diff --git a/CHANGELOG.md b/CHANGELOG.md index a3117206d8..aa856e8a07 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. +## 4.31.5 - 24 Nov 2025 + +No user facing changes. + ## 4.31.4 - 18 Nov 2025 No user facing changes. diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index 7dde941ee0..13589f4965 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -27662,7 +27662,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -27672,13 +27671,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -27686,21 +27684,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -33936,7 +33934,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core14 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob2 = __importStar4(require_glob()); var io6 = __importStar4(require_io3()); var crypto = __importStar4(require("crypto")); @@ -34020,7 +34018,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core14.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -116556,7 +116554,6 @@ var io2 = __toESM(require_io2()); // src/util.ts var path = __toESM(require("path")); var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -119948,7 +119945,7 @@ function withGroup(groupName, f) { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; async function writeBaseDatabaseOidsFile(config, sourceRoot) { @@ -120074,6 +120071,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -120185,21 +120187,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -120212,6 +120214,8 @@ var featureConfig = { var actionsCache2 = __toESM(require_cache3()); // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, diff --git a/lib/analyze-action.js b/lib/analyze-action.js index d37d43366f..5781e69411 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -27662,7 +27662,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -27672,13 +27671,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -27686,21 +27684,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -33936,7 +33934,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core15 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob2 = __importStar4(require_glob()); var io7 = __importStar4(require_io3()); var crypto2 = __importStar4(require("crypto")); @@ -34020,7 +34018,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core15.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -84338,7 +84336,6 @@ var fsPromises = __toESM(require("fs/promises")); var os = __toESM(require("os")); var path = __toESM(require("path")); var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -88453,7 +88450,7 @@ function formatDuration(durationMs) { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; async function writeBaseDatabaseOidsFile(config, sourceRoot) { @@ -88525,7 +88522,7 @@ function checkOverlayBaseDatabase(config, logger, warningPrefix) { } return true; } -async function uploadOverlayBaseDatabaseToCache(codeql, config, logger) { +async function cleanupAndUploadOverlayBaseDatabaseToCache(codeql, config, logger) { const overlayDatabaseMode = config.overlayDatabaseMode; if (overlayDatabaseMode !== "overlay-base" /* OverlayBase */) { logger.debug( @@ -88554,7 +88551,7 @@ async function uploadOverlayBaseDatabaseToCache(codeql, config, logger) { return false; } await withGroupAsync("Cleaning up databases", async () => { - await codeql.databaseCleanupCluster(config, "overlay"); + await codeql.databaseCleanupCluster(config, "overlay" /* Overlay */); }); const dbLocation = config.dbLocation; const databaseSizeBytes = await tryGetFolderBytes(dbLocation, logger); @@ -88695,6 +88692,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -88806,21 +88808,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -89371,6 +89373,8 @@ async function cachePrefix(codeql, language) { } // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, @@ -91159,6 +91163,11 @@ async function uploadDependencyCaches(codeql, features, config, logger) { status.push({ language, result: "no-hash" /* NoHash */ }); continue; } + const key = await cacheKey2(codeql, features, language, patterns); + if (config.dependencyCachingRestoredKeys.includes(key)) { + status.push({ language, result: "duplicate" /* Duplicate */ }); + continue; + } const size = await getTotalCacheSize( cacheConfig.getDependencyPaths(), logger, @@ -91171,7 +91180,6 @@ async function uploadDependencyCaches(codeql, features, config, logger) { ); continue; } - const key = await cacheKey2(codeql, features, language, patterns); logger.info( `Uploading cache of size ${size} for ${language} with key ${key}...` ); @@ -91663,7 +91671,7 @@ async function warnIfGoInstalledAfterInit(config, logger) { // src/database-upload.ts var fs13 = __toESM(require("fs")); -async function uploadDatabases(repositoryNwo, codeql, config, apiDetails, logger) { +async function cleanupAndUploadDatabases(repositoryNwo, codeql, config, apiDetails, features, logger) { if (getRequiredInput("upload-database") !== "true") { logger.debug("Database upload disabled in workflow. Skipping upload."); return; @@ -91686,8 +91694,9 @@ async function uploadDatabases(repositoryNwo, codeql, config, apiDetails, logger logger.debug("Not analyzing default branch. Skipping upload."); return; } + const cleanupLevel = config.overlayDatabaseMode === "overlay-base" /* OverlayBase */ && await features.getValue("upload_overlay_db_to_api" /* UploadOverlayDbToApi */) ? "overlay" /* Overlay */ : "clear" /* Clear */; await withGroupAsync("Cleaning up databases", async () => { - await codeql.databaseCleanupCluster(config, "clear"); + await codeql.databaseCleanupCluster(config, cleanupLevel); }); const client = getApiClient(); const uploadsUrl = new URL(parseGitHubUrl(apiDetails.url)); @@ -94044,8 +94053,15 @@ async function run() { } else { logger.info("Not uploading results"); } - await uploadOverlayBaseDatabaseToCache(codeql, config, logger); - await uploadDatabases(repositoryNwo, codeql, config, apiDetails, logger); + await cleanupAndUploadOverlayBaseDatabaseToCache(codeql, config, logger); + await cleanupAndUploadDatabases( + repositoryNwo, + codeql, + config, + apiDetails, + features, + logger + ); const trapCacheUploadStartTime = import_perf_hooks3.performance.now(); didUploadTrapCaches = await uploadTrapCaches(codeql, config, logger); trapCacheUploadTime = import_perf_hooks3.performance.now() - trapCacheUploadStartTime; diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 3049d15a26..f286a07cf1 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -27662,7 +27662,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -27672,13 +27671,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -27686,21 +27684,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -33936,7 +33934,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core14 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob = __importStar4(require_glob()); var io5 = __importStar4(require_io3()); var crypto = __importStar4(require("crypto")); @@ -34020,7 +34018,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core14.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -80334,7 +80332,6 @@ var io2 = __toESM(require_io2()); var fsPromises = __toESM(require("fs/promises")); var path = __toESM(require("path")); var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -83890,7 +83887,7 @@ function getActionsLogger() { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; async function writeBaseDatabaseOidsFile(config, sourceRoot) { @@ -84014,6 +84011,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -84125,21 +84127,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -84417,6 +84419,8 @@ var GitHubFeatureFlags = class { var actionsCache2 = __toESM(require_cache3()); // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 5dd89dcf61..fdc23d247a 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -27662,7 +27662,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -27672,13 +27671,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -27686,21 +27684,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -33936,7 +33934,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core18 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob2 = __importStar4(require_glob()); var io7 = __importStar4(require_io3()); var crypto = __importStar4(require("crypto")); @@ -34020,7 +34018,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core18.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -119454,7 +119452,6 @@ var fs = __toESM(require("fs")); var fsPromises = __toESM(require("fs/promises")); var path = __toESM(require("path")); var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -123326,7 +123323,7 @@ function formatDuration(durationMs) { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; async function writeBaseDatabaseOidsFile(config, sourceRoot) { @@ -123455,6 +123452,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -123566,21 +123568,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -123876,6 +123878,8 @@ ${jsonContents}` var actionsCache2 = __toESM(require_cache3()); // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, diff --git a/lib/init-action.js b/lib/init-action.js index c3f536a333..6f826febd1 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -27662,7 +27662,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -27672,13 +27671,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -27686,21 +27684,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -34087,7 +34085,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core14 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob2 = __importStar4(require_glob()); var io7 = __importStar4(require_io3()); var crypto2 = __importStar4(require("crypto")); @@ -34171,7 +34169,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core14.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -81643,7 +81641,6 @@ var fsPromises = __toESM(require("fs/promises")); var os = __toESM(require("os")); var path = __toESM(require("path")); var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -85855,7 +85852,7 @@ function formatDuration(durationMs) { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; async function writeBaseDatabaseOidsFile(config, sourceRoot) { @@ -86109,6 +86106,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -86220,21 +86222,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -86654,6 +86656,8 @@ async function cachePrefix(codeql, language) { } // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; async function getSupportedLanguageMap(codeql, logger) { const resolveSupportedLanguagesUsingCli = await codeql.supportsFeature( "builtinExtractorsSpecifyDefaultQueries" /* BuiltinExtractorsSpecifyDefaultQueries */ @@ -86828,6 +86832,7 @@ async function initActionState({ trapCaches, trapCacheDownloadTime, dependencyCachingEnabled: getCachingKind(dependencyCachingEnabled), + dependencyCachingRestoredKeys: [], extraQueryExclusions: [], overlayDatabaseMode: "none" /* None */, useOverlayDatabaseCaching: false, @@ -86925,18 +86930,28 @@ async function getOverlayDatabaseMode(codeql, features, languages, sourceRoot, b languages, codeScanningConfig )) { - if (isAnalyzingPullRequest()) { - overlayDatabaseMode = "overlay" /* Overlay */; - useOverlayDatabaseCaching = true; - logger.info( - `Setting overlay database mode to ${overlayDatabaseMode} with caching because we are analyzing a pull request.` - ); - } else if (await isAnalyzingDefaultBranch()) { - overlayDatabaseMode = "overlay-base" /* OverlayBase */; - useOverlayDatabaseCaching = true; + const diskUsage = await checkDiskUsage(logger); + if (diskUsage === void 0 || diskUsage.numAvailableBytes < OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES) { + const diskSpaceMb = diskUsage === void 0 ? 0 : Math.round(diskUsage.numAvailableBytes / 1e6); + overlayDatabaseMode = "none" /* None */; + useOverlayDatabaseCaching = false; logger.info( - `Setting overlay database mode to ${overlayDatabaseMode} with caching because we are analyzing the default branch.` + `Setting overlay database mode to ${overlayDatabaseMode} due to insufficient disk space (${diskSpaceMb} MB).` ); + } else { + if (isAnalyzingPullRequest()) { + overlayDatabaseMode = "overlay" /* Overlay */; + useOverlayDatabaseCaching = true; + logger.info( + `Setting overlay database mode to ${overlayDatabaseMode} with caching because we are analyzing a pull request.` + ); + } else if (await isAnalyzingDefaultBranch()) { + overlayDatabaseMode = "overlay-base" /* OverlayBase */; + useOverlayDatabaseCaching = true; + logger.info( + `Setting overlay database mode to ${overlayDatabaseMode} with caching because we are analyzing the default branch.` + ); + } } } const nonOverlayAnalysis = { @@ -87321,6 +87336,7 @@ async function checkHashPatterns(codeql, features, language, cacheConfig, checkT } async function downloadDependencyCaches(codeql, features, languages, logger) { const status = []; + const restoredKeys = []; for (const language of languages) { const cacheConfig = defaultCacheConfigs[language]; if (cacheConfig === void 0) { @@ -87359,14 +87375,22 @@ async function downloadDependencyCaches(codeql, features, languages, logger) { const download_duration_ms = Math.round(performance.now() - start); if (hitKey !== void 0) { logger.info(`Cache hit on key ${hitKey} for ${language}.`); - const hit_kind = hitKey === primaryKey ? "exact" /* Exact */ : "partial" /* Partial */; - status.push({ language, hit_kind, download_duration_ms }); + let hit_kind = "partial" /* Partial */; + if (hitKey === primaryKey) { + hit_kind = "exact" /* Exact */; + } + status.push({ + language, + hit_kind, + download_duration_ms + }); + restoredKeys.push(hitKey); } else { status.push({ language, hit_kind: "miss" /* Miss */ }); logger.info(`No suitable cache found for ${language}.`); } } - return status; + return { statusReport: status, restoredKeys }; } async function cacheKey2(codeql, features, language, patterns) { const hash = await glob.hashFiles(patterns.join("\n")); @@ -89998,7 +90022,7 @@ async function run() { return; } let overlayBaseDatabaseStats; - let dependencyCachingResults; + let dependencyCachingStatus; try { if (config.overlayDatabaseMode === "overlay" /* Overlay */ && config.useOverlayDatabaseCaching) { overlayBaseDatabaseStats = await downloadOverlayBaseDatabaseFromCache( @@ -90139,12 +90163,14 @@ exec ${goBinaryPath} "$@"` } } if (shouldRestoreCache(config.dependencyCachingEnabled)) { - dependencyCachingResults = await downloadDependencyCaches( + const dependencyCachingResult = await downloadDependencyCaches( codeql, features, config.languages, logger ); + dependencyCachingStatus = dependencyCachingResult.statusReport; + config.dependencyCachingRestoredKeys = dependencyCachingResult.restoredKeys; } if (await codeQlVersionAtLeast(codeql, "2.17.1")) { } else { @@ -90245,7 +90271,7 @@ exec ${goBinaryPath} "$@"` toolsSource, toolsVersion, overlayBaseDatabaseStats, - dependencyCachingResults, + dependencyCachingStatus, logger, error3 ); @@ -90263,7 +90289,7 @@ exec ${goBinaryPath} "$@"` toolsSource, toolsVersion, overlayBaseDatabaseStats, - dependencyCachingResults, + dependencyCachingStatus, logger ); } diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index c3d54f6805..48ebce48f2 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -27662,7 +27662,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -27672,13 +27671,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -27686,21 +27684,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -33936,7 +33934,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core13 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob = __importStar4(require_glob()); var io5 = __importStar4(require_io3()); var crypto = __importStar4(require("crypto")); @@ -34020,7 +34018,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core13.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -80334,7 +80332,6 @@ var io2 = __toESM(require_io2()); var fsPromises = __toESM(require("fs/promises")); var path = __toESM(require("path")); var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -83883,7 +83880,7 @@ function getActionsLogger() { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; async function writeBaseDatabaseOidsFile(config, sourceRoot) { @@ -84005,6 +84002,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -84116,21 +84118,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -84143,6 +84145,8 @@ var featureConfig = { var actionsCache2 = __toESM(require_cache3()); // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 973e9c4318..cad0195ad6 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -27662,7 +27662,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -27672,13 +27671,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -27686,21 +27684,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -32639,7 +32637,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core13 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob = __importStar4(require_glob()); var io6 = __importStar4(require_io3()); var crypto = __importStar4(require("crypto")); @@ -32723,7 +32721,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core13.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -80390,7 +80388,6 @@ var fs = __toESM(require("fs")); var fsPromises = __toESM(require("fs/promises")); var path = __toESM(require("path")); var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -83792,7 +83789,7 @@ function formatDuration(durationMs) { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; async function writeBaseDatabaseOidsFile(config, sourceRoot) { @@ -83917,6 +83914,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -84028,21 +84030,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -84588,6 +84590,8 @@ var PACK_IDENTIFIER_PATTERN = (function() { var actionsCache2 = __toESM(require_cache3()); // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 7e34a5e95b..cdac66bef0 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -27662,7 +27662,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -27672,13 +27671,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -27686,21 +27684,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -33936,7 +33934,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core14 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob2 = __importStar4(require_glob()); var io6 = __importStar4(require_io3()); var crypto = __importStar4(require("crypto")); @@ -34020,7 +34018,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core14.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -116553,7 +116551,6 @@ var io2 = __toESM(require_io2()); // src/util.ts var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -119417,7 +119414,7 @@ function getActionsLogger() { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; @@ -119480,6 +119477,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -119591,21 +119593,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -119618,6 +119620,8 @@ var featureConfig = { var actionsCache2 = __toESM(require_cache3()); // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index c0869dd966..3693c96700 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -47285,7 +47285,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -47320,7 +47320,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -47330,13 +47329,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -47344,21 +47342,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -53594,7 +53592,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core12 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob = __importStar4(require_glob()); var io4 = __importStar4(require_io4()); var crypto = __importStar4(require("crypto")); @@ -53678,7 +53676,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core12.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -96769,7 +96767,6 @@ var io2 = __toESM(require_io3()); // src/util.ts var fsPromises = __toESM(require("fs/promises")); var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io3()); // node_modules/get-folder-size/index.js @@ -99970,7 +99967,7 @@ async function getRef() { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; @@ -100033,6 +100030,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -100144,21 +100146,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -100171,6 +100173,8 @@ var featureConfig = { var actionsCache2 = __toESM(require_cache3()); // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, diff --git a/lib/upload-lib.js b/lib/upload-lib.js index ea6e2ca41c..938245c218 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -28924,7 +28924,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -28959,7 +28959,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -28969,13 +28968,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -28983,21 +28981,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -33936,7 +33934,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core12 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob = __importStar4(require_glob()); var io6 = __importStar4(require_io3()); var crypto = __importStar4(require("crypto")); @@ -34020,7 +34018,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core12.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -83223,7 +83221,6 @@ __export(upload_lib_exports, { buildPayload: () => buildPayload, findSarifFilesInDir: () => findSarifFilesInDir, getGroupedSarifFilePaths: () => getGroupedSarifFilePaths, - getSarifFilePaths: () => getSarifFilePaths, populateRunAutomationDetails: () => populateRunAutomationDetails, postProcessSarifFiles: () => postProcessSarifFiles, readSarifFile: () => readSarifFile, @@ -83259,7 +83256,6 @@ var io2 = __toESM(require_io2()); var fs = __toESM(require("fs")); var path = __toESM(require("path")); var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -86948,7 +86944,7 @@ function formatDuration(durationMs) { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; async function writeBaseDatabaseOidsFile(config, sourceRoot) { @@ -87071,6 +87067,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -87182,21 +87183,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -87227,6 +87228,8 @@ ${jsonContents}` var actionsCache2 = __toESM(require_cache3()); // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, @@ -90654,7 +90657,6 @@ function filterAlertsByDiffRange(logger, sarif) { buildPayload, findSarifFilesInDir, getGroupedSarifFilePaths, - getSarifFilePaths, populateRunAutomationDetails, postProcessSarifFiles, readSarifFile, diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index fce0c4f795..87ef62a45d 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -27662,7 +27662,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -27672,13 +27671,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -27686,21 +27684,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -108409,7 +108407,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core14 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob2 = __importStar4(require_glob2()); var io6 = __importStar4(require_io3()); var crypto = __importStar4(require("crypto")); @@ -108493,7 +108491,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core14.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -116553,7 +116551,6 @@ var io2 = __toESM(require_io2()); // src/util.ts var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -119579,7 +119576,7 @@ function withGroup(groupName, f) { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; @@ -119646,6 +119643,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -119757,21 +119759,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -119784,6 +119786,8 @@ var featureConfig = { var actionsCache2 = __toESM(require_cache3()); // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 667acaa15e..79778f00d8 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -19419,7 +19419,7 @@ var require_exec = __commonJS({ exports2.getExecOutput = exports2.exec = void 0; var string_decoder_1 = require("string_decoder"); var tr = __importStar4(require_toolrunner()); - function exec2(commandLine, args, options) { + function exec(commandLine, args, options) { return __awaiter4(this, void 0, void 0, function* () { const commandArgs = tr.argStringToArray(commandLine); if (commandArgs.length === 0) { @@ -19431,8 +19431,8 @@ var require_exec = __commonJS({ return runner.exec(); }); } - exports2.exec = exec2; - function getExecOutput2(commandLine, args, options) { + exports2.exec = exec; + function getExecOutput(commandLine, args, options) { var _a, _b; return __awaiter4(this, void 0, void 0, function* () { let stdout = ""; @@ -19454,7 +19454,7 @@ var require_exec = __commonJS({ } }; const listeners = Object.assign(Object.assign({}, options === null || options === void 0 ? void 0 : options.listeners), { stdout: stdOutListener, stderr: stdErrListener }); - const exitCode = yield exec2(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); + const exitCode = yield exec(commandLine, args, Object.assign(Object.assign({}, options), { listeners })); stdout += stdoutDecoder.end(); stderr += stderrDecoder.end(); return { @@ -19464,7 +19464,7 @@ var require_exec = __commonJS({ }; }); } - exports2.getExecOutput = getExecOutput2; + exports2.getExecOutput = getExecOutput; } }); @@ -19532,12 +19532,12 @@ var require_platform = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getDetails = exports2.isLinux = exports2.isMacOS = exports2.isWindows = exports2.arch = exports2.platform = void 0; var os_1 = __importDefault4(require("os")); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var getWindowsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout: version } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { + const { stdout: version } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Version"', void 0, { silent: true }); - const { stdout: name } = yield exec2.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { + const { stdout: name } = yield exec.getExecOutput('powershell -command "(Get-CimInstance -ClassName Win32_OperatingSystem).Caption"', void 0, { silent: true }); return { @@ -19547,7 +19547,7 @@ var require_platform = __commonJS({ }); var getMacOsInfo = () => __awaiter4(void 0, void 0, void 0, function* () { var _a, _b, _c, _d; - const { stdout } = yield exec2.getExecOutput("sw_vers", void 0, { + const { stdout } = yield exec.getExecOutput("sw_vers", void 0, { silent: true }); const version = (_b = (_a = stdout.match(/ProductVersion:\s*(.+)/)) === null || _a === void 0 ? void 0 : _a[1]) !== null && _b !== void 0 ? _b : ""; @@ -19558,7 +19558,7 @@ var require_platform = __commonJS({ }; }); var getLinuxInfo = () => __awaiter4(void 0, void 0, void 0, function* () { - const { stdout } = yield exec2.getExecOutput("lsb_release", ["-i", "-r", "-s"], { + const { stdout } = yield exec.getExecOutput("lsb_release", ["-i", "-r", "-s"], { silent: true }); const [name, version] = stdout.trim().split("\n"); @@ -27627,7 +27627,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.31.4", + version: "4.31.5", private: true, description: "CodeQL action", scripts: { @@ -27662,7 +27662,6 @@ var require_package = __commonJS({ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", archiver: "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -27672,13 +27671,12 @@ var require_package = __commonJS({ jsonschema: "1.4.1", long: "^5.3.2", "node-forge": "^1.3.1", - octokit: "^5.0.5", semver: "^7.7.3", uuid: "^13.0.0" }, devDependencies: { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -27686,21 +27684,21 @@ var require_package = __commonJS({ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", ava: "^6.4.1", esbuild: "^0.27.0", + eslint: "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - eslint: "^8.57.1", glob: "^11.1.0", nock: "^14.0.10", sinon: "^21.0.0", @@ -32639,7 +32637,7 @@ var require_cacheUtils = __commonJS({ Object.defineProperty(exports2, "__esModule", { value: true }); exports2.getRuntimeToken = exports2.getCacheVersion = exports2.assertDefined = exports2.getGnuTarPathOnWindows = exports2.getCacheFileName = exports2.getCompressionMethod = exports2.unlinkFile = exports2.resolvePaths = exports2.getArchiveFileSizeInBytes = exports2.createTempDirectory = void 0; var core14 = __importStar4(require_core()); - var exec2 = __importStar4(require_exec()); + var exec = __importStar4(require_exec()); var glob = __importStar4(require_glob()); var io6 = __importStar4(require_io3()); var crypto = __importStar4(require("crypto")); @@ -32723,7 +32721,7 @@ var require_cacheUtils = __commonJS({ additionalArgs.push("--version"); core14.debug(`Checking ${app} ${additionalArgs.join(" ")}`); try { - yield exec2.exec(`${app}`, additionalArgs, { + yield exec.exec(`${app}`, additionalArgs, { ignoreReturnCode: true, silent: true, listeners: { @@ -83232,7 +83230,6 @@ var fs = __toESM(require("fs")); var fsPromises = __toESM(require("fs/promises")); var path = __toESM(require("path")); var core3 = __toESM(require_core()); -var exec = __toESM(require_exec()); var io = __toESM(require_io2()); // node_modules/get-folder-size/index.js @@ -86742,7 +86739,7 @@ function formatDuration(durationMs) { } // src/overlay-database-utils.ts -var CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +var CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB = 7500; var OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_BYTES = OVERLAY_BASE_DATABASE_MAX_UPLOAD_SIZE_MB * 1e6; async function writeBaseDatabaseOidsFile(config, sourceRoot) { @@ -86867,6 +86864,11 @@ var featureConfig = { legacyApi: true, minimumVersion: void 0 }, + ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0" + }, ["overlay_analysis" /* OverlayAnalysis */]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -86978,21 +86980,21 @@ var featureConfig = { minimumVersion: void 0, toolsFeature: "pythonDefaultIsToNotExtractStdlib" /* PythonDefaultIsToNotExtractStdlib */ }, - ["use_repository_properties" /* UseRepositoryProperties */]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: void 0 - }, ["qa_telemetry_enabled" /* QaTelemetryEnabled */]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: void 0 }, - ["java_minimize_dependency_jars" /* JavaMinimizeDependencyJars */]: { + ["upload_overlay_db_to_api" /* UploadOverlayDbToApi */]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0" + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: void 0 + }, + ["use_repository_properties" /* UseRepositoryProperties */]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: void 0 }, ["validate_db_config" /* ValidateDbConfig */]: { defaultValue: false, @@ -87308,6 +87310,8 @@ ${jsonContents}` var actionsCache2 = __toESM(require_cache3()); // src/config-utils.ts +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 2e4; +var OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1e6; var OVERLAY_ANALYSIS_FEATURES = { actions: "overlay_analysis_actions" /* OverlayAnalysisActions */, cpp: "overlay_analysis_cpp" /* OverlayAnalysisCpp */, diff --git a/package-lock.json b/package-lock.json index 80ef7cb619..3ee4a5b89f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "4.31.4", + "version": "4.31.5", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "4.31.4", + "version": "4.31.5", "license": "MIT", "dependencies": { "@actions/artifact": "^4.0.0", @@ -20,7 +20,6 @@ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", "archiver": "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -30,13 +29,12 @@ "jsonschema": "1.4.1", "long": "^5.3.2", "node-forge": "^1.3.1", - "octokit": "^5.0.5", "semver": "^7.7.3", "uuid": "^13.0.0" }, "devDependencies": { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -44,10 +42,10 @@ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", "ava": "^6.4.1", @@ -57,7 +55,7 @@ "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", "glob": "^11.1.0", "nock": "^14.0.10", @@ -1417,16 +1415,16 @@ } }, "node_modules/@eslint/compat": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/@eslint/compat/-/compat-1.4.1.tgz", - "integrity": "sha512-cfO82V9zxxGBxcQDr1lfaYB7wykTa0b00mGa36FrJl7iTFd0Z2cHfEYuxcBRP/iNijCsWsEkA+jzT8hGYmv33w==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/@eslint/compat/-/compat-2.0.0.tgz", + "integrity": "sha512-T9AfE1G1uv4wwq94ozgTGio5EUQBqAVe1X9qsQtSNVEYW6j3hvtZVm8Smr4qL1qDPFg+lOB2cL5RxTRMzq4CTA==", "dev": true, "license": "Apache-2.0", "dependencies": { - "@eslint/core": "^0.17.0" + "@eslint/core": "^1.0.0" }, "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + "node": "^20.19.0 || ^22.13.0 || >=24" }, "peerDependencies": { "eslint": "^8.40 || 9" @@ -1438,16 +1436,16 @@ } }, "node_modules/@eslint/core": { - "version": "0.17.0", - "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.17.0.tgz", - "integrity": "sha512-yL/sLrpmtDaFEiUj1osRP4TI2MDz1AddJL+jZ7KSqvBuliN4xqYY54IfdN8qD8Toa6g1iloph1fxQNkjOxrrpQ==", + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/@eslint/core/-/core-1.0.0.tgz", + "integrity": "sha512-PRfWP+8FOldvbApr6xL7mNCw4cJcSTq4GA7tYbgq15mRb0kWKO/wEB2jr+uwjFH3sZvEZneZyCUGTxsv4Sahyw==", "dev": true, "license": "Apache-2.0", "dependencies": { "@types/json-schema": "^7.0.15" }, "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + "node": "^20.19.0 || ^22.13.0 || >=24" } }, "node_modules/@eslint/eslintrc": { @@ -1578,7 +1576,6 @@ "version": "4.0.1", "resolved": "https://registry.npmjs.org/@isaacs/balanced-match/-/balanced-match-4.0.1.tgz", "integrity": "sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ==", - "dev": true, "license": "MIT", "engines": { "node": "20 || >=22" @@ -1588,7 +1585,6 @@ "version": "5.0.0", "resolved": "https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.0.tgz", "integrity": "sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==", - "dev": true, "license": "MIT", "dependencies": { "@isaacs/balanced-match": "^4.0.1" @@ -1719,6 +1715,7 @@ "resolved": "https://registry.npmjs.org/@microsoft/eslint-formatter-sarif/-/eslint-formatter-sarif-3.1.0.tgz", "integrity": "sha512-/mn4UXziHzGXnKCg+r8HGgPy+w4RzpgdoqFuqaKOqUVBT5x2CygGefIrO4SusaY7t0C4gyIWMNu6YQT6Jw64Cw==", "dev": true, + "license": "MIT", "dependencies": { "eslint": "^8.9.0", "jschardet": "latest", @@ -1788,182 +1785,6 @@ "node": ">=12.4.0" } }, - "node_modules/@octokit/app": { - "version": "16.1.2", - "resolved": "https://registry.npmjs.org/@octokit/app/-/app-16.1.2.tgz", - "integrity": "sha512-8j7sEpUYVj18dxvh0KWj6W/l6uAiVRBl1JBDVRqH1VHKAO/G5eRVl4yEoYACjakWers1DjUkcCHyJNQK47JqyQ==", - "license": "MIT", - "dependencies": { - "@octokit/auth-app": "^8.1.2", - "@octokit/auth-unauthenticated": "^7.0.3", - "@octokit/core": "^7.0.6", - "@octokit/oauth-app": "^8.0.3", - "@octokit/plugin-paginate-rest": "^14.0.0", - "@octokit/types": "^16.0.0", - "@octokit/webhooks": "^14.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/app/node_modules/@octokit/auth-token": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-6.0.0.tgz", - "integrity": "sha512-P4YJBPdPSpWTQ1NU4XYdvHvXJJDxM6YwpS0FZHRgP7YFkdVxsWcpWGy/NVqlAA7PcPCnMacXlRm1y2PFZRWL/w==", - "license": "MIT", - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/app/node_modules/@octokit/core": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/@octokit/core/-/core-7.0.6.tgz", - "integrity": "sha512-DhGl4xMVFGVIyMwswXeyzdL4uXD5OGILGX5N8Y+f6W7LhC1Ze2poSNrkF/fedpVDHEEZ+PHFW0vL14I+mm8K3Q==", - "license": "MIT", - "dependencies": { - "@octokit/auth-token": "^6.0.0", - "@octokit/graphql": "^9.0.3", - "@octokit/request": "^10.0.6", - "@octokit/request-error": "^7.0.2", - "@octokit/types": "^16.0.0", - "before-after-hook": "^4.0.0", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/app/node_modules/@octokit/graphql": { - "version": "9.0.3", - "resolved": "https://registry.npmjs.org/@octokit/graphql/-/graphql-9.0.3.tgz", - "integrity": "sha512-grAEuupr/C1rALFnXTv6ZQhFuL1D8G5y8CN04RgrO4FIPMrtm+mcZzFG7dcBm+nq+1ppNixu+Jd78aeJOYxlGA==", - "license": "MIT", - "dependencies": { - "@octokit/request": "^10.0.6", - "@octokit/types": "^16.0.0", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/app/node_modules/@octokit/plugin-paginate-rest": { - "version": "14.0.0", - "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-14.0.0.tgz", - "integrity": "sha512-fNVRE7ufJiAA3XUrha2omTA39M6IXIc6GIZLvlbsm8QOQCYvpq/LkMNGyFlB1d8hTDzsAXa3OKtybdMAYsV/fw==", - "license": "MIT", - "dependencies": { - "@octokit/types": "^16.0.0" - }, - "engines": { - "node": ">= 20" - }, - "peerDependencies": { - "@octokit/core": ">=6" - } - }, - "node_modules/@octokit/app/node_modules/before-after-hook": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/before-after-hook/-/before-after-hook-4.0.0.tgz", - "integrity": "sha512-q6tR3RPqIB1pMiTRMFcZwuG5T8vwp+vUvEG0vuI6B+Rikh5BfPp2fQ82c925FOs+b0lcFQ8CFrL+KbilfZFhOQ==", - "license": "Apache-2.0" - }, - "node_modules/@octokit/app/node_modules/universal-user-agent": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-7.0.3.tgz", - "integrity": "sha512-TmnEAEAsBJVZM/AADELsK76llnwcf9vMKuPz8JflO1frO8Lchitr0fNaN9d+Ap0BjKtqWqd/J17qeDnXh8CL2A==", - "license": "ISC" - }, - "node_modules/@octokit/auth-app": { - "version": "8.1.2", - "resolved": "https://registry.npmjs.org/@octokit/auth-app/-/auth-app-8.1.2.tgz", - "integrity": "sha512-db8VO0PqXxfzI6GdjtgEFHY9tzqUql5xMFXYA12juq8TeTgPAuiiP3zid4h50lwlIP457p5+56PnJOgd2GGBuw==", - "license": "MIT", - "dependencies": { - "@octokit/auth-oauth-app": "^9.0.3", - "@octokit/auth-oauth-user": "^6.0.2", - "@octokit/request": "^10.0.6", - "@octokit/request-error": "^7.0.2", - "@octokit/types": "^16.0.0", - "toad-cache": "^3.7.0", - "universal-github-app-jwt": "^2.2.0", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/auth-app/node_modules/universal-user-agent": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-7.0.3.tgz", - "integrity": "sha512-TmnEAEAsBJVZM/AADELsK76llnwcf9vMKuPz8JflO1frO8Lchitr0fNaN9d+Ap0BjKtqWqd/J17qeDnXh8CL2A==", - "license": "ISC" - }, - "node_modules/@octokit/auth-oauth-app": { - "version": "9.0.3", - "resolved": "https://registry.npmjs.org/@octokit/auth-oauth-app/-/auth-oauth-app-9.0.3.tgz", - "integrity": "sha512-+yoFQquaF8OxJSxTb7rnytBIC2ZLbLqA/yb71I4ZXT9+Slw4TziV9j/kyGhUFRRTF2+7WlnIWsePZCWHs+OGjg==", - "license": "MIT", - "dependencies": { - "@octokit/auth-oauth-device": "^8.0.3", - "@octokit/auth-oauth-user": "^6.0.2", - "@octokit/request": "^10.0.6", - "@octokit/types": "^16.0.0", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/auth-oauth-app/node_modules/universal-user-agent": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-7.0.3.tgz", - "integrity": "sha512-TmnEAEAsBJVZM/AADELsK76llnwcf9vMKuPz8JflO1frO8Lchitr0fNaN9d+Ap0BjKtqWqd/J17qeDnXh8CL2A==", - "license": "ISC" - }, - "node_modules/@octokit/auth-oauth-device": { - "version": "8.0.3", - "resolved": "https://registry.npmjs.org/@octokit/auth-oauth-device/-/auth-oauth-device-8.0.3.tgz", - "integrity": "sha512-zh2W0mKKMh/VWZhSqlaCzY7qFyrgd9oTWmTmHaXnHNeQRCZr/CXy2jCgHo4e4dJVTiuxP5dLa0YM5p5QVhJHbw==", - "license": "MIT", - "dependencies": { - "@octokit/oauth-methods": "^6.0.2", - "@octokit/request": "^10.0.6", - "@octokit/types": "^16.0.0", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/auth-oauth-device/node_modules/universal-user-agent": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-7.0.3.tgz", - "integrity": "sha512-TmnEAEAsBJVZM/AADELsK76llnwcf9vMKuPz8JflO1frO8Lchitr0fNaN9d+Ap0BjKtqWqd/J17qeDnXh8CL2A==", - "license": "ISC" - }, - "node_modules/@octokit/auth-oauth-user": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/@octokit/auth-oauth-user/-/auth-oauth-user-6.0.2.tgz", - "integrity": "sha512-qLoPPc6E6GJoz3XeDG/pnDhJpTkODTGG4kY0/Py154i/I003O9NazkrwJwRuzgCalhzyIeWQ+6MDvkUmKXjg/A==", - "license": "MIT", - "dependencies": { - "@octokit/auth-oauth-device": "^8.0.3", - "@octokit/oauth-methods": "^6.0.2", - "@octokit/request": "^10.0.6", - "@octokit/types": "^16.0.0", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/auth-oauth-user/node_modules/universal-user-agent": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-7.0.3.tgz", - "integrity": "sha512-TmnEAEAsBJVZM/AADELsK76llnwcf9vMKuPz8JflO1frO8Lchitr0fNaN9d+Ap0BjKtqWqd/J17qeDnXh8CL2A==", - "license": "ISC" - }, "node_modules/@octokit/auth-token": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-4.0.0.tgz", @@ -1972,19 +1793,6 @@ "node": ">= 18" } }, - "node_modules/@octokit/auth-unauthenticated": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/@octokit/auth-unauthenticated/-/auth-unauthenticated-7.0.3.tgz", - "integrity": "sha512-8Jb1mtUdmBHL7lGmop9mU9ArMRUTRhg8vp0T1VtZ4yd9vEm3zcLwmjQkhNEduKawOOORie61xhtYIhTDN+ZQ3g==", - "license": "MIT", - "dependencies": { - "@octokit/request-error": "^7.0.2", - "@octokit/types": "^16.0.0" - }, - "engines": { - "node": ">= 20" - } - }, "node_modules/@octokit/core": { "version": "5.2.2", "resolved": "https://registry.npmjs.org/@octokit/core/-/core-5.2.2.tgz", @@ -2055,25 +1863,6 @@ "@octokit/openapi-types": "^24.2.0" } }, - "node_modules/@octokit/endpoint": { - "version": "11.0.2", - "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-11.0.2.tgz", - "integrity": "sha512-4zCpzP1fWc7QlqunZ5bSEjxc6yLAlRTnDwKtgXfcI/FxxGoqedDG8V2+xJ60bV2kODqcGB+nATdtap/XYq2NZQ==", - "license": "MIT", - "dependencies": { - "@octokit/types": "^16.0.0", - "universal-user-agent": "^7.0.2" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/endpoint/node_modules/universal-user-agent": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-7.0.3.tgz", - "integrity": "sha512-TmnEAEAsBJVZM/AADELsK76llnwcf9vMKuPz8JflO1frO8Lchitr0fNaN9d+Ap0BjKtqWqd/J17qeDnXh8CL2A==", - "license": "ISC" - }, "node_modules/@octokit/graphql": { "version": "7.1.1", "resolved": "https://registry.npmjs.org/@octokit/graphql/-/graphql-7.1.1.tgz", @@ -2139,112 +1928,11 @@ "@octokit/openapi-types": "^24.2.0" } }, - "node_modules/@octokit/oauth-app": { - "version": "8.0.3", - "resolved": "https://registry.npmjs.org/@octokit/oauth-app/-/oauth-app-8.0.3.tgz", - "integrity": "sha512-jnAjvTsPepyUaMu9e69hYBuozEPgYqP4Z3UnpmvoIzHDpf8EXDGvTY1l1jK0RsZ194oRd+k6Hm13oRU8EoDFwg==", - "license": "MIT", - "dependencies": { - "@octokit/auth-oauth-app": "^9.0.2", - "@octokit/auth-oauth-user": "^6.0.1", - "@octokit/auth-unauthenticated": "^7.0.2", - "@octokit/core": "^7.0.5", - "@octokit/oauth-authorization-url": "^8.0.0", - "@octokit/oauth-methods": "^6.0.1", - "@types/aws-lambda": "^8.10.83", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/oauth-app/node_modules/@octokit/auth-token": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-6.0.0.tgz", - "integrity": "sha512-P4YJBPdPSpWTQ1NU4XYdvHvXJJDxM6YwpS0FZHRgP7YFkdVxsWcpWGy/NVqlAA7PcPCnMacXlRm1y2PFZRWL/w==", - "license": "MIT", - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/oauth-app/node_modules/@octokit/core": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/@octokit/core/-/core-7.0.6.tgz", - "integrity": "sha512-DhGl4xMVFGVIyMwswXeyzdL4uXD5OGILGX5N8Y+f6W7LhC1Ze2poSNrkF/fedpVDHEEZ+PHFW0vL14I+mm8K3Q==", - "license": "MIT", - "dependencies": { - "@octokit/auth-token": "^6.0.0", - "@octokit/graphql": "^9.0.3", - "@octokit/request": "^10.0.6", - "@octokit/request-error": "^7.0.2", - "@octokit/types": "^16.0.0", - "before-after-hook": "^4.0.0", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/oauth-app/node_modules/@octokit/graphql": { - "version": "9.0.3", - "resolved": "https://registry.npmjs.org/@octokit/graphql/-/graphql-9.0.3.tgz", - "integrity": "sha512-grAEuupr/C1rALFnXTv6ZQhFuL1D8G5y8CN04RgrO4FIPMrtm+mcZzFG7dcBm+nq+1ppNixu+Jd78aeJOYxlGA==", - "license": "MIT", - "dependencies": { - "@octokit/request": "^10.0.6", - "@octokit/types": "^16.0.0", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/oauth-app/node_modules/before-after-hook": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/before-after-hook/-/before-after-hook-4.0.0.tgz", - "integrity": "sha512-q6tR3RPqIB1pMiTRMFcZwuG5T8vwp+vUvEG0vuI6B+Rikh5BfPp2fQ82c925FOs+b0lcFQ8CFrL+KbilfZFhOQ==", - "license": "Apache-2.0" - }, - "node_modules/@octokit/oauth-app/node_modules/universal-user-agent": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-7.0.3.tgz", - "integrity": "sha512-TmnEAEAsBJVZM/AADELsK76llnwcf9vMKuPz8JflO1frO8Lchitr0fNaN9d+Ap0BjKtqWqd/J17qeDnXh8CL2A==", - "license": "ISC" - }, - "node_modules/@octokit/oauth-authorization-url": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/@octokit/oauth-authorization-url/-/oauth-authorization-url-8.0.0.tgz", - "integrity": "sha512-7QoLPRh/ssEA/HuHBHdVdSgF8xNLz/Bc5m9fZkArJE5bb6NmVkDm3anKxXPmN1zh6b5WKZPRr3697xKT/yM3qQ==", - "license": "MIT", - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/oauth-methods": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/@octokit/oauth-methods/-/oauth-methods-6.0.2.tgz", - "integrity": "sha512-HiNOO3MqLxlt5Da5bZbLV8Zarnphi4y9XehrbaFMkcoJ+FL7sMxH/UlUsCVxpddVu4qvNDrBdaTVE2o4ITK8ng==", - "license": "MIT", - "dependencies": { - "@octokit/oauth-authorization-url": "^8.0.0", - "@octokit/request": "^10.0.6", - "@octokit/request-error": "^7.0.2", - "@octokit/types": "^16.0.0" - }, - "engines": { - "node": ">= 20" - } - }, "node_modules/@octokit/openapi-types": { "version": "27.0.0", "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-27.0.0.tgz", "integrity": "sha512-whrdktVs1h6gtR+09+QsNk2+FO+49j6ga1c55YZudfEG+oKJVvJLQi3zkOm5JjiUXAagWK2tI2kTGKJ2Ys7MGA==", - "license": "MIT" - }, - "node_modules/@octokit/openapi-webhooks-types": { - "version": "12.0.3", - "resolved": "https://registry.npmjs.org/@octokit/openapi-webhooks-types/-/openapi-webhooks-types-12.0.3.tgz", - "integrity": "sha512-90MF5LVHjBedwoHyJsgmaFhEN1uzXyBDRLEBe7jlTYx/fEhPAk3P3DAJsfZwC54m8hAIryosJOL+UuZHB3K3yA==", + "dev": true, "license": "MIT" }, "node_modules/@octokit/plugin-request-log": { @@ -2298,72 +1986,16 @@ "@octokit/openapi-types": "^24.2.0" } }, - "node_modules/@octokit/request": { - "version": "10.0.6", - "resolved": "https://registry.npmjs.org/@octokit/request/-/request-10.0.6.tgz", - "integrity": "sha512-FO+UgZCUu+pPnZAR+iKdUt64kPE7QW7ciqpldaMXaNzixz5Jld8dJ31LAUewk0cfSRkNSRKyqG438ba9c/qDlQ==", - "license": "MIT", - "dependencies": { - "@octokit/endpoint": "^11.0.2", - "@octokit/request-error": "^7.0.2", - "@octokit/types": "^16.0.0", - "fast-content-type-parse": "^3.0.0", - "universal-user-agent": "^7.0.2" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/request-error": { - "version": "7.0.2", - "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-7.0.2.tgz", - "integrity": "sha512-U8piOROoQQUyExw5c6dTkU3GKxts5/ERRThIauNL7yaRoeXW0q/5bgHWT7JfWBw1UyrbK8ERId2wVkcB32n0uQ==", - "license": "MIT", - "dependencies": { - "@octokit/types": "^16.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/request/node_modules/universal-user-agent": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-7.0.3.tgz", - "integrity": "sha512-TmnEAEAsBJVZM/AADELsK76llnwcf9vMKuPz8JflO1frO8Lchitr0fNaN9d+Ap0BjKtqWqd/J17qeDnXh8CL2A==", - "license": "ISC" - }, "node_modules/@octokit/types": { "version": "16.0.0", "resolved": "https://registry.npmjs.org/@octokit/types/-/types-16.0.0.tgz", "integrity": "sha512-sKq+9r1Mm4efXW1FCk7hFSeJo4QKreL/tTbR0rz/qx/r1Oa2VV83LTA/H/MuCOX7uCIJmQVRKBcbmWoySjAnSg==", + "dev": true, "license": "MIT", "dependencies": { "@octokit/openapi-types": "^27.0.0" } }, - "node_modules/@octokit/webhooks": { - "version": "14.1.3", - "resolved": "https://registry.npmjs.org/@octokit/webhooks/-/webhooks-14.1.3.tgz", - "integrity": "sha512-gcK4FNaROM9NjA0mvyfXl0KPusk7a1BeA8ITlYEZVQCXF5gcETTd4yhAU0Kjzd8mXwYHppzJBWgdBVpIR9wUcQ==", - "license": "MIT", - "dependencies": { - "@octokit/openapi-webhooks-types": "12.0.3", - "@octokit/request-error": "^7.0.0", - "@octokit/webhooks-methods": "^6.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/@octokit/webhooks-methods": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/@octokit/webhooks-methods/-/webhooks-methods-6.0.0.tgz", - "integrity": "sha512-MFlzzoDJVw/GcbfzVC1RLR36QqkTLUf79vLVO3D+xn7r0QgxnFoLZgtrzxiQErAjFUOdH6fas2KeQJ1yr/qaXQ==", - "license": "MIT", - "engines": { - "node": ">= 20" - } - }, "node_modules/@open-draft/deferred-promise": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/@open-draft/deferred-promise/-/deferred-promise-2.2.0.tgz", @@ -2612,12 +2244,6 @@ "@types/readdir-glob": "*" } }, - "node_modules/@types/aws-lambda": { - "version": "8.10.157", - "resolved": "https://registry.npmjs.org/@types/aws-lambda/-/aws-lambda-8.10.157.tgz", - "integrity": "sha512-ofjcRCO1N7tMZDSO11u5bFHPDfUFD3Q9YK9g4S4w8UDKuG3CNlw2lNK1sd3Itdo7JORygZmG4h9ZykS8dlXvMA==", - "license": "MIT" - }, "node_modules/@types/color-name": { "version": "1.1.1", "dev": true, @@ -2719,9 +2345,9 @@ "license": "MIT" }, "node_modules/@types/sinon": { - "version": "17.0.4", - "resolved": "https://registry.npmjs.org/@types/sinon/-/sinon-17.0.4.tgz", - "integrity": "sha512-RHnIrhfPO3+tJT0s7cFaXGZvsL4bbR3/k7z3P312qMS4JaS2Tk+KiwiLx1S0rQ56ERj00u1/BtdyVd0FY+Pdew==", + "version": "21.0.0", + "resolved": "https://registry.npmjs.org/@types/sinon/-/sinon-21.0.0.tgz", + "integrity": "sha512-+oHKZ0lTI+WVLxx1IbJDNmReQaIsQJjN2e7UUrJHEeByG7bFeKJYsv1E75JxTQ9QKJDp21bAa/0W2Xo4srsDnw==", "dev": true, "license": "MIT", "dependencies": { @@ -5187,6 +4813,40 @@ "eslint": "^8 || ^9" } }, + "node_modules/eslint-plugin-github/node_modules/@eslint/compat": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/@eslint/compat/-/compat-1.4.1.tgz", + "integrity": "sha512-cfO82V9zxxGBxcQDr1lfaYB7wykTa0b00mGa36FrJl7iTFd0Z2cHfEYuxcBRP/iNijCsWsEkA+jzT8hGYmv33w==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "@eslint/core": "^0.17.0" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "peerDependencies": { + "eslint": "^8.40 || 9" + }, + "peerDependenciesMeta": { + "eslint": { + "optional": true + } + } + }, + "node_modules/eslint-plugin-github/node_modules/@eslint/core": { + "version": "0.17.0", + "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.17.0.tgz", + "integrity": "sha512-yL/sLrpmtDaFEiUj1osRP4TI2MDz1AddJL+jZ7KSqvBuliN4xqYY54IfdN8qD8Toa6g1iloph1fxQNkjOxrrpQ==", + "dev": true, + "license": "Apache-2.0", + "dependencies": { + "@types/json-schema": "^7.0.15" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, "node_modules/eslint-plugin-github/node_modules/debug": { "version": "3.2.7", "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz", @@ -5292,9 +4952,9 @@ } }, "node_modules/eslint-plugin-jsdoc": { - "version": "61.1.12", - "resolved": "https://registry.npmjs.org/eslint-plugin-jsdoc/-/eslint-plugin-jsdoc-61.1.12.tgz", - "integrity": "sha512-CGJTnltz7ovwOW33xYhvA4fMuriPZpR5OnJf09SV28iU2IUpJwMd6P7zvUK8Sl56u5YzO+1F9m46wpSs2dufEw==", + "version": "61.2.1", + "resolved": "https://registry.npmjs.org/eslint-plugin-jsdoc/-/eslint-plugin-jsdoc-61.2.1.tgz", + "integrity": "sha512-Htacti3dbkNm4rlp/Bk9lqhv+gi6US9jyN22yaJ42G6wbteiTbNLChQwi25jr/BN+NOzDWhZHvCDdrhX0F8dXQ==", "dev": true, "license": "BSD-3-Clause", "dependencies": { @@ -5800,22 +5460,6 @@ "url": "https://github.com/sindresorhus/execa?sponsor=1" } }, - "node_modules/fast-content-type-parse": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/fast-content-type-parse/-/fast-content-type-parse-3.0.0.tgz", - "integrity": "sha512-ZvLdcY8P+N8mGQJahJV5G4U88CSvT1rP8ApL6uETe88MBXrBHAkZlSEySdUlyztF7ccb+Znos3TFqaepHxdhBg==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/fastify" - }, - { - "type": "opencollective", - "url": "https://opencollective.com/fastify" - } - ], - "license": "MIT" - }, "node_modules/fast-deep-equal": { "version": "3.1.3", "license": "MIT" @@ -6171,7 +5815,6 @@ "version": "11.1.0", "resolved": "https://registry.npmjs.org/glob/-/glob-11.1.0.tgz", "integrity": "sha512-vuNwKSaKiqm7g0THUBu2x7ckSs3XJLXE+2ssL7/MfTGPLLcrJQ/4Uq1CjPTtO5cCIiRxqvN6Twy1qOwhL0Xjcw==", - "dev": true, "license": "BlueOak-1.0.0", "dependencies": { "foreground-child": "^3.3.1", @@ -6206,7 +5849,6 @@ "version": "10.1.1", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.1.1.tgz", "integrity": "sha512-enIvLvRAFZYXJzkCYG5RKmPfrFArdLv+R+lbQ53BmIMLIry74bjKzX6iHAm8WYamJkhSSEabrWN5D97XnKObjQ==", - "dev": true, "license": "BlueOak-1.0.0", "dependencies": { "@isaacs/brace-expansion": "^5.0.0" @@ -6875,7 +6517,6 @@ "version": "4.1.1", "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.1.1.tgz", "integrity": "sha512-zptv57P3GpL+O0I7VdMJNBZCu+BPHVQUk55Ft8/QCJjTVxrnJHuVuX/0Bl2A6/+2oyR/ZMEuFKwmzqqZ/U5nPQ==", - "dev": true, "license": "BlueOak-1.0.0", "dependencies": { "@isaacs/cliui": "^8.0.2" @@ -6909,10 +6550,11 @@ } }, "node_modules/jschardet": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/jschardet/-/jschardet-3.1.3.tgz", - "integrity": "sha512-Q1PKVMK/uu+yjdlobgWIYkUOCR1SqUmW9m/eUJNNj4zI2N12i25v8fYpVf+zCakQeaTdBdhnZTFbVIAVZIVVOg==", + "version": "3.1.4", + "resolved": "https://registry.npmjs.org/jschardet/-/jschardet-3.1.4.tgz", + "integrity": "sha512-/kmVISmrwVwtyYU40iQUOp3SUPk2dhNCMsZBQX0R1/jZ8maaXJ/oZIzUOiyOqcgtLnETFKYChbJ5iDC/eWmFHg==", "dev": true, + "license": "LGPL-2.1+", "engines": { "node": ">=0.1.90" } @@ -7118,7 +6760,6 @@ "version": "11.1.0", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.1.0.tgz", "integrity": "sha512-QIXZUBJUx+2zHUdQujWejBkcD9+cs94tLn0+YL8UrCh+D5sCXZ4c7LaEH48pNwRY3MLDgqUFyhlCyjJPf1WP0A==", - "dev": true, "license": "ISC", "engines": { "node": "20 || >=22" @@ -7509,153 +7150,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/octokit": { - "version": "5.0.5", - "resolved": "https://registry.npmjs.org/octokit/-/octokit-5.0.5.tgz", - "integrity": "sha512-4+/OFSqOjoyULo7eN7EA97DE0Xydj/PW5aIckxqQIoFjFwqXKuFCvXUJObyJfBF9Khu4RL/jlDRI9FPaMGfPnw==", - "license": "MIT", - "dependencies": { - "@octokit/app": "^16.1.2", - "@octokit/core": "^7.0.6", - "@octokit/oauth-app": "^8.0.3", - "@octokit/plugin-paginate-graphql": "^6.0.0", - "@octokit/plugin-paginate-rest": "^14.0.0", - "@octokit/plugin-rest-endpoint-methods": "^17.0.0", - "@octokit/plugin-retry": "^8.0.3", - "@octokit/plugin-throttling": "^11.0.3", - "@octokit/request-error": "^7.0.2", - "@octokit/types": "^16.0.0", - "@octokit/webhooks": "^14.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/octokit/node_modules/@octokit/auth-token": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-6.0.0.tgz", - "integrity": "sha512-P4YJBPdPSpWTQ1NU4XYdvHvXJJDxM6YwpS0FZHRgP7YFkdVxsWcpWGy/NVqlAA7PcPCnMacXlRm1y2PFZRWL/w==", - "engines": { - "node": ">= 20" - } - }, - "node_modules/octokit/node_modules/@octokit/core": { - "version": "7.0.6", - "resolved": "https://registry.npmjs.org/@octokit/core/-/core-7.0.6.tgz", - "integrity": "sha512-DhGl4xMVFGVIyMwswXeyzdL4uXD5OGILGX5N8Y+f6W7LhC1Ze2poSNrkF/fedpVDHEEZ+PHFW0vL14I+mm8K3Q==", - "license": "MIT", - "dependencies": { - "@octokit/auth-token": "^6.0.0", - "@octokit/graphql": "^9.0.3", - "@octokit/request": "^10.0.6", - "@octokit/request-error": "^7.0.2", - "@octokit/types": "^16.0.0", - "before-after-hook": "^4.0.0", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/octokit/node_modules/@octokit/graphql": { - "version": "9.0.3", - "resolved": "https://registry.npmjs.org/@octokit/graphql/-/graphql-9.0.3.tgz", - "integrity": "sha512-grAEuupr/C1rALFnXTv6ZQhFuL1D8G5y8CN04RgrO4FIPMrtm+mcZzFG7dcBm+nq+1ppNixu+Jd78aeJOYxlGA==", - "license": "MIT", - "dependencies": { - "@octokit/request": "^10.0.6", - "@octokit/types": "^16.0.0", - "universal-user-agent": "^7.0.0" - }, - "engines": { - "node": ">= 20" - } - }, - "node_modules/octokit/node_modules/@octokit/plugin-paginate-graphql": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-graphql/-/plugin-paginate-graphql-6.0.0.tgz", - "integrity": "sha512-crfpnIoFiBtRkvPqOyLOsw12XsveYuY2ieP6uYDosoUegBJpSVxGwut9sxUgFFcll3VTOTqpUf8yGd8x1OmAkQ==", - "engines": { - "node": ">= 20" - }, - "peerDependencies": { - "@octokit/core": ">=6" - } - }, - "node_modules/octokit/node_modules/@octokit/plugin-paginate-rest": { - "version": "14.0.0", - "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-14.0.0.tgz", - "integrity": "sha512-fNVRE7ufJiAA3XUrha2omTA39M6IXIc6GIZLvlbsm8QOQCYvpq/LkMNGyFlB1d8hTDzsAXa3OKtybdMAYsV/fw==", - "license": "MIT", - "dependencies": { - "@octokit/types": "^16.0.0" - }, - "engines": { - "node": ">= 20" - }, - "peerDependencies": { - "@octokit/core": ">=6" - } - }, - "node_modules/octokit/node_modules/@octokit/plugin-rest-endpoint-methods": { - "version": "17.0.0", - "resolved": "https://registry.npmjs.org/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-17.0.0.tgz", - "integrity": "sha512-B5yCyIlOJFPqUUeiD0cnBJwWJO8lkJs5d8+ze9QDP6SvfiXSz1BF+91+0MeI1d2yxgOhU/O+CvtiZ9jSkHhFAw==", - "license": "MIT", - "dependencies": { - "@octokit/types": "^16.0.0" - }, - "engines": { - "node": ">= 20" - }, - "peerDependencies": { - "@octokit/core": ">=6" - } - }, - "node_modules/octokit/node_modules/@octokit/plugin-retry": { - "version": "8.0.3", - "resolved": "https://registry.npmjs.org/@octokit/plugin-retry/-/plugin-retry-8.0.3.tgz", - "integrity": "sha512-vKGx1i3MC0za53IzYBSBXcrhmd+daQDzuZfYDd52X5S0M2otf3kVZTVP8bLA3EkU0lTvd1WEC2OlNNa4G+dohA==", - "license": "MIT", - "dependencies": { - "@octokit/request-error": "^7.0.2", - "@octokit/types": "^16.0.0", - "bottleneck": "^2.15.3" - }, - "engines": { - "node": ">= 20" - }, - "peerDependencies": { - "@octokit/core": ">=7" - } - }, - "node_modules/octokit/node_modules/@octokit/plugin-throttling": { - "version": "11.0.3", - "resolved": "https://registry.npmjs.org/@octokit/plugin-throttling/-/plugin-throttling-11.0.3.tgz", - "integrity": "sha512-34eE0RkFCKycLl2D2kq7W+LovheM/ex3AwZCYN8udpi6bxsyjZidb2McXs69hZhLmJlDqTSP8cH+jSRpiaijBg==", - "license": "MIT", - "dependencies": { - "@octokit/types": "^16.0.0", - "bottleneck": "^2.15.3" - }, - "engines": { - "node": ">= 20" - }, - "peerDependencies": { - "@octokit/core": "^7.0.0" - } - }, - "node_modules/octokit/node_modules/before-after-hook": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/before-after-hook/-/before-after-hook-4.0.0.tgz", - "integrity": "sha512-q6tR3RPqIB1pMiTRMFcZwuG5T8vwp+vUvEG0vuI6B+Rikh5BfPp2fQ82c925FOs+b0lcFQ8CFrL+KbilfZFhOQ==" - }, - "node_modules/octokit/node_modules/universal-user-agent": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-7.0.3.tgz", - "integrity": "sha512-TmnEAEAsBJVZM/AADELsK76llnwcf9vMKuPz8JflO1frO8Lchitr0fNaN9d+Ap0BjKtqWqd/J17qeDnXh8CL2A==", - "license": "ISC" - }, "node_modules/once": { "version": "1.4.0", "license": "ISC", @@ -7776,7 +7270,6 @@ "version": "2.0.0", "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-2.0.0.tgz", "integrity": "sha512-ypGJsmGtdXUOeM5u93TyeIEfEhM6s+ljAhrk5vAvSx8uyY/02OvrZnA0YNGUrPXfpJMgI1ODd3nwz8Npx4O4cg==", - "dev": true, "license": "BlueOak-1.0.0", "dependencies": { "lru-cache": "^11.0.0", @@ -8900,15 +8393,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/toad-cache": { - "version": "3.7.0", - "resolved": "https://registry.npmjs.org/toad-cache/-/toad-cache-3.7.0.tgz", - "integrity": "sha512-/m8M+2BJUpoJdgAHoG+baCwBT+tf2VraSfkBgl0Y00qIWt41DJ8R5B8nsEw0I58YwF5IZH6z24/2TobDKnqSWw==", - "license": "MIT", - "engines": { - "node": ">=12" - } - }, "node_modules/tr46": { "version": "0.0.3", "license": "MIT" @@ -9231,12 +8715,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/universal-github-app-jwt": { - "version": "2.2.2", - "resolved": "https://registry.npmjs.org/universal-github-app-jwt/-/universal-github-app-jwt-2.2.2.tgz", - "integrity": "sha512-dcmbeSrOdTnsjGjUfAlqNDJrhxXizjAz94ija9Qw8YkZ1uu0d+GoZzyH+Jb9tIIqvGsadUfwg+22k5aDqqwzbw==", - "license": "MIT" - }, "node_modules/universal-user-agent": { "version": "6.0.0", "license": "ISC" @@ -9294,7 +8772,8 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/utf8/-/utf8-3.0.0.tgz", "integrity": "sha512-E8VjFIQ/TyQgp+TZfS6l8yp/xWppSAHzidGiRrqe4bK4XP9pTRyKFgGJpO3SN7zdX4DeomTrwaseCHovfpFcqQ==", - "dev": true + "dev": true, + "license": "MIT" }, "node_modules/util-deprecate": { "version": "1.0.2", diff --git a/package.json b/package.json index 6eedf7f473..61317b90ac 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "4.31.4", + "version": "4.31.5", "private": true, "description": "CodeQL action", "scripts": { @@ -35,7 +35,6 @@ "@actions/io": "^2.0.0", "@actions/tool-cache": "^2.0.2", "@octokit/plugin-retry": "^6.0.0", - "@octokit/request-error": "^7.0.2", "@schemastore/package": "0.0.10", "archiver": "^7.0.1", "fast-deep-equal": "^3.1.3", @@ -45,13 +44,12 @@ "jsonschema": "1.4.1", "long": "^5.3.2", "node-forge": "^1.3.1", - "octokit": "^5.0.5", "semver": "^7.7.3", "uuid": "^13.0.0" }, "devDependencies": { "@ava/typescript": "6.0.0", - "@eslint/compat": "^1.4.1", + "@eslint/compat": "^2.0.0", "@eslint/eslintrc": "^3.3.1", "@eslint/js": "^9.39.1", "@microsoft/eslint-formatter-sarif": "^3.1.0", @@ -59,21 +57,21 @@ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "20.19.9", + "@types/node": "^20.19.9", "@types/node-forge": "^1.3.14", "@types/semver": "^7.7.1", - "@types/sinon": "^17.0.4", + "@types/sinon": "^21.0.0", "@typescript-eslint/eslint-plugin": "^8.46.4", "@typescript-eslint/parser": "^8.41.0", "ava": "^6.4.1", "esbuild": "^0.27.0", + "eslint": "^8.57.1", "eslint-import-resolver-typescript": "^3.8.7", "eslint-plugin-filenames": "^1.3.2", "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", - "eslint-plugin-jsdoc": "^61.1.12", + "eslint-plugin-jsdoc": "^61.2.1", "eslint-plugin-no-async-foreach": "^0.1.1", - "eslint": "^8.57.1", "glob": "^11.1.0", "nock": "^14.0.10", "sinon": "^21.0.0", diff --git a/src/actions-util.ts b/src/actions-util.ts index a2d691b42d..736d35d0f1 100644 --- a/src/actions-util.ts +++ b/src/actions-util.ts @@ -80,7 +80,7 @@ export function isRunningLocalAction(): boolean { * * This can be used to get the Action's name or tell if we're running a local Action. */ -export function getRelativeScriptPath(): string { +function getRelativeScriptPath(): string { const runnerTemp = getRequiredEnvParam("RUNNER_TEMP"); const actionsDirectory = path.join(path.dirname(runnerTemp), "_actions"); return path.relative(actionsDirectory, __filename); diff --git a/src/analyses.ts b/src/analyses.ts index a8d172e3b6..4f91ab07c0 100644 --- a/src/analyses.ts +++ b/src/analyses.ts @@ -98,7 +98,7 @@ export async function getAnalysisKinds( export const codeQualityQueries: string[] = ["code-quality"]; // Enumerates API endpoints that accept SARIF files. -export enum SARIF_UPLOAD_ENDPOINT { +enum SARIF_UPLOAD_ENDPOINT { CODE_SCANNING = "PUT /repos/:owner/:repo/code-scanning/analysis", CODE_QUALITY = "PUT /repos/:owner/:repo/code-quality/analysis", } diff --git a/src/analyze-action.ts b/src/analyze-action.ts index 3ab1dd1321..abbf239724 100644 --- a/src/analyze-action.ts +++ b/src/analyze-action.ts @@ -25,7 +25,7 @@ import { isCodeQualityEnabled, isCodeScanningEnabled, } from "./config-utils"; -import { uploadDatabases } from "./database-upload"; +import { cleanupAndUploadDatabases } from "./database-upload"; import { DependencyCacheUploadStatusReport, uploadDependencyCaches, @@ -35,7 +35,7 @@ import { EnvVar } from "./environment"; import { Feature, Features } from "./feature-flags"; import { KnownLanguage } from "./languages"; import { getActionsLogger, Logger } from "./logging"; -import { uploadOverlayBaseDatabaseToCache } from "./overlay-database-utils"; +import { cleanupAndUploadOverlayBaseDatabaseToCache } from "./overlay-database-utils"; import { getRepositoryNwo } from "./repository"; import * as statusReport from "./status-report"; import { @@ -417,12 +417,21 @@ async function run() { } // Possibly upload the overlay-base database to actions cache. - // If databases are to be uploaded, they will first be cleaned up at the overlay level. - await uploadOverlayBaseDatabaseToCache(codeql, config, logger); + // Note: Take care with the ordering of this call since databases may be cleaned up + // at the `overlay` level. + await cleanupAndUploadOverlayBaseDatabaseToCache(codeql, config, logger); // Possibly upload the database bundles for remote queries. - // If databases are to be uploaded, they will first be cleaned up at the clear level. - await uploadDatabases(repositoryNwo, codeql, config, apiDetails, logger); + // Note: Take care with the ordering of this call since databases may be cleaned up + // at the `overlay` or `clear` level. + await cleanupAndUploadDatabases( + repositoryNwo, + codeql, + config, + apiDetails, + features, + logger, + ); // Possibly upload the TRAP caches for later re-use const trapCacheUploadStartTime = performance.now(); diff --git a/src/api-client.ts b/src/api-client.ts index e14048337f..600da1ed6d 100644 --- a/src/api-client.ts +++ b/src/api-client.ts @@ -18,11 +18,6 @@ import { const GITHUB_ENTERPRISE_VERSION_HEADER = "x-github-enterprise-version"; -export enum DisallowedAPIVersionReason { - ACTION_TOO_OLD, - ACTION_TOO_NEW, -} - export type GitHubApiCombinedDetails = GitHubApiDetails & GitHubApiExternalRepoDetails; diff --git a/src/cli-errors.ts b/src/cli-errors.ts index 0a009f9832..5aba268cab 100644 --- a/src/cli-errors.ts +++ b/src/cli-errors.ts @@ -159,10 +159,7 @@ type CliErrorConfiguration = { * All of our caught CLI error messages that we handle specially: ie. if we * would like to categorize an error as a configuration error or not. */ -export const cliErrorsConfig: Record< - CliConfigErrorCategory, - CliErrorConfiguration -> = { +const cliErrorsConfig: Record = { [CliConfigErrorCategory.AutobuildError]: { cliErrorMessageCandidates: [ new RegExp("We were unable to automatically build your code"), diff --git a/src/codeql.ts b/src/codeql.ts index bc1d00401f..2b86d843f3 100644 --- a/src/codeql.ts +++ b/src/codeql.ts @@ -35,7 +35,7 @@ import { ToolsDownloadStatusReport } from "./tools-download"; import { ToolsFeature, isSupportedToolsFeature } from "./tools-features"; import { shouldEnableIndirectTracing } from "./tracer-config"; import * as util from "./util"; -import { BuildMode, getErrorMessage } from "./util"; +import { BuildMode, CleanupLevel, getErrorMessage } from "./util"; type Options = Array; @@ -141,7 +141,10 @@ export interface CodeQL { /** * Clean up all the databases within a database cluster. */ - databaseCleanupCluster(config: Config, cleanupLevel: string): Promise; + databaseCleanupCluster( + config: Config, + cleanupLevel: CleanupLevel, + ): Promise; /** * Run 'codeql database bundle'. */ @@ -513,7 +516,7 @@ export async function getCodeQLForTesting( * version requirement. Must be set to true outside tests. * @returns A new CodeQL object */ -export async function getCodeQLForCmd( +async function getCodeQLForCmd( cmd: string, checkVersion: boolean, ): Promise { @@ -878,7 +881,7 @@ export async function getCodeQLForCmd( }, async databaseCleanupCluster( config: Config, - cleanupLevel: string, + cleanupLevel: CleanupLevel, ): Promise { const cacheCleanupFlag = (await util.codeQlVersionAtLeast( this, @@ -1222,7 +1225,7 @@ export async function getTrapCachingExtractorConfigArgsForLang( * * This will not exist if the configuration is being parsed in the Action. */ -export function getGeneratedCodeScanningConfigPath(config: Config): string { +function getGeneratedCodeScanningConfigPath(config: Config): string { return path.resolve(config.tempDir, "user-config.yaml"); } diff --git a/src/config-utils.test.ts b/src/config-utils.test.ts index da58dd8b1b..7f991ea24c 100644 --- a/src/config-utils.test.ts +++ b/src/config-utils.test.ts @@ -37,7 +37,9 @@ import { ConfigurationError, withTmpDir, BuildMode, + DiskUsage, } from "./util"; +import * as util from "./util"; setupTests(test); @@ -200,12 +202,9 @@ test("load code quality config", async (t) => { ); // And the config we expect it to result in - const expectedConfig: configUtils.Config = { - version: actionsUtil.getActionVersion(), + const expectedConfig = createTestConfig({ analysisKinds: [AnalysisKind.CodeQuality], languages: [KnownLanguage.actions], - buildMode: undefined, - originalUserInput: {}, // This gets set because we only have `AnalysisKind.CodeQuality` computedConfig: { "disable-default-queries": true, @@ -219,14 +218,7 @@ test("load code quality config", async (t) => { debugMode: false, debugArtifactName: "", debugDatabaseName: "", - trapCaches: {}, - trapCacheDownloadTime: 0, - dependencyCachingEnabled: CachingKind.None, - extraQueryExclusions: [], - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - repositoryProperties: {}, - }; + }); t.deepEqual(config, expectedConfig); }); @@ -507,9 +499,7 @@ test("load non-empty input", async (t) => { }; // And the config we expect it to parse to - const expectedConfig: configUtils.Config = { - version: actionsUtil.getActionVersion(), - analysisKinds: [AnalysisKind.CodeScanning], + const expectedConfig = createTestConfig({ languages: [KnownLanguage.javascript], buildMode: BuildMode.None, originalUserInput: userConfig, @@ -521,14 +511,7 @@ test("load non-empty input", async (t) => { debugMode: false, debugArtifactName: "my-artifact", debugDatabaseName: "my-db", - trapCaches: {}, - trapCacheDownloadTime: 0, - dependencyCachingEnabled: CachingKind.None, - extraQueryExclusions: [], - overlayDatabaseMode: OverlayDatabaseMode.None, - useOverlayDatabaseCaching: false, - repositoryProperties: {}, - }; + }); const languagesInput = "javascript"; const configFilePath = createConfigFile(inputFileContents, tempDir); @@ -995,6 +978,7 @@ interface OverlayDatabaseModeTestSetup { codeqlVersion: string; gitRoot: string | undefined; codeScanningConfig: configUtils.UserConfig; + diskUsage: DiskUsage | undefined; } const defaultOverlayDatabaseModeTestSetup: OverlayDatabaseModeTestSetup = { @@ -1007,6 +991,10 @@ const defaultOverlayDatabaseModeTestSetup: OverlayDatabaseModeTestSetup = { codeqlVersion: CODEQL_OVERLAY_MINIMUM_VERSION, gitRoot: "/some/git/root", codeScanningConfig: {}, + diskUsage: { + numAvailableBytes: 50_000_000_000, + numTotalBytes: 100_000_000_000, + }, }; const getOverlayDatabaseModeMacro = test.macro({ @@ -1039,6 +1027,8 @@ const getOverlayDatabaseModeMacro = test.macro({ setup.overlayDatabaseEnvVar; } + sinon.stub(util, "checkDiskUsage").resolves(setup.diskUsage); + // Mock feature flags const features = createFeatures(setup.features); @@ -1196,6 +1186,45 @@ test( }, ); +test( + getOverlayDatabaseModeMacro, + "No overlay-base database on default branch if runner disk space is too low", + { + languages: [KnownLanguage.javascript], + features: [ + Feature.OverlayAnalysis, + Feature.OverlayAnalysisCodeScanningJavascript, + ], + isDefaultBranch: true, + diskUsage: { + numAvailableBytes: 1_000_000_000, + numTotalBytes: 100_000_000_000, + }, + }, + { + overlayDatabaseMode: OverlayDatabaseMode.None, + useOverlayDatabaseCaching: false, + }, +); + +test( + getOverlayDatabaseModeMacro, + "No overlay-base database on default branch if we can't determine runner disk space", + { + languages: [KnownLanguage.javascript], + features: [ + Feature.OverlayAnalysis, + Feature.OverlayAnalysisCodeScanningJavascript, + ], + isDefaultBranch: true, + diskUsage: undefined, + }, + { + overlayDatabaseMode: OverlayDatabaseMode.None, + useOverlayDatabaseCaching: false, + }, +); + test( getOverlayDatabaseModeMacro, "No overlay-base database on default branch when code-scanning feature enabled with disable-default-queries", @@ -1366,6 +1395,45 @@ test( }, ); +test( + getOverlayDatabaseModeMacro, + "No overlay analysis on PR if runner disk space is too low", + { + languages: [KnownLanguage.javascript], + features: [ + Feature.OverlayAnalysis, + Feature.OverlayAnalysisCodeScanningJavascript, + ], + isPullRequest: true, + diskUsage: { + numAvailableBytes: 1_000_000_000, + numTotalBytes: 100_000_000_000, + }, + }, + { + overlayDatabaseMode: OverlayDatabaseMode.None, + useOverlayDatabaseCaching: false, + }, +); + +test( + getOverlayDatabaseModeMacro, + "No overlay analysis on PR if we can't determine runner disk space", + { + languages: [KnownLanguage.javascript], + features: [ + Feature.OverlayAnalysis, + Feature.OverlayAnalysisCodeScanningJavascript, + ], + isPullRequest: true, + diskUsage: undefined, + }, + { + overlayDatabaseMode: OverlayDatabaseMode.None, + useOverlayDatabaseCaching: false, + }, +); + test( getOverlayDatabaseModeMacro, "No overlay analysis on PR when code-scanning feature enabled with disable-default-queries", @@ -1500,6 +1568,19 @@ test( }, ); +test( + getOverlayDatabaseModeMacro, + "Overlay PR analysis by env on a runner with low disk space", + { + overlayDatabaseEnvVar: "overlay", + diskUsage: { numAvailableBytes: 0, numTotalBytes: 100_000_000_000 }, + }, + { + overlayDatabaseMode: OverlayDatabaseMode.Overlay, + useOverlayDatabaseCaching: false, + }, +); + test( getOverlayDatabaseModeMacro, "Overlay PR analysis by feature flag", diff --git a/src/config-utils.ts b/src/config-utils.ts index fa88d4b4a5..ee9d411982 100644 --- a/src/config-utils.ts +++ b/src/config-utils.ts @@ -43,10 +43,22 @@ import { codeQlVersionAtLeast, cloneObject, isDefined, + checkDiskUsage, } from "./util"; export * from "./config/db-config"; +/** + * The minimum available disk space (in MB) required to perform overlay analysis. + * If the available disk space on the runner is below the threshold when deciding + * whether to perform overlay analysis, then the action will not perform overlay + * analysis unless overlay analysis has been explicitly enabled via environment + * variable. + */ +const OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB = 20000; +const OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES = + OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_MB * 1_000_000; + export type RegistryConfigWithCredentials = RegistryConfigNoCredentials & { // Token to use when downloading packs from this registry. token: string; @@ -148,6 +160,9 @@ export interface Config { /** A value indicating how dependency caching should be used. */ dependencyCachingEnabled: CachingKind; + /** The keys of caches that we restored, if any. */ + dependencyCachingRestoredKeys: string[]; + /** * Extra query exclusions to append to the config. */ @@ -176,7 +191,7 @@ export interface Config { repositoryProperties: RepositoryProperties; } -export async function getSupportedLanguageMap( +async function getSupportedLanguageMap( codeql: CodeQL, logger: Logger, ): Promise> { @@ -239,7 +254,7 @@ export function hasActionsWorkflows(sourceRoot: string): boolean { /** * Gets the set of languages in the current repository. */ -export async function getRawLanguagesInRepo( +async function getRawLanguagesInRepo( repository: RepositoryNwo, sourceRoot: string, logger: Logger, @@ -348,7 +363,7 @@ export function getRawLanguagesNoAutodetect( * @returns A tuple containing a list of languages in this repository that might be * analyzable and whether or not this list was determined automatically. */ -export async function getRawLanguages( +async function getRawLanguages( languagesInput: string | undefined, repository: RepositoryNwo, sourceRoot: string, @@ -496,6 +511,7 @@ export async function initActionState( trapCaches, trapCacheDownloadTime, dependencyCachingEnabled: getCachingKind(dependencyCachingEnabled), + dependencyCachingRestoredKeys: [], extraQueryExclusions: [], overlayDatabaseMode: OverlayDatabaseMode.None, useOverlayDatabaseCaching: false, @@ -675,20 +691,37 @@ export async function getOverlayDatabaseMode( codeScanningConfig, ) ) { - if (isAnalyzingPullRequest()) { - overlayDatabaseMode = OverlayDatabaseMode.Overlay; - useOverlayDatabaseCaching = true; - logger.info( - `Setting overlay database mode to ${overlayDatabaseMode} ` + - "with caching because we are analyzing a pull request.", - ); - } else if (await isAnalyzingDefaultBranch()) { - overlayDatabaseMode = OverlayDatabaseMode.OverlayBase; - useOverlayDatabaseCaching = true; + const diskUsage = await checkDiskUsage(logger); + if ( + diskUsage === undefined || + diskUsage.numAvailableBytes < OVERLAY_MINIMUM_AVAILABLE_DISK_SPACE_BYTES + ) { + const diskSpaceMb = + diskUsage === undefined + ? 0 + : Math.round(diskUsage.numAvailableBytes / 1_000_000); + overlayDatabaseMode = OverlayDatabaseMode.None; + useOverlayDatabaseCaching = false; logger.info( `Setting overlay database mode to ${overlayDatabaseMode} ` + - "with caching because we are analyzing the default branch.", + `due to insufficient disk space (${diskSpaceMb} MB).`, ); + } else { + if (isAnalyzingPullRequest()) { + overlayDatabaseMode = OverlayDatabaseMode.Overlay; + useOverlayDatabaseCaching = true; + logger.info( + `Setting overlay database mode to ${overlayDatabaseMode} ` + + "with caching because we are analyzing a pull request.", + ); + } else if (await isAnalyzingDefaultBranch()) { + overlayDatabaseMode = OverlayDatabaseMode.OverlayBase; + useOverlayDatabaseCaching = true; + logger.info( + `Setting overlay database mode to ${overlayDatabaseMode} ` + + "with caching because we are analyzing the default branch.", + ); + } } } @@ -1226,7 +1259,7 @@ export function isCodeQualityEnabled(config: Config): boolean { * @returns Returns `AnalysisKind.CodeScanning` if `AnalysisKind.CodeScanning` is enabled; * otherwise `AnalysisKind.CodeQuality`. */ -export function getPrimaryAnalysisKind(config: Config): AnalysisKind { +function getPrimaryAnalysisKind(config: Config): AnalysisKind { return isCodeScanningEnabled(config) ? AnalysisKind.CodeScanning : AnalysisKind.CodeQuality; diff --git a/src/database-upload.test.ts b/src/database-upload.test.ts index 6c986fb7fa..e07ff1da2e 100644 --- a/src/database-upload.test.ts +++ b/src/database-upload.test.ts @@ -10,11 +10,12 @@ import { GitHubApiDetails } from "./api-client"; import * as apiClient from "./api-client"; import { createStubCodeQL } from "./codeql"; import { Config } from "./config-utils"; -import { uploadDatabases } from "./database-upload"; +import { cleanupAndUploadDatabases } from "./database-upload"; import * as gitUtils from "./git-utils"; import { KnownLanguage } from "./languages"; import { RepositoryNwo } from "./repository"; import { + createFeatures, createTestConfig, getRecordingLogger, LoggedMessage, @@ -91,11 +92,12 @@ test("Abort database upload if 'upload-database' input set to false", async (t) sinon.stub(gitUtils, "isAnalyzingDefaultBranch").resolves(true); const loggedMessages = []; - await uploadDatabases( + await cleanupAndUploadDatabases( testRepoName, getCodeQL(), getTestConfig(tmpDir), testApiDetails, + createFeatures([]), getRecordingLogger(loggedMessages), ); t.assert( @@ -121,7 +123,7 @@ test("Abort database upload if 'analysis-kinds: code-scanning' is not enabled", await mockHttpRequests(201); const loggedMessages = []; - await uploadDatabases( + await cleanupAndUploadDatabases( testRepoName, getCodeQL(), { @@ -129,6 +131,7 @@ test("Abort database upload if 'analysis-kinds: code-scanning' is not enabled", analysisKinds: [AnalysisKind.CodeQuality], }, testApiDetails, + createFeatures([]), getRecordingLogger(loggedMessages), ); t.assert( @@ -155,11 +158,12 @@ test("Abort database upload if running against GHES", async (t) => { config.gitHubVersion = { type: GitHubVariant.GHES, version: "3.0" }; const loggedMessages = []; - await uploadDatabases( + await cleanupAndUploadDatabases( testRepoName, getCodeQL(), config, testApiDetails, + createFeatures([]), getRecordingLogger(loggedMessages), ); t.assert( @@ -183,11 +187,12 @@ test("Abort database upload if not analyzing default branch", async (t) => { sinon.stub(gitUtils, "isAnalyzingDefaultBranch").resolves(false); const loggedMessages = []; - await uploadDatabases( + await cleanupAndUploadDatabases( testRepoName, getCodeQL(), getTestConfig(tmpDir), testApiDetails, + createFeatures([]), getRecordingLogger(loggedMessages), ); t.assert( @@ -212,11 +217,12 @@ test("Don't crash if uploading a database fails", async (t) => { await mockHttpRequests(500); const loggedMessages = [] as LoggedMessage[]; - await uploadDatabases( + await cleanupAndUploadDatabases( testRepoName, getCodeQL(), getTestConfig(tmpDir), testApiDetails, + createFeatures([]), getRecordingLogger(loggedMessages), ); @@ -243,11 +249,12 @@ test("Successfully uploading a database to github.com", async (t) => { await mockHttpRequests(201); const loggedMessages = [] as LoggedMessage[]; - await uploadDatabases( + await cleanupAndUploadDatabases( testRepoName, getCodeQL(), getTestConfig(tmpDir), testApiDetails, + createFeatures([]), getRecordingLogger(loggedMessages), ); t.assert( @@ -272,7 +279,7 @@ test("Successfully uploading a database to GHEC-DR", async (t) => { const databaseUploadSpy = await mockHttpRequests(201); const loggedMessages = [] as LoggedMessage[]; - await uploadDatabases( + await cleanupAndUploadDatabases( testRepoName, getCodeQL(), getTestConfig(tmpDir), @@ -281,6 +288,7 @@ test("Successfully uploading a database to GHEC-DR", async (t) => { url: "https://tenant.ghe.com", apiURL: undefined, }, + createFeatures([]), getRecordingLogger(loggedMessages), ); t.assert( diff --git a/src/database-upload.ts b/src/database-upload.ts index 69175178c9..d99df14c3d 100644 --- a/src/database-upload.ts +++ b/src/database-upload.ts @@ -5,17 +5,20 @@ import { AnalysisKind } from "./analyses"; import { getApiClient, GitHubApiDetails } from "./api-client"; import { type CodeQL } from "./codeql"; import { Config } from "./config-utils"; +import { Feature, FeatureEnablement } from "./feature-flags"; import * as gitUtils from "./git-utils"; import { Logger, withGroupAsync } from "./logging"; +import { OverlayDatabaseMode } from "./overlay-database-utils"; import { RepositoryNwo } from "./repository"; import * as util from "./util"; -import { bundleDb, parseGitHubUrl } from "./util"; +import { bundleDb, CleanupLevel, parseGitHubUrl } from "./util"; -export async function uploadDatabases( +export async function cleanupAndUploadDatabases( repositoryNwo: RepositoryNwo, codeql: CodeQL, config: Config, apiDetails: GitHubApiDetails, + features: FeatureEnablement, logger: Logger, ): Promise { if (actionsUtil.getRequiredInput("upload-database") !== "true") { @@ -50,10 +53,16 @@ export async function uploadDatabases( return; } + const cleanupLevel = + config.overlayDatabaseMode === OverlayDatabaseMode.OverlayBase && + (await features.getValue(Feature.UploadOverlayDbToApi)) + ? CleanupLevel.Overlay + : CleanupLevel.Clear; + // Clean up the database, since intermediate results may still be written to the // database if there is high RAM pressure. await withGroupAsync("Cleaning up databases", async () => { - await codeql.databaseCleanupCluster(config, "clear"); + await codeql.databaseCleanupCluster(config, cleanupLevel); }); const client = getApiClient(); diff --git a/src/dependency-caching.test.ts b/src/dependency-caching.test.ts index eefb8504cd..a9b9e6210f 100644 --- a/src/dependency-caching.test.ts +++ b/src/dependency-caching.test.ts @@ -7,6 +7,7 @@ import test from "ava"; import * as sinon from "sinon"; import { cacheKeyHashLength } from "./caching-utils"; +import * as cachingUtils from "./caching-utils"; import { createStubCodeQL } from "./codeql"; import { CacheConfig, @@ -20,6 +21,8 @@ import { downloadDependencyCaches, CacheHitKind, cacheKey, + uploadDependencyCaches, + CacheStoreResult, } from "./dependency-caching"; import { Feature } from "./feature-flags"; import { KnownLanguage } from "./languages"; @@ -29,6 +32,7 @@ import { getRecordingLogger, checkExpectedLogMessages, LoggedMessage, + createTestConfig, } from "./testing-utils"; import { withTmpDir } from "./util"; @@ -237,15 +241,17 @@ test("downloadDependencyCaches - does not restore caches with feature keys if no .resolves(CSHARP_BASE_PATTERNS); makePatternCheckStub.withArgs(CSHARP_EXTRA_PATTERNS).resolves(undefined); - const results = await downloadDependencyCaches( + const result = await downloadDependencyCaches( codeql, createFeatures([]), [KnownLanguage.csharp], logger, ); - t.is(results.length, 1); - t.is(results[0].language, KnownLanguage.csharp); - t.is(results[0].hit_kind, CacheHitKind.Miss); + const statusReport = result.statusReport; + t.is(statusReport.length, 1); + t.is(statusReport[0].language, KnownLanguage.csharp); + t.is(statusReport[0].hit_kind, CacheHitKind.Miss); + t.deepEqual(result.restoredKeys, []); t.assert(restoreCacheStub.calledOnce); }); @@ -257,7 +263,8 @@ test("downloadDependencyCaches - restores caches with feature keys if features a const logger = getRecordingLogger(messages); const features = createFeatures([Feature.CsharpNewCacheKey]); - sinon.stub(glob, "hashFiles").resolves("abcdef"); + const mockHash = "abcdef"; + sinon.stub(glob, "hashFiles").resolves(mockHash); const keyWithFeature = await cacheKey( codeql, @@ -277,15 +284,28 @@ test("downloadDependencyCaches - restores caches with feature keys if features a .resolves(CSHARP_BASE_PATTERNS); makePatternCheckStub.withArgs(CSHARP_EXTRA_PATTERNS).resolves(undefined); - const results = await downloadDependencyCaches( + const result = await downloadDependencyCaches( codeql, features, [KnownLanguage.csharp], logger, ); - t.is(results.length, 1); - t.is(results[0].language, KnownLanguage.csharp); - t.is(results[0].hit_kind, CacheHitKind.Exact); + + // Check that the status report for telemetry indicates that one cache was restored with an exact match. + const statusReport = result.statusReport; + t.is(statusReport.length, 1); + t.is(statusReport[0].language, KnownLanguage.csharp); + t.is(statusReport[0].hit_kind, CacheHitKind.Exact); + + // Check that the restored key has been returned. + const restoredKeys = result.restoredKeys; + t.is(restoredKeys.length, 1); + t.assert( + restoredKeys[0].endsWith(mockHash), + "Expected restored key to end with hash returned by `hashFiles`", + ); + + // `restoreCache` should have been called exactly once. t.assert(restoreCacheStub.calledOnce); }); @@ -297,8 +317,14 @@ test("downloadDependencyCaches - restores caches with feature keys if features a const logger = getRecordingLogger(messages); const features = createFeatures([Feature.CsharpNewCacheKey]); + // We expect two calls to `hashFiles`: the first by the call to `cacheKey` below, + // and the second by `downloadDependencyCaches`. We use the result of the first + // call as part of the cache key that identifies a mock, existing cache. The result + // of the second call is for the primary restore key, which we don't want to match + // the first key so that we can test the restore keys logic. + const restoredHash = "abcdef"; const hashFilesStub = sinon.stub(glob, "hashFiles"); - hashFilesStub.onFirstCall().resolves("abcdef"); + hashFilesStub.onFirstCall().resolves(restoredHash); hashFilesStub.onSecondCall().resolves("123456"); const keyWithFeature = await cacheKey( @@ -319,18 +345,230 @@ test("downloadDependencyCaches - restores caches with feature keys if features a .resolves(CSHARP_BASE_PATTERNS); makePatternCheckStub.withArgs(CSHARP_EXTRA_PATTERNS).resolves(undefined); - const results = await downloadDependencyCaches( + const result = await downloadDependencyCaches( codeql, features, [KnownLanguage.csharp], logger, ); - t.is(results.length, 1); - t.is(results[0].language, KnownLanguage.csharp); - t.is(results[0].hit_kind, CacheHitKind.Partial); + + // Check that the status report for telemetry indicates that one cache was restored with a partial match. + const statusReport = result.statusReport; + t.is(statusReport.length, 1); + t.is(statusReport[0].language, KnownLanguage.csharp); + t.is(statusReport[0].hit_kind, CacheHitKind.Partial); + + // Check that the restored key has been returned. + const restoredKeys = result.restoredKeys; + t.is(restoredKeys.length, 1); + t.assert( + restoredKeys[0].endsWith(restoredHash), + "Expected restored key to end with hash returned by `hashFiles`", + ); + t.assert(restoreCacheStub.calledOnce); }); +test("uploadDependencyCaches - skips upload for a language with no cache config", async (t) => { + const codeql = createStubCodeQL({}); + const messages: LoggedMessage[] = []; + const logger = getRecordingLogger(messages); + const features = createFeatures([]); + const config = createTestConfig({ + languages: [KnownLanguage.actions], + }); + + const result = await uploadDependencyCaches(codeql, features, config, logger); + t.is(result.length, 0); + checkExpectedLogMessages(t, messages, [ + "Skipping upload of dependency cache for actions", + ]); +}); + +test("uploadDependencyCaches - skips upload if no files for the hash exist", async (t) => { + const codeql = createStubCodeQL({}); + const messages: LoggedMessage[] = []; + const logger = getRecordingLogger(messages); + const features = createFeatures([]); + const config = createTestConfig({ + languages: [KnownLanguage.go], + }); + + const makePatternCheckStub = sinon.stub(internal, "makePatternCheck"); + makePatternCheckStub.resolves(undefined); + + const result = await uploadDependencyCaches(codeql, features, config, logger); + t.is(result.length, 1); + t.is(result[0].language, KnownLanguage.go); + t.is(result[0].result, CacheStoreResult.NoHash); +}); + +test("uploadDependencyCaches - skips upload if we know the cache already exists", async (t) => { + process.env["RUNNER_OS"] = "Linux"; + + const codeql = createStubCodeQL({}); + const messages: LoggedMessage[] = []; + const logger = getRecordingLogger(messages); + const features = createFeatures([]); + + const mockHash = "abcdef"; + sinon.stub(glob, "hashFiles").resolves(mockHash); + + const makePatternCheckStub = sinon.stub(internal, "makePatternCheck"); + makePatternCheckStub + .withArgs(CSHARP_BASE_PATTERNS) + .resolves(CSHARP_BASE_PATTERNS); + + const primaryCacheKey = await cacheKey( + codeql, + features, + KnownLanguage.csharp, + CSHARP_BASE_PATTERNS, + ); + + const config = createTestConfig({ + languages: [KnownLanguage.csharp], + dependencyCachingRestoredKeys: [primaryCacheKey], + }); + + const result = await uploadDependencyCaches(codeql, features, config, logger); + t.is(result.length, 1); + t.is(result[0].language, KnownLanguage.csharp); + t.is(result[0].result, CacheStoreResult.Duplicate); +}); + +test("uploadDependencyCaches - skips upload if cache size is 0", async (t) => { + process.env["RUNNER_OS"] = "Linux"; + + const codeql = createStubCodeQL({}); + const messages: LoggedMessage[] = []; + const logger = getRecordingLogger(messages); + const features = createFeatures([]); + + const mockHash = "abcdef"; + sinon.stub(glob, "hashFiles").resolves(mockHash); + + const makePatternCheckStub = sinon.stub(internal, "makePatternCheck"); + makePatternCheckStub + .withArgs(CSHARP_BASE_PATTERNS) + .resolves(CSHARP_BASE_PATTERNS); + + sinon.stub(cachingUtils, "getTotalCacheSize").resolves(0); + + const config = createTestConfig({ + languages: [KnownLanguage.csharp], + }); + + const result = await uploadDependencyCaches(codeql, features, config, logger); + t.is(result.length, 1); + t.is(result[0].language, KnownLanguage.csharp); + t.is(result[0].result, CacheStoreResult.Empty); + + checkExpectedLogMessages(t, messages, [ + "Skipping upload of dependency cache", + ]); +}); + +test("uploadDependencyCaches - uploads caches when all requirements are met", async (t) => { + process.env["RUNNER_OS"] = "Linux"; + + const codeql = createStubCodeQL({}); + const messages: LoggedMessage[] = []; + const logger = getRecordingLogger(messages); + const features = createFeatures([]); + + const mockHash = "abcdef"; + sinon.stub(glob, "hashFiles").resolves(mockHash); + + const makePatternCheckStub = sinon.stub(internal, "makePatternCheck"); + makePatternCheckStub + .withArgs(CSHARP_BASE_PATTERNS) + .resolves(CSHARP_BASE_PATTERNS); + + sinon.stub(cachingUtils, "getTotalCacheSize").resolves(1024); + sinon.stub(actionsCache, "saveCache").resolves(); + + const config = createTestConfig({ + languages: [KnownLanguage.csharp], + }); + + const result = await uploadDependencyCaches(codeql, features, config, logger); + t.is(result.length, 1); + t.is(result[0].language, KnownLanguage.csharp); + t.is(result[0].result, CacheStoreResult.Stored); + t.is(result[0].upload_size_bytes, 1024); + + checkExpectedLogMessages(t, messages, ["Uploading cache of size"]); +}); + +test("uploadDependencyCaches - catches `ReserveCacheError` exceptions", async (t) => { + process.env["RUNNER_OS"] = "Linux"; + + const codeql = createStubCodeQL({}); + const messages: LoggedMessage[] = []; + const logger = getRecordingLogger(messages); + const features = createFeatures([]); + + const mockHash = "abcdef"; + sinon.stub(glob, "hashFiles").resolves(mockHash); + + const makePatternCheckStub = sinon.stub(internal, "makePatternCheck"); + makePatternCheckStub + .withArgs(CSHARP_BASE_PATTERNS) + .resolves(CSHARP_BASE_PATTERNS); + + sinon.stub(cachingUtils, "getTotalCacheSize").resolves(1024); + sinon + .stub(actionsCache, "saveCache") + .throws(new actionsCache.ReserveCacheError("Already in use")); + + const config = createTestConfig({ + languages: [KnownLanguage.csharp], + }); + + await t.notThrowsAsync(async () => { + const result = await uploadDependencyCaches( + codeql, + features, + config, + logger, + ); + t.is(result.length, 1); + t.is(result[0].language, KnownLanguage.csharp); + t.is(result[0].result, CacheStoreResult.Duplicate); + + checkExpectedLogMessages(t, messages, ["Not uploading cache for"]); + }); +}); + +test("uploadDependencyCaches - throws other exceptions", async (t) => { + process.env["RUNNER_OS"] = "Linux"; + + const codeql = createStubCodeQL({}); + const messages: LoggedMessage[] = []; + const logger = getRecordingLogger(messages); + const features = createFeatures([]); + + const mockHash = "abcdef"; + sinon.stub(glob, "hashFiles").resolves(mockHash); + + const makePatternCheckStub = sinon.stub(internal, "makePatternCheck"); + makePatternCheckStub + .withArgs(CSHARP_BASE_PATTERNS) + .resolves(CSHARP_BASE_PATTERNS); + + sinon.stub(cachingUtils, "getTotalCacheSize").resolves(1024); + sinon.stub(actionsCache, "saveCache").throws(); + + const config = createTestConfig({ + languages: [KnownLanguage.csharp], + }); + + await t.throwsAsync(async () => { + await uploadDependencyCaches(codeql, features, config, logger); + }); +}); + test("getFeaturePrefix - returns empty string if no features are enabled", async (t) => { const codeql = createStubCodeQL({}); const features = createFeatures([]); diff --git a/src/dependency-caching.ts b/src/dependency-caching.ts index 220f1d5bab..350d8e4687 100644 --- a/src/dependency-caching.ts +++ b/src/dependency-caching.ts @@ -55,7 +55,7 @@ export function getJavaTempDependencyDir(): string { * @returns The paths of directories on the runner that should be included in a dependency cache * for a Java analysis. */ -export function getJavaDependencyDirs(): string[] { +function getJavaDependencyDirs(): string[] { return [ // Maven join(os.homedir(), ".m2", "repository"), @@ -193,6 +193,14 @@ export interface DependencyCacheRestoreStatus { /** An array of `DependencyCacheRestoreStatus` objects for each analysed language with a caching configuration. */ export type DependencyCacheRestoreStatusReport = DependencyCacheRestoreStatus[]; +/** Represents the results of `downloadDependencyCaches`. */ +export interface DownloadDependencyCachesResult { + /** The status report for telemetry */ + statusReport: DependencyCacheRestoreStatusReport; + /** An array of cache keys that we have restored and therefore know to exist. */ + restoredKeys: string[]; +} + /** * A wrapper around `cacheConfig.getHashPatterns` which logs when there are no files to calculate * a hash for the cache key from. @@ -239,8 +247,9 @@ export async function downloadDependencyCaches( features: FeatureEnablement, languages: Language[], logger: Logger, -): Promise { +): Promise { const status: DependencyCacheRestoreStatusReport = []; + const restoredKeys: string[] = []; for (const language of languages) { const cacheConfig = defaultCacheConfigs[language]; @@ -288,16 +297,27 @@ export async function downloadDependencyCaches( if (hitKey !== undefined) { logger.info(`Cache hit on key ${hitKey} for ${language}.`); - const hit_kind = - hitKey === primaryKey ? CacheHitKind.Exact : CacheHitKind.Partial; - status.push({ language, hit_kind, download_duration_ms }); + + // We have a partial cache hit, unless the key of the restored cache matches the + // primary restore key. + let hit_kind = CacheHitKind.Partial; + if (hitKey === primaryKey) { + hit_kind = CacheHitKind.Exact; + } + + status.push({ + language, + hit_kind, + download_duration_ms, + }); + restoredKeys.push(hitKey); } else { status.push({ language, hit_kind: CacheHitKind.Miss }); logger.info(`No suitable cache found for ${language}.`); } } - return status; + return { statusReport: status, restoredKeys }; } /** Enumerates possible outcomes for storing caches. */ @@ -365,6 +385,18 @@ export async function uploadDependencyCaches( continue; } + // Now that we have verified that there are suitable files, compute the hash for the cache key. + const key = await cacheKey(codeql, features, language, patterns); + + // Check that we haven't previously restored this exact key. If a cache with this key + // already exists in the Actions Cache, performing the next steps is pointless as the cache + // will not get overwritten. We can therefore skip the expensive work of measuring the size + // of the cache contents and attempting to upload it if we know that the cache already exists. + if (config.dependencyCachingRestoredKeys.includes(key)) { + status.push({ language, result: CacheStoreResult.Duplicate }); + continue; + } + // Calculate the size of the files that we would store in the cache. We use this to determine whether the // cache should be saved or not. For example, if there are no files to store, then we skip creating the // cache. In the future, we could also: @@ -390,8 +422,6 @@ export async function uploadDependencyCaches( continue; } - const key = await cacheKey(codeql, features, language, patterns); - logger.info( `Uploading cache of size ${size} for ${language} with key ${key}...`, ); diff --git a/src/environment.ts b/src/environment.ts index 16a016aaaa..1d33c68a67 100644 --- a/src/environment.ts +++ b/src/environment.ts @@ -20,12 +20,6 @@ export enum EnvVar { /** Whether the CodeQL Action has invoked the Go autobuilder. */ DID_AUTOBUILD_GOLANG = "CODEQL_ACTION_DID_AUTOBUILD_GOLANG", - /** - * Whether to disable the SARIF post-processing in the Action that removes duplicate locations from - * notifications in the `run[].invocations[].toolExecutionNotifications` SARIF property. - */ - DISABLE_DUPLICATE_LOCATION_FIX = "CODEQL_ACTION_DISABLE_DUPLICATE_LOCATION_FIX", - /** * Whether the CodeQL Action is using its own deprecated and non-standard way of scanning for * multiple languages. @@ -56,20 +50,12 @@ export enum EnvVar { /** Whether the error for a deprecated version of the CodeQL Action was logged. */ LOG_VERSION_DEPRECATION = "CODEQL_ACTION_DID_LOG_VERSION_DEPRECATION", - /** - * For macOS. Result of `csrutil status` to determine whether System Integrity - * Protection is enabled. - */ - IS_SIP_ENABLED = "CODEQL_ACTION_IS_SIP_ENABLED", - /** UUID representing the current job run. */ JOB_RUN_UUID = "JOB_RUN_UUID", /** Status for the entire job, submitted to the status report in `init-post` */ JOB_STATUS = "CODEQL_ACTION_JOB_STATUS", - ODASA_TRACER_CONFIGURATION = "ODASA_TRACER_CONFIGURATION", - /** The value of the `output` input for the analyze action. */ SARIF_RESULTS_OUTPUT_DIR = "CODEQL_ACTION_SARIF_RESULTS_OUTPUT_DIR", diff --git a/src/feature-flags.ts b/src/feature-flags.ts index 1334969795..10e2e296c3 100644 --- a/src/feature-flags.ts +++ b/src/feature-flags.ts @@ -77,6 +77,7 @@ export enum Feature { OverlayAnalysisSwift = "overlay_analysis_swift", PythonDefaultIsToNotExtractStdlib = "python_default_is_to_not_extract_stdlib", QaTelemetryEnabled = "qa_telemetry_enabled", + UploadOverlayDbToApi = "upload_overlay_db_to_api", UseRepositoryProperties = "use_repository_properties", ValidateDbConfig = "validate_db_config", } @@ -166,6 +167,11 @@ export const featureConfig: Record< legacyApi: true, minimumVersion: undefined, }, + [Feature.JavaMinimizeDependencyJars]: { + defaultValue: false, + envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", + minimumVersion: "2.23.0", + }, [Feature.OverlayAnalysis]: { defaultValue: false, envVar: "CODEQL_ACTION_OVERLAY_ANALYSIS", @@ -277,21 +283,21 @@ export const featureConfig: Record< minimumVersion: undefined, toolsFeature: ToolsFeature.PythonDefaultIsToNotExtractStdlib, }, - [Feature.UseRepositoryProperties]: { - defaultValue: false, - envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", - minimumVersion: undefined, - }, [Feature.QaTelemetryEnabled]: { defaultValue: false, envVar: "CODEQL_ACTION_QA_TELEMETRY", legacyApi: true, minimumVersion: undefined, }, - [Feature.JavaMinimizeDependencyJars]: { + [Feature.UploadOverlayDbToApi]: { defaultValue: false, - envVar: "CODEQL_ACTION_JAVA_MINIMIZE_DEPENDENCY_JARS", - minimumVersion: "2.23.0", + envVar: "CODEQL_ACTION_UPLOAD_OVERLAY_DB_TO_API", + minimumVersion: undefined, + }, + [Feature.UseRepositoryProperties]: { + defaultValue: false, + envVar: "CODEQL_ACTION_USE_REPOSITORY_PROPERTIES", + minimumVersion: undefined, }, [Feature.ValidateDbConfig]: { defaultValue: false, diff --git a/src/git-utils.ts b/src/git-utils.ts index 8371240273..0d2a7df7a6 100644 --- a/src/git-utils.ts +++ b/src/git-utils.ts @@ -122,67 +122,6 @@ export const determineBaseBranchHeadCommitOid = async function ( } }; -/** - * Deepen the git history of HEAD by one level. Errors are logged. - * - * This function uses the `checkout_path` to determine the repository path and - * works only when called from `analyze` or `upload-sarif`. - */ -export const deepenGitHistory = async function () { - try { - await runGitCommand( - getOptionalInput("checkout_path"), - [ - "fetch", - "origin", - "HEAD", - "--no-tags", - "--no-recurse-submodules", - "--deepen=1", - ], - "Cannot deepen the shallow repository.", - ); - } catch { - // Errors are already logged by runGitCommand() - } -}; - -/** - * Fetch the given remote branch. Errors are logged. - * - * This function uses the `checkout_path` to determine the repository path and - * works only when called from `analyze` or `upload-sarif`. - */ -export const gitFetch = async function (branch: string, extraFlags: string[]) { - try { - await runGitCommand( - getOptionalInput("checkout_path"), - ["fetch", "--no-tags", ...extraFlags, "origin", `${branch}:${branch}`], - `Cannot fetch ${branch}.`, - ); - } catch { - // Errors are already logged by runGitCommand() - } -}; - -/** - * Repack the git repository, using with the given flags. Errors are logged. - * - * This function uses the `checkout_path` to determine the repository path and - * works only when called from `analyze` or `upload-sarif`. - */ -export const gitRepack = async function (flags: string[]) { - try { - await runGitCommand( - getOptionalInput("checkout_path"), - ["repack", ...flags], - "Cannot repack the repository.", - ); - } catch { - // Errors are already logged by runGitCommand() - } -}; - /** * Decode, if necessary, a file path produced by Git. See * https://git-scm.com/docs/git-config#Documentation/git-config.txt-corequotePath diff --git a/src/init-action.ts b/src/init-action.ts index 3512520c2c..689ded2fc1 100644 --- a/src/init-action.ts +++ b/src/init-action.ts @@ -371,7 +371,7 @@ async function run() { } let overlayBaseDatabaseStats: OverlayBaseDatabaseDownloadStats | undefined; - let dependencyCachingResults: DependencyCacheRestoreStatusReport | undefined; + let dependencyCachingStatus: DependencyCacheRestoreStatusReport | undefined; try { if ( config.overlayDatabaseMode === OverlayDatabaseMode.Overlay && @@ -579,12 +579,15 @@ async function run() { // Restore dependency cache(s), if they exist. if (shouldRestoreCache(config.dependencyCachingEnabled)) { - dependencyCachingResults = await downloadDependencyCaches( + const dependencyCachingResult = await downloadDependencyCaches( codeql, features, config.languages, logger, ); + dependencyCachingStatus = dependencyCachingResult.statusReport; + config.dependencyCachingRestoredKeys = + dependencyCachingResult.restoredKeys; } // Suppress warnings about disabled Python library extraction. @@ -732,7 +735,7 @@ async function run() { toolsSource, toolsVersion, overlayBaseDatabaseStats, - dependencyCachingResults, + dependencyCachingStatus, logger, error, ); @@ -755,7 +758,7 @@ async function run() { toolsSource, toolsVersion, overlayBaseDatabaseStats, - dependencyCachingResults, + dependencyCachingStatus, logger, ); } diff --git a/src/overlay-database-utils.ts b/src/overlay-database-utils.ts index ebb020ba86..a340bfe2b0 100644 --- a/src/overlay-database-utils.ts +++ b/src/overlay-database-utils.ts @@ -16,6 +16,7 @@ import { type Config } from "./config-utils"; import { getCommitOid, getFileOidsUnderPath } from "./git-utils"; import { Logger, withGroupAsync } from "./logging"; import { + CleanupLevel, getErrorMessage, isInTestMode, tryGetFolderBytes, @@ -28,7 +29,7 @@ export enum OverlayDatabaseMode { None = "none", } -export const CODEQL_OVERLAY_MINIMUM_VERSION = "2.22.4"; +export const CODEQL_OVERLAY_MINIMUM_VERSION = "2.23.5"; /** * The maximum (uncompressed) size of the overlay base database that we will @@ -175,7 +176,7 @@ const MAX_CACHE_OPERATION_MS = 600_000; * @param warningPrefix Prefix for the check failure warning message * @returns True if the verification succeeded, false otherwise */ -export function checkOverlayBaseDatabase( +function checkOverlayBaseDatabase( config: Config, logger: Logger, warningPrefix: string, @@ -204,7 +205,7 @@ export function checkOverlayBaseDatabase( * @returns A promise that resolves to true if the upload was performed and * successfully completed, or false otherwise */ -export async function uploadOverlayBaseDatabaseToCache( +export async function cleanupAndUploadOverlayBaseDatabaseToCache( codeql: CodeQL, config: Config, logger: Logger, @@ -242,7 +243,7 @@ export async function uploadOverlayBaseDatabaseToCache( // Clean up the database using the overlay cleanup level. await withGroupAsync("Cleaning up databases", async () => { - await codeql.databaseCleanupCluster(config, "overlay"); + await codeql.databaseCleanupCluster(config, CleanupLevel.Overlay); }); const dbLocation = config.dbLocation; diff --git a/src/setup-codeql.ts b/src/setup-codeql.ts index 9488930229..16375421a7 100644 --- a/src/setup-codeql.ts +++ b/src/setup-codeql.ts @@ -34,7 +34,7 @@ export enum ToolsSource { Download = "DOWNLOAD", } -export const CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action"; +const CODEQL_DEFAULT_ACTION_REPOSITORY = "github/codeql-action"; const CODEQL_NIGHTLIES_REPOSITORY_OWNER = "dsp-testing"; const CODEQL_NIGHTLIES_REPOSITORY_NAME = "codeql-cli-nightlies"; @@ -180,17 +180,6 @@ export function tryGetTagNameFromUrl( return match[1]; } -export function tryGetBundleVersionFromUrl( - url: string, - logger: Logger, -): string | undefined { - const tagName = tryGetTagNameFromUrl(url, logger); - if (tagName === undefined) { - return undefined; - } - return tryGetBundleVersionFromTagName(tagName, logger); -} - export function convertToSemVer(version: string, logger: Logger): string { if (!semver.valid(version)) { logger.debug( @@ -580,7 +569,7 @@ export async function getCodeQLSource( * Gets a fallback version number to use when looking for CodeQL in the toolcache if we didn't find * the `x.y.z` version. This is to support old versions of the toolcache. */ -export async function tryGetFallbackToolcacheVersion( +async function tryGetFallbackToolcacheVersion( cliVersion: string | undefined, tagName: string, logger: Logger, @@ -729,7 +718,7 @@ function getCanonicalToolcacheVersion( return cliVersion; } -export interface SetupCodeQLResult { +interface SetupCodeQLResult { codeqlFolder: string; toolsDownloadStatusReport?: ToolsDownloadStatusReport; toolsSource: ToolsSource; @@ -750,7 +739,7 @@ export async function setupCodeQLBundle( defaultCliVersion: CodeQLDefaultVersionInfo, features: FeatureEnablement, logger: Logger, -) { +): Promise { if (!(await util.isBinaryAccessible("tar", logger))) { throw new util.ConfigurationError( "Could not find tar in PATH, so unable to extract CodeQL bundle.", diff --git a/src/start-proxy.ts b/src/start-proxy.ts index 2888e1a58d..2a082ed628 100644 --- a/src/start-proxy.ts +++ b/src/start-proxy.ts @@ -8,7 +8,7 @@ import { ConfigurationError, getErrorMessage, isDefined } from "./util"; export const UPDATEJOB_PROXY = "update-job-proxy"; export const UPDATEJOB_PROXY_VERSION = "v2.0.20250624110901"; -export const UPDATEJOB_PROXY_URL_PREFIX = +const UPDATEJOB_PROXY_URL_PREFIX = "https://github.com/github/codeql-action/releases/download/codeql-bundle-v2.22.0/"; export type Credential = { @@ -202,7 +202,7 @@ export function getFallbackUrl(proxyPackage: string): string { * * @returns The response from the GitHub API. */ -export async function getLinkedRelease() { +async function getLinkedRelease() { return getApiClient().rest.repos.getReleaseByTag({ owner: "github", repo: "codeql-action", diff --git a/src/status-report.ts b/src/status-report.ts index 1ad53ac321..c6e747489e 100644 --- a/src/status-report.ts +++ b/src/status-report.ts @@ -54,7 +54,7 @@ export enum ActionName { * considered to be a third party analysis and is treated differently when calculating SLOs. To ensure * misconfigured workflows are not treated as third party, only the upload-sarif action can return false. */ -export function isFirstPartyAnalysis(actionName: ActionName): boolean { +function isFirstPartyAnalysis(actionName: ActionName): boolean { if (actionName !== ActionName.UploadSarif) { return true; } diff --git a/src/testing-utils.ts b/src/testing-utils.ts index 12193309bb..eaec11e2c4 100644 --- a/src/testing-utils.ts +++ b/src/testing-utils.ts @@ -392,6 +392,7 @@ export function createTestConfig(overrides: Partial): Config { trapCaches: {}, trapCacheDownloadTime: 0, dependencyCachingEnabled: CachingKind.None, + dependencyCachingRestoredKeys: [], extraQueryExclusions: [], overlayDatabaseMode: OverlayDatabaseMode.None, useOverlayDatabaseCaching: false, diff --git a/src/tools-download.ts b/src/tools-download.ts index 4cfba397e9..5d8a4c5fb9 100644 --- a/src/tools-download.ts +++ b/src/tools-download.ts @@ -17,7 +17,7 @@ import { cleanUpPath, getErrorMessage, getRequiredEnvParam } from "./util"; /** * High watermark to use when streaming the download and extraction of the CodeQL tools. */ -export const STREAMING_HIGH_WATERMARK_BYTES = 4 * 1024 * 1024; // 4 MiB +const STREAMING_HIGH_WATERMARK_BYTES = 4 * 1024 * 1024; // 4 MiB /** * The name of the tool cache directory for the CodeQL tools. diff --git a/src/tracer-config.ts b/src/tracer-config.ts index 9eea3eecc8..d786d46515 100644 --- a/src/tracer-config.ts +++ b/src/tracer-config.ts @@ -76,7 +76,7 @@ export async function endTracingForCluster( } } -export async function getTracerConfigForCluster( +async function getTracerConfigForCluster( config: Config, ): Promise { const tracingEnvVariables = JSON.parse( diff --git a/src/upload-lib.ts b/src/upload-lib.ts index f032b83272..ac02745207 100644 --- a/src/upload-lib.ts +++ b/src/upload-lib.ts @@ -412,7 +412,7 @@ export function findSarifFilesInDir( return sarifFiles; } -export function getSarifFilePaths( +function getSarifFilePaths( sarifPath: string, isSarif: (name: string) => boolean, ) { diff --git a/src/util.ts b/src/util.ts index f23c3be7de..aefcc5a2af 100644 --- a/src/util.ts +++ b/src/util.ts @@ -4,7 +4,6 @@ import * as os from "os"; import * as path from "path"; import * as core from "@actions/core"; -import * as exec from "@actions/exec/lib/exec"; import * as io from "@actions/io"; import getFolderSize from "get-folder-size"; import * as yaml from "js-yaml"; @@ -1026,34 +1025,6 @@ export function fixInvalidNotifications( return newSarif; } -/** - * Removes duplicates from the sarif file. - * - * When `CODEQL_ACTION_DISABLE_DUPLICATE_LOCATION_FIX` is set to true, this will - * simply rename the input file to the output file. Otherwise, it will parse the - * input file as JSON, remove duplicate locations from the SARIF notification - * objects, and write the result to the output file. - * - * For context, see documentation of: - * `CODEQL_ACTION_DISABLE_DUPLICATE_LOCATION_FIX`. */ -export function fixInvalidNotificationsInFile( - inputPath: string, - outputPath: string, - logger: Logger, -): void { - if (process.env[EnvVar.DISABLE_DUPLICATE_LOCATION_FIX] === "true") { - logger.info( - "SARIF notification object duplicate location fix disabled by the " + - `${EnvVar.DISABLE_DUPLICATE_LOCATION_FIX} environment variable.`, - ); - fs.renameSync(inputPath, outputPath); - } else { - let sarif = JSON.parse(fs.readFileSync(inputPath, "utf8")) as SarifFile; - sarif = fixInvalidNotifications(sarif, logger); - fs.writeFileSync(outputPath, JSON.stringify(sarif)); - } -} - export function wrapError(error: unknown): Error { return error instanceof Error ? error : new Error(String(error)); } @@ -1197,49 +1168,6 @@ export function cloneObject(obj: T): T { return JSON.parse(JSON.stringify(obj)) as T; } -// The first time this function is called, it runs `csrutil status` to determine -// whether System Integrity Protection is enabled; and saves the result in an -// environment variable. Afterwards, simply return the value of the environment -// variable. -export async function checkSipEnablement( - logger: Logger, -): Promise { - if ( - process.env[EnvVar.IS_SIP_ENABLED] !== undefined && - ["true", "false"].includes(process.env[EnvVar.IS_SIP_ENABLED]) - ) { - return process.env[EnvVar.IS_SIP_ENABLED] === "true"; - } - - try { - const sipStatusOutput = await exec.getExecOutput("csrutil status"); - if (sipStatusOutput.exitCode === 0) { - if ( - sipStatusOutput.stdout.includes( - "System Integrity Protection status: enabled.", - ) - ) { - core.exportVariable(EnvVar.IS_SIP_ENABLED, "true"); - return true; - } - if ( - sipStatusOutput.stdout.includes( - "System Integrity Protection status: disabled.", - ) - ) { - core.exportVariable(EnvVar.IS_SIP_ENABLED, "false"); - return false; - } - } - return undefined; - } catch (e) { - logger.warning( - `Failed to determine if System Integrity Protection was enabled: ${e}`, - ); - return undefined; - } -} - export async function cleanUpPath(file: string, name: string, logger: Logger) { logger.debug(`Cleaning up ${name}.`); try { @@ -1291,17 +1219,6 @@ export function isDefined(value: T | null | undefined): value is T { return value !== undefined && value !== null; } -/** Like `Object.keys`, but typed so that the elements of the resulting array have the - * same type as the keys of the input object. Note that this may not be sound if the input - * object has been cast to `T` from a subtype of `T` and contains additional keys that - * are not represented by `keyof T`. - */ -export function unsafeKeysInvariant>( - object: T, -): Array { - return Object.keys(object) as Array; -} - /** Like `Object.entries`, but typed so that the key elements of the result have the * same type as the keys of the input object. Note that this may not be sound if the input * object has been cast to `T` from a subtype of `T` and contains additional keys that @@ -1314,3 +1231,8 @@ export function unsafeEntriesInvariant>( ([_, val]) => val !== undefined, ) as Array<[keyof T, Exclude]>; } + +export enum CleanupLevel { + Clear = "clear", + Overlay = "overlay", +}