As I want to fix it, I need it active, sorry for that
Le 29/10/2021 à 14:09, Pierre Smits a écrit :
Jacques,
Though not an issue/concern for you personally, can we have this feature
disabled?
These failures may give a false impression to contributors submitting PRs.
Which can potentially lead to them wasting time chasing a non-issue, or
worse: get annoyed and leave the project.
Best regards,
Pierre
Op vr 29 okt. 2021 11:24 schreef Jacques Le Roux <
jacques.le.r...@les7arts.com>:
Please see the request change, I can't edit the file
Le 29/10/2021 à 11:15, Jacques Le Roux a écrit :
Hi Pierre,
Ah indeed:
https://github.com/apache/ofbiz-framework/runs/4037388858?check_suite_focus=true
That's new and was reported by Mart Naum today at OFBIZ-12351 "Builds
fail due to unauthorized access to repo.spring.io/plugins-release"
It appears only when you clean the Gradle cache (can't reproduce locally
with a build after a clean). That's obviously a situation we get with GH
actions where all is new. I'm not sure yet it's the same situation with
Buildbot. I'll check that pushing your PR.
I'm not sure if this relates:
https://markmail.org/message/skxini7ytetn23ub or if it's a completely new
situation.
HTH
Jacques
Le 28/10/2021 à 19:24, Pierre Smits a écrit :
Hi Jacques,
Everything is going well?
As an example: https://github.com/apache/ofbiz-framework/pull/323
Met vriendelijke groet,
Pierre Smits
*Proud* *contributor** of* Apache OFBiz <https://ofbiz.apache.org/>
since
2008 (without privileges)
*Apache Directory <https://directory.apache.org>, PMC Member*
Apache Incubator <https://incubator.apache.org>, committer
Apache Steve <https://steve.apache.org>, committer
On Thu, Oct 28, 2021 at 7:21 PM Jacques Le Roux <
jacques.le.r...@les7arts.com> wrote:
Pierre,
Inline...
Le 28/10/2021 à 13:41, Pierre Smits a écrit :
When posting a PR to the GitHub repo, following events are triggered:
1. CodeCL / Analyze (java) (pull_request)
2. Java CI with Gradle / build (pull_request
3. CodeCL / Analyse (javascript) (pull_request)
4. etc.
Of the actions/events listed, #1 and #2 fail.
Is this something that is configurable?
Actually OFBiz (Java files) is too big for CodeCL. We need to pass less
data. I'm not yet sure how to handle that (not a priority to me, it
does
not
prevent anything but itself):
https://github.com/apache/ofbiz-framework/runs/3928683199?check_suite_focus=true
https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning
https://docs-dot-github-dotcom.gateway.web.tr/en/github-ae@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#specifying-directories-to-scan
AFAIK we have no issue with your option 2. Have you an example?
Jacques
It seems to me that this should not happen when:
a. the change is only in an xml file
b. the pull request has no conflicts with the base branche (and the
base
branch should always build, right?)
Can this be looked into?
Met vriendelijke groet,
Pierre Smits
*Proud* *contributor** of* Apache OFBiz<https://ofbiz.apache.org/>
since
2008 (without privileges)
*Apache Directory<https://directory.apache.org>, PMC Member*
Apache Incubator<https://incubator.apache.org>, committer
Apache Steve<https://steve.apache.org>, committer
