Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the minimum supported version of CodeQL to 2.15.5 #2655

Merged
merged 2 commits into from
Dec 17, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .github/workflows/__go-indirect-tracing-workaround.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 4 additions & 4 deletions .github/workflows/__go-tracing-autobuilder.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 4 additions & 4 deletions .github/workflows/__go-tracing-custom-build-steps.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 4 additions & 4 deletions .github/workflows/__go-tracing-legacy-workflow.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

20 changes: 8 additions & 12 deletions .github/workflows/__multi-language-autodetect.yml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions .github/workflows/debug-artifacts.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,11 @@ jobs:
fail-fast: false
matrix:
version:
- stable-v2.14.6
- stable-v2.15.5
- stable-v2.16.6
- stable-v2.17.6
- stable-v2.18.4
- stable-v2.19.4
- default
- linked
- nightly-latest
Expand Down Expand Up @@ -71,7 +71,7 @@ jobs:
- name: Check expected artifacts exist
shell: bash
run: |
VERSIONS="stable-v2.14.6 stable-v2.15.5 stable-v2.16.6 stable-v2.17.6 stable-v2.18.4 default linked nightly-latest"
VERSIONS="stable-v2.15.5 stable-v2.16.6 stable-v2.17.6 stable-v2.18.4 stable-v2.19.4 default linked nightly-latest"
LANGUAGES="cpp csharp go java javascript python"
for version in $VERSIONS; do
pushd "./my-debug-artifacts-${version//./}"
Expand Down
2 changes: 1 addition & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ Note that the only difference between `v2` and `v3` of the CodeQL Action is the

## [UNRELEASED]

No user facing changes.
- Bump the minimum CodeQL bundle version to 2.15.5. [#2655](https://github.com/github/codeql-action/pull/2655)

## 3.27.9 - 12 Dec 2024

Expand Down
3 changes: 1 addition & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -81,9 +81,8 @@ We typically release new minor versions of the CodeQL Action and Bundle when a n
| `v3.25.11` | `2.17.6` | Enterprise Server 3.14 | |
| `v3.24.11` | `2.16.6` | Enterprise Server 3.13 | |
| `v3.22.12` | `2.15.5` | Enterprise Server 3.12 | |
| `v2.22.1` | `2.14.6` | Enterprise Server 3.11 | Supports CodeQL Action v3, but did not ship with CodeQL Action v3. For more information, see "[Code scanning: deprecation of CodeQL Action v2](https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/#users-of-github-enterprise-server-311)." |

CodeQL Action v2 will stop receiving updates when GHES 3.11 is deprecated.
CodeQL Action v2 has stopped receiving updates now that GHES 3.11 is deprecated.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this need to be part of changelog update?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I jumped the gun on this change by just a little since v2 is not yet officially deprecated. This is something @angelapwen will be working on shortly. GHES 3.11 is getting deprecated on December 19.

I made the change since I thought it would be confusing to remove the line about GFHES 3.11 and keep the line about v2 unchanged.

The last update to the v2 branch should only go in the v2 branch, so I won't put it the changelog on the main branch.


See the full list of GHES release and deprecation dates at [GitHub Enterprise Server releases](https://docs.github.com/en/enterprise-server/admin/all-releases#releases-of-github-enterprise-server).

Expand Down
8 changes: 4 additions & 4 deletions lib/codeql.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion node_modules/.package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "codeql",
"version": "3.27.10",
"version": "3.28.0",
"private": true,
"description": "CodeQL action",
"scripts": {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ description: "Checks that we emit a diagnostic if Go is changed after the init s
# only Linux is affected
operatingSystems: ["ubuntu"]
# pinned to a version which does not support statically linked binaries for indirect tracing
versions: ["stable-v2.14.6"]
versions: ["default"]
steps:
- uses: actions/setup-go@v5
with:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ description: "Checks that we emit a diagnostic if the `file` program is not inst
# only Linux is affected
operatingSystems: ["ubuntu"]
# pinned to a version which does not support statically linked binaries for indirect tracing
versions: ["stable-v2.14.6"]
versions: ["default"]
steps:
- uses: actions/setup-go@v5
with:
Expand Down
2 changes: 1 addition & 1 deletion pr-checks/checks/go-indirect-tracing-workaround.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ description: "Checks that our workaround for indirect tracing for Go 1.21+ on Li
# only Linux is affected
operatingSystems: ["ubuntu"]
# pinned to a version which does not support statically linked binaries for indirect tracing
versions: ["stable-v2.14.6"]
versions: ["default"]
steps:
- uses: actions/setup-go@v5
with:
Expand Down
9 changes: 3 additions & 6 deletions pr-checks/checks/multi-language-autodetect.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,11 @@ steps:
id: init
with:
db-location: "${{ runner.temp }}/customDbLocation"
# Swift is not supported on Ubuntu or codeql 2.14 so we manually exclude it from the list here
languages: ${{ (runner.os == 'Linux' || (runner.os == 'macOS' && matrix.version == 'stable-v2.14.6')) && 'cpp,csharp,go,java,javascript,python,ruby' || '' }}
languages: ${{ runner.os == 'Linux' && 'cpp,csharp,go,java,javascript,python,ruby' || '' }}
tools: ${{ steps.prepare-test.outputs.tools-url }}

- uses: ./../action/.github/actions/setup-swift
# Exclude macos on v2.14.6 since we can not longer run swift on ARM runners
if: runner.os == 'macOS' && matrix.version != 'stable-v2.14.6'
if: runner.os == 'macOS'
with:
codeql-path: ${{ steps.init.outputs.codeql-path }}

Expand Down Expand Up @@ -69,8 +67,7 @@ steps:
fi

- name: Check language autodetect for Swift on macOS
# Exclude macos on v2.14.6 since we can not longer run swift on ARM runners
if: runner.os == 'macOS' && matrix.version != 'stable-v2.14.6'
if: runner.os == 'macOS'
shell: bash
run: |
SWIFT_DB=${{ fromJson(steps.analysis.outputs.db-locations).swift }}
Expand Down
4 changes: 2 additions & 2 deletions pr-checks/sync.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,15 +9,15 @@
# The default set of CodeQL Bundle versions to use for the PR checks.
defaultTestVersions = [
# The oldest supported CodeQL version. If bumping, update `CODEQL_MINIMUM_VERSION` in `codeql.ts`
"stable-v2.14.6",
# The last CodeQL release in the 2.15 series.
"stable-v2.15.5",
# The last CodeQL release in the 2.16 series.
"stable-v2.16.6",
# The last CodeQL release in the 2.17 series.
"stable-v2.17.6",
# The last CodeQL release in the 2.18 series.
"stable-v2.18.4",
# The last CodeQL release in the 2.19 series.
"stable-v2.19.4",
# The default version of CodeQL for Dotcom, as determined by feature flags.
"default",
# The version of CodeQL shipped with the Action in `defaults.json`. During the release process
Expand Down
8 changes: 4 additions & 4 deletions src/codeql.ts
Original file line number Diff line number Diff line change
Expand Up @@ -276,22 +276,22 @@ let cachedCodeQL: CodeQL | undefined = undefined;
* The version flags below can be used to conditionally enable certain features
* on versions newer than this.
*/
const CODEQL_MINIMUM_VERSION = "2.14.6";
const CODEQL_MINIMUM_VERSION = "2.15.5";

/**
* This version will shortly become the oldest version of CodeQL that the Action will run with.
*/
const CODEQL_NEXT_MINIMUM_VERSION = "2.14.6";
const CODEQL_NEXT_MINIMUM_VERSION = "2.15.5";

/**
* This is the version of GHES that was most recently deprecated.
*/
const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.10";
const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.11";

/**
* This is the deprecation date for the version of GHES that was most recently deprecated.
*/
const GHES_MOST_RECENT_DEPRECATION_DATE = "2024-09-24";
const GHES_MOST_RECENT_DEPRECATION_DATE = "2024-12-19";

/** The CLI verbosity level to use for extraction in debug mode. */
const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++";
Expand Down
Loading