Jan 14, 2025 · I am running CodeQL inside a private organization with advanced security enabled. It is working good for default queries. The queries security-extended and security-and-quality are …

Oct 11, 2022 · Is there a way to exclude files from CodeQL scanning on GitHub Asked 3 years, 3 months ago Modified 1 year ago Viewed 8k times

Jan 17, 2024 · Correct. CodeQL Autobuild is documented for each language on the GitHub docs "About autobuild for CodeQL". You need to specify.net build steps manually as you would in your normal CI. …

Feb 11, 2025 · I have an GitHub Advanced Security environment running in my GitHub enterprise account. When it uses either the default configuration, or the advanced configuration that I've built, it …

Apr 27, 2025 · Do you have a codeql-pack.yml / qlpack.yml file with the codeql/cpp-all pack as dependency? See also the documentation about the codeql-pack.yml file. If not, it might be easiest to …

Nov 28, 2022 · However, if you have already set up CodeQL code scanning manually you could maybe use the REST API endpoints for disabling and enabling the already existing code scanning workflow. …

Dec 17, 2024 · By default the codeql task will scan the ENTIRE code base. Which is not what I want. How can I configure Github advanced security to only scan one project?For example the front-end …

May 22, 2024 · The task AdvancedSecurity-Codeql-Init@1 points to a codeqlconfig yaml file and in this file I point to a simple todo codeql query. This is afaik how it has to be done according to the …

Dec 5, 2022 · CodeQL reports some true and some false positive for a specific rule. Is there a way to mark a Python codeline so that the check is ignored by CodeQL? Similar, for example to # noqa for …

Aug 16, 2024 · I'm writing functions for a Python package to register files from a file system to an SQL database, and GitHub's CodeQL has flagged that the file paths are a potential security risk. I have …