Skip to content

Add random suffix when writing diagnostics to avoid filename collisions #3852

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
henrymercer merged 4 commits into from
Apr 28, 2026
Merged

Add random suffix when writing diagnostics to avoid filename collisions #3852

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
cdb655d
Add random suffix when writing diagnostics to avoid filename collisions
henrymercer Apr 28, 2026
e73c940
Defensively sanitize timestamp
henrymercer Apr 28, 2026
c109008
Add changelog note
henrymercer Apr 28, 2026
245f682
Use a counter instead of Math.random for diagnostic filename suffix
henrymercer Apr 28, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th

## [UNRELEASED]

No user facing changes.
- Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. [#3852](https://github.com/github/codeql-action/pull/3852)

## 4.35.2 - 15 Apr 2026

Expand Down
8 changes: 6 additions & 2 deletions lib/analyze-action.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 6 additions & 2 deletions lib/init-action-post.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 6 additions & 2 deletions lib/init-action.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 6 additions & 2 deletions lib/setup-codeql-action.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 6 additions & 2 deletions lib/upload-lib.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 6 additions & 2 deletions lib/upload-sarif-action.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

15 changes: 13 additions & 2 deletions src/diagnostics.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -167,10 +167,21 @@ function writeDiagnostic(
// Create the directory if it doesn't exist yet.
mkdirSync(diagnosticsPath, { recursive: true });

// Include a random suffix to avoid filename collisions between diagnostics
// produced within the same millisecond. This doesn't need to be
// cryptographically secure, so `Math.random` is fine.
const uniqueSuffix = Math.floor(Math.random() * 0x100000000)
.toString(16)
.padStart(8, "0");
Copy link
Copy Markdown
Member

@mbg mbg Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if, given the relatively low volume of diagnostics we expect the Action to produce, it would be a better approach to just have a global counter that's incremented with each diagnostic that's written, and append that? That way, we'd avoid the very unlikely, but possible case where the random numbers clash (as Copilot notes).

Copy link
Copy Markdown
Contributor Author

@henrymercer henrymercer Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed, my first approach was to avoid global state but everything is running on the same thread so there isn't a risk of race conditions.

// We should only need to remove colons, but to be defensive, only allow a restricted set of
// characters.
const sanitizedTimestamp = diagnostic.timestamp.replace(
/[^a-zA-Z0-9.-]/g,
"",
);
const jsonPath = path.resolve(
diagnosticsPath,
// Remove colons from the timestamp as these are not allowed in Windows filenames.
`codeql-action-${diagnostic.timestamp.replaceAll(":", "")}.json`,
`codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json`,
);

writeFileSync(jsonPath, JSON.stringify(diagnostic));
Comment on lines 186 to 191
Copy link

Copilot AI Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Even with the random suffix, writeFileSync will still overwrite an existing diagnostic file if a (rare) collision occurs (same timestamp + same random suffix). To fully prevent losing diagnostics, consider writing with an exclusive flag (e.g. flag: "wx") and retrying with a new suffix on EEXIST (bounded retries) so we never overwrite a previous diagnostic.

See below for a potential fix:

    // We should only need to remove colons, but to be defensive, only allow a restricted set of
    // characters.
    const sanitizedTimestamp = diagnostic.timestamp.replace(
      /[^a-zA-Z0-9.-]/g,
      "",
    );

    const maxWriteAttempts = 10;
    let lastError: unknown;
    for (let attempt = 0; attempt < maxWriteAttempts; attempt++) {
      // Include a random suffix to avoid filename collisions between diagnostics
      // produced within the same millisecond. This doesn't need to be
      // cryptographically secure, so `Math.random` is fine.
      const uniqueSuffix = Math.floor(Math.random() * 0x100000000)
        .toString(16)
        .padStart(8, "0");
      const jsonPath = path.resolve(
        diagnosticsPath,
        `codeql-action-${sanitizedTimestamp}-${uniqueSuffix}.json`,
      );

      try {
        writeFileSync(jsonPath, JSON.stringify(diagnostic), { flag: "wx" });
        lastError = undefined;
        break;
      } catch (err) {
        if ((err as NodeJS.ErrnoException).code === "EEXIST") {
          lastError = err;
          continue;
        }
        throw err;
      }
    }

    if (lastError !== undefined) {
      throw lastError;
    }

Copilot uses AI. Check for mistakes.
Expand Down
Loading