Robert

You can actually see in a workflow run what permissions it has. It gets printed out near the top. In your run it did appear to have `write` permission, so...

@AlCalzone, check out the "analysis still failing on the default branch" section of https://github.com/github/codeql-action/issues/416. Apologies this information is not yet in the proper troubleshooting docs but that change is in...

I'm sorry it's a bit of a pain. It's an annoying consequence of various bits of valid behaviour. The core behaviour to understand is that code scanning analysis won't work...

Nice catch. Not sure exactly what happened here but I'd guess they were genuinely asynchronous at some point in the past. This looks like a good candidate for a CodeQL...

You're right that not uploading when there are no alerts will lead to alerts being left open erroneously. Code scanning decides that an alert is closed when a SARIF file...

Thanks for reporting this. We're aware and there will be a new version of the codeql-action out soon that will either fix the error, and at some point in the...

I'm afraid uploading the CodeQL database is a bit tricky right now. The location it's uploaded to is an implementation detail, though we do plan to add a way for...

I'm afraid the autobuild logic is part of CodeQL and currently that part is not open sourced. Perhaps @aibaars can help here?

> Almost all of the time in this implementation is in the `await pathExists(expectedFile)` call. Removing it makes it complete in less than a second. Could you point to where...

As an alternative suggestion for the columns, we go with having the alert count and the add/remove modeling icon in one column using a flex-box row. I think it should...