Skip to content

github/codeql-action

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 160 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github
 
 
.vscode
 
 
analyze
 
 
autobuild
 
 
init
 
 
lib
 
 
node_modules
 
 
pr-checks
 
 
python-setup
 
 
queries
 
 
resolve-environment
 
 
src
 
 
tests
 
 
upload-sarif
 
 
.editorconfig
 
 
.eslintignore
 
 
.eslintrc.json
 
 
.git-blame-ignore-revs
 
 
.gitattributes
 
 
.gitignore
 
 
.npmrc
 
 
.pre-commit-config.yaml
 
 
CHANGELOG.md
 
 
CODEOWNERS
 
 
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
 
 
LICENSE
 
 
README.md
 
 
package-lock.json
 
 
package.json
 
 
tsconfig.json
 
 
CodeQL Action :loudspeaker: Node 16 deprecation, upcoming CodeQL Action v3 :loudspeaker: License Usage Troubleshooting Contributing

README.md

CodeQL Action

This action runs GitHub's industry-leading semantic code analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed on pull requests and in the repository's security tab. CodeQL runs an extensible set of queries, which have been developed by the community and the GitHub Security Lab to find common vulnerabilities in your code.

For a list of recent changes, see the CodeQL Action's changelog.

:loudspeaker: Node 16 deprecation, upcoming CodeQL Action v3 :loudspeaker:

Announcement for users of this Action and code scanning workflows on GitHub.com:

  • You will begin to see these warnings about Node.js 16 deprecation in your Actions logs on code scanning runs starting October 23, 2023.
  • All code scanning workflows should continue to succeed regardless of the warning.
  • The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20.

For more information, and to communicate with the maintaining team, please use this issue.

License

This project is released under the MIT License.

The underlying CodeQL CLI, used in this action, is licensed under the GitHub CodeQL Terms and Conditions. As such, this action may be used on open source projects hosted on GitHub, and on private repositories that are owned by an organisation with GitHub Advanced Security enabled.

Usage

We recommend using default setup to configure CodeQL analysis for your repository. For more information, see "Configuring default setup for code scanning."

You can also configure advanced setup for a repository to find security vulnerabilities in your code using a highly customizable code scanning configuration. For more information, see "Configuring advanced setup for code scanning" and "Customizing your advanced setup for code scanning."

Troubleshooting

Read about troubleshooting code scanning.

Contributing

This project welcomes contributions. See CONTRIBUTING.md for details on how to build, install, and contribute.

About

No description, website, or topics provided.

Resources

Readme

Code of conduct

Code of conduct
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks

Releases

160 tags

Packages

No packages published