fix: exclude errored code scanning analyses from migration#1529
Open
lindluni wants to merge 3 commits intogithub:mainfrom
Open
fix: exclude errored code scanning analyses from migration#1529lindluni wants to merge 3 commits intogithub:mainfrom
lindluni wants to merge 3 commits intogithub:mainfrom
Conversation
Filter out code scanning analyses with non-empty error fields when listing analyses from the source repository, preventing failed analyses from being migrated to the target repository. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Signed-off-by: Brett Logan <lindluni@github.com>
scottluskcis
approved these changes
Mar 19, 2026
Clarified the bug fix description for `migrate-code-scanning-alerts` to specify exclusion of analyses with processing errors on initial uploads.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR prevents migrate-code-scanning-alerts migrations from failing on code scanning analyses that have an error present in the List Analyses API response by filtering those analyses out before attempting SARIF retrieval.
Changes:
- Filter out code scanning analyses whose
errorfield is non-empty when listing analyses. - Add unit test coverage for excluding errored analyses.
- Add a release note entry describing the bug fix.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| src/Octoshift/Services/GithubApi.cs | Filters out analyses with a non-empty error field before building CodeScanningAnalysis results. |
| src/OctoshiftCLI.Tests/Octoshift/Services/GithubApiTests.cs | Adds a test ensuring analyses with populated error are excluded from results. |
| RELEASENOTES.md | Documents the behavior change for migrate-code-scanning-alerts. |
Unit Test Results 1 files 1 suites 10m 24s ⏱️ Results for commit 5288951. ♻️ This comment has been updated with latest results. |
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Filter out code scanning analyses with non-empty error fields when listing analyses from the source repository, preventing failed analyses from being migrated to the target repository.
When the
migrate-code-scanning-alertsis invoked, it used theListAnalysesAPI. The results objects in the returned array have anerrorfield. If on the initial upload the SARIF failed to process, the error field is populated. When we try toGetAnalysisto retrieve the SARIF content, we get a422 Unprocessable Entitybecause the results retrieval system can't process the SARIF. The GEI CLI fails at that point, instead of skipping that particular result.We've also built and tested this locally against a production migration and confirmed this works as intended.
ThirdPartyNotices.txt(if applicable)