Have you tried to resolve this issue yourself first?
Yes
Bug Description
I run the command sf scanner run dfa --target ./force-app/ -c Security --format csv --outfile CodeAnalyzerDFA.csv. The next issue received
Graph Engine identified your source and sink, but you must manually verify that you have a sanitizer in this path. Then, add an engine directive to skip the path. Next, create a Github issue for the Code Analyzer team that includes the error and stack trace. After we fix this issue, check the Code Analyzer release notes for more info. Error and stacktrace: UnexpectedException: ArrayLoadExpression{properties={FirstChild=false, BeginLine=75, DefiningType_CaseSafe=requestbriefingcontroller, LastChild=true, DefiningType=RequestBriefingController, EndLine=79, childIdx=1, BeginColumn=34}}: com.salesforce.graph.symbols.PathScopeVisitor.afterVisit(PathScopeVisitor.java:761);com.salesforce.graph.symbols.DefaultSymbolProviderVertexVisitor.afterVisit(DefaultSymbolProviderVertexVisitor.java:737);com.salesforce.graph.vertex.ArrayLoadExpressionVertex.afterVisit(ArrayLoadExpressionVertex.java:58);com.salesforce.graph.ops.expander.ApexPathExpander.performAfterVisit(ApexPathExpander.java:577);com.salesforce.graph.ops.expander.ApexPathExpander.visit(ApexPathExpander.java:536);com.salesforce.graph.ops.expander.ApexPathExpander.visit(ApexPathExpander.java:523)
I tried to add / sfge-disable-stack ApexFlsViolationRule / but the issue still exist.
We are consolidating these internal errors under a parent bug. We'll provide updates there once we prioritize and begin working on a fix. Thank you for bringing this to our attention!
Have you tried to resolve this issue yourself first?
Yes
Bug Description
I run the command sf scanner run dfa --target ./force-app/ -c Security --format csv --outfile CodeAnalyzerDFA.csv. The next issue received
Graph Engine identified your source and sink, but you must manually verify that you have a sanitizer in this path. Then, add an engine directive to skip the path. Next, create a Github issue for the Code Analyzer team that includes the error and stack trace. After we fix this issue, check the Code Analyzer release notes for more info. Error and stacktrace: UnexpectedException: ArrayLoadExpression{properties={FirstChild=false, BeginLine=75, DefiningType_CaseSafe=requestbriefingcontroller, LastChild=true, DefiningType=RequestBriefingController, EndLine=79, childIdx=1, BeginColumn=34}}: com.salesforce.graph.symbols.PathScopeVisitor.afterVisit(PathScopeVisitor.java:761);com.salesforce.graph.symbols.DefaultSymbolProviderVertexVisitor.afterVisit(DefaultSymbolProviderVertexVisitor.java:737);com.salesforce.graph.vertex.ArrayLoadExpressionVertex.afterVisit(ArrayLoadExpressionVertex.java:58);com.salesforce.graph.ops.expander.ApexPathExpander.performAfterVisit(ApexPathExpander.java:577);com.salesforce.graph.ops.expander.ApexPathExpander.visit(ApexPathExpander.java:536);com.salesforce.graph.ops.expander.ApexPathExpander.visit(ApexPathExpander.java:523)
I tried to add / sfge-disable-stack ApexFlsViolationRule / but the issue still exist.
Output / Logs
sfge.log
Steps To Reproduce
Expected Behavior
Security issue exist or not, depends on scanner results
Operating System
MacOs Ventura 13.0
Salesforce CLI Version
@salesforce/cli/2.49.7 darwin-arm64 node-v18.20.4
Code Analyzer Plugin (@salesforce/sfdx-scanner) Version
@salesforce/sfdx-scanner 4.3.2 (4.3.2)
Java Version
openjdk 21.0.3 2024-04-16 LTS
Additional Context (Screenshots, Files, etc)
Source code in which issue occurs
Workaround
No response
Urgency
Low