Skip to content

fix: remove hashFiles() from job-level if conditions in security.yml#928

Open
Xaxxoo wants to merge 1 commit into
rinafcode:mainfrom
Xaxxoo:fix/security-yml-hashfiles
Open

fix: remove hashFiles() from job-level if conditions in security.yml#928
Xaxxoo wants to merge 1 commit into
rinafcode:mainfrom
Xaxxoo:fix/security-yml-hashfiles

Conversation

@Xaxxoo

@Xaxxoo Xaxxoo commented Jun 28, 2026

Copy link
Copy Markdown
Contributor

Summary

  • hashFiles() is not supported in job-level if: expressions in GitHub Actions — it causes an "Invalid workflow file" parse error that blocks all PR workflows
  • Removed if: hashFiles('package.json', 'pnpm-lock.yaml') != '' from the dependency-scan job
  • Removed if: hashFiles('Dockerfile') != '' from the container-scan job

Root Cause

hashFiles() requires a checked-out workspace and is only valid within step-level contexts. Using it in a job-level if: triggers the parse error: Unrecognized function: 'hashFiles'.

Test plan

  • Confirm security workflow runs pass (no "Invalid workflow file" error) after merge
  • Verify dependency-scan and container-scan jobs execute as expected

@drips-wave

drips-wave Bot commented Jun 28, 2026

Copy link
Copy Markdown

Hey @Xaxxoo! 👋 It looks like this PR isn't linked to any issue.

If this PR is for one of the issues assigned to you as part of a Wave, please link it to ensure your contribution is tracked properly. You can do this by adding a keyword to the PR description (e.g., Closes #123), or by clicking a button below:

Issue Title
#877 Add role-based field visibility enforcement at the serialization layer Link to this issue
#875 Add API versioning enforcement middleware to reject requests to deprecated versions Link to this issue
#858 Add feature flag state change audit log for compliance traceability Link to this issue
#876 Add content reporting escalation workflow to ModerationModule Link to this issue

ℹ️ Learn more about linking PRs to issues

@github-advanced-security

github-advanced-security AI commented Jun 29, 2026

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Xaxxoo @github-advanced-security