diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index 7bec97f..beff13b 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -11,6 +11,7 @@ on: - .github/workflows/copilot-setup-steps.yml - .github/actions/setup-codeql-environment/action.yml - qlt.conf.json + - scripts/install-codeql-packs.sh pull_request: branches: - main @@ -18,6 +19,7 @@ on: - .github/workflows/copilot-setup-steps.yml - .github/actions/setup-codeql-environment/action.yml - qlt.conf.json + - scripts/install-codeql-packs.sh jobs: # The job MUST be called `copilot-setup-steps` or it will not be picked up by Copilot. @@ -31,3 +33,7 @@ jobs: - name: Copilot Setup - Setup CodeQL environment uses: ./.github/actions/setup-codeql-environment + + - name: Copilot Setup - Install CodeQL workspace packs + shell: bash + run: ./scripts/install-codeql-packs.sh diff --git a/README.md b/README.md index dccedf2..90f538b 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,19 @@ Before using this repository template, ensure your GitHub organization/account h **Note:** The ['copilot-setup-steps' actions workflow](./.github/workflows/copilot-setup-steps.yml) will automatically set up the environment for Copilot Coding Agent (CCA), so local installation is optional and primarily useful for manual development. -### Step 2: Create an Issue for the CodeQL query you want to develop +### Step 2: Install CodeQL Pack Dependencies + +After cloning your new repository, install the CodeQL pack dependencies: + +```bash +./scripts/install-codeql-packs.sh +``` + +This uses `codeql pack ls` to discover all packs in the workspace and runs `codeql pack install` for each one, generating `codeql-pack.lock.yml` files and downloading required dependencies locally. You can target a single language with `--language ` (e.g., `--language java`). + +> **Note:** The generated `codeql-pack.lock.yml` files should be committed to your repository to ensure reproducible dependency resolution across your team. + +### Step 3: Create an Issue for the CodeQL query you want to develop 1. **Navigate to Issues** in your new repository 2. **Click "New Issue"** @@ -46,13 +58,13 @@ Before using this repository template, ensure your GitHub organization/account h - Specify severity level 5. **Submit the issue** -### Step 3: Assign Issue to `@copilot` +### Step 4: Assign Issue to `@copilot` 1. **Assign the issue** to `@copilot` (GitHub's Copilot Coding Agent user) 2. **Wait for Copilot** to process the issue and create a Pull Request 3. **Monitor progress** via the `Sessions` and/or comments for the new Pull Request -### Step 4: Review Pull Request created by Copilot Coding Agent +### Step 5: Review Pull Request created by Copilot Coding Agent 1. **Navigate to the generated Pull Request** 2. **Review the changes:** diff --git a/languages/actions/custom/src/codeql-pack.lock.yml b/languages/actions/custom/src/codeql-pack.lock.yml deleted file mode 100644 index 70dd152..0000000 --- a/languages/actions/custom/src/codeql-pack.lock.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/actions-all: - version: 0.4.17 - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/javascript-all: - version: 2.6.11 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/actions/custom/src/qlpack.yml b/languages/actions/custom/src/qlpack.yml index 0ca1958..10ec931 100644 --- a/languages/actions/custom/src/qlpack.yml +++ b/languages/actions/custom/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-actions-custom-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/actions-all: "*" diff --git a/languages/actions/custom/test/codeql-pack.lock.yml b/languages/actions/custom/test/codeql-pack.lock.yml deleted file mode 100644 index 70dd152..0000000 --- a/languages/actions/custom/test/codeql-pack.lock.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/actions-all: - version: 0.4.17 - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/javascript-all: - version: 2.6.11 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/actions/custom/test/qlpack.yml b/languages/actions/custom/test/qlpack.yml index 747746b..0455c4d 100644 --- a/languages/actions/custom/test/qlpack.yml +++ b/languages/actions/custom/test/qlpack.yml @@ -1,5 +1,5 @@ name: languages-actions-custom-test -version: 0.0.1 +version: 0.0.2 dependencies: - languages-actions-custom-src: "*" + languages-actions-custom-src: ${workspace} extractor: actions diff --git a/languages/actions/tools/src/codeql-pack.lock.yml b/languages/actions/tools/src/codeql-pack.lock.yml deleted file mode 100644 index 70dd152..0000000 --- a/languages/actions/tools/src/codeql-pack.lock.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/actions-all: - version: 0.4.17 - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/javascript-all: - version: 2.6.11 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/actions/tools/src/qlpack.yml b/languages/actions/tools/src/qlpack.yml index 1b360a7..4b1e864 100644 --- a/languages/actions/tools/src/qlpack.yml +++ b/languages/actions/tools/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-actions-tools-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/actions-all: "*" diff --git a/languages/actions/tools/test/codeql-pack.lock.yml b/languages/actions/tools/test/codeql-pack.lock.yml deleted file mode 100644 index 6f27447..0000000 --- a/languages/actions/tools/test/codeql-pack.lock.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/actions-all: - version: 0.4.17 - codeql/actions-queries: - version: 0.6.9 - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/javascript-all: - version: 2.6.11 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/suite-helpers: - version: 1.0.31 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/actions/tools/test/qlpack.yml b/languages/actions/tools/test/qlpack.yml index 34bd18c..ed9cfdd 100644 --- a/languages/actions/tools/test/qlpack.yml +++ b/languages/actions/tools/test/qlpack.yml @@ -1,9 +1,9 @@ name: languages-actions-tools-test -version: 0.0.1 +version: 0.0.2 dependencies: # This test pack does not actually depend upon `codeql/actions-queries`, # but we declare the dependency to ensure that the queries from the # query pack are downloaded and available locally. codeql/actions-queries: "*" - languages-actions-tools-src: "*" + languages-actions-tools-src: ${workspace} extractor: actions diff --git a/languages/cpp/custom/src/codeql-pack.lock.yml b/languages/cpp/custom/src/codeql-pack.lock.yml deleted file mode 100644 index 8cddd7e..0000000 --- a/languages/cpp/custom/src/codeql-pack.lock.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/cpp-all: - version: 5.6.0 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/quantum: - version: 0.0.9 - codeql/rangeanalysis: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/tutorial: - version: 1.0.31 - codeql/typeflow: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/cpp/custom/src/qlpack.yml b/languages/cpp/custom/src/qlpack.yml index e47ccae..d9fd1e1 100644 --- a/languages/cpp/custom/src/qlpack.yml +++ b/languages/cpp/custom/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-cpp-custom-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/cpp-all: "*" diff --git a/languages/cpp/custom/test/codeql-pack.lock.yml b/languages/cpp/custom/test/codeql-pack.lock.yml deleted file mode 100644 index 8cddd7e..0000000 --- a/languages/cpp/custom/test/codeql-pack.lock.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/cpp-all: - version: 5.6.0 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/quantum: - version: 0.0.9 - codeql/rangeanalysis: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/tutorial: - version: 1.0.31 - codeql/typeflow: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/cpp/custom/test/qlpack.yml b/languages/cpp/custom/test/qlpack.yml index 4dead59..def302d 100644 --- a/languages/cpp/custom/test/qlpack.yml +++ b/languages/cpp/custom/test/qlpack.yml @@ -1,5 +1,5 @@ name: languages-cpp-custom-test -version: 0.0.1 +version: 0.0.2 dependencies: - languages-cpp-custom-src: '*' + languages-cpp-custom-src: ${workspace} extractor: cpp diff --git a/languages/cpp/tools/src/codeql-pack.lock.yml b/languages/cpp/tools/src/codeql-pack.lock.yml deleted file mode 100644 index 8cddd7e..0000000 --- a/languages/cpp/tools/src/codeql-pack.lock.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/cpp-all: - version: 5.6.0 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/quantum: - version: 0.0.9 - codeql/rangeanalysis: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/tutorial: - version: 1.0.31 - codeql/typeflow: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/cpp/tools/src/qlpack.yml b/languages/cpp/tools/src/qlpack.yml index 640f72f..fea4b5a 100644 --- a/languages/cpp/tools/src/qlpack.yml +++ b/languages/cpp/tools/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-cpp-tools-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/cpp-all: "*" diff --git a/languages/cpp/tools/test/codeql-pack.lock.yml b/languages/cpp/tools/test/codeql-pack.lock.yml deleted file mode 100644 index 419d2b4..0000000 --- a/languages/cpp/tools/test/codeql-pack.lock.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/cpp-all: - version: 5.6.0 - codeql/cpp-queries: - version: 1.5.0 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/quantum: - version: 0.0.9 - codeql/rangeanalysis: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/suite-helpers: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typeflow: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/cpp/tools/test/qlpack.yml b/languages/cpp/tools/test/qlpack.yml index a4a6ded..dd2c650 100644 --- a/languages/cpp/tools/test/qlpack.yml +++ b/languages/cpp/tools/test/qlpack.yml @@ -1,9 +1,9 @@ name: languages-cpp-tools-test -version: 0.0.1 +version: 0.0.2 dependencies: # This test pack does not actually depend upon `codeql/cpp-queries`, # but we declare the dependency to ensure that the queries from the # query pack are downloaded and available locally. codeql/cpp-queries: "*" - languages-cpp-tools-src: '*' + languages-cpp-tools-src: ${workspace} extractor: cpp diff --git a/languages/csharp/custom/src/codeql-pack.lock.yml b/languages/csharp/custom/src/codeql-pack.lock.yml deleted file mode 100644 index 6c70861..0000000 --- a/languages/csharp/custom/src/codeql-pack.lock.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/csharp-all: - version: 5.2.4 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/csharp/custom/src/qlpack.yml b/languages/csharp/custom/src/qlpack.yml index aaccb2e..512e62c 100644 --- a/languages/csharp/custom/src/qlpack.yml +++ b/languages/csharp/custom/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-csharp-custom-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/csharp-all: "*" diff --git a/languages/csharp/custom/test/codeql-pack.lock.yml b/languages/csharp/custom/test/codeql-pack.lock.yml deleted file mode 100644 index 6c70861..0000000 --- a/languages/csharp/custom/test/codeql-pack.lock.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/csharp-all: - version: 5.2.4 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/csharp/custom/test/qlpack.yml b/languages/csharp/custom/test/qlpack.yml index 2c5475c..c64073f 100644 --- a/languages/csharp/custom/test/qlpack.yml +++ b/languages/csharp/custom/test/qlpack.yml @@ -1,5 +1,5 @@ name: languages-csharp-custom-test -version: 0.0.1 +version: 0.0.2 dependencies: - languages-csharp-custom-src: '*' + languages-csharp-custom-src: ${workspace} extractor: csharp diff --git a/languages/csharp/tools/src/codeql-pack.lock.yml b/languages/csharp/tools/src/codeql-pack.lock.yml deleted file mode 100644 index 6c70861..0000000 --- a/languages/csharp/tools/src/codeql-pack.lock.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/csharp-all: - version: 5.2.4 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/csharp/tools/src/qlpack.yml b/languages/csharp/tools/src/qlpack.yml index c030360..52b8a15 100644 --- a/languages/csharp/tools/src/qlpack.yml +++ b/languages/csharp/tools/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-csharp-tools-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/csharp-all: "*" diff --git a/languages/csharp/tools/test/codeql-pack.lock.yml b/languages/csharp/tools/test/codeql-pack.lock.yml deleted file mode 100644 index 58ef823..0000000 --- a/languages/csharp/tools/test/codeql-pack.lock.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/csharp-all: - version: 5.2.4 - codeql/csharp-queries: - version: 1.4.0 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/suite-helpers: - version: 1.0.31 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/csharp/tools/test/qlpack.yml b/languages/csharp/tools/test/qlpack.yml index 9216c89..05285d8 100644 --- a/languages/csharp/tools/test/qlpack.yml +++ b/languages/csharp/tools/test/qlpack.yml @@ -1,9 +1,9 @@ name: languages-csharp-tools-test -version: 0.0.1 +version: 0.0.2 dependencies: # This test pack does not actually depend upon `codeql/csharp-queries`, # but we declare the dependency to ensure that the queries from the # query pack are downloaded and available locally. codeql/csharp-queries: "*" - languages-csharp-tools-src: '*' + languages-csharp-tools-src: ${workspace} extractor: csharp diff --git a/languages/go/custom/src/codeql-pack.lock.yml b/languages/go/custom/src/codeql-pack.lock.yml deleted file mode 100644 index c19e4ba..0000000 --- a/languages/go/custom/src/codeql-pack.lock.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/go-all: - version: 4.3.4 - codeql/mad: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 -compiled: false diff --git a/languages/go/custom/src/qlpack.yml b/languages/go/custom/src/qlpack.yml index bb27fbe..f5c383e 100644 --- a/languages/go/custom/src/qlpack.yml +++ b/languages/go/custom/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-go-custom-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/go-all: "*" diff --git a/languages/go/custom/test/codeql-pack.lock.yml b/languages/go/custom/test/codeql-pack.lock.yml deleted file mode 100644 index c19e4ba..0000000 --- a/languages/go/custom/test/codeql-pack.lock.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/go-all: - version: 4.3.4 - codeql/mad: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 -compiled: false diff --git a/languages/go/custom/test/qlpack.yml b/languages/go/custom/test/qlpack.yml index 5efc1b5..21f4da3 100644 --- a/languages/go/custom/test/qlpack.yml +++ b/languages/go/custom/test/qlpack.yml @@ -1,5 +1,5 @@ name: languages-go-custom-test -version: 0.0.1 +version: 0.0.2 dependencies: - languages-go-custom-src: "*" + languages-go-custom-src: ${workspace} extractor: go diff --git a/languages/go/tools/src/codeql-pack.lock.yml b/languages/go/tools/src/codeql-pack.lock.yml deleted file mode 100644 index c19e4ba..0000000 --- a/languages/go/tools/src/codeql-pack.lock.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/go-all: - version: 4.3.4 - codeql/mad: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 -compiled: false diff --git a/languages/go/tools/src/qlpack.yml b/languages/go/tools/src/qlpack.yml index 0121939..579feb8 100644 --- a/languages/go/tools/src/qlpack.yml +++ b/languages/go/tools/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-go-tools-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/go-all: "*" diff --git a/languages/go/tools/test/codeql-pack.lock.yml b/languages/go/tools/test/codeql-pack.lock.yml deleted file mode 100644 index df52c19..0000000 --- a/languages/go/tools/test/codeql-pack.lock.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/go-all: - version: 4.3.4 - codeql/go-queries: - version: 1.4.5 - codeql/mad: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/suite-helpers: - version: 1.0.31 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 -compiled: false diff --git a/languages/go/tools/test/qlpack.yml b/languages/go/tools/test/qlpack.yml index 3ed469e..5d5fdc4 100644 --- a/languages/go/tools/test/qlpack.yml +++ b/languages/go/tools/test/qlpack.yml @@ -1,9 +1,9 @@ name: languages-go-tools-test -version: 0.0.1 +version: 0.0.2 dependencies: # This test pack does not actually depend upon `codeql/go-queries`, # but we declare the dependency to ensure that the queries from the # query pack are downloaded and available locally. codeql/go-queries: "*" - languages-go-tools-src: "*" + languages-go-tools-src: ${workspace} extractor: go diff --git a/languages/java/custom/src/codeql-pack.lock.yml b/languages/java/custom/src/codeql-pack.lock.yml deleted file mode 100644 index 5458c2c..0000000 --- a/languages/java/custom/src/codeql-pack.lock.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/java-all: - version: 7.7.0 - codeql/mad: - version: 1.0.31 - codeql/quantum: - version: 0.0.9 - codeql/rangeanalysis: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typeflow: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/java/custom/src/qlpack.yml b/languages/java/custom/src/qlpack.yml index 04a1481..dfeb1b0 100644 --- a/languages/java/custom/src/qlpack.yml +++ b/languages/java/custom/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-java-custom-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/java-all: "*" diff --git a/languages/java/custom/test/codeql-pack.lock.yml b/languages/java/custom/test/codeql-pack.lock.yml deleted file mode 100644 index 5458c2c..0000000 --- a/languages/java/custom/test/codeql-pack.lock.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/java-all: - version: 7.7.0 - codeql/mad: - version: 1.0.31 - codeql/quantum: - version: 0.0.9 - codeql/rangeanalysis: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typeflow: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/java/custom/test/qlpack.yml b/languages/java/custom/test/qlpack.yml index c497cd8..1e98673 100644 --- a/languages/java/custom/test/qlpack.yml +++ b/languages/java/custom/test/qlpack.yml @@ -1,5 +1,5 @@ name: languages-java-custom-test -version: 0.0.1 +version: 0.0.2 dependencies: - languages-java-custom-src: "*" + languages-java-custom-src: ${workspace} extractor: java diff --git a/languages/java/tools/src/codeql-pack.lock.yml b/languages/java/tools/src/codeql-pack.lock.yml deleted file mode 100644 index 5458c2c..0000000 --- a/languages/java/tools/src/codeql-pack.lock.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/java-all: - version: 7.7.0 - codeql/mad: - version: 1.0.31 - codeql/quantum: - version: 0.0.9 - codeql/rangeanalysis: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typeflow: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/java/tools/src/qlpack.yml b/languages/java/tools/src/qlpack.yml index 08051a0..9aad85b 100644 --- a/languages/java/tools/src/qlpack.yml +++ b/languages/java/tools/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-java-tools-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/java-all: "*" diff --git a/languages/java/tools/test/codeql-pack.lock.yml b/languages/java/tools/test/codeql-pack.lock.yml deleted file mode 100644 index 0fe9b56..0000000 --- a/languages/java/tools/test/codeql-pack.lock.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/java-all: - version: 7.7.0 - codeql/java-queries: - version: 1.8.0 - codeql/mad: - version: 1.0.31 - codeql/quantum: - version: 0.0.9 - codeql/rangeanalysis: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/suite-helpers: - version: 1.0.31 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typeflow: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 -compiled: false diff --git a/languages/java/tools/test/qlpack.yml b/languages/java/tools/test/qlpack.yml index 211e767..09a5897 100644 --- a/languages/java/tools/test/qlpack.yml +++ b/languages/java/tools/test/qlpack.yml @@ -1,9 +1,9 @@ name: languages-java-tools-test -version: 0.0.1 +version: 0.0.2 dependencies: # This test pack does not actually depend upon `codeql/java-queries`, # but we declare the dependency to ensure that the queries from the # query pack are downloaded and available locally. codeql/java-queries: "*" - languages-java-tools-src: "*" + languages-java-tools-src: ${workspace} extractor: java diff --git a/languages/javascript/custom/src/codeql-pack.lock.yml b/languages/javascript/custom/src/codeql-pack.lock.yml deleted file mode 100644 index 4415c2e..0000000 --- a/languages/javascript/custom/src/codeql-pack.lock.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/javascript-all: - version: 2.6.11 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/javascript/custom/src/qlpack.yml b/languages/javascript/custom/src/qlpack.yml index 7e2508f..ca89cf7 100644 --- a/languages/javascript/custom/src/qlpack.yml +++ b/languages/javascript/custom/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-javascript-custom-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/javascript-all: "*" diff --git a/languages/javascript/custom/test/codeql-pack.lock.yml b/languages/javascript/custom/test/codeql-pack.lock.yml deleted file mode 100644 index 4415c2e..0000000 --- a/languages/javascript/custom/test/codeql-pack.lock.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/javascript-all: - version: 2.6.11 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/javascript/custom/test/qlpack.yml b/languages/javascript/custom/test/qlpack.yml index 11b6044..d2cb9a4 100644 --- a/languages/javascript/custom/test/qlpack.yml +++ b/languages/javascript/custom/test/qlpack.yml @@ -1,5 +1,5 @@ name: languages-javascript-custom-test -version: 0.0.1 +version: 0.0.2 dependencies: - languages-javascript-custom-src: '*' + languages-javascript-custom-src: ${workspace} extractor: javascript diff --git a/languages/javascript/tools/src/codeql-pack.lock.yml b/languages/javascript/tools/src/codeql-pack.lock.yml deleted file mode 100644 index 4415c2e..0000000 --- a/languages/javascript/tools/src/codeql-pack.lock.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/javascript-all: - version: 2.6.11 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/javascript/tools/src/qlpack.yml b/languages/javascript/tools/src/qlpack.yml index 186023a..b38cc31 100644 --- a/languages/javascript/tools/src/qlpack.yml +++ b/languages/javascript/tools/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-javascript-tools-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/javascript-all: "*" diff --git a/languages/javascript/tools/test/codeql-pack.lock.yml b/languages/javascript/tools/test/codeql-pack.lock.yml deleted file mode 100644 index 38af13b..0000000 --- a/languages/javascript/tools/test/codeql-pack.lock.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/javascript-all: - version: 2.6.11 - codeql/javascript-queries: - version: 2.1.0 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/suite-helpers: - version: 1.0.31 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/typos: - version: 1.0.31 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/javascript/tools/test/qlpack.yml b/languages/javascript/tools/test/qlpack.yml index 279fa13..8a6964a 100644 --- a/languages/javascript/tools/test/qlpack.yml +++ b/languages/javascript/tools/test/qlpack.yml @@ -1,9 +1,9 @@ name: languages-javascript-tools-test -version: 0.0.1 +version: 0.0.2 dependencies: # This test pack does not actually depend upon `codeql/javascript-queries`, # but we declare the dependency to ensure that the queries from the # query pack are downloaded and available locally. codeql/javascript-queries: "*" - languages-javascript-tools-src: '*' + languages-javascript-tools-src: ${workspace} extractor: javascript diff --git a/languages/python/custom/src/codeql-pack.lock.yml b/languages/python/custom/src/codeql-pack.lock.yml deleted file mode 100644 index 152e78f..0000000 --- a/languages/python/custom/src/codeql-pack.lock.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/python-all: - version: 4.0.15 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/python/custom/src/qlpack.yml b/languages/python/custom/src/qlpack.yml index 38b533a..4822f68 100644 --- a/languages/python/custom/src/qlpack.yml +++ b/languages/python/custom/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-python-custom-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/python-all: "*" diff --git a/languages/python/custom/test/codeql-pack.lock.yml b/languages/python/custom/test/codeql-pack.lock.yml deleted file mode 100644 index 152e78f..0000000 --- a/languages/python/custom/test/codeql-pack.lock.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/python-all: - version: 4.0.15 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/python/custom/test/qlpack.yml b/languages/python/custom/test/qlpack.yml index 994cd14..60e74c2 100644 --- a/languages/python/custom/test/qlpack.yml +++ b/languages/python/custom/test/qlpack.yml @@ -1,5 +1,5 @@ name: languages-python-custom-test -version: 0.0.1 +version: 0.0.2 dependencies: - languages-python-custom-src: "*" + languages-python-custom-src: ${workspace} extractor: python diff --git a/languages/python/tools/src/codeql-pack.lock.yml b/languages/python/tools/src/codeql-pack.lock.yml deleted file mode 100644 index 152e78f..0000000 --- a/languages/python/tools/src/codeql-pack.lock.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/python-all: - version: 4.0.15 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/python/tools/src/qlpack.yml b/languages/python/tools/src/qlpack.yml index 967e5ef..962a0d7 100644 --- a/languages/python/tools/src/qlpack.yml +++ b/languages/python/tools/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-python-tools-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/python-all: "*" diff --git a/languages/python/tools/test/codeql-pack.lock.yml b/languages/python/tools/test/codeql-pack.lock.yml deleted file mode 100644 index f20b787..0000000 --- a/languages/python/tools/test/codeql-pack.lock.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/python-all: - version: 4.0.15 - codeql/python-queries: - version: 1.6.5 - codeql/regex: - version: 1.0.31 - codeql/ssa: - version: 2.0.7 - codeql/suite-helpers: - version: 1.0.31 - codeql/threat-models: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 - codeql/xml: - version: 1.0.31 - codeql/yaml: - version: 1.0.31 -compiled: false diff --git a/languages/python/tools/test/qlpack.yml b/languages/python/tools/test/qlpack.yml index 9f32750..2e9ab0a 100644 --- a/languages/python/tools/test/qlpack.yml +++ b/languages/python/tools/test/qlpack.yml @@ -1,9 +1,9 @@ name: languages-python-tools-test -version: 0.0.1 +version: 0.0.2 dependencies: # This test pack does not actually depend upon `codeql/python-queries`, # but we declare the dependency to ensure that the queries from the # query pack are downloaded and available locally. codeql/python-queries: "*" - languages-python-tools-src: "*" + languages-python-tools-src: ${workspace} extractor: python diff --git a/languages/ruby/custom/src/codeql-pack.lock.yml b/languages/ruby/custom/src/codeql-pack.lock.yml deleted file mode 100644 index 78fc6f1..0000000 --- a/languages/ruby/custom/src/codeql-pack.lock.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ruby-all: - version: 5.0.4 - codeql/ssa: - version: 2.0.7 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 -compiled: false diff --git a/languages/ruby/custom/src/qlpack.yml b/languages/ruby/custom/src/qlpack.yml index 3650d89..e8d5a8d 100644 --- a/languages/ruby/custom/src/qlpack.yml +++ b/languages/ruby/custom/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-ruby-custom-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/ruby-all: "*" diff --git a/languages/ruby/custom/test/codeql-pack.lock.yml b/languages/ruby/custom/test/codeql-pack.lock.yml deleted file mode 100644 index 78fc6f1..0000000 --- a/languages/ruby/custom/test/codeql-pack.lock.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ruby-all: - version: 5.0.4 - codeql/ssa: - version: 2.0.7 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 -compiled: false diff --git a/languages/ruby/custom/test/qlpack.yml b/languages/ruby/custom/test/qlpack.yml index cd30bea..d963b78 100644 --- a/languages/ruby/custom/test/qlpack.yml +++ b/languages/ruby/custom/test/qlpack.yml @@ -1,5 +1,5 @@ name: languages-ruby-custom-test -version: 0.0.1 +version: 0.0.2 dependencies: - languages-ruby-custom-src: '*' + languages-ruby-custom-src: ${workspace} extractor: ruby diff --git a/languages/ruby/tools/src/codeql-pack.lock.yml b/languages/ruby/tools/src/codeql-pack.lock.yml deleted file mode 100644 index 78fc6f1..0000000 --- a/languages/ruby/tools/src/codeql-pack.lock.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ruby-all: - version: 5.0.4 - codeql/ssa: - version: 2.0.7 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 -compiled: false diff --git a/languages/ruby/tools/src/qlpack.yml b/languages/ruby/tools/src/qlpack.yml index 67b5e53..c0adb3e 100644 --- a/languages/ruby/tools/src/qlpack.yml +++ b/languages/ruby/tools/src/qlpack.yml @@ -1,5 +1,5 @@ name: languages-ruby-tools-src -version: 0.0.1 +version: 0.0.2 library: false dependencies: codeql/ruby-all: "*" diff --git a/languages/ruby/tools/test/codeql-pack.lock.yml b/languages/ruby/tools/test/codeql-pack.lock.yml deleted file mode 100644 index 63e6875..0000000 --- a/languages/ruby/tools/test/codeql-pack.lock.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -lockVersion: 1.0.0 -dependencies: - codeql/concepts: - version: 0.0.5 - codeql/controlflow: - version: 2.0.15 - codeql/dataflow: - version: 2.0.15 - codeql/mad: - version: 1.0.31 - codeql/regex: - version: 1.0.31 - codeql/ruby-all: - version: 5.0.4 - codeql/ruby-queries: - version: 1.4.5 - codeql/ssa: - version: 2.0.7 - codeql/suite-helpers: - version: 1.0.31 - codeql/tutorial: - version: 1.0.31 - codeql/typetracking: - version: 2.0.15 - codeql/util: - version: 2.0.18 -compiled: false diff --git a/languages/ruby/tools/test/qlpack.yml b/languages/ruby/tools/test/qlpack.yml index a2a71d2..32b1be7 100644 --- a/languages/ruby/tools/test/qlpack.yml +++ b/languages/ruby/tools/test/qlpack.yml @@ -1,9 +1,9 @@ name: languages-ruby-tools-test -version: 0.0.1 +version: 0.0.2 dependencies: # This test pack does not actually depend upon `codeql/ruby-queries`, # but we declare the dependency to ensure that the queries from the # query pack are downloaded and available locally. codeql/ruby-queries: "*" - languages-ruby-tools-src: '*' + languages-ruby-tools-src: ${workspace} extractor: ruby diff --git a/scripts/install-codeql-packs.sh b/scripts/install-codeql-packs.sh new file mode 100755 index 0000000..03481a9 --- /dev/null +++ b/scripts/install-codeql-packs.sh @@ -0,0 +1,162 @@ +#!/usr/bin/env bash +set -euo pipefail + +## Parse command line arguments +LANGUAGE="" + +usage() { + cat << EOF +Usage: $0 [OPTIONS] + +Install CodeQL packs for all packs discovered in the CodeQL workspace. + +OPTIONS: + --language Install packs only for the specified language + Valid values: actions, cpp, csharp, go, java, javascript, + python, ruby + -h, --help Show this help message + +By default, the script installs packs for all languages in the workspace. +EOF +} + +while [[ $# -gt 0 ]]; do + case $1 in + --language) + if [[ $# -lt 2 || "$2" == -* ]]; then + echo "Error: --language requires a value" >&2 + usage >&2 + exit 1 + fi + LANGUAGE="$2" + shift 2 + ;; + -h|--help) + usage + exit 0 + ;; + *) + echo "Error: Unknown option $1" >&2 + usage >&2 + exit 1 + ;; + esac +done + +## Validate language if provided +VALID_LANGUAGES=("actions" "cpp" "csharp" "go" "java" "javascript" "python" "ruby") +if [[ -n "${LANGUAGE}" ]]; then + LANGUAGE_VALID=false + for valid_lang in "${VALID_LANGUAGES[@]}"; do + if [[ "${LANGUAGE}" = "${valid_lang}" ]]; then + LANGUAGE_VALID=true + break + fi + done + + if [[ "${LANGUAGE_VALID}" = false ]]; then + echo "Error: Invalid language '${LANGUAGE}'" >&2 + echo "Valid languages: ${VALID_LANGUAGES[*]}" >&2 + exit 1 + fi +fi + +## Get the directory of this script. +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +## Get the root directory of the repository. +REPO_ROOT_DIR="$(cd "${SCRIPT_DIR}/.." && pwd)" +## Explicitly set the cwd to the REPO_ROOT_DIR. +cd "${REPO_ROOT_DIR}" + +## Verify prerequisites +if ! command -v codeql >/dev/null 2>&1; then + echo "Error: 'codeql' CLI not found in PATH" >&2 + echo "Install CodeQL CLI: https://github.com/github/codeql-cli-binaries/releases" >&2 + exit 1 +fi + +if ! command -v jq >/dev/null 2>&1; then + echo "Error: 'jq' not found in PATH (required for JSON parsing)" >&2 + exit 1 +fi + +## Define a helper to run a command with exponential-backoff retry. +## Usage: run_with_retry [args...] +run_with_retry() { + local _max_attempts="$1" + local _delay="$2" + shift 2 + local _attempt=1 + while true; do + if "$@"; then + return 0 + fi + if [[ "${_attempt}" -ge "${_max_attempts}" ]]; then + echo "ERROR: Command failed after ${_max_attempts} attempt(s): $*" >&2 + return 1 + fi + echo "WARNING: Command failed (attempt ${_attempt}/${_max_attempts}). Retrying in ${_delay}s..." >&2 + sleep "${_delay}" + _attempt=$((_attempt + 1)) + _delay=$((_delay * 2)) + done +} + +## Discover packs using codeql pack ls +echo "INFO: Discovering CodeQL packs in workspace..." +PACK_LS_STDERR=$(mktemp) +if ! PACK_JSON=$(codeql pack ls --format=json 2>"${PACK_LS_STDERR}"); then + echo "Error: Failed to discover CodeQL packs in workspace" >&2 + cat "${PACK_LS_STDERR}" >&2 + rm -f "${PACK_LS_STDERR}" + exit 1 +fi +rm -f "${PACK_LS_STDERR}" + +# codeql pack ls --format=json returns: +# { "packs": { "/qlpack.yml": { "name": "...", "version": "..." }, ... } } +# Extract the directory of each qlpack.yml file. +PACK_DIRS=$(echo "${PACK_JSON}" | jq -r '.packs | keys[] | sub("/qlpack\\.yml$"; "")') + +if [[ -z "${PACK_DIRS}" ]]; then + echo "Error: No CodeQL packs found in workspace" >&2 + echo "Ensure codeql-workspace.yml exists in the repository root." >&2 + exit 1 +fi + +INSTALL_COUNT=0 +SKIP_COUNT=0 +FAIL_COUNT=0 + +while IFS= read -r pack_dir; do + [[ -z "${pack_dir}" ]] && continue + + # Compute a relative path for display and filtering + pack_rel="${pack_dir#"${REPO_ROOT_DIR}/"}" + + # Apply language filter if specified + if [[ -n "${LANGUAGE}" ]]; then + if [[ "${pack_rel}" != "languages/${LANGUAGE}/"* ]]; then + SKIP_COUNT=$((SKIP_COUNT + 1)) + continue + fi + fi + + echo "INFO: Running 'codeql pack install' for '${pack_rel}'..." + if run_with_retry 3 10 codeql pack install --no-strict-mode -- "${pack_dir}"; then + INSTALL_COUNT=$((INSTALL_COUNT + 1)) + else + FAIL_COUNT=$((FAIL_COUNT + 1)) + fi +done <<< "${PACK_DIRS}" + +echo "" +echo "=== Installation Summary ===" +echo " Installed: ${INSTALL_COUNT}" +echo " Skipped: ${SKIP_COUNT}" +echo " Failed: ${FAIL_COUNT}" +echo "=============================" + +if [[ "${FAIL_COUNT}" -gt 0 ]]; then + exit 1 +fi