Jan 14, 2025 · I am running CodeQL inside a private organization with advanced security enabled. It is working good for default queries. The queries security-extended and security-and-quality are …

Oct 11, 2022 · Is there a way to exclude files from CodeQL scanning on GitHub Asked 3 years, 2 months ago Modified 10 months ago Viewed 8k times

Aug 23, 2023 · Now as I'm trying to scan this by codeql, it was trying to autobuild it without success. After investigating it online I understood that only specific type of projects can work with autobuild …

Nov 4, 2025 · I have a CodeQL CLI bundle (v2.13.5) stored on an on-prem Artifactory repository. I want to fetch this, store it using the tool-cache action and then run the CodeQL action on GitHub Actions.

Dec 5, 2022 · CodeQL reports some true and some false positive for a specific rule. Is there a way to mark a Python codeline so that the check is ignored by CodeQL? Similar, for example to # noqa for …

Jan 17, 2024 · Correct. CodeQL Autobuild is documented for each language on the GitHub docs "About autobuild for CodeQL". You need to specify.net build steps manually as you would in your normal CI. …

Apr 5, 2023 · It's my first time using codeql,the dir demo contains a simple cpp file,i tried to run a demo like this codeql database create ./demo-db -s . --language=cpp . However,it ran into issue,here are the

Oct 2, 2023 · Find an example repo here: ghas-demo designed for GitHub workflows. However, it also applies to Azure DevOps. Just import the repo to DevOps, then create a Yaml pipeline by following …

Nov 4, 2025 · My goal is to run multiple CodeQL query packs and suites (like security-extended and audit) in one GitHub Action workflow, and ideally merge the results into one SARIF file for upload to …

Aug 16, 2024 · I'm writing functions for a Python package to register files from a file system to an SQL database, and GitHub's CodeQL has flagged that the file paths are a potential security risk. I have …