jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-20 18:36:31 -05:00
Code Issues Projects Releases Wiki Activity

Rebase changes from #16895 onto main - Security & analysis changes for GHAS CBB milestone 1 (#17134)

Browse Source
This commit is contained in:
Felicity Chapman
2021-01-06 15:08:26 +00:00
committed by GitHub
parent c5fedc195e
commit 909a1f181a
34 changed files with 168 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-codeql-code-scanning-in-your-ci-system.md
View File

@@ -12,6 +12,7 @@ versions:
{% data reusables.code-scanning.beta-codeql-runner %}
{% data reusables.code-scanning.beta %}
{% data reusables.code-scanning.not-available %}
### The `init` command takes too long

1
content/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow.md
View File

@@ -11,6 +11,7 @@ versions:
---
{% data reusables.code-scanning.beta %}
{% data reusables.code-scanning.not-available %}
### Automatic build for a compiled language fails

2
content/github/finding-security-vulnerabilities-and-errors-in-your-code/uploading-a-sarif-file-to-github.md
View File

@@ -27,6 +27,8 @@ You can upload the results using {% data variables.product.prodname_actions %}{%
- The {% data variables.product.prodname_codeql_runner %}, to run {% data variables.product.prodname_code_scanning %} in your CI system, by default the runner automatically uploads results to {% data variables.product.prodname_dotcom %} on completion. If you block the automatic upload, when you are ready to upload results you can use the `upload` command (for more information, see "[Running {% data variables.product.prodname_code_scanning %} in your CI system](/github/finding-security-vulnerabilities-and-errors-in-your-code/running-codeql-code-scanning-in-your-ci-system)").
- A tool that generates results as an artifact outside of your repository, you can use the {% data variables.product.prodname_code_scanning %} API to upload the file (for more information, see "[Upload a SARIF file](/rest/reference/code-scanning#upload-a-sarif-file)").
{% data reusables.code-scanning.not-available %}
### Uploading a {% data variables.product.prodname_code_scanning %} analysis with {% data variables.product.prodname_actions %}
To use {% data variables.product.prodname_actions %} to upload a third-party SARIF file to a repository, you'll need a workflow. For more information, see "[Learn {% data variables.product.prodname_actions %}](/actions/getting-started-with-github-actions/about-github-actions)" and "[Learn {% data variables.product.prodname_actions %}](/actions/learn-github-actions)."