Skip to main content

此版本的 GitHub Enterprise 将停止服务 2022-06-03. 即使针对重大安全问题,也不会发布补丁。 要获得更好的性能、改进的安全性和新功能,请升级到 GitHub Enterprise 的最新版本。 如需升级方面的帮助,请联系 GitHub Enterprise 支持

About CodeQL code scanning in your CI system

You can analyze your code with CodeQL in a third-party continuous integration system and upload the results to 您的 GitHub Enterprise Server 实例. The resulting 代码扫描 alerts are shown alongside any alerts generated within GitHub Enterprise Server.

代码扫描 适用于启用了 GitHub Advanced Security 的组织拥有的仓库。 更多信息请参阅“关于 GitHub Advanced Security”。

Note: Your site administrator must enable 代码扫描 for 您的 GitHub Enterprise Server 实例 before you can use this feature. For more information, see "Configuring 代码扫描 for your appliance."

About CodeQL 代码扫描 in your CI system

代码扫描 是一项功能,可用于分析 GitHub 仓库中的代码,以查找安全漏洞和编码错误。 分析发现的任何问题都显示在 GitHub Enterprise Server 中。 For information, see "About 代码扫描 with CodeQL."

You can run CodeQL 代码扫描 within GitHub Enterprise Server using GitHub Actions. Alternatively, if you use a third-party continuous integration or continuous delivery/deployment (CI/CD) system, you can run CodeQL analysis in your existing system and upload the results to 您的 GitHub Enterprise Server 实例.

You add the CodeQL CLI or the CodeQL runner to your third-party system, then call the tool to analyze code and upload the SARIF results to GitHub Enterprise Server. The resulting 代码扫描 alerts are shown alongside any alerts generated within GitHub Enterprise Server.

CodeQL CLI version 2.6.3 is available now for GitHub Enterprise Server 3.0 and later versions. For more information on migrating to the CodeQL CLI, see "Migrating from the CodeQL runner to CodeQL CLI."

Note: Uploading SARIF data to display as 代码扫描 results in GitHub Enterprise Server is supported for organization-owned repositories with GitHub Advanced Security enabled. For more information, see "Managing security and analysis settings for your repository."

Comparing CodeQL CLI and CodeQL runner

CodeQL CLI 是一个可用来分析代码的独立产品。 其主要用途是生成代码空间的数据库表示形式,即 CodeQL 数据库。 数据库准备就绪后,您可以进行交互式查询,或者运行一系列查询以生成一组 SARIF 格式的结果,然后将结果上传到 您的 GitHub Enterprise Server 实例。

The CodeQL runner is a deprecated command-line tool that uses the CodeQL CLI to analyze code and upload the results to GitHub Enterprise Server. The tool mimics the analysis run natively within GitHub Enterprise Server using actions.

CodeQL CLI 2.6.3 is a complete replacement for the runner with full feature parity. Generally, it is better to use the CodeQL CLI directly.

For more information, see "Installing CodeQL CLI in your CI system."

注意: CodeQL runner 将弃用。 在 GitHub Enterprise Server 3.0 及更高版本上,可以安装 CodeQL CLI 版本 2.6.3 以替换 CodeQL runner。

更多信息请参阅 codeQL 运行器弃用。 有关迁移到 CodeQL CLI 的更多信息,请参阅“从 CodeQL 运行器迁移到 CodeQL CLI”。

For more information about the CodeQL runner, see "Running CodeQL runner in your CI system."