关于此警告
Warning: 1 issue was detected with this workflow: git checkout HEAD^2 is no longer
necessary. Please remove this step as Code Scanning recommends analyzing the merge
commit for best results.
如果您使用的是旧的 CodeQL 工作流,可能会收到来自 “Initialize CodeQL” 操作的此警告。
确认问题的原因
检查 CodeQL 工作流中的以下行。这些行出现在 CodeQL 工作流最初版本的 steps 部分的 Analyze 作业中。
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
# If this run was triggered by a pull request event, then checkout
# the head of the pull request instead of the merge commit.
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
解决问题
从 CodeQL 工作流中删除这些行。工作流修改后的 steps 部分应如下所示
steps:
- name: Checkout repository
uses: actions/checkout@v5
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
# ...