Skip to main content

警告:“此工作流检测到 1 个问题:不再需要 git checkout HEAD^2”

如果看到此警告,应更新工作流以遵循当前的最佳做法。

如果您使用的是旧 CodeQL 工作流程,您可能会在输出中收到来自“初始化 CodeQL”操作的以下警告:

Warning: 1 issue was detected with this workflow: git checkout HEAD^2 is no longer
necessary. Please remove this step as Code Scanning recommends analyzing the merge
commit for best results.

通过从 CodeQL 工作流程中删除以下行来修复此问题。 这些行包含在 CodeQL 工作流初始版本中 Analyze 作业的 steps 部分。

        with:
          # We must fetch at least the immediate parents so that if this is
          # a pull request then we can checkout the head.
          fetch-depth: 2

      # If this run was triggered by a pull request event, then checkout
      # the head of the pull request instead of the merge commit.
      - run: git checkout HEAD^2
        if: ${{ github.event_name == 'pull_request' }}

修改后的工作流的 steps 部分将如下所示:

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v2

      ...

有关编辑 CodeQL 工作流文件的详细信息,请参阅“自定义 代码扫描的高级设置”。