fix(codeql): implement package.json handling to avoid ESM/CJS conflicts

* Added utility functions `temporarilyRenamePackageJsonIfTypeModule` and `restorePackageJson` to manage package.json renaming based on its type.
* Updated `createDatabase` method to utilize these utilities for handling package.json in both filtered and root paths.
* Introduced tests for the new utility functions to ensure correct behavior and logging.

Author: ccpu

dist/index.js

@@ -1,9 +1,12 @@
 import type { CodeQLConfig } from '../types';
-import * as fs from 'node:fs';
 import * as process from 'node:process';
 import { exec } from '@actions/exec';
 import { FileUtils } from '../utils/file-utils';
 import { Logger } from '../utils/logger';
+import {
+  restorePackageJson,
+  temporarilyRenamePackageJsonIfTypeModule,
+} from './utils/package-json-utils';
 
 export class CodeQLDatabase {
   static async createDatabase(
@@ -25,7 +28,6 @@ export class CodeQLDatabase {
     Logger.info(`Languages to analyze: ${languages.join(', ')}`);
     Logger.info(`Multi-language analysis: ${isMultiLanguage}`);
 
-    // --- START: ADDED CODE FOR THE FIX ---
     const packageJsonPath = FileUtils.joinPath(filteredPath, 'package.json');
     const packageJsonBackupPath = FileUtils.joinPath(filteredPath, 'package.json.bak');
     const rootPackageJsonPath = FileUtils.joinPath(process.cwd(), 'package.json');
@@ -35,79 +37,20 @@ export class CodeQLDatabase {
     );
     let needsCleanup = false;
     let needsRootCleanup = false;
-    // --- END: ADDED CODE FOR THE FIX ---
 
     try {
-      // --- START: ADDED CODE FOR THE FIX ---
-      // Check if package.json exists and contains "type": "module"
-      Logger.info(`Looking for package.json in filtered path: ${packageJsonPath}`);
+      // Use helpers to reduce duplication
+      needsCleanup = temporarilyRenamePackageJsonIfTypeModule(
+        packageJsonPath,
+        packageJsonBackupPath,
+        'filtered path',
+      );
 
-      if (FileUtils.exists(packageJsonPath)) {
-        Logger.info('package.json found. Reading file content.');
-        const packageJsonContent = FileUtils.readFile(packageJsonPath);
-        try {
-          const parsed = JSON.parse(packageJsonContent) as unknown;
-          if (typeof parsed === 'object' && parsed !== null && 'type' in parsed) {
-            const packageJson = parsed as { type?: unknown };
-            Logger.info(`Detected package.json.type = ${String(packageJson.type)}`);
-            if (packageJson.type === 'module') {
-              Logger.info(
-                'Temporarily renaming package.json to avoid ESM/CJS conflict with CodeQL extractor.',
-              );
-              fs.renameSync(packageJsonPath, packageJsonBackupPath);
-              needsCleanup = true;
-              Logger.info('package.json was renamed to package.json.bak');
-            } else {
-              Logger.info('package.json.type is not "module". No rename necessary.');
-            }
-          } else {
-            Logger.info(
-              'package.json does not contain a "type" field. No rename necessary.',
-            );
-          }
-        } catch (e) {
-          Logger.warning(
-            `Could not parse package.json. Skipping temporary rename. Error: ${e instanceof Error ? e.message : String(e)}`,
-          );
-        }
-      } else {
-        Logger.info('No package.json found in filtered path.');
-      }
-
-      // Also check for package.json in the root directory (where CodeQL might also look)
-      Logger.info(`Looking for package.json in root path: ${rootPackageJsonPath}`);
-      if (FileUtils.exists(rootPackageJsonPath)) {
-        Logger.info('Root package.json found. Reading file content.');
-        const rootPackageJsonContent = FileUtils.readFile(rootPackageJsonPath);
-        try {
-          const parsed = JSON.parse(rootPackageJsonContent) as unknown;
-          if (typeof parsed === 'object' && parsed !== null && 'type' in parsed) {
-            const packageJson = parsed as { type?: unknown };
-            Logger.info(`Detected root package.json.type = ${String(packageJson.type)}`);
-            if (packageJson.type === 'module') {
-              Logger.info(
-                'Temporarily renaming root package.json to avoid ESM/CJS conflict with CodeQL extractor.',
-              );
-              fs.renameSync(rootPackageJsonPath, rootPackageJsonBackupPath);
-              needsRootCleanup = true;
-              Logger.info('Root package.json was renamed to package.json.bak');
-            } else {
-              Logger.info('Root package.json.type is not "module". No rename necessary.');
-            }
-          } else {
-            Logger.info(
-              'Root package.json does not contain a "type" field. No rename necessary.',
-            );
-          }
-        } catch (e) {
-          Logger.warning(
-            `Could not parse root package.json. Skipping temporary rename. Error: ${e instanceof Error ? e.message : String(e)}`,
-          );
-        }
-      } else {
-        Logger.info('No package.json found in root path.');
-      }
-      // --- END: ADDED CODE FOR THE FIX ---
+      needsRootCleanup = temporarilyRenamePackageJsonIfTypeModule(
+        rootPackageJsonPath,
+        rootPackageJsonBackupPath,
+        'root path',
+      );
 
       const args = ['database', 'create', dbPath];
 
@@ -121,19 +64,23 @@ export class CodeQLDatabase {
       }
 
       args.push(`--source-root=${filteredPath}`);
-      await exec(codeqlPath, args);
+      try {
+        await exec(codeqlPath, args);
+      } catch (e) {
+        // Log the error clearly, then rethrow so the finally block can restore package.json files
+        Logger.error(
+          `CodeQL execution failed: ${e instanceof Error ? e.message : String(e)}`,
+        );
+        throw e;
+      }
     } finally {
-      // --- START: ADDED CODE FOR THE FIX ---
       // Ensure package.json is restored even if exec fails
       if (needsCleanup) {
-        Logger.info('Restoring original package.json.');
-        fs.renameSync(packageJsonBackupPath, packageJsonPath);
+        restorePackageJson(packageJsonBackupPath, packageJsonPath, 'filtered path');
       }
       if (needsRootCleanup) {
-        Logger.info('Restoring original root package.json.');
-        fs.renameSync(rootPackageJsonBackupPath, rootPackageJsonPath);
+        restorePackageJson(rootPackageJsonBackupPath, rootPackageJsonPath, 'root path');
       }
-      // --- END: ADDED CODE FOR THE FIX ---
     }
   }
 

src/codeql/database.ts

@@ -0,0 +1,69 @@
+import * as fs from 'node:fs';
+import { FileUtils } from '../../utils/file-utils';
+import { Logger } from '../../utils/logger';
+
+/**
+ * If a package.json exists at the given path and contains "type": "module",
+ * rename it to the provided backup path to avoid ESM/CJS conflicts.
+ * Returns true if a rename was performed, false otherwise.
+ */
+export function temporarilyRenamePackageJsonIfTypeModule(
+  packageJsonPath: string,
+  backupPath: string,
+  description = 'path',
+): boolean {
+  Logger.info(`Looking for package.json in ${description}: ${packageJsonPath}`);
+
+  if (!FileUtils.exists(packageJsonPath)) {
+    Logger.info(`No package.json found in ${description}.`);
+    return false;
+  }
+
+  Logger.info('package.json found. Reading file content.');
+  const packageJsonContent = FileUtils.readFile(packageJsonPath);
+  try {
+    const parsed = JSON.parse(packageJsonContent) as unknown;
+    if (typeof parsed === 'object' && parsed !== null && 'type' in parsed) {
+      const packageJson = parsed as { type?: unknown };
+      Logger.info(`Detected package.json.type = ${String(packageJson.type)}`);
+      if (packageJson.type === 'module') {
+        Logger.info(
+          `⚠️ Temporarily changing package.json type in ${description} to avoid ESM/CJS conflict with CodeQL extractor (typescript-parser-wrapper).`,
+        );
+        fs.renameSync(packageJsonPath, backupPath);
+        Logger.info('package.json was renamed to package.json.bak');
+        return true;
+      }
+      return false;
+    }
+
+    return false;
+  } catch (e) {
+    Logger.warning(
+      `Could not parse package.json in ${description}. Skipping temporary rename. Error: ${
+        e instanceof Error ? e.message : String(e)
+      }`,
+    );
+    return false;
+  }
+}
+
+/**
+ * Restore a previously renamed package.json by moving backupPath back to packageJsonPath.
+ * Logs a warning if the backup does not exist.
+ */
+export function restorePackageJson(
+  backupPath: string,
+  packageJsonPath: string,
+  description = 'path',
+): void {
+  if (!FileUtils.exists(backupPath)) {
+    Logger.warning(
+      `Backup package.json not found for ${description}: ${backupPath}. Skipping restore.`,
+    );
+    return;
+  }
+
+  Logger.info(`Restoring original package.json for ${description}.`);
+  fs.renameSync(backupPath, packageJsonPath);
+}