- The `upload` input to the `analyze` Action now accepts the following values:
- `always` is the default value, which uploads the SARIF file to Code Scanning for successful and failed runs.
- `failure-only` is recommended for customers post-processing the SARIF file before uploading it to Code Scanning. This option uploads debugging information to Code Scanning for failed runs to improve the debugging experience.
- `never` avoids uploading the SARIF file to Code Scanning even if the code scanning run fails. This is not recommended for external users since it complicates debugging.
- The legacy `true` and `false` options will be interpreted as `always` and `failure-only` respectively.
---------
Co-authored-by: Henry Mercer <henry.mercer@me.com>
Suppose a customer has a run where the init Action failed before saving
a config file.
When the customer opens their Actions logs, the UI currently focuses on
the post init step, since this is the last step that failed.
Demoting the error in the post init Action to a warning means that the
UI will instead focus on the `init` step, which is more useful for
debugging what went wrong.
Henry Mercer
Josh Soref
Angela P Wen