From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 158D2AC1B90 for ; Fri, 17 May 2024 23:27:57 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=mnda0zHbG78qCwQI0yAyVE3XrEFWBLpXvl9unHeCYmU=; c=relaxed/simple; d=groups.io; h=DKIM-Filter:Message-ID:Date:MIME-Version:User-Agent:Subject:From:To:Cc:References:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1715988476; v=1; b=f0Ao3it6Wvn9WJHgsvSWPn8EBCJfqbpWSGRfi2fc+kYIvsP1uJ1jxdB9uv46r1Agmr32TGbF 8GMpHtWeaS3CdWfHzoMB2vVpCeqovTlC7m2KUvVAYwwqmhNIvmfL7h8vDKqMxrnoHnJewUGkscL hg3QQ6AfkcZsU54z5s2AuvLkMg8VNUKPr3kiPXMw6py7+xeK5rrgyjV72F3Ggi99Cm+Ivu789Vf h36IxQcb0FLkJ39nxvYFwFr/QeEmRkNYcfTYDsYXPdYZlJkjMtLcvz7K05mk0RbsaINrvDU9yBG 4fiy+m8+Sx44Q4p24/5qjwUW/aYWJ2Ab1O3oki+r92d3Q== X-Received: by 127.0.0.2 with SMTP id rGuwYY7687511xriNmuTo08b; Fri, 17 May 2024 16:27:56 -0700 X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by mx.groups.io with SMTP id smtpd.web11.9260.1715988475610552365 for ; Fri, 17 May 2024 16:27:55 -0700 X-Received: from [10.6.0.181] (unknown [20.39.63.1]) by linux.microsoft.com (Postfix) with ESMTPSA id 7FA4920B915A; Fri, 17 May 2024 16:27:54 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 7FA4920B915A Message-ID: Date: Fri, 17 May 2024 19:27:53 -0400 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [edk2-devel] [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3 From: "Michael Kubacki" To: "Kinney, Michael D" , "devel@edk2.groups.io" , Andrew Fish , Leif Lindholm , Liming Gao Cc: "Feng, Bob C" , Joey Vagedes , Rebecca Cran , Sean Brogan , "Chen, Christine" References: <20240517210902.1510-1-mikuback@linux.microsoft.com> <8354dafc-6c4c-4981-9561-bd46f5b6b14d@linux.microsoft.com> <78674f4f-0923-4117-bfa8-61953930c4cf@linux.microsoft.com> In-Reply-To: <78674f4f-0923-4117-bfa8-61953930c4cf@linux.microsoft.com> Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 17 May 2024 16:27:55 -0700 Resent-From: mikuback@linux.microsoft.com Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 600hW9QbDCorfzGFBtlykkeZx7686176AA= Content-Language: en-CA Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=f0Ao3it6; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=linux.microsoft.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io Forgot about the hard freeze. Added remaining stewards to consider merging this. It has no impact on=20 firmware but is needed to unblock an immediate issue in CI where the=20 CodeQL queries being fetched are newer and incompatible with the CodeQL=20 CLI being used. As I mentioned in the release notes, I will follow up in the future for=20 a change that should be able to lock the CodeQL query versions against=20 the CLI version. Thanks, Michael On 5/17/2024 7:20 PM, Michael Kubacki wrote: > To ensure CI is unblocked, I am going to add the push tag now. >=20 > On 5/17/2024 6:31 PM, Michael Kubacki wrote: >> Thanks Mike. Are you okay with me completing the PR now? >> >> On 5/17/2024 5:31 PM, Kinney, Michael D wrote: >>> Reviewed-by: Michael D Kinney >>> >>>> -----Original Message----- >>>> From: mikuback@linux.microsoft.com >>>> Sent: Friday, May 17, 2024 2:09 PM >>>> To: devel@edk2.groups.io >>>> Cc: Feng, Bob C ; Joey Vagedes >>>> ; Liming Gao ;=20 >>>> Kinney, >>>> Michael D ; Rebecca Cran=20 >>>> ; >>>> Sean Brogan ; Chen, Christine >>>> >>>> Subject: [PATCH v1 1/1] CodeQL: Update from 2.16.1 to 2.17.3 >>>> >>>> From: Michael Kubacki >>>> >>>> This fixes an issue where the CodeQL queries currently fetched in the >>>> pipeline are incompatible with the current executable used. >>>> >>>> Update to pick up functional and security fixes. See the following >>>> comparison for detailed differences: >>>> >>>> https://github.com/github/codeql-cli-binaries/compare/v2.16.1...v2.17.= 3 >>>> >>>> Cc: Bob Feng >>>> Cc: Joey Vagedes >>>> Cc: Liming Gao >>>> Cc: Michael D Kinney >>>> Cc: Rebecca Cran >>>> Cc: Sean Brogan >>>> Cc: Yuwei Chen >>>> Signed-off-by: Michael Kubacki >>>> --- >>>> >>>> Notes: >>>> =C2=A0=C2=A0=C2=A0=C2=A0 This change fixes an immediate compatibility = issue between >>>> =C2=A0=C2=A0=C2=A0=C2=A0 the latest queries being pulled and the CodeQ= L CLI being >>>> =C2=A0=C2=A0=C2=A0=C2=A0 used. >>>> >>>> =C2=A0=C2=A0=C2=A0=C2=A0 A follow up change will attempt to lock queri= es against a >>>> =C2=A0=C2=A0=C2=A0=C2=A0 compatibile version to prevent queries from p= ulling ahead >>>> =C2=A0=C2=A0=C2=A0=C2=A0 to incompatible versions in the future. >>>> >>>> =C2=A0=C2=A0=C2=A0=C2=A0 --- >>>> >>>> =C2=A0=C2=A0=C2=A0=C2=A0 This change was tested in edk2 CI: >>>> >>>> =C2=A0=C2=A0=C2=A0=C2=A0 https://github.com/tianocore/edk2/pull/5667 >>>> >>>> =C2=A0 BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 | 6 +++--- >>>> =C2=A0 BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml=C2=A0=C2= =A0 | 6 +++--- >>>> =C2=A0 BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml | 6 +++-= -- >>>> =C2=A0 3 files changed, 9 insertions(+), 9 deletions(-) >>>> >>>> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml >>>> b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml >>>> index 5ec56c6bf06f..dbc9c2ba0290 100644 >>>> --- a/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml >>>> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml >>>> @@ -16,9 +16,9 @@ >>>> =C2=A0=C2=A0=C2=A0 "scope": "codeql-ext-dep", >>>> =C2=A0=C2=A0=C2=A0 "type": "web", >>>> =C2=A0=C2=A0=C2=A0 "name": "codeql_cli", >>>> -=C2=A0 "source": "https://github.com/github/codeql-cli- >>>> binaries/releases/download/v2.16.1/codeql.zip", >>>> -=C2=A0 "version": "2.16.1", >>>> -=C2=A0 "sha256": >>>> "86a98f6ebb8fd49efadf367f3275c438669fcb8426962c33415129aad8e093e6", >>>> +=C2=A0 "source": "https://github.com/github/codeql-cli- >>>> binaries/releases/download/v2.17.3/codeql.zip", >>>> +=C2=A0 "version": "2.17.3", >>>> +=C2=A0 "sha256": >>>> "e5ac1d87ab38e405c9af5db234a338b10dffabc98a648903f1664dd2a566dfd5", >>>> =C2=A0=C2=A0=C2=A0 "compression_type": "zip", >>>> =C2=A0=C2=A0=C2=A0 "internal_path": "/codeql/", >>>> =C2=A0=C2=A0=C2=A0 "flags": ["set_shell_var", ], >>>> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml >>>> b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml >>>> index 5b4a919f1de4..536322f2b331 100644 >>>> --- a/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml >>>> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_linux_ext_dep.yaml >>>> @@ -14,9 +14,9 @@ >>>> =C2=A0=C2=A0=C2=A0 "scope": "codeql-linux-ext-dep", >>>> =C2=A0=C2=A0=C2=A0 "type": "web", >>>> =C2=A0=C2=A0=C2=A0 "name": "codeql_linux_cli", >>>> -=C2=A0 "source": "https://github.com/github/codeql-cli- >>>> binaries/releases/download/v2.16.1/codeql-linux64.zip", >>>> -=C2=A0 "version": "2.16.1", >>>> -=C2=A0 "sha256": >>>> "40dbb6c0c4064bd14601a02e60c61661fdc0271469f90eb91a2e7d51d4cbc171", >>>> +=C2=A0 "source": "https://github.com/github/codeql-cli- >>>> binaries/releases/download/v2.17.3/codeql-linux64.zip", >>>> +=C2=A0 "version": "2.17.3", >>>> +=C2=A0 "sha256": >>>> "9fba000c4b821534d354bc16821aa066fdb1304446226ea449870e64a8ad3c7a", >>>> =C2=A0=C2=A0=C2=A0 "compression_type": "zip", >>>> =C2=A0=C2=A0=C2=A0 "internal_path": "/codeql/", >>>> =C2=A0=C2=A0=C2=A0 "flags": ["set_shell_var", ], >>>> diff --git a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml >>>> b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml >>>> index c0c018c9538f..93a81ffd5020 100644 >>>> --- a/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml >>>> +++ b/BaseTools/Plugin/CodeQL/codeqlcli_windows_ext_dep.yaml >>>> @@ -14,9 +14,9 @@ >>>> =C2=A0=C2=A0=C2=A0 "scope": "codeql-windows-ext-dep", >>>> =C2=A0=C2=A0=C2=A0 "type": "web", >>>> =C2=A0=C2=A0=C2=A0 "name": "codeql_windows_cli", >>>> -=C2=A0 "source": "https://github.com/github/codeql-cli- >>>> binaries/releases/download/v2.16.1/codeql-win64.zip", >>>> -=C2=A0 "version": "2.16.1", >>>> -=C2=A0 "sha256": >>>> "9ebe5ea8a7d0a77425428d50d49912319117fccee24ecb62f6219c12584f4f28", >>>> +=C2=A0 "source": "https://github.com/github/codeql-cli- >>>> binaries/releases/download/v2.17.3/codeql-win64.zip", >>>> +=C2=A0 "version": "2.17.3", >>>> +=C2=A0 "sha256": >>>> "4c6fbf2ea2eaf0f47bf0347eacf54c6b9d6bdf7acb6b63e17f9e6f2dd83b34e7", >>>> =C2=A0=C2=A0=C2=A0 "compression_type": "zip", >>>> =C2=A0=C2=A0=C2=A0 "internal_path": "/codeql/", >>>> =C2=A0=C2=A0=C2=A0 "flags": ["set_shell_var", ], >>>> --=20 >>>> 2.45.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119063): https://edk2.groups.io/g/devel/message/119063 Mute This Topic: https://groups.io/mt/106161774/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-