Features/fix bug in autoregisterserviceattribute detection code generation #4
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…rator - Updated tests for ServiceRegistrationGenerator to improve readability and maintainability. - Ensured generated source code matches expected output for various scenarios including default scoped registration, singleton lifetime, and self-registration. - Added tests to verify behavior for classes without interfaces and those with multiple interfaces without specified registration. - Refactored StrongIdGenerator tests to ensure correct generation of partial structs with ID properties for specified types. - Improved CompilationHelpers for better attribute handling in tests. - Cleaned up formatting and organization of test files for consistency.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+12
to
+62
| name: Build and analyze | ||
| runs-on: windows-latest | ||
| env: | ||
| SONAR_PROJECT: 'astar-dev-source-generators' | ||
| ProjectName: 'AStar.Dev.Source.Generators' | ||
| RepositoryName: 'astar-dev-source-generators' | ||
| steps: | ||
| - name: Set up JDK | ||
| uses: actions/[email protected] | ||
| with: | ||
| java-version: 17 | ||
| distribution: 'zulu' | ||
| - name: Checkout | ||
| uses: actions/[email protected] | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: 🛠 Cache SonarQube Cloud packages | ||
| uses: actions/[email protected] | ||
| with: | ||
| path: ~\sonar\cache | ||
| key: ${{ runner.os }}-sonar | ||
| restore-keys: ${{ runner.os }}-sonar | ||
| - name: 🛠 Cache SonarQube Cloud scanner | ||
| id: cache-sonar-scanner | ||
| uses: actions/[email protected] | ||
| with: | ||
| path: .\.sonar\scanner | ||
| key: ${{ runner.os }}-sonar-scanner | ||
| restore-keys: ${{ runner.os }}-sonar-scanner | ||
| - name: 🛠 Install SonarQube Cloud scanner | ||
| if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' | ||
| shell: powershell | ||
| run: | | ||
| New-Item -Path .\.sonar\scanner -ItemType Directory | ||
| dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner | ||
| - name: 🔍 Restore, 🛠 Build and 🧪 Test with ☁️ SonarCloud / Qube | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | ||
| shell: powershell | ||
| run: | | ||
| dotnet tool install --global dotnet-coverage | ||
| .\.sonar\scanner\dotnet-sonarscanner begin /k:"astar-development_${{ env.SONAR_PROJECT }}" /o:"astar-development" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.vscoveragexml.reportsPaths=coverage.xml /d:sonar.scanner.scanAll=false /d:sonar.scanner.skipJreProvisioning=true | ||
| dotnet build --configuration Release | ||
| dotnet-coverage collect 'dotnet test --filter "FullyQualifiedName!~Tests.EndToEnd"' -f xml -o 'coverage.xml' | ||
| .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}" |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 12 days ago
To fix the problem, explicitly declare minimal GITHUB_TOKEN permissions for the workflow or the build job. Since the job only checks out and reads code and uses GITHUB_TOKEN for Sonar/SonarCloud integration (not to write to the repo), we can safely limit permissions to contents: read. Declaring permissions at the workflow root applies to all jobs, and there is only one job here, so adding a root-level block is the simplest and least invasive fix.
The best fix is:
- Add a
permissions:block near the top of.github/workflows/dotnet.yml, at the root level (same indentation ason:andjobs:). - Set
contents: readas a minimal baseline. If later you discover this workflow must update PRs or commit statuses, you can extend this block accordingly.
Concretely:
- In
.github/workflows/dotnet.yml, betweenname: .NET(line 1) andon:(line 3), insert:
permissions:
contents: readNo additional imports, methods, or definitions are needed, as this is purely a YAML configuration change.
Suggested changeset
1
.github/workflows/dotnet.yml
| @@ -1,5 +1,8 @@ | ||
| name: .NET | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| push: |
Copilot is powered by AI and may make mistakes. Always verify output.
jbarden
approved these changes
Jan 31, 2026
|
jaybarden1
deleted the
features/fix-bug-in-autoregisterserviceattribute-detection-code-generation
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.