Skip to content

Python: Disable standard library extraction on GHES#3794

Merged
henrymercer merged 2 commits intomainfrom
henrymercer/cleanup
Apr 1, 2026
Merged

Python: Disable standard library extraction on GHES#3794
henrymercer merged 2 commits intomainfrom
henrymercer/cleanup

Conversation

@henrymercer
Copy link
Copy Markdown
Contributor

@henrymercer henrymercer commented Apr 1, 2026

This has been the CLI default for some time now that Python analysis contains models of the standard library. However due to the default value of the feature flag we have been manually enabling standard library extraction on GHES.

This PR cleans up that feature and removes the override logic.

Risk assessment

For internal use only. Please select the risk level of this change:

  • Low risk: Changes are fully under feature flags, or have been fully tested and validated in pre-production environments and are highly observable, or are documentation or test only.

Which use cases does this change impact?

Workflow types:

  • Advanced setup - Impacts users who have custom CodeQL workflows.
  • Managed - Impacts users with dynamic workflows (Default Setup, Code Quality, ...).

Products:

  • Code Scanning - The changes impact analyses when analysis-kinds: code-scanning.
  • Code Quality - The changes impact analyses when analysis-kinds: code-quality.
  • Other first-party - The changes impact other first-party analyses.

Environments:

  • GHES - Impacts CodeQL workflows on GitHub Enterprise Server.

How did/will you validate this change?

  • None - I am not validating these changes.

If something goes wrong after this change is released, what are the mitigation and rollback strategies?

  • Rollback - Change can only be disabled by rolling back the release or releasing a new version with a fix.

How will you know if something goes wrong after this change is released?

If there's a subtle bug here, we'd realistically probably only catch it in the release QA process.

Are there any special considerations for merging or releasing this change?

  • No special considerations - This change can be merged at any time.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Consider adding a changelog entry for this change.
  • Confirm the readme and docs have been updated if necessary.

@henrymercer henrymercer requested a review from a team as a code owner April 1, 2026 11:21
Copilot AI review requested due to automatic review settings April 1, 2026 11:21
@github-actions github-actions bot added the size/S Should be easy to review label Apr 1, 2026
Copilot AI approved these changes Apr 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Removes the now-unneeded feature flag and init-time override that forced Python standard library extraction on GHES, aligning the Action’s behavior with the CodeQL CLI default (stdlib models instead of extraction) and documenting the change.

Changes:

  • Remove the PythonDefaultIsToNotExtractStdlib tools feature and corresponding Action feature flag/config.
  • Delete the init-time logic that conditionally exported CODEQL_EXTRACTOR_PYTHON_EXTRACT_STDLIB=true when the flag wasn’t rolled out.
  • Add a CHANGELOG entry describing the GHES behavior change and expected impact.

Reviewed changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated no comments.

Show a summary per file
File Description
src/tools-features.ts Drops the tools feature enum entry used to gate the previous Python stdlib extraction override.
src/init-action.ts Removes the Python stdlib extraction override/export logic from init.
src/feature-flags.ts Removes the corresponding feature flag enum value and featureConfig entry.
CHANGELOG.md Documents that Python analysis on GHES no longer extracts the standard library (uses models instead).
lib/init-action.js Generated output reflecting removal of the override logic and feature config.
lib/init-action-post.js Generated output reflecting removal of the feature config entry.
lib/analyze-action.js Generated output reflecting removal of the feature config entry.
lib/analyze-action-post.js Generated output reflecting removal of the feature config entry.
lib/autobuild-action.js Generated output reflecting removal of the feature config entry.
lib/setup-codeql-action.js Generated output reflecting removal of the feature config entry.
lib/resolve-environment-action.js Generated output reflecting removal of the feature config entry.
lib/start-proxy-action.js Generated output reflecting removal of the feature config entry.
lib/start-proxy-action-post.js Generated output reflecting removal of the feature config entry.
lib/upload-lib.js Generated output reflecting removal of the feature config entry.
lib/upload-sarif-action.js Generated output reflecting removal of the feature config entry.
lib/upload-sarif-action-post.js Generated output reflecting removal of the feature config entry.

@henrymercer henrymercer enabled auto-merge April 1, 2026 11:31
@henrymercer henrymercer added this pull request to the merge queue Apr 1, 2026
Merged via the queue into main with commit 57ec7e1 Apr 1, 2026
229 checks passed
@henrymercer henrymercer deleted the henrymercer/cleanup branch April 1, 2026 11:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mbg mbg mbg approved these changes

Copilot code review Copilot Copilot approved these changes

Assignees

No one assigned

Labels

size/S Should be easy to review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@henrymercer @mbg