diff --git a/CHANGELOG.md b/CHANGELOG.md index 78f8b94b4f..5ad77b2e13 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,16 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th No user facing changes. +## 4.32.5 - 02 Mar 2026 + +- Repositories owned by an organization can now set up the `github-codeql-disable-overlay` custom repository property to disable [improved incremental analysis for CodeQL](https://github.com/github/roadmap/issues/1158). First, create a custom repository property with the name `github-codeql-disable-overlay` and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to `true` to disable improved incremental analysis. For more information, see [Managing custom properties for repositories in your organization](https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization). This feature is not yet available on GitHub Enterprise Server. [#3507](https://github.com/github/codeql-action/pull/3507) +- Added an experimental change so that when [improved incremental analysis](https://github.com/github/roadmap/issues/1158) fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. [#3487](https://github.com/github/codeql-action/pull/3487) +- The minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. [#3515](https://github.com/github/codeql-action/pull/3515) +- Reduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. [#3516](https://github.com/github/codeql-action/pull/3516) +- Added an experimental change which lowers the minimum disk space requirement for [improved incremental analysis](https://github.com/github/roadmap/issues/1158), enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. [#3498](https://github.com/github/codeql-action/pull/3498) +- Added an experimental change which allows the `start-proxy` action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. [#3512](https://github.com/github/codeql-action/pull/3512) +- The previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. [#3503](https://github.com/github/codeql-action/pull/3503), [#3504](https://github.com/github/codeql-action/pull/3504) + ## 4.32.4 - 20 Feb 2026 - Update default CodeQL bundle version to [2.24.2](https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2). [#3493](https://github.com/github/codeql-action/pull/3493) diff --git a/lib/analyze-action-post.js b/lib/analyze-action-post.js index aaed462b38..fe9c9e12f0 100644 --- a/lib/analyze-action-post.js +++ b/lib/analyze-action-post.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { diff --git a/lib/analyze-action.js b/lib/analyze-action.js index cf0eef7f64..c3e75dc4a3 100644 --- a/lib/analyze-action.js +++ b/lib/analyze-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { diff --git a/lib/autobuild-action.js b/lib/autobuild-action.js index a5e822b8ea..7164f56248 100644 --- a/lib/autobuild-action.js +++ b/lib/autobuild-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { diff --git a/lib/init-action-post.js b/lib/init-action-post.js index 000e55c0a5..28e39d00a9 100644 --- a/lib/init-action-post.js +++ b/lib/init-action-post.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { @@ -170364,10 +170364,10 @@ async function recordOverlayStatus(codeql, config, features, logger) { overlayStatus, logger ); - const blurb = "This job attempted to run with improved incremental analysis but it did not complete successfully. This may have been due to disk space constraints: using improved incremental analysis can require a significant amount of disk space for some repositories."; + const blurb = "This job attempted to run with improved incremental analysis but it did not complete successfully. One possible reason for this is disk space constraints, since improved incremental analysis can require a significant amount of disk space for some repositories."; if (saved) { logger.error( - `${blurb} This failure has been recorded in the Actions cache, so the next CodeQL analysis will run without improved incremental analysis. If you want to enable improved incremental analysis, increase the disk space available to the runner. If that doesn't help, contact GitHub Support for further assistance.` + `${blurb} This failure has been recorded in the Actions cache, so the next CodeQL analysis will run without improved incremental analysis. If you want to enable improved incremental analysis, try increasing the disk space available to the runner. If that doesn't help, contact GitHub Support for further assistance.` ); } else { logger.error( diff --git a/lib/init-action.js b/lib/init-action.js index bce9e2dfcd..bd2c433d17 100644 --- a/lib/init-action.js +++ b/lib/init-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { @@ -105925,7 +105925,7 @@ async function addOverlayDisablementDiagnostics(config, codeql, overlayDisabledR attributes: { languages: config.languages }, - markdownMessage: `Improved incremental analysis was skipped because it previously failed for this repository with CodeQL version ${(await codeql.getVersion()).version} on a runner with similar hardware resources. Improved incremental analysis may require a significant amount of disk space for some repositories. If you want to enable improved incremental analysis, increase the disk space available to the runner. If that doesn't help, contact GitHub Support for further assistance. + markdownMessage: `Improved incremental analysis was skipped because it previously failed for this repository with CodeQL version ${(await codeql.getVersion()).version} on a runner with similar hardware resources. One possible reason for this is that improved incremental analysis can require a significant amount of disk space for some repositories. If you want to try re-enabling improved incremental analysis, increase the disk space available to the runner. If that doesn't help, contact GitHub Support for further assistance. Improved incremental analysis will be automatically retried when the next version of CodeQL is released. You can also manually trigger a retry by [removing](${"https://docs.github.com/en/actions/how-tos/manage-workflow-runs/manage-caches#deleting-cache-entries" /* DELETE_ACTIONS_CACHE_ENTRIES */}) \`codeql-overlay-status-*\` entries from the Actions cache.`, severity: "note", diff --git a/lib/resolve-environment-action.js b/lib/resolve-environment-action.js index fe419d9104..c02bbb2497 100644 --- a/lib/resolve-environment-action.js +++ b/lib/resolve-environment-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { diff --git a/lib/setup-codeql-action.js b/lib/setup-codeql-action.js index e9a5e8dce8..853b7648ba 100644 --- a/lib/setup-codeql-action.js +++ b/lib/setup-codeql-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action-post.js b/lib/start-proxy-action-post.js index 14fa9fd053..df3ddb4df0 100644 --- a/lib/start-proxy-action-post.js +++ b/lib/start-proxy-action-post.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 13996a08fe..aa65d267a0 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-lib.js b/lib/upload-lib.js index eadfa50638..d8d6b6de0d 100644 --- a/lib/upload-lib.js +++ b/lib/upload-lib.js @@ -47283,7 +47283,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action-post.js b/lib/upload-sarif-action-post.js index 103b279d16..f65dc4fa3e 100644 --- a/lib/upload-sarif-action-post.js +++ b/lib/upload-sarif-action-post.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js index 91ddb60d51..be9f6ffe29 100644 --- a/lib/upload-sarif-action.js +++ b/lib/upload-sarif-action.js @@ -45986,7 +45986,7 @@ var require_package = __commonJS({ "package.json"(exports2, module2) { module2.exports = { name: "codeql", - version: "4.32.5", + version: "4.32.6", private: true, description: "CodeQL action", scripts: { diff --git a/package-lock.json b/package-lock.json index 28411b4d8a..c183be73a1 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "codeql", - "version": "4.32.5", + "version": "4.32.6", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "codeql", - "version": "4.32.5", + "version": "4.32.6", "license": "MIT", "dependencies": { "@actions/artifact": "^5.0.3", diff --git a/package.json b/package.json index a048d52528..e124a97371 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codeql", - "version": "4.32.5", + "version": "4.32.6", "private": true, "description": "CodeQL action", "scripts": { diff --git a/src/init-action-post-helper.ts b/src/init-action-post-helper.ts index 7cbf20d5db..90a4626654 100644 --- a/src/init-action-post-helper.ts +++ b/src/init-action-post-helper.ts @@ -293,7 +293,7 @@ async function recordOverlayStatus( const blurb = "This job attempted to run with improved incremental analysis but it did not complete successfully. " + - "This may have been due to disk space constraints: using improved incremental analysis can " + + "One possible reason for this is disk space constraints, since improved incremental analysis can " + "require a significant amount of disk space for some repositories."; if (saved) { @@ -301,7 +301,7 @@ async function recordOverlayStatus( `${blurb} ` + "This failure has been recorded in the Actions cache, so the next CodeQL analysis will run " + "without improved incremental analysis. If you want to enable improved incremental analysis, " + - "increase the disk space available to the runner. " + + "try increasing the disk space available to the runner. " + "If that doesn't help, contact GitHub Support for further assistance.", ); } else { diff --git a/src/overlay/diagnostics.ts b/src/overlay/diagnostics.ts index ab12668681..abf3c24a76 100644 --- a/src/overlay/diagnostics.ts +++ b/src/overlay/diagnostics.ts @@ -68,8 +68,8 @@ export async function addOverlayDisablementDiagnostics( markdownMessage: `Improved incremental analysis was skipped because it previously failed for this repository ` + `with CodeQL version ${(await codeql.getVersion()).version} on a runner with similar hardware resources. ` + - "Improved incremental analysis may require a significant amount of disk space for some repositories. " + - "If you want to enable improved incremental analysis, increase the disk space available " + + "One possible reason for this is that improved incremental analysis can require a significant amount of disk space for some repositories. " + + "If you want to try re-enabling improved incremental analysis, increase the disk space available " + "to the runner. If that doesn't help, contact GitHub Support for further assistance.\n\n" + "Improved incremental analysis will be automatically retried when the next version of CodeQL is released. " + `You can also manually trigger a retry by [removing](${DocUrl.DELETE_ACTIONS_CACHE_ENTRIES}) \`codeql-overlay-status-*\` entries from the Actions cache.`,