From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>,
Andrew Fish <afish@apple.com>,
Leif Lindholm <quic_llindhol@quicinc.com>,
Liming Gao <gaoliming@byosoft.com.cn>
Cc: "Feng, Bob C" <bob.c.feng@intel.com>,
Joey Vagedes <joey.vagedes@gmail.com>,
Rebecca Cran <rebecca@bsdio.com>,
Sean Brogan <sean.brogan@microsoft.com>,
"Chen, Christine" <yuwei.chen@intel.com>
Subject: Re: [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3
Date: Fri, 17 May 2024 19:27:53 -0400 [thread overview]
Message-ID: <d162a1b0-d1e2-43ab-88cc-a8142506c8bf@linux.microsoft.com> (raw)
In-Reply-To: <78674f4f-0923-4117-bfa8-61953930c4cf@linux.microsoft.com>
Forgot about the hard freeze.
Added remaining stewards to consider merging this. It has no impact on
firmware but is needed to unblock an immediate issue in CI where the
CodeQL queries being fetched are newer and incompatible with the CodeQL
CLI being used.
As I mentioned in the release notes, I will follow up in the future for
a change that should be able to lock the CodeQL query versions against
the CLI version.
Thanks,
Michael
On 5/17/2024 7:20 PM, Michael Kubacki wrote:
> To ensure CI is unblocked, I am going to add the push tag now.
>
> On 5/17/2024 6:31 PM, Michael Kubacki wrote:
>> Thanks Mike. Are you okay with me completing the PR now?
>>
>> On 5/17/2024 5:31 PM, Kinney, Michael D wrote:
>>> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
>>>
>>>> -----Original Message-----
>>>> From: mikuback@linux.microsoft.com <mikuback@linux.microsoft.com>
>>>> Sent: Friday, May 17, 2024 2:09 PM
>>>> To: devel@edk2.groups.io
>>>> Cc: Feng, Bob C <bob.c.feng@intel.com>; Joey Vagedes
>>>> <joey.vagedes@gmail.com>; Liming Gao <gaoliming@byosoft.com.cn>;
>>>> Kinney,
>>>> Michael D <michael.d.kinney@intel.com>; Rebecca Cran
>>>> <rebecca@bsdio.com>;
>>>> Sean Brogan <sean.brogan@microsoft.com>; Chen, Christine
>>>> <yuwei.chen@intel.com>
>>>> Subject: [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3
>>>>
>>>> From: Michael Kubacki <michael.kubacki@microsoft.com>
>>>>
>>>> This fixes an issue where the CodeQL queries currently fetched in the
>>>> pipeline are incompatible with the current executable used.
>>>>
>>>> Update to pick up functional and security fixes. See the following
>>>> comparison for detailed differences:
>>>>
>>>> https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.3
>>>>
>>>> Cc: Bob Feng <bob.c.feng@intel.com>
>>>> Cc: Joey Vagedes <joey.vagedes@gmail.com>
>>>> Cc: Liming Gao <gaoliming@byosoft.com.cn>
>>>> Cc: Michael D Kinney <michael.d.kinney@intel.com>
>>>> Cc: Rebecca Cran <rebecca@bsdio.com>
>>>> Cc: Sean Brogan <sean.brogan@microsoft.com>
>>>> Cc: Yuwei Chen <yuwei.chen@intel.com>
>>>> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
>>>> ---
>>>>
>>>> Notes:
>>>> This change fixes an immediate compatibility issue between
>>>> the latest queries being pulled and the CodeQL CLI being
>>>> used.
>>>>
>>>> A follow up change will attempt to lock queries against a
>>>> compatibile version to prevent queries from pulling ahead
>>>> to incompatible versions in the future.
>>>>
>>>> ---
>>>>
>>>> This change was tested in edk2 CI:
>>>>
>>>> https://github.com/tianocore/edk2/pull/5667
>>>>
>>>> BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml | 6 +++---
>>>> BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml | 6 +++---
>>>> BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml | 6 +++---
>>>> 3 files changed, 9 insertions(+), 9 deletions(-)
>>>>
>>>> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
>>>> b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
>>>> index 5ec56c6bf06f..dbc9c2ba0290 100644
>>>> --- a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
>>>> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml
>>>> @@ -16,9 +16,9 @@
>>>> "scope": "codeql-ext-dep",
>>>> "type": "web",
>>>> "name": "codeql_cli",
>>>> - "source": "https://github.com/github/codeql-cli-
>>>> binaries/releases/download/v2.16.1/codeql.zip",
>>>> - "version": "2.16.1",
>>>> - "sha256":
>>>> "86a98f6ebb8fd49efadf367f3275c438669fcb8426962c33415129aad8e093e6",
>>>> + "source": "https://github.com/github/codeql-cli-
>>>> binaries/releases/download/v2.17.3/codeql.zip",
>>>> + "version": "2.17.3",
>>>> + "sha256":
>>>> "e5ac1d87ab38e405c9af5db234a338b10dffabc98a648903f1664dd2a566dfd5",
>>>> "compression_type": "zip",
>>>> "internal_path": "/codeql/",
>>>> "flags": ["set_shell_var", ],
>>>> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
>>>> b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
>>>> index 5b4a919f1de4..536322f2b331 100644
>>>> --- a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
>>>> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml
>>>> @@ -14,9 +14,9 @@
>>>> "scope": "codeql-linux-ext-dep",
>>>> "type": "web",
>>>> "name": "codeql_linux_cli",
>>>> - "source": "https://github.com/github/codeql-cli-
>>>> binaries/releases/download/v2.16.1/codeql-linux64.zip",
>>>> - "version": "2.16.1",
>>>> - "sha256":
>>>> "40dbb6c0c4064bd14601a02e60c61661fdc0271469f90eb91a2e7d51d4cbc171",
>>>> + "source": "https://github.com/github/codeql-cli-
>>>> binaries/releases/download/v2.17.3/codeql-linux64.zip",
>>>> + "version": "2.17.3",
>>>> + "sha256":
>>>> "9fba000c4b821534d354bc16821aa066fdb1304446226ea449870e64a8ad3c7a",
>>>> "compression_type": "zip",
>>>> "internal_path": "/codeql/",
>>>> "flags": ["set_shell_var", ],
>>>> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
>>>> b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
>>>> index c0c018c9538f..93a81ffd5020 100644
>>>> --- a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
>>>> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml
>>>> @@ -14,9 +14,9 @@
>>>> "scope": "codeql-windows-ext-dep",
>>>> "type": "web",
>>>> "name": "codeql_windows_cli",
>>>> - "source": "https://github.com/github/codeql-cli-
>>>> binaries/releases/download/v2.16.1/codeql-win64.zip",
>>>> - "version": "2.16.1",
>>>> - "sha256":
>>>> "9ebe5ea8a7d0a77425428d50d49912319117fccee24ecb62f6219c12584f4f28",
>>>> + "source": "https://github.com/github/codeql-cli-
>>>> binaries/releases/download/v2.17.3/codeql-win64.zip",
>>>> + "version": "2.17.3",
>>>> + "sha256":
>>>> "4c6fbf2ea2eaf0f47bf0347eacf54c6b9d6bdf7acb6b63e17f9e6f2dd83b34e7",
>>>> "compression_type": "zip",
>>>> "internal_path": "/codeql/",
>>>> "flags": ["set_shell_var", ],
>>>> --
>>>> 2.45.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119063): https://edk2.groups.io/g/devel/message/119063
Mute This Topic: https://groups.io/mt/106161774/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2024-05-17 23:27 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-17 21:09 [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3 Michael Kubacki
2024-05-17 21:31 ` Michael D Kinney
2024-05-17 22:06 ` Joey Vagedes via groups.io
2024-05-17 22:31 ` Michael Kubacki
2024-05-17 23:20 ` Michael Kubacki
2024-05-17 23:27 ` Michael Kubacki [this message]
2024-05-18 0:10 ` Michael D Kinney
2024-05-21 1:40 ` Michael Kubacki
2024-05-21 2:24 ` Michael D Kinney
2024-06-03 12:17 ` Michael Kubacki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d162a1b0-d1e2-43ab-88cc-a8142506c8bf@linux.microsoft.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox