Skip to content

Single sarif file#3183

Merged
nojaf merged 12 commits into
fsprojects:mainfrom
nojaf:merge-sarif-codeql
Sep 5, 2025
Merged

Single sarif file#3183
nojaf merged 12 commits into
fsprojects:mainfrom
nojaf:merge-sarif-codeql

Conversation

@nojaf

@nojaf nojaf commented Sep 5, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

Instead of merging sarif files, we can actually pass multiple projects to a single analysis invocation. I think this also slightly simplifies things.

@nojaf nojaf changed the title Merge sarif using codeql Single sarif file Sep 5, 2025
@github-advanced-security

github-advanced-security AI commented Sep 5, 2025

Copy link
Copy Markdown

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@nojaf nojaf requested a review from dawedawe September 5, 2025 11:09
@dawedawe

dawedawe commented Sep 5, 2025

Copy link
Copy Markdown
Member

Any idea what's going on here?

  info: No messages found from the analyzer(s)
/home/runner/work/fantomas/fantomas/Directory.Solution.targets(24,9): warning MSB3073: The command "dotnet fsharp-analyzers --analyzers-path "/home/runner/.nuget/packages/g-research.fsharp.analyzers/0.9.3/analyzers/dotnet/fs" --analyzers-path "/home/runner/.nuget/packages/ionide.analyzers/0.9.0/analyzers/dotnet/fs" --verbosity d --code-root /home/runner/work/fantomas/fantomas/ --report "/home/runner/work/fantomas/fantomas//analysis.sarif" --project /home/runner/work/fantomas/fantomas/src/Fantomas.Benchmarks/Fantomas.Benchmarks.fsproj --project /home/runner/work/fantomas/fantomas/src/Fantomas.Client.Tests/Fantomas.Client.Tests.fsproj --project /home/runner/work/fantomas/fantomas/src/Fantomas.Client/Fantomas.Client.fsproj --project /home/runner/work/fantomas/fantomas/src/Fantomas.Core.Tests/Fantomas.Core.Tests.fsproj --project /home/runner/work/fantomas/fantomas/src/Fantomas.Core/Fantomas.Core.fsproj --project /home/runner/work/fantomas/fantomas/src/Fantomas.Tests/Fantomas.Tests.fsproj --project /home/runner/work/fantomas/fantomas/src/Fantomas/Fantomas.fsproj" exited with code -1. [/home/runner/work/fantomas/fantomas/fantomas.sln]

@nojaf

nojaf commented Sep 5, 2025

Copy link
Copy Markdown
Contributor Author

Hmm, strange, | NoAnalyzersFound = -1 so that message is a bit weird.

@nojaf

nojaf commented Sep 5, 2025

Copy link
Copy Markdown
Contributor Author

Our analyzers and tool were rather old, so bumping all that.

dawedawe
dawedawe approved these changes Sep 5, 2025
View reviewed changes

@dawedawe dawedawe left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sweet

@nojaf nojaf merged commit 62e481d into fsprojects:main Sep 5, 2025
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dawedawe dawedawe dawedawe approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nojaf @github-advanced-security @dawedawe