From dba70acdb3f6f42031d89cf7b0f122e3ebb6f776 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Mon, 7 Nov 2022 10:38:32 +0000 Subject: [PATCH 1/3] Bump default CodeQL version to 2.11.3 --- CHANGELOG.md | 2 +- lib/defaults.json | 2 +- src/defaults.json | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c44efea7f6..bfe4c95cd6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ ## [UNRELEASED] -No user facing changes. +- Update default CodeQL bundle version to 2.11.3. [#1348](https://github.com/github/codeql-action/pull/1348) ## 2.1.31 - 04 Nov 2022 diff --git a/lib/defaults.json b/lib/defaults.json index d9c48bb135..39a5dd80e8 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,3 +1,3 @@ { - "bundleVersion": "codeql-bundle-20221024" + "bundleVersion": "codeql-bundle-20221105" } diff --git a/src/defaults.json b/src/defaults.json index 3b15b2e584..25f11946b2 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,3 +1,3 @@ { - "bundleVersion": "codeql-bundle-20221024" + "bundleVersion": "codeql-bundle-20221105" } From 76a77405c1b8a47eba00a58065006257ac78b871 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Fri, 11 Nov 2022 10:12:39 +0000 Subject: [PATCH 2/3] Fix Python query identifier in file baseline information PR check --- .github/workflows/__export-file-baseline-information.yml | 2 +- pr-checks/checks/export-file-baseline-information.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/__export-file-baseline-information.yml b/.github/workflows/__export-file-baseline-information.yml index 77ac89088e..29bf041311 100644 --- a/.github/workflows/__export-file-baseline-information.yml +++ b/.github/workflows/__export-file-baseline-information.yml @@ -68,7 +68,7 @@ jobs: shell: bash run: | cd "$RUNNER_TEMP/results" - expected_baseline_languages="cpp csharp go java js python ruby" + expected_baseline_languages="cpp csharp go java js py ruby" for lang in ${expected_baseline_languages}; do rule_name="${lang}/baseline/expected-extracted-files" diff --git a/pr-checks/checks/export-file-baseline-information.yml b/pr-checks/checks/export-file-baseline-information.yml index eecbbdafcd..3907f0de84 100644 --- a/pr-checks/checks/export-file-baseline-information.yml +++ b/pr-checks/checks/export-file-baseline-information.yml @@ -28,7 +28,7 @@ steps: shell: bash run: | cd "$RUNNER_TEMP/results" - expected_baseline_languages="cpp csharp go java js python ruby" + expected_baseline_languages="cpp csharp go java js py ruby" for lang in ${expected_baseline_languages}; do rule_name="${lang}/baseline/expected-extracted-files" From 718930badf638c8740119d849514fa7e9e51c5b0 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Fri, 11 Nov 2022 10:37:32 +0000 Subject: [PATCH 3/3] Pin npm to latest v8 release to address failing PR check npm v9 is not compatible with Node 12, so we can't update to it yet. --- .github/workflows/script/check-node-modules.sh | 9 ++++++--- .github/workflows/update-dependencies.yml | 5 ++++- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/script/check-node-modules.sh b/.github/workflows/script/check-node-modules.sh index 47d92ec2d1..0e471524d6 100755 --- a/.github/workflows/script/check-node-modules.sh +++ b/.github/workflows/script/check-node-modules.sh @@ -7,7 +7,10 @@ if [ ! -z "$(git status --porcelain)" ]; then >&2 echo "Failed: Repo should be clean before testing!" exit 1 fi -sudo npm install --force -g npm@latest +# Pin npm to v8 since v9 doesn't support Node 12. +# When updating this, make sure to update the npm version in +# `.github/workflows/update-dependencies.yml` too. +sudo npm install --force -g npm@^8.19.3 # Reinstall modules and then clean to remove absolute paths # Use 'npm ci' instead of 'npm install' as this is intended to be reproducible npm ci @@ -15,8 +18,8 @@ npm run removeNPMAbsolutePaths # Check that repo is still clean if [ ! -z "$(git status --porcelain)" ]; then # If we get a fail here then the PR needs attention - >&2 echo "Failed: node_modules are not up to date. Run 'npm ci && npm run removeNPMAbsolutePaths' on a macOS machine to update. Note it is important this command is run on macOS and not any other operating system as there is one dependency (fsevents) that is needed for macOS and may not be installed if the command is run on a Windows or Linux machine." + >&2 echo "Failed: node_modules are not up to date. Add the 'Update dependencies' label to your PR to update them. Note it is important that node modules are updated on macOS and not any other operating system as there is one dependency (fsevents) that is needed for macOS and may not be installed if dependencies are updated on a Windows or Linux machine." git status exit 1 fi -echo "Success: node_modules are up to date" \ No newline at end of file +echo "Success: node_modules are up to date" diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml index b8bcb7fd4e..67f400b396 100644 --- a/.github/workflows/update-dependencies.yml +++ b/.github/workflows/update-dependencies.yml @@ -27,7 +27,10 @@ jobs: run: | git fetch origin "$BRANCH" --depth=1 git checkout "origin/$BRANCH" - sudo npm install --force -g npm@latest + # Pin npm to v8 since v9 doesn't support Node 12. + # When updating this, make sure to update the npm version in + # `.github/workflows/script/check-node-modules.sh` too. + sudo npm install --force -g npm@^8.19.3 npm install npm ci npm run removeNPMAbsolutePaths