Skip to content

CodeQL

CodeQL #555

Triggered via schedule December 5, 2023 05:04
Status Success
Total duration 2m 52s
Artifacts

codeql-analysis.yml

on: schedule
Fit to window
Zoom out
Zoom in

Annotations

2 errors and 12 warnings
CodeQL-Build
This version of the CodeQL Action was deprecated on January 18th, 2023, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/
CodeQL-Build
This version of the CodeQL Action was deprecated on January 18th, 2023, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/
CodeQL-Build
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2, actions/setup-dotnet@v1, github/codeql-action/init@v1, github/codeql-action/analyze@v1. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
CodeQL-Build
1 issue was detected with this workflow: Using on.push.paths can prevent Code Scanning annotating new alerts in your pull requests.
CodeQL-Build: src/Shared/Model/Repository.cs#L138
'Repository.WatchersCount' is obsolete: 'WatchersCount returns the same data as StargazersCount. You are likely looking to use SubscribersCount. Update your code to use SubscribersCount, as this field will stop containing data in the future'
CodeQL-Build: src/Shared/PackageManagers/CargoProjectManager.cs#L51
This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread.
CodeQL-Build: src/Shared/PackageManagers/CargoProjectManager.cs#L62
This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread.
CodeQL-Build: src/Shared/PackageManagers/CargoProjectManager.cs#L88
Possible null reference argument for parameter 'purl' in 'IAsyncEnumerable<ArtifactUri<CargoArtifactType>> CargoProjectManager.GetArtifactDownloadUrisAsync(PackageURL purl, bool useCache = true)'.
CodeQL-Build: src/Shared/PackageManagers/CocoapodsProjectManager.cs#L177
Dereference of a possibly null reference.
CodeQL-Build: src/Shared/PackageManagers/CocoapodsProjectManager.cs#L177
Possible null reference argument for parameter 'item' in 'void List<string>.Add(string item)'.
CodeQL-Build: src/Shared/PackageManagers/PyPIProjectManager.cs#L65
Possible null reference argument for parameter 's' in 'DateTime DateTime.Parse(string s)'.
CodeQL-Build: src/Shared/PackageManagers/PyPIProjectManager.cs#L69
Possible null reference argument for parameter 'uri' in 'ArtifactUri<PyPIArtifactType>.ArtifactUri(PyPIArtifactType type, string uri, DateTime? uploadTime = null)'.
CodeQL-Build: src/Shared/PackageManagers/PyPIProjectManager.cs#L74
Possible null reference argument for parameter 'uri' in 'ArtifactUri<PyPIArtifactType>.ArtifactUri(PyPIArtifactType type, string uri, DateTime? uploadTime = null)'.
CodeQL-Build: src/Shared/PackageManagers/NuGetProjectManager.cs#L56
This async method lacks 'await' operators and will run synchronously. Consider using the 'await' operator to await non-blocking API calls, or 'await Task.Run(...)' to do CPU-bound work on a background thread.