prabhu
commented
3 years ago Hi @ncoop57
Thank you for filing this ticket. Will you be able to share the .sarif files produced? Also is the repository publicly available for testing?
Open ncoop57 opened 3 years ago
prabhu
commented
3 years ago Hi @ncoop57
Thank you for filing this ticket. Will you be able to share the .sarif files produced? Also is the repository publicly available for testing?
ncoop57
commented
3 years ago Here is the repository I used for testing: https://github.com/ncoop57/codescanning. However, I'm not sure how the .sarif files are produced using code scanning and so I am not sure where to grab them from. If you have information on where I can download them, I'll be happy to upload them here.
Github’s Code scanning alerts section shows incorrect filename and path to file in flagged security alerts when using your security scanning tool:
As shown, the title states the issue is at DESCipherExample.java at the path src/main/java/com/minimals/des. However, the problem is actually located in DESReplaceCipherExample.java at the path src/main/java/com/minimals/des_replace, which is correctly shown in the subtitle.
This issue was originally opened in https://github.com/github/codeql/issues/4800 and was told to move it here: https://github.com/github/codeql/issues/4800#issuecomment-741905714