Add warning informing that codeql debug artifacts contain source code copy (#54565)

Co-authored-by: Joe Clark <31087804+jc-clark@users.noreply.github.com>
2025-12-19 18:10:59 -05:00 · 2025-04-10 08:27:53 +10:00
parent b1c7ab827f
commit ff64229bc0
4 changed files with 8 additions and 2 deletions
--- a/content/code-security/code-scanning/troubleshooting-code-scanning/logs-not-detailed-enough.md
+++ b/content/code-security/code-scanning/troubleshooting-code-scanning/logs-not-detailed-enough.md
@@ -19,6 +19,9 @@ You can enable step debug logging in {% data variables.product.prodname_actions

 ## Creating {% data variables.product.prodname_codeql %} debugging artifacts

+> [!WARNING]
+> {% data variables.product.prodname_codeql %} debugging artifacts contain a copy of the source code being analyzed by {% data variables.product.prodname_codeql %}, therefore we suggest sharing these bundles only with people who are authorized to access that source code.
+
 You can obtain artifacts to help you debug {% data variables.product.prodname_codeql %}.
 The debug artifacts will be uploaded to the workflow run as an artifact named `debug-artifacts`. The data contains the {% data variables.product.prodname_codeql %} logs, {% data variables.product.prodname_codeql %} database(s), extracted source code files, and any SARIF file(s) produced by the workflow. For more information about downloading {% data variables.product.prodname_codeql %} artifacts, see [AUTOTITLE](/actions/managing-workflow-runs/downloading-workflow-artifacts).

--- a/content/code-security/codeql-cli/codeql-cli-manual/database-bundle.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/database-bundle.md
@@ -21,6 +21,8 @@ redirect_from:

 {% data reusables.codeql-cli.man-pages-version-note %}

+{% data reusables.code-scanning.codeql-database-archive-contains-source-code %}
+
 ## Synopsis

 ```shell copy
--- a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-database-bundle-for-troubleshooting.md
+++ b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-database-bundle-for-troubleshooting.md
@@ -13,8 +13,7 @@ topics:
  - CodeQL
 ---

-> [!WARNING]
-> {% data variables.product.prodname_codeql_cli %} database bundles contain a copy of the source code being analyzed by {% data variables.product.prodname_codeql %}, therefore we suggest sharing these bundles only with people who are authorized to access that source code.
+{% data reusables.code-scanning.codeql-database-archive-contains-source-code %}

 ## About creating {% data variables.product.prodname_codeql_cli %} database bundles

--- a/data/reusables/code-scanning/codeql-database-archive-contains-source-code.md
+++ b/data/reusables/code-scanning/codeql-database-archive-contains-source-code.md
@@ -0,0 +1,2 @@
+> [!WARNING]
+> {% data variables.product.prodname_codeql_cli %} database bundles contain a copy of the source code being analyzed by {% data variables.product.prodname_codeql %}, therefore we suggest sharing these bundles only with people who are authorized to access that source code.