Skip to content

Add Roslyn analysis#3987

Merged
samsharma2700 merged 1 commit intomainfrom
dev/samsharma2700/roslyn_fix
Feb 27, 2026
Merged

Add Roslyn analysis#3987
samsharma2700 merged 1 commit intomainfrom
dev/samsharma2700/roslyn_fix

Conversation

@samsharma2700
Copy link
Contributor

@samsharma2700 samsharma2700 commented Feb 26, 2026

Description

Add Roslyn Analyzers SDL step to csproj-based OneBranch package jobs

The OneBranch pipeline job template for csproj-based extension packages (build-signed-csproj-package-job.yml) was missing the RoslynAnalyzers@3 SDL security analysis step that is already present for the main SqlClient and AKV Provider builds.

This change adds the missing step, bringing the Abstractions, Azure, Logging, and SqlServer package jobs into parity with the existing SDL compliance pattern used across the pipeline.

@samsharma2700 samsharma2700 requested a review from a team as a code owner February 26, 2026 19:13
Copilot AI review requested due to automatic review settings February 26, 2026 19:13
Copilot AI reviewed Feb 26, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds the missing Roslyn Analyzers (SDL) step to the csproj-based OneBranch package job template so extension package jobs follow the same security analysis pattern already used by SqlClient and the AKV provider builds.

Changes:

  • Run RoslynAnalyzers@3 in build-signed-csproj-package-job.yml before the package build/signing steps.
  • Configure the analyzer run to build the appropriate build.proj target with ReferenceType=Package and the job’s version properties.

@samsharma2700 samsharma2700 merged commit 2da1c76 into main Feb 27, 2026
309 checks passed
@samsharma2700 samsharma2700 deleted the dev/samsharma2700/roslyn_fix branch February 27, 2026 00:14
@codecov
Copy link

codecov bot commented Feb 27, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 64.43%. Comparing base (a68e00f) to head (7080dfe).
⚠️ Report is 20 commits behind head on main.

❗ There is a different number of reports uploaded between BASE (a68e00f) and HEAD (7080dfe). Click for more details.

HEAD has 6 uploads less than BASE
Flag BASE (a68e00f) HEAD (7080dfe)
netfx 2 0
netcore 2 0
addons 2 0
Additional details and impacted files 
@@             Coverage Diff             @@
##             main    #3987       +/-   ##
===========================================
- Coverage   75.22%   64.43%   -10.79%     
===========================================
  Files         266      282       +16     
  Lines       42932    65951    +23019     
===========================================
+ Hits        32294    42494    +10200     
- Misses      10638    23457    +12819
Flag Coverage Δ
PR-SqlClient-Project 64.43% <ø> (?)
addons ?
netcore ?
netfx ?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mdaigle mdaigle mdaigle approved these changes

@paulmedynski paulmedynski paulmedynski approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@samsharma2700 @mdaigle @paulmedynski