jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-22 19:34:15 -05:00
Code Issues Projects Releases Wiki Activity

[Ready to ship] Code scanning: Allow upload of multiple SARIF files for 3rd party CI/CD (GA) (#19205)

Browse Source 
* made a start

* more work

* fix typos and add dotcom example SARIF file

* start addressing comments

* address more comments

* addressed more comments

* address outstanding comments

* Apply suggestions from code review

Co-authored-by: Laura Coursen <lecoursen@github.com>
Co-authored-by: Marco Gario  <marcogario@github.com>

* address more comments

* Update content/code-security/secure-coding/sarif-support-for-code-scanning.md

Co-authored-by: Laura Coursen <lecoursen@github.com>

* more improvements

* remove run id text

* address comment on CodeQL runner

* more improvements

Co-authored-by: Laura Coursen <lecoursen@github.com>
Co-authored-by: Marco Gario  <marcogario@github.com>
This commit is contained in:
mc
2021-05-13 13:38:52 +01:00
committed by GitHub
parent 37c8d242a4
commit ab288ad20a
5 changed files with 337 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
content/code-security/secure-coding/configuring-codeql-runner-in-your-ci-system.md
View File

@@ -174,7 +174,8 @@ Analyzes the code in the {% data variables.product.prodname_codeql %} databases
| `--no-upload` | | None. Stops the {% data variables.product.prodname_codeql_runner %} from uploading the results to {% data variables.product.product_name %}. |
| `--output-dir` | | Directory where the output SARIF files are stored. The default is in the directory of temporary files. |
| `--ram` | | Amount of memory to use when running queries. The default is to use all available memory. |
| <nobr>`--no-add-snippets`</nobr> | | None. Excludes code snippets from the SARIF output. |
| <nobr>`--no-add-snippets`</nobr> | | None. Excludes code snippets from the SARIF output. |{% if currentVersion == "free-pro-team@latest" %}
| <nobr>`--category`<nobr> | | Category to include in the SARIF results file for this analysis. A category can be used to distinguish multiple analyses for the same tool and commit, but performed on different languages or different parts of the code. This value will appear in the `<run>.automationDetails.id` property in SARIF v2.1.0. |{% endif %}
| `--threads` | | Number of threads to use when running queries. The default is to use all available cores. |
| `--temp-dir` | | Directory where temporary files are stored. The default is `./codeql-runner`. |
| `--debug` | | None. Prints more verbose output. |