Skip to content

Commit 237260b

Browse files
committed
Revert "Revert usage of --codescanning-config flag"
This reverts commit 43d0664.
1 parent e8c48cc commit 237260b

7 files changed

Lines changed: 76 additions & 9 deletions

File tree

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ No user facing changes.
4242
## 2.1.7 - 05 Apr 2022
4343

4444
- A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. [#1018](https://github.com/github/codeql-action/pull/1018)
45+
No user facing changes.
4546

4647
## 2.1.6 - 30 Mar 2022
4748

lib/analyze.js

Lines changed: 2 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/analyze.js.map

Lines changed: 5 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/codeql.js

Lines changed: 30 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/codeql.js.map

Lines changed: 5 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/analyze.ts

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ import * as yaml from "js-yaml";
88
import * as analysisPaths from "./analysis-paths";
99
import {
1010
CodeQL,
11+
CODEQL_VERSION_CONFIG_FILES,
1112
CODEQL_VERSION_COUNTS_LINES,
1213
CODEQL_VERSION_NEW_TRACING,
1314
getCodeQL,
@@ -243,7 +244,10 @@ export async function runQueries(
243244

244245
const codeql = await getCodeQL(config.codeQLCmd);
245246
try {
246-
if (hasPackWithCustomQueries) {
247+
if (
248+
hasPackWithCustomQueries &&
249+
!(await util.codeQlVersionAbove(codeql, CODEQL_VERSION_CONFIG_FILES))
250+
) {
247251
logger.info("Performing analysis with custom CodeQL Packs.");
248252
logger.startGroup(`Downloading custom packs for ${language}`);
249253

src/codeql.ts

Lines changed: 28 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ import * as path from "path";
44

55
import * as toolrunner from "@actions/exec/lib/toolrunner";
66
import { default as deepEqual } from "fast-deep-equal";
7+
import * as yaml from "js-yaml";
78
import { default as queryString } from "query-string";
89
import * as semver from "semver";
910

@@ -225,6 +226,7 @@ const CODEQL_VERSION_GROUP_RULES = "2.5.5";
225226
const CODEQL_VERSION_SARIF_GROUP = "2.5.3";
226227
export const CODEQL_VERSION_COUNTS_LINES = "2.6.2";
227228
const CODEQL_VERSION_CUSTOM_QUERY_HELP = "2.7.1";
229+
export const CODEQL_VERSION_CONFIG_FILES = "2.8.2"; // Versions before 2.8.2 weren't tolerant to unknown properties
228230
export const CODEQL_VERSION_ML_POWERED_QUERIES = "2.7.5";
229231
const CODEQL_VERSION_LUA_TRACER_CONFIG = "2.10.0";
230232

@@ -761,6 +763,26 @@ async function getCodeQLForCmd(
761763
}
762764
}
763765
}
766+
if (await util.codeQlVersionAbove(codeql, CODEQL_VERSION_CONFIG_FILES)) {
767+
const configLocation = path.resolve(config.tempDir, "user-config.yaml");
768+
const augmentedConfig = config.originalUserInput;
769+
if (config.injectedMlQueries) {
770+
// We need to inject the ML queries into the original user input before
771+
// we pass this on to the CLI, to make sure these get run.
772+
const packString = await util.getMlPoweredJsQueriesPack(codeql);
773+
774+
if (augmentedConfig.packs === undefined) augmentedConfig.packs = [];
775+
if (Array.isArray(augmentedConfig.packs)) {
776+
augmentedConfig.packs.push(packString);
777+
} else {
778+
if (!augmentedConfig.packs.javascript)
779+
augmentedConfig.packs["javascript"] = [];
780+
augmentedConfig.packs["javascript"].push(packString);
781+
}
782+
}
783+
fs.writeFileSync(configLocation, yaml.dump(augmentedConfig));
784+
extraArgs.push(`--codescanning-config=${configLocation}`);
785+
}
764786
await runTool(cmd, [
765787
"database",
766788
"init",
@@ -933,7 +955,9 @@ async function getCodeQLForCmd(
933955
if (extraSearchPath !== undefined) {
934956
codeqlArgs.push("--additional-packs", extraSearchPath);
935957
}
936-
codeqlArgs.push(querySuitePath);
958+
if (!(await util.codeQlVersionAbove(this, CODEQL_VERSION_CONFIG_FILES))) {
959+
codeqlArgs.push(querySuitePath);
960+
}
937961
await runTool(cmd, codeqlArgs);
938962
},
939963
async databaseInterpretResults(
@@ -969,7 +993,9 @@ async function getCodeQLForCmd(
969993
codeqlArgs.push("--sarif-category", automationDetailsId);
970994
}
971995
codeqlArgs.push(databasePath);
972-
codeqlArgs.push(...querySuitePaths);
996+
if (!(await util.codeQlVersionAbove(this, CODEQL_VERSION_CONFIG_FILES))) {
997+
codeqlArgs.push(...querySuitePaths);
998+
}
973999
// capture stdout, which contains analysis summaries
9741000
return await runTool(cmd, codeqlArgs);
9751001
},

0 commit comments

Comments
 (0)