severity-threshold parameter is working in a wrong way
Yurii-Zakharov opened this issue · comments
Current condition check if violation.severity is equal or greater then inputs.severityThreshold from numbers perspective, but what we want is to check from severity perspective.
Severity perspective
1-5 where
1 - highest
5 - lowest
https://docs.pmd-code.org/pmd-doc-6.55.0/pmd_userdocs_configuring_rules.html#message-and-priority-overriding
In version v0.1.10
- We set inputs.severityThreshold = 2 which means we want to throw error when severity is 2 or greater (1).
- We run scan and violation.severity = 3 appears.
- Next conditions is checked (inputs.severityThreshold <= violation.severity) -> True
- Error is thrown. But it is not what we wanted. 2 is less then 3 from numbers meaning, but from severity perspective it is greater.
How it should be
- We set inputs.severityThreshold = 2 which means we want to throw error when severity is 2 or greater (1).
- We run scan and violation.severity = 3 appears.
- Next conditions is checked (inputs.severityThreshold >= violation.severity) -> False
- Continue without error. It is what we wanted. 2 is greater then 3 from from severity perspective.
The same way sfdx scanner plugin is working. While stating:
-s, --severity-threshold=_severity-threshold_
Throws an error when violations are found with equal or greater severity than the provided value.
They consider this severity perspective.
https://forcedotcom.github.io/sfdx-scanner/en/v3.x/scanner-commands/run/
Please check my PR with fix #52
It is working correctly in my Actions workflow with next configurations:
- name: Run SFDX Scanner - Report findings as annotations
uses: Yurii-Zakharov/sfdx-scan-pull-request@fixSeverityCondition
with:
engine: pmd
severity-threshold: 1
report-mode: check-runs
pmdconfig: sfdx-scanner/my-ruleset-pmd.xml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Error is thrown only for P1 violations