Brakeman: return a zero status code if any warnings are found #1559
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Brakeman returns a non-zero status code when there are warnings found or errors during the scan. In 9fc187b, we allowed the GitHub Action to continue on error, so that the warning/error would be uploaded to GitHub code scanning. However the non-zero status code still gets written to the GitHub Action output. This led to confusion in alphagov/asset-manager#1583 as we thought the error meant brakeman did not complete properly, when in fact it did but was only returning that code because a code scanning warning had been found. Therefore updating the brakeman configuration to report a zero status code when a warning or error is found. This means we can remove the previous change, as any completed run will not return a non-zero status code. This will also stop the non-zero code causing confusion in the GitHub Actions output.
6f515f0 to
a4e5e9a
Compare
theseanything
approved these changes
Jan 3, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Brakeman returns a non-zero status code when there are warnings found or errors during the scan.
In 9fc187b, we allowed the GitHub Action to continue on error, so that the warning/error would be uploaded to GitHub code scanning.
However the non-zero status code still gets written to the GitHub Action output. This led to confusion in
alphagov/asset-manager#1583 as we thought the error meant brakeman did not complete properly, when in fact it did but was only returning that code because a code scanning warning had been found.
Therefore updating the brakeman configuration to report a zero status code when a warning or error is found. This means we can remove the previous change, as any completed run will not return a non-zero status code. This will also stop the non-zero code causing confusion in the GitHub Actions output.
Trello card