Pierre,
Inline...
Le 28/10/2021 à 13:41, Pierre Smits a écrit :
When posting a PR to the GitHub repo, following events are triggered:
1. CodeCL / Analyze (java) (pull_request)
2. Java CI with Gradle / build (pull_request
3. CodeCL / Analyse (javascript) (pull_request)
4. etc.
Of the actions/events listed, #1 and #2 fail.
Is this something that is configurable?
Actually OFBiz (Java files) is too big for CodeCL. We need to pass less data. I'm not yet sure how to handle that (not a priority to me, it does not
prevent anything but itself):
https://github.com/apache/ofbiz-framework/runs/3928683199?check_suite_focus=true
https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning
https://docs-dot-github-dotcom.gateway.web.tr/en/github-ae@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#specifying-directories-to-scan
AFAIK we have no issue with your option 2. Have you an example?
Jacques
It seems to me that this should not happen when:
a. the change is only in an xml file
b. the pull request has no conflicts with the base branche (and the base
branch should always build, right?)
Can this be looked into?
Met vriendelijke groet,
Pierre Smits
*Proud* *contributor** of* Apache OFBiz<https://ofbiz.apache.org/> since
2008 (without privileges)
*Apache Directory<https://directory.apache.org>, PMC Member*
Apache Incubator<https://incubator.apache.org>, committer
Apache Steve<https://steve.apache.org>, committer
