search

oxsecurity / megalinter

🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.
https://megalinter.io
GNU Affero General Public License v3.0
1.81k stars 215 forks source link

MegaLinter reports 1 error found even when PSScriptAnalyzer reports no errors bug #3196

Open james-garriss opened 7 months ago

james-garriss commented 7 months ago

Describe the bug

When MegaLinter runs PSScriptAnalyzer, and PSScriptAnalyzer reports no errors, MegaLinter reports that there were 12 errors.

To Reproduce

  1. Create a GitHub repo that uses PowerShell, such as ScubaGear.
  2. Create a GitHub Action workflow that uses MegaLinter.
  3. Configure it to use PSScriptAnalyzer.
ENABLE_LINTERS:
  - POWERSHELL_POWERSHELL
  1. Run the workflow.
  2. See that MegaLinter reports that there are 12 errors, but PSScriptAnalyzer actually finds only warnings and informations.

Expected behavior

I would expect MegaLinter to report the sum total number of errors that PSScriptAnalyzer finds, which is 0.

Screenshots

Results can be seen here: https://github.com/cisagov/ScubaGear/actions/runs/7130729734/job/19417770435

nvuillam commented 7 months ago

Probably the warnings trigger a response code 1 ?

What if you ignore such errors ? https://learn.microsoft.com/en-us/powershell/utility-modules/psscriptanalyzer/using-scriptanalyzer?view=ps-modules#suppressing-rules

james-garriss commented 5 months ago

Why would I ignore them? I still want them reported. I just want them to be reported correctly.

nvuillam commented 5 months ago

@james-garriss FYI there is a current PR about powershell errors counting, maybe you'll be interested by the result ? :)

https://github.com/oxsecurity/megalinter/pull/3318

james-garriss commented 5 months ago

Super cool. Thank you for the heads up and the good work.