Conversation
Workload Analysis:Estimated workload for PR 81: 9.02 SonarQube Analysis Result:📈 Metrics: 🐛 Issues |
(AVRational){1, 60} is GCC/C99 “compound literal” syntax, that’s not valid C++
modify build step name
.github/workflows/release.yaml
Outdated
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 10 months ago
To fix the issue, we will add a permissions block at the workflow level to define the minimal permissions required for the jobs. Based on the actions used in the workflow:
contents: writeis required for uploading release assets and interacting with repository contents.packages: writeis required for uploading artifacts.actions: readis required for interacting with GitHub Actions metadata.
The permissions block will be added at the root level of the workflow to apply to all jobs. If any job requires additional permissions, they can be overridden at the job level.
| @@ -10,2 +10,7 @@ | ||
|
|
||
| permissions: | ||
| contents: write | ||
| packages: write | ||
| actions: read | ||
|
|
||
| jobs: |
| runs-on: windows-latest | ||
| concurrency: | ||
| group: "review-win-${{ github.event.pull_request.number }}" | ||
| cancel-in-progress: true | ||
|
|
||
| steps: | ||
| # Check out the repository code. | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v2 | ||
|
|
||
| # Set up the Qt environment. | ||
| - name: (2) Install Qt | ||
| uses: jurplel/install-qt-action@v3 | ||
| with: | ||
| version: 6.4.3 | ||
| host: windows | ||
| target: desktop | ||
| arch: win64_msvc2019_64 | ||
| dir: ${{ runner.temp }} | ||
| setup-python: false | ||
|
|
||
| # Download FFmpeg from the specified release URL. | ||
| - name: Download FFmpeg | ||
| shell: powershell | ||
| run: | | ||
| $ffmpegUrl = "https://github.com/BtbN/FFmpeg-Builds/releases/download/autobuild-2024-03-31-17-28/ffmpeg-n4.4.4-94-g5d07afd482-win64-gpl-shared-4.4.zip" | ||
| $outputZip = "ffmpeg.zip" | ||
| Invoke-WebRequest -Uri $ffmpegUrl -OutFile $outputZip | ||
| Expand-Archive -Path $outputZip -DestinationPath ffmpeg | ||
| echo "FFMPEG_ROOT_PATH=$(pwd)/ffmpeg/ffmpeg-n4.4.4-94-g5d07afd482-win64-gpl-shared-4.4" >> $GITHUB_ENV | ||
|
|
||
| # Create a build directory, run qmake, and build the project. | ||
| - name: Build Qt project | ||
| run: | | ||
| (cd src && | ||
| cmake -S . -B build "-DFFMPEG_ROOT_PATH=../ffmpeg/ffmpeg-n4.4.4-94-g5d07afd482-win64-gpl-shared-4.4" -DFFTOOL_TRANSCODER=OFF && | ||
| cmake --build build --config Release --parallel) | ||
|
|
||
| - name : Deploy project | ||
| run: | | ||
| mkdir D:\deploy\OpenConverter | ||
| cd D:\deploy\OpenConverter | ||
| cp D:\a\OpenConverter\OpenConverter\src\build\Release\OpenConverter.exe . | ||
| D:\a\_temp\Qt\6.4.3\msvc2019_64\bin\windeployqt.exe .\OpenConverter.exe | ||
| cp D:\a\OpenConverter\OpenConverter\ffmpeg\ffmpeg-n4.4.4-94-g5d07afd482-win64-gpl-shared-4.4\bin\*.dll .\ | ||
| cd D:\deploy | ||
| powershell Compress-Archive -Path OpenConverter -DestinationPath OpenConverter_win64.zip | ||
|
|
||
| # (Optional) Archive the build artifacts. | ||
| - name: Upload build artifacts | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: OpenConverter_win64 | ||
| path: D:\deploy\OpenConverter_win64.zip | ||
|
|
||
| # - name: Setup tmate session | ||
| # if: ${{ failure() }} | ||
| # uses: mxschmitt/action-tmate@v3 No newline at end of file |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 10 months ago
To fix the issue, we will add a permissions block at the root level of the workflow file. This block will define the minimal permissions required for the workflow to function correctly. Based on the provided workflow, the primary operations involve checking out the repository, building the project, and uploading artifacts. These operations typically require contents: read and actions: read. No write permissions are necessary unless explicitly required by a specific step.
| @@ -7,2 +7,6 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
| actions: read | ||
|
|
||
| jobs: |
No description provided.