Fix `tools: linked` log message by henrymercer · Pull Request #3139 · github/codeql-action
The CLI version number was wrong.
Risk assessment
For internal use only. Please select the risk level of this change:
- Low risk: Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only.
Merge / deployment checklist
Copilot AI review requested due to automatic review settings
September 23, 2025 12:56Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pull Request Overview
This PR fixes an incorrect CLI version number being displayed in log messages when using tools: linked or tools: latest. The fix involves moving the logging statements to occur after the actual CLI version has been determined from the defaults.
- Move the forceShippedTools logic and logging after CLI version assignment
- Ensure the log message displays the correct version from defaults instead of the parameter value
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| src/setup-codeql.ts | Moved forceShippedTools logic after CLI version assignment to fix log message |
| lib/*.js | Generated JavaScript files reflecting the TypeScript changes |
mbg approved these changes Sep 25, 2025
mbg
left a comment
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Makes sense - a couple of thoughts on what's going on here, but neither is blocking.
| @@ -344,9 +319,33 @@ export async function getCodeQLSource( | |||
| toolsInput = await getNightlyToolsUrl(logger); | |||
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: Not something introduced by this PR, but I am not super keen on this rewriting of toolsInput from an alias to a URL. It makes it harder than necessary to follow what this function does. I think ideally this would be a function resolveToolsAlias that always returns a URL by either resolving the alias or returning the URL unchanged.
Comment on lines +333 to +348
| const forceShippedTools = | ||
| toolsInput && CODEQL_BUNDLE_VERSION_ALIAS.includes(toolsInput); | ||
|
|
||
| if (forceShippedTools) { | ||
| cliVersion = defaults.cliVersion; | ||
| tagName = defaults.bundleVersion; | ||
|
|
||
| logger.info( | ||
| `'tools: ${toolsInput}' was requested, so using CodeQL version ${cliVersion}, the version shipped with the Action.`, | ||
| ); | ||
|
|
||
| if (toolsInput === "latest") { | ||
| logger.warning( | ||
| "`tools: latest` has been renamed to `tools: linked`, but the old name is still supported. No action is required.", | ||
| ); | ||
| } |
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As discussed elsewhere, it was confusing for review purposes that this moved down here, which is because cliVersion was already defined here. I'd probably change this back and reference defaults.cliVersion in the log message, or import them differently. No strong feelings about this though.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters