From 2c9cd778370535d5d5cb8eb04a4ba7d34890717a Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Wed, 6 May 2026 18:45:24 +0100 Subject: [PATCH 01/16] Tests: Run slow `scanArtifactsForTokens` test in CI only by default --- src/artifact-scanner.test.ts | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/artifact-scanner.test.ts b/src/artifact-scanner.test.ts index d2ecd18e2f..6f68e647da 100644 --- a/src/artifact-scanner.test.ts +++ b/src/artifact-scanner.test.ts @@ -141,7 +141,12 @@ test("scanArtifactsForTokens handles files without tokens", async (t) => { } }); -if (os.platform() !== "win32") { +// This test is slow (extracts and scans a zip artifact), so by default we only run it in CI. Set +// RUN_SLOW_TESTS=1 to run it locally. +if ( + os.platform() !== "win32" && + (process.env.CI === "true" || process.env.RUN_SLOW_TESTS === "1") +) { test("scanArtifactsForTokens finds token in debug artifacts", async (t) => { t.timeout(15000); // 15 seconds const messages: LoggedMessage[] = []; From d1e9792bc8c60efe49036cad07d04ac6597e88fa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 6 May 2026 17:59:44 +0000 Subject: [PATCH 02/16] Bump the npm-minor group across 1 directory with 4 updates Bumps the npm-minor group with 4 updates in the / directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [eslint](https://github.com/eslint/eslint), [typescript](https://github.com/microsoft/TypeScript) and [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint). Updates `@types/node` from 20.19.9 to 20.19.39 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `eslint` from 9.39.2 to 9.39.4 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/compare/v9.39.2...v9.39.4) Updates `typescript` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](https://github.com/microsoft/TypeScript/compare/v6.0.2...v6.0.3) Updates `typescript-eslint` from 8.58.2 to 8.59.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.59.1/packages/typescript-eslint) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 20.19.39 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-minor - dependency-name: eslint dependency-version: 9.39.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-minor - dependency-name: typescript dependency-version: 6.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-minor - dependency-name: typescript-eslint dependency-version: 8.59.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-minor ... Signed-off-by: dependabot[bot] --- package-lock.json | 188 +++++++++++++++++++++-------------------- package.json | 8 +- pr-checks/package.json | 2 +- 3 files changed, 100 insertions(+), 98 deletions(-) diff --git a/package-lock.json b/package-lock.json index 06055b9bef..15d8ea1122 100644 --- a/package-lock.json +++ b/package-lock.json @@ -43,14 +43,14 @@ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "^20.19.9", + "@types/node": "^20.19.39", "@types/node-forge": "^1.3.14", "@types/sarif": "^2.1.7", "@types/semver": "^7.7.1", "@types/sinon": "^21.0.1", "ava": "^7.0.0", "esbuild": "^0.28.0", - "eslint": "^9.39.2", + "eslint": "^9.39.4", "eslint-import-resolver-typescript": "^4.4.4", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.2", @@ -60,8 +60,8 @@ "globals": "^17.5.0", "nock": "^14.0.12", "sinon": "^21.1.2", - "typescript": "^6.0.2", - "typescript-eslint": "^8.58.2" + "typescript": "^6.0.3", + "typescript-eslint": "^8.59.1" } }, "node_modules/@aashutoshrathi/word-wrap": { @@ -1337,15 +1337,15 @@ } }, "node_modules/@eslint/config-array": { - "version": "0.21.1", - "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.21.1.tgz", - "integrity": "sha512-aw1gNayWpdI/jSYVgzN5pL0cfzU02GT3NBpeT/DXbx1/1x7ZKxFPd9bwrzygx/qiwIQiJ1sw/zD8qY/kRvlGHA==", + "version": "0.21.2", + "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.21.2.tgz", + "integrity": "sha512-nJl2KGTlrf9GjLimgIru+V/mzgSK0ABCDQRvxw5BjURL7WfH5uoWmizbH7QB6MmnMBd8cIC9uceWnezL1VZWWw==", "dev": true, "license": "Apache-2.0", "dependencies": { "@eslint/object-schema": "^2.1.7", "debug": "^4.3.1", - "minimatch": "^3.1.2" + "minimatch": "^3.1.5" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1391,20 +1391,20 @@ } }, "node_modules/@eslint/eslintrc": { - "version": "3.3.3", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.3.3.tgz", - "integrity": "sha512-Kr+LPIUVKz2qkx1HAMH8q1q6azbqBAsXJUxBl/ODDuVPX45Z9DfwB8tPjTi6nNZ8BuM3nbJxC5zCAg5elnBUTQ==", + "version": "3.3.5", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.3.5.tgz", + "integrity": "sha512-4IlJx0X0qftVsN5E+/vGujTRIFtwuLbNsVUe7TO6zYPDR1O6nFwvwhIKEKSrl6dZchmYBITazxKoUYOjdtjlRg==", "dev": true, "license": "MIT", "dependencies": { - "ajv": "^6.12.4", + "ajv": "^6.14.0", "debug": "^4.3.2", "espree": "^10.0.1", "globals": "^14.0.0", "ignore": "^5.2.0", "import-fresh": "^3.2.1", "js-yaml": "^4.1.1", - "minimatch": "^3.1.2", + "minimatch": "^3.1.5", "strip-json-comments": "^3.1.1" }, "engines": { @@ -1427,9 +1427,9 @@ } }, "node_modules/@eslint/js": { - "version": "9.39.2", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.39.2.tgz", - "integrity": "sha512-q1mjIoW1VX4IvSocvM/vbTiveKC4k9eLrajNEuSsmjymSDEbpGddtpfOoN7YGAqBK3NG+uqo8ia4PDTt8buCYA==", + "version": "9.39.4", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.39.4.tgz", + "integrity": "sha512-nE7DEIchvtiFTwBw4Lfbu59PG+kCofhjsKaCWzxTpt4lfRjRMqG6uMBzKXuEcyXhOHoUp9riAm7/aWYGhXZ9cw==", "dev": true, "license": "MIT", "engines": { @@ -2469,9 +2469,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "20.19.9", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.19.9.tgz", - "integrity": "sha512-cuVNgarYWZqxRJDQHEB58GEONhOK79QVR/qYx4S7kcUObQvUwvFnYxJuuHUKm2aieN9X3yZB4LZsuYNU1Qphsw==", + "version": "20.19.39", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.19.39.tgz", + "integrity": "sha512-orrrD74MBUyK8jOAD/r0+lfa1I2MO6I+vAkmAWzMYbCcgrN4lCrmK52gRFQq/JRxfYPfonkr4b0jcY7Olqdqbw==", "dev": true, "license": "MIT", "dependencies": { @@ -2528,17 +2528,17 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.58.2.tgz", - "integrity": "sha512-aC2qc5thQahutKjP+cl8cgN9DWe3ZUqVko30CMSZHnFEHyhOYoZSzkGtAI2mcwZ38xeImDucI4dnqsHiOYuuCw==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.59.1.tgz", + "integrity": "sha512-BOziFIfE+6osHO9FoJG4zjoHUcvI7fTNBSpdAwrNH0/TLvzjsk2oo8XSSOT2HhqUyhZPfHv4UOffoJ9oEEQ7Ag==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/regexpp": "^4.12.2", - "@typescript-eslint/scope-manager": "8.58.2", - "@typescript-eslint/type-utils": "8.58.2", - "@typescript-eslint/utils": "8.58.2", - "@typescript-eslint/visitor-keys": "8.58.2", + "@typescript-eslint/scope-manager": "8.59.1", + "@typescript-eslint/type-utils": "8.59.1", + "@typescript-eslint/utils": "8.59.1", + "@typescript-eslint/visitor-keys": "8.59.1", "ignore": "^7.0.5", "natural-compare": "^1.4.0", "ts-api-utils": "^2.5.0" @@ -2551,7 +2551,7 @@ "url": "https://opencollective.com/typescript-eslint" }, "peerDependencies": { - "@typescript-eslint/parser": "^8.58.2", + "@typescript-eslint/parser": "^8.59.1", "eslint": "^8.57.0 || ^9.0.0 || ^10.0.0", "typescript": ">=4.8.4 <6.1.0" } @@ -2567,16 +2567,16 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.58.2.tgz", - "integrity": "sha512-/Zb/xaIDfxeJnvishjGdcR4jmr7S+bda8PKNhRGdljDM+elXhlvN0FyPSsMnLmJUrVG9aPO6dof80wjMawsASg==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.59.1.tgz", + "integrity": "sha512-HDQH9O/47Dxi1ceDhBXdaldtf/WV9yRYMjbjCuNk3qnaTD564qwv61Y7+gTxwxRKzSrgO5uhtw584igXVuuZkA==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/scope-manager": "8.58.2", - "@typescript-eslint/types": "8.58.2", - "@typescript-eslint/typescript-estree": "8.58.2", - "@typescript-eslint/visitor-keys": "8.58.2", + "@typescript-eslint/scope-manager": "8.59.1", + "@typescript-eslint/types": "8.59.1", + "@typescript-eslint/typescript-estree": "8.59.1", + "@typescript-eslint/visitor-keys": "8.59.1", "debug": "^4.4.3" }, "engines": { @@ -2610,14 +2610,14 @@ } }, "node_modules/@typescript-eslint/project-service": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.58.2.tgz", - "integrity": "sha512-Cq6UfpZZk15+r87BkIh5rDpi38W4b+Sjnb8wQCPPDDweS/LRCFjCyViEbzHk5Ck3f2QDfgmlxqSa7S7clDtlfg==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.59.1.tgz", + "integrity": "sha512-+MuHQlHiEr00Of/IQbE/MmEoi44znZHbR/Pz7Opq4HryUOlRi+/44dro9Ycy8Fyo+/024IWtw8m4JUMCGTYxDg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/tsconfig-utils": "^8.58.2", - "@typescript-eslint/types": "^8.58.2", + "@typescript-eslint/tsconfig-utils": "^8.59.1", + "@typescript-eslint/types": "^8.59.1", "debug": "^4.4.3" }, "engines": { @@ -2650,14 +2650,14 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.58.2.tgz", - "integrity": "sha512-SgmyvDPexWETQek+qzZnrG6844IaO02UVyOLhI4wpo82dpZJY9+6YZCKAMFzXb7qhx37mFK1QcPQ18tud+vo6Q==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.59.1.tgz", + "integrity": "sha512-LwuHQI4pDOYVKvmH2dkaJo6YZCSgouVgnS/z7yBPKBMvgtBvyLqiLy9Z6b7+m/TRcX1NFYUqZetI5Y+aT4GEfg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.58.2", - "@typescript-eslint/visitor-keys": "8.58.2" + "@typescript-eslint/types": "8.59.1", + "@typescript-eslint/visitor-keys": "8.59.1" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -2668,9 +2668,9 @@ } }, "node_modules/@typescript-eslint/tsconfig-utils": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.58.2.tgz", - "integrity": "sha512-3SR+RukipDvkkKp/d0jP0dyzuls3DbGmwDpVEc5wqk5f38KFThakqAAO0XMirWAE+kT00oTauTbzMFGPoAzB0A==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.59.1.tgz", + "integrity": "sha512-/0nEyPbX7gRsk0Uwfe4ALwwgxuA66d/l2mhRDNlAvaj4U3juhUtJNq0DsY8M2AYwwb9rEq2hrC3IcIcEt++iJA==", "dev": true, "license": "MIT", "engines": { @@ -2685,15 +2685,15 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.58.2.tgz", - "integrity": "sha512-Z7EloNR/B389FvabdGeTo2XMs4W9TjtPiO9DAsmT0yom0bwlPyRjkJ1uCdW1DvrrrYP50AJZ9Xc3sByZA9+dcg==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.59.1.tgz", + "integrity": "sha512-klWPBR2ciQHS3f++ug/mVnWKPjBUo7icEL3FAO1lhAR1Z1i5NQYZ1EannMSRYcq5qCv5wNALlXr6fksRHyYl7w==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.58.2", - "@typescript-eslint/typescript-estree": "8.58.2", - "@typescript-eslint/utils": "8.58.2", + "@typescript-eslint/types": "8.59.1", + "@typescript-eslint/typescript-estree": "8.59.1", + "@typescript-eslint/utils": "8.59.1", "debug": "^4.4.3", "ts-api-utils": "^2.5.0" }, @@ -2728,9 +2728,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.58.2.tgz", - "integrity": "sha512-9TukXyATBQf/Jq9AMQXfvurk+G5R2MwfqQGDR2GzGz28HvY/lXNKGhkY+6IOubwcquikWk5cjlgPvD2uAA7htQ==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.59.1.tgz", + "integrity": "sha512-ZDCjgccSdYPw5Bxh+my4Z0lJU96ZDN7jbBzvmEn0FZx3RtU1C7VWl6NbDx94bwY3V5YsgwRzJPOgeY2Q/nLG8A==", "dev": true, "license": "MIT", "engines": { @@ -2742,16 +2742,16 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.58.2.tgz", - "integrity": "sha512-ELGuoofuhhoCvNbQjFFiobFcGgcDCEm0ThWdmO4Z0UzLqPXS3KFvnEZ+SHewwOYHjM09tkzOWXNTv9u6Gqtyuw==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.59.1.tgz", + "integrity": "sha512-OUd+vJS05sSkOip+BkZ/2NS8RMxrAAJemsC6vU3kmfLyeaJT0TftHkV9mcx2107MmsBVXXexhVu4F0TZXyMl4g==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/project-service": "8.58.2", - "@typescript-eslint/tsconfig-utils": "8.58.2", - "@typescript-eslint/types": "8.58.2", - "@typescript-eslint/visitor-keys": "8.58.2", + "@typescript-eslint/project-service": "8.59.1", + "@typescript-eslint/tsconfig-utils": "8.59.1", + "@typescript-eslint/types": "8.59.1", + "@typescript-eslint/visitor-keys": "8.59.1", "debug": "^4.4.3", "minimatch": "^10.2.2", "semver": "^7.7.3", @@ -2827,16 +2827,16 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.58.2.tgz", - "integrity": "sha512-QZfjHNEzPY8+l0+fIXMvuQ2sJlplB4zgDZvA+NmvZsZv3EQwOcc1DuIU1VJUTWZ/RKouBMhDyNaBMx4sWvrzRA==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.59.1.tgz", + "integrity": "sha512-3pIeoXhCeYH9FSCBI8P3iNwJlGuzPlYKkTlen2O9T1DSeeg8UG8jstq6BLk+Mda0qup7mgk4z4XL4OzRaxZ8LA==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.9.1", - "@typescript-eslint/scope-manager": "8.58.2", - "@typescript-eslint/types": "8.58.2", - "@typescript-eslint/typescript-estree": "8.58.2" + "@typescript-eslint/scope-manager": "8.59.1", + "@typescript-eslint/types": "8.59.1", + "@typescript-eslint/typescript-estree": "8.59.1" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -2851,13 +2851,13 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.58.2.tgz", - "integrity": "sha512-f1WO2Lx8a9t8DARmcWAUPJbu0G20bJlj8L4z72K00TMeJAoyLr/tHhI/pzYBLrR4dXWkcxO1cWYZEOX8DKHTqA==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.59.1.tgz", + "integrity": "sha512-LdDNl6C5iJExcM0Yh0PwAIBb9PrSiCsWamF/JyEZawm3kFDnRoaq3LGE4bpyRao/fWeGKKyw7icx0YxrLFC5Cg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.58.2", + "@typescript-eslint/types": "8.59.1", "eslint-visitor-keys": "^5.0.0" }, "engines": { @@ -3271,7 +3271,9 @@ } }, "node_modules/ajv": { - "version": "6.12.6", + "version": "6.15.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.15.0.tgz", + "integrity": "sha512-fgFx7Hfoq60ytK2c7DhnF8jIvzYgOMxfugjLOSMHjLIPgenqa7S7oaagATUq99mV6IYvN2tRmC0wnTYX6iPbMw==", "dev": true, "license": "MIT", "dependencies": { @@ -4725,25 +4727,25 @@ } }, "node_modules/eslint": { - "version": "9.39.2", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.39.2.tgz", - "integrity": "sha512-LEyamqS7W5HB3ujJyvi0HQK/dtVINZvd5mAAp9eT5S/ujByGjiZLCzPcHVzuXbpJDJF/cxwHlfceVUDZ2lnSTw==", + "version": "9.39.4", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.39.4.tgz", + "integrity": "sha512-XoMjdBOwe/esVgEvLmNsD3IRHkm7fbKIUGvrleloJXUZgDHig2IPWNniv+GwjyJXzuNqVjlr5+4yVUZjycJwfQ==", "dev": true, "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.8.0", "@eslint-community/regexpp": "^4.12.1", - "@eslint/config-array": "^0.21.1", + "@eslint/config-array": "^0.21.2", "@eslint/config-helpers": "^0.4.2", "@eslint/core": "^0.17.0", - "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "9.39.2", + "@eslint/eslintrc": "^3.3.5", + "@eslint/js": "9.39.4", "@eslint/plugin-kit": "^0.4.1", "@humanfs/node": "^0.16.6", "@humanwhocodes/module-importer": "^1.0.1", "@humanwhocodes/retry": "^0.4.2", "@types/estree": "^1.0.6", - "ajv": "^6.12.4", + "ajv": "^6.14.0", "chalk": "^4.0.0", "cross-spawn": "^7.0.6", "debug": "^4.3.2", @@ -4762,7 +4764,7 @@ "is-glob": "^4.0.0", "json-stable-stringify-without-jsonify": "^1.0.1", "lodash.merge": "^4.6.2", - "minimatch": "^3.1.2", + "minimatch": "^3.1.5", "natural-compare": "^1.4.0", "optionator": "^0.9.3" }, @@ -9771,9 +9773,9 @@ } }, "node_modules/typescript": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.2.tgz", - "integrity": "sha512-bGdAIrZ0wiGDo5l8c++HWtbaNCWTS4UTv7RaTH/ThVIgjkveJt83m74bBHMJkuCbslY8ixgLBVZJIOiQlQTjfQ==", + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-6.0.3.tgz", + "integrity": "sha512-y2TvuxSZPDyQakkFRPZHKFm+KKVqIisdg9/CZwm9ftvKXLP8NRWj38/ODjNbr43SsoXqNuAisEf1GdCxqWcdBw==", "dev": true, "license": "Apache-2.0", "bin": { @@ -9785,16 +9787,16 @@ } }, "node_modules/typescript-eslint": { - "version": "8.58.2", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.58.2.tgz", - "integrity": "sha512-V8iSng9mRbdZjl54VJ9NKr6ZB+dW0J3TzRXRGcSbLIej9jV86ZRtlYeTKDR/QLxXykocJ5icNzbsl2+5TzIvcQ==", + "version": "8.59.1", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.59.1.tgz", + "integrity": "sha512-xqDcFVBmlrltH64lklOVp1wYxgJr6LVdg3NamBgH2OOQDLFdTKfIZXF5PfghrnXQKXZGTQs8tr1vL7fJvq8CTQ==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/eslint-plugin": "8.58.2", - "@typescript-eslint/parser": "8.58.2", - "@typescript-eslint/typescript-estree": "8.58.2", - "@typescript-eslint/utils": "8.58.2" + "@typescript-eslint/eslint-plugin": "8.59.1", + "@typescript-eslint/parser": "8.59.1", + "@typescript-eslint/typescript-estree": "8.59.1", + "@typescript-eslint/utils": "8.59.1" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -10388,7 +10390,7 @@ "yaml": "^2.8.3" }, "devDependencies": { - "@types/node": "^20.19.9", + "@types/node": "^20.19.39", "tsx": "^4.21.0" } } diff --git a/package.json b/package.json index d32144614b..171833b55e 100644 --- a/package.json +++ b/package.json @@ -50,14 +50,14 @@ "@types/archiver": "^7.0.0", "@types/follow-redirects": "^1.14.4", "@types/js-yaml": "^4.0.9", - "@types/node": "^20.19.9", + "@types/node": "^20.19.39", "@types/node-forge": "^1.3.14", "@types/sarif": "^2.1.7", "@types/semver": "^7.7.1", "@types/sinon": "^21.0.1", "ava": "^7.0.0", "esbuild": "^0.28.0", - "eslint": "^9.39.2", + "eslint": "^9.39.4", "eslint-import-resolver-typescript": "^4.4.4", "eslint-plugin-github": "^6.0.0", "eslint-plugin-import-x": "^4.16.2", @@ -67,8 +67,8 @@ "globals": "^17.5.0", "nock": "^14.0.12", "sinon": "^21.1.2", - "typescript": "^6.0.2", - "typescript-eslint": "^8.58.2" + "typescript": "^6.0.3", + "typescript-eslint": "^8.59.1" }, "overrides": { "@actions/tool-cache": { diff --git a/pr-checks/package.json b/pr-checks/package.json index f5d5746896..0189318ede 100644 --- a/pr-checks/package.json +++ b/pr-checks/package.json @@ -10,7 +10,7 @@ "yaml": "^2.8.3" }, "devDependencies": { - "@types/node": "^20.19.9", + "@types/node": "^20.19.39", "tsx": "^4.21.0" } } From 1848b73afaca43060a19cef9ded4a6c751c536ad Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 6 May 2026 18:01:54 +0000 Subject: [PATCH 03/16] Rebuild --- src/config-utils.test.ts | 20 ++++++++++---------- src/debug-artifacts.ts | 2 +- src/feature-flags.ts | 2 +- src/init-action-post-helper.test.ts | 2 +- src/upload-sarif.test.ts | 2 +- src/workflow.test.ts | 2 +- 6 files changed, 15 insertions(+), 15 deletions(-) diff --git a/src/config-utils.test.ts b/src/config-utils.test.ts index 25aa414334..bc386f1729 100644 --- a/src/config-utils.test.ts +++ b/src/config-utils.test.ts @@ -1214,7 +1214,7 @@ test.serial( features: [Feature.OverlayAnalysis, Feature.OverlayAnalysisJavascript], codeScanningConfig: { packs: ["some-custom-pack@1.0.0"], - } as UserConfig, + }, isDefaultBranch: true, }, { @@ -1464,7 +1464,7 @@ test.serial( ], codeScanningConfig: { "disable-default-queries": true, - } as UserConfig, + }, isDefaultBranch: true, }, { @@ -1483,7 +1483,7 @@ test.serial( ], codeScanningConfig: { packs: ["some-custom-pack@1.0.0"], - } as UserConfig, + }, isDefaultBranch: true, }, { @@ -1502,7 +1502,7 @@ test.serial( ], codeScanningConfig: { queries: [{ uses: "some-query.ql" }], - } as UserConfig, + }, isDefaultBranch: true, }, { @@ -1521,7 +1521,7 @@ test.serial( ], codeScanningConfig: { "query-filters": [{ include: { "security-severity": "high" } }], - } as UserConfig, + }, isDefaultBranch: true, }, { @@ -1590,7 +1590,7 @@ test.serial( features: [Feature.OverlayAnalysis, Feature.OverlayAnalysisJavascript], codeScanningConfig: { packs: ["some-custom-pack@1.0.0"], - } as UserConfig, + }, isPullRequest: true, }, { @@ -1741,7 +1741,7 @@ test.serial( ], codeScanningConfig: { "disable-default-queries": true, - } as UserConfig, + }, isPullRequest: true, }, { @@ -1760,7 +1760,7 @@ test.serial( ], codeScanningConfig: { packs: ["some-custom-pack@1.0.0"], - } as UserConfig, + }, isPullRequest: true, }, { @@ -1779,7 +1779,7 @@ test.serial( ], codeScanningConfig: { queries: [{ uses: "some-query.ql" }], - } as UserConfig, + }, isPullRequest: true, }, { @@ -1798,7 +1798,7 @@ test.serial( ], codeScanningConfig: { "query-filters": [{ include: { "security-severity": "high" } }], - } as UserConfig, + }, isPullRequest: true, }, { diff --git a/src/debug-artifacts.ts b/src/debug-artifacts.ts index ec6940500d..016fcdf7c4 100644 --- a/src/debug-artifacts.ts +++ b/src/debug-artifacts.ts @@ -263,7 +263,7 @@ export function getArtifactSuffix(matrix: string | undefined): string { try { const matrixObject = JSON.parse(matrix); if (json.isObject(matrixObject)) { - for (const matrixKey of Object.keys(matrixObject as object).sort()) + for (const matrixKey of Object.keys(matrixObject).sort()) suffix += `-${matrixObject[matrixKey]}`; } else { core.warning("User-specified `matrix` input is not an object."); diff --git a/src/feature-flags.ts b/src/feature-flags.ts index 80adce550a..d28800e9b8 100644 --- a/src/feature-flags.ts +++ b/src/feature-flags.ts @@ -386,7 +386,7 @@ class OfflineFeatures implements FeatureEnablement { getFeatureConfig(feature: Feature): FeatureConfig { // Narrow the type to FeatureConfig to avoid type errors. To avoid unsafe use of `as`, we // check that the required properties exist using `satisfies`. - return featureConfig[feature] satisfies FeatureConfig as FeatureConfig; + return featureConfig[feature] satisfies FeatureConfig; } /** diff --git a/src/init-action-post-helper.test.ts b/src/init-action-post-helper.test.ts index 8c687b4e94..22efad98c1 100644 --- a/src/init-action-post-helper.test.ts +++ b/src/init-action-post-helper.test.ts @@ -601,7 +601,7 @@ async function testFailedSarifUpload( uploadFiles.resolves({ sarifID: "42", statusReport: { raw_upload_size_bytes: 20, zipped_upload_size_bytes: 10 }, - } as uploadLib.UploadResult); + }); const waitForProcessing = sinon.stub(uploadLib, "waitForProcessing"); const features = [] as Feature[]; diff --git a/src/upload-sarif.test.ts b/src/upload-sarif.test.ts index fcd5c3108f..bf5d285308 100644 --- a/src/upload-sarif.test.ts +++ b/src/upload-sarif.test.ts @@ -67,7 +67,7 @@ const postProcessAndUploadSarifMacro = test.macro({ const analysisConfig = getAnalysisConfig(analysisKind); uploadPostProcessedFiles .withArgs(logger, sinon.match.any, analysisConfig, sinon.match.any) - .resolves(expectedResult[analysisKind as AnalysisKind]?.uploadResult); + .resolves(expectedResult[analysisKind]?.uploadResult); } const fullSarifPaths = sarifFiles.map(toFullPath); diff --git a/src/workflow.test.ts b/src/workflow.test.ts index 67f9690401..bc5075dd0c 100644 --- a/src/workflow.test.ts +++ b/src/workflow.test.ts @@ -422,7 +422,7 @@ async function testLanguageAliases( ], }, }, - } as Workflow, + }, codeql, ); From 9f82f88f07f7e4effe8006b9354a8ae7ce7263a8 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 12:49:13 +0000 Subject: [PATCH 04/16] Update default bundle to codeql-bundle-v2.25.4 --- lib/analyze-action.js | 4 ++-- lib/autobuild-action.js | 4 ++-- lib/defaults.json | 8 ++++---- lib/init-action-post.js | 4 ++-- lib/init-action.js | 4 ++-- lib/setup-codeql-action.js | 4 ++-- lib/start-proxy-action.js | 4 ++-- lib/upload-lib.js | 4 ++-- lib/upload-sarif-action.js | 4 ++-- src/defaults.json | 8 ++++---- 10 files changed, 24 insertions(+), 24 deletions(-) diff --git a/lib/analyze-action.js b/lib/analyze-action.js index 5d1779110f..a0d645e563 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -89739,8 +89739,8 @@ var path6 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.25.3"; -var cliVersion = "2.25.3"; +var bundleVersion = "codeql-bundle-v2.25.4"; +var cliVersion = "2.25.4"; // src/overlay/index.ts var fs4 = __toESM(require("fs")); diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 17c427eda4..5ac767b0a8 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -86226,8 +86226,8 @@ var path5 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.25.3"; -var cliVersion = "2.25.3"; +var bundleVersion = "codeql-bundle-v2.25.4"; +var cliVersion = "2.25.4"; // src/overlay/index.ts var fs3 = __toESM(require("fs")); diff --git a/lib/defaults.json b/lib/defaults.json index 91936465e4..edd8175757 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.25.3", - "cliVersion": "2.25.3", - "priorBundleVersion": "codeql-bundle-v2.25.2", - "priorCliVersion": "2.25.2" + "bundleVersion": "codeql-bundle-v2.25.4", + "cliVersion": "2.25.4", + "priorBundleVersion": "codeql-bundle-v2.25.3", + "priorCliVersion": "2.25.3" } diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 2794b130e2..93d18db703 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -130901,8 +130901,8 @@ var path6 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.25.3"; -var cliVersion = "2.25.3"; +var bundleVersion = "codeql-bundle-v2.25.4"; +var cliVersion = "2.25.4"; // src/overlay/index.ts var fs4 = __toESM(require("fs")); diff --git a/lib/init-action.js b/lib/init-action.js index 3769eab060..9a7cd36d7f 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -87279,8 +87279,8 @@ var path7 = __toESM(require("path")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.25.3"; -var cliVersion = "2.25.3"; +var bundleVersion = "codeql-bundle-v2.25.4"; +var cliVersion = "2.25.4"; // src/overlay/index.ts var fs4 = __toESM(require("fs")); diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 72a24cede7..1217a8e539 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -86067,8 +86067,8 @@ var path5 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.25.3"; -var cliVersion = "2.25.3"; +var bundleVersion = "codeql-bundle-v2.25.4"; +var cliVersion = "2.25.4"; // src/overlay/index.ts var fs4 = __toESM(require("fs")); diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 256c358c0c..90d38d06c0 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -103064,8 +103064,8 @@ var path = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.25.3"; -var cliVersion = "2.25.3"; +var bundleVersion = "codeql-bundle-v2.25.4"; +var cliVersion = "2.25.4"; // src/git-utils.ts var core6 = __toESM(require_core()); diff --git a/lib/upload-lib.js b/lib/upload-lib.js index c0a9964c16..ff8b734868 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -89347,8 +89347,8 @@ var fs5 = __toESM(require("fs")); var semver5 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.25.3"; -var cliVersion = "2.25.3"; +var bundleVersion = "codeql-bundle-v2.25.4"; +var cliVersion = "2.25.4"; // src/overlay/index.ts var fs4 = __toESM(require("fs")); diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 83c55ee866..03f908ea5a 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -89018,8 +89018,8 @@ var path5 = __toESM(require("path")); var semver4 = __toESM(require_semver2()); // src/defaults.json -var bundleVersion = "codeql-bundle-v2.25.3"; -var cliVersion = "2.25.3"; +var bundleVersion = "codeql-bundle-v2.25.4"; +var cliVersion = "2.25.4"; // src/overlay/index.ts var fs4 = __toESM(require("fs")); diff --git a/src/defaults.json b/src/defaults.json index 91936465e4..edd8175757 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.25.3", - "cliVersion": "2.25.3", - "priorBundleVersion": "codeql-bundle-v2.25.2", - "priorCliVersion": "2.25.2" + "bundleVersion": "codeql-bundle-v2.25.4", + "cliVersion": "2.25.4", + "priorBundleVersion": "codeql-bundle-v2.25.3", + "priorCliVersion": "2.25.3" } From ae1b9155d331333bd3a526ae3fa105fbcf73ab36 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 12:49:22 +0000 Subject: [PATCH 05/16] Add changelog note --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b0d604e36..fc2b3c83af 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th ## [UNRELEASED] -No user facing changes. +- Update default CodeQL bundle version to [2.25.4](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4). [#3881](https://github.com/github/codeql-action/pull/3881) ## 4.35.3 - 01 May 2026 From aaef09c48db2dd7f0100363de1785963a34cd706 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 13:21:45 +0000 Subject: [PATCH 06/16] Bump ruby/setup-ruby Bumps the actions-minor group with 1 update in the /.github/workflows directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `ruby/setup-ruby` from 1.305.0 to 1.306.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/0cb964fd540e0a24c900370abf38a33466142735...c4e5b1316158f92e3d49443a9d58b31d25ac0f8f) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.306.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/__rubocop-multi-language.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/__rubocop-multi-language.yml b/.github/workflows/__rubocop-multi-language.yml index 33e78dd704..4e0fabe536 100644 --- a/.github/workflows/__rubocop-multi-language.yml +++ b/.github/workflows/__rubocop-multi-language.yml @@ -59,7 +59,7 @@ jobs: use-all-platform-bundle: 'false' setup-kotlin: 'true' - name: Set up Ruby - uses: ruby/setup-ruby@0cb964fd540e0a24c900370abf38a33466142735 # v1.305.0 + uses: ruby/setup-ruby@c4e5b1316158f92e3d49443a9d58b31d25ac0f8f # v1.306.0 with: ruby-version: 2.6 - name: Install Code Scanning integration From 17eabb2500031486a71e00ecbcb72c73804a6c9f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 13:23:54 +0000 Subject: [PATCH 07/16] Rebuild --- pr-checks/checks/rubocop-multi-language.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pr-checks/checks/rubocop-multi-language.yml b/pr-checks/checks/rubocop-multi-language.yml index 504dce1cd9..fdf6c913bb 100644 --- a/pr-checks/checks/rubocop-multi-language.yml +++ b/pr-checks/checks/rubocop-multi-language.yml @@ -5,7 +5,7 @@ versions: - default steps: - name: Set up Ruby - uses: ruby/setup-ruby@0cb964fd540e0a24c900370abf38a33466142735 # v1.305.0 + uses: ruby/setup-ruby@c4e5b1316158f92e3d49443a9d58b31d25ac0f8f # v1.306.0 with: ruby-version: 2.6 - name: Install Code Scanning integration From 6e3f985e4fc409a188c7701b68c4dec158c9ced3 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Thu, 7 May 2026 14:26:43 +0100 Subject: [PATCH 08/16] Add wrapper for `test.macro` --- src/testing-utils.ts | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/src/testing-utils.ts b/src/testing-utils.ts index fcb7149b56..cdfb37c738 100644 --- a/src/testing-utils.ts +++ b/src/testing-utils.ts @@ -2,7 +2,11 @@ import { TextDecoder } from "node:util"; import path from "path"; import * as github from "@actions/github"; -import { ExecutionContext, TestFn } from "ava"; +import test, { + type ExecutionContext, + type MacroDeclarationOptions, + type TestFn, +} from "ava"; import nock from "nock"; import * as sinon from "sinon"; @@ -85,8 +89,8 @@ function wrapOutput(context: TestContext) { }; } -export function setupTests(test: TestFn) { - const typedTest = test as TestFn; +export function setupTests(testFn: TestFn) { + const typedTest = testFn as TestFn; typedTest.beforeEach((t) => { // Set an empty CodeQL object so that all method calls will fail @@ -139,6 +143,26 @@ export function setupTests(test: TestFn) { }); } +/** + * Declare a reusable test implementation, with better type safety than `test.macro`. + */ +export function makeMacro( + decl: MacroDeclarationOptions, +) { + const m = test.macro(decl); + + const wrapper = (name: string, ...args: Args) => test(name, m, ...args); + wrapper.test = (...args: Args) => test(m, ...args); + wrapper.serial = (name: string, ...args: Args) => + test.serial(name, m, ...args); + // Make the implementation available as `fn`. We don't call it `exec` so + // that results from this function are not valid arguments to `test` + // or `test.serial`. + wrapper.fn = decl.exec; + + return wrapper; +} + /** * Default values for environment variables typically set in an Actions * environment. Tests can override individual variables by passing them in the From df77e87896689b5c736433984c5df14d86c63d56 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Thu, 7 May 2026 14:27:28 +0100 Subject: [PATCH 09/16] Update test macro snippet --- .vscode/tests.code-snippets | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.vscode/tests.code-snippets b/.vscode/tests.code-snippets index 3ee5ceb757..7c24572028 100644 --- a/.vscode/tests.code-snippets +++ b/.vscode/tests.code-snippets @@ -19,7 +19,7 @@ "scope": "javascript, typescript", "prefix": "testMacro", "body": [ - "const ${1:nameMacro} = test.macro({", + "const ${1:nameMacro} = makeMacro({", " exec: async (t: ExecutionContext) => {},", "", " title: (providedTitle = \"\") => `${2:common title} - \\${providedTitle}`,", From 922d6fb888d665134eb982b150b8912dbd48e21a Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Thu, 7 May 2026 14:59:27 +0100 Subject: [PATCH 10/16] Use `makeMacro` instead of `test.macro` --- src/codeql.test.ts | 39 ++--- src/config-utils.test.ts | 177 ++++++++--------------- src/config/db-config.test.ts | 113 ++++++--------- src/diff-informed-analysis-utils.test.ts | 33 ++--- src/init-action-post-helper.test.ts | 12 +- src/init.test.ts | 42 ++---- src/overlay/caching.test.ts | 39 ++--- src/setup-codeql.test.ts | 12 +- src/start-proxy.test.ts | 37 ++--- src/status-report.test.ts | 15 +- src/upload-sarif.test.ts | 19 +-- 11 files changed, 200 insertions(+), 338 deletions(-) diff --git a/src/codeql.test.ts b/src/codeql.test.ts index eccad6895b..08310df2ad 100644 --- a/src/codeql.test.ts +++ b/src/codeql.test.ts @@ -33,6 +33,7 @@ import { mockBundleDownloadApi, makeVersionInfo, createTestConfig, + makeMacro, } from "./testing-utils"; import { ToolsDownloadStatusReport } from "./tools-download"; import * as util from "./util"; @@ -540,7 +541,7 @@ test.serial("getExtraOptions throws for bad content", (t) => { }); // Test macro for ensuring different variants of injected augmented configurations -const injectedConfigMacro = test.macro({ +const injectedConfigMacro = makeMacro({ exec: async ( t: ExecutionContext, augmentationProperties: AugmentationProperties, @@ -590,9 +591,8 @@ const injectedConfigMacro = test.macro({ `databaseInitCluster() injected config: ${providedTitle}`, }); -test.serial( +injectedConfigMacro.serial( "basic", - injectedConfigMacro, { ...defaultAugmentationProperties, }, @@ -600,9 +600,8 @@ test.serial( {}, ); -test.serial( +injectedConfigMacro.serial( "injected packs from input", - injectedConfigMacro, { ...defaultAugmentationProperties, packsInput: ["xxx", "yyy"], @@ -613,9 +612,8 @@ test.serial( }, ); -test.serial( +injectedConfigMacro.serial( "injected packs from input with existing packs combines", - injectedConfigMacro, { ...defaultAugmentationProperties, packsInputCombines: true, @@ -635,9 +633,8 @@ test.serial( }, ); -test.serial( +injectedConfigMacro.serial( "injected packs from input with existing packs overrides", - injectedConfigMacro, { ...defaultAugmentationProperties, packsInput: ["xxx", "yyy"], @@ -655,9 +652,8 @@ test.serial( ); // similar, but with queries -test.serial( +injectedConfigMacro.serial( "injected queries from input", - injectedConfigMacro, { ...defaultAugmentationProperties, queriesInput: [{ uses: "xxx" }, { uses: "yyy" }], @@ -675,9 +671,8 @@ test.serial( }, ); -test.serial( +injectedConfigMacro.serial( "injected queries from input overrides", - injectedConfigMacro, { ...defaultAugmentationProperties, queriesInput: [{ uses: "xxx" }, { uses: "yyy" }], @@ -699,9 +694,8 @@ test.serial( }, ); -test.serial( +injectedConfigMacro.serial( "injected queries from input combines", - injectedConfigMacro, { ...defaultAugmentationProperties, queriesInputCombines: true, @@ -727,9 +721,8 @@ test.serial( }, ); -test.serial( +injectedConfigMacro.serial( "injected queries from input combines 2", - injectedConfigMacro, { ...defaultAugmentationProperties, queriesInputCombines: true, @@ -749,9 +742,8 @@ test.serial( }, ); -test.serial( +injectedConfigMacro.serial( "injected queries and packs, but empty", - injectedConfigMacro, { ...defaultAugmentationProperties, queriesInputCombines: true, @@ -768,9 +760,8 @@ test.serial( {}, ); -test.serial( +injectedConfigMacro.serial( "repo property queries have the highest precedence", - injectedConfigMacro, { ...defaultAugmentationProperties, queriesInputCombines: true, @@ -790,9 +781,8 @@ test.serial( }, ); -test.serial( +injectedConfigMacro.serial( "repo property queries combines with queries input", - injectedConfigMacro, { ...defaultAugmentationProperties, queriesInputCombines: false, @@ -817,9 +807,8 @@ test.serial( }, ); -test.serial( +injectedConfigMacro.serial( "repo property queries combines everything else", - injectedConfigMacro, { ...defaultAugmentationProperties, queriesInputCombines: true, diff --git a/src/config-utils.test.ts b/src/config-utils.test.ts index 25aa414334..e8ca45d2f8 100644 --- a/src/config-utils.test.ts +++ b/src/config-utils.test.ts @@ -34,6 +34,7 @@ import { LoggedMessage, mockCodeQLVersion, createTestConfig, + makeMacro, } from "./testing-utils"; import { GitHubVariant, @@ -1034,10 +1035,9 @@ const defaultOverlayDatabaseModeTestSetup: OverlayDatabaseModeTestSetup = { repositoryProperties: {}, }; -const checkOverlayEnablementMacro = test.macro({ +const checkOverlayEnablementMacro = makeMacro({ exec: async ( t: ExecutionContext, - _title: string, setupOverrides: Partial, expected: | { @@ -1131,11 +1131,10 @@ const checkOverlayEnablementMacro = test.macro({ } }); }, - title: (_, title) => `checkOverlayEnablement: ${title}`, + title: (title) => `checkOverlayEnablement: ${title}`, }); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Environment variable override - Overlay", { overlayDatabaseEnvVar: "overlay", @@ -1146,8 +1145,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Environment variable override - OverlayBase", { overlayDatabaseEnvVar: "overlay-base", @@ -1158,8 +1156,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Environment variable override - None", { overlayDatabaseEnvVar: "none", @@ -1169,8 +1166,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Ignore invalid environment variable", { overlayDatabaseEnvVar: "invalid-mode", @@ -1180,8 +1176,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Ignore feature flag when analyzing non-default branch", { languages: [BuiltInLanguage.javascript], @@ -1192,8 +1187,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay-base database on default branch when feature enabled", { languages: [BuiltInLanguage.javascript], @@ -1206,8 +1200,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay-base database on default branch when feature enabled with custom analysis", { languages: [BuiltInLanguage.javascript], @@ -1223,8 +1216,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay-base database on default branch when code-scanning feature enabled", { languages: [BuiltInLanguage.javascript], @@ -1240,8 +1232,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch if runner disk space is too low", { languages: [BuiltInLanguage.javascript], @@ -1260,8 +1251,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch if we can't determine runner disk space", { languages: [BuiltInLanguage.javascript], @@ -1277,8 +1267,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay-base database on default branch if runner disk space is too low and skip resource checks flag is enabled", { languages: [BuiltInLanguage.javascript], @@ -1299,8 +1288,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch if runner disk space is below v2 limit and v2 resource checks enabled", { languages: [BuiltInLanguage.javascript], @@ -1320,8 +1308,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay-base database on default branch if runner disk space is between v2 and v1 limits and v2 resource checks enabled", { languages: [BuiltInLanguage.javascript], @@ -1342,8 +1329,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch if runner disk space is between v2 and v1 limits and v2 resource checks not enabled", { languages: [BuiltInLanguage.javascript], @@ -1362,8 +1348,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch if memory flag is too low", { languages: [BuiltInLanguage.javascript], @@ -1379,8 +1364,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay-base database on default branch if memory flag is too low but CodeQL >= 2.24.3", { languages: [BuiltInLanguage.javascript], @@ -1398,8 +1382,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay-base database on default branch if memory flag is too low and skip resource checks flag is enabled", { languages: [BuiltInLanguage.javascript], @@ -1417,8 +1400,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch when cached status indicates previous failure", { languages: [BuiltInLanguage.javascript], @@ -1435,8 +1417,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR when cached status indicates previous failure", { languages: [BuiltInLanguage.javascript], @@ -1453,8 +1434,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch when code-scanning feature enabled with disable-default-queries", { languages: [BuiltInLanguage.javascript], @@ -1472,8 +1452,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch when code-scanning feature enabled with packs", { languages: [BuiltInLanguage.javascript], @@ -1491,8 +1470,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch when code-scanning feature enabled with queries", { languages: [BuiltInLanguage.javascript], @@ -1510,8 +1488,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch when code-scanning feature enabled with query-filters", { languages: [BuiltInLanguage.javascript], @@ -1529,8 +1506,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch when only language-specific feature enabled", { languages: [BuiltInLanguage.javascript], @@ -1542,8 +1518,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch when only code-scanning feature enabled", { languages: [BuiltInLanguage.javascript], @@ -1555,8 +1530,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay-base database on default branch when language-specific feature disabled", { languages: [BuiltInLanguage.javascript], @@ -1568,8 +1542,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay analysis on PR when feature enabled", { languages: [BuiltInLanguage.javascript], @@ -1582,8 +1555,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay analysis on PR when feature enabled with custom analysis", { languages: [BuiltInLanguage.javascript], @@ -1599,8 +1571,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay analysis on PR when code-scanning feature enabled", { languages: [BuiltInLanguage.javascript], @@ -1616,8 +1587,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR if runner disk space is too low", { languages: [BuiltInLanguage.javascript], @@ -1636,8 +1606,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay analysis on PR if runner disk space is too low and skip resource checks flag is enabled", { languages: [BuiltInLanguage.javascript], @@ -1658,8 +1627,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR if we can't determine runner disk space", { languages: [BuiltInLanguage.javascript], @@ -1675,8 +1643,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR if memory flag is too low", { languages: [BuiltInLanguage.javascript], @@ -1692,8 +1659,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay analysis on PR if memory flag is too low but CodeQL >= 2.24.3", { languages: [BuiltInLanguage.javascript], @@ -1711,8 +1677,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay analysis on PR if memory flag is too low and skip resource checks flag is enabled", { languages: [BuiltInLanguage.javascript], @@ -1730,8 +1695,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR when code-scanning feature enabled with disable-default-queries", { languages: [BuiltInLanguage.javascript], @@ -1749,8 +1713,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR when code-scanning feature enabled with packs", { languages: [BuiltInLanguage.javascript], @@ -1768,8 +1731,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR when code-scanning feature enabled with queries", { languages: [BuiltInLanguage.javascript], @@ -1787,8 +1749,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR when code-scanning feature enabled with query-filters", { languages: [BuiltInLanguage.javascript], @@ -1806,8 +1767,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR when only language-specific feature enabled", { languages: [BuiltInLanguage.javascript], @@ -1819,8 +1779,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR when only code-scanning feature enabled", { languages: [BuiltInLanguage.javascript], @@ -1832,8 +1791,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis on PR when language-specific feature disabled", { languages: [BuiltInLanguage.javascript], @@ -1845,8 +1803,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay PR analysis by env", { overlayDatabaseEnvVar: "overlay", @@ -1857,8 +1814,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay PR analysis by env on a runner with low disk space", { overlayDatabaseEnvVar: "overlay", @@ -1870,8 +1826,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay PR analysis by feature flag", { languages: [BuiltInLanguage.javascript], @@ -1884,8 +1839,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Fallback due to autobuild with traced language", { overlayDatabaseEnvVar: "overlay", @@ -1897,8 +1851,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Fallback due to no build mode with traced language", { overlayDatabaseEnvVar: "overlay", @@ -1910,8 +1863,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Fallback due to old CodeQL version", { overlayDatabaseEnvVar: "overlay", @@ -1922,8 +1874,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Fallback due to missing git root", { overlayDatabaseEnvVar: "overlay", @@ -1934,8 +1885,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Fallback due to old git version with submodules", { overlayDatabaseEnvVar: "overlay", @@ -1947,8 +1897,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Fallback when git version cannot be determined and repo has submodules", { overlayDatabaseEnvVar: "overlay", @@ -1960,8 +1909,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay enabled when git version cannot be determined and repo has no submodules", { overlayDatabaseEnvVar: "overlay", @@ -1974,8 +1922,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay when disabled via repository property", { languages: [BuiltInLanguage.javascript], @@ -1990,8 +1937,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Overlay not disabled when repository property is false", { languages: [BuiltInLanguage.javascript], @@ -2007,8 +1953,7 @@ test.serial( }, ); -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "Environment variable override takes precedence over repository property", { overlayDatabaseEnvVar: "overlay", @@ -2024,8 +1969,7 @@ test.serial( // Exercise language-specific overlay analysis features code paths for (const language in BuiltInLanguage) { - test.serial( - checkOverlayEnablementMacro, + checkOverlayEnablementMacro.serial( `Check default overlay analysis feature for ${language}`, { languages: [language], @@ -2042,8 +1986,7 @@ for (const language in BuiltInLanguage) { // overlay analysis enabled, even when the base overlay feature flag is on. // Using swift here as it doesn't currently have overlay support — update this if // swift gains overlay support. -test.serial( - checkOverlayEnablementMacro, +checkOverlayEnablementMacro.serial( "No overlay analysis for language without per-language overlay feature flag", { languages: [BuiltInLanguage.swift], diff --git a/src/config/db-config.test.ts b/src/config/db-config.test.ts index d0c11d268e..ca0061e136 100644 --- a/src/config/db-config.test.ts +++ b/src/config/db-config.test.ts @@ -7,6 +7,7 @@ import { checkExpectedLogMessages, getRecordingLogger, LoggedMessage, + makeMacro, } from "../testing-utils"; import { ConfigurationError, prettyPrintPack } from "../util"; @@ -15,7 +16,7 @@ import * as dbConfig from "./db-config"; /** * Test macro for ensuring the packs block is valid */ -const parsePacksMacro = test.macro({ +const parsePacksMacro = makeMacro({ exec: ( t: ExecutionContext, packsInput: string, @@ -33,7 +34,7 @@ const parsePacksMacro = test.macro({ /** * Test macro for testing when the packs block is invalid */ -const parsePacksErrorMacro = test.macro({ +const parsePacksErrorMacro = makeMacro({ exec: ( t: ExecutionContext, packsInput: string, @@ -49,34 +50,32 @@ const parsePacksErrorMacro = test.macro({ /** * Test macro for testing when the packs block is invalid */ -const invalidPackNameMacro = test.macro({ - exec: (t: ExecutionContext, name: string) => - parsePacksErrorMacro.exec( +const invalidPackNameMacro = makeMacro({ + exec: (t: ExecutionContext, arg: string) => + parsePacksErrorMacro.fn( t, - name, + arg, [BuiltInLanguage.cpp], - new RegExp(`^"${name}" is not a valid pack$`), + new RegExp(`^"${arg}" is not a valid pack$`), ), title: (_providedTitle: string | undefined, arg: string | undefined) => `Invalid pack string: ${arg}`, }); -test("no packs", parsePacksMacro, "", [], undefined); -test("two packs", parsePacksMacro, "a/b,c/d@1.2.3", [BuiltInLanguage.cpp], { +parsePacksMacro("no packs", "", [], undefined); +parsePacksMacro("two packs", "a/b,c/d@1.2.3", [BuiltInLanguage.cpp], { [BuiltInLanguage.cpp]: ["a/b", "c/d@1.2.3"], }); -test( +parsePacksMacro( "two packs with spaces", - parsePacksMacro, " a/b , c/d@1.2.3 ", [BuiltInLanguage.cpp], { [BuiltInLanguage.cpp]: ["a/b", "c/d@1.2.3"], }, ); -test( +parsePacksErrorMacro( "two packs with language", - parsePacksErrorMacro, "a/b,c/d@1.2.3", [BuiltInLanguage.cpp, BuiltInLanguage.java], new RegExp( @@ -85,9 +84,8 @@ test( ), ); -test( +parsePacksMacro( "packs with other valid names", - parsePacksMacro, [ // ranges are ok "c/d@1.0", @@ -123,23 +121,23 @@ test( }, ); -test(invalidPackNameMacro, "c"); // all packs require at least a scope and a name -test(invalidPackNameMacro, "c-/d"); -test(invalidPackNameMacro, "-c/d"); -test(invalidPackNameMacro, "c/d_d"); -test(invalidPackNameMacro, "c/d@@"); -test(invalidPackNameMacro, "c/d@1.0.0:"); -test(invalidPackNameMacro, "c/d:"); -test(invalidPackNameMacro, "c/d:/a"); -test(invalidPackNameMacro, "@1.0.0:a"); -test(invalidPackNameMacro, "c/d@../a"); -test(invalidPackNameMacro, "c/d@b/../a"); -test(invalidPackNameMacro, "c/d:z@1"); +invalidPackNameMacro.test("c"); // all packs require at least a scope and a name +invalidPackNameMacro.test("c-/d"); +invalidPackNameMacro.test("-c/d"); +invalidPackNameMacro.test("c/d_d"); +invalidPackNameMacro.test("c/d@@"); +invalidPackNameMacro.test("c/d@1.0.0:"); +invalidPackNameMacro.test("c/d:"); +invalidPackNameMacro.test("c/d:/a"); +invalidPackNameMacro.test("@1.0.0:a"); +invalidPackNameMacro.test("c/d@../a"); +invalidPackNameMacro.test("c/d@b/../a"); +invalidPackNameMacro.test("c/d:z@1"); /** * Test macro for pretty printing pack specs */ -const packSpecPrettyPrintingMacro = test.macro({ +const packSpecPrettyPrintingMacro = makeMacro({ exec: (t: ExecutionContext, packStr: string, packObj: dbConfig.Pack) => { const parsed = dbConfig.parsePacksSpecification(packStr); t.deepEqual(parsed, packObj, "parsed pack spec is correct"); @@ -163,36 +161,35 @@ const packSpecPrettyPrintingMacro = test.macro({ ) => `Prettyprint pack spec: '${packStr}'`, }); -test(packSpecPrettyPrintingMacro, "a/b", { +packSpecPrettyPrintingMacro.test("a/b", { name: "a/b", version: undefined, path: undefined, }); -test(packSpecPrettyPrintingMacro, "a/b@~1.2.3", { +packSpecPrettyPrintingMacro.test("a/b@~1.2.3", { name: "a/b", version: "~1.2.3", path: undefined, }); -test(packSpecPrettyPrintingMacro, "a/b@~1.2.3:abc/def", { +packSpecPrettyPrintingMacro.test("a/b@~1.2.3:abc/def", { name: "a/b", version: "~1.2.3", path: "abc/def", }); -test(packSpecPrettyPrintingMacro, "a/b:abc/def", { +packSpecPrettyPrintingMacro.test("a/b:abc/def", { name: "a/b", version: undefined, path: "abc/def", }); -test(packSpecPrettyPrintingMacro, " a/b:abc/def ", { +packSpecPrettyPrintingMacro.test(" a/b:abc/def ", { name: "a/b", version: undefined, path: "abc/def", }); -const calculateAugmentationMacro = test.macro({ +const calculateAugmentationMacro = makeMacro({ exec: async ( t: ExecutionContext, - _title: string, rawPacksInput: string | undefined, rawQueriesInput: string | undefined, languages: Language[], @@ -207,11 +204,10 @@ const calculateAugmentationMacro = test.macro({ ); t.deepEqual(actualAugmentationProperties, expectedAugmentationProperties); }, - title: (_, title) => `Calculate Augmentation: ${title}`, + title: (title) => `Calculate Augmentation: ${title}`, }); -test( - calculateAugmentationMacro, +calculateAugmentationMacro( "All empty", undefined, undefined, @@ -222,8 +218,7 @@ test( }, ); -test( - calculateAugmentationMacro, +calculateAugmentationMacro( "With queries", undefined, " a, b , c, d", @@ -235,8 +230,7 @@ test( }, ); -test( - calculateAugmentationMacro, +calculateAugmentationMacro( "With queries combining", undefined, " + a, b , c, d ", @@ -249,8 +243,7 @@ test( }, ); -test( - calculateAugmentationMacro, +calculateAugmentationMacro( "With packs", " codeql/a , codeql/b , codeql/c , codeql/d ", undefined, @@ -262,8 +255,7 @@ test( }, ); -test( - calculateAugmentationMacro, +calculateAugmentationMacro( "With packs combining", " + codeql/a, codeql/b, codeql/c, codeql/d", undefined, @@ -276,8 +268,7 @@ test( }, ); -test( - calculateAugmentationMacro, +calculateAugmentationMacro( "With repo property queries", undefined, undefined, @@ -294,8 +285,7 @@ test( }, ); -test( - calculateAugmentationMacro, +calculateAugmentationMacro( "With repo property queries combining", undefined, undefined, @@ -312,10 +302,9 @@ test( }, ); -const calculateAugmentationErrorMacro = test.macro({ +const calculateAugmentationErrorMacro = makeMacro({ exec: async ( t: ExecutionContext, - _title: string, rawPacksInput: string | undefined, rawQueriesInput: string | undefined, languages: Language[], @@ -333,11 +322,10 @@ const calculateAugmentationErrorMacro = test.macro({ { message: expectedError }, ); }, - title: (_, title) => `Calculate Augmentation Error: ${title}`, + title: (title) => `Calculate Augmentation Error: ${title}`, }); -test( - calculateAugmentationErrorMacro, +calculateAugmentationErrorMacro( "Plus (+) with nothing else (queries)", undefined, " + ", @@ -346,8 +334,7 @@ test( /The workflow property "queries" is invalid/, ); -test( - calculateAugmentationErrorMacro, +calculateAugmentationErrorMacro( "Plus (+) with nothing else (packs)", " + ", undefined, @@ -356,8 +343,7 @@ test( /The workflow property "packs" is invalid/, ); -test( - calculateAugmentationErrorMacro, +calculateAugmentationErrorMacro( "Plus (+) with nothing else (repo property queries)", undefined, undefined, @@ -368,8 +354,7 @@ test( /The repository property "github-codeql-extra-queries" is invalid/, ); -test( - calculateAugmentationErrorMacro, +calculateAugmentationErrorMacro( "Packs input with multiple languages", " + a/b, c/d ", undefined, @@ -378,8 +363,7 @@ test( /Cannot specify a 'packs' input in a multi-language analysis/, ); -test( - calculateAugmentationErrorMacro, +calculateAugmentationErrorMacro( "Packs input with no languages", " + a/b, c/d ", undefined, @@ -388,8 +372,7 @@ test( /No languages specified/, ); -test( - calculateAugmentationErrorMacro, +calculateAugmentationErrorMacro( "Invalid packs", " a-pack-without-a-scope ", undefined, diff --git a/src/diff-informed-analysis-utils.test.ts b/src/diff-informed-analysis-utils.test.ts index bec0c2c0ab..0ea71db950 100644 --- a/src/diff-informed-analysis-utils.test.ts +++ b/src/diff-informed-analysis-utils.test.ts @@ -16,6 +16,7 @@ import { mockCodeQLVersion, mockFeatureFlagApiEndpoint, setupActionsVars, + makeMacro, } from "./testing-utils"; import { GitHubVariant, withTmpDir } from "./util"; import type { GitHubVersion } from "./util"; @@ -42,10 +43,9 @@ const defaultTestCase: DiffInformedAnalysisTestCase = { codeQLVersion: "2.21.0", }; -const testShouldPerformDiffInformedAnalysis = test.macro({ +const testShouldPerformDiffInformedAnalysis = makeMacro({ exec: async ( t: ExecutionContext, - _title: string, partialTestCase: Partial, expectedResult: boolean, ) => { @@ -94,18 +94,16 @@ const testShouldPerformDiffInformedAnalysis = test.macro({ getPullRequestBranchesStub.restore(); }); }, - title: (_, title) => `shouldPerformDiffInformedAnalysis: ${title}`, + title: (title) => `shouldPerformDiffInformedAnalysis: ${title}`, }); -test.serial( - testShouldPerformDiffInformedAnalysis, +testShouldPerformDiffInformedAnalysis.serial( "returns true in the default test case", {}, true, ); -test.serial( - testShouldPerformDiffInformedAnalysis, +testShouldPerformDiffInformedAnalysis.serial( "returns false when feature flag is disabled from the API", { featureEnabled: false, @@ -113,8 +111,7 @@ test.serial( false, ); -test.serial( - testShouldPerformDiffInformedAnalysis, +testShouldPerformDiffInformedAnalysis.serial( "returns false when CODEQL_ACTION_DIFF_INFORMED_QUERIES is set to false", { featureEnabled: true, @@ -123,8 +120,7 @@ test.serial( false, ); -test.serial( - testShouldPerformDiffInformedAnalysis, +testShouldPerformDiffInformedAnalysis.serial( "returns true when CODEQL_ACTION_DIFF_INFORMED_QUERIES is set to true", { featureEnabled: false, @@ -133,8 +129,7 @@ test.serial( true, ); -test.serial( - testShouldPerformDiffInformedAnalysis, +testShouldPerformDiffInformedAnalysis.serial( "returns false for CodeQL version 2.20.0", { codeQLVersion: "2.20.0", @@ -142,8 +137,7 @@ test.serial( false, ); -test.serial( - testShouldPerformDiffInformedAnalysis, +testShouldPerformDiffInformedAnalysis.serial( "returns false for invalid GHES version", { gitHubVersion: { @@ -154,8 +148,7 @@ test.serial( false, ); -test.serial( - testShouldPerformDiffInformedAnalysis, +testShouldPerformDiffInformedAnalysis.serial( "returns false for GHES version 3.18.5", { gitHubVersion: { @@ -166,8 +159,7 @@ test.serial( false, ); -test.serial( - testShouldPerformDiffInformedAnalysis, +testShouldPerformDiffInformedAnalysis.serial( "returns true for GHES version 3.19.0", { gitHubVersion: { @@ -178,8 +170,7 @@ test.serial( true, ); -test.serial( - testShouldPerformDiffInformedAnalysis, +testShouldPerformDiffInformedAnalysis.serial( "returns false when not a pull request", { pullRequestBranches: undefined, diff --git a/src/init-action-post-helper.test.ts b/src/init-action-post-helper.test.ts index 8c687b4e94..e368352948 100644 --- a/src/init-action-post-helper.test.ts +++ b/src/init-action-post-helper.test.ts @@ -19,6 +19,7 @@ import { createFeatures, createTestConfig, DEFAULT_ACTIONS_VARS, + makeMacro, makeVersionInfo, RecordingLogger, setupActionsVars, @@ -796,7 +797,7 @@ test.serial( }, ); -const skippedUploadTest = test.macro({ +const skippedUploadTest = makeMacro({ exec: async ( t: ExecutionContext, config: Partial, @@ -823,9 +824,8 @@ const skippedUploadTest = test.macro({ `tryUploadSarifIfRunFailed - skips upload ${providedTitle}`, }); -test.serial( +skippedUploadTest.serial( "without CodeQL command", - skippedUploadTest, // No codeQLCmd { analysisKinds: [AnalysisKind.RiskAssessment], @@ -834,9 +834,8 @@ test.serial( "CodeQL command not found", ); -test.serial( +skippedUploadTest.serial( "if no language is configured", - skippedUploadTest, // No explicit language configuration { analysisKinds: [AnalysisKind.RiskAssessment], @@ -845,9 +844,8 @@ test.serial( "Unexpectedly, the configuration is not for a single language.", ); -test.serial( +skippedUploadTest.serial( "if multiple languages is configured", - skippedUploadTest, // Multiple explicit languages configured { analysisKinds: [AnalysisKind.RiskAssessment], diff --git a/src/init.test.ts b/src/init.test.ts index f7add6a9a5..88ad0c9b18 100644 --- a/src/init.test.ts +++ b/src/init.test.ts @@ -22,6 +22,7 @@ import { createTestConfig, getRecordingLogger, setupTests, + makeMacro, } from "./testing-utils"; import { ConfigurationError, withTmpDir } from "./util"; @@ -158,10 +159,9 @@ type PackInfo = { qlpackFileName?: string; }; -const testCheckPacksForOverlayCompatibility = test.macro({ +const testCheckPacksForOverlayCompatibility = makeMacro({ exec: async ( t: ExecutionContext, - _title: string, { cliOverlayVersion, languages, @@ -234,11 +234,10 @@ const testCheckPacksForOverlayCompatibility = test.macro({ ); }); }, - title: (_, title) => `checkPacksForOverlayCompatibility: ${title}`, + title: (title) => `checkPacksForOverlayCompatibility: ${title}`, }); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns false when CLI does not support overlay", { cliOverlayVersion: undefined, @@ -253,8 +252,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns true when there are no query packs", { cliOverlayVersion: 2, @@ -264,8 +262,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns true when query pack has not been compiled", { cliOverlayVersion: 2, @@ -281,8 +278,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns true when query pack has expected overlay version", { cliOverlayVersion: 2, @@ -297,8 +293,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns true when query packs for all languages to analyze are compatible", { cliOverlayVersion: 2, @@ -317,8 +312,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns true when query pack for a language not analyzed is incompatible", { cliOverlayVersion: 2, @@ -337,8 +331,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns false when query pack for a language to analyze is incompatible", { cliOverlayVersion: 2, @@ -357,8 +350,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns false when query pack is missing .packinfo", { cliOverlayVersion: 2, @@ -377,8 +369,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns false when query pack has different overlay version", { cliOverlayVersion: 2, @@ -397,8 +388,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns false when query pack is missing overlayVersion in .packinfo", { cliOverlayVersion: 2, @@ -417,8 +407,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns false when .packinfo is not valid JSON", { cliOverlayVersion: 2, @@ -437,8 +426,7 @@ test( }, ); -test( - testCheckPacksForOverlayCompatibility, +testCheckPacksForOverlayCompatibility( "returns true when query pack uses codeql-pack.yml filename", { cliOverlayVersion: 2, diff --git a/src/overlay/caching.test.ts b/src/overlay/caching.test.ts index 3a2266a4a9..bc7b699016 100644 --- a/src/overlay/caching.test.ts +++ b/src/overlay/caching.test.ts @@ -13,6 +13,7 @@ import { BuiltInLanguage } from "../languages"; import { getRunnerLogger } from "../logging"; import { createTestConfig, + makeMacro, mockCodeQLVersion, setupTests, } from "../testing-utils"; @@ -51,10 +52,9 @@ const defaultDownloadTestCase: DownloadOverlayBaseDatabaseTestCase = { resolveDatabaseOutput: { overlayBaseSpecifier: "20250626:XXX" }, }; -const testDownloadOverlayBaseDatabaseFromCache = test.macro({ +const testDownloadOverlayBaseDatabaseFromCache = makeMacro({ exec: async ( t, - _title: string, partialTestCase: Partial, expectDownloadSuccess: boolean, ) => { @@ -142,18 +142,16 @@ const testDownloadOverlayBaseDatabaseFromCache = test.macro({ } }); }, - title: (_, title) => `downloadOverlayBaseDatabaseFromCache: ${title}`, + title: (title) => `downloadOverlayBaseDatabaseFromCache: ${title}`, }); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns stats when successful", {}, true, ); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns undefined when mode is OverlayDatabaseMode.OverlayBase", { overlayDatabaseMode: OverlayDatabaseMode.OverlayBase, @@ -161,8 +159,7 @@ test.serial( false, ); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns undefined when mode is OverlayDatabaseMode.None", { overlayDatabaseMode: OverlayDatabaseMode.None, @@ -170,8 +167,7 @@ test.serial( false, ); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns undefined when caching is disabled", { useOverlayDatabaseCaching: false, @@ -179,8 +175,7 @@ test.serial( false, ); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns undefined in test mode", { isInTestMode: true, @@ -188,8 +183,7 @@ test.serial( false, ); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns undefined when cache miss", { restoreCacheResult: undefined, @@ -197,8 +191,7 @@ test.serial( false, ); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns undefined when download fails", { restoreCacheResult: new Error("Download failed"), @@ -206,8 +199,7 @@ test.serial( false, ); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns undefined when downloaded database is invalid", { hasBaseDatabaseOidsFile: false, @@ -215,8 +207,7 @@ test.serial( false, ); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns undefined when downloaded database doesn't have an overlayBaseSpecifier", { resolveDatabaseOutput: {}, @@ -224,8 +215,7 @@ test.serial( false, ); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns undefined when resolving database metadata fails", { resolveDatabaseOutput: new Error("Failed to resolve database metadata"), @@ -233,8 +223,7 @@ test.serial( false, ); -test.serial( - testDownloadOverlayBaseDatabaseFromCache, +testDownloadOverlayBaseDatabaseFromCache.serial( "returns undefined when filesystem error occurs", { tryGetFolderBytesSucceeds: false, diff --git a/src/setup-codeql.test.ts b/src/setup-codeql.test.ts index 555352bd21..fc0ac7b0fb 100644 --- a/src/setup-codeql.test.ts +++ b/src/setup-codeql.test.ts @@ -20,6 +20,7 @@ import { createFeatures, getRecordingLogger, initializeFeatures, + makeMacro, mockBundleDownloadApi, setupActionsVars, setupTests, @@ -473,7 +474,7 @@ test.serial( }, ); -const toolcacheInputFallbackMacro = test.macro({ +const toolcacheInputFallbackMacro = makeMacro({ exec: async ( t: ExecutionContext, featureList: Feature[], @@ -533,9 +534,8 @@ const toolcacheInputFallbackMacro = test.macro({ `getCodeQLSource falls back to downloading the CLI if ${providedTitle}`, }); -test.serial( +toolcacheInputFallbackMacro.serial( "the toolcache doesn't have a CodeQL CLI when tools == toolcache", - toolcacheInputFallbackMacro, [Feature.AllowToolcacheInput], { GITHUB_EVENT_NAME: "dynamic" }, [], @@ -545,9 +545,8 @@ test.serial( ], ); -test.serial( +toolcacheInputFallbackMacro.serial( "the workflow trigger is not `dynamic`", - toolcacheInputFallbackMacro, [Feature.AllowToolcacheInput], { GITHUB_EVENT_NAME: "pull_request" }, [], @@ -556,9 +555,8 @@ test.serial( ], ); -test.serial( +toolcacheInputFallbackMacro.serial( "the feature flag is not enabled", - toolcacheInputFallbackMacro, [], { GITHUB_EVENT_NAME: "dynamic" }, [], diff --git a/src/start-proxy.test.ts b/src/start-proxy.test.ts index 621b8d499e..b2dbc81a40 100644 --- a/src/start-proxy.test.ts +++ b/src/start-proxy.test.ts @@ -18,6 +18,7 @@ import { assertNotLogged, checkExpectedLogMessages, createFeatures, + makeMacro, makeTestToken, RecordingLogger, setupTests, @@ -32,7 +33,7 @@ import { setupTests(test); -const sendFailedStatusReportTest = test.macro({ +const sendFailedStatusReportTest = makeMacro({ exec: async ( t: ExecutionContext, err: Error, @@ -88,16 +89,14 @@ const sendFailedStatusReportTest = test.macro({ title: (providedTitle = "") => `sendFailedStatusReport - ${providedTitle}`, }); -test.serial( +sendFailedStatusReportTest.serial( "reports generic error message for non-StartProxyError error", - sendFailedStatusReportTest, new Error("Something went wrong today"), "Error from start-proxy Action omitted (Error).", ); -test.serial( +sendFailedStatusReportTest.serial( "reports generic error message for non-StartProxyError error with safe error message", - sendFailedStatusReportTest, new Error( startProxyExports.getStartProxyErrorMessage( startProxyExports.StartProxyErrorType.DownloadFailed, @@ -106,9 +105,8 @@ test.serial( "Error from start-proxy Action omitted (Error).", ); -test.serial( +sendFailedStatusReportTest.serial( "reports generic error message for ConfigurationError error", - sendFailedStatusReportTest, new ConfigurationError("Something went wrong today"), "Error from start-proxy Action omitted (ConfigurationError).", "user-error", @@ -414,7 +412,7 @@ test("getCredentials accepts OIDC configurations", (t) => { } }); -const getCredentialsMacro = test.macro({ +const getCredentialsMacro = makeMacro({ exec: async ( t: ExecutionContext, credentials: startProxyExports.RawCredential[], @@ -440,9 +438,8 @@ const getCredentialsMacro = test.macro({ title: (providedTitle = "") => `getCredentials - ${providedTitle}`, }); -test( +getCredentialsMacro( "warns for PAT-like password without a username", - getCredentialsMacro, [ { type: "git_server", @@ -470,9 +467,8 @@ test( }, ); -test( +getCredentialsMacro( "no warning for PAT-like password with a username", - getCredentialsMacro, [ { type: "git_server", @@ -502,9 +498,8 @@ test( }, ); -test( +getCredentialsMacro( "warns for PAT-like token without a username", - getCredentialsMacro, [ { type: "git_server", @@ -532,9 +527,8 @@ test( }, ); -test( +getCredentialsMacro( "no warning for PAT-like token with a username", - getCredentialsMacro, [ { type: "git_server", @@ -796,7 +790,7 @@ test.serial( }, ); -const wrapFailureTest = test.macro({ +const wrapFailureTest = makeMacro({ exec: async ( t: ExecutionContext, setup: () => void, @@ -827,9 +821,8 @@ test.serial("downloadProxy - returns file path on success", async (t) => { }); }); -test.serial( +wrapFailureTest.serial( "downloadProxy", - wrapFailureTest, () => { sinon.stub(toolcache, "downloadTool").throws(); }, @@ -848,9 +841,8 @@ test.serial("extractProxy - returns file path on success", async (t) => { }); }); -test.serial( +wrapFailureTest.serial( "extractProxy", - wrapFailureTest, () => { sinon.stub(toolcache, "extractTar").throws(); }, @@ -874,9 +866,8 @@ test.serial("cacheProxy - returns file path on success", async (t) => { }); }); -test.serial( +wrapFailureTest.serial( "cacheProxy", - wrapFailureTest, () => { sinon.stub(toolcache, "cacheDir").throws(); }, diff --git a/src/status-report.test.ts b/src/status-report.test.ts index 8302e411fa..52132b7649 100644 --- a/src/status-report.test.ts +++ b/src/status-report.test.ts @@ -19,6 +19,7 @@ import { setupTests, setupActionsVars, createTestConfig, + makeMacro, } from "./testing-utils"; import { BuildMode, ConfigurationError, withTmpDir, wrapError } from "./util"; @@ -291,10 +292,9 @@ test.serial( }, ); -const testCreateInitWithConfigStatusReport = test.macro({ +const testCreateInitWithConfigStatusReport = makeMacro({ exec: async ( t, - _title: string, config: Config, expectedReportProperties: Partial, ) => { @@ -337,11 +337,10 @@ const testCreateInitWithConfigStatusReport = test.macro({ } }); }, - title: (_, title) => `createInitWithConfigStatusReport: ${title}`, + title: (title) => `createInitWithConfigStatusReport: ${title}`, }); -test.serial( - testCreateInitWithConfigStatusReport, +testCreateInitWithConfigStatusReport.serial( "returns a value", createTestConfig({ buildMode: BuildMode.None, @@ -355,8 +354,7 @@ test.serial( }, ); -test.serial( - testCreateInitWithConfigStatusReport, +testCreateInitWithConfigStatusReport.serial( "includes packs for a single language", createTestConfig({ buildMode: BuildMode.None, @@ -372,8 +370,7 @@ test.serial( }, ); -test.serial( - testCreateInitWithConfigStatusReport, +testCreateInitWithConfigStatusReport.serial( "includes packs for multiple languages", createTestConfig({ buildMode: BuildMode.None, diff --git a/src/upload-sarif.test.ts b/src/upload-sarif.test.ts index fcd5c3108f..4bfc7268e5 100644 --- a/src/upload-sarif.test.ts +++ b/src/upload-sarif.test.ts @@ -6,7 +6,7 @@ import * as sinon from "sinon"; import { AnalysisKind, getAnalysisConfig } from "./analyses"; import { getRunnerLogger } from "./logging"; -import { createFeatures, setupTests } from "./testing-utils"; +import { createFeatures, makeMacro, setupTests } from "./testing-utils"; import { UploadResult } from "./upload-lib"; import * as uploadLib from "./upload-lib"; import { postProcessAndUploadSarif } from "./upload-sarif"; @@ -43,7 +43,7 @@ function mockPostProcessSarifFiles() { return postProcessSarifFiles; } -const postProcessAndUploadSarifMacro = test.macro({ +const postProcessAndUploadSarifMacro = makeMacro({ exec: async ( t: ExecutionContext, sarifFiles: string[], @@ -123,9 +123,8 @@ const postProcessAndUploadSarifMacro = test.macro({ title: (providedTitle = "") => `processAndUploadSarif - ${providedTitle}`, }); -test.serial( +postProcessAndUploadSarifMacro.serial( "SARIF file", - postProcessAndUploadSarifMacro, ["test.sarif"], (tempDir) => path.join(tempDir, "test.sarif"), { @@ -138,9 +137,8 @@ test.serial( }, ); -test.serial( +postProcessAndUploadSarifMacro.serial( "JSON file", - postProcessAndUploadSarifMacro, ["test.json"], (tempDir) => path.join(tempDir, "test.json"), { @@ -153,9 +151,8 @@ test.serial( }, ); -test.serial( +postProcessAndUploadSarifMacro.serial( "Code Scanning files", - postProcessAndUploadSarifMacro, ["test.json", "test.sarif"], undefined, { @@ -169,9 +166,8 @@ test.serial( }, ); -test.serial( +postProcessAndUploadSarifMacro.serial( "Code Quality file", - postProcessAndUploadSarifMacro, ["test.quality.sarif"], (tempDir) => path.join(tempDir, "test.quality.sarif"), { @@ -184,9 +180,8 @@ test.serial( }, ); -test.serial( +postProcessAndUploadSarifMacro.serial( "Mixed files", - postProcessAndUploadSarifMacro, ["test.sarif", "test.quality.sarif"], undefined, { From d032ee8c476a34c29f935e35e654c48d0fa90b68 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Fri, 10 Apr 2026 12:18:17 +0100 Subject: [PATCH 11/16] Do not run `bundle-metadata.ts` as part of `npm run build` --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index d32144614b..32ce693fde 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,7 @@ "description": "CodeQL action", "scripts": { "_build_comment": "echo 'Run the full build so we typecheck the project and can reuse the transpiled files in npm test'", - "build": "./scripts/check-node-modules.sh && npm run transpile && node build.mjs && npx tsx ./pr-checks/bundle-metadata.ts", + "build": "./scripts/check-node-modules.sh && npm run transpile && node build.mjs", "lint": "eslint --report-unused-disable-directives --max-warnings=0 .", "lint-ci": "SARIF_ESLINT_IGNORE_SUPPRESSED=true eslint --report-unused-disable-directives --max-warnings=0 . --format @microsoft/eslint-formatter-sarif --output-file=eslint.sarif", "lint-fix": "eslint --report-unused-disable-directives --max-warnings=0 . --fix", From 0c80cee8061e24785c6ad1b079c5f4314b827b75 Mon Sep 17 00:00:00 2001 From: Henry Mercer Date: Thu, 7 May 2026 15:39:42 +0100 Subject: [PATCH 12/16] Add explicit error on Windows --- lib/analyze-action-post.js | 3 +++ lib/init-action-post.js | 3 +++ lib/start-proxy-action-post.js | 3 +++ lib/upload-sarif-action-post.js | 3 +++ src/artifact-scanner.ts | 4 ++++ 5 files changed, 16 insertions(+) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index fe47faa574..b7ee97d89a 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -128728,6 +128728,9 @@ async function scanArchiveFile(archivePath, relativeArchivePath, extractDir, log `Maximum archive extraction depth (${MAX_DEPTH}) reached for ${archivePath}` ); } + if (process.platform === "win32") { + throw new Error("Scanning archives is not supported on Windows."); + } const result = { scannedFiles: 0, findings: [] diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 2794b130e2..57b06ab2f5 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -133650,6 +133650,9 @@ async function scanArchiveFile(archivePath, relativeArchivePath, extractDir, log `Maximum archive extraction depth (${MAX_DEPTH}) reached for ${archivePath}` ); } + if (process.platform === "win32") { + throw new Error("Scanning archives is not supported on Windows."); + } const result = { scannedFiles: 0, findings: [] diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 9c40cb5e66..414118377f 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -127590,6 +127590,9 @@ async function scanArchiveFile(archivePath, relativeArchivePath, extractDir, log `Maximum archive extraction depth (${MAX_DEPTH}) reached for ${archivePath}` ); } + if (process.platform === "win32") { + throw new Error("Scanning archives is not supported on Windows."); + } const result = { scannedFiles: 0, findings: [] diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 12d1b216c3..cce51af701 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -127577,6 +127577,9 @@ async function scanArchiveFile(archivePath, relativeArchivePath, extractDir, log `Maximum archive extraction depth (${MAX_DEPTH}) reached for ${archivePath}` ); } + if (process.platform === "win32") { + throw new Error("Scanning archives is not supported on Windows."); + } const result = { scannedFiles: 0, findings: [] diff --git a/src/artifact-scanner.ts b/src/artifact-scanner.ts index 90c4241979..5f238811a1 100644 --- a/src/artifact-scanner.ts +++ b/src/artifact-scanner.ts @@ -156,6 +156,10 @@ async function scanArchiveFile( ); } + if (process.platform === "win32") { + throw new Error("Scanning archives is not supported on Windows."); + } + const result: ScanResult = { scannedFiles: 0, findings: [], From 9739ad2d182c072da0d01a6887f7f39620f71b1e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 15:21:52 +0000 Subject: [PATCH 13/16] Update changelog for v4.35.4 --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fc2b3c83af..21ce549c88 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. -## [UNRELEASED] +## 4.35.4 - 07 May 2026 - Update default CodeQL bundle version to [2.25.4](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4). [#3881](https://github.com/github/codeql-action/pull/3881) From 162709656926887731e0f28af95d7c95f7d76f3b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 15:54:04 +0000 Subject: [PATCH 14/16] Update changelog and version after v4.35.4 --- CHANGELOG.md | 4 ++++ package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 21ce549c88..7463862936 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. +## [UNRELEASED] + +No user facing changes. + ## 4.35.4 - 07 May 2026 - Update default CodeQL bundle version to [2.25.4](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4). [#3881](https://github.com/github/codeql-action/pull/3881) diff --git a/package-lock.json b/package-lock.json index 06055b9bef..7e584388bc 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "4.35.4", + "version": "4.35.5", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "4.35.4", + "version": "4.35.5", "license": "MIT", "workspaces": [ "pr-checks" diff --git a/package.json b/package.json index d32144614b..6cdc0f8008 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "4.35.4", + "version": "4.35.5", "private": true, "description": "CodeQL action", "scripts": { From 272ada693fa1ea75875a3eab499446c881ac9125 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 15:58:38 +0000 Subject: [PATCH 15/16] Rebuild --- lib/analyze-action-post.js | 2 +- lib/analyze-action.js | 2 +- lib/autobuild-action.js | 2 +- lib/init-action-post.js | 2 +- lib/init-action.js | 2 +- lib/resolve-environment-action.js | 2 +- lib/setup-codeql-action.js | 2 +- lib/start-proxy-action-post.js | 2 +- lib/start-proxy-action.js | 2 +- lib/upload-lib.js | 2 +- lib/upload-sarif-action-post.js | 2 +- lib/upload-sarif-action.js | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index b7ee97d89a..0f1b660594 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -126877,7 +126877,7 @@ function getDiffRangesJsonFilePath() { return path2.join(getTemporaryDirectory(), PR_DIFF_RANGE_JSON_FILENAME); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } function getWorkflowEventName() { return getRequiredEnvParam("GITHUB_EVENT_NAME"); diff --git a/lib/analyze-action.js b/lib/analyze-action.js index a0d645e563..7b3ec243cb 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -88803,7 +88803,7 @@ function getDiffRangesJsonFilePath() { return path2.join(getTemporaryDirectory(), PR_DIFF_RANGE_JSON_FILENAME); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } function getWorkflowEventName() { return getRequiredEnvParam("GITHUB_EVENT_NAME"); diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index 5ac767b0a8..be61bdeabf 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -85608,7 +85608,7 @@ function getDiffRangesJsonFilePath() { return path2.join(getTemporaryDirectory(), PR_DIFF_RANGE_JSON_FILENAME); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } function getWorkflowEventName() { return getRequiredEnvParam("GITHUB_EVENT_NAME"); diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 57d7534f8f..b972b1ece8 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -129987,7 +129987,7 @@ function getDiffRangesJsonFilePath() { return path2.join(getTemporaryDirectory(), PR_DIFF_RANGE_JSON_FILENAME); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } function getWorkflowEventName() { return getRequiredEnvParam("GITHUB_EVENT_NAME"); diff --git a/lib/init-action.js b/lib/init-action.js index 9a7cd36d7f..b7cdc23b79 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -86162,7 +86162,7 @@ function getDiffRangesJsonFilePath() { return path2.join(getTemporaryDirectory(), PR_DIFF_RANGE_JSON_FILENAME); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } function getWorkflowEventName() { return getRequiredEnvParam("GITHUB_EVENT_NAME"); diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index c103fb1be4..e1fa46a537 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -85616,7 +85616,7 @@ function getDiffRangesJsonFilePath() { return path2.join(getTemporaryDirectory(), PR_DIFF_RANGE_JSON_FILENAME); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } function getWorkflowEventName() { return getRequiredEnvParam("GITHUB_EVENT_NAME"); diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index 1217a8e539..e86bbb192a 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -85703,7 +85703,7 @@ function getDiffRangesJsonFilePath() { return path2.join(getTemporaryDirectory(), PR_DIFF_RANGE_JSON_FILENAME); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } function getWorkflowEventName() { return getRequiredEnvParam("GITHUB_EVENT_NAME"); diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 414118377f..6f70d70937 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -126824,7 +126824,7 @@ function getTemporaryDirectory() { return value !== void 0 && value !== "" ? value : getRequiredEnvParam("RUNNER_TEMP"); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } var persistedInputsKey = "persisted_inputs"; var restoreInputs = function() { diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 90d38d06c0..39fd56a80a 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -102813,7 +102813,7 @@ function getTemporaryDirectory() { return value !== void 0 && value !== "" ? value : getRequiredEnvParam("RUNNER_TEMP"); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } function getWorkflowEventName() { return getRequiredEnvParam("GITHUB_EVENT_NAME"); diff --git a/lib/upload-lib.js b/lib/upload-lib.js index ff8b734868..f1f90b4c2a 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -88509,7 +88509,7 @@ function getDiffRangesJsonFilePath() { return path2.join(getTemporaryDirectory(), PR_DIFF_RANGE_JSON_FILENAME); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } function getWorkflowEventName() { return getRequiredEnvParam("GITHUB_EVENT_NAME"); diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index cce51af701..11873a244c 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -126824,7 +126824,7 @@ function getTemporaryDirectory() { return value !== void 0 && value !== "" ? value : getRequiredEnvParam("RUNNER_TEMP"); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } var persistedInputsKey = "persisted_inputs"; var restoreInputs = function() { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 03f908ea5a..75e8744beb 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -88537,7 +88537,7 @@ function getDiffRangesJsonFilePath() { return path2.join(getTemporaryDirectory(), PR_DIFF_RANGE_JSON_FILENAME); } function getActionVersion() { - return "4.35.4"; + return "4.35.5"; } function getWorkflowEventName() { return getRequiredEnvParam("GITHUB_EVENT_NAME"); From 2f2dbd2e78fdfcbfe2a8484e3a9c6125af375a0c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 8 May 2026 19:05:11 +0000 Subject: [PATCH 16/16] Bump fast-xml-builder from 1.1.5 to 1.2.0 Bumps [fast-xml-builder](https://github.com/NaturalIntelligence/fast-xml-builder) from 1.1.5 to 1.2.0. - [Changelog](https://github.com/NaturalIntelligence/fast-xml-builder/blob/main/CHANGELOG.md) - [Commits](https://github.com/NaturalIntelligence/fast-xml-builder/compare/v1.1.5...v1.2.0) --- updated-dependencies: - dependency-name: fast-xml-builder dependency-version: 1.2.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- package-lock.json | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index b6250ea4ca..638458e325 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5670,9 +5670,9 @@ "license": "MIT" }, "node_modules/fast-xml-builder": { - "version": "1.1.5", - "resolved": "https://registry.npmjs.org/fast-xml-builder/-/fast-xml-builder-1.1.5.tgz", - "integrity": "sha512-4TJn/8FKLeslLAH3dnohXqE3QSoxkhvaMzepOIZytwJXZO69Bfz0HBdDHzOTOon6G59Zrk6VQ2bEiv1t61rfkA==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/fast-xml-builder/-/fast-xml-builder-1.2.0.tgz", + "integrity": "sha512-00aAWieqff+ZJhsXA4g1g7M8k+7AYoMUUHF+/zFb5U6Uv/P0Vl4QZo84/IcufzYalLuEj9928bXN9PbbFzMF0Q==", "funding": [ { "type": "github", @@ -5681,7 +5681,8 @@ ], "license": "MIT", "dependencies": { - "path-expression-matcher": "^1.1.3" + "path-expression-matcher": "^1.5.0", + "xml-naming": "^0.1.0" } }, "node_modules/fast-xml-parser": { @@ -10223,6 +10224,21 @@ "node": "^20.17.0 || >=22.9.0" } }, + "node_modules/xml-naming": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/xml-naming/-/xml-naming-0.1.0.tgz", + "integrity": "sha512-k8KO9hrMyNk6tUWqUfkTEZbezRRpONVOzUTnc97VnCvyj6Tf9lyUR9EDAIeiVLv56jsMcoXEwjW8Kv5yPY52lw==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/NaturalIntelligence" + } + ], + "license": "MIT", + "engines": { + "node": ">=16.0.0" + } + }, "node_modules/y18n": { "version": "5.0.8", "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz",