Skip to main content
설명서에 자주 업데이트를 게시하며 이 페이지의 번역이 계속 진행 중일 수 있습니다. 최신 정보는 영어 설명서를 참조하세요.

CodeQL에 대한 기본 설정 문제 해결

기본 code scanning 설정에 문제가 있는 경우 문제를 해결하기 위해 다음 팁을 사용하여 문제를 해결할 수 있습니다.

는 GitHub.com의 모든 퍼블릭 리포지토리에 사용할 수 있습니다. 조직이 소유한 프라이빗 리포지토리에서 code scanning을 사용하려면 GitHub Advanced Security에 대한 라이선스가 있어야 합니다. 자세한 내용은 "GitHub Advanced Security 정보"을 참조하세요.

A pre-existing CodeQL workflow is disabled

If you see two workflows named CodeQL, one workflow may be a pre-existing CodeQL workflow file which has been disabled by default setup. Default setup overrides existing CodeQL setups by disabling any existing CodeQL workflows, and blocking any CodeQL analysis API uploads. This behavior stops you using GitHub Actions minutes to run workflows for CodeQL advanced setup when only the results from default setup will be used. For more information about switching between advanced and default setups, see "Troubleshooting your advanced setup for CodeQL."

Optionally, if you are certain you no longer need the pre-existing workflow file, you can delete the file from your repository. For more information, see "Deleting files in a repository."

In some cases, your repository may use multiple code scanning configurations. These configurations can generate duplicate alerts. Additionally, stale configurations that no longer run will display outdated alert statuses, and the stale alerts will stay open indefinitely. To avoid outdated alerts, you should remove stale code scanning configurations from a branch. For more information on multiple configurations and deleting stale configurations, see "About code scanning alerts" and "Managing code scanning alerts for your repository."

Enabling the default setup takes too long

If enabling your default setup is taking too long, try canceling the workflow run and restarting the setup. To restart your setup, navigate to the main page of your repository, then click Actions. Click the CodeQL workflow run that's in progress, then click Cancel workflow. Once appears beside the workflow run name, navigate back to the Code security and analysis settings and re-enable the default setup. If the default setup continues to stall, please contact GitHub Support or try enabling the advanced setup. For more information, see "Configuring code scanning for a repository."

Unclear what triggered a workflow run

If you don't know what triggered an analysis, look at the log for the last scan. For more information on viewing your last scan's log, see "Viewing code scanning logs."