You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
CodeQL falsely detects a cyclic import in a Pull request.
There is an existing cyclic import in the code which is mitigated with an import inside of a function.
toolopts imports global variables from systeminfo inside of _register_options()
systeminfo imports toolopts
The pull request includes switching the python modules that the identifiers are being defined in and reversing the imports so that only one module has to import the other
toolopts now implements the global variables
toolopts no longer imports systeminfo at all
systeminfo now imports the global variables from toolopts
Indeed, this sounds like a false positive. Thank you for reporting it!
Our current focus is on improving our security analysis. Because your report does not relate to a security query, we will put this on our backlog and prioritize it if we get enough reports of the same underlying issue in other projects. If you think that your report is related to our security analysis, please clarify that in a comment. Either way, we'll let you know here as soon as it's fixed!
I also want to point out that GitHub Code Scanning has facilities for suppressing individual alerts or disabling a query, just FYI.
Description of the false positive
CodeQL falsely detects a cyclic import in a Pull request.
Code samples or links to source code
URL to the alert on GitHub code scanning (optional)
The text was updated successfully, but these errors were encountered: