jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-19 18:10:59 -05:00
Code Issues Projects Releases Wiki Activity

Remove ifversion feature 'code-scanning-tool-status-page' (#51129)

Browse Source
This commit is contained in:
Peter Bengtsson
2024-06-12 06:58:32 -04:00
committed by GitHub
parent 11fee45a71
commit d61d0dc2da
16 changed files with 32 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning.md
View File

@@ -129,12 +129,8 @@ After your workflow runs successfully at least once, you are ready to start exam
Learn how {% data variables.product.prodname_code_scanning %} runs behave as checks on pull requests, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests#about-code-scanning-as-a-pull-request-check)."
{% ifversion code-scanning-tool-status-page %}
You can find detailed information about your {% data variables.product.prodname_code_scanning %} configuration, including timestamps for each scan and the percentage of files scanned, on the tool status page. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page)."
{% endif %}
### Further reading
- "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests)."

6
content/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning.md
View File

@@ -111,13 +111,13 @@ If the relative URI for a result is matched against a file defined using a symli
You can check a SARIF file is compatible with {% data variables.product.prodname_code_scanning %} by testing it against the {% data variables.product.prodname_dotcom %} ingestion rules. For more information, visit the [Microsoft SARIF validator](https://sarifweb.azurewebsites.net/).
For each gzip-compressed SARIF file, SARIF upload supports a maximum size of 10 MB. Any uploads over this limit will be rejected. If your SARIF file is too large because it contains too many results, you should update the configuration to focus on results for the most important rules or queries.{% ifversion code-scanning-tool-status-page %} For more information, see "[AUTOTITLE](/code-security/code-scanning/troubleshooting-sarif-uploads/file-too-large)."{% endif %}
For each gzip-compressed SARIF file, SARIF upload supports a maximum size of 10 MB. Any uploads over this limit will be rejected. If your SARIF file is too large because it contains too many results, you should update the configuration to focus on results for the most important rules or queries. For more information, see "[AUTOTITLE](/code-security/code-scanning/troubleshooting-sarif-uploads/file-too-large)."
{% data variables.product.prodname_code_scanning_caps %} supports uploading a maximum number of entries for the data objects in the following table. If any of these objects exceeds its maximum value the SARIF file is rejected. For some objects, there is also an additional limit on the number of values that will be displayed. Whenever possible the most important values are shown. To get the most out of your analysis when it includes data above the supported limits, try to optimize the analysis configuration (for example, for the {% data variables.product.prodname_codeql %} tool, identify and disable the most noisy queries).{% ifversion code-scanning-tool-status-page %} For more information, see "[AUTOTITLE](/code-security/code-scanning/troubleshooting-sarif-uploads/results-exceed-limit)."{% endif %}
{% data variables.product.prodname_code_scanning_caps %} supports uploading a maximum number of entries for the data objects in the following table. If any of these objects exceeds its maximum value the SARIF file is rejected. For some objects, there is also an additional limit on the number of values that will be displayed. Whenever possible the most important values are shown. To get the most out of your analysis when it includes data above the supported limits, try to optimize the analysis configuration (for example, for the {% data variables.product.prodname_codeql %} tool, identify and disable the most noisy queries). For more information, see "[AUTOTITLE](/code-security/code-scanning/troubleshooting-sarif-uploads/results-exceed-limit)."
{% data reusables.code-scanning.sarif-limits %}
{% ifversion code-scanning-tool-status-page %}For information about other errors, see "[AUTOTITLE](/code-security/code-scanning/troubleshooting-sarif-uploads)"{% endif %}
For information about other errors, see "[AUTOTITLE](/code-security/code-scanning/troubleshooting-sarif-uploads)"
## Uploading more than one SARIF file for a commit

2
content/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github.md
View File

@@ -152,7 +152,7 @@ jobs:
## Further reading
{% ifversion code-scanning-tool-status-page %}- "[AUTOTITLE](/code-security/code-scanning/troubleshooting-sarif-uploads)"{% endif %}
- "[AUTOTITLE](/code-security/code-scanning/troubleshooting-sarif-uploads)"
- "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions)"
- "[AUTOTITLE](/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history)"
- "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system)"

4
content/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning.md
View File

@@ -56,10 +56,6 @@ You can configure {% data variables.product.prodname_code_scanning %} to use the
You can run third-party analysis tools within {% data variables.product.product_name %} using actions or within an external CI system. For more information, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning#configuring-code-scanning-using-third-party-actions)" or "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github)."
{% ifversion code-scanning-tool-status-page %}
## About the {% data variables.code-scanning.tool_status_page %}
The {% data variables.code-scanning.tool_status_page %} shows useful information about all of your code scanning tools. If code scanning is not working as you'd expect, the {% data variables.code-scanning.tool_status_page %} is a good starting point for debugging problems. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page)".
{% endif %}

10
content/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository.md
View File

@@ -51,18 +51,8 @@ For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-cod
{% note %}
{% ifversion code-scanning-tool-status-page %}
**Note:** You can see information about when {% data variables.product.prodname_code_scanning %} analysis last ran on the tool status page. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page)."
{% else %}
**Note:** For {% data variables.product.prodname_code_scanning %} analysis with {% data variables.product.prodname_codeql %}, you can see information about the latest run in a header at the top of the list of {% data variables.product.prodname_code_scanning %} alerts for the repository.
For example, you can see when the last scan ran, the number of lines of code analyzed compared to the total number of lines of code in your repository, and the total number of alerts that were generated.
{% endif %}
{% endnote %}
## Filtering {% data variables.product.prodname_code_scanning %} alerts

6
content/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page.md
View File

@@ -5,7 +5,9 @@ allowTitleToDifferFromFilename: true
intro: The {% data variables.code-scanning.tool_status_page %} shows useful information about all of your code scanning tools. If code scanning is not working as you'd expect, the {% data variables.code-scanning.tool_status_page %} is a good starting point for debugging problems.
product: '{% data reusables.gated-features.code-scanning %}'
versions:
feature: code-scanning-tool-status-page
fpt: '*'
ghes: '*'
ghec: '*'
redirect_from:
- /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-the-tool-status-page
type: overview
@@ -119,4 +121,4 @@ For integrated tools such as {% data variables.product.prodname_codeql %}, you c
{% endnote %}
For more information, see "[AUTOTITLE](/code-security/code-scanning/troubleshooting-code-scanning){% ifversion code-scanning-tool-status-page %}" and "[AUTOTITLE](/code-security/code-scanning/troubleshooting-sarif-uploads){% endif %}."
For more information, see "[AUTOTITLE](/code-security/code-scanning/troubleshooting-code-scanning)" and "[AUTOTITLE](/code-security/code-scanning/troubleshooting-sarif-uploads)."

2
content/code-security/code-scanning/troubleshooting-code-scanning/unclear-what-triggered-a-workflow.md
View File

@@ -1,7 +1,7 @@
---
title: Unclear what triggered a workflow run
shortTitle: Unclear what triggered a workflow
intro: 'If you don''t know what triggered an analysis, {% ifversion code-scanning-tool-status-page %} investigate the {% data variables.code-scanning.tool_status_page %} or {% endif %}look at the log for the last scan.'
intro: 'If you don''t know what triggered an analysis, investigate the {% data variables.code-scanning.tool_status_page %} or look at the log for the last scan.'
allowTitleToDifferFromFilename: true
versions:
fpt: '*'

4
content/code-security/code-scanning/troubleshooting-sarif-uploads/default-setup-enabled.md
View File

@@ -10,7 +10,9 @@ topics:
- SARIF
- Troubleshooting
versions:
feature: code-scanning-tool-status-page
fpt: '*'
ghes: '*'
ghec: '*'
redirect_from:
- /code-security/code-scanning/troubleshooting-sarif/default-setup-enabled
---

4
content/code-security/code-scanning/troubleshooting-sarif-uploads/file-too-large.md
View File

@@ -10,7 +10,9 @@ topics:
- SARIF
- Troubleshooting
versions:
feature: code-scanning-tool-status-page
fpt: '*'
ghes: '*'
ghec: '*'
redirect_from:
- /code-security/code-scanning/troubleshooting-sarif/file-too-large
---

4
content/code-security/code-scanning/troubleshooting-sarif-uploads/ghas-required.md
View File

@@ -10,7 +10,9 @@ topics:
- SARIF
- Troubleshooting
versions:
feature: code-scanning-tool-status-page
fpt: '*'
ghes: '*'
ghec: '*'
redirect_from:
- /code-security/code-scanning/troubleshooting-sarif/ghas-required
---

5
content/code-security/code-scanning/troubleshooting-sarif-uploads/index.md
View File

@@ -2,7 +2,9 @@
title: Troubleshooting SARIF uploads
intro: 'Learn how to resolve problems uploading SARIF files of {% data variables.product.prodname_code_scanning %} results to {% data variables.product.prodname_dotcom %}.'
versions:
feature: code-scanning-tool-status-page
fpt: '*'
ghes: '*'
ghec: '*'
topics:
- Advanced Security
- Code scanning
@@ -17,4 +19,3 @@ children:
redirect_from:
- /code-security/code-scanning/troubleshooting-sarif
---

4
content/code-security/code-scanning/troubleshooting-sarif-uploads/missing-token.md
View File

@@ -10,7 +10,9 @@ topics:
- SARIF
- Troubleshooting
versions:
feature: code-scanning-tool-status-page
fpt: '*'
ghes: '*'
ghec: '*'
redirect_from:
- /code-security/code-scanning/troubleshooting-sarif/missing-token
---

4
content/code-security/code-scanning/troubleshooting-sarif-uploads/results-exceed-limit.md
View File

@@ -10,7 +10,9 @@ topics:
- SARIF
- Troubleshooting
versions:
feature: code-scanning-tool-status-page
fpt: '*'
ghes: '*'
ghec: '*'
redirect_from:
- /code-security/code-scanning/troubleshooting-sarif/results-exceed-limit
---

4
content/code-security/code-scanning/troubleshooting-sarif-uploads/sarif-invalid.md
View File

@@ -10,7 +10,9 @@ topics:
- SARIF
- Troubleshooting
versions:
feature: code-scanning-tool-status-page
fpt: '*'
ghes: '*'
ghec: '*'
redirect_from:
- /code-security/code-scanning/troubleshooting-sarif/sarif-invalid
---

8
content/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries.md
View File

@@ -67,8 +67,8 @@ You must specify `<database>`, `--format`, and `--output`. You can specify addit
| `<packs,queries>` | {% octicon "x" aria-label="Optional" %} | Specify {% data variables.product.prodname_codeql %} packs or queries to run. To run the standard queries used for {% data variables.product.prodname_code_scanning %}, omit this parameter. To see the other query suites included in the {% data variables.product.prodname_codeql_cli %} bundle, look in `/<extraction-root>/qlpacks/codeql/<language>-queries/codeql-suites`. For information about creating your own query suite, see [AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-codeql-query-suites) in the documentation for the {% data variables.product.prodname_codeql_cli %}.
| <code><span style="white-space: nowrap;">--format</span></code> | {% octicon "check" aria-label="Required" %} | Specify the format for the results file generated during analysis. A number of different formats are supported, including CSV, [SARIF](https://codeql.github.com/docs/codeql-overview/codeql-glossary/#sarif-file), and graph formats. For upload to {% data variables.product.company_short %} this should be: {% ifversion fpt or ghec %}`sarif-latest`{% else %}`sarifv2.1.0`{% endif %}. For more information, see "[AUTOTITLE](/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning)."
| <code><span style="white-space: nowrap;">--output</span></code> | {% octicon "check" aria-label="Required" %} | Specify the location where you want to save the SARIF results file, including the desired filename with the `.sarif` extension.
| <code><span style="white-space: nowrap;">--sarif-category</span></code> | {% octicon "question" aria-label="Required with multiple results sets" %} | Optional for single database analysis. Required to define the language when you analyze multiple databases for a single commit in a repository.<br><br>Specify a category to include in the SARIF results file for this analysis. A category is used to distinguish multiple analyses for the same tool and commit, but performed on different languages or different parts of the code.|{% ifversion code-scanning-tool-status-page %}
| <code><span style="white-space: nowrap;">--sarif-add-baseline-file-info</span></code> | {% octicon "x" aria-label="Optional" %} | **Recommended.** Use to submit file coverage information to the {% data variables.code-scanning.tool_status_page %}. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page#how-codeql-defines-scanned-files)." | {% endif %}
| <code><span style="white-space: nowrap;">--sarif-category</span></code> | {% octicon "question" aria-label="Required with multiple results sets" %} | Optional for single database analysis. Required to define the language when you analyze multiple databases for a single commit in a repository.<br><br>Specify a category to include in the SARIF results file for this analysis. A category is used to distinguish multiple analyses for the same tool and commit, but performed on different languages or different parts of the code.|
| <code><span style="white-space: nowrap;">--sarif-add-baseline-file-info</span></code> | {% octicon "x" aria-label="Optional" %} | **Recommended.** Use to submit file coverage information to the {% data variables.code-scanning.tool_status_page %}. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page#how-codeql-defines-scanned-files)." |
| <code><span style="white-space: nowrap;">--sarif-include-query-help</span></code> | {% octicon "x" aria-label="Optional" %} | Specify whether to include query help in the SARIF output. One of: `always`: Include query help for all queries. `custom_queries_only` (default): Include query help only for custom queries, that is, queries in query packs which are not of the form `codeql/<lang>-queries`. `never`: Do not include query help for any queries. Any query help for custom queries included in the SARIF output will be displayed in any code scanning alerts for the query. For more information, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/using-custom-queries-with-the-codeql-cli#including-query-help-for-custom-codeql-queries-in-sarif-files)."{% ifversion codeql-packs %}
| `<packs>` | {% octicon "x" aria-label="Optional" %} | Use if you want to include {% data variables.product.prodname_codeql %} query packs in your analysis. For more information, see "[Downloading and using {% data variables.product.prodname_codeql %} packs](/code-security/codeql-cli/getting-started-with-the-codeql-cli/customizing-analysis-with-codeql-packs#downloading-and-using-codeql-query-packs)."
| <code><span style="white-space: nowrap;">--download</span></code> | {% octicon "x" aria-label="Optional" %} | Use if some of your {% data variables.product.prodname_codeql %} query packs are not yet on disk and need to be downloaded before running queries.{% endif %}
@@ -107,8 +107,6 @@ $ codeql database analyze /codeql-dbs/example-repo \
> Interpreting results.
```
{% ifversion code-scanning-tool-status-page %}
### Adding file coverage information to your results for monitoring
You can optionally submit file coverage information to {% data variables.product.product_name %} for display on the {% data variables.code-scanning.tool_status_page %} for {% data variables.product.prodname_code_scanning %}. For more information about file coverage information, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page#how-codeql-defines-scanned-files)."
@@ -122,8 +120,6 @@ $ codeql database analyze /codeql-dbs/example-repo \
--output=/temp/example-repo-js.sarif
```
{% endif %}
## Examples of running database analyses
The following examples show how to run `database analyze` using {% data variables.product.prodname_codeql %} packs, and how to use a local checkout of the {% data variables.product.prodname_codeql %} repository. These examples assume your {% data variables.product.prodname_codeql %} databases have been created in a directory that is a sibling of your local copies of the {% data variables.product.prodname_codeql %} repository.

3
content/code-security/codeql-cli/getting-started-with-the-codeql-cli/uploading-codeql-analysis-results-to-github.md
View File

@@ -88,8 +88,6 @@ codeql github upload-results \
There is no output from this command unless the upload was unsuccessful. The command prompt returns when the upload is complete and data processing has begun. On smaller codebases, you should be able to explore the {% data variables.product.prodname_code_scanning %} alerts in {% data variables.product.product_name %} shortly afterward. You can see alerts directly in the pull request or on the **Security** tab for branches, depending on the code you checked out. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests)" and "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository)."
{% ifversion code-scanning-tool-status-page %}
## Uploading diagnostic information to {% data variables.product.product_name %} if the analysis fails
When {% data variables.product.prodname_codeql_cli %} finishes analyzing a database successfully, it gathers diagnostic information such as file coverage, warnings, and errors, and includes it in the SARIF file with the results. When you upload the SARIF file to {% data variables.product.company_short %} the diagnostic information is displayed on the {% data variables.product.prodname_code_scanning %} {% data variables.code-scanning.tool_status_page %} for the repository to make it easy to see how well {% data variables.product.prodname_codeql %} is working and debug any problems. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/about-the-tool-status-page)."
@@ -123,4 +121,3 @@ codeql github upload-results \
```
This is the same as the process for uploading SARIF files from successful analyses.
{% endif %}