[edk2-devel] CodeQL Failures in PR Checks

["Michael Kubacki" <mikuback@linux.microsoft.com>]

TLDR: If CodeQL failed in a PR. Rebase your PR branch on master and push.

---

edk2 uses an application called the CodeQL CLI to run CodeQL in CI builds.

https://github.com/github/codeql-cli-binaries/

A fixed version of the application is used to allow controlled updates 
where the version is tracked in YAML files like this:

https://github.com/tianocore/edk2/blob/master/BaseTools/Plugin/CodeQL/codeqlcli_ext_dep.yaml

Yesterday, a new CodeQL CLI version was released v2.18.1:

https://github.com/github/codeql-cli-binaries/releases/tag/v2.18.1

CodeQL uses queries to find issues that target certain CodeQL CLI 
versions. v2.18.1 published a new set of queries incompatible with the 
CodeQL CLI version fixed in edk2.

Last month, this PR intended to fix the queries as well to prevent the 
CLI from using an incompatible (latest) query set, but it wasn't merged 
due to some mergify issues. It eventually fell off the radar.

https://github.com/tianocore/edk2/pull/5720

---

Actions Taken:

To solve the immediate issue, the CodeQL CLI issue is updated in edk2 so 
it is compatible with the latest queries moving the project to the 
latest release and fixing the PR status checks. This was done in 
https://github.com/tianocore/edk2/commit/6589843cc619b3a5e2d2c0e5b12451b11a3f2288.

I will recreate 5720 to account for this new CodeQL version in a new PR 
to prevent this from happening in the future.

Thanks,
Michael


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#120049): https://edk2.groups.io/g/devel/message/120049
Mute This Topic: https://groups.io/mt/107561854/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-