Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix code scanning alerts #6108

Merged
merged 5 commits into from
Sep 11, 2024
Merged

fix code scanning alerts #6108

merged 5 commits into from
Sep 11, 2024

Conversation

osalyk
Copy link
Contributor

@osalyk osalyk commented Sep 10, 2024
edited by grom72
Loading

@osalyk osalyk added sprint goal This pull request is part of the ongoing sprint no changelog Add to skip the changelog check on your pull request labels Sep 10, 2024
janekmi
janekmi requested changes Sep 10, 2024
View reviewed changes
Copy link
Contributor

@janekmi janekmi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 16 of 16 files at r1, 1 of 1 files at r2, 4 of 4 files at r3, 2 of 2 files at r4, 1 of 1 files at r5, 2 of 2 files at r6, all commit messages.
Reviewable status: all files reviewed, 8 unresolved discussions (waiting on @osalyk)

.github/actions/pmem_benchmark_run/action.yml line 36 at r3 (raw file):

    - name: Archive logs
      if: always()
      uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4

.

Suggestion:

# v4.4.0

.github/workflows/docker_rebuild.yml line 40 at r1 (raw file):

    steps:
      - name: Clone the git repo
        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4

Please use the exact tag. v4 will be changed whenever a new v4.x.y will be released.
Please apply to all occurrences.

Ref: actions/checkout@692973e

Suggestion:

# v4.1.7

.github/workflows/scan_codeql.yml line 39 at r4 (raw file):

    - name: Initialize CodeQL
      uses: github/codeql-action/init@be8b74c09c1778bcdbea38e1a45efea2cb73e18c # v2

I believe we should use v3.26.6 consequently in all instances. No point in using two versions.

.github/workflows/scan_codeql.yml line 47 at r4 (raw file):

    - name: CodeQL scan
      uses: github/codeql-action/analyze@be8b74c09c1778bcdbea38e1a45efea2cb73e18c # v2

v3.26.6?

.github/workflows/scan_coverage.yml line 42 at r5 (raw file):

      - name: Upload coverage to Codecov
        uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4

.

Suggestion:

# v4.5.0

.github/workflows/scan_log_calls.yml line 33 at r6 (raw file):

      - name: Upload artifacts
        if: steps.log_calls_diff.outputs.length != '0'
        uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3

I think we uniformly use v4.4.0.

.github/workflows/scan_stack_usage.yml line 80 at r6 (raw file):

      - name: Upload artifacts
        uses: actions/upload-artifact@ff15f0306b3f739f7b6fd43fb5d26cd321bd4de5 # v3

I think we uniformly use v4.4.0.

.github/workflows/scorecard.yml line 72 at r4 (raw file):

      # Commenting out will disable upload of results to your repo's Code Scanning dashboard
      - name: "Upload to code-scanning"
        uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3

.

Suggestion:

# v3.26.6

osalyk
osalyk commented Sep 11, 2024
View reviewed changes
Copy link
Contributor Author

@osalyk osalyk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewable status: 0 of 18 files reviewed, 8 unresolved discussions (waiting on @janekmi)

.github/actions/pmem_benchmark_run/action.yml line 36 at r3 (raw file):

Previously, janekmi (Jan Michalski) wrote…

.

Done.

.github/workflows/docker_rebuild.yml line 40 at r1 (raw file):

Previously, janekmi (Jan Michalski) wrote…

Please use the exact tag. v4 will be changed whenever a new v4.x.y will be released.
Please apply to all occurrences.

Ref: actions/checkout@692973e

Done.

.github/workflows/scan_codeql.yml line 39 at r4 (raw file):

Previously, janekmi (Jan Michalski) wrote…

I believe we should use v3.26.6 consequently in all instances. No point in using two versions.

Done.

.github/workflows/scan_codeql.yml line 47 at r4 (raw file):

Previously, janekmi (Jan Michalski) wrote…

v3.26.6?

Done.

.github/workflows/scan_coverage.yml line 42 at r5 (raw file):

Previously, janekmi (Jan Michalski) wrote…

.

Done.

.github/workflows/scan_log_calls.yml line 33 at r6 (raw file):

Previously, janekmi (Jan Michalski) wrote…

I think we uniformly use v4.4.0.

Done.

.github/workflows/scan_stack_usage.yml line 80 at r6 (raw file):

Previously, janekmi (Jan Michalski) wrote…

I think we uniformly use v4.4.0.

Done.

.github/workflows/scorecard.yml line 72 at r4 (raw file):

Previously, janekmi (Jan Michalski) wrote…

.

Done.

janekmi
janekmi approved these changes Sep 11, 2024
View reviewed changes
Copy link
Contributor

@janekmi janekmi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

Reviewed 9 of 18 files at r7, 6 of 6 files at r9, 2 of 2 files at r10, 1 of 1 files at r11, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved (waiting on @osalyk)

@janekmi janekmi requested a review from grom72 September 11, 2024 13:14
grom72
grom72 approved these changes Sep 11, 2024
View reviewed changes
Copy link
Contributor

@grom72 grom72 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 18 of 18 files at r7, 1 of 1 files at r8, 6 of 6 files at r9, 2 of 2 files at r10, 1 of 1 files at r11, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved (waiting on @osalyk)

grom72
grom72 approved these changes Sep 11, 2024
View reviewed changes
Copy link
Contributor

@grom72 grom72 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

Reviewable status: :shipit: complete! all files reviewed, all discussions resolved (waiting on @osalyk)

@janekmi janekmi merged commit a06e5c5 into master Sep 11, 2024
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@grom72 grom72 grom72 approved these changes

@janekmi janekmi janekmi approved these changes

Assignees
No one assigned
Labels
no changelog Add to skip the changelog check on your pull request sprint goal This pull request is part of the ongoing sprint
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@osalyk @grom72 @janekmi