fix(ci): repair the two standing red checks (codeql version split + stale hypatia pin)#679
Merged
Merged
Conversation
…sion split + stale hypatia reusable pin Every PR has carried two red checks: 1. `analyze (actions, none)` (CodeQL — a REQUIRED check per the workflow's own comment): dependabot #670/#673 bumped `analyze`/`upload-sarif` to v4.36.3 (54f647b7) but left `init` at v4.36.2 (8aad20d1). The init step writes a config the newer analyze rejects: "Loaded a configuration file for version '4.36.2', but running 4.36.3" Fix: align `init` to the same v4.36.3 SHA. Also corrected the drifted "# v3.28.1" comments to the SHA's real version (comment said v3.28.1, SHA was v4.36.x — the drift is what hid the split). 2. `hypatia / Hypatia Neurosymbolic Analysis`: the wrapper pinned the standards reusable at d135b05 — the known estate CI-red master-cause pin. The reusable was fixed upstream in standards #428 (GITHUB_TOKEN), #441 (un-stale scanner cache — our exact "Cache not found ... exit 1" symptom), #445, #453. Fix: bump the pin to 5fa7a834e (#453), the latest commit touching the reusable. Workflow-file change: pushed via WSL gh (workflow scope present). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.



Problem — every PR carries two red checks
analyze (actions, none)— CodeQL, and per the workflow's own comment a required check:Root cause: dependabot ci: bump github/codeql-action/analyze from 4.36.2 to 4.36.3 #670/ci: bump github/codeql-action/upload-sarif from 4.36.2 to 4.36.3 #673 bumped
analyze/upload-sarifto v4.36.3 (54f647b7) but leftinitat v4.36.2 (8aad20d1) — a partial bump (dependabot treats init/analyze as separate actions). init writes a config the newer analyze rejects. The stale# v3.28.1comments hid the split.hypatia / Hypatia Neurosymbolic Analysis—Cache not found for input keys: hypatia-scanner-v2-… → exit 1.Root cause: the wrapper pinned the standards reusable at
d135b05— the known estate CI-red master-cause pin. Fixed upstream in standards fix(ci): walker Js.Exn catch-arm detection + vscode E2E false-positive (closes #426) #428 (GITHUB_TOKEN), Docs/bindings roadmap top50 #441 (un-stale scanner cache — our exact symptom), feat(stdlib): Deno scripting surface — walk/args/exit/iso/regex/stderr (step #242) #445, [#446 STEP 2] Tier 4 — backend / cloud (10 bindings) #453.Fix (2 files, 3 lines)
codeql.yml:init→54f647b7 # v4.36.3(same SHA as analyze); comments corrected to the SHAs' real version.hypatia-scan.yml: reusable pind135b05→5fa7a834e([#446 STEP 2] Tier 4 — backend / cloud (10 bindings) #453, latest commit touching the reusable).YAML validated. This PR's own check run is the live test —
analyze (actions, none)andhypatiashould both go green here.🤖 Generated with Claude Code