Skip to content

CodeQL Advanced

CodeQL Advanced #190

Triggered via schedule May 22, 2024 19:15
Status Success
Total duration 4m 27s
Artifacts

codeql-analysis.yml

on: schedule
Matrix: Analyze
Fit to window
Zoom out
Zoom in

Annotations

2 errors and 13 warnings
Analyze (csharp)
This version of the CodeQL Action was deprecated on January 18th, 2023, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/
Analyze (csharp)
This version of the CodeQL Action was deprecated on January 18th, 2023, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/
Analyze (csharp)
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/setup-dotnet@v1, actions/checkout@v2, github/codeql-action/init@v1, github/codeql-action/analyze@v1. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
Analyze (csharp)
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/setup-dotnet@v1, actions/checkout@v2, github/codeql-action/init@v1, github/codeql-action/analyze@v1. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
Analyze (csharp)
1 issue was detected with this workflow: git checkout HEAD^2 is no longer necessary. Please remove this step as Code Scanning recommends analyzing the merge commit for best results.
Analyze (csharp): CompatBot/Commands/Sudo.cs#L137
'ILoggerBase.Factory' is obsolete: 'Factory-property is hard to mock for ILogger-interface. Instead use Logger.Factory. Marked obsolete with NLog v5.3'
Analyze (csharp): CompatBot/Commands/Sudo.Bot.cs#L251
'ILoggerBase.Factory' is obsolete: 'Factory-property is hard to mock for ILogger-interface. Instead use Logger.Factory. Marked obsolete with NLog v5.3'
Analyze (csharp): CompatBot/EventHandlers/LogParsing/ArchiveHandlers/ZipHandler.cs#L44
Dereference of a possibly null reference.
Analyze (csharp): CompatBot/EventHandlers/LogParsing/ArchiveHandlers/SevenZipHandler.cs#L43
Dereference of a possibly null reference.
Analyze (csharp): CompatBot/EventHandlers/LogParsing/ArchiveHandlers/RarHandler.cs#L43
Dereference of a possibly null reference.
Analyze (csharp): CompatBot/Utils/Extensions/AzureDevOpsClientExtensions.cs#L221
Dereference of a possibly null reference.
Analyze (csharp): CompatBot/Utils/Extensions/AzureDevOpsClientExtensions.cs#L251
Dereference of a possibly null reference.
Analyze (csharp): CompatBot/Utils/Extensions/AzureDevOpsClientExtensions.cs#L278
Dereference of a possibly null reference.
Analyze (csharp): CompatBot/Database/DbImporter.cs#L78
Method 'ExecuteSqlRawAsync' inserts interpolated strings directly into the SQL, without any protection against SQL injection. Consider using 'ExecuteSqlAsync' instead, which protects against SQL injection, or make sure that the value is sanitized and suppress the warning.
Analyze (csharp): CompatBot/Database/DbImporter.cs#L79
Method 'ExecuteSqlRawAsync' inserts interpolated strings directly into the SQL, without any protection against SQL injection. Consider using 'ExecuteSqlAsync' instead, which protects against SQL injection, or make sure that the value is sanitized and suppress the warning.