Skip to content

Store all built-in languages#3811

Open
henrymercer wants to merge 2 commits intomainfrom
henrymercer/record-all-builtin-languages
Open

Store all built-in languages#3811
henrymercer wants to merge 2 commits intomainfrom
henrymercer/record-all-builtin-languages

Conversation

@henrymercer
Copy link
Copy Markdown
Contributor

@henrymercer henrymercer commented Apr 10, 2026

While we want the CodeQL Action to work with third-party language support, having a list of all built-in languages can help us create better type-level checks to ensure that we don't miss things that we want to customize for each of our built-in languages.

For example, in the start-proxy Action, we want to make sure each built-in language is associated with a registries config. If we add a new language, we want to be reminded to update that config.

This means that when we add a new language, we will need to update the BuiltInLanguage enum (and potentially other places in the code that exhaustively enumerate BuiltInLanguage for safety reasons). This is a rare event and probably worth it from a safety and correctness perspective.

Commit-by-commit review recommended as we rename KnownLanguage to BuiltInLanguage to reflect the new motivation behind this type.

Risk assessment

For internal use only. Please select the risk level of this change:

  • Low risk: Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only.

Which use cases does this change impact?

Workflow types:

  • Advanced setup - Impacts users who have custom CodeQL workflows.
  • Managed - Impacts users with dynamic workflows (Default Setup, Code Quality, ...).

Products:

  • Code Scanning - The changes impact analyses when analysis-kinds: code-scanning.
  • Code Quality - The changes impact analyses when analysis-kinds: code-quality.
  • Other first-party - The changes impact other first-party analyses.
  • Third-party analyses - The changes affect the upload-sarif action.

Environments:

  • Dotcom - Impacts CodeQL workflows on github.com and/or GitHub Enterprise Cloud with Data Residency.
  • GHES - Impacts CodeQL workflows on GitHub Enterprise Server.

How did/will you validate this change?

  • Unit tests - I am depending on unit test coverage (i.e. tests in .test.ts files).
  • End-to-end tests - I am depending on PR checks (i.e. tests in pr-checks).

If something goes wrong after this change is released, what are the mitigation and rollback strategies?

  • Rollback - Change can only be disabled by rolling back the release or releasing a new version with a fix.

How will you know if something goes wrong after this change is released?

  • Telemetry - I rely on existing telemetry or have made changes to the telemetry.
    • Alerts - New or existing monitors will trip if something goes wrong with this change.

Are there any special considerations for merging or releasing this change?

  • No special considerations - This change can be merged at any time.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Consider adding a changelog entry for this change.
  • Confirm the readme and docs have been updated if necessary.

@henrymercer
Store all built-in languages
bad0a74 
While we want the CodeQL Action to work with third-party language support, having a list of all built-in languages can help us create better type-level checks to ensure that we don't miss things that we want to customize for each of our built-in languages.
@henrymercer
Refactoring: Rename KnownLanguage to BuiltInLanguage
e6c21da
@henrymercer henrymercer requested a review from a team as a code owner April 10, 2026 18:15
Copilot AI review requested due to automatic review settings April 10, 2026 18:15
@github-actions github-actions bot added the size/XL May be very hard to review label Apr 10, 2026
Copilot AI reviewed Apr 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR renames the “known language” concept to “built-in language” and introduces a curated, updateable source of truth for all built-in CodeQL languages (plus aliases) to enable stricter type-level exhaustiveness checks across the Action.

Changes:

  • Replace KnownLanguage with BuiltInLanguage throughout the TypeScript codebase and tests.
  • Add src/languages/builtin.json + parseBuiltInLanguage/isBuiltInLanguage utilities, with unit tests to keep the enum and JSON synchronized.
  • Update the bundle update workflow to regenerate the built-in language list via a new script.
Show a summary per file
File Description
src/trap-caching.test.ts Update tests to use BuiltInLanguage instead of KnownLanguage.
src/tracer-config.test.ts Update tests to use BuiltInLanguage.
src/status-report.test.ts Update tests to use BuiltInLanguage.
src/start-proxy/environment.ts Switch language-specific proxy environment checks to BuiltInLanguage.
src/start-proxy/environment.test.ts Update start-proxy environment tests for BuiltInLanguage.
src/start-proxy.ts Replace KnownLanguage usage with BuiltInLanguage; remove old parseLanguage logic in favor of centralized parsing.
src/start-proxy.test.ts Update tests to use BuiltInLanguage; remove parseLanguage tests (now covered in languages module tests).
src/start-proxy-action.ts Use parseBuiltInLanguage and BuiltInLanguage for the language input.
src/overlay/index.test.ts Update overlay tests to use BuiltInLanguage.
src/languages/index.ts Introduce BuiltInLanguage, isBuiltInLanguage, and parseBuiltInLanguage, backed by builtin.json.
src/languages/index.test.ts Add unit tests for parsing, membership checks, and enum↔JSON synchronization.
src/languages/builtin.json New curated list of built-in languages and aliases.
src/languages.ts Remove the old KnownLanguage/JavaEnvVars definitions (moved to src/languages/index.ts).
src/known-language-aliases.json Remove the old alias JSON (replaced by src/languages/builtin.json).
src/init.ts Update language checks to BuiltInLanguage.
src/init.test.ts Update tests/types to BuiltInLanguage.
src/init-action.ts Update language-specific behavior checks to BuiltInLanguage.
src/dependency-caching.ts Update language-specific feature gating to BuiltInLanguage.
src/dependency-caching.test.ts Update dependency caching tests to BuiltInLanguage.
src/database-upload.test.ts Update database upload tests to BuiltInLanguage.
src/config/db-config.test.ts Update config parsing tests to BuiltInLanguage.
src/config-utils.ts Update supported-language filtering and language-specific logic to BuiltInLanguage.
src/config-utils.test.ts Update config utils tests to BuiltInLanguage.
src/codeql.test.ts Update CodeQL wrapper tests to BuiltInLanguage.
src/autobuild.ts Update autobuild ordering and language checks to BuiltInLanguage.
src/analyze.ts Update status-report typing and extraction conditionals to BuiltInLanguage.
src/analyze.test.ts Update analysis tests to BuiltInLanguage.
src/analyze-action.ts Update Go legacy workflow logic to use BuiltInLanguage.
pr-checks/sync.ts Update PR checks generator typing to BuiltInLanguage.
package.json Extend transpile script to also typecheck workflow scripts tsconfig.
.github/workflows/update-bundle.yml Replace alias-update step with built-in-language regeneration via new script.
.github/workflows/script/update-builtin-languages.ts New script to regenerate src/languages/builtin.json using the CodeQL CLI.
.github/workflows/script/tsconfig.json New tsconfig for typechecking workflow scripts (no emit).
lib/upload-sarif-action.js Generated output update (not reviewed).
lib/upload-sarif-action-post.js Generated output update (not reviewed).
lib/upload-lib.js Generated output update (not reviewed).
lib/start-proxy-action.js Generated output update (not reviewed).
lib/start-proxy-action-post.js Generated output update (not reviewed).
lib/setup-codeql-action.js Generated output update (not reviewed).
lib/resolve-environment-action.js Generated output update (not reviewed).
lib/init-action.js Generated output update (not reviewed).
lib/init-action-post.js Generated output update (not reviewed).
lib/autobuild-action.js Generated output update (not reviewed).
lib/analyze-action.js Generated output update (not reviewed).
lib/analyze-action-post.js Generated output update (not reviewed).

Copilot's findings

  • Files reviewed: 33/45 changed files
  • Comments generated: 1

.github/workflows/script/update-builtin-languages.ts
@@ -0,0 +1,88 @@
#!/usr/bin/env npx tsx
Copy link

Copilot AI Apr 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The shebang #!/usr/bin/env npx tsx is not portable: most env implementations can’t take multiple arguments from a shebang line (without -S), so running this script directly would fail. Either remove the shebang (since the workflow already runs it via npx tsx ...) or switch to an env -S style shebang.

Suggested change
#!/usr/bin/env npx tsx

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

size/XL May be very hard to review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@henrymercer