Enable prefast and warnings checker in SDL#1477
Merged
DefaultRyan merged 3 commits intomastermicrosoft/cppwinrt:masterfrom Mar 1, 2025
user/defaultryan/prefast-warningsmicrosoft/cppwinrt:user/defaultryan/prefast-warningsCopy head branch name to clipboard
Merged
Enable prefast and warnings checker in SDL#1477DefaultRyan merged 3 commits intomastermicrosoft/cppwinrt:masterfrom user/defaultryan/prefast-warningsmicrosoft/cppwinrt:user/defaultryan/prefast-warningsCopy head branch name to clipboard
DefaultRyan merged 3 commits intomastermicrosoft/cppwinrt:masterfrom
user/defaultryan/prefast-warningsmicrosoft/cppwinrt:user/defaultryan/prefast-warningsCopy head branch name to clipboard
Conversation
There was a problem hiding this comment.
PR Overview
This PR enables prefast and compliant compiler warnings checking in the SDL pipelines while also reverting the override in the visualizer so that SDL remains enabled by default. Key changes include adding new YAML keys to enable prefast and warning checks in job pipelines and updating the global SDL configuration in official and pull request pipelines.
Reviewed Changes
| File | Description |
|---|---|
| .pipelines/jobs/OneBranchNuGet.yml | Added keys to enable prefast and warning checks |
| .pipelines/jobs/OneBranchBuild.yml | Added keys to enable prefast and warning checks |
| .pipelines/jobs/OneBranchTest.yml | Added keys to enable prefast and warning checks |
| .pipelines/OneBranch.Official.yml | Enabled prefast in the global SDL config and marked native code |
| .pipelines/jobs/OneBranchVsix.yml | Added keys to enable prefast and warning checks |
| .pipelines/OneBranch.PullRequest.yml | Enabled prefast in the global SDL config for pull requests |
Copilot reviewed 7 out of 7 changed files in this pull request and generated no comments.
Comments suppressed due to low confidence (3)
.pipelines/jobs/OneBranchNuGet.yml:21
- [nitpick] The key 'ob_sdl_prefast_runDuring' uses mixed casing; consider using a consistent snake_case naming (e.g., 'ob_sdl_prefast_run_during') to improve readability.
ob_sdl_prefast_runDuring: 'Build'
.pipelines/OneBranch.Official.yml:44
- [nitpick] The global SDL configuration uses a nested 'prefast' block while the job pipelines use flat keys (e.g., ob_sdl_prefast_enabled). Consider aligning these naming conventions for consistency across configurations.
prefast:
.pipelines/OneBranch.PullRequest.yml:40
- [nitpick] The 'prefast' block in the global SDL configuration here is inconsistent with the flat key approach in job YAML files; consider standardizing the naming style to avoid potential confusion.
prefast:
72e92c7 to
0575d89
Compare
manodasanW
approved these changes
Mar 1, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
More compliance work, this time enabline prefast and the compiler warnings checker.
While I was here I also noticed that the visualizer was overriding SDL to disabled, so went ahead and removed that to allow the default "Enabled" value to prevail again.