codeql-action
codeql-action copied to clipboard
github
Actions for running CodeQL analysis
I'm getting this error from codeql https://pipelines.actions.githubusercontent.com/serviceHosts/956685ef-aca5-407c-8d6e-14e1c815d4a1/_apis/pipelines/1/runs/27/signedlogcontent/2?urlExpires=2022-04-07T08%3A14%3A16.7919497Z&urlSigningMethod=HMACV1&urlSignature=bL1RBXYZgfUS1uBEyrEeJ46sjis9ze0cd3Y%2FwWYL9I8%3D I don't understand it though, and I can't find an existing question on it anywhere. How can I resolve this?
https://github.com/github/codeql-action/blob/1fae5bf71b0ecdc7d0a2ef0d0c28409d99693966/CONTRIBUTING.md#releasing-write-access-required Has a series of steps for making a new release. One thing it doesn't cover is ensuring that the [github/docs](https://github.com/github/docs) are current. At present, the [github docs](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions) point to...
Previously, even with debug mode on, if the `init` step failed we did not upload the appropriate Actions artifacts. This was because the artifacts were only uploaded in the `analyze`...
I spent quite a while wondering why my `category` input didn't seem to be working. Eventually had to fix it by editing the sarif file. https://github.com/argoproj/argo-cd/pull/10171/files ### Merge / deployment...
I have a workflow which has to check out the repo to a specific (non-default) directory. The upload-sarif action produces this error: ``` fatal: not a git repository (or any...
This PR un-reverts #1018 Additionally, it adds the fix for adding queries and packs from the actions input into the codescanning config file before it is sent to the CLI....
I'm not sure if I got the doc wrong, but I have a project with multiple folders and when running CodeQL on a single sub-folder using `source-root` like this :...
This reverts commit 99d4397d88749d4304bdaf50544afaf1b942c6bc. Returns query filter functionality back into the main branch. See #1098 ### Merge / deployment checklist - [ ] Confirm this change is backwards compatible with...
### Merge / deployment checklist - [ ] Confirm this change is backwards compatible with existing workflows. - [ ] Confirm the [readme](https://github.com/github/codeql-action/blob/main/README.md) has been updated if necessary. - [...
I'm one of the maintainers of the [scorecard's project](github.com/ossf/scorecard) and we integrated with the code scanning a few months ago. One user https://github.com/ossf/scorecard-action/issues/143 reported that the results keeps showing after...
