关于此警告
Warning: 1 issue was detected with this workflow: git checkout HEAD^2 is no longer
necessary. Please remove this step as Code Scanning recommends analyzing the merge
commit for best results.
如果您使用的是旧 CodeQL 工作流,您可能会在进行“Initialize CodeQL”操作时收到此警告。
确认问题原因
检查 CodeQL 工作流中的以下行来修复此问题。 这些行包含在 CodeQL 工作流初始版本中 Analyze 作业的 steps 部分。
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
# If this run was triggered by a pull request event, then checkout
# the head of the pull request instead of the merge commit.
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
修复问题
从 CodeQL 工作流中删除行来修复此问题。 修改后的工作流的 steps 部分应如下所示:
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
...
有关编辑 CodeQL 工作流文件的详细信息,请参阅“自定义 代码扫描的高级设置”。