Potential fix for code scanning alert no. 4240: Semicolon insertion#2725
Open
Potential fix for code scanning alert no. 4240: Semicolon insertion#2725
Conversation
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
|
Azure Pipelines: Successfully started running 1 pipeline(s). |
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
|
Azure Pipelines: Successfully started running 1 pipeline(s). |
Collaborator
Author
|
@copilot rebase |
* Initial plan * Drop Node 16 from CI matrix, add Node 22 and 24; update RELEASES.md Agent-Logs-Url: https://github.com/microsoft/ApplicationInsights-JS/sessions/496718a3-d402-48f7-9625-67f74b12449e Co-authored-by: MSNev <54870357+MSNev@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: MSNev <54870357+MSNev@users.noreply.github.com>
Contributor
|
Azure Pipelines: Successfully started running 1 pipeline(s). |
|
Azure Pipelines: Successfully started running 1 pipeline(s). |
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
This PR addresses a code scanning alert related to Automatic Semicolon Insertion (ASI) by adding explicit semicolons after arrow-function assignments, and also updates CI Node.js versions along with corresponding release notes.
Changes:
- Add explicit semicolons after arrow-function assignments in
Sender.tsandDiagnosticLogger.ts. - Update CI Node.js matrix to drop 16 and add 22/24.
- Add “Unreleased Changes” release notes documenting the CI Node.js version changes.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| shared/AppInsightsCore/src/diagnostics/DiagnosticLogger.ts | Adds an explicit semicolon to avoid ASI edge cases after an arrow-function assignment. |
| channels/applicationinsights-channel-js/src/Sender.ts | Adds an explicit semicolon after the onComplete arrow-function assignment to address ASI/security scan concerns. |
| RELEASES.md | Adds an “Unreleased Changes” section documenting CI Node.js matrix changes. |
| .github/workflows/ci.yml | Updates CI test matrix to Node 18/20/22/24 and removes Node 16. |
Comment on lines
+5
to
+10
| ## Unreleased Changes | ||
|
|
||
| ### CI / Tooling | ||
|
|
||
| - **Dropped Node.js 16 from CI matrix**: Node.js 16 is End-of-Life and several dependencies (e.g. `puppeteer`, `@pnpm/error`) now require Node.js 18 or later. The CI pipeline no longer runs against Node.js 16. | ||
| - **Added Node.js 22 and 24 to CI matrix**: The CI pipeline now tests against Node.js 18, 20, 22, and 24. |
| strategy: | ||
| matrix: | ||
| node-version: [ 16, 18, 20 ] | ||
| node-version: [ 18, 20, 22, 24 ] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Potential fix for https://github.com/microsoft/ApplicationInsights-JS/security/code-scanning/4240
Add an explicit semicolon after the
onCompletearrow-function assignment in_doSendinchannels/applicationinsights-channel-js/src/Sender.ts.;explicitly rather than relying on ASI.}to};in the_doSend(...)function.Suggested fixes powered by Copilot Autofix. Review carefully before merging.