3.0 KiB
title, shortTitle, intro, versions, topics, contentType
| title | shortTitle | intro | versions | topics | contentType | |||
|---|---|---|---|---|---|---|---|---|
| CodeQL detection of code quality problems | CodeQL detection | Information on how CodeQL-powered analysis for {% data variables.product.prodname_code_quality_short %} works, the workflow used, and the status checks reported on pull requests. |
|
|
reference |
{% data reusables.code-quality.code-quality-preview-note %}
{% data variables.product.prodname_codeql %} detection
{% data variables.product.prodname_code_quality_short %} performs rule-based analysis of pull requests and your default branch using {% data variables.product.prodname_codeql %}. Each rule is written as a query in {% data variables.product.prodname_codeql %} and then run using {% data variables.product.prodname_actions %}.
The rules are continually refined by both {% data variables.product.github %} and open source developers. See https://github.com/github/codeql.
Workflow used for code quality analysis
You can see all the workflow runs for {% data variables.product.prodname_code_quality_short %} on the Actions tab for your repository. The dynamic workflow is called "{% data variables.code-quality.workflow_name_actions %}".
By default, the {% data variables.code-quality.workflow_name_actions %} workflow runs on standard {% data variables.product.github %} runners but you can configure {% data variables.product.prodname_code_quality_short %} to use runners with a specific label. These may be hosted by {% data variables.product.github %} or self-hosted.
If your organization has configured caching of private registries, these will be available for code quality analysis to use to resolve dependencies.
For more information, see:
Pull request status checks
When code quality analysis runs on a pull request, the check result is reported in the "Checks" section at the bottom of the pull request.
Any code problems identified by the scan are reported in comments on the pull request. The comment is made by the {% data variables.code-quality.pr_commenter %} and includes a {% data variables.copilot.copilot_autofix_short %} suggestion.
Status check failures
The workflow failed to run. For example, your budget for actions minutes is exhausted. See Viewing logs to diagnose failures.
Merging is blocked: Code quality findings were detected
The scan found problems in the code that exceed the quality gate set by a code quality branch rule for the repository. You need to resolve these problems before you can merge the pull request. See AUTOTITLE.