Scan fails with version @v0.1.8

Question

Scan fails with version @v0.1.8

jbatt08 opened this issue 2 years ago · comments

The scanner is failing after starting to use v0.1.8.

Here's the log:

Beginning sfdx-scan-pull-request run...
Validating that this action was invoked from an acceptable context...
Getting difference within the pull request ... [ 'dev-uat', 'feature/CSE-1255-GuardrilesToPreventOverAllotment-PR2' ]
Getting existing comments using GitHub REST API...
(node:1956) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
Performing static code analysis on all of the files in the difference...
node:internal/errors:841
  const err = new Error(message);
              ^

Error: Command failed: npx sfdx scanner:run --pmdconfig ruleset.xml --target force-app/main/default/classes/CSLeadsRESTControllerV2.cls --json
    at checkExecSyncError (node:child_process:828:11)
    at execSync (node:child_process:899:15)
    at /home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/main/dist/index.js:1:[7](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:8)[8](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:9)66
    at Generator.next (<anonymous>)
    at /home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/main/dist/index.js:1:7631
    at new Promise (<anonymous>)
    at o (/home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/main/dist/index.js:1:7378)
    at cli (/home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/main/dist/index.js:1:774[9](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:10))
    at /home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/main/dist/index.js:1:8087 {
  status: 1,
  signal: null,
  output: [
    null,
    Buffer(2670) [Uint8Array] [
      123,  [10](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:11),  32,  32,  34, [11](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:12)5, 116,  97, 116, 117, 115,  34,
       58,  32,  49,  44,  10,  32,  32,  34, 110,  97, 109, 101,
       34,  58,  32,  34,  34,  44,  10,  32,  32,  34, 109, 101,
      115, 115,  97, 103, 101,  34,  58,  32,  34,  85, 110, 101,
      [12](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:13)0, 112, 101,  99, 116, 101, 100,  32,  97, 1[14](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:15), 103, 117,
      109, 101, 110, 116,  58,  32,  76,  97, 121, 111, 117, 116,
       46, 108,  97, 121, 111, 117, 116,  45, 109, 101, 116,  97,
       46, 120, 109, 108,  44, 102, 111, 114,  99, 101,  45,  97,
      112, 112,  47, 109,
      ... 2570 more items
    ],
    Buffer(0) [Uint8Array] []
  ],
  pid: 1989,
  stdout: Buffer(2670) [Uint8Array] [
    123,  10,  32,  32,  34, 1[15](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:16), 1[16](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:17),  97, 116, 1[17](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:18), 115,  34,
     58,  32,  49,  44,  10,  32,  32,  34, 110,  97, 109, 101,
     34,  58,  32,  34,  34,  44,  10,  32,  32,  34, 109, 101,
    115, 115,  97, 103, 101,  34,  58,  32,  34,  85, 110, 101,
    1[20](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:21), 112, 101,  99, 116, 101, 100,  32,  97, 114, 103, 117,
    109, 101, 110, 116,  58,  32,  76,  97, 1[21](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:22), 111, 117, 116,
     46, 108,  97, 121, 111, 117, 116,  45, 109, 101, 116,  97,
     46, 120, 109, 108,  44, 102, 111, 114,  99, 101,  45,  97,
    112, 112,  47, 109,
    ... [25](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4467577726/jobs/7847218088?pr=5127#step:4:26)70 more items
  ],
  stderr: Buffer(0) [Uint8Array] []
}

Here's our yaml:

name: Static Analysis
on:
  pull_request:
    types: [opened, reopened, synchronize]
  workflow_dispatch:
jobs:
  analyze:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          fetch-depth: 0
      - name: Install SFDX CLI and Scanner
        run: |
          npm install sfdx-cli
          node_modules/sfdx-cli/bin/run plugins:install @salesforce/sfdx-scanner
      - name: Run SFDX Scanner - Report findings as comments
        uses: mitchspano/sfdx-scan-pull-request@main
        with:
          pmdconfig: ruleset.xml
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Running this command locally didn't produce any errors:

sfdx scanner:run --pmdconfig ruleset.xml --target force-app/main/default/classes/CSLeadsRESTControllerV2.cls

And after reverting to v0.1.7, the scanner is working.

Mitch Spano · Answer 1 · Tue Mar 21 2023 02:13:23 GMT+0800 (China Standard Time)

Thanks for raising this issue @jbatt08. We have experienced a similar issue yesterday and thought it was related to the concatenation of the target path. Your ability to run locally is interesting and makes me reconsider the target path hypothesis.

I will take a look at this issue and let you know what I find. For now, please continue with v0.1.7.

Thanks,
-Mitch

Mitch Spano · Answer 2 · Tue Mar 21 2023 08:06:26 GMT+0800 (China Standard Time)

Hey @jbatt08, would you be able to try executing the action using npx instead of node_modules?

- name: Install SFDX CLI and Scanner
  run: |
    npm install sfdx-cli
    node_modules/sfdx-cli/bin/run plugins:install @salesforce/sfdx-scanner

=>

- name: Install SFDX CLI and Scanner
  run: |
    npm install sfdx-cli
    npx sfdx plugins:install @salesforce/sfdx-scanner

I believe this could be the cause of this issue. Let me know what you find.

Thanks!

Jeff Battles · Answer 3 · Tue Mar 21 2023 08:49:17 GMT+0800 (China Standard Time)

Hey @mitchspano - changing to npx seems to have fixed the first issue, but now I'm seeing a new issue. Here's the log:

Run mitchspano/sfdx-scan-pull-request@main
Beginning sfdx-scan-pull-request run...
Validating that this action was invoked from an acceptable context...
Getting difference within the pull request ... [ 'dev-uat', 'feature/pipeline-inspection' ]
Getting existing comments using GitHub REST API...
(node:1989) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
Performing static code analysis on all of the files in the difference...
Filtering the findings to just the lines which are part of the pull request...
Writing comments using GitHub REST API...
No matching comment found, uploading new comment
Error while uploading comments! RequestError [HttpError]: invalid json response body at https://api.github.com/repos/BlueWaveFinanceGroup/SMP/pulls/5130/comments reason: Unexpected end of JSON input
    at /home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/main/dist/index.js:1:219184
    at processTicksAndRejections (node:internal/process/task_queues:9[6](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4474329454/jobs/7862681695?pr=5130#step:4:7):5) {
  status: 500,
  request: {
    method: 'POST',
    url: 'https://api.github.com/repos/BlueWaveFinanceGroup/SMP/pulls/5130/comments',
    headers: {
      accept: 'application/vnd.github.v3+json',
      'user-agent': 'octokit-action.js/4.0.4 octokit-core.js/4.0.4 Node.js/16.16.0 (linux; x64)',
      authorization: 'token [REDACTED]',
      'content-type': 'application/json; charset=utf-8'
    },
    body: '{"commit_id":"52591b82815b0a48bb53[7](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4474329454/jobs/7862681695?pr=5130#step:4:8)eab7740976[8](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4474329454/jobs/7862681695?pr=5130#step:4:9)fc[9](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4474329454/jobs/7862681695?pr=5130#step:4:10)0c7b7","path":"force-app/main/default/classes/APICredentialSelector.cls","start_line":6,"start_side":"RIGHT","side":"RIGHT","line":16,"body":"| Engine | Category | Rule | Severity | Type | Message | File |\\n  | --- | --- | --- | --- | --- | --- | --- |\\n| pmd-custom | Documentation | ApexDoc | 3 | Warning | [Missing ApexDoc @description](https://pmd.github.io/pmd-6.54.0/pmd_rules_apex_documentation.html#apexdoc) | [force-app/main/default/classes/APICredentialSelector.cls](../tree/52591b82815b0a48bb537eab77409768fc90c7b7/force-app/main/default/classes/APICredentialSelector.cls) |"}',
    request: { agent: [ProxyAgent], hook: [Function: bound bound register] }
  }
}
node:internal/process/promises:279
            triggerUncaughtException(err, true /* fromPromise */);
            ^

RequestError [HttpError]: invalid json response body at https://api.github.com/repos/BlueWaveFinanceGroup/SMP/pulls/5[13](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4474329454/jobs/7862681695?pr=5130#step:4:14)0/comments reason: Unexpected end of JSON input
    at /home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/main/dist/index.js:1:219184
    at processTicksAndRejections (node:internal/process/task_queues:96:5) {
  status: 500,
  request: {
    method: 'POST',
    url: 'https://api.github.com/repos/BlueWaveFinanceGroup/SMP/pulls/5130/comments',
    headers: {
      accept: 'application/vnd.github.v3+json',
      'user-agent': 'octokit-action.js/4.0.4 octokit-core.js/4.0.4 Node.js/16.16.0 (linux; x64)',
      authorization: 'token [REDACTED]',
      'content-type': 'application/json; charset=utf-8'
    },
    body: '{"commit_id":"52591b828[15](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4474329454/jobs/7862681695?pr=5130#step:4:16)b0a48bb537eab77409768fc90c7b7","path":"force-app/main/default/classes/APICredentialSelector.cls","start_line":6,"start_side":"RIGHT","side":"RIGHT","line":[16](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4474329454/jobs/7862681695?pr=5130#step:4:17),"body":"| Engine | Category | Rule | Severity | Type | Message | File |\\n  | --- | --- | --- | --- | --- | --- | --- |\\n| pmd-custom | Documentation | ApexDoc | 3 | Warning | [Missing ApexDoc @description](https://pmd.github.io/pmd-6.54.0/pmd_rules_apex_documentation.html#apexdoc) | [force-app/main/default/classes/APICredentialSelector.cls](../tree/52591b82815b0a48bb537eab77409768fc90c7b7/force-app/main/default/classes/APICredentialSelector.cls) |"}',
    request: {
      agent: ProxyAgent { promisifiedCallback: [Function (anonymous)] },
      hook: [Function: bound bound register]
    }
  }
}

Thanks for your help with this!

Mitch Spano · Answer 4 · Tue Mar 21 2023 11:02:28 GMT+0800 (China Standard Time)

Interesting... This looks like it is trying to render the line attribute as a hyperlink...? and the hyperlink is to the action's run?

"line":[16](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4474329454/jobs/7862681695?pr=5130#step:4:17)

The comments are generated in this function and I am not sure how this is actually getting translated to such.

Does v0.1.7 work on this pull requests?

Jeff Battles · Answer 5 · Tue Mar 21 2023 22:21:40 GMT+0800 (China Standard Time)

Yes - v0.1.7 works.

What's odd to me is that the newer version is trying to write a comment for the APICredentialSelector.cls. This file isn't changed in the PR (but it is first alphabetically in our repo).

When I look at the log for v0.1.7, there aren't any comments to write (and there shouldn't be, no classes are changed in this PR):

I made a modification to the APICredentialSelector.cls and ran the scan again using the latest version and the error is different this time:

Beginning sfdx-scan-pull-request run...
Validating that this action was invoked from an acceptable context...
Getting difference within the pull request ... [ 'dev-uat', 'feature/pipeline-inspection' ]
Getting existing comments using GitHub REST API...
(node:1904) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
Performing static code analysis on all of the files in the difference...
Filtering the findings to just the lines which are part of the pull request...
Writing comments using GitHub REST API...
No matching comment found, uploading new comment
Error while uploading comments! RequestError [HttpError]: Validation Failed: {"resource":"PullRequestReviewComment","code":"custom","field":"pull_request_review_thread.start_line","message":"pull_request_review_thread.start_line must be part of the same hunk as the line."}
    at /home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/main/dist/index.js:1:218911
    at processTicksAndRejections (node:internal/process/task_queues:96:5) {
  status: 422,
  response: {
    url: 'https://api.github.com/repos/BlueWaveFinanceGroup/SMP/pulls/5130/comments',
    status: 422,
    headers: {
      'access-control-allow-origin': '*',
      'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',
      connection: 'close',
      'content-length': '349',
      'content-security-policy': "default-src 'none'",
      'content-type': 'application/json; charset=utf-8',
      date: 'Tue, 21 Mar 2023 14:04:40 GMT',
      'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
      server: 'GitHub.com',
      'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
      vary: 'Accept-Encoding, Accept, X-Requested-With',
      'x-content-type-options': 'nosniff',
      'x-frame-options': 'deny',
      'x-github-api-version-selected': '2022-11-28',
      'x-github-media-type': 'github.v3; format=json',
      'x-github-request-id': '0BC0:4[7](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:8)[8](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:9)0:446B588:8D03B8D:641[9](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:10)B978',
      'x-ratelimit-limit': '[10](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:11)00',
      'x-ratelimit-remaining': '997',
      'x-ratelimit-reset': '1679410872',
      'x-ratelimit-resource': 'core',
      'x-ratelimit-used': '3',
      'x-xss-protection': '0'
    },
    data: {
      message: 'Validation Failed',
      errors: [Array],
      documentation_url: 'https://docs.github.com/rest/reference/pulls#create-a-review-comment-for-a-pull-request'
    }
  },
  request: {
    method: 'POST',
    url: 'https://api.github.com/repos/BlueWaveFinanceGroup/SMP/pulls/5130/comments',
    headers: {
      accept: 'application/vnd.github.v3+json',
      'user-agent': 'octokit-action.js/4.0.4 octokit-core.js/4.0.4 Node.js/16.16.0 (linux; x64)',
      authorization: 'token [REDACTED]',
      'content-type': 'application/json; charset=utf-8'
    },
    body: '{"commit_id":"7989e6c4761bfdc2e462b838d69f69cf399fcaef","path":"force-app/main/default/classes/APICredentialSelector.cls","start_line":6,"start_side":"RIGHT","side":"RIGHT","line":18,"body":"| Engine | Category | Rule | Severity | Type | Message | File |\\n  | --- | --- | --- | --- | --- | --- | --- |\\n| pmd-custom | Documentation | ApexDoc | 3 | Warning | [Missing ApexDoc @description](https://pmd.github.io/pmd-6.54.0/pmd_rules_apex_documentation.html#apexdoc) | [force-app/main/default/classes/APICredentialSelector.cls](../tree/7989e6c4761bfdc2e462b838d69f69cf399fcaef/force-app/main/default/classes/APICredentialSelector.cls) |"}',
    request: { agent: [ProxyAgent], hook: [Function: bound bound register] }
  }
}
node:internal/process/promises:279
            triggerUncaughtException(err, true /* fromPromise */);
            ^

RequestError [HttpError]: Validation Failed: {"resource":"PullRequestReviewComment","code":"custom","field":"pull_request_review_thread.start_line","message":"pull_request_review_thread.start_line must be part of the same hunk as the line."}
    at /home/runner/work/_actions/mitchspano/sfdx-scan-pull-request/main/dist/index.js:1:2189[11](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:12)
    at processTicksAndRejections (node:internal/process/task_queues:96:5) {
  status: 422,
  response: {
    url: 'https://api.github.com/repos/BlueWaveFinanceGroup/SMP/pulls/5[13](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:14)0/comments',
    status: 422,
    headers: {
      'access-control-allow-origin': '*',
      'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',
      connection: 'close',
      'content-length': '349',
      'content-security-policy': "default-src 'none'",
      'content-type': 'application/json; charset=utf-8',
      date: 'Tue, 21 Mar 2023 [14](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:15):04:40 GMT',
      'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
      server: 'GitHub.com',
      'strict-transport-security': 'max-age=3[15](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:16)36000; includeSubdomains; preload',
      vary: 'Accept-Encoding, Accept, X-Requested-With',
      'x-content-type-options': 'nosniff',
      'x-frame-options': 'deny',
      'x-github-api-version-selected': '2022-11-28',
      'x-github-media-type': 'github.v3; format=json',
      'x-github-request-id': '0BC0:4780:446B588:8D03B8D:6419B978',
      'x-ratelimit-limit': '1000',
      'x-ratelimit-remaining': '997',
      'x-ratelimit-reset': '[16](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:17)79410872',
      'x-ratelimit-resource': 'core',
      'x-ratelimit-used': '3',
      'x-xss-protection': '0'
    },
    data: {
      message: 'Validation Failed',
      errors: [
        {
          resource: 'PullRequestReviewComment',
          code: 'custom',
          field: 'pull_request_review_thread.start_line',
          message: 'pull_request_review_thread.start_line must be part of the same hunk as the line.'
        }
      ],
      documentation_url: 'https://docs.github.com/rest/reference/pulls#create-a-review-comment-for-a-pull-request'
    }
  },
  request: {
    method: 'POST',
    url: 'https://api.github.com/repos/BlueWaveFinanceGroup/SMP/pulls/5130/comments',
    headers: {
      accept: 'application/vnd.github.v3+json',
      'user-agent': 'octokit-action.js/4.0.4 octokit-core.js/4.0.4 Node.js/16.16.0 (linux; x64)',
      authorization: 'token [REDACTED]',
      'content-type': 'application/json; charset=utf-8'
    },
    body: '{"commit_id":"7989e6c4761bfdc2e462b838d69f69cf399fcaef","path":"force-app/main/default/classes/APICredentialSelector.cls","start_line":6,"start_side":"RIGHT","side":"RIGHT","line":[18](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:19),"body":"| Engine | Category | Rule | Severity | Type | Message | File |\\n  | --- | --- | --- | --- | --- | --- | --- |\\n| pmd-custom | Documentation | ApexDoc | 3 | Warning | [Missing ApexDoc @description](https://pmd.github.io/pmd-6.54.0/pmd_rules_apex_documentation.html#apexdoc) | [force-app/main/default/classes/APICredentialSelector.cls](../tree/7989e6c4761bfdc2e462b8[38](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:39)d69f69cf[39](https://github.com/BlueWaveFinanceGroup/SMP/actions/runs/4479889976/jobs/7874448585?pr=5130#step:4:40)9fcaef/force-app/main/default/classes/APICredentialSelector.cls) |"}',
    request: {
      agent: ProxyAgent { promisifiedCallback: [Function (anonymous)] },
      hook: [Function: bound bound register]
    }
  }
}

Mitch Spano · Answer 6 · Wed Mar 22 2023 09:38:05 GMT+0800 (China Standard Time)

There is a lot of confusing stuff going on in these examples you have provided:

Files outside of the scope of the pull request
Incorrectly formatted line numbers
Improper relationship between start and end lines

This one is really making me scratch my head - I don't know how these issues are possible to arise with the state of the action. Is it possible for you to share a screenshot of the pull request and the terminal output of the git diff between the commit of the dev-uat branch and the feature/pipeline-inspection branch?

Jeff Battles · Answer 7 · Thu Mar 23 2023 08:37:09 GMT+0800 (China Standard Time)

Sure. If it helps, the workflow we use is to create a feature branch out of main. We open PR's to merge the feature branch into dev-uat which is when the scanner runs.

Just to be safe, I made a new PR with only one file changed. Here's a screenshot of the changed files:

Here's a git diff between the sfdx-scan-test and dev-uat branch. Note that there are other files showing up because there are commits in dev-uat that aren't in the sfdx-scan-test branch. I didn't include all of these files in the screen shot - none of them are Apex classes.

I ran the scan again, this time receiving a different error. It looks like main has been updated with a new version which explains the different error. Here's the complete log:
logs_1343.zip

I also tried using v0.1.8 and encountered the same error as last time. Hope this helps - let me know if I can share anything else. Also, this isn't that urgent for us - we're doing fine using v0.1.7.

Mitch Spano · Answer 8 · Sat Mar 25 2023 14:10:53 GMT+0800 (China Standard Time)

Hey there @jbatt08, I have resolved a lot of the scope issues with the previous 0.1.8 (which was deleted) and re-released a new v0.1.8 with improved logging, error handling, and scope identification. Let me know if you are able to use this new version.

Jeff Battles · Answer 9 · Mon Mar 27 2023 22:21:52 GMT+0800 (China Standard Time)

Hey @mitchspano - I was able to try the new v0.1.8 and I think the issue is that the latest version of the action uses a two-dot git diff and it previously used three-dot diff (and some quirks in our git workflow).

If I create a feature branch from main, change a file and open a PR into a uat branch, the only difference I see in GitHub is that one file (plus the action change), because GitHub uses a three dot comparison:
.

If I run the three dot comparison, I see the same files:

.

But if I run a two dot comparison, I see more files:

The action uses the two dot comparison and files fails trying to write a comment to one of the files that shows up as changed in the two dot git diff:

If I create a feature branch out of our uat branch, change the same file and open a PR, I still see the same file change:

The two dot git diff reports the same files as GitHub:

And the action completes successfully:

Jeff Battles · Answer 10 · Tue Apr 04 2023 04:51:48 GMT+0800 (China Standard Time)

Hey @mitchspano - #43 fixed the issue. Thanks for your help with this, and for building and maintaining this action!