Oops! Something went wrong! :(\\n2026-02-25T08:13:25.7899905Z ##[error]ESLint: 9.29.0\\n2026-02-25T08:13:25.7901294Z ##[error]No files matching the pattern \\u0026#34;**/*.{js,ts}\\u0026#34; were found. - \\n2026-02-25T08:13:25.7901998Z ##[error]Please check for typing mistakes in the pattern.\\n\\nThis is on the same commit hash as previously ran.\\n\\nThe only differences we can see in the logs are:\\n\\n- The tools have started downloading from https://msdous.pkgs.visualstudio.com when previously it always downloaded from https://msdoeu.pkgs.visualstudio.com. There has been no configuration change in the Azure Managed DevOps Pool configuration, the agents are deployed to \\u0026#34;West Europe\\u0026#34;.\\n- The order the tools are run has changed. Previously the Tool Applicability Information, Install and exection all showed the order as:\\n - templateanalyzer, eslint, checkov, iacfilescanner\\n The order now is:\\n - iacfilescanner, eslint, checkov, templateanalyzer\\n\\nI have validated the contents of the .json files the task downloads from the EU/US and can see no differences except that the EU server only lists the 1.0.16+ versions of the Tools.Configuration.\",\"state\":\"OPEN\",\"user\":{\"login\":\"a-teece\"},\"labels\":[\"needs-maintainer\"],\"comments\":12,\"created_at\":\"2026-02-25T12:36:27Z\",\"updated_at\":\"2026-02-27T17:21:14Z\"},{\"number\":19,\"title\":\"Validate Azure DevOps pipeline steps (integration of other SAST/SCA tooling)\",\"body\":\"Hi,\\n\\nCould I also use this to check for the *existence* of certain steps in an Azure DevOps YAML pipeline? Does it have this capability? For example, if there is a step that uses SonarQube or Nexus IQ - ie. can MSDO scan the following Azure DevOps YAML file and look for the existence of the steps involving SonarQube (example YAML below):\\n\\ntrigger:\\n\\\\- master # or the name of the main branch\\n\\\\- feature/*\\n\\nsteps:\\n\\n\\\\- task: SonarQubePrepare@5\\n inputs:\\n SonarQube: \\u0026#39;YourSonarqubeServerEndpoint\\u0026#39;\\n scannerMode: \\u0026#39;Other\\u0026#39;\\n extraProperties: \\u0026#39;sonar.projectKey=[REDACTED] task: SonarQubePublish@5\\n inputs:\\n pollingTimeoutSec: \\u0026#39;300\\u0026#39;\\n\\n\",\"state\":\"OPEN\",\"user\":{\"login\":\"markl11\"},\"labels\":[\"enhancement\"],\"created_at\":\"2022-05-03T08:06:16Z\",\"updated_at\":\"2026-02-17T17:27:29Z\"},{\"number\":130,\"title\":\"Checkov gdnconifg file cannot set soft-fail property\",\"body\":\"When using a gdnconfig file to specify configuration settings, there is no option to enable the --soft-fail property. \\n\\nThat means the following error is shown in the output for the pipeline\\n\\n\\n\\nIf you set the configuration settings as env variables directly in the pipeline it seems to set soft-fail automatically and you dont see the error message. Below is an example of being able to set soft fail.\\n\\n \\u0026#34;tools\\u0026#34;: [\\n {\\n \\u0026#34;tool\\u0026#34;: {\\n \\u0026#34;name\\u0026#34;: \\u0026#34;Checkov\\u0026#34;,\\n \\u0026#34;version\\u0026#34;: \\u0026#34;Latest\\u0026#34;\\n },\\n \\u0026#34;arguments\\u0026#34;: {\\n \\u0026#34;DownloadExternalModules\\u0026#34;: \\u0026#34;true\\u0026#34;,\\n \\u0026#34;SkipCheck\\u0026#34;: \\u0026#34;CKV_TF_1\\u0026#34;,\\n \\u0026#34;Quiet\\u0026#34;: \\u0026#34;true\\u0026#34;,\\n \\u0026#34;SoftFail\\u0026#34;: \\u0026#34;true\\u0026#34;\\n }\\n }\\n ]\\n}\",\"state\":\"OPEN\",\"user\":{\"login\":\"Arhughes14\"},\"comments\":4,\"created_at\":\"2025-03-28T10:35:33Z\",\"updated_at\":\"2025-09-26T09:50:58Z\"},{\"number\":135,\"title\":\"Documentation request: How tools to run are selected\",\"body\":\"The wiki defines [in its FAQ](https://github.com/microsoft/security-devops-action/wiki/FAQ#how-does-msdo-determine-what-tools-to-run) how MSDO selects which tools to run. However, it fails so give more than one example, and not a complete

Oops! Something went wrong! :(\\n2026-02-25T08:13:25.7899905Z ##[error]ESLint: 9.29.0\\n2026-02-25T08:13:25.7901294Z ##[error]No files matching the pattern \\\"**/*.{js,ts}\\\" were found. - \\n2026-02-25T08:13:25.7901998Z ##[error]Please check for typing mistakes in the pattern.\\n\\nThis is on the same commit hash as previously ran.\\n\\nThe only differences we can see in the logs are:\\n\\n- The tools have started downloading from https://msdous.pkgs.visualstudio.com when previously it always downloaded from https://msdoeu.pkgs.visualstudio.com. There has been no configuration change in the Azure Managed DevOps Pool configuration, the agents are deployed to \\\"West Europe\\\".\\n- The order the tools are run has changed. Previously the Tool Applicability Information, Install and exection all showed the order as:\\n - templateanalyzer, eslint, checkov, iacfilescanner\\n The order now is:\\n - iacfilescanner, eslint, checkov, templateanalyzer\\n\\nI have validated the contents of the .json files the task downloads from the EU/US and can see no differences except that the EU server only lists the 1.0.16+ versions of the Tools.Configuration.\",\"author_association\":\"NONE\",\"user\":{\"login\":\"a-teece\",\"id\":33296869,\"node_id\":\"MDQ6VXNlcjMzMjk2ODY5\",\"avatar_url\":\"https://avatars.githubusercontent.com/u/33296869?v=4\",\"html_url\":\"https://github.com/a-teece\",\"gravatar_id\":\"\",\"type\":\"User\",\"site_admin\":false,\"url\":\"https://api.github.com/users/a-teece\",\"events_url\":\"https://api.github.com/users/a-teece/events{/privacy}\",\"following_url\":\"https://api.github.com/users/a-teece/following{/other_user}\",\"followers_url\":\"https://api.github.com/users/a-teece/followers\",\"gists_url\":\"https://api.github.com/users/a-teece/gists{/gist_id}\",\"organizations_url\":\"https://api.github.com/users/a-teece/orgs\",\"received_events_url\":\"https://api.github.com/users/a-teece/received_events\",\"repos_url\":\"https://api.github.com/users/a-teece/repos\",\"starred_url\":\"https://api.github.com/users/a-teece/starred{/owner}{/repo}\",\"subscriptions_url\":\"https://api.github.com/users/a-teece/subscriptions\"},\"labels\":[{\"id\":10289510024,\"url\":\"https://api.github.com/repos/microsoft/security-devops-action/labels/needs-maintainer\",\"name\":\"needs-maintainer\",\"color\":\"d93f0b\",\"description\":\"Requires maintainer attention\",\"default\":false,\"node_id\":\"LA_kwDODDGQuM8AAAACZU12iA\"}],\"assignee\":{\"login\":\"DimaBir\",\"id\":28827735,\"node_id\":\"MDQ6VXNlcjI4ODI3NzM1\",\"avatar_url\":\"https://avatars.githubusercontent.com/u/28827735?v=4\",\"html_url\":\"https://github.com/DimaBir\",\"gravatar_id\":\"\",\"type\":\"User\",\"site_admin\":false,\"url\":\"https://api.github.com/users/DimaBir\",\"events_url\":\"https://api.github.com/users/DimaBir/events{/privacy}\",\"following_url\":\"https://api.github.com/users/DimaBir/following{/other_user}\",\"followers_url\":\"https://api.github.com/users/DimaBir/followers\",\"gists_url\":\"https://api.github.com/users/DimaBir/gists{/gist_id}\",\"organizations_url\":\"https://api.github.com/users/DimaBir/orgs\",\"received_events_url\":\"https://api.github.com/users/DimaBir/received_events\",\"repos_url\":\"https://api.github.com/users/DimaBir/repos\",\"starred_url\":\"https://api.github.com/users/DimaBir/starred{/owner}{/repo}\",\"subscriptions_url\":\"https://api.github.com/users/DimaBir/subscriptions\"},\"comments\":12,\"created_at\":\"2026-02-25T12:36:27Z\",\"updated_at\":\"2026-02-27T17:21:14Z\",\"url\":\"https://api.github.com/repos/microsoft/security-devops-action/issues/189\",\"html_url\":\"https://github.com/microsoft/security-devops-action/issues/189\",\"comments_url\":\"https://api.github.com/repos/microsoft/security-devops-action/issues/189/comments\",\"events_url\":\"https://api.github.com/repos/microsoft/security-devops-action/issues/189/events\",\"labels_url\":\"https://api.github.com/repos/microsoft/security-devops-action/issues/189/labels{/name}\",\"repository_url\":\"https://api.github.com/repos/microsoft/security-devops-action\",\"

Oops! Something went wrong! :(\\n2026-02-25T08:13:25.7899905Z ##[error]ESLint: 9.29.0\\n2026-02-25T08:13:25.7901294Z ##[error]No files matching the pattern \\u0026#34;**/*.{js,ts}\\u0026#34; ...`

Oops! Something went wrong! :(\\n2026-02-25T08:13:25.7899905Z ##[error]ESLint: 9.29.0\\n202...`

GitHub MCP guard policy automatically applied for public repository. min-integrity='approved' and repos='all' ensure only approved-integrity content is accessible.

This is expected behavior when a PR is closed - the branch may have been deleted.

Checkout failed (expected for closed PR): The process '/usr/bin/gh' failed with exit code 1

PR state: closed

PR number: 215

Event type: issue_comment

⚠️ Fork PR detected - gh pr checkout will fetch from fork repository