Merge pull request #1360 from github/update-v2.1.32-33b10be6

Merge main into releases/v2

Author: henrymercer

Diff for: .github/workflows/__export-file-baseline-information.yml

@@ -7,16 +7,19 @@ if [ ! -z "$(git status --porcelain)" ]; then
     >&2 echo "Failed: Repo should be clean before testing!"
     exit 1
 fi
-sudo npm install --force -g npm@latest
+# Pin npm to v8 since v9 doesn't support Node 12.
+# When updating this, make sure to update the npm version in
+# `.github/workflows/update-dependencies.yml` too.
+sudo npm install --force -g npm@^8.19.3
 # Reinstall modules and then clean to remove absolute paths
 # Use 'npm ci' instead of 'npm install' as this is intended to be reproducible
 npm ci
 npm run removeNPMAbsolutePaths
 # Check that repo is still clean
 if [ ! -z "$(git status --porcelain)" ]; then
     # If we get a fail here then the PR needs attention
-    >&2 echo "Failed: node_modules are not up to date. Run 'npm ci && npm run removeNPMAbsolutePaths' on a macOS machine to update. Note it is important this command is run on macOS and not any other operating system as there is one dependency (fsevents) that is needed for macOS and may not be installed if the command is run on a Windows or Linux machine."
+    >&2 echo "Failed: node_modules are not up to date. Add the 'Update dependencies' label to your PR to update them. Note it is important that node modules are updated on macOS and not any other operating system as there is one dependency (fsevents) that is needed for macOS and may not be installed if dependencies are updated on a Windows or Linux machine."
     git status
     exit 1
 fi
-echo "Success: node_modules are up to date"
+echo "Success: node_modules are up to date"

Diff for: .github/workflows/script/check-node-modules.sh

@@ -27,7 +27,10 @@ jobs:
       run: |
         git fetch origin "$BRANCH" --depth=1
         git checkout "origin/$BRANCH"
-        sudo npm install --force -g npm@latest
+        # Pin npm to v8 since v9 doesn't support Node 12.
+        # When updating this, make sure to update the npm version in
+        # `.github/workflows/script/check-node-modules.sh` too.
+        sudo npm install --force -g npm@^8.19.3
         npm install
         npm ci
         npm run removeNPMAbsolutePaths

Diff for: .github/workflows/update-dependencies.yml

@@ -1,5 +1,10 @@
 # CodeQL Action Changelog
 
+## 2.1.32 - 14 Nov 2022
+
+- Update default CodeQL bundle version to 2.11.3. [#1348](https://github.com/github/codeql-action/pull/1348)
+- Update the ML-powered additional query pack for JavaScript to version 0.4.0. [#1351](https://github.com/github/codeql-action/pull/1351)
+
 ## 2.1.31 - 04 Nov 2022
 
 - The `rb/weak-cryptographic-algorithm` Ruby query has been updated to no longer report uses of hash functions such as `MD5` and `SHA1` even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. For more information, see the corresponding change in the [github/codeql repository](https://github.com/github/codeql/pull/11129). [#1344](https://github.com/github/codeql-action/pull/1344)