ci(codeql): force Kotlin recompile so CodeQL sees source#218
Merged
Conversation
The Analyze Kotlin job failed with 'no source code seen during build' (exit code 32): assembleDebug compile tasks were served from cache / marked UP-TO-DATE, so CodeQL's tracer observed no Kotlin source. Add --no-build-cache --rerun-tasks to the CodeQL build step to force actual recompilation, giving the tracer source to analyze.
Qodo reviews are paused for this user.Troubleshooting steps vary by plan Learn more → On a Teams plan? Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center? |
kirich1409
added a commit
that referenced
this pull request
May 31, 2026
kirich1409
added a commit
that referenced
this pull request
May 31, 2026
* ci(codeql): force Kotlin recompile so CodeQL sees source (#218) The Analyze Kotlin job failed with 'no source code seen during build' (exit code 32): assembleDebug compile tasks were served from cache / marked UP-TO-DATE, so CodeQL's tracer observed no Kotlin source. Add --no-build-cache --rerun-tasks to the CodeQL build step to force actual recompilation, giving the tracer source to analyze. Co-authored-by: Claude <noreply@anthropic.com> * chore: release 1.0.0 — Android-stable, docs restructure, CodeQL fix - Bump VERSION_NAME to 1.0.0 - Add [1.0.0] CHANGELOG entry (Android-facing API as primary stable target) - Fix mkdocs: exclude cc-verification/specs, add Known Limitations to nav, move iOS guides to "iOS Preview" section, update site_description - Add "Stable in 1.0" admonition to Android guide - Add "Preview" admonitions to iOS guides - Fix CodeQL workflow: build-mode=manual + --no-build-cache --rerun-tasks * test(shrinker): cover -keep defeating flag dead-code elimination (#217) * test(shrinker): cover -keep defeating flag dead-code elimination A consumer -keep rule (often a broad wildcard or @keep) that covers a flag-guarded class defeats R8 tree-shaking: -assumevalues still folds the disabled branch (behaviour unchanged), but the class itself is pinned as an unconditional GC root and ships in the APK despite being unreachable — silently losing the size benefit of build-time flags. - Add writeBooleanRulesWithKeptDeadBranch() modelling the pitfall - Add a regression test asserting the dead-branch class survives the keep - Document the two-phase elimination model and keep-rule guidance in the R8 verification guide * test(shrinker): assert branch folding in keep regression; fix docs Address review feedback on the -keep regression test and guide: - The keep test now also asserts BifurcatedCaller no longer references IfBranchCode, proving R8 still folded the disabled branch (phase 1) rather than only keeping the class alive via the kept caller. Adds assertClassDoesNotReference() (ASM bytecode inspection). - Move -dontoptimize out of the 'not a problem' list in the R8 guide into a distinct hazard note — it suppresses elimination and must not be grouped with the harmless accessor-method keep. --------- Co-authored-by: Claude <noreply@anthropic.com> * chore: update Package.swift checksum for v1.0.0 * Bump develop version to 1.1.0-SNAPSHOT --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The Analyze Kotlin (CodeQL) job fails with:
The workflow replaces CodeQL autobuild (which looks for a non-existent
testClassestask in this KMP project) with./gradlew assembleDebug. But withgradle/actions/setup-gradlerestoring the Gradle cache, the Kotlin compile tasks are served from cache or markedUP-TO-DATEand skipped — so the CodeQL tracer observes zero source and the analysis aborts.This is a workflow-configuration issue, independent of any source change; it surfaces on PRs whose diff doesn't force a recompile.
Fix
Add
--no-build-cache --rerun-tasksto the CodeQL build step:--rerun-tasksis the essential part — it ignores up-to-date checks and forces the Kotlin compile tasks to actually run, so the CodeQL tracer has source to analyze.--no-build-cacheprevents the same outputs being pulled from the build cache.This change is scoped to the CodeQL build step only; runtime/library behaviour is unaffected.
Verification
Once CI runs on this PR, the Analyze Kotlin check should complete successfully instead of failing with exit code 32.
https://claude.ai/code/session_01LxuawhwkZuJAAoMkDpSTGZ
Generated by Claude Code