Skip to content

fix(hooks): remove unused local variables flagged by CodeQL#2352

Merged
WilliamBerryiii merged 2 commits into
mainfrom
fix/2351-codeql-unused-locals
Jul 2, 2026
Merged

fix(hooks): remove unused local variables flagged by CodeQL#2352
WilliamBerryiii merged 2 commits into
mainfrom
fix/2351-codeql-unused-locals

Conversation

@WilliamBerryiii

Copy link
Copy Markdown
Member

Description

CodeQL code scanning flagged three js/unused-local-variable alerts (severity: note) for dead-code locals that were declared but never referenced. This PR removes them, clearing the alerts without changing any runtime behavior.

The changes span two files:

  • Telemetry report — removed the unused cols constant in the renderHeatmap function of .github/hooks/shared/telemetry/report.html. The grid layout already derives its column count directly from tools.length, so cols was never read.
  • Contrast e2e test — removed the unused headingThreshold and subtitleThreshold locals in the homepage-hero contrast test in docs/docusaurus/e2e/contrast.spec.ts. That test asserts on gradient/null background handling rather than numeric thresholds, so the two values were orphaned. Removing them also left the isLargeText helper with no callers, so it was removed as well to avoid trading one dead-code alert for another.

Related Issue(s)

Closes #2351

Type of Change

Select all that apply:

Code & Documentation:

  • Bug fix (non-breaking change fixing an issue)
  • New feature (non-breaking change adding functionality)
  • Breaking change (fix or feature causing existing functionality to change)
  • Documentation update

Infrastructure & Configuration:

  • GitHub Actions workflow
  • Linting configuration (markdown, PowerShell, etc.)
  • Security configuration
  • DevContainer configuration
  • Dependency update

AI Artifacts:

  • Reviewed contribution with prompt-builder agent and addressed all feedback
  • Copilot instructions (.github/instructions/*.instructions.md)
  • Copilot prompt (.github/prompts/*.prompt.md)
  • Copilot agent (.github/agents/*.agent.md)
  • Copilot skill (.github/skills/*/SKILL.md)
  • Copilot hook (.github/hooks/*/*.json)
  • Eval spec added/updated for changed AI artifacts (evals/)

Other:

  • Script/automation (.ps1, .sh, .py)
  • Other (please describe):

Testing

  • Confirmed the contrast.spec.ts TypeScript file reports no editor/type-check diagnostics after the edits.
  • Verified the removed symbols (cols, headingThreshold, subtitleThreshold, isLargeText) have no remaining references in their files; the surviving cols occurrences belong to a separate table renderer and were left untouched.
  • Diff-based security review: no sensitive data, dependency, or privilege changes; the change only deletes dead code.
  • Manual testing was not performed. The full automated validation suite runs in CI on this PR.

Checklist

Required Checks

  • Documentation is updated (if applicable) (N/A — no documentation changes required)
  • Files follow existing naming conventions
  • Changes are backwards compatible (if applicable)
  • Tests added for new functionality (if applicable) (N/A — dead-code removal, no new functionality)

AI Artifact Contributions

  • Used /prompt-analyze to review contribution
  • Addressed all feedback from prompt-builder review
  • Verified contribution follows common standards and type-specific requirements

Required Automated Checks

The following validation commands must pass before merging:

  • Markdown linting: npm run lint:md
  • Spell checking: npm run spell-check
  • Frontmatter validation: npm run lint:frontmatter
  • Skill structure validation: npm run validate:skills
  • Link validation: npm run lint:md-links
  • PowerShell analysis: npm run lint:ps
  • Eval spec schema and coverage (if AI artifacts changed): npm run eval:lint:schema
  • Plugin freshness: npm run plugin:generate
  • Docusaurus tests: npm run docs:test

Security Considerations

  • This PR does not contain any sensitive or NDA information
  • Any new dependencies have been reviewed for security issues (N/A — no dependency changes)
  • Security-related scripts follow the principle of least privilege (N/A — no security scripts modified)

Additional Notes

Scope was deliberately limited to the CodeQL js/unused-local-variable alerts. Two open Scorecard alerts — PinnedDependenciesID on beval.yml and BranchProtectionID — were intentionally left out of this change.

Removes dead-code locals reported by CodeQL js/unused-local-variable:

- report.html: unused 'cols' in renderHeatmap (alert #349)

- contrast.spec.ts: unused 'headingThreshold'/'subtitleThreshold' and the now-orphaned isLargeText helper (alerts #350, #351)
@WilliamBerryiii WilliamBerryiii requested a review from a team as a code owner July 2, 2026 03:55
@WilliamBerryiii WilliamBerryiii self-assigned this Jul 2, 2026
@codecov-commenter

codecov-commenter commented Jul 2, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 81.61%. Comparing base (ad23920) to head (3b62030).

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #2352      +/-   ##
==========================================
- Coverage   81.63%   81.61%   -0.03%     
==========================================
  Files         130      130              
  Lines       19489    19489              
  Branches       12       12              
==========================================
- Hits        15909    15905       -4     
- Misses       3577     3581       +4     
  Partials        3        3              
Flag Coverage Δ
docusaurus 61.84% <ø> (ø)
pester 85.93% <ø> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 2 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Eval Execution

⚠️ No eval summary was produced.

@WilliamBerryiii WilliamBerryiii merged commit fcc4134 into main Jul 2, 2026
83 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Fix CodeQL js/unused-local-variable alerts (#349, #350, #351)

4 participants