Skip to content

Merge main into releases/v4 #3371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
henrymercer merged 39 commits into from
Dec 16, 2025
Merged

Merge main into releases/v4 #3371

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
39 commits
Select commit Hold shift + click to select a range
0ffebf7
Bump the npm-minor group with 5 updates
dependabot[bot] Dec 8, 2025
b73d396
Rebuild
github-actions[bot] Dec 8, 2025
44570be
Bump the actions-minor group across 1 directory with 2 updates
dependabot[bot] Dec 8, 2025
cd48547
Rebuild
github-actions[bot] Dec 8, 2025
7a55ffe
Determine CodeQL version from feature flags on GHEC-DR
henrymercer Dec 10, 2025
1fc7d37
Rename GHE_DOTCOM to GHEC_DR
henrymercer Dec 10, 2025
da50124
Update PR template to include GHEC-DR
henrymercer Dec 10, 2025
805b7e1
Clean up JavaMinimizeDependencyJars feature flag
nickrolfe Dec 11, 2025
4564f5e
Update changelog and version after v4.31.8
github-actions[bot] Dec 12, 2025
65bad62
Rebuild
github-actions[bot] Dec 12, 2025
4b675e4
Merge pull request #3356 from github/mergeback/v4.31.8-to-main-1b168cd3
oscarsj Dec 12, 2025
8e921c3
Return status report from `cleanupAndUploadDatabases`
henrymercer Dec 11, 2025
5d063dd
Populate database upload results telemetry
henrymercer Dec 11, 2025
2ac846d
Merge branch 'main' into dependabot/npm_and_yarn/npm-minor-38a2a793c5
henrymercer Dec 15, 2025
0264b51
Merge pull request #3348 from github/dependabot/npm_and_yarn/npm-mino…
henrymercer Dec 15, 2025
7e0b77e
Merge pull request #3349 from github/dependabot/github_actions/dot-gi…
henrymercer Dec 15, 2025
b1dea65
Make `postProcessAndUploadSarif` the default
mbg Nov 17, 2025
009fe6b
Remove `AnalyzeUseNewUpload` FF
mbg Nov 17, 2025
b30cb9a
Merge branch 'main' into mbg/ff/make-new-upload-default
mbg Dec 15, 2025
a539068
Bump ruby/setup-ruby
dependabot[bot] Dec 15, 2025
6dbc22c
Bump actions/download-artifact from 6 to 7 in /.github/workflows
dependabot[bot] Dec 15, 2025
034374e
Bump actions/upload-artifact from 5 to 6 in /.github/workflows
dependabot[bot] Dec 15, 2025
d6c1a79
Rebuild
github-actions[bot] Dec 15, 2025
7fd7db3
Rebuild
github-actions[bot] Dec 15, 2025
a682bbe
Merge pull request #3309 from github/mbg/ff/make-new-upload-default
mbg Dec 15, 2025
07cd437
Merge pull request #3366 from github/dependabot/github_actions/dot-gi…
mbg Dec 15, 2025
d0ad1da
Merge pull request #3364 from github/dependabot/github_actions/dot-gi…
mbg Dec 15, 2025
c2d4383
Merge branch 'main' into dependabot/github_actions/dot-github/workflo…
mbg Dec 15, 2025
b5e1a28
Merge pull request #3365 from github/dependabot/github_actions/dot-gi…
mbg Dec 16, 2025
a2ee53c
Use full names for GitHub variants
henrymercer Dec 16, 2025
c07cc0d
Merge pull request #3351 from github/henrymercer/ghec-dr-determine-to…
henrymercer Dec 16, 2025
0cb8633
Prefer `performance.now()`
henrymercer Dec 16, 2025
ae5de9a
Use `getErrorMessage` in log too
henrymercer Dec 16, 2025
19c7f96
Rename `isOverlayBase`
henrymercer Dec 16, 2025
e962687
Merge branch 'main' into henrymercer/database-upload-telemetry
henrymercer Dec 16, 2025
d29eddb
Extract version number to constant
nickrolfe Dec 16, 2025
5eb7519
Merge pull request #3358 from github/henrymercer/database-upload-tele…
henrymercer Dec 16, 2025
998798e
Merge pull request #3352 from github/nickrolfe/jar-min-ff-cleanup
nickrolfe Dec 16, 2025
1dc115f
Update changelog for v4.31.9
github-actions[bot] Dec 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 33 additions & 10 deletions lib/analyze-action.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

24 changes: 16 additions & 8 deletions src/analyze-action.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,10 @@ import { runAutobuild } from "./autobuild";
import { getTotalCacheSize, shouldStoreCache } from "./caching-utils";
import { getCodeQL } from "./codeql";
import { Config, getConfig } from "./config-utils";
import { cleanupAndUploadDatabases } from "./database-upload";
import {
cleanupAndUploadDatabases,
DatabaseUploadResult,
} from "./database-upload";
import {
DependencyCacheUploadStatusReport,
uploadDependencyCaches,
Expand Down Expand Up @@ -54,15 +57,13 @@ interface AnalysisStatusReport
extends uploadLib.UploadStatusReport,
QueriesStatusReport {}

interface DependencyCachingUploadStatusReport {
dependency_caching_upload_results?: DependencyCacheUploadStatusReport;
}

interface FinishStatusReport
extends StatusReportBase,
DatabaseCreationTimings,
AnalysisStatusReport,
DependencyCachingUploadStatusReport {}
AnalysisStatusReport {
dependency_caching_upload_results?: DependencyCacheUploadStatusReport;
database_upload_results: DatabaseUploadResult[];
}

interface FinishWithTrapUploadStatusReport extends FinishStatusReport {
/** Size of TRAP caches that we uploaded, in bytes. */
Expand All @@ -81,6 +82,7 @@ async function sendStatusReport(
didUploadTrapCaches: boolean,
trapCacheCleanup: TrapCacheCleanupStatusReport | undefined,
dependencyCacheResults: DependencyCacheUploadStatusReport | undefined,
databaseUploadResults: DatabaseUploadResult[],
logger: Logger,
) {
const status = getActionsStatus(error, stats?.analyze_failure_language);
Expand All @@ -101,6 +103,7 @@ async function sendStatusReport(
...(dbCreationTimings || {}),
...(trapCacheCleanup || {}),
dependency_caching_upload_results: dependencyCacheResults,
database_upload_results: databaseUploadResults,
};
if (config && didUploadTrapCaches) {
const trapCacheUploadStatusReport: FinishWithTrapUploadStatusReport = {
Expand Down Expand Up @@ -218,6 +221,7 @@ async function run() {
let dbCreationTimings: DatabaseCreationTimings | undefined = undefined;
let didUploadTrapCaches = false;
let dependencyCacheResults: DependencyCacheUploadStatusReport | undefined;
let databaseUploadResults: DatabaseUploadResult[] = [];
util.initializeEnvironment(actionsUtil.getActionVersion());

// Make inputs accessible in the `post` step, details at
Expand Down Expand Up @@ -389,7 +393,7 @@ async function run() {
// Possibly upload the database bundles for remote queries.
// Note: Take care with the ordering of this call since databases may be cleaned up
// at the `overlay` or `clear` level.
await cleanupAndUploadDatabases(
databaseUploadResults = await cleanupAndUploadDatabases(
repositoryNwo,
codeql,
config,
Expand Down Expand Up @@ -461,6 +465,7 @@ async function run() {
didUploadTrapCaches,
trapCacheCleanupTelemetry,
dependencyCacheResults,
databaseUploadResults,
logger,
);
return;
Expand All @@ -483,6 +488,7 @@ async function run() {
didUploadTrapCaches,
trapCacheCleanupTelemetry,
dependencyCacheResults,
databaseUploadResults,
logger,
);
} else if (runStats !== undefined) {
Expand All @@ -496,6 +502,7 @@ async function run() {
didUploadTrapCaches,
trapCacheCleanupTelemetry,
dependencyCacheResults,
databaseUploadResults,
logger,
);
} else {
Expand All @@ -509,6 +516,7 @@ async function run() {
didUploadTrapCaches,
trapCacheCleanupTelemetry,
dependencyCacheResults,
databaseUploadResults,
logger,
);
}
Expand Down
2 changes: 1 addition & 1 deletion src/database-upload.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,7 @@ test("Don't crash if uploading a database fails", async (t) => {
(v) =>
v.type === "warning" &&
v.message ===
"Failed to upload database for javascript: Error: some error message",
"Failed to upload database for javascript: some error message",
) !== undefined,
);
});
Expand Down
54 changes: 43 additions & 11 deletions src/database-upload.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,29 +13,43 @@ import { RepositoryNwo } from "./repository";
import * as util from "./util";
import { bundleDb, CleanupLevel, parseGitHubUrl } from "./util";

/** Information about a database upload. */
export interface DatabaseUploadResult {
/** Language of the database. */
language: string;
/** Size of the zipped database in bytes. */
zipped_upload_size_bytes?: number;
/** Whether the uploaded database is an overlay base. */
is_overlay_base?: boolean;
/** Time taken to upload database in milliseconds. */
upload_duration_ms?: number;
/** If there was an error during database upload, this is its message. */
error?: string;
}

export async function cleanupAndUploadDatabases(
repositoryNwo: RepositoryNwo,
codeql: CodeQL,
config: Config,
apiDetails: GitHubApiDetails,
features: FeatureEnablement,
logger: Logger,
): Promise<void> {
): Promise<DatabaseUploadResult[]> {
if (actionsUtil.getRequiredInput("upload-database") !== "true") {
logger.debug("Database upload disabled in workflow. Skipping upload.");
return;
return [];
}

if (!config.analysisKinds.includes(AnalysisKind.CodeScanning)) {
logger.debug(
`Not uploading database because 'analysis-kinds: ${AnalysisKind.CodeScanning}' is not enabled.`,
);
return;
return [];
}

if (util.isInTestMode()) {
logger.debug("In test mode. Skipping database upload.");
return;
return [];
}

// Do nothing when not running against github.com
Expand All @@ -44,20 +58,22 @@ export async function cleanupAndUploadDatabases(
config.gitHubVersion.type !== util.GitHubVariant.GHEC_DR
) {
logger.debug("Not running against github.com or GHEC-DR. Skipping upload.");
return;
return [];
}

if (!(await gitUtils.isAnalyzingDefaultBranch())) {
// We only want to upload a database if we are analyzing the default branch.
logger.debug("Not analyzing default branch. Skipping upload.");
return;
return [];
}

const cleanupLevel =
// If config.overlayDatabaseMode is OverlayBase, then we have overlay base databases for all languages.
const shouldUploadOverlayBase =
config.overlayDatabaseMode === OverlayDatabaseMode.OverlayBase &&
(await features.getValue(Feature.UploadOverlayDbToApi))
? CleanupLevel.Overlay
: CleanupLevel.Clear;
(await features.getValue(Feature.UploadOverlayDbToApi));
const cleanupLevel = shouldUploadOverlayBase
? CleanupLevel.Overlay
: CleanupLevel.Clear;

// Clean up the database, since intermediate results may still be written to the
// database if there is high RAM pressure.
Expand All @@ -77,6 +93,7 @@ export async function cleanupAndUploadDatabases(
uploadsBaseUrl = uploadsBaseUrl.slice(0, -1);
}

const reports: DatabaseUploadResult[] = [];
for (const language of config.languages) {
try {
// Upload the database bundle.
Expand All @@ -90,6 +107,7 @@ export async function cleanupAndUploadDatabases(
actionsUtil.getRequiredInput("checkout_path"),
);
try {
const startTime = performance.now();
await client.request(
`POST /repos/:owner/:repo/code-scanning/codeql/databases/:language?name=:name&commit_oid=:commit_oid`,
{
Expand All @@ -107,13 +125,27 @@ export async function cleanupAndUploadDatabases(
},
},
);
const endTime = performance.now();
reports.push({
language,
zipped_upload_size_bytes: bundledDbSize,
is_overlay_base: shouldUploadOverlayBase,
upload_duration_ms: endTime - startTime,
});
logger.debug(`Successfully uploaded database for ${language}`);
} finally {
bundledDbReadStream.close();
}
} catch (e) {
// Log a warning but don't fail the workflow
logger.warning(`Failed to upload database for ${language}: ${e}`);
logger.warning(
`Failed to upload database for ${language}: ${util.getErrorMessage(e)}`,
);
reports.push({
language,
error: util.getErrorMessage(e),
});
}
}
return reports;
}
Loading