diff --git a/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpAutobuilder.cs b/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpAutobuilder.cs
index ed2ed4013ef..92c615419cc 100644
--- a/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpAutobuilder.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpAutobuilder.cs
@@ -104,7 +104,7 @@ namespace Semmle.Autobuild.CSharp
markdownMessage:
"CodeQL found multiple potential build scripts for your project and " +
$"attempted to run `{relScriptPath}`, which failed. " +
- "This may not be the right build script for your project. " +
+ "This may not be the right build script for your project.\n\n" +
$"Set up a [manual build command]({buildCommandDocsUrl})."
) :
new(
@@ -113,7 +113,7 @@ namespace Semmle.Autobuild.CSharp
"Unable to build project using build script",
markdownMessage:
"CodeQL attempted to build your project using a script located at " +
- $"`{relScriptPath}`, which failed. " +
+ $"`{relScriptPath}`, which failed.\n\n" +
$"Set up a [manual build command]({buildCommandDocsUrl})."
);
@@ -135,7 +135,7 @@ namespace Semmle.Autobuild.CSharp
"no-projects-or-solutions",
"No project or solutions files found",
markdownMessage:
- "CodeQL could not find any project or solution files in your repository. " +
+ "CodeQL could not find any project or solution files in your repository.\n\n" +
$"Set up a [manual build command]({buildCommandDocsUrl})."
));
}
diff --git a/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpDiagnosticClassifier.cs b/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpDiagnosticClassifier.cs
index e72c46ff361..821ad3222e1 100644
--- a/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpDiagnosticClassifier.cs
+++ b/csharp/autobuilder/Semmle.Autobuild.CSharp/CSharpDiagnosticClassifier.cs
@@ -84,8 +84,8 @@ namespace Semmle.Autobuild.CSharp
This may lead to subsequent failures. You can check for common causes for missing project files:
- Ensure that the project is built using the {runsOnDocsUrl.ToMarkdownLink("intended operating system")} and that filenames on case-sensitive platforms are correctly specified.
- - If your repository uses Git submodules, ensure that those are {checkoutDocsUrl.ToMarkdownLink("checked out")} before the CodeQL action is run.
- - If you auto-generate some project files as part of your build process, ensure that these are generated before the CodeQL action is run.
+ - If your repository uses Git submodules, ensure that those are {checkoutDocsUrl.ToMarkdownLink("checked out")} before the CodeQL Action is run.
+ - If you auto-generate some project files as part of your build process, ensure that these are generated before the CodeQL Action is run.
"""
);
}
diff --git a/csharp/extractor/Semmle.Util/ToolStatusPage.cs b/csharp/extractor/Semmle.Util/ToolStatusPage.cs
index d71ad876e1b..a3f8297e844 100644
--- a/csharp/extractor/Semmle.Util/ToolStatusPage.cs
+++ b/csharp/extractor/Semmle.Util/ToolStatusPage.cs
@@ -151,7 +151,7 @@ namespace Semmle.Util
///
public bool Internal { get; }
public TspVisibility Visibility { get; }
- public TspLocation Location { get; }
+ public TspLocation? Location { get; }
///
/// Structured metadata about the diagnostic message.
///
@@ -173,7 +173,7 @@ namespace Semmle.Util
this.Attributes = new Dictionary();
this.Severity = severity;
this.Visibility = visibility ?? TspVisibility.All;
- this.Location = location ?? new TspLocation();
+ this.Location = location;
this.Internal = intrnl ?? false;
this.MarkdownMessage = markdownMessage;
this.PlaintextMessage = plaintextMessage;
diff --git a/csharp/ql/integration-tests/all-platforms/diag_dotnet_incompatible/diagnostics.expected b/csharp/ql/integration-tests/all-platforms/diag_dotnet_incompatible/diagnostics.expected
index 91a9bbbb267..689ddcc3652 100644
--- a/csharp/ql/integration-tests/all-platforms/diag_dotnet_incompatible/diagnostics.expected
+++ b/csharp/ql/integration-tests/all-platforms/diag_dotnet_incompatible/diagnostics.expected
@@ -2,7 +2,6 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
"markdownMessage": "CodeQL found some projects which cannot be built with .NET Core:\n\n- `test.csproj`",
"severity": "warning",
"source": {
@@ -20,7 +19,6 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
"markdownMessage": "CodeQL was unable to build the following projects using MSBuild:\n\n- `test.csproj`\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
diff --git a/csharp/ql/integration-tests/all-platforms/diag_missing_project_files/diagnostics.expected b/csharp/ql/integration-tests/all-platforms/diag_missing_project_files/diagnostics.expected
index da2b3d93941..6eca0003987 100644
--- a/csharp/ql/integration-tests/all-platforms/diag_missing_project_files/diagnostics.expected
+++ b/csharp/ql/integration-tests/all-platforms/diag_missing_project_files/diagnostics.expected
@@ -2,7 +2,6 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
"markdownMessage": "CodeQL was unable to build the following projects using MSBuild:\n\n- `test.sln`\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
@@ -20,8 +19,7 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
- "markdownMessage": "Some project files were not found when CodeQL built your project:\n\n- `Example.csproj`\n- `Example.Test.csproj`\n\nThis may lead to subsequent failures. You can check for common causes for missing project files:\n\n- Ensure that the project is built using the [intended operating system](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idruns-on) and that filenames on case-sensitive platforms are correctly specified.\n- If your repository uses Git submodules, ensure that those are [checked out](https://github.com/actions/checkout#usage) before the CodeQL action is run.\n- If you auto-generate some project files as part of your build process, ensure that these are generated before the CodeQL action is run.",
+ "markdownMessage": "Some project files were not found when CodeQL built your project:\n\n- `Example.csproj`\n- `Example.Test.csproj`\n\nThis may lead to subsequent failures. You can check for common causes for missing project files:\n\n- Ensure that the project is built using the [intended operating system](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idruns-on) and that filenames on case-sensitive platforms are correctly specified.\n- If your repository uses Git submodules, ensure that those are [checked out](https://github.com/actions/checkout#usage) before the CodeQL Action is run.\n- If you auto-generate some project files as part of your build process, ensure that these are generated before the CodeQL Action is run.",
"severity": "error",
"source": {
"extractorName": "csharp",
diff --git a/csharp/ql/integration-tests/all-platforms/diag_missing_xamarin_sdk/diagnostics.expected b/csharp/ql/integration-tests/all-platforms/diag_missing_xamarin_sdk/diagnostics.expected
index 0becfa08cee..0825ee8ae85 100644
--- a/csharp/ql/integration-tests/all-platforms/diag_missing_xamarin_sdk/diagnostics.expected
+++ b/csharp/ql/integration-tests/all-platforms/diag_missing_xamarin_sdk/diagnostics.expected
@@ -2,7 +2,6 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
"markdownMessage": "CodeQL was unable to build the following projects using .NET Core:\n\n- `test.csproj`\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
@@ -20,7 +19,6 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
"markdownMessage": "CodeQL was unable to build the following projects using MSBuild:\n\n- `test.csproj`\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
@@ -38,7 +36,6 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
"markdownMessage": "[Configure your workflow](https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-xamarin-applications) for this SDK before running CodeQL.",
"severity": "error",
"source": {
diff --git a/csharp/ql/integration-tests/posix-only/diag_autobuild_script/diagnostics.expected b/csharp/ql/integration-tests/posix-only/diag_autobuild_script/diagnostics.expected
index 6fe50ccfa5b..129675517a6 100644
--- a/csharp/ql/integration-tests/posix-only/diag_autobuild_script/diagnostics.expected
+++ b/csharp/ql/integration-tests/posix-only/diag_autobuild_script/diagnostics.expected
@@ -2,8 +2,7 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
- "markdownMessage": "CodeQL attempted to build your project using a script located at `build.sh`, which failed. Set up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
+ "markdownMessage": "CodeQL attempted to build your project using a script located at `build.sh`, which failed.\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
"extractorName": "csharp",
@@ -20,8 +19,7 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
- "markdownMessage": "CodeQL could not find any project or solution files in your repository. Set up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
+ "markdownMessage": "CodeQL could not find any project or solution files in your repository.\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
"extractorName": "csharp",
diff --git a/csharp/ql/integration-tests/posix-only/diag_multiple_scripts/diagnostics.expected b/csharp/ql/integration-tests/posix-only/diag_multiple_scripts/diagnostics.expected
index 5ba4bc963eb..4e6b5823018 100644
--- a/csharp/ql/integration-tests/posix-only/diag_multiple_scripts/diagnostics.expected
+++ b/csharp/ql/integration-tests/posix-only/diag_multiple_scripts/diagnostics.expected
@@ -2,8 +2,7 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
- "markdownMessage": "CodeQL could not find any project or solution files in your repository. Set up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
+ "markdownMessage": "CodeQL could not find any project or solution files in your repository.\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
"extractorName": "csharp",
@@ -20,8 +19,7 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
- "markdownMessage": "CodeQL found multiple potential build scripts for your project and attempted to run `build.sh`, which failed. This may not be the right build script for your project. Set up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
+ "markdownMessage": "CodeQL found multiple potential build scripts for your project and attempted to run `build.sh`, which failed. This may not be the right build script for your project.\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
"extractorName": "csharp",
diff --git a/csharp/ql/integration-tests/windows-only/diag_autobuild_script/diagnostics.expected b/csharp/ql/integration-tests/windows-only/diag_autobuild_script/diagnostics.expected
index 347e3d64342..6135496f878 100644
--- a/csharp/ql/integration-tests/windows-only/diag_autobuild_script/diagnostics.expected
+++ b/csharp/ql/integration-tests/windows-only/diag_autobuild_script/diagnostics.expected
@@ -2,8 +2,7 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
- "markdownMessage": "CodeQL attempted to build your project using a script located at `build.bat`, which failed. Set up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
+ "markdownMessage": "CodeQL attempted to build your project using a script located at `build.bat`, which failed.\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
"extractorName": "csharp",
@@ -20,8 +19,7 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
- "markdownMessage": "CodeQL could not find any project or solution files in your repository. Set up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
+ "markdownMessage": "CodeQL could not find any project or solution files in your repository.\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
"extractorName": "csharp",
diff --git a/csharp/ql/integration-tests/windows-only/diag_multiple_scripts/diagnostics.expected b/csharp/ql/integration-tests/windows-only/diag_multiple_scripts/diagnostics.expected
index 073ec0ba9c8..4e165ac11fc 100644
--- a/csharp/ql/integration-tests/windows-only/diag_multiple_scripts/diagnostics.expected
+++ b/csharp/ql/integration-tests/windows-only/diag_multiple_scripts/diagnostics.expected
@@ -2,8 +2,7 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
- "markdownMessage": "CodeQL could not find any project or solution files in your repository. Set up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
+ "markdownMessage": "CodeQL could not find any project or solution files in your repository.\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
"extractorName": "csharp",
@@ -20,8 +19,7 @@
"attributes": {},
"helpLinks": [],
"internal": false,
- "location": {},
- "markdownMessage": "CodeQL found multiple potential build scripts for your project and attempted to run `build.bat`, which failed. This may not be the right build script for your project. Set up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
+ "markdownMessage": "CodeQL found multiple potential build scripts for your project and attempted to run `build.bat`, which failed. This may not be the right build script for your project.\n\nSet up a [manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).",
"severity": "error",
"source": {
"extractorName": "csharp",
diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/android-gradle-incompatibility/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/diagnostics/android-gradle-incompatibility/diagnostics.expected
index 5446916799d..34d7835bf5e 100644
--- a/java/ql/integration-tests/all-platforms/java/diagnostics/android-gradle-incompatibility/diagnostics.expected
+++ b/java/ql/integration-tests/all-platforms/java/diagnostics/android-gradle-incompatibility/diagnostics.expected
@@ -1,5 +1,5 @@
{
- "markdownMessage": "An Android build may have failed. Ensure the Code Scanning workflow installs required dependencies, and that the [Gradle and Android SDK versions are compatible](https://developer.android.com/studio/releases/gradle-plugin#updating-gradle).\n\nSuspicious output line: ` > Minimum supported Gradle version is 7.4. Current version is 7.3. If using the gradle wrapper, try editing the distributionUrl in /gradle/wrapper/gradle-wrapper.properties to gradle-7.4-all.zip`",
+ "markdownMessage": "An Android build may have failed. Ensure the Code Scanning workflow installs required dependencies, and that the [Gradle and Android SDK versions are compatible](https://developer.android.com/studio/releases/gradle-plugin#updating-gradle).\n\nRelevant output line: ` > Minimum supported Gradle version is 7.4. Current version is 7.3. If using the gradle wrapper, try editing the distributionUrl in /gradle/wrapper/gradle-wrapper.properties to gradle-7.4-all.zip`",
"severity": "error",
"source": {
"extractorName": "java",
@@ -13,7 +13,7 @@
}
}
{
- "markdownMessage": "An Android build may have failed. Ensure the Code Scanning workflow installs required dependencies, and that the [Gradle and Android SDK versions are compatible](https://developer.android.com/studio/releases/gradle-plugin#updating-gradle).\n\nSuspicious output line: `Caused by: java.lang.RuntimeException: Minimum supported Gradle version is 7.4. Current version is 7.3. If using the gradle wrapper, try editing the distributionUrl in /gradle/wrapper/gradle-wrapper.properties to gradle-7.4-all.zip`",
+ "markdownMessage": "An Android build may have failed. Ensure the Code Scanning workflow installs required dependencies, and that the [Gradle and Android SDK versions are compatible](https://developer.android.com/studio/releases/gradle-plugin#updating-gradle).\n\nRelevant output line: `Caused by: java.lang.RuntimeException: Minimum supported Gradle version is 7.4. Current version is 7.3. If using the gradle wrapper, try editing the distributionUrl in /gradle/wrapper/gradle-wrapper.properties to gradle-7.4-all.zip`",
"severity": "error",
"source": {
"extractorName": "java",
diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/compilation-error/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/diagnostics/compilation-error/diagnostics.expected
index 34a7884823d..3d087084db0 100644
--- a/java/ql/integration-tests/all-platforms/java/diagnostics/compilation-error/diagnostics.expected
+++ b/java/ql/integration-tests/all-platforms/java/diagnostics/compilation-error/diagnostics.expected
@@ -1,5 +1,5 @@
{
- "markdownMessage": "A compilation error was observed while autobuilding your code. Check that your Code Scanning workflow installs the needed compiler version and dependencies.\n\nSuspicious output line: `[ERROR] COMPILATION ERROR : `",
+ "markdownMessage": "A compilation error was observed while autobuilding your code. Check that your Code Scanning workflow installs the needed compiler version and dependencies.\n\nRelevant output line: `[ERROR] COMPILATION ERROR : `",
"severity": "error",
"source": {
"extractorName": "java",
@@ -13,7 +13,7 @@
}
}
{
- "markdownMessage": "A compilation error was observed while autobuilding your code. Check that your Code Scanning workflow installs the needed compiler version and dependencies.\n\nSuspicious output line: `[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.0:compile (default-compile) on project maven-sample: Compilation failure`",
+ "markdownMessage": "A compilation error was observed while autobuilding your code. Check that your Code Scanning workflow installs the needed compiler version and dependencies.\n\nRelevant output line: `[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.0:compile (default-compile) on project maven-sample: Compilation failure`",
"severity": "error",
"source": {
"extractorName": "java",
@@ -27,7 +27,7 @@
}
}
{
- "markdownMessage": "A compilation error was observed while autobuilding your code. Check that your Code Scanning workflow installs the needed compiler version and dependencies.\n\nSuspicious output line: `org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.0:compile (default-compile) on project maven-sample: Compilation failure`",
+ "markdownMessage": "A compilation error was observed while autobuilding your code. Check that your Code Scanning workflow installs the needed compiler version and dependencies.\n\nRelevant output line: `org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.0:compile (default-compile) on project maven-sample: Compilation failure`",
"severity": "error",
"source": {
"extractorName": "java",
diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/dependency-error/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/diagnostics/dependency-error/diagnostics.expected
index fbb583581f2..d97eb904658 100644
--- a/java/ql/integration-tests/all-platforms/java/diagnostics/dependency-error/diagnostics.expected
+++ b/java/ql/integration-tests/all-platforms/java/diagnostics/dependency-error/diagnostics.expected
@@ -1,5 +1,5 @@
{
- "markdownMessage": "A dependency failed to download. Check that all dependencies are available, and [supply credentials for any private dependencies](https://github.com/Azure/actions-workflow-samples/blob/master/assets/create-secrets-for-GitHub-workflows.md#set-up-secrets-in-github-action-workflows).\n\nSuspicious output line: `Caused by: org.eclipse.aether.transfer.ArtifactNotFoundException: Could not find artifact junit:junit-nonesuch:jar:4.11 in central (https://repo.maven.apache.org/maven2)`",
+ "markdownMessage": "A dependency failed to download. Check that all dependencies are available, and [supply credentials for any private dependencies](https://github.com/Azure/actions-workflow-samples/blob/master/assets/create-secrets-for-GitHub-workflows.md#set-up-secrets-in-github-action-workflows).\n\nRelevant output line: `Caused by: org.eclipse.aether.transfer.ArtifactNotFoundException: Could not find artifact junit:junit-nonesuch:jar:4.11 in central (https://repo.maven.apache.org/maven2)`",
"severity": "error",
"source": {
"extractorName": "java",
diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/diagnostics.expected
index 396198d057a..c002fd22788 100644
--- a/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/diagnostics.expected
+++ b/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/diagnostics.expected
@@ -1,5 +1,5 @@
{
- "markdownMessage": "Your project may need a different JDK version. Ensure your Code Scanning workflow file has [an appropriate `setup-java` step](https://github.com/actions/setup-java#eclipse-temurin).\n\nSuspicious output line: `> Could not target platform: 'Java SE 11' using tool chain: 'JDK 8 (1.8)'.`",
+ "markdownMessage": "Your project may need a different JDK version. Ensure your Code Scanning workflow file has [an appropriate `setup-java` step](https://github.com/actions/setup-java#eclipse-temurin).\n\nRelevant output line: `> Could not target platform: 'Java SE 11' using tool chain: 'JDK 8 (1.8)'.`",
"severity": "error",
"source": {
"extractorName": "java",
@@ -13,7 +13,7 @@
}
}
{
- "markdownMessage": "Your project may need a different JDK version. Ensure your Code Scanning workflow file has [an appropriate `setup-java` step](https://github.com/actions/setup-java#eclipse-temurin).\n\nSuspicious output line: `Caused by: java.lang.IllegalArgumentException: Could not target platform: 'Java SE 11' using tool chain: 'JDK 8 (1.8)'.`",
+ "markdownMessage": "Your project may need a different JDK version. Ensure your Code Scanning workflow file has [an appropriate `setup-java` step](https://github.com/actions/setup-java#eclipse-temurin).\n\nRelevant output line: `Caused by: java.lang.IllegalArgumentException: Could not target platform: 'Java SE 11' using tool chain: 'JDK 8 (1.8)'.`",
"severity": "error",
"source": {
"extractorName": "java",
diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/maven-http-repository/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/diagnostics/maven-http-repository/diagnostics.expected
index 301efee2929..5e7d5956858 100644
--- a/java/ql/integration-tests/all-platforms/java/diagnostics/maven-http-repository/diagnostics.expected
+++ b/java/ql/integration-tests/all-platforms/java/diagnostics/maven-http-repository/diagnostics.expected
@@ -1,10 +1,10 @@
{
- "markdownMessage": "Building your code triggered an access to an insecure HTTP Maven repository. Allow access to insecure repositories, or [update your build to use HTTPS](https://maven.apache.org/docs/3.8.1/release-notes.html#how-to-fix-when-i-get-a-http-repository-blocked).\n\nSuspicious output line: `Caused by: org.eclipse.aether.resolution.ArtifactResolutionException: Could not transfer artifact junit-nonesuch:junit-nonesuch:pom:4.11 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [insecure (http://repo.maven.apache.org/maven2/, default, releases+snapshots)]`",
+ "markdownMessage": "Building your code triggered an access to an insecure HTTP Maven repository. Allow access to insecure repositories, or [update your build to use HTTPS](https://maven.apache.org/docs/3.8.1/release-notes.html#how-to-fix-when-i-get-a-http-repository-blocked).\n\nRelevant output line: `Caused by: org.eclipse.aether.resolution.ArtifactResolutionException: Could not transfer artifact junit-nonesuch:junit-nonesuch:pom:4.11 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [insecure (http://repo.maven.apache.org/maven2/, default, releases+snapshots)]`",
"severity": "error",
"source": {
"extractorName": "java",
"id": "java/autobuilder/non-https-repository",
- "name": "A non-https Maven repository access failed"
+ "name": "A non-HTTPS Maven repository access failed"
},
"visibility": {
"cliSummaryTable": false,
@@ -13,12 +13,12 @@
}
}
{
- "markdownMessage": "Building your code triggered an access to an insecure HTTP Maven repository. Allow access to insecure repositories, or [update your build to use HTTPS](https://maven.apache.org/docs/3.8.1/release-notes.html#how-to-fix-when-i-get-a-http-repository-blocked).\n\nSuspicious output line: `Caused by: org.eclipse.aether.transfer.ArtifactTransferException: Could not transfer artifact junit-nonesuch:junit-nonesuch:pom:4.11 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [insecure (http://repo.maven.apache.org/maven2/, default, releases+snapshots)]`",
+ "markdownMessage": "Building your code triggered an access to an insecure HTTP Maven repository. Allow access to insecure repositories, or [update your build to use HTTPS](https://maven.apache.org/docs/3.8.1/release-notes.html#how-to-fix-when-i-get-a-http-repository-blocked).\n\nRelevant output line: `Caused by: org.eclipse.aether.transfer.ArtifactTransferException: Could not transfer artifact junit-nonesuch:junit-nonesuch:pom:4.11 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [insecure (http://repo.maven.apache.org/maven2/, default, releases+snapshots)]`",
"severity": "error",
"source": {
"extractorName": "java",
"id": "java/autobuilder/non-https-repository",
- "name": "A non-https Maven repository access failed"
+ "name": "A non-HTTPS Maven repository access failed"
},
"visibility": {
"cliSummaryTable": false,
@@ -27,12 +27,12 @@
}
}
{
- "markdownMessage": "Building your code triggered an access to an insecure HTTP Maven repository. Allow access to insecure repositories, or [update your build to use HTTPS](https://maven.apache.org/docs/3.8.1/release-notes.html#how-to-fix-when-i-get-a-http-repository-blocked).\n\nSuspicious output line: `Caused by: org.eclipse.aether.transfer.NoRepositoryConnectorException: Blocked mirror for repositories: [insecure (http://repo.maven.apache.org/maven2/, default, releases+snapshots)]`",
+ "markdownMessage": "Building your code triggered an access to an insecure HTTP Maven repository. Allow access to insecure repositories, or [update your build to use HTTPS](https://maven.apache.org/docs/3.8.1/release-notes.html#how-to-fix-when-i-get-a-http-repository-blocked).\n\nRelevant output line: `Caused by: org.eclipse.aether.transfer.NoRepositoryConnectorException: Blocked mirror for repositories: [insecure (http://repo.maven.apache.org/maven2/, default, releases+snapshots)]`",
"severity": "error",
"source": {
"extractorName": "java",
"id": "java/autobuilder/non-https-repository",
- "name": "A non-https Maven repository access failed"
+ "name": "A non-HTTPS Maven repository access failed"
},
"visibility": {
"cliSummaryTable": false,
@@ -41,12 +41,12 @@
}
}
{
- "markdownMessage": "Building your code triggered an access to an insecure HTTP Maven repository. Allow access to insecure repositories, or [update your build to use HTTPS](https://maven.apache.org/docs/3.8.1/release-notes.html#how-to-fix-when-i-get-a-http-repository-blocked).\n\nSuspicious output line: `[ERROR] Failed to execute goal on project maven-sample: Could not resolve dependencies for project com.example:maven-sample:jar:1.0-SNAPSHOT: Failed to collect dependencies at junit-nonesuch:junit-nonesuch:jar:4.11: Failed to read artifact descriptor for junit-nonesuch:junit-nonesuch:jar:4.11: Could not transfer artifact junit-nonesuch:junit-nonesuch:pom:4.11 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [insecure (http://repo.maven.apache.org/maven2/, default, releases+snapshots)] -> [Help 1]`",
+ "markdownMessage": "Building your code triggered an access to an insecure HTTP Maven repository. Allow access to insecure repositories, or [update your build to use HTTPS](https://maven.apache.org/docs/3.8.1/release-notes.html#how-to-fix-when-i-get-a-http-repository-blocked).\n\nRelevant output line: `[ERROR] Failed to execute goal on project maven-sample: Could not resolve dependencies for project com.example:maven-sample:jar:1.0-SNAPSHOT: Failed to collect dependencies at junit-nonesuch:junit-nonesuch:jar:4.11: Failed to read artifact descriptor for junit-nonesuch:junit-nonesuch:jar:4.11: Could not transfer artifact junit-nonesuch:junit-nonesuch:pom:4.11 from/to maven-default-http-blocker (http://0.0.0.0/): Blocked mirror for repositories: [insecure (http://repo.maven.apache.org/maven2/, default, releases+snapshots)] -> [Help 1]`",
"severity": "error",
"source": {
"extractorName": "java",
"id": "java/autobuilder/non-https-repository",
- "name": "A non-https Maven repository access failed"
+ "name": "A non-HTTPS Maven repository access failed"
},
"visibility": {
"cliSummaryTable": true,
diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/multiple-candidate-builds/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/diagnostics/multiple-candidate-builds/diagnostics.expected
index 9e7a9ceec33..c55a814c684 100644
--- a/java/ql/integration-tests/all-platforms/java/diagnostics/multiple-candidate-builds/diagnostics.expected
+++ b/java/ql/integration-tests/all-platforms/java/diagnostics/multiple-candidate-builds/diagnostics.expected
@@ -1,5 +1,5 @@
{
- "markdownMessage": "Building using Maven was skipped because there were multiple sibling build directories containing build files: [./maven-project-1,./maven-project-2]. If you want to use one of these, please [manually supply a build command](https://docs.github.com/en/github-ae@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language).",
+ "markdownMessage": "Building using Maven was skipped because there were multiple sibling build directories containing build files: [./maven-project-1,./maven-project-2]. If you want to use one of these, please [manually supply a build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language).",
"severity": "warning",
"source": {
"extractorName": "java",
@@ -13,7 +13,7 @@
}
}
{
- "markdownMessage": "If you want to use one of the candidate build systems and directories (see previous warnings), please [supply a manual a build command](https://docs.github.com/en/github-ae@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language).",
+ "markdownMessage": "Could not identify a unique top-level project to build. [Supply a manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language).",
"severity": "error",
"source": {
"extractorName": "java",
diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/no-build-system/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/diagnostics/no-build-system/diagnostics.expected
index f465cd5df84..a4568fcd233 100644
--- a/java/ql/integration-tests/all-platforms/java/diagnostics/no-build-system/diagnostics.expected
+++ b/java/ql/integration-tests/all-platforms/java/diagnostics/no-build-system/diagnostics.expected
@@ -1,5 +1,5 @@
{
- "markdownMessage": "Could not find a Gradle, Maven or Ant top-level project to build. Please [supply a manual build command](https://docs.github.com/en/github-ae@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language).",
+ "markdownMessage": "Could not find a Gradle, Maven or Ant top-level project to build. [Supply a manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language).",
"severity": "error",
"source": {
"extractorName": "java",
diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/no-gradle-test-classes/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/diagnostics/no-gradle-test-classes/diagnostics.expected
index a6c5e2eb877..30e328253da 100644
--- a/java/ql/integration-tests/all-platforms/java/diagnostics/no-gradle-test-classes/diagnostics.expected
+++ b/java/ql/integration-tests/all-platforms/java/diagnostics/no-gradle-test-classes/diagnostics.expected
@@ -1,5 +1,5 @@
{
- "markdownMessage": "Built a Gradle project without the [Gradle wrapper](https://docs.gradle.org/current/userguide/gradle_wrapper.html). This may use an incompatible version of Gradle",
+ "markdownMessage": "Built a Gradle project without the [Gradle wrapper](https://docs.gradle.org/current/userguide/gradle_wrapper.html). This may use an incompatible version of Gradle.",
"severity": "warning",
"source": {
"extractorName": "java",
@@ -13,7 +13,7 @@
}
}
{
- "markdownMessage": "Gradle project does not define a `testClasses` goal. [Supply a manual build command](https://docs.github.com/en/github-ae@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language) that builds the code that should be analyzed.\n\nSuspicious output line: `org.gradle.execution.TaskSelectionException: Task 'testClasses' not found in root project 'no-gradle-test-classes'.`",
+ "markdownMessage": "Gradle project does not define a `testClasses` goal. [Supply a manual build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#adding-build-steps-for-a-compiled-language) that builds the code that should be analyzed.\n\nRelevant output line: `org.gradle.execution.TaskSelectionException: Task 'testClasses' not found in root project 'no-gradle-test-classes'.`",
"severity": "error",
"source": {
"extractorName": "java",
diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/no-gradle-wrapper/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/diagnostics/no-gradle-wrapper/diagnostics.expected
index ad5c5bdb7c6..feef1ed590d 100644
--- a/java/ql/integration-tests/all-platforms/java/diagnostics/no-gradle-wrapper/diagnostics.expected
+++ b/java/ql/integration-tests/all-platforms/java/diagnostics/no-gradle-wrapper/diagnostics.expected
@@ -1,5 +1,5 @@
{
- "markdownMessage": "Built a Gradle project without the [Gradle wrapper](https://docs.gradle.org/current/userguide/gradle_wrapper.html). This may use an incompatible version of Gradle",
+ "markdownMessage": "Built a Gradle project without the [Gradle wrapper](https://docs.gradle.org/current/userguide/gradle_wrapper.html). This may use an incompatible version of Gradle.",
"severity": "warning",
"source": {
"extractorName": "java",
diff --git a/javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java b/javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
index ccde9f79320..629c3d151c1 100644
--- a/javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
+++ b/javascript/extractor/src/com/semmle/js/extractor/AutoBuild.java
@@ -508,7 +508,7 @@ public class AutoBuild {
* For use with the {@link #writeDiagnostics(String, JSDiagnosticKind)} method.
*/
public static enum JSDiagnosticKind {
- PARSE_ERROR("parse-error", "Parse error", DiagnosticLevel.Warning),
+ PARSE_ERROR("parse-error", "Could not process some files due to syntax errors", DiagnosticLevel.Warning),
INTERNAL_ERROR("internal-error", "Internal error", DiagnosticLevel.Debug);
private final String id;
@@ -568,7 +568,7 @@ public class AutoBuild {
}
// DiagnosticLevel level, String extractorName, String sourceId, String sourceName, String markdown
- diagnostics.get().writeMarkdown(error.getLevel(), "javascript", "javascript/" + error.getId(), error.getName(),
+ diagnostics.get().writeMarkdown(error.getLevel(), "javascript", "js/" + error.getId(), error.getName(),
message, location);
}
diff --git a/javascript/ql/integration-tests/all-platforms/diagnostics/syntax-error/diagnostics.expected b/javascript/ql/integration-tests/all-platforms/diagnostics/syntax-error/diagnostics.expected
index 6337f4a4692..0c4405ea92b 100644
--- a/javascript/ql/integration-tests/all-platforms/diagnostics/syntax-error/diagnostics.expected
+++ b/javascript/ql/integration-tests/all-platforms/diagnostics/syntax-error/diagnostics.expected
@@ -10,8 +10,8 @@
"severity": "warning",
"source": {
"extractorName": "javascript",
- "id": "javascript/parse-error",
- "name": "Parse error"
+ "id": "js/parse-error",
+ "name": "Could not process some files due to syntax errors"
},
"visibility": {
"cliSummaryTable": true,
diff --git a/ruby/extractor/src/bin/extractor.rs b/ruby/extractor/src/bin/extractor.rs
index cd5570d18bc..300a94444a6 100644
--- a/ruby/extractor/src/bin/extractor.rs
+++ b/ruby/extractor/src/bin/extractor.rs
@@ -223,7 +223,7 @@ fn main() -> std::io::Result<()> {
} else {
diagnostics_writer.write(
diagnostics_writer
- .new_entry("unknown-character-encoding", "Unknown character encoding")
+ .new_entry("unknown-character-encoding", "Could not process some files due to an unknown character encoding")
.file(&file_paths::normalize_path(&path))
.message(
"Unknown character encoding {} in {} {}.",
diff --git a/ruby/extractor/src/diagnostics.rs b/ruby/extractor/src/diagnostics.rs
index ddef135c485..d9b3b3e0f7e 100644
--- a/ruby/extractor/src/diagnostics.rs
+++ b/ruby/extractor/src/diagnostics.rs
@@ -3,6 +3,7 @@ use std::io::Write;
use std::path::PathBuf;
/** SARIF severity */
#[derive(Serialize)]
+#[serde(rename_all = "lowercase")]
pub enum Severity {
Error,
Warning,
diff --git a/ruby/extractor/src/extractor.rs b/ruby/extractor/src/extractor.rs
index 59049bc789c..1ef9a1edcca 100644
--- a/ruby/extractor/src/extractor.rs
+++ b/ruby/extractor/src/extractor.rs
@@ -253,9 +253,10 @@ impl<'a> Visitor<'a> {
end_line,
end_column,
);
- let mut mesg = self
- .diagnostics_writer
- .new_entry("parse-error", "Parse error");
+ let mut mesg = self.diagnostics_writer.new_entry(
+ "parse-error",
+ "Could not process some files due to syntax errors",
+ );
&mesg
.severity(diagnostics::Severity::Warning)
.location(self.path, start_line, start_column, end_line, end_column)
@@ -367,7 +368,10 @@ impl<'a> Visitor<'a> {
self.record_parse_error(
loc,
self.diagnostics_writer
- .new_entry("parse-error", "Parse error")
+ .new_entry(
+ "parse-error",
+ "Could not process some files due to syntax errors",
+ )
.severity(diagnostics::Severity::Warning)
.location(self.path, start_line, start_column, end_line, end_column)
.message(
diff --git a/ruby/ql/integration-tests/all-platforms/diagnostics/syntax-error/diagnostics.expected b/ruby/ql/integration-tests/all-platforms/diagnostics/syntax-error/diagnostics.expected
index 2ed9ee863de..d9ae8e1b617 100644
--- a/ruby/ql/integration-tests/all-platforms/diagnostics/syntax-error/diagnostics.expected
+++ b/ruby/ql/integration-tests/all-platforms/diagnostics/syntax-error/diagnostics.expected
@@ -11,11 +11,11 @@
},
"markdownMessage": "A parse error occurred. Check the syntax of the file. If the file is invalid, correct the error or [exclude](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/customizing-code-scanning) the file from analysis.",
"plaintextMessage": "A parse error occurred. Check the syntax of the file. If the file is invalid, correct the error or exclude the file from analysis.",
- "severity": "Warning",
+ "severity": "warning",
"source": {
"extractorName": "ruby",
"id": "ruby/parse-error",
- "name": "Parse error"
+ "name": "Could not process some files due to syntax errors"
},
"visibility": {
"statusPage": true
@@ -34,11 +34,11 @@
},
"markdownMessage": "A parse error occurred (expected `end` symbol). Check the syntax of the file. If the file is invalid, correct the error or [exclude](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/customizing-code-scanning) the file from analysis.",
"plaintextMessage": "A parse error occurred (expected end symbol). Check the syntax of the file. If the file is invalid, correct the error or exclude the file from analysis.",
- "severity": "Warning",
+ "severity": "warning",
"source": {
"extractorName": "ruby",
"id": "ruby/parse-error",
- "name": "Parse error"
+ "name": "Could not process some files due to syntax errors"
},
"visibility": {
"statusPage": true
diff --git a/ruby/ql/integration-tests/all-platforms/diagnostics/unknown-encoding/diagnostics.expected b/ruby/ql/integration-tests/all-platforms/diagnostics/unknown-encoding/diagnostics.expected
index f67e92b9c57..eb0264c2e58 100644
--- a/ruby/ql/integration-tests/all-platforms/diagnostics/unknown-encoding/diagnostics.expected
+++ b/ruby/ql/integration-tests/all-platforms/diagnostics/unknown-encoding/diagnostics.expected
@@ -7,11 +7,11 @@
},
"markdownMessage": "Unknown character encoding `silly` in `#encoding:` [directive](https://docs.ruby-lang.org/en/master/syntax/comments_rdoc.html#label-encoding+Directive).",
"plaintextMessage": "Unknown character encoding silly in #encoding: directive.",
- "severity": "Warning",
+ "severity": "warning",
"source": {
"extractorName": "ruby",
"id": "ruby/unknown-character-encoding",
- "name": "Unknown character encoding"
+ "name": "Could not process some files due to an unknown character encoding"
},
"visibility": {
"statusPage": true