github · Feb 23, 2024
diff --git a/‎.github/workflows/__go-tracing-autobuilder.yml
+4-1 b/‎.github/workflows/__go-tracing-autobuilder.yml
+4-1
diff --git a/‎.github/workflows/__go-tracing-custom-build-steps.yml
+4-1 b/‎.github/workflows/__go-tracing-custom-build-steps.yml
+4-1
diff --git a/‎.github/workflows/__go-tracing-legacy-workflow.yml
+4-1 b/‎.github/workflows/__go-tracing-legacy-workflow.yml
+4-1
diff --git a/‎CHANGELOG.md
+4 b/‎CHANGELOG.md
+4
diff --git a/‎lib/analyze.js
+5 b/‎lib/analyze.js
+5
diff --git a/‎lib/analyze.js.map
+1-1 b/‎lib/analyze.js.map
+1-1
diff --git a/‎lib/autobuild.js
+2-1 b/‎lib/autobuild.js
+2-1
diff --git a/‎lib/autobuild.js.map
+1-1 b/‎lib/autobuild.js.map
+1-1
diff --git a/‎lib/defaults.json
+4-4 b/‎lib/defaults.json
+4-4
diff --git a/‎node_modules/.package-lock.json
+1-1 b/‎node_modules/.package-lock.json
+1-1
diff --git a/‎package-lock.json
+2-2 b/‎package-lock.json
+2-2
diff --git a/‎package.json
+1-1 b/‎package.json
+1-1
diff --git a/‎pr-checks/checks/go-tracing-autobuilder.yml
+4-1 b/‎pr-checks/checks/go-tracing-autobuilder.yml
+4-1
diff --git a/‎pr-checks/checks/go-tracing-custom-build-steps.yml
+4-1 b/‎pr-checks/checks/go-tracing-custom-build-steps.yml
+4-1
diff --git a/‎pr-checks/checks/go-tracing-legacy-workflow.yml
+4-1 b/‎pr-checks/checks/go-tracing-legacy-workflow.yml
+4-1
diff --git a/‎src/analyze.ts
+7 b/‎src/analyze.ts
+7
diff --git a/‎src/autobuild.ts
+1-1 b/‎src/autobuild.ts
+1-1
diff --git a/‎src/defaults.json
+4-4 b/‎src/defaults.json
+4-4
@@ -4,6 +4,10 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
 
 Note that the only difference between `v2` and `v3` of the CodeQL Action is the node version they support, with `v3` running on node 20 while we continue to release `v2` to support running on node 16. For example `3.22.11` was the first `v3` release and is functionally identical to `2.22.11`. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.
 
+## 2.24.5 - 23 Feb 2024
+
+- Update default CodeQL bundle version to 2.16.3. [#2156](https://github.com/github/codeql-action/pull/2156)
+
 ## 2.24.4 - 21 Feb 2024
 
 - Fix an issue where an existing, but empty, `/sys/fs/cgroup/cpuset.cpus` file always resulted in a single-threaded run. [#2151](https://github.com/github/codeql-action/pull/2151)
 
@@ -1,6 +1,6 @@
 {
-    "bundleVersion": "codeql-bundle-v2.16.2",
-    "cliVersion": "2.16.2",
-    "priorBundleVersion": "codeql-bundle-v2.16.1",
-    "priorCliVersion": "2.16.1"
+    "bundleVersion": "codeql-bundle-v2.16.3",
+    "cliVersion": "2.16.3",
+    "priorBundleVersion": "codeql-bundle-v2.16.2",
+    "priorCliVersion": "2.16.2"
 }
@@ -1,6 +1,6 @@
 {
   "name": "codeql",
-  "version": "2.24.4",
+  "version": "2.24.5",
   "private": true,
   "description": "CodeQL action",
   "scripts": {
 
@@ -6,7 +6,10 @@ env:
 steps:
   - uses: actions/setup-go@v5
     with:
-      go-version: "~1.21.1"
+      go-version: "~1.22.0"
+      # to avoid potentially misleading autobuilder results where we expect it to download
+      # dependencies successfully, but they actually come from a warm cache
+      cache: false
   - uses: ./../action/init
     with:
       languages: go
 
@@ -4,7 +4,10 @@ operatingSystems: ["ubuntu", "macos"]
 steps:
   - uses: actions/setup-go@v5
     with:
-      go-version: "~1.21.1"
+      go-version: "~1.22.0"
+      # to avoid potentially misleading autobuilder results where we expect it to download
+      # dependencies successfully, but they actually come from a warm cache
+      cache: false
   - uses: ./../action/init
     with:
       languages: go
 
@@ -6,7 +6,10 @@ env:
 steps:
   - uses: actions/setup-go@v5
     with:
-      go-version: "~1.21.1"
+      go-version: "~1.22.0"
+      # to avoid potentially misleading autobuilder results where we expect it to download
+      # dependencies successfully, but they actually come from a warm cache
+      cache: false
   - uses: ./../action/init
     with:
       languages: go
 
@@ -7,6 +7,7 @@ import { safeWhich } from "@chrisgavin/safe-which";
 import del from "del";
 import * as yaml from "js-yaml";
 
+import { setupCppAutobuild } from "./autobuild";
 import {
   CODEQL_VERSION_ANALYSIS_SUMMARY_V2,
   CodeQL,
@@ -191,6 +192,12 @@ export async function runExtraction(
         config.buildMode &&
         (await codeql.supportsFeature(ToolsFeature.TraceCommandUseBuildMode))
       ) {
+        if (
+          language === Language.cpp &&
+          config.buildMode === BuildMode.Autobuild
+        ) {
+          await setupCppAutobuild(codeql, logger);
+        }
         await codeql.extractUsingBuildMode(config, language);
       } else {
         await codeql.extractScannedLanguage(config, language);
 
@@ -111,7 +111,7 @@ export async function determineAutobuildLanguages(
   return languages;
 }
 
-async function setupCppAutobuild(codeql: CodeQL, logger: Logger) {
+export async function setupCppAutobuild(codeql: CodeQL, logger: Logger) {
   const envVar = featureConfig[Feature.CppDependencyInstallation].envVar;
   const featureName = "C++ automatic installation of dependencies";
   const envDoc =
 
@@ -1,6 +1,6 @@
 {
-  "bundleVersion": "codeql-bundle-v2.16.2",
-  "cliVersion": "2.16.2",
-  "priorBundleVersion": "codeql-bundle-v2.16.1",
-  "priorCliVersion": "2.16.1"
+  "bundleVersion": "codeql-bundle-v2.16.3",
+  "cliVersion": "2.16.3",
+  "priorBundleVersion": "codeql-bundle-v2.16.2",
+  "priorCliVersion": "2.16.2"
 }
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`		`- "bundleVersion": "codeql-bundle-v2.16.2",`
`3`		`- "cliVersion": "2.16.2",`
`4`		`- "priorBundleVersion": "codeql-bundle-v2.16.1",`
`5`		`- "priorCliVersion": "2.16.1"`
	`2`	`+ "bundleVersion": "codeql-bundle-v2.16.3",`
	`3`	`+ "cliVersion": "2.16.3",`
	`4`	`+ "priorBundleVersion": "codeql-bundle-v2.16.2",`
	`5`	`+ "priorCliVersion": "2.16.2"`
`6`	`6`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "codeql",`
`3`		`- "version": "2.24.4",`
	`3`	`+ "version": "2.24.5",`
`4`	`4`	`"private": true,`
`5`	`5`	`"description": "CodeQL action",`
`6`	`6`	`"scripts": {`
Original file line number	Diff line number	Diff line change
`@@ -111,7 +111,7 @@ export async function determineAutobuildLanguages(`
`111`	`111`	`return languages;`
`112`	`112`	`}`
`113`	`113`
`114`		`-async function setupCppAutobuild(codeql: CodeQL, logger: Logger) {`
	`114`	`+export async function setupCppAutobuild(codeql: CodeQL, logger: Logger) {`
`115`	`115`	`const envVar = featureConfig[Feature.CppDependencyInstallation].envVar;`
`116`	`116`	`const featureName = "C++ automatic installation of dependencies";`
`117`	`117`	`const envDoc =`