From 75af1f5948eef4f82d80db69296c55a9bc5ba26e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 24 Jan 2024 00:02:56 +0000 Subject: [PATCH 1/3] Update default bundle to codeql-bundle-v2.16.1 --- lib/defaults.json | 8 ++++---- src/defaults.json | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/lib/defaults.json b/lib/defaults.json index 28d020bdd7..a395818a14 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.16.0", - "cliVersion": "2.16.0", - "priorBundleVersion": "codeql-bundle-v2.15.5", - "priorCliVersion": "2.15.5" + "bundleVersion": "codeql-bundle-v2.16.1", + "cliVersion": "2.16.1", + "priorBundleVersion": "codeql-bundle-v2.16.0", + "priorCliVersion": "2.16.0" } diff --git a/src/defaults.json b/src/defaults.json index 20438b7a21..ac2c207e10 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.16.0", - "cliVersion": "2.16.0", - "priorBundleVersion": "codeql-bundle-v2.15.5", - "priorCliVersion": "2.15.5" + "bundleVersion": "codeql-bundle-v2.16.1", + "cliVersion": "2.16.1", + "priorBundleVersion": "codeql-bundle-v2.16.0", + "priorCliVersion": "2.16.0" } From d43ae36a631248dea35da2f8da5e28687255da31 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 24 Jan 2024 00:03:09 +0000 Subject: [PATCH 2/3] Add changelog note --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 93c068cff9..cca856f11a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ Note that the only difference between `v2` and `v3` of the CodeQL Action is the ## [UNRELEASED] - On Linux, the maximum possible value for the `--threads` option now respects the CPU count as specified in `cgroup` files to more accurately reflect the number of available cores when running in containers. +- Update default CodeQL bundle version to 2.16.1. [#2096](https://github.com/github/codeql-action/pull/2096) ## 3.23.1 - 17 Jan 2024 From 666e2f9edfd29789e9f46f2cce092d18622dcb74 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Wed, 24 Jan 2024 00:20:18 +0000 Subject: [PATCH 3/3] Internal queries: Replace deprecated predicates --- queries/required-action-input.ql | 21 +++++---------------- queries/undeclared-action-input.ql | 10 +++++----- 2 files changed, 10 insertions(+), 21 deletions(-) diff --git a/queries/required-action-input.ql b/queries/required-action-input.ql index e756283266..e4a0b155ff 100644 --- a/queries/required-action-input.ql +++ b/queries/required-action-input.ql @@ -19,7 +19,7 @@ class ActionDeclaration extends File { getRelativePath().matches("%/action.yml") } - YAMLDocument getRootNode() { + YamlDocument getRootNode() { result.getFile() = this } @@ -27,7 +27,7 @@ class ActionDeclaration extends File { * The name of any input to this action. */ string getAnInput() { - result = getRootNode().(YAMLMapping).lookup("inputs").(YAMLMapping).getKey(_).(YAMLString).getValue() + result = getRootNode().(YamlMapping).lookup("inputs").(YamlMapping).getKey(_).(YamlString).getValue() } /** @@ -35,21 +35,10 @@ class ActionDeclaration extends File { * or because it has a default value. */ predicate inputAlwaysHasValue(string input) { - exists(YAMLMapping value | - value = getRootNode().(YAMLMapping).lookup("inputs").(YAMLMapping).lookup(input) and + exists(YamlMapping value | + value = getRootNode().(YamlMapping).lookup("inputs").(YamlMapping).lookup(input) and (exists(value.lookup("default")) or - value.lookup("required").(YAMLBool).getBoolValue() = true)) - } - - /** - * The function that is the entrypoint to this action. - */ - FunctionDeclStmt getEntrypoint() { - result.getFile().getRelativePath() = getRootNode(). - (YAMLMapping).lookup("runs"). - (YAMLMapping).lookup("main"). - (YAMLString).getValue().regexpReplaceAll("\\.\\./lib/(.*)\\.js", "src/$1.ts") and - result.getName() = "run" + value.lookup("required").(YamlBool).getBoolValue() = true)) } } diff --git a/queries/undeclared-action-input.ql b/queries/undeclared-action-input.ql index 71cc9527ee..726f50a19f 100644 --- a/queries/undeclared-action-input.ql +++ b/queries/undeclared-action-input.ql @@ -24,7 +24,7 @@ class ActionDeclaration extends File { result = getRelativePath().regexpCapture("(.*)/action.yml", 1) } - YAMLDocument getRootNode() { + YamlDocument getRootNode() { result.getFile() = this } @@ -32,7 +32,7 @@ class ActionDeclaration extends File { * The name of any input to this action. */ string getAnInput() { - result = getRootNode().(YAMLMapping).lookup("inputs").(YAMLMapping).getKey(_).(YAMLString).getValue() + result = getRootNode().(YamlMapping).lookup("inputs").(YamlMapping).getKey(_).(YamlString).getValue() } /** @@ -40,9 +40,9 @@ class ActionDeclaration extends File { */ FunctionDeclStmt getEntrypoint() { result.getFile().getRelativePath() = getRootNode(). - (YAMLMapping).lookup("runs"). - (YAMLMapping).lookup("main"). - (YAMLString).getValue().regexpReplaceAll("\\.\\./lib/(.*)\\.js", "src/$1.ts") and + (YamlMapping).lookup("runs"). + (YamlMapping).lookup("main"). + (YamlString).getValue().regexpReplaceAll("\\.\\./lib/(.*)\\.js", "src/$1.ts") and result.getName() = "run" } }