-
Notifications
You must be signed in to change notification settings - Fork 335
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Alerts in LGTM, No alerts in CodeQL-Action #1220
Comments
By default the codeql-action runs only security-related queries, while LGTM runs a lot more queries by default. CodeQL comes with several pre-defined query suites. The most important ones are |
Thanks that worked out |
Hi, we also would like to report our observations when switching from LGTM to CodeQL, but when I try to create a new issue, the only offer is to privately report a security vulnerability. Do you employ any other means for submitting experience reports? With kind regards, Edit: I've discovered the right place to report CodeQL False positive(s), it is on the |
Thanks. In this case, I've created github/codeql#11407 and github/codeql#11408. Other than this, everything on the transition went very smoothly with crate/crate-python#467 and crate/crash#373. Thank you very much for the efforts you are putting into this! |
I'm not sure if this is the right repository (If not point me to the right one).
Currently i use lgtm for code analysis, but since it will stop working i want to try moving to CodeQL.
As of now i have added it to two of my repositories, but at the same time i'm not sure if it works well.
I use for both (lgtm and the CodeQL action) the default setup. In lgtm i have some alerts while in CodeQL i don't have any.
for pointing to the right repositories:
Both repositories are written in python.
I am currently running in circles through the documentation but i can't find anything that lead me to where the difference come from. I have no idea how to set CodeQL that the results are equal... Is there any documentation what different settings are between lgtm and code QL.
Thanks in advance
Jee-Bee
The text was updated successfully, but these errors were encountered: