From 693b97bf507a30ff69fe4d0e9d5e67ac288b3585 Mon Sep 17 00:00:00 2001 From: Edoardo Pirovano Date: Fri, 26 Aug 2022 10:02:32 +0100 Subject: [PATCH 1/2] Bump CodeQL version to 2.10.4 --- CHANGELOG.md | 1 + lib/defaults.json | 2 +- src/defaults.json | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e0e96391f0..19f114e929 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## [UNRELEASED] - Downloading CodeQL packs has been moved to the `init` step. Previously, CodeQL packs were downloaded during the `analyze` step. [#1218](https://github.com/github/codeql-action/pull/1218) +- Update default CodeQL bundle version to 2.10.4. [#1224](https://github.com/github/codeql-action/pull/1224) ## 2.1.21 - 25 Aug 2022 diff --git a/lib/defaults.json b/lib/defaults.json index 8471f1f71c..4d06bce515 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,3 +1,3 @@ { - "bundleVersion": "codeql-bundle-20220811" + "bundleVersion": "codeql-bundle-20220825" } diff --git a/src/defaults.json b/src/defaults.json index 3fb8e8c948..4158343c54 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,3 +1,3 @@ { - "bundleVersion": "codeql-bundle-20220811" + "bundleVersion": "codeql-bundle-20220825" } From 8c692b37a0046ac517887cfa674f65483a82ae92 Mon Sep 17 00:00:00 2001 From: Edoardo Pirovano Date: Wed, 31 Aug 2022 13:06:02 +0100 Subject: [PATCH 2/2] Pin `poetry` to 1.1 --- CHANGELOG.md | 1 + python-setup/install_tools.ps1 | 4 ++-- python-setup/install_tools.sh | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 19f114e929..f36efe56ad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ - Downloading CodeQL packs has been moved to the `init` step. Previously, CodeQL packs were downloaded during the `analyze` step. [#1218](https://github.com/github/codeql-action/pull/1218) - Update default CodeQL bundle version to 2.10.4. [#1224](https://github.com/github/codeql-action/pull/1224) +- The newly released [Poetry 1.2](https://python-poetry.org/blog/announcing-poetry-1.2.0) is not yet supported. In the most common case where the CodeQL Action is automatically installing Python dependencies, it will continue to install and use Poetry 1.1 on its own. However, in certain cases such as with self-hosted runners, you may need to ensure Poetry 1.1 is installed yourself. ## 2.1.21 - 25 Aug 2022 diff --git a/python-setup/install_tools.ps1 b/python-setup/install_tools.ps1 index ed954c5101..3c78378a3d 100644 --- a/python-setup/install_tools.ps1 +++ b/python-setup/install_tools.ps1 @@ -8,6 +8,6 @@ py -3 -m pip install --user --upgrade pip setuptools wheel py -2 -m pip install --user 'virtualenv<20.11' py -3 -m pip install --user 'virtualenv<20.11' -# poetry 1.0.10 has error (https://github.com/python-poetry/poetry/issues/2711) -py -3 -m pip install --user poetry!=1.0.10 +# We aren't compatible with poetry 1.2 +py -3 -m pip install --user "poetry>=1.1,<1.2" py -3 -m pip install --user pipenv diff --git a/python-setup/install_tools.sh b/python-setup/install_tools.sh index f5014595fa..7acb33f146 100755 --- a/python-setup/install_tools.sh +++ b/python-setup/install_tools.sh @@ -24,8 +24,8 @@ python3 -m pip install --user 'virtualenv<20.11' # "program uses threads.", RuntimeWarning) # LGTM_PYTHON_SETUP_VERSION=The currently activated Python version 2.7.18 is not supported by the project (^3.5). Trying to find and use a compatible version. Using python3 (3.8.2) 3 -# poetry 1.0.10 has error (https://github.com/python-poetry/poetry/issues/2711) -python3 -m pip install --user poetry!=1.0.10 +# We aren't compatible with poetry 1.2 +python3 -m pip install --user "poetry>=1.1,<1.2" python3 -m pip install --user pipenv if command -v python2 >/dev/null 2>&1; then