diff --git a/.github/workflows/__go-tracing-autobuilder.yml b/.github/workflows/__go-tracing-autobuilder.yml index 85a9fae079..2c52eacac2 100644 --- a/.github/workflows/__go-tracing-autobuilder.yml +++ b/.github/workflows/__go-tracing-autobuilder.yml @@ -27,10 +27,6 @@ jobs: fail-fast: false matrix: include: - - os: ubuntu-latest - version: stable-v2.16.6 - - os: macos-latest - version: stable-v2.16.6 - os: ubuntu-latest version: stable-v2.17.6 - os: macos-latest @@ -47,6 +43,10 @@ jobs: version: stable-v2.20.7 - os: macos-latest version: stable-v2.20.7 + - os: ubuntu-latest + version: stable-v2.21.4 + - os: macos-latest + version: stable-v2.21.4 - os: ubuntu-latest version: default - os: macos-latest diff --git a/.github/workflows/__go-tracing-custom-build-steps.yml b/.github/workflows/__go-tracing-custom-build-steps.yml index 02f1e1dac9..4192af3144 100644 --- a/.github/workflows/__go-tracing-custom-build-steps.yml +++ b/.github/workflows/__go-tracing-custom-build-steps.yml @@ -27,10 +27,6 @@ jobs: fail-fast: false matrix: include: - - os: ubuntu-latest - version: stable-v2.16.6 - - os: macos-latest - version: stable-v2.16.6 - os: ubuntu-latest version: stable-v2.17.6 - os: macos-latest @@ -47,6 +43,10 @@ jobs: version: stable-v2.20.7 - os: macos-latest version: stable-v2.20.7 + - os: ubuntu-latest + version: stable-v2.21.4 + - os: macos-latest + version: stable-v2.21.4 - os: ubuntu-latest version: default - os: macos-latest diff --git a/.github/workflows/__go-tracing-legacy-workflow.yml b/.github/workflows/__go-tracing-legacy-workflow.yml index b6049c158d..bc748bf384 100644 --- a/.github/workflows/__go-tracing-legacy-workflow.yml +++ b/.github/workflows/__go-tracing-legacy-workflow.yml @@ -27,10 +27,6 @@ jobs: fail-fast: false matrix: include: - - os: ubuntu-latest - version: stable-v2.16.6 - - os: macos-latest - version: stable-v2.16.6 - os: ubuntu-latest version: stable-v2.17.6 - os: macos-latest @@ -47,6 +43,10 @@ jobs: version: stable-v2.20.7 - os: macos-latest version: stable-v2.20.7 + - os: ubuntu-latest + version: stable-v2.21.4 + - os: macos-latest + version: stable-v2.21.4 - os: ubuntu-latest version: default - os: macos-latest diff --git a/.github/workflows/__multi-language-autodetect.yml b/.github/workflows/__multi-language-autodetect.yml index 2d8c934173..6847bc26e7 100644 --- a/.github/workflows/__multi-language-autodetect.yml +++ b/.github/workflows/__multi-language-autodetect.yml @@ -27,10 +27,6 @@ jobs: fail-fast: false matrix: include: - - os: macos-latest - version: stable-v2.16.6 - - os: ubuntu-latest - version: stable-v2.16.6 - os: macos-latest version: stable-v2.17.6 - os: ubuntu-latest @@ -47,6 +43,10 @@ jobs: version: stable-v2.20.7 - os: ubuntu-latest version: stable-v2.20.7 + - os: macos-latest + version: stable-v2.21.4 + - os: ubuntu-latest + version: stable-v2.21.4 - os: macos-latest version: default - os: ubuntu-latest diff --git a/CHANGELOG.md b/CHANGELOG.md index c83e369486..8a0e89e374 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. +## 3.29.5 - 29 Jul 2025 + +- Update default CodeQL bundle version to 2.22.2. [#2986](https://github.com/github/codeql-action/pull/2986) + ## 3.29.4 - 23 Jul 2025 No user facing changes. @@ -24,6 +28,10 @@ No user facing changes. - Update default CodeQL bundle version to 2.22.0. [#2925](https://github.com/github/codeql-action/pull/2925) - Bump minimum CodeQL bundle version to 2.16.6. [#2912](https://github.com/github/codeql-action/pull/2912) +## 3.28.21 - 28 July 2025 + +No user facing changes. + ## 3.28.20 - 21 July 2025 - Remove support for combining SARIF files from a single upload for GHES 3.18, see [the changelog post](https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/). [#2959](https://github.com/github/codeql-action/pull/2959) diff --git a/README.md b/README.md index 3e6c09c396..c5b8eab811 100644 --- a/README.md +++ b/README.md @@ -70,11 +70,11 @@ We typically release new minor versions of the CodeQL Action and Bundle when a n | Minimum CodeQL Action | Minimum CodeQL Bundle Version | GitHub Environment | Notes | |-----------------------|-------------------------------|--------------------|-------| +| `v3.28.21` | `2.21.3` | Enterprise Server 3.18 | | | `v3.28.12` | `2.20.7` | Enterprise Server 3.17 | | | `v3.28.6` | `2.20.3` | Enterprise Server 3.16 | | | `v3.28.6` | `2.20.3` | Enterprise Server 3.15 | | | `v3.28.6` | `2.20.3` | Enterprise Server 3.14 | | -| `v3.28.6` | `2.20.3` | Enterprise Server 3.13 | | See the full list of GHES release and deprecation dates at [GitHub Enterprise Server releases](https://docs.github.com/en/enterprise-server/admin/all-releases#releases-of-github-enterprise-server). diff --git a/lib/api-compatibility.json b/lib/api-compatibility.json index 6dabeea1ca..58f645ff2b 100644 --- a/lib/api-compatibility.json +++ b/lib/api-compatibility.json @@ -1 +1 @@ -{ "maximumVersion": "3.18", "minimumVersion": "3.13" } +{ "maximumVersion": "3.18", "minimumVersion": "3.14" } diff --git a/lib/codeql.js b/lib/codeql.js index 78ec201442..314be3f2aa 100644 --- a/lib/codeql.js +++ b/lib/codeql.js @@ -78,15 +78,15 @@ const CODEQL_MINIMUM_VERSION = "2.16.6"; /** * This version will shortly become the oldest version of CodeQL that the Action will run with. */ -const CODEQL_NEXT_MINIMUM_VERSION = "2.16.6"; +const CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; /** * This is the version of GHES that was most recently deprecated. */ -const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.12"; +const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; /** * This is the deprecation date for the version of GHES that was most recently deprecated. */ -const GHES_MOST_RECENT_DEPRECATION_DATE = "2025-04-03"; +const GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; /** The CLI verbosity level to use for extraction in debug mode. */ const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; /* diff --git a/lib/defaults.json b/lib/defaults.json index 7dff90930f..d8d174e08a 100644 --- a/lib/defaults.json +++ b/lib/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.22.1", - "cliVersion": "2.22.1", - "priorBundleVersion": "codeql-bundle-v2.22.0", - "priorCliVersion": "2.22.0" + "bundleVersion": "codeql-bundle-v2.22.2", + "cliVersion": "2.22.2", + "priorBundleVersion": "codeql-bundle-v2.22.1", + "priorCliVersion": "2.22.1" } diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index f78e2ab148..7dc638986b 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "3.29.4", + "version": "3.29.5", "lockfileVersion": 3, "requires": true, "packages": { @@ -823,9 +823,9 @@ } }, "node_modules/@eslint/js": { - "version": "9.31.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.31.0.tgz", - "integrity": "sha512-LOm5OVt7D4qiKCqoiPbA7LWmI+tbw1VbTUowBcUMgQSuM6poJufkFkYDcQpo5KfgD39TnNySV26QjOh7VFpSyw==", + "version": "9.32.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.32.0.tgz", + "integrity": "sha512-BBpRFZK3eX6uMLKz8WxFOBIFFcGFJ/g8XuwjTHCqHROSIsopI+ddn/d5Cfh36+7+e5edVS8dbSHnBNhrLEX0zg==", "dev": true, "license": "MIT", "engines": { @@ -6511,9 +6511,9 @@ "license": "MIT" }, "node_modules/nock": { - "version": "14.0.6", - "resolved": "https://registry.npmjs.org/nock/-/nock-14.0.6.tgz", - "integrity": "sha512-67n1OfusL/ON57fwFJ6ZurSJa/msYVQmqlz9rCel2HJYj4Zeb8v9TcmRdEW+PV2i9Fm2358umSvzZukhw/E8DA==", + "version": "14.0.7", + "resolved": "https://registry.npmjs.org/nock/-/nock-14.0.7.tgz", + "integrity": "sha512-ubwvvhSzNPqc7Nm3a/iYolwqb7lo1zfllDKO1ODsYu3KnarmQEya5yV70ZUwhVxYIl1ePuX3W+lHw2un+pUfpQ==", "dev": true, "license": "MIT", "dependencies": { diff --git a/node_modules/@eslint/js/package.json b/node_modules/@eslint/js/package.json index 7d7394b3f9..0c2e8bae38 100644 --- a/node_modules/@eslint/js/package.json +++ b/node_modules/@eslint/js/package.json @@ -1,6 +1,6 @@ { "name": "@eslint/js", - "version": "9.31.0", + "version": "9.32.0", "description": "ESLint JavaScript language implementation", "funding": "https://eslint.org/donate", "main": "./src/index.js", diff --git a/node_modules/nock/README.md b/node_modules/nock/README.md index 01d5f4a5a1..54bdc58d65 100644 --- a/node_modules/nock/README.md +++ b/node_modules/nock/README.md @@ -91,6 +91,7 @@ For instance, if a module performs HTTP requests to a CouchDB server or makes HT - [Requests made by ES Modules are not intercepted](#requests-made-by-es-modules-are-not-intercepted) - [Axios](#axios) - [Memory issues with Jest](#memory-issues-with-jest) + - [Fake timers](#fake-timers) - [Debugging](#debugging) - [Contributing](#contributing) - [Contributors](#contributors) @@ -1613,6 +1614,86 @@ One of the core principles of [Jest](https://jestjs.io/) is that it runs tests i It does this by manipulating the modules cache of Node in a way that conflicts with how Nock monkey patches the builtin `http` and `https` modules. [Related issue with more details](https://github.com/nock/nock/issues/1817). +### Fake timers + +### Jest + +To use `nock` in conjunction with `jest` fake timers, make sure you're using the "async" functions when advancing the +timers, such as `jest.advanceTimersByTimeAsync()` or `jest.runAllTimersAsync()`. Otherwise, the timers will not be +advanced correctly and you'll experience a timeout in your tests. + +```js +test('should mock a request with fake timers', async () => { + jest.useFakeTimers() + + const scope = nock('https://example.com') + .get('/path') + .delay(1000) + .reply(200, 'response') + + // Simulate a request + const request = got('https://example.com/path') + + // Fast-forward time + await jest.advanceTimersByTimeAsync(1000) + + // Or advance all timers + await jest.runAllTimersAsync() + + // Wait for the request to complete + const response = await request + + expect(response.body).toBe('response') + jest.useRealTimers() // Restore real timers after the test + scope.done() +}) +``` + +In case you don't need testing delays, you can instruct `jest` to advance the timers automatically using the +`advanceTimers` option + +```js +jest.useFakeTimers({ advanceTimers: true }) +``` + +### Sinon + +In a similar way to `jest`, if you are using `sinon` fake timers, you should use the `clock.tickAsync()` or +`clock.runAllAsync()` methods to advance the timers correctly. + +```js +it('should us sinon timers', async () => { + clock = sinon.useFakeTimers() + const scope = nock('https://example.com') + .get('/path') + .delay(1000) + .reply(200, 'response') + + // Simulate a request + const request = got('https://example.com/path') + + // Fast-forward time + await clock.tickAsync(1000) + + // Or run all timers + await clock.runAllAsync() + + // Wait for the request to complete + const response = await request + + expect(response.body).toBe('response') + clock.restore() + scope.done() +}) +``` + +Same applies for `sinon`, if you don't need testing delays, you can instruct `sinon` to advance the timers automatically +using the `shouldAdvanceTime` option + +```js +clock = sinon.useFakeTimers({ shouldAdvanceTime: true }) +``` + ## Debugging Nock uses node internals [`debuglog`](https://nodejs.org/api/util.html#utildebuglogsection-callbackg), so just run with environmental variable `NODE_DEBUG` set to `nock:*`. diff --git a/node_modules/nock/lib/common.js b/node_modules/nock/lib/common.js index 312bf1c260..0d8035ffcd 100644 --- a/node_modules/nock/lib/common.js +++ b/node_modules/nock/lib/common.js @@ -1,7 +1,6 @@ 'use strict' const { common: debug } = require('./debug') -const timers = require('timers') const url = require('url') const util = require('util') const http = require('http') @@ -521,24 +520,36 @@ function deepEqual(expected, actual) { const timeouts = new Set() const immediates = new Set() -const wrapTimer = - (timer, ids) => - (callback, ...timerArgs) => { - const cb = (...callbackArgs) => { - try { - // eslint-disable-next-line n/no-callback-literal - callback(...callbackArgs) - } finally { - ids.delete(id) - } +const _setImmediate = (callback, ...timerArgs) => { + const cb = (...callbackArgs) => { + try { + // eslint-disable-next-line n/no-callback-literal + callback(...callbackArgs) + } finally { + immediates.delete(id) + } + } + + const id = setImmediate(cb, 0, ...timerArgs) + + immediates.add(id) + return id +} + +const _setTimeout = (callback, ...timerArgs) => { + const cb = (...callbackArgs) => { + try { + // eslint-disable-next-line n/no-callback-literal + callback(...callbackArgs) + } finally { + timeouts.delete(id) } - const id = timer(cb, ...timerArgs) - ids.add(id) - return id } -const setTimeout = wrapTimer(timers.setTimeout, timeouts) -const setImmediate = wrapTimer(timers.setImmediate, immediates) + const id = setTimeout(cb, ...timerArgs) + timeouts.add(id) + return id +} function clearTimer(clear, ids) { ids.forEach(clear) @@ -714,8 +725,8 @@ module.exports = { percentDecode, percentEncode, removeAllTimers, - setImmediate, - setTimeout, + setImmediate: _setImmediate, + setTimeout: _setTimeout, stringifyRequest, convertFetchRequestToClientRequest, } diff --git a/node_modules/nock/package.json b/node_modules/nock/package.json index eab5d44d7b..7166a8ccaf 100644 --- a/node_modules/nock/package.json +++ b/node_modules/nock/package.json @@ -7,7 +7,7 @@ "testing", "isolation" ], - "version": "14.0.6", + "version": "14.0.7", "author": "Pedro Teixeira ", "repository": { "type": "git", diff --git a/package-lock.json b/package-lock.json index 4f9a5394b6..4d100f13f9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "3.29.4", + "version": "3.29.5", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "3.29.4", + "version": "3.29.5", "license": "MIT", "dependencies": { "@actions/artifact": "^2.3.1", @@ -47,7 +47,7 @@ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.3.1", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.31.0", + "@eslint/js": "^9.32.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@types/archiver": "^6.0.3", "@types/console-log-level": "^1.4.5", @@ -66,7 +66,7 @@ "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", "eslint-plugin-no-async-foreach": "^0.1.1", - "nock": "^14.0.6", + "nock": "^14.0.7", "removeNPMAbsolutePaths": "3.0.1", "sinon": "^21.0.0", "typescript": "^5.8.3" @@ -891,9 +891,9 @@ } }, "node_modules/@eslint/js": { - "version": "9.31.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.31.0.tgz", - "integrity": "sha512-LOm5OVt7D4qiKCqoiPbA7LWmI+tbw1VbTUowBcUMgQSuM6poJufkFkYDcQpo5KfgD39TnNySV26QjOh7VFpSyw==", + "version": "9.32.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.32.0.tgz", + "integrity": "sha512-BBpRFZK3eX6uMLKz8WxFOBIFFcGFJ/g8XuwjTHCqHROSIsopI+ddn/d5Cfh36+7+e5edVS8dbSHnBNhrLEX0zg==", "dev": true, "license": "MIT", "engines": { @@ -6579,9 +6579,9 @@ "license": "MIT" }, "node_modules/nock": { - "version": "14.0.6", - "resolved": "https://registry.npmjs.org/nock/-/nock-14.0.6.tgz", - "integrity": "sha512-67n1OfusL/ON57fwFJ6ZurSJa/msYVQmqlz9rCel2HJYj4Zeb8v9TcmRdEW+PV2i9Fm2358umSvzZukhw/E8DA==", + "version": "14.0.7", + "resolved": "https://registry.npmjs.org/nock/-/nock-14.0.7.tgz", + "integrity": "sha512-ubwvvhSzNPqc7Nm3a/iYolwqb7lo1zfllDKO1ODsYu3KnarmQEya5yV70ZUwhVxYIl1ePuX3W+lHw2un+pUfpQ==", "dev": true, "license": "MIT", "dependencies": { diff --git a/package.json b/package.json index afe6b2fa6d..028d7b43e4 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "3.29.4", + "version": "3.29.5", "private": true, "description": "CodeQL action", "scripts": { @@ -60,7 +60,7 @@ "@ava/typescript": "6.0.0", "@eslint/compat": "^1.3.1", "@eslint/eslintrc": "^3.3.1", - "@eslint/js": "^9.31.0", + "@eslint/js": "^9.32.0", "@microsoft/eslint-formatter-sarif": "^3.1.0", "@types/archiver": "^6.0.3", "@types/console-log-level": "^1.4.5", @@ -79,7 +79,7 @@ "eslint-plugin-github": "^5.1.8", "eslint-plugin-import": "2.29.1", "eslint-plugin-no-async-foreach": "^0.1.1", - "nock": "^14.0.6", + "nock": "^14.0.7", "removeNPMAbsolutePaths": "3.0.1", "sinon": "^21.0.0", "typescript": "^5.8.3" diff --git a/pr-checks/sync.py b/pr-checks/sync.py index c8a2ff196f..61ec0bb1c5 100755 --- a/pr-checks/sync.py +++ b/pr-checks/sync.py @@ -9,8 +9,6 @@ # The default set of CodeQL Bundle versions to use for the PR checks. defaultTestVersions = [ # The oldest supported CodeQL version. If bumping, update `CODEQL_MINIMUM_VERSION` in `codeql.ts` - "stable-v2.16.6", - # The last CodeQL release in the 2.17 series. "stable-v2.17.6", # The last CodeQL release in the 2.18 series. "stable-v2.18.4", @@ -18,6 +16,8 @@ "stable-v2.19.4", # The last CodeQL release in the 2.20 series. "stable-v2.20.7", + # The last CodeQL release in the 2.21 series. + "stable-v2.21.4", # The default version of CodeQL for Dotcom, as determined by feature flags. "default", # The version of CodeQL shipped with the Action in `defaults.json`. During the release process diff --git a/src/api-compatibility.json b/src/api-compatibility.json index efa09acf97..cb3dd14fae 100644 --- a/src/api-compatibility.json +++ b/src/api-compatibility.json @@ -1 +1 @@ -{"maximumVersion": "3.18", "minimumVersion": "3.13"} +{"maximumVersion": "3.18", "minimumVersion": "3.14"} diff --git a/src/codeql.ts b/src/codeql.ts index 7d82af72a0..057225418a 100644 --- a/src/codeql.ts +++ b/src/codeql.ts @@ -290,17 +290,17 @@ const CODEQL_MINIMUM_VERSION = "2.16.6"; /** * This version will shortly become the oldest version of CodeQL that the Action will run with. */ -const CODEQL_NEXT_MINIMUM_VERSION = "2.16.6"; +const CODEQL_NEXT_MINIMUM_VERSION = "2.17.6"; /** * This is the version of GHES that was most recently deprecated. */ -const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.12"; +const GHES_VERSION_MOST_RECENTLY_DEPRECATED = "3.13"; /** * This is the deprecation date for the version of GHES that was most recently deprecated. */ -const GHES_MOST_RECENT_DEPRECATION_DATE = "2025-04-03"; +const GHES_MOST_RECENT_DEPRECATION_DATE = "2025-06-19"; /** The CLI verbosity level to use for extraction in debug mode. */ const EXTRACTION_DEBUG_MODE_VERBOSITY = "progress++"; diff --git a/src/defaults.json b/src/defaults.json index b99e6e688c..b852db8c53 100644 --- a/src/defaults.json +++ b/src/defaults.json @@ -1,6 +1,6 @@ { - "bundleVersion": "codeql-bundle-v2.22.1", - "cliVersion": "2.22.1", - "priorBundleVersion": "codeql-bundle-v2.22.0", - "priorCliVersion": "2.22.0" + "bundleVersion": "codeql-bundle-v2.22.2", + "cliVersion": "2.22.2", + "priorBundleVersion": "codeql-bundle-v2.22.1", + "priorCliVersion": "2.22.1" }