Re: [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3

Fri, 17 May 2024 17:11:10 -0700 

Approved. I agree there is no impact to FW.

Mike

> -----Original Message-----
> From: Michael Kubacki <[email protected]>
> Sent: Friday, May 17, 2024 4:28 PM
> To: Kinney, Michael D <[email protected]>; [email protected];
> Andrew Fish <[email protected]>; Leif Lindholm <[email protected]>;
> Liming Gao <[email protected]>
> Cc: Feng, Bob C <[email protected]>; Joey Vagedes
> <[email protected]>; Rebecca Cran <[email protected]>; Sean Brogan
> <[email protected]>; Chen, Christine <[email protected]>
> Subject: Re: [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3
> 
> Forgot about the hard freeze.
> 
> Added remaining stewards to consider merging this. It has no impact on
> firmware but is needed to unblock an immediate issue in CI where the
> CodeQL queries being fetched are newer and incompatible with the CodeQL
> CLI being used.
> 
> As I mentioned in the release notes, I will follow up in the future for
> a change that should be able to lock the CodeQL query versions against
> the CLI version.
> 
> Thanks,
> Michael
> 
> On 5/17/2024 7:20 PM, Michael Kubacki wrote:
> > To ensure CI is unblocked, I am going to add the push tag now.
> >
> > On 5/17/2024 6:31 PM, Michael Kubacki wrote:
> >> Thanks Mike. Are you okay with me completing the PR now?
> >>
> >> On 5/17/2024 5:31 PM, Kinney, Michael D wrote:
> >>> Reviewed-by: Michael D Kinney <[email protected]>
> >>>
> >>>> -----Original Message-----
> >>>> From: [email protected] <[email protected]>
> >>>> Sent: Friday, May 17, 2024 2:09 PM
> >>>> To: [email protected]
> >>>> Cc: Feng, Bob C <[email protected]>; Joey Vagedes
> >>>> <[email protected]>; Liming Gao <[email protected]>;
> >>>> Kinney,
> >>>> Michael D <[email protected]>; Rebecca Cran
> >>>> <[email protected]>;
> >>>> Sean Brogan <[email protected]>; Chen, Christine
> >>>> <[email protected]>
> >>>> Subject: [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3
> >>>>
> >>>> From: Michael Kubacki <[email protected]>
> >>>>
> >>>> This fixes an issue where the CodeQL queries currently fetched in the
> >>>> pipeline are incompatible with the current executable used.
> >>>>
> >>>> Update to pick up functional and security fixes. See the following
> >>>> comparison for detailed differences:
> >>>>
> >>>> https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.3
> >>>>
> >>>> Cc: Bob Feng <[email protected]>
> >>>> Cc: Joey Vagedes <[email protected]>
> >>>> Cc: Liming Gao <[email protected]>
> >>>> Cc: Michael D Kinney <[email protected]>
> >>>> Cc: Rebecca Cran <[email protected]>
> >>>> Cc: Sean Brogan <[email protected]>
> >>>> Cc: Yuwei Chen <[email protected]>
> >>>> Signed-off-by: Michael Kubacki <[email protected]>
> >>>> ---
> >>>>
> >>>> Notes:
> >>>>      This change fixes an immediate compatibility issue between
> >>>>      the latest queries being pulled and the CodeQL CLI being
> >>>>      used.
> >>>>
> >>>>      A follow up change will attempt to lock queries against a
> >>>>      compatibile version to prevent queries from pulling ahead
> >>>>      to incompatible versions in the future.
> >>>>
> >>>>      ---
> >>>>
> >>>>      This change was tested in edk2 CI:
> >>>>
> >>>>      https://github.com/tianocore/edk2/pull/5667
> >>>>
> >>>>   BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml         | 6 +++---
> >>>>   BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml   | 6 +++---
> >>>>   BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml | 6 +++---
> >>>>   3 files changed, 9 insertions(+), 9 deletions(-)
> >>>>
> >>>> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
> >>>> b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
> >>>> index 5ec56c6bf06f..dbc9c2ba0290 100644
> >>>> --- a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
> >>>> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
> >>>> @@ -16,9 +16,9 @@
> >>>>     "scope": "codeql-ext-dep",
> >>>>     "type": "web",
> >>>>     "name": "codeql_cli",
> >>>> -  "source": "https://github.com/github/codeql-cli-
> >>>> binaries/releases/download/v2.16.1/codeql.zip",
> >>>> -  "version": "2.16.1",
> >>>> -  "sha256":
> >>>> "86a98f6ebb8fd49efadf367f3275c438669fcb8426962c33415129aad8e093e6",
> >>>> +  "source": "https://github.com/github/codeql-cli-
> >>>> binaries/releases/download/v2.17.3/codeql.zip",
> >>>> +  "version": "2.17.3",
> >>>> +  "sha256":
> >>>> "e5ac1d87ab38e405c9af5db234a338b10dffabc98a648903f1664dd2a566dfd5",
> >>>>     "compression_type": "zip",
> >>>>     "internal_path": "/codeql/",
> >>>>     "flags": ["set_shell_var", ],
> >>>> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
> >>>> b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
> >>>> index 5b4a919f1de4..536322f2b331 100644
> >>>> --- a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
> >>>> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
> >>>> @@ -14,9 +14,9 @@
> >>>>     "scope": "codeql-linux-ext-dep",
> >>>>     "type": "web",
> >>>>     "name": "codeql_linux_cli",
> >>>> -  "source": "https://github.com/github/codeql-cli-
> >>>> binaries/releases/download/v2.16.1/codeql-linux64.zip",
> >>>> -  "version": "2.16.1",
> >>>> -  "sha256":
> >>>> "40dbb6c0c4064bd14601a02e60c61661fdc0271469f90eb91a2e7d51d4cbc171",
> >>>> +  "source": "https://github.com/github/codeql-cli-
> >>>> binaries/releases/download/v2.17.3/codeql-linux64.zip",
> >>>> +  "version": "2.17.3",
> >>>> +  "sha256":
> >>>> "9fba000c4b821534d354bc16821aa066fdb1304446226ea449870e64a8ad3c7a",
> >>>>     "compression_type": "zip",
> >>>>     "internal_path": "/codeql/",
> >>>>     "flags": ["set_shell_var", ],
> >>>> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
> >>>> b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
> >>>> index c0c018c9538f..93a81ffd5020 100644
> >>>> --- a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
> >>>> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
> >>>> @@ -14,9 +14,9 @@
> >>>>     "scope": "codeql-windows-ext-dep",
> >>>>     "type": "web",
> >>>>     "name": "codeql_windows_cli",
> >>>> -  "source": "https://github.com/github/codeql-cli-
> >>>> binaries/releases/download/v2.16.1/codeql-win64.zip",
> >>>> -  "version": "2.16.1",
> >>>> -  "sha256":
> >>>> "9ebe5ea8a7d0a77425428d50d49912319117fccee24ecb62f6219c12584f4f28",
> >>>> +  "source": "https://github.com/github/codeql-cli-
> >>>> binaries/releases/download/v2.17.3/codeql-win64.zip",
> >>>> +  "version": "2.17.3",
> >>>> +  "sha256":
> >>>> "4c6fbf2ea2eaf0f47bf0347eacf54c6b9d6bdf7acb6b63e17f9e6f2dd83b34e7",
> >>>>     "compression_type": "zip",
> >>>>     "internal_path": "/codeql/",
> >>>>     "flags": ["set_shell_var", ],
> >>>> --
> >>>> 2.45.1.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119064): https://edk2.groups.io/g/devel/message/119064
Mute This Topic: https://groups.io/mt/106161774/21656
Group Owner: [email protected]
Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to