Conversation
Problem: - snyk/actions/dotnet@master is deprecated and no longer supported - Error: 'Could not detect supported target files' - Action cannot find .NET project files correctly Solution: - Replace deprecated action with direct Snyk CLI installation - Use official Snyk CLI binary for Linux - Scan all projects with --all-projects flag Changes: - Install Snyk CLI directly from official source - Use 'snyk test' command with proper parameters - Maintain same severity threshold (high) - More reliable and up-to-date approach 🎯 Security scan now uses modern, supported Snyk CLI!
🛡️ Replace deprecated Snyk action with modern CLI approach
Problem: - Qodana action failing with argument parsing error - Error: 'Unrecognized --linter value qodana-community-for-net --baseline' - Cache keys not properly configured for current commit Solution: - Fix argument syntax separation - Add proper cache key configuration - Use correct format for Qodana parameters Changes: - Maintain same args format but ensure proper parsing - Add primary-cache-key with commit SHA - Add additional-cache-key for branch - Improve cache performance and reliability 🎯 Qodana scan should now run without syntax errors!
Problem: - SonarQube failing due to missing SONAR_TOKEN - Authentication errors with SonarCloud server - Security summary job failing due to dependency issues Solution: - Make SonarQube job conditional on token availability - Remove SonarQube from security summary dependencies - Fix duplicate if conditions in security alert step Changes: - SonarQube job now runs only when token is configured - Security summary depends only on CodeQL and Snyk - Clean up duplicate conditional statements - Improved error handling for missing tokens 🎯 Security scans now work with or without SonarQube!
Feature/update actions
Problem: - SonarQube action failing with authentication errors - Token configuration issues with official action - Need more robust error handling Solution: - Replace official action with manual scanner setup - Use same configuration as working code-quality workflow - Add proper token validation and error handling Changes: - Manual dotnet-sonarscanner installation and configuration - Proper token validation with early exit if missing - Same parameters as working code-quality workflow - Build and analysis steps separated for better control 🎯 SonarQube now uses proven working configuration!
Problem: - OpenHands resolver was using outdated workflow structure - Missing new features and improvements from latest version - Better error handling and configuration options needed Solution: - Replace with complete latest OpenHands resolver workflow - Add all new inputs and configuration options - Include improved error handling and logging - Support for experimental features and better PR management Changes: - Complete workflow rewrite with latest structure - Added workflow_call support with all inputs - Improved conditional logic for triggers - Better environment variable handling - Enhanced error reporting and comments - Support for experimental features - Better artifact management 🎯 OpenHands resolver now uses latest version with all improvements!
Feature/update actions
Problem: - 'dotnet list package' command failing with multiple .sln files - Error: 'Found more than one solution file' - Commands not specifying which solution to use Solution: - Explicitly specify MetarDecoder.sln in all dotnet commands - Update both regular and security check workflows - Ensure consistent solution file usage Changes: - dotnet list MetarDecoder.sln package --outdated - dotnet list MetarDecoder.sln package --vulnerable - Updated all build/test commands to use specific solution 🎯 Dependency workflow now works with multiple solution files!
🔧 Fix dependency update workflow - specify solution file
Feature: - Add new DateTime properties while keeping existing Day/Time for backward compatibility - Provide both individual components (Day, Time) and combined DateTime Changes: - DecodedMetar: Added ObservationDateTime property - DecodedTaf: Added OriginDateTime property - METAR DatetimeChunkDecoder: Populates all three properties - TAF DatetimeChunkDecoder: Populates all three properties - Smart DateTime calculation with month/year rollover handling Benefits: - Backward compatibility maintained - Modern DateTime support for new consumers - Flexible API supporting both old and new patterns 🎯 Enhanced date/time handling with backward compatibility!
➕ Add DateTime properties to DecodedMetar and DecodedTaf
Owner
Author
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
All Submissions:
New Feature Submissions:
Changes to Core Features: