Merge main into releases/v3 #2798
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
Mergeback v3.28.10 refs/heads/releases/v3 into main
…d `upload-sarif`
…on-input Unify `token` description for `resolve-environment`, `start-proxy`, and `upload-sarif`
`runner.temp` is not user-controlled but we replace it with `$RUNNER_TEMP` in any case.
Co-authored-by: Copilot <[email protected]>
…rning Fix code injection warnings in `check-codescanning-config` internal Action
…able-action PR Checks: use semantic versioning for `create-github-app-token`
The number of GB is at most 2, and can be tiny. MB gives a more comprehensible range of values.
Warn about small amounts of MB, not GB
* pre-commit: move the linting check ahead of the compiling one, as a typescript lint can change the compilaed javascript, so you can end up in a situation where the pre-commit check fails twice in a row * just: add linting and make the default to run all
Do some just+pre-commit tweaking
Add some more configuration errors
Bumps the npm group with 9 updates: | Package | From | To | | --- | --- | --- | | [@actions/cache](https://github.com/actions/toolkit/tree/HEAD/packages/cache) | `4.0.1` | `4.0.2` | | [uuid](https://github.com/uuidjs/uuid) | `11.0.5` | `11.1.0` | | [@eslint/eslintrc](https://github.com/eslint/eslintrc) | `3.2.0` | `3.3.0` | | [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.20.0` | `9.21.0` | | [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon) | `17.0.3` | `17.0.4` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.24.1` | `8.26.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.24.1` | `8.26.0` | | [eslint-import-resolver-typescript](https://github.com/import-js/eslint-import-resolver-typescript) | `3.8.1` | `3.8.3` | | [typescript](https://github.com/microsoft/TypeScript) | `5.7.3` | `5.8.2` | Updates `@actions/cache` from 4.0.1 to 4.0.2 - [Changelog](https://github.com/actions/toolkit/blob/main/packages/cache/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/cache) Updates `uuid` from 11.0.5 to 11.1.0 - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md) - [Commits](uuidjs/uuid@v11.0.5...v11.1.0) Updates `@eslint/eslintrc` from 3.2.0 to 3.3.0 - [Release notes](https://github.com/eslint/eslintrc/releases) - [Changelog](https://github.com/eslint/eslintrc/blob/main/CHANGELOG.md) - [Commits](eslint/eslintrc@v3.2.0...v3.3.0) Updates `@eslint/js` from 9.20.0 to 9.21.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/commits/v9.21.0/packages/js) Updates `@types/sinon` from 17.0.3 to 17.0.4 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon) Updates `@typescript-eslint/eslint-plugin` from 8.24.1 to 8.26.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.26.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.24.1 to 8.26.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.26.0/packages/parser) Updates `eslint-import-resolver-typescript` from 3.8.1 to 3.8.3 - [Release notes](https://github.com/import-js/eslint-import-resolver-typescript/releases) - [Changelog](https://github.com/import-js/eslint-import-resolver-typescript/blob/master/CHANGELOG.md) - [Commits](import-js/eslint-import-resolver-typescript@v3.8.1...v3.8.3) Updates `typescript` from 5.7.3 to 5.8.2 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](microsoft/TypeScript@v5.7.3...v5.8.2) --- updated-dependencies: - dependency-name: "@actions/cache" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm - dependency-name: uuid dependency-type: direct:production update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@eslint/eslintrc" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@eslint/js" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@types/sinon" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: eslint-import-resolver-typescript dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the actions group with 1 update: [actions/create-github-app-token](https://github.com/actions/create-github-app-token). Updates `actions/create-github-app-token` from 1.11.5 to 1.11.6 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@v1.11.5...v1.11.6) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]>
…s-f0e7f3112e build(deps): bump actions/create-github-app-token from 1.11.5 to 1.11.6 in the actions group
…37cb71 build(deps): bump the npm group with 9 updates
Use embedded `actions` extractor only for old CLI versions
…er-versions Update supported GitHub Enterprise Server versions
adjust string for handling rate limit error
Update default bundle to 2.20.6
There was a problem hiding this comment.
PR Overview
This PR merges main into releases/v3 and integrates several pull requests, updating error handling, logging, workflows, and dependency versions.
- Updated error handling in the CodeQL CLI download process.
- Adjusted unit conversion in disk space logging and improved workflow dependency versions.
- Refactored comments and error reporting in related modules.
Reviewed Changes
| File | Description |
|---|---|
| lib/codeql.js | Enhanced error handling logic and updated comment placement. |
| CHANGELOG.md | Added release entry for version 3.28.11. |
| lib/util.js | Changed disk space logging to display MB instead of GB. |
| lib/cli-errors.js | Introduced a new error category for temporary directory failures. |
| .pre-commit-config.yaml | Removed duplicate lint-ts hook and updated hook ordering. |
| .github/actions/check-codescanning-config/action.yml | Revised environment variable usage for better reliability. |
| .github/actions/check-codescanning-config/index.ts | Updated to set failure when no expected configuration is provided. |
| .github/workflows/post-release-mergeback.yml | Upgraded action token usage to a specific release version. |
| .github/workflows/update-release-branch.yml | Upgraded action token usage to a specific release version. |
| lib/api-client.js | Modified error message matching for API rate limit errors. |
Copilot reviewed 3147 out of 3147 changed files in this pull request and generated 1 comment.
Tip: Leave feedback on Copilot's review comments with the 👎 and 👍 buttons to help improve review quality. Learn more
| const gbInBytes = 1024 * 1024 * 1024; | ||
| if (diskUsage.free < 2 * gbInBytes) { | ||
| const message = "The Actions runner is running low on disk space " + | ||
| `(${(diskUsage.free / gbInBytes).toPrecision(4)} GB available).`; | ||
| `(${(diskUsage.free / mbInBytes).toPrecision(4)} MB available).`; |
There was a problem hiding this comment.
The disk space logging now displays free space in MB despite the threshold being set in GB, which may lead to confusion. Consider converting the free space to GB for display or updating the threshold if MB is intended.
Copilot is powered by AI, so mistakes are possible. Review output carefully before use.
cklin
approved these changes
Mar 7, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merging 56b25d5 into
releases/v3.Conductor for this PR is @cklin.
Contains the following pull requests:
tokendescription forresolve-environment,start-proxy, andupload-sarif#2780 (@angelapwen)check-codescanning-configinternal Action #2781 (@angelapwen)create-github-app-token#2782 (@angelapwen)actionsextractor only for old CLI versions #2788 (@dbartol)Please do the following:
releases/v3branch.Create a merge commitis selected rather thanSquash and mergeorRebase and merge.