continue-on-error masking failures¶
Rule ID |
|
|---|---|
Category |
reliability |
Severity |
medium |
continue-on-error: true is set on a step that is not explicitly intended to be optional. This can silently hide real failures.
Detection¶
static_analysis — Checks field presence or value in the workflow YAML.
Examples¶
Non-compliant:
jobs:
ci:
steps:
- name: Run tests
run: npm test
continue-on-error: true
Compliant:
jobs:
ci:
steps:
- name: Run tests
run: npm test
Fix: Remove continue-on-error: true from non-optional steps. If the step is genuinely optional (e.g. coverage upload), add a comment explaining why.