Code of Conduct
What article on docs.github.com is affected?
https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning
What part(s) of the article would you like to see updated?
Uploading code scanning data to GitHub
Says:
GitHub can display code analysis data generated externally by a third-party tool. You can upload code analysis data with the upload-sarif action. For more information, see Uploading a SARIF file to GitHub.
It doesn't say anything about exit codes for such workflows.
(It doesn't link to the upload-sarif action, which may be for the best as using that will delay workflows by 6 seconds. -- The action is intentionally not listed in the GitHub Marketplace unlike, e.g. checkout.)
Additional information
Normally if you want to prevent a pull request from being merged, you'd have your workflow "fail" triggering an ❌.
But, if you do that for a workflow that submits sarifs (at least using some of the apis, especially the github/codeql-action/upload-sarif), then you'll get:
And the status link goes to:
Code of Conduct
What article on docs.github.com is affected?
https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning
What part(s) of the article would you like to see updated?
Uploading code scanning data to GitHub
Says:
It doesn't say anything about exit codes for such workflows.
(It doesn't link to the
upload-sarif action, which may be for the best as using that will delay workflows by 6 seconds. -- The action is intentionally not listed in the GitHub Marketplace unlike, e.g. checkout.)Additional information
Normally if you want to prevent a pull request from being merged, you'd have your workflow "fail" triggering an ❌.
But, if you do that for a workflow that submits sarifs (at least using some of the apis, especially the github/codeql-action/upload-sarif), then you'll get:
And the status link goes to:
