Upgrade CodeQL CLI dependency to v2.25.1 by github-actions[bot] · Pull Request #344 · advanced-security/codeql-sap-js

github-actions · 2026-03-28T01:17:19Z

This PR upgrades the CodeQL CLI version to v2.25.1.

Changes made:

Updated qlt.conf.json (CodeQLCLI, CodeQLStandardLibrary, CodeQLCLIBundle) to 2.25.1
Updated all version-bearing qlpack.yml files to 2.25.1
Upgraded CodeQL pack lock files
Compiled CAP CDS files
CodeQL unit tests passed ✅

To complete the release, merge this PR and then trigger the release workflow
via workflow_dispatch on release.yml with version v2.25.1.

Copilot

Pull request overview

Upgrades the repository’s CodeQL CLI and related CodeQL packs to v2.25.1, updating pack metadata and regenerating dependency lockfiles across the JavaScript frameworks and heuristic models.

Changes:

Bump CodeQL CLI and bundle references to 2.25.1 in qlt.conf.json.
Update CodeQL pack versions and pin external pack dependencies (e.g., codeql/javascript-all, codeql/javascript-queries) to resolved exact versions.
Regenerate codeql-pack.lock.yml files across packs to reflect the upgraded dependency graph.

Reviewed changes

Copilot reviewed 29 out of 29 changed files in this pull request and generated 10 comments.

Show a summary per file

File	Description
scripts/upgrade-packs.sh	Enhances pack-upgrade automation by pinning external dependency versions and excluding `.codeql/` cache directories.
scripts/update-release-version.sh	Improves internal dependency version rewriting to handle additional `qlpack.yml` formats.
qlt.conf.json	Updates CodeQL CLI / standard library / bundle version references to `2.25.1`.
javascript/heuristic-models/tests/qlpack.yml	Bumps test pack version and pins `codeql/javascript-all`.
javascript/heuristic-models/tests/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/heuristic-models/ext/qlpack.yml	Bumps extension pack version and pins `codeql/javascript-all` in `extensionTargets`.
javascript/frameworks/xsjs/test/qlpack.yml	Bumps test pack version and pins `codeql/javascript-all`.
javascript/frameworks/xsjs/test/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/frameworks/xsjs/src/qlpack.yml	Bumps queries pack version and pins `codeql/javascript-all`.
javascript/frameworks/xsjs/src/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/frameworks/xsjs/lib/qlpack.yml	Bumps library pack version and pins `codeql/javascript-all`.
javascript/frameworks/xsjs/lib/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/frameworks/xsjs/ext/qlpack.yml	Bumps models pack version and pins `codeql/javascript-all` in `extensionTargets`.
javascript/frameworks/ui5/test/qlpack.yml	Bumps test pack version and pins `codeql/javascript-all` / `codeql/javascript-queries`.
javascript/frameworks/ui5/test/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/frameworks/ui5/src/qlpack.yml	Bumps queries pack version and pins `codeql/javascript-all`.
javascript/frameworks/ui5/src/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/frameworks/ui5/lib/qlpack.yml	Bumps library pack version and pins `codeql/javascript-all`.
javascript/frameworks/ui5/lib/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/frameworks/ui5/ext/qlpack.yml	Bumps models pack version and pins `codeql/javascript-all` in `extensionTargets`.
javascript/frameworks/ui5-webcomponents/test/qlpack.yml	Bumps test pack version and pins `codeql/javascript-all`.
javascript/frameworks/ui5-webcomponents/test/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/frameworks/cap/test/qlpack.yml	Bumps test pack version and pins `codeql/javascript-all`.
javascript/frameworks/cap/test/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/frameworks/cap/src/qlpack.yml	Bumps queries pack version and pins `codeql/javascript-all`.
javascript/frameworks/cap/src/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/frameworks/cap/lib/qlpack.yml	Bumps library pack version and pins `codeql/javascript-all`.
javascript/frameworks/cap/lib/codeql-pack.lock.yml	Updates resolved external dependency versions in lockfile.
javascript/frameworks/cap/ext/qlpack.yml	Bumps models pack version and pins `codeql/javascript-all` in `extensionTargets`.

Comments suppressed due to low confidence (1)

javascript/frameworks/xsjs/test/qlpack.yml:10

This test pack is versioned 2.25.1 but its internal dependencies still reference 2.25.0 (xsjs-queries/xsjs-all/xsjs-models). Update these internal dependency versions to 2.25.1 (or an intended compatible range) to prevent tests from resolving older internal packs.

dependencies:
  codeql/javascript-all: "2.6.26"
  advanced-security/javascript-sap-xsjs-queries: "2.25.0"
  advanced-security/javascript-sap-xsjs-all: "2.25.0"
  advanced-security/javascript-sap-xsjs-models: "2.25.0"

Copilot

Pull request overview

Copilot reviewed 30 out of 30 changed files in this pull request and generated 3 comments.

data-douser · 2026-03-29T16:52:14Z

@copilot apply changes based on the comments in this thread

Copilot · 2026-03-29T16:54:04Z

@copilot apply changes based on the comments in this thread

Applied all three changes from the review thread in commit 3d4c5f7:

scripts/upgrade-packs.sh: Replaced -not -path "*/.codeql/*" with -path '*/.codeql' -prune -o so find no longer traverses into .codeql directories.
scripts/install-packs.sh: Same -prune optimization applied.
scripts/update-release-version.sh: Updated the header comment on line 27 from (e.g., ^X.Y.Z constraints) to (exact X.Y.Z versions) to accurately reflect what update_internal_deps actually handles.

Copilot

Pull request overview

Copilot reviewed 30 out of 30 changed files in this pull request and generated 3 comments.

data-douser · 2026-03-29T22:53:55Z

@copilot apply changes based on the comments in this thread

Copilot · 2026-03-29T22:56:09Z

@copilot apply changes based on the comments in this thread

Applied all three changes from the review thread in commit 5c58461:

scripts/upgrade-packs.sh:127-145: Added trap 'rm -rf "${tmp_dir}"' RETURN immediately after mktemp -d, and cleared it with trap - RETURN after the explicit cleanup, ensuring the temp dir is removed even if codeql pack upgrade fails.
javascript/frameworks/ui5/test/qlpack.yml:7-8: Updated the stale comment from "allow any version >= 1.2.0" to reflect that the dependency is now pinned to a specific version for consistent and reproducible test results.
scripts/upgrade-packs.sh:160-165: Added escaping of dep_name and dep_old_value for safe use in sed search patterns, preventing mismatches or unintended substitutions when values contain regex metacharacters (e.g., ., *, /).

Copilot

Pull request overview

Copilot reviewed 30 out of 30 changed files in this pull request and generated 3 comments.

data-douser closed this Mar 28, 2026

data-douser reopened this Mar 28, 2026

data-douser requested a review from Copilot March 28, 2026 03:06

Copilot started reviewing on behalf of data-douser March 28, 2026 03:06 View session

Copilot AI reviewed Mar 28, 2026

View reviewed changes

github-actions bot force-pushed the codeql/upgrade-to-v2.25.1 branch from badac39 to 69cf799 Compare March 29, 2026 01:25

data-douser requested a review from Copilot March 29, 2026 16:36

Copilot started reviewing on behalf of data-douser March 29, 2026 16:36 View session

Copilot AI reviewed Mar 29, 2026

View reviewed changes

Comment thread scripts/upgrade-packs.sh Outdated

Comment thread scripts/install-packs.sh Outdated

Comment thread scripts/update-release-version.sh Outdated

Copilot started work on behalf of data-douser March 29, 2026 16:52 View session

Copilot finished work on behalf of data-douser March 29, 2026 16:55

Copilot AI requested a review from data-douser March 29, 2026 16:55

data-douser closed this Mar 29, 2026

data-douser reopened this Mar 29, 2026

data-douser requested a review from Copilot March 29, 2026 22:48

Copilot started reviewing on behalf of data-douser March 29, 2026 22:49 View session

Copilot AI reviewed Mar 29, 2026

View reviewed changes

Comment thread scripts/upgrade-packs.sh Outdated

Comment thread javascript/frameworks/ui5/test/qlpack.yml

Comment thread scripts/upgrade-packs.sh Outdated

Copilot started work on behalf of data-douser March 29, 2026 22:54 View session

Copilot finished work on behalf of data-douser March 29, 2026 22:56

data-douser closed this Mar 29, 2026

data-douser reopened this Mar 29, 2026

data-douser requested a review from Copilot March 29, 2026 22:58

Copilot started reviewing on behalf of data-douser March 29, 2026 22:59 View session

data-douser requested review from hohn, knewbury01 and mbaluda March 29, 2026 23:02

data-douser self-assigned this Mar 29, 2026

data-douser added enhancement New feature or request dependencies Pull requests that update a dependency file labels Mar 29, 2026

Copilot AI reviewed Mar 29, 2026

View reviewed changes

Comment thread scripts/upgrade-packs.sh Outdated

Comment thread scripts/upgrade-packs.sh Outdated

Comment thread scripts/upgrade-packs.sh Outdated

data-douser added the bug Something isn't working label Mar 29, 2026

Copilot started work on behalf of data-douser March 29, 2026 23:05 View session

Copilot finished work on behalf of data-douser March 29, 2026 23:10

Upgrade CodeQL CLI dependency to v2.25.1

63d0849

github-actions bot force-pushed the codeql/upgrade-to-v2.25.1 branch from 64f2097 to 63d0849 Compare March 30, 2026 01:25

Merge branch 'main' into codeql/upgrade-to-v2.25.1

28c42db

data-douser approved these changes Mar 30, 2026

View reviewed changes

data-douser merged commit 4c21292 into main Mar 30, 2026
17 checks passed

data-douser deleted the codeql/upgrade-to-v2.25.1 branch March 30, 2026 16:32

Conversation

github-actions bot commented Mar 28, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

data-douser commented Mar 29, 2026

Uh oh!

Copilot AI commented Mar 29, 2026

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

data-douser commented Mar 29, 2026

Uh oh!

Copilot AI commented Mar 29, 2026

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

github-actions bot commented Mar 28, 2026 •

edited

Loading