Skip to content

Code Scanning results may be out of date #59

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Code Scanning results may be out of date #59

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b946dc4
build: replace dotnet-sonarscanner login parameter with token
svenzik Aug 18, 2025
abdbb19
build: Avoid expanding secrets in a run block
svenzik Aug 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/sonarcloud-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ jobs:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
shell: powershell
run: |
.\.sonar\scanner\dotnet-sonarscanner begin /k:"web-eid_web-eid-authtoken-validation-dotnet" /o:"web-eid" /d:sonar.cs.opencover.reportsPaths="**/TestResults/**/coverage.opencover.xml" -d:sonar.cs.vstest.reportsPaths="**/TestResults/*.trx" /d:sonar.verbose=true /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io"
.\.sonar\scanner\dotnet-sonarscanner begin /k:"web-eid_web-eid-authtoken-validation-dotnet" /o:"web-eid" /d:sonar.cs.opencover.reportsPaths="**/TestResults/**/coverage.opencover.xml" /d:sonar.cs.vstest.reportsPaths="**/TestResults/*.trx" /d:sonar.verbose=true /d:sonar.token="$env:SONAR_TOKEN" /d:sonar.host.url="https://sonarcloud.io"
dotnet build --configuration Release --no-restore src/WebEid.Security.sln
dotnet test src/WebEid.Security.sln --logger trx --collect:"XPlat Code Coverage" -- DataCollectionRunSettings.DataCollectors.DataCollector.Configuration.Format=opencover --results-directory "TestResults"
.\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
.\.sonar\scanner\dotnet-sonarscanner end /d:sonar.token="$env:SONAR_TOKEN"
4 changes: 2 additions & 2 deletions src/WebEid.Security/Validator/AuthTokenValidator.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,10 +96,10 @@
ValidateTokenLength(authToken);
return ParseToken(authToken);
}
catch (Exception ex)

Check warning on line 99 in src/WebEid.Security/Validator/AuthTokenValidator.cs

View workflow job for this annotation

GitHub Actions / Analyze 

Either log this exception and handle it, or rethrow it with some contextual information. (https://rules.sonarsource.com/csharp/RSPEC-2139)

Check warning on line 99 in src/WebEid.Security/Validator/AuthTokenValidator.cs

View workflow job for this annotation

GitHub Actions / Analyze 

Either log this exception and handle it, or rethrow it with some contextual information. (https://rules.sonarsource.com/csharp/RSPEC-2139)
{
// Generally "log and rethrow" is an anti-pattern, but it fits with the surrounding logging style.
this.logger?.LogWarning("Token parsing was interrupted:", ex);
this.logger?.LogWarning(ex, "Token parsing was interrupted:");
throw;
}
}
Expand All @@ -118,10 +118,10 @@
{
return this.ValidateToken(authToken, currentChallengeNonce);
}
catch (Exception ex)

Check warning on line 121 in src/WebEid.Security/Validator/AuthTokenValidator.cs

View workflow job for this annotation

GitHub Actions / Analyze 

Either log this exception and handle it, or rethrow it with some contextual information. (https://rules.sonarsource.com/csharp/RSPEC-2139)
{
// Generally "log and rethrow" is an anti-pattern, but it fits with the surrounding logging style.
this.logger?.LogWarning("Token validation was interrupted:", ex);
this.logger?.LogWarning(ex, "Token validation was interrupted:");
throw;
}
}
Expand Down
Loading