jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-19 18:10:59 -05:00
Code Issues Projects Releases Wiki Activity

Add warning informing that codeql debug artifacts contain source code copy (#54565)

Browse Source 
Co-authored-by: Joe Clark <31087804+jc-clark@users.noreply.github.com>
This commit is contained in:
gitulisca
2025-04-10 08:27:53 +10:00
committed by GitHub
parent b1c7ab827f
commit ff64229bc0
4 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
content/code-security/code-scanning/troubleshooting-code-scanning/logs-not-detailed-enough.md
View File

@@ -19,6 +19,9 @@ You can enable step debug logging in {% data variables.product.prodname_actions
## Creating {% data variables.product.prodname_codeql %} debugging artifacts ## Creating {% data variables.product.prodname_codeql %} debugging artifacts
> [!WARNING]
> {% data variables.product.prodname_codeql %} debugging artifacts contain a copy of the source code being analyzed by {% data variables.product.prodname_codeql %}, therefore we suggest sharing these bundles only with people who are authorized to access that source code.
You can obtain artifacts to help you debug {% data variables.product.prodname_codeql %}. You can obtain artifacts to help you debug {% data variables.product.prodname_codeql %}.
The debug artifacts will be uploaded to the workflow run as an artifact named `debug-artifacts`. The data contains the {% data variables.product.prodname_codeql %} logs, {% data variables.product.prodname_codeql %} database(s), extracted source code files, and any SARIF file(s) produced by the workflow. For more information about downloading {% data variables.product.prodname_codeql %} artifacts, see [AUTOTITLE](/actions/managing-workflow-runs/downloading-workflow-artifacts). The debug artifacts will be uploaded to the workflow run as an artifact named `debug-artifacts`. The data contains the {% data variables.product.prodname_codeql %} logs, {% data variables.product.prodname_codeql %} database(s), extracted source code files, and any SARIF file(s) produced by the workflow. For more information about downloading {% data variables.product.prodname_codeql %} artifacts, see [AUTOTITLE](/actions/managing-workflow-runs/downloading-workflow-artifacts).

2
content/code-security/codeql-cli/codeql-cli-manual/database-bundle.md
View File

@@ -21,6 +21,8 @@ redirect_from:
{% data reusables.codeql-cli.man-pages-version-note %} {% data reusables.codeql-cli.man-pages-version-note %}
{% data reusables.code-scanning.codeql-database-archive-contains-source-code %}
## Synopsis ## Synopsis
```shell copy ```shell copy

3
content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-database-bundle-for-troubleshooting.md
View File

@@ -13,8 +13,7 @@ topics:
- CodeQL - CodeQL
--- ---
> [!WARNING] {% data reusables.code-scanning.codeql-database-archive-contains-source-code %}
> {% data variables.product.prodname_codeql_cli %} database bundles contain a copy of the source code being analyzed by {% data variables.product.prodname_codeql %}, therefore we suggest sharing these bundles only with people who are authorized to access that source code.
## About creating {% data variables.product.prodname_codeql_cli %} database bundles ## About creating {% data variables.product.prodname_codeql_cli %} database bundles

2
data/reusables/code-scanning/codeql-database-archive-contains-source-code.md Normal file
View File

@@ -0,0 +1,2 @@
> [!WARNING]
> {% data variables.product.prodname_codeql_cli %} database bundles contain a copy of the source code being analyzed by {% data variables.product.prodname_codeql %}, therefore we suggest sharing these bundles only with people who are authorized to access that source code.