Skip to content

Upgrade CodeQL to V4: Fix 10 CodeQL Analysis Warnings and Errors#3770

Merged
gladjohn merged 2 commits intomasterfrom
reyap/codeql
Apr 6, 2026
Merged

Upgrade CodeQL to V4: Fix 10 CodeQL Analysis Warnings and Errors#3770
gladjohn merged 2 commits intomasterfrom
reyap/codeql

Conversation

@reginayap8
Copy link
Copy Markdown
Contributor

@reginayap8 reginayap8 commented Apr 3, 2026
edited
Loading

Upgrade Pipeline Job Init@V4 to Fix 10 CodeQL Warnings and Errors in CodeQL Analysis

  • You've read the Contributor Guide and Code of Conduct.
  • You've included unit or integration tests for your change, where applicable.
  • You've included inline docs for your change, where applicable.
  • There's an open issue for the PR that you are making. If you'd like to propose a new feature or change, please open an issue to discuss the change or find an existing issue.

Summary of the changes (Less than 80 chars)

Description

Fix 10 CodeQL warnings in the pipeline analysis by setting the Github API permissions.

Solution: Add the following permissions in yaml file since they were missing and causing the pipeline check to fail.

  • Upgrade CodeQL pipeline step from V3 to V4
  • security-events: write — lets the action upload SARIF results and fetch feature flags from GitHub's API, which resolves the fallback warning.
  • actions: read — allows the action to read its own feature flag configuration.
  • contents: read — explicitly grants repo content access (best practice when listing multiple permissions).

Pipeline link to warnings
Link: https://github.com/AzureAD/microsoft-identity-web/actions/runs/23922732183

image

Fixes #{bug number} (in this specific format)

reginayap8 and others added 2 commits April 3, 2026 11:26
@reginayap8
Fix some Code ql errors
b250649
@reginayap8
fix: update CodeQL actions to v4 and fix permissions
c732692 
- Upgrade codeql-action/init and codeql-action/analyze from v3 to v4
  to resolve Node.js 20 deprecation warning
- Update permissions: security-events to write, add actions: read
  and contents: read to resolve feature flags CLI version warning
- Update commented autobuild reference from v2 to v4 for consistency

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@reginayap8 reginayap8 requested a review from a team as a code owner April 3, 2026 18:59
@reginayap8 reginayap8 changed the title Fix 10 CodeQL Analysis Warnings and Errors Upgrade CodeQL to V4: Fix 10 CodeQL Analysis Warnings and Errors Apr 3, 2026
@gladjohn gladjohn merged commit 83e7934 into master Apr 6, 2026
4 checks passed
@gladjohn gladjohn deleted the reyap/codeql branch April 6, 2026 18:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pmaytak pmaytak pmaytak approved these changes

@neha-bhargava neha-bhargava neha-bhargava approved these changes

@gladjohn gladjohn gladjohn approved these changes

Assignees

@neha-bhargava neha-bhargava

@gladjohn gladjohn

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@reginayap8 @pmaytak @neha-bhargava @gladjohn