search

github / codeql

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
https://codeql.github.com
MIT License
7.49k stars 1.49k forks source link

General issue [Azure DevOps Pipeline]: pipeline is stuck at "Starting evaluation of codeql/csharp-queries/Telemetry/UnsupportedExternalAPIs.ql." step #15059

Open ibrahim-amer opened 9 months ago

ibrahim-amer commented 9 months ago

I am adding CodeQL checks to our repository for it to run when code is pushed to our branch. The code ql analyze task never finishes and it always stuck until the task fails at this step "Starting evaluation of codeql/csharp-queries/Telemetry/UnsupportedExternalAPIs.ql." of running "AdvancedSecurity-Codeql-Analyze@1" task in an AzureDevOps Pipeline.

Here is my yaml file's content: 


trigger:
  - main

pool:
  vmImage: ubuntu-latest

variables:
  #advancedsecurity.codeql.querysuite: security-extended
  #advancedsecurity.submittoadvancedsecurity: true
  timeoutInMinutes: 360

steps:
  - task: AdvancedSecurity-Codeql-Init@1
    inputs:
      languages: 'csharp'

  - task: AdvancedSecurity-Codeql-Autobuild@1
  - task: AdvancedSecurity-Dependency-Scanning@1
  - task: AdvancedSecurity-Codeql-Analyze@1
aibaars commented 9 months ago

Thanks for reporting. Could you attach the log output to this issue? What is roughly the size of the code base you are trying to analyse?

ibrahim-amer commented 8 months ago

Thanks for reporting. Could you attach the log output to this issue? What is roughly the size of the code base you are trying to analyse?

Thank you for your response! The code base isn't big at all, it consists of one .NET web API project. Here is my log file for the Advanced Security Code Analyze task: 

Starting: Advanced Security Code Analyze
==============================================================================
Task         : Advanced Security Perform CodeQL analysis
Description  : Finalizes the CodeQL database and runs the analysis queries.
Version      : 1.1.194
Author       : Microsoft Corporation
Help         : https://aka.ms/advanced-security/code-scanning/detection
==============================================================================
Session Id=c5d30b93-5eea-4585-bd24-56e8d0d30b6a
Starting database finalization.
Database finalization is a time consuming process and may take a while to complete.
Finalizing csharp
Starting query analysis.
Running builtin query pack csharp-security-extended.qls for csharp
C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\codeql.exe database analyze --min-disk-free=1024 --output=D:\a\_temp\advancedsecurity.codeql\out\27.671.Job.15d064.csharp.builtin.sarif --format=sarifv2.1.0 --sarif-add-query-help --sarif-group-rules-by-pack --sarif-multicause-markdown --print-diagnostics-summary --print-metrics-summary --threads=0 --ram=4475 D:\a\_temp\advancedsecurity.codeql\d\csharp csharp-security-extended.qls
Running queries.
[1/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Input Validation\UseOfFileUpload.qlx.
[2/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CookieWithOverlyBroadDomain.qlx.
[3/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CookieWithOverlyBroadPath.qlx.

[4/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-011\ASPNetDebug.qlx.
[5/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-022\TaintedPath.qlx.
[6/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-022\ZipSlip.qlx.
[7/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-078\CommandInjection.qlx.
[8/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-079\XSS.qlx.
[9/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-089\SqlInjection.qlx.
[10/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-090\LDAPInjection.qlx.
[11/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-091\XMLInjection.qlx.
[12/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-094\CodeInjection.qlx.
[13/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-099\ResourceInjection.qlx.
[14/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-112\MissingXMLValidation.qlx.
[15/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-114\AssemblyPathInjection.qlx.
[16/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-117\LogForging.qlx.
[17/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-119\LocalUnvalidatedArithmetic.qlx.
[18/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-134\UncontrolledFormatString.qlx.
[19/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-201\ExposureInTransmittedData.qlx.
[20/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-209\ExceptionInformationExposure.qlx.
[21/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-248\MissingASPNETGlobalErrorHandler.qlx.
[22/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-312\CleartextStorage.qlx.
[23/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-352\MissingAntiForgeryTokenValidation.qlx.
[24/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-359\ExposureOfPrivateInformation.qlx.
[25/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-384\AbandonSession.qlx.
[26/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-451\MissingXFrameOptions.qlx.
[27/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-502\DeserializedDelegate.qlx.
[28/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-502\UnsafeDeserializationUntrustedInput.qlx.
[29/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-548\ASPNetDirectoryListing.qlx.
[30/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-601\UrlRedirect.qlx.
[31/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-611\UntrustedDataInsecureXml.qlx.
[32/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-614\RequireSSL.qlx.
[33/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-643\XPathInjection.qlx.
[34/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-730\ReDoS.qlx.
[35/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-730\RegexInjection.qlx.
[36/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-807\ConditionalBypass.qlx.
[37/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\Encryption using ECB.qlx.
[38/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\HeaderCheckingDisabled.qlx.
[39/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\InadequateRSAPadding.qlx.
[40/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\InsecureRandomness.qlx.
[41/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\InsufficientKeySize.qlx.
[42/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\PersistentCookie.qlx.
[43/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\WeakEncryption.qlx.
[44/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Configuration\EmptyPasswordInConfigurationFile.qlx.
[45/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Configuration\PasswordInConfigurationFile.qlx.
[46/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Input Validation\ValueShadowing.qlx.
[47/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Input Validation\ValueShadowingServerVariable.qlx.
[48/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Likely Bugs\ThreadUnsafeICryptoTransform.qlx.
[49/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Likely Bugs\ThreadUnsafeICryptoTransformLambda.qlx.
[50/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-020\RuntimeChecksBypass.qlx.
[51/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-078\StoredCommandInjection.qlx.
[52/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-079\StoredXSS.qlx.
[53/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-089\SecondOrderSqlInjection.qlx.
[54/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-090\StoredLDAPInjection.qlx.
[55/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-285\MissingAccessControl.qlx.
[56/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-327\InsecureSQLConnection.qlx.
[57/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-639\InsecureDirectObjectReference.qlx.
[58/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-643\StoredXPathInjection.qlx.
[59/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-798\HardcodedConnectionString.qlx.
[60/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Security Features\CWE-798\HardcodedCredentials.qlx.
[61/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Diagnostics\CompilerError.qlx.
[62/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Diagnostics\CompilerMessage.qlx.
[63/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Diagnostics\DiagnosticExtractionErrors.qlx.
[64/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Diagnostics\DiagnosticNoExtractionErrors.qlx.
[65/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Diagnostics\ExtractorError.qlx.
[66/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Diagnostics\ExtractorMessage.qlx.
[67/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Metrics\Summaries\LinesOfCode.qlx.
[68/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Telemetry\ExternalLibraryUsage.qlx.
[69/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Telemetry\SupportedExternalApis.qlx.
[70/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Telemetry\SupportedExternalSinks.qlx.
[71/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Telemetry\SupportedExternalSources.qlx.
[72/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Telemetry\SupportedExternalTaint.qlx.
[73/73] Loaded C:\hostedtoolcache\windows\CodeQL\2.15.3\x64\codeql\qlpacks\codeql\csharp-queries\0.8.3\Telemetry\UnsupportedExternalAPIs.qlx.
Starting evaluation of codeql\csharp-queries\Configuration\EmptyPasswordInConfigurationFile.ql.
Starting evaluation of codeql\csharp-queries\Configuration\PasswordInConfigurationFile.ql.
Starting evaluation of codeql\csharp-queries\Diagnostics\CompilerError.ql.
Starting evaluation of codeql\csharp-queries\Diagnostics\CompilerMessage.ql.
Starting evaluation of codeql\csharp-queries\Diagnostics\DiagnosticExtractionErrors.ql.
[1/73 eval 723ms] Evaluation done; writing results to codeql\csharp-queries\Configuration\PasswordInConfigurationFile.bqrs.
[2/73 eval 740ms] Evaluation done; writing results to codeql\csharp-queries\Configuration\EmptyPasswordInConfigurationFile.bqrs.
[3/73 eval 690ms] Evaluation done; writing results to codeql\csharp-queries\Diagnostics\CompilerError.bqrs.
[4/73 eval 89ms] Evaluation done; writing results to codeql\csharp-queries\Diagnostics\CompilerMessage.bqrs.
Starting evaluation of codeql\csharp-queries\Diagnostics\DiagnosticNoExtractionErrors.ql.
Starting evaluation of codeql\csharp-queries\Diagnostics\ExtractorError.ql.
Starting evaluation of codeql\csharp-queries\Diagnostics\ExtractorMessage.ql.
Starting evaluation of codeql\csharp-queries\Input Validation\UseOfFileUpload.ql.
[5/73 eval 187ms] Evaluation done; writing results to codeql\csharp-queries\Diagnostics\ExtractorError.bqrs.
[6/73 eval 172ms] Evaluation done; writing results to codeql\csharp-queries\Diagnostics\ExtractorMessage.bqrs.
[7/73 eval 498ms] Evaluation done; writing results to codeql\csharp-queries\Diagnostics\DiagnosticExtractionErrors.bqrs.
[8/73 eval 6s] Evaluation done; writing results to codeql\csharp-queries\Diagnostics\DiagnosticNoExtractionErrors.bqrs.
Starting evaluation of codeql\csharp-queries\Input Validation\ValueShadowing.ql.
Starting evaluation of codeql\csharp-queries\Input Validation\ValueShadowingServerVariable.ql.
Starting evaluation of codeql\csharp-queries\Likely Bugs\ThreadUnsafeICryptoTransform.ql.
Starting evaluation of codeql\csharp-queries\Likely Bugs\ThreadUnsafeICryptoTransformLambda.ql.
[9/73 eval 43s] Evaluation done; writing results to codeql\csharp-queries\Input Validation\UseOfFileUpload.bqrs.
[10/73 eval 35.9s] Evaluation done; writing results to codeql\csharp-queries\Input Validation\ValueShadowingServerVariable.bqrs.
[11/73 eval 35.9s] Evaluation done; writing results to codeql\csharp-queries\Input Validation\ValueShadowing.bqrs.
[12/73 eval 36s] Evaluation done; writing results to codeql\csharp-queries\Likely Bugs\ThreadUnsafeICryptoTransform.bqrs.
Starting evaluation of codeql\csharp-queries\Metrics\Summaries\LinesOfCode.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CookieWithOverlyBroadDomain.ql.
[13/73 eval 56ms] Evaluation done; writing results to codeql\csharp-queries\Metrics\Summaries\LinesOfCode.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\CookieWithOverlyBroadPath.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-011\ASPNetDebug.ql.
[14/73 eval 56ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\CookieWithOverlyBroadDomain.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-020\RuntimeChecksBypass.ql.
[15/73 eval 31ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\CookieWithOverlyBroadPath.bqrs.
[16/73 eval 31ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\CWE-011\ASPNetDebug.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-022\TaintedPath.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-022\ZipSlip.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-078\CommandInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-078\StoredCommandInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-079\StoredXSS.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-079\XSS.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-089\SecondOrderSqlInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-089\SqlInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-090\LDAPInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-090\StoredLDAPInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-091\XMLInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-094\CodeInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-099\ResourceInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-112\MissingXMLValidation.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-114\AssemblyPathInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-117\LogForging.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-119\LocalUnvalidatedArithmetic.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-134\UncontrolledFormatString.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-201\ExposureInTransmittedData.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-209\ExceptionInformationExposure.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-248\MissingASPNETGlobalErrorHandler.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-285\MissingAccessControl.ql.
[17/73 eval 39ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\CWE-248\MissingASPNETGlobalErrorHandler.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-312\CleartextStorage.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-327\InsecureSQLConnection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-352\MissingAntiForgeryTokenValidation.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-359\ExposureOfPrivateInformation.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-384\AbandonSession.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-451\MissingXFrameOptions.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-502\DeserializedDelegate.ql.
[18/73 eval 7ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\CWE-451\MissingXFrameOptions.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-502\UnsafeDeserializationUntrustedInput.ql.
[19/73 eval 874ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\CWE-502\DeserializedDelegate.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-548\ASPNetDirectoryListing.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-601\UrlRedirect.ql.
[20/73 eval 16ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\CWE-548\ASPNetDirectoryListing.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-611\UntrustedDataInsecureXml.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-614\RequireSSL.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-639\InsecureDirectObjectReference.ql.
[21/73 eval 31ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\CWE-614\RequireSSL.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-643\StoredXPathInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-643\XPathInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-730\ReDoS.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-730\RegexInjection.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-798\HardcodedConnectionString.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-798\HardcodedCredentials.ql.
Starting evaluation of codeql\csharp-queries\Security Features\CWE-807\ConditionalBypass.ql.
Starting evaluation of codeql\csharp-queries\Security Features\Encryption using ECB.ql.
Starting evaluation of codeql\csharp-queries\Security Features\HeaderCheckingDisabled.ql.
[22/73 eval 62ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\Encryption using ECB.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\InadequateRSAPadding.ql.
[23/73 eval 75ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\HeaderCheckingDisabled.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\InsecureRandomness.ql.
[24/73 eval 89ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\InadequateRSAPadding.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\InsufficientKeySize.ql.
Starting evaluation of codeql\csharp-queries\Security Features\PersistentCookie.ql.
[25/73 eval 50ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\InsufficientKeySize.bqrs.
Starting evaluation of codeql\csharp-queries\Security Features\WeakEncryption.ql.
[26/73 eval 10ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\PersistentCookie.bqrs.
Starting evaluation of codeql\csharp-queries\Telemetry\ExternalLibraryUsage.ql.
[27/73 eval 28ms] Evaluation done; writing results to codeql\csharp-queries\Security Features\WeakEncryption.bqrs.
Starting evaluation of codeql\csharp-queries\Telemetry\SupportedExternalApis.ql.
[28/73 eval 14.2s] Evaluation done; writing results to codeql\csharp-queries\Telemetry\ExternalLibraryUsage.bqrs.
Starting evaluation of codeql\csharp-queries\Telemetry\SupportedExternalSinks.ql.
Starting evaluation of codeql\csharp-queries\Telemetry\SupportedExternalSources.ql.
Starting evaluation of codeql\csharp-queries\Telemetry\SupportedExternalTaint.ql.
Starting evaluation of codeql\csharp-queries\Telemetry\UnsupportedExternalAPIs.ql.
##[error]The operation was canceled.
Finishing: Advanced Security Code Analyze
labbobah commented 3 months ago

any update for this issue? i got the same error @aibaars

elikrief commented 3 months ago

same issue here

andreifloroiu commented 1 week ago

same issue here. pls, any hints, fixes or workarounds?