Ruby: update dependencies#10668
Conversation
| - name: Build Query Pack | ||
| run: | | ||
| codeql pack create ../shared/ssa --output target/packs | ||
| codeql pack install ql/lib |
There was a problem hiding this comment.
Will this still build the pack from the repo, or fetch it from the registry?
There was a problem hiding this comment.
I guess it fetches it from the registry.
There was a problem hiding this comment.
That doesn't work then. We do not guarantee, that the code in main is compatible with any released shared pack; only that it is compatible with the version of the pack at main as well.
There was a problem hiding this comment.
Ah ok. In that case we should remove the codeql pack install ql/src call too and use the suite-helpers from ../misc
erik-krogh
left a comment
There was a problem hiding this comment.
LGTM - except for the lock files.
There is no need for explicit dependency versions in the lock files, as all the dependencies are present locally.
So I removed those and pushed that to this PR.
Ruby and Go were the only languages that had any explicit dependencies in their lockfiles, which I suppose are leftovers from the days of living in a separate repo.
/cc @aeisenberg: Am I correct in assuming that these lock files don't need anything in dependencies:?
That's right! |
Update the lock files to include the
codeql/ssalibrary and replace ad-hoc pack create command with a propercodeql pack installcommand now the ssa library has been published.