diff --git a/.github/workflows/__multi-language-autodetect.yml b/.github/workflows/__multi-language-autodetect.yml index 618567e453..139630ad9b 100644 --- a/.github/workflows/__multi-language-autodetect.yml +++ b/.github/workflows/__multi-language-autodetect.yml @@ -28,36 +28,20 @@ jobs: fail-fast: false matrix: include: - - os: ubuntu-latest - version: stable-20230403 - os: macos-12 version: stable-20230403 - - os: ubuntu-latest - version: stable-v2.13.5 - os: macos-12 version: stable-v2.13.5 - - os: ubuntu-latest - version: stable-v2.14.6 - os: macos-12 version: stable-v2.14.6 - - os: ubuntu-latest - version: stable-v2.15.5 - os: macos-latest version: stable-v2.15.5 - - os: ubuntu-latest - version: stable-v2.16.6 - os: macos-latest version: stable-v2.16.6 - - os: ubuntu-latest - version: default - os: macos-latest version: default - - os: ubuntu-latest - version: latest - os: macos-latest version: latest - - os: ubuntu-latest - version: nightly-latest - os: macos-latest version: nightly-latest name: Multi-language repository diff --git a/.github/workflows/__scaling-reserved-ram.yml b/.github/workflows/__scaling-reserved-ram.yml index 4c4b02f684..ecf944bc42 100644 --- a/.github/workflows/__scaling-reserved-ram.yml +++ b/.github/workflows/__scaling-reserved-ram.yml @@ -28,36 +28,20 @@ jobs: fail-fast: false matrix: include: - - os: ubuntu-latest - version: stable-20230403 - os: macos-12 version: stable-20230403 - - os: ubuntu-latest - version: stable-v2.13.5 - os: macos-12 version: stable-v2.13.5 - - os: ubuntu-latest - version: stable-v2.14.6 - os: macos-12 version: stable-v2.14.6 - - os: ubuntu-latest - version: stable-v2.15.5 - os: macos-latest version: stable-v2.15.5 - - os: ubuntu-latest - version: stable-v2.16.6 - os: macos-latest version: stable-v2.16.6 - - os: ubuntu-latest - version: default - os: macos-latest version: default - - os: ubuntu-latest - version: latest - os: macos-latest version: latest - - os: ubuntu-latest - version: nightly-latest - os: macos-latest version: nightly-latest name: Scaling reserved RAM diff --git a/.github/workflows/__swift-custom-build.yml b/.github/workflows/__swift-custom-build.yml index 60560f2b50..040728a595 100644 --- a/.github/workflows/__swift-custom-build.yml +++ b/.github/workflows/__swift-custom-build.yml @@ -28,16 +28,10 @@ jobs: fail-fast: false matrix: include: - - os: ubuntu-latest - version: latest - os: macos-latest version: latest - - os: ubuntu-latest - version: default - os: macos-latest version: default - - os: ubuntu-latest - version: nightly-latest - os: macos-latest version: nightly-latest name: Swift analysis using a custom build command diff --git a/.github/workflows/__unset-environment.yml b/.github/workflows/__unset-environment.yml index 7d2e3a9740..024c496d13 100644 --- a/.github/workflows/__unset-environment.yml +++ b/.github/workflows/__unset-environment.yml @@ -28,21 +28,17 @@ jobs: fail-fast: false matrix: include: - - os: ubuntu-latest - version: stable-20230403 - - os: ubuntu-latest - version: stable-v2.13.5 - - os: ubuntu-latest + - os: macos-12 version: stable-v2.14.6 - - os: ubuntu-latest + - os: macos-latest version: stable-v2.15.5 - - os: ubuntu-latest + - os: macos-latest version: stable-v2.16.6 - - os: ubuntu-latest - version: default - - os: ubuntu-latest + - os: macos-latest version: latest - - os: ubuntu-latest + - os: macos-latest + version: default + - os: macos-latest version: nightly-latest name: Test unsetting environment variables permissions: @@ -79,6 +75,9 @@ jobs: - uses: ./../action/.github/actions/setup-swift with: codeql-path: ${{ steps.init.outputs.codeql-path }} + - uses: actions/setup-go@v5 + with: + go-version: '>=1.21.0' - name: Build code shell: bash # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a diff --git a/.github/workflows/debug-artifacts.yml b/.github/workflows/debug-artifacts.yml index 30e6550f7e..038a5337e9 100644 --- a/.github/workflows/debug-artifacts.yml +++ b/.github/workflows/debug-artifacts.yml @@ -25,9 +25,10 @@ jobs: fail-fast: false matrix: version: - - stable-20230403 - - stable-v2.13.5 - - stable-v2.14.6 + # TODO: Once CLI v2.17.4 is available and the platform is switched back to ubuntu, + # stable-20230403, stable-v2.13.5, and stable-v2.14.6 can be added back to this matrix, + # and the VERSIONS variable in the bash script below. + # Prior to CLI v2.15.1, ARM runners were not supported by the build tracer. - stable-v2.15.5 - stable-v2.16.6 - default @@ -37,7 +38,7 @@ jobs: env: CODEQL_ACTION_TEST_MODE: true timeout-minutes: 45 - runs-on: ubuntu-latest + runs-on: macos-latest # TODO: Switch back to ubuntu for `nightly-latest` and `latest` once CLI v2.17.4 is available. steps: - name: Check out repository uses: actions/checkout@v4 @@ -75,7 +76,7 @@ jobs: - name: Check expected artifacts exist shell: bash run: | - VERSIONS="stable-20230403 stable-v2.13.5 stable-v2.14.6 stable-v2.15.5 stable-v2.16.6 default latest nightly-latest" + VERSIONS="stable-v2.15.5 stable-v2.16.6 default latest nightly-latest" LANGUAGES="cpp csharp go java javascript python" for version in $VERSIONS; do pushd "./my-debug-artifacts-${version//./}" diff --git a/CHANGELOG.md b/CHANGELOG.md index 5895de5c22..b38cfd7d14 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,10 @@ Note that the only difference between `v2` and `v3` of the CodeQL Action is the No user facing changes. +## 3.25.6 - 20 May 2024 + +- Update default CodeQL bundle version to 2.17.3. [#2295](https://github.com/github/codeql-action/pull/2295) + ## 3.25.5 - 13 May 2024 - Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the [README.md](README.md). [#2273](https://github.com/github/codeql-action/pull/2273) diff --git a/init/action.yml b/init/action.yml index 7124bb905b..4cbb012399 100644 --- a/init/action.yml +++ b/init/action.yml @@ -36,10 +36,7 @@ inputs: - `none`: The database will be created without building the source code. Available for all interpreted languages and some compiled languages. - `autobuild`: The database will be created by attempting to automatically build the source - code. - To use this build mode, ensure that your workflow calls the `autobuild` action - between the `init` and `analyze` steps. - Available for all compiled languages. + code. Available for all compiled languages. - `manual`: The database will be created by building the source code using a manually specified build command. To use this build mode, specify manual build steps in your workflow between the `init` and `analyze` steps. Available for all diff --git a/lib/defaults.json b/lib/defaults.json index 16629c81f3..a96dc10e56 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.17.2", - "cliVersion": "2.17.2", - "priorBundleVersion": "codeql-bundle-v2.17.1", - "priorCliVersion": "2.17.1" + "bundleVersion": "codeql-bundle-v2.17.3", + "cliVersion": "2.17.3", + "priorBundleVersion": "codeql-bundle-v2.17.2", + "priorCliVersion": "2.17.2" } diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index 83ff4a7f3c..d0b5b68a3c 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "3.25.6", + "version": "3.25.7", "lockfileVersion": 3, "requires": true, "packages": { diff --git a/package-lock.json b/package-lock.json index b581b6c988..24f2b92530 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "3.25.6", + "version": "3.25.7", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "3.25.6", + "version": "3.25.7", "license": "MIT", "dependencies": { "@actions/artifact": "^1.1.2", diff --git a/package.json b/package.json index c08ac64bae..40cb026a4e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "3.25.6", + "version": "3.25.7", "private": true, "description": "CodeQL action", "scripts": { diff --git a/pr-checks/checks/multi-language-autodetect.yml b/pr-checks/checks/multi-language-autodetect.yml index 379938c5a2..89efa2ca5c 100644 --- a/pr-checks/checks/multi-language-autodetect.yml +++ b/pr-checks/checks/multi-language-autodetect.yml @@ -1,6 +1,7 @@ name: "Multi-language repository" description: "An end-to-end integration test of a multi-language repository using automatic language detection" -operatingSystems: ["ubuntu", "macos"] +# TODO: Add ubuntu back for `nightly-latest` and `latest` once CLI v2.17.4 is available. +operatingSystems: ["macos"] steps: - uses: actions/setup-go@v5 with: diff --git a/pr-checks/checks/scaling-reserved-ram.yml b/pr-checks/checks/scaling-reserved-ram.yml index cd8d56746e..acd6c2b24b 100644 --- a/pr-checks/checks/scaling-reserved-ram.yml +++ b/pr-checks/checks/scaling-reserved-ram.yml @@ -1,6 +1,7 @@ name: "Scaling reserved RAM" description: "An end-to-end integration test of a multi-language repository with the scaling_reserved_ram feature flag enabled" -operatingSystems: ["ubuntu", "macos"] +# TODO: Add ubuntu back for `nightly-latest` and `latest` once CLI v2.17.4 is available. +operatingSystems: ["macos"] env: CODEQL_ACTION_SCALING_RESERVED_RAM: true steps: diff --git a/pr-checks/checks/swift-custom-build.yml b/pr-checks/checks/swift-custom-build.yml index a5da41f568..b66c45e9e6 100644 --- a/pr-checks/checks/swift-custom-build.yml +++ b/pr-checks/checks/swift-custom-build.yml @@ -1,7 +1,8 @@ name: "Swift analysis using a custom build command" description: "Tests creation of a Swift database using custom build" versions: ["latest", "default", "nightly-latest"] -operatingSystems: ["ubuntu", "macos"] +# TODO: Add ubuntu back for `nightly-latest` and `latest` once CLI v2.17.4 is available. +operatingSystems: ["macos"] env: DOTNET_GENERATE_ASPNET_CERTIFICATE: "false" steps: diff --git a/pr-checks/checks/unset-environment.yml b/pr-checks/checks/unset-environment.yml index 2161bfc9dd..445ad99e27 100644 --- a/pr-checks/checks/unset-environment.yml +++ b/pr-checks/checks/unset-environment.yml @@ -1,6 +1,8 @@ name: "Test unsetting environment variables" description: "An end-to-end integration test that unsets some environment variables" -operatingSystems: ["ubuntu"] +# TODO: Switch back to all versions once CLI v2.17.4 is available and running on ubuntu again. +versions: ["stable-v2.14.6", "stable-v2.15.5", "stable-v2.16.6", "latest", "default", "nightly-latest"] +operatingSystems: ["macos"] # TODO: Switch back to ubuntu for `nightly-latest` and `latest` once CLI v2.17.4 is available. steps: - uses: ./../action/init id: init @@ -10,6 +12,9 @@ steps: - uses: ./../action/.github/actions/setup-swift with: codeql-path: ${{ steps.init.outputs.codeql-path }} + - uses: actions/setup-go@v5 + with: + go-version: '>=1.21.0' - name: Build code shell: bash # Disable Kotlin analysis while it's incompatible with Kotlin 1.8, until we find a diff --git a/src/defaults.json b/src/defaults.json index 3761429c64..2f4eb0e6de 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.17.2", - "cliVersion": "2.17.2", - "priorBundleVersion": "codeql-bundle-v2.17.1", - "priorCliVersion": "2.17.1" + "bundleVersion": "codeql-bundle-v2.17.3", + "cliVersion": "2.17.3", + "priorBundleVersion": "codeql-bundle-v2.17.2", + "priorCliVersion": "2.17.2" }