Merge pull request #1018 from github/edoardo/revert-codescanning-config

Revert usage of `--codescanning-config` flag

Author: edoardopirovano

CHANGELOG.md

@@ -2,7 +2,7 @@
 
 ## [UNRELEASED]
 
-No user facing changes.
+- A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. [#1018](https://github.com/github/codeql-action/pull/1018)
 
 ## 2.1.6 - 30 Mar 2022
 

lib/analyze.js

@@ -6,7 +6,6 @@ import * as yaml from "js-yaml";
 
 import * as analysisPaths from "./analysis-paths";
 import {
-  CODEQL_VERSION_CONFIG_FILES,
   CODEQL_VERSION_COUNTS_LINES,
   CODEQL_VERSION_NEW_TRACING,
   getCodeQL,
@@ -238,10 +237,7 @@ export async function runQueries(
 
     const codeql = await getCodeQL(config.codeQLCmd);
     try {
-      if (
-        hasPackWithCustomQueries &&
-        !(await util.codeQlVersionAbove(codeql, CODEQL_VERSION_CONFIG_FILES))
-      ) {
+      if (hasPackWithCustomQueries) {
         logger.info("Performing analysis with custom CodeQL Packs.");
         logger.startGroup(`Downloading custom packs for ${language}`);
 

lib/analyze.js.map

@@ -4,7 +4,6 @@ import * as path from "path";
 import * as toolrunner from "@actions/exec/lib/toolrunner";
 import { IHeaders } from "@actions/http-client/interfaces";
 import { default as deepEqual } from "fast-deep-equal";
-import * as yaml from "js-yaml";
 import { default as queryString } from "query-string";
 import * as semver from "semver";
 
@@ -220,7 +219,6 @@ const CODEQL_VERSION_GROUP_RULES = "2.5.5";
 const CODEQL_VERSION_SARIF_GROUP = "2.5.3";
 export const CODEQL_VERSION_COUNTS_LINES = "2.6.2";
 const CODEQL_VERSION_CUSTOM_QUERY_HELP = "2.7.1";
-export const CODEQL_VERSION_CONFIG_FILES = "2.8.2"; // Versions before 2.8.2 weren't tolerant to unknown properties
 export const CODEQL_VERSION_ML_POWERED_QUERIES = "2.7.5";
 
 /**
@@ -735,28 +733,6 @@ async function getCodeQLForCmd(
           extraArgs.push(`--trace-process-level=${processLevel || 3}`);
         }
       }
-      if (await util.codeQlVersionAbove(codeql, CODEQL_VERSION_CONFIG_FILES)) {
-        const configLocation = path.resolve(config.tempDir, "user-config.yaml");
-        const augmentedConfig = config.originalUserInput;
-        if (config.injectedMlQueries) {
-          // We need to inject the ML queries into the original user input before
-          // we pass this on to the CLI, to make sure these get run.
-          const pack = await util.getMlPoweredJsQueriesPack(codeql);
-          const packString =
-            pack.packName + (pack.version ? `@${pack.version}` : "");
-
-          if (augmentedConfig.packs === undefined) augmentedConfig.packs = [];
-          if (Array.isArray(augmentedConfig.packs)) {
-            augmentedConfig.packs.push(packString);
-          } else {
-            if (!augmentedConfig.packs.javascript)
-              augmentedConfig.packs["javascript"] = [];
-            augmentedConfig.packs["javascript"].push(packString);
-          }
-        }
-        fs.writeFileSync(configLocation, yaml.dump(augmentedConfig));
-        extraArgs.push(`--codescanning-config=${configLocation}`);
-      }
       await runTool(cmd, [
         "database",
         "init",
@@ -914,9 +890,7 @@ async function getCodeQLForCmd(
       if (extraSearchPath !== undefined) {
         codeqlArgs.push("--additional-packs", extraSearchPath);
       }
-      if (!(await util.codeQlVersionAbove(this, CODEQL_VERSION_CONFIG_FILES))) {
-        codeqlArgs.push(querySuitePath);
-      }
+      codeqlArgs.push(querySuitePath);
       await runTool(cmd, codeqlArgs);
     },
     async databaseInterpretResults(
@@ -952,9 +926,7 @@ async function getCodeQLForCmd(
         codeqlArgs.push("--sarif-category", automationDetailsId);
       }
       codeqlArgs.push(databasePath);
-      if (!(await util.codeQlVersionAbove(this, CODEQL_VERSION_CONFIG_FILES))) {
-        codeqlArgs.push(...querySuitePaths);
-      }
+      codeqlArgs.push(...querySuitePaths);
       // capture stdout, which contains analysis summaries
       return await runTool(cmd, codeqlArgs);
     },