Closed angelapwen closed 1 month ago
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.
I think this is happening because we renamed tools: latest
to tools: linked
. Once we've merged this PR we can go through to the tool status page and delete the analysis for tools: latest
to avoid a stale tip.
Thanks for the review!!
- Is there any way for us to know if we have forgotten any places where this should be sustituted, save for doing a whole source-root
grep
?
I also just grep
ed it 🤔 I don't know that there's a better way, but (as you mentioned) the impact is low so I think it's fine if we end up with some extra latest
workflows.
- If we have forgotten anything, my understanding is that the impact is going to be low, given the intentional backwards compatibility in the change. Is this still deemed accurate, or am I missing something that requires greater precision in the change?
That's still accurate! I just saw the warnings when I was checking the logs of some PR checks and thought it would be best to switch over. The linked
naming really clarifies the intent, I think!
As of https://github.com/github/codeql-action/pull/2281, we introduced
linked
as a more descriptive value for thetools
input. This PR updates our own PR checks and workflows with the new value and changes the input/output in theprepare-test
Action to uselinked
.All of the required PR checks that had
latest
in their names, formain
have been updated. As we releasev3
andv2
we'll want to do the same for those branches.Merge / deployment checklist