diff --git a/assets/images/help/repository/code-scanning-free-text-search-areas.png b/assets/images/help/repository/code-scanning-free-text-search-areas.png new file mode 100644 index 0000000000..0799feb0a8 Binary files /dev/null and b/assets/images/help/repository/code-scanning-free-text-search-areas.png differ diff --git a/assets/images/help/repository/code-scanning-search-alerts.png b/assets/images/help/repository/code-scanning-search-alerts.png new file mode 100644 index 0000000000..e274f632dd Binary files /dev/null and b/assets/images/help/repository/code-scanning-search-alerts.png differ diff --git a/content/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md b/content/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md index 70798cbef9..a6d6c26d8e 100644 --- a/content/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md +++ b/content/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository.md @@ -48,7 +48,7 @@ You need write permission to view a summary of all the alerts for a repository o {% data reusables.repositories.sidebar-security %} {% data reusables.repositories.sidebar-code-scanning-alerts %} {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.1"%} -1. Optionally, use the drop-down menus to filter alerts. For example, you can filter by the tool that was used to identify alerts. +1. Optionally, use{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.2" %} the free text search box or{% endif %} the drop-down menus to filter alerts. For example, you can filter by the tool that was used to identify alerts. ![Filter by tool](/assets/images/help/repository/code-scanning-filter-by-tool.png){% endif %} 1. Under "{% data variables.product.prodname_code_scanning_capc %}," click the alert you'd like to explore. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.1"%} @@ -61,12 +61,49 @@ You need write permission to view a summary of all the alerts for a repository o 1. Alerts from {% data variables.product.prodname_codeql %} analysis include a description of the problem. Click **Show more** for guidance on how to fix your code. ![Details for an alert](/assets/images/help/repository/code-scanning-alert-details.png) +{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.2" %} +### Searching {% data variables.product.prodname_code_scanning %} alerts + +You can search the list of alerts. This is useful if there is a large number of alerts in your repository, or if you don't know the exact name for an alert for example. {% data variables.product.product_name %} performs the free text search across: +- The name of the alert +- The alert description +- The alert details (this also includes the information hidden from view by default in the **Show more** collapsible section) + + ![The alert information used in searches](/assets/images/help/repository/code-scanning-free-text-search-areas.png) + +| Supported search | Syntax example | Results | +| ---- | ---- | ---- | +| Single word search | `injection` | Returns all the alerts containing the word `injection` | +| Multiple word search | `sql injection` | Returns all the alerts containing `sql` or `injection` | +| Exact match search
(use double quotes) | `"sql injection"` | Returns all the alerts containing the exact phrase `sql injection` | +| OR search | `sql OR injection` | Returns all the alerts containing `sql` or `injection` | +| AND search | `sql AND injection` | Returns all the alerts containing both words `sql` and `injection` | + +{% tip %} + +**Tips:** +- The multiple word search is equivalent to an OR search. +- The AND search will return results where the search terms are found _anywhere_, in any order in the alert name, description, or details. + +{% endtip %} + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-security %} +{% data reusables.repositories.sidebar-code-scanning-alerts %} +1. To the right of the **Filters** drop-down menus, type the keywords to search for in the free text search box. + ![The free text search box](/assets/images/help/repository/code-scanning-search-alerts.png) +2. Press return. The alert listing will contain the open {% data variables.product.prodname_code_scanning %} alerts matching your search criteria. + +{% endif %} + ### Fixing an alert Anyone with write permission for a repository can fix an alert by committing a correction to the code. If the repository has {% data variables.product.prodname_code_scanning %} scheduled to run on pull requests, it's best to raise a pull request with your correction. This will trigger {% data variables.product.prodname_code_scanning %} analysis of the changes and test that your fix doesn't introduce any new problems. For more information, see "[Configuring {% data variables.product.prodname_code_scanning %}](/code-security/secure-coding/configuring-code-scanning)" and "[Triaging {% data variables.product.prodname_code_scanning %} alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests)." If you have write permission for a repository, you can view fixed alerts by viewing the summary of alerts and clicking **Closed**. For more information, see "[Viewing the alerts for a repository](#viewing-the-alerts-for-a-repository)." The "Closed" list shows fixed alerts and alerts that users have dismissed. +You can use{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.2" %} the free text search or{% endif %} the filters to display a subset of alerts and then in turn mark all matching alerts as closed. + Alerts may be fixed in one branch but not in another. You can use the "Branch" drop-down menu, on the summary of alerts, to check whether an alert is fixed in a particular branch. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.1"%} @@ -105,7 +142,7 @@ To dismiss or delete alerts: ![Deleting alerts](/assets/images/help/repository/code-scanning-delete-alerts.png) - Optionally, you can use the filters to display a subset of alerts and then delete all matching alerts at once. For example, if you have removed a query from {% data variables.product.prodname_codeql %} analysis, you can use the "Rule" filter to list just the alerts for that query and then select and delete all of those alerts. + Optionally, you can use{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.2" %} the free text search or{% endif %} the filters to display a subset of alerts and then delete all matching alerts at once. For example, if you have removed a query from {% data variables.product.prodname_codeql %} analysis, you can use the "Rule" filter to list just the alerts for that query and then select and delete all of those alerts. {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.1"%} ![Filter alerts by rule](/assets/images/help/repository/code-scanning-filter-by-rule.png) diff --git a/content/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system.md b/content/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system.md index d58df42cb3..b7761613cb 100644 --- a/content/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system.md +++ b/content/code-security/secure-coding/using-codeql-code-scanning-with-your-existing-ci-system/running-codeql-runner-in-your-ci-system.md @@ -158,7 +158,7 @@ This example is similar to the previous example, however this time the repositor $ . /srv/checkout/example-repo-2/codeql-runner/codeql-env.sh ``` -1. Build the code. On macOS, you need to prefix the build command with the environment variable `$CODEQL_RUNNER`. For more information, see "[Troubleshooting {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/troubleshooting-codeql-runner-in-your-ci-system#no-code-found-during-the-build)#no-code-found-during-the-build)." +1. Build the code. On macOS, you need to prefix the build command with the environment variable `$CODEQL_RUNNER`. For more information, see "[Troubleshooting {% data variables.product.prodname_codeql_runner %} in your CI system](/code-security/secure-coding/troubleshooting-codeql-runner-in-your-ci-system#no-code-found-during-the-build)." {% data reusables.code-scanning.codeql-runner-analyze-example %} diff --git a/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md b/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md index 8eaaef8458..95710b4ff1 100644 --- a/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md +++ b/content/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file.md @@ -1,6 +1,6 @@ --- title: Creating a default community health file -intro: 'You can create default community health files, such as CONTRIBUTING and CODE_OF_CONDUCT. Default files will be used for any public repository owned by the account that does not contain its own file of that type.' +intro: 'You can create default community health files, such as CONTRIBUTING and CODE_OF_CONDUCT. Default files will be used for any repository owned by the account that does not contain its own file of that type.' redirect_from: - /articles/creating-a-default-community-health-file-for-your-organization - /github/building-a-strong-community/creating-a-default-community-health-file-for-your-organization @@ -16,12 +16,12 @@ topics: You can add default community health files to the root of a public repository called `.github` that is owned by an organization{% if currentVersion == "free-pro-team@latest" or currentVersion == "github-ae@latest" or currentVersion ver_gt "enterprise-server@2.19" %} or user account{% endif %}. -{% data variables.product.product_name %} will use and display default files for any public repository owned by the account that does not have its own file of that type in any of the following places: +{% data variables.product.product_name %} will use and display default files for any repository owned by the account that does not have its own file of that type in any of the following places: - the root of the repository - the `.github` folder - the `docs` folder -For example, anyone who creates an issue or pull request in a public repository that does not have its own CONTRIBUTING file will see a link to the default CONTRIBUTING file. If a repository has any files in its own `.github/ISSUE_TEMPLATE` folder{% if currentVersion == "free-pro-team@latest" or currentVersion == "github-ae@latest" or currentVersion ver_gt "enterprise-server@2.19" %}, including issue templates or a *config.yml* file,{% endif %} none of the contents of the default `.github/ISSUE_TEMPLATE` folder will be used. +For example, anyone who creates an issue or pull request in a repository that does not have its own CONTRIBUTING file will see a link to the default CONTRIBUTING file. If a repository has any files in its own `.github/ISSUE_TEMPLATE` folder{% if currentVersion == "free-pro-team@latest" or currentVersion == "github-ae@latest" or currentVersion ver_gt "enterprise-server@2.19" %}, including issue templates or a *config.yml* file,{% endif %} none of the contents of the default `.github/ISSUE_TEMPLATE` folder will be used. Default files are not included in clones, packages, or downloads of individual repositories because they are stored only in the `.github` repository.