github
diff --git a/‎.bazelrc‎
Lines changed: 0 additions & 1 deletion b/‎.bazelrc‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎.bazelversion‎
Lines changed: 1 addition & 1 deletion b/‎.bazelversion‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/codeql/codeql-config.yml‎
Lines changed: 2 additions & 0 deletions b/‎.github/codeql/codeql-config.yml‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎.github/labeler.yml‎
Lines changed: 4 additions & 0 deletions b/‎.github/labeler.yml‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎.github/workflows/build-ripunzip.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/build-ripunzip.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/csv-coverage-metrics.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/csv-coverage-metrics.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/csv-coverage-pr-artifacts.yml‎
Lines changed: 5 additions & 5 deletions b/‎.github/workflows/csv-coverage-pr-artifacts.yml‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎.github/workflows/csv-coverage-timeseries.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/csv-coverage-timeseries.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/csv-coverage.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/csv-coverage.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/mad_modelDiff.yml‎
Lines changed: 11 additions & 5 deletions b/‎.github/workflows/mad_modelDiff.yml‎
Lines changed: 11 additions & 5 deletions
@@ -1,5 +1,4 @@
 common --enable_platform_specific_config
-common --enable_bzlmod
 # because we use --override_module with `%workspace%`, the lock file is not stable
 common --lockfile_mode=off
 
 
@@ -1 +1 @@
-5f5d70b6c4d2fb1a889479569107f1692239e8a7
+8.0.0rc1
@@ -9,3 +9,5 @@ paths-ignore:
   - '/python/'
   - '/javascript/ql/test'
   - '/javascript/extractor/tests'
+  - '/rust/ql/test'
+  - '/rust/ql/integration-tests'
@@ -38,6 +38,10 @@ Swift:
   - swift/**/*
   - change-notes/**/*swift*
 
+Actions:
+  - actions/**/*
+  - change-notes/**/*actions*
+
 documentation:
   - "**/*.qhelp"
   - "**/*.md"
 
@@ -17,7 +17,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-20.04, macos-12, windows-2019]
+        os: [ubuntu-20.04, macos-13, windows-2019]
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v4
 
@@ -37,7 +37,7 @@ jobs:
         run: |
           DATABASE="${{ runner.temp }}/java-database"
           codeql database analyze --format=sarif-latest --output=metrics-java.sarif -- "$DATABASE" ./java/ql/src/Metrics/Summaries/FrameworkCoverage.ql
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: metrics-java.sarif
           path: metrics-java.sarif
@@ -64,7 +64,7 @@ jobs:
         run: |
           DATABASE="${{ runner.temp }}/csharp-database"
           codeql database analyze --format=sarif-latest --output=metrics-csharp.sarif -- "$DATABASE" ./csharp/ql/src/Metrics/Summaries/FrameworkCoverage.ql
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
           name: metrics-csharp.sarif
           path: metrics-csharp.sarif
 
@@ -71,21 +71,21 @@ jobs:
         run: |
           python base/misc/scripts/library-coverage/compare-folders.py out_base out_merge comparison.md
       - name: Upload CSV package list
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: csv-framework-coverage-merge
           path: |
             out_merge/framework-coverage-*.csv
             out_merge/framework-coverage-*.rst
       - name: Upload CSV package list
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: csv-framework-coverage-base
           path: |
             out_base/framework-coverage-*.csv
             out_base/framework-coverage-*.rst
       - name: Upload comparison results
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: comparison
           path: |
@@ -97,7 +97,7 @@ jobs:
         env:
           PR_NUMBER: ${{ github.event.pull_request.number }}
       - name: Upload PR number
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: pr
           path: pr/
@@ -117,7 +117,7 @@ jobs:
           GITHUB_TOKEN: ${{ github.token }}
           PR_NUMBER: ${{ github.event.pull_request.number }}
       - name: Upload comment ID (if it exists)
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: comment
           path: comment/
 
@@ -30,7 +30,7 @@ jobs:
         run: |
           python script/misc/scripts/library-coverage/generate-timeseries.py codeqlModels
       - name: Upload timeseries CSV
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: framework-coverage-timeseries
           path: framework-coverage-timeseries-*.csv
@@ -34,12 +34,12 @@ jobs:
         run: |
           python script/misc/scripts/library-coverage/generate-report.py ci codeqlModels script
       - name: Upload CSV package list
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: framework-coverage-csv
           path: framework-coverage-*.csv
       - name: Upload RST package list
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: framework-coverage-rst
           path: framework-coverage-*.rst
@@ -38,14 +38,20 @@ jobs:
           path: codeql-main
           ref: main
       - uses: ./codeql-main/.github/actions/fetch-codeql
+      # compute the shortname of the project that does not contain any special (disk) characters
+      - run: |
+          echo "SHORTNAME=${SLUG//[^a-zA-Z0-9_]/}" >> $GITHUB_OUTPUT
+        env: 
+          SLUG: ${{ matrix.slug }}
+        id: shortname
       - name: Download database
         env:
           SLUG: ${{ matrix.slug }}
           GH_TOKEN: ${{ github.token }}
+          SHORTNAME: ${{ steps.shortname.outputs.SHORTNAME }}
         run: |
           set -x
           mkdir lib-dbs
-          SHORTNAME=${SLUG//[^a-zA-Z0-9_]/}
           gh api -H "Accept: application/zip" "/repos/${SLUG}/code-scanning/codeql/databases/java" > "$SHORTNAME.zip"
           unzip -q -d "${SHORTNAME}-db" "${SHORTNAME}.zip"
           mkdir "lib-dbs/$SHORTNAME/"
@@ -93,14 +99,14 @@ jobs:
             name="diff_${basename/.model.yml/""}"
             (diff -w -u $m $t | diff2html -i stdin -F $MODELS/$name.html) || true
           done
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
-          name: models
+          name: models-${{ steps.shortname.outputs.SHORTNAME }}
           path: tmp-models/**/**/*.model.yml
           retention-days: 20
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
         with:
-          name: diffs
+          name: diffs-${{ steps.shortname.outputs.SHORTNAME }}
           path: tmp-models/*.html
           # An html file is only produced if the generated models differ.
           if-no-files-found: ignore
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,4 @@`
`1`	`1`	`common --enable_platform_specific_config`
`2`		`-common --enable_bzlmod`
`3`	`2`	# because we use --override_module with `%workspace%`, the lock file is not stable
`4`	`3`	`common --lockfile_mode=off`
`5`	`4`
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-5f5d70b6c4d2fb1a889479569107f1692239e8a7`
	`1`	`+8.0.0rc1`