go: diagnostic when `file` is not installed'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: actions/setup-go@v5
         with:
       # We need a Go version that ships with statically linked binaries on Linux

.github/workflows/__go-indirect-tracing-workaround.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Go: workaround for indirect tracing'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: actions/setup-go@v5
         with:
       # We need a Go version that ships with statically linked binaries on Linux
@@ -69,8 +69,6 @@ jobs:
         shell: bash
         run: go build main.go
       - uses: ./../action/analyze
-        with:
-          upload-database: false
       - shell: bash
         run: |
           if [[ -z "${CODEQL_ACTION_GO_BINARY}" ]]; then

.github/workflows/__go-tracing-autobuilder.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Go: tracing with autobuilder step'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -53,9 +52,9 @@ jobs:
           - os: macos-latest
             version: default
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
           - os: macos-latest
@@ -87,6 +86,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: actions/setup-go@v5
         with:
           go-version: ~1.22.0
@@ -99,8 +99,6 @@ jobs:
           tools: ${{ steps.prepare-test.outputs.tools-url }}
       - uses: ./../action/autobuild
       - uses: ./../action/analyze
-        with:
-          upload-database: false
       - shell: bash
         run: |
           if [[ "${CODEQL_ACTION_DID_AUTOBUILD_GOLANG}" != true ]]; then

.github/workflows/__go-tracing-custom-build-steps.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Go: tracing with custom build steps'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -53,9 +52,9 @@ jobs:
           - os: macos-latest
             version: default
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
           - os: macos-latest
@@ -87,6 +86,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: actions/setup-go@v5
         with:
           go-version: ~1.22.0
@@ -101,8 +101,6 @@ jobs:
         shell: bash
         run: go build main.go
       - uses: ./../action/analyze
-        with:
-          upload-database: false
       - shell: bash
         run: |
           # Once we start running Bash 4.2 in all environments, we can replace the

.github/workflows/__go-tracing-legacy-workflow.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Go: tracing with legacy workflow'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -53,9 +52,9 @@ jobs:
           - os: macos-latest
             version: default
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
           - os: macos-latest
@@ -87,6 +86,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: actions/setup-go@v5
         with:
           go-version: ~1.22.0
@@ -98,8 +98,6 @@ jobs:
           languages: go
           tools: ${{ steps.prepare-test.outputs.tools-url }}
       - uses: ./../action/analyze
-        with:
-          upload-database: false
       - shell: bash
         run: |
           cd "$RUNNER_TEMP/codeql_databases"

.github/workflows/__init-with-registries.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Packaging: Download using registries'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -35,11 +34,11 @@ jobs:
           - os: windows-latest
             version: default
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
           - os: macos-latest
@@ -74,6 +73,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Init with registries
         uses: ./../action/init
         with:

.github/workflows/__javascript-source-root.yml

@@ -7,7 +7,6 @@ name: PR Check - Custom source root
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,7 +28,7 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: default
           - os: ubuntu-latest
@@ -61,6 +60,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Move codeql-action
         shell: bash
         run: |
@@ -73,9 +73,7 @@ jobs:
           tools: ${{ steps.prepare-test.outputs.tools-url }}
       - uses: ./../action/analyze
         with:
-          upload-database: false
           skip-queries: true
-          upload: never
       - name: Assert database exists
         shell: bash
         run: |

.github/workflows/__language-aliases.yml

@@ -7,7 +7,6 @@ name: PR Check - Language aliases
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,7 +28,7 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
     name: Language aliases
     permissions:
       contents: read
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           languages: C#,java-kotlin,swift,typescript

.github/workflows/__multi-language-autodetect.yml

@@ -7,7 +7,6 @@ name: PR Check - Multi-language repository
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -28,37 +27,27 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - os: ubuntu-latest
-            version: stable-20230403
           - os: macos-12
             version: stable-20230403
-          - os: ubuntu-latest
-            version: stable-v2.13.5
           - os: macos-12
             version: stable-v2.13.5
-          - os: ubuntu-latest
-            version: stable-v2.14.6
           - os: macos-12
             version: stable-v2.14.6
-          - os: ubuntu-latest
-            version: stable-v2.15.5
           - os: macos-latest
             version: stable-v2.15.5
-          - os: ubuntu-latest
-            version: stable-v2.16.6
           - os: macos-latest
             version: stable-v2.16.6
-          - os: ubuntu-latest
-            version: default
           - os: macos-latest
             version: default
           - os: ubuntu-latest
-            version: latest
+            version: default
           - os: macos-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
+            version: linked
+          - os: macos-latest
             version: nightly-latest
-          - os: macos-latest
+          - os: ubuntu-latest
             version: nightly-latest
     name: Multi-language repository
     permissions:
@@ -87,6 +76,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: actions/setup-go@v5
         with:
           go-version: '>=1.21.0'

.github/workflows/__packaging-codescanning-config-inputs-js.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Packaging: Config and input passed to the CLI'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,11 +28,11 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -73,6 +72,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           config-file: .github/codeql/codeql-config-packaging3.yml

.github/workflows/__packaging-config-inputs-js.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Packaging: Config and input'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,11 +28,11 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -73,6 +72,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           config-file: .github/codeql/codeql-config-packaging3.yml

.github/workflows/__packaging-config-js.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Packaging: Config file'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,11 +28,11 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -73,6 +72,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           config-file: .github/codeql/codeql-config-packaging.yml

.github/workflows/__packaging-inputs-js.yml

@@ -7,7 +7,6 @@ name: 'PR Check - Packaging: Action input'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,11 +28,11 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -73,6 +72,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           config-file: .github/codeql/codeql-config-packaging2.yml

.github/workflows/__remote-config.yml

@@ -7,7 +7,6 @@ name: PR Check - Remote config file
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -65,11 +64,11 @@ jobs:
           - os: windows-latest
             version: default
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
           - os: macos-latest
@@ -103,6 +102,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           tools: ${{ steps.prepare-test.outputs.tools-url }}

.github/workflows/__resolve-environment-action.yml

@@ -7,7 +7,6 @@ name: PR Check - Resolve environment
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -41,11 +40,11 @@ jobs:
           - os: windows-latest
             version: default
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
           - os: macos-latest
@@ -79,6 +78,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           languages: ${{ matrix.version == 'stable-v2.13.4' && 'go' || 'go,javascript-typescript'

.github/workflows/__rubocop-multi-language.yml

@@ -7,7 +7,6 @@ name: PR Check - RuboCop multi-language
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Set up Ruby
         uses: ruby/setup-ruby@v1
         with:

.github/workflows/__ruby.yml

@@ -7,7 +7,6 @@ name: PR Check - Ruby analysis
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,9 +28,9 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -67,6 +66,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           languages: ruby

.github/workflows/__scaling-reserved-ram.yml

@@ -7,7 +7,6 @@ name: PR Check - Scaling reserved RAM
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -28,37 +27,27 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - os: ubuntu-latest
-            version: stable-20230403
           - os: macos-12
             version: stable-20230403
-          - os: ubuntu-latest
-            version: stable-v2.13.5
           - os: macos-12
             version: stable-v2.13.5
-          - os: ubuntu-latest
-            version: stable-v2.14.6
           - os: macos-12
             version: stable-v2.14.6
-          - os: ubuntu-latest
-            version: stable-v2.15.5
           - os: macos-latest
             version: stable-v2.15.5
-          - os: ubuntu-latest
-            version: stable-v2.16.6
           - os: macos-latest
             version: stable-v2.16.6
-          - os: ubuntu-latest
-            version: default
           - os: macos-latest
             version: default
           - os: ubuntu-latest
-            version: latest
+            version: default
           - os: macos-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
+            version: linked
+          - os: macos-latest
             version: nightly-latest
-          - os: macos-latest
+          - os: ubuntu-latest
             version: nightly-latest
     name: Scaling reserved RAM
     permissions:
@@ -87,6 +76,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: actions/setup-go@v5
         with:
           go-version: '>=1.21.0'

.github/workflows/__split-workflow.yml

@@ -7,7 +7,6 @@ name: PR Check - Split workflow
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,9 +28,9 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: default
           - os: macos-latest
@@ -67,6 +66,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           config-file: .github/codeql/codeql-config-packaging3.yml

.github/workflows/__submit-sarif-failure.yml

@@ -7,7 +7,6 @@ name: PR Check - Submit SARIF after failure
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,7 +28,7 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: default
           - os: ubuntu-latest
@@ -61,6 +60,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: actions/checkout@v4
       - uses: ./init
         with:

.github/workflows/__swift-autobuild.yml

@@ -0,0 +1,87 @@
+# Warning: This file is generated automatically, and should not be modified.
+# Instead, please modify the template in the pr-checks directory and run:
+#     (cd pr-checks; pip install ruamel.yaml@0.17.31 && python3 sync.py)
+# to regenerate this file.
+
+name: PR Check - Swift analysis using autobuild
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO111MODULE: auto
+on:
+  push:
+    branches:
+      - main
+      - releases/v*
+  pull_request:
+    types:
+      - opened
+      - synchronize
+      - reopened
+      - ready_for_review
+  schedule:
+    - cron: '0 5 * * *'
+  workflow_dispatch: {}
+jobs:
+  swift-autobuild:
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - os: macos-latest
+            version: nightly-latest
+    name: Swift analysis using autobuild
+    permissions:
+      contents: read
+      security-events: write
+    timeout-minutes: 45
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Setup Python on MacOS
+        uses: actions/setup-python@v5
+        if: >-
+          runner.os == 'macOS' && (
+
+          matrix.version == 'stable-20230403' ||
+
+          matrix.version == 'stable-v2.13.5' ||
+
+          matrix.version == 'stable-v2.14.6')
+        with:
+          python-version: '3.11'
+      - name: Check out repository
+        uses: actions/checkout@v4
+      - name: Prepare test
+        id: prepare-test
+        uses: ./.github/actions/prepare-test
+        with:
+          version: ${{ matrix.version }}
+          use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
+      - uses: ./../action/init
+        id: init
+        with:
+          languages: swift
+          build-mode: autobuild
+          tools: ${{ steps.prepare-test.outputs.tools-url }}
+      - uses: ./../action/.github/actions/setup-swift
+        with:
+          codeql-path: ${{steps.init.outputs.codeql-path}}
+      - name: Check working directory
+        shell: bash
+        run: pwd
+      - uses: ./../action/autobuild
+        timeout-minutes: 30
+      - uses: ./../action/analyze
+        id: analysis
+        with:
+          upload-database: false
+      - name: Check database
+        shell: bash
+        run: |
+          SWIFT_DB="${{ fromJson(steps.analysis.outputs.db-locations).swift }}"
+          if [[ ! -d "$SWIFT_DB" ]]; then
+            echo "Did not create a database for Swift."
+            exit 1
+          fi
+    env:
+      CODEQL_ACTION_TEST_MODE: true

.github/workflows/__swift-custom-build.yml

@@ -7,7 +7,6 @@ name: PR Check - Swift analysis using a custom build command
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -28,17 +27,17 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - os: ubuntu-latest
-            version: latest
           - os: macos-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
-            version: default
+            version: linked
           - os: macos-latest
             version: default
           - os: ubuntu-latest
+            version: default
+          - os: macos-latest
             version: nightly-latest
-          - os: macos-latest
+          - os: ubuntu-latest
             version: nightly-latest
     name: Swift analysis using a custom build command
     permissions:
@@ -67,6 +66,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         id: init
         with:

.github/workflows/__test-autobuild-working-dir.yml

@@ -7,7 +7,6 @@ name: PR Check - Autobuild working directory
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,7 +28,7 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
     name: Autobuild working directory
     permissions:
       contents: read
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Test setup
         shell: bash
         run: |
@@ -72,8 +72,6 @@ jobs:
         with:
           working-directory: autobuild-dir
       - uses: ./../action/analyze
-        with:
-          upload-database: false
       - name: Check database
         shell: bash
         run: |

.github/workflows/__test-local-codeql.yml

@@ -7,7 +7,6 @@ name: PR Check - Local CodeQL bundle
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -57,6 +56,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Fetch a CodeQL bundle
         shell: bash
         env:
@@ -74,7 +74,5 @@ jobs:
         shell: bash
         run: ./build.sh
       - uses: ./../action/analyze
-        with:
-          upload-database: false
     env:
       CODEQL_ACTION_TEST_MODE: true

.github/workflows/__test-proxy.yml

@@ -7,7 +7,6 @@ name: PR Check - Proxy test
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,7 +28,7 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
     name: Proxy test
     permissions:
       contents: read
@@ -57,13 +56,12 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'false'
       - uses: ./../action/init
         with:
           languages: javascript
           tools: ${{ steps.prepare-test.outputs.tools-url }}
       - uses: ./../action/analyze
-        with:
-          upload-database: false
     env:
       https_proxy: http://squid-proxy:3128
       CODEQL_ACTION_TEST_MODE: true

.github/workflows/__unset-environment.yml

@@ -7,7 +7,6 @@ name: PR Check - Test unsetting environment variables
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -28,20 +27,10 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - os: ubuntu-latest
-            version: stable-20230403
-          - os: ubuntu-latest
-            version: stable-v2.13.5
-          - os: ubuntu-latest
-            version: stable-v2.14.6
-          - os: ubuntu-latest
-            version: stable-v2.15.5
-          - os: ubuntu-latest
-            version: stable-v2.16.6
           - os: ubuntu-latest
             version: default
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: ubuntu-latest
             version: nightly-latest
     name: Test unsetting environment variables
@@ -71,6 +60,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         id: init
         with:
@@ -79,12 +69,12 @@ jobs:
       - uses: ./../action/.github/actions/setup-swift
         with:
           codeql-path: ${{ steps.init.outputs.codeql-path }}
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '>=1.21.0'
       - name: Build code
         shell: bash
-    # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a
-    # workaround for our PR checks.
-        run: env -i CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN=true PATH="$PATH" HOME="$HOME"
-          ./build.sh
+        run: env -i PATH="$PATH" HOME="$HOME" ./build.sh
       - uses: ./../action/analyze
         id: analysis
         with:

.github/workflows/__upload-ref-sha-input.yml

@@ -7,7 +7,6 @@ name: "PR Check - Upload-sarif: 'ref' and 'sha' from inputs"
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -61,6 +60,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - uses: ./../action/init
         with:
           tools: ${{ steps.prepare-test.outputs.tools-url }}
@@ -70,9 +70,9 @@ jobs:
       - name: Build code
         shell: bash
         run: ./build.sh
+  # Generate some SARIF we can upload with the upload-sarif step
       - uses: ./../action/analyze
         with:
-          upload-database: false
           ref: refs/heads/main
           sha: 5e235361806c361d4d3f8859e3c897658025a9a2
           upload: never

.github/workflows/__with-checkout-path.yml

@@ -7,7 +7,6 @@ name: PR Check - Use a custom `checkout_path`
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -29,11 +28,11 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            version: latest
+            version: linked
           - os: macos-latest
-            version: latest
+            version: linked
           - os: windows-latest
-            version: latest
+            version: linked
     name: Use a custom `checkout_path`
     permissions:
       contents: read
@@ -61,6 +60,7 @@ jobs:
         with:
           version: ${{ matrix.version }}
           use-all-platform-bundle: 'false'
+          setup-kotlin: 'true'
       - name: Delete original checkout
         shell: bash
         run: |
@@ -93,14 +93,6 @@ jobs:
           checkout_path: x/y/z/some-path/tests/multi-language-repo
           ref: v1.1.0
           sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6
-          upload: never
-          upload-database: false
-
-      - uses: ./../action/upload-sarif
-        with:
-          ref: v1.1.0
-          sha: 474bbf07f9247ffe1856c6a0f94aeeb10e7afee6
-          checkout_path: x/y/z/some-path/tests/multi-language-repo
 
       - name: Verify SARIF after upload
         shell: bash

.github/workflows/codeql.yml

@@ -41,7 +41,7 @@ jobs:
       id: init-latest
       uses: ./init
       with:
-        tools: latest
+        tools: linked
         languages: javascript
     - name: Compare default and latest CodeQL bundle versions
       id: compare
@@ -54,16 +54,16 @@ jobs:
         echo "Default CodeQL bundle version is $CODEQL_VERSION_DEFAULT"
         echo "Latest CodeQL bundle version is $CODEQL_VERSION_LATEST"
 
-        # If we're running on a pull request, run with both bundles, even if `tools: latest` would
+        # If we're running on a pull request, run with both bundles, even if `tools: linked` would
         # be the same as `tools: null`. This allows us to make the job for each of the bundles a
         # required status check.
         #
-        # If we're running on push or schedule, then we can skip running with `tools: latest` when it would be
+        # If we're running on push or schedule, then we can skip running with `tools: linked` when it would be
         # the same as running with `tools: null`.
         if [[ "$GITHUB_EVENT_NAME" != "pull_request" && "$CODEQL_VERSION_DEFAULT" == "$CODEQL_VERSION_LATEST" ]]; then
           VERSIONS_JSON='[null]'
         else
-          VERSIONS_JSON='[null, "latest"]'
+          VERSIONS_JSON='[null, "linked"]'
         fi
 
         # Output a JSON-encoded list with the distinct versions to test against.
@@ -75,7 +75,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-20.04,ubuntu-22.04,windows-2019,windows-2022,macos-11,macos-12,macos-13]
+        os: [ubuntu-20.04,ubuntu-22.04,windows-2019,windows-2022,macos-12,macos-13,macos-14]
         tools: ${{ fromJson(needs.check-codeql-versions.outputs.versions) }}
     runs-on: ${{ matrix.os }}
 
@@ -97,3 +97,5 @@ jobs:
       run: ${{steps.init.outputs.codeql-path}} version --format=json
     - name: Perform CodeQL Analysis
       uses: ./analyze
+      with:
+        category: "/language:javascript"

.github/workflows/codescanning-config-cli.yml

@@ -28,9 +28,9 @@ jobs:
       matrix:
         include:
         - os: ubuntu-latest
-          version: latest
+          version: linked
         - os: macos-latest
-          version: latest
+          version: linked
         - os: ubuntu-latest
           version: default
         - os: macos-latest

.github/workflows/debug-artifacts-failure.yml

@@ -2,9 +2,6 @@
 # when the analyze step fails.
 name: PR Check - Debug artifacts after failure
 env:
-  # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a
-  # workaround for our PR checks.
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: true
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 on:
   push:
@@ -37,7 +34,7 @@ jobs:
         id: prepare-test
         uses: ./.github/actions/prepare-test
         with:
-          version: latest
+          version: linked
       - uses: actions/setup-go@v5
         with:
           go-version: ^1.13.1

.github/workflows/debug-artifacts.yml

@@ -1,9 +1,6 @@
 # Checks logs, SARIF, and database bundle debug artifacts exist.
 name: PR Check - Debug artifact upload
 env:
-  # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a
-  # workaround for our PR checks.
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: true
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 on:
   push:
@@ -29,9 +26,8 @@ jobs:
         - stable-v2.13.5
         - stable-v2.14.6
         - stable-v2.15.5
-        - stable-v2.16.6
         - default
-        - latest
+        - linked
         - nightly-latest
     name: Upload debug artifacts
     env:
@@ -75,7 +71,7 @@ jobs:
       - name: Check expected artifacts exist
         shell: bash
         run: |
-          VERSIONS="stable-20230403 stable-v2.13.5 stable-v2.14.6 stable-v2.15.5 stable-v2.16.6 default latest nightly-latest"
+          VERSIONS="stable-20230403 stable-v2.13.5 stable-v2.14.6 stable-v2.15.5 default linked nightly-latest"
           LANGUAGES="cpp csharp go java javascript python"
           for version in $VERSIONS; do
             pushd "./my-debug-artifacts-${version//./}"

.github/workflows/expected-queries-runs.yml

@@ -29,7 +29,7 @@ jobs:
       id: prepare-test
       uses: ./.github/actions/prepare-test
       with:
-        version: latest
+        version: linked
     - uses: ./../action/init
       with:
         languages: javascript
@@ -37,8 +37,6 @@ jobs:
     - uses: ./../action/analyze
       with:
         output: ${{ runner.temp }}/results
-        upload-database: false
-        upload: never
 
     - name: Check Sarif
       uses: ./../action/.github/actions/check-sarif

.github/workflows/python312-windows.yml

@@ -14,6 +14,8 @@ on:
 
 jobs:
   test-setup-python-scripts:
+    env:
+      CODEQL_ACTION_TEST_MODE: true
     timeout-minutes: 45
     runs-on: windows-latest
 
@@ -32,11 +34,8 @@ jobs:
     - name: Initialize CodeQL
       uses: ./../action/init
       with:
-        tools: latest
+        tools: linked
         languages: python
 
     - name: Analyze
       uses: ./../action/analyze
-      with:
-        upload: false
-        upload-database: false

.github/workflows/query-filters.yml

@@ -27,7 +27,7 @@ jobs:
       id: prepare-test
       uses: ./.github/actions/prepare-test
       with:
-        version: latest
+        version: linked
 
     - name: Check SARIF for default queries with Single include, Single exclude
       uses: ./../action/.github/actions/query-filter-test

.github/workflows/script/update-node-modules.sh

@@ -1,9 +1,12 @@
-if [ "$1" != "update" && "$1" != "check-only" ]; then
+#!/bin/bash
+set -eu
+
+if [ "$1" != "update" ] && [ "$1" != "check-only" ]; then
     >&2 echo "Failed: Invalid argument. Must be 'update' or 'check-only'"
     exit 1
 fi
 
-sudo npm install --force -g npm@9.2.0
+npm install --force -g npm@9.2.0
 
 # clean the npm cache to ensure we don't have any files owned by root
 sudo npm cache clean --force

.github/workflows/test-codeql-bundle-all.yml

@@ -2,9 +2,6 @@ name: 'PR Check - CodeQL Bundle All'
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   GO111MODULE: auto
-  # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a
-  # workaround for our PR checks.
-  CODEQL_EXTRACTOR_JAVA_AGENT_DISABLE_KOTLIN: 'true'
 on:
   push:
     branches:
@@ -53,7 +50,5 @@ jobs:
       shell: bash
       run: ./build.sh
     - uses: ./../action/analyze
-      with:
-        upload-database: false
     env:
       CODEQL_ACTION_TEST_MODE: true

.github/workflows/update-bundle.yml

@@ -54,7 +54,7 @@ jobs:
           cli_version=$(jq -r '.cliVersion' src/defaults.json)
           pr_url=$(gh pr create \
             --title "Update default bundle to $cli_version" \
-            --body "This pull request updates the default CodeQL bundle, as used with \`tools: latest\` and on GHES, to $cli_version." \
+            --body "This pull request updates the default CodeQL bundle, as used with \`tools: linked\` and on GHES, to $cli_version." \
             --assignee "$GITHUB_ACTOR" \
             --draft \
           )

CHANGELOG.md

@@ -4,10 +4,36 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
 
 Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.
 
+## [UNRELEASED]
+
+- Avoid failing the workflow run if there is an error while uploading debug artifacts. [#2349](https://github.com/github/codeql-action/pull/2349)
+
+## 3.25.10 - 13 Jun 2024
+
+- Update default CodeQL bundle version to 2.17.5. [#2327](https://github.com/github/codeql-action/pull/2327)
+
+## 3.25.9 - 12 Jun 2024
+
+- Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. [#2330](https://github.com/github/codeql-action/pull/2330)
+- The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. [#2332](https://github.com/github/codeql-action/pull/2332)
+
+## 3.25.8 - 04 Jun 2024
+
+- Update default CodeQL bundle version to 2.17.4. [#2321](https://github.com/github/codeql-action/pull/2321)
+
+## 3.25.7 - 31 May 2024
+
+- We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. [#2306](https://github.com/github/codeql-action/pull/2306)
+
+## 3.25.6 - 20 May 2024
+
+- Update default CodeQL bundle version to 2.17.3. [#2295](https://github.com/github/codeql-action/pull/2295)
+
 ## 3.25.5 - 13 May 2024
 
 - Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the [README.md](README.md). [#2273](https://github.com/github/codeql-action/pull/2273)
 - Avoid printing out a warning for a missing `on.push` trigger when the CodeQL Action is triggered via a `workflow_call` event. [#2274](https://github.com/github/codeql-action/pull/2274)
+- The `tools: latest` input to the `init` Action has been renamed to `tools: linked`. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. [#2281](https://github.com/github/codeql-action/pull/2281)
 
 ## 3.25.4 - 08 May 2024
 

README.md

@@ -40,6 +40,7 @@ We typically release new minor versions of the CodeQL Action and CLI when a new
 | Recommended CodeQL Action | Recommended CodeQL CLI Version | GitHub Environment |
 |---------|----------|--------------|
 | `v3` | default (do not pass a `tools` input) | GitHub.com |
+| `v3.24.11` | `v2.16.6` | Enterprise Server 3.13 |
 | `3.22.12` | `2.15.5` | Enterprise Server 3.12 |
 | `2.22.1` | `2.14.6` | Enterprise Server 3.11 |
 | `2.20.3` | `2.13.5` | Enterprise Server 3.10 |

init/action.yml

@@ -3,9 +3,19 @@ description: 'Set up CodeQL'
 author: 'GitHub'
 inputs:
   tools:
-    description: URL of CodeQL tools
+    description: >-
+      By default, the Action will use the recommended version of the CodeQL
+      Bundle to analyze your project. You can override this choice using this
+      input. One of:
+
+      - A local path to a CodeQL Bundle tarball, or
+      - The URL of a CodeQL Bundle tarball GitHub release asset, or
+      - A special value `linked` which uses the version of the CodeQL tools
+        that the Action has been bundled with.
+
+      If not specified, the Action will check in several places until it finds
+      the CodeQL tools.
     required: false
-    # If not specified the Action will check in several places until it finds the CodeQL tools.
   languages:
     description: >-
       A comma-separated list of CodeQL languages to analyze.
@@ -26,10 +36,7 @@ inputs:
       - `none`:      The database will be created without building the source code.
                      Available for all interpreted languages and some compiled languages.
       - `autobuild`: The database will be created by attempting to automatically build the source
-                     code.
-                     To use this build mode, ensure that your workflow calls the `autobuild` action
-                     between the `init` and `analyze` steps.
-                     Available for all compiled languages.
+                     code. Available for all compiled languages.
       - `manual`:   The database will be created by building the source code using a manually
                      specified build command. To use this build mode, specify manual build steps in
                      your workflow between the `init` and `analyze` steps. Available for all

lib/actions-util.js

@@ -23,7 +23,20 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getFileType = exports.FileCmdNotFoundError = exports.getWorkflowRunAttempt = exports.getWorkflowRunID = exports.getUploadValue = exports.printDebugLogs = exports.isAnalyzingDefaultBranch = exports.getRelativeScriptPath = exports.isRunningLocalAction = exports.getWorkflowEventName = exports.getActionVersion = exports.getRef = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getTemporaryDirectory = exports.getOptionalInput = exports.getRequiredInput = void 0;
+exports.getFileType = exports.FileCmdNotFoundError = exports.determineMergeBaseCommitOid = exports.getCommitOid = exports.getOptionalInput = exports.getRequiredInput = void 0;
+exports.getTemporaryDirectory = getTemporaryDirectory;
+exports.getRef = getRef;
+exports.getActionVersion = getActionVersion;
+exports.getWorkflowEventName = getWorkflowEventName;
+exports.isRunningLocalAction = isRunningLocalAction;
+exports.getRelativeScriptPath = getRelativeScriptPath;
+exports.getWorkflowEvent = getWorkflowEvent;
+exports.isAnalyzingDefaultBranch = isAnalyzingDefaultBranch;
+exports.printDebugLogs = printDebugLogs;
+exports.getUploadValue = getUploadValue;
+exports.getWorkflowRunID = getWorkflowRunID;
+exports.getWorkflowRunAttempt = getWorkflowRunAttempt;
+exports.isSelfHostedRunner = isSelfHostedRunner;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
@@ -63,7 +76,6 @@ function getTemporaryDirectory() {
         ? value
         : (0, util_1.getRequiredEnvParam)("RUNNER_TEMP");
 }
-exports.getTemporaryDirectory = getTemporaryDirectory;
 /**
  * Gets the SHA of the commit that is currently checked out.
  */
@@ -211,7 +223,6 @@ async function getRef() {
         return ref;
     }
 }
-exports.getRef = getRef;
 function getRefFromEnv() {
     // To workaround a limitation of Actions dynamic workflows not setting
     // the GITHUB_REF in some cases, we accept also the ref within the
@@ -235,7 +246,6 @@ function getRefFromEnv() {
 function getActionVersion() {
     return pkg.version;
 }
-exports.getActionVersion = getActionVersion;
 /**
  * Returns the name of the event that triggered this workflow.
  *
@@ -244,7 +254,6 @@ exports.getActionVersion = getActionVersion;
 function getWorkflowEventName() {
     return (0, util_1.getRequiredEnvParam)("GITHUB_EVENT_NAME");
 }
-exports.getWorkflowEventName = getWorkflowEventName;
 /**
  * Returns whether the current workflow is executing a local copy of the Action, e.g. we're running
  * a workflow on the codeql-action repo itself.
@@ -253,7 +262,6 @@ function isRunningLocalAction() {
     const relativeScriptPath = getRelativeScriptPath();
     return (relativeScriptPath.startsWith("..") || path.isAbsolute(relativeScriptPath));
 }
-exports.isRunningLocalAction = isRunningLocalAction;
 /**
  * Get the location where the Action is running from.
  *
@@ -264,7 +272,6 @@ function getRelativeScriptPath() {
     const actionsDirectory = path.join(path.dirname(runnerTemp), "_actions");
     return path.relative(actionsDirectory, __filename);
 }
-exports.getRelativeScriptPath = getRelativeScriptPath;
 /** Returns the contents of `GITHUB_EVENT_PATH` as a JSON object. */
 function getWorkflowEvent() {
     const eventJsonFile = (0, util_1.getRequiredEnvParam)("GITHUB_EVENT_PATH");
@@ -299,7 +306,6 @@ async function isAnalyzingDefaultBranch() {
     }
     return currentRef === defaultBranch;
 }
-exports.isAnalyzingDefaultBranch = isAnalyzingDefaultBranch;
 async function printDebugLogs(config) {
     for (const language of config.languages) {
         const databaseDirectory = (0, util_1.getCodeQLDatabasePath)(config, language);
@@ -328,7 +334,6 @@ async function printDebugLogs(config) {
         walkLogFiles(logsDirectory);
     }
 }
-exports.printDebugLogs = printDebugLogs;
 /**
  * Parses the `upload` input into an `UploadKind`, converting unspecified and deprecated upload
  * inputs appropriately.
@@ -349,7 +354,6 @@ function getUploadValue(input) {
             return "always";
     }
 }
-exports.getUploadValue = getUploadValue;
 /**
  * Get the workflow run ID.
  */
@@ -364,7 +368,6 @@ function getWorkflowRunID() {
     }
     return workflowRunID;
 }
-exports.getWorkflowRunID = getWorkflowRunID;
 /**
  * Get the workflow run attempt number.
  */
@@ -379,7 +382,6 @@ function getWorkflowRunAttempt() {
     }
     return workflowRunAttempt;
 }
-exports.getWorkflowRunAttempt = getWorkflowRunAttempt;
 class FileCmdNotFoundError extends Error {
     constructor(msg) {
         super(msg);
@@ -424,4 +426,7 @@ const getFileType = async (filePath) => {
     }
 };
 exports.getFileType = getFileType;
+function isSelfHostedRunner() {
+    return process.env.RUNNER_ENVIRONMENT === "self-hosted";
+}
 //# sourceMappingURL=actions-util.js.map

lib/analyze-action-post-helper.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.run = void 0;
+exports.run = run;
 const core = __importStar(require("@actions/core"));
 const actionsUtil = __importStar(require("./actions-util"));
 const config_utils_1 = require("./config-utils");
@@ -41,5 +41,4 @@ async function run(uploadSarifDebugArtifact) {
         await uploadSarifDebugArtifact(config, outputDir);
     }
 }
-exports.run = run;
 //# sourceMappingURL=analyze-action-post-helper.js.map

lib/analyze-action-post-helper.js.map

@@ -1 +1 @@
-{"version":3,"file":"analyze-action-post-helper.js","sourceRoot":"","sources":["../src/analyze-action-post-helper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,4DAA8C;AAC9C,iDAA2C;AAC3C,uCAA6C;AAEtC,KAAK,UAAU,GAAG,CAAC,wBAAkC;IAC1D,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAElC,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAS,EAAC,WAAW,CAAC,qBAAqB,EAAE,EAAE,MAAM,CAAC,CAAC;IAC5E,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CACb,2FAA2F,CAC5F,CAAC;IACJ,CAAC;IAED,+CAA+C;IAC/C,IAAI,MAAM,EAAE,SAAS,EAAE,CAAC;QACtB,IAAI,CAAC,IAAI,CACP,oFAAoF,CACrF,CAAC;QACF,MAAM,SAAS,GAAG,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QACzD,MAAM,wBAAwB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACpD,CAAC;AACH,CAAC;AAlBD,kBAkBC"}
+{"version":3,"file":"analyze-action-post-helper.js","sourceRoot":"","sources":["../src/analyze-action-post-helper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAMA,kBAuBC;AA7BD,oDAAsC;AAEtC,4DAA8C;AAC9C,iDAAmD;AACnD,uCAA6C;AAEtC,KAAK,UAAU,GAAG,CACvB,wBAGkB;IAElB,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAElC,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAS,EAAC,WAAW,CAAC,qBAAqB,EAAE,EAAE,MAAM,CAAC,CAAC;IAC5E,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CACb,2FAA2F,CAC5F,CAAC;IACJ,CAAC;IAED,+CAA+C;IAC/C,IAAI,MAAM,EAAE,SAAS,EAAE,CAAC;QACtB,IAAI,CAAC,IAAI,CACP,oFAAoF,CACrF,CAAC;QACF,MAAM,SAAS,GAAG,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QACzD,MAAM,wBAAwB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACpD,CAAC;AACH,CAAC"}

lib/analyze-action.js

@@ -48,7 +48,7 @@ const status_report_1 = require("./status-report");
 const trap_caching_1 = require("./trap-caching");
 const uploadLib = __importStar(require("./upload-lib"));
 const util = __importStar(require("./util"));
-async function sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger) {
+async function sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, trapCacheCleanup, logger) {
     const status = (0, status_report_1.getActionsStatus)(error, stats?.analyze_failure_language);
     const statusReportBase = await (0, status_report_1.createStatusReportBase)(status_report_1.ActionName.Analyze, status, startedAt, config, await util.checkDiskUsage(), logger, error?.message, error?.stack);
     if (statusReportBase !== undefined) {
@@ -56,6 +56,7 @@ async function sendStatusReport(startedAt, config, stats, error, trapCacheUpload
             ...statusReportBase,
             ...(stats || {}),
             ...(dbCreationTimings || {}),
+            ...(trapCacheCleanup || {}),
         };
         if (config && didUploadTrapCaches) {
             const trapCacheUploadStatusReport = {
@@ -141,6 +142,7 @@ async function run() {
     let uploadResult = undefined;
     let runStats = undefined;
     let config = undefined;
+    let trapCacheCleanupTelemetry = undefined;
     let trapCacheUploadTime = undefined;
     let dbCreationTimings = undefined;
     let didUploadTrapCaches = false;
@@ -196,6 +198,8 @@ async function run() {
         const trapCacheUploadStartTime = perf_hooks_1.performance.now();
         didUploadTrapCaches = await (0, trap_caching_1.uploadTrapCaches)(codeql, config, logger);
         trapCacheUploadTime = perf_hooks_1.performance.now() - trapCacheUploadStartTime;
+        // Clean up TRAP caches
+        trapCacheCleanupTelemetry = await (0, trap_caching_1.cleanupTrapCaches)(config, features, logger);
         // We don't upload results in test mode, so don't wait for processing
         if (util.isInTestMode()) {
             logger.debug("In test mode. Waiting for processing is disabled.");
@@ -218,10 +222,10 @@ async function run() {
         }
         if (error instanceof analyze_1.CodeQLAnalysisError) {
             const stats = { ...error.queriesStatusReport };
-            await sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
+            await sendStatusReport(startedAt, config, stats, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, trapCacheCleanupTelemetry, logger);
         }
         else {
-            await sendStatusReport(startedAt, config, undefined, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
+            await sendStatusReport(startedAt, config, undefined, error, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, trapCacheCleanupTelemetry, logger);
         }
         return;
     }
@@ -229,13 +233,13 @@ async function run() {
         await sendStatusReport(startedAt, config, {
             ...runStats,
             ...uploadResult.statusReport,
-        }, undefined, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
+        }, undefined, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, trapCacheCleanupTelemetry, logger);
     }
     else if (runStats) {
-        await sendStatusReport(startedAt, config, { ...runStats }, undefined, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
+        await sendStatusReport(startedAt, config, { ...runStats }, undefined, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, trapCacheCleanupTelemetry, logger);
     }
     else {
-        await sendStatusReport(startedAt, config, undefined, undefined, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, logger);
+        await sendStatusReport(startedAt, config, undefined, undefined, trapCacheUploadTime, dbCreationTimings, didUploadTrapCaches, trapCacheCleanupTelemetry, logger);
     }
 }
 exports.runPromise = run();

lib/analyze.js

@@ -26,7 +26,13 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.runCleanup = exports.warnIfGoInstalledAfterInit = exports.runFinalize = exports.runQueries = exports.dbIsFinalized = exports.runExtraction = exports.CodeQLAnalysisError = void 0;
+exports.CodeQLAnalysisError = void 0;
+exports.runExtraction = runExtraction;
+exports.dbIsFinalized = dbIsFinalized;
+exports.runQueries = runQueries;
+exports.runFinalize = runFinalize;
+exports.warnIfGoInstalledAfterInit = warnIfGoInstalledAfterInit;
+exports.runCleanup = runCleanup;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const perf_hooks_1 = require("perf_hooks");
@@ -88,7 +94,6 @@ async function runExtraction(codeql, config, logger) {
         }
     }
 }
-exports.runExtraction = runExtraction;
 function shouldExtractLanguage(config, language) {
     return (config.buildMode === util_1.BuildMode.None ||
         (config.buildMode === util_1.BuildMode.Autobuild &&
@@ -106,7 +111,6 @@ function dbIsFinalized(config, language, logger) {
         return false;
     }
 }
-exports.dbIsFinalized = dbIsFinalized;
 async function finalizeDatabaseCreation(codeql, config, threadsFlag, memoryFlag, logger) {
     const extractionStart = perf_hooks_1.performance.now();
     await runExtraction(codeql, config, logger);
@@ -213,7 +217,6 @@ async function runQueries(sarifFolder, memoryFlag, addSnippetsFlag, threadsFlag,
         return await codeql.databasePrintBaseline(databasePath);
     }
 }
-exports.runQueries = runQueries;
 async function runFinalize(outputDir, threadsFlag, memoryFlag, codeql, config, features, logger) {
     try {
         await (0, del_1.default)(outputDir, { force: true });
@@ -231,7 +234,6 @@ async function runFinalize(outputDir, threadsFlag, memoryFlag, codeql, config, f
     }
     return timings;
 }
-exports.runFinalize = runFinalize;
 async function warnIfGoInstalledAfterInit(config, logger) {
     // Check that `which go` still points at the same path it did when the `init` Action ran to ensure that no steps
     // in-between performed any setup. We encourage users to perform all setup tasks before initializing CodeQL so that
@@ -257,7 +259,6 @@ async function warnIfGoInstalledAfterInit(config, logger) {
         }
     }
 }
-exports.warnIfGoInstalledAfterInit = warnIfGoInstalledAfterInit;
 async function runCleanup(config, cleanupLevel, logger) {
     logger.startGroup("Cleaning up databases");
     for (const language of config.languages) {
@@ -267,5 +268,4 @@ async function runCleanup(config, cleanupLevel, logger) {
     }
     logger.endGroup();
 }
-exports.runCleanup = runCleanup;
 //# sourceMappingURL=analyze.js.map

lib/api-client.js

@@ -26,12 +26,25 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.wrapApiConfigurationError = exports.computeAutomationID = exports.getAutomationID = exports.getAnalysisKey = exports.getWorkflowRelativePath = exports.getGitHubVersion = exports.getGitHubVersionFromApi = exports.getApiClientWithExternalAuth = exports.getApiClient = exports.getApiDetails = exports.DisallowedAPIVersionReason = void 0;
+exports.DisallowedAPIVersionReason = void 0;
+exports.getApiDetails = getApiDetails;
+exports.getApiClient = getApiClient;
+exports.getApiClientWithExternalAuth = getApiClientWithExternalAuth;
+exports.getGitHubVersionFromApi = getGitHubVersionFromApi;
+exports.getGitHubVersion = getGitHubVersion;
+exports.getWorkflowRelativePath = getWorkflowRelativePath;
+exports.getAnalysisKey = getAnalysisKey;
+exports.getAutomationID = getAutomationID;
+exports.computeAutomationID = computeAutomationID;
+exports.listActionsCaches = listActionsCaches;
+exports.deleteActionsCache = deleteActionsCache;
+exports.wrapApiConfigurationError = wrapApiConfigurationError;
 const core = __importStar(require("@actions/core"));
 const githubUtils = __importStar(require("@actions/github/lib/utils"));
 const retry = __importStar(require("@octokit/plugin-retry"));
 const console_log_level_1 = __importDefault(require("console-log-level"));
 const actions_util_1 = require("./actions-util");
+const repository_1 = require("./repository");
 const util_1 = require("./util");
 const GITHUB_ENTERPRISE_VERSION_HEADER = "x-github-enterprise-version";
 var DisallowedAPIVersionReason;
@@ -55,15 +68,12 @@ function getApiDetails() {
         apiURL: (0, util_1.getRequiredEnvParam)("GITHUB_API_URL"),
     };
 }
-exports.getApiDetails = getApiDetails;
 function getApiClient() {
     return createApiClientWithDetails(getApiDetails());
 }
-exports.getApiClient = getApiClient;
 function getApiClientWithExternalAuth(apiDetails) {
     return createApiClientWithDetails(apiDetails, { allowExternal: true });
 }
-exports.getApiClientWithExternalAuth = getApiClientWithExternalAuth;
 let cachedGitHubVersion = undefined;
 async function getGitHubVersionFromApi(apiClient, apiDetails) {
     // We can avoid making an API request in the standard dotcom case
@@ -72,6 +82,7 @@ async function getGitHubVersionFromApi(apiClient, apiDetails) {
     }
     // Doesn't strictly have to be the meta endpoint as we're only
     // using the response headers which are available on every request.
+    // eslint-disable-next-line @typescript-eslint/no-unsafe-call
     const response = await apiClient.rest.meta.get();
     // This happens on dotcom, although we expect to have already returned in that
     // case. This can also serve as a fallback in cases we haven't foreseen.
@@ -84,7 +95,6 @@ async function getGitHubVersionFromApi(apiClient, apiDetails) {
     const version = response.headers[GITHUB_ENTERPRISE_VERSION_HEADER];
     return { type: util_1.GitHubVariant.GHES, version };
 }
-exports.getGitHubVersionFromApi = getGitHubVersionFromApi;
 /**
  * Report the GitHub server version. This is a wrapper around
  * util.getGitHubVersion() that automatically supplies GitHub API details using
@@ -98,7 +108,6 @@ async function getGitHubVersion() {
     }
     return cachedGitHubVersion;
 }
-exports.getGitHubVersion = getGitHubVersion;
 /**
  * Get the path of the currently executing workflow relative to the repository root.
  */
@@ -117,7 +126,6 @@ async function getWorkflowRelativePath() {
     const workflowResponse = await apiClient.request(`GET ${workflowUrl}`);
     return workflowResponse.data.path;
 }
-exports.getWorkflowRelativePath = getWorkflowRelativePath;
 /**
  * Get the analysis key parameter for the current job.
  *
@@ -137,13 +145,11 @@ async function getAnalysisKey() {
     core.exportVariable(analysisKeyEnvVar, analysisKey);
     return analysisKey;
 }
-exports.getAnalysisKey = getAnalysisKey;
 async function getAutomationID() {
     const analysis_key = await getAnalysisKey();
     const environment = (0, actions_util_1.getRequiredInput)("matrix");
     return computeAutomationID(analysis_key, environment);
 }
-exports.getAutomationID = getAutomationID;
 function computeAutomationID(analysis_key, environment) {
     let automationID = `${analysis_key}/`;
     const matrix = (0, util_1.parseMatrixInput)(environment);
@@ -162,7 +168,25 @@ function computeAutomationID(analysis_key, environment) {
     }
     return automationID;
 }
-exports.computeAutomationID = computeAutomationID;
+/** List all Actions cache entries matching the provided key and ref. */
+async function listActionsCaches(key, ref) {
+    const repositoryNwo = (0, repository_1.parseRepositoryNwo)((0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY"));
+    return await getApiClient().paginate("GET /repos/{owner}/{repo}/actions/caches", {
+        owner: repositoryNwo.owner,
+        repo: repositoryNwo.repo,
+        key,
+        ref,
+    });
+}
+/** Delete an Actions cache item by its ID. */
+async function deleteActionsCache(id) {
+    const repositoryNwo = (0, repository_1.parseRepositoryNwo)((0, util_1.getRequiredEnvParam)("GITHUB_REPOSITORY"));
+    await getApiClient().rest.actions.deleteActionsCacheById({
+        owner: repositoryNwo.owner,
+        repo: repositoryNwo.repo,
+        cache_id: id,
+    });
+}
 function wrapApiConfigurationError(e) {
     if ((0, util_1.isHTTPError)(e)) {
         if (e.message.includes("API rate limit exceeded for site ID installation") ||
@@ -173,5 +197,4 @@ function wrapApiConfigurationError(e) {
     }
     return e;
 }
-exports.wrapApiConfigurationError = wrapApiConfigurationError;
 //# sourceMappingURL=api-client.js.map

lib/api-client.js.map

@@ -1 +1 @@
-{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AACtC,uEAAyD;AACzD,6DAA+C;AAC/C,0EAAgD;AAEhD,iDAAoE;AACpE,iCASgB;AAEhB,MAAM,gCAAgC,GAAG,6BAA6B,CAAC;AAEvE,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,+FAAc,CAAA;IACd,+FAAc,CAAA;AAChB,CAAC,EAHW,0BAA0B,0CAA1B,0BAA0B,QAGrC;AAiBD,SAAS,0BAA0B,CACjC,UAAoC,EACpC,EAAE,aAAa,GAAG,KAAK,EAAE,GAAG,EAAE;IAE9B,MAAM,IAAI,GACR,CAAC,aAAa,IAAI,UAAU,CAAC,gBAAgB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC;IACpE,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/D,OAAO,IAAI,eAAe,CACxB,WAAW,CAAC,iBAAiB,CAAC,IAAI,EAAE;QAClC,OAAO,EAAE,UAAU,CAAC,MAAM;QAC1B,SAAS,EAAE,iBAAiB,IAAA,+BAAgB,GAAE,EAAE;QAChD,GAAG,EAAE,IAAA,2BAAe,EAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;KACzC,CAAC,CACH,CAAC;AACJ,CAAC;AAED,SAAgB,aAAa;IAC3B,OAAO;QACL,IAAI,EAAE,IAAA,+BAAgB,EAAC,OAAO,CAAC;QAC/B,GAAG,EAAE,IAAA,0BAAmB,EAAC,mBAAmB,CAAC;QAC7C,MAAM,EAAE,IAAA,0BAAmB,EAAC,gBAAgB,CAAC;KAC9C,CAAC;AACJ,CAAC;AAND,sCAMC;AAED,SAAgB,YAAY;IAC1B,OAAO,0BAA0B,CAAC,aAAa,EAAE,CAAC,CAAC;AACrD,CAAC;AAFD,oCAEC;AAED,SAAgB,4BAA4B,CAC1C,UAAoC;IAEpC,OAAO,0BAA0B,CAAC,UAAU,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;AACzE,CAAC;AAJD,oEAIC;AAED,IAAI,mBAAmB,GAA8B,SAAS,CAAC;AAExD,KAAK,UAAU,uBAAuB,CAC3C,SAAc,EACd,UAA4B;IAE5B,iEAAiE;IACjE,IAAI,IAAA,qBAAc,EAAC,UAAU,CAAC,GAAG,CAAC,KAAK,wBAAiB,EAAE,CAAC;QACzD,OAAO,EAAE,IAAI,EAAE,oBAAa,CAAC,MAAM,EAAE,CAAC;IACxC,CAAC;IAED,8DAA8D;IAC9D,mEAAmE;IACnE,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;IAEjD,8EAA8E;IAC9E,wEAAwE;IACxE,IAAI,QAAQ,CAAC,OAAO,CAAC,gCAAgC,CAAC,KAAK,SAAS,EAAE,CAAC;QACrE,OAAO,EAAE,IAAI,EAAE,oBAAa,CAAC,MAAM,EAAE,CAAC;IACxC,CAAC;IAED,IAAI,QAAQ,CAAC,OAAO,CAAC,gCAAgC,CAAC,KAAK,SAAS,EAAE,CAAC;QACrE,OAAO,EAAE,IAAI,EAAE,oBAAa,CAAC,UAAU,EAAE,CAAC;IAC5C,CAAC;IAED,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,gCAAgC,CAAW,CAAC;IAC7E,OAAO,EAAE,IAAI,EAAE,oBAAa,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;AAC/C,CAAC;AAzBD,0DAyBC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,gBAAgB;IACpC,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;QACtC,mBAAmB,GAAG,MAAM,uBAAuB,CACjD,YAAY,EAAE,EACd,aAAa,EAAE,CAChB,CAAC;IACJ,CAAC;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AARD,4CAQC;AAED;;GAEG;AACI,KAAK,UAAU,uBAAuB;IAC3C,MAAM,QAAQ,GAAG,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACrE,MAAM,KAAK,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC1B,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACzB,MAAM,MAAM,GAAG,MAAM,CAAC,IAAA,0BAAmB,EAAC,eAAe,CAAC,CAAC,CAAC;IAE5D,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IACjC,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,OAAO,CAC1C,yEAAyE,EACzE;QACE,KAAK;QACL,IAAI;QACJ,MAAM;KACP,CACF,CAAC;IACF,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC;IAEnD,MAAM,gBAAgB,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,OAAO,WAAW,EAAE,CAAC,CAAC;IAEvE,OAAO,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC;AACpC,CAAC;AApBD,0DAoBC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,cAAc;IAClC,MAAM,iBAAiB,GAAG,4BAA4B,CAAC;IAEvD,IAAI,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACjD,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,uBAAuB,EAAE,CAAC;IACrD,MAAM,OAAO,GAAG,IAAA,0BAAmB,EAAC,YAAY,CAAC,CAAC;IAElD,WAAW,GAAG,GAAG,YAAY,IAAI,OAAO,EAAE,CAAC;IAC3C,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,WAAW,CAAC,CAAC;IACpD,OAAO,WAAW,CAAC;AACrB,CAAC;AAdD,wCAcC;AAEM,KAAK,UAAU,eAAe;IACnC,MAAM,YAAY,GAAG,MAAM,cAAc,EAAE,CAAC;IAC5C,MAAM,WAAW,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAE/C,OAAO,mBAAmB,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;AACxD,CAAC;AALD,0CAKC;AAED,SAAgB,mBAAmB,CACjC,YAAoB,EACpB,WAA+B;IAE/B,IAAI,YAAY,GAAG,GAAG,YAAY,GAAG,CAAC;IAEtC,MAAM,MAAM,GAAG,IAAA,uBAAgB,EAAC,WAAW,CAAC,CAAC;IAC7C,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,uDAAuD;QACvD,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YAClD,IAAI,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;gBACjC,YAAY,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC;YAC7C,CAAC;iBAAM,CAAC;gBACN,qDAAqD;gBACrD,6CAA6C;gBAC7C,YAAY,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;YAClC,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AArBD,kDAqBC;AAED,SAAgB,yBAAyB,CAAC,CAAU;IAClD,IAAI,IAAA,kBAAW,EAAC,CAAC,CAAC,EAAE,CAAC;QACnB,IACE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,kDAAkD,CAAC;YACtE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAC;YACtC,uCAAuC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,EACvD,CAAC;YACD,OAAO,IAAI,yBAAkB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAXD,8DAWC"}
+{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../src/api-client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwDA,sCAMC;AAED,oCAEC;AAED,oEAIC;AAID,0DA0BC;AASD,4CAQC;AAKD,0DAoBC;AASD,wCAcC;AAED,0CAKC;AAED,kDAqBC;AAUD,8CAiBC;AAGD,gDAUC;AAED,8DAWC;AA1PD,oDAAsC;AACtC,uEAAyD;AACzD,6DAA+C;AAC/C,0EAAgD;AAEhD,iDAAoE;AACpE,6CAAkD;AAClD,iCASgB;AAEhB,MAAM,gCAAgC,GAAG,6BAA6B,CAAC;AAEvE,IAAY,0BAGX;AAHD,WAAY,0BAA0B;IACpC,+FAAc,CAAA;IACd,+FAAc,CAAA;AAChB,CAAC,EAHW,0BAA0B,0CAA1B,0BAA0B,QAGrC;AAiBD,SAAS,0BAA0B,CACjC,UAAoC,EACpC,EAAE,aAAa,GAAG,KAAK,EAAE,GAAG,EAAE;IAE9B,MAAM,IAAI,GACR,CAAC,aAAa,IAAI,UAAU,CAAC,gBAAgB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC;IACpE,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/D,OAAO,IAAI,eAAe,CACxB,WAAW,CAAC,iBAAiB,CAAC,IAAI,EAAE;QAClC,OAAO,EAAE,UAAU,CAAC,MAAM;QAC1B,SAAS,EAAE,iBAAiB,IAAA,+BAAgB,GAAE,EAAE;QAChD,GAAG,EAAE,IAAA,2BAAe,EAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;KACzC,CAAC,CACH,CAAC;AACJ,CAAC;AAED,SAAgB,aAAa;IAC3B,OAAO;QACL,IAAI,EAAE,IAAA,+BAAgB,EAAC,OAAO,CAAC;QAC/B,GAAG,EAAE,IAAA,0BAAmB,EAAC,mBAAmB,CAAC;QAC7C,MAAM,EAAE,IAAA,0BAAmB,EAAC,gBAAgB,CAAC;KAC9C,CAAC;AACJ,CAAC;AAED,SAAgB,YAAY;IAC1B,OAAO,0BAA0B,CAAC,aAAa,EAAE,CAAC,CAAC;AACrD,CAAC;AAED,SAAgB,4BAA4B,CAC1C,UAAoC;IAEpC,OAAO,0BAA0B,CAAC,UAAU,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;AACzE,CAAC;AAED,IAAI,mBAAmB,GAA8B,SAAS,CAAC;AAExD,KAAK,UAAU,uBAAuB,CAC3C,SAAc,EACd,UAA4B;IAE5B,iEAAiE;IACjE,IAAI,IAAA,qBAAc,EAAC,UAAU,CAAC,GAAG,CAAC,KAAK,wBAAiB,EAAE,CAAC;QACzD,OAAO,EAAE,IAAI,EAAE,oBAAa,CAAC,MAAM,EAAE,CAAC;IACxC,CAAC;IAED,8DAA8D;IAC9D,mEAAmE;IACnE,6DAA6D;IAC7D,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;IAEjD,8EAA8E;IAC9E,wEAAwE;IACxE,IAAI,QAAQ,CAAC,OAAO,CAAC,gCAAgC,CAAC,KAAK,SAAS,EAAE,CAAC;QACrE,OAAO,EAAE,IAAI,EAAE,oBAAa,CAAC,MAAM,EAAE,CAAC;IACxC,CAAC;IAED,IAAI,QAAQ,CAAC,OAAO,CAAC,gCAAgC,CAAC,KAAK,SAAS,EAAE,CAAC;QACrE,OAAO,EAAE,IAAI,EAAE,oBAAa,CAAC,UAAU,EAAE,CAAC;IAC5C,CAAC;IAED,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,gCAAgC,CAAW,CAAC;IAC7E,OAAO,EAAE,IAAI,EAAE,oBAAa,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;AAC/C,CAAC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,gBAAgB;IACpC,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;QACtC,mBAAmB,GAAG,MAAM,uBAAuB,CACjD,YAAY,EAAE,EACd,aAAa,EAAE,CAChB,CAAC;IACJ,CAAC;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,uBAAuB;IAC3C,MAAM,QAAQ,GAAG,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACrE,MAAM,KAAK,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC1B,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACzB,MAAM,MAAM,GAAG,MAAM,CAAC,IAAA,0BAAmB,EAAC,eAAe,CAAC,CAAC,CAAC;IAE5D,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IACjC,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,OAAO,CAC1C,yEAAyE,EACzE;QACE,KAAK;QACL,IAAI;QACJ,MAAM;KACP,CACF,CAAC;IACF,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC;IAEnD,MAAM,gBAAgB,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,OAAO,WAAW,EAAE,CAAC,CAAC;IAEvE,OAAO,gBAAgB,CAAC,IAAI,CAAC,IAAc,CAAC;AAC9C,CAAC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,cAAc;IAClC,MAAM,iBAAiB,GAAG,4BAA4B,CAAC;IAEvD,IAAI,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACjD,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,uBAAuB,EAAE,CAAC;IACrD,MAAM,OAAO,GAAG,IAAA,0BAAmB,EAAC,YAAY,CAAC,CAAC;IAElD,WAAW,GAAG,GAAG,YAAY,IAAI,OAAO,EAAE,CAAC;IAC3C,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,WAAW,CAAC,CAAC;IACpD,OAAO,WAAW,CAAC;AACrB,CAAC;AAEM,KAAK,UAAU,eAAe;IACnC,MAAM,YAAY,GAAG,MAAM,cAAc,EAAE,CAAC;IAC5C,MAAM,WAAW,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAE/C,OAAO,mBAAmB,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;AACxD,CAAC;AAED,SAAgB,mBAAmB,CACjC,YAAoB,EACpB,WAA+B;IAE/B,IAAI,YAAY,GAAG,GAAG,YAAY,GAAG,CAAC;IAEtC,MAAM,MAAM,GAAG,IAAA,uBAAgB,EAAC,WAAW,CAAC,CAAC;IAC7C,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,uDAAuD;QACvD,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YAClD,IAAI,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;gBACjC,YAAY,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC;YAC7C,CAAC;iBAAM,CAAC;gBACN,qDAAqD;gBACrD,6CAA6C;gBAC7C,YAAY,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;YAClC,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AASD,wEAAwE;AACjE,KAAK,UAAU,iBAAiB,CACrC,GAAW,EACX,GAAW;IAEX,MAAM,aAAa,GAAG,IAAA,+BAAkB,EACtC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CACzC,CAAC;IAEF,OAAO,MAAM,YAAY,EAAE,CAAC,QAAQ,CAClC,0CAA0C,EAC1C;QACE,KAAK,EAAE,aAAa,CAAC,KAAK;QAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;QACxB,GAAG;QACH,GAAG;KACJ,CACF,CAAC;AACJ,CAAC;AAED,8CAA8C;AACvC,KAAK,UAAU,kBAAkB,CAAC,EAAU;IACjD,MAAM,aAAa,GAAG,IAAA,+BAAkB,EACtC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CACzC,CAAC;IAEF,MAAM,YAAY,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,sBAAsB,CAAC;QACvD,KAAK,EAAE,aAAa,CAAC,KAAK;QAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;QACxB,QAAQ,EAAE,EAAE;KACb,CAAC,CAAC;AACL,CAAC;AAED,SAAgB,yBAAyB,CAAC,CAAU;IAClD,IAAI,IAAA,kBAAW,EAAC,CAAC,CAAC,EAAE,CAAC;QACnB,IACE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,kDAAkD,CAAC;YACtE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAC;YACtC,uCAAuC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,EACvD,CAAC;YACD,OAAO,IAAI,yBAAkB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC"}

lib/api-compatibility.json

@@ -1 +1 @@
-{ "maximumVersion": "3.13", "minimumVersion": "3.9" }
+{ "maximumVersion": "3.14", "minimumVersion": "3.9" }

lib/autobuild.js

@@ -23,7 +23,9 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.runAutobuild = exports.setupCppAutobuild = exports.determineAutobuildLanguages = void 0;
+exports.determineAutobuildLanguages = determineAutobuildLanguages;
+exports.setupCppAutobuild = setupCppAutobuild;
+exports.runAutobuild = runAutobuild;
 const core = __importStar(require("@actions/core"));
 const actions_util_1 = require("./actions-util");
 const api_client_1 = require("./api-client");
@@ -106,7 +108,6 @@ async function determineAutobuildLanguages(codeql, config, logger) {
     }
     return languages;
 }
-exports.determineAutobuildLanguages = determineAutobuildLanguages;
 async function setupCppAutobuild(codeql, logger) {
     const envVar = feature_flags_1.featureConfig[feature_flags_1.Feature.CppDependencyInstallation].envVar;
     const featureName = "C++ automatic installation of dependencies";
@@ -133,7 +134,6 @@ async function setupCppAutobuild(codeql, logger) {
         core.exportVariable(envVar, "false");
     }
 }
-exports.setupCppAutobuild = setupCppAutobuild;
 async function runAutobuild(config, language, features, logger) {
     logger.startGroup(`Attempting to automatically build ${language} code`);
     const codeQL = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
@@ -152,5 +152,4 @@ async function runAutobuild(config, language, features, logger) {
     }
     logger.endGroup();
 }
-exports.runAutobuild = runAutobuild;
 //# sourceMappingURL=autobuild.js.map

lib/autobuild.js.map

@@ -1 +1 @@
-{"version":3,"file":"autobuild.js","sourceRoot":"","sources":["../src/autobuild.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,iDAA6E;AAC7E,6CAAgD;AAChD,qCAA6C;AAE7C,+CAAuC;AACvC,mDAKyB;AACzB,2CAAyD;AAEzD,6CAAkD;AAClD,qDAAgD;AAChD,iCAAwD;AAEjD,KAAK,UAAU,2BAA2B,CAC/C,MAAc,EACd,MAA0B,EAC1B,MAAc;IAEd,IACE,CAAC,MAAM,CAAC,SAAS,KAAK,gBAAS,CAAC,IAAI;QAClC,CAAC,MAAM,MAAM,CAAC,eAAe,CAAC,6BAAY,CAAC,wBAAwB,CAAC,CAAC,CAAC;QACxE,MAAM,CAAC,SAAS,KAAK,gBAAS,CAAC,MAAM,EACrC,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,SAAS,MAAM,CAAC,SAAS,oCAAoC,CAAC,CAAC;QAC3E,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,0CAA0C;IAC1C,mFAAmF;IACnF,oFAAoF;IACpF,4EAA4E;IAC5E,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvD,IAAA,4BAAgB,EAAC,CAAC,CAAC,CACpB,CAAC;IAEF,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,CACT,iEAAiE,CAClE,CAAC;QACF,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,MAAM,2BAA2B,GAAG,kBAAkB,CAAC,MAAM,CAC3D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,oBAAQ,CAAC,EAAE,CACzB,CAAC;IAEF,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,yEAAyE;IACzE,UAAU;IACV,IAAI,2BAA2B,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;QACjD,SAAS,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,uEAAuE;IACvE,wCAAwC;IACxC,IAAI,kBAAkB,CAAC,MAAM,KAAK,2BAA2B,CAAC,MAAM,EAAE,CAAC;QACrE,SAAS,CAAC,IAAI,CAAC,oBAAQ,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAE3D,2EAA2E;IAC3E,4EAA4E;IAC5E,2CAA2C;IAC3C,uEAAuE;IACvE,2EAA2E;IAC3E,uEAAuE;IACvE,yCAAyC;IACzC,IAAI,2BAA2B,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,OAAO,CACZ,oCAAoC,SAAS,CAAC,IAAI,CAChD,OAAO,CACR,8BAA8B,2BAA2B;aACvD,KAAK,CAAC,CAAC,CAAC;aACR,IAAI,CACH,OAAO,CACR,kFAAkF;YACnF,4BAA4B;YAC5B,0NAA0N,CAC7N,CAAC;IACJ,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAhGD,kEAgGC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,MAAM,GAAG,6BAAa,CAAC,uBAAO,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC;IACvE,MAAM,WAAW,GAAG,4CAA4C,CAAC;IACjE,MAAM,MAAM,GACV,wHAAwH,CAAC;IAC3H,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;IAC/C,MAAM,aAAa,GAAG,IAAA,+BAAkB,EACtC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CACzC,CAAC;IACF,MAAM,QAAQ,GAAG,IAAI,wBAAQ,CAC3B,aAAa,EACb,aAAa,EACb,IAAA,oCAAqB,GAAE,EACvB,MAAM,CACP,CAAC;IACF,IAAI,MAAM,QAAQ,CAAC,QAAQ,CAAC,uBAAO,CAAC,yBAAyB,EAAE,MAAM,CAAC,EAAE,CAAC;QACvE,yEAAyE;QACzE,IACE,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,aAAa;YACnD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,MAAM,EAC9B,CAAC;YACD,MAAM,CAAC,IAAI,CACT,aAAa,WAAW,sCACtB,IAAA,mCAAoB,GAAE,KAAK,SAAS;gBAClC,CAAC,CAAC,8BAA8B,MAAM,yDAAyD,MAAM,IAAI;gBACzG,CAAC,CAAC,EACN,EAAE,CACH,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACvC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CACT,YAAY,WAAW,yCAAyC,MAAM,yCAAyC,MAAM,IAAI,CAC1H,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,aAAa,WAAW,GAAG,CAAC,CAAC;QACzC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;AACH,CAAC;AAvCD,8CAuCC;AAEM,KAAK,UAAU,YAAY,CAChC,MAA0B,EAC1B,QAAkB,EAClB,QAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,qCAAqC,QAAQ,OAAO,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACjD,IAAI,QAAQ,KAAK,oBAAQ,CAAC,GAAG,EAAE,CAAC;QAC9B,MAAM,iBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IACD,IACE,MAAM,CAAC,SAAS;QAChB,CAAC,MAAM,QAAQ,CAAC,QAAQ,CAAC,uBAAO,CAAC,sBAAsB,EAAE,MAAM,CAAC,CAAC,EACjE,CAAC;QACD,MAAM,MAAM,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACvD,CAAC;SAAM,CAAC;QACN,MAAM,MAAM,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC9C,CAAC;IACD,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE,CAAC;QAC7B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;IAC3D,CAAC;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC;AAvBD,oCAuBC"}
+{"version":3,"file":"autobuild.js","sourceRoot":"","sources":["../src/autobuild.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAmBA,kEAgGC;AAED,8CAuCC;AAED,oCAuBC;AArLD,oDAAsC;AAEtC,iDAA6E;AAC7E,6CAAgD;AAChD,qCAA6C;AAE7C,+CAAuC;AACvC,mDAKyB;AACzB,2CAAyD;AAEzD,6CAAkD;AAClD,qDAAgD;AAChD,iCAAwD;AAEjD,KAAK,UAAU,2BAA2B,CAC/C,MAAc,EACd,MAA0B,EAC1B,MAAc;IAEd,IACE,CAAC,MAAM,CAAC,SAAS,KAAK,gBAAS,CAAC,IAAI;QAClC,CAAC,MAAM,MAAM,CAAC,eAAe,CAAC,6BAAY,CAAC,wBAAwB,CAAC,CAAC,CAAC;QACxE,MAAM,CAAC,SAAS,KAAK,gBAAS,CAAC,MAAM,EACrC,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,SAAS,MAAM,CAAC,SAAS,oCAAoC,CAAC,CAAC;QAC3E,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,0CAA0C;IAC1C,mFAAmF;IACnF,oFAAoF;IACpF,4EAA4E;IAC5E,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvD,IAAA,4BAAgB,EAAC,CAAC,CAAC,CACpB,CAAC;IAEF,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,CACT,iEAAiE,CAClE,CAAC;QACF,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,MAAM,2BAA2B,GAAG,kBAAkB,CAAC,MAAM,CAC3D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,oBAAQ,CAAC,EAAE,CACzB,CAAC;IAEF,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,yEAAyE;IACzE,UAAU;IACV,IAAI,2BAA2B,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;QACjD,SAAS,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IACD,uEAAuE;IACvE,wCAAwC;IACxC,IAAI,kBAAkB,CAAC,MAAM,KAAK,2BAA2B,CAAC,MAAM,EAAE,CAAC;QACrE,SAAS,CAAC,IAAI,CAAC,oBAAQ,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAE3D,2EAA2E;IAC3E,4EAA4E;IAC5E,2CAA2C;IAC3C,uEAAuE;IACvE,2EAA2E;IAC3E,uEAAuE;IACvE,yCAAyC;IACzC,IAAI,2BAA2B,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,OAAO,CACZ,oCAAoC,SAAS,CAAC,IAAI,CAChD,OAAO,CACR,8BAA8B,2BAA2B;aACvD,KAAK,CAAC,CAAC,CAAC;aACR,IAAI,CACH,OAAO,CACR,kFAAkF;YACnF,4BAA4B;YAC5B,0NAA0N,CAC7N,CAAC;IACJ,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAEM,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,MAAc;IACpE,MAAM,MAAM,GAAG,6BAAa,CAAC,uBAAO,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC;IACvE,MAAM,WAAW,GAAG,4CAA4C,CAAC;IACjE,MAAM,MAAM,GACV,wHAAwH,CAAC;IAC3H,MAAM,aAAa,GAAG,MAAM,IAAA,6BAAgB,GAAE,CAAC;IAC/C,MAAM,aAAa,GAAG,IAAA,+BAAkB,EACtC,IAAA,0BAAmB,EAAC,mBAAmB,CAAC,CACzC,CAAC;IACF,MAAM,QAAQ,GAAG,IAAI,wBAAQ,CAC3B,aAAa,EACb,aAAa,EACb,IAAA,oCAAqB,GAAE,EACvB,MAAM,CACP,CAAC;IACF,IAAI,MAAM,QAAQ,CAAC,QAAQ,CAAC,uBAAO,CAAC,yBAAyB,EAAE,MAAM,CAAC,EAAE,CAAC;QACvE,yEAAyE;QACzE,IACE,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,aAAa;YACnD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,MAAM,EAC9B,CAAC;YACD,MAAM,CAAC,IAAI,CACT,aAAa,WAAW,sCACtB,IAAA,mCAAoB,GAAE,KAAK,SAAS;gBAClC,CAAC,CAAC,8BAA8B,MAAM,yDAAyD,MAAM,IAAI;gBACzG,CAAC,CAAC,EACN,EAAE,CACH,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACvC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CACT,YAAY,WAAW,yCAAyC,MAAM,yCAAyC,MAAM,IAAI,CAC1H,CAAC;YACF,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,aAAa,WAAW,GAAG,CAAC,CAAC;QACzC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,YAAY,CAChC,MAA0B,EAC1B,QAAkB,EAClB,QAA2B,EAC3B,MAAc;IAEd,MAAM,CAAC,UAAU,CAAC,qCAAqC,QAAQ,OAAO,CAAC,CAAC;IACxE,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACjD,IAAI,QAAQ,KAAK,oBAAQ,CAAC,GAAG,EAAE,CAAC;QAC9B,MAAM,iBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IACD,IACE,MAAM,CAAC,SAAS;QAChB,CAAC,MAAM,QAAQ,CAAC,QAAQ,CAAC,uBAAO,CAAC,sBAAsB,EAAE,MAAM,CAAC,CAAC,EACjE,CAAC;QACD,MAAM,MAAM,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACvD,CAAC;SAAM,CAAC;QACN,MAAM,MAAM,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC9C,CAAC;IACD,IAAI,QAAQ,KAAK,oBAAQ,CAAC,EAAE,EAAE,CAAC;QAC7B,IAAI,CAAC,cAAc,CAAC,oBAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;IAC3D,CAAC;IACD,MAAM,CAAC,QAAQ,EAAE,CAAC;AACpB,CAAC"}

lib/cli-errors.js

@@ -1,6 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.wrapCliConfigurationError = exports.getCliConfigCategoryIfExists = exports.cliErrorsConfig = exports.CliConfigErrorCategory = exports.CommandInvocationError = void 0;
+exports.cliErrorsConfig = exports.CliConfigErrorCategory = exports.CommandInvocationError = void 0;
+exports.getCliConfigCategoryIfExists = getCliConfigCategoryIfExists;
+exports.wrapCliConfigurationError = wrapCliConfigurationError;
 const util_1 = require("./util");
 /**
  * A class of Error that we can classify as an error stemming from a CLI
@@ -117,10 +119,10 @@ function ensureEndsInPeriod(text) {
 var CliConfigErrorCategory;
 (function (CliConfigErrorCategory) {
     CliConfigErrorCategory["ExternalRepositoryCloneFailed"] = "ExternalRepositoryCloneFailed";
-    CliConfigErrorCategory["GracefulOutOfMemory"] = "GracefulOutOfMemory";
     CliConfigErrorCategory["GradleBuildFailed"] = "GradleBuildFailed";
     CliConfigErrorCategory["IncompatibleWithActionVersion"] = "IncompatibleWithActionVersion";
     CliConfigErrorCategory["InitCalledTwice"] = "InitCalledTwice";
+    CliConfigErrorCategory["InvalidConfigFile"] = "InvalidConfigFile";
     CliConfigErrorCategory["InvalidSourceRoot"] = "InvalidSourceRoot";
     CliConfigErrorCategory["MavenBuildFailed"] = "MavenBuildFailed";
     CliConfigErrorCategory["NoBuildCommandAutodetected"] = "NoBuildCommandAutodetected";
@@ -128,7 +130,9 @@ var CliConfigErrorCategory;
     CliConfigErrorCategory["NoSourceCodeSeen"] = "NoSourceCodeSeen";
     CliConfigErrorCategory["NoSupportedBuildCommandSucceeded"] = "NoSupportedBuildCommandSucceeded";
     CliConfigErrorCategory["NoSupportedBuildSystemDetected"] = "NoSupportedBuildSystemDetected";
+    CliConfigErrorCategory["OutOfMemoryOrDisk"] = "OutOfMemoryOrDisk";
     CliConfigErrorCategory["PackCannotBeFound"] = "PackCannotBeFound";
+    CliConfigErrorCategory["PackMissingAuth"] = "PackMissingAuth";
     CliConfigErrorCategory["SwiftBuildFailed"] = "SwiftBuildFailed";
     CliConfigErrorCategory["UnsupportedBuildMode"] = "UnsupportedBuildMode";
 })(CliConfigErrorCategory || (exports.CliConfigErrorCategory = CliConfigErrorCategory = {}));
@@ -142,9 +146,6 @@ exports.cliErrorsConfig = {
             new RegExp("Failed to clone external Git repository"),
         ],
     },
-    [CliConfigErrorCategory.GracefulOutOfMemory]: {
-        cliErrorMessageCandidates: [new RegExp("CodeQL is out of memory.")],
-    },
     [CliConfigErrorCategory.GradleBuildFailed]: {
         cliErrorMessageCandidates: [
             new RegExp("[autobuild] FAILURE: Build failed with an exception."),
@@ -162,6 +163,12 @@ exports.cliErrorsConfig = {
         ],
         additionalErrorMessageToAppend: `Is the "init" action called twice in the same job?`,
     },
+    [CliConfigErrorCategory.InvalidConfigFile]: {
+        cliErrorMessageCandidates: [
+            new RegExp("Config file .* is not valid"),
+            new RegExp("The supplied config file is empty"),
+        ],
+    },
     // Expected source location for database creation does not exist
     [CliConfigErrorCategory.InvalidSourceRoot]: {
         cliErrorMessageCandidates: [new RegExp("Invalid source root")],
@@ -200,11 +207,25 @@ exports.cliErrorsConfig = {
             new RegExp("No supported build system detected"),
         ],
     },
+    [CliConfigErrorCategory.OutOfMemoryOrDisk]: {
+        cliErrorMessageCandidates: [
+            new RegExp("CodeQL is out of memory."),
+            new RegExp("out of disk"),
+            new RegExp("No space left on device"),
+        ],
+        additionalErrorMessageToAppend: "For more information, see https://gh.io/troubleshooting-code-scanning/out-of-disk-or-memory",
+    },
     [CliConfigErrorCategory.PackCannotBeFound]: {
         cliErrorMessageCandidates: [
             new RegExp("Query pack .* cannot be found\\. Check the spelling of the pack\\."),
         ],
     },
+    [CliConfigErrorCategory.PackMissingAuth]: {
+        cliErrorMessageCandidates: [
+            new RegExp("GitHub Container registry .* 403 Forbidden"),
+            new RegExp("Do you need to specify a token to authenticate to the registry?"),
+        ],
+    },
     [CliConfigErrorCategory.SwiftBuildFailed]: {
         cliErrorMessageCandidates: [
             new RegExp("\\[autobuilder/build\\] \\[build-command-failed\\] `autobuild` failed to run the build command"),
@@ -237,7 +258,6 @@ function getCliConfigCategoryIfExists(cliError) {
     }
     return undefined;
 }
-exports.getCliConfigCategoryIfExists = getCliConfigCategoryIfExists;
 /**
  * Changes an error received from the CLI to a ConfigurationError with optionally an extra
  * error message appended, if it exists in a known set of configuration errors. Otherwise,
@@ -258,5 +278,4 @@ function wrapCliConfigurationError(cliError) {
     }
     return new util_1.ConfigurationError(errorMessageBuilder);
 }
-exports.wrapCliConfigurationError = wrapCliConfigurationError;
 //# sourceMappingURL=cli-errors.js.map

lib/codeql.js

@@ -23,7 +23,17 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getGeneratedCodeScanningConfigPath = exports.getTrapCachingExtractorConfigArgsForLang = exports.getTrapCachingExtractorConfigArgs = exports.getExtraOptions = exports.getCodeQLForCmd = exports.getCodeQLForTesting = exports.getCachedCodeQL = exports.setCodeQL = exports.getCodeQL = exports.setupCodeQL = exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = void 0;
+exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE = exports.CODEQL_VERSION_ANALYSIS_SUMMARY_V2 = exports.CODEQL_VERSION_LANGUAGE_ALIASING = exports.CODEQL_VERSION_LANGUAGE_BASELINE_CONFIG = exports.CODEQL_VERSION_RESOLVE_ENVIRONMENT = exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED = void 0;
+exports.setupCodeQL = setupCodeQL;
+exports.getCodeQL = getCodeQL;
+exports.setCodeQL = setCodeQL;
+exports.getCachedCodeQL = getCachedCodeQL;
+exports.getCodeQLForTesting = getCodeQLForTesting;
+exports.getCodeQLForCmd = getCodeQLForCmd;
+exports.getExtraOptions = getExtraOptions;
+exports.getTrapCachingExtractorConfigArgs = getTrapCachingExtractorConfigArgs;
+exports.getTrapCachingExtractorConfigArgsForLang = getTrapCachingExtractorConfigArgsForLang;
+exports.getGeneratedCodeScanningConfigPath = getGeneratedCodeScanningConfigPath;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const core = __importStar(require("@actions/core"));
@@ -137,7 +147,6 @@ async function setupCodeQL(toolsInput, apiDetails, tempDir, variant, defaultCliV
         throw new Error(`Unable to download and extract CodeQL CLI: ${(0, util_1.wrapError)(e).message}`);
     }
 }
-exports.setupCodeQL = setupCodeQL;
 /**
  * Use the CodeQL executable located at the given path.
  */
@@ -147,7 +156,6 @@ async function getCodeQL(cmd) {
     }
     return cachedCodeQL;
 }
-exports.getCodeQL = getCodeQL;
 function resolveFunction(partialCodeql, methodName, defaultImplementation) {
     if (typeof partialCodeql[methodName] !== "function") {
         if (defaultImplementation !== undefined) {
@@ -197,7 +205,6 @@ function setCodeQL(partialCodeql) {
     };
     return cachedCodeQL;
 }
-exports.setCodeQL = setCodeQL;
 /**
  * Get the cached CodeQL object. Should only be used from tests.
  *
@@ -211,7 +218,6 @@ function getCachedCodeQL() {
     }
     return cachedCodeQL;
 }
-exports.getCachedCodeQL = getCachedCodeQL;
 /**
  * Get a real, newly created CodeQL instance for testing. The instance refers to
  * a non-existent placeholder codeql command, so tests that use this function
@@ -220,7 +226,6 @@ exports.getCachedCodeQL = getCachedCodeQL;
 async function getCodeQLForTesting(cmd = "codeql-for-testing") {
     return getCodeQLForCmd(cmd, false);
 }
-exports.getCodeQLForTesting = getCodeQLForTesting;
 /**
  * Return a CodeQL object for CodeQL CLI access.
  *
@@ -283,10 +288,13 @@ async function getCodeQLForCmd(cmd, checkVersion) {
             else if (await util.codeQlVersionAtLeast(this, exports.CODEQL_VERSION_SUBLANGUAGE_FILE_COVERAGE)) {
                 extraArgs.push("--no-sublanguage-file-coverage");
             }
+            const overwriteFlag = (0, tools_features_1.isSupportedToolsFeature)(await this.getVersion(), tools_features_1.ToolsFeature.ForceOverwrite)
+                ? "--force-overwrite"
+                : "--overwrite";
             await runTool(cmd, [
                 "database",
                 "init",
-                "--overwrite",
+                overwriteFlag,
                 "--db-cluster",
                 config.dbLocation,
                 `--source-root=${sourceRoot}`,
@@ -340,6 +348,8 @@ async function getCodeQLForCmd(cmd, checkVersion) {
                     "database",
                     "trace-command",
                     "--use-build-mode",
+                    "--working-dir",
+                    process.cwd(),
                     ...(await getTrapCachingExtractorConfigArgsForLang(config, language)),
                     ...getExtractionVerbosityArguments(config.debugMode),
                     ...getExtraOptionsFromEnv(["database", "trace-command"]),
@@ -703,7 +713,6 @@ async function getCodeQLForCmd(cmd, checkVersion) {
     }
     return codeql;
 }
-exports.getCodeQLForCmd = getCodeQLForCmd;
 /**
  * Gets the options for `path` of `options` as an array of extra option strings.
  *
@@ -751,7 +760,6 @@ function getExtraOptions(options, paths, pathInfo) {
         : getExtraOptions(options?.[paths[0]], paths?.slice(1), pathInfo.concat(paths[0]));
     return all.concat(specific);
 }
-exports.getExtraOptions = getExtraOptions;
 /*
  * A constant defining the maximum number of characters we will keep from
  * the programs stderr for logging. This serves two purposes:
@@ -860,7 +868,6 @@ async function getTrapCachingExtractorConfigArgs(config) {
         result.push(await getTrapCachingExtractorConfigArgsForLang(config, language));
     return result.flat();
 }
-exports.getTrapCachingExtractorConfigArgs = getTrapCachingExtractorConfigArgs;
 async function getTrapCachingExtractorConfigArgsForLang(config, language) {
     const cacheDir = config.trapCaches[language];
     if (cacheDir === undefined)
@@ -872,7 +879,6 @@ async function getTrapCachingExtractorConfigArgsForLang(config, language) {
         `-O=${language}.trap.cache.write=${write}`,
     ];
 }
-exports.getTrapCachingExtractorConfigArgsForLang = getTrapCachingExtractorConfigArgsForLang;
 /**
  * Get the path to the code scanning configuration generated by the CLI.
  *
@@ -881,7 +887,6 @@ exports.getTrapCachingExtractorConfigArgsForLang = getTrapCachingExtractorConfig
 function getGeneratedCodeScanningConfigPath(config) {
     return path.resolve(config.tempDir, "user-config.yaml");
 }
-exports.getGeneratedCodeScanningConfigPath = getGeneratedCodeScanningConfigPath;
 async function isDiagnosticsExportInvalidSarifFixed(codeql) {
     return await util.codeQlVersionAtLeast(codeql, exports.CODEQL_VERSION_DIAGNOSTICS_EXPORT_FIXED);
 }

lib/codeql.test.js

@@ -26,7 +26,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.stubToolRunnerConstructor = void 0;
+exports.stubToolRunnerConstructor = stubToolRunnerConstructor;
 const fs = __importStar(require("fs"));
 const toolrunner = __importStar(require("@actions/exec/lib/toolrunner"));
 const toolcache = __importStar(require("@actions/tool-cache"));
@@ -522,8 +522,9 @@ for (const { codeqlVersion, flagPassed, githubVersion, negativeFlagPassed, } of
         // safeWhich throws because of the test CodeQL object.
         sinon.stub(safeWhich, "safeWhich").resolves("");
         await codeqlObject.databaseInterpretResults("", [], "", "", "", "-v", "", Object.assign({}, stubConfig, { gitHubVersion: githubVersion }), (0, testing_utils_1.createFeatures)([]), (0, logging_1.getRunnerLogger)(true));
-        t.is(runnerConstructorStub.firstCall.args[1].includes("--new-analysis-summary"), flagPassed, `--new-analysis-summary should${flagPassed ? "" : "n't"} be passed`);
-        t.is(runnerConstructorStub.firstCall.args[1].includes("--no-new-analysis-summary"), negativeFlagPassed, `--no-new-analysis-summary should${negativeFlagPassed ? "" : "n't"} be passed`);
+        const actualArgs = runnerConstructorStub.firstCall.args[1];
+        t.is(actualArgs.includes("--new-analysis-summary"), flagPassed, `--new-analysis-summary should${flagPassed ? "" : "n't"} be passed`);
+        t.is(actualArgs.includes("--no-new-analysis-summary"), negativeFlagPassed, `--no-new-analysis-summary should${negativeFlagPassed ? "" : "n't"} be passed`);
     });
 }
 (0, ava_1.default)("database finalize does not override no code found error on CodeQL 2.12.6", async (t) => {
@@ -647,5 +648,4 @@ function stubToolRunnerConstructor(exitCode = 0, stderr) {
     });
     return runnerConstructorStub;
 }
-exports.stubToolRunnerConstructor = stubToolRunnerConstructor;
 //# sourceMappingURL=codeql.test.js.map

lib/config-utils.js

@@ -23,7 +23,30 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.parseBuildModeInput = exports.wrapEnvironment = exports.generateRegistries = exports.getConfig = exports.getPathToParsedConfigFile = exports.initConfig = exports.validatePackSpecification = exports.parsePacksSpecification = exports.parsePacksFromInput = exports.calculateAugmentation = exports.getDefaultConfig = exports.getRawLanguages = exports.getLanguageAliases = exports.getLanguages = exports.getLanguagesInRepo = exports.getUnknownLanguagesError = exports.getNoLanguagesError = exports.getConfigFileDirectoryGivenMessage = exports.getConfigFileFormatInvalidMessage = exports.getConfigFileRepoFormatInvalidMessage = exports.getConfigFileDoesNotExistErrorMessage = exports.getConfigFileOutsideWorkspaceErrorMessage = exports.getPacksStrInvalid = exports.defaultAugmentationProperties = void 0;
+exports.defaultAugmentationProperties = void 0;
+exports.getPacksStrInvalid = getPacksStrInvalid;
+exports.getConfigFileOutsideWorkspaceErrorMessage = getConfigFileOutsideWorkspaceErrorMessage;
+exports.getConfigFileDoesNotExistErrorMessage = getConfigFileDoesNotExistErrorMessage;
+exports.getConfigFileRepoFormatInvalidMessage = getConfigFileRepoFormatInvalidMessage;
+exports.getConfigFileFormatInvalidMessage = getConfigFileFormatInvalidMessage;
+exports.getConfigFileDirectoryGivenMessage = getConfigFileDirectoryGivenMessage;
+exports.getNoLanguagesError = getNoLanguagesError;
+exports.getUnknownLanguagesError = getUnknownLanguagesError;
+exports.getLanguagesInRepo = getLanguagesInRepo;
+exports.getLanguages = getLanguages;
+exports.getLanguageAliases = getLanguageAliases;
+exports.getRawLanguages = getRawLanguages;
+exports.getDefaultConfig = getDefaultConfig;
+exports.calculateAugmentation = calculateAugmentation;
+exports.parsePacksFromInput = parsePacksFromInput;
+exports.parsePacksSpecification = parsePacksSpecification;
+exports.validatePackSpecification = validatePackSpecification;
+exports.initConfig = initConfig;
+exports.getPathToParsedConfigFile = getPathToParsedConfigFile;
+exports.getConfig = getConfig;
+exports.generateRegistries = generateRegistries;
+exports.wrapEnvironment = wrapEnvironment;
+exports.parseBuildModeInput = parseBuildModeInput;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const perf_hooks_1 = require("perf_hooks");
@@ -52,29 +75,23 @@ function getPacksStrInvalid(packStr, configFile) {
         ? getConfigFilePropertyError(configFile, PACKS_PROPERTY, `"${packStr}" is not a valid pack`)
         : `"${packStr}" is not a valid pack`;
 }
-exports.getPacksStrInvalid = getPacksStrInvalid;
 function getConfigFileOutsideWorkspaceErrorMessage(configFile) {
     return `The configuration file "${configFile}" is outside of the workspace`;
 }
-exports.getConfigFileOutsideWorkspaceErrorMessage = getConfigFileOutsideWorkspaceErrorMessage;
 function getConfigFileDoesNotExistErrorMessage(configFile) {
     return `The configuration file "${configFile}" does not exist`;
 }
-exports.getConfigFileDoesNotExistErrorMessage = getConfigFileDoesNotExistErrorMessage;
 function getConfigFileRepoFormatInvalidMessage(configFile) {
     let error = `The configuration file "${configFile}" is not a supported remote file reference.`;
     error += " Expected format <owner>/<repository>/<file-path>@<ref>";
     return error;
 }
-exports.getConfigFileRepoFormatInvalidMessage = getConfigFileRepoFormatInvalidMessage;
 function getConfigFileFormatInvalidMessage(configFile) {
     return `The configuration file "${configFile}" could not be read`;
 }
-exports.getConfigFileFormatInvalidMessage = getConfigFileFormatInvalidMessage;
 function getConfigFileDirectoryGivenMessage(configFile) {
     return `The configuration file "${configFile}" looks like a directory, not a file`;
 }
-exports.getConfigFileDirectoryGivenMessage = getConfigFileDirectoryGivenMessage;
 function getConfigFilePropertyError(configFile, property, error) {
     if (configFile === undefined) {
         return `The workflow property "${property}" is invalid: ${error}`;
@@ -87,11 +104,9 @@ function getNoLanguagesError() {
     return ("Did not detect any languages to analyze. " +
         "Please update input in workflow or check that GitHub detects the correct languages in your repository.");
 }
-exports.getNoLanguagesError = getNoLanguagesError;
 function getUnknownLanguagesError(languages) {
     return `Did not recognize the following languages: ${languages.join(", ")}`;
 }
-exports.getUnknownLanguagesError = getUnknownLanguagesError;
 /**
  * Gets the set of languages in the current repository that are
  * scannable by CodeQL.
@@ -116,7 +131,6 @@ async function getLanguagesInRepo(repository, logger) {
     }
     return [...languages];
 }
-exports.getLanguagesInRepo = getLanguagesInRepo;
 /**
  * Get the languages to analyse.
  *
@@ -170,7 +184,6 @@ async function getLanguages(codeQL, languagesInput, repository, logger) {
     }
     return parsedLanguages;
 }
-exports.getLanguages = getLanguages;
 /**
  * Gets the set of languages supported by CodeQL, along with their aliases if supported by the
  * version of the CLI.
@@ -181,7 +194,6 @@ async function getLanguageAliases(codeql) {
     }
     return undefined;
 }
-exports.getLanguageAliases = getLanguageAliases;
 /**
  * Gets the set of languages in the current repository without checking to
  * see if these languages are actually supported by CodeQL.
@@ -209,7 +221,6 @@ async function getRawLanguages(languagesInput, repository, logger) {
     }
     return { rawLanguages, autodetected };
 }
-exports.getRawLanguages = getRawLanguages;
 /**
  * Get the default config for when the user has not supplied one.
  */
@@ -234,7 +245,6 @@ async function getDefaultConfig({ languagesInput, queriesInput, packsInput, buil
         trapCacheDownloadTime,
     };
 }
-exports.getDefaultConfig = getDefaultConfig;
 async function downloadCacheWithTime(trapCachingEnabled, codeQL, languages, logger) {
     let trapCaches = {};
     let trapCacheDownloadTime = 0;
@@ -315,7 +325,6 @@ function calculateAugmentation(rawPacksInput, rawQueriesInput, languages) {
         queriesInputCombines,
     };
 }
-exports.calculateAugmentation = calculateAugmentation;
 function parseQueriesFromInput(rawQueriesInput, queriesInputCombines) {
     if (!rawQueriesInput) {
         return undefined;
@@ -363,7 +372,6 @@ function parsePacksFromInput(rawPacksInput, languages, packsInputCombines) {
         }, []),
     };
 }
-exports.parsePacksFromInput = parsePacksFromInput;
 /**
  * Validates that this package specification is syntactically correct.
  * It may not point to any real package, but after this function returns
@@ -436,11 +444,9 @@ function parsePacksSpecification(packStr) {
         path: packPath,
     };
 }
-exports.parsePacksSpecification = parsePacksSpecification;
 function validatePackSpecification(pack) {
     return (0, util_1.prettyPrintPack)(parsePacksSpecification(pack));
 }
-exports.validatePackSpecification = validatePackSpecification;
 /**
  * The convention in this action is that an input value that is prefixed with a '+' will
  * be combined with the corresponding value in the config file.
@@ -491,7 +497,6 @@ async function initConfig(inputs) {
     await saveConfig(config, logger);
     return config;
 }
-exports.initConfig = initConfig;
 function parseRegistries(registriesInput) {
     try {
         return registriesInput
@@ -550,7 +555,6 @@ async function getRemoteConfig(configFile, apiDetails) {
 function getPathToParsedConfigFile(tempDir) {
     return path.join(tempDir, "config");
 }
-exports.getPathToParsedConfigFile = getPathToParsedConfigFile;
 /**
  * Store the given config to the path returned from getPathToParsedConfigFile.
  */
@@ -576,7 +580,6 @@ async function getConfig(tempDir, logger) {
     logger.debug(configString);
     return JSON.parse(configString);
 }
-exports.getConfig = getConfig;
 /**
  * Generate a `qlconfig.yml` file from the `registries` input.
  * This file is used by the CodeQL CLI to list the registries to use for each
@@ -615,7 +618,6 @@ async function generateRegistries(registriesInput, tempDir, logger) {
         qlconfigFile,
     };
 }
-exports.generateRegistries = generateRegistries;
 function createRegistriesBlock(registries) {
     if (!Array.isArray(registries) ||
         registries.some((r) => !r.url || !r.packages)) {
@@ -665,7 +667,6 @@ async function wrapEnvironment(env, operation) {
         }
     }
 }
-exports.wrapEnvironment = wrapEnvironment;
 // Exported for testing
 async function parseBuildModeInput(input, languages, features, logger) {
     if (input === undefined) {
@@ -674,6 +675,11 @@ async function parseBuildModeInput(input, languages, features, logger) {
     if (!Object.values(util_1.BuildMode).includes(input)) {
         throw new util_1.ConfigurationError(`Invalid build mode: '${input}'. Supported build modes are: ${Object.values(util_1.BuildMode).join(", ")}.`);
     }
+    if (languages.includes(languages_1.Language.csharp) &&
+        (await features.getValue(feature_flags_1.Feature.DisableCsharpBuildless))) {
+        logger.warning("Scanning C# code without a build is temporarily unavailable. Falling back to 'autobuild' build mode.");
+        return util_1.BuildMode.Autobuild;
+    }
     if (languages.includes(languages_1.Language.java) &&
         (await features.getValue(feature_flags_1.Feature.DisableJavaBuildlessEnabled))) {
         logger.warning("Scanning Java code without a build is temporarily unavailable. Falling back to 'autobuild' build mode.");
@@ -681,5 +687,4 @@ async function parseBuildModeInput(input, languages, features, logger) {
     }
     return input;
 }
-exports.parseBuildModeInput = parseBuildModeInput;
 //# sourceMappingURL=config-utils.js.map

lib/config-utils.test.js

@@ -764,27 +764,40 @@ const mockRepositoryNwo = (0, repository_1.parseRepositoryNwo)("owner/repo");
         t.deepEqual(mockRequest.called, args.expectedApiCall);
     });
 });
-(0, ava_1.default)("Build mode not overridden when disable Java buildless feature flag disabled", async (t) => {
-    const messages = [];
-    const buildMode = await configUtils.parseBuildModeInput("none", [languages_1.Language.java], (0, testing_utils_1.createFeatures)([]), (0, testing_utils_1.getRecordingLogger)(messages));
-    t.is(buildMode, util_1.BuildMode.None);
-    t.deepEqual(messages, []);
-});
-(0, ava_1.default)("Build mode not overridden for other languages", async (t) => {
-    const messages = [];
-    const buildMode = await configUtils.parseBuildModeInput("none", [languages_1.Language.python], (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.DisableJavaBuildlessEnabled]), (0, testing_utils_1.getRecordingLogger)(messages));
-    t.is(buildMode, util_1.BuildMode.None);
-    t.deepEqual(messages, []);
-});
-(0, ava_1.default)("Build mode overridden when analyzing Java and disable Java buildless feature flag enabled", async (t) => {
-    const messages = [];
-    const buildMode = await configUtils.parseBuildModeInput("none", [languages_1.Language.java], (0, testing_utils_1.createFeatures)([feature_flags_1.Feature.DisableJavaBuildlessEnabled]), (0, testing_utils_1.getRecordingLogger)(messages));
-    t.is(buildMode, util_1.BuildMode.Autobuild);
-    t.deepEqual(messages, [
-        {
-            message: "Scanning Java code without a build is temporarily unavailable. Falling back to 'autobuild' build mode.",
-            type: "warning",
-        },
-    ]);
-});
+for (const { displayName, language, feature } of [
+    {
+        displayName: "Java",
+        language: languages_1.Language.java,
+        feature: feature_flags_1.Feature.DisableJavaBuildlessEnabled,
+    },
+    {
+        displayName: "C#",
+        language: languages_1.Language.csharp,
+        feature: feature_flags_1.Feature.DisableCsharpBuildless,
+    },
+]) {
+    (0, ava_1.default)(`Build mode not overridden when disable ${displayName} buildless feature flag disabled`, async (t) => {
+        const messages = [];
+        const buildMode = await configUtils.parseBuildModeInput("none", [language], (0, testing_utils_1.createFeatures)([]), (0, testing_utils_1.getRecordingLogger)(messages));
+        t.is(buildMode, util_1.BuildMode.None);
+        t.deepEqual(messages, []);
+    });
+    (0, ava_1.default)(`Build mode not overridden for other languages when disable ${displayName} buildless feature flag enabled`, async (t) => {
+        const messages = [];
+        const buildMode = await configUtils.parseBuildModeInput("none", [languages_1.Language.python], (0, testing_utils_1.createFeatures)([feature]), (0, testing_utils_1.getRecordingLogger)(messages));
+        t.is(buildMode, util_1.BuildMode.None);
+        t.deepEqual(messages, []);
+    });
+    (0, ava_1.default)(`Build mode overridden when analyzing ${displayName} and disable ${displayName} buildless feature flag enabled`, async (t) => {
+        const messages = [];
+        const buildMode = await configUtils.parseBuildModeInput("none", [language], (0, testing_utils_1.createFeatures)([feature]), (0, testing_utils_1.getRecordingLogger)(messages));
+        t.is(buildMode, util_1.BuildMode.Autobuild);
+        t.deepEqual(messages, [
+            {
+                message: `Scanning ${displayName} code without a build is temporarily unavailable. Falling back to 'autobuild' build mode.`,
+                type: "warning",
+            },
+        ]);
+    });
+}
 //# sourceMappingURL=config-utils.test.js.map

lib/database-upload.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.uploadDatabases = void 0;
+exports.uploadDatabases = uploadDatabases;
 const fs = __importStar(require("fs"));
 const actionsUtil = __importStar(require("./actions-util"));
 const api_client_1 = require("./api-client");
@@ -35,9 +35,14 @@ async function uploadDatabases(repositoryNwo, config, apiDetails, logger) {
         logger.debug("Database upload disabled in workflow. Skipping upload.");
         return;
     }
+    if (util.isInTestMode()) {
+        logger.debug("In test mode. Skipping database upload.");
+        return;
+    }
     // Do nothing when not running against github.com
-    if (config.gitHubVersion.type !== util.GitHubVariant.DOTCOM) {
-        logger.debug("Not running against github.com. Skipping upload.");
+    if (config.gitHubVersion.type !== util.GitHubVariant.DOTCOM &&
+        config.gitHubVersion.type !== util.GitHubVariant.GHE_DOTCOM) {
+        logger.debug("Not running against github.com or GHEC-DR. Skipping upload.");
         return;
     }
     if (!(await actionsUtil.isAnalyzingDefaultBranch())) {
@@ -47,6 +52,14 @@ async function uploadDatabases(repositoryNwo, config, apiDetails, logger) {
     }
     const client = (0, api_client_1.getApiClient)();
     const codeql = await (0, codeql_1.getCodeQL)(config.codeQLCmd);
+    const uploadsUrl = new URL((0, util_1.parseGitHubUrl)(apiDetails.url));
+    uploadsUrl.hostname = `uploads.${uploadsUrl.hostname}`;
+    // Octokit expects the baseUrl to not have a trailing slash,
+    // but it is included by default in a URL.
+    let uploadsBaseUrl = uploadsUrl.toString();
+    if (uploadsBaseUrl.endsWith("/")) {
+        uploadsBaseUrl = uploadsBaseUrl.slice(0, -1);
+    }
     for (const language of config.languages) {
         try {
             // Upload the database bundle.
@@ -58,7 +71,8 @@ async function uploadDatabases(repositoryNwo, config, apiDetails, logger) {
             const bundledDbReadStream = fs.createReadStream(bundledDb);
             const commitOid = await actionsUtil.getCommitOid(actionsUtil.getRequiredInput("checkout_path"));
             try {
-                await client.request(`POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name&commit_oid=:commit_oid`, {
+                await client.request(`POST /repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name&commit_oid=:commit_oid`, {
+                    baseUrl: uploadsBaseUrl,
                     owner: repositoryNwo.owner,
                     repo: repositoryNwo.repo,
                     language,
@@ -78,11 +92,9 @@ async function uploadDatabases(repositoryNwo, config, apiDetails, logger) {
             }
         }
         catch (e) {
-            console.log(e);
             // Log a warning but don't fail the workflow
             logger.warning(`Failed to upload database for ${language}: ${e}`);
         }
     }
 }
-exports.uploadDatabases = uploadDatabases;
 //# sourceMappingURL=database-upload.js.map

lib/database-upload.js.map

@@ -1 +1 @@
-{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkC;AAE3B,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE,CAAC;QAC/D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;IACT,CAAC;IAED,iDAAiD;IACjD,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC;QAC5D,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO;IACT,CAAC;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE,CAAC;QACpD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,8BAA8B;YAC9B,2EAA2E;YAC3E,8EAA8E;YAC9E,wEAAwE;YACxE,MAAM,SAAS,GAAG,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;YACrE,MAAM,aAAa,GAAG,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC;YAClD,MAAM,mBAAmB,GAAG,EAAE,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;YAC3D,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,YAAY,CAC9C,WAAW,CAAC,gBAAgB,CAAC,eAAe,CAAC,CAC9C,CAAC;YACF,IAAI,CAAC;gBACH,MAAM,MAAM,CAAC,OAAO,CAClB,+HAA+H,EAC/H;oBACE,KAAK,EAAE,aAAa,CAAC,KAAK;oBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;oBACxB,QAAQ;oBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;oBAC5B,UAAU,EAAE,SAAS;oBACrB,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE;wBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;wBACzC,cAAc,EAAE,iBAAiB;wBACjC,gBAAgB,EAAE,aAAa;qBAChC;iBACF,CACF,CAAC;gBACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;YACjE,CAAC;oBAAS,CAAC;gBACT,mBAAmB,CAAC,KAAK,EAAE,CAAC;YAC9B,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACf,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;AACH,CAAC;AAjED,0CAiEC"}
+{"version":3,"file":"database-upload.js","sourceRoot":"","sources":["../src/database-upload.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAWA,0CAmFC;AA9FD,uCAAyB;AAEzB,4DAA8C;AAC9C,6CAA8D;AAC9D,qCAAqC;AAIrC,6CAA+B;AAC/B,iCAAkD;AAE3C,KAAK,UAAU,eAAe,CACnC,aAA4B,EAC5B,MAAc,EACd,UAA4B,EAC5B,MAAc;IAEd,IAAI,WAAW,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,MAAM,EAAE,CAAC;QAC/D,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,OAAO;IACT,CAAC;IAED,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;QACxB,MAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO;IACT,CAAC;IAED,iDAAiD;IACjD,IACE,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,MAAM;QACvD,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,UAAU,EAC3D,CAAC;QACD,MAAM,CAAC,KAAK,CAAC,6DAA6D,CAAC,CAAC;QAC5E,OAAO;IACT,CAAC;IAED,IAAI,CAAC,CAAC,MAAM,WAAW,CAAC,wBAAwB,EAAE,CAAC,EAAE,CAAC;QACpD,4EAA4E;QAC5E,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAA,yBAAY,GAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAEjD,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,IAAA,qBAAc,EAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3D,UAAU,CAAC,QAAQ,GAAG,WAAW,UAAU,CAAC,QAAQ,EAAE,CAAC;IAEvD,4DAA4D;IAC5D,0CAA0C;IAC1C,IAAI,cAAc,GAAG,UAAU,CAAC,QAAQ,EAAE,CAAC;IAC3C,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACjC,cAAc,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;IAED,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,8BAA8B;YAC9B,2EAA2E;YAC3E,8EAA8E;YAC9E,wEAAwE;YACxE,MAAM,SAAS,GAAG,MAAM,IAAA,eAAQ,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;YACrE,MAAM,aAAa,GAAG,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC;YAClD,MAAM,mBAAmB,GAAG,EAAE,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;YAC3D,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,YAAY,CAC9C,WAAW,CAAC,gBAAgB,CAAC,eAAe,CAAC,CAC9C,CAAC;YACF,IAAI,CAAC;gBACH,MAAM,MAAM,CAAC,OAAO,CAClB,qGAAqG,EACrG;oBACE,OAAO,EAAE,cAAc;oBACvB,KAAK,EAAE,aAAa,CAAC,KAAK;oBAC1B,IAAI,EAAE,aAAa,CAAC,IAAI;oBACxB,QAAQ;oBACR,IAAI,EAAE,GAAG,QAAQ,WAAW;oBAC5B,UAAU,EAAE,SAAS;oBACrB,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE;wBACP,aAAa,EAAE,SAAS,UAAU,CAAC,IAAI,EAAE;wBACzC,cAAc,EAAE,iBAAiB;wBACjC,gBAAgB,EAAE,aAAa;qBAChC;iBACF,CACF,CAAC;gBACF,MAAM,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAC;YACjE,CAAC;oBAAS,CAAC;gBACT,mBAAmB,CAAC,KAAK,EAAE,CAAC;YAC9B,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,4CAA4C;YAC5C,MAAM,CAAC,OAAO,CAAC,iCAAiC,QAAQ,KAAK,CAAC,EAAE,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;AACH,CAAC"}

lib/database-upload.test.js

@@ -57,7 +57,7 @@ async function mockHttpRequests(databaseUploadStatusCode) {
     // Passing an auth token is required, so we just use a dummy value
     const client = github.getOctokit("123");
     const requestSpy = sinon.stub(client, "request");
-    const url = "POST https://uploads.github.com/repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name&commit_oid=:commit_oid";
+    const url = "POST /repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name&commit_oid=:commit_oid";
     const databaseUploadSpy = requestSpy.withArgs(url);
     if (databaseUploadStatusCode < 300) {
         databaseUploadSpy.resolves(undefined);
@@ -66,6 +66,7 @@ async function mockHttpRequests(databaseUploadStatusCode) {
         databaseUploadSpy.throws(new util_1.HTTPError("some error message", databaseUploadStatusCode));
     }
     sinon.stub(apiClient, "getApiClient").value(() => client);
+    return databaseUploadSpy;
 }
 (0, ava_1.default)("Abort database upload if 'upload-database' input set to false", async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {
@@ -95,7 +96,8 @@ async function mockHttpRequests(databaseUploadStatusCode) {
         const loggedMessages = [];
         await (0, database_upload_1.uploadDatabases)(testRepoName, config, testApiDetails, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
         t.assert(loggedMessages.find((v) => v.type === "debug" &&
-            v.message === "Not running against github.com. Skipping upload.") !== undefined);
+            v.message ===
+                "Not running against github.com or GHEC-DR. Skipping upload.") !== undefined);
     });
 });
 (0, ava_1.default)("Abort database upload if not analyzing default branch", async (t) => {
@@ -133,7 +135,7 @@ async function mockHttpRequests(databaseUploadStatusCode) {
                 "Failed to upload database for javascript: Error: some error message") !== undefined);
     });
 });
-(0, ava_1.default)("Successfully uploading a database to api.github.com", async (t) => {
+(0, ava_1.default)("Successfully uploading a database to github.com", async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {
         (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
         sinon
@@ -153,7 +155,7 @@ async function mockHttpRequests(databaseUploadStatusCode) {
             v.message === "Successfully uploaded database for javascript") !== undefined);
     });
 });
-(0, ava_1.default)("Successfully uploading a database to uploads.github.com", async (t) => {
+(0, ava_1.default)("Successfully uploading a database to GHEC-DR", async (t) => {
     await (0, util_1.withTmpDir)(async (tmpDir) => {
         (0, testing_utils_1.setupActionsVars)(tmpDir, tmpDir);
         sinon
@@ -161,16 +163,21 @@ async function mockHttpRequests(databaseUploadStatusCode) {
             .withArgs("upload-database")
             .returns("true");
         sinon.stub(actionsUtil, "isAnalyzingDefaultBranch").resolves(true);
-        await mockHttpRequests(201);
+        const databaseUploadSpy = await mockHttpRequests(201);
         (0, codeql_1.setCodeQL)({
             async databaseBundle(_, outputFilePath) {
                 fs.writeFileSync(outputFilePath, "");
             },
         });
         const loggedMessages = [];
-        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), testApiDetails, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
+        await (0, database_upload_1.uploadDatabases)(testRepoName, getTestConfig(tmpDir), {
+            auth: "1234",
+            url: "https://tenant.ghe.com",
+            apiURL: undefined,
+        }, (0, testing_utils_1.getRecordingLogger)(loggedMessages));
         t.assert(loggedMessages.find((v) => v.type === "debug" &&
             v.message === "Successfully uploaded database for javascript") !== undefined);
+        t.assert(databaseUploadSpy.calledOnceWith(sinon.match.string, sinon.match.has("baseUrl", "https://uploads.tenant.ghe.com")));
     });
 });
 //# sourceMappingURL=database-upload.test.js.map

lib/debug-artifacts.js

@@ -26,7 +26,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.uploadDatabaseBundleDebugArtifact = exports.uploadLogsDebugArtifact = exports.uploadSarifDebugArtifact = exports.uploadDebugArtifacts = exports.sanitizeArifactName = void 0;
+exports.sanitizeArifactName = sanitizeArifactName;
+exports.uploadDebugArtifacts = uploadDebugArtifacts;
+exports.uploadSarifDebugArtifact = uploadSarifDebugArtifact;
+exports.uploadLogsDebugArtifact = uploadLogsDebugArtifact;
+exports.uploadDatabaseBundleDebugArtifact = uploadDatabaseBundleDebugArtifact;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const artifact = __importStar(require("@actions/artifact"));
@@ -40,7 +44,6 @@ const util_1 = require("./util");
 function sanitizeArifactName(name) {
     return name.replace(/[^a-zA-Z0-9_\\-]+/g, "");
 }
-exports.sanitizeArifactName = sanitizeArifactName;
 async function uploadDebugArtifacts(toUpload, rootDir, artifactName) {
     if (toUpload.length === 0) {
         return;
@@ -56,13 +59,18 @@ async function uploadDebugArtifacts(toUpload, rootDir, artifactName) {
             core.info("Could not parse user-specified `matrix` input into JSON. The debug artifact will not be named with the user's `matrix` input.");
         }
     }
-    await artifact.create().uploadArtifact(sanitizeArifactName(`${artifactName}${suffix}`), toUpload.map((file) => path.normalize(file)), path.normalize(rootDir), {
-        continueOnError: true,
-        // ensure we don't keep the debug artifacts around for too long since they can be large.
-        retentionDays: 7,
-    });
+    try {
+        await artifact.create().uploadArtifact(sanitizeArifactName(`${artifactName}${suffix}`), toUpload.map((file) => path.normalize(file)), path.normalize(rootDir), {
+            continueOnError: true,
+            // ensure we don't keep the debug artifacts around for too long since they can be large.
+            retentionDays: 7,
+        });
+    }
+    catch (e) {
+        // A failure to upload debug artifacts should not fail the entire action.
+        core.warning(`Failed to upload debug artifacts: ${e}`);
+    }
 }
-exports.uploadDebugArtifacts = uploadDebugArtifacts;
 async function uploadSarifDebugArtifact(config, outputDir) {
     if (!(0, util_1.doesDirectoryExist)(outputDir)) {
         return;
@@ -76,7 +84,6 @@ async function uploadSarifDebugArtifact(config, outputDir) {
     }
     await uploadDebugArtifacts(toUpload, outputDir, config.debugArtifactName);
 }
-exports.uploadSarifDebugArtifact = uploadSarifDebugArtifact;
 async function uploadLogsDebugArtifact(config) {
     let toUpload = [];
     for (const language of config.languages) {
@@ -93,7 +100,6 @@ async function uploadLogsDebugArtifact(config) {
     }
     await uploadDebugArtifacts(toUpload, config.dbLocation, config.debugArtifactName);
 }
-exports.uploadLogsDebugArtifact = uploadLogsDebugArtifact;
 /**
  * If a database has not been finalized, we cannot run the `codeql database bundle`
  * command in the CLI because it will return an error. Instead we directly zip
@@ -137,5 +143,4 @@ async function uploadDatabaseBundleDebugArtifact(config, logger) {
         }
     }
 }
-exports.uploadDatabaseBundleDebugArtifact = uploadDatabaseBundleDebugArtifact;
 //# sourceMappingURL=debug-artifacts.js.map

lib/debug-artifacts.js.map

@@ -1 +1 @@
-{"version":3,"file":"debug-artifacts.js","sourceRoot":"","sources":["../src/debug-artifacts.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,4DAA8C;AAC9C,oDAAsC;AACtC,sDAA6B;AAC7B,8CAAsB;AAEtB,iDAAkD;AAClD,uCAA0C;AAC1C,qCAAqC;AAIrC,iCAKgB;AAEhB,SAAgB,mBAAmB,CAAC,IAAY;IAC9C,OAAO,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC;AAChD,CAAC;AAFD,kDAEC;AAEM,KAAK,UAAU,oBAAoB,CACxC,QAAkB,EAClB,OAAe,EACf,YAAoB;IAEpB,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO;IACT,CAAC;IACD,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,KAAK,MAAM,CAAC,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CACxC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAY,CAC9B,CAAC,IAAI,EAAE;gBACN,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC9B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,IAAI,CACP,+HAA+H,CAChI,CAAC;QACJ,CAAC;IACH,CAAC;IACD,MAAM,QAAQ,CAAC,MAAM,EAAE,CAAC,cAAc,CACpC,mBAAmB,CAAC,GAAG,YAAY,GAAG,MAAM,EAAE,CAAC,EAC/C,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAC5C,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EACvB;QACE,eAAe,EAAE,IAAI;QACrB,wFAAwF;QACxF,aAAa,EAAE,CAAC;KACjB,CACF,CAAC;AACJ,CAAC;AAhCD,oDAgCC;AAEM,KAAK,UAAU,wBAAwB,CAC5C,MAAc,EACd,SAAiB;IAEjB,IAAI,CAAC,IAAA,yBAAkB,EAAC,SAAS,CAAC,EAAE,CAAC;QACnC,OAAO;IACT,CAAC;IAED,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,IAAI,QAAQ,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IACD,MAAM,oBAAoB,CAAC,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAC5E,CAAC;AAhBD,4DAgBC;AAEM,KAAK,UAAU,uBAAuB,CAAC,MAAc;IAC1D,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACxC,MAAM,iBAAiB,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClE,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;QAC7D,IAAI,IAAA,yBAAkB,EAAC,aAAa,CAAC,EAAE,CAAC;YACtC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,aAAa,CAAC,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,iCAAiC,GAAG,IAAI,CAAC,OAAO,CACpD,MAAM,CAAC,UAAU,EACjB,KAAK,CACN,CAAC;IACF,IAAI,IAAA,yBAAkB,EAAC,iCAAiC,CAAC,EAAE,CAAC;QAC1D,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,iCAAiC,CAAC,CAAC,CAAC;IAC5E,CAAC;IAED,MAAM,oBAAoB,CACxB,QAAQ,EACR,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;AACJ,CAAC;AAxBD,0DAwBC;AAED;;;;GAIG;AACH,KAAK,UAAU,2BAA2B,CACxC,MAAc,EACd,QAAkB;IAElB,MAAM,YAAY,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC7D,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CACrC,MAAM,CAAC,UAAU,EACjB,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,cAAc,CACtD,CAAC;IACF,IAAI,CAAC,IAAI,CACP,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,2DAA2D,kBAAkB,KAAK,CAC1H,CAAC;IACF,qEAAqE;IACrE,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACtC,MAAM,IAAA,aAAG,EAAC,kBAAkB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,iBAAM,EAAE,CAAC;IACzB,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACjC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;IACjC,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,MAAc,EACd,QAAkB;IAElB,kDAAkD;IAClD,MAAM,kBAAkB,GAAG,MAAM,IAAA,eAAQ,EACvC,MAAM,EACN,QAAQ,EACR,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,EACjC,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,EAAE,CAC1C,CAAC;IACF,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAEM,KAAK,UAAU,iCAAiC,CACrD,MAAc,EACd,MAAc;IAEd,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,IAAI,kBAA0B,CAAC;YAC/B,IAAI,CAAC,IAAA,uBAAa,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC;gBAC7C,kBAAkB,GAAG,MAAM,2BAA2B,CACpD,MAAM,EACN,QAAQ,CACT,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,kBAAkB,GAAG,MAAM,uBAAuB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,oBAAoB,CACxB,CAAC,kBAAkB,CAAC,EACpB,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,IAAI,CACP,8CAA8C,MAAM,CAAC,iBAAiB,IAAI,QAAQ,KAAK,KAAK,EAAE,CAC/F,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AA1BD,8EA0BC"}
+{"version":3,"file":"debug-artifacts.js","sourceRoot":"","sources":["../src/debug-artifacts.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqBA,kDAEC;AAED,oDAsCC;AAED,4DAgBC;AAED,0DAwBC;AA8CD,8EA0BC;AAnLD,uCAAyB;AACzB,2CAA6B;AAE7B,4DAA8C;AAC9C,oDAAsC;AACtC,sDAA6B;AAC7B,8CAAsB;AAEtB,iDAAkD;AAClD,uCAA0C;AAC1C,qCAAqC;AAIrC,iCAKgB;AAEhB,SAAgB,mBAAmB,CAAC,IAAY;IAC9C,OAAO,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC;AAChD,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,QAAkB,EAClB,OAAe,EACf,YAAoB;IAEpB,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO;IACT,CAAC;IACD,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,KAAK,MAAM,CAAC,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CACxC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAY,CAC9B,CAAC,IAAI,EAAE;gBACN,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC9B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,CAAC,IAAI,CACP,+HAA+H,CAChI,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,CAAC;QACH,MAAM,QAAQ,CAAC,MAAM,EAAE,CAAC,cAAc,CACpC,mBAAmB,CAAC,GAAG,YAAY,GAAG,MAAM,EAAE,CAAC,EAC/C,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAC5C,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EACvB;YACE,eAAe,EAAE,IAAI;YACrB,wFAAwF;YACxF,aAAa,EAAE,CAAC;SACjB,CACF,CAAC;IACJ,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,yEAAyE;QACzE,IAAI,CAAC,OAAO,CAAC,qCAAqC,CAAC,EAAE,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,wBAAwB,CAC5C,MAAc,EACd,SAAiB;IAEjB,IAAI,CAAC,IAAA,yBAAkB,EAAC,SAAS,CAAC,EAAE,CAAC;QACnC,OAAO;IACT,CAAC;IAED,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,IAAI,QAAQ,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IACD,MAAM,oBAAoB,CAAC,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAC5E,CAAC;AAEM,KAAK,UAAU,uBAAuB,CAAC,MAAc;IAC1D,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACxC,MAAM,iBAAiB,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClE,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;QAC7D,IAAI,IAAA,yBAAkB,EAAC,aAAa,CAAC,EAAE,CAAC;YACtC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,aAAa,CAAC,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,iCAAiC,GAAG,IAAI,CAAC,OAAO,CACpD,MAAM,CAAC,UAAU,EACjB,KAAK,CACN,CAAC;IACF,IAAI,IAAA,yBAAkB,EAAC,iCAAiC,CAAC,EAAE,CAAC;QAC1D,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAA,iBAAU,EAAC,iCAAiC,CAAC,CAAC,CAAC;IAC5E,CAAC;IAED,MAAM,oBAAoB,CACxB,QAAQ,EACR,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,2BAA2B,CACxC,MAAc,EACd,QAAkB;IAElB,MAAM,YAAY,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC7D,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CACrC,MAAM,CAAC,UAAU,EACjB,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,cAAc,CACtD,CAAC;IACF,IAAI,CAAC,IAAI,CACP,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,2DAA2D,kBAAkB,KAAK,CAC1H,CAAC;IACF,qEAAqE;IACrE,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACtC,MAAM,IAAA,aAAG,EAAC,kBAAkB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,iBAAM,EAAE,CAAC;IACzB,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACjC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;IACjC,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,MAAc,EACd,QAAkB;IAElB,kDAAkD;IAClD,MAAM,kBAAkB,GAAG,MAAM,IAAA,eAAQ,EACvC,MAAM,EACN,QAAQ,EACR,MAAM,IAAA,kBAAS,EAAC,MAAM,CAAC,SAAS,CAAC,EACjC,GAAG,MAAM,CAAC,iBAAiB,IAAI,QAAQ,EAAE,CAC1C,CAAC;IACF,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAEM,KAAK,UAAU,iCAAiC,CACrD,MAAc,EACd,MAAc;IAEd,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,IAAI,kBAA0B,CAAC;YAC/B,IAAI,CAAC,IAAA,uBAAa,EAAC,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC;gBAC7C,kBAAkB,GAAG,MAAM,2BAA2B,CACpD,MAAM,EACN,QAAQ,CACT,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,kBAAkB,GAAG,MAAM,uBAAuB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,oBAAoB,CACxB,CAAC,kBAAkB,CAAC,EACpB,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,iBAAiB,CACzB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,IAAI,CACP,8CAA8C,MAAM,CAAC,iBAAiB,IAAI,QAAQ,KAAK,KAAK,EAAE,CAC/F,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC"}

lib/defaults.json

@@ -1,6 +1,6 @@
 {
-    "bundleVersion": "codeql-bundle-v2.17.2",
-    "cliVersion": "2.17.2",
-    "priorBundleVersion": "codeql-bundle-v2.17.1",
-    "priorCliVersion": "2.17.1"
+    "bundleVersion": "codeql-bundle-v2.17.5",
+    "cliVersion": "2.17.5",
+    "priorBundleVersion": "codeql-bundle-v2.17.4",
+    "priorCliVersion": "2.17.4"
 }

lib/diagnostics.js

@@ -3,7 +3,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.flushDiagnostics = exports.logUnwrittenDiagnostics = exports.addDiagnostic = exports.makeDiagnostic = void 0;
+exports.makeDiagnostic = makeDiagnostic;
+exports.addDiagnostic = addDiagnostic;
+exports.logUnwrittenDiagnostics = logUnwrittenDiagnostics;
+exports.flushDiagnostics = flushDiagnostics;
 const fs_1 = require("fs");
 const path_1 = __importDefault(require("path"));
 const logging_1 = require("./logging");
@@ -25,7 +28,6 @@ function makeDiagnostic(id, name, data = undefined) {
         source: { ...data?.source, id, name },
     };
 }
-exports.makeDiagnostic = makeDiagnostic;
 /**
  * Adds the given diagnostic to the database. If the database does not yet exist,
  * the diagnostic will be written to it once it has been created.
@@ -47,7 +49,6 @@ function addDiagnostic(config, language, diagnostic) {
         unwrittenDiagnostics.push({ diagnostic, language });
     }
 }
-exports.addDiagnostic = addDiagnostic;
 /**
  * Writes the given diagnostic to the database.
  *
@@ -80,7 +81,6 @@ function logUnwrittenDiagnostics() {
         }
     }
 }
-exports.logUnwrittenDiagnostics = logUnwrittenDiagnostics;
 /** Writes all unwritten diagnostics to disk. */
 function flushDiagnostics(config) {
     const logger = (0, logging_1.getActionsLogger)();
@@ -91,5 +91,4 @@ function flushDiagnostics(config) {
     // Reset the unwritten diagnostics array.
     unwrittenDiagnostics = [];
 }
-exports.flushDiagnostics = flushDiagnostics;
 //# sourceMappingURL=diagnostics.js.map

lib/diagnostics.js.map

@@ -1 +1 @@
-{"version":3,"file":"diagnostics.js","sourceRoot":"","sources":["../src/diagnostics.ts"],"names":[],"mappings":";;;;;;AAAA,2BAA0D;AAC1D,gDAAwB;AAIxB,uCAA6C;AAC7C,iCAA+C;AA2D/C,qEAAqE;AACrE,IAAI,oBAAoB,GAA0B,EAAE,CAAC;AAErD;;;;;;;GAOG;AACH,SAAgB,cAAc,CAC5B,EAAU,EACV,IAAY,EACZ,OAA+C,SAAS;IAExD,OAAO;QACL,GAAG,IAAI;QACP,SAAS,EAAE,IAAI,EAAE,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACtD,MAAM,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE;KACtC,CAAC;AACJ,CAAC;AAVD,wCAUC;AAED;;;;;;;GAOG;AACH,SAAgB,aAAa,CAC3B,MAAc,EACd,QAAkB,EAClB,UAA6B;IAE7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,YAAY,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAE7D,2FAA2F;IAC3F,qDAAqD;IACrD,IAAI,IAAA,eAAU,EAAC,YAAY,CAAC,EAAE,CAAC;QAC7B,eAAe,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;IAChD,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,KAAK,CACV,4BAA4B,QAAQ,yBAAyB,YAAY,sBAAsB,CAChG,CAAC;QAEF,oBAAoB,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAC;IACtD,CAAC;AACH,CAAC;AAnBD,sCAmBC;AAED;;;;;;GAMG;AACH,SAAS,eAAe,CACtB,MAAc,EACd,QAAkB,EAClB,UAA6B;IAE7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,eAAe,GAAG,cAAI,CAAC,OAAO,CAClC,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,EACvC,YAAY,EACZ,eAAe,CAChB,CAAC;IAEF,IAAI,CAAC;QACH,gDAAgD;QAChD,IAAA,cAAS,EAAC,eAAe,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAEhD,MAAM,QAAQ,GAAG,cAAI,CAAC,OAAO,CAC3B,eAAe,EACf,iBAAiB,UAAU,CAAC,SAAS,OAAO,CAC7C,CAAC;QAEF,IAAA,kBAAa,EAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;IACtD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,OAAO,CAAC,mDAAmD,GAAG,EAAE,CAAC,CAAC;QACzE,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAED,2EAA2E;AAC3E,SAAgB,uBAAuB;IACrC,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,GAAG,GAAG,oBAAoB,CAAC,MAAM,CAAC;IACxC,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC;QACZ,MAAM,CAAC,OAAO,CACZ,GAAG,GAAG,kGAAkG,CACzG,CAAC;QAEF,KAAK,MAAM,SAAS,IAAI,oBAAoB,EAAE,CAAC;YAC7C,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;AACH,CAAC;AAZD,0DAYC;AAED,gDAAgD;AAChD,SAAgB,gBAAgB,CAAC,MAAc;IAC7C,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,CAAC,KAAK,CACV,WAAW,oBAAoB,CAAC,MAAM,6BAA6B,CACpE,CAAC;IAEF,KAAK,MAAM,SAAS,IAAI,oBAAoB,EAAE,CAAC;QAC7C,eAAe,CAAC,MAAM,EAAE,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,UAAU,CAAC,CAAC;IACpE,CAAC;IAED,yCAAyC;IACzC,oBAAoB,GAAG,EAAE,CAAC;AAC5B,CAAC;AAZD,4CAYC"}
+{"version":3,"file":"diagnostics.js","sourceRoot":"","sources":["../src/diagnostics.ts"],"names":[],"mappings":";;;;;AA4EA,wCAUC;AAUD,sCAmBC;AAsCD,0DAYC;AAGD,4CAYC;AApLD,2BAA0D;AAC1D,gDAAwB;AAIxB,uCAA6C;AAC7C,iCAA+C;AA2D/C,qEAAqE;AACrE,IAAI,oBAAoB,GAA0B,EAAE,CAAC;AAErD;;;;;;;GAOG;AACH,SAAgB,cAAc,CAC5B,EAAU,EACV,IAAY,EACZ,OAA+C,SAAS;IAExD,OAAO;QACL,GAAG,IAAI;QACP,SAAS,EAAE,IAAI,EAAE,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACtD,MAAM,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE;KACtC,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,aAAa,CAC3B,MAAc,EACd,QAAkB,EAClB,UAA6B;IAE7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,YAAY,GAAG,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAE7D,2FAA2F;IAC3F,qDAAqD;IACrD,IAAI,IAAA,eAAU,EAAC,YAAY,CAAC,EAAE,CAAC;QAC7B,eAAe,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;IAChD,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,KAAK,CACV,4BAA4B,QAAQ,yBAAyB,YAAY,sBAAsB,CAChG,CAAC;QAEF,oBAAoB,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAC;IACtD,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAS,eAAe,CACtB,MAAc,EACd,QAAkB,EAClB,UAA6B;IAE7B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,eAAe,GAAG,cAAI,CAAC,OAAO,CAClC,IAAA,4BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,EACvC,YAAY,EACZ,eAAe,CAChB,CAAC;IAEF,IAAI,CAAC;QACH,gDAAgD;QAChD,IAAA,cAAS,EAAC,eAAe,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAEhD,MAAM,QAAQ,GAAG,cAAI,CAAC,OAAO,CAC3B,eAAe,EACf,iBAAiB,UAAU,CAAC,SAAS,OAAO,CAC7C,CAAC;QAEF,IAAA,kBAAa,EAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;IACtD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,OAAO,CAAC,mDAAmD,GAAG,EAAE,CAAC,CAAC;QACzE,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAED,2EAA2E;AAC3E,SAAgB,uBAAuB;IACrC,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,GAAG,GAAG,oBAAoB,CAAC,MAAM,CAAC;IACxC,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC;QACZ,MAAM,CAAC,OAAO,CACZ,GAAG,GAAG,kGAAkG,CACzG,CAAC;QAEF,KAAK,MAAM,SAAS,IAAI,oBAAoB,EAAE,CAAC;YAC7C,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;AACH,CAAC;AAED,gDAAgD;AAChD,SAAgB,gBAAgB,CAAC,MAAc;IAC7C,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAClC,MAAM,CAAC,KAAK,CACV,WAAW,oBAAoB,CAAC,MAAM,6BAA6B,CACpE,CAAC;IAEF,KAAK,MAAM,SAAS,IAAI,oBAAoB,EAAE,CAAC;QAC7C,eAAe,CAAC,MAAM,EAAE,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,UAAU,CAAC,CAAC;IACpE,CAAC;IAED,yCAAyC;IACzC,oBAAoB,GAAG,EAAE,CAAC;AAC5B,CAAC"}

lib/feature-flags.js

@@ -49,10 +49,10 @@ exports.CODEQL_VERSION_FINE_GRAINED_PARALLELISM = "2.15.1";
  */
 var Feature;
 (function (Feature) {
-    Feature["AutobuildDirectTracing"] = "autobuild_direct_tracing";
-    Feature["CombineSarifFilesDeprecationWarning"] = "combine_sarif_files_deprecation_warning_enabled";
+    Feature["AutobuildDirectTracing"] = "autobuild_direct_tracing_v2";
+    Feature["CleanupTrapCaches"] = "cleanup_trap_caches";
     Feature["CppDependencyInstallation"] = "cpp_dependency_installation_enabled";
-    Feature["CppTrapCachingEnabled"] = "cpp_trap_caching_enabled";
+    Feature["DisableCsharpBuildless"] = "disable_csharp_buildless";
     Feature["DisableJavaBuildlessEnabled"] = "disable_java_buildless_enabled";
     Feature["DisableKotlinAnalysisEnabled"] = "disable_kotlin_analysis_enabled";
     Feature["ExportDiagnosticsEnabled"] = "export_diagnostics_enabled";
@@ -65,11 +65,9 @@ exports.featureConfig = {
         minimumVersion: undefined,
         toolsFeature: tools_features_1.ToolsFeature.TraceCommandUseBuildMode,
     },
-    [Feature.CombineSarifFilesDeprecationWarning]: {
+    [Feature.CleanupTrapCaches]: {
         defaultValue: false,
-        envVar: "CODEQL_ACTION_COMBINE_SARIF_FILES_DEPRECATION_WARNING",
-        legacyApi: true,
-        // Independent of the CLI version.
+        envVar: "CODEQL_ACTION_CLEANUP_TRAP_CACHES",
         minimumVersion: undefined,
     },
     [Feature.CppDependencyInstallation]: {
@@ -78,11 +76,10 @@ exports.featureConfig = {
         legacyApi: true,
         minimumVersion: "2.15.0",
     },
-    [Feature.CppTrapCachingEnabled]: {
+    [Feature.DisableCsharpBuildless]: {
         defaultValue: false,
-        envVar: "CODEQL_CPP_TRAP_CACHING",
-        legacyApi: true,
-        minimumVersion: "2.16.1",
+        envVar: "CODEQL_ACTION_DISABLE_CSHARP_BUILDLESS",
+        minimumVersion: undefined,
     },
     [Feature.DisableJavaBuildlessEnabled]: {
         defaultValue: false,

lib/fingerprints.js

@@ -26,7 +26,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.addFingerprints = exports.resolveUriToFile = exports.hash = void 0;
+exports.hash = hash;
+exports.resolveUriToFile = resolveUriToFile;
+exports.addFingerprints = addFingerprints;
 const fs = __importStar(require("fs"));
 const path_1 = __importDefault(require("path"));
 const long_1 = __importDefault(require("long"));
@@ -143,7 +145,6 @@ async function hash(callback, filepath) {
         updateHash(0);
     }
 }
-exports.hash = hash;
 // Generate a hash callback function that updates the given result in-place
 // when it receives a hash for the correct line number. Ignores hashes for other lines.
 function locationUpdateCallback(result, location, logger) {
@@ -234,7 +235,6 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) {
     }
     return uri;
 }
-exports.resolveUriToFile = resolveUriToFile;
 // Compute fingerprints for results in the given sarif file
 // and return an updated sarif file contents.
 async function addFingerprints(sarif, sourceRoot, logger) {
@@ -278,5 +278,4 @@ async function addFingerprints(sarif, sourceRoot, logger) {
     }
     return sarif;
 }
-exports.addFingerprints = addFingerprints;
 //# sourceMappingURL=fingerprints.js.map