|
|
|
|
@@ -1,7 +1,7 @@
|
|
|
|
|
---
|
|
|
|
|
title: Managing code scanning alerts for your repository
|
|
|
|
|
shortTitle: Manage alerts
|
|
|
|
|
intro: 'From the security view, you can view, fix, dismiss, or delete alerts for potential vulnerabilities or errors in your project''s code.'
|
|
|
|
|
intro: 'From the security view, {% if delete-code-scanning-alerts %}you can view, fix, dismiss, or delete alerts {% else %}you can view, fix, or dismiss alerts{% endif %} for potential vulnerabilities or errors in your project''s code.'
|
|
|
|
|
product: '{% data reusables.gated-features.code-scanning %}'
|
|
|
|
|
permissions: 'If you have write permission to a repository you can manage {% data variables.product.prodname_code_scanning %} alerts for that repository.'
|
|
|
|
|
versions:
|
|
|
|
|
@@ -175,9 +175,9 @@ Alerts may be fixed in one branch but not in another. You can use the "Branch" f
|
|
|
|
|
|
|
|
|
|
{% endnote %}
|
|
|
|
|
{% endif %}
|
|
|
|
|
## Dismissing or deleting alerts
|
|
|
|
|
## Dismissing {% if delete-code-scanning-alerts %}or deleting{% endif %} alerts
|
|
|
|
|
|
|
|
|
|
There are two ways of closing an alert. You can fix the problem in the code, or you can dismiss the alert. Alternatively, if you have admin permissions for the repository, you can delete alerts. Deleting alerts is useful in situations where you have set up a {% data variables.product.prodname_code_scanning %} tool and then decided to remove it, or where you have configured {% data variables.product.prodname_codeql %} analysis with a larger set of queries than you want to continue using, and you've then removed some queries from the tool. In both cases, deleting alerts allows you to clean up your {% data variables.product.prodname_code_scanning %} results. You can delete alerts from the summary list within the **Security** tab.
|
|
|
|
|
There are two ways of closing an alert. You can fix the problem in the code, or you can dismiss the alert. {% if delete-code-scanning-alerts %}Alternatively, if you have admin permissions for the repository, you can delete alerts. Deleting alerts is useful in situations where you have set up a {% data variables.product.prodname_code_scanning %} tool and then decided to remove it, or where you have configured {% data variables.product.prodname_codeql %} analysis with a larger set of queries than you want to continue using, and you've then removed some queries from the tool. In both cases, deleting alerts allows you to clean up your {% data variables.product.prodname_code_scanning %} results. You can delete alerts from the summary list within the **Security** tab.{% endif %}
|
|
|
|
|
|
|
|
|
|
Dismissing an alert is a way of closing an alert that you don't think needs to be fixed. {% data reusables.code-scanning.close-alert-examples %} You can dismiss alerts from {% data variables.product.prodname_code_scanning %} annotations in code, or from the summary list within the **Security** tab.
|
|
|
|
|
|
|
|
|
|
@@ -189,30 +189,29 @@ When you dismiss an alert:
|
|
|
|
|
- The reason why you closed the alert is recorded.
|
|
|
|
|
- Next time {% data variables.product.prodname_code_scanning %} runs, the same code won't generate an alert.
|
|
|
|
|
|
|
|
|
|
When you delete an alert:
|
|
|
|
|
{% if delete-code-scanning-alerts %}When you delete an alert:
|
|
|
|
|
|
|
|
|
|
- It's deleted in all branches.
|
|
|
|
|
- The alert is removed from the number of current alerts for your project.
|
|
|
|
|
- It is _not_ added to the "Closed" list in the summary of alerts.
|
|
|
|
|
- If the code that generated the alert stays the same, and the same {% data variables.product.prodname_code_scanning %} tool runs again without any configuration changes, the alert will be shown again in your analysis results.
|
|
|
|
|
- If the code that generated the alert stays the same, and the same {% data variables.product.prodname_code_scanning %} tool runs again without any configuration changes, the alert will be shown again in your analysis results.{% endif %}
|
|
|
|
|
|
|
|
|
|
To dismiss or delete alerts:
|
|
|
|
|
To dismiss {% if delete-code-scanning-alerts %}or delete{% endif %} alerts:
|
|
|
|
|
|
|
|
|
|
{% data reusables.repositories.navigate-to-repo %}
|
|
|
|
|
{% data reusables.repositories.sidebar-security %}
|
|
|
|
|
{% data reusables.repositories.sidebar-code-scanning-alerts %}
|
|
|
|
|
{% data reusables.repositories.sidebar-code-scanning-alerts %}{% if delete-code-scanning-alerts %}
|
|
|
|
|
1. If you have admin permissions for the repository, and you want to delete alerts for this {% data variables.product.prodname_code_scanning %} tool, select some or all of the check boxes and click **Delete**.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Optionally, you can use{% ifversion fpt or ghes > 3.1 or ghae or ghec %} the free text search or{% endif %} the filters to display a subset of alerts and then delete all matching alerts at once. For example, if you have removed a query from {% data variables.product.prodname_codeql %} analysis, you can use the "Rule" filter to list just the alerts for that query and then select and delete all of those alerts.
|
|
|
|
|
|
|
|
|
|
{% ifversion fpt or ghes > 3.1 or ghae or ghec %}
|
|
|
|
|
{% ifversion ghes > 3.1 or ghae %}
|
|
|
|
|
|
|
|
|
|
{% else %}
|
|
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
|
{% endif %}{% endif %}
|
|
|
|
|
1. If you want to dismiss an alert, it's important to explore the alert first, so that you can choose the correct dismissal reason. Click the alert you'd like to explore.
|
|
|
|
|
|
|
|
|
|
{% ifversion fpt or ghes > 3.1 or ghae or ghec %}
|
|
|
|
|
|
Octomerger Bot