search

mitchspano / sfdx-scan-pull-request

Runs sfdx-scanner on a pull request and generates in-line comments with the findings.
Apache License 2.0
73 stars 25 forks source link

Problem on bigger Pull Request #68

Closed Schuchie closed 12 months ago

Schuchie commented 1 year ago

If you change a lot of files in a new Pull Request the following error occurs. This can happen if you add for example datapacks for media cloud etc.. These contain no apex classes, only jsons and xmls. Is there a way to ignore none apex files?

(node:2164) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
Performing static code analysis on all of the relevant files...
{
  message: 'spawnSync /bin/sh E2BIG',
  status: null,
  stack: 'Error: spawnSync /bin/sh E2BIG\n' +
    '    at Object.spawnSync (node:internal/child_process:1119:20)\n' +
    '    at spawnSync (node:child_process:847:[24](https://github.com/ValanticDMC/Obi/actions/runs/6954874855/job/18922547072#step:4:25))\n' +
    '    at execSync (node:child_process:927:15)\n' +
    '    at /home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/v0.1.15/dist/index.js:1:13003\n' +
    '    at Generator.next (<anonymous>)\n' +
    '    at /home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/v0.1.15/dist/index.js:1:12738\n' +
    '    at new Promise (<anonymous>)\n' +
    '    at o (/home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/v0.1.15/dist/index.js:1:12485)\n' +
    '    at cli (/home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/v0.1.15/dist/index.js:1:12871)\n' +
    '    at /home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/v0.1.15/dist/index.js:1:13[25](https://github.com/actions/runs/6954874855/job/18922547072#step:4:26)0',
  output: undefined
}
mitchspano commented 1 year ago

Currently, There is no support for perform language specific suppression.

How large of a pull request are you creating and which version of the action are you running?

Schuchie commented 12 months ago

@mitchspano

Action Version: mitchspano/sfdx-scan-pull-request@v0.1.15

The PR is huge, caused by the default/standard datapacks from salesforce. You could also add a lot of json files to the staticresource folder, that would result in the same error.

links: https://stackoverflow.com/questions/63796633/spawnsync-bin-sh-enobufs

That could be avoided by using a file with a list of files (--file-list param) instead of adding every file to the command as param (if possible by sfdx scanner:run). Or by piping the files.

mitchspano commented 12 months ago

This is a duplicate of known issue #6. I will be marking this as closed and updates will be tracked on the canonical issue.

In the meantime, I would recommend keeping your changes smaller (see this documentation from Google CL is an internal term for Pull Request) and/or limiting the branches on which the scan is executed to keep its scope relatively well defined.