Upload overlay base DBs to GitHub API behind FF

[henrymercer]

Risk assessment

For internal use only. Please select the risk level of this change:

• Low risk: Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only.

Which use cases does this change impact?

Workflow types:

• Advanced setup - Impacts users who have custom CodeQL workflows.
• Managed - Impacts users with dynamic workflows (Default Setup, CCR, ...).

Products:

• Code Scanning - The changes impact analyses when analysis-kinds: code-scanning.

Environments:

• Dotcom - Impacts CodeQL workflows on github.com.

How did/will you validate this change?

I plan to validate this on some test repos using the FF.

If something goes wrong after this change is released, what are the mitigation and rollback strategies?

• Feature flags - All new or changed code paths can be fully disabled with corresponding feature flags.

How will you know if something goes wrong after this change is released?

• Other - Please provide details.

Observe on test repos first.

Are there any special considerations for merging or releasing this change?

• No special considerations - This change can be merged at any time.
• Special considerations - This change should only be merged once certain preconditions are met. Please provide details of those or link to this PR from an internal issue.

Merge / deployment checklist

• Confirm this change is backwards compatible with existing workflows.
• Consider adding a changelog entry for this change.
• Confirm the readme and docs have been updated if necessary.

[Copilot]

Pull Request Overview

This PR adds functionality to upload overlay base databases to the GitHub API, controlled by a new feature flag UploadOverlayDbToApi. The implementation introduces a conditional cleanup strategy where databases are cleaned at the "overlay" level (preserving more data) instead of the "clear" level (complete cleanup) when the feature flag is enabled and the database mode is set to overlay-base.

Key Changes

• Introduced a new CleanupLevel enum to replace string literals for database cleanup levels
• Added a new feature flag UploadOverlayDbToApi to control the conditional upload behavior
• Modified database upload logic to conditionally use overlay-level cleanup based on feature flag and database mode

Reviewed Changes

Copilot reviewed 19 out of 20 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
src/util.ts	Added CleanupLevel enum with Clear and Overlay values for type-safe cleanup level specification
src/feature-flags.ts	Added UploadOverlayDbToApi feature flag configuration with environment variable CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API
src/overlay-database-utils.ts	Renamed function to cleanupAndUploadOverlayBaseDatabaseToCache and updated to use CleanupLevel enum
src/database-upload.ts	Renamed function to cleanupAndUploadDatabases, added conditional logic to select cleanup level based on feature flag and overlay database mode
src/database-upload.test.ts	Updated all test calls to include the new features parameter required by the refactored function signature
src/codeql.ts	Updated databaseCleanupCluster method signature to accept CleanupLevel enum instead of string
src/analyze-action.ts	Updated function calls to use renamed functions and pass features parameter
package-lock.json	Contains updates to dependency metadata, including some unintentional changes to dev dependency markers
lib/*.js	Auto-generated JavaScript files reflecting the TypeScript changes

[mbg]

Broadly look good -- just one question.

[mbg]

I'd like to understand more about the implications of this for the db upload - let's chat about that elsewhere.