Skip to content

Overlay: Increase minimum CLI version required for overlay analysis #3317

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 19, 2025
Merged

Overlay: Increase minimum CLI version required for overlay analysis #3317

merged 1 commit into from
Nov 19, 2025

Conversation

@kaspersv
Copy link
Contributor

@kaspersv kaspersv commented Nov 19, 2025
edited
Loading

This PR bumps the minimum CLI version required for overlay analysis to v. 2.23.5 (current release). This isn't strictly necessary, but simplifies operations by reducing the number of CLI versions we have to consider.

Risk assessment

For internal use only. Please select the risk level of this change:

  • Low risk: Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only.

Which use cases does this change impact?

Workflow types:

  • Advanced setup - Impacts users who have custom CodeQL workflows.
  • Managed - Impacts users with dynamic workflows (Default Setup, CCR, ...).

Products:

  • Code Scanning - The changes impact analyses when analysis-kinds: code-scanning.
  • Code Quality - The changes impact analyses when analysis-kinds: code-quality.

Environments:

  • Dotcom - Impacts CodeQL workflows on github.com.

How did/will you validate this change?

  • Test repository - This change will be tested on a test repository before merging.

If something goes wrong after this change is released, what are the mitigation and rollback strategies?

Overlay analysis is currently feature flagged.

  • Feature flags - All new or changed code paths can be fully disabled with corresponding feature flags.
  • Rollback - Change can only be disabled by rolling back the release or releasing a new version with a fix.

How will you know if something goes wrong after this change is released?

  • Telemetry - I rely on existing telemetry or have made changes to the telemetry.
    • Dashboards - I will watch relevant dashboards for issues after the release. Consider whether this requires this change to be released at a particular time rather than as part of a regular release.
    • Alerts - New or existing monitors will trip if something goes wrong with this change.

Are there any special considerations for merging or releasing this change?

  • No special considerations - This change can be merged at any time.
  • Special considerations - This change should only be merged once certain preconditions are met. Please provide details of those or link to this PR from an internal issue.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Consider adding a changelog entry for this change.
  • Confirm the readme and docs have been updated if necessary.

@github-actions github-actions bot added the size/XS Should be very easy to review label Nov 19, 2025
@kaspersv kaspersv changed the title Overlay: Increase minimum CLI version Overlay: Increase minimum CLI version required for overlay analysis Nov 19, 2025
@kaspersv kaspersv marked this pull request as ready for review November 19, 2025 12:13
@kaspersv kaspersv requested a review from a team as a code owner November 19, 2025 12:13
Copilot AI review requested due to automatic review settings November 19, 2025 12:13
Copilot finished reviewing on behalf of kaspersv November 19, 2025 12:15
Copilot AI reviewed Nov 19, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR increases the minimum CodeQL CLI version required for overlay analysis from 2.22.4 to 2.23.5, which is the current release version. The change ensures that overlay analysis features will only be enabled when users have a CLI version that supports all the latest overlay functionality.

  • Updated the CODEQL_OVERLAY_MINIMUM_VERSION constant in the TypeScript source
  • All generated JavaScript files automatically reflect this change

Reviewed Changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated no comments.

Show a summary per file
File Description
src/overlay-database-utils.ts Updates the minimum CLI version constant for overlay analysis from 2.22.4 to 2.23.5
lib/upload-sarif-action.js Generated JavaScript reflecting the TypeScript change
lib/upload-sarif-action-post.js Generated JavaScript reflecting the TypeScript change
lib/upload-lib.js Generated JavaScript reflecting the TypeScript change
lib/start-proxy-action.js Generated JavaScript reflecting the TypeScript change
lib/start-proxy-action-post.js Generated JavaScript reflecting the TypeScript change
lib/setup-codeql-action.js Generated JavaScript reflecting the TypeScript change
lib/resolve-environment-action.js Generated JavaScript reflecting the TypeScript change
lib/init-action.js Generated JavaScript reflecting the TypeScript change
lib/init-action-post.js Generated JavaScript reflecting the TypeScript change
lib/autobuild-action.js Generated JavaScript reflecting the TypeScript change
lib/analyze-action.js Generated JavaScript reflecting the TypeScript change
lib/analyze-action-post.js Generated JavaScript reflecting the TypeScript change

@kaspersv kaspersv requested a review from mbg November 19, 2025 12:23
@kaspersv kaspersv merged commit a102014 into main Nov 19, 2025
467 of 482 checks passed
@kaspersv kaspersv deleted the kaspersv/bump-minimum-overlay-version branch November 19, 2025 13:18
This was referenced Nov 24, 2025
Closed
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mbg mbg mbg approved these changes

Assignees

@mbg mbg

Labels

size/XS Should be very easy to review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kaspersv @mbg