Fix inconsistent alerts by using the markdown notation - part 2 (#35221)
Co-authored-by: Alex Nguyen <150945400+nguyenalex836@users.noreply.github.com>
This commit is contained in:
Artur Kordowski
@@ -59,11 +59,10 @@ A repository must meet all the following criteria to be eligible for default set
|
||||
{% data reusables.code-scanning.default-setup-pre-enablement-explanation %}
|
||||
{% endif %}
|
||||
{% ifversion code-security-multi-repo-enablement %}
|
||||
{% note %}
|
||||
|
||||
**Note:** Configuring default setup for all repositories in an organization through your organization's settings page _will not_ override existing configurations of default setup. However, configuring default setup on a subset of repositories in an organization through security overview _will_ override existing configurations of default setup on those repositories.
|
||||
> [!NOTE]
|
||||
> Configuring default setup for all repositories in an organization through your organization's settings page _will not_ override existing configurations of default setup. However, configuring default setup on a subset of repositories in an organization through security overview _will_ override existing configurations of default setup on those repositories.
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
{% ifversion code-scanning-default-setup-automatic-311 %}
|
||||
|
||||
@@ -90,14 +89,10 @@ Through the "Code security and analysis" page of your organization's settings, y
|
||||
1. Optionally, to recommend the "Extended" query suite throughout your organization when enabling default setup, select "Recommend the extended query suite for repositories enabling default setup."{% else %}
|
||||
1. In the "Enable {% data variables.product.prodname_code_scanning %} for eligible repositories" dialog box displayed, click **Enable for eligible repositories** to enable your configuration of default setup.{% endif %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Notes:**
|
||||
* {% data reusables.code-scanning.limitation-org-enable-all %}
|
||||
* Enabling {% data variables.product.prodname_code_scanning %} for all eligible repositories in an organization will not override existing {% data variables.product.prodname_code_scanning %} configurations. For information on configuring default setup with different settings for specific repositories, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning){% ifversion code-security-multi-repo-enablement %}" and "[Configuring default setup for a subset of repositories in an organization](#configuring-default-setup-for-a-subset-of-repositories-in-an-organization){% endif %}."{% ifversion default-setup-pre-enablement %}
|
||||
* Enabling default setup for all eligible repositories in an organization includes eligible repositories without {% data variables.product.prodname_codeql %}-supported languages. If a {% data variables.product.prodname_codeql %}-supported language is later added to one of these repositories, default setup will begin scanning that repository and consuming {% data variables.product.prodname_actions %} minutes.{% endif %}
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> * {% data reusables.code-scanning.limitation-org-enable-all %}
|
||||
> * Enabling {% data variables.product.prodname_code_scanning %} for all eligible repositories in an organization will not override existing {% data variables.product.prodname_code_scanning %} configurations. For information on configuring default setup with different settings for specific repositories, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning){% ifversion code-security-multi-repo-enablement %}" and "[Configuring default setup for a subset of repositories in an organization](#configuring-default-setup-for-a-subset-of-repositories-in-an-organization){% endif %}."{% ifversion default-setup-pre-enablement %}
|
||||
> * Enabling default setup for all eligible repositories in an organization includes eligible repositories without {% data variables.product.prodname_codeql %}-supported languages. If a {% data variables.product.prodname_codeql %}-supported language is later added to one of these repositories, default setup will begin scanning that repository and consuming {% data variables.product.prodname_actions %} minutes.{% endif %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -165,20 +160,12 @@ You can select all of the displayed repositories, or a subset of them, and enabl
|
||||
1. Optionally, to choose a different query suite than your organization's default query suite, select **Query suite: SUITE NAME**, then click the query suite your configuration of default setup should use. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites)."{% endif %}
|
||||
1. To confirm the enablement of {% data variables.product.prodname_code_scanning %} for the selected repositories, click **Apply changes NUMBER**. Alternatively, to select or deselect more repositories for {% data variables.product.prodname_code_scanning %} enablement, click {% octicon "x" aria-label="Close" %} to close the panel without applying your changes.
|
||||
|
||||
> [!NOTE]
|
||||
{% ifversion default-setup-pre-enablement %}
|
||||
{% note %}
|
||||
|
||||
**Notes:**
|
||||
* Enabling {% data variables.product.prodname_code_scanning %} for multiple repositories in an organization using security overview will override any existing {% data variables.product.prodname_code_scanning %} configurations for the selected repositories, including any previous query suite selections and workflows for advanced setups.
|
||||
* You can enable default setup for eligible repositories that do not contain {% data variables.product.prodname_codeql %}-supported languages. If a {% data variables.product.prodname_codeql %}-supported language is later added to one of these repositories, default setup will begin scanning that repository and consuming {% data variables.product.prodname_actions %} minutes.
|
||||
|
||||
{% endnote %}
|
||||
> * Enabling {% data variables.product.prodname_code_scanning %} for multiple repositories in an organization using security overview will override any existing {% data variables.product.prodname_code_scanning %} configurations for the selected repositories, including any previous query suite selections and workflows for advanced setups.
|
||||
> * You can enable default setup for eligible repositories that do not contain {% data variables.product.prodname_codeql %}-supported languages. If a {% data variables.product.prodname_codeql %}-supported language is later added to one of these repositories, default setup will begin scanning that repository and consuming {% data variables.product.prodname_actions %} minutes.
|
||||
{% else %}
|
||||
{% note %}
|
||||
|
||||
**Note:** Enabling {% data variables.product.prodname_code_scanning %} for multiple repositories in an organization using security overview will override any existing {% data variables.product.prodname_code_scanning %} configurations for the selected repositories, including any previous query suite selections and workflows for advanced setups.
|
||||
|
||||
{% endnote %}
|
||||
> Enabling {% data variables.product.prodname_code_scanning %} for multiple repositories in an organization using security overview will override any existing {% data variables.product.prodname_code_scanning %} configurations for the selected repositories, including any previous query suite selections and workflows for advanced setups.
|
||||
{% endif %}
|
||||
|
||||
|
||||
|
||||
@@ -34,11 +34,10 @@ Default setup for {% data variables.product.prodname_code_scanning %} is the qui
|
||||
* On a weekly schedule.
|
||||
|
||||
{% ifversion code-scanning-default-setup-exclude-dormant-repos %}
|
||||
{% note %}
|
||||
|
||||
**Note:** If no pushes and pull requests have occurred in a repository with default setup enabled for 6 months, the weekly schedule will be disabled to save your {% data variables.product.prodname_actions %} minutes.
|
||||
> [!NOTE]
|
||||
> If no pushes and pull requests have occurred in a repository with default setup enabled for 6 months, the weekly schedule will be disabled to save your {% data variables.product.prodname_actions %} minutes.
|
||||
|
||||
{% endnote %}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
@@ -89,22 +88,17 @@ Compiled languages are not automatically included in default setup configuration
|
||||
When you initially configure default setup for {% data variables.product.prodname_code_scanning %} for a repository, all {% data variables.product.prodname_codeql %}-supported languages in the repository will be analyzed automatically. The languages that are analyzed successfully will be retained in the new default setup configuration. Languages that are not analyzed successfully will be automatically deselected from the default setup configuration.
|
||||
{% endif %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** {% ifversion default-setup-pre-enablement %}If the analyses fail for all {% data variables.product.prodname_codeql %}-supported languages in a repository, default setup will still be enabled, but it will not run any scans or use any {% data variables.product.prodname_actions %} minutes until another {% data variables.product.prodname_codeql %}-supported language is added to the repository or default setup is manually reconfigured, and the analysis of a {% data variables.product.prodname_codeql %}-supported language succeeds.
|
||||
> [!NOTE]
|
||||
{% ifversion default-setup-pre-enablement %}
|
||||
> If the analyses fail for all {% data variables.product.prodname_codeql %}-supported languages in a repository, default setup will still be enabled, but it will not run any scans or use any {% data variables.product.prodname_actions %} minutes until another {% data variables.product.prodname_codeql %}-supported language is added to the repository or default setup is manually reconfigured, and the analysis of a {% data variables.product.prodname_codeql %}-supported language succeeds.
|
||||
{% else %}
|
||||
At least one {% data variables.product.prodname_codeql %}-supported language's analysis in a repository must succeed, or else default setup will not be successfully enabled in that repository.
|
||||
> At least one {% data variables.product.prodname_codeql %}-supported language's analysis in a repository must succeed, or else default setup will not be successfully enabled in that repository.
|
||||
{% endif %}
|
||||
|
||||
{% endnote %}
|
||||
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If you are configuring default setup on a fork, you must first enable {% data variables.product.prodname_actions %}. To enable {% data variables.product.prodname_actions %}, under your repository name, click {% octicon "play" aria-hidden="true" %} **Actions**, then click **I understand my workflows, go ahead and enable them**. Be aware that this will enable all existing workflows on your fork.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If you are configuring default setup on a fork, you must first enable {% data variables.product.prodname_actions %}. To enable {% data variables.product.prodname_actions %}, under your repository name, click {% octicon "play" aria-hidden="true" %} **Actions**, then click **I understand my workflows, go ahead and enable them**. Be aware that this will enable all existing workflows on your fork.
|
||||
|
||||
{% data reusables.repositories.sidebar-settings %}
|
||||
{% data reusables.user-settings.security-analysis %}
|
||||
@@ -116,11 +110,8 @@ At least one {% data variables.product.prodname_codeql %}-supported language's a
|
||||
|
||||
{% ifversion code-scanning-default-setup-recommended-languages %}
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If your repository contains _only_ compiled {% data variables.product.prodname_codeql %}-supported languages (for example, Java), you will be taken to the settings page to select the languages you want to add to your default setup configuration.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If your repository contains _only_ compiled {% data variables.product.prodname_codeql %}-supported languages (for example, Java), you will be taken to the settings page to select the languages you want to add to your default setup configuration.
|
||||
|
||||
1. Optionally, to customize your {% data variables.product.prodname_code_scanning %} setup, click {% octicon "pencil" aria-hidden="true" %} **Edit**.
|
||||
* To add or remove a language from the analysis performed by default setup, select or deselect that language in the "Languages" section. {% ifversion code-scanning-default-setup-recommended-languages %}If you would like to analyze a {% data variables.product.prodname_codeql %}-supported compiled language with default setup, select that language here.{% endif %}
|
||||
@@ -134,20 +125,15 @@ At least one {% data variables.product.prodname_codeql %}-supported language's a
|
||||
|
||||
If you choose the **Extended** query suite, your {% data variables.product.prodname_code_scanning %} configuration will run lower severity and precision queries in addition to the queries included in the **Default** query suite. For more information on the available query suites, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites)."
|
||||
|
||||
{% note %}
|
||||
> [!NOTE]
|
||||
> If you configure {% data variables.product.prodname_code_scanning %} to use the **Extended** query suite, you may experience a higher rate of false positive alerts.
|
||||
|
||||
**Note:** If you configure {% data variables.product.prodname_code_scanning %} to use the **Extended** query suite, you may experience a higher rate of false positive alerts.
|
||||
|
||||
{% endnote %}
|
||||
{%- endif %}
|
||||
|
||||
1. Review the settings for default setup on your repository, then click **Enable {% data variables.product.prodname_codeql %}**. This will trigger a workflow that tests the new, automatically generated configuration.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** If you are switching to default setup from advanced setup, you will see a warning informing you that default setup will override existing {% data variables.product.prodname_code_scanning %} configurations. This warning means default setup will disable the existing workflow file and block any {% data variables.product.prodname_codeql %} analysis API uploads.
|
||||
|
||||
{% endnote %}
|
||||
> [!NOTE]
|
||||
> If you are switching to default setup from advanced setup, you will see a warning informing you that default setup will override existing {% data variables.product.prodname_code_scanning %} configurations. This warning means default setup will disable the existing workflow file and block any {% data variables.product.prodname_codeql %} analysis API uploads.
|
||||
|
||||
1. Optionally, to view your default setup configuration after enablement, select {% octicon "kebab-horizontal" aria-label="Menu" %}, then click {% octicon "gear" aria-hidden="true" %} **View {% data variables.product.prodname_codeql %} configuration**.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user