When I use 'codeql database create ./ --language="go"' to create a database, the yaml files in the project will not be included in the database

github / codeql

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

https://codeql.github.com

MIT License

7.72k stars 1.55k forks source link

When I use 'codeql database create ./ --language="go"' to create a database, the yaml files in the project will not be included in the database #17916

Open yuzhe-Mortal opened 2 weeks ago

yuzhe-Mortal commented 2 weeks ago

Description of the false positive When I use 'codeql database create ./ --language="go"' to create a database, the yaml files in the project will not be included in the database

Code samples or links to source code

URL to the alert on GitHub code scanning (optional)

smowton commented 1 week ago

Presently the Go database schema doesn't have the tables needed for YAML information. The Ruby, Python, JavaScript and Rust database schema can do so, and there's no reason Go or other languages shouldn't be able to include YAML files on request, though our default queries wouldn't use any YAML information per default. I'll take a look at making this uniform across languages.