Skip to main content

githubActions.configs.codeScanning

Workflow security defaults for CodeQL, SARIF upload, dependency review, and related code-scanning integrations.

Included rulesโ€‹

Fix legend:

  • ๐Ÿ”ง = autofixable
  • ๐Ÿ’ก = suggestions available
  • โ€” = report only
RuleFix
R097 no-codeql-autobuild-for-javascript-typescriptโ€”
R096 no-codeql-javascript-typescript-split-language-matrixโ€”
R099 require-codeql-actions-readโ€”
R113 require-codeql-branch-filtersโ€”
R114 require-codeql-category-when-language-matrixโ€”
R100 require-codeql-pull-request-triggerโ€”
R101 require-codeql-scheduleโ€”
R098 require-codeql-security-events-writeโ€”
R091 require-dependency-review-actionโ€”
R093 require-dependency-review-fail-on-severityโ€”
R092 require-dependency-review-permissions-contents-readโ€”
R094 require-dependency-review-pull-request-triggerโ€”
R102 require-sarif-upload-security-events-writeโ€”
R103 require-scorecard-results-format-sarifโ€”
R104 require-scorecard-upload-sarif-stepโ€”