jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-23 21:07:12 -05:00
Code Issues Projects Releases Wiki Activity

updated explanation

Browse Source
This commit is contained in:
Sarita Iyer
2022-03-30 11:01:37 -04:00
parent 61bf1ba035
commit 7bdb057035
2 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts.md
View File

@@ -61,15 +61,13 @@ By default, any {% data variables.product.prodname_code_scanning %} results with
You can set up multiple configurations of code analysis on a repository, using different tools and targeting different languages or areas of the code. The configuration of code scanning used to generate an alert is called an analysis origin. For example, an alert generated using the default CodeQL analysis with GitHub Actions will have a different analysis origin from an alert generated externally and uploaded via the code scanning API.
The same code scanning alert can be generated by different analysis origins, leading to multiple instances of the same alert in a repository. If an alert exists for multiple analysis origins, the alert page will display the analysis origin name at the top of the page, allowing you to distinguish between multiple instances of the same alert.
In the **Affected branches** section, a tag icon will also appear next to any branch where the alert has multiple analysis origins. You can hover over the icon to see the names of all the analysis origins for which the alert exists. If an alert only has one analysis origin, the analysis origin name will not display on the alert page at all.
The same code scanning alert can be generated by different code scanning configurations, leading an alert to have multiple analysis origins. If an alert has more than one analysis origin, an icon will appear next to any relevant branch in the **Affected branches** section on the right-hand side of the alert page. You can hover over the icon to see the names of each analysis origin and the status of the alert for the analysis origin. If an alert only has one analysis origin, the analysis origins will not display on the alert page at all.
<!-- INSERT SCREENSHOT OF AN ALERT DETAILS PAGE WITH ANALYSIS ORIGIN HERE -->
{% note %}
**Note:** You may encounter a situation where a code scanning alert displays as fixed for one analysis origin but is still open for another analysis origin. You may need to run the code scanning configuration for the alert that is still open again to make sure the status gets updated.
**Note:** You may encounter a situation where a code scanning alert displays as fixed for one analysis origin but is still open for another analysis origin. You may need to run a code scanning configuration again to make sure the alert status gets updated for that analysis origin.
{% endnote %}