Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Duplicate CodeReviewID in results.sarif #1094

Closed
bdehamer opened this issue Feb 21, 2023 · 4 comments
Closed

Duplicate CodeReviewID in results.sarif #1094

bdehamer opened this issue Feb 21, 2023 · 4 comments

Comments

@bdehamer
Copy link

Similar to the issue raised in #1076, I'm getting a duplicate CodeReviewID in the generated "results.sarif" which is causing the following error:

Error: Unable to upload "results.sarif" as it is not valid SARIF:
- instance.runs[2].tool.driver.rules contains duplicate item
Error: Unable to upload "results.sarif" as it is not valid SARIF:
- instance.runs[2].tool.driver.rules contains duplicate item
    at validateSarifFileSchema (/home/runner/work/_actions/github/codeql-action/17573ee1cc1b9d061760f3a006fc4aac4f944fd5/lib/upload-lib.js:193:15)
    at uploadFiles (/home/runner/work/_actions/github/codeql-action/17573ee1cc1b9d061760f3a006fc4aac4f944fd5/lib/upload-lib.js:242:9)
    at Object.uploadFromActions (/home/runner/work/_actions/github/codeql-action/17573ee1cc1b9d061760f3a006fc4aac4f944fd5/lib/upload-lib.js:136:18)
    at async run (/home/runner/work/_actions/github/codeql-action/17573ee1cc1b9d061760f3a006fc4aac4f944fd5/lib/upload-sarif-action.js:48:30)
    at async runWrapper (/home/runner/work/_actions/github/codeql-action/17573ee1cc1b9d061760f3a006fc4aac4f944fd5/lib/upload-sarif-action.js:70:9)

Here is the most recent run which shows the error:
https://github.com/sigstore/sigstore-js/actions/runs/4235368692/jobs/7358888663

I also added and triggered the debugging workflow suggested by @laurentsimon which you can see here:
https://github.com/sigstore/sigstore-js/actions/runs/4235377783
@laurentsimon laurentsimon mentioned this issue Feb 21, 2023
Closed
@laurentsimon
Copy link
Contributor

laurentsimon commented Feb 21, 2023
edited

Thanks, I have crated ossf/scorecard#2686 to track this issue. It seems to be an issue in the main scorecard code.

@spencerschrock spencerschrock mentioned this issue Mar 15, 2023
Merged
2 tasks
@akashsinghal
Copy link

@spencerschrock @laurentsimon is there a timeline when we can expect the next release?

@spencerschrock
Copy link
Contributor

@spencerschrock @laurentsimon is there a timeline when we can expect the next release?

We discussed this in a sync earlier today. My plan is within the next week (if all goes well) to give us time to bump our scorecard version and let our e2e tests run for a few days.

@spencerschrock
Copy link
Contributor

v2.1.3 has been released which has this fix.

@spencerschrock spencerschrock mentioned this issue Feb 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bdehamer @spencerschrock @akashsinghal @laurentsimon