-
Notifications
You must be signed in to change notification settings - Fork 335
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature flag to disable python dependency installation #1676
Feature flag to disable python dependency installation #1676
Conversation
18b5112
to
901968a
Compare
901968a
to
0ccdbf8
Compare
@turbo requesting your review on the CHANGELOG.md change @tausbn requesting your review on the recommendation if users want to specify what version to analyze as |
Also, do you have a related feature flag issue for this change? https://github.com/github/codeql-core/issues/new?assignees=&labels=CodeQL+Action&projects=&template=codeql_action_feature_flag_rollout.md&title=CodeQL+Action%3A+%5BFeature+Name%5D+Rollout+Plan It helps us manage the rollout and eventual removal of the flag. |
yes, it might be hard to spot from all the highlights of me force pushing changes, but here it is: https://github.com/github/codeql-core/issues/3552 |
Thanks for the explanation (and apologies for jumping in with partial information). |
The last dot in `=3.11.` is just slightly confusing, so added single quotes around the environment variable assignments to make it 100% clear
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me! 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A question and a suggestion for potentially improving one of the warnings.
Co-authored-by: Henry Mercer <henry.mercer@me.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I had a quick look at the changenote — I'm happy with the changes here, but also happy to wait for @turbo
's review.
Co-authored-by: Henry Mercer <henry.mercer@me.com>
@@ -2,6 +2,7 @@ | |||
|
|||
## [UNRELEASED] | |||
|
|||
- We are rolling out a feature in May 2023 that will disable Python dependency installation for new users of the CodeQL Action. This improves the speed of analysis while having only a very minor impact on results. [#1676](https://github.com/github/codeql-action/pull/1676) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are we planning on doing a changelog post or some other public announcement? Especially explaining "a very minor impact on results" would be nice. If there is one, can you add a link here? If the post is planned, but the URL isn't known yet, we can always update this entry.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, once we start roll it out to new users, there will be a public changelog post 👍
Merge / deployment checklist
I have tested this behavior on a repo of my own, by setting
CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION: "true"
in the workflow -- let me know if we need to add some automated tests for this 👍