@@ -12,23 +12,26 @@ jobs:
1212 runs-on : ubuntu-latest
1313 steps :
1414 - name : Checkout code
15- uses : actions/checkout@master
15+ uses : actions/checkout@v4
1616
1717 - name : Run Codacy Analysis CLI
1818 uses : codacy/codacy-analysis-cli-action@master
1919 with :
20- output : results.sarif
21- format : sarif
22- # Adjust severity of non-security issues
23- gh-code-scanning-compat : true
24- # Force 0 exit code to allow SARIF file generation
25- # This will handover control about PR rejection to the GitHub side
20+ # Run analysis without SARIF output to avoid GitHub Code Scanning integration issues
21+ # See: https://github.com/codacy/codacy-analysis-cli-action/issues/142
22+ # The Codacy tool generates multiple SARIF runs which is incompatible with
23+ # GitHub's new policy as of July 2025
24+ verbose : true
25+ # Force 0 exit code to prevent workflow failures
2626 max-allowed-issues : 2147483647
2727 # only scan the github1s directory
2828 directory : $GITHUB_WORKSPACE/extensions/github1s
2929
30- # Upload the SARIF file generated in the previous step
31- - name : Upload SARIF results file
32- uses : github/codeql-action/upload-sarif@main
33- with :
34- sarif_file : results.sarif
30+ # SARIF upload is temporarily disabled due to incompatibility
31+ # See: https://github.com/codacy/codacy-analysis-cli-action/issues/142
32+ # TODO: Re-enable when Codacy fixes the multiple runs issue
33+ # - name: Upload SARIF results file
34+ # uses: github/codeql-action/upload-sarif@v4
35+ # with:
36+ # sarif_file: results.sarif
37+ # category: codacy-security-scan
0 commit comments