-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
go 1.21 support #13992
Comments
Thanks for reporting. Are you using Go 1.21 in your workflow? You can use https://github.com/actions/setup-go to select the right go version. |
Hi @vadimi-ep! Those errors are expected with the current CodeQL release and shouldn't get in the way of your analysis. They will go away in the next CodeQL release. See #13867 (comment) for my answer to an earlier question about this. |
yes, go 1.21 is used through setup-go action. @mbg thanks for this |
go-extractor fails with:
But Go 1.21 allows directives like
|
@AlekSi that should not be happening with the latest releases of CodeQL. Can you confirm which version of the CodeQL CLI you are using and that you have Go 1.21 installed on the machine that you are running this on? See e.g. github/codeql-action#1842 |
I don't have any configuration for CodeQL other than a settings toggle. The output is here: https://github.com/FerretDB/FerretDB/actions/runs/6120237173/job/16611693348 edit: the output is here: https://github.com/FerretDB/FerretDB/actions/runs/6111733513/job/16587623673. The previous URL shows a different 1.21-related problem |
Ah thank you for that extra information @AlekSi! It seems that some changes I was expecting to be in CodeQL |
@jon-whit New CLI releases aren't immediately used by the CodeQL Action. There's always a short delay between the CLI release and it becoming the default used by the Action. Assuming that your question relates to the |
@jon-whit CodeQL Action workflows across GitHub should start using the new CodeQL CLI over the next 24-48 hours (the clock begins once a new CLI version is released) |
the /x/tools package is still out of date, preventing the go analysis tools from loading correctly for me. I think this might help: |
@taigrr thanks for opening that PR, I will have a look at it. However, I don't think your problem is caused by an out-of-date version of |
That fix definitely helped, as I would expect. I was under the impression the |
@taigrr No problem, it makes sense that you would have jumped to that conclusion based on your experience with the LSP! We had already upgraded I am aware of one issue we had with the new version format recently, but that got patched as well, and would have manifested differently. |
Signed-off-by: Cattī Crūdēlēs <[email protected]>
* feature(ci): Create codeql.yml * fix go version github/codeql#13992 Signed-off-by: Cattī Crūdēlēs <[email protected]> --------- Signed-off-by: Cattī Crūdēlēs <[email protected]>
…t` (#786) I was having a look at the openssf scorecard score as I've not really dug into that before, and saw it was flagging some unpinned actions. Most of them were about the `osv-scanner` action itself which I don't think can be pinned since the point is to use the latest version for self testing right? but we can pin `actions/download-artifact` and `actions/setup-go` _though_ I'm pretty sure that isn't needed anymore because it was a workaround for github/codeql#13992 and we were just waiting on a new version? either way we'll find out.
I forgot to close this, but Go 1.21 support shipped back in October. |
Hello, we are trying to scan a repo that uses go 1.21, but getting the following error from the codeql autobuild step:
The text was updated successfully, but these errors were encountered: