Discussions

• 2 You must be logged in to vote

  🤖

  Harden GitHub Actions: Secure Workflow Design Against Fork PR Abuse

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage

  ghoststack-git asked Jul 31, 2025 in Code Security · Answered

  

  

  

  

  3
• 18 You must be logged in to vote

  🗳️

  This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Question Ask and answer questions about GitHub features and usage

  BlackRam-oss asked Jan 19, 2024 in Repositories · Answered

  

  

  

  

  19
• 1 You must be logged in to vote

  🤖

  Managing false positives in security alerts for a monorepo with multi-environment workflows

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage

  Zypheron47 asked Jul 31, 2025 in Code Security · Answered

  

  

  1
• 2 You must be logged in to vote

  🤖

  CodeQL

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage

  ReuelAlbert-Dev asked Jul 16, 2025 in Code Security · Answered

  

  

  1
• 22 You must be logged in to vote

  🤖

  Suggestion/Feature Request: Code Scanning for Groovy

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  MPWTraining asked Aug 18, 2022 in Code Security · Answered

  

  

  

  

  6
• 1 You must be logged in to vote

  ✔️

  Fixed code scanning issues look strange in pull request files listing

  Bug GitHub or a GitHub feature is not working as intended Pull Requests Propose, review, and discuss changes to a repository's codebase Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine

  TWiStErRob asked Mar 23, 2023 in Pull Requests · Closed · Answered

  

  

  1
• 2 You must be logged in to vote

  🤖

  Why new issues doesn't appear on Pull Request after SARIF upload

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.

  anrouxel asked Oct 23, 2023 in Code Security · Answered

  

  

  2
• 2 You must be logged in to vote

  🤖

  API for Code scanning Check Failure?

  API and Webhooks Discussions related to GitHub's APIs or Webhooks Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  ThibaudLopez asked Apr 19, 2022 in Code Security · Answered

  

  

  5
• 1 You must be logged in to vote

  🤖

  Code Scanning "Needs Setup" After Setting Up

  Bug GitHub or a GitHub feature is not working as intended Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure

  lauragonzalezzz asked Dec 29, 2022 in Code Security · Answered

  

  

  3
• 2 You must be logged in to vote

  🤖

  Getting 137 Error for JS in CodeQL

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage

  PoleMadhu123 asked Jun 1, 2023 in Code Security · Answered

  

  

  

  

  11
• 3 You must be logged in to vote

  🤖

  Risk Coverage filters - enhancement to show failing CodeQL

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  Josephpul asked Aug 14, 2023 in Code Security · Answered

  

  

  1
• 2 You must be logged in to vote

  🧑‍💻

  Enable dependabot and code scanning (codeql) with code

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Programming Help Discussions around programming languages, open source and software development

  ceelinab asked Apr 26, 2023 in Programming Help · Answered

  

  

  4
• 2 You must be logged in to vote

  🤖

  Fixed code scanning alerts still show up as open

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine

  edumserrano asked Jun 20, 2021 in Code Security · Answered

  

  

  2
• 1 You must be logged in to vote

  🤖

  <CodeQL scanning (lines of code) limitation>

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage

  AnilVinukonda asked Mar 2, 2023 in Code Security · Answered

  

  

  

  

  2
• 2 You must be logged in to vote

  🤖

  Code Scanning not showing in settings

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage

  TradeUpCards asked Feb 20, 2023 in Code Security · Answered

  

  

  4
• 2 You must be logged in to vote

  🤖

  Remove Category from Code Scanning

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  TWiStErRob asked Oct 25, 2022 in Code Security · Answered

  

  

  13
• 2 You must be logged in to vote

  🤖

  python CVE scanning

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  mcandre asked Apr 2, 2022 in Code Security · Answered

  

  

  2
• 5 You must be logged in to vote

  🔄

  GH Code Scanning: 1 Analysis Not Found

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  HACKERALERT asked Dec 16, 2021 in API and Webhooks · Closed · Answered

  

  

  

  

  7
• 7 You must be logged in to vote

  🔄

  API List code scanning alerts

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  aleks-ivanov asked Jan 19, 2021 in API and Webhooks · Answered

  

  

  

  

  10
• 1 You must be logged in to vote

  🆕

  Code Scanning no ability to filter alerts

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine

  dibbdob asked Oct 28, 2020 in New to GitHub · Answered

  

  

  2
• 1 You must be logged in to vote

  🚢

  How to add dependencies so code scanning can work?

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  Dotz0cat asked Oct 25, 2020 in Actions · Answered

  

  

  1
• 1 You must be logged in to vote

  🆕

  Code scanning and OWASP TOP 10

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine

  dibbdob asked Oct 10, 2020 in New to GitHub · Answered

  

  

  2
• 1 You must be logged in to vote

  🚢

  Can Github code scan be enabled for Azure DevOps git repo?

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  soumyadipmitralpl asked Oct 9, 2020 in Actions · Answered

  

  

  2
• 1 You must be logged in to vote

  🔄

  Code Scanning REST API: what type is the closed_by field?

  Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  nightlark asked May 30, 2020 in API and Webhooks · Answered

  

  

  1