Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sudden Appearance of a codeql alert #2528

Open
Subharanjan2055 opened this issue Oct 7, 2024 · 1 comment
Open

Sudden Appearance of a codeql alert #2528

Subharanjan2055 opened this issue Oct 7, 2024 · 1 comment
Labels
awaiting-response

Comments

@Subharanjan2055
Copy link

Hi ,

I've been using codeql in my github repository for the past two years to review code. There is a file that has existed in the repository for the same duration without ever triggering a codeql alert. However, yesterday i suddenly received an alert for that file.

What could have caused this new alert to appear despite no recent changes to that file or its dependencies?

Thanks,
Subh
@redsun82
Copy link
Contributor

redsun82 commented Oct 7, 2024

👋 @Subharanjan2055 thanks for reaching out.

We constantly develop (and hopefully improve!) the queries behind our alerts, and by default CodeQL analysis will use the latest released CodeQL bundle. New bundle releases might mean changes in what data gets extracted from code and what we mark with alerts. Without having more information, I would say this is the most probable cause of a new alert popping up. If you do believe this alert is a false positive, you can let us know via a github/codeql issue 🙌

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
awaiting-response
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@redsun82 @Subharanjan2055