codeql-action
codeql-action copied to clipboard
github
Actions for running CodeQL analysis
When I attempted to upload a sarif file using the `upload-sarif@v1` action, I encountered the following error. > Unable to upload "/home/runner/work/path-to.sarif" as it is not valid SARIF: > \-...
In the webhook sent for the CodeQL check_run completion, the check_run.output.summary includes a markdown link similar to `[View all branch alerts](/{org}/{repo}/security/code-scanning?query=pr%3A{number}+tool%3ACodeQL+is%3Aopen)`. (The curly-braced text has been replaced in the actual...
It started to happen two days ago without any relevant change from our side in all PRs: https://github.com/rizinorg/rizin/pull/1222 Here is our CodeQL action configuration: https://github.com/rizinorg/rizin/blob/dev/.github/workflows/code-analysis.yml The error message is the...
CodeQl upload action is always failing with the following ``` Error: Path does not exist: results.sarif Error: Path does not exist: results.sarif at getSarifFilePaths (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:152:15) at Object.uploadFromActions (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:140:30) at run...
### Version CodeQL CLI: 2.8.5 CodeQL action: 1.1.8 (according to `CODEQL_ACTION_VERSION` environment variable) ### Description Currently (at least for Java projects) the metrics table printed at the end of `github/codeql-action/analyze`...
Hi, I'm trying to setup a basic code analysis in my CI on my project. I setup CodeQL for Ubuntu, worked first time. I tried to set up the same...
The ossf/scorecard project will [add recommended fixes](https://github.com/ossf/scorecard/issues/1850) for security issues in the SARIF file. In such cases, 1. Is it possible to show a "Copy code snippet" button in the...
https://github.com/Dheerajcode2016/opentelemetry-elk-exporter/runs/4497062547?check_suite_focus=true It looks like the action fails to automatically detect source code for CSharp .NET 6.0 The error returned is coming back from the Codeql CLI and the information isn't...
I get an HttpError when I run CodeQl locally using `act`. I opened an issue on `act` and was pointed to this PR: https://github.com/github/codeql-action/pull/117 but adding the environment variable to...
The analyze action fails since yesterday ``` Run github/codeql-action/analyze@4c10[2](https://github.com/renovatebot/renovate/runs/5828906475?check_suite_focus=true#step:5:2)1c5041fca602[3](https://github.com/renovatebot/renovate/runs/5828906475?check_suite_focus=true#step:5:3)82[4](https://github.com/renovatebot/renovate/runs/5828906475?check_suite_focus=true#step:5:4)e4[5](https://github.com/renovatebot/renovate/runs/5828906475?check_suite_focus=true#step:5:5)efb7f83178d52fe2 with: output: ../results upload: true cleanup-level: brutal add-snippets: false skip-queries: false checkout_path: /home/runner/work/renovate/renovate upload-database: true wait-for-processing: false token: *** matrix: null...
