-
Hello expert,
I am trying to upload a SARIF file generated by a trivy scan. Whereas the SARIF file is generated, the upload of the file in the security tab failed with the message:
```
Run github…
-
After downloading https://github.com/github/codeql-action/releases/download/codeql-bundle-v2.15.2/codeql-bundle-linux64.tar.gz and `$ tar xvzf codeql-bundle-linux64.tar.gz` I set my $PATH to the extra…
-
-
This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.
This repository currently has no…
-
Currently, there are a few areas where workflows can be optimized to reduce CI times, maintenance, and security in the runners. Also, consider adding tools like @dependabot that can keep the dependenc…
-
- https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/#languages-and-compilers
- https://github.blog/changelog/2023-01-09-code-scanning-can-be-set-up-more-easily-without…
-
As recommended, I use the default setup for CodeQL. I also _require_ the CI scans in my protected branches. However, whenever there is an external-fork-based PR, the scans are not run (= status is nev…
-
### Description
The repository contains code in `javascript` , it does not have workflow for code scanning.
### How would you like to see it implemented?
I aim to implement the CodeQL workflow…
-
We're trying to reference a private CodeQL pack when running `init`. When this runs in Github actions, we get `HttpError: Not Found`.
```
name: "SAST Scans"
on:
push:
branches: ["maste…
-
We`re workin on CodeQL Static Application Security Testing (SAST) implementation for a Swift language using GitHub Actions. During this process, I encountered an issue with the CodeQL initialization s…