diff --git a/.github/update-release-branch.py b/.github/update-release-branch.py index ff65abe84d..b17cafc7a7 100644 --- a/.github/update-release-branch.py +++ b/.github/update-release-branch.py @@ -255,10 +255,13 @@ def main(): print(f'No commits to merge from {source_branch} to {target_branch}.') return + # define distinct prefix in order to support specific pr checks on backports + branch_prefix = 'update' if is_primary_release else 'backport' + # The branch name is based off of the name of branch being merged into # and the SHA of the branch being merged from. Thus if the branch already # exists we can assume we don't need to recreate it. - new_branch_name = f'update-v{version}-{source_branch_short_sha}' + new_branch_name = f'{branch_prefix}-v{version}-{source_branch_short_sha}' print(f'Branch name is {new_branch_name}.') # Check if the branch already exists. If so we can abort as this script diff --git a/.github/workflows/debug-artifacts-failure.yml b/.github/workflows/debug-artifacts-failure.yml index 8ac02581eb..f6ebdc60b5 100644 --- a/.github/workflows/debug-artifacts-failure.yml +++ b/.github/workflows/debug-artifacts-failure.yml @@ -39,11 +39,11 @@ jobs: uses: ./.github/actions/prepare-test with: version: latest - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: ^1.13.1 - name: Setup Python on MacOS - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 if: | matrix.os == 'macos-latest' && ( matrix.version == 'stable-20220908' || diff --git a/.github/workflows/debug-artifacts.yml b/.github/workflows/debug-artifacts.yml index 8f38343db2..a3f44e44a1 100644 --- a/.github/workflows/debug-artifacts.yml +++ b/.github/workflows/debug-artifacts.yml @@ -46,11 +46,11 @@ jobs: uses: ./.github/actions/prepare-test with: version: ${{ matrix.version }} - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: ^1.13.1 - name: Setup Python on MacOS - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 if: | matrix.os == 'macos-latest' && ( matrix.version == 'stable-20220908' || diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index bfddd8b35f..db204ff963 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -45,7 +45,7 @@ jobs: uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: 3.11 @@ -70,7 +70,7 @@ jobs: steps: - name: Setup Python on MacOS - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 if: | matrix.os == 'macos-latest' && ( matrix.version == 'stable-20220908' || @@ -88,3 +88,44 @@ jobs: # we won't be able to find them on Windows. npm config set script-shell bash npm test + + check-node-version: + if: ${{ github.event.pull_request }} + name: Check Action Node versions + runs-on: ubuntu-latest + timeout-minutes: 45 + env: + BASE_REF: ${{ github.base_ref }} + + steps: + - uses: actions/checkout@v4 + - id: head-version + name: Verify all Actions use the same Node version + run: | + NODE_VERSION=$(find . -name "action.yml" -exec yq -e '.runs.using' {} \; | grep node | sort | uniq) + echo "NODE_VERSION: ${NODE_VERSION}" + if [[ $(echo "$NODE_VERSION" | wc -l) -gt 1 ]]; then + echo "::error::More than one node version used in 'action.yml' files." + exit 1 + fi + echo "node_version=${NODE_VERSION}" >> $GITHUB_OUTPUT + + - id: checkout-base + name: 'Backport: Check out base ref' + if: ${{ startsWith(github.head_ref, 'backport-') }} + uses: actions/checkout@v4 + with: + ref: ${{ env.BASE_REF }} + + - name: 'Backport: Verify Node versions unchanged' + if: steps.checkout-base.outcome == 'success' + env: + HEAD_VERSION: ${{ steps.head-version.outputs.node_version }} + run: | + BASE_VERSION=$(find . -name "action.yml" -exec yq -e '.runs.using' {} \; | grep node | sort | uniq) + echo "HEAD_VERSION: ${HEAD_VERSION}" + echo "BASE_VERSION: ${BASE_VERSION}" + if [[ "$BASE_VERSION" != "$HEAD_VERSION" ]]; then + echo "::error::Cannot change the Node version of an Action in a backport PR." + exit 1 + fi diff --git a/.github/workflows/python-deps.yml b/.github/workflows/python-deps.yml index 4d054a31aa..23f47d2908 100644 --- a/.github/workflows/python-deps.yml +++ b/.github/workflows/python-deps.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Setup Python on MacOS - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 if: | matrix.os == 'macos-latest' && ( matrix.version == 'stable-20220908' || @@ -151,7 +151,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v4 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: ${{ matrix.python_version }} diff --git a/.github/workflows/python312-windows.yml b/.github/workflows/python312-windows.yml index d4ab319be7..31326de96a 100644 --- a/.github/workflows/python312-windows.yml +++ b/.github/workflows/python312-windows.yml @@ -18,7 +18,7 @@ jobs: runs-on: windows-latest steps: - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: 3.12 diff --git a/.github/workflows/rebuild.yml b/.github/workflows/rebuild.yml index adb42ff84d..3ce62baefb 100644 --- a/.github/workflows/rebuild.yml +++ b/.github/workflows/rebuild.yml @@ -31,7 +31,7 @@ jobs: npm run build - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: 3.11 diff --git a/.github/workflows/update-supported-enterprise-server-versions.yml b/.github/workflows/update-supported-enterprise-server-versions.yml index 5acb194ba5..25f72f0096 100644 --- a/.github/workflows/update-supported-enterprise-server-versions.yml +++ b/.github/workflows/update-supported-enterprise-server-versions.yml @@ -14,7 +14,7 @@ jobs: steps: - name: Setup Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.7" - name: Checkout CodeQL Action diff --git a/CHANGELOG.md b/CHANGELOG.md index 3366d4eaa5..5475564dc3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. +## 2.22.11 - 13 Dec 2023 + +No user facing changes. + ## 2.22.10 - 12 Dec 2023 - Update default CodeQL bundle version to 2.15.4. [#2016](https://github.com/github/codeql-action/pull/2016) diff --git a/analyze/action.yml b/analyze/action.yml index 885f22bc73..11bad29639 100644 --- a/analyze/action.yml +++ b/analyze/action.yml @@ -84,6 +84,6 @@ outputs: sarif-id: description: The ID of the uploaded SARIF file. runs: - using: "node16" + using: node16 main: "../lib/analyze-action.js" post: "../lib/analyze-action-post.js" diff --git a/autobuild/action.yml b/autobuild/action.yml index a6586e31f9..7f68384914 100644 --- a/autobuild/action.yml +++ b/autobuild/action.yml @@ -13,5 +13,5 @@ inputs: $GITHUB_WORKSPACE as its working directory. required: false runs: - using: 'node16' + using: node16 main: '../lib/autobuild-action.js' diff --git a/init/action.yml b/init/action.yml index 0ee9e7858b..ee890b373e 100644 --- a/init/action.yml +++ b/init/action.yml @@ -109,6 +109,6 @@ outputs: codeql-path: description: The path of the CodeQL binary used for analysis runs: - using: 'node16' + using: node16 main: '../lib/init-action.js' post: '../lib/init-action-post.js' diff --git a/lib/autobuild.js b/lib/autobuild.js index fec0b4ebfb..026a84ea4f 100644 --- a/lib/autobuild.js +++ b/lib/autobuild.js @@ -51,11 +51,11 @@ async function determineAutobuildLanguages(config, logger) { * For example, consider a user with the following workflow file: * * ```yml - * - uses: github/codeql-action/init@v2 + * - uses: github/codeql-action/init@v3 * with: * languages: go, java - * - uses: github/codeql-action/autobuild@v2 - * - uses: github/codeql-action/analyze@v2 + * - uses: github/codeql-action/autobuild@v3 + * - uses: github/codeql-action/analyze@v3 * ``` * * - With Go extraction disabled, we will run the Java autobuilder in the diff --git a/lib/init-action-post-helper.test.js b/lib/init-action-post-helper.test.js index 20fa723f1b..3c713dd88e 100644 --- a/lib/init-action-post-helper.test.js +++ b/lib/init-action-post-helper.test.js @@ -92,14 +92,14 @@ const workflow = __importStar(require("./workflow")); }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { category: "my-category", }, @@ -115,14 +115,14 @@ const workflow = __importStar(require("./workflow")); }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { category: "my-category", }, @@ -141,14 +141,14 @@ const workflow = __importStar(require("./workflow")); }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { category: "my-category", }, @@ -194,14 +194,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) { }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { category: "my-category", upload: uploadInput, @@ -225,14 +225,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) { }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { category: "/language:${{ matrix.language }}", }, @@ -251,14 +251,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) { }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { upload: "${{ matrix.language != 'csharp' }}", }, diff --git a/lib/workflow.test.js b/lib/workflow.test.js index ffd9115b17..6b5f6854af 100644 --- a/lib/workflow.test.js +++ b/lib/workflow.test.js @@ -214,9 +214,9 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes }, }, steps: [ - { uses: "actions/checkout@v2" }, - { uses: "github/codeql-action/init@v2" }, - { uses: "github/codeql-action/analyze@v2" }, + { uses: "actions/checkout@v3" }, + { uses: "github/codeql-action/init@v3" }, + { uses: "github/codeql-action/analyze@v3" }, ], }, }, @@ -306,11 +306,11 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes test: steps: - run: "git checkout HEAD^2" - + test2: steps: - run: "git checkout HEAD^2" - + test3: steps: [] `), await (0, codeql_1.getCodeQLForTesting)()); @@ -330,11 +330,11 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes test: steps: - run: "git checkout HEAD^2" - + test2: steps: - run: "git checkout HEAD^2" - + test3: steps: [] `), await (0, codeql_1.getCodeQLForTesting)()); @@ -380,9 +380,9 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes analysis: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 - - uses: github/codeql-action/analyze@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 + - uses: github/codeql-action/analyze@v3 with: category: some-category `), "analysis", {}), "some-category"); @@ -394,9 +394,9 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes analysis: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 - - uses: github/codeql-action/analyze@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 + - uses: github/codeql-action/analyze@v3 `), "analysis", {}), undefined); }); (0, ava_1.default)("getCategoryInputOrThrow returns category for workflow with multiple jobs", (t) => { @@ -406,19 +406,19 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes foo: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 - runs: ./build foo - - uses: github/codeql-action/analyze@v2 + - uses: github/codeql-action/analyze@v3 with: category: foo-category bar: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 - runs: ./build bar - - uses: github/codeql-action/analyze@v2 + - uses: github/codeql-action/analyze@v3 with: category: bar-category `), "bar", {}), "bar-category"); @@ -433,11 +433,11 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes matrix: language: [javascript, python] steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 with: language: \${{ matrix.language }} - - uses: github/codeql-action/analyze@v2 + - uses: github/codeql-action/analyze@v3 with: category: "/language:\${{ matrix.language }}" `), "analysis", { language: "javascript" }), "/language:javascript"); @@ -448,9 +448,9 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes jobs: analysis: steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 - - uses: github/codeql-action/analyze@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 + - uses: github/codeql-action/analyze@v3 with: category: "\${{ github.workflow }}" `), "analysis", {}), { @@ -465,12 +465,12 @@ async function testLanguageAliases(t, matrixLanguages, aliases, expectedErrorMes analysis: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 - - uses: github/codeql-action/analyze@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 + - uses: github/codeql-action/analyze@v3 with: category: some-category - - uses: github/codeql-action/analyze@v2 + - uses: github/codeql-action/analyze@v3 with: category: another-category `), "analysis", {}), { diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index 63536577ca..0510f7ba12 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "2.22.10", + "version": "2.22.11", "lockfileVersion": 3, "requires": true, "packages": { diff --git a/package-lock.json b/package-lock.json index 4a58b5418f..518f49ceed 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "2.22.10", + "version": "2.22.11", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "2.22.10", + "version": "2.22.11", "license": "MIT", "dependencies": { "@actions/artifact": "^1.1.2", diff --git a/package.json b/package.json index fe4e353c0e..deed89e04f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "2.22.10", + "version": "2.22.11", "private": true, "description": "CodeQL action", "scripts": { diff --git a/resolve-environment/action.yml b/resolve-environment/action.yml index aa88a23348..f12f61a22f 100644 --- a/resolve-environment/action.yml +++ b/resolve-environment/action.yml @@ -19,5 +19,5 @@ outputs: environment: description: The inferred build environment configuration. runs: - using: 'node16' + using: node16 main: '../lib/resolve-environment-action.js' diff --git a/src/autobuild.ts b/src/autobuild.ts index bf44462386..f2d78f256b 100644 --- a/src/autobuild.ts +++ b/src/autobuild.ts @@ -38,11 +38,11 @@ export async function determineAutobuildLanguages( * For example, consider a user with the following workflow file: * * ```yml - * - uses: github/codeql-action/init@v2 + * - uses: github/codeql-action/init@v3 * with: * languages: go, java - * - uses: github/codeql-action/autobuild@v2 - * - uses: github/codeql-action/analyze@v2 + * - uses: github/codeql-action/autobuild@v3 + * - uses: github/codeql-action/analyze@v3 * ``` * * - With Go extraction disabled, we will run the Java autobuilder in the diff --git a/src/init-action-post-helper.test.ts b/src/init-action-post-helper.test.ts index bebfe0bc28..eff20f27c4 100644 --- a/src/init-action-post-helper.test.ts +++ b/src/init-action-post-helper.test.ts @@ -91,14 +91,14 @@ test("uploads failed SARIF run with `diagnostics export` if feature flag is off" }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { category: "my-category", }, @@ -115,14 +115,14 @@ test("uploads failed SARIF run with `diagnostics export` if the database doesn't }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { category: "my-category", }, @@ -142,14 +142,14 @@ test("uploads failed SARIF run with database export-diagnostics if the database }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { category: "my-category", }, @@ -199,14 +199,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) { }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { category: "my-category", upload: uploadInput, @@ -234,14 +234,14 @@ test("uploading failed SARIF run succeeds when workflow uses an input with a mat }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { category: "/language:${{ matrix.language }}", }, @@ -261,14 +261,14 @@ test("uploading failed SARIF run fails when workflow uses a complex upload input }, { name: "Initialize CodeQL", - uses: "github/codeql-action/init@v2", + uses: "github/codeql-action/init@v3", with: { languages: "javascript", }, }, { name: "Perform CodeQL Analysis", - uses: "github/codeql-action/analyze@v2", + uses: "github/codeql-action/analyze@v3", with: { upload: "${{ matrix.language != 'csharp' }}", }, diff --git a/src/workflow.test.ts b/src/workflow.test.ts index dbba412ab3..688b34b00f 100644 --- a/src/workflow.test.ts +++ b/src/workflow.test.ts @@ -396,9 +396,9 @@ async function testLanguageAliases( }, }, steps: [ - { uses: "actions/checkout@v2" }, - { uses: "github/codeql-action/init@v2" }, - { uses: "github/codeql-action/analyze@v2" }, + { uses: "actions/checkout@v3" }, + { uses: "github/codeql-action/init@v3" }, + { uses: "github/codeql-action/analyze@v3" }, ], }, }, @@ -516,11 +516,11 @@ test("getWorkflowErrors() should only report the current job's CheckoutWrongHead test: steps: - run: "git checkout HEAD^2" - + test2: steps: - run: "git checkout HEAD^2" - + test3: steps: [] `) as Workflow, @@ -546,11 +546,11 @@ test("getWorkflowErrors() should not report a different job's CheckoutWrongHead" test: steps: - run: "git checkout HEAD^2" - + test2: steps: - run: "git checkout HEAD^2" - + test3: steps: [] `) as Workflow, @@ -652,9 +652,9 @@ test("getCategoryInputOrThrow returns category for simple workflow with category analysis: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 - - uses: github/codeql-action/analyze@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 + - uses: github/codeql-action/analyze@v3 with: category: some-category `) as Workflow, @@ -674,9 +674,9 @@ test("getCategoryInputOrThrow returns undefined for simple workflow without cate analysis: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 - - uses: github/codeql-action/analyze@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 + - uses: github/codeql-action/analyze@v3 `) as Workflow, "analysis", {}, @@ -694,19 +694,19 @@ test("getCategoryInputOrThrow returns category for workflow with multiple jobs", foo: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 - runs: ./build foo - - uses: github/codeql-action/analyze@v2 + - uses: github/codeql-action/analyze@v3 with: category: foo-category bar: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 - runs: ./build bar - - uses: github/codeql-action/analyze@v2 + - uses: github/codeql-action/analyze@v3 with: category: bar-category `) as Workflow, @@ -729,11 +729,11 @@ test("getCategoryInputOrThrow finds category for workflow with language matrix", matrix: language: [javascript, python] steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 with: language: \${{ matrix.language }} - - uses: github/codeql-action/analyze@v2 + - uses: github/codeql-action/analyze@v3 with: category: "/language:\${{ matrix.language }}" `) as Workflow, @@ -753,9 +753,9 @@ test("getCategoryInputOrThrow throws error for workflow with dynamic category", jobs: analysis: steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 - - uses: github/codeql-action/analyze@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 + - uses: github/codeql-action/analyze@v3 with: category: "\${{ github.workflow }}" `) as Workflow, @@ -780,12 +780,12 @@ test("getCategoryInputOrThrow throws error for workflow with multiple calls to a analysis: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: github/codeql-action/init@v2 - - uses: github/codeql-action/analyze@v2 + - uses: actions/checkout@v3 + - uses: github/codeql-action/init@v3 + - uses: github/codeql-action/analyze@v3 with: category: some-category - - uses: github/codeql-action/analyze@v2 + - uses: github/codeql-action/analyze@v3 with: category: another-category `) as Workflow, diff --git a/upload-sarif/action.yml b/upload-sarif/action.yml index a7179c7840..75d8b0a4e0 100644 --- a/upload-sarif/action.yml +++ b/upload-sarif/action.yml @@ -34,5 +34,5 @@ outputs: sarif-id: description: The ID of the uploaded SARIF file. runs: - using: 'node16' + using: node16 main: '../lib/upload-sarif-action.js'